Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
C
C
Csus42018-02-27 20:53:41
C++ / C#
Csus4, 2018-02-27 20:53:41

How to pull out the pointer to the window in the intercepted EnumWindows function?

Hook on EnumWindows

//hook.h 
typedef BOOL(WINAPI *PNT_ENUMWINDOWS)(
  _In_ WNDENUMPROC lpEnumFunc,
  _In_ LPARAM      lParam
);

//hook.cpp 
PNT_ENUMWINDOWS TrueEnumWindows = (PNT_ENUMWINDOWS)::GetProcAddress(::GetModuleHandle(L"user32"), "EnumWindows");

BOOL WINAPI FalseEnumWindows(
    _In_ WNDENUMPROC lpEnumFunc,
    _In_ LPARAM      lParam
)
{
    // Если lParam содержит нужные данные, обработать их
    BOOL result = TrueEnumWindows(lpEnumFunc, lParam);
    return result;
}

As I understand it, lpEnumFunc is just a pointer to a custom callback function, and all data passed to it is encoded in lParam. How can you get them out of there?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
J
jcmvbkbc, 2018-02-27
@Csus4

As I understand it, lpEnumFunc is just a pointer to a custom callback function, and all data passed to it is encoded in lParam

You misunderstand. lParam is not all data, but only what the user wanted to transfer. lpEnumFunc has the following prototype:
BOOL CALLBACK EnumWindowsProc(
  _In_ HWND   hwnd,
  _In_ LPARAM lParam
);

and hwnd is passed to it by the EnumWindows function itself. Accordingly, to get hwnd you need to do something like this:
struct enumWindowsParams {
    WNDENUMPROC lpEnumProc;
    LPARAM lParam;
};

BOOL CALLBACK myEnumFunc(
  _In_ HWND   hwnd,
  _In_ LPARAM lParam
)
{
    // use hwnd as needed
    struct enumWindowsParams *ewp = (struct enumWindowsParams *)lParam;
    return ewp->lpEnumProc(hwnd, ewp->lParam);
}

BOOL WINAPI FalseEnumWindows(
    _In_ WNDENUMPROC lpEnumFunc,
    _In_ LPARAM      lParam
)
{
    struct enumWindowsParams ewp;
    ewp.lpEnumFunc= lpEnumFunc;
    ewp.lParam = lParam;
    BOOL result = TrueEnumWindows(myEnumFunc, (LPARAM)&ewp);
    return result;
}

Report
R
res2001, 2018-02-27
@res2001

You need to know what is encoded there.
Usually it is a pointer to some structure.
And why not:
PNT_ENUMWINDOWS TrueEnumWindows = ::EnumWindows;
?
Are you using /DEFAULTLIB for the build?

Similar questions
A
Anton2020-01-14 14:01:26
Flex blocks of shares, how to remove the indent from the last blocks in a line? 4Reply
A
ArhangelBlack2017-08-14 09:22:52
CMS with visual site structure editor? 5Reply
S
Sergey Defactov2017-08-28 22:35:39
Remove storage of images in database in base64 format? 2Reply
M
mrWan2017-09-01 23:13:01
What jquery event closes select? 3Reply
V
Valentine2017-09-08 10:48:46
What file system should be used to separate the backend and frontend? 6Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question