remove ntdll from util.h
This commit is contained in:
Akash Mozumdar
parent
d89cc56d6f
commit
b7764ad860
@ -11,7 +11,7 @@ struct HookParam; // defined in ith types.h
|
|||||||
namespace Engine {
|
namespace Engine {
|
||||||
|
|
||||||
// Global variables
|
// Global variables
|
||||||
extern wchar_t process_name_[MAX_PATH], // cached
|
extern wchar_t *process_name_, // cached
|
||||||
process_path_[MAX_PATH]; // cached
|
process_path_[MAX_PATH]; // cached
|
||||||
extern DWORD module_base_,
|
extern DWORD module_base_,
|
||||||
module_limit_;
|
module_limit_;
|
||||||
|
|||||||
@ -24,7 +24,7 @@ enum { MAX_REL_ADDR = 0x200000 }; // jichi 8/18/2013: maximum relative address
|
|||||||
|
|
||||||
namespace Engine {
|
namespace Engine {
|
||||||
|
|
||||||
WCHAR process_name_[MAX_PATH], // cached
|
WCHAR *process_name_, // cached
|
||||||
process_path_[MAX_PATH]; // cached
|
process_path_[MAX_PATH]; // cached
|
||||||
|
|
||||||
DWORD module_base_,
|
DWORD module_base_,
|
||||||
@ -896,8 +896,11 @@ DWORD WINAPI hijackThreadProc(LPVOID unused)
|
|||||||
|
|
||||||
// jichi 12/18/2013: Though FillRange could raise, it should never raise for he current process
|
// jichi 12/18/2013: Though FillRange could raise, it should never raise for he current process
|
||||||
// So, SEH is not used here.
|
// So, SEH is not used here.
|
||||||
Util::GetProcessName(process_name_); // Initialize shared process name
|
|
||||||
Util::GetProcessPath(process_path_); // Initialize shared process path
|
// Initialize shared process name and path
|
||||||
|
wchar_t* p = GetModuleFileNameW(nullptr, process_path_, MAX_PATH) + process_path_;
|
||||||
|
while (*(--p) != L'\\');
|
||||||
|
process_name_ = p + 1;
|
||||||
|
|
||||||
FillRange(process_name_, &module_base_, &module_limit_);
|
FillRange(process_name_, &module_base_, &module_limit_);
|
||||||
DetermineEngineType();
|
DetermineEngineType();
|
||||||
|
|||||||
@ -488,7 +488,6 @@ DWORD TextHook::UnsafeSend(DWORD dwDataBase, DWORD dwRetn)
|
|||||||
if (dwCount) {
|
if (dwCount) {
|
||||||
IO_STATUS_BLOCK ios = {};
|
IO_STATUS_BLOCK ios = {};
|
||||||
|
|
||||||
IthCoolDown(); // jichi 9/28/2013: cool down to prevent parallelization in wine
|
|
||||||
//CliLockPipe();
|
//CliLockPipe();
|
||||||
WriteFile(::hookPipe, pbData, dwCount + HEADER_SIZE, nullptr, nullptr);
|
WriteFile(::hookPipe, pbData, dwCount + HEADER_SIZE, nullptr, nullptr);
|
||||||
//CliUnlockPipe();
|
//CliUnlockPipe();
|
||||||
@ -505,7 +504,7 @@ int TextHook::InsertHook()
|
|||||||
//ConsoleOutput("vnrcli:InsertHook: enter");
|
//ConsoleOutput("vnrcli:InsertHook: enter");
|
||||||
WaitForSingleObject(hmMutex, 0);
|
WaitForSingleObject(hmMutex, 0);
|
||||||
int ok = InsertHookCode();
|
int ok = InsertHookCode();
|
||||||
IthReleaseMutex(hmMutex);
|
ReleaseMutex(hmMutex);
|
||||||
if (hp.type & HOOK_ADDITIONAL) {
|
if (hp.type & HOOK_ADDITIONAL) {
|
||||||
NotifyHookInsert(hp.address);
|
NotifyHookInsert(hp.address);
|
||||||
//ConsoleOutput(hook_name);
|
//ConsoleOutput(hook_name);
|
||||||
@ -688,7 +687,7 @@ int TextHook::InitHook(LPVOID addr, DWORD data, DWORD data_ind,
|
|||||||
currentHook++;
|
currentHook++;
|
||||||
if (current_available >= this)
|
if (current_available >= this)
|
||||||
for (current_available = this + 1; current_available->Address(); current_available++);
|
for (current_available = this + 1; current_available->Address(); current_available++);
|
||||||
IthReleaseMutex(hmMutex);
|
ReleaseMutex(hmMutex);
|
||||||
return this - hookman;
|
return this - hookman;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -704,7 +703,7 @@ int TextHook::InitHook(const HookParam &h, LPCSTR name, WORD set_flag)
|
|||||||
current_available = this+1;
|
current_available = this+1;
|
||||||
while (current_available->Address())
|
while (current_available->Address())
|
||||||
current_available++;
|
current_available++;
|
||||||
IthReleaseMutex(hmMutex);
|
