WindyMadman/mactype
1
0
Fork 0
mirror of https://github.com/snowie2000/mactype.git synced 2025-01-08 11:47:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
15c6c09aa4
mactype/hook.cpp

585 lines
15 KiB
C++
Raw Normal View History

fixed some bugs with PVS added MinHeight params to simulate DPI aware added support for hooking x64 child processes spawned from wow64 processes.
2016-09-08 13:45:52 +08:00
// API hook
//
// GetProcAddress<73>œ<EFBFBD><C593><EFBFBD>call<6C><6C><EFBFBD>i<EFBFBD>֐<EFBFBD><D690>{<7B>́j<CC81>𒼐ڏ<F092BC90><DA8F><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>A
// <20><><EFBFBD><EFBFBD><EFBFBD>̃t<CC83>b<EFBFBD>N<EFBFBD>֐<EFBFBD><D690><EFBFBD>jmp<6D><70><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>B
//
// <20><><EFBFBD><EFBFBD><EFBFBD>Ō<EFBFBD><C58C><EFBFBD>API<50><49><EFBFBD>g<EFBFBD><67><EFBFBD><EFBFBD><EFBFBD>́A<CD81>R<EFBFBD>[<5B>h<EFBFBD><68><EFBFBD><EFBFBD><EFBFBD>x<EFBFBD>߂<EFBFBD><DF82>Ă<EFBFBD><C482><EFBFBD>call<6C>B
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>jmp<6D>R<EFBFBD>[<5B>h<EFBFBD>ɖ߂<C996><DF82>B
//
// <20>}<7D><><EFBFBD>`<60>X<EFBFBD><58><EFBFBD>b<EFBFBD>h<EFBFBD><68> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>call<6C><6C><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ƍ<EFBFBD><C68D><EFBFBD><EFBFBD>̂ŁA
// CriticalSection<6F>Ŕr<C594><72><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ă<EFBFBD><C482><EFBFBD><EFBFBD>B
//
#include "override.h"
#include "ft.h"
#include "fteng.h"
#include <locale.h>
#include "undocAPI.h"
#include "delayimp.h"
#include <dwrite_2.h>
#include <dwrite_3.h>
#include <VersionHelpers.h>
#include "EventLogging.h"
add missing files change wow64ext to static lib.
2016-09-08 14:13:00 +08:00
#ifndef _WIN64
#include "wow64ext.h"
#endif
fixed some bugs with PVS added MinHeight params to simulate DPI aware added support for hooking x64 child processes spawned from wow64 processes.
2016-09-08 13:45:52 +08:00
#pragma comment(lib, "delayimp")
HINSTANCE g_dllInstance;
//PFNLdrGetProcedureAddress LdrGetProcedureAddress = (PFNLdrGetProcedureAddress)GetProcAddress(LoadLibrary(_T("ntdll.dll")),"LdrGetProcedureAddress");
//PFNCreateProcessW nCreateProcessW = (PFNCreateProcessW)MyGetProcAddress(LoadLibrary(_T("kernel32.dll")),"CreateProcessW");
//PFNCreateProcessA nCreateProcessA = (PFNCreateProcessA)MyGetProcAddress(LoadLibrary(_T("kernel32.dll")),"CreateProcessA");
// HMODULE hGDIPP = GetModuleHandleW(L"gdiplus.dll");
// typedef int (WINAPI *PFNGdipCreateFontFamilyFromName)(const WCHAR *name, void *fontCollection, void **FontFamily);
// PFNGdipCreateFontFamilyFromName GdipCreateFontFamilyFromName = hGDIPP? (PFNGdipCreateFontFamilyFromName)GetProcAddress(hGDIPP, "GdipCreateFontFamilyFromName"):0;
#ifdef USE_DETOURS
#include "detours.h"
#pragma comment (lib, "detours.lib")
#pragma comment (lib, "detoured.lib")
// DATA_foo<6F>AORIG_foo <20>̂Q<CC82>‚<EFBFBD><C282>܂Ƃ߂Ē<DF82><C492>`<60><><EFBFBD><EFBFBD><EFBFBD>}<7D>N<EFBFBD><4E>
#define HOOK_MANUALLY HOOK_DEFINE
#define HOOK_DEFINE(rettype, name, argtype) \
rettype (WINAPI * ORIG_##name) argtype;
#include "hooklist.h"
#undef HOOK_DEFINE
#undef HOOK_MANUALLY
//
#define HOOK_MANUALLY(rettype, name, argtype) ;
#define HOOK_DEFINE(rettype, name, argtype) \
