diff options
author | Jose Fonseca <jfonseca@vmware.com> | 2016-09-19 22:36:18 +0100 |
---|---|---|
committer | Jose Fonseca <jfonseca@vmware.com> | 2016-09-19 22:36:18 +0100 |
commit | 8362eee8cf29141b051837f6d9d6cd6b38fdff7b (patch) | |
tree | 00bb62be6e93bf7b0667b45a18ce7fead1ad7803 | |
parent | 8a154267923fa4af41f4a882792f71683560774c (diff) |
inject: Remove unused functions on mhook implementation.
-rw-r--r-- | inject/CMakeLists.txt | 4 | ||||
-rw-r--r-- | inject/injectee_mhook.cpp | 230 |
2 files changed, 0 insertions, 234 deletions
diff --git a/inject/CMakeLists.txt b/inject/CMakeLists.txt index a63933e4..e98b077d 100644 --- a/inject/CMakeLists.txt +++ b/inject/CMakeLists.txt @@ -5,10 +5,6 @@ include_directories ( ${CMAKE_SOURCE_DIR}/thirdparty/mhook/mhook-lib ) -if (NOT MSVC) - add_compiler_flags (-Wno-unused-function) -endif () - add_library (injectee_iat MODULE injectee_iat.cpp ) diff --git a/inject/injectee_mhook.cpp b/inject/injectee_mhook.cpp index c7b996ca..dc5080ce 100644 --- a/inject/injectee_mhook.cpp +++ b/inject/injectee_mhook.cpp @@ -302,26 +302,6 @@ rvaToVa(HMODULE hModule, I rva) } -static const char * -getDescriptorName(HMODULE hModule, - const PIMAGE_IMPORT_DESCRIPTOR pImportDescriptor) -{ - return rvaToVa<const char>(hModule, pImportDescriptor->Name); -} - -static const char * -getDescriptorName(HMODULE hModule, - const PImgDelayDescr pDelayDescriptor) -{ - if (pDelayDescriptor->grAttrs & dlattrRva) { - return rvaToVa<const char>(hModule, pDelayDescriptor->rvaDLLName); - } else { - // old-stye, with ImgDelayDescr::szName being a LPCSTR - return reinterpret_cast<LPCSTR>(pDelayDescriptor->rvaDLLName); - } -} - - static PIMAGE_OPTIONAL_HEADER getOptionalHeader(HMODULE hModule, const char *szModule) @@ -372,22 +352,6 @@ getImageDirectoryEntry(HMODULE hModule, } -static PIMAGE_IMPORT_DESCRIPTOR -getFirstImportDescriptor(HMODULE hModule, const char *szModule) -{ - PVOID pEntry = getImageDirectoryEntry(hModule, szModule, IMAGE_DIRECTORY_ENTRY_IMPORT); - return reinterpret_cast<PIMAGE_IMPORT_DESCRIPTOR>(pEntry); -} - - -static PImgDelayDescr -getDelayImportDescriptor(HMODULE hModule, const char *szModule) -{ - PVOID pEntry = getImageDirectoryEntry(hModule, szModule, IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT); - return reinterpret_cast<PImgDelayDescr>(pEntry); -} - - static PIMAGE_EXPORT_DIRECTORY getExportDescriptor(HMODULE hModule) { @@ -396,200 +360,6 @@ getExportDescriptor(HMODULE hModule) } -static BOOL -replaceAddress(LPVOID *lpOldAddress, LPVOID lpNewAddress) -{ - DWORD flOldProtect; - - if (*lpOldAddress == lpNewAddress) { - return TRUE; - } - - EnterCriticalSection(&g_Mutex); - - if (!(VirtualProtect(lpOldAddress, sizeof *lpOldAddress, PAGE_READWRITE, &flOldProtect))) { - LeaveCriticalSection(&g_Mutex); - return FALSE; - } - - *lpOldAddress = lpNewAddress; - - if (!(VirtualProtect(lpOldAddress, sizeof *lpOldAddress, flOldProtect, &flOldProtect))) { - LeaveCriticalSection(&g_Mutex); - return FALSE; - } - - LeaveCriticalSection(&g_Mutex); - return TRUE; -} - - -/* Return pointer to patcheable function address. - * - * See also: - * - * - An In-Depth Look into the Win32 Portable Executable File Format, Part 2, Matt Pietrek, - * http://msdn.microsoft.com/en-gb/magazine/cc301808.aspx - * - * - http://www.microsoft.com/msj/1298/hood/hood1298.aspx - * - */ -static LPVOID * -getPatchAddress(HMODULE hModule, - const char *szDescriptorName, - DWORD OriginalFirstThunk, - DWORD FirstThunk, - const char* pszFunctionName, - LPVOID lpOldAddress) -{ - if (VERBOSITY >= 4) { - debugPrintf("inject: %s(%s, %s)\n", __FUNCTION__, - szDescriptorName, - pszFunctionName); - } - - PIMAGE_THUNK_DATA