Update SlimDetours to the following custom version:

Commit:
https://github.com/KNSoft/KNSoft.SlimDetours/tree/4cc236ae98ef10788da7a2b08aaf3bf660281bca

PRs:
KNSoft/KNSoft.SlimDetours#8
KNSoft/KNSoft.SlimDetours#9
KNSoft/KNSoft.SlimDetours#10
KNSoft/KNSoft.SlimDetours#11

Author: m417z

SlimDetours/Instruction.c

@@ -85,15 +85,14 @@ detour_is_imported(
     /* Step forward to IMAGE_OPTIONAL_HEADER and check magic */
     _STATIC_ASSERT(UFIELD_OFFSET(IMAGE_OPTIONAL_HEADER, Magic) == 0);
     wNtMagic = pNtHeader->OptionalHeader.Magic;
-    if ((wNtMagic != IMAGE_NT_OPTIONAL_HDR64_MAGIC ||
-         pNtHeader->FileHeader.SizeOfOptionalHeader != sizeof(IMAGE_OPTIONAL_HEADER64)) &&
-        (wNtMagic != IMAGE_NT_OPTIONAL_HDR32_MAGIC ||
-         pNtHeader->FileHeader.SizeOfOptionalHeader != sizeof(IMAGE_OPTIONAL_HEADER32)))
+    if (wNtMagic != IMAGE_NT_OPTIONAL_HDR_MAGIC ||
+        pNtHeader->FileHeader.SizeOfOptionalHeader != sizeof(IMAGE_OPTIONAL_HEADER))
     {
         return FALSE;
     }
 
-    if (pbAddress < Add2Ptr(mbi.AllocationBase,
+    if (pNtHeader->OptionalHeader.NumberOfRvaAndSizes <= IMAGE_DIRECTORY_ENTRY_IAT ||
+        pbAddress < Add2Ptr(mbi.AllocationBase,
                             pNtHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IAT].VirtualAddress) ||
         pbAddress >= Add2Ptr(mbi.AllocationBase,
                              pNtHeader->OptionalHeader
@@ -121,6 +120,20 @@ detour_gen_jmp_immediate(
     return pbCode + sizeof(INT32);
 }
 
+BOOL
+detour_is_jmp_immediate_to(
+    _In_ PBYTE pbCode,
+    _In_ PBYTE pbJmpVal)
+{
+    PBYTE pbJmpSrc = pbCode + 5;
+    if (*pbCode++ != 0xe9)   // jmp +imm32
+    {
+        return FALSE;
+    }
+    INT32 offset = *((INT32*)pbCode);
+    return offset == (INT32)(pbJmpVal - pbJmpSrc);
+}
+
 _Ret_notnull_
 PBYTE
 detour_gen_jmp_indirect(
@@ -140,6 +153,30 @@ detour_gen_jmp_indirect(
     return pbCode + sizeof(INT32);
 }
 
+BOOL
+detour_is_jmp_indirect_to(
+    _In_ PBYTE pbCode,
+    _In_ PBYTE* ppbJmpVal)
+{
+#if defined(_AMD64_)
+    PBYTE pbJmpSrc = pbCode + 6;
+#endif
+    if (*pbCode++ != 0xff)   // jmp [+imm32]
+    {
+        return FALSE;
+    }
+    if (*pbCode++ != 0x25)
+    {
+        return FALSE;
+    }
+    INT32 offset = *((INT32*)pbCode);
+#if defined(_AMD64_)
+    return offset == (INT32)((PBYTE)ppbJmpVal - pbJmpSrc);
+#else
+    return offset == (INT32)((PBYTE)ppbJmpVal);
+#endif
+}
+
 _Ret_notnull_
 PBYTE
 detour_gen_brk(
@@ -489,6 +526,37 @@ detour_gen_jmp_indirect(
     return pbCode;
 }
 
+BOOL
+detour_is_jmp_indirect_to(
+    _In_ PBYTE pbCode,
+    _In_ PULONG64 pbJmpVal)
+{
+    const struct ARM64_INDIRECT_JMP* pIndJmp;
+    union ARM64_INDIRECT_IMM jmpIndAddr;
+
+    jmpIndAddr.value = (((LONG64)pbJmpVal) & 0xFFFFFFFFFFFFF000) -
+        (((LONG64)pbCode) & 0xFFFFFFFFFFFFF000);
+
+    pIndJmp = (const struct ARM64_INDIRECT_JMP*)pbCode;
+
+    return pIndJmp->ardp.Rd == 17 &&
+        pIndJmp->ardp.immhi == (ULONG)jmpIndAddr.adrp_immhi &&
+        pIndJmp->ardp.iop == 0x10 &&
+        pIndJmp->ardp.immlo == (ULONG)jmpIndAddr.adrp_immlo &&
+        pIndJmp->ardp.op == 1 &&
+
+        pIndJmp->ldr.Rt == 17 &&
+        pIndJmp->ldr.Rn == 17 &&
+        pIndJmp->ldr.imm == (((ULONG64)pbJmpVal) & 0xFFF) / 8 &&
+        pIndJmp->ldr.opc == 1 &&
+        pIndJmp->ldr.iop1 == 1 &&
+        pIndJmp->ldr.V == 0 &&
+        pIndJmp->ldr.iop2 == 7 &&
+        pIndJmp->ldr.size == 3 &&
+
+        pIndJmp->br == 0xD61F0220;
+}
+
 _Ret_notnull_
 PBYTE
 detour_gen_jmp_immediate(

