From 867d96156daa8f5550fbaaaa70ebda419fba1093 Mon Sep 17 00:00:00 2001
From: zhwu2697 <zhwu2697@uni.sydney.edu.au>
Date: Fri, 4 Jun 2021 15:44:19 +1000
Subject: [PATCH] fixed enum bug + wrong ret addrr

---
 src/dumper/dumper.cpp | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/dumper/dumper.cpp b/src/dumper/dumper.cpp
index 0163cdc..328bee7 100644
--- a/src/dumper/dumper.cpp
+++ b/src/dumper/dumper.cpp
@@ -8,7 +8,7 @@
 // RegDeleteKeyW [done]
 // RegSetValueExW [done]
 // RegCreateKeyExW [done]
-// RegConnectRegistryW 
+// RegConnectRegistryW [done]
 // RegEnumKeyExW
 // RegCloseKey
 // RegQueryValueExW
@@ -81,8 +81,15 @@ namespace RegHooks
     LPDWORD lpcbData
   )
   {
-    std::cout << "[RegEnumValueW]" << std::endl;
-    std::cout << "lpValueName: " << wide_to_string(lpValueName).c_str() << std::endl;
+    // there is a bug with a ridiculously large string we want to skip if we see it
+    //
+    auto converted = wide_to_string(lpValueName);
+
+    if (converted.size() < MAX_PATH)
+    {
+      std::cout << "[RegEnumValueW]" << std::endl;
+      std::cout << "lpValueName: " << converted.c_str() << std::endl;
+    }
 
     return (reinterpret_cast<regenumvaluew_t>(regenumvaluew_addr))
       (hKey, dwIndex, lpValueName, lpcchValueName, lpReserved, lpType, lpData, lpcbData);
@@ -165,7 +172,7 @@ namespace RegHooks
     std::cout << "lpSubKey: " << wide_to_string(lpSubKey).c_str() << std::endl;
     std::cout << "lpClass: " << wide_to_string(lpClass).c_str() << std::endl;
 
-    return (reinterpret_cast<RegCreateKeyExW_t>(regsetvalue_addr))
+    return (reinterpret_cast<RegCreateKeyExW_t>(RegCreateKeyExW_addr))
       (hKey, lpSubKey, Reserved, lpClass, dwOptions, samDesired, lpSecurityAttributes, phkResult, lpdwDisposition);
   }