From 1f13ec96f5bcaebbb583db01ce97e135c0695890 Mon Sep 17 00:00:00 2001 From: ACh Sulfate Date: Tue, 23 Jan 2024 21:29:24 +0800 Subject: [PATCH] fix: revoke msg hook crash on 9.0.15.14875 --- app/src/main/cpp/ntkernel/NtRecallMsgHook.cc | 15 +++++++++++++-- app/src/main/cpp/qauxv_core/natives_utils.h | 4 +++- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/app/src/main/cpp/ntkernel/NtRecallMsgHook.cc b/app/src/main/cpp/ntkernel/NtRecallMsgHook.cc index dae35eb152..cad27f2375 100644 --- a/app/src/main/cpp/ntkernel/NtRecallMsgHook.cc +++ b/app/src/main/cpp/ntkernel/NtRecallMsgHook.cc @@ -55,6 +55,7 @@ uintptr_t gOffsetGetDecoderSp = 0; uintptr_t gOffsetForTmpRev5048 = 0; +NOINLINE uint64_t ThunkGetInt64Property(const void* thiz, int property) { // vtable // 4160. [[this+8]+0x58] @@ -64,6 +65,7 @@ uint64_t ThunkGetInt64Property(const void* thiz, int property) { return reinterpret_cast(func)(thisp8, property); } +NOINLINE uint32_t ThunkGetInt32Property(const void* thiz, int property) { // vtable // 4160. [[this+8]+0x38] @@ -73,6 +75,7 @@ uint32_t ThunkGetInt32Property(const void* thiz, int property) { return reinterpret_cast(func)(thisp8, property); } +NOINLINE std::string ThunkGetStringProperty(void* thiz, int property) { // vtable // 4160. [[this+8]+0x70] @@ -85,6 +88,7 @@ std::string ThunkGetStringProperty(void* thiz, int property) { template requires((std::is_same_v || std::is_integral_v || std::is_pointer_v) && ((std::is_integral_v || std::is_pointer_v) && ...)) +NOINLINE ReturnType vcall(void* thiz, ArgTypes... args) { // vtable // [[this+thizOff]+offsetVT] @@ -101,6 +105,7 @@ ReturnType vcall(void* thiz, ArgTypes... args) { template requires(((std::is_integral_v || std::is_pointer_v) && ...)) +NOINLINE void vcall_x8_v2(void* thiz, uintptr_t vtableOffset, uintptr_t thizOffset, void* x8, ArgTypes... args) { // vtable // [[this+thizOff]+offsetVT] @@ -413,10 +418,16 @@ bool InitInitNtKernelRecallMsgHook() { // first seen: first NT, QQ 8.9.63.11305 (4160) // last seen: QQ 8.9.93 (5028) gOffsetForTmpRev5048 = 0xe8; - } else if (versionCode >= 5048) { + } else if (versionCode >= 5048 && versionCode < 5588) { // first seen: QQ 8.9.96.13525 5048 - // last seen: (wait for update) + // last seen: QQ 9.0.15.1482? 5??? + // last seen 忘记了,反正也是个 9.0.15 内测版 gOffsetForTmpRev5048 = 0xf0; + } else if (versionCode >= 5588) { + // first seen: QQ 9.0.15.14875 5588 + // 不记得了,但 QQ 9.0.15.14875 5588 应该是第一个 offset 为 0x100 的版本 + // last seen: (wait for update) + gOffsetForTmpRev5048 = 0x100; } else { // error TraceErrorF(nullptr, gInstanceRevokeMsgHook, "InitInitNtKernelRecallMsgHook failed, versionCode not supported: {}", versionCode); diff --git a/app/src/main/cpp/qauxv_core/natives_utils.h b/app/src/main/cpp/qauxv_core/natives_utils.h index 291d828615..7b402b60ec 100644 --- a/app/src/main/cpp/qauxv_core/natives_utils.h +++ b/app/src/main/cpp/qauxv_core/natives_utils.h @@ -5,7 +5,9 @@ #include #define EXPORT __attribute__((visibility("default"))) -//#define null nullptr + +#define NOINLINE __attribute__((noinline)) + typedef unsigned char uchar; //Android is little endian, use pointer