I have implemented a d3d11 hook and detour function within a dxgi.dll wrapper library which works just fine in Windows 7 (x86, x64). Now I am trying to port it to Windows 8.1 but the detour in my hook seems not to work (no error/crash just not doing the jmp to my target fct). From what I know, this means I must have placed the detour wrong (or original fct was called already?).
However, I use the standard detour function::
void *DetourFunc(BYTE *src, const BYTE *dst, const int len)
{
BYTE *jmp = (BYTE*)malloc(len+5);
DWORD dwback;
VirtualProtect(src, len, PAGE_READWRITE, &dwback);
memcpy(jmp, src, len); jmp += len;
jmp[0] = 0xE9;
*(DWORD*)(jmp+1) = (DWORD)(src+len - jmp) - 5;
src[0] = 0xE9;
*(DWORD*)(src+1) = (DWORD)(dst - src) - 5;
VirtualProtect(src, len, dwback, &dwback);
return (jmp-len);
}
To get the address of the src I use GetProcAddress() of the HModule of the target dll (d3d11)::
DetourFunc(
( BYTE* ) GetProcAddress(HMD3D11, "D3D11CreateDeviceAndSwapChain"),
( BYTE* ) MyD3D11CreateDeviceAndSwapChain,
5);
SRC address in memory shows::
0x72883937 8b ff 55 8b ec 51 e8 af 16 fe ff 5d ff e0 83 7c 24 24 00 0f 84 ce 06 fe ff e9 bc e2 fd ff 89 10 e9 6e 05 fe ff
DST address in memory shows::
0x092891B0 55 8b ec 83 ec 5c 56 57 8d 7d a4 b9 17 00 00 00 b8 cc cc cc cc f3 ab a1 68 5b 2e 09 33 c5 89 45 fc c7 45 f8 00
As previously written, this works fine in Windows 7 (x86 or x64) but fails in Windows 8.1 (x86). I am also not quiet sure how (what tool) to check the address space of an external function. It might also be possible that the D3D11CreateDeviceAndSwapChain signature changed in Win8.1?!
I would appreciate any help in that matter
