ENHANCED HOOK FUNCTION FOR USE WITH DIFFERENT VERSIONS OF A DYNAMICALLY LOADED LIBRARY

摘要

A hooking system for hooking predetermined references to predetermined dynamically loaded library (DLL) functions includes a DLL version identifier provided by a hook entry code to an enhanced hook. The hook entry code is dynamically generated during runtime of an affected software application. The version identifier enables unambiguous communication of a single enhanced hook with functions of multiple versions of identically named DLLs loaded into the same isolated process memory area.

主权项

1. A method, comprising:
identifying a reference that references a version of a function, the version of the function belonging to a version of a dynamically loaded library (DLL) from a plurality of versions of the DLL loaded into a memory area; dynamically generating a hook-entry code associated with the version of the function; and replacing the reference with the hook-entry code, wherein execution of the hook-entry code is configured to provide a version identifier in response to receiving a return address associated with the reference, the version identifier being configured to uniquely identify the version of the DLL.