Fast toggling of hooks

[bottiger1]

I'm looking for a new hooking library replacement and this one seems to suit my purposes except for 1 issue.

There doesn't seem to be a way to quickly toggle the hook on or off. So the only way seems to be completely destroying and recreating the hook which means new memory is allocated, and the prologue has to be disassembled and translated again which seems like a lot of overhead.

Would you be open to having a new member variable indicating whether the hook is on or not, and you could just replace the prologue with the hooked bytes or the original bytes?

[cursey]

I created PR #73 as a starting point for this feature request. Let me know if you have any suggestions.

[bottiger1]

Thanks for making this.

Is there any reason you decided to assemble the jump from scratch instead of saving the original detour and just copying over the bytes? I feel like it would be faster but I don't know for sure.

[cursey]

Assembling the jump is just filling out a struct on the stack and copying it over. The overhead is negligible compared to the syscalls needed to unprotect/reprotect the memory we write to (VirtualProtect/mprotect).

[bottiger1]

Oh ok. What do you think about adding a flag to disable protection on hook creation and not bothering to re-protect it afterwards?

[cursey]

Oh ok. What do you think about adding a flag to disable protection on hook creation and not bothering to re-protect it afterwards?

I have to think about this some more. This would bypass/undermine a lot of the safety mechanisms put in place and at first glance would be quite disruptive code-wise.

[bottiger1]

Ok never mind, I just realized there's probably no use to toggling hooks on and off that fast except for evading anti-cheat. For high performance purposes probably better just to leave the stuff hooked and toggle with a boolean.

I think we can close this issue. I've tested the branch a bit and it seems to be working without issues.