start migrating off ntdll
This commit is contained in:
parent
c5d847f310
commit
c393d29115
@ -331,7 +331,7 @@ public:
|
||||
if (NT_SUCCESS(NtReadVirtualMemory(hProc, (PVOID)addr, buffer, 8, &len)))
|
||||
if (::memcmp(buffer, normal_routine, 4) == 0)
|
||||
flag = 1;
|
||||
NtClose(hProc);
|
||||
CloseHandle(hProc);
|
||||
}
|
||||
if (flag == 0) {
|
||||
for (j = i; j < count; j++)
|
||||
@ -885,7 +885,7 @@ BOOL IthInitSystemService()
|
||||
if (!NT_SUCCESS(NtCreateSection(&codepage_section, SECTION_MAP_READ,
|
||||
&oa,0, PAGE_READONLY, SEC_COMMIT, codepage_file)))
|
||||
return FALSE;
|
||||
NtClose(codepage_file);
|
||||
CloseHandle(codepage_file);
|
||||
size = 0;
|
||||
::page = nullptr;
|
||||
if (!NT_SUCCESS(NtMapViewOfSection(::codepage_section, NtCurrentProcess(),
|
||||
@ -917,13 +917,13 @@ void IthCloseSystemService()
|
||||
{
|
||||
if (::page_locale != 0x3a4) {
|
||||
NtUnmapViewOfSection(NtCurrentProcess(), ::page);
|
||||
NtClose(::codepage_section);
|
||||
CloseHandle(::codepage_section);
|
||||
}
|
||||
if (ITH_ENABLE_THREADMAN) {
|
||||
NtUnmapViewOfSection(NtCurrentProcess(), ::thread_man_);
|
||||
NtClose(::thread_man_section);
|
||||
CloseHandle(::thread_man_section);
|
||||
}
|
||||
NtClose(::root_obj);
|
||||
CloseHandle(::root_obj);
|
||||
#ifdef ITH_HAS_HEAP
|
||||
RtlDestroyHeap(::hHeap);
|
||||
#endif // ITH_HAS_HEAP
|
||||
@ -974,7 +974,7 @@ BOOL IthCheckFile(LPCWSTR file)
|
||||
OBJECT_ATTRIBUTES oa = { sizeof(oa), dir_obj, &us, 0, 0, 0};
|
||||
// jichi 9/22/2013: Following code does not work in Wine
|
||||
if (NT_SUCCESS(NtCreateFile(&hFile, FILE_READ_DATA, &oa, &isb, 0, 0, FILE_SHARE_READ, FILE_OPEN, 0, 0, 0))) {
|
||||
NtClose(hFile);
|
||||
CloseHandle(hFile);
|
||||
return TRUE;
|
||||
}
|
||||
}
|
||||
@ -1009,7 +1009,7 @@ BOOL IthFindFile(LPCWSTR file)
|
||||
else
|
||||
RtlInitUnicodeString(&us, file);
|
||||
status = NtQueryDirectoryFile(h,0,0,0,&ios,info,0x400,FileBothDirectoryInformation,TRUE,&us,TRUE);
|
||||
NtClose(h);
|
||||
CloseHandle(h);
|
||||
return NT_SUCCESS(status);
|
||||
}
|
||||
return FALSE;
|
||||
@ -1037,7 +1037,7 @@ BOOL IthGetFileInfo(LPCWSTR file, LPVOID info, DWORD size)
|
||||
RtlInitUnicodeString(&us,file);
|
||||
status = NtQueryDirectoryFile(h,0,0,0,&ios,info,size,FileBothDirectoryInformation,0,&us,0);
|
||||
status = NT_SUCCESS(status);
|
||||
NtClose(h);
|
||||
CloseHandle(h);
|
||||
} else
|
||||
status = FALSE;
|
||||
return status;
|
||||
@ -1052,7 +1052,7 @@ BOOL IthCheckFileFullPath(LPCWSTR file)
|
||||
HANDLE hFile;
|
||||
IO_STATUS_BLOCK isb;
|
||||
if (NT_SUCCESS(NtCreateFile(&hFile,FILE_READ_DATA,&oa,&isb,0,0,FILE_SHARE_READ,FILE_OPEN,0,0,0))) {
|
||||
NtClose(hFile);
|
||||
CloseHandle(hFile);
|
||||
return TRUE;
|
||||
} else
|
||||
return FALSE;
|
||||
|
@ -108,9 +108,9 @@ HookManager::~HookManager()
|
||||
//LARGE_INTEGER timeout={-1000*1000,-1};
|
||||
//IthBreak();
|
||||
//NtWaitForSingleObject(destroy_event, 0, 0);
