Open simonsan opened 1 year ago
This is most likely a problem with how you are hooking the function, the stack shouldnt get corrupted unless your function signature is wrong or you are manually breaking something in the hook code. Can you post more details on what you are hooking and what the code looks like?
@e-codes-stuff Currently the repository is private, can I invite you? Posting code is currently not possible, unfortunately.
I would be willing to take a look if invited, but most likely I would say your problem is that you don't have a correct function signature, that will often result in stack corruption
Reverse engineered:
void CANDIDATE_6(void *ssl_struct,SOCKET socket,UCHAR *plaintext_buffer,int plaintext_buffer_length,
int *sent_size
// detour
pub(crate) static SendHook: unsafe extern "system" fn(
*const c_void,
SOCKET,
*const c_char,
c_int,
*const c_int
) -> c_void;
When hooking a function call within a binary the process stops with this exit code:
Process stopped with exit code 0xC0000409 (STATUS_STACK_BUFFER_OVERRUN)
I read up on this issue here: https://devblogs.microsoft.com/oldnewthing/20190108-00/?p=100655
Can I do something about this with this library or do I need to approach it differently?