tags:

views:

220

answers:

3
Q: 

What does DetourAttach(&(PVOID &)BindKeyT, BindKeyD); mean? Attaching a detour to a memory address...

Hello everyone!

This is just a simple question. I've been reading the source of something which attaches to a memory address of a subroutine using DetourAttach(&(PVOID &)BindKeyT, BindKeyD); where BindKeyT is the address to a subroutine in memory. I'm curious, what exactly does (&(PVOID &) mean in english? I understand that PVOID is a void pointer, but how does this get translated into a function which can be used to attach a detour to?

A: 

The C++ parser in my head (which is not bug free) says that it is a C style cast of BindKeyT to a reference to a pointer to void - the (PVOID&) part - and then taking the address of that - the & in front. So the result of the expression is a pointer to a pointer to the function.

Terry Mahaffey  2010-03-08 07:00:19
Now assuming that it's a pointer to a pointer to the function, how can I setup the memory address to simply be a function and be called so?
Gbps  2010-03-08 08:07:21
AFAIK DetourAttach requires a pointer to a pointer to a function, so you need to use that syntax (or introduce a temporary pointer, and take the address of that).
Terry Mahaffey  2010-03-08 16:51:01
A: 

There is an introduction to Detours here: api-hooking-with-detours-part-1

Dipstick  2010-03-08 07:05:41
A: 

Terry Mahaffey is right, what you are passing is a pointer to a pointer to the function. This is commonly used whenever the function you are passing the pointer to (in this case, DetourAttach) wants to return more than one value, and one of those returned values is a pointer. Since functions in C/C++ can only return a single value, the only way to obtain multiple values from them is via pointers.

A simple example would be when one wishes to return a pointer to a block of allocated memory. Then one can write a function like:

int allocstr(int len, char **retptr)
 {
  char *p = malloc(len + 1); /* +1 for \0 */
  if(p == NULL)
   return 0;
  *retptr = p;
  return 1;
 }

To answer your other question, of how to setup a memory address to be used as a function, one can do it like so:

void* (void * BindKeyT)(const char* key) = actual_BindKeyT;

// actual_BindKeyT is a pointer to a function that will be defined elsewhere, 
// and whose declaration you will include in your project through a header file
// or a dll import

void * BindKeyD(const char* key)
{
    // Code for your hook function
}

DetourAttach(&(PVOID&)BindKeyT, BindKeyD);

(taken from http://zenersblog.blogspot.com/2008/04/api-hooking-with-detours-part-1.html)

Bear in mind that the declarations for BindKeyT and BindKeyD should match.

Amey  2010-03-08 10:39:16
So let's say that I had this address "x", would I pass x* in place of actual_BindKeyT if I wanted to use BindKeyT as a function?
Gbps  2010-03-08 16:11:42
Amey  2010-03-10 10:16:56

related questions

Of Memory Management, Heap Corruption, and C++
How do I make a GUI?
Alpha blending sprites in Nintendo DS Homebrew
Thread safe lazy contruction of a singleton in C++
Interview Programming Questions - In house Exam
Link issues (VC6)
What are the barriers to understanding pointers and what can be done to overcome them?
Why are professors or schools picking Java over C++ to teach to students?
What is the best way to create a sparse array in C++
C/C++ library for reading MIDI signals from a USB MIDI device
How do you pack a visual studio c++ project for release?
How to set up unit testing for Visual Studio C++
How do I configure and communicate with a serial port?
Lightweight IDE for Linux
Mapping Stream data to data structures in C#
CPU throttling in C++
Asynchronous multi-direction server-client communication over the same open socket?
Exceptions in C++
Heap corruption under Win32; how to locate?
Build for Windows NT 4.0 using Visual Studio 2005?
C++: Should I use nested classes in this case?
BerkeleyDB Concurrency
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS