Linux x64 hook failed

If the distance between original code and the trampoline is bigger than 32 bytes, the hook will failed. That would be so nice if anyone could tell me how to fix it.

It should be possible to achieve this with SUBHOOK_OPTION_64BIT_OFFSET, when that option is used subhook puts a fat jump into the target address that uses 64-bit offset (via push + ret), e.g.

subhook_t foo_hook_tr = subhook_new((void *)foo,
                                    (void *)foo_hooked,
                                    SUBHOOK_OPTION_64BIT_OFFSET);

subhook/subhook_x86.c

Lines 302 to 311 in 816c88c

    
           struct subhook_jmp64 *jmp = (struct subhook_jmp64 *)src; 
        
           jmp->push_opcode = PUSH_OPCODE; 
        
           jmp->push_addr = (uint32_t)(uintptr_t)dst; /* truncate */ 
        
           jmp->mov_opcode = MOV_OPCODE; 
        
           jmp->mov_modrm = MOV_MODRM_BYTE; 
        
           jmp->mov_sib = MOV_SIB_BYTE; 
        
           jmp->mov_offset = MOV_OFFSET; 
        
           jmp->mov_addr = (uint32_t)(((uintptr_t)dst) >> 32); 
        
           jmp->ret_opcode = RET_OPCODE;

	struct subhook_jmp64 jmp = (struct subhook_jmp64 )src;

	jmp->push_opcode = PUSH_OPCODE;
	jmp->push_addr = (uint32_t)(uintptr_t)dst; /* truncate */
	jmp->mov_opcode = MOV_OPCODE;
	jmp->mov_modrm = MOV_MODRM_BYTE;
	jmp->mov_sib = MOV_SIB_BYTE;
	jmp->mov_offset = MOV_OFFSET;
	jmp->mov_addr = (uint32_t)(((uintptr_t)dst) >> 32);
	jmp->ret_opcode = RET_OPCODE;