From b2a8171a2a69d991aa94120f1b19f1717a3da7fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ole=20Andr=C3=A9=20Vadla=20Ravn=C3=A5s?= Date: Tue, 19 Sep 2023 11:27:13 +0200 Subject: [PATCH] interceptor: Branch to trampoline using computed scratch register MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Instead of unconditionally using X16. In this way we may avoid clobbering a register that is used as input to the hooked target. Co-authored-by: Håvard Sørbø --- gum/backend-arm64/guminterceptor-arm64.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gum/backend-arm64/guminterceptor-arm64.c b/gum/backend-arm64/guminterceptor-arm64.c index fadf97922..f23879c69 100644 --- a/gum/backend-arm64/guminterceptor-arm64.c +++ b/gum/backend-arm64/guminterceptor-arm64.c @@ -950,12 +950,12 @@ _gum_interceptor_backend_activate_trampoline (GumInterceptorBackend * self, gum_arm64_writer_put_b_imm (aw, on_enter); break; case 8: - gum_arm64_writer_put_adrp_reg_address (aw, ARM64_REG_X16, on_enter); - gum_arm64_writer_put_br_reg_no_auth (aw, ARM64_REG_X16); + gum_arm64_writer_put_adrp_reg_address (aw, data->scratch_reg, on_enter); + gum_arm64_writer_put_br_reg_no_auth (aw, data->scratch_reg); break; case 16: - gum_arm64_writer_put_ldr_reg_address (aw, ARM64_REG_X16, on_enter); - gum_arm64_writer_put_br_reg (aw, ARM64_REG_X16); + gum_arm64_writer_put_ldr_reg_address (aw, data->scratch_reg, on_enter); + gum_arm64_writer_put_br_reg (aw, data->scratch_reg); break; default: g_assert_not_reached ();