Skip to content

Commit

Permalink
Merge pull request #30 from unknownv2/update-build-structure
Browse files Browse the repository at this point in the history 
Update detours library code to latest version
  • Loading branch information
@unknownv2
unknownv2 authored Jan 30, 2019
2 parents 36e67dc + 9fc2977 commit 0277ce3
Show file tree
Hide file tree
Showing 12 changed files with 323 additions and 86 deletions.
33 changes: 14 additions & 19 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,25 +7,26 @@

For [CoreHook](https://github.com/unknownv2/CoreHook), the [Microsoft Detours](https://github.com/Microsoft/Detours) package serves as a good binary hooking module since it supports x86, x86_64, ARM, and ARM64, while [EasyHook](https://github.com/EasyHook/EasyHook) only supports x86 and x86_64. Since .NET Core supports the two ARM architectures, we can implement the necessary changes to support those architectures for CoreHook.

## Supported Platforms
# Supported Platforms

`X86, X64, and ARM`. If you have a *Windows on ARM* device to test `ARM64` with, pull requests and contributions are all welcome!

## Building
# Binary Releases
You can download the pre-built Windows binaries [here](https://github.com/unknownv2/CoreHook.Hooking/releases).

For `x86, x64`, extract the zip corresponding to your target architecture, then place the `corehook32.dll` and/or `corehook64.dll` in the build output directory of your program.

For `ARM, ARM64`, extract the zip corresponding to your target architecture, then place the `corehook32.dll` and/or `corehook64.dll` in the output directory of your published program, created either from using the [Publishing Script](https://github.com/unknownv2/CoreHook#publishing-script) or the `dotnet publish` command.

Building the DLL requires Visual Studio and that can be accomplished by using `cmake` or the tools that come with `Visual Studio`. This can be the `Visual Studio IDE` or `msbuild` within the `Developer Command Prompt`.
# Building

### CMake
Building the DLL requires Visual Studio and that can be accomplished by using `cmake` or the tools that come with `Visual Studio`. This can be the `Visual Studio IDE` or `msbuild` within the `Developer Command Prompt`.

You can also build the library using CMake. You can run the `build/win-vs-2017.cmd` file to build for the `x86` and `x64` architectures. This also gives you the option to generate and build with an older version of `Visual Studio` such as `VS 2015` or `VS 2013`.
## CMake

You can build by running these commands from the root of the repository:
```
cd build
win-vs-2017.cmd
```
You can build the library using CMake by running [`build.cmd`](build.cmd), which builds the library for the `x86` and `x64` architectures. This also gives you the option to generate and build the library with an older version of `Visual Studio` such as `VS 2015` or `VS 2013`.

### Visual Studio
## Visual Studio

You can find the Visual Studio solution inside [the msvc folder](/msvc). You can choose a configuration (**Debug|Release**) and a platform (**X86|X64|ARM|ARM64**) and build.

