Merge branch 'dll_replace'

libpeconv/include/peconv/function_resolver.h

@@ -19,7 +19,7 @@ namespace peconv {
         \param lib_name : the name of the DLL
         \return Virtual Address of the exported function
         */
-        virtual FARPROC resolve_func(LPSTR lib_name, LPSTR func_name) = 0;
+        virtual FARPROC resolve_func(LPCSTR lib_name, LPCSTR func_name) = 0;
     };
 
     /**
@@ -33,7 +33,7 @@ namespace peconv {
         \param lib_name : the name of the DLL
         \return Virtual Address of the exported function
         */
-        virtual FARPROC resolve_func(LPSTR lib_name, LPSTR func_name);
+        virtual FARPROC resolve_func(LPCSTR lib_name, LPCSTR func_name);
     };
 
 }; //namespace peconv

libpeconv/include/peconv/hooks.h

@@ -80,21 +80,32 @@ namespace peconv {
         \param name : a name of the function that will be replaced
         \param function : an address of the replacement function
         */
-        void add_hook(std::string name, FARPROC function)
+        void add_hook(const std::string &name, FARPROC function)
         {
             hooks_map[name] = function;
         }
 
+        /**
+        Define a DLL that will be replaced.
+        \param dll_name : a name of the DLL to be replaced
+        \param new_dll  : a name of the new DLL that will be loaded instead
+        */
+        void replace_dll(std::string dll_name, const std::string &new_dll)
+        {
+            dll_replacements_map[dll_name] = new_dll;
+        }
+
         /**
         Get the address (VA) of the function with the given name, from the given DLL. If the function was hooked, it retrieves the address of the replacement function instead.
         \param func_name : the name of the function
         \param lib_name : the name of the DLL
         \return Virtual Address of the exported function, or the address of the replacement function.
         */
-        virtual FARPROC resolve_func(LPSTR lib_name, LPSTR func_name);
+        virtual FARPROC resolve_func(LPCSTR lib_name, LPCSTR func_name);
 
     private:
         std::map<std::string, FARPROC> hooks_map;
+        std::map<std::string, std::string> dll_replacements_map;
     };
 
     /**

libpeconv/src/function_resolver.cpp

@@ -2,7 +2,7 @@
 
 #include <iostream>
 
-FARPROC peconv::default_func_resolver::resolve_func(LPSTR lib_name, LPSTR func_name)
+FARPROC peconv::default_func_resolver::resolve_func(LPCSTR lib_name, LPCSTR func_name)
 {
     HMODULE libBasePtr = LoadLibraryA(lib_name);
     if (libBasePtr == NULL) {

libpeconv/src/hooks.cpp

@@ -78,11 +78,11 @@ bool PatchBackup::applyBackup()
     return true;
 }
 
-FARPROC peconv::hooking_func_resolver::resolve_func(LPSTR lib_name, LPSTR func_name)
+FARPROC peconv::hooking_func_resolver::resolve_func(LPCSTR lib_name, LPCSTR func_name)
 {
     //the name may be ordinal rather than string, so check if it is a valid pointer:
     if (!peconv::is_bad_read_ptr(func_name, 1)) {
-        std::map<std::string, FARPROC>::iterator itr = hooks_map.find(func_name);
+        std::map<std::string, FARPROC>::const_iterator itr = hooks_map.find(func_name);
         if (itr != hooks_map.end()) {
             FARPROC hook = itr->second;
 #ifdef _DEBUG
@@ -91,7 +91,17 @@ FARPROC peconv::hooking_func_resolver::resolve_func(LPSTR lib_name, LPSTR func_n
             return hook;
         }
     }
-    return peconv::default_func_resolver::resolve_func(lib_name, func_name);
+    // resolve eventual replacement DLLs
+    std::string lib_name_str = peconv::is_bad_read_ptr(lib_name, 1) ? "": lib_name;
+    std::map<std::string, std::string>::const_iterator itr2 = this->dll_replacements_map.find(lib_name_str);
+    if (itr2 != dll_replacements_map.end()) {
+        const std::string &name = itr2->second;
+#ifdef _DEBUG
+        std::cout << ">>>>>>Replacing DLL: " << lib_name_str << " by: " << name << std::endl;
+#endif
+        lib_name_str = name;
+    }
+    return peconv::default_func_resolver::resolve_func(lib_name_str.c_str(), func_name);
 }
 
 size_t peconv::redirect_to_local64(void *ptr, ULONGLONG new_offset, PatchBackup* backup)