Changing function return value in C++ (In runtime)

Question

i want to change the return value of an external function (in runtime) which is inside another dll which gets loaded when the program starts.

Pratical example of what i want to do:

Function inside the dll:

int numberOfMoney() {
   return 0;
}

My main program:

    HMODULE handle = LoadLibraryA("/myDll.dll");

    auto gotFunc = GetProcAddress(handle, "numberOfMoney");
    // making numberOfMoney returning 1000 ???

Does anyone knows how could i do it? Maybe without external libraries? Thanks!

Answer 1

You can alter a function or the return of a function at runtime through hooking. There's several different techniques of hooking a function. The most common is called hot patching which in x86 overwrites the first five bytes of a function with a relative jump instruction to the middleware function. The middleware function can then choose to return to the caller or a piece of code called the trampoline. The trampoline restores the original replaced code and jumps back to the original hot patched function+5 to prevent a non terminating loop.

There's also IAT hooking but that's more of hooking API calls who resolve their address through the import address table located in the headers of the executable file format.

VMT is another form of hooking in which a virtual method can be hooked due to its address being replaced in the virtual method table. Similar to IAT but each instance of an object points to the virtual method table.

Have a look at this book it's initially where I learnt about IAT and hot patching.