|
|
Регистрация Восстановить пароль |
Повторная активизация e-mail |
Регистрация | Задать вопрос |
Заплачу за решение |
Новые сообщения |
Сообщения за день |
Расширенный поиск |
Правила |
Всё прочитано |
|
|
Опции темы | Поиск в этой теме |
27.08.2009, 19:06 | #1 |
Новичок
Джуниор
Регистрация: 27.08.2009
Сообщений: 1
|
Не работает пример LastMsgBoxInfo из книги Рихтера
При запуске в VS2008 появляется диалоговое окно с сообщением об исключении 0xC00000FD: Stack overflow и программа ломается. Как быть? Пробовал и на Viste и на XP.
|
30.08.2009, 18:09 | #2 |
добрый няша
Старожил
Регистрация: 29.10.2006
Сообщений: 4,804
|
давай сюда код программы
|
15.09.2009, 13:29 | #3 |
Пользователь
Регистрация: 15.09.2009
Сообщений: 11
|
Привет Грузин, у меня такая же проблема, можешь помочь?
Только вот весь код сюда писать долго, он большой, можно тебе куда-нибудь в другое место отправить код? |
15.09.2009, 14:09 | #4 |
Заблокирован
Регистрация: 18.11.2007
Сообщений: 254
|
Stack overflow - переполнение буфера в стеке. значит что программа дописала в массив лишние байты.
Но вам видимо это не поможет )) |
15.09.2009, 15:01 | #5 |
Пользователь
Регистрация: 15.09.2009
Сообщений: 11
|
да, не поможет..к сожалению. Хотелось бы исправить эту ошибку...
|
16.09.2009, 01:31 | #6 |
Старожил
Регистрация: 28.01.2009
Сообщений: 21,000
|
а как мы без кода узнаем в чем ошибка?
Хорошо поставленный вопрос это уже половина ответа. | Каков вопрос, таков ответ.
Программа делает то что написал программист, а не то что он хотел. Функции/утилиты ждут в параметрах то что им надо, а не то что вы хотите. |
16.09.2009, 07:41 | #7 |
Пользователь
Регистрация: 15.09.2009
Сообщений: 11
|
Щас тогда, несколькими постами отвечу, в один не влезет.
Проект 1 - LastMsgBoxInfoLib (DLL проект) LastMsgBoxInfoLib.cpp #define WINVER 0x0500 #include "CmnHdr.h" #include <WindowsX.h> #include <tchar.h> #include <stdio.h> #include "APIHook.h" #define LASTMSGBOXINFOLIBAPI extern "C" __declspec(dllexport) #include "LastMsgBoxInfoLib.h" // Prototypes for the hooked functions typedef int (WINAPI *PFNMESSAGEBOXA)(HWND hWnd, PCSTR pszText, PCSTR pszCaption, UINT uType); typedef int (WINAPI *PFNMESSAGEBOXW)(HWND hWnd, PCWSTR pszText, PCWSTR pszCaption, UINT uType); // We need to reference these variables before we create them. extern CAPIHook g_MessageBoxA; extern CAPIHook g_MessageBoxW; // This function sends the MessageBox info to our main dialog box void SendLastMsgBoxInfo(BOOL fUnicode, PVOID pvCaption, PVOID pvText, int nResult) { // Get the pathname of the process displaying the message box char szProcessPathname[MAX_PATH]; GetModuleFileNameA(NULL, szProcessPathname, MAX_PATH); // Convert the return value into a human-readable string PCSTR pszResult = "(Unknown)"; switch (nResult) { case IDOK: pszResult = "Ok"; break; case IDCANCEL: pszResult = "Cancel"; break; case IDABORT: pszResult = "Abort"; break; case IDRETRY: pszResult = "Retry"; break; case IDIGNORE: pszResult = "Ignore"; break; case IDYES: pszResult = "Yes"; break; case IDNO: pszResult = "No"; break; case IDCLOSE: pszResult = "Close"; break; case IDHELP: pszResult = "Help"; break; case IDTRYAGAIN: pszResult = "Try Again"; break; case IDCONTINUE: pszResult = "Continue"; break; } // Construct the string to send to the main dialog box char