archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/base/mvdm/wow16/toolhelp/notify2.asm

643 lines
26 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. PAGE 60,150
  2. ;***************************************************************************
  3. ;* NOTIFY2.ASM
  4. ;*
  5. ;* Assembly code support routines used for the TOOLHELP.DLL
  6. ;* notification API
  7. ;*
  8. ;***************************************************************************
  10. INCLUDE TOOLPRIV.INC
  11. .286p
  13. ;** Data
  14. sBegin DATA
  16. globalW wCASRqFlag,0 ;Set when an CASRq INT3 has been set
  17. globalD dwCASRqCSIP,0 ;Holds the CS:IP of the CASRq INT3
  18. globalD lpfnOldProc,0 ;Old hook from new PTrace hook
  19. szWinDebug DB 'WINDEBUG', 0
  21. ;** WARNING!!
  22. ;** This structure is set to the size of the largest notification
  23. ;** structure. This is currently NFYLOADSEG which is 16 bytes long.
  24. ;** If a structure is added that is longer than this or if any other
  25. ;** structure is added, this space must be increased to match!!
  26. ReturnStruct DB 16 DUP (?)
  28. sEnd
  30. ;** Imports
  31. externFP GetModuleHandle
  32. externFP RegisterPTrace
  33. externFP OutputDebugString
  34. externFP AllocCStoDSAlias
  35. externFP FreeSelector
  36. externNP HelperHandleToSel
  38. sBegin CODE
  39. assumes CS,CODE
  40. assumes DS,DATA
  42. ; NotifyInit
  43. ; Called when the first app registers a notification handler.
  44. ; Hooks the Register PTrace notification.
  45. ; Returns FALSE if we couldn't initialize, TRUE otherwise
  47. cProc NotifyInit, <NEAR,PUBLIC>, <si,di,ds>
  48. cBegin
  49. ;** In the Windows 3.1 KERNEL, there is a special hook just for
  50. ;* TOOLHELP that lets us get PTrace stuff and still coexist
  51. ;* with old-fashioned debuggers. We can check to see if the
  52. ;* hook exists by simply checking the TOOLHELP flags
  53. ;**
  54. test wTHFlags,TH_GOODPTRACEHOOK ;Good hook around?
  55. jz DNI_UseRegPTrace ;Nope, use the old one
  56. lea si,NotifyHandler ;Point to the routine
  57. push cs ;Parameter is lpfn to callback
  58. push si
  59. call lpfnNotifyHook ;Hook it
  60. mov WORD PTR lpfnOldProc[0],ax ;Save old proc
  61. mov WORD PTR lpfnOldProc[2],dx
  62. jmp SHORT DNI_10 ;We're in
  64. ;** Since there's no way we can see if someone else has Register
  65. ;* PTrace, we just connect and hope for the best!
  66. ;** We do check, however, to see if WINDEBUG.DLL is installed.
  67. DNI_UseRegPTrace:
  68. lea si,szWinDebug ;Get the name of the module
  69. cCall GetModuleHandle, <ds,si> ;Is WINDEBUG present?
  70. or ax,ax ;Check the handle
  71. jnz DNI_Fail ;It's here so fail
  72. or wTHFlags,TH_GOTOLDPTRACE ;Flag that we made the hook
  73. lea si,NotifyHandler ;Point to our routine
  74. cCall RegisterPTrace, <cs,si> ;Tell KERNEL to use it
  76. ;** Connect to the FatalExit hook. We currently ignore
  77. ;** the return value, thus unhooking anyone else
  78. DNI_10: cmp WORD PTR lpfnFatalExitHook + 2,0 ;Can we hook it?
  79. jz DNI_20 ;Can't do it
  80. push cs ;Get the CS:IP of RIP handler
  81. push OFFSET NotifyRIPHandler
  82. call DWORD PTR lpfnFatalExitHook ;Tell KERNEL to insert the hook
  83. DNI_20:
  85. ;** Return OK
  86. mov ax,TRUE ;Return TRUE
  87. jmp SHORT DNI_End ;Get out
  89. DNI_Fail:
  90. xor ax,ax ;FALSE
  92. DNI_End:
  93. cEnd
  96. ; NotifyUnInit
  97. ; Called when the no more apps have hooked notification handlers
  98. ; so the hook to the Register PTrace notification is no longer needed.
