You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1760 lines
38 KiB
1760 lines
38 KiB
/*++
|
|
|
|
Copyright (c) 2000-2002 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
Common.cpp
|
|
|
|
Abstract:
|
|
|
|
Common functions for all modules
|
|
|
|
Notes:
|
|
|
|
None
|
|
|
|
History:
|
|
|
|
12/15/1999 linstev Created
|
|
01/10/2000 linstev Format to new style
|
|
03/14/2000 robkenny Added StringWiden and StringNWiden,
|
|
StringSubstituteRoutine[A|W] was not using the proper compare routine
|
|
when calling recursively.
|
|
07/06/2000 t-adams Added IsImage16Bit
|
|
10/18/2000 a-larrsh Move PatternMatch to common removing redundent code in shims.
|
|
10/25/2000 linstev Cleaned up
|
|
08/14/2001 robkenny Moved code inside the ShimLib namespace.
|
|
09/11/2001 mnikkel Modified DebugPrintfList, DebugPrintf, ShimLogList and ShimLog to retain LastError
|
|
09/25/2001 rparsons Modified logging code to use NT calls. Added critical section.
|
|
10/18/2001 rparsons Removed critical section, added mutex for logging.
|
|
02/15/2002 robkenny Security changes.
|
|
|
|
--*/
|
|
|
|
#include "ShimHook.h"
|
|
#include "ShimLib.h"
|
|
#include "ShimHookMacro.h"
|
|
#include "StrSafe.h"
|
|
#include <stdio.h>
|
|
|
|
|
|
|
|
namespace ShimLib
|
|
{
|
|
|
|
#define MAX_LOG_LENGTH 1024
|
|
static char g_szLog[MAX_LOG_LENGTH];
|
|
|
|
WCHAR g_wszFileLog[MAX_PATH]; // name of the log file
|
|
BOOL g_bFileLogEnabled = FALSE; // enable/disable file logging
|
|
static HANDLE g_hMemoryHeap = INVALID_HANDLE_VALUE;
|
|
BOOL g_bDebugLevelInitialized = FALSE;
|
|
DEBUGLEVEL g_DebugLevel = eDbgLevelBase;
|
|
|
|
inline HANDLE GetHeap()
|
|
{
|
|
if (g_hMemoryHeap == INVALID_HANDLE_VALUE)
|
|
{
|
|
g_hMemoryHeap = HeapCreate(0, 0, 0);
|
|
}
|
|
|
|
return g_hMemoryHeap;
|
|
}
|
|
|
|
void * __cdecl ShimMalloc(size_t size)
|
|
{
|
|
HANDLE heap = GetHeap();
|
|
|
|
void* memory = HeapAlloc(heap, HEAP_ZERO_MEMORY, size);
|
|
|
|
return memory;
|
|
}
|
|
|
|
void __cdecl ShimFree(void * memory)
|
|
{
|
|
HANDLE heap = GetHeap();
|
|
HeapFree(heap, 0, memory);
|
|
}
|
|
|
|
void * __cdecl ShimCalloc( size_t num, size_t size )
|
|
{
|
|
size_t nBytes = size * num;
|
|
void * callocMemory = ShimMalloc(nBytes);
|
|
ZeroMemory(callocMemory, nBytes);
|
|
|
|
return callocMemory;
|
|
}
|
|
|
|
void * __cdecl ShimRealloc(void * memory, size_t size)
|
|
{
|
|
if (memory == NULL)
|
|
return ShimMalloc(size);
|
|
|
|
HANDLE heap = GetHeap();
|
|
void * reallocMemory = HeapReAlloc(heap, 0, memory, size);
|
|
|
|
return reallocMemory;
|
|
}
|
|
|
|
|
|
DEBUGLEVEL GetDebugLevel()
|
|
{
|
|
CHAR cEnv[MAX_PATH];
|
|
|
|
if (g_bDebugLevelInitialized) {
|
|
return g_DebugLevel;
|
|
}
|
|
|
|
g_DebugLevel = eDbgLevelBase;
|
|
|
|
DWORD cchEnv = GetEnvironmentVariableA(szDebugEnvironmentVariable,
|
|
cEnv,
|
|
MAX_PATH);
|
|
if (cchEnv > 0 && cchEnv < MAX_PATH) {
|
|
|
|
CHAR c = cEnv[0];
|
|
|
|
if ((c >= '0') || (c <= '9')) {
|
|
g_DebugLevel = (DEBUGLEVEL)((int)(c - '0'));
|
|
}
|
|
}
|
|
|
|
g_bDebugLevelInitialized = TRUE;
|
|
|
|
return g_DebugLevel;
|
|
}
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Assert that prints file and line number.
