Oct 18, 2010 at 1:11 PM
Edited Oct 18, 2010 at 1:30 PM
I'm trying to hook some GDI functions within my own program using EasyHook-2.6 and VS2008, C++, unmanaged, and did the following (shown for one function only):
static HOOK_TRACE_INFO infoCreateFontIndirectW; //!< info for hooked CreateFontIndirectW
static HFONT WINAPI hookCreateFontIndirectW(CONST LOGFONTW* lplf)
HFONT hFont = 0;
hFont = ::CreateFontIndirectW(lplf);
// Init HOOK_TRACE_INFO
infoCreateFontIndirectW.Link = 0;
// Install hook
HMODULE hGDI32 = LoadLibraryA("gdi32.dll");
FORCE(LhInstallHook( GetProcAddress(hGDI32, "CreateFontIndirectW"), hookCreateFontIndirectW, (PVOID)0x12345678, &infoCreateFontIndirectW));
// Enable hook for all threads of running process
int threadIdListSize = 0; // for all threads we have to set an empty list
ULONG threadIdList = 0; // but we have to provide an list!
FORCE(LhSetExclusiveACL(&threadIdList, threadIdListSize, &infoCreateFontIndirectW));
Please note that I'm trying to call the original function, and I'm trying to do some actions
before the real function, and after the real function. But
how to call the original function from within my hook function?
Currently my hook function is always called twice, and on the 2nd call to the original function EasyHook recognizes this and calls the original function. I already tried
- followed http://easyhook.codeplex.com/Thread/View.aspx?ThreadId=53791 , but could not get _LOCAL_HOOK_INFO_::OldProc pointer.
- use GetProcAdress and keep pointer to CreateFontIndirectW and use it within my hook function, but I always ended up again in my hook function.
Any hints on how to call the original function from within my hook function.
Check out the function outlined here (the last function): http://easyhook.codeplex.com/Thread/View.aspx?ThreadId=227633 Implement that any you can access the original function.
Oct 18, 2010 at 8:38 PM
Edited Oct 20, 2010 at 6:46 PM
thank you for this hint, which brought me a step further. I copied the code from the above link to install.c, then added the line
EASYHOOK_NT_EXPORT LhGetOldProc(TRACED_HOOK_HANDLE InHandle, PVOID* OutValue);
to Public/EasyHook.h and recompiled the full EasyHook project. However, on trying to use the function from within my code I always got the following unresolved external on linking:
error LNK2019: Verweis auf nicht aufgelöstes externes Symbol "__imp__LhGetOldProc@8" in Funktion .....
I double checked the generated EasyHook.lib to include the symbols as the other functions, and it seems to be included.
Then I used GetProcAdress from within my code to get access to function LhGetOldProc with success ;-) And then using LhGetOldProc my code then was able to call the original function with success.
Any hint where to add something so the function gets known for the linker? Would it be possible to add function LhGetOldProc to the next official release?
Update: It seems I used a wrong copy of my created EasyHook.lib file. On using the right one there's no longer a linker problem.