[Bug] tiny_hook 写入字节超出源函数长度导致相邻函数被破坏 #10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Open

marlkiller opened this issue Apr 12, 2025 · 1 comment

Labels

bug

marlkiller commented Apr 12, 2025

调用如下方式进行 hook：

tiny_hook(SecCodeCheckValidity, (void *)hk_SecCodeCheckValidity, (void *)&SecCodeCheckValidity_ori);

但目标函数 SecCodeCheckValidity 的函数体只有 12 字节，而 tiny_hook 写入了 14 字节，
导致覆盖到了相邻函数的指令，造成崩溃或行为异常。

The text was updated successfully, but these errors were encountered:

Owner

Antibioticss commented Apr 12, 2025

14个字节已经是不借用寄存器大跳的最短长度了，借用一个寄存器可以缩短到12字节，但容易出问题

暂时先hook SecCodeCheckValidityWithErrors吧，SecCodeCheckValidity也是要跳转到那里的

后面我可以试试通过间接跳板来解决这个问题

Antibioticss added the bug label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment