Tannin
July 26th, 2006, 06:02 AM
Hi,
I think I have a small understanding problem about how parameters are cleaned from the stack in a windows dll.
It was my understanding that:
In Pascal, Basic, ... parameters are pushed on the stack from left to right and the function itself cleans the stack
In C/C++, parameters are pushed on the stack from right to left and the caller cleans the stack.
In a Windows DLL, parameters are pushed from right to left, and the function cleans the stack.
Now, I'm writing a DLL (in C) for API hooking and after injecting this dll into a target application, the dll replaces the target functions with a JMP to my replacement-function (which of course takes the same parameters as the original).
This works more or less, but after a replacement-function returns, the parameters are still on the stack, as usual with C/C++ although the functions are dll-exports.
Did I miss something? What am I doing wrong?
Thanks in advance
I think I have a small understanding problem about how parameters are cleaned from the stack in a windows dll.
It was my understanding that:
In Pascal, Basic, ... parameters are pushed on the stack from left to right and the function itself cleans the stack
In C/C++, parameters are pushed on the stack from right to left and the caller cleans the stack.
In a Windows DLL, parameters are pushed from right to left, and the function cleans the stack.
Now, I'm writing a DLL (in C) for API hooking and after injecting this dll into a target application, the dll replaces the target functions with a JMP to my replacement-function (which of course takes the same parameters as the original).
This works more or less, but after a replacement-function returns, the parameters are still on the stack, as usual with C/C++ although the functions are dll-exports.
Did I miss something? What am I doing wrong?
Thanks in advance