|
||||
//NtClose(destroy_event);
|
||||
//NtClose(cmd_pipes[0]);
|
||||
//NtClose(recv_threads[0]);
|
||||
//CloseHandle(destroy_event);
|
||||
//CloseHandle(cmd_pipes[0]);
|
||||
//CloseHandle(recv_threads[0]);
|
||||
//delete thread_table;
|
||||
//delete head.key;
|
||||
//DeleteCriticalSection(&hmcs);
|
||||
@ -197,10 +197,10 @@ void HookManager::RegisterProcess(DWORD pid, HANDLE hostPipe)
|
||||
|
||||
ProcessRecord* record = processRecordsByIds[pid] = new ProcessRecord;
|
||||
record->hostPipe = hostPipe;
|
||||
record->hookman_section = OpenFileMappingW(FILE_MAP_READ, FALSE, (std::wstring(ITH_SECTION_) + std::to_wstring(pid)).c_str());
|
||||
record->hookman_section = OpenFileMappingW(FILE_MAP_READ, FALSE, (ITH_SECTION_ + std::to_wstring(pid)).c_str());
|
||||
record->hookman_map = MapViewOfFile(record->hookman_section, FILE_MAP_READ, 0, 0, HOOK_SECTION_SIZE / 2); // jichi 1/16/2015: Changed to half to hook section size
|
||||
record->process_handle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid);
|
||||
record->hookman_mutex = OpenMutexW(MUTEX_ALL_ACCESS, FALSE, (std::wstring(ITH_HOOKMAN_MUTEX_) + std::to_wstring(pid)).c_str());
|
||||
record->hookman_mutex = OpenMutexW(MUTEX_ALL_ACCESS, FALSE, (ITH_HOOKMAN_MUTEX_ + std::to_wstring(pid)).c_str());
|
||||
//if (NT_SUCCESS(NtOpenProcess(&hProc,
|
||||
// PROCESS_QUERY_INFORMATION|
|
||||
// PROCESS_CREATE_THREAD|
|
||||
@ -226,18 +226,18 @@ void HookManager::UnRegisterProcess(DWORD pid)
|
||||
CloseHandle(pr.process_handle);
|
||||
CloseHandle(pr.hookman_section);
|
||||
processRecordsByIds.erase(pid);
|
||||
//NtClose(text_pipes[i]);
|
||||
//NtClose(cmd_pipes[i]);
|
||||
//NtClose(recv_threads[i]);
|
||||
//NtClose(record[i].hookman_mutex);
|
||||
//CloseHandle(text_pipes[i]);
|
||||
//CloseHandle(cmd_pipes[i]);
|
||||
//CloseHandle(recv_threads[i]);
|
||||
//CloseHandle(record[i].hookman_mutex);
|
||||
|
||||
////if (::ith_has_section)
|
||||
//NtUnmapViewOfSection(NtCurrentProcess(), record[i].hookman_map);
|
||||
////else
|
||||
//// delete[] record[i].hookman_map;
|
||||
|
||||
//NtClose(record[i].process_handle);
|
||||
//NtClose(record[i].hookman_section);
|
||||
//CloseHandle(record[i].process_handle);
|
||||
//CloseHandle(record[i].hookman_section);
|
||||
|
||||
//for (; i < MAX_REGISTER; i++) {
|
||||
// record[i] = record[i+1];
|
||||
|
@ -248,4 +248,6 @@ enum {
|
||||
, IHF_FILTER_CAPACITY = IHF_FILTER_COUNT + 1 // one more than the dll count
|
||||
};
|
||||
|
||||
#define TIMEOUT 5000 // 5 seconds
|
||||
|
||||
// EOF
|
||||
|
@ -5796,7 +5796,7 @@ int GetShinaRioVersion()
|
||||
enum { BufferSize = 0x40 };
|
||||
char buffer[BufferSize];
|
||||
NtReadFile(hFile, 0, 0, 0, &ios, buffer, BufferSize, 0, 0);
|
||||
NtClose(hFile);
|
||||
CloseHandle(hFile);
|
||||
if (buffer[0] == '[') {
|
||||
buffer[0x3f] = 0; // jichi 8/24/2013: prevent strstr from overflow
|
||||
if (char *version = ::strstr(buffer, "v2."))
