c ++ d3d hooking - COM vtable [英] c++ d3d hooking - COM vtable
本文介绍了c ++ d3d hooking - COM vtable的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
尝试制作一个Fraps类型的程序。
#includeprecompiled.h
typedef IDirect3D9 * STDMETHODCALLTYPE * Direct3DCreate9_t)(UINT SDKVersion);
Direct3DCreate9_t RealDirect3DCreate9 = NULL;
的typedef HRESULT(STDMETHODCALLTYPE * CreateDevice_t)(UINT适配器,D3DDEVTYPE的devicetype,HWND hFocusWindow,
DWORD BehaviorFlags,D3DPRESENT_PARAMETERS * pPresentationParameters,
**的IDirect3DDevice9 ppReturnedDeviceInterface);
CreateDevice_t RealD3D9CreateDevice = NULL;
HRESULT STDMETHODCALLTYPE HookedD3D9CreateDevice(UINT适配器,D3DDEVTYPE的devicetype,HWND hFocusWindow,
DWORD BehaviorFlags,D3DPRESENT_PARAMETERS * pPresentationParameters,
**的IDirect3DDevice9 ppReturnedDeviceInterface)
{
//这个调用使它跳到HookedDirect3DCreate9并崩溃。我做错了什么
HRESULT RET = RealD3D9CreateDevice(适配器的devicetype,hFocusWindow,BehaviorFlags,
pPresentationParameters,ppReturnedDeviceInterface);
return ret;
}
IDirect3D9 * STDMETHODCALLTYPE HookedDirect3DCreate9(UINT SDKVersion)
{
的MessageBox(0,L创建D3D,L,,0);
IDirect3D9 * d3d = RealDirect3DCreate9(SDKVersion);
UINT_PTR * pVTable =(UINT_PTR *)(*((UINT_PTR *)d3d));
RealD3D9CreateDevice =(CreateDevice_t)pVTable [16];
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)RealD3D9CreateDevice,HookedD3D9CreateDevice);如果
(!DetourTransactionCommit()= ERROR_SUCCESS)
{
的MessageBox(0,L,未能创建createdev钩,L,,0);
}
return d3d;
}
布尔APIENTRY的DllMain(HINSTANCE HMODULE,DWORD fdwReason,LPVOID lpReserved)
{
如果(fdwReason == DLL_PROCESS_ATTACH)
{
MessageBox(0,L,L,0);
RealDirect3DCreate9 =(Direct3DCreate9_t)GetProcAddress(GetModuleHandle(Ld3d9.dll),Direct3DCreate9);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)RealDirect3DCreate9,HookedDirect3DCreate9);
DetourTransactionCommit();
}
// TODO分离钩子
return true;
}
解决方案
IDirect3D9 :: CreateDevice 是:
STDMETHOD(CreateDevice) b $ b THIS_
UINT适配器,D3DDEVTYPE的devicetype,HWND hFocusWindow,
DWORD BehaviorFlags,D3DPRESENT_PARAMETERS * pPresentationParameters,
**的IDirect3DDevice9 ppReturnedDeviceInterface)PURE;
这扩展为:
的typedef HRESULT(STDMETHODCALLTYPE * CreateDevice_t)(
IDirect3D9 FAR *此,//你忘了这
UINT适配器,D3DDEVTYPE的devicetype,HWND hFocusWindow,
DWORD BehaviorFlags, D3DPRESENT_PARAMETERS * pPresentationParameters,
IDirect3DDevice9 ** ppReturnedDeviceInterface);
换句话说,你声明了 CreateDevice
此外,您可能只需要 IDirect3D9 vtable,而不是直接索引到< c $ c> #define CINTERFACE 并访问要通过 d3d-> lpVtbl-> CreateDevice 覆盖的函数。
Trying to make a Fraps type program. See comment for where it fails.
#include "precompiled.h"
typedef IDirect3D9* (STDMETHODCALLTYPE* Direct3DCreate9_t)(UINT SDKVersion);
Direct3DCreate9_t RealDirect3DCreate9 = NULL;
typedef HRESULT (STDMETHODCALLTYPE* CreateDevice_t)(UINT Adapter, D3DDEVTYPE DeviceType, HWND hFocusWindow,
DWORD BehaviorFlags, D3DPRESENT_PARAMETERS* pPresentationParameters,
IDirect3DDevice9** ppReturnedDeviceInterface);
CreateDevice_t RealD3D9CreateDevice = NULL;
HRESULT STDMETHODCALLTYPE HookedD3D9CreateDevice(UINT Adapter, D3DDEVTYPE DeviceType, HWND hFocusWindow,
DWORD BehaviorFlags, D3DPRESENT_PARAMETERS* pPresentationParameters,
IDirect3DDevice9** ppReturnedDeviceInterface)
{
// this call makes it jump to HookedDirect3DCreate9 and crashes. i'm doing something wrong
HRESULT ret = RealD3D9CreateDevice(Adapter, DeviceType, hFocusWindow, BehaviorFlags,
pPresentationParameters, ppReturnedDeviceInterface);
return ret;
}
IDirect3D9* STDMETHODCALLTYPE HookedDirect3DCreate9(UINT SDKVersion)
{
MessageBox(0, L"Creating d3d", L"", 0);
IDirect3D9* d3d = RealDirect3DCreate9(SDKVersion);
UINT_PTR* pVTable = (UINT_PTR*)(*((UINT_PTR*)d3d));
RealD3D9CreateDevice = (CreateDevice_t)pVTable[16];
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)RealD3D9CreateDevice, HookedD3D9CreateDevice);
if (DetourTransactionCommit() != ERROR_SUCCESS)
{
MessageBox(0, L"failed to create createdev hook", L"", 0);
}
return d3d;
}
bool APIENTRY DllMain(HINSTANCE hModule, DWORD fdwReason, LPVOID lpReserved)
{
if (fdwReason == DLL_PROCESS_ATTACH)
{
MessageBox(0, L"", L"", 0);
RealDirect3DCreate9 = (Direct3DCreate9_t)GetProcAddress(GetModuleHandle(L"d3d9.dll"), "Direct3DCreate9");
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)RealDirect3DCreate9, HookedDirect3DCreate9);
DetourTransactionCommit();
}
// TODO detach hooks
return true;
}
解决方案
The signature for the C interface of IDirect3D9::CreateDevice is:
STDMETHOD(CreateDevice)(
THIS_
UINT Adapter,D3DDEVTYPE DeviceType,HWND hFocusWindow,
DWORD BehaviorFlags,D3DPRESENT_PARAMETERS* pPresentationParameters,
IDirect3DDevice9** ppReturnedDeviceInterface) PURE;
Which expands to:
typedef HRESULT (STDMETHODCALLTYPE* CreateDevice_t)(
IDirect3D9 FAR *This, // you forgot this.
UINT Adapter, D3DDEVTYPE DeviceType, HWND hFocusWindow,
DWORD BehaviorFlags, D3DPRESENT_PARAMETERS* pPresentationParameters,
IDirect3DDevice9** ppReturnedDeviceInterface);
In other words, you declared the thunk for CreateDevice incorrectly.
Also, instead of directly indexing into the IDirect3D9 vtable, you might just want to #define CINTERFACE and access the function you want to override through d3d->lpVtbl->CreateDevice.
这篇关于c ++ d3d hooking - COM vtable的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
