'ghost exceptions' fix - spoof hit detection needs to occur based on the demon event's reported exception address, rather than wherever the instruction pointer happens to be at the time of the exception

ryanfleury · ryanfleury · commit e82041e5dfe1 · 2025-01-07T11:04:34.000-08:00
diff --git a/src/ctrl/ctrl_core.c b/src/ctrl/ctrl_core.c
@@ -5331,7 +5331,7 @@ ctrl_thread__run(DMN_CtrlCtx *ctrl_ctx, CTRL_Msg *msg)
         if(spoof_mode &&
            dmn_handle_match(target_process.dmn_handle, event->process) &&
            dmn_handle_match(target_thread.dmn_handle, event->thread) &&
-           spoof.new_ip_value == event->instruction_pointer)
+           spoof.new_ip_value == event->address)
         {
           hit_spoof = 1;
           log_infof("hit_spoof\n");
diff --git a/src/raddbg/raddbg_core.c b/src/raddbg/raddbg_core.c
@@ -10933,6 +10933,7 @@ rd_stop_explanation_fstrs_from_ctrl_event(Arena *arena, CTRL_Event *event)
       if(thread != &ctrl_entity_nil)
       {
         dr_fancy_string_list_push_new(arena, &fstrs, rd_font_from_slot(RD_FontSlot_Icons), ui_top_font_size(), ui_top_palette()->text, rd_icon_kind_text_table[RD_IconKind_CircleFilled]);
+        dr_fancy_string_list_push_new(arena, &fstrs, ui_top_font(), ui_top_font_size(), ui_top_palette()->text, str8_lit("  "));
         dr_fancy_string_list_concat_in_place(&fstrs, &thread_fstrs);
         dr_fancy_string_list_push_new(arena, &fstrs, ui_top_font(), ui_top_font_size(), ui_top_palette()->text, str8_lit(" hit a breakpoint"));
       }
@@ -10948,6 +10949,7 @@ rd_stop_explanation_fstrs_from_ctrl_event(Arena *arena, CTRL_Event *event)
         {
           default:
           {
+            dr_fancy_string_list_push_new(arena, &fstrs, ui_top_font(), ui_top_font_size(), ui_top_palette()->text, str8_lit("  "));
             dr_fancy_string_list_concat_in_place(&fstrs, &thread_fstrs);
             dr_fancy_string_list_push_new(arena, &fstrs, ui_top_font(), ui_top_font_size(), ui_top_palette()->text, str8_lit(" hit an exception - "));
             String8 exception_code_string = str8_from_u64(arena, event->exception_code, 16, 0, 0);
@@ -10961,13 +10963,15 @@ rd_stop_explanation_fstrs_from_ctrl_event(Arena *arena, CTRL_Event *event)
           }break;
           case CTRL_ExceptionKind_CppThrow:
           {
+            dr_fancy_string_list_push_new(arena, &fstrs, ui_top_font(), ui_top_font_size(), ui_top_palette()->text, str8_lit("  "));
             dr_fancy_string_list_concat_in_place(&fstrs, &thread_fstrs);
             dr_fancy_string_list_push_new(arena, &fstrs, ui_top_font(), ui_top_font_size(), ui_top_palette()->text, str8_lit(" hit a C++ exception - "));
             String8 exception_code_string = str8_from_u64(arena, event->exception_code, 16, 0, 0);
             dr_fancy_string_list_push_new(arena, &fstrs, ui_top_font(), ui_top_font_size(), ui_top_palette()->text, exception_code_string);
           }break;
           case CTRL_ExceptionKind_MemoryRead:
           {
+            dr_fancy_string_list_push_new(arena, &fstrs, ui_top_font(), ui_top_font_size(), ui_top_palette()->text, str8_lit("  "));
             dr_fancy_string_list_concat_in_place(&fstrs, &thread_fstrs);
             dr_fancy_string_list_push_new(arena, &fstrs, ui_top_font(), ui_top_font_size(), ui_top_palette()->text, str8_lit(" hit an exception - "));
             String8 exception_code_string = str8_from_u64(arena, event->exception_code, 16, 0, 0);
@@ -10976,6 +10980,7 @@ rd_stop_explanation_fstrs_from_ctrl_event(Arena *arena, CTRL_Event *event)
           }break;
           case CTRL_ExceptionKind_MemoryWrite:
           {
+            dr_fancy_string_list_push_new(arena, &fstrs, ui_top_font(), ui_top_font_size(), ui_top_palette()->text, str8_lit("  "));
             dr_fancy_string_list_concat_in_place(&fstrs, &thread_fstrs);
             dr_fancy_string_list_push_new(arena, &fstrs, ui_top_font(), ui_top_font_size(), ui_top_palette()->text, str8_lit(" hit an exception - "));
             String8 exception_code_string = str8_from_u64(arena, event->exception_code, 16, 0, 0);
@@ -10984,6 +10989,7 @@ rd_stop_explanation_fstrs_from_ctrl_event(Arena *arena, CTRL_Event *event)
           }break;
           case CTRL_ExceptionKind_MemoryExecute:
           {
+            dr_fancy_string_list_push_new(arena, &fstrs, ui_top_font(), ui_top_font_size(), ui_top_palette()->text, str8_lit("  "));
             dr_fancy_string_list_concat_in_place(&fstrs, &thread_fstrs);
             dr_fancy_string_list_push_new(arena, &fstrs, ui_top_font(), ui_top_font_size(), ui_top_palette()->text, str8_lit(" hit an exception - "));
             String8 exception_code_string = str8_from_u64(arena, event->exception_code, 16, 0, 0);
@@ -11011,6 +11017,7 @@ rd_stop_explanation_fstrs_from_ctrl_event(Arena *arena, CTRL_Event *event)
     case CTRL_EventCause_InterruptedByTrap:
     {
       dr_fancy_string_list_push_new(arena, &fstrs, rd_font_from_slot(RD_FontSlot_Icons), ui_top_font_size(), ui_top_palette()->text, rd_icon_kind_text_table[RD_IconKind_WarningBig]);
+      dr_fancy_string_list_push_new(arena, &fstrs, ui_top_font(), ui_top_font_size(), ui_top_palette()->text, str8_lit("  "));
       dr_fancy_string_list_concat_in_place(&fstrs, &thread_fstrs);
       dr_fancy_string_list_push_new(arena, &fstrs, ui_top_font(), ui_top_font_size(), ui_top_palette()->text, str8_lit(" hit a trap"));
     }break;

Original file line number	Diff line number	Diff line change
`@@ -5331,7 +5331,7 @@ ctrl_thread__run(DMN_CtrlCtx ctrl_ctx, CTRL_Msg msg)`
`5331`	`5331`	`if(spoof_mode &&`
`5332`	`5332`	`dmn_handle_match(target_process.dmn_handle, event->process) &&`
`5333`	`5333`	`dmn_handle_match(target_thread.dmn_handle, event->thread) &&`
`5334`		`- spoof.new_ip_value == event->instruction_pointer)`
	`5334`	`+ spoof.new_ip_value == event->address)`
`5335`	`5335`	`{`
`5336`	`5336`	`hit_spoof = 1;`
`5337`	`5337`	`log_infof("hit_spoof\n");`