0

I am fully aware if i try to get buffer of another app listview items that i need to solve memory space boundary so What i am doing is hooking which returns well, no error, success then

enter code here
LVITEM lvi;
lvi.cchTextMax = 552;
lvi.mask = LVIF_TEXT;

_tfreopen(path,_T("w"),stdout);

for (int nItem = 0; nItem < nMaxItems; nItem++) {

    // Get the name and position of a ListView item.
    lvi.iSubItem = 0;
    lvi.iItem = nItem;
    lvi.pszText = szName;

    ListView_GetItem(hWndLV, &lvi);
    wprintf(L"%s, ", szName);
    wprintf(L"%s, ", lvi.pszText);
    for ( int subitem = 0; subitem < columns; subitem++)
    {

        lvi.iSubItem = subitem;
        lvi.iItem = nItem;
        lvi.pszText = szName;

        ListView_GetItem(hWndLV, &lvi);

        wprintf(L"%s, ", szName);
        wprintf(L"%s, ", lvi.pszText);

    }  
    wprintf(L"%s", "\n");

}

wprintf(L"%s", GetLastError());
fclose (stdout);

No error with getlasterror and this works perfect on any other listview i tried before except this app, is it possible to still get item text somehow ?

Marko29
  • 1,005
  • 4
  • 14
  • 25
  • Can you give us any more information about the application for which this doesn't work? Also, the first sentence of your question doesn't really make sense. – Cody Gray - on strike Feb 01 '11 at 01:35
  • @Cody The first sentence is reflecting the fact that LVM_GETITEMTEXT passes a pointer to LVITEM and this isn't marshalled across process boundaries. So you have to do tricks with WriteProcessMemory/ReadProcessMemory to make it work. See http://www.codeproject.com/KB/threads/int64_memsteal.aspx – David Heffernan Feb 01 '11 at 13:53
  • @Cody I just gave you an up-vote for that C# answer - you deserve more than a single up-vote for all that effort!! – David Heffernan Feb 01 '11 at 13:57
  • @Marko: Is my initial assumption correct that you're already using `ReadProcessMemory`/`WriteProcessMemory`, and it's worked with every application you've tried except for one in particular? Or is the one that it worked with your *own* application? – Cody Gray - on strike Feb 01 '11 at 13:59
  • @Cody when i said that it worked on every app I meant that hooking worked perfect in situations like this with every other app so i am suggesting that process memory space isnt the problem here even i might be wrong but isnt hooking pretty much same thing as read write process memory function... – Marko29 Feb 01 '11 at 16:17
  • it is not same thing but what i mean is that both solve memory space boundary so i guess something else might be probem I inspected the app with spy and its not showing any messages like set item text or insert item etc.. other listviews in the same app actually send and receive setitemtext messages so probaby this listview is made in much different way – Marko29 Feb 01 '11 at 16:20

2 Answers2

1

Maybe it is an owner-drawn listview (LVS_OWNERDRAWFIXED)? If this is the case it will not be possible to get the text without private knowledge of the app that owns it.

Jerry Joyce
  • 341
  • 1
  • 6
  • I inspected messages but didnt notice any ownerdraw, there are messages like wmnotify wmpaint(perhaps for some icons) et.. but no ownerdrawn – Marko29 Feb 01 '11 at 16:20
  • 1
    You can check the style of the listview using Spy++. This should uncover if it is ownerdrawn, or even LVS_OWNERDATA. – Jerry Joyce Feb 01 '11 at 17:25
0

You don't need to use hooking to get across the process boundary. You can use WriteProcessMemory/ReadProcessMemory as described in the following Code Project article: http://www.codeproject.com/KB/threads/int64_memsteal.aspx

What you have to watch out for is crossing a 32/64 bit boundary. I know of now way to achieve that.

David Heffernan
  • 601,492
  • 42
  • 1,072
  • 1,490
  • Hi again David, app is 32bit and dll is also 32, i am aware of that btw. i could go with the strategy in the article but woudnt that just solve the memory space poblems? I mean isnt hooking achieving same thing here? – Marko29 Feb 01 '11 at 16:22
  • @Marko well, it's hard to know what your problem is because you don't say what's different about the troublesome app. My point is that this method is probably a lot easier than hooking. – David Heffernan Feb 01 '11 at 16:27