Hi Qi,

First of all, good job on the code hooking library.

This is the function that i want to monitor.

Function       : static, [000AAFB0][0001:000A9FB0], len = 0000004E, public: virtual __thiscall CTraceAttackState::~CTraceAttackState(void)
                 Function attribute:
                 Function info:
FuncDebugStart :   static, [000AAFC9][0001:000A9FC9]
FuncDebugEnd   :   static, [000AAFEF][0001:000A9FEF]
Data           :   enregistered edx, Object Ptr, Type: class CTraceAttackState * const, this


I have successfully inject my dll into the target process and hooking to global functions are working well. This is what i have done. However, when i tried to hook to this object method, the target process crashed whenever it runs this method. This is what i do.

  GCodeHookHelper.SetCallingConvention(HCC_CDECL, HCC_REGISTER);
  GCodeHookHelper.HookWithObjectMethod(nil, Self, pointer(TargetAddr), AHook, 0, 0);

The Target Object is stored in the register edx (as per the description above). Kindly advise.

Hello cccheng,

The crash is really expected because your target function calling convention is thiscall, which is not supported by current CodeHook.
See the help file, FAQ, "When I hook a class member function, why I always get crash? "

thiscall is a special calling convention that used in VC++. It pass "this" pointer in ECX, and pass other arguments same as cdecl.

Current solution to hook thiscall function is to use Raw Mode hook, don't use advanced mode.
Under Raw Mode, your hook function should store "this" pointer from ECX to a local variable, then pass "this" and other arguments to your Delphi function.

It needs some knowledge of Assembly language and calling convention.

I hope I can write some example in this weekend if I have time, and seems it's time for me to start supporting thiscall in CodeHook.

Hi Qi,

Thanks for the quick reply. In fact, i have done it with RawHook. I was thinking & hoping the advanced hooking method was working and thought i had done something wrong with the coding.

Anyway, to share with you, I have done it with the Raw Hooking and it's working fine by storing the ECX into a local variable. Just to share with you, cdecl doesnt work properly in my case. I have to use stdcall as cdecl produces ret while stdcall produces ret n (to clear the stack). cdecl will cause the target process to crash.

p/s: once again, great code hooking library.

Congratulations that you have got the problem fixed, cccheng

solved the problem

Good job,thanks for the info.