Cross-platform x86 detours

[kantaki]

thanks

[Lowbird12]

Hello,
I have a problem using your detour class :s

Let me explain, I am working on a 64bit Windows 7, I am just trying to hook a function

0x425560 is the adress of the function i want to detour.

so I debug :

Code:

00000000`00425560 e9573d770c      jmp     00000000`0cb992bc // here is the jum to the trampoline

Code:

00000000`0cb992bc fd              std
00000000`0cb992bd fd              std
00000000`0cb992be fd              std
00000000`0cb992bf fd              std
00000000`0cb992c0 e9407e0aef      jmp     ffffffff`fbc41105 // <-  here is the problem (accses viloation of course)
00000000`0cb992c5 fe07            inc     byte ptr [rdi]
00000000`0cb992c7 0000            add     byte ptr [rax],al
00000000`0cb992c9 fd              std

look like the trampoline jmp to ffffffff`fbc41105 but it should jmp to my function at 000007fe`fbc41105 (inside my dll 000007fe`fbc40000 000007fe`fbc60000 )

the jos is done like this :

Code:

*reinterpret_cast<address_pointer_type>(trampoline_ + 1) = reinterpret_cast<address_type>(pDetour_) - reinterpret_cast<address_type>(trampoline_) - MOLOGIE_DETOURS_DETOUR_SIZE;

so I think it's because E9 is a relative jump of max 4Byte, is there a way to jump to a 6byte adresse like i need to ?

EDIT :

Code:

	                trampoline_ = new boost::uint8_t[MOLOGIE_DETOURS_DETOUR_SIZE];
			trampoline_[0] = 0x48;
			trampoline_[1] = 0xb8;
			*reinterpret_cast<PDWORD_PTR>(trampoline_ + 2) = reinterpret_cast<DWORD_PTR>(pDetour_);
			trampoline_[10] = 0xff;
			trampoline_[11] = 0xe0;