  100. cProc NotifyUnInit, <NEAR,PUBLIC>, <si,di,ds>
  101. cBegin
  102. ;** Did we have a new hook to undo?
  103. test wTHFlags,TH_GOODPTRACEHOOK ;Do we have a new hook?
  104. jz DNU_TryOldPTrace ;No
  105. push WORD PTR lpfnOldProc[0] ;Get the old proc
  106. push WORD PTR lpfnOldProc[2]
  107. call lpfnNotifyHook ;Unhook ourself
  108. jmp SHORT DNU_NoOldPTrace
  110. ;** Unhook the old-style hook if necessary
  111. DNU_TryOldPTrace:
  112. test wTHFlags,TH_GOTOLDPTRACE ;Did we have a hook?
  113. jz DNU_NoOldPTrace ;No
  114. push 0
  115. push 0
  116. call RegisterPTrace ;Call KERNEL's routine to unhook
  117. DNU_NoOldPTrace:
  119. ;** Unhook alternate hooks
  120. cmp WORD PTR lpfnFatalExitHook + 2,0 ;Can we unhook it?
  121. jz DNU_NoRIP ;Can't do it
  122. xor ax,ax ;Remove any other hooks
  123. push ax ;NULL procedure
  124. push ax
  125. call DWORD PTR lpfnFatalExitHook
  126. DNU_NoRIP:
  128. cEnd
  131. ; NotifyHandler
  132. ; This routine is called directly by PTrace and is used to
  133. ; dispatch the notifications to all registered callbacks.
  135. cProc NotifyHandler, <FAR,PUBLIC>
  136. cBegin NOGEN
  138. ;** Push a register frame
  139. ;* When done, it should look like this:
  140. ;* ------------
  141. ;* | ES | [BP - 14h]
  142. ;* | DS | [BP - 12h]
  143. ;* | DI | [BP - 10h]
  144. ;* | SI | [BP - 0Eh]
  145. ;* | BP | [BP - 0Ch]
  146. ;* | SP | [BP - 0Ah]
  147. ;* | BX | [BP - 08h]
  148. ;* | DX | [BP - 06h]
  149. ;* | CX | [BP - 04h]
  150. ;* | AX | [BP - 02h]
  151. ;* BP-->| Old BP | [BP - 00h]
  152. ;* | IP | [BP + 02h]
  153. ;* | CS | [BP + 04h]
  154. ;* ------------
  155. ;**
  156. push bp ;Make a stack frame
  157. mov bp,sp
  158. pusha ;Save all registers
  159. push ds ;Save segment registers, too
  160. push es
  162. ;** Get the data segment
  163. mov bx,_DATA ;Get TOOLHELP data segment
  164. mov ds,bx
  166. ;** If in 3.0 std mode and we get this wild notification 69h,
  167. ;** translate it to a inchar notification as this is what it
  168. ;** is supposed to be.
  169. cmp ax,69h ;Bogus notification?
  170. jne NH_NoBogusNotify ;No, don't do this
  171. test wTHFlags,TH_WIN30STDMODE ;3.0 standard mode?
  172. jz NH_NoBogusNotify ;No, might be valid in the future...
  173. mov ax,NI_INCHAR ;Put in real notify value
  174. NH_NoBogusNotify:
  176. ;** Special case notifications:
  177. ;* Notification 63h means that CtlAltSysRq was pressed. For
  178. ;* this, we want to handle as an interrupt, not a notification.
  179. ;* To do this, we set a breakpoint and set a flag so that the
  180. ;** INT3 handler knows what to do with it
  181. cmp ax,63h ;CtlAltSysRq?
  182. jne NH_NoCASRq ;No.
  183. mov ax,[bp + 04h] ;Since we can't use IRET CS:IP, get
  184. mov si,[bp + 02h] ; a safe address in KERNEL
  185. mov WORD PTR dwCASRqCSIP[2],ax ;Save the CS:IP value
  186. cCall AllocCStoDSAlias, <ax> ;Get a data alias to the CS
  187. or ax,ax ;Error?
