我正在使用EasyHook对DrawTextW进行挂钩调用,同时使用记事本进行测试,如果我打开帮助 - >关于,它按预期捕获屏幕上显示的所有文本。但是,如果我打开文件 - >打开,记事本崩溃。我不希望它捕获任何文本,但我无法理解为什么记事本会崩溃。任何帮助将不胜感激。
using EasyHook;
using System;
using System.Text;
using System.Runtime.InteropServices;
using System.Threading;
using UI;
namespace MyClassLibrary
{
public class Main : IEntryPoint
{
[StructLayout(LayoutKind.Sequential)]
public struct HDC__
{
public int unused;
}
[StructLayout(LayoutKind.Sequential)]
public struct tagRECT
{
public int left;
public int top;
public int right;
public int bottom;
}
[DllImport("user32.dll", EntryPoint = "DrawTextW")]
public static extern int DrawTextW([In()] IntPtr hdc, [MarshalAs(UnmanagedType.LPWStr)] StringBuilder lpchText, int cchText, ref tagRECT lprc, uint format);
[UnmanagedFunctionPointer(CallingConvention.StdCall, CharSet = CharSet.Unicode, SetLastError = true)]
public delegate int TDrawTextW(
[In()] IntPtr hdc,
[MarshalAs(UnmanagedType.LPWStr)]
StringBuilder lpchText,
int cchText,
ref tagRECT lprc,
uint format);
static string ChannelName;
RemoteMon Interface;
LocalHook DrawTextWHook;
public Main(RemoteHooking.IContext InContext, String InChannelName)
{
try
{
Interface = RemoteHooking.IpcConnectClient<RemoteMon>(InChannelName);
ChannelName = InChannelName;
Interface.IsInstalled(RemoteHooking.GetCurrentProcessId());
}
catch (Exception ex)
{
Interface.ErrorHandler(ex);
}
}
static int hkDrawTextW(
[In()] IntPtr hdc,
[MarshalAs(UnmanagedType.LPWStr)]
StringBuilder lpchText,
int cchText,
ref tagRECT lprc,
uint format)
{
try
{
((Main)HookRuntimeInfo.Callback).Interface.GotDrawTextW(lpchText);
return DrawTextW(hdc, lpchText, cchText, ref lprc, format);
}
catch (Exception ex)
{
((Main)HookRuntimeInfo.Callback).Interface.ErrorHandler(ex);
return 0;
}
}
public void Run(RemoteHooking.IContext InContext, String InChannelName)
{
try
{
DrawTextWHook = LocalHook.Create(LocalHook.GetProcAddress("user32.dll", "DrawTextW"),
new TDrawTextW(hkDrawTextW), this);
DrawTextWHook.ThreadACL.SetExclusiveACL(new Int32[] { 0 });
}
catch (Exception ex)
{
Interface.ErrorHandler(ex);
}
try
{
RemoteHooking.WakeUpProcess();
}
catch (Exception ex)
{
Interface.ErrorHandler(ex);
}
while (true)
{
Thread.Sleep(10000);
}
}
}
}
答案 0 :(得分:0)
在“打开”对话框显示时,将文本编组到StringBuilder时出现问题。我不是100%确定原因,但可能是COM初始化字符串与使用malloc初始化的字符串之间的区别?我过去经历过字符串的编组问题,这取决于它们的底层内存是如何初始化的。
解决方案是使用String而不是StringBuilder作为text参数。使用字符串参数替换extern,delegate和其他适当的区域:
[DllImport("user32.dll", EntryPoint = "DrawTextW")]
public static extern int DrawTextW([In()] IntPtr hdc, [MarshalAs(UnmanagedType.LPWStr)] String lpchText, int cchText, ref tagRECT lprc, uint format);
[UnmanagedFunctionPointer(CallingConvention.StdCall, CharSet = CharSet.Unicode, SetLastError = true)]
public delegate int TDrawTextW(
[In()] IntPtr hdc,
[MarshalAs(UnmanagedType.LPWStr)]
String lpchText,
int cchText,
ref tagRECT lprc,
uint format);
static int hkDrawTextW(
[In()] IntPtr hdc,
[MarshalAs(UnmanagedType.LPWStr)]
String lpchText,
int cchText,
ref tagRECT lprc,
uint format)
{
...
}