private static void HookXpsInterfaces(NktProcess proc)
{
NktProcessMemory procMem;
string dllName;
int pointerSize, retVal;
object callParams;
IntPtr remoteBuffer, ptrVal;
System.Diagnostics.Trace.WriteLine("IEPrintWatermark [HookXpsInterfaces]: Start (a)");
dllName = GetAppPath() + "IEPrintWatermarkHelper";
if (proc.PlatformBits == 64)
{
dllName += "64";
}
dllName += ".dll";
pointerSize = 0;
procMem = null;
remoteBuffer = IntPtr.Zero;
ptrVal = IntPtr.Zero;
try
{
System.Diagnostics.Trace.WriteLine("IEPrintWatermark [HookXpsInterfaces]: Start (b)");
//allocate memory for retrieving results
pointerSize = proc.PlatformBits / 8;
procMem = proc.Memory();
System.Diagnostics.Trace.WriteLine("IEPrintWatermark [HookXpsInterfaces]: Start (c)");
remoteBuffer = procMem.AllocMem(new IntPtr(pointerSize), false);
System.Diagnostics.Trace.WriteLine("IEPrintWatermark [HookXpsInterfaces]: Start (d)");
//load helper dll and retrieve the pointer we need
spyMgr.LoadCustomDll(proc, dllName, true, true);
System.Diagnostics.Trace.WriteLine("IEPrintWatermark [HookXpsInterfaces]: LoadCustomDll 0x" + LastCallError().ToString("X"));
if (pointerSize == 4)
{
callParams = new int[1] {
remoteBuffer.ToInt32()
}
}
;
else
{
callParams = new long[1] {
remoteBuffer.ToInt64()
}
};
retVal = spyMgr.CallCustomApi(proc, dllName, "GetXpsAddresses", ref callParams, true);
System.Diagnostics.Trace.WriteLine("IEPrintWatermark [HookXpsInterfaces]: CallCustomApi 0x" + LastCallError().ToString("X"));
spyMgr.UnloadCustomDll(proc, dllName, true);
}
catch (System.Exception)
{
retVal = -1;
}
System.Diagnostics.Trace.WriteLine("IEPrintWatermark [HookXpsInterfaces]: retVal 0x" + retVal.ToString("X"));
//get IXpsOMPageReference::CollectPartResources's address
if (retVal >= 0)
{
try
{
if (pointerSize == 4)
{
ptrVal = new IntPtr(Convert.ToInt32(procMem.Read(remoteBuffer, eNktDboFundamentalType.ftSignedDoubleWord)));
}
else
{
ptrVal = new IntPtr(Convert.ToInt64(procMem.Read(remoteBuffer, eNktDboFundamentalType.ftSignedQuadWord)));
}
}
catch (System.Exception ex)
{
System.Diagnostics.Trace.WriteLine("IEPrintWatermark [X]: " + ex.ToString());
ptrVal = IntPtr.Zero;
}
}
//free memory
try
{
if (procMem != null && remoteBuffer != IntPtr.Zero)
{
procMem.FreeMem(remoteBuffer);
}
}
catch (System.Exception)
{ }
System.Diagnostics.Trace.WriteLine("IEPrintWatermark [HookXpsInterfaces]: ptrVal 0x" + ptrVal.ToInt32().ToString("X"));
//if we have an address, create a hook for it
if (ptrVal != IntPtr.Zero)
{
NktHook hk;
hk = spyMgr.CreateHookForAddress(ptrVal, "XpsServices.dll!IXpsOMPageReference::SetPage", (int)eNktHookFlags.flgOnlyPreCall);
hk.AddCustomHandler(GetAppPath() + "IEPrintWatermarkHelperCS.dll", (int)eNktHookCustomHandlerFlags.flgChDontCallIfLoaderLocked, "");
hk.Hook(true);
hk.Attach(proc, true);
}
}
