retour-utils 0.2.1

Utility crate for creating hooks with `retour`
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139

pub mod error;

use std::iter;

pub use error::Error;
/// Macro used to hook multiple `retour::StaticDetour`s at once
/// 
/// Reads a `mod` block and generating static detours from #[hook] macros. 
/// #[hook] is not its own macro that gets expanded, it is read and removed by the [`hook_module`] 
/// 
/// # `#[hook] syntax
/// Hook based off symbol
/// ```
/// #[hook(<unsafe> <extern> <ABI> DETOUR_NAME, symbol = "SYMBOL_NAME")]
/// ```
/// Hook based off offset
/// ```
/// #[hook(<unsafe> <extern> <ABI> DETOUR_NAME, offset = 0xDEAD_BEEF)]
/// ```
/// Examples:
/// ```
/// #[hook(unsafe extern "system" MessageBoxA_Detour, symbol = "MessageBoxA")]
/// fn messageboxw_detour(hwnd: HWND, text: PCWSTR, _caption: PCWSTR, u_type: u32) -> i32 { ... }
/// 
/// #[hook(Add_Detour, symbol = "add")]
/// fn add(a: i32, b: i32) -> i32 { ... }
/// 
/// #[hook(lua_newstate_Detour, offset = 0x4321)]
/// fn add(a: i32, b: i32) -> i32 { ... }
/// ```
/// 
/// 
/// # Example
/// ```
/// use retour_utils::hook_module;
///
/// #[hook_module("lua52.dll")]
/// mod lua {
///     // Creates a StaticDetour called Lua_newstate with the same function type as our function 
///     // (minus abi/unsafe to work with retour crate)
///     #[hook(unsafe extern "C" Lua_newstate, symbol = "Lua_newstate")]
///     pub fn newstate(f: *mut lua_Alloc, ud: *mut std::ffi::c_void) -> *mut lua_State {
///         unsafe {
///             Lua_newstate.call(f, ud)
///         }
///     }
/// 
///     // == Generated by macro: ==
///     // #[hook_module] will create `MODULE_NAME`:
///     const MODULE_NAME: &str = "lua52.dll"
///     // and init_detours function
///     pub unsafe init_detours() -> crate::Result<()> {..}
///     // which will initialize all the StaticDetours generated by the macro inside this module
/// }
/// ```
pub use retour_utils_impl::hook_module;
use windows::{
    core::{PCSTR, PCWSTR},
    Win32::{
        Foundation::HMODULE,
        System::LibraryLoader::{GetModuleHandleW, GetProcAddress},
    },
};

type Result<T> = std::result::Result<T, error::Error>;

pub enum LookupData {
    Offset {
        module: &'static str,
        offset: usize,
    },
    Symbol {
        module: &'static str,
        symbol: &'static str,
    },
}

impl LookupData {
    pub const fn from_offset(module: &'static str, offset: usize) -> Self {
        Self::Offset { module, offset }
    }

    pub const fn from_symbol(module: &'static str, symbol: &'static str) -> Self {
        Self::Symbol { module, symbol }
    }
    fn get_module(&self) -> &str {
        match self {
            Self::Offset { module, .. } => module,
            Self::Symbol { module, .. } => module,
        }
    }
    #[cfg(windows)]
    /// From a Windows Handle, get the address of a function in memory
    /// 
    fn address_from_handle(&self, handle: HMODULE) -> Option<*const ()> {
        use std::ffi::CString;

        match self {
            LookupData::Offset { offset, .. } => {
                // On Windows, HINSTANCE is the start address of the library,
                //  so we just add the offset to get the address
                Some((handle.0 as usize + offset) as *const ())
            }
            LookupData::Symbol { symbol, .. } => {
                let c_symbol = CString::new(*symbol).ok()?;
                let wrapped_ptr = PCSTR::from_raw(c_symbol.as_ptr() as *const u8);
                unsafe { GetProcAddress(handle, wrapped_ptr) }.map(|func_ptr| func_ptr as *const ())
            }
        }
    }
}

/// Initialize detour by passing the address of original function to `init_detour_fn`
/// 
/// This is called by `init_detours`, which is generated by the [`hook_module`] macro
/// 
/// ## Support
/// Only works on Windows by calling `GetModuleHandleW` to get the process' handle
pub unsafe fn init_detour(
    lookup_data: LookupData,
    init_detour_fn: fn(*const ()) -> retour::Result<()>,
) -> Result<()> {
    let module = lookup_data.get_module().to_string();
    let module_w_ptr = module
        .encode_utf16()
        .chain(iter::once(0))
        .collect::<Vec<u16>>()
        .as_ptr();
    let wrapped_ptr = PCWSTR::from_raw(module_w_ptr);

    // Get handle to module (aka dll)
    if let Ok(handle) = unsafe { GetModuleHandleW(wrapped_ptr) } {
        let Some(addr) = lookup_data.address_from_handle(handle) else {
            return Err(Error::ModuleNotLoaded);
        };
        init_detour_fn(addr)?;
    }
    Ok(())
}