  188. jnz @F
  189. jmp SHORT DNH_End ;Yes, get out
  190. @@: verw ax ;OK to write to?
  191. jnz DNH_NoWrite ;Yes, so do it
  192. DNH_IRETCSOK:
  193. mov es,ax ;Point with ES
  194. mov WORD PTR dwCASRqCSIP[0],si
  195. mov al,es:[si] ;Get the character there
  196. mov ah,1 ;Make sure there's something in AH
  197. mov wCASRqFlag,ax ;Save the thing for the INT3 handler
  198. mov BYTE PTR es:[si],0cch ;Poke the INT3 in there
  199. mov ax,es ;Get the selector back
  200. DNH_NoWrite:
  201. cCall FreeSelector, <ax> ;Get rid of the alias
  202. jmp SHORT DNH_End ;Get out. This will INT3 soon
  204. NH_NoCASRq: ; Does not return
  206. ;** Notifications to ignore here:
  207. ;** Notification 60h is bogus and should be ignored
  208. cmp ax,60h ;PostLoad notification?
  209. jz DNH_End ;Yes, don't report
  211. ;** Decode the notification
  212. cCall DecodeNotification ;Returns dwData in CX:DX, AX is wID
  213. ; BX is NOTIFYSTRUCT match flags
  214. ;** This is an entry point for notifications from sources other than
  215. ;** PTrace
  216. DNH_Decoded:
  218. ;** Loop through callbacks
  219. mov di,npNotifyHead ;Point to the start of the list
  220. xor si,si ;FALSE return value is default
  221. DNH_Loop:
  222. push ax
  223. mov ax,ds:[di].ns_pNext ;Save the next pointer in a global
  224. mov npNotifyNext,ax ; so we can chain in NotifyUnregister
  225. pop ax
  227. or di,di ;End of list?
  228. jz DNH_Done ;Yep. Get out
  230. ;** If the flags for this notification are zero, we always send it
  231. or bx,bx ;Check the matching flags
  232. jz DNH_DoIt ;Do notification
  234. ;** See if the flags match
  235. test bx,ds:[di].ns_wFlags ;Check against the NOTIFYSTRUCT flags
  236. jz DNH_Continue ;If zero, no match, don't do it
  238. ;** Call the user callback
  239. DNH_DoIt:
  240. push ax ;Save everything we need
  241. push bx
  242. push cx
  243. push dx
  245. push ax ;wID
  246. push cx ;High word of dwData
  247. push dx ;Low word
  248. call DWORD PTR ds:[di].ns_lpfn ;Call the callback (PASCAL style)
  249. mov si,ax ;Get return value in SI
  251. pop dx ;Restore everything
  252. pop cx
  253. pop bx
  254. pop ax
  256. ;** If the return value is nonzero, we don't want to give this to
  257. ;** any more callbacks
  258. or si,si ;TRUE return value?
  259. jnz DNH_Done ;Yes, get out
  261. ;** Get the next callback
  262. DNH_Continue:
  263. mov di,npNotifyNext ;Get next pointer
  264. jmp DNH_Loop ; and loop back
  266. ;** End of callback loop.
  267. DNH_Done:
  269. ;** If this was an InChar message but everyone ignored it, force
  270. ;** the return to be an 'i' for 'ignore' on RIPs. This i
  271. ;** only necessary in 3.0 because the 3.1 KERNEL treats 0
  272. ;** returns just like 'i'
  273. cmp ax,NFY_INCHAR ;Is this an InChar notification?
  274. jne DNH_Default ;No, so ignore
  275. test wTHFlags,TH_WIN30 ;In 3.0?
  276. jz DNH_Default ;No, don't do this
  277. and si,0ffh ;Ignore all but low byte
  278. or si,si ;Non-zero?
  279. jnz DNH_Default ;Yes, return it as the character
  280. mov si,'i' ;Instead of zero, return 'i'gnore.
