On Wed Feb 19 18:41:32 2025 +0000, Jacek Caban wrote:
I still hope we can simplify this. After giving it more thought, since relay behavior is ours to define, I don’t see an issue with adjusting it for dynamic resolution. Arguably, it makes sense to honor the importer in the is_dynamic case. I’d suggest dropping this change and simply accepting that the relay behavior changes in a later commit.
That would render relay useless.
The direct consequence is that we have no way to ignore calls coming direct from `kernel32`, without also losing the ability to trace `GetProcAddress( hKernel32, "<procname>" )` calls (which is a very common pattern ranging from OS version compatibility to hidden anticheat imports).
Maybe we could implement RelayFromExclude in a better way, like checking the return address, but for the time being I don't think we should break an existing functionality too much.
(Because, if relay/snoop is not used at all, perhaps we should drop it entirely.)