Hooking into HL2 DLL ?

[Lazy]

Maybe you could do something like that if you managed to get in-between the engine and the gamedll.
Injection would require a loader but you could also look into proxying a dll that the server uses like wsock32.dll and hooking LoadLibrary from there which you'd return a handle to your dll rather than the server's.
You wouldn't even need a loader and since it would be loaded while windows sets up the exe to be run you'd have no problems with hooking something too late.

The only problem I noticed was with HL1 where I got something like CCodeErrorException after a while.
I did manage to see some libraries being loaded before it crashed.

( Note: Above is an example to add a clock into the client while running in fullscreen, nothing else )

[dub]

There`s a method of hooking the directx 9 dll in gta:vc and creating a speedometer overlay on the screen done by a guy named spooky here.
This method could intresting for hooking into the game but in xp sp2 has this new memory protection, so im not sure how easy it would be (basically all it does is unables anything to write into a remote process other than it`s own, microsoft attempt at stopping buffer overrun`s). One idea i thought about is to change the hWnd, hThread of the inject process to the same as the process you want to hook into then inject quickly and exit (hopefully confuse windows). im not sure if LoadLibraryA method would work with xp sp2`s new memory protection.

[Lazy]

If I remember correctly you can also get your dll injected by using SetWindowsHookEx, the only problem may be hooking too late.

[dub]

send idHook = WH_GETMESSAGE then break in on WM_CREATE to inject. Surely that wouldn`t break in too late ?
edit..
create a thread to check for the executable with above normal priority

[Lazy]

I think you need a valid hWnd to set a windows hook though . I just wonder if its possible to make an exe loader which runs it under our program's address space which would allow changing of imports without injecting a dll.
( Note: Not thought out very well )

[dub]

you could use CreateProcessA or CreateToolHelp32Snapshot & Module32First, Module32Next
ex. here using CreateToolHelp32Snapshot, Module32First & Module32Next to get the hWnd

[Pierre-Marie Baty]

these are ugly hacks, I definitely wouldn't want to use them

anyway, let me correct one thing:

Quote:

For example, the engine calls the game DLL GameFrame() function, then when the game DLL returns back to the engine, the engine calls it for plugin A, then plugin B, then plugin C, like this...

engine->GameDLL::GameFrame()
<- GameDLL::GameFrame() returns back to the engine
engine->PluginA::GameFrame()
<- PluginA::GameFrame() returns back to then engine
engine->PluginB::GameFrame()
<- PluginB::GameFrame() returns back to the engine

Technically speaking, it's the other way around in metamod : the game DLL functions are called AFTER all the plugins hooks (which enables us to set a MRES_SUPERCEDE to prevent the real function from being called). Same goes for engine functions. For hooking a function AFTER the actual call, we use metamod's *_Post function tables.

This is actually what we would need in HL2.

[dub]

Quote:

these are ugly hacks, I definitely wouldn't want to use them

yeah ugly hacks, just exchanging various ways to go about hooking into hl2 . Pierre never know these methods could come in handy someday.

[botman]

ugly, and won't work on Linux.

botman

[stefanhendriks]

I just read the bots here, using the runplayermove botman had 'invented' stopped working. Perhaps its time for more ugly methods? I dunno.