On Monday, 4 November 2013 at 18:00:17 UTC, Baz wrote:
On Monday, 4 November 2013 at 16:42:42 UTC, Jacob Carlborg
wrote:
On 2013-11-04 16:09, Baz wrote:
On Saturday, 26 October 2013 at 16:36:35 UTC, TheFlyingFiddle
wrote:
Is there a way to extract the source code of a method at
compiletime?
Yep, at least on win32. (tested in win7 32 with DEP set to
"ON" for
everything)
http://dpaste.dzfl.pl/19c77eee
It doesn't run on DPaste (linux x86_64) that's why I restrict
the "yes"
to my own local test (on win32).
basically:
- set memory mode for reading code and grab it.
- transform. (in my example I patch a bool as return value).
- set memory mode for writing and patch it with your
"patched-grabed-code".
- call new code.
:)
That can't work at compile time?
No it's only a run-time trick.
interesting example: turn mad a cracker who makes static
analysic of the code.
Because the code disasm from the exe is different from the code
executed at run-time...
http://s22.postimg.org/w589e9oyp/Patcher_Win32.png
you can clearly see that after "run-time" patching proc3 return
false instead of true...actually it's a common crack...33C0 vs
B001.
But if you want to monkey the stuff you have enough space
- nop it (90)
- rewrite your function and patch the offsets...
- put your calls for your start stop tracing stuffs
- in the remaining nop field put your E8<address of copied
code>...
and as you have no manual control over inlining you'll get UB...