protected void MakePlacholderMethodCallPointsToRawMethod_x64(MethodBase method, IntPtr pMethod)
{
uint oldProtect;
var rawMethodPtr = (byte *)pMethod.ToPointer();
var needSize = LDasm.SizeofMin5Byte(rawMethodPtr);
byte[] src_instr = new byte[needSize];
for (int i = 0; i < needSize; i++)
{
src_instr[i] = rawMethodPtr[i];
}
fixed(byte *p = &jmp_inst[3])
{
*((ulong *)p) = (ulong)(rawMethodPtr + needSize);
}
var totalLength = src_instr.Length + jmp_inst.Length;
IntPtr ptr = Marshal.AllocHGlobal(totalLength);
Marshal.Copy(src_instr, 0, ptr, src_instr.Length);
Marshal.Copy(jmp_inst, 0, ptr + src_instr.Length, jmp_inst.Length);
VirtualProtect(ptr, (uint)totalLength, Protection.PAGE_EXECUTE_READWRITE, out oldProtect);
RuntimeHelpers.PrepareMethod(method.MethodHandle);
*((ulong *)((uint *)method.MethodHandle.Value.ToPointer() + 2)) = (ulong)ptr;
}
//jmp target
/// <summary>
/// 采用jmp指令从原函数跳转到目标函数
/// </summary>
/// <param name="lMethod">原函数</param>
/// <param name="rMethod">目标函数</param>
public void ReplaceMethod(MethodBase lMethod, MethodBase rMethod)
{
//确保方法已被编译为本地代码
JIT(lMethod);
JIT(rMethod);
uint oldProtect;
//获取函数指针
var rawMPtr = (byte *)rMethod.MethodHandle.GetFunctionPointer().ToPointer();
var needSize = LDasm.SizeofMin5Byte(rawMPtr);
var total_length = (int)needSize + 5;
byte[] code = new byte[total_length];
IntPtr ptr = Marshal.AllocHGlobal(total_length);
//code[0] = 0xcc;//调试用
for (int i = 0; i < needSize; i++)
{
code[i] = rawMPtr[i];
}
code[needSize] = 0xE9;
fixed(byte *p = &code[needSize + 1])
{
*((uint *)p) = (uint)rawMPtr - (uint)ptr - 5;
}
Marshal.Copy(code, 0, ptr, total_length);
VirtualProtect(ptr, (uint)total_length, Protection.PAGE_EXECUTE_READWRITE, out oldProtect);
//RuntimeHelpers.PrepareMethod(lMethod.MethodHandle);
*((uint *)lMethod.MethodHandle.Value.ToPointer() + 2) = (uint)ptr;
}
/// <summary>
/// 将对originalMethod的调用指向原函数
/// </summary>
/// <param name="originalMethod"></param>
protected void MakePlacholderMethodCallPointsToRawMethod_x86(MethodBase originalMethod, IntPtr pMethod)
{
uint oldProtect;
var rawMPtr = (byte *)pMethod.ToPointer();
var needSize = LDasm.SizeofMin5Byte(rawMPtr);
var total_length = (int)needSize + 5;
byte[] code = new byte[total_length];
IntPtr ptr = Marshal.AllocHGlobal(total_length);
//code[0] = 0xcc;//调试用
for (int i = 0; i < needSize; i++)
{
code[i] = rawMPtr[i];
}
code[needSize] = 0xE9;
fixed(byte *p = &code[needSize + 1])
{
*((uint *)p) = (uint)rawMPtr - (uint)ptr - 5;
}
Marshal.Copy(code, 0, ptr, total_length);
VirtualProtect(ptr, (uint)total_length, Protection.PAGE_EXECUTE_READWRITE, out oldProtect);
RuntimeHelpers.PrepareMethod(originalMethod.MethodHandle);
*((uint *)originalMethod.MethodHandle.Value.ToPointer() + 2) = (uint)ptr;
}