|
|
|
|
Arguments:
|
|
|
|
|
|
IN LPCSTR file name
|
|
IN DWORD line number
|
|
IN BOOL assertion
|
|
IN LPCSTR String to print if assertion is false
|
|
|
|
Return Value:
|
|
|
|
None
|
|
|
|
History:
|
|
|
|
11/01/1999 markder Created
|
|
|
|
--*/
|
|
|
|
#if DBG
|
|
VOID
|
|
DebugAssert(
|
|
LPCSTR szFile,
|
|
DWORD dwLine,
|
|
BOOL bAssert,
|
|
LPCSTR szHelpString
|
|
)
|
|
{
|
|
if (!bAssert )
|
|
{
|
|
DPF("ShimLib", eDbgLevelError, "\n");
|
|
DPF("ShimLib", eDbgLevelError, "ASSERT: %s\n", szHelpString);
|
|
DPF("ShimLib", eDbgLevelError, "FILE: %s\n", szFile);
|
|
DPF("ShimLib", eDbgLevelError, "LINE: %d\n", dwLine);
|
|
DPF("ShimLib", eDbgLevelError, "\n");
|
|
|
|
DebugBreak();
|
|
}
|
|
}
|
|
|
|
#endif // DBG
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Print a formatted string using DebugOutputString.
|
|
|
|
Arguments:
|
|
|
|
IN dwDetail - Detail level above which no print will occur
|
|
IN pszFmt - Format string
|
|
|
|
Return Value:
|
|
|
|
None
|
|
|
|
History:
|
|
|
|
11/01/1999 markder Created
|
|
|
|
--*/
|
|
|
|
|
|
VOID
|
|
DebugPrintfList(
|
|
LPCSTR szShimName,
|
|
DEBUGLEVEL dwDetail,
|
|
LPCSTR pszFmt,
|
|
va_list vaArgList
|
|
)
|
|
{
|
|
#if DBG
|
|
|
|
// This must be the first line of this routine to preserve LastError.
|
|
DWORD dwLastError = GetLastError();
|
|
|
|
extern DEBUGLEVEL GetDebugLevel();
|
|
|
|
char szT[1024];
|
|
|
|
szT[1022] = '\0';
|
|
StringCchVPrintfA(szT, 1022, pszFmt, vaArgList);
|
|
|
|
// make sure we have a '\n' at the end of the string
|
|
|
|
int len = lstrlen(szT);
|
|
|
|
if (szT[len-1] != '\n')
|
|
{
|
|
szT[len] = L'\n';
|
|
szT[len+1] = L'\0';
|
|
}
|
|
|
|
|
|
if (dwDetail <= GetDebugLevel())
|
|
{
|
|
switch (dwDetail)
|
|
{
|
|
case eDbgLevelError:
|
|
OutputDebugStringA ("[FAIL] ");
|
|
break;
|
|
case eDbgLevelWarning:
|
|
OutputDebugStringA ("[WARN] ");
|
|
break;
|
|
case eDbgLevelInfo:
|
|
OutputDebugStringA ("[INFO] ");
|
|
break;
|
|
}
|
|
|
|
OutputDebugStringA(szShimName);
|
|
|
|
OutputDebugStringA(" - ");
|
|
|
|
OutputDebugStringA(szT);
|
|
}
|
|
|
|
// This must be the last line of this routine to preserve LastError.
|
|
SetLastError(dwLastError);
|
|
|
|
#endif
|
|
}
|
|
|
|
VOID
|
|
DebugPrintf(
|
|
LPCSTR szShimName,
|
|
DEBUGLEVEL dwDetail,
|
|
LPCSTR pszFmt,
|
|
...
|
|
)
|
|
{
|
|
#if DBG
|
|
|
|
// This must be the first line of this routine to preserve LastError.
|
|
DWORD dwLastError = GetLastError();
|
|
|
|
va_list vaArgList;
|
|
va_start(vaArgList, pszFmt);
|
|
|
|
DebugPrintfList(szShimName, dwDetail, pszFmt, vaArgList);
|
|
|
|
va_end(vaArgList);
|
|
|
|
// This must be the last line of this routine to preserve LastError.