ORIG_##name = name;
#pragma optimize("s", on)
static void hook_initinternal()
{
#include "hooklist.h"
}
#pragma optimize("", on)
#undef HOOK_DEFINE
#undef HOOK_MANUALLY
#define HOOK_MANUALLY(rettype, name, argtype) ;
#define HOOK_DEFINE(rettype, name, argtype) \
if (&ORIG_##name) { DetourAttach(&(PVOID&)ORIG_##name, IMPL_##name); }
static LONG hook_init()
{
DetourRestoreAfterWith();
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
#include "hooklist.h"
LONG error = DetourTransactionCommit();
if (error != NOERROR) {
TRACE(_T("hook_init error: %#x\n"), error);
}
return error;
}
#undef HOOK_DEFINE
#undef HOOK_MANUALLY
#define HOOK_DEFINE(rettype, name, argtype);
#define HOOK_MANUALLY(rettype, name, argtype) \
LONG hook_demand_##name(){ \
DetourRestoreAfterWith(); \
DetourTransactionBegin(); \
DetourUpdateThread(GetCurrentThread()); \
if (&ORIG_##name) { DetourAttach(&(PVOID&)ORIG_##name, IMPL_##name); } \
LONG error = DetourTransactionCommit(); \
if (error != NOERROR) { \
TRACE(_T("hook_init error: %#x\n"), error); \
} \
return error; \
}
#include "hooklist.h"
#undef HOOK_MANUALLY
#undef HOOK_DEFINE
//
#define HOOK_MANUALLY(rettype, name, argtype) ;
#define HOOK_DEFINE(rettype, name, argtype) \
DetourDetach(&(PVOID&)ORIG_##name, IMPL_##name);
static void hook_term()
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
#include "hooklist.h"
LONG error = DetourTransactionCommit();
if (error != NOERROR) {
TRACE(_T("hook_term error: %#x\n"), error);
}
}
#undef HOOK_DEFINE
#undef HOOK_MANUALLY
#else
#include "easyhook.h"
#ifdef _M_IX86
#pragma comment (lib, "easyhk32.lib")
#else
#pragma comment (lib, "easyhk64.lib")
#endif
#define HOOK_MANUALLY HOOK_DEFINE
#define HOOK_DEFINE(rettype, name, argtype) \
rettype (WINAPI * ORIG_##name) argtype;
#include "hooklist.h"
#undef HOOK_DEFINE
#define HOOK_DEFINE(rettype, name, argtype) \
HOOK_TRACE_INFO HOOK_##name = {0}; //<2F><><EFBFBD><EFBFBD>hook<6F>
#include "hooklist.h"
#undef HOOK_DEFINE
#undef HOOK_MANUALLY
//
#define HOOK_MANUALLY(rettype, name, argtype) ;
#define HOOK_DEFINE(rettype, name, argtype) \
ORIG_##name = name;
#pragma optimize("s", on)
static void hook_initinternal()
{
#include "hooklist.h"
}
#pragma optimize("", on)
#undef HOOK_DEFINE
#undef HOOK_MANUALLY
#define FORCE(expr) {if(!SUCCEEDED(NtStatus = (expr))) goto ERROR_ABORT;}
#define HOOK_DEFINE(rettype, name, argtype) \
if (&ORIG_##name) { \
FORCE(LhInstallHook((PVOID&)ORIG_##name, IMPL_##name, (PVOID)0, &HOOK_##name)); \
*(void**)&ORIG_##name = (void*)HOOK_##name.Link->OldProc; \
FORCE(LhSetExclusiveACL(ACLEntries, 0, &HOOK_##name)); }
#define HOOK_MANUALLY(rettype, name, argtype) ;
static LONG hook_init()
{
ULONG ACLEntries[1] = {0};
NTSTATUS NtStatus;
#include "hooklist.h"
#undef HOOK_DEFINE
FORCE(LhSetGlobalExclusiveACL(ACLEntries, 0));
return NOERROR;
ERROR_ABORT:
TRACE(_T("hook_init error: %#x\n"), NtStatus);
return 1;
}
#undef HOOK_DEFINE
#undef HOOK_MANUALLY
#define HOOK_DEFINE(rettype, name, argtype);
#define HOOK_MANUALLY(rettype, name, argtype) \
LONG hook_demand_##name(bool bForce = false){ \
NTSTATUS NtStatus; \
ULONG ACLEntries[1] = { 0 }; \
if (bForce) { \
memset((void*)&HOOK_##name, 0, sizeof(HOOK_TRACE_INFO)); \
} \
if (&ORIG_##name) { \
