assembly - Relative near jump in MSVC inline asm (need to hook) -

assembly - Relative near jump in MSVC inline asm (need to hook) -

as exercise, i'm hooking function in application i'm reversing. i'm trying implement technique that's pretty similar trampoline jumps. assuming address want hook src:

replace 5 bytes @ src jmp myfunc replicate functionality of lost (overwritten) 5 bytes @ origin of myfunc do own stuff jmp src+5

i'm having problem doing lastly thing - returning command src+5. in case, address (src) 0x420cae, , i'm doing:

//virtual protect stuff *(byte*)0x0420cae = 0xe9; *(dword*)(0x0420cae + 1) = ((dword)hooked - (dword)0x0420cae - 5); //restore protect

this works fine, command passed function (hooked). looks like:

void __declspec(naked) hooked() { __asm{ lea eax, [esp+0x1c] force ebp }//stolen bytes __asm pushad ;in case puts messes registers puts("i'm inside."); __asm popad __asm jmp (0x420cb3 - $ - 5) }

as lastly instruction - think that's should be: want jump 0x420cb3, subtract current address, 5 (size of jmp). msvc, however, complains:

error 1 error c2425: '-' : non-constant look in 'first operand'

if i, however, in reverse order ($ - 0x420cb3) there's no problem. don't understand why.

haha, turns out i've confused direct byte-editing actual assembly. it's plenty write __asm jmp 0x420cb3, assembler take care of that.

assembly hook jmp