Can I get function pointers for hooking from COM Dispatch Interface? ( not dual interface )_问答_开发者

Can I get function pointers for hooking from COM Dispatch Interface? ( not dual interface )

开发者 https://www.devze.com 2023-03-08 08:41 出处：网络

May I ask something about hooki开发者_开发知识库ng method in COM Distach Interface? Recently, I am making some utility which is kind of COM monitoring tool.

May I ask something about hooki开发者_开发知识库ng method in COM Distach Interface?

Recently, I am making some utility which is kind of COM monitoring tool.

and I'm trying to hook Com object's interface while running time.

for that, I needed to use type lib.

following is a outline of my codes.

// Load Type Lib.
LoadRegTypeLib( TypeLibCLSID , wMajorVersion , wMinorVersion , lcid  , &pTypeLib );

// Get Function Descriptor
pInterfaceTypeInfo->GetFuncDesc( iii , &pfuncdesc );

// Create Instance and Get Interface
CoCreateInstance( pClassAttr->guid , NULL, ClassContext,  pInterfaceAttr->guid , (void**)&pUnknownObject );

// Get VTable
dwOrgFunctionPointer = *(DWORD*)pUnknownObject;

// adjust offset
dwOrgFunctionPointer += pfuncdesc->oVft;

// Get Function Pointer
dwOrgFunctionPointer = *(DWORD*)dwOrgFunctionPointer ;

// Hook
MyHookMethod( dwOrgFunctionPointer );

This was successful until I found some Com Object which has Dispatch Interface (not dual).

If some Com Object has just Dispatch Interface ( not dual ), there is no function pointers in VTable.

There are just MFC's function pointers like a GetTypeInfoCount, GetTypeInfo, GetIDsOfNames, Invoke.

moreover, pfuncdesc->oVft is always 0 for all functions belongs to that interface.

I know that I shoud use 'Invoke' method when I use these kind of com objects.

But problem is that Im trying to hook. I need function pointers.

How can I get those function pointers from IDispatch ?

There are only MFC's function pointers in IDispatch->vtable.

any advice will be appreciated.

Thnak you.

To Hook IDispatch, you can hook/shim all the methods of IDispatch, probably focussing mostly on Invoke. A key thing to remember is that IDispatch is that it is a very special interface. While COM rules ensure that QI for IID_IDispatch returns a single implementation, other interfaces derived from IDispatch can choose to have their own separate implementations of Invoke et al. Which means that casting to IDispatch can yield different results from QI-ing for it. I find this behaviour confusing but some classic AX scenarios require it.

Having said that, I strongly recommend against hooking in this way except perhaps for debugging purposes. Do not ship code that works this way in real app code. It will turn out to be very unstable.

Martyn