hook

Can I get function pointers for hooking from COM Dispatch Interface? ( not dual interface )

up vote 0 down vote favorite

May I ask something about hooking method in COM Distach Interface? Recently, I am making some utility which is kind of COM monitoring tool. and I'm trying to hook Com object's interface while running time. for that, I needed to use type lib. following is a outline of my codes. // Load Type Lib. LoadRegTypeLib( TypeLibCLSID , wMajorVersion , wMinorVersion , lcid , &pTypeLib ); // Get Function Descriptor pInterfaceTypeInfo->GetFuncDesc( iii , &pfuncdesc ); // Create Instance and Get Interface CoCreateInstance( pClassAttr->guid , NULL, ClassContext, pInterfaceAttr->guid , (void**)&pUnknownObject ); // Get VTable dwOrgFunctionPointer = *(DWORD*)pUnknownObject; // adjust offset dwOrgFunctionPointer += pfuncdesc->oVft; // Get Function Pointer dwOrgFunctionPointer = *(DWORD*)dwOrgFunctionPointer ; // Hook MyHookMethod( dwOrgFunctionPointer ); This was successful until I found some Com Object which has Dispatch Interface (not dual). If some Com Object has just Dispatch Interface ( not dual ), there is no function pointers in VTable. There are just MFC's function pointers like a GetTypeInfoCount, GetTypeInfo, GetIDsOfNames, Invoke. moreover, pfuncdesc->oVft is always 0 for all functions belongs to that interface. I know that I shoud use 'Invoke' method when I use these kind of com objects. But problem is that Im trying to hook. I need function pointers. How can I get those function pointers from IDispatch ? There are only MFC's function pointers in IDispatch->vtable. any advice will be appreciated. Thnak you. com hook vtable dispatch share|improve this question edited May 24 '11 at 4:20 asked May 24 '11 at 3:58 Darpangs 113

That's not possible, IDispatch uses late binding. There is nothing to hook beyond the methods of IDispatch. The server implementation could be as simple as a switch statement on the dispid. –  Hans Passant May 24 '11 at 4:27 hm... is there any possibility? when I use debugger, I saw some codes like a COleDispatchImpl class, GetDispEntry method, CCmdTarget class in the 'Invoke' method. I guess there might be some function table for that 'Invoke' method. Is there nothing with that? anyway thank you for your comment. –  Darpangs May 24 '11 at 4:42 add comment

1 Answer

active oldest votes

up vote 0 down vote

To Hook IDispatch, you can hook/shim all the methods of IDispatch, probably focussing mostly on Invoke. A key thing to remember is that IDispatch is that it is a very special interface. While COM rules ensure that QI for IID_IDispatch returns a single implementation, other interfaces derived from IDispatch can choose to have their own separate implementations of Invoke et al. Which means that casting to IDispatch can yield different results from QI-ing for it. I find this behaviour confusing but some classic AX scenarios require it. Having said that, I strongly recommend against hooking in this way except perhaps for debugging purposes. Do not ship code that works this way in real app code. It will turn out to be very unstable. Martyn share|improve this answer