nazgul144 <nlscotty@xxxxxxxxxxx> writes:
> Ian Lance Taylor-3 wrote:
>>
>> nazgul144 <nlscotty@xxxxxxxxxxx> writes:
>>
>>> I would like to do this in GCC,
>>>
>>> [code]
>>>
>>> void Hooks::NewSendFun()
>>> {
>>> __asm__ (
>>> "mov [ppSendPacket],%esp\n\t"
>>> "pusha\n\t"
>>> "call SendPacketCallback\n\t"
>>> "popa\n\t"
>>> "jmp *%ulSendRet]\n\t"
>>> );
>>> }
>>>
>>> //and jmp from an address, like this
>>> *(char*)ulSend = 0xE9;
>>> //*(void **)((char *)ulSend + 1) = (void*)(((char*)(NewSendFun)) -
>>> ((char *)ulSend + 5));
>>> *(unsigned long*)(ulSend + 1) = ((unsigned long)NewSendFun -
>>> (unsigned
>>> long)ulSend - 5);
>>> [/code]
>>>
>>> But none of it is working, ulSend(ret) is an unsigned long, the address
>>> I'm
>>> trying to hook,
>>
>> The chances of getting that work correctly are extremely remote. You
>> are jumping away from the function without cleaning up the stack frame.
>>
>> Note that gcc will already turn sibling calls into jumps when possible
>> when optimizing. I would recommend either relying on that optimization
>> or simply writing assembler code directly.
>>
>> Ian
>>
>>
>
> But how can I call the assembler function from my address?
I'm not sure I understand the question. If you mean, how can you call
it from C, you can just call it. E.g.:
.globl foo
foo:
asm statements
In C:
extern void foo();
void f() { foo(); }
Ian
