archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/windows/appcompat/shims/layer/emulatemissingexe.cpp

1003 lines
26 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 2000 Microsoft Corporation
  5. Module Name:
  7. EmulateMissingEXE.cpp
  9. Abstract:
  11. Win9x had scandskw.exe and defrag.exe in %windir%, NT does not.
  12. Whistler has a hack in the shell32 for scandisk for app compatability
  13. purposes. Whistler can also invoke defrag via
  14. "%windir%\system32\mmc.exe %windir%\system32\dfrg.msc".
  16. This shim redirects CreateProcess and Winexec to execute these two
  17. substitutes, as well as FindFile to indicate their presence.
  19. Notes:
  21. This is a general purpose shim.
  23. History:
  25. 01/02/2001 prashkud Created
  26. 02/18/2001 prashkud Merged HandleStartKeyword SHIM with this.
  27. 02/21/2001 prashkud Replaced most strings with CString class.
  29. --*/
  31. #include "precomp.h"
  33. IMPLEMENT_SHIM_BEGIN(EmulateMissingEXE)
  34. #include "ShimHookMacro.h"
  36. APIHOOK_ENUM_BEGIN
  37. APIHOOK_ENUM_ENTRY(CreateProcessA)
  38. APIHOOK_ENUM_ENTRY(CreateProcessW)
  39. APIHOOK_ENUM_ENTRY(WinExec)
  40. APIHOOK_ENUM_ENTRY(FindFirstFileA)
  41. APIHOOK_ENUM_ENTRY(FindFirstFileW)
  42. APIHOOK_ENUM_ENTRY_COMSERVER(SHELL32)
  43. APIHOOK_ENUM_END
  45. IMPLEMENT_COMSERVER_HOOK(SHELL32)
  47. // Type for the functions that builds the New EXES
  48. typedef BOOL (*_pfn_STUBFUNC)(CString&, CString&, BOOL);
  50. // Main Data structure to hold the New strings
  51. struct REPLACEENTRY {
  52. WCHAR *OrigExeName; // original EXE to be replaced
  53. _pfn_STUBFUNC pfnFuncName; // function to call to correct the name
  54. };
  56. CRITICAL_SECTION g_CritSec;
  57. WCHAR *g_szSysDir = NULL; // system directory for stubs to use
  59. BOOL StubScandisk(CString&, CString&, BOOL);
  60. BOOL StubDefrag(CString&, CString&, BOOL);
  61. BOOL StubStart(CString&, CString&, BOOL);
  62. BOOL StubControl(CString&, CString&, BOOL);
  63. BOOL StubDxDiag(CString&, CString&, BOOL);
  64. BOOL StubWinhlp(CString&, CString&, BOOL);
  65. BOOL StubRundll(CString&, CString&, BOOL);
  66. BOOL StubPbrush(CString&, CString&, BOOL);
  68. // Add variations of these missing Exes like in HandleStartKeyword
  69. // Start has been put at the top of the list as there seem to be more apps
  70. // that need the SHIM for this EXE than others. In fact there was a
  71. // seperate SHIM HandleStartKeyword that was merged with this.
  72. REPLACEENTRY g_ReplList[] = {
  73. {L"start", StubStart },
  74. {L"start.exe", StubStart },
  75. {L"scandskw", StubScandisk },
  76. {L"scandskw.exe", StubScandisk },
  77. {L"defrag", StubDefrag },
  78. {L"defrag.exe", StubDefrag },
  79. {L"control", StubControl },
  80. {L"control.exe", StubControl },
  81. {L"dxdiag", StubDxDiag },
  82. {L"dxdiag.exe", StubDxDiag },
  83. {L"winhelp", StubWinhlp },
  84. {L"winhelp.exe", StubWinhlp },
  85. {L"rundll", StubRundll },
  86. {L"rundll.exe", StubRundll },
  87. {L"Pbrush", StubPbrush },
  88. {L"Pbrush.exe", StubPbrush },
  89. // Always the last one
  90. {L"", NULL }
  91. };
  93. // Added to merge HandleStartKeyword
  94. // Link list of shell link object this pointers.
