Re: Reading a Wnd structure...


"Jack" <jack@xxxxxx> wrote in message
news:h4707216sfc982j2bi9g2n80lqeq9emvov@xxxxxxxxxx
I can get a Wnd pointer in Windows 9x (thanks to one of Matt Pietrek's
books), but I can't figure it out in Windows NT/2k/XP. This page
offers vague information on how to do it:
http://www.winterdom.com/dev/ui/wnd.html

I just need read access to the structure, but if I could get write
access that would be great. And yes, I know it's undocumented, and I'm
not "supposed" to do it, but I would appreciate any help I could get.

Thanks,
Jack

Under NT OSs you need to call the ValidateHwnd function which is a private
function inside user32.dll.

PWND __fastcall ValidateHwnd(HWND hwnd);

Note the __fastcall - this is not a WINAPI definition, the hwnd parameter
gets passed via ecx register. You can use WinDbg to find the address if
you've got debug-symbols installed:

x user32!ValidateHwnd
77d48490 USER32!ValidateHwnd (on my current XP SP2 machine)

So you can't do GetProcAddress. But you can manually locate ValidateHwnd by
finding an exported function from user32 that you *know* calls it (such as
GetWindowRect). Then you parse the opcodes at the start of this function
looking for the "call" (i.e. op-code 0xE8) to ValidateHwnd:

The following C code works for 32bit NT/2000/XP on x86 processors. You may
need to play with function-pointer typedefs if you want it to compile under
C++.
PVOID ValidateHwnd(HWND hwnd){
DWORD ptr = (DWORD )memchr(GetWindowRect, 0xE8, 100);
DWORD addr = *(DWORD *)(ptr+1) + ptr + 5;

// make a function pointer
PVOID (__fastcall * _ValidateHwnd)(HWND hwnd) = (PVOID)addr;

// call the real ValidateHwnd
return _ValidateHwnd(hwnd);}Just call this function, passing in your
HWND and you'll get back a pointer-to-WND (represented as a PVOID here for
simplicity). I would recommend installing WinDbg and debug-symbols, and
inspecting the disassembly for GetWindowRect so that you understand what the
above function is doing, and also appreciate why this is not a very smart
thing to be including in 'production' software...

James

--
Microsoft MVP - Windows SDK
www.catch22.net
Free Win32 Source and Tutorials


.

Loading