当前位置: 文江博客话题详情

Windows API函数可以被覆盖并在其之后调用吗?

发布于 2024-12-10 06:03:06 字数 1039 浏览 0 评论 0原文

我想修改 Windows API 中可用的本机函数,例如 CreateWindowExShowWindow,当应用程序编译时包含这些函数时,它将改为调用我的函数,执行那里的任务,然后调用原始的本机函数。

换句话说,我想以某种方式代理这些函数,同时仍然使用相同的名称(因此,如果编写一个程序是为了使用本机 API 进行编译,则只需添加这些函数就会修改这些本机函数的处理方式

HWND WINAPI CreateWindowEx(
  __in      DWORD dwExStyle,
  __in_opt  LPCTSTR lpClassName,
  __in_opt  LPCTSTR lpWindowName,
  __in      DWORD dwStyle,
  __in      int x,
  __in      int y,
  __in      int nWidth,
  __in      int nHeight,
  __in_opt  HWND hWndParent,
  __in_opt  HMENU hMenu,
  __in_opt  HINSTANCE hInstance,
  __in_opt  LPVOID lpParam
) {

    //my custom code here....

    // done with my custom code... so now I want to run the native function
    return CreateWindowEx(dwExStyle, lpClassName, lpWindowName, dwStyle, x, y, nWidth, nHeight, hWndParent, hMenu, hInstance, lpParam);
}

) (出于明显的原因)会导致堆栈溢出,因为它不断地一遍又一遍地调用自身。我希望它做的是,当调用它时,它会运行我创建的自定义函数,然后运行 ​​Windows API 中可用的本机函数。

我对 C++ 很陌生,但例如在许多其他语言中,我可以用另一个名称存储对本机函数的引用,然后我可以在自定义函数中调用它。 c++中有类似的东西吗?

原文

I want to modify the native functions available in Windows API, such as CreateWindowEx or ShowWindow in a way that when an application is compiled with those functions included, it will instead call my functions, perform the tasks there, and then call the original native function.

In other words, I want to in a way proxy the functions, while still using the same names (so if a program was written to be compiled with the native API, simply adding these functions would modify the way those native functions are handled)

HWND WINAPI CreateWindowEx(
  __in      DWORD dwExStyle,
  __in_opt  LPCTSTR lpClassName,
  __in_opt  LPCTSTR lpWindowName,
  __in      DWORD dwStyle,
  __in      int x,
  __in      int y,
  __in      int nWidth,
  __in      int nHeight,
  __in_opt  HWND hWndParent,
  __in_opt  HMENU hMenu,
  __in_opt  HINSTANCE hInstance,
  __in_opt  LPVOID lpParam
) {

    //my custom code here....

    // done with my custom code... so now I want to run the native function
    return CreateWindowEx(dwExStyle, lpClassName, lpWindowName, dwStyle, x, y, nWidth, nHeight, hWndParent, hMenu, hInstance, lpParam);
}

This (for obvious reasons) gives a stack overflow, as it keeps on calling itself over and over. What I would want it to do is, when it is called, it runs through the custom function I've created, and thereafter runs the native functions available in Windows API.

I am quite new to c++, but for example in many other languages, I could store a reference to the native function under another name, which I could then call inside my custom function. Is there anything similar available in c++?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

旧人九事 2024-12-17 06:03:06

正如我在评论中所写,许多挂钩库的父级可能是 microsoft 绕道

现在它不再免费了,有各种替代方案。这里有其中一些的比较(链接已删除。我不确定它是否安全。尝试在谷歌上搜索“Microsoft Detours 是特定拦截中使用的库”,然后选择一个来源或更简单的 Detours Alternatives。

嗯,它目前似乎唯一的免费替代方案是 http://easyhook.codeplex.com/http://www.codeproject.com/KB/system/mini_hook_engine.aspx

有是一个SO问题:注册表的绕道替代方案如果您有兴趣,请拦截

As I've written in the comment, the parent of many hooking libraries was probably the microsoft Detours

Now that it isn't free anymore there are various alternatives. Here there is a comparison of some of them (link removed. I'm not sure it was safe. Try googling for "Microsoft Detours is a library utilized in the particular interception" and select a source or more simply for Detours Alternatives.

Mmmh it seems the only free alternative at this time are http://easyhook.codeplex.com/ and http://www.codeproject.com/KB/system/mini_hook_engine.aspx

There is a SO question: Detours alternative for Registry interception if you are interested.

