COM method offsets in Delphi

Question

In Delphi, how do I find out the the address of a COM method? I can hardcode the offsets

//0 is the offset of the QueryInterface method
p := TPonterArray(poi         


        

Answer 1

You can use the vmtoffset assembler directive to get the byte offset of an interface method relative to the start of the interface's method table. Take a look at the implementation of _IntfCast in System.pas, for example:

call dword ptr [eax] + vmtoffset IInterface.QueryInterface
...
call dword ptr [eax] + vmtoffset IInterface._Release

The first expression adds 0; the second, 8.

You cannot parameterize those expressions, though. They're compile-time constants, so you cannot choose which method you want at run time. You need to have all possible method names represented in advance.

All you really need to hook is QueryInterface. Once you have that, you can return whatever proxy object you want that can intercept calls to all the other methods.