0

Why does inside of WriteConsole_Hook the code doesn't recognize if (ffmpeg_struct.ffmpeg_console) { as true?

It has been previously set true inside of CreateProcessW_Hook function.

struct ffmpeg {
    bool ffmpeg_console;
} ffmpeg_struct;

BOOL __stdcall CreateProcessW_Hook(
  LPCWSTR               lpApplicationName,
  LPWSTR                lpCommandLine,
  LPSECURITY_ATTRIBUTES lpProcessAttributes,
  LPSECURITY_ATTRIBUTES lpThreadAttributes,
  BOOL                  bInheritHandles,
  DWORD                 dwCreationFlags,
  LPVOID                lpEnvironment,
  LPCWSTR               lpCurrentDirectory,
  LPSTARTUPINFOW        lpStartupInfo,
  LPPROCESS_INFORMATION lpProcessInformation
)
{

    BOOL rt = CreateProcessW(lpApplicationName, lpCommandLine, lpProcessAttributes, lpThreadAttributes, bInheritHandles, dwCreationFlags, lpEnvironment, lpCurrentDirectory, lpStartupInfo, lpProcessInformation);

    if (lpCommandLine)
        if(wcsstr(lpCommandLine, L"ffmpeg.exe") != NULL)
        {
            Sleep(100);

            ffmpeg_struct.ffmpeg_console     = true;
            DWORD pid                        = lpProcessInformation->dwProcessId;

            //........
        }

    return rt;
}



BOOL __stdcall WriteConsole_Hook(
           HANDLE  hConsoleOutput,
           const VOID* lpBuffer,
           DWORD   nNumberOfCharsToWrite,
           LPDWORD lpNumberOfCharsWritten,
           LPVOID  lpReserved
)
{
    const wchar_t* string = reinterpret_cast<const wchar_t*>(lpBuffer);

    if (ffmpeg_struct.ffmpeg_console) {
        //....
    }

    return WriteConsoleW(hConsoleOutput, lpBuffer, nNumberOfCharsToWrite, lpNumberOfCharsWritten, lpReserved);
}
  • There's very little context here, but if you mean between separate processes then it's because those have separate memory spaces - use e.g. memory mapped buffers instead. – 500 - Internal Server Error Sep 16 '21 at 16:24
  • Hm? both functions are inside of the same dll. –  Sep 16 '21 at 16:28
  • 1
    Same copy of said dll? - I see hooks mentioned there, but like I said: very little context in your question. – 500 - Internal Server Error Sep 16 '21 at 16:35
  • If it's the same instance of the dll, that is the same exact file and the same process, then it's one shared variable. Otherwise it's a different instance and distinct variables. – David Heffernan Sep 16 '21 at 17:04
  • 1
    If you are hooking different functions in separate processes but with the same DLL, you will have to store the variable(s) in shared memory, using `#pragma comment` or `#pragma data_seg` if your compiler supports that, otherwise using `CreateFileMapping()` and `MapViewOfFile()`. See [this answer](https://stackoverflow.com/a/52317448/65863) – Remy Lebeau Sep 16 '21 at 22:30

0 Answers0