|
|
SetLastError(dwLastError);
|
|
|
|
#endif
|
|
}
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Prints a log in the log file if logging is enabled
|
|
|
|
Arguments:
|
|
|
|
IN pszFmt - Format string
|
|
|
|
Return Value:
|
|
|
|
none
|
|
|
|
History:
|
|
|
|
03/03/2000 clupu Created
|
|
|
|
--*/
|
|
|
|
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Prints a log in the log file if logging is enabled
|
|
|
|
Arguments:
|
|
|
|
IN wszShimName - Name of shim that string originates from
|
|
IN dwDetail - Detail level above which no print will occur
|
|
IN pszFmt - Format string
|
|
|
|
Return Value:
|
|
|
|
none
|
|
|
|
History:
|
|
|
|
03/03/2000 clupu Created
|
|
09/25/2001 rparsons Converted to NT calls
|
|
|
|
--*/
|
|
|
|
void
|
|
ShimLogList(
|
|
LPCSTR szShimName,
|
|
DEBUGLEVEL dwDbgLevel,
|
|
LPCSTR pszFmt,
|
|
va_list arglist
|
|
)
|
|
{
|
|
//
|
|
// This must be the first line of this routine to preserve LastError.
|
|
//
|
|
DWORD dwLastError = GetLastError();
|
|
|
|
int nLen = 0;
|
|
NTSTATUS status;
|
|
SYSTEMTIME lt;
|
|
UNICODE_STRING strLogFile = {0};
|
|
OBJECT_ATTRIBUTES ObjectAttributes;
|
|
IO_STATUS_BLOCK IoStatusBlock;
|
|
LARGE_INTEGER liOffset;
|
|
char szNewLine[] = "\r\n";
|
|
DWORD dwWaitResult;
|
|
HANDLE hFile = INVALID_HANDLE_VALUE;
|
|
HANDLE hLogMutex;
|
|
|
|
//
|
|
// Convert the path to the log file from DOS to NT.
|
|
//
|
|
RtlInitUnicodeString(&strLogFile, g_wszFileLog);
|
|
|
|
status = RtlDosPathNameToNtPathName_U(strLogFile.Buffer, &strLogFile, NULL, NULL);
|
|
|
|
if (!NT_SUCCESS(status)) {
|
|
DPF("ShimLib", eDbgLevelError,
|
|
"[ShimLogList] 0x%X Failed to convert log file '%ls' to NT path",
|
|
status, g_wszFileLog);
|
|
return;
|
|
}
|
|
|
|
//
|
|
// Attempt to get a handle to our log file.
|
|
//
|
|
InitializeObjectAttributes(&ObjectAttributes,
|
|
&strLogFile,
|
|
OBJ_CASE_INSENSITIVE,
|
|
NULL,
|
|
NULL);
|
|
|
|
status = NtCreateFile(&hFile,
|
|
FILE_APPEND_DATA | SYNCHRONIZE,
|
|
&ObjectAttributes,
|
|
&IoStatusBlock,
|
|
NULL,
|
|
FILE_ATTRIBUTE_NORMAL,
|
|
0,
|
|
FILE_OPEN,
|
|
FILE_NON_DIRECTORY_FILE | FILE_SYNCHRONOUS_IO_NONALERT,
|
|
NULL,
|
|
0);
|
|
|
|
RtlFreeUnicodeString(&strLogFile);
|
|
|
|
if (!NT_SUCCESS(status)) {
|
|
DPF("ShimLib", eDbgLevelError, "[ShimLogList] 0x%X Failed to open log file %ls",
|
|
status, g_wszFileLog);
|
|
return;
|
|
}
|
|
|
|
SetFilePointer(hFile, 0, NULL, FILE_END);
|
|
|
|
//
|
|
// Print a header consisting of data, time, app name, and shim name.
|
|
//
|
|
GetLocalTime(<);
|
|
|
|
StringCbPrintf(g_szLog, MAX_LOG_LENGTH, "%02d/%02d/%04d %02d:%02d:%02d %s %d - ",
|
|
lt.wMonth, lt.wDay, lt.wYear,
|
|
lt.wHour, lt.wMinute, lt.wSecond,
|
|
szShimName,
|
|
dwDbgLevel);
|
|
|
|
nLen = lstrlen(g_szLog);
|
|
|
|
//
|
|
// Write the header out to the file.