Expand All @@ -43,14 +44,8 @@ nuget restore msvc/corehook.sln
msbuild msvc/corehook.sln /p:Configuration=Release /p:Platform=x64
```

### Binary Releases
You can also download the pre-built Windows binaries [here](https://github.com/unknownv2/CoreHook.Hooking/releases).

For `x86, x64`, extract the zip corresponding to your target architecture, then place the `corehook32.dll` and/or `corehook64.dll` in the build output directory of your program.

For `ARM, ARM64`, extract the zip corresponding to your target architecture, then place the `corehook32.dll` and/or `corehook64.dll` in the output directory of your published program, created either from using the [Publishing Script](https://github.com/unknownv2/CoreHook#publishing-script) or the `dotnet publish` command.

## Usage
# Usage

* For X86, the output directory is `bin/x86` and the output file is `corehook32.dll`.
* For X64, the output directory is `bin/x64` and the output file is `corehook64.dll`.
Expand All @@ -60,7 +55,7 @@ msbuild msvc/corehook.sln /p:Configuration=Release /p:Platform=x64
Copy the desired file for your target architecture to the output directory of the program that uses [CoreHook](https://github.com/unknownv2/CoreHook/).


## Credits
# Credits

The hooking module is mostly based on the [EasyHook](https://github.com/EasyHook/EasyHook/blob/master/LICENSE) native module and the [Microsoft Detours](https://github.com/Microsoft/Detours/blob/master/LICENSE.md) library and this library wouldn't be possible without them. They are both MIT-licensed.

4 changes: 1 addition & 3 deletions build/win-vs-2017.cmd → build.cmd
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
cd ../
mkdir build32-vs2017
mkdir build64-vs2017
cd build32-vs2017
Expand All @@ -10,5 +9,4 @@ cd ../
cmake --build build32-vs2017 --config Debug
cmake --build build32-vs2017 --config Release
cmake --build build64-vs2017 --config Debug
cmake --build build64-vs2017 --config Release
cd build
cmake --build build64-vs2017 --config Release
21 changes: 19 additions & 2 deletions samples/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,8 +39,10 @@ all:
@$(MAKE) /NOLOGO /$(MAKEFLAGS)
cd "$(MAKEDIR)\echo"
@$(MAKE) /NOLOGO /$(MAKEFLAGS)
!IF "$(DETOURS_TARGET_PROCESSOR)" != "ARM64"
cd "$(MAKEDIR)\einst"
@$(MAKE) /NOLOGO /$(MAKEFLAGS)
!ENDIF
!IF "$(DETOURS_TARGET_PROCESSOR)" == "X86"
cd "$(MAKEDIR)\excep"
@$(MAKE) /NOLOGO /$(MAKEFLAGS)
Expand All @@ -49,9 +51,11 @@ all:
@$(MAKE) /NOLOGO /$(MAKEFLAGS)
cd "$(MAKEDIR)\commem"
@$(MAKE) /NOLOGO /$(MAKEFLAGS)
!IF "$(DETOURS_TARGET_PROCESSOR)" != "ARM64"
cd "$(MAKEDIR)\findfunc"
@$(MAKE) /NOLOGO /$(MAKEFLAGS)
!IF "$(DETOURS_TARGET_PROCESSOR)" != "ARM"
!ENDIF
!IF "$(DETOURS_TARGET_PROCESSOR)" != "ARM" && "$(DETOURS_TARGET_PROCESSOR)" != "ARM64"
cd "$(MAKEDIR)\member"
@$(MAKE) /NOLOGO /$(MAKEFLAGS)
!ENDIF
Expand All @@ -77,7 +81,7 @@ all:
@$(MAKE) /NOLOGO /$(MAKEFLAGS)
cd "$(MAKEDIR)\tracelnk"
@$(MAKE) /NOLOGO /$(MAKEFLAGS)
!IF "$(DETOURS_TARGET_PROCESSOR)" != "ARM"
!IF "$(DETOURS_TARGET_PROCESSOR)" != "ARM" && "$(DETOURS_TARGET_PROCESSOR)" != "ARM64"
cd "$(MAKEDIR)\tryman"
@$(MAKE) /NOLOGO /$(MAKEFLAGS)
!ENDIF
Expand Down Expand Up @@ -218,34 +222,42 @@ test:
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
cd "$(MAKEDIR)\simple"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
!IF "$(DETOURS_TARGET_PROCESSOR)" != "ARM64"
cd "$(MAKEDIR)\slept"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
cd "$(MAKEDIR)\setdll"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
cd "$(MAKEDIR)\withdll"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
!ENDIF
!IF "$(DETOURS_TARGET_PROCESSOR)" == "X86"
cd "$(MAKEDIR)\cping"