回复 原文
掩于岁月 2024-12-17 06:03:06

对您的问题的一种解释是,您有一个带有源代码的项目,并且您想要更改该项目,以便它使用您自己的某些 winapi 函数版本。

以下是您可以为每个导入的 API 函数实施的解决方案。这里的示例是 ShowWindow

#define ShowWindow Deleted_Winapi_ShowWindow // prevent windows.h from defining ShowWindow
#include <windows.h>
#undef ShowWindow

namespace HiddenWinapi
{
    extern "C"
    {
        // Do what windows.h does, but hide it inside a namespace.
        WINUSERAPI BOOL WINAPI ShowWindow( __in HWND hWnd, __in int nCmdShow);
    }
}

// make your own function to be called instead of the API, and delegate to the actual API in the namespace.
BOOL WINAPI ShowWindow(HWND hwnd, int nCmdShow)
{
    // ... do stuff ...
    // call the original API
    return HiddenWinapi::ShowWindow(hwnd, nCmdShow);
}

要将此解决方案用于 CreateWindowEx,您需要存根实际导入的函数名称(例如 CreateWindowExW),因为 < code>CreateWindowEx 只是一个扩展为 CreateWindowExWCreateWindowExA 的宏。

这是一个用您自己的宏替换宏的解决方案,但我认为在所有情况下最好使用上述解决方案。

#include <windows.h>

#undef CreateWindowEx

// Note that this is a unicode-only version. If your app mixes A and W versions, see 
// the solution below for non-macro APIs.
HWND WINAPI CreateWindowEx(DWORD dwExStyle, LPCWSTR lpClassName, LPCWSTR lpWindowName, DWORD dwStyle, int X, int Y, int nWidth, int nHeight, HWND hWndParent, HMENU hMenu, HINSTANCE hInstance, LPVOID lpParam)
{
    // ... do stuff ...
    // call the REAL function.
    return CreateWindowExW(dwExStyle, lpClassName, lpWindowName, dwStyle, X, Y, nWidth, nHeight, hWndParent, hMenu, hInstance, lpParam);
}

One interpretation of your question is that you have a project, with source code, and you want to change that project so it uses your own versions of certain winapi functions.

Here is a solution which you can implement for each imported API function. Example here is for ShowWindow:

#define ShowWindow Deleted_Winapi_ShowWindow // prevent windows.h from defining ShowWindow
#include <windows.h>
#undef ShowWindow

namespace HiddenWinapi
{
    extern "C"
    {
        // Do what windows.h does, but hide it inside a namespace.
        WINUSERAPI BOOL WINAPI ShowWindow( __in HWND hWnd, __in int nCmdShow);
    }
}

// make your own function to be called instead of the API, and delegate to the actual API in the namespace.
BOOL WINAPI ShowWindow(HWND hwnd, int nCmdShow)
{
    // ... do stuff ...
    // call the original API
    return HiddenWinapi::ShowWindow(hwnd, nCmdShow);
}

To use this solution for CreateWindowEx, you need to stub the actual imported function name (e.g. CreateWindowExW), because CreateWindowEx is just a macro which expands to CreateWindowExW or CreateWindowExA.

Here is a solution which replaces the macro with your own, but I think in all cases it would be better to use the above solution.

#include <windows.h>

#undef CreateWindowEx

// Note that this is a unicode-only version. If your app mixes A and W versions, see 
// the solution below for non-macro APIs.
HWND WINAPI CreateWindowEx(DWORD dwExStyle, LPCWSTR lpClassName, LPCWSTR lpWindowName, DWORD dwStyle, int X, int Y, int nWidth, int nHeight, HWND hWndParent, HMENU hMenu, HINSTANCE hInstance, LPVOID lpParam)
{
    // ... do stuff ...
    // call the REAL function.
    return CreateWindowExW(dwExStyle, lpClassName, lpWindowName, dwStyle, X, Y, nWidth, nHeight, hWndParent, hMenu, hInstance, lpParam);
}
回复 原文
无名指的心愿 2024-12-17 06:03:06

如果您想自己执行此操作,最简单的方法是修改 PE(可移植可执行文件)标头中的导入地址表。不过,这并不是一件小事。

不过,我相信有一个标准库可以满足您的需求,称为 Detours。不过,我自己从未使用过这个库,因为当我开始这样做时它还不存在,所以我有一个(不供公众使用)库,可以在需要时通过导入表来完成此操作。

If you want to do this yourself the easiest way is to modify the import address table in the PE (portable executable) header. This is not trivial, though.

However, I believe there's a standard library for what you want called Detours. I've never used that one myself, though, because it wasn't around when I started doing this, so I have a - not for public consumption - library for doing it via the import table when I need it.

回复 原文
~没有更多了~

关于作者

苦妄

暂无简介

0 文章
0 评论
23 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

已经忘了多久

文章 0 评论 0

15867725375

文章 0 评论 0

LonelySnow

文章 0 评论 0

走过海棠暮

文章 0 评论 0

轻许诺言

文章 0 评论 0

信馬由缰

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文