  281. DNH_Default:
  282. mov [bp - 02h],si ;Return the return code in AX
  284. ;** Clear off the stack and exit
  285. DNH_End:
  286. mov npNotifyNext,0 ;No current next pointer
  288. pop es ;Restore all registers
  289. pop ds
  290. popa
  291. pop bp
  292. retf ;Just return
  294. cEnd NOGEN
  297. ; NotifyRIPHandler
  298. ; Gets called by KERNEL when a RIP occurs. If it returns TRUE,
  299. ; KERNEL will act like the RIP was ignored. Otherwise, the RIP
  300. ; procedes normally.
  301. ; This routine does not need to worry about saving non-C regs
  303. cProc NotifyRIPHandler, <FAR,PUBLIC>
  304. ; parmW wExitCode
  305. cBegin nogen
  307. ;** Clear PASCAL-style parameters
  308. push bp ;Make a stack frame
  309. mov bp,sp
  310. mov bx,[bp + 6] ;Get the BP value
  311. mov dx,[bp + 8] ;Get the Exit code
  312. mov [bp - 2],ax ;Save it out of the way for now
  313. mov ax,[bp + 4] ;Get the RETF CS value
  314. mov [bp + 8],ax ;Shift down to clear parameters
  315. mov ax,[bp + 2] ;Get the RETF IP value
  316. mov [bp + 6],ax ;Shift down to clear parameters
  317. mov ax,[bp + 0] ;Get the old BP value
  318. mov [bp + 4],ax ;Shift down
  319. add bp,4 ;Move BP down on the stack
  320. mov sp,bp ;Point SP there too
  321. pusha ;Save matching register frame
  322. push ds
  323. push es
  325. ;** Get the data segment
  326. mov ax,_DATA ;Get TOOLHELP data segment
  327. mov ds,ax
  330. ;** Prepare to jump into the notification handler.
  331. ;** The trick here is that if a notification callback returns
  332. ;** non-zero, the RIP has been handled. Otherwise, it has not.
  333. ;** DX holds the exit code here, BX has the old BP value
  334. lea si,ReturnStruct ;Get a pointer to the return struct
  335. mov WORD PTR [si].nrp_dwSize[0],SIZE NFYRIP
  336. mov WORD PTR [si].nrp_dwSize[2],0
  337. mov ax,ss:[bx + 4] ;Get old CS value from stack
  338. mov [si].nrp_wCS,ax ; (BX is BP from FatalExit stack)
  339. mov ax,ss:[bx + 2] ;Get old IP value
  340. mov [si].nrp_wIP,ax
  341. mov [si].nrp_wSS,ss ;Save SS:BP for stack trace
  342. mov [si].nrp_wBP,bx
  343. mov [si].nrp_wExitCode,dx
  344. mov cx,ds ;Point to structure
  345. mov dx,si
  346. mov bx,NF_RIP ;Get the NOTIFYINFO match flags
  347. mov ax,NFY_RIP ;TOOLHELP ID
  349. ;** Jump to the real handler
  350. jmp DNH_Decoded ;Jump to alternate entry point
  352. cEnd nogen
  354. ;** Helper routines
  356. ; DecodeNotification
  357. ; Decodes a notification by pointing to a static structure and filling
  358. ; this structure with notification-specific information.
  359. ; The PTrace notification ID is in AX.
  360. ; Returns the ToolHelp ID in AX
  361. ; and the dwData value is in CX:DX.
  363. cProc DecodeNotification, <NEAR,PUBLIC>
  364. cBegin
  365. ;** Point dwData to the structure just in case
  366. mov cx,ds ;Get the segment value
  367. lea dx,ReturnStruct ;Get a pointer to the return struct
  368. xor bx,bx ;Most notifications always match
  370. ;** The stack frame looks like this:
  371. ;* ------------
  372. ;* | ES | [BP - 14h]
  373. ;* | DS | [BP - 12h]
  374. ;* | DI | [BP - 10h]
  375. ;* | SI | [BP - 0Eh]
  376. ;* | BP | [BP - 0Ch]
  377. ;* | SP | [BP - 0Ah]
  378. ;* | BX | [BP - 08h]
  379. ;* | DX | [BP - 06h]
  380. ;* | CX | [BP - 04h]
  381. ;* | AX | [BP - 02h]
  382. ;* BP-->| Old BP | [BP - 00h]
  383. ;* ------------
  384. ;**
  385. FrameES EQU [BP - 14h]
  386. FrameDS EQU [BP - 12h]
  387. FrameDI EQU [BP - 10h]
  388. FrameSI EQU [BP - 0Eh]
  389. FrameBP EQU [BP - 0Ch]
  390. FrameSP EQU [BP - 0Ah]
  391. FrameBX EQU [BP - 08h]
  392. FrameDX EQU [BP - 06h]
  393. FrameCX EQU [BP - 04h]
  394. FrameAX EQU [BP - 02h]
  396. ;** Check for LoadSeg
  397. cmp ax,NI_LOADSEG ;LoadSeg?