ReleaseMutex(hmMutex);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -724,7 +723,7 @@ int TextHook::RemoveHook()
|
|||||||
} ITH_EXCEPT {}
|
} ITH_EXCEPT {}
|
||||||
//});
|
//});
|
||||||
hp.hook_len = 0;
|
hp.hook_len = 0;
|
||||||
IthReleaseMutex(hmMutex);
|
ReleaseMutex(hmMutex);
|
||||||
ConsoleOutput("vnrcli:RemoveHook: leave");
|
ConsoleOutput("vnrcli:RemoveHook: leave");
|
||||||
return yes;
|
return yes;
|
||||||
}
|
}
|
||||||
@ -741,7 +740,7 @@ int TextHook::ClearHook()
|
|||||||
//if (current_available>this)
|
//if (current_available>this)
|
||||||
// current_available = this;
|
// current_available = this;
|
||||||
currentHook--;
|
currentHook--;
|
||||||
IthReleaseMutex(hmMutex);
|
ReleaseMutex(hmMutex);
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -32,24 +32,6 @@
|
|||||||
DWORD processStartAddress,
|
DWORD processStartAddress,
|
||||||
processStopAddress;
|
processStopAddress;
|
||||||
|
|
||||||
namespace { // unnamed
|
|
||||||
wchar_t processName[MAX_PATH];
|
|
||||||
|
|
||||||
inline void GetProcessName(wchar_t *name)
|
|
||||||
{
|
|
||||||
//assert(name);
|
|
||||||
PLDR_DATA_TABLE_ENTRY it;
|
|
||||||
__asm
|
|
||||||
{
|
|
||||||
mov eax,fs:[0x30]
|
|
||||||
mov eax,[eax+0xc]
|
|
||||||
mov eax,[eax+0xc]
|
|
||||||
mov it,eax
|
|
||||||
}
|
|
||||||
wcscpy(name, it->BaseDllName.Buffer);
|
|
||||||
}
|
|
||||||
} // unmaed namespace
|
|
||||||
|
|
||||||
enum { HOOK_BUFFER_SIZE = MAX_HOOK * sizeof(TextHook) };
|
enum { HOOK_BUFFER_SIZE = MAX_HOOK * sizeof(TextHook) };
|
||||||
//#define MAX_HOOK (HOOK_BUFFER_SIZE/sizeof(TextHook))
|
//#define MAX_HOOK (HOOK_BUFFER_SIZE/sizeof(TextHook))
|
||||||
DWORD hook_buff_len = HOOK_BUFFER_SIZE;
|
DWORD hook_buff_len = HOOK_BUFFER_SIZE;
|
||||||
@ -164,7 +146,6 @@ BOOL WINAPI DllMain(HINSTANCE hModule, DWORD fdwReason, LPVOID unused)
|
|||||||
hSection = CreateFileMappingW(INVALID_HANDLE_VALUE, nullptr, PAGE_EXECUTE_READWRITE, 0, HOOK_SECTION_SIZE, hm_section);
|
hSection = CreateFileMappingW(INVALID_HANDLE_VALUE, nullptr, PAGE_EXECUTE_READWRITE, 0, HOOK_SECTION_SIZE, hm_section);
|
||||||
::hookman = (TextHook*)MapViewOfFile(hSection, FILE_MAP_ALL_ACCESS, 0, 0, HOOK_SECTION_SIZE / 2);
|
::hookman = (TextHook*)MapViewOfFile(hSection, FILE_MAP_ALL_ACCESS, 0, 0, HOOK_SECTION_SIZE / 2);
|
||||||
|
|
||||||
GetProcessName(::processName);
|
|
||||||
::processStartAddress = (DWORD)GetModuleHandleW(nullptr);
|
::processStartAddress = (DWORD)GetModuleHandleW(nullptr);
|
||||||
|
|
||||||
{
|
{
|
||||||
|
|||||||
@ -3,7 +3,7 @@
|
|||||||
// util.h
|
// util.h
|
||||||
// 8/23/2013 jichi
|
// 8/23/2013 jichi
|
||||||
|
|
||||||
#include "ntdll/ntdll.h"
|
#include <Windows.h>
|
||||||
|
|
||||||
namespace Util {
|
namespace Util {
|
||||||
|
|
||||||
@ -24,40 +24,6 @@ DWORD FindModuleBase(DWORD hash);
|
|||||||
|
|
||||||
bool SearchResourceString(LPCWSTR str);
|
bool SearchResourceString(LPCWSTR str);
|
||||||
|
|
||||||
/**
|
|
||||||
* @param name process name without path deliminator
|
|
||||||
*/
|
|
||||||
inline void GetProcessName(wchar_t *name)
|
|
||||||
{
|
|
||||||
//assert(name);
|
|
||||||
PLDR_DATA_TABLE_ENTRY it;
|
|
||||||
__asm
|
|
||||||
{
|
|
||||||
mov eax,fs:[0x30]
|
|
||||||
mov eax,[eax+0xc]
|
|
||||||
mov eax,[eax+0xc]
|
|
||||||
mov it,eax
|
|
||||||
}
|
|
||||||
::wcscpy(name, it->BaseDllName.Buffer);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @param path with process name and directy name
|
|
||||||
*/
|
|
||||||
inline void GetProcessPath(wchar_t *path)
|
|
||||||
{
|
|
||||||
//assert(path);
|
|
||||||
PLDR_DATA_TABLE_ENTRY it;
|
|
||||||
__asm
|
|
||||||
{
|
|
||||||
mov eax,fs:[0x30]
|
|
||||||
mov eax,[eax+0xc]
|
|
||||||
mov eax,[eax+0xc]
|
|
||||||
mov it,eax
|
|
||||||
}
|
|
||||||
::wcscpy(path, it->FullDllName.Buffer);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return HANDLE module handle
|
* @return HANDLE module handle
|
||||||
*/
|
*/
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user