This article was contributed by Wade Brainerd ([email protected]).

Based on DelayLoadProfileDLL.CPP, by Matt Pietrek for MSJ February 2000. This code is intended to be included in a DLL inserted through a global Windows Hook (CBT hook for example).

It will replace functions from other DLLs (e.g. DDRAW.DLL) with functions from your DLL.

Functions are hooked by passing a parameter structure to the HookAPICalls() function as follows:

// Hook structure.
SDLLHook D3DHook = 
{
 "DDRAW.DLL",
 false, NULL,		// Default hook disabled, NULL function pointer.
 {
  { "DirectDrawCreate", MyDirectDrawCreate },
  { NULL, NULL }
 }
};

BOOL APIENTRY DllMain( HINSTANCE hModule, DWORD fdwReason, LPVOID lpReserved )
{
 if ( fdwReason == DLL_PROCESS_ATTACH )  // When initializing....
 {
  hDLL = hModule;

  // We don't need thread notifications for what we're doing.  Thus, get
  // rid of them, thereby eliminating some of the overhead of this DLL
  DisableThreadLibraryCalls( hModule );

  // Only hook the APIs if this is the Everquest proess.
  GetModuleFileName( GetModuleHandle( NULL ), Work, sizeof(Work) );
  PathStripPath( Work );

  if ( stricmp( Work, "myhooktarget.exe" ) == 0 )
   HookAPICalls( &D3DHook; );
 }

 return TRUE;
}

Now all that remains is to get your DLL loaded into the target process. The MSDN has a few good articles on Windows hooks, which are the preferred way to get an arbitrary DLL loaded into a process:

http://msdn.microsoft.com/library/techart/msdn_hooks32.htm

Also, the article from which this code is based shows another way to do it, which involves loading the process to be hooked as a debug target:

http://msdn.microsoft.com/library/periodic/period00/hood0200.htm