https://stackoverflow.com/questions/18366584
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianProblem solved - I forgot to add WINAPI to my functions. Headers must look like this: int WINAPI myDrawTextW(HDC, LPCTSTR, int, LPRECT, UINT);
Application crashes when using hooked functions
-
26-06-2022 - |
Pregunta
I've been trying to hook a few winapi functions, e.g. DrawText, TextOut, ExtTextOut using detours. In case of injecting my dll into windows calculator the hooked functions are working fine until i press a button on the calculator, which then causes a crash. Injecting my dll into other processes causes similar behaviour. All hooks are working fine until i trigger certain actions like opening the new file dialog in notepad.
I've tested my dll on 32 and 64 bit windows 7 systems, both shows the same behaviour.
Any ideas on what could be causing the problem?
My dll:
main.cpp
#include <Windows.h>
#include <detours.h>
#include "hookedFunctions.h"
BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved )
{
switch (ul_reason_for_call){
case DLL_PROCESS_ATTACH:
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)pDrawTextW, myDrawTextW);
DetourAttach(&(PVOID&)pDrawTextA, myDrawTextA);
DetourAttach(&(PVOID&)pExtTextOutW, myExtTextOutW);
DetourAttach(&(PVOID&)pExtTextOutA, myExtTextOutA);
DetourAttach(&(PVOID&)pTextOutW, myTextOutW);
DetourAttach(&(PVOID&)pTextOutA, myTextOutA);
DetourAttach(&(PVOID&)myPolyTextOutW, myPolyTextOutW);
DetourAttach(&(PVOID&)myPolyTextOutA, myPolyTextOutA);
if(DetourTransactionCommit() == NO_ERROR)
OutputDebugStringA("Detoured successfully");
break;
case DLL_PROCESS_DETACH:
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)pDrawTextW, myDrawTextW);
DetourDetach(&(PVOID&)pDrawTextA, myDrawTextA);
DetourDetach(&(PVOID&)pExtTextOutW, myExtTextOutW);
DetourDetach(&(PVOID&)pExtTextOutA, myExtTextOutA);
DetourDetach(&(PVOID&)pTextOutW, myTextOutW);
DetourDetach(&(PVOID&)pTextOutA, myTextOutA);
DetourDetach(&(PVOID&)myPolyTextOutW, myPolyTextOutW);
DetourDetach(&(PVOID&)myPolyTextOutA, myPolyTextOutA);
if(DetourTransactionCommit() == NO_ERROR)
OutputDebugStringA("Detoured successfully");
break;
}
return TRUE;
}
hookedFunctions.h
#pragma once
#include <Windows.h>
// Declare function pointers to original Windows API functions
extern int (WINAPI *pDrawTextW)(HDC, LPCTSTR, int, LPRECT, UINT);
extern int (WINAPI *pDrawTextA)(HDC, LPCSTR, int, LPRECT, UINT);
extern BOOL (WINAPI *pTextOutW)(HDC, int, int, LPCTSTR, int);
extern BOOL (WINAPI *pTextOutA)(HDC, int, int, LPCSTR, int);
extern BOOL (WINAPI *pExtTextOutW)(HDC, int, int, UINT, const RECT*, LPCTSTR, UINT, const INT*);
extern BOOL (WINAPI *pExtTextOutA)(HDC, int, int, UINT, const RECT*, LPCSTR, UINT, const INT*);
extern BOOL (WINAPI *pPolyTextOutW)(HDC, const POLYTEXTW* , int);
extern BOOL (WINAPI *pPolyTextOutA)(HDC, const POLYTEXTA* , int);
// Declare our custom functions which are used to override the original Windows API functions