  95. struct THISPOINTER
  96. {
  97. THISPOINTER *next;
  98. LPCVOID pThisPointer;
  99. };
  101. THISPOINTER *g_pThisPointerList;
  103. /*++
  105. Function Description:
  107. Add a this pointer to the linked list of pointers. Does not add if the
  108. pointer is NULL or a duplicate.
  110. Arguments:
  112. IN pThisPointer - the pointer to add.
  114. Return Value:
  116. None
  118. History:
  120. 12/14/2000 maonis Created
  122. --*/
  124. VOID
  125. AddThisPointer(
  126. IN LPCVOID pThisPointer
  127. )
  128. {
  129. EnterCriticalSection(&g_CritSec);
  131. if (pThisPointer)
  132. {
  133. THISPOINTER *pPointer = g_pThisPointerList;
  134. while (pPointer)
  135. {
  136. if (pPointer->pThisPointer == pThisPointer)
  137. {
  138. return;
  139. }
  140. pPointer = pPointer->next;
  141. }
  143. pPointer = (THISPOINTER *) malloc(sizeof THISPOINTER);
  145. if (pPointer)
  146. {
  147. pPointer->pThisPointer = pThisPointer;
  148. pPointer->next = g_pThisPointerList;
  149. g_pThisPointerList = pPointer;
  150. }
  151. }
  153. LeaveCriticalSection(&g_CritSec);
  154. }
  156. /*++
  158. Function Description:
  160. Remove a this pointer if it can be found in the linked list of pointers.
  162. Arguments:
  164. IN pThisPointer - the pointer to remove.
  166. Return Value:
  168. TRUE if the pointer is found.
  169. FALSE if the pointer is not found.
  171. History:
  173. 12/14/2000 maonis Created
  175. --*/
  177. BOOL
  178. RemoveThisPointer(
  179. IN LPCVOID pThisPointer
  180. )
  181. {
  182. THISPOINTER *pPointer = g_pThisPointerList;
  183. THISPOINTER *last = NULL;
  184. BOOL lRet = FALSE;
  186. EnterCriticalSection(&g_CritSec);
  188. while (pPointer)
  189. {
  190. if (pPointer->pThisPointer == pThisPointer)
  191. {
  192. if (last)
  193. {
  194. last->next = pPointer->next;
  195. }
  196. else
  197. {
  198. g_pThisPointerList = pPointer->next;
  199. }
  201. free(pPointer);
  202. lRet = TRUE;
  203. break;
  204. }
  206. last = pPointer;
  207. pPointer = pPointer->next;
  208. }
  210. LeaveCriticalSection(&g_CritSec);
  211. return lRet;
  212. }
  215. /*++
  217. We are here because the application name: scandskw.exe, matches the one in the
  218. static array. Fill the News for scandskw.exe as:
  220. rundll32.exe shell32.dll,AppCompat_RunDLL SCANDSKW
  222. --*/
  224. BOOL
  225. StubScandisk(
  226. CString& csNewApplicationName,
  227. CString& csNewCommandLine,
  228. BOOL /*bExists*/
  229. )
  230. {
  231. csNewApplicationName = g_szSysDir;
  232. csNewApplicationName += L"\\rundll32.exe";
  233. csNewCommandLine = L"shell32.dll,AppCompat_RunDLL SCANDSKW";
  235. return TRUE;
  237. }
  239. /*++
  241. We are here because the application name: defrag.exe, matches the one in the
  242. static array. Fill the News for .exe as:
  244. %windir%\\system32\\mmc.exe %windir%\\system32\\dfrg.msc
  246. --*/
  248. BOOL
  249. StubDefrag(
  250. CString& csNewApplicationName,
  251. CString& csNewCommandLine,
  252. BOOL /*bExists*/
  253. )
  254. {
  255. csNewApplicationName = g_szSysDir;
  256. csNewApplicationName += L"\\mmc.exe";
  258. csNewCommandLine = g_szSysDir;
  259. csNewCommandLine += L"\\dfrg.msc";
  260. return TRUE;
  261. }
  263. /*++
  265. We are here because the application name: start.exe, matches the one in the
  266. static array. Fill the News for .exe as:
  268. %windir%\\system32\\cmd.exe" "/c start"
  270. Many applications have a "start.exe" in their current working directories
  271. which needs to take precendence over any New we make.
