static LRESULT WINAPI GetMsgProc(int code, WPARAM wParam, LPARAM lParam)
{
return ::CallNextHookEx(g_hHook, code, wParam, lParam);
}BOOL WINAPI SetSysHook(BOOL bInstall, DWORD dwThreadId)
{
BOOL bOk;
if(bInstall)
{
g_hHook = ::SetWindowsHookEx(WH_GETMESSAGE, GetMsgProc,
ModuleFromAddress(GetMsgProc), dwThreadId);
bOk = (g_hHook != NULL);
}
else
{
bOk = ::UnhookWindowsHookEx(g_hHook);
g_hHook = NULL;
}
return bOk;
}
当dwThreadId为安装钩子的App程序中的::GetCurrentThreadId()时注入该App没问题,但不是我想要的,我想注入系统范围内的,所以dwThreadId为0传入,但一执行到SetWindowsHookEx这里就崩溃,提示为:xx内存不能为 "written"
static HMODULE ModuleFromAddress(PVOID pv)
{
MEMORY_BASIC_INFORMATION mbi;
if(::VirtualQuery(pv, &mbi, sizeof(mbi)) != 0)
{
return (HMODULE)mbi.AllocationBase;
}
else
{
return NULL;
}
}
ModuleFromAddress(GetMsgProc), dwThreadId);
============
第三个参数一般是所在DLL的模块句柄,没仔细看你所写的函数,一般的做法是在DllMain中保存这个句柄,然后当作第三个参数来用,不用这样麻烦。
LPVOID lpvReserved // reserved
);
第一个参数,你在DLL中保存这个参数,然后传给SetWindowsHookEx不很方便吗?
g_hHook = ::SetWindowsHookEx(WH_GETMESSAGE, GetMsgProc,
ModuleFromAddress(SetSysHook), dwThreadId);