|
|
//
|
|
IoStatusBlock.Status = 0;
|
|
IoStatusBlock.Information = 0;
|
|
|
|
liOffset.LowPart = 0;
|
|
liOffset.HighPart = 0;
|
|
|
|
//
|
|
// Get a handle to the mutex and attempt to get ownership.
|
|
//
|
|
hLogMutex = OpenMutex(MUTEX_ALL_ACCESS, FALSE, "SHIMLIB_LOG_MUTEX");
|
|
|
|
if (!hLogMutex) {
|
|
DPF("ShimLib", eDbgLevelError, "[ShimLogList] %lu Failed to open logging mutex", GetLastError());
|
|
goto exit;
|
|
}
|
|
|
|
dwWaitResult = WaitForSingleObject(hLogMutex, 500);
|
|
|
|
if (WAIT_OBJECT_0 == dwWaitResult) {
|
|
//
|
|
// Write the header to the log file.
|
|
//
|
|
status = NtWriteFile(hFile,
|
|
NULL,
|
|
NULL,
|
|
NULL,
|
|
&IoStatusBlock,
|
|
(PVOID)g_szLog,
|
|
(ULONG)nLen,
|
|
&liOffset,
|
|
NULL);
|
|
|
|
if (!NT_SUCCESS(status)) {
|
|
DPF("ShimLib", eDbgLevelError, "[ShimLogList] 0x%X Failed to write header to log file",
|
|
status);
|
|
goto exit;
|
|
}
|
|
|
|
//
|
|
// Format our string using the specifiers passed.
|
|
//
|
|
StringCchVPrintfA(g_szLog, MAX_LOG_LENGTH - 1, pszFmt, arglist);
|
|
|
|
//
|
|
// Write the actual data out to the file.
|
|
//
|
|
IoStatusBlock.Status = 0;
|
|
IoStatusBlock.Information = 0;
|
|
|
|
liOffset.LowPart = 0;
|
|
liOffset.HighPart = 0;
|
|
|
|
nLen = lstrlen(g_szLog);
|
|
|
|
status = NtWriteFile(hFile,
|
|
NULL,
|
|
NULL,
|
|
NULL,
|
|
&IoStatusBlock,
|
|
(PVOID)g_szLog,
|
|
(ULONG)nLen,
|
|
&liOffset,
|
|
NULL);
|
|
|
|
if (!NT_SUCCESS(status)) {
|
|
DPF("ShimLib", eDbgLevelError, "[ShimLogList] 0x%X Failed to make entry in log file",
|
|
status);
|
|
goto exit;
|
|
}
|
|
|
|
//
|
|
// Now write a new line to the log file.
|
|
//
|
|
IoStatusBlock.Status = 0;
|
|
IoStatusBlock.Information = 0;
|
|
|
|
liOffset.LowPart = 0;
|
|
liOffset.HighPart = 0;
|
|
|
|
nLen = lstrlen(szNewLine);
|
|
|
|
status = NtWriteFile(hFile,
|
|
NULL,
|
|
NULL,
|
|
NULL,
|
|
&IoStatusBlock,
|
|
(PVOID)szNewLine,
|
|
(ULONG)nLen,
|
|
&liOffset,
|
|
NULL);
|
|
|
|
if (!NT_SUCCESS(status)) {
|
|
DPF("ShimLib", eDbgLevelError, "[ShimLogList] 0x%X Failed to write new line to log file",
|
|
status);
|
|
goto exit;
|
|
}
|
|
}
|
|
|
|
//
|
|
// Dump it out to the debugger on checked builds.
|
|
//
|
|
#if DBG
|
|
DebugPrintf(szShimName, dwDbgLevel, g_szLog);
|
|
DebugPrintf(szShimName, dwDbgLevel, "\n");
|
|
#endif // DBG
|
|
|
|
exit:
|
|
|
|
if (INVALID_HANDLE_VALUE != hFile) {
|
|
NtClose(hFile);
|
|
hFile = INVALID_HANDLE_VALUE;
|
|
}
|
|
|
|
if (hLogMutex) {
|
|
ReleaseMutex(hLogMutex);
|
|
}
|
|
|
|
//
|
|
// This must be the last line of this routine to preserve LastError.