sz[2048]; wsprintfA(sz, fUnicode ? "Process: (%d) %s\r\nCaption: %S\r\nMessage: %S\r\nResult: %s" : "Process: (%d) %s\r\nCaption: %s\r\nMessage: %s\r\nResult: %s", GetCurrentProcessId(), szProcessPathname, pvCaption, pvText, pszResult); // Send the string to the main dialog box COPYDATASTRUCT cds = { 0, lstrlenA(sz) + 1, sz }; FORWARD_WM_COPYDATA(FindWindow(NULL , TEXT("Last MessageBox Info")), NULL, &cds, SendMessage); } // This is the MessageBoxW replacement function int WINAPI Hook_MessageBoxW(HWND hWnd, PCWSTR pszText, LPCWSTR pszCaption, UINT uType) { // Call the original MessageBoxW function int nResult = ((PFNMESSAGEBOXW)(PROC) g_MessageBoxW) (hWnd, pszText, pszCaption, uType); // Send the information to the main dialog box SendLastMsgBoxInfo(TRUE, (PVOID) pszCaption, (PVOID) pszText, nResult); // Return the result back to the caller return(nResult); } // This is the MessageBoxA replacement function int WINAPI Hook_MessageBoxA(HWND hWnd, PCSTR pszText, PCSTR pszCaption, UINT uType) { // Call the original MessageBoxA function int nResult = ((PFNMESSAGEBOXA)(PROC) g_MessageBoxA) (hWnd, pszText, pszCaption, uType); // Send the infomration to the main dialog box SendLastMsgBoxInfo(FALSE, (PVOID) pszCaption, (PVOID) pszText, nResult); // Return the result back to the caller return(nResult); } // Hook the MessageBoxA and MessageBoxW functions CAPIHook g_MessageBoxA("User32.dll", "MessageBoxA", (PROC) Hook_MessageBoxA, TRUE); CAPIHook g_MessageBoxW("User32.dll", "MessageBoxW", (PROC) Hook_MessageBoxW, TRUE); // Since we do DLL injection with Windows' hooks, we need to save the hook // handle in a shared memory block (Windows 2000 actually doesn't need this) #pragma data_seg("Shared") HHOOK g_hhook = NULL; #pragma data_seg() #pragma comment(linker, "/Section:Shared,rws") static LRESULT WINAPI GetMsgProc(int code, WPARAM wParam, LPARAM lParam) { // NOTE: On Windows 2000, the 1st parameter to CallNextHookEx can // be NULL. On Windows 98, it must be the hook handle. return(CallNextHookEx(g_hhook, code, wParam, lParam)); } // Returns the HMODULE that contains the specified memory address static HMODULE ModuleFromAddress(PVOID pv) { MEMORY_BASIC_INFORMATION mbi; return((VirtualQuery(pv, &mbi, sizeof(mbi)) != 0) ? (HMODULE) mbi.AllocationBase : NULL); } BOOL WINAPI LastMsgBoxInfo_HookAllApps(BOOL fInstall, DWORD dwThreadId) { BOOL fOk; if (fInstall) { chASSERT(g_hhook == NULL); // Illegal to install twice in a row // Install the Windows' hook g_hhook = SetWindowsHookEx(WH_GETMESSAGE, GetMsgProc, ModuleFromAddress(LastMsgBoxInfo_Ho okAllApps), dwThreadId); fOk = (g_hhook != NULL); } else { chASSERT(g_hhook != NULL); // Can't uninstall if not installed fOk = UnhookWindowsHookEx(g_hhook); g_hhook = NULL; } return(fOk); } |
16.09.2009, 07:46 | #8 |
Пользователь
Регистрация: 15.09.2009
Сообщений: 11
|
LastMsgBoxInfo.h
