From 18229043fa85bdf96a9d829c1e61d0f524a1966a Mon Sep 17 00:00:00 2001
From: vaxerski <43317083+vaxerski@users.noreply.github.com>
Date: Mon, 27 Feb 2023 19:47:42 +0000
Subject: [PATCH] Remove useless rax preserve across callq

---
 src/plugins/HookSystem.cpp | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/plugins/HookSystem.cpp b/src/plugins/HookSystem.cpp
index ce53d653..afae69a4 100644
--- a/src/plugins/HookSystem.cpp
+++ b/src/plugins/HookSystem.cpp
@@ -82,15 +82,13 @@ bool CFunctionHook::hook() {
     // nop
     static constexpr uint8_t NOP = 0x90;
     /*
-        pushq %rax
         movabs $0,%rax
         callq *%rax
-        popq %rax
 
         offset for addr: 3
     */
-    static constexpr uint8_t CALL_WITH_RAX[]              = {0x50, 0x48, 0xB8, 0xEF, 0xBE, 0xAD, 0xDE, 0x00, 0x00, 0x00, 0x00, 0xFF, 0x10, 0x58};
-    static constexpr size_t  CALL_WITH_RAX_ADDRESS_OFFSET = 3;
+    static constexpr uint8_t CALL_WITH_RAX[]              = {0x48, 0xB8, 0xEF, 0xBE, 0xAD, 0xDE, 0x00, 0x00, 0x00, 0x00, 0xFF, 0x10};
+    static constexpr size_t  CALL_WITH_RAX_ADDRESS_OFFSET = 2;
 
     // get minimum size to overwrite
     const auto HOOKSIZE = probeMinimumJumpSize(m_pSource, sizeof(ABSOLUTE_JMP_ADDRESS) + sizeof(PUSH_RAX) + sizeof(POP_RAX));