Project Perfect Mod Forums
:: Home :: Get Hosted :: PPM FAQ :: Forum FAQ :: Privacy Policy :: Search :: Memberlist :: Usergroups :: Register :: Profile :: Log in to check your private messages :: Log in ::


The time now is Thu Mar 28, 2024 3:04 pm
All times are UTC + 0
Syringe documentation
Moderators: Ares Support Team at PPM, Global Moderators, Red Alert 2 Moderators
Post new topic   Reply to topic Page 1 of 1 [4 Posts] Mark the topic unread ::  View previous topic :: View next topic
Author Message
Iran
Pyro Sniper


Joined: 23 Mar 2011

PostPosted: Fri Mar 08, 2013 12:11 pm    Post subject:  Syringe documentation Reply with quote  Mark this post and the followings unread

My apologies for asking this in the Ares forums.

Where can I find documentation for using Syringe?

Back to top
View user's profile Send private message
pd
Laser Commando


Joined: 19 Jun 2005
Location: Gone

PostPosted: Fri Mar 08, 2013 1:35 pm    Post subject: Reply with quote  Mark this post and the followings unread

If I remember correctly, I didn't write any documentation.

Syringe originally worked with a pair of files: a DLL and a "hook" information file, which was practically a list of hex addresses. At these addresses, Syringe placed breakpoints in the original code and invokes the respective DLL method. To communicate with the original code, the CPU registers (EAX through EDI) are transmitted in a simple structure. The DLL also had direct access to the original app's memory.

However, a lot of all that changed in the process of Ares development, so I suppose when AlexB, Renegade or DCoder see this, they should be able to give a deeper insight.

It's also a good idea to check out both Syringe and YR++/Ares and have a look. I'm sure you could practically "steal" the Syringe.hpp file from YR++ and adapt it to your own project for any uncompressed 32-bit exe file.

Back to top
View user's profile Send private message
Iran
Pyro Sniper


Joined: 23 Mar 2011

PostPosted: Fri Mar 08, 2013 2:13 pm    Post subject: Reply with quote  Mark this post and the followings unread

I intend to grab Syringe.hpp and ASMMacros.h once I figure out some licensing info and how to properly credit the Ares/YR++ authors.

Here's some questions I have:

1. How do I load a Syringe control file and how does one look like (is it an .inj file?)
2. When Syringe hits one of the breakpoints it set, does it execute the original instruction at that offset?
3. Does syringe restore the original registers values after all hooks has been run on a location?
4. One of the "arguments" to a hook is the "length", why is this needed and what exactly is it for? I assume it's the length in bytes of the instructions that syringe should restore when the breakpoint is triggered?

Back to top
View user's profile Send private message
AlexB
Commander


Joined: 31 May 2010
Location: Germany

PostPosted: Fri Mar 08, 2013 9:20 pm    Post subject: Reply with quote  Mark this post and the followings unread

1) Syringe does it. It looks in the exe's directory for dlls that have a corresponding dll.inj file. At the moment, all dlls are included when running an exe through Syringe, even if they don't apply to the exe.

Just launch
Syringe.exe "exe-name" [optional parameters go here]

2+3+4) No, the bytes at the hooks location are overwritten. If you look at Ares' dll.inj file, you will see lines like XXXXXXXX=Name,6, the XXX part is the instruction address, the name is the name of the exported function to call (see DEFINE_HOOK marco).
The number after the comma is the length of the instruction to be replaced. It has to be equal to or larger than 5, because the replacement instruction needs 5 bytes. If one instruction is shorter than 5 bytes, you have to add the next one, too, until their added size is higher than 5. This many bytes are saved by Syringe and executed if you do a "return 0;" in the hook function. If you return any other number, the instruction pointer is set to this value and the original code is not executed. Do not jump to the original instruction (you'd call this very hook again), or to anything within "length" (because it has been replaced).

Note that you cannot hook certain instructions and you'd get strange behavior or a crash if you do. These are CALL instructions, whose jump offset changes if they are executed from the cache and not from their original location. Mind CMP, TEST and jumps, because the hook kills the processor flags. Thus, you can't hook between CMP and JLE and friends, because the result of the CMP would be gone and the game might take the wrong path. You'd have to recreate the comparison or test in your dll and "return x;" the jumped-to instruction.

Also mind that you cannot hook across jump marks (that are reachable from outside of the replaced instructions), because the game would jump into the middle of an instruction. And most importantly, the stack pointer ESP has to contain the same value (you can change all other registers through the parameter R of DEFINE_HOOK [and only through this, MOV won't work because the registers are reset on return]). You cannot change the value of ESP, and thus every PUSH, POP, CALL, ADD you do in the hook gets ignored when control is returned to the original game. It's ok to PUSH and CALL using inline asm in the hook, though.

That's the "wisdom" part I can think of right now. The "knowledge" stuff is in the Ares source files.

Download Ares. License files for Syringe and Ares should be included.

_________________

Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic Page 1 of 1 [4 Posts] Mark the topic unread ::  View previous topic :: View next topic
 
Share on TwitterShare on FacebookShare on Google+Share on DiggShare on RedditShare on PInterestShare on Del.icio.usShare on Stumble Upon
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © phpBB Group

[ Time: 0.1512s ][ Queries: 11 (0.0098s) ][ Debug on ]