SlimDetours/Memory.c

@@ -123,13 +123,34 @@ detour_memory_alloc(
     return RtlAllocateHeap(_detour_memory_heap, 0, Size);
 }
 
+_Must_inspect_result_
+_Ret_maybenull_
+_Post_writable_byte_size_(Size)
+PVOID
+detour_memory_realloc(
+    _Frees_ptr_opt_ PVOID BaseAddress,
+    _In_ SIZE_T Size)
+{
+    return RtlReAllocateHeap(_detour_memory_heap, 0, BaseAddress, Size);
+}
+
 BOOL
 detour_memory_free(
     _Frees_ptr_ PVOID BaseAddress)
 {
     return RtlFreeHeap(_detour_memory_heap, 0, BaseAddress);
 }
 
+VOID
+detour_memory_uninitialize(VOID)
+{
+    if (_detour_memory_heap != NULL)
+    {
+        RtlDestroyHeap(_detour_memory_heap);
+        _detour_memory_heap = NULL;
+    }
+}
+
 BOOL
 detour_memory_is_system_reserved(
     _In_ PVOID Address)

SlimDetours/SlimDetours.h

@@ -31,6 +31,19 @@ HRESULT
 NTAPI
 SlimDetoursTransactionBegin(VOID);
 
+typedef struct _DETOUR_TRANSACTION_OPTIONS
+{
+    ULONG cbSize;
+    BOOL fSuspendThreads;
+} DETOUR_TRANSACTION_OPTIONS, *PDETOUR_TRANSACTION_OPTIONS;
+
+typedef const DETOUR_TRANSACTION_OPTIONS* PCDETOUR_TRANSACTION_OPTIONS;
+
+HRESULT
+NTAPI
+SlimDetoursTransactionBeginEx(
+    _In_ PCDETOUR_TRANSACTION_OPTIONS pOptions);
+
 HRESULT
 NTAPI
 SlimDetoursTransactionAbort(VOID);
@@ -64,6 +77,10 @@ SlimDetoursCopyInstruction(
     _Out_opt_ PVOID* ppTarget,
     _Out_opt_ LONG* plExtra);
 
+HRESULT
+NTAPI
+SlimDetoursUninitialize(VOID);
+
 /* Inline Hook, base on Detours */
 
 /// <summary>

SlimDetours/SlimDetours.inl

@@ -87,13 +87,13 @@ typedef struct _DETOUR_TRAMPOLINE
     DETOUR_ALIGN    rAlign[8];          // instruction alignment array.
     PBYTE           pbRemain;           // first instruction after moved code. [free list]
     PBYTE           pbDetour;           // first instruction of detour function.
-#if defined(_AMD64_)
+#if defined(_X86_) || defined(_AMD64_)
     BYTE            rbCodeIn[8];        // jmp [pbDetour]
 #endif
 } DETOUR_TRAMPOLINE, *PDETOUR_TRAMPOLINE;
 
 #if defined(_X86_)
-_STATIC_ASSERT(sizeof(DETOUR_TRAMPOLINE) == 72);
+_STATIC_ASSERT(sizeof(DETOUR_TRAMPOLINE) == 80);
 #elif defined(_AMD64_)
 _STATIC_ASSERT(sizeof(DETOUR_TRAMPOLINE) == 96);
 #elif defined(_ARM64_)
@@ -105,7 +105,8 @@ typedef struct _DETOUR_OPERATION DETOUR_OPERATION, *PDETOUR_OPERATION;
 struct _DETOUR_OPERATION
 {
     PDETOUR_OPERATION pNext;
-    BOOL fIsRemove;
+    BOOL fIsAdd : 1;
+    BOOL fIsRemove : 1;
     PBYTE* ppbPointer;
     PBYTE pbTarget;
     PDETOUR_TRAMPOLINE pTrampoline;
@@ -121,10 +122,21 @@ PVOID
 detour_memory_alloc(
     _In_ SIZE_T Size);
 
+_Must_inspect_result_
+_Ret_maybenull_
+_Post_writable_byte_size_(Size)
+PVOID
+detour_memory_realloc(
+    _Frees_ptr_opt_ PVOID BaseAddress,
+    _In_ SIZE_T Size);
+
 BOOL
 detour_memory_free(
     _Frees_ptr_ PVOID BaseAddress);
 
+VOID
+detour_memory_uninitialize(VOID);
+
 BOOL
 detour_memory_is_system_reserved(
     _In_ PVOID Address);
@@ -158,12 +170,22 @@ detour_gen_jmp_immediate(
     _In_ PBYTE pbCode,
     _In_ PBYTE pbJmpVal);
 
+BOOL
+detour_is_jmp_immediate_to(
+    _In_ PBYTE pbCode,
+    _In_ PBYTE pbJmpVal);
+
 _Ret_notnull_
 PBYTE
 detour_gen_jmp_indirect(
     _In_ PBYTE pbCode,
     _In_ PBYTE* ppbJmpVal);
 
+BOOL
+detour_is_jmp_indirect_to(
+    _In_ PBYTE pbCode,
+    _In_ PBYTE* ppbJmpVal);
+
 #elif defined(_ARM64_)
 
 _Ret_notnull_
@@ -179,6 +201,11 @@ detour_gen_jmp_indirect(
     _In_ PBYTE pbCode,
     _In_ PULONG64 pbJmpVal);
 
+BOOL
+detour_is_jmp_indirect_to(
+    _In_ PBYTE pbCode,
+    _In_ PULONG64 pbJmpVal);
+
 #endif
 
 _Ret_notnull_