Why does API hooking ExtTextOut and DrawText in C++ only output rubbish?

Question

I am trying to make an API hook using Detour to extract the text output from a third party program. However, I only get rubbish, alot of numbers and no text output.

Exactly when are these functions called? Are they called to draw other stuff than text aswell? If there is some advanced tools the third party program uses to avoid intercepting these calls, is there some basic example I can try to make sure that my method really recieves the text correctly? In other words, is there some program in windows which uses these methods to draw text on the screen?

My code can be seen below:

BOOL (__stdcall *Real_ExtTextOut)(HDC hdc,int x, int y, UINT options, const RECT* lprc,LPCWSTR text,UINT cbCount, const INT* lpSpacingValues) = ExtTextOut;
BOOL (__stdcall *Real_DrawText)(HDC hdc, LPCWSTR text,  int nCount, LPRECT lpRect, UINT uOptions) = DrawText;

int WINAPI Mine_DrawText(HDC hdc, LPCWSTR text,  int nCount, LPRECT lpRect, UINT uOptions)
{
        ofstream myFile;
    myFile.open ("C:\\temp\\textHooking\\textHook\\example.txt", ios::app);
    for(int i = 0; i < nCount; ++i)
        myFile << text[i];
    myFile << endl;
    int rv = Real_DrawText(hdc, text, nCount, lpRect, uOptions);

    return rv;
}

BOOL WINAPI Mine_ExtTextOut(HDC hdc, int X, int Y, UINT options, RECT* lprc, LPCWSTR text, UINT cbCount, INT* lpSpacingValues)
{
    ofstream myFile;
    myFile.open ("C:\\temp\\textHooking\\textHook\\example2.txt", ios::app);
    for(int i = 0; i < cbCount; ++i)
        myFile << text[i];
    myFile << endl;
    BOOL rv = Real_ExtTextOut(hdc, X, Y, options, lprc, text, cbCount, lpSpacingValues);

    return rv;
}

// Install the DrawText detour whenever this DLL is loaded into any process
BOOL APIENTRY DllMain( HMODULE hModule, DWORD  ul_reason_for_call, LPVOID lpReserved){
    switch (ul_reason_for_call)
    {
    case DLL_PROCESS_ATTACH:
            DetourTransactionBegin();
            DetourUpdateThread(GetCurrentThread());
            DetourAttach(&(PVOID&)Real_ExtTextOut, Mine_ExtTextOut);
            DetourAttach(&(PVOID&)Real_DrawText, Mine_DrawText);
            DetourTransactionCommit();
    case DLL_THREAD_ATTACH:
    case DLL_THREAD_DETACH:
    case DLL_PROCESS_DETACH:
        break;
    }

    return TRUE;
}

Rubbish in the file or on the screen? File content will certainly be messy, it doesn't handle Unicode properly. — Hans Passant, Jun 10 '13 at 20:22
Well, I'd google "c++ write utf-8 file". First couple of hits look pretty good. — Hans Passant, Jun 10 '13 at 20:42

score 2 · Answer 1 · answered Jun 10 '13 at 21:17

You are writing out UTF-16 character codes as integers. Hence the file full of numbers. It's probably easier just to blit the text buffer straight to the file:

ofstream myFile;
myFile.open("C:\\temp\\textHooking\\textHook\\example.txt", ios::app);
myFile.write(reinterpret_cast<const char*>text, nCount*sizeof(*text));
myFile << endl;

You may wish to put the UTF-16LE BOM at the front of the file to help your text editor work out the encoding that is in use.

Why does API hooking ExtTextOut and DrawText in C++ only output rubbish?

1 Answers1