IDirect3DDevice9 :: EndScene挂钩有时在参数IDirect3DDevice9中获得NULL [英] IDirect3DDevice9::EndScene hook sometimes get NULL in the parameter IDirect3DDevice9

问题描述

我为IDirect3DDevice9 :: EndScene函数制作了一个蹦床挂钩。如果EndScene函数要跳转到，则我修改了代码凹坑的起始位置是：

I made a trampoline hook for the function IDirect3DDevice9::EndScene. The codecave I modified the start if the EndScene function to jump to is this:

__declspec(naked) HRESULT EndScene_Hook(IDirect3DDevice9* device)
{
    ScreenCapture::Capture(device);

    __asm
    {
        PUSH 0x14
        MOV EAX, 0x718E6478
        JMP address
    }
}

问题是有时 device 为NULL，为什么呢？如果我添加一个像这样的小条件：

The problem is that sometimes device is NULL, why is that? if I add a small condition like this:

if(device != NULL)
    ScreenCapture::Capture(device);

一切正常，没有错误。

此函数将 device 接收为NULL的原因可能是什么？这是对象 IDirect3DDevice9 的成员函数，不可能像这样 EndScene（NULL），因为它总是从其对象调用（例如pDevice-> EndScene（））。

What possibly can be the reason for this function to receive device as NULL? This is a member function of the object IDirect3DDevice9, it shouldn't be possible to call it like this EndScene(NULL) because it always called from it's object (e.g pDevice->EndScene()).

推荐答案

使用 __declspec（naked）告诉编译器不要为该函数发出序言或结语。在序言中，编译器通常会发出必要的指令，以便以后能够访问在堆栈上传递的函数的参数。由于您的代码引用了参数 device ，因此编译器发出的用于访问此参数的代码无法正常工作，并且最终访问了内存中不可预测的值。一种更可能的可能性是最终访问了调用它的函数的第一个参数，这就是为什么它可能不时起作用的原因。但是，您不能依赖它。

Using __declspec(naked) tells the compiler not to emit a prologue or an epilogue for the function. In the prologue the compiler would normally emit the instructions necessary for it to be able later access arguments to the function that are passed on the stack. Since your code references the argument device the code the compiler emits to access this argument doesn't work and ends up accessing an unpredictable value in memory. One of the more likely possibilities is that ends up accessing the the first argument of the function that called it, and this is why it may appear to work from time to time. However you can't depend on this.

您应该真正在汇编中完全编写这样的函数。如果需要的话，无论如何都要钩住64位代码。

You should really write a function like this entirely in assembly. You're going to need to if you want it you want to hook 64-bit code anyways.

这篇关于IDirect3DDevice9 :: EndScene挂钩有时在参数IDirect3DDevice9中获得NULL的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！