|
|
//
|
|
SetLastError(dwLastError);
|
|
}
|
|
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Initializes the support for file logging.
|
|
|
|
Arguments:
|
|
|
|
None.
|
|
|
|
Return Value:
|
|
|
|
TRUE if successful, FALSE if failed
|
|
|
|
History:
|
|
|
|
03/03/2000 clupu Created
|
|
|
|
--*/
|
|
BOOL
|
|
InitFileLogSupport()
|
|
{
|
|
BOOL fReturn = FALSE;
|
|
WCHAR wszAppPatch[MAX_PATH];
|
|
WCHAR* pwsz = NULL;
|
|
HANDLE hFile = INVALID_HANDLE_VALUE;
|
|
HANDLE hLogMutex = NULL;
|
|
DWORD dwLen = 0;
|
|
DWORD dwWait;
|
|
NTSTATUS status;
|
|
UNICODE_STRING strLogFile = {0};
|
|
OBJECT_ATTRIBUTES ObjectAttributes;
|
|
IO_STATUS_BLOCK IoStatusBlock;
|
|
|
|
//
|
|
// Attempt to create a mutex. If the mutex already exists,
|
|
// we don't need to go any further as the log file has
|
|
// already been created.
|
|
//
|
|
hLogMutex = CreateMutex(NULL, FALSE, "SHIMLIB_LOG_MUTEX");
|
|
|
|
if (hLogMutex == NULL) {
|
|
DPF("ShimLib",
|
|
eDbgLevelError,
|
|
"[InitFileLogSupport] 0x%08X Failed to create logging mutex",
|
|
GetLastError());
|
|
return FALSE;
|
|
}
|
|
|
|
DWORD dwLastError = GetLastError();
|
|
|
|
if (ERROR_ALREADY_EXISTS == dwLastError) {
|
|
fReturn = TRUE;
|
|
goto exit;
|
|
}
|
|
|
|
//
|
|
// Ensure that we own the mutex before continuing.
|
|
//
|
|
dwWait = WaitForSingleObject(hLogMutex, 2000);
|
|
|
|
if (WAIT_OBJECT_0 != dwWait) {
|
|
//
|
|
// Failed to obtain ownership.
|
|
//
|
|
DPF("ShimLib",
|
|
eDbgLevelError,
|
|
"[InitFileLogSupport] Wait on mutex failed");
|
|
return FALSE;
|
|
}
|
|
|
|
//
|
|
// We'll create the log file in %windir%\AppPatch.
|
|
//
|
|
if (!GetSystemWindowsDirectoryW(g_wszFileLog, MAX_PATH)) {
|
|
DPF("ShimLib",
|
|
eDbgLevelError,
|
|
"[InitFileLogSupport] 0x%08X Failed to get windir path",
|
|
GetLastError());
|
|
goto exit;
|
|
}
|
|
|
|
StringCchCatW(g_wszFileLog, MAX_PATH, L"\\AppPatch\\");
|
|
|
|
dwLen = lstrlenW(g_wszFileLog);
|
|
pwsz = g_wszFileLog + dwLen;
|
|
|
|
//
|
|
// Query the environment variable and get the name of our log file.
|
|
//
|
|
if (!GetEnvironmentVariableW(wszFileLogEnvironmentVariable,
|
|
pwsz,
|
|
(MAX_PATH - dwLen))) {
|
|
goto exit;
|
|
}
|
|
|
|
//
|
|
// Convert the path to the log file from DOS to NT.
|
|
//
|
|
RtlInitUnicodeString(&strLogFile, g_wszFileLog);
|
|
|
|
status = RtlDosPathNameToNtPathName_U(strLogFile.Buffer,
|
|
&strLogFile,
|
|
NULL,
|
|
NULL);
|
|
|
|
if (!NT_SUCCESS(status)) {
|
|
DPF("ShimLib",
|
|
eDbgLevelError,
|
|
"[InitFileLogSupport] 0x%X Failed to convert log file '%ls' to NT path",
|
|
status,
|
|
g_wszFileLog);
|
|
goto exit;
|
|
}
|
|
|
|
//
|
|
// Attempt to create the log file. If it exists,
|
|
// the contents will be cleared.
