IntLoadHookModule(int iHookID, HHOOK hHook, BOOL Unload)
{
PPROCESSINFO ppi;
- HMODULE hmod;
+ BOOL bResult;
ppi = PsGetCurrentProcessWin32Process();
- ERR("IntLoadHookModule. Client PID: %d\n", PsGetProcessId(ppi->peProcess));
+ ERR("IntLoadHookModule. Client PID: %p\n", PsGetProcessId(ppi->peProcess));
/* Check if this is the api hook */
if(iHookID == WH_APIHOOK)
ppi->W32PF_flags |= W32PF_APIHOOKLOADED;
/* Call ClientLoadLibrary in user32 */
- hmod = co_IntClientLoadLibrary(&strUahModule, &strUahInitFunc, Unload, TRUE);
- TRACE("co_IntClientLoadLibrary returned %d\n", hmod );
- if(hmod == 0)
+ bResult = co_IntClientLoadLibrary(&strUahModule, &strUahInitFunc, Unload, TRUE);
+ TRACE("co_IntClientLoadLibrary returned %d\n", bResult );
+ if (!bResult)
{
/* Remove the flag we set before */
ppi->W32PF_flags &= ~W32PF_APIHOOKLOADED;
- return FALSE;
}
- return TRUE;
+ return bResult;
}
else if(Unload && (ppi->W32PF_flags & W32PF_APIHOOKLOADED))
{
/* Call ClientLoadLibrary in user32 */
- hmod = co_IntClientLoadLibrary(NULL, NULL, Unload, TRUE);
- if(hmod != 0)
+ bResult = co_IntClientLoadLibrary(NULL, NULL, Unload, TRUE);
+ if (bResult)
{
ppi->W32PF_flags &= ~W32PF_APIHOOKLOADED;
- return TRUE;
}
- return FALSE;
+ return bResult;
}
return TRUE;
ERR("IntHookModuleUnloaded: iHookID=%d\n", iHookID);
- ppiCsr = PsGetProcessWin32Process(CsrProcess);
+ ppiCsr = PsGetProcessWin32Process(gpepCSRSS);
ListEntry = pdesk->PtiList.Flink;
while(ListEntry != &pdesk->PtiList)
{
if(ptiCurrent->ppi->W32PF_flags & W32PF_APIHOOKLOADED)
{
- TRACE("IntHookModuleUnloaded: sending message to PID %d, ppi=0x%x\n", PsGetProcessId(ptiCurrent->ppi->peProcess), ptiCurrent->ppi);
+ TRACE("IntHookModuleUnloaded: sending message to PID %p, ppi=%p\n", PsGetProcessId(ptiCurrent->ppi->peProcess), ptiCurrent->ppi);
co_MsqSendMessageAsync( ptiCurrent,
0,
iHookID,
BOOL
FASTCALL
-UserLoadApiHook()
+UserLoadApiHook(VOID)
{
return IntLoadHookModule(WH_APIHOOK, 0, FALSE);
}
PPROCESSINFO ppiCsr;
pti = PsGetCurrentThreadWin32Thread();
- ppiCsr = PsGetProcessWin32Process(CsrProcess);
+ ppiCsr = PsGetProcessWin32Process(gpepCSRSS);
/* Fail if the api hook is already registered */
if(gpsi->dwSRVIFlags & SRVINFO_APIHOOK)
return FALSE;
}
- ERR("UserRegisterUserApiHook. Server PID: %d\n", PsGetProcessId(pti->ppi->peProcess));
+ ERR("UserRegisterUserApiHook. Server PID: %p\n", PsGetProcessId(pti->ppi->peProcess));
/* Register the api hook */