|
||||
@ -8191,7 +8191,7 @@ bool IsPensilSetup()
|
||||
NtAllocateVirtualMemory(NtCurrentProcess(), &buffer, 0,
|
||||
&info.AllocationSize.LowPart, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
|
||||
NtReadFile(hFile, 0,0,0, &ios, buffer, info.EndOfFile.LowPart, 0, 0);
|
||||
NtClose(hFile);
|
||||
CloseHandle(hFile);
|
||||
BYTE *b = (BYTE *)buffer;
|
||||
DWORD len = info.EndOfFile.LowPart & ~1;
|
||||
if (len == info.AllocationSize.LowPart)
|
||||
|
@ -921,9 +921,8 @@ void Engine::hijack()
|
||||
void Engine::terminate()
|
||||
{
|
||||
if (hijackThread) {
|
||||
const LONGLONG timeout = -50000000; // in nanoseconds = 5 seconds
|
||||
NtWaitForSingleObject(hijackThread, 0, (PLARGE_INTEGER)&timeout);
|
||||
NtClose(hijackThread);
|
||||
WaitForSingleObject(hijackThread, TIMEOUT);
|
||||
CloseHandle(hijackThread);
|
||||
hijackThread = 0;
|
||||
}
|
||||
}
|
||||
|
@ -490,10 +490,7 @@ DWORD TextHook::UnsafeSend(DWORD dwDataBase, DWORD dwRetn)
|
||||
|
||||
IthCoolDown(); // jichi 9/28/2013: cool down to prevent parallelization in wine
|
||||
//CliLockPipe();
|
||||
if (STATUS_PENDING == NtWriteFile(::hookPipe, 0, 0, 0, &ios, pbData, dwCount + HEADER_SIZE, 0, 0)) {
|
||||
NtWaitForSingleObject(::hookPipe, 0, 0);
|
||||
NtFlushBuffersFile(::hookPipe, &ios);
|
||||
}
|
||||
WriteFile(::hookPipe, pbData, dwCount + HEADER_SIZE, nullptr, nullptr);
|
||||
//CliUnlockPipe();
|
||||
}
|
||||
if (pbData != pbSmallBuff)
|
||||
@ -506,7 +503,7 @@ DWORD TextHook::UnsafeSend(DWORD dwDataBase, DWORD dwRetn)
|
||||
int TextHook::InsertHook()
|
||||
{
|
||||
//ConsoleOutput("vnrcli:InsertHook: enter");
|
||||
NtWaitForSingleObject(hmMutex, 0, 0);
|
||||
WaitForSingleObject(hmMutex, 0);
|
||||
int ok = InsertHookCode();
|
||||
IthReleaseMutex(hmMutex);
|
||||
if (hp.type & HOOK_ADDITIONAL) {
|
||||
@ -678,7 +675,7 @@ int TextHook::UnsafeInsertHookCode()
|
||||
int TextHook::InitHook(LPVOID addr, DWORD data, DWORD data_ind,
|
||||
DWORD split_off, DWORD split_ind, WORD type, DWORD len_off)
|
||||
{
|
||||
NtWaitForSingleObject(hmMutex, 0, 0);
|
||||
WaitForSingleObject(hmMutex, 0);
|
||||
hp.address = (DWORD)addr;
|
||||
hp.offset = data;
|
||||
hp.index = data_ind;
|
||||
@ -697,7 +694,7 @@ int TextHook::InitHook(LPVOID addr, DWORD data, DWORD data_ind,
|
||||
|
||||
int TextHook::InitHook(const HookParam &h, LPCSTR name, WORD set_flag)
|
||||
{
|
||||
NtWaitForSingleObject(hmMutex, 0, 0);
|
||||
WaitForSingleObject(hmMutex, 0);
|
||||
hp = h;
|
||||
hp.type |= set_flag;
|
||||
if (name && name != hook_name) {
|
||||
@ -717,8 +714,7 @@ int TextHook::RemoveHook()
|
||||
if (!hp.address)
|
||||
return no;
|
||||
ConsoleOutput("vnrcli:RemoveHook: enter");
|
||||
const LONGLONG timeout = -50000000; // jichi 9/28/2012: in 100ns, wait at most for 5 seconds
|
||||
NtWaitForSingleObject(hmMutex, 0, (PLARGE_INTEGER)&timeout);
|
||||
WaitForSingleObject(hmMutex, TIMEOUT); // jichi 9/28/2012: wait at most for 5 seconds
|
||||
DWORD l = hp.hook_len;
|
||||
//with_seh({ // jichi 9/17/2013: might crash ><
|
||||
// jichi 12/25/2013: Actually, __try cannot catch such kind of exception
|
||||
@ -735,7 +731,7 @@ int TextHook::RemoveHook()
|
||||
|
||||
int TextHook::ClearHook()
|
||||
{
|
||||
NtWaitForSingleObject(hmMutex, 0, 0);
|
||||
WaitForSingleObject(hmMutex, 0);
|
||||
int err = RemoveHook();
|
||||
if (hook_name) {
|
||||
delete[] hook_name;
|
||||
|
@ -155,33 +155,18 @@ BOOL WINAPI DllMain(HINSTANCE hModule, DWORD fdwReason, LPVOID unused)
|
||||
|
||||
DisableThreadLibraryCalls(hModule);
|
||||
|
||||
//if (!IthInitSystemService()) {
|
||||
// GROWL_WARN(L"Initialization failed.\nAre you running game on a network drive?");
|
||||
// return FALSE;
|
||||
//}
|
||||
// No longer checking if SystemService fails, which could happen on non-Japanese OS
|
||||
IthInitSystemService();
|
||||
|
||||
swprintf(hm_section, ITH_SECTION_ L"%d", current_process_id);
|
||||
|
||||
// jichi 9/25/2013: Interprocedural communication with vnrsrv.
