Ok, i didn't go into details because i though it was off topic.
However, I have hooked Connect() so i can control / arbitrate access to
given IP's. My system appeared stable but then started to produce random
problems with Windows Update. When injected into, iexplorer.exe which is
*hosting* the update will crash or raise a Dr Watson exception.
If i remove my code, and simply relay the call onto the real API then all
works fine. Therefore, the problem must be with my code.
All I am trying to do from within the hook it copy the IP address and then
make an IPC call to see if it is allowed. Something like:
function ConnectCallback(s : TSocket; const name : PSockAddr; namelen :
Integer) : Integer; stdcall;
var
iIPCRtn : Integer;
szPacket : string;
iIPAddr : Cardinal;
begin
// Copy the numeric IP address section of the SockAddr structure
move(name^.sin_addr.S_addr, iIPAddr, sizeof(iIPAddr));
// Check for loop-back address - no need to process.
if (iIPAddr <>$100007F) then
begin
iIPCRtn := 0;
szPacket := IntToStr(iIPAddr)
if ((SendIpcMessage(IPC_QUEUE_CONTROL_NAME, PChar(szPacket),
Length(szPacket), @iIPCRtn, sizeof(iIPCRtn), SEND_IPC_TIMEOUT)) and (iIPCRtn
= 1)) then
result := ConnectNxt(s, name, namelen)
else
begin
SetLastError(ERROR_ACCESS_DENIED);
WSASetLastError(WSAEACCES);
result := SOCKET_ERROR;
end;
end
else
result := ConnectNxt(s, name, namelen);
As for the issue with BCB, I am not 100% sure. However, it seems that it is
not possible to compile the madshi libraries into a BCB DLL unless it
includes vcl.h / vcl.lib. I worked with madshi sometime ago and we could
not get his libraries to compile correctly unless we include the vcl - which
was consider bad practice because it causes the injection library to be
quite large. In addition, Windows Update would fail (as I have described
above) it i injected into it with a *blank* BCB DLL, but the same did not
occur with a *blank* Delphi DLL - thus, i went for Delphi.
Any help or advice you could give Remy, would be excellent - I am really
starting to get desperate on this.
Thanks,
Mike
"Remy Lebeau (TeamB)" <
XXXX@XXXXX.COM>writes
Quote
"Mike Collins" <its@TheBottomOfThePost>writes
news:47fd8522$XXXX@XXXXX.COM...
>I'm doing some api hooking using madshi's madCodeHook. I've
>reciently started to have issues with a previously stable hook -
>winsock connect()
What kind of issues exactly?
>This got me looking at the prototype for connect(). This throw up
>issues because i have now found 3 different prototypes and I've
>no idea which one is correct.
Read the WinSock documentation
>Tomes ->connect(s : TSocket; name : PSockAddr; namelen : integer) :
>integer; stdcall
>
>Jedi ->connect(const s : TSocket; const name : PSockAddr; const namelen
>: integer) : integer; stdcall
>
>Delphi 7 winsock.pas ->connect(s : TSocket; var : TSockAddr; namelen :
>integer) : integer; stdcall
All of those declarations produce the same machine code when compiled.
Any of them should work fine. If you are having problems with hooking,
then your hook is likely implemented wrong to begin with.
>there were issues with using madCodeHook in BCB DLL's
What kind of issues exactly?
Gambit