#ifndef LASTMSGBOXINFOLIBAPI #define LASTMSGBOXINFOLIBAPI extern "C" __declspec(dllimport) #endif LASTMSGBOXINFOLIBAPI BOOL WINAPI LastMsgBoxInfo_HookAllApps(BOOL fInstall, DWORD dwThreadId); APIHook.cpp #include "CmnHdr.h" #include <ImageHlp.h> #pragma comment(lib, "ImageHlp") #include "APIHook.h" #include "Toolhelp.h" // The highest private memory address (used for Windows 98 only) PVOID CAPIHook::sm_pvMaxAppAddr = NULL; const BYTE cPushOpCode = 0x68; // The PUSH opcode on x86 platforms // The head of the linked-list of CAPIHook objects CAPIHook* CAPIHook::sm_pHead = NULL; CAPIHook::CAPIHook(PSTR pszCalleeModName, PSTR pszFuncName, PROC pfnHook, BOOL fExcludeAPIHookMod) { if (sm_pvMaxAppAddr == NULL) { // Functions with address above lpMaximumApplicationAddress require // special processing (Windows 98 only) SYSTEM_INFO si; GetSystemInfo(&si); sm_pvMaxAppAddr = si.lpMaximumApplicationAddress; } m_pNext = sm_pHead; // The next node was at the head sm_pHead = this; // This node is now at the head // Save information about this hooked function m_pszCalleeModName = pszCalleeModName; m_pszFuncName = pszFuncName; m_pfnHook = pfnHook; m_fExcludeAPIHookMod = fExcludeAPIHookMod; m_pfnOrig = GetProcAddressRaw( GetModuleHandleA(pszCalleeModName), m_pszFuncName); chASSERT(m_pfnOrig != NULL); // Function doesn't exist if (m_pfnOrig > sm_pvMaxAppAddr) { // The address is in a shared DLL; the address needs fixing up PBYTE pb = (PBYTE) m_pfnOrig; if (pb[0] == cPushOpCode) { // Skip over the PUSH op code and grab the real address PVOID pv = * (PVOID*) &pb[1]; m_pfnOrig = (PROC) pv; } } // Hook this function in all currently loaded modules ReplaceIATEntryInAllMods(m_pszCalle eModName, m_pfnOrig, m_pfnHook, m_fExcludeAPIHookMod); } CAPIHook::~CAPIHook() { // Unhook this function from all modules ReplaceIATEntryInAllMods(m_pszCalle eModName, m_pfnHook, m_pfnOrig, m_fExcludeAPIHookMod); // Remove this object from the linked list CAPIHook* p = sm_pHead; if (p == this) { // Removing the head node sm_pHead = p->m_pNext; } else { BOOL fFound = FALSE; // Walk list from head and fix pointers for (; !fFound && (p->m_pNext != NULL); p = p->m_pNext) { if (p->m_pNext == this) { // Make the node that points to us point to the our next node p->m_pNext = p->m_pNext->m_pNext; break; } } chASSERT(fFound); } } // NOTE: This function must NOT be inlined FARPROC CAPIHook::GetProcAddressRaw(HMODULE hmod, PCSTR pszProcName) { return(::GetProcAddress(hmod, pszProcName)); } // Returns the HMODULE that contains the specified memory address static HMODULE ModuleFromAddress(PVOID pv) { MEMORY_BASIC_INFORMATION mbi; return((VirtualQuery(pv, &mbi, sizeof(mbi)) != 0) ? (HMODULE) mbi.AllocationBase : NULL); } void CAPIHook::ReplaceIATEntryInAllMods( PCSTR pszCalleeModName, PROC pfnCurrent, PROC pfnNew, BOOL fExcludeAPIHookMod) { HMODULE hmodThisMod = fExcludeAPIHookMod ? ModuleFromAddress(ReplaceIATEntryIn AllMods) : NULL; // Get the list of modules in this process CToolhelp th(TH32CS_SNAPMODULE, GetCurrentProcessId()); MODULEENTRY32 me = { sizeof(me) }; for (BOOL fOk = th.ModuleFirst(&me); fOk; fOk = th.ModuleNext(&me)) { // NOTE: We don't hook functions in our own module if (me.hModule != hmodThisMod) { // Hook this function in this module ReplaceIATEntryInOneMod( pszCalleeModName, pfnCurrent, pfnNew, me.hModule); } } } продолжение дальше... |
16.09.2009, 07:46 | #9 |
Пользователь
Регистрация: 15.09.2009
Сообщений: 11
|
void CAPIHook::ReplaceIATEntryInOneMod(P CSTR pszCalleeModName,
