FARPROC WINAPI CApiHookMgr::MyGetProcAddress(HMODULE hmod, PCSTR pszProcName)
{
// It is possible that multiple threads will call hooked GetProcAddress()
// API, therefore we should make it thread safe because it accesses sm_pHookedFunctions
// shared container.
CLockMgr<CCSWrapper> lockMgr(sm_CritSec, TRUE);
//
// Get the original address of the function
//
FARPROC pfn = GetProcAddressWindows(hmod, pszProcName);
//
// Attempt to locate if the function has been hijacked
//
CHookedFunction* pFuncHook =
sm_pHookedFunctions->GetHookedFunction(
hmod,
pszProcName
);
if (NULL != pFuncHook)
//
// The address to return matches an address we want to hook
// Return the hook function address instead
//
pfn = pFuncHook->Get_pfnHook();
return pfn;
}
void WINAPI CApiHookMgr::HackModuleOnLoad(HMODULE hmod, DWORD dwFlags)
{
//
// If a new module is loaded, just hook it
//
if ((hmod != NULL) && ((dwFlags & LOAD_LIBRARY_AS_DATAFILE) == 0))
{
CLockMgr<CCSWrapper> lockMgr(sm_CritSec, TRUE);
CHookedFunction* pHook;
CHookedFunctions::const_iterator itr;
for (itr = sm_pHookedFunctions->begin();
itr != sm_pHookedFunctions->end();
++itr)
{
pHook = itr->second;
pHook->ReplaceInOneModule(
pHook->Get_CalleeModName(),
pHook->Get_pfnOrig(),
pHook->Get_pfnHook(),
hmod
);
} // for
} // if
}
BOOL CApiHookMgr::HookImport(
PCSTR pszCalleeModName,
PCSTR pszFuncName,
PROC pfnHook
)
{
CLockMgr<CCSWrapper> lockMgr(sm_CritSec, TRUE);
BOOL bResult = FALSE;
PROC pfnOrig = NULL;
try
{
if (!sm_pHookedFunctions->GetHookedFunction(
pszCalleeModName,
pszFuncName
))
{
pfnOrig = GetProcAddressWindows(
::GetModuleHandleA(pszCalleeModName),
pszFuncName
);
//
// It's possible that the requested module is not loaded yet
// so lets try to load it.
//
if (NULL == pfnOrig)
{
HMODULE hmod = ::LoadLibraryA(pszCalleeModName);
if (NULL != hmod)
pfnOrig = GetProcAddressWindows(
::GetModuleHandleA(pszCalleeModName),
pszFuncName
);
} // if
if (NULL != pfnOrig)
bResult = AddHook(
pszCalleeModName,
pszFuncName,
pfnOrig,
pfnHook
);
} // if
}
catch(...)
{
} // try..catch
return bResult;
}
BOOL CApiHookMgr::UnHookImport(
PCSTR pszCalleeModName,
PCSTR pszFuncName
)
{
CLockMgr<CCSWrapper> lockMgr(sm_CritSec, TRUE);
BOOL bResult = TRUE;
try
{
bResult = RemoveHook(pszCalleeModName, pszFuncName);
}
catch (...)
{
}
return bResult;
}
//
// Setup the attribute
//
void CCustomThread::SetIsActive(BOOL bValue)
{
CLockMgr<CCSWrapper> lockMgr(m_CritSec, TRUE);
m_bThreadActive = bValue;
}
//
// Indicates whether the driver has been activated
//
BOOL CCustomThread::GetIsActive()
{
CLockMgr<CCSWrapper> lockMgr(m_CritSec, TRUE);
return m_bThreadActive;
}