|
|
//
|
|
InitializeObjectAttributes(&ObjectAttributes,
|
|
&strLogFile,
|
|
OBJ_CASE_INSENSITIVE,
|
|
NULL,
|
|
NULL);
|
|
|
|
status = NtCreateFile(&hFile,
|
|
GENERIC_WRITE | SYNCHRONIZE,
|
|
&ObjectAttributes,
|
|
&IoStatusBlock,
|
|
NULL,
|
|
FILE_ATTRIBUTE_NORMAL,
|
|
0,
|
|
FILE_OPEN_IF,
|
|
FILE_NON_DIRECTORY_FILE | FILE_SYNCHRONOUS_IO_NONALERT,
|
|
NULL,
|
|
0);
|
|
|
|
RtlFreeUnicodeString(&strLogFile);
|
|
|
|
if (!NT_SUCCESS(status)) {
|
|
DPF("ShimLib",
|
|
eDbgLevelError,
|
|
"[InitFileLogSupport] 0x%X Failed to open log file %ls",
|
|
status,
|
|
g_wszFileLog);
|
|
goto exit;
|
|
}
|
|
|
|
NtClose(hFile);
|
|
|
|
g_bFileLogEnabled = TRUE;
|
|
fReturn = TRUE;
|
|
|
|
exit:
|
|
|
|
ReleaseMutex(hLogMutex);
|
|
|
|
return fReturn;
|
|
}
|
|
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Determine the drive type a file resides on.
|
|
|
|
Arguments:
|
|
|
|
IN lpFileName - Filename or relative filename
|
|
|
|
Return Value:
|
|
|
|
See GetDriveType in MSDN
|
|
|
|
History:
|
|
|
|
10/25/2000 linstev Created
|
|
|
|
--*/
|
|
|
|
UINT
|
|
GetDriveTypeFromFileNameA(LPCSTR lpFileName, char *lpDriveLetter)
|
|
{
|
|
WCHAR * lpwszFileName = ToUnicode(lpFileName);
|
|
if (lpwszFileName)
|
|
{
|
|
WCHAR szDrive;
|
|
UINT uType = GetDriveTypeFromFileNameW(lpwszFileName, &szDrive);
|
|
|
|
if (lpDriveLetter)
|
|
{
|
|
char * lpszFileName = ToAnsi(lpwszFileName);
|
|
if (lpszFileName)
|
|
{
|
|
*lpDriveLetter = lpszFileName[0];
|
|
|
|
free(lpszFileName);
|
|
}
|
|
}
|
|
|
|
free(lpwszFileName);
|
|
|
|
return uType;
|
|
}
|
|
else
|
|
{
|
|
return DRIVE_UNKNOWN;
|
|
}
|
|
}
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Determine the drive type a file resides on.
|
|
|
|
Arguments:
|
|
|
|
IN lpFileName - Filename or relative filename
|
|
|
|
Return Value:
|
|
|
|
See GetDriveType in MSDN
|
|
|
|
History:
|
|
|
|
10/25/2000 linstev Created
|
|
|
|
--*/
|
|
|
|
UINT
|
|
GetDriveTypeFromFileNameW(LPCWSTR lpFileName, WCHAR *lpDriveLetter)
|
|
{
|
|
if (lpFileName && (lpFileName[0] == L'\\') && (lpFileName[1] == L'\\'))
|
|
{
|
|
// UNC naming - always network
|
|
if (lpDriveLetter)
|
|
{
|
|
*lpDriveLetter = L'\0';
|
|
}
|
|
return DRIVE_REMOTE;
|
|
}
|
|
|
|
WCHAR cDrive;
|
|
|
|
if (lpFileName && lpFileName[0] && (lpFileName[1] == L':'))
|
|
{
|
|
// Format is Drive:Path\File, so just take the drive
|
|
cDrive = lpFileName[0];
|
|
}
|
|
else
|
|
{
|
|
// Must be a relative path
|
|
cDrive = 0;
|
|
|
|
WCHAR *wzCurDir = NULL;
|
|
DWORD dwCurDirSize = GetCurrentDirectoryW(0, wzCurDir);
|
|
|
|
if (!dwCurDirSize)
|
|
{
|
|
goto EXIT;
|
|
}
|
|
|
|
wzCurDir = (LPWSTR) LocalAlloc(LPTR, dwCurDirSize * sizeof(WCHAR));
|
|
if (!wzCurDir)
|
|
{
|
|
goto EXIT;
|
|
}
|
|
|
|
dwCurDirSize = GetCurrentDirectoryW(dwCurDirSize, wzCurDir);
|
|
if (!dwCurDirSize || wzCurDir[0] == L'\\')
|
|
{
|
|
goto EXIT;
|
|
}
|
|
|
|
cDrive = wzCurDir[0];
|
|
|
|
EXIT:
|
|
if (wzCurDir)
|
|
{
|
|
LocalFree(wzCurDir);
|
|
}
|
|
}
|
|
|
|
if (lpDriveLetter)
|
|
{
|
|
*lpDriveLetter = L'\0';
|
|
}
|
|
|
|
if (cDrive)
|
|
{
|
|
WCHAR wzDrive[4];
|
|
wzDrive[0] = cDrive;
|
|
wzDrive[1] = L':';
|
|
wzDrive[2] = L'\\';
|
|
wzDrive[3] = L'\0';
|
|
if (lpDriveLetter)
|
|
{
|
|
*lpDriveLetter = cDrive;
|
|
}
|
|
|
|
return GetDriveTypeW(wzDrive);
|
|
}
|
|
else
|
|
{
|
|
return DRIVE_UNKNOWN;
|
|
}
|
|
}
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Widen and duplicate a string into malloc memory.