  273. --*/
  275. BOOL
  276. StubStart(
  277. CString& csNewApplicationName,
  278. CString& csNewCommandLine,
  279. BOOL bExists
  280. )
  281. {
  282. //
  283. // First check the current working directory for start.exe
  284. //
  286. if (bExists) {
  287. return FALSE;
  288. }
  290. //
  291. // There is no start.exe in the current working directory
  292. //
  293. csNewApplicationName = g_szSysDir;
  294. csNewApplicationName += L"\\cmd.exe";
  295. csNewCommandLine = L"/d /c start \"\"";
  297. return TRUE;
  298. }
  300. /*++
  302. We are here because the application name: control.exe, matches the one in the
  303. static array. Fill the News for .exe as:
  305. %windir%\\system32\\control.exe
  307. --*/
  309. BOOL
  310. StubControl(
  311. CString& csNewApplicationName,
  312. CString& csNewCommandLine,
  313. BOOL /*bExists*/
  314. )
  315. {
  316. csNewApplicationName = g_szSysDir;
  317. csNewApplicationName += L"\\control.exe";
  318. csNewCommandLine = L"";
  320. return TRUE;
  322. }
  324. /*++
  326. We are here because the application name: dxdiag.exe, matches the one in the
  327. static array. Fill the News for .exe as:
  329. %windir%\system32\dxdiag.exe
  331. --*/
  333. BOOL
  334. StubDxDiag(
  335. CString& csNewApplicationName,
  336. CString& csNewCommandLine,
  337. BOOL /*bExists*/
  338. )
  339. {
  340. csNewApplicationName = g_szSysDir;
  341. csNewApplicationName += L"\\dxdiag.exe";
  342. csNewCommandLine = L"";
  344. return TRUE;
  345. }
  347. /*++
  349. We are here because the application name: Winhlp.exe, matches the one in the
  350. static array. Fill the News for .exe as:
  352. %windir%\system32\winhlp32.exe
  354. --*/
  356. BOOL
  357. StubWinhlp(
  358. CString& csNewApplicationName,
  359. CString& csNewCommandLine,
  360. BOOL /*bExists*/
  361. )
  362. {
  363. csNewApplicationName = g_szSysDir;
  364. csNewApplicationName += L"\\winhlp32.exe";
  365. // Winhlp32.exe needs the app name to be in the commandline.
  366. csNewCommandLine = csNewApplicationName;
  368. return TRUE;
  369. }
  371. /*++
  373. We are here because the application name: rundll.exe matches the one in the
  374. static array. Fill the News for .exe as:
  376. %windir%\system32\rundll32.exe
  378. --*/
  380. BOOL
  381. StubRundll(
  382. CString& csNewApplicationName,
  383. CString& csNewCommandLine,
  384. BOOL /*bExists*/
  385. )
  386. {
  387. csNewApplicationName = g_szSysDir;
  388. csNewApplicationName += L"\\rundll32.exe";
  389. csNewCommandLine = L"";
  391. return TRUE;
  392. }
  394. /*++
  396. We are here because the application name: Pbrush.exe matches the one in the
  397. static array. Fill the New for .exe as:
  399. %windir%\system32\mspaint.exe
  401. --*/
  403. BOOL
  404. StubPbrush(
  405. CString& csNewApplicationName,
  406. CString& csNewCommandLine,
  407. BOOL /*bExists*/
  408. )
  409. {
  410. csNewApplicationName = g_szSysDir;
  411. csNewApplicationName += L"\\mspaint.exe";
  412. csNewCommandLine = L"";
  414. return TRUE;
  415. }
  417. /*++
  419. GetTitle takes the app path and returns just the EXE name.
  421. --*/
  423. VOID
  424. GetTitle(CString& csAppName,CString& csAppTitle)
  425. {
  426. csAppTitle = csAppName;
  427. int len = csAppName.ReverseFind(L'\\');
  428. if (len)
  429. {
  430. csAppTitle.Delete(0, len+1);
  431. }
  432. }
  434. /*++
  436. This is the main function where the New logic happens. This function
  437. goes through the static array and fills the suitable New appname and
  438. the commandline.