  398. jnz DN_10 ;No
  400. ;** LoadSeg:
  401. ;* CX is selector
  402. ;* BX is segment number
  403. ;* SI is type: Low bit set for data segment, clear for code
  404. ;* DX is instance count only for data segments
  405. ;** ES:DI module name
  406. mov si,dx ;Point to NFYLOADSEG struct
  407. mov ax,SIZE NFYLOADSEG ;Get the structure size
  408. mov WORD PTR [si].nls_dwSize,ax ;Save the LOWORD of the size
  409. mov WORD PTR [si].nls_dwSize + 2,0 ;HIWORD is zero
  410. mov ax,FrameCX ;Get selector
  411. mov [si].nls_wSelector,ax ;Save in structure
  412. mov ax,FrameBX ;Get segment number
  413. inc ax ;Segment number is 1-based
  414. mov [si].nls_wSegNum,ax ;Save in structure
  415. mov ax,FrameSI ;Get the segment type
  416. mov [si].nls_wType,ax ;Put in structure
  417. mov ax,FrameDX ;Get instance count
  418. mov [si].nls_wcInstance,ax ;Put in structure
  419. mov ax,FrameDI ;Get offset of module name str
  420. mov WORD PTR [si].nls_lpstrModuleName,ax ;Save it
  421. mov ax,FrameES ;Get segment of module name str
  422. mov WORD PTR [si].nls_lpstrModuleName + 2,ax ;Save it
  423. mov ax,NFY_LOADSEG ;Get the TOOLHELP ID
  424. jmp DN_End
  426. ;** Check for FreeSeg
  427. DN_10: cmp ax,NI_FREESEG ;FreeSeg?
  428. jnz DN_15 ;No
  430. ;** FreeSeg:
  431. ;** BX is selector
  432. xor cx,cx ;Clear high word
  433. mov dx,FrameBX ;Get the selector
  434. test wTHFlags,TH_WIN30STDMODE ;3.0 standard mode?
  435. jz DN_FS_GotSelValue ;No, what we have is correct
  436. mov si,FrameSP ;Point to old stack frame
  437. mov dx, ss:[si + 6] ;Selector is 6 bytes down
  438. lsl ax, dx
  439. jz DN_FS_CheckLen ;Selector is OK
  440. mov dx, FrameBX ;Revert to BX value
  441. jmp SHORT DN_FS_GotSelValue
  442. DN_FS_CheckLen:
  443. cmp ax, 15 ;If the segment is 15 bytes long,
  444. jne DN_FS_GotSelValue ; this is a bogus selector and is
  445. ; really an arena header.
  446. push es
  447. mov es, dx ;Get handle
  448. cCall HelperHandleToSel, <es:[0ah]> ;Convert to selector
  449. mov dx, ax ;Get handle out of arena header
  450. pop es
  451. DN_FS_GotSelValue:
  452. mov ax,NFY_FREESEG ;Get the TOOLHELP ID
  453. jmp DN_End
  455. ;** Check for StartDLL
  456. DN_15: cmp ax,NI_LOADDLL
  457. jnz DN_20
  459. ;** StartDLL:
