Available on crate feature
inline only.Expand description
Inline hooking.
-
Supported CPU architectures: x86, x64, ARM64.
-
Support system ABI (
system,stdcall/win64) only. -
no_stdand depend onNtdll.dllonly (iftracingis not enabled). -
RAII (drop guard) design.
To leak the hook, wrap
InlineHookasstd::mem::ManuallyDrop<InlineHook>(or callstd::mem::forget()). -
Thread unsafe at the moment.
If you may enable/disable hooks from multiple threads at the same time, use a
std::sync::Mutexlock. -
To init a (
mut)static,InlineHook::new_disabled()can be used.
§Examples
// cargo add ib-hook --features inline
use ib_hook::inline::InlineHook;
extern "system" fn original(x: u32) -> u32 { x + 1 }
// Hook the function with a detour
extern "system" fn hooked(x: u32) -> u32 { x + 0o721 }
let mut hook = InlineHook::<extern "system" fn(u32) -> u32>::new(original, hooked).unwrap();
assert!(hook.is_enabled());
// Now calls to original are redirected to hooked
assert_eq!(original(0x100), 721); // redirected to hooked: 0x100 + 0o721 = 721
// Access original via trampoline
assert_eq!(hook.trampoline()(0x100), 0x101); // 0x100 + 1
// Disable the hook manually (or automatically on drop)
hook.disable().unwrap();
assert!(!hook.is_enabled());
assert_eq!(original(0x100), 0x101); // back to original§Disclaimer
This is currently implemented as a wrapper of KNSoft.SlimDetours, for type safety and RAII (drop guard).
Ref: https://github.com/Chaoses-Ib/ib-shell/pull/1
Structs§
- Inline
Hook - Type-safe and RAII (drop guard) wrapper of an inline hook.