  440. --*/
  442. BOOL
  443. Redirect(
  444. const CString& csApplicationName,
  445. const CString& csCommandLine,
  446. CString& csNewApplicationName,
  447. CString& csNewCommandLine,
  448. BOOL bJustCheckExePresence
  449. )
  450. {
  451. BOOL bRet = FALSE;
  452. CSTRING_TRY
  453. {
  455. CString csOrigAppName;
  456. CString csOrigCommandLine;
  457. BOOL bExists = FALSE;
  459. AppAndCommandLine AppObj(csApplicationName, csCommandLine);
  460. csOrigAppName = AppObj.GetApplicationName();
  461. csOrigCommandLine = AppObj.GetCommandlineNoAppName();
  463. if (csOrigAppName.IsEmpty())
  464. {
  465. goto Exit;
  466. }
  468. //
  469. // Loop through the list of redirectors
  470. //
  472. REPLACEENTRY *rEntry = &g_ReplList[0];
  473. CString csAppTitle;
  474. GetTitle(csOrigAppName, csAppTitle);
  476. while (rEntry && rEntry->OrigExeName[0])
  477. {
  478. if (_wcsicmp(rEntry->OrigExeName, csAppTitle) == 0)
  479. {
  480. //
  481. // This final parameter has been added for the merger
  482. // of HandleStartKeyword Shim. If this is TRUE, we don't
  483. // go any further but just return.
  484. //
  485. if (bJustCheckExePresence)
  486. {
  487. bRet = TRUE;
  488. goto Exit;
  489. }
  491. //
  492. // Check if the current working directory contains the exe in question
  493. //
  494. WCHAR *szCurrentDirectory = NULL;
  495. DWORD dwLen = GetCurrentDirectoryW(0, NULL); // Just to get the length
  496. // The dwLen got includes the terminating NULL too.
  497. szCurrentDirectory = (WCHAR*)malloc(dwLen * sizeof(WCHAR));
  499. if (szCurrentDirectory &&
  500. GetCurrentDirectoryW(dwLen, szCurrentDirectory))
  501. {
  502. CString csFullAppName(szCurrentDirectory);
  503. csFullAppName += L"\\";
  504. csFullAppName += csAppTitle;
  506. // Check if the file exists and is not a directory
  507. DWORD dwAttr = GetFileAttributesW(csFullAppName);
  508. if ((dwAttr != INVALID_FILE_ATTRIBUTES) &&
  509. !(dwAttr & FILE_ATTRIBUTE_DIRECTORY))
  510. {
  511. DPFN( eDbgLevelInfo,
  512. "[Redirect] %s found in current working directory");
  513. bExists = TRUE;
  514. }
  515. free(szCurrentDirectory);
  516. }
  517. else if(szCurrentDirectory)
  518. {
  519. free(szCurrentDirectory);
  520. }
  522. //
  523. // We have a match, so call the corresponding function
  524. //
  526. bRet = (*(rEntry->pfnFuncName))(csNewApplicationName,
  527. csNewCommandLine, bExists);
  528. if (bRet)
  529. {
  530. //
  531. // Append the original command line
  532. //
  533. csNewCommandLine += L" ";
  534. csNewCommandLine += csOrigCommandLine;
  535. }
  537. // We matched an EXE, so we're done
  538. break;
  539. }
  541. rEntry++;
  542. }
  544. if (bRet)
  545. {
  546. DPFN( eDbgLevelWarning, "Redirected:");
  547. DPFN( eDbgLevelWarning, "\tFrom: %S %S", csApplicationName, csCommandLine);
  548. DPFN( eDbgLevelWarning, "\tTo: %S %S", csNewApplicationName, csNewCommandLine);
  549. }
  550. }
  551. CSTRING_CATCH
  552. {
  553. DPFN( eDbgLevelError, "Not Redirecting: Exception encountered");
  554. bRet = FALSE;
  555. }
  557. Exit:
  558. return bRet;
  559. }
  561. /*++
  563. Hooks the CreateProcessA function to see if any News need to be
  564. substituted.
