Retrieving overriden function address with madMAPFile

delphi package - automated exception handling

Retrieving overriden function address with madMAPFile

Postby obones » Thu Aug 23, 2018 9:46 am

Hello,

I'm doing something a bit tricky here with a running exe which I know has its MAP file embedded by madExcept.
I'm calling methods whose address I have found thanks to madMAPFile, this way:

Code: Select all
SomeMethodPtr := GetMapFileAddress(GetModuleName(0), 'SomeUnit', 'TSomeClass.SomeMethod');


Then I call it this way:

Code: Select all
SomeMethodPtr(ObjectAddress, Param1, Param2, Param3);


I have spared you all the gruesome details for getting the object address, but all in all, it works just fine.
However, if SomeMethod is virtual and the object is an instance of a derived class that overrides SomeMethod, then only the "root" method is called, not the derived one.
This is completely expected because I'm only ever retrieving the address of the base class method and not doing any VMT walkthrough.

Fortunately for me, in my case, there are only a few classes derived from TSomeClass, I know them in advance and know if they have overridden SomeMethod. So I can call GetClassName and find the appropriate entry point to call.

But if as I'm trying to be "future proof", I'm wondering if there was a way to "walk the VMT" of the given object to find the effective address.
Would you have any suggestions?
obones
 
Posts: 51
Joined: Fri May 15, 2009 11:47 am

Re: Retrieving overriden function address with madMAPFile

Postby madshi » Thu Aug 23, 2018 10:52 am

I don't know, never tried that. Maybe madExcept.IsValidObject gives you some hints about how to parse an object/class in a low-level way?
madshi
Site Admin
 
Posts: 9774
Joined: Sun Mar 21, 2004 5:25 pm

Re: Retrieving overriden function address with madMAPFile

Postby obones » Thu Aug 23, 2018 3:05 pm

Thanks, that would help indeed.
I know the VMT is in a data section of the exe, but I'm wondering if I can infer its location from some data in the MAP file.
Ah well, too much knots in the brain for too little benefit.
obones
 
Posts: 51
Joined: Fri May 15, 2009 11:47 am

Re: Retrieving overriden function address with madMAPFile

Postby madshi » Thu Aug 23, 2018 3:48 pm

madExcept only stores function and method names and line numbers in the resource section. Everything else in the MAP files is discarded. But I don't think there's any VMT information in there, anyway.
madshi
Site Admin
 
Posts: 9774
Joined: Sun Mar 21, 2004 5:25 pm


Return to madExcept

Who is online

Users browsing this forum: No registered users and 2 guests