Hi,
your injection routine "CInjectLibFunc32" used in "InjectLibraryPatchNt32" is populated with "struct InjectLib32", yet it is expecting a very different data format.
More is on screenshot taken from crashed app. "Red" is data format required by routine and "green" is actual data format. This bug was probably made because of fixing this viewtopic.php?f=7&t=27487 .
I have one more request... Please keep your "delphi comments" above those injection routines updated, so I can debug it faster.
Thank you.
PP
Injection routine bug
Re: Injection routine bug
Ouch, this looks bad. Thanks for the heads-up. It's kinda weird that in my tests the changes seemed to have worked fine. Will have to investigate that.
What exactly do you mean with updating those "delphi comments"? I'm not sure.
Edit: I guess I never tested *user mode* patching of not-yet-initialized processes after doing the other fix you linked to. <sigh>
What exactly do you mean with updating those "delphi comments"? I'm not sure.
Edit: I guess I never tested *user mode* patching of not-yet-initialized processes after doing the other fix you linked to. <sigh>
Re: Injection routine bug
About delphi comments:
I take it back. I have noticed later in log that you have updated those coments. I was confused about assembly in the screenshot and it was compiled "buf.pOldApi^ := buf.oldApi;" command.
Sorry.
PP
I take it back. I have noticed later in log that you have updated those coments. I was confused about assembly in the screenshot and it was compiled "buf.pOldApi^ := buf.oldApi;" command.
Sorry.
PP
Re: Injection routine bug
Here's a new build which should hopefully fix the issue. I've now modified the structures to be identical in driver and user land, so I can use the same injection binary code for both:
http://madshi.net/madCollectionBeta.exe (2.7.4.15)
Please let me know if the fix works for you - thanks!
http://madshi.net/madCollectionBeta.exe (2.7.4.15)
Please let me know if the fix works for you - thanks!