Detours Hook in external process for "empty" function does not work

Question

Im hooking functions in an external process via their function offset. That works well for the functions im hooking so far - however i have found a "debugLog(char...)" function that still exist in the binary but doesnt do any printing - it looks like this

debugMessage    proc near               ; 
            xor     eax, eax        ; Logical Exclusive OR
            retn                    ; Return Near from Procedure
debugMessage    endp

it is called like this

push    offset debugString ; "This is a debug message"...
call    debugMessage    ; Call Procedure

Now the debug message has obviously been disabled, i wanted to hook into this as i was able to simply hook into similar func(char..) in the binary already.

This is the code:

typedef void (__stdcall* DebugLog)(const char*);
DebugLog Real_DebugLog = (DebugLog)(0xCAFEBABE);

extern "C"
 {
 static void __stdcall Hook_DebugLog(const char*);
 }

void __stdcall Hook_DebugLog(const char* text) {
MessageBox(NULL, text, "MyDebugLog", MB_OK);
return Real_DebugLog(text);
}

// in dll main attach..
DetourTransactionBegin(); 
DetourUpdateThread(GetCurrentThread()); 
DetourAttach(&(PVOID&)Real_DebugLog, (PVOID)Hook_DebugLog); 

A similar approach works for all other functions i have so far hooked into this binary. I also made sure the debugMessage is even called with a debugger.

Any ideas why this hook is not working at all? Maybe because the function could have var args? i already tried with const char*,...).

Answer 1

A "detour" requires a minimum of 5 bytes to work (x86) - debugMessage is only 3 bytes.