# @$(MAKE) /NOLOGO /$(MAKEFLAGS) test
!ENDIF
cd "$(MAKEDIR)\disas"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
!IF "$(DETOURS_TARGET_PROCESSOR)" != "ARM64"
cd "$(MAKEDIR)\dtest"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
!ENDIF
cd "$(MAKEDIR)\dumpe"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
cd "$(MAKEDIR)\dumpi"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
cd "$(MAKEDIR)\echo"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
!IF "$(DETOURS_TARGET_PROCESSOR)" != "ARM64"
cd "$(MAKEDIR)\einst"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
!ENDIF
!IF "$(DETOURS_TARGET_PROCESSOR)" == "X86"
cd "$(MAKEDIR)\excep"
# @$(MAKE) /NOLOGO /$(MAKEFLAGS) test
!ENDIF
!IF "$(DETOURS_TARGET_PROCESSOR)" != "ARM64"
cd "$(MAKEDIR)\comeasy"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test

cd "$(MAKEDIR)\commem"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
cd "$(MAKEDIR)\findfunc"
Expand All @@ -254,10 +266,12 @@ test:
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
cd "$(MAKEDIR)\region"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
!ENDIF
!IF "$(DETOURS_TARGET_PROCESSOR)" == "X64" || "$(DETOURS_TARGET_PROCESSOR)" == "IA64"
cd "$(MAKEDIR)\talloc"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
!ENDIF
!IF "$(DETOURS_TARGET_PROCESSOR)" != "ARM64"
cd "$(MAKEDIR)\traceapi"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
cd "$(MAKEDIR)\tracebld"
Expand All @@ -268,12 +282,15 @@ test:
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
cd "$(MAKEDIR)\traceser"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
!ENDIF
# cd "$(MAKEDIR)\tracessl"
# @$(MAKE) /NOLOGO /$(MAKEFLAGS) test
# cd "$(MAKEDIR)\tracetcp"
# @$(MAKE) /NOLOGO /$(MAKEFLAGS) test
!IF "$(DETOURS_TARGET_PROCESSOR)" != "ARM64"
cd "$(MAKEDIR)\tracelnk"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
!ENDIF
cd "$(MAKEDIR)\impmunge"
@$(MAKE) /NOLOGO /$(MAKEFLAGS) test
cd "$(MAKEDIR)"
Expand Down
7 changes: 4 additions & 3 deletions samples/cping/cping.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,7 @@ STDAPI PingMessage(PCSTR msg, ...)

va_start(args, msg);
hr = StringCchVPrintfA(s_szMessageBuf, ARRAYSIZE(s_szMessageBuf), msg, args);
va_end(args);
if (FAILED(hr)) {
return hr;
}
Expand All @@ -140,6 +141,7 @@ BOOLEAN CheckResult(HRESULT hr, PCSTR pszMsg, ...)

va_start(args, pszMsg);
ihr = StringCchVPrintfA(s_szMessageBuf, ARRAYSIZE(s_szMessageBuf), pszMsg, args);
va_end(args);
if (FAILED(ihr)) {
return FALSE;
}
Expand Down Expand Up @@ -1410,10 +1412,9 @@ HRESULT CSampleRecord::Measure(IPing *pIPing, LONG cbToClient, LONG cbToServer)
hr = Catch_IPing_PingToClient(pIPing, &pszString);
llEnd = GetTimeStamp();

LONG cb = (LONG)strlen(pszString) + 1;
ASSERT(cb == cbToClient);

if (pszString) {
LONG cb = (LONG)strlen(pszString) + 1;
ASSERT(cb == cbToClient);
CoTaskMemFree(pszString);
pszString = NULL;
}
Expand Down
19 changes: 16 additions & 3 deletions samples/einst/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,19 @@

!include ..\common.mak

# ARM64 does not like base addresses below 4GB.
# Append two extra zeros for it.
#
!if "$(DETOURS_TARGET_PROCESSOR)" == "ARM64"
EDLL1X_BASE=0x710000000
EDLL2X_BASE=0x720000000
EDLL3X_BASE=0x730000000
!else
EDLL1X_BASE=0x7100000
EDLL2X_BASE=0x7200000
EDLL3X_BASE=0x7300000
!endif

LIBS=$(LIBS) kernel32.lib user32.lib

all: dirs \
Expand Down Expand Up @@ -60,7 +73,7 @@ $(BIND)\edll1x$(DETOURS_BITS).dll : $(OBJD)\edll1x.obj $(DEPS)
$(OBJD)\edll1x.obj /LD \
/link $(LINKFLAGS) $(LIBS) \
/subsystem:windows \
/base:0x7100000
/base:$(EDLL1X_BASE)

$(OBJD)\edll1x$(DETOURS_BITS).bsc : $(OBJD)\edll1x.obj
bscmake /v /n /o $@ $(OBJD)\edll1x.sbr
