libPeConv
A library to load, manipulate, dump PE files.
Loading...
Searching...
No Matches
hooks.h
Go to the documentation of this file.
1
6#pragma once
7
8#include <windows.h>
9#include <iostream>
10#include <string>
11#include <map>
12
13#include <peconv/function_resolver.h>
14#include <peconv/buffer_util.h>
15
16namespace peconv {
17
21 class PatchBackup {
22 public:
26 PatchBackup()
27 : buffer(nullptr), bufferSize(0), sourcePtr(nullptr)
28 {
29 }
30
31 ~PatchBackup()
32 {
33 deleteBackup();
34 }
35
39 void deleteBackup()
40 {
41 if (buffer) {
42 delete[] buffer;
43 buffer = nullptr;
44 bufferSize = 0;
45 sourcePtr = nullptr;
46 }
47 }
48
52 bool makeBackup(BYTE *patch_ptr, size_t patch_size);
53
57 bool applyBackup();
58
62 bool isBackup()
63 {
64 return buffer != nullptr;
65 }
66
67 protected:
68 BYTE *buffer;
69 size_t bufferSize;
70 BYTE *sourcePtr;
71
72 private:
73 // not implemented: no copying of the structure allowed
74 PatchBackup(const PatchBackup&);
75 PatchBackup& operator=(const PatchBackup&);
76 };
77
78
82 class hooking_func_resolver : public default_func_resolver {
83 public:
89 void add_hook(const std::string &name, FARPROC function)
90 {
91 hooks_map[name] = function;
92 }
93
99 void replace_dll(std::string dll_name, std::string new_dll);
100
107 virtual FARPROC resolve_func(LPCSTR lib_name, LPCSTR func_name);
108
109 private:
110 std::map<std::string, FARPROC> hooks_map;
111 std::map<std::string, std::string> dll_replacements_map;
112 };
113
122 size_t redirect_to_local64(void *ptr, ULONGLONG new_offset, PatchBackup* backup = nullptr);
123
132 size_t redirect_to_local32(void *ptr, DWORD new_offset, PatchBackup* backup = nullptr);
133
142 size_t redirect_to_local(void *ptr, void* new_function_ptr, PatchBackup* backup = nullptr);
143
147 bool replace_target(BYTE *ptr, ULONGLONG dest_addr);
148
149};//namespace peconv
buffer_util.h
Definitions of the used buffer types. Functions for their allocation and deallocation.
peconv::PatchBackup::bufferSize
size_t bufferSize
Definition: hooks.h:69
peconv::PatchBackup::applyBackup
bool applyBackup()
Definition: hooks.cpp:70
peconv::PatchBackup::sourcePtr
BYTE * sourcePtr
Definition: hooks.h:70
peconv::PatchBackup::buffer
BYTE * buffer
Definition: hooks.h:68
peconv::PatchBackup::deleteBackup
void deleteBackup()
Definition: hooks.h:39
peconv::PatchBackup::makeBackup
bool makeBackup(BYTE *patch_ptr, size_t patch_size)
Definition: hooks.cpp:56
peconv::PatchBackup::isBackup
bool isBackup()
Definition: hooks.h:62
peconv::default_func_resolver
Definition: function_resolver.h:32
peconv::hooking_func_resolver
Definition: hooks.h:82
peconv::hooking_func_resolver::replace_dll
void replace_dll(std::string dll_name, std::string new_dll)
Definition: hooks.cpp:89
peconv::hooking_func_resolver::add_hook
void add_hook(const std::string &name, FARPROC function)
Definition: hooks.h:89
peconv::hooking_func_resolver::resolve_func
virtual FARPROC resolve_func(LPCSTR lib_name, LPCSTR func_name)
Definition: hooks.cpp:96
function_resolver.h
Definitions of basic Imports Resolver classes. They can be used for filling imports when the PE is lo...
peconv::replace_target
bool replace_target(BYTE *ptr, ULONGLONG dest_addr)
Definition: hooks.cpp:226
peconv::redirect_to_local32
size_t redirect_to_local32(void *ptr, DWORD new_offset, PatchBackup *backup=nullptr)
Definition: hooks.cpp:156
peconv::redirect_to_local64
size_t redirect_to_local64(void *ptr, ULONGLONG new_offset, PatchBackup *backup=nullptr)
Definition: hooks.cpp:119
peconv::redirect_to_local
size_t redirect_to_local(void *ptr, void *new_function_ptr, PatchBackup *backup=nullptr)
Definition: hooks.cpp:193
Generated on Tue Apr 14 2026 13:01:06 for libPeConv by doxygen 1.9.5