pThunkIAT = rvaToVa<IMAGE_THUNK_DATA>(hModule, FirstThunk); - - UINT_PTR pOldFunction = (UINT_PTR)lpOldAddress; - - PIMAGE_THUNK_DATA pThunk; - if (OriginalFirstThunk) { - pThunk = rvaToVa<IMAGE_THUNK_DATA>(hModule, OriginalFirstThunk); - } else { - pThunk = pThunkIAT; - } - - while (pThunk->u1.Function) { - if (OriginalFirstThunk == 0 || - pThunk->u1.Ordinal & IMAGE_ORDINAL_FLAG) { - // No name -- search by the real function address - if (!pOldFunction) { - return NULL; - } - if (pThunkIAT->u1.Function == pOldFunction) { - return (LPVOID *)(&pThunkIAT->u1.Function); - } - } else { - // Search by name - PIMAGE_IMPORT_BY_NAME pImport = rvaToVa<IMAGE_IMPORT_BY_NAME>(hModule, pThunk->u1.AddressOfData); - const char* szName = (const char* )pImport->Name; - if (strcmp(pszFunctionName, szName) == 0) { - return (LPVOID *)(&pThunkIAT->u1.Function); - } - } - ++pThunk; - ++pThunkIAT; - } - - return NULL; -} - - -static LPVOID * -getPatchAddress(HMODULE hModule, - PIMAGE_IMPORT_DESCRIPTOR pImportDescriptor, - const char* pszFunctionName, - LPVOID lpOldAddress) -{ - assert(pImportDescriptor->TimeDateStamp != 0 || pImportDescriptor->Name != 0); - - return getPatchAddress(hModule, - getDescriptorName(hModule, pImportDescriptor), - pImportDescriptor->OriginalFirstThunk, - pImportDescriptor->FirstThunk, - pszFunctionName, - lpOldAddress); -} - - -// See -// http://www.microsoft.com/msj/1298/hood/hood1298.aspx -// http://msdn.microsoft.com/en-us/library/16b2dyk5.aspx -static LPVOID * -getPatchAddress(HMODULE hModule, - PImgDelayDescr pDelayDescriptor, - const char* pszFunctionName, - LPVOID lpOldAddress) -{ - assert(pDelayDescriptor->rvaDLLName != 0); - - return getPatchAddress(hModule, - getDescriptorName(hModule, pDelayDescriptor), - pDelayDescriptor->rvaINT, - pDelayDescriptor->rvaIAT, - pszFunctionName, - lpOldAddress); -} - - -template< class T > -static BOOL -patchFunction(HMODULE hModule, - const char *szModule, - const char *pszDllName, - T pImportDescriptor, - const char *pszFunctionName, - LPVOID lpOldAddress, - LPVOID lpNewAddress) -{ - LPVOID* lpPatchAddress = getPatchAddress(hModule, pImportDescriptor, pszFunctionName, lpOldAddress); - if (lpPatchAddress == NULL) { - return FALSE; - } - - if (*lpPatchAddress == lpNewAddress) { - return TRUE; - } - - DWORD Offset = (DWORD)(UINT_PTR)lpPatchAddress - (UINT_PTR)hModule; - if (VERBOSITY > 0) { - debugPrintf("inject: patching %s!0x%lx -> %s!%s\n", szModule, Offset, pszDllName, pszFunctionName); - } - - BOOL bRet; - bRet = replaceAddress(lpPatchAddress, lpNewAddress); - if (!bRet) { - debugPrintf("inject: failed to patch %s!0x%lx -> %s!%s\n", szModule, Offset, pszDllName, pszFunctionName); - } - - return bRet; -} - - - -struct StrCompare : public std::binary_function<const char *, const char *, bool> { - bool operator() (const char * s1, const char * s2) const { - return strcmp(s1, s2) < 0; - } -}; - -typedef std::map<const char *, LPVOID, StrCompare> FunctionMap; - -struct StrICompare : public std::binary_function<const char *, const char *, bool> { - bool operator() (const char * s1, const char * s2) const { - return stricmp(s1, s2) < 0; - } -}; - -struct Module { - bool bInternal; - FunctionMap functionMap; -}; - -typedef std::map<const char *, Module, StrICompare> ModulesMap; - -/* This is only modified at DLL_PROCESS_ATTACH time. */ -static ModulesMap modulesMap; - - -static inline bool -isMatchModuleName(const char *szModuleName) -{ - ModulesMap::const_iterator modIt = modulesMap.find(szModuleName); - return modIt != modulesMap.end(); -} - - /* Set of previously hooked modules */ static std::set<HMODULE> g_hHookedModules; |