Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/mpc-hc/mpc-hc.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/src/thirdparty/mhook
diff options
context:
space:
mode:
authorAlex Marsev <alex.marsev@gmail.com>2013-09-13 22:58:39 +0400
committerAlex Marsev <alex.marsev@gmail.com>2013-09-13 23:34:04 +0400
commit3877630d30a8a4c8511821d559f2ce397a88f8a5 (patch)
tree14ee6ec776a494c215f79211e77d28d7fb5742b2 /src/thirdparty/mhook
parent78e8dfbc3d8bd9a7b64340d4cd7ff8265204d9e2 (diff)
mhook: hack around EMET
Diffstat (limited to 'src/thirdparty/mhook')
-rw-r--r--src/thirdparty/mhook/mhook-lib/mhook.cpp2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/thirdparty/mhook/mhook-lib/mhook.cpp b/src/thirdparty/mhook/mhook-lib/mhook.cpp
index bf448beee..097a77c56 100644
--- a/src/thirdparty/mhook/mhook-lib/mhook.cpp
+++ b/src/thirdparty/mhook/mhook-lib/mhook.cpp
@@ -741,6 +741,8 @@ BOOL Mhook_SetHook(PVOID *ppSystemFunction, PVOID pHookFunction) {
// flush instruction cache and restore original protection
FlushInstructionCache(hProc, pTrampoline->codeTrampoline, dwInstructionLength);
+ // MPC-HC HACK: otherwise we go into infinite recursion when hooking NtQueryInformationProcess() with EMET active and the hook calls the original function
+ *ppSystemFunction = pTrampoline->codeTrampoline;
VirtualProtectEx(hProc, pTrampoline, sizeof(MHOOKS_TRAMPOLINE), dwOldProtectTrampolineFunction, &dwOldProtectTrampolineFunction);
} else {
ODPRINTF((L"mhooks: Mhook_SetHook: failed VirtualProtectEx 2: %d", gle()));
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-05 06:21:26 +0300