|
||||
hSection = IthCreateSection(hm_section, HOOK_SECTION_SIZE, PAGE_EXECUTE_READWRITE);
|
||||
::hookman = nullptr;
|
||||
NtMapViewOfSection(hSection, NtCurrentProcess(),
|
||||
(LPVOID *)&::hookman, 0, hook_buff_len, 0, &hook_buff_len, ViewUnmap, 0,
|
||||
PAGE_EXECUTE_READWRITE);
|
||||
//PAGE_EXECUTE_READWRITE);
|
||||
hSection = CreateFileMappingW(INVALID_HANDLE_VALUE, nullptr, PAGE_EXECUTE_READWRITE, 0, HOOK_SECTION_SIZE, hm_section);
|
||||
::hookman = (TextHook*)MapViewOfFile(hSection, FILE_MAP_ALL_ACCESS, 0, 0, HOOK_SECTION_SIZE / 2);
|
||||
|
||||
GetProcessName(::processName);
|
||||
FillRange(::processName, &::processStartAddress, &::processStopAddress);
|
||||
//NtInspect::getProcessMemoryRange(&::processStartAddress, &::processStopAddress);
|
||||
|
||||
//if (!::hookman) {
|
||||
// ith_has_section = false;
|
||||
// ::hookman = new TextHook[MAX_HOOK];
|
||||
// memset(::hookman, 0, MAX_HOOK * sizeof(TextHook));
|
||||
//}
|
||||
|
||||
{
|
||||
wchar_t hm_mutex[0x100];
|
||||
swprintf(hm_mutex, ITH_HOOKMAN_MUTEX_ L"%d", current_process_id);
|
||||
@ -216,13 +201,11 @@ BOOL WINAPI DllMain(HINSTANCE hModule, DWORD fdwReason, LPVOID unused)
|
||||
::running = false;
|
||||
::live = false;
|
||||
|
||||
const LONGLONG timeout = -50000000; // in nanoseconds = 5 seconds
|
||||
|
||||
Engine::terminate();
|
||||
|
||||
if (pipeThread) {
|
||||
NtWaitForSingleObject(pipeThread, 0, (PLARGE_INTEGER)&timeout);
|
||||
NtClose(pipeThread);
|
||||
WaitForSingleObject(pipeThread, TIMEOUT);
|
||||
CloseHandle(pipeThread);
|
||||
}
|
||||
|
||||
for (TextHook *man = ::hookman; man->RemoveHook(); man++);
|
||||
@ -233,15 +216,14 @@ BOOL WINAPI DllMain(HINSTANCE hModule, DWORD fdwReason, LPVOID unused)
|
||||
for (TextHook *man = ::hookman; man < ::hookman + MAX_HOOK; man++)
|
||||
man->ClearHook();
|
||||
//if (ith_has_section)
|
||||
NtUnmapViewOfSection(NtCurrentProcess(), ::hookman);
|
||||
//else
|
||||
// delete[] ::hookman;
|
||||
NtClose(hSection);
|
||||
NtClose(hMutex);
|
||||
UnmapViewOfFile(::hookman);
|
||||
|
||||
CloseHandle(hSection);
|
||||
CloseHandle(hMutex);
|
||||
IthCloseSystemService();
|
||||
|
||||
delete ::tree;
|
||||
IthCloseSystemService();
|
||||
NtClose(hmMutex);
|
||||
CloseHandle(hmMutex);
|
||||
//} ITH_EXCEPT {}
|
||||
} break;
|
||||
}
|
||||
|
@ -312,7 +312,7 @@ bool Util::unloadCurrentModule()
|
||||
if (HANDLE h = ::IthCreateThread(fun, (DWORD)&__ImageBase)) {
|
||||
//const LONGLONG timeout = -50000000; // in nanoseconds = 5 seconds
|
||||
//NtWaitForSingleObject(h, 0, (PLARGE_INTEGER)&timeout);
|
||||
NtClose(h);
|
||||
CloseHandle(h);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user