  566. --*/
  568. BOOL
  569. APIHOOK(CreateProcessA)(
  570. LPCSTR lpApplicationName,
  571. LPSTR lpCommandLine,
  572. LPSECURITY_ATTRIBUTES lpProcessAttributes,
  573. LPSECURITY_ATTRIBUTES lpThreadAttributes,
  574. BOOL bInheritHandles,
  575. DWORD dwCreationFlags,
  576. LPVOID lpEnvironment,
  577. LPCSTR lpCurrentDirectory,
  578. LPSTARTUPINFOA lpStartupInfo,
  579. LPPROCESS_INFORMATION lpProcessInformation
  580. )
  581. {
  582. if ((NULL == lpApplicationName) &&
  583. (NULL == lpCommandLine))
  584. {
  585. // If both are NULL, return FALSE.
  586. SetLastError(ERROR_INVALID_PARAMETER);
  587. return FALSE;
  588. }
  590. CSTRING_TRY
  591. {
  592. CString csNewApplicationName;
  593. CString csNewCommandLine;
  594. CString csPassedAppName(lpApplicationName);
  595. CString csPassedCommandLine(lpCommandLine);
  597. if ((csPassedAppName.IsEmpty()) &&
  598. (csPassedCommandLine.IsEmpty()))
  599. {
  600. goto exit;
  601. }
  603. //
  604. // Run the list of New stubs: call to the main New routine
  605. //
  606. if (Redirect(csPassedAppName, csPassedCommandLine, csNewApplicationName,
  607. csNewCommandLine, FALSE))
  608. {
  609. LOGN(
  610. eDbgLevelWarning,
  611. "[CreateProcessA] \" %s %s \": changed to \" %s %s \"",
  612. lpApplicationName, lpCommandLine,
  613. csNewApplicationName.GetAnsi(), csNewCommandLine.GetAnsi());
  614. }
  615. else
  616. {
  617. csNewApplicationName = lpApplicationName;
  618. csNewCommandLine = lpCommandLine;
  619. }
  622. // Convert back to ANSI using the GetAnsi() method exposed by the CString class.
  623. return ORIGINAL_API(CreateProcessA)(
  624. csNewApplicationName.IsEmpty() ? NULL : csNewApplicationName.GetAnsi(),
  625. csNewCommandLine.IsEmpty() ? NULL : csNewCommandLine.GetAnsi(),
  626. lpProcessAttributes, lpThreadAttributes, bInheritHandles,
  627. dwCreationFlags, lpEnvironment, lpCurrentDirectory, lpStartupInfo,
  628. lpProcessInformation);
  630. }
  631. CSTRING_CATCH
  632. {
  633. DPFN( eDbgLevelError, "[CreateProcessA]:Original API called.Exception occured!");
  635. }
  637. exit:
  638. return ORIGINAL_API(CreateProcessA)(lpApplicationName, lpCommandLine,
  639. lpProcessAttributes, lpThreadAttributes, bInheritHandles,
  640. dwCreationFlags, lpEnvironment, lpCurrentDirectory, lpStartupInfo,
  641. lpProcessInformation);
  642. }
  644. /*++
  646. Hooks the CreateProcessW function to see if any News need to be
  647. substituted.
  649. --*/
  651. BOOL
  652. APIHOOK(CreateProcessW)(
  653. LPCWSTR lpApplicationName,
  654. LPWSTR lpCommandLine,
  655. LPSECURITY_ATTRIBUTES lpProcessAttributes,
  656. LPSECURITY_ATTRIBUTES lpThreadAttributes,
  657. BOOL bInheritHandles,
  658. DWORD dwCreationFlags,
  659. LPVOID lpEnvironment,
  660. LPCWSTR lpCurrentDirectory,
  661. LPSTARTUPINFOW lpStartupInfo,
  662. LPPROCESS_INFORMATION lpProcessInformation
  663. )
  664. {
  665. if ((NULL == lpApplicationName) &&
  666. (NULL == lpCommandLine))
  667. {
  668. // If both are NULL, return FALSE.