FORCE(LhInstallHook((PVOID&)ORIG_##name, IMPL_##name, (PVOID)0, &HOOK_##name)); \
*(void**)&ORIG_##name = (void*)HOOK_##name.Link->OldProc; \
FORCE(LhSetExclusiveACL(ACLEntries, 0, &HOOK_##name)); } \
return NOERROR; \
ERROR_ABORT: \
TRACE(_T("hook_init error: %#x\n"), NtStatus); \
return 1; \
}
#include "hooklist.h"
#undef HOOK_MANUALLY
#undef HOOK_MANUALLY
#undef HOOK_DEFINE
#define HOOK_MANUALLY(rettype, name, argtype) ;
#define HOOK_DEFINE(rettype, name, argtype) \
ORIG_##name = name;
#pragma optimize("s", on)
static LONG hook_term()
{
#include "hooklist.h"
LhUninstallAllHooks();
return LhWaitForPendingRemovals();
}
#endif
#pragma optimize("", on)
#undef HOOK_DEFINE
#undef HOOK_MANUALLY
//---
CTlsData<CThreadLocalInfo> g_TLInfo;
HINSTANCE g_hinstDLL;
LONG g_bHookEnabled;
#ifdef _DEBUG
HANDLE g_hfDbgText;
#endif
//void InstallManagerHook();
//void RemoveManagerHook();
//#include "APITracer.hpp"
//<2F>x<EFBFBD>[<5B>X<EFBFBD>A<EFBFBD>h<EFBFBD><68><EFBFBD>X<EFBFBD><58><EFBFBD>ς<EFBFBD><CF82><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>[<5B>h<EFBFBD><68><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ȃ<EFBFBD>
#if _DLL
#pragma comment(linker, "/base:0x06540000")
#endif
add eventlogger (not enabled) add process interactive detection to prevent stucking at boot in some system. (mainly windows 10)
2016-09-02 15:30:58 +08:00
BOOL WINAPI IsRunAsUser(VOID)
{
HANDLE hProcessToken = NULL;
DWORD groupLength = 50;
PTOKEN_GROUPS groupInfo = (PTOKEN_GROUPS)LocalAlloc(0,
groupLength);
SID_IDENTIFIER_AUTHORITY siaNt = SECURITY_NT_AUTHORITY;
PSID InteractiveSid = NULL;
PSID ServiceSid = NULL;
DWORD i;
// Start with assumption that process is an SERVICE, not a EXE;
BOOL fExe = FALSE;
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY,
&hProcessToken))
goto ret;
if (groupInfo == NULL)
goto ret;
if (!GetTokenInformation(hProcessToken, TokenGroups, groupInfo,
groupLength, &groupLength))
{
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
goto ret;
LocalFree(groupInfo);
groupInfo = NULL;
groupInfo = (PTOKEN_GROUPS)LocalAlloc(0, groupLength);
if (groupInfo == NULL)
goto ret;
if (!GetTokenInformation(hProcessToken, TokenGroups, groupInfo,
groupLength, &groupLength))
{
goto ret;
}
}
//
// We now know the groups associated with this token. We want to look to see if
// the interactive group is active in the token, and if so, we know that
// this is an interactive process.
//
// We also look for the "service" SID, and if it's present, we know we're a service.
//
// The service SID will be present iff the service is running in a
// user account (and was invoked by the service controller).
//
if (!AllocateAndInitializeSid(&siaNt, 1, SECURITY_INTERACTIVE_RID, 0,
0,
0, 0, 0, 0, 0, &InteractiveSid))
{
goto ret;
}
if (!AllocateAndInitializeSid(&siaNt, 1, SECURITY_SERVICE_RID, 0, 0, 0,
0, 0, 0, 0, &ServiceSid))
{
goto ret;
}
for (i = 0; i < groupInfo->GroupCount; i += 1)
{
SID_AND_ATTRIBUTES sanda = groupInfo->Groups[i];
PSID Sid = sanda.Sid;
//
// Check to see if the group we're looking at is one of
// the 2 groups we're interested in.
//
if (EqualSid(Sid, InteractiveSid))
{
//
// This process has the Interactive SID in its
// token. This means that the process is running as
// an EXE.
