CreateFileW - Why my hook is restarted ?

LeVuHoang · Post by **LeVuHoang** » Sun Mar 27, 2005 3:02 pm

hello all,
I tried to hook CreateFileW but when I clicked on button to start the hook. My PC was restarted.

library HookFileAPIs;

{$IMAGEBASE $59800000}

uses
  madCodeHook,
  Windows,
  Dialogs,
  SysUtils,
  Registry;

type
  TFileRequest = record
    fName    : Array [0..MAX_PATH] of Char; // file name
    Process1 : Array [0..MAX_PATH] of Char; // query process
  end; { TFileRequest }

var
  StartupFolder   : String;

  CreateFileWNext : function (lpFileName: PWideChar; dwDesiredAccess, dwShareMode: DWORD; lpSecurityAttributes: PSecurityAttributes; dwCreationDisposition, dwFlagsAndAttributes: DWORD; hTemplateFile: THandle): THandle; stdcall;


function CreateFileWCallback(lpFileName: PWideChar; dwDesiredAccess, dwShareMode: DWORD; lpSecurityAttributes: PSecurityAttributes; dwCreationDisposition, dwFlagsAndAttributes: DWORD; hTemplateFile: THandle): THandle; stdcall;
begin
  Result :=CreateFileWNext(lpFileName, dwDesiredAccess, dwShareMode, lpSecurityAttributes, dwCreationDisposition, dwFlagsAndAttributes, hTemplateFile);
end; { CreateFileWCallback }

var
  Reg : TRegistry;
begin
  Reg :=TRegistry.Create;
  Reg.RootKey :=HKEY_CURRENT_USER;
  Reg.OpenKey('\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders', True);
  StartupFolder :=LowerCase(Reg.ReadString('Startup'));
  Reg.CloseKey;
  Reg.Free;

  HookAPI('kernel32.dll', 'CreateFileW', @CreateFileWCallback, @CreateFileWNext);
end.

Thank you.

uall · Post by **uall** » Sun Mar 27, 2005 3:55 pm

do u use the library in a system wide hook?

Post by **madshi** » Sun Mar 27, 2005 7:11 pm

Don't use "Dialogs" in a hook dll! That way you're linking the whole VCL into your hook dll. And that violates the hooking rules (see documentation).

Try to get along with as few units as possible. E.g. try to get along without Dialogs, SysUtils and Registry. "Windows.pas" is your friend (when writing hook dlls).