  669. SetLastError(ERROR_INVALID_PARAMETER);
  670. return FALSE;
  671. }
  673. CSTRING_TRY
  674. {
  675. CString csNewApplicationName;
  676. CString csNewCommandLine;
  677. CString csApplicationName(lpApplicationName);
  678. CString csCommandLine(lpCommandLine);
  680. if ((csApplicationName.IsEmpty()) &&
  681. (csCommandLine.IsEmpty()))
  682. {
  683. goto exit;
  684. }
  686. //
  687. // Run the list of New stubs
  688. //
  690. if (Redirect(csApplicationName, csCommandLine, csNewApplicationName,
  691. csNewCommandLine, FALSE))
  692. {
  693. LOGN(
  694. eDbgLevelWarning,
  695. "[CreateProcessW] \" %S %S \": changed to \" %S %S \"",
  696. lpApplicationName, lpCommandLine, csNewApplicationName, csNewCommandLine);
  697. }
  698. else
  699. {
  700. csNewApplicationName = lpApplicationName;
  701. csNewCommandLine = lpCommandLine;
  702. }
  705. return ORIGINAL_API(CreateProcessW)(
  706. csNewApplicationName.IsEmpty() ? NULL : csNewApplicationName.Get(),
  707. csNewCommandLine.IsEmpty() ? NULL : (LPWSTR)csNewCommandLine.Get(),
  708. lpProcessAttributes, lpThreadAttributes, bInheritHandles,
  709. dwCreationFlags, lpEnvironment, lpCurrentDirectory, lpStartupInfo,
  710. lpProcessInformation);
  711. }
  712. CSTRING_CATCH
  713. {
  714. DPFN( eDbgLevelError, "[CreateProcessW] Original API called. Exception occured!");
  715. }
  717. exit:
  718. return ORIGINAL_API(CreateProcessW)(lpApplicationName, lpCommandLine,
  719. lpProcessAttributes, lpThreadAttributes, bInheritHandles,
  720. dwCreationFlags, lpEnvironment, lpCurrentDirectory, lpStartupInfo,
  721. lpProcessInformation);
  722. }
  724. /*++
  726. Hooks WinExec to redirect if necessary.
  728. --*/
  730. UINT
  731. APIHOOK(WinExec)(
  732. LPCSTR lpCmdLine,
  733. UINT uCmdShow
  734. )
  735. {
  736. if (NULL == lpCmdLine)
  737. {
  738. SetLastError(ERROR_INVALID_PARAMETER);
  739. return ERROR_PATH_NOT_FOUND;
  740. }
  742. CSTRING_TRY
  743. {
  744. CString csNewApplicationName;
  745. CString csNewCommandLine;
  746. CString csAppName;
  747. CString csNewCmdLine;
  748. CString csCommandLine(lpCmdLine);
  750. if (csCommandLine.IsEmpty())
  751. {
  752. goto exit;
  753. }
  754. // Check for redirection
  755. if (Redirect(csAppName, csCommandLine, csNewApplicationName,
  756. csNewCommandLine, FALSE))
  757. {
  758. // Modification for the WinHlp32 strange behaviour
  759. if (csNewCommandLine.Find(csNewApplicationName.Get()) == -1)
  760. {
  761. // If the new Command line does not contain the new application
  762. // name as the substring, we are here.
  763. csNewCmdLine = csNewApplicationName;
  764. csNewCmdLine += L" ";
  765. }
  766. csNewCmdLine += csNewCommandLine;
  768. // Assign to csCommandLine as this can be commonly used
  769. csCommandLine = csNewCmdLine;
  771. LOGN(
  772. eDbgLevelInfo,
  773. "[WinExec] \" %s \": changed to \" %s \"",
  774. lpCmdLine, csCommandLine.GetAnsi());
  775. }
  777. return ORIGINAL_API(WinExec)(csCommandLine.GetAnsi(), uCmdShow);
  779. }
  780. CSTRING_CATCH
  781. {
  782. DPFN( eDbgLevelError, "[WinExec]:Original API called.Exception occured!");
  783. }
  785. exit:
  786. return ORIGINAL_API(WinExec)(lpCmdLine, uCmdShow);
  787. }
  789. /*++
  791. Hooks the FindFirstFileA function to see if any replacements need to be
  792. substituted. This is a requirement for cmd.exe.
