WoW API: securecall

Revision as of 23:02, 17 January 2007 by WoWWiki>N3rf
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

WoW API < securecall

This function allows you to call an another function (with the possibility to pass arguments to it) and restore secure status that was active before calling this aforementionned function.

That means that if the function that was called by securecall() was tainted by untrusted code (probably through hooking), and that prior the call the environment was secure, it'll remain secure after the call, thus not breaking protected functions calls.

This function has no particular effect if called from an unsecure (tainted) environment, as 'unsecure' state is restored after the call.

securecall(function[, ...])

Parameters

Arguments

function
The function to be called.

The following arguments are passed to it.

Return

nil

Example

function some_blizzard_func()
    -- Let's consider that when this function is called, we're in a secure environment, as it has been defined by Blizzard.

    -- Let's do a call to some_other_blizzard_func(), passing some arguments along the way.
    securecall(some_other_blizzard_func,"foo",20,"bar");
    -- <Stop reading this function's content and jump to some_other_blizzard_func() for further explanations>

    -- But! Thanks to securecall, secure status that was active before the call gets restored (in this case, 'secure'), and ...
    Jump();
    -- ...protected functions and such will still continue to work.
end

function some_other_blizzard_func(a,b,c)
    -- This is the function called by securecall().
    -- The function is secure, as it's defined by Blizzard, but...
end

-- Oh no ! Someone has hooked the function !
old_blizzard_func = some_other_blizzard_func;
function some_other_blizzard_func(a,b,c)
    -- some_other_blizzard_func has been redefined by a third-party person,
    -- thus is no longer Blizzard-defined, and thus unsecure.
    -- Calling it will break secure state, which is the case,
    -- so past this point the secure status has become 'unsecure'.
    old_blizzard_func(a,b,c);
    
    -- Jump();
    -- Issuing calls from now on to protected functions and such will display the forbidden action popup.

    -- <Now return to some_blizzard_func() and finish reading>
end

Secure status

  • some_blizzard_func() (enter point) : secure
  • When making the call to the hooked some_other_blizzard_func() : unsecure
  • When resuming the execution of some_blizzard_func() : secure again