From f01c97ea167167cad28f7b57afa7abe5ffd27fbc Mon Sep 17 00:00:00 2001 From: James Tabor Date: Sat, 5 Oct 2013 19:57:22 +0000 Subject: [PATCH 1/1] [Win32ss] - Add support for loading hook modules. svn path=/trunk/; revision=60539 --- reactos/win32ss/include/callback.h | 3 ++ reactos/win32ss/user/ntuser/callback.c | 6 +++ reactos/win32ss/user/ntuser/callback.h | 2 + reactos/win32ss/user/ntuser/hook.c | 8 ++++ reactos/win32ss/user/ntuser/message.c | 4 ++ reactos/win32ss/user/user32/windows/hook.c | 48 ++++++++++++++++------ 6 files changed, 59 insertions(+), 12 deletions(-) diff --git a/reactos/win32ss/include/callback.h b/reactos/win32ss/include/callback.h index e1452035f44..2149242005f 100644 --- a/reactos/win32ss/include/callback.h +++ b/reactos/win32ss/include/callback.h @@ -49,7 +49,10 @@ typedef struct _HOOKPROC_CALLBACK_ARGUMENTS WPARAM wParam; LPARAM lParam; HOOKPROC Proc; + INT Mod; + ULONG_PTR offPfn; BOOLEAN Ansi; + WCHAR ModuleName[512]; } HOOKPROC_CALLBACK_ARGUMENTS, *PHOOKPROC_CALLBACK_ARGUMENTS; typedef struct _HOOKPROC_CBT_CREATEWND_EXTRA_ARGUMENTS diff --git a/reactos/win32ss/user/ntuser/callback.c b/reactos/win32ss/user/ntuser/callback.c index 5a253ea57a5..fc38fb583f6 100644 --- a/reactos/win32ss/user/ntuser/callback.c +++ b/reactos/win32ss/user/ntuser/callback.c @@ -448,6 +448,8 @@ co_IntCallHookProc(INT HookId, WPARAM wParam, LPARAM lParam, HOOKPROC Proc, + INT Mod, + ULONG_PTR offPfn, BOOLEAN Ansi, PUNICODE_STRING ModuleName) { @@ -575,7 +577,11 @@ co_IntCallHookProc(INT HookId, Common->wParam = wParam; Common->lParam = lParam; Common->Proc = Proc; + Common->Mod = Mod; + Common->offPfn = offPfn; Common->Ansi = Ansi; + RtlZeroMemory(&Common->ModuleName, sizeof(Common->ModuleName)); + RtlCopyMemory(&Common->ModuleName, ModuleName->Buffer, ModuleName->Length); Extra = (PCHAR) Common + sizeof(HOOKPROC_CALLBACK_ARGUMENTS); switch(HookId) diff --git a/reactos/win32ss/user/ntuser/callback.h b/reactos/win32ss/user/ntuser/callback.h index 6c089a371b6..68821294c58 100644 --- a/reactos/win32ss/user/ntuser/callback.h +++ b/reactos/win32ss/user/ntuser/callback.h @@ -29,6 +29,8 @@ co_IntCallHookProc(INT HookId, WPARAM wParam, LPARAM lParam, HOOKPROC Proc, + INT Mod, + ULONG_PTR offPfn, BOOLEAN Ansi, PUNICODE_STRING ModuleName); diff --git a/reactos/win32ss/user/ntuser/hook.c b/reactos/win32ss/user/ntuser/hook.c index 556cff658af..13a322c44cc 100644 --- a/reactos/win32ss/user/ntuser/hook.c +++ b/reactos/win32ss/user/ntuser/hook.c @@ -349,6 +349,8 @@ co_CallHook( INT HookId, wParam, lParam, phk->Proc, + phk->ihmod, + phk->offPfn, phk->Ansi, &phk->ModuleName); @@ -373,6 +375,8 @@ co_HOOK_CallHookNext( PHOOK Hook, wParam, lParam, Hook->Proc, + Hook->ihmod, + Hook->offPfn, Hook->Ansi, &Hook->ModuleName); } @@ -1233,6 +1237,8 @@ co_HOOK_CallHooks( INT HookId, wParam, lParam, Hook->Proc, + Hook->ihmod, + Hook->offPfn, Hook->Ansi, &Hook->ModuleName); if (ClientInfo) @@ -1309,6 +1315,8 @@ co_HOOK_CallHooks( INT HookId, wParam, lParam, Hook->Proc, + Hook->ihmod, + Hook->offPfn, Hook->Ansi, &Hook->ModuleName); } diff --git a/reactos/win32ss/user/ntuser/message.c b/reactos/win32ss/user/ntuser/message.c index 0542e593de4..2151f0f044d 100644 --- a/reactos/win32ss/user/ntuser/message.c +++ b/reactos/win32ss/user/ntuser/message.c @@ -2698,6 +2698,8 @@ NtUserMessageCall( HWND hWnd, ((ClientInfo->CI_flags & CI_CURTHPRHOOK) ? 1 : 0), (LPARAM)&CWP, Hook->Proc, + Hook->ihmod, + Hook->offPfn, Hook->Ansi, &Hook->ModuleName); } @@ -2715,6 +2717,8 @@ NtUserMessageCall( HWND hWnd, ((ClientInfo->CI_flags & CI_CURTHPRHOOK) ? 1 : 0), (LPARAM)&CWPR, Hook->Proc, + Hook->ihmod, + Hook->offPfn, Hook->Ansi, &Hook->ModuleName); } diff --git a/reactos/win32ss/user/user32/windows/hook.c b/reactos/win32ss/user/user32/windows/hook.c index cfe2a82c6f5..35ea4e7bc73 100644 --- a/reactos/win32ss/user/user32/windows/hook.c +++ b/reactos/win32ss/user/user32/windows/hook.c @@ -567,13 +567,34 @@ User32CallHookProcFromKernel(PVOID Arguments, ULONG ArgumentLength) CWPRETSTRUCT *pCWPR; PRECTL prl; LPCBTACTIVATESTRUCT pcbtas; + HOOKPROC Proc; WPARAM wParam = 0; LPARAM lParam = 0; LRESULT Result = 0; BOOL Hit = FALSE; + HMODULE mod = NULL; Common = (PHOOKPROC_CALLBACK_ARGUMENTS) Arguments; + Proc = Common->Proc; + // HookProc Justin Case module is from another process. + if (Common->offPfn && Common->Mod) + { + if (!(mod = GetModuleHandleW((LPCWSTR)Common->ModuleName))) + { + TRACE("Reloading Hook Module.\n"); + if (!(mod = LoadLibraryExW((LPCWSTR)Common->ModuleName, NULL, LOAD_WITH_ALTERED_SEARCH_PATH))) + { + ERR("Failed to load Hook Module.\n"); + } + } + if (mod) + { + TRACE("Loading Hook Module.\n"); + Proc = (HOOKPROC)((char *)mod + Common->offPfn); + } + } + switch(Common->HookId) { case WH_CBT: @@ -613,15 +634,16 @@ User32CallHookProcFromKernel(PVOID Arguments, ULONG ArgumentLength) lParam = Common->lParam; break; default: + if (mod) FreeLibrary(mod); ERR("HCBT_ not supported = %d\n", Common->Code); return ZwCallbackReturn(NULL, 0, STATUS_NOT_SUPPORTED); } - if (Common->Proc) + if (Proc) { _SEH2_TRY { - Result = Common->Proc(Common->Code, wParam, lParam); + Result = Proc(Common->Code, wParam, lParam); } _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) { @@ -631,7 +653,7 @@ User32CallHookProcFromKernel(PVOID Arguments, ULONG ArgumentLength) } else { - ERR("Null Proc! Common = 0x%x, Proc = 0x%x\n",Common,Common->Proc); + ERR("Null Proc! Common = 0x%x, Proc = 0x%x\n",Common,Proc); } switch(Common->Code) { @@ -649,19 +671,19 @@ User32CallHookProcFromKernel(PVOID Arguments, ULONG ArgumentLength) //ERR("WH_KEYBOARD_LL: Code %d, wParam %d\n",Common->Code,Common->wParam); pKeyboardLlData = (PKBDLLHOOKSTRUCT)((PCHAR) Common + Common->lParam); RtlCopyMemory(&KeyboardLlData, pKeyboardLlData, sizeof(KBDLLHOOKSTRUCT)); - Result = Common->Proc(Common->Code, Common->wParam, (LPARAM) &KeyboardLlData); + Result = Proc(Common->Code, Common->wParam, (LPARAM) &KeyboardLlData); break; case WH_MOUSE_LL: //ERR("WH_MOUSE_LL: Code %d, wParam %d\n",Common->Code,Common->wParam); pMouseLlData = (PMSLLHOOKSTRUCT)((PCHAR) Common + Common->lParam); RtlCopyMemory(&MouseLlData, pMouseLlData, sizeof(MSLLHOOKSTRUCT)); - Result = Common->Proc(Common->Code, Common->wParam, (LPARAM) &MouseLlData); + Result = Proc(Common->Code, Common->wParam, (LPARAM) &MouseLlData); break; case WH_MOUSE: /* SEH support */ pMHook = (PMOUSEHOOKSTRUCT)((PCHAR) Common + Common->lParam); _SEH2_TRY { - Result = Common->Proc(Common->Code, Common->wParam, (LPARAM) pMHook); + Result = Proc(Common->Code, Common->wParam, (LPARAM) pMHook); } _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) { @@ -683,7 +705,7 @@ User32CallHookProcFromKernel(PVOID Arguments, ULONG ArgumentLength) pCWP->lParam); pCWP->lParam = (LPARAM)((PCHAR)pCWP + sizeof(CWPSTRUCT)); } - Result = Common->Proc(Common->Code, Common->wParam, (LPARAM) pCWP); + Result = Proc(Common->Code, Common->wParam, (LPARAM) pCWP); HeapFree(GetProcessHeap(), 0, pCWP); break; case WH_CALLWNDPROCRET: @@ -697,7 +719,7 @@ User32CallHookProcFromKernel(PVOID Arguments, ULONG ArgumentLength) pCWPR->lParam); pCWPR->lParam = (LPARAM)((PCHAR)pCWPR + sizeof(CWPRETSTRUCT)); } - Result = Common->Proc(Common->Code, Common->wParam, (LPARAM) pCWPR); + Result = Proc(Common->Code, Common->wParam, (LPARAM) pCWPR); HeapFree(GetProcessHeap(), 0, pCWPR); break; case WH_MSGFILTER: /* All SEH support */ @@ -709,7 +731,7 @@ User32CallHookProcFromKernel(PVOID Arguments, ULONG ArgumentLength) // ERR("pMsg %d pcMsg %d\n",pMsg->message, pcMsg->message); _SEH2_TRY { - Result = Common->Proc(Common->Code, Common->wParam, (LPARAM) pcMsg); + Result = Proc(Common->Code, Common->wParam, (LPARAM) pcMsg); } _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) { @@ -722,12 +744,12 @@ User32CallHookProcFromKernel(PVOID Arguments, ULONG ArgumentLength) break; case WH_KEYBOARD: case WH_SHELL: - Result = Common->Proc(Common->Code, Common->wParam, Common->lParam); + Result = Proc(Common->Code, Common->wParam, Common->lParam); break; case WH_FOREGROUNDIDLE: /* <-- SEH support */ _SEH2_TRY { - Result = Common->Proc(Common->Code, Common->wParam, Common->lParam); + Result = Proc(Common->Code, Common->wParam, Common->lParam); } _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) { @@ -736,12 +758,14 @@ User32CallHookProcFromKernel(PVOID Arguments, ULONG ArgumentLength) _SEH2_END; break; default: + if (mod) FreeLibrary(mod); return ZwCallbackReturn(NULL, 0, STATUS_NOT_SUPPORTED); } if (Hit) { - ERR("Hook Exception! Id: %d, Code %d, Proc 0x%x\n",Common->HookId,Common->Code,Common->Proc); + ERR("Hook Exception! Id: %d, Code %d, Proc 0x%x\n",Common->HookId,Common->Code,Proc); } + if (mod) FreeLibrary(mod); return ZwCallbackReturn(&Result, sizeof(LRESULT), STATUS_SUCCESS); } -- 2.17.1