在c#中挂钩运行时的托管方法

时间:2016-02-04 16:47:05

标签: c# methods hook managed detours

我有一个密封的类,在程序集中有一个公共方法,我想添加一个日志系统,但不幸的是我没有源代码。所以我试图在特定的日志记录方法上绕过这个方法,并在退出时调用原始方法。挂钩工作正常,但我无法获得任何类型的参数,或者至少我得到了完全错误的东西。

我不能使用任何类型的注入或像PostSharp这样的库,所以我想知道这种东西是否可以在运行时以某种方式实现,还是我可以放弃?

为了给您提供更多详细信息,我将在下面粘贴一些代码部分:

public Hook(Delegate target, Delegate hook)
{
  this.target = Marshal.GetFunctionPointerForDelegate(target);
  targetDelegate = target;
  this.hook = Marshal.GetFunctionPointerForDelegate(hook);

  originalBytes = new byte[6];
  Marshal.Copy(this.target, originalBytes, 0, 6);

  byte[] hookPointerBytes = BitConverter.GetBytes(this.hook.ToInt32());
  // Jump
  newBytes = new byte[]
  {
    0x68, hookPointerBytes[0], hookPointerBytes[1], hookPointerBytes[2], hookPointerBytes[3], 0xC3
  };
}

public object CallOriginal(params object[] args)
{
  // Remove the patch
  Uninstall();
  // Invoke the original method
  object ret = targetDelegate.DynamicInvoke(args);
  // Re-apply the patch
  Install();
  return ret;
}


public sealed class Foo
{
    public void DoSomething(Int32 value1)
    {
      // and here I am getting value1 = -1919988997
      Console.WriteLine(value1);
    }
}

class Program
{
    [UnmanagedFunctionPointer(CallingConvention.Cdecl)]
    public delegate void DoSomethingDelegate(Int32 value1);

    private static DoSomethingDelegate Original { get; set; }
    private static DoSomethingDelegate Hooked { get; set; }

    private static HookManager _hookManager;

    public static void DoSomething(Int32 value1)
    {
      // This is called as well after foo.DoSomething but value1 is 251934152
      Console.WriteLine("Hooked DoSomething: " + value1) ;
      var hook = _hook["DoSomethingHook"];

      // Call the original Foo.DoSomething
      hook.CallOriginal(value1);
    }

    static void Main(string[] args)
    {
      RuntimeHelpers.PrepareMethod(typeof(Foo).GetMethod("DoSomething").MethodHandle);
      _hookManager = new HookManager();
      var originalPointer = typeof(Foo).GetMethod("DoSomething").MethodHandle.GetFunctionPointer();
      Original = (DoSomethingDelegate)Marshal.GetDelegateForFunctionPointer(originalPointer, typeof(DoSomethingDelegate));
      Hooked = DoSomething;
      _hookManager.Add(Original, Hooked, "DoSomethingHook");

      // Call Hook method, HookManager it is just an extended dictionary...
      _hookManager.InstallAll();

      var foo = new Foo();

      // Calling the original method here with 1
      foo.DoSomething(1);

      Console.ReadLine();
    }
}

1 个答案:

答案 0 :(得分:1)

Solved,Marshal.GetFunctionPointerForDelegate:我不能使用此方法从指向另一个托管委托的函数指针创建委托。

  this.target = target.Method.MethodHandle.GetFunctionPointer(); //Marshal.GetFunctionPointerForDelegate(target);
  targetDelegate = target;
  this.hook = hook.Method.MethodHandle.GetFunctionPointer(); //Marshal.GetFunctionPointerForDelegate(hook);
相关问题
最新问题