|
|
//
// DelayImp.h
//
// define structures and prototypes necessary for delay loading of imports
//
#if !defined(_delayimp_h)
#define _delayimp_h
#if _MSC_VER > 1000
#pragma once
#endif
#ifndef DELAYLOAD_VERSION
#ifdef _WIN64
#define DELAYLOAD_VERSION 0x200
#else
#define DELAYLOAD_VERSION 0x100
#endif
#endif
#if defined(__cplusplus)
#define ExternC extern "C"
#else
#define ExternC
#endif
typedef IMAGE_THUNK_DATA * PImgThunkData;typedef const IMAGE_THUNK_DATA * PCImgThunkData;typedef DWORD RVA;
typedef struct ImgDelayDescrV2 { DWORD grAttrs; // attributes
RVA rvaDLLName; // RVA to dll name
RVA rvaHmod; // RVA of module handle
RVA rvaIAT; // RVA of the IAT
RVA rvaINT; // RVA of the INT
RVA rvaBoundIAT; // RVA of the optional bound IAT
RVA rvaUnloadIAT; // RVA of optional copy of original IAT
DWORD dwTimeStamp; // 0 if not bound,
// O.W. date/time stamp of DLL bound to (Old BIND)
} ImgDelayDescrV2, * PImgDelayDescrV2;
typedef struct ImgDelayDescrV1 { DWORD grAttrs; // attributes
LPCSTR szName; // pointer to dll name
HMODULE * phmod; // address of module handle
PImgThunkData pIAT; // address of the IAT
PCImgThunkData pINT; // address of the INT
PCImgThunkData pBoundIAT; // address of the optional bound IAT
PCImgThunkData pUnloadIAT; // address of optional copy of original IAT
DWORD dwTimeStamp; // 0 if not bound,
// O.W. date/time stamp of DLL bound to (Old BIND)
} ImgDelayDescrV1, * PImgDelayDescrV1;
#if DELAYLOAD_VERSION >= 0x0200
typedef ImgDelayDescrV2 ImgDelayDescr;typedef PImgDelayDescrV2 PImgDelayDescr;#else
typedef ImgDelayDescrV1 ImgDelayDescr;typedef PImgDelayDescrV1 PImgDelayDescr;#endif
typedef const ImgDelayDescr * PCImgDelayDescr;
enum DLAttr { // Delay Load Attributes
dlattrRva = 0x1, // RVAs are used instead of pointers
};
//
// Delay load import hook notifications
//
enum { dliStartProcessing, // used to bypass or note helper only
dliNotePreLoadLibrary, // called just before LoadLibrary, can
// override w/ new HMODULE return val
dliNotePreGetProcAddress, // called just before GetProcAddress, can
// override w/ new FARPROC return value
dliFailLoadLib, // failed to load library, fix it by
// returning a valid HMODULE
dliFailGetProc, // failed to get proc address, fix it by
// returning a valid FARPROC
dliNoteEndProcessing, // called after all processing is done, no
// no bypass possible at this point except
// by longjmp()/throw()/RaiseException.
};
typedef struct DelayLoadProc { BOOL fImportByName; union { LPCSTR szProcName; DWORD dwOrdinal; }; } DelayLoadProc;
typedef struct DelayLoadInfo { DWORD cb; // size of structure
PCImgDelayDescr pidd; // raw form of data (everything is there)
FARPROC * ppfn; // points to address of function to load
LPCSTR szDll; // name of dll
DelayLoadProc dlp; // name or ordinal of procedure
HMODULE hmodCur; // the hInstance of the library we have loaded
FARPROC pfnCur; // the actual function that will be called
DWORD dwLastError;// error received (if an error notification)
} DelayLoadInfo, * PDelayLoadInfo;
typedef FARPROC (WINAPI *PfnDliHook)( unsigned dliNotify, PDelayLoadInfo pdli );
// utility function for calculating the index of the current import
// for all the tables (INT, BIAT, UIAT, and IAT).
__inline unsignedIndexFromPImgThunkData(PCImgThunkData pitdCur, PCImgThunkData pitdBase) { return (unsigned)(pitdCur - pitdBase); }
// C++ template utility function for converting RVAs to pointers
//
#if defined(_WIN64) && defined(_M_IA64)
#pragma section(".base", long, read, write)
ExternC__declspec(allocate(".base"))externIMAGE_DOS_HEADER __ImageBase;#else
ExternCexternIMAGE_DOS_HEADER __ImageBase;#endif
#if defined(__cplusplus)
template <class X>X * PFromRva(RVA rva, const X *) { return (X*)(PBYTE(&__ImageBase) + rva); }#else
__inlinevoid *WINAPIPFromRva(RVA rva, void *unused) { return (PVOID)(((PBYTE)&__ImageBase) + rva); }#endif
//
// Unload support
//
// routine definition; takes a pointer to a name to unload
//
#if DELAYLOAD_VERSION >= 0x0200
ExternCBOOL WINAPI__FUnloadDelayLoadedDLL2(LPCSTR szDll);#else
ExternCBOOL WINAPI__FUnloadDelayLoadedDLL(LPCSTR szDll);#endif
// structure definitions for the list of unload records
typedef struct UnloadInfo * PUnloadInfo;typedef struct UnloadInfo { PUnloadInfo puiNext; PCImgDelayDescr pidd; } UnloadInfo;
// the default delay load helper places the unloadinfo records in the list
// headed by the following pointer.
ExternCexternPUnloadInfo __puiHead;
//
// Exception information
//
#define FACILITY_VISUALCPP ((LONG)0x6d)
#define VcppException(sev,err) ((sev) | (FACILITY_VISUALCPP<<16) | err)
// utility function for calculating the count of imports given the base
// of the IAT. NB: this only works on a valid IAT!
__inline unsignedCountOfImports(PCImgThunkData pitdBase) { unsigned cRet = 0; PCImgThunkData pitd = pitdBase; while (pitd->u1.Function) { pitd++; cRet++; } return cRet; }
//
// Hook pointers
//
// The "notify hook" gets called for every call to the
// delay load helper. This allows a user to hook every call and
// skip the delay load helper entirely.
//
// dliNotify == {
// dliStartProcessing |
// dliPreLoadLibrary |
// dliPreGetProc |
// dliNoteEndProcessing}
// on this call.
//
ExternCexternPfnDliHook __pfnDliNotifyHook;
ExternCexternPfnDliHook __pfnDliNotifyHook2;
// This is the failure hook, dliNotify = {dliFailLoadLib|dliFailGetProc}
ExternCexternPfnDliHook __pfnDliFailureHook;
ExternCexternPfnDliHook __pfnDliFailureHook2;
#if DELAYLOAD_VERSION >= 0x0200
#define __pfnDliFailureHook __pfnDliFailureHook2
#define __pfnDliNotifyHook __pfnDliNotifyHook2
#endif
#endif
|
