recursion function will not work

Mar 13, 2014 at 4:23 AM
Edited Mar 13, 2014 at 4:30 AM
I have read some of your code and i found some things wondering me.
  1. if the hooked function use recursion, i can only intercept the first call. why you design like this? is anything bad will happen if reentry is allowed? i found the code at barrier.c(804) do the reenter check.
  2. I always think release trampoline memory is not absolutely safe, i know you use code
    mov eax, esp
    push ecx ; both are fastcall parameters, ECX is also used as "this"-pointer
    push edx
    mov ecx, eax; InitialRSP value for NETIntro()...

    mov eax, 1A2B3C02h
    db 0F0h ; interlocked increment execution counter
    inc dword ptr [eax] ;add executed count
    to check whether is safe to release trampoline memory, but if the code just executed after move eax,esp and the memory is released??? your method is not that safe. In Commercial usage, it better not release the memory. am i right?
I am not very sure about the viewpoint above, so can you disabuse me?
Mar 31, 2014 at 8:57 AM
Regarding question 1. I wasn't around when the code was first written, but my best guess is that it was implemented that way on purpose to keep things simple for users of the library when calling the original method from within hooks (preventing endless loops) - maybe re-entrant code was not considered, I am not sure.

I still need to look at question 2.