mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
154 lines
4.3 KiB
154 lines
4.3 KiB
/*++
|
|
|
|
Copyright (c) 2000 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
SampleShim.cpp
|
|
|
|
Abstract:
|
|
|
|
This DLL serves as a template for the creation of shim DLLs. Follow
|
|
the commenting/coding style of this source file wherever possible.
|
|
Never use tabs, configure your editor to insert spaces instead of
|
|
tab characters.
|
|
|
|
Notes:
|
|
|
|
This is a sample DLL.
|
|
|
|
History:
|
|
|
|
02/02/2000 markder Created
|
|
|
|
--*/
|
|
|
|
#include "ShimHook.h"
|
|
|
|
// Add APIs that you wish to hook to this enumeration. The first one
|
|
// must have "= USERAPIHOOKSTART", and the last one must be
|
|
// APIHOOK_Count.
|
|
enum
|
|
{
|
|
APIHOOK_OutputDebugStringA = USERAPIHOOKSTART,
|
|
APIHOOK_OutputDebugStringW,
|
|
APIHOOK_Count
|
|
};
|
|
|
|
/*++
|
|
|
|
This stub function intercepts all calls to OutputDebugStringA
|
|
and prefixes the output string with "SampleShim says:".
|
|
|
|
Note that all Win32 APIs use __stdcall calling conventions, so
|
|
you must be sure to have this set in MSVC++. Go to Projects|Settings,
|
|
C/C++ tab, select Category: "Code Generation" from dropdown, make
|
|
sure "Calling convention" is set to __stdcall.
|
|
|
|
--*/
|
|
|
|
VOID
|
|
APIHook_OutputDebugStringA(
|
|
LPCSTR szOutputString
|
|
)
|
|
{
|
|
// Declare all local variables at top of function. Always use
|
|
// Hungarian notation as follows:
|
|
//
|
|
// Type Scope
|
|
// ----------------------- ------------------
|
|
// Pointers p Global g_
|
|
// DWORD dw Class member m_
|
|
// LONG l Static s_
|
|
// ANSI strings sz
|
|
// Wide-char strings wsz
|
|
// Arrays rg
|
|
//
|
|
LPSTR szNewOutputString;
|
|
CHAR szPrefix[] = "SampleShim says: ";
|
|
|
|
// All string alterations must be done in new memory. Never
|
|
// alter a passed-in string in-place.
|
|
szNewOutputString = (LPSTR) malloc( strlen( szOutputString ) +
|
|
strlen( szPrefix ) + 1 );
|
|
|
|
// Use the DPF macro to print debug strings. See Hooks\inc\ShimDebug.h
|
|
// for debug level values. Use eDbgLevelError if an unexpected error occurs
|
|
// in your shim code. For informational output, use eDbgLevelUser.
|
|
DPF(eDbgLevelUser, "APIHook_OutputDebugStringA called.\n");
|
|
|
|
strcpy( szNewOutputString, szPrefix );
|
|
strcat( szNewOutputString, szOutputString );
|
|
|
|
// Use the LOOKUP_APIHOOK macro to call the original API. You must use
|
|
// this so that API chaining and inclusion/exclusion information is
|
|
// preserved.
|
|
LOOKUP_APIHOOK(OutputDebugStringA)( szNewOutputString );
|
|
|
|
free( szNewOutputString );
|
|
|
|
return;
|
|
}
|
|
|
|
/*++
|
|
|
|
This stub function intercepts all calls to OutputDebugStringW
|
|
and prefixes the output string with "SampleShim says:".
|
|
|
|
Note that to make your shim generally applicable, you should include
|
|
both ANSI and wide-character versions of your stub function.
|
|
|
|
--*/
|
|
|
|
VOID
|
|
APIHook_OutputDebugStringW(
|
|
LPCWSTR wszOutputString
|
|
)
|
|
{
|
|
// NEVER use TCHAR variables or tcs-prefixed string manipulation routines.
|
|
// Prefix all wide-character string constants with L. Never use _T() or
|
|
// TEXT() macros.
|
|
LPWSTR wszNewOutputString;
|
|
WCHAR wszPrefix[] = L"SampleShim says: ";
|
|
|
|
// A single line of code should never be more than 80 characters long.
|
|
wszNewOutputString = (LPWSTR) malloc( sizeof(WCHAR) *
|
|
( wcslen( wszOutputString ) +
|
|
wcslen( wszPrefix ) + 1 ) );
|
|
|
|
DPF(eDbgLevelUser, "APIHook_OutputDebugStringW called.\n");
|
|
|
|
// Make sure to use wide-character versions of all string manipulation
|
|
// routines where appropriate.
|
|
wcscpy( wszNewOutputString, wszPrefix );
|
|
wcscat( wszNewOutputString, wszOutputString );
|
|
|
|
LOOKUP_APIHOOK(OutputDebugStringW)( wszNewOutputString );
|
|
|
|
free( wszNewOutputString );
|
|
|
|
return;
|
|
}
|
|
|
|
/*++
|
|
|
|
Register hooked functions
|
|
|
|
--*/
|
|
|
|
VOID
|
|
InitializeHooks(DWORD fdwReason)
|
|
{
|
|
if (fdwReason != DLL_PROCESS_ATTACH) return;
|
|
|
|
// Don't touch this line.
|
|
INIT_HOOKS(APIHOOK_Count);
|
|
|
|
// Add APIs that you wish to hook here. All API prototypes
|
|
// must be declared in Hooks\inc\ShimProto.h. Compiler errors
|
|
// will result if you forget to add them.
|
|
DECLARE_APIHOOK(KERNEL32.DLL, OutputDebugStringA);
|
|
DECLARE_APIHOOK(KERNEL32.DLL, OutputDebugStringW);
|
|
|
|
// If you have any more initialization to do, do it here.
|
|
}
|