Expand All @@ -72,7 +85,7 @@ $(BIND)\edll2x$(DETOURS_BITS).dll : $(OBJD)\edll2x.obj $(DEPS)
$(OBJD)\edll2x.obj /LD \
/link $(LINKFLAGS) $(LIBS) \
/subsystem:console \
/base:0x7200000
/base:$(EDLL2X_BASE)

$(OBJD)\edll2x$(DETOURS_BITS).bsc : $(OBJD)\edll2x.obj
bscmake /v /n /o $@ $(OBJD)\edll2x.sbr
Expand All @@ -84,7 +97,7 @@ $(BIND)\edll3x$(DETOURS_BITS).dll : $(OBJD)\edll3x.obj $(DEPS)
$(OBJD)\edll3x.obj /LD \
/link $(LINKFLAGS) $(LIBS) \
/subsystem:console \
/base:0x7300000
/base:$(EDLL3X_BASE)

$(OBJD)\edll3x$(DETOURS_BITS).bsc : $(OBJD)\edll3x.obj
bscmake /v /n /o $@ $(OBJD)\edll3x.sbr
Expand Down
15 changes: 13 additions & 2 deletions samples/findfunc/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,17 @@

!include ..\common.mak

# ARM64 does not like base addresses below 4GB.
# Append two extra zeros for it.
#
!if "$(DETOURS_TARGET_PROCESSOR)" == "ARM64"
TARGET_BASE=0x190000000
EXTEND_BASE=0x1a0000000
!else
TARGET_BASE=0x1900000
EXTEND_BASE=0x1a00000
!endif

LIBS=$(LIBS) kernel32.lib

##############################################################################
Expand Down Expand Up @@ -44,7 +55,7 @@ $(BIND)\target$(DETOURS_BITS).dll $(BIND)\target$(DETOURS_BITS).lib: \
$(OBJD)\target.obj $(OBJD)\target.res \
/link $(LINKFLAGS) /subsystem:console \
/export:Target \
/base:0x1900000 \
/base:$(TARGET_BASE) \
$(LIBS)

$(OBJD)\target$(DETOURS_BITS).bsc : $(OBJD)\target.obj
Expand All @@ -60,7 +71,7 @@ $(BIND)\extend$(DETOURS_BITS).dll $(BIND)\extend$(DETOURS_BITS).lib: \
$(OBJD)\extend.obj $(OBJD)\extend.res \
/link $(LINKFLAGS) /subsystem:console \
/export:DetourFinishHelperProcess,@1,NONAME \
/base:0x1a00000 \
/base:$(EXTEND_BASE) \
$(LIBS)

$(OBJD)\extend$(DETOURS_BITS).bsc : $(OBJD)\extend.obj
Expand Down
2 changes: 1 addition & 1 deletion samples/slept/slept.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ DWORD WINAPI TestTicksEx(DWORD Add)

Add = pdw[Add] - Add;

delete pdw;
delete [] pdw;
}
else {
Add = dwSlept + Add;
Expand Down
48 changes: 24 additions & 24 deletions samples/traceapi/_win32.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12741,18 +12741,18 @@ BOOL __stdcall Mine_CreateProcessA(LPCSTR lpApplicationName,

BOOL rv = 0;
__try {
rv = DetourCreateProcessWithDllA(lpApplicationName,
lpCommandLine,
lpProcessAttributes,
lpThreadAttributes,
bInheritHandles,
dwCreationFlags,
lpEnvironment,
lpCurrentDirectory,
lpStartupInfo,
lpProcessInformation,
s_szDllPath,
Real_CreateProcessA);
rv = DetourCreateProcessWithDllExA(lpApplicationName,
lpCommandLine,
lpProcessAttributes,
lpThreadAttributes,
bInheritHandles,
dwCreationFlags,
lpEnvironment,
lpCurrentDirectory,
lpStartupInfo,
lpProcessInformation,
s_szDllPath,
Real_CreateProcessA);
} __finally {
_PrintExit("CreateProcessA(,,,,,,,,,) -> %x (proc:%d/%p, thrd:%d/%p\n", rv,
lpProcessInformation->dwProcessId,
Expand Down Expand Up @@ -12794,18 +12794,18 @@ BOOL __stdcall Mine_CreateProcessW(LPCWSTR lpApplicationName,

BOOL rv = 0;
__try {
rv = DetourCreateProcessWithDllW(lpApplicationName,
lpCommandLine,
lpProcessAttributes,
lpThreadAttributes,
bInheritHandles,
dwCreationFlags,
lpEnvironment,
lpCurrentDirectory,
lpStartupInfo,
lpProcessInformation,
s_szDllPath,
Real_CreateProcessW);
rv = DetourCreateProcessWithDllExW(lpApplicationName,
lpCommandLine,
lpProcessAttributes,
lpThreadAttributes,
bInheritHandles,
dwCreationFlags,
lpEnvironment,
lpCurrentDirectory,
lpStartupInfo,
lpProcessInformation,
s_szDllPath,
Real_CreateProcessW);
} __finally {
_PrintExit("CreateProcessW(,,,,,,,,,) -> %x (proc:%d/%p, thrd:%d/%p\n", rv,
lpProcessInformation->dwProcessId,
Expand Down
Loading

0 comments on commit 0277ce3

Please sign in to comment.