int myDrawTextW(HDC, LPCTSTR, int, LPRECT, UINT);
int myDrawTextA(HDC, LPCSTR, int, LPRECT, UINT);
BOOL myTextOutW(HDC, int, int, LPCTSTR, int);
BOOL myTextOutA(HDC, int, int, LPCSTR, int);
BOOL myExtTextOutW(HDC, int, int, UINT, const RECT*, LPCTSTR , UINT, const INT*);
BOOL myExtTextOutA(HDC, int, int, UINT, const RECT*, LPCSTR , UINT, const INT*);
BOOL myPolyTextOutW(HDC, const POLYTEXTW*, int);
BOOL myPolyTextOutA(HDC, const POLYTEXTA*, int);
hookedFunctions.cpp
#include "hookedFunctions.h"
// Create and initialize function pointers to original Windows API functions
int (WINAPI *pDrawTextW)(HDC, LPCTSTR, int, LPRECT, UINT) = DrawTextW;
int (WINAPI *pDrawTextA)(HDC, LPCSTR, int, LPRECT, UINT) = DrawTextA;
BOOL (WINAPI *pTextOutW)( HDC, int, int, LPCTSTR, int) = TextOutW;
BOOL (WINAPI *pTextOutA)(HDC, int, int, LPCSTR, int) = TextOutA;
BOOL (WINAPI *pExtTextOutW)(HDC, int, int, UINT, const RECT*, LPCTSTR, UINT, const INT*) = ExtTextOutW;
BOOL (WINAPI *pExtTextOutA)(HDC, int, int, UINT, const RECT*, LPCSTR, UINT, const INT*) = ExtTextOutA;
BOOL (WINAPI *pPolyTextOutW)(HDC, const POLYTEXTW* , int) = PolyTextOutW;
BOOL (WINAPI *pPolyTextOutA)(HDC, const POLYTEXTA* , int) = PolyTextOutA;
// Custom versions of the Windows API functions, having the same parameters,
// return type, and calling convention as the versions provided by the OS.
int myDrawTextW(HDC hDC, LPCTSTR lpchText, int nCount, LPRECT lpRect, UINT uFormat)
{
OutputDebugString(lpchText);
return pDrawTextW(hDC, lpchText, nCount, lpRect, uFormat);
}
int myDrawTextA(HDC hDC, LPCSTR lpchText, int nCount, LPRECT lpRect, UINT uFormat)
{
OutputDebugStringA(lpchText);
return pDrawTextA(hDC, lpchText, nCount, lpRect, uFormat);
}
BOOL myTextOutW(HDC hdc, int nXStart, int nYStart, LPCTSTR lpString, int cchString)
{
OutputDebugString(lpString);
return pTextOutW(hdc, nXStart, nYStart, lpString, cchString);
}
BOOL myTextOutA(HDC hdc, int nXStart, int nYStart, LPCSTR lpString, int cchString)
{
OutputDebugStringA(lpString);
return pTextOutA(hdc, nXStart, nYStart, lpString, cchString);
}
BOOL myExtTextOutW(HDC hdc, int X, int Y, UINT fuOptions, const RECT *lprc,
LPCTSTR lpString, UINT cbCount, const INT *lpDx)
{
OutputDebugString(lpString);
return pExtTextOutW(hdc, X, Y, fuOptions, lprc, lpString, cbCount, lpDx);
}
BOOL myExtTextOutA(HDC hdc, int X, int Y, UINT fuOptions, const RECT *lprc,
LPCSTR lpString, UINT cbCount, const INT *lpDx)
{
OutputDebugStringA(lpString);
return pExtTextOutA(hdc, X, Y, fuOptions, lprc, lpString, cbCount, lpDx);
}
BOOL myPolyTextOutW(HDC hdc, const POLYTEXTW *pptxt, int cStrings)
{
OutputDebugString(pptxt->lpstr);
return pPolyTextOutW(hdc, pptxt, cStrings);
}
BOOL myPolyTextOutA(HDC hdc, const POLYTEXTA *pptxt, int cStrings)
{
OutputDebugStringA(pptxt->lpstr);
return pPolyTextOutA(hdc, pptxt, cStrings);
}
Solución
Licenciado bajo: CC-BY-SA con atribución
No afiliado a StackOverflow
