I'm using madCodeHook 2.2e now for a while (commercial user, static microsoft library, Visual Studio .NET 2003, C++) with no problems so far.
But today I needed to hook kernel32 DeviceIoControl and running into trouble. I used exactly the same technique like for all my hooks, but already my first base test with a hook which does nothing than call the original function leads to an instable system (XP SP2).
If I start a program after installing the hook (e.g. explorer), I get error messages like "The instruction at 0x77dfc566 referenced memory at 0x00390008. The memory could not be written." After unhooking, programs behave normally again. (Ok, in case of explorer my system is messed up afterwards.)
I looked a thousend times over my code to see if I did some parameter swapping or another silly mistake, but I can find nothing wrong.
Anyway, here is the related code I use:
BOOL (WINAPI *DeviceIoControlNext)(
HANDLE hDevice, DWORD dwIoControlCode, LPVOID lpInBuffer,
DWORD nInBufferSize, LPVOID lpOutBuffer, DWORD nOutBufferSize, LPDWORD lpBytesReturned, LPOVERLAPPED lpOverlapped);
HANDLE hDevice, DWORD dwIoControlCode, LPVOID lpInBuffer, DWORD nInBufferSize, LPVOID lpOutBuffer, DWORD nOutBufferSize, LPDWORD lpBytesReturned, LPOVERLAPPED lpOverlapped)
// Beep (5000, 10);
return DeviceIoControlNext(hDevice, dwIoControlCode, lpInBuffer,
nInBufferSize, lpOutBuffer, nOutBufferSize, lpBytesReturned, lpOverlapped);
HookAPI("kernel32.dll", "DeviceIoControl", DeviceIoControlCallback, (PVOID*) &DeviceIoControlNext);
Also tried the flags SAFE_HOOKING and MIXTURE_MODE with no success.
So can masdshi or someone else tell me what goes wrong or if someone could successfully hook this particular API function?
Any help is greatly appreciated!