Capturing OutputDebugString

November 9, 2007 @ 3:20 | In Programming | | del.icio.us digg devbump rss

Using OutputDebugString for tracing your programs is probably not a good idea, at least if you have lots of traces being generated (OutputDebugString raises an exception and causes a kernel mode transition). So you will probably end up implementing your own tracing/logging system. Parts of code that are not under your control may be still using OutputDebugString (like Debugging Tools for Windows, DirectX, etc). The code listed below allows capturing OutputDebugString calls generated inside your own process (in fact, it is capturing all the OSD calls generated by all the active processes).

You will need to put this piece of code in a separate thread, but those details are omitted for better clarity.

NOTE: If the process is being debugged, the ODS calls will be intercepted by debugger.

/////////////////////////////////////////////////////////////////////////////

struct DbWinBuffer
{
    DWORD dwProcessId;
    char data[4096 - sizeof(DWORD)];
};

DbWinBuffer* dbBuffer;

HANDLE hAckEvent;
HANDLE hEvent;
HANDLE hSharedFile;

SECURITY_DESCRIPTOR sd;
SECURITY_ATTRIBUTES sa;
/////////////////////////////////////////////////////////////////////////////

sa.nLength = sizeof(SECURITY_ATTRIBUTES);
sa.bInheritHandle = true;
sa.lpSecurityDescriptor = &sd;

if (!InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION))
{
    printf(”ERROR: InitializeSecurityDescriptor\n”);
    return 1;
}

if (!SetSecurityDescriptorDacl(&sd, true, 0, false))
{
    printf(”ERROR: SetSecurityDescriptorDacl\n”);
    return 1;
}

hAckEvent = CreateEvent(&sa, false, false, L”DBWIN_BUFFER_READY”);
if (!hAckEvent)
{
    printf(”ERROR: CreateEvent(\”DBWIN_BUFFER_READY\”)\n”);
    return 1;
}

hEvent = CreateEvent(&sa, false, false, L”DBWIN_DATA_READY”);
if (!hEvent)
{
    printf(”ERROR: CreateEvent(\”DBWIN_DATA_READY\”)\n”);
    return 1;
}

hSharedFile = CreateFileMapping((HANDLE)-1, &sa, PAGE_READWRITE, 0, 4096,
                                L”DBWIN_BUFFER”);
if (!hSharedFile)
{
    printf(”ERROR: CreateFileMapping(\”DBWIN_BUFFER\”)\n”);
    return 1;
}

dbBuffer = static_cast<DbWinBuffer*>(MapViewOfFile(hSharedFile, FILE_MAP_READ, 0,
                                     0, 4096));
if (!dbBuffer)
{
    printf(”ERROR: MapViewOfFile\n”);
    return 1;
}

SetEvent(hAckEvent);

DWORD pid = GetCurrentProcessId();
printf(”Tracing PID: %d\n\n”, pid);

for (;;)
{
    DWORD ret = WaitForSingleObject(hEvent, INFINITE);
    if (ret == WAIT_FAILED)
    {
        printf(”ERROR: WaitForSingleObject\n”);
        return 1;
    }

    if (dbBuffer->dwProcessId == pid)
    {
        printf(”%s”, dbBuffer->data);
    }

    SetEvent(hAckEvent);
}
/////////////////////////////////////////////////////////////////////////////

Hmm, it is probably time to install a code colorizer WordPress plugin. :)




  1. Or you can use this:
    http://www.microsoft.com/technet/sysinternals/utilities/debugview.mspx



    Comment by Anonymous
    December 4, 2007 @ 5:42 #


Wed, 20 Aug 2008 20:11:12 +0200 / 25 queries. 1.752 seconds / 4 Users Online

gentoo link wordpress link apache link PHP link website stats

Theme modified from Pool theme. Valid XHTML and CSS