Log in

View Full Version : How to patch subroutine calls ?


Mr. Smith
December 25th, 2000, 17:54
Hi everybody,

I have a target where I have to NOP an internal subroutine call (i.e. call 401522). But how can I patch this call within the file on disk ? I mean the bytes on disk are different from the bytes in memory (because the actual bytes are calculated during load time), so putting nops in the file doesn´t work. Furthermore this routine takes no parameters on the stack, so I have no spare space to insert a jmp before the call and I cannot manipulate the subroutine itself because it is called and needed from other parts of the program.

Any ideas ?

Mr. Smith

Anticode
December 25th, 2000, 18:42
one solution is not to patch the subroutine call but patch the subroutine itself and put a ret instruction at 401522. you get the same effect.

IcyDee
January 7th, 2001, 18:12
When you don't have enough room, replace some of the code before the call to jump to another address where there is room to insert some code. At the new address put in the code that was lost by the jump, then jump back to the address after the call. Voila.