C++ Detours 3.0 express on MVS 2012 error "identifier not found"

StackOverflow https://stackoverflow.com/questions/16013559

  •  04-04-2022
  •  | 
  •  

Pregunta

My compiler: Microsoft Visual Studio 2012.
My code is functional on detours 2.1 but I can't compile it with my compiler anymore (module unsafe for SAFESEH image.). I need to use an older compiler like MVS2005 but I'd rather not.

So I need to update my code and use detours 3.0.

Edited some stuff and got 4 errors.

error C3861: 'DetourFunction': identifier not found
error C3861: 'DetourFunction': identifier not found
error C3861: 'DetourRemove': identifier not found
error C3861: 'DetourRemove': identifier not found

This are the code blocks:

DetourFunction Error here

o_NtQuerySystemInformation = (t_NtQuerySystemInformation)DetourFunction((PBYTE)GetProcAddress(GetModuleHandle("ntdll.dll"), "NtQuerySystemInformation"), (PBYTE)My_NtQuerySystemInformation);
o_ZwOpenProcess = (t_ZwOpenProcess)DetourFunction((PBYTE)GetProcAddress(GetModuleHandle("ntdll.dll"), "ZwOpenProcess"), (PBYTE)My_ZwOpenProcess);

DetourRemove Error Here

    DetourRemove((PBYTE)o_NtQuerySystemInformation, (PBYTE)My_NtQuerySystemInformation);
    DetourRemove((PBYTE)o_ZwOpenProcess, (PBYTE)My_ZwOpenProcess);

UPDATE

So I tried to change it to DetourAttach and DetourDetach but I get a PBYTE to PVOID error.

¿Fue útil?

Solución

DetourFunction and DetourRemove have been replaced with DetourAttach and DetourDetach. Using them is not that hard, and the library comes with a set of samples where you could see how to use these APIs. Your code should look like this:

BOOL APIENTRY DllMain( HANDLE hModule, 
                      DWORD  ul_reason_for_call, 
                      LPVOID lpReserved
                      )
{
   if (ul_reason_for_call == DLL_PROCESS_ATTACH)
   {
      o_NtQuerySystemInformation = (t_NtQuerySystemInformation)DetourAttach(&(PVOID&)GetProcAddress(GetModuleHandle("ntdll.dll"), "NtQuerySystemInformation"), My_NtQuerySystemInformation);
      o_ZwOpenProcess = (t_ZwOpenProcess)DetourAttach(&(PVOID&)GetProcAddress(GetModuleHandle("ntdll.dll"), "ZwOpenProcess"), My_ZwOpenProcess);

      MyModuleHandle = (HMODULE)hModule;
      MyPid = GetCurrentProcessId();
   }
   if (ul_reason_for_call == DLL_PROCESS_DETACH)
   {
      DetourDetach(&(PVOID&)o_NtQuerySystemInformation, My_NtQuerySystemInformation);
      DetourDetach(&(PVOID&)o_ZwOpenProcess, My_ZwOpenProcess);
   }

   return TRUE;
}
Licenciado bajo: CC-BY-SA con atribución
No afiliado a StackOverflow
scroll top