backup/cnc-ddraw
1
0
Fork 0
mirror of https://github.com/FunkyFr3sh/cnc-ddraw.git synced 2025-03-25 01:57:47 +01:00
Code Issues Projects Releases Activity

add some more error checks to IAT hooker

Browse Source
This commit is contained in:
FunkyFr3sh 2023-10-20 10:19:46 +02:00
parent af861ff2ee
commit ecc56d4cbc
3 changed files with 40 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
inc/utils.h
View File

@ -5,6 +5,7 @@
#include <windows.h> #include <windows.h>
BOOL util_is_bad_read_ptr(void* p);
BOOL util_is_minimized(HWND hwnd); BOOL util_is_minimized(HWND hwnd);
BOOL util_is_avx_supported(); BOOL util_is_avx_supported();
void util_limit_game_ticks(); void util_limit_game_ticks();

42
src/hook.c
View File

@ -188,20 +188,23 @@ void hook_patch_obfuscated_iat_list(HMODULE hmod, BOOL unhook, HOOKLIST* hooks,
while (import_desc->FirstThunk) while (import_desc->FirstThunk)
{ {
if (!import_desc->Name)
{
import_desc++;
continue;
}
for (int i = 0; hooks[i].module_name[0]; i++) for (int i = 0; hooks[i].module_name[0]; i++)
{ {
char* imp_module_name = (char*)((DWORD)dos_header + (DWORD)(import_desc->Name)); char* imp_module_name = (char*)((DWORD)dos_header + (DWORD)(import_desc->Name));
if (_stricmp(imp_module_name, hooks[i].module_name) == 0) if (_stricmp(imp_module_name, hooks[i].module_name) == 0)
{ {
HMODULE cur_mod = GetModuleHandle(hooks[i].module_name); HMODULE cur_mod = GetModuleHandleA(hooks[i].module_name);
PIMAGE_THUNK_DATA first_thunk = PIMAGE_THUNK_DATA first_thunk =
(PIMAGE_THUNK_DATA)((DWORD)dos_header + (DWORD)import_desc->FirstThunk); (PIMAGE_THUNK_DATA)((DWORD)dos_header + (DWORD)import_desc->FirstThunk);
PIMAGE_THUNK_DATA original_first_thunk =
(PIMAGE_THUNK_DATA)((DWORD)dos_header + (DWORD)import_desc->OriginalFirstThunk);
while (first_thunk->u1.Function) while (first_thunk->u1.Function)
{ {
for (int x = 0; hooks[i].data[x].function_name[0]; x++) for (int x = 0; hooks[i].data[x].function_name[0]; x++)
@ -260,7 +263,6 @@ void hook_patch_obfuscated_iat_list(HMODULE hmod, BOOL unhook, HOOKLIST* hooks,
} }
first_thunk++; first_thunk++;
original_first_thunk++;
} }
} }
} }
@ -298,6 +300,12 @@ void hook_patch_iat_list(HMODULE hmod, BOOL unhook, HOOKLIST* hooks, BOOL is_loc
while (import_desc->FirstThunk) while (import_desc->FirstThunk)
{ {
if (!import_desc->OriginalFirstThunk || !import_desc->Name)
{
import_desc++;
continue;
}
for (int i = 0; hooks[i].module_name[0]; i++) for (int i = 0; hooks[i].module_name[0]; i++)
{ {
char* imp_module_name = (char*)((DWORD)dos_header + (DWORD)(import_desc->Name)); char* imp_module_name = (char*)((DWORD)dos_header + (DWORD)(import_desc->Name));
@ -325,30 +333,8 @@ void hook_patch_iat_list(HMODULE hmod, BOOL unhook, HOOKLIST* hooks, BOOL is_loc
if (!is_local && (hooks[i].data[x].flags & HOOK_LOCAL_ONLY)) if (!is_local && (hooks[i].data[x].flags & HOOK_LOCAL_ONLY))
continue; continue;
/* avoid exceptions with obfuscated binaries in debug build */ if (util_is_bad_read_ptr((void*)import->Name))
#if defined(_DEBUG) || defined(__GNUC__)
MEMORY_BASIC_INFORMATION mbi = { 0 };
if (VirtualQuery((void*)import->Name, &mbi, sizeof(mbi)))
{
DWORD mask = (
PAGE_READONLY |
PAGE_READWRITE |
PAGE_WRITECOPY |
PAGE_EXECUTE_READ |
PAGE_EXECUTE_READWRITE |
PAGE_EXECUTE_WRITECOPY);
BOOL b = !(mbi.Protect & mask);
if (mbi.Protect & (PAGE_GUARD | PAGE_NOACCESS))
b = TRUE;
if (b)
continue;
}
else
continue; continue;
#endif
if (_stricmp((const char*)import->Name, hooks[i].data[x].function_name) == 0) if (_stricmp((const char*)import->Name, hooks[i].data[x].function_name) == 0)
{ {

25
src/utils.c
View File

@ -11,6 +11,31 @@
#include "config.h" #include "config.h"
BOOL util_is_bad_read_ptr(void* p)
{
MEMORY_BASIC_INFORMATION mbi = { 0 };
if (VirtualQuery(p, &mbi, sizeof(mbi)))
{
DWORD mask = (
PAGE_READONLY |
PAGE_READWRITE |
PAGE_WRITECOPY |
PAGE_EXECUTE_READ |
PAGE_EXECUTE_READWRITE |
PAGE_EXECUTE_WRITECOPY);
BOOL b = !(mbi.Protect & mask);
if (mbi.Protect & (PAGE_GUARD | PAGE_NOACCESS))
b = TRUE;
if (!b)
return b;
}
return TRUE;
}
BOOL util_is_minimized(HWND hwnd) BOOL util_is_minimized(HWND hwnd)
{ {
RECT rc = { 0 }; RECT rc = { 0 };