  460. ;** CX is CS
  461. ;** BX is IP
  462. ;** SI is Module handle
  463. mov si,dx ;Point with SI
  464. mov ax,SIZE NFYSTARTDLL ;Get the size
  465. mov WORD PTR [si].nsd_dwSize,ax ;Save the LOWORD of the size
  466. mov WORD PTR [si].nsd_dwSize + 2,0 ;HIWORD is always zero
  467. mov ax,FrameSI ;Get the hInstance
  468. mov [si].nsd_hModule,ax ;Save in structure
  469. mov ax,FrameCX ;Get the starting CS
  470. mov [si].nsd_wCS,ax ;Save in structure
  471. mov ax,FrameBX ;Get the starting IP
  472. mov [si].nsd_wIP,ax ;Save in structure
  473. mov ax,NFY_STARTDLL
  474. jmp DN_End
  476. ;** Check for StartTask
  477. DN_20: cmp ax,NI_STARTTASK ;StartTask?
  478. jnz DN_30 ;No
  480. ;** StartTask:
  481. ;* CX is CS
  482. ;** BX is IP
  483. mov cx,FrameCX
  484. mov dx,FrameBX
  485. mov ax,NFY_STARTTASK
  486. jmp DN_End
  488. ;** Check for ExitCall
  489. DN_30: cmp ax,NI_EXITCALL ;ExitCall
  490. jnz DN_40 ;No
  492. ;** ExitCall:
  493. ;* Exit code is on stack somewhere if we don't have the new
  494. ;** notification handler. If we do, it's in BL.
  495. xor cx,cx ;Clear all but low byte
  496. xor dh,dh
  497. test wTHFlags,TH_GOODPTRACEHOOK ;Do we have the good hook?
  498. jz DN_DoOldHook ;Nope, grope on the stack
  499. mov dl,BYTE PTR FrameBX ;Get the exit code
  500. mov ax,NFY_EXITTASK ;Get the TOOLHELP ID
  501. jmp DN_End
  502. DN_DoOldHook:
  503. mov si,FrameSP ;Point to old stack frame
  504. mov dl,ss:[si + 6] ;Exit code is 6 bytes down on stack
  505. mov ax,NFY_EXITTASK ;Get the TOOLHELP ID
  506. jmp DN_End
  508. ;** Check for DelModule
  509. DN_40: cmp ax,NI_DELMODULE ;DelModule?
  510. jnz DN_60 ;No
  512. ;** DelModule:
  513. ;** ES is module handle
  514. xor cx,cx ;Clear HIWORD
  515. mov dx,FrameES ;Get the module handle
  516. mov ax,NFY_DELMODULE ;Get the TOOLHELP ID
  517. jmp DN_End
  519. ;** Check for TaskSwitchIn
  520. DN_60: cmp ax,NI_TASKIN ;TaskSwitchIn?
  521. jnz DN_70 ;No
  523. ;** TaskSwitchIn:
  524. ;** No data. Callback should do GetCurrentTask()
  525. xor cx,cx ;Clear data
  526. xor dx,dx
  527. mov ax,NFY_TASKIN ;Get the TOOLHELP ID
  528. mov bx,NF_TASKSWITCH ;Get the NOTIFYSTRUCT match flag
  529. jmp DN_End
  531. ;** Check for TaskSwitchOut
  532. DN_70: cmp ax,NI_TASKOUT ;TaskSwitchOut?
  533. jnz DN_90 ;No
  535. ;** TaskSwitchOut:
  536. ;** No data
  537. xor cx,cx ;Clear data
  538. xor dx,dx
  539. mov ax,NFY_TASKOUT ;Get the TOOLHELP ID
  540. mov bx,NF_TASKSWITCH ;Get the NOTIFYSTRUCT match flag
  541. jmp DN_End
  543. ;** Check for OutStr
  544. DN_90: cmp ax,NI_OUTSTR ;OutStr?
  545. jnz DN_100 ;No
  547. ;** OutStr:
  548. ;** ES:SI points to string to display in 3.1
  549. ;** DS:SI in 3.0
  550. test wTHFlags,TH_WIN30 ;3.0?
