search

MahdiSafsafi / DDetours

Delphi Detours Library
Mozilla Public License 2.0
373 stars 157 forks source link

Hook on X64 fails #14

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Crashes with 
"First chance exception at $00007FFA621914B0. Exception class $C0000005 with 
message 'c0000005 ACCESS_VIOLATION'. Process Project3.exe (9752)" 

At 2# hook.

program HookThread;

{$APPTYPE CONSOLE}

{.$DEFINE WINDOWS_XP}

uses
  System.SysUtils,
  WinApi.Windows,
  System.Classes,
  CPUID,
  DDetours,
  InstDecode;

type
  LPTHREAD_START_ROUTINE = function(lpThreadParameter: LPVOID): DWORD; stdcall;
  TLdrShutdownThread = procedure; stdcall;
  TCreateThread = function(lpThreadAttributes: Pointer; dwStackSize: SIZE_T; lpStartAddress: TFNThreadStartRoutine; lpParameter: Pointer; dwCreationFlags: DWORD; var lpThreadId: DWORD): THandle; stdcall;

var
  LdrShutdownThread: TLdrShutdownThread;
  CreateThreadHook: TCreateThread;

procedure LdrShutdownThreadCallback;
begin
  Writeln('Shutdown Thread !');
  LdrShutdownThread;
end;

function CreateThreadCallback(lpThreadAttributes: Pointer; dwStackSize: SIZE_T; 
lpStartAddress: TFNThreadStartRoutine; lpParameter: Pointer; dwCreationFlags: 
DWORD; var lpThreadId: DWORD): THandle; stdcall;
begin
  Writeln('Thread Started !');
  Result := CreateThreadHook(lpThreadAttributes, dwStackSize, lpStartAddress, lpParameter, dwCreationFlags, lpThreadId);
end;

begin
  @LdrShutdownThread := InterceptCreate('ntdll.dll', 'LdrShutdownThread', @LdrShutdownThreadCallback);
  @CreateThreadHook := InterceptCreate('kernel32.dll', 'CreateThread', @CreateThreadCallback);  // CRASH

  TThread.CreateAnonymousThread(
  procedure
  begin
    Sleep(1000);
  end).Start;

  ReadLn;
end.

Original issue reported on code.google.com by david.lo...@gmail.com on 9 Jan 2015 at 10:52

GoogleCodeExporter commented 9 years ago 
Hi,
Does the hook works correctly on x86-32bit?
What's your os version (xp or win7,..)?

Original comment by ismspi...@gmail.com on 9 Jan 2015 at 10:56

GoogleCodeExporter commented 9 years ago 
win 8.1 x64 :)

Works good with 32 bit compile!

Original comment by david.lo...@gmail.com on 9 Jan 2015 at 10:58

GoogleCodeExporter commented 9 years ago

Original comment by ismspi...@gmail.com on 9 Jan 2015 at 11:06

GoogleCodeExporter commented 9 years ago

Original comment by ismspi...@gmail.com on 9 Jan 2015 at 11:24