  794. --*/
  796. HANDLE
  797. APIHOOK(FindFirstFileA)(
  798. LPCSTR lpFileName,
  799. LPWIN32_FIND_DATAA lpFindFileData
  800. )
  801. {
  802. CSTRING_TRY
  803. {
  804. CString csNewApplicationName;
  805. CString csNewCommandLine;
  806. CString csFileName(lpFileName);
  807. CString csAppName;
  809. // Call the main replacement routine.
  810. if (Redirect(csFileName, csAppName, csNewApplicationName, csNewCommandLine, FALSE))
  811. {
  812. // Assign to csFileName
  813. csFileName = csNewApplicationName;
  814. LOGN(
  815. eDbgLevelInfo,
  816. "[FindFirstFileA] \" %s \": changed to \" %s \"",
  817. lpFileName, csFileName.GetAnsi());
  818. }
  820. return ORIGINAL_API(FindFirstFileA)(csFileName.GetAnsi(), lpFindFileData);
  821. }
  822. CSTRING_CATCH
  823. {
  824. DPFN( eDbgLevelError, "[FindFirstFileA]:Original API called.Exception occured!");
  825. return ORIGINAL_API(FindFirstFileA)(lpFileName, lpFindFileData);
  826. }
  827. }
  829. /*++
  831. Hooks the FindFirstFileW function to see if any replacements need to be
  832. substituted. This is a requirement for cmd.exe.
  834. --*/
  836. HANDLE
  837. APIHOOK(FindFirstFileW)(
  838. LPCWSTR lpFileName,
  839. LPWIN32_FIND_DATAW lpFindFileData
  840. )
  841. {
  842. CSTRING_TRY
  843. {
  844. CString csNewApplicationName(lpFileName);
  845. CString csNewCommandLine;
  846. CString csFileName(lpFileName);
  847. CString csAppName;
  849. // Call the main replacement routine.
  850. if (Redirect(csFileName, csAppName, csNewApplicationName,
  851. csNewCommandLine, FALSE))
  852. {
  853. LOGN(
  854. eDbgLevelInfo,
  855. "[FindFirstFileW] \" %S \": changed to \" %S \"",
  856. lpFileName, (const WCHAR*)csNewApplicationName);
  857. }
  859. return ORIGINAL_API(FindFirstFileW)(csNewApplicationName, lpFindFileData);
  860. }
  861. CSTRING_CATCH
  862. {
  863. DPFN( eDbgLevelError, "[FindFirstFileW]:Original API called.Exception occured!");
  864. return ORIGINAL_API(FindFirstFileW)(lpFileName, lpFindFileData);
  865. }
  866. }
  868. // Added for the merge of HandleStartKeyword
  870. /*++
  872. Hook IShellLinkA::SetPath - check if it's start, if so change it to cmd and add the
  873. this pointer to the list.
  875. --*/
  877. HRESULT STDMETHODCALLTYPE
  878. COMHOOK(IShellLinkA, SetPath)(
  879. PVOID pThis,
  880. LPCSTR pszFile
  881. )
  882. {
  883. _pfn_IShellLinkA_SetPath pfnSetPath = ORIGINAL_COM( IShellLinkA, SetPath, pThis);
  885. CSTRING_TRY
  886. {
  887. CString csExeName;
  888. CString csCmdLine;
  889. CString csNewAppName;
  890. CString csNewCmdLine;
  891. CString cscmdCommandLine(pszFile);
  893. // Assign the ANSI string to the WCHAR CString
  894. csExeName = pszFile;
  895. csExeName.TrimLeft();
  897. // Check to see whether the Filename conatains the "Start" keyword.
  898. // The last parameter to the Rediect function controls this.
