Why SetDlgItemText doesn't work?

[xiahan]

ok, there is last thing i want to confirm,

Code Select Expand



InstallHook proc hwnd:DWORD
push hwnd
pop hWnd
invoke SetWindowsHookEx,WH_MOUSE,addr MouseProc,hInstance,NULL
mov hHook,eax
ret
InstallHook endp



the  InstallHook will be only called by our main thread, not by any other thread, does it  true?

the hInstance been declared as initialized data in .data section cause it will be only use with the InstallHook call that only trigger by our main thread,

so it can't be share by other copy of the DLL, other process will overwrite it

and the hWnd or hHook is sharable cause it will only be got in the DLL associated with our main program

Code Select Expand



MouseProc proc nCode:DWORD,wParam:DWORD,lParam:DWORD
invoke CallNextHookEx,hHook,nCode,wParam,lParam
mov edx,lParam
assume edx:PTR MOUSEHOOKSTRUCT
invoke WindowFromPoint,[edx].pt.x,[edx].pt.y
invoke PostMessage,hWnd,WM_MOUSEHOOK,eax,0
assume edx:nothing
xor eax,eax
ret
MouseProc endp


and the MouseProc will be called by a process who has a mouse message in its message queue,


(Above is all my guess)

but when is the DLL that has the MouseProc mapped into the process has a MOUSE message to send?

[dedndave]

this case works very similar to, say, kernel32, or other windows API DLL's

when you build your program, you link with an import library
in the PE (EXE) file, there is a table called the IAT (import address table)
here is the IAT for this program:

Code Select Expand

004012A2: FF2540204000 jmp dword[00402040] ;user32.wsprintfA
004012A8: FF2538204000 jmp dword[00402038] ;user32.DialogBoxParamA
004012AE: FF252C204000 jmp dword[0040202C] ;user32.EndDialog
004012B4: FF2534204000 jmp dword[00402034] ;user32.GetClassLongA
004012BA: FF2528204000 jmp dword[00402028] ;user32.GetClassNameA
004012C0: FF2524204000 jmp dword[00402024] ;user32.GetDlgItemTextA
004012C6: FF251C204000 jmp dword[0040201C] ;user32.GetWindowRect
004012CC: FF2530204000 jmp dword[00402030] ;user32.SendMessageA
004012D2: FF253C204000 jmp dword[0040203C] ;user32.SetDlgItemTextA
004012D8: FF2520204000 jmp dword[00402020] ;user32.SetWindowPos
004012DE: FF2510204000 jmp dword[00402010] ;kernel32.ExitProcess
004012E4: FF250C204000 jmp dword[0040200C] ;kernel32.GetModuleHandleA
004012EA: FF2514204000 jmp dword[00402014] ;kernel32.lstrcmpiA
004012F0: FF2500204000 jmp dword[00402000] ;MouseHook.InstallHook
004012F6: FF2504204000 jmp dword[00402004] ;MouseHook.UninstallHook

when the operating system loads your program, it resolves these imports by initializing the DLL's and loading the necessary modules

frankly, i would probably add these proc's to the program - they are small and simple
but, it wouldn't be much of a tutorial on DLL's, then   :P

[xiahan]

I have read some docs about import table, knowing that the execute file's IAT will be filled with address of functions reside in DLL by the loader at run time

So the MouseHook.dll is load before the main procedure start,

and My question is When is the MouseHook.dll mapped into the target process

[dedndave]

also - before the main procedure begins

[xiahan]

you mean the MouseHook.dll will be marked into all processes, but there is no MouseHook.dll in there IAT

[dedndave]

no - but it is mapped into your 4 gb of virtual address space

[xiahan]

Ok, all is done in the process that install the Hook,

but is there restriction in data declaration.

Code Select Expand



.data
hInstance dd 0

.data?
hHook dd ?
hWnd dd ?



what about I declare all the three handle in the .data section

the system just increase the dll's use count

cause there is nothing to do with other processes

why should the system map the dll to other process

I'm  highly sure the call is been made by the process who own the window capture the mouse,cause only that process know the mouse's info,and the

system increase the dll's use count to let that process has access to it to call the MouseProc

is it?

[xiahan]

i have made the data declaration into this

Code Select Expand



.data
hInstance dd 0
hHook   dd 0
hWnd dd 0




and the thing turn into a local hook,

so to speak the MouseProc did be called by the process who capture the mouse

and don't know when the system find there is a unknown handle hWnd how does  it feel