gpsi->dwSRVIFlags |= SRVINFO_APIHOOK;
BOOL
FASTCALL
-UserUnregisterUserApiHook()
+UserUnregisterUserApiHook(VOID)
{
PTHREADINFO pti;
return FALSE;
}
- ERR("UserUnregisterUserApiHook. Server PID: %d\n", PsGetProcessId(pti->ppi->peProcess));
+ ERR("UserUnregisterUserApiHook. Server PID: %p\n", PsGetProcessId(pti->ppi->peProcess));
/* Unregister the api hook */
gpsi->dwSRVIFlags &= ~SRVINFO_APIHOOK;
BOOL Block = FALSE;
ULONG_PTR uResult = 0;
- if (Hook->Thread)
- pti = Hook->Thread->Tcb.Win32Thread;
+ if (Hook->ptiHooked)
+ pti = Hook->ptiHooked;
else
pti = Hook->head.pti;
/* FIXME: Should get timeout from
* HKEY_CURRENT_USER\Control Panel\Desktop\LowLevelHooksTimeout */
- Status = co_MsqSendMessage( pti->MessageQueue,
+ Status = co_MsqSendMessage( pti,
IntToPtr(Code), // hWnd
Hook->HookId, // Msg
wParam,
wParam,
lParam,
phk->Proc,
+ phk->ihmod,
+ phk->offPfn,
phk->Ansi,
&phk->ModuleName);
wParam,
lParam,
Hook->Proc,
+ Hook->ihmod,
+ Hook->offPfn,
Hook->Ansi,
&Hook->ModuleName);
}
if (BadChk)
{
ERR("HOOK WH_DEBUG read from Debug.lParam ERROR!\n");
- ExFreePool(HooklParam);
+ ExFreePoolWithTag(HooklParam, TAG_HOOK);
return lResult;
}
}
return NULL;
}
- Hook = (PHOOK)UserGetObject(gHandleTable, hHook, otHook);
+ Hook = (PHOOK)UserGetObject(gHandleTable, hHook, TYPE_HOOK);
if (!Hook)
{
EngSetLastError(ERROR_INVALID_HOOK_HANDLE);
PLIST_ENTRY pLastHead, pElem;
PTHREADINFO pti;
- if (Hook->Thread)
+ if (Hook->ptiHooked)
{
- pti = ((PTHREADINFO)Hook->Thread->Tcb.Win32Thread);
+ pti = Hook->ptiHooked;
pLastHead = &pti->aphkStart[HOOKID_TO_INDEX(HookId)];
}
else
Hook->ModuleName.Buffer = NULL;
}
/* Close handle */
- UserDeleteObject(UserHMGetHandle(Hook), otHook);
+ UserDeleteObject(UserHMGetHandle(Hook), TYPE_HOOK);
}
/* Remove a hook, freeing it from the chain */
HookId = Hook->HookId;
- if (Hook->Thread) // Local
+ if (Hook->ptiHooked) // Local
{
- pti = ((PTHREADINFO)Hook->Thread->Tcb.Win32Thread);
+ pti = Hook->ptiHooked;
IntFreeHook( Hook);
pti->fsHooks &= ~HOOKID_TO_FLAG(HookId);
_SEH2_TRY
{
- GetWin32ClientInfo()->fsHooks = pti->fsHooks;
+ pti->pClientInfo->fsHooks = pti->fsHooks;
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
+ /* Do nothing */
+ (void)0;
}
_SEH2_END;
}
if (!pti || !pdo)
{
- ERR("Kill Thread Hooks pti 0x%x pdo 0x%x\n",pti,pdo);
+ ERR("Kill Thread Hooks pti %p pdo %p\n", pti, pdo);
return;
}
}
}
pti->fsHooks = 0;
+ pti->pClientInfo->fsHooks = 0;
}
// Global search based on Thread and cleanup.
