troubleshooting Question

IAT patching, problem when calling back to original target function?

Avatar of chrispauljarram
chrispauljarram asked on
System ProgrammingMicrosoft DevelopmentEditors IDEs
12 Comments1 Solution832 ViewsLast Modified:

I was wondering if an expert could help me with IAT patching on NT based O/Ss as I've come a little unstuck.  I'm trying to install an API hook using DLL injection (LoadLibrary/CreateRemoteThread technique), and then patch a couple of OpenGL functions to be able to intercept their parameters and perform operations before calling the originals.  All of this is working apart from, it seems, when I call back to the original versions of functions that have a parameter list - calling back to functions with no parameters is fine.

I suspect it is how I've specified by function pointers, I'm new to this technique and can't seem to figure out which is the correct way of doing things.  When I call back to the original functions with the parameter list it just crashes the target process.

The code I'm using is as follows:-

// Pointer to original function:

void (WINAPI *glRotatefOrig)(GLfloat  angle, GLfloat x, GLfloat y, GLfloat z);

// Code to get original function pointer:

glRotatefOrig = (void (WINAPI *)(GLfloat, GLfloat, GLfloat, GLfloat)) GetProcAddress(hMod, "glRotatef"); // hMod = handle to openGL module.

// My own function implentation (this is called successfully by the target process following IAT patch):

void myglRotatef( GLfloat angle,  GLfloat x,  GLfloat y,  GLfloat z)
      console->Write("glRotatef Called\n"); // prints ok
      glRotatefOrig(angle, x, y, z); // This call crashes the application (no meaningful error given).

Can anyone possibly point me to where I'm going wrong?  I've tried numerous different ways of specifying the original function pointer but all end in tears :/

Cheers in advance if you can help,

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 12 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 12 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros