update system DLL range logic for 64-bit OSes

microsoft / Detours

Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.

MIT License

5k stars 978 forks source link

update system DLL range logic for 64-bit OSes #307

Open jdu2600 opened 8 months ago

jdu2600 commented 8 months ago

Hey Detours folks,

Just a couple of suggestions for choosing the trampoline location.

The X86 range reserved for system DLLs is not up to date.

The X64 "not +/- 1GB of target" heuristic to avoid the range used by system DLLs is not entirely robust. Instead we could replace this with a "not 1GB after ntdll" heuristic.