//
fExe = true;
goto ret;
}
else if (EqualSid(Sid, ServiceSid))
{
//
// This process has the Service SID in its
// token. This means that the process is running as
// a service running in a user account.
//
fExe = FALSE;
goto ret;
}
}
//
// Neither Interactive or Service was present in the current users token,
// This implies that the process is running as a service, most likely
// running as LocalSystem.
//
fExe = FALSE;
ret:
if (InteractiveSid)
FreeSid(InteractiveSid);
if (ServiceSid)
FreeSid(ServiceSid);
if (groupInfo)
LocalFree(groupInfo);
if (hProcessToken)
CloseHandle(hProcessToken);
fixed some bugs with PVS added MinHeight params to simulate DPI aware added support for hooking x64 child processes spawned from wow64 processes.
2016-09-08 13:45:52 +08:00
// EventLogging logger;
// TCHAR s[100] = { 0 };
// wsprintf(s, L"Loading processid %d, isUserProcess=%d", GetCurrentProcessId(), (int)fExe);
// LPCTSTR lpStrings[] = {s};
// logger.LogIt(1, 1, lpStrings, 1);
add eventlogger (not enabled) add process interactive detection to prevent stucking at boot in some system. (mainly windows 10)
2016-09-02 15:30:58 +08:00
return(fExe);
fixed some bugs with PVS added MinHeight params to simulate DPI aware added support for hooking x64 child processes spawned from wow64 processes.
2016-09-08 13:45:52 +08:00
}
BOOL AddEasyHookEnv()
{
TCHAR dir[MAX_PATH];
int dirlen = GetModuleFileName(GetDLLInstance(), dir, MAX_PATH);
LPTSTR lpfilename=dir+dirlen;
while (lpfilename>dir && *lpfilename!=_T('\\') && *lpfilename!=_T('/')) --lpfilename;
*lpfilename = 0;
_tcscat(dir, _T(";"));
dirlen = _tcslen(dir);
int sz=GetEnvironmentVariable(_T("path"), NULL, 0);
LPTSTR lpPath = (LPTSTR)malloc((sz+dirlen+2)*sizeof(TCHAR));
GetEnvironmentVariable(_T("path"), lpPath, sz);
if (!_tcsstr(lpPath, dir))
{
if (lpPath[sz-2]!=_T(';'))
_tcscat(lpPath, _T(";"));
_tcscat(lpPath, dir);
SetEnvironmentVariable(_T("path"), lpPath);
}
free(lpPath);
return true;
}
extern FT_Int * g_charmapCache;
extern BYTE* AACache, *AACacheFull;
extern HFONT g_alterGUIFont;
extern COLORCACHE* g_AACache2[MAX_CACHE_SIZE];
HANDLE hDelayHook = 0;
BOOL WINAPI DllMain(HINSTANCE instance, DWORD reason, LPVOID lpReserved)
{
version updated removed old freetype files add some code to avoid a vs2015 DllMain bug which will call dllmain with reason_process_detach multiple times.
2016-09-22 19:47:49 +08:00
static bool bDllInited = false;
fixed some bugs with PVS added MinHeight params to simulate DPI aware added support for hooking x64 child processes spawned from wow64 processes.
2016-09-08 13:45:52 +08:00
BOOL IsUnload = false, bEnableDW = true;
switch(reason) {
case DLL_PROCESS_ATTACH:
#ifdef DEBUG
//MessageBox(0, L"Load", NULL, MB_OK);
#endif
version updated removed old freetype files add some code to avoid a vs2015 DllMain bug which will call dllmain with reason_process_detach multiple times.
2016-09-22 19:47:49 +08:00
if (bDllInited)
return true;
bDllInited = true;
fixed some bugs with PVS added MinHeight params to simulate DPI aware added support for hooking x64 child processes spawned from wow64 processes.
2016-09-08 13:45:52 +08:00
g_dllInstance = instance;
Delay load easyhook so that no path is required.
2016-09-28 15:49:18 +08:00
{
LPWSTR dllPath = new WCHAR[MAX_PATH + 1];
int nSize = GetModuleFileName(g_dllInstance, dllPath, MAX_PATH + 1);
WCHAR* p = &dllPath[nSize];
while (*--p != L'\\');
*p = L'\0';
#ifdef _WIN64
wcscat(dllPath, L"\\EasyHk64.dll");
#else
wcscat(dllPath, L"\\EasyHk32.dll");
#endif
HMODULE hEasyhk = LoadLibrary(dllPath);
delete[]dllPath;
if (!hEasyhk)
return false;
}
fixed some bugs with PVS added MinHeight params to simulate DPI aware added support for hooking x64 child processes spawned from wow64 processes.
