|
Thank you Chris i get it now. i appreciate your time. this road i am on learning C++ has not been easy, but it is interesting.
|
|
|
|
|
I seem to have an abundancy of questions at this time of year.
Anyways, I have a CreateRemoteThread hook that refuses to work. Here's the code:
HANDLE WINAPI MyCreateRemoteThread(HANDLE hProcess,
LPSECURITY_ATTRIBUTES lpThreadAttributes,
SIZE_T dwStackSize,
LPTHREAD_START_ROUTINE lpStartAddress,
LPVOID lpParameter,
DWORD dwCreationFlags,
LPDWORD lpThreadId)
{
if (GetpIDFromHandle(hProcess)==SelfpID){
SetLastError(ERROR_ACCESS_DENIED);
return NULL;
}
else {
}
This format seems to work for every other function I've thought of so far (the ones in KERNEL32.DLL, at least), but it doesn't work for CreateRemoteThread. Sure, the hook is reached and if another process is trying to create a thread in my process's context the SetLastError is executed, but then the calling process crashes. I thought it was a problem with the calling process at first (I wrote one just to test), so I took another program that uses CreateRemoteThread and it crashed too.
Is there anything wrong with my code? Thanks in advance.
EDIT: Clarification - GetpIDFromHandle returns the process ID given a process handle (this works perfectly fine) and SelfpID is a global variable containing the self process ID.
modified on Sunday, November 15, 2009 11:34 PM
|
|
|
|
|
hxhl95 wrote: ure, the hook is reached and if another process is trying to create a thread in my process's context
How is that possible? If you are installing a hook for this api in your process, the hook function will only be called if you call CreateRemoteThread() from your process. If some other process calls CreateRemoteThread to your process context, there is no way the above API to execute...isnt it?
|
|
|
|
|
IAT hooking. And unless I'm very much mistaken, it's working.
|
|
|
|
|
hxhl95 wrote: it's working.
Let me clarify your question
Process A
Installs a hook for the API CreateRemoteThread() in its process context.
Process B
Try to create a remote thread in "Process A". At this time you are telling that the hook function you installed is getting executed?????
|
|
|
|
|
Process A:
Installs a system-wide hook for CreateRemoteThread()
Process B:
Calls CreateRemoteThread in "Process A". My installed hook function gets executed, but returning NULL causes Process B to crash. Any other calls to CreateRemoteThread that don't involve Process A are fine.
|
|
|
|
|
ok that make sense
So what does the function? GetpIDFromHandle() do ? also is the variable SelfpID some shared variable?
When the crash occures didnt you get the call stack?
|
|
|
|
|
Sorry, I failed to clarify that. GetpIDFromHandle returns a process ID given a process handle, SelfpID is the process ID of process A. (since when the hooked function is reached, calls to GetCurrentProcessId will only return the pID of the caller, not Process A)
I'll get a dump of the call stack after I get back home.
|
|
|
|
|
hxhl95 wrote: since when the hooked function is reached, calls to GetCurrentProcessId will only return the pID of the caller, not Process A
you could use GetProcessId()[^].
|
|
|
|
|
I am writing a program that runs in the background and controls a text editor. My program sends key sequences to the editor to open the Find and Replace dialog box of the editor (this is a dialog box customized by the editor).
So far, this method works great. The only problem I am having is that the dialog box quickly appears and disappears (since I send the key sequences + enter key as well).
So, I am trying to get a hold of the "Find and Replace" dialog box when it is created (I know for sure that the dialog is created each time when the user presses Control-F) so that I can resize it to zero. I tried to put a hook into the CreateWindowEx function, but it doesn't look like that function is called after Control-F is pressed (i.e. the "Find and Replace" dialog box is displayed).
If you have a thought on how this could be done, please kindly let me know.
Thank you very much.
|
|
|
|
|
In whitch module did you hook CreateWindowEx? I guess that the editor doesn't directly call that to create the find dialog, it probably uses DialogBox[^] or CreateDialog[^] (or one of their friends, see the See also links at the bottom of the MSDN pages). These are defined in user32.dll so if i were you i'd try to hook either these (probably more complicated to fiddle with the dialog) or i'd try to hook the createwindow method in user32.dll.
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> Sometimes you just have to hate coding to do it well. <
|
|
|
|
|
Hello , my problem is this:
I have a dialog based app that used to works fine, then i added some code ,a few lines, and i forgot to put some "()" and ";" , then when i tried to compile, the compiler crashed , so i killed the Microsoft visual c++ with the task mananger and then i re started the Microsoft vc++ and i opened the same project again, i deleted the few lines added before and i compiled again, no errors messages, but when i attempt to run the app (with crtl +F5) it doesn't starts , so i try to debug the app and i get these errors messages :
Loaded 'ntdll.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\kernel32.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\inpout32.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\advapi32.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\rpcrt4.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\secur32.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\MFC42D.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\MSVCRTD.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\gdi32.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\user32.dll', no matching symbolic information found.
Loaded symbols for 'C:\WINDOWS\system32\MFCO42D.DLL'
Loaded 'C:\WINDOWS\system32\imm32.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\mfc42loc.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\comctl32.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\msvcrt.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\shlwapi.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\uxtheme.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\MSCTF.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\version.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\MSCTFIME.IME', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\ole32.dll', no matching symbolic information found.
Warning: dialog data checkbox value (-858993460) out of range.
Warning: dialog data checkbox value (-858993460) out of range.
Warning: dialog data checkbox value (-858993460) out of range.