  899. if (Redirect(csExeName, csCmdLine, csNewAppName, csNewCmdLine, TRUE))
  900. {
  901. // Found a match. We add the this pointer to the list.
  902. AddThisPointer(pThis);
  903. DPFN( eDbgLevelInfo, "[SetPath] Changing start.exe to cmd.exe\n");
  905. // Prefix of new "start" command line, use full path to CMD.EXE
  906. // Append the WCHAR global system directory path to ANSI CString
  907. cscmdCommandLine = g_szSysDir;
  908. cscmdCommandLine += L"\\cmd.exe";
  909. }
  911. return (*pfnSetPath)(pThis, cscmdCommandLine.GetAnsi());
  912. }
  913. CSTRING_CATCH
  914. {
  915. DPFN( eDbgLevelError, "[SetPath] Original API called. Exception occured!");
  916. return (*pfnSetPath)(pThis, pszFile);
  917. }
  918. }
  920. /*++
  922. Hook IShellLinkA::SetArguments - if the this pointer can be found in the list, remove it
  923. from the list and add "/d /c start" in front of the original argument list.
  925. --*/
  927. HRESULT STDMETHODCALLTYPE
  928. COMHOOK(IShellLinkA, SetArguments)(
  929. PVOID pThis,
  930. LPCSTR pszFile
  931. )
  932. {
  933. _pfn_IShellLinkA_SetArguments pfnSetArguments = ORIGINAL_COM(IShellLinkA, SetArguments, pThis);
  935. CSTRING_TRY
  936. {
  937. CString csNewFile(pszFile);
  938. if (RemoveThisPointer(pThis))
  939. {
  940. csNewFile = "/d /c start \"\" ";
  941. csNewFile += pszFile;
  943. DPFN( eDbgLevelInfo, "[SetArguments] Arg list is now %S", csNewFile);
  944. }
  946. return (*pfnSetArguments)( pThis, csNewFile.GetAnsi());
  947. }
  948. CSTRING_CATCH
  949. {
  950. DPFN( eDbgLevelError, "[SetArguments]:Original API called.Exception occured!");
  951. return (*pfnSetArguments)( pThis, pszFile );
  952. }
  953. }
  955. /*++
  957. Register hooked functions
  959. --*/
  961. BOOL
  962. NOTIFY_FUNCTION(
  963. DWORD fdwReason
  964. )
  965. {
  966. if (fdwReason == DLL_PROCESS_ATTACH)
  967. {
  968. UINT uiLen = GetSystemDirectory(NULL, 0);
  969. g_szSysDir = (WCHAR*)malloc(uiLen * sizeof(WCHAR)); // This won't be deallocated..
  970. if (g_szSysDir && !GetSystemDirectory(g_szSysDir, uiLen))
  971. {
  972. DPFN( eDbgLevelError, "[Notify] GetSystemDirectory failed");
  973. return FALSE;
  974. }
  976. if (InitializeCriticalSectionAndSpinCount(&g_CritSec, 0x80000000) == FALSE)
  977. {
  978. DPFN( eDbgLevelError, "Failed to initialize critical section");
  979. return FALSE;
  980. }
  981. }
  983. return TRUE;
  984. }
  986. HOOK_BEGIN
  988. CALL_NOTIFY_FUNCTION
  990. APIHOOK_ENTRY(KERNEL32.DLL, CreateProcessA)
  991. APIHOOK_ENTRY(KERNEL32.DLL, CreateProcessW)
  992. APIHOOK_ENTRY(KERNEL32.DLL, WinExec)
  993. APIHOOK_ENTRY(KERNEL32.DLL, FindFirstFileA)
  994. APIHOOK_ENTRY(KERNEL32.DLL, FindFirstFileW)
  995. APIHOOK_ENTRY_COMSERVER(SHELL32)
  996. COMHOOK_ENTRY(ShellLink, IShellLinkA, SetPath, 20)
  997. COMHOOK_ENTRY(ShellLink, IShellLinkA, SetArguments, 11)
  999. HOOK_END
  1001. IMPLEMENT_SHIM_END