2016-09-08 13:45:52 +08:00
//<2F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
//DLL_PROCESS_DETACH<43>ł͂<C582><CD82><EFBFBD><EFBFBD>̋t<CC8B><74><EFBFBD>ɂ<EFBFBD><C982><EFBFBD>
//1. CRT<52>֐<EFBFBD><D690>̏<EFBFBD><CC8F><EFBFBD><EFBFBD><EFBFBD>
//2. <20>N<EFBFBD><4E><EFBFBD>e<EFBFBD>B<EFBFBD>J<EFBFBD><4A><EFBFBD>Z<EFBFBD>N<EFBFBD>V<EFBFBD><56><EFBFBD><EFBFBD><EFBFBD>̏<EFBFBD><CC8F><EFBFBD><EFBFBD><EFBFBD>
//3. TLS<4C>̏<EFBFBD><CC8F><EFBFBD>
//4. CGdippSettings<67>̃C<CC83><43><EFBFBD>X<EFBFBD>^<5E><><EFBFBD>X<EFBFBD><58><EFBFBD><EFBFBD><EFBFBD>AINI<4E>ǂݍ<C782><DD8D><EFBFBD>
//5. ExcludeModule<6C>`<60>F<EFBFBD>b<EFBFBD>N
// 6. FreeType<70><65><EFBFBD>C<EFBFBD>u<EFBFBD><75><EFBFBD><EFBFBD><EFBFBD>̏<EFBFBD><CC8F><EFBFBD><EFBFBD><EFBFBD>
// 7. FreeTypeFontEngine<6E>̃C<CC83><43><EFBFBD>X<EFBFBD>^<5E><><EFBFBD>X<EFBFBD><58><EFBFBD><EFBFBD>
// 8. API<50><49><EFBFBD>t<EFBFBD>b<EFBFBD>N
// 9. Manager<65><72>GetProcAddress<73><73><EFBFBD>t<EFBFBD>b<EFBFBD>N
//1
_CrtSetDbgFlag(_CrtSetDbgFlag(_CRTDBG_REPORT_FLAG) | _CRTDBG_LEAK_CHECK_DF);
_CrtSetReportMode(_CRT_ASSERT, _CRTDBG_MODE_DEBUG | _CRTDBG_MODE_WNDW);
//_CrtSetBreakAlloc(100);
//Opera<72><61><EFBFBD>~<7E>܂<EFBFBD><DC82>`
//Assert(GetModuleHandleA("opera.exe") == NULL);
setlocale(LC_ALL, "");
g_hinstDLL = instance;
//APITracer::Start(instance, APITracer::OutputFile);
//2, 3
CCriticalSectionLock::Init();
COwnedCriticalSectionLock::Init();
CThreadCounter::Init();
if (!g_TLInfo.ProcessInit()) {
return FALSE;
}
//4
{
CGdippSettings* pSettings = CGdippSettings::CreateInstance();
if (!pSettings || !pSettings->LoadSettings(instance)) {
CGdippSettings::DestroyInstance();
return FALSE;
}
IsUnload = IsProcessUnload();
bEnableDW = pSettings->DirectWrite();
}
if (!IsUnload) hook_initinternal(); //<2F><><EFBFBD><EFBFBD><EFBFBD>ص<EFBFBD>ģ<EFBFBD><C4A3><EFBFBD>Ͳ<EFBFBD><CDB2><EFBFBD><EFBFBD>κ<EFBFBD><CEBA><EFBFBD><EFBFBD><EFBFBD>
//5
if (!IsProcessExcluded() && !IsUnload) {
add missing files change wow64ext to static lib.
2016-09-08 14:13:00 +08:00
#ifndef _WIN64
InitWow64ext();
#endif
fixed some bugs with PVS added MinHeight params to simulate DPI aware added support for hooking x64 child processes spawned from wow64 processes.