  551. jz DN_OS_Win31 ;Nope
  552. mov cx,FrameDS ;Get the segment value
  553. jmp SHORT @F
  554. DN_OS_Win31:
  555. mov cx,FrameES ;Get the segment value
  556. @@: mov dx,FrameSI ; and the offset
  557. mov ax,NFY_OUTSTR ;Get the TOOLHELP ID
  558. jmp DN_End
  560. ;** Check for InChar
  561. DN_100: cmp ax,NI_INCHAR ;InChar?
  562. jnz DN_105 ;No
  564. ;** InChar:
  565. ;** No data passed (it wants data back in AL)
  566. xor cx,cx ;Clear dwData
  567. xor dx,dx
  568. mov ax,NFY_INCHAR ;Get the TOOLHELP ID
  569. jmp SHORT DN_End
  571. ;** NOTE: The following notifications are defined as "NEW" and
  572. ;** are NOT sent through the normal PTrace interface so as to
  573. ;** not break CodeSpew. It stack faults when
  574. ;** it is sent a notification it doesn't understand. So,
  575. ;** here we don't bother decoding any of these unless we have
  576. ;** the new (Win 3.1) style hook
  577. DN_105: test wTHFlags,TH_GOODPTRACEHOOK ;Do we have the advanced hook?
  578. jnz DN_110 ;Yes
  579. jmp SHORT DN_End
  581. ;** Check for the parameter validation notifications
  582. DN_110: cmp ax,NI_LOGERROR ;SDM_LOGERROR?
  583. jne DN_120 ;No
  585. ;** SDM_LOGERROR:
  586. ;* CX is Error code
  587. ;** DX:BX is lpInfo
  588. mov si,dx ;Point with SI
  589. mov ax,SIZE NFYLOGERROR ;Get the size
  590. mov WORD PTR [si].nle_dwSize[0],ax ;Save the LOWORD of the size
  591. mov WORD PTR [si].nle_dwSize[2],0 ;HIWORD is always zero
  592. mov ax,FrameCX ;Get the error code
  593. mov [si].nle_wErrCode,ax ;Save in structure
  594. mov ax,FrameDX ;Get the lpInfo
  595. mov WORD PTR [si].nle_lpInfo[2],ax ;Save in structure
  596. mov ax,FrameBX
  597. mov WORD PTR [si].nle_lpInfo[0],ax ;Save in structure
  598. mov ax,NFY_LOGERROR ;Get the TOOLHELP ID
  599. jmp SHORT DN_End
  601. DN_120: cmp ax,NI_LOGPARAMERROR ;SDM_LOGPARAMERROR?
  602. jne DN_Unknown ;No
  604. ;** SDM_LOGPARAMERROR:
  605. ;** ES:BX points to a structure:
  606. ;** WORD wErr
  607. ;** FARPROC lpfn
  608. ;** VOID FAR* lpBadParam
  609. mov si,dx ;Point with SI
  610. mov ax,SIZE NFYLOGPARAMERROR ;Struct size
  611. mov WORD PTR [si].nlp_dwSize[0],ax ;Save the LOWORD of the size
  612. mov WORD PTR [si].nlp_dwSize[2],0 ;HIWORD is always zero
  613. mov es,FrameES ;Point to the structure
  614. mov bx,FrameBX
  615. mov ax,es:[bx] ;Get wErr
  616. mov [si].nlp_wErrCode,ax ;Save in structure
  617. mov ax,es:[bx + 2] ;Get lpfn[0]
  618. mov WORD PTR [si].nlp_lpfnErrorAddr[0],ax
  619. mov ax,es:[bx + 4] ;Get lpfn[2]
  620. mov WORD PTR [si].nlp_lpfnErrorAddr[2],ax
  621. mov ax,es:[bx + 6] ;Get lpBadParam[0]
  622. mov WORD PTR [si].nlp_lpBadParam[0],ax
  623. mov ax,es:[bx + 8] ;Get lpBadParam[2]
  624. mov WORD PTR [si].nlp_lpBadParam[2],ax
  625. mov ax,NFY_LOGPARAMERROR ;Get the TOOLHELP ID
  626. xor bx,bx ;Always match
  627. jmp SHORT DN_End
  629. ;** Must be unknown, return TOOLHELP ID NFY_UNKNOWN with KERNEL value
  630. ;** in LOWORD(wData)
  631. DN_Unknown:
  632. mov dx,ax ;Get the notification value
  633. mov ax,NFY_UNKNOWN ;Unknown KERNEL notification
  634. xor cx,cx ;Clear high WORD
  636. DN_End:
  638. cEnd
  640. sEnd
  641. END