I noticed that when most people patch their modules that they have some issues, like they will have to precompile all of their works then copy memcpy the precompiled byte array over (with VirtualProtect and other goodies). I was wanting a method that would be a little bit more hackish but would make testing patches easier in the long run. I started messing around with __declspec( naked ) and this is what it got me.
__declspec( naked ) void mPatch()
{
// Insert Assmebly Code Below
__asm
{
// Add Assembly Here
nop;
}// Do not erase, its for protection
__asm
{
INT 3;
INT 3;
INT 3;
INT 3;
}
}DWORD calcPatchSize(void* funcBase, DWORD timeoutSize)
{
for (DWORD i = 0; i < timeoutSize; i+=4)
if (*(DWORD*)((DWORD)funcBase + i) == 0xCCCCCCCC)
return i;
return 0;
}
After I tested to see if the assembly of that was the 1:1 of what I was reversing, it worked flawlessly. There is only one minor issue, if you compile the code in Debug mode, Visual Studio does a bunch of funky things to it and instead of copying over the patch it will copy over “jmp mPatch” instead of the wanted assembly bytes. So build this in release mode, it will save you hours of headache.
Here is how I used it for the latest Battlefield 3 Patch.
DWORD WINAPI Init(LPVOID)
{
DWORD funcSize = calcPatchSize(mPatch, 1024);
DWORD dwOld;
VirtualProtect((LPVOID)0x004AB280, funcSize, PAGE_EXECUTE_READWRITE, &dwOld);
memcpy((LPVOID)0x004AB280, mPatch, funcSize);
VirtualProtect((LPVOID)0x004AB280, funcSize, dwOld, &dwOld);
return 0;
}
Works like a charm 🙂