挂起从DLL调用的WinAPI函数 [英] Hooking WinAPI functions called from DLL

问题描述

我有一个包含函数 foo 的DLL文件 library.dll 。函数 foo 调用WinAPI函数 goo 。我写了一个从 library.dll 调用 foo 的应用程序。问题是我想通过我在应用程序中声明的自己的功能 hoo 覆盖对 goo 函数的调用。

I have a DLL file library.dll which contains a function foo. The function foo calls a WinAPI function goo. I wrote an application that calls foo from library.dll. The problem is that I want to override the call to goo function by my own function hoo I declared in the application (not in the DLL).

如何将呼叫挂钩到 goo 功能？我不是在寻找一个全局钩子，我只想覆盖由我写的应用程序调用。

How can I hook the call to goo function? I'm not looking for a global hook, I just want to override calls made by application I wrote.

推荐答案

有库微软研究所提供的所谓Detours： http://research.microsoft.com/en-us /项目/绕路/ 。您可以使用它在Windows中重新路由任何API调用。

There is library called Detours provided by Microsoft Research: http://research.microsoft.com/en-us/projects/detours/. You can use it to re-route any API call in Windows.

它完全符合你的描述 - 而不是调用Win32 API，你的函数被调用。在这个功能中，你可以自由地做你想要的，例如您可以再次拨打原来的Win32功能，或者您可以立即返回故障代码或任何您喜欢的。

It does exactly what you describe -- instead of calling into Win32 API, your function gets called. Within that function you are free to do what you want, e.g. you can call again to the original Win32 function or you can return failure code right away or anything you like.

Detours的Express版是免费的，但是对于x86架构上的非商业用途是有限的。

Express edition of Detours is free, but it is limited for non-commercial use on x86 architecture.

这篇关于挂起从DLL调用的WinAPI函数的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！