if (pdo->pDeskInfo->fsHooks)
wParam,
lParam,
Hook->Proc,
+ Hook->ihmod,
+ Hook->offPfn,
Hook->Ansi,
&Hook->ModuleName);
if (ClientInfo)
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
+ /* Do nothing */
+ (void)0;
}
_SEH2_END;
}
*/
for(i = 0; pHookHandles[i]; ++i)
{
- Hook = (PHOOK)UserGetObject(gHandleTable, pHookHandles[i], otHook);
+ Hook = (PHOOK)UserGetObject(gHandleTable, pHookHandles[i], TYPE_HOOK);
if(!Hook)
{
ERR("Invalid hook!\n");
if ( (pti->TIF_flags & TIF_DISABLEHOOKS) || (ptiHook->TIF_flags & TIF_INCLEANUP))
{
- TRACE("Next Hook 0x%x, 0x%x\n",ptiHook->rpdesk,pdo);
+ TRACE("Next Hook %p, %p\n", ptiHook->rpdesk, pdo);
continue;
}
wParam,
lParam,
Hook->Proc,
+ Hook->ihmod,
+ Hook->offPfn,
Hook->Ansi,
&Hook->ModuleName);
}
UNICODE_STRING ModuleName;
NTSTATUS Status;
HHOOK Handle;
- PETHREAD Thread = NULL;
PTHREADINFO pti, ptiHook = NULL;
DECLARE_RETURN(HHOOK);
RETURN( NULL);
}
- if (!NT_SUCCESS(PsLookupThreadByThreadId((HANDLE)(DWORD_PTR) ThreadId, &Thread)))
+ if ( !(ptiHook = IntTID2PTI( (HANDLE)ThreadId )))
{
ERR("Invalid thread id 0x%x\n", ThreadId);
EngSetLastError(ERROR_INVALID_PARAMETER);
RETURN( NULL);
}
- ptiHook = Thread->Tcb.Win32Thread;
-
- ObDereferenceObject(Thread);
-
if ( ptiHook->rpdesk != pti->rpdesk) // gptiCurrent->rpdesk)
{
ERR("Local hook wrong desktop HookId: %d\n",HookId);
RETURN( NULL);
}
- if (Thread->ThreadsProcess != PsGetCurrentProcess())
+ if (ptiHook->ppi != pti->ppi)
{
if ( !Mod &&
(HookId == WH_GETMESSAGE ||
}
ObDereferenceObject(WinStaObj);
- Hook = UserCreateObject(gHandleTable, NULL, (PHANDLE)&Handle, otHook, sizeof(HOOK));
+ Hook = UserCreateObject(gHandleTable, NULL, NULL, (PHANDLE)&Handle, TYPE_HOOK, sizeof(HOOK));
if (!Hook)
{
}
Hook->ihmod = (INT)Mod; // Module Index from atom table, Do this for now.
- Hook->Thread = Thread; /* Set Thread, Null is Global. */
Hook->HookId = HookId;
Hook->rpdesk = ptiHook->rpdesk;
Hook->phkNext = NULL; /* Dont use as a chain! Use link lists for chaining. */
Hook->Proc = HookProc;
Hook->Ansi = Ansi;
- TRACE("Set Hook Desk 0x%x DeskInfo 0x%x Handle Desk 0x%x\n",pti->rpdesk, pti->pDeskInfo,Hook->head.rpdesk);
+ TRACE("Set Hook Desk %p DeskInfo %p Handle Desk %p\n", pti->rpdesk, pti->pDeskInfo, Hook->head.rpdesk);
if (ThreadId) /* Thread-local hook */
{
}
Hook->ModuleName.Length = ModuleName.Length;
+ //// FIXME: Need to load from user32 to verify hMod before calling hook with hMod set!!!!
+ //// Mod + offPfn == new HookProc Justin Case module is from another process.
+ FIXME("NtUserSetWindowsHookEx Setting process hMod instance addressing.\n");
/* Make proc relative to the module base */
Hook->offPfn = (ULONG_PTR)((char *)HookProc - (char *)Mod);
}
RETURN( Handle);
CLEANUP:
- TRACE("Leave NtUserSetWindowsHookEx, ret=%i\n",_ret_);
+ TRACE("Leave NtUserSetWindowsHookEx, ret=%p\n", _ret_);
UserLeave();
END_CLEANUP;
}