PROC pfnCurrent, PROC pfnNew, HMODULE hmodCaller) { // Get the address of the module's import section ULONG ulSize; PIMAGE_IMPORT_DESCRIPTOR pImportDesc = (PIMAGE_IMPORT_DESCRIPTOR) ImageDirectoryEntryToData(hmodCalle r, TRUE, IMAGE_DIRECTORY_ENTRY_IMPORT, &ulSize); if (pImportDesc == NULL) return; // This module has no import section // Find the import descriptor containing references to callee's functions for (; pImportDesc->Name; pImportDesc++) { PSTR pszModName = (PSTR) ((PBYTE) hmodCaller + pImportDesc->Name); if (lstrcmpiA(pszModName, pszCalleeModName) == 0) break; // Found } if (pImportDesc->Name == 0) return; // This module doesn't import any functions from this callee // Get caller's import address table (IAT) for the callee's functions PIMAGE_THUNK_DATA pThunk = (PIMAGE_THUNK_DATA) ((PBYTE) hmodCaller + pImportDesc->FirstThunk); // Replace current function address with new function address for (; pThunk->u1.Function; pThunk++) { // Get the address of the function address PROC* ppfn = (PROC*) &pThunk->u1.Function; // Is this the function we're looking for? BOOL fFound = (*ppfn == pfnCurrent); if (!fFound && (*ppfn > sm_pvMaxAppAddr)) { // If this is not the function and the address is in a shared DLL, // then maybe we're running under a debugger on Windows 98. In this // case, this address points to an instruction that may have the // correct address. PBYTE pbInFunc = (PBYTE) *ppfn; if (pbInFunc[0] == cPushOpCode) { // We see the PUSH instruction, the real function address follows ppfn = (PROC*) &pbInFunc[1]; // Is this the function we're looking for? fFound = (*ppfn == pfnCurrent); } } if (fFound) { // The addresses match, change the import section address WriteProcessMemory(GetCurrentProces s(), ppfn, &pfnNew, sizeof(pfnNew), NULL); return; // We did it, get out } } // If we get to here, the function is not in the caller's import section } // Hook LoadLibrary functions and GetProcAddress so that hooked functions // are handled correctly if these functions are called. CAPIHook CAPIHook::sm_LoadLibraryA ("Kernel32.dll", "LoadLibraryA", (PROC) CAPIHook::LoadLibraryA, TRUE); CAPIHook CAPIHook::sm_LoadLibraryW ("Kernel32.dll", "LoadLibraryW", (PROC) CAPIHook::LoadLibraryW, TRUE); CAPIHook CAPIHook::sm_LoadLibraryExA("Kernel 32.dll", "LoadLibraryExA", (PROC) CAPIHook::LoadLibraryExA, TRUE); CAPIHook CAPIHook::sm_LoadLibraryExW("Kernel 32.dll", "LoadLibraryExW", (PROC) CAPIHook::LoadLibraryExW, TRUE); CAPIHook CAPIHook::sm_GetProcAddress("Kernel 32.dll", "GetProcAddress", (PROC) CAPIHook::GetProcAddress, TRUE); void CAPIHook::FixupNewlyLoadedModule(HM ODULE hmod, DWORD dwFlags) { // If a new module is loaded, hook the hooked functions if ((hmod != NULL) && ((dwFlags & LOAD_LIBRARY_AS_DATAFILE) == 0)) { for (CAPIHook* p = sm_pHead; p != NULL; p = p->m_pNext) { ReplaceIATEntryInOneMod(p->m_pszCalleeModName, p->m_pfnOrig, p->m_pfnHook, hmod); } } } HMODULE WINAPI CAPIHook::LoadLibraryA(PCSTR pszModulePath) { HMODULE hmod = ::LoadLibraryA(pszModulePath); FixupNewlyLoadedModule(hmod, 0); return(hmod); } HMODULE WINAPI CAPIHook::LoadLibraryW(PCWSTR pszModulePath) { HMODULE hmod = ::LoadLibraryW(pszModulePath); FixupNewlyLoadedModule(hmod, 0); return(hmod); } HMODULE WINAPI CAPIHook::LoadLibraryExA(PCSTR pszModulePath, HANDLE hFile, DWORD dwFlags) { HMODULE hmod = ::LoadLibraryExA(pszModulePath, hFile, dwFlags); FixupNewlyLoadedModule(hmod, dwFlags); return(hmod); } HMODULE WINAPI CAPIHook::LoadLibraryExW(PCWSTR pszModulePath, HANDLE hFile, DWORD dwFlags) { HMODULE hmod = ::LoadLibraryExW(pszModulePath, hFile, dwFlags); FixupNewlyLoadedModule(hmod, dwFlags); return(hmod); } FARPROC WINAPI CAPIHook::GetProcAddress(HMODULE hmod, PCSTR pszProcName) { // Get the true address of the function FARPROC pfn = GetProcAddressRaw(hmod, pszProcName); // Is it one of the functions that we want hooked? CAPIHook* p = sm_pHead; for (; (pfn != NULL) && (p != NULL); p = p->m_pNext) { if (pfn == p->m_pfnOrig) { // The address to return matches an address we want to hook // Return the hook function address instead pfn = p->m_pfnHook; break; } } return(pfn); } |
16.09.2009, 07:47 | #10 |
Пользователь
Регистрация: 15.09.2009
Сообщений: 11
|
APIHook.h
#pragma once class CAPIHook { public: // Hook a function in all modules CAPIHook(PSTR pszCalleeModName, PSTR pszFuncName, PROC pfnHook, BOOL fExcludeAPIHookMod); // Unhook a function from all modules ~CAPIHook(); // Returns the original address of the hooked function operator PROC() { return(m_pfnOrig); } public: // Calls the real GetProcAddress static FARPROC WINAPI GetProcAddressRaw(HMODULE hmod, PCSTR pszProcName); private: static PVOID sm_pvMaxAppAddr; // Maximum private memory address static CAPIHook* sm_pHead; // Address of first object CAPIHook* m_pNext; // Address of next object PCSTR m_pszCalleeModName; // Module containing the function (ANSI) PCSTR m_pszFuncName; // Function name in callee (ANSI) PROC m_pfnOrig; // Original function address in callee PROC m_pfnHook; // Hook function address BOOL m_fExcludeAPIHookMod; // Hook module w/CAPIHook implementation? private: // Replaces a symbol's address in a module's import section static void WINAPI ReplaceIATEntryInAllMods(PCSTR pszCalleeModName, PROC pfnOrig, PROC pfnHook, BOOL fExcludeAPIHookMod); // Replaces a symbol's address in all module's import sections static void WINAPI ReplaceIATEntryInOneMod(PCSTR pszCalleeModName, PROC pfnOrig, PROC pfnHook, HMODULE hmodCaller); private: // Used when a DLL is newly loaded after hooking a function static void WINAPI FixupNewlyLoadedModule(HMODULE hmod, DWORD dwFlags); // Used to trap when DLLs are newly loaded static HMODULE WINAPI LoadLibraryA(PCSTR pszModulePath); static HMODULE WINAPI LoadLibraryW(PCWSTR pszModulePath); static HMODULE WINAPI LoadLibraryExA(PCSTR pszModulePath, HANDLE hFile, DWORD dwFlags); static HMODULE WINAPI LoadLibraryExW(PCWSTR pszModulePath, HANDLE hFile, DWORD dwFlags); // Returns address of replacement function if hooked function is requested static FARPROC WINAPI GetProcAddress(HMODULE hmod, PCSTR pszProcName); private: // Instantiates hooks on these functions static CAPIHook sm_LoadLibraryA; static CAPIHook sm_LoadLibraryW; static CAPIHook sm_LoadLibraryExA; static CAPIHook sm_LoadLibraryExW; static CAPIHook sm_GetProcAddress; }; |
|
Похожие темы | ||||
Тема | Автор | Раздел | Ответов | Последнее сообщение |
запуск программы ErrorShow из книги Джефри Рихтера | happy_horror | Win Api | 2 | 20.09.2017 07:59 |
Пример из книги не работает | qwerty09 | Общие вопросы C/C++ | 12 | 19.08.2009 09:13 |
Пример из книги Керниган, Ричи. Язык C. Массивы | hukola | Общие вопросы C/C++ | 16 | 26.05.2009 18:04 |
Пример из книги | Cpluser | Общие вопросы .NET | 7 | 13.04.2009 14:39 |
Пример из книги,помогите найти ошибку. | ANTI | Win Api | 4 | 04.06.2008 23:59 |