Access violation #2
Description
it seems that not perfect for win32 inline hook by pass zero to edx,like this
// ; release : 1.6 - 02-23-09 - thanks to Zool@nder for bugfix on 'pop ds'
// ; release : 1.5 - 01-14-09
// ; release : 1.4 - 09-02-08
// ; thanks to Av0id , cyberbob and lena151 for their remarks and advices
// ;
// ; Syntax to disassemble 32 bits target:
// ; mov edx, 0
// ; mov rcx, Address2Disasm
// ; call LDE
// ;
// ; Syntax to disassemble 64 bits target:
// ; mov edx, 64
// ; mov rcx, Address2Disasm
// ; call LDE
ULONG GetPatchSize(PUCHAR Address)
{
ULONG LenCount = 0, Len = 0;
while (LenCount <= 14) //at least 15 bytes
{
#ifdef _WIN64
Len = LDE(Address, 64);
#else
Len = LDE(Address, 0);
#endif
Address = Address + Len;
LenCount = LenCount + Len;
}
return LenCount;
}