Warning: dialog data checkbox value (-858993460) out of range.
Warning: dialog data checkbox value (-858993460) out of range.
Warning: dialog data checkbox value (-858993460) out of range.
Warning: dialog data checkbox value (-858993460) out of range.
What is wrong?, the code is the same and i didn't touch anythig else.
Thanks in advance guys.
|
|
|
|
|
the first 30 or so lines are not errors. that's just VC telling you that you won't be able to debug into system DLLs. you'll see them every time you start the debugger.
the last 8 are telling you that you're trying to set a checkbox to an invalid state. check your DDX_Check calls, and make sure that the last parameter has been set to something in the range of 0 to 2.
|
|
|
|
|
Thanks, well i found and deleted the lines that causes the warnings, now when the debugging starts i get:
Loaded 'ntdll.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\kernel32.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\inpout32.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\advapi32.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\rpcrt4.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\secur32.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\MFC42D.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\MSVCRTD.DLL', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\gdi32.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\user32.dll', no matching symbolic information found.
Loaded symbols for 'C:\WINDOWS\system32\MFCO42D.DLL'
Loaded 'C:\WINDOWS\system32\imm32.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\mfc42loc.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\comctl32.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\msvcrt.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\shlwapi.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\uxtheme.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\MSCTF.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\version.dll', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\MSCTFIME.IME', no matching symbolic information found.
Loaded 'C:\WINDOWS\system32\ole32.dll', no matching symbolic information found.
The program 'D:\Proyecto final\VC++\Calibracion2\Debug\Calibracion.exe' has exited with code 0 (0x0).
And of course when a try to run the app (.exe) the process is loaded into memory , it consumes 50% processor resourses, but never it appears on the screen, like i said above , before the first crash, it was working, and now i have the same code , and i don't touch anything else, i'm confused.
|
|
|
|
|
ignore those msgs, really.
|
|
|
|
|
Ok , but do you have any ideas of what is happening? Once i had a similar problem and i took the project from a previous backup, and i added the new lines , compile and problem solved, i'm sure that if i do the same again, the problem would be solved, but it's a lot of work to update the project from the last backup, and I'm really intrigued of wich is the cause of that kind of problems. . .
|
|
|
|
|
every app in Windows loads a whole bunch of DLLs from the system, in order to run. when those DLLs get loaded, the debugger looks at them to see if it can step into them or not. if not, the debugger will print a little message telling you about it. obviously, nobody outside of Microsoft can debug into the system DLLs.
it isn't a problem, really. there is nothing to worry about.
if you didn't see those messages before, maybe you were running in non-debug mode. but if you're running in debug mode, you should expect to see them every single time you start your app.
|
|
|
|
|
You are right, haps i didn't explain
it too well, let's forget those messages, the problem is that before i added some lines to the project, the app was running well, then i added those lines , with some mistakes and when i tried to compile the compiler crashes, so i closed the projet and opened again, i deleted the added lines (so the code is the same that before) and compiled it, no errors, but when i try to run the app (not in debug mode)it doesn't works, did i explain well?
|
|
|
|
|
Set a breakpoint at the beginning of the program and run it with the debugger. Single step through each line of code to find what is causing the problem. This is the only way to discover what is wrong.
|
|
|
|
|
Thanks man, i ran the app step by step and i realized that the problem was a "For" sentence in wich the condition was i= 100 instead of i<100, so tanks a lot.
|
|
|
|
|
Wish I had a £ for every time I've done that
|
|
|
|
|
now i use vc++ 6 to control ms word,i want a table's cell has a DiagonalDown line,
maybe SetBorders() should be used, but i don't know the usage method
how can i set DiagonalDown line in a ms word table's cell
thanks a lot
|
|
|
|
|
Hi,
(my first post on CodeProject )
I am unable to use GetPtrEx and GetPtrEx2 function versions.
I get Unhandled exception.
Please tell me why...
class CTest
{
private:
char *a;
public:
CTest(int n=10)
{
a= new char[10];
a="george";
}
virtual ~CTest()
{
}
char * GetPtr()
{
return a;
}
void GetPtrEx(char **ptOut)
{
ptOut=&a;
}
void GetPtrEx2(char *ptOut)
{
ptOut=a;
}
};
int _tmain(int argc, _TCHAR* argv[])
{
CTest obj;
char *rx=NULL;
obj.GetPtrEx(&rx);
cout<<"sir="<
|
|
|
|
|
The parameters need to be passed as references (e.g., void GetPtrEx2(char*& ptOut) ).
As it is, you're making a local copy of the parameter in the function bodies and are manipulating that local copy. The variable in your main function is unchanged after calling GetPtrEx because only the local copy inside the accessor was modified.
In order to have changes inside the accessor preserved and made available to the caller, the parameters must be passed as references. In effect, this passes the address of the original variable, rather than making a local copy. Changes made in the accessor will affect the original copy of the variable declared outside the accessor.
Also, in the future, use the 'code block' button above the edit window when posting code. It makes it much more readable; a lot of people here won't even respond to a message loaded with unformatted code.
|
|
|
|
|
CTest(int n=10)
{
a = new char[10];
a = "george";
}
This is incorrect, you are merely overwriting the pointer in a; you need to copy the string to 'a' via strcpy() or similar. Also the constructor takes a value that is never used.
void GetPtrEx(char **ptOut)
{
ptOut = &a;
}
This changes the local copy of ptOut; it should be *ptOut = a; . Similarly GetPtrEx2() does nothing useful.
|
|
|
|
|