2016-09-08 13:45:52 +08:00
if (!FontLInit()) {
return FALSE;
}
g_pFTEngine = new FreeTypeFontEngine;
if (!g_pFTEngine) {
return FALSE;
}
//if (!AddEasyHookEnv()) return FALSE; //fail to load easyhook
InterlockedExchange(&g_bHookEnabled, TRUE);
if (hook_init()!=NOERROR)
return FALSE;
//hook d2d if already loaded
/*
DWORD dwSessionID = 0;
if (ProcessIdToSessionIdProc)
ProcessIdToSessionIdProc(GetCurrentThreadId(), &dwSessionID);
else
dwSessionID = 1;*/
if (IsRunAsUser() && bEnableDW && IsWindowsVistaOrGreater()) //vista or later
{
//ORIG_LdrLoadDll = LdrLoadDll;
//MessageBox(0, L"Test", NULL, MB_OK);
HookD2DDll();
//hook_demand_LdrLoadDll();
}
/*if (IsWindows8OrGreater()) {
*(DWORD_PTR*)&(ORIG_MySetProcessMitigationPolicy) = *(DWORD_PTR*)&(MySetProcessMitigationPolicy);
//hook_demand_MySetProcessMitigationPolicy();
}*/
// InstallManagerHook();
}
//<2F><><EFBFBD>õ<EFBFBD>ǰ<EFBFBD><C7B0><EFBFBD><EFBFBD>ģʽ
if (IsUnload)
{
HANDLE mutex_offical = OpenMutex(MUTEX_ALL_ACCESS, false, _T("{46AD3688-30D0-411e-B2AA-CB177818F428}"));
HANDLE mutex_gditray2 = OpenMutex(MUTEX_ALL_ACCESS, false, _T("Global\\MacType"));
if (!mutex_gditray2)
mutex_gditray2 = OpenMutex(MUTEX_ALL_ACCESS, false, _T("MacType"));
HANDLE mutex_CompMode = OpenMutex(MUTEX_ALL_ACCESS, false, _T("Global\\MacTypeCompMode"));
if (!mutex_CompMode)
mutex_CompMode = OpenMutex(MUTEX_ALL_ACCESS, false, _T("MacTypeCompMode"));
BOOL HookMode = (mutex_offical || (mutex_gditray2 && mutex_CompMode)) || (!mutex_offical && !mutex_gditray2); //<2F>Ƿ<EFBFBD><C7B7>ڼ<EFBFBD><DABC><EFBFBD>ģʽ<C4A3><CABD>
CloseHandle(mutex_CompMode);
CloseHandle(mutex_gditray2);
CloseHandle(mutex_offical);
if (!HookMode) //<2F>Ǽ<EFBFBD><C7BC><EFBFBD>ģʽ<C4A3>£<EFBFBD><C2A3>ܾ<EFBFBD><DCBE><EFBFBD><EFBFBD><EFBFBD>
return false;
}
//APITracer::Finish();
break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
g_TLInfo.ThreadTerm();
break;
case DLL_PROCESS_DETACH:
// RemoveManagerHook();
version updated removed old freetype files add some code to avoid a vs2015 DllMain bug which will call dllmain with reason_process_detach multiple times.
2016-09-22 19:47:49 +08:00
if (!bDllInited)
return true;
bDllInited = false;
fixed some bugs with PVS added MinHeight params to simulate DPI aware added support for hooking x64 child processes spawned from wow64 processes.
2016-09-08 13:45:52 +08:00
if (InterlockedExchange(&g_bHookEnabled, FALSE) && lpReserved == NULL) { //<2F><><EFBFBD><EFBFBD><EFBFBD>ǽ<EFBFBD><C7BD><EFBFBD><EFBFBD><EFBFBD>ֹ<EFBFBD><D6B9><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ҫ<EFBFBD>ͷ<EFBFBD>
hook_term();
//delete AACacheFull;
//delete AACache;
// for (int i=0;i<CACHE_SIZE;i++)
// delete g_AACache2[i]; //<2F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
//free(g_charmapCache);
}
#ifndef DEBUG
if (lpReserved != NULL) return true;
#endif
if (g_pFTEngine) {
delete g_pFTEngine;
}
//if (g_alterGUIFont)
// DeleteObject(g_alterGUIFont);
FontLFree();
/*
#ifndef _WIN64
__FUnloadDelayLoadedDLL2("easyhk32.dll");
#else
__FUnloadDelayLoadedDLL2("easyhk64.dll");
#endif*/
CGdippSettings::DestroyInstance();
g_TLInfo.ProcessTerm();
CCriticalSectionLock::Term();
COwnedCriticalSectionLock::Term();
break;
}
return TRUE;
}
//EOF
Reference in New Issue Copy Permalink