|
|
|
|
Arguments:
|
|
|
|
IN strToCopy - String to copy
|
|
|
|
Return Value:
|
|
|
|
String in malloc memory
|
|
|
|
History:
|
|
|
|
03/07/2000 robkenny Created
|
|
05/16/2000 robkenny Moved MassagePath (shim specific) routines out of here.
|
|
|
|
--*/
|
|
|
|
WCHAR *
|
|
ToUnicode(const char *strToCopy)
|
|
{
|
|
if (strToCopy == NULL)
|
|
{
|
|
return NULL;
|
|
}
|
|
|
|
// Get the number of characters in the resulting string, includes NULL at end
|
|
int nChars = MultiByteToWideChar(CP_ACP, 0, strToCopy, -1, NULL, 0);
|
|
WCHAR *lpwsz = (WCHAR *) malloc(nChars * sizeof(WCHAR));
|
|
if (lpwsz)
|
|
{
|
|
nChars = MultiByteToWideChar(CP_ACP, 0, strToCopy, -1, lpwsz, nChars);
|
|
// If MultibyteToWideChar failed, return NULL
|
|
if (nChars == 0)
|
|
{
|
|
free(lpwsz);
|
|
lpwsz = NULL;
|
|
}
|
|
}
|
|
|
|
return lpwsz;
|
|
}
|
|
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Convert a WCHAR string to a char string
|
|
|
|
Arguments:
|
|
|
|
IN lpOld - String to convert to char
|
|
|
|
Return Value:
|
|
|
|
char string in malloc memory
|
|
|
|
History:
|
|
|
|
06/19/2000 robkenny Created
|
|
|
|
--*/
|
|
|
|
char *
|
|
ToAnsi(const WCHAR *lpOld)
|
|
{
|
|
if (lpOld == NULL)
|
|
{
|
|
return NULL;
|
|
}
|
|
|
|
// Get the number of bytes necessary for the WCHAR string
|
|
int nBytes = WideCharToMultiByte(CP_ACP, 0, lpOld, -1, NULL, 0, NULL, NULL);
|
|
char *lpsz = (char *) malloc(nBytes);
|
|
if (lpsz)
|
|
{
|
|
nBytes = WideCharToMultiByte(CP_ACP, 0, lpOld, -1, lpsz, nBytes, NULL, NULL);
|
|
// If WideCharToMultibyte failed, return NULL
|
|
if (nBytes == 0)
|
|
{
|
|
free(lpsz);
|
|
lpsz = NULL;
|
|
}
|
|
}
|
|
|
|
return lpsz;
|
|
}
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Duplicate the first nChars of strToCopy string into malloc memory.
|
|
|
|
Arguments:
|
|
|
|
IN strToCopy - String to copy
|
|
IN nChar - Number of chars to duplicate, does not count NULL at end.
|
|
|
|
Return Value:
|
|
|
|
String in malloc memory
|
|
|
|
History:
|
|
|
|
06/02/2000 robkenny Created
|
|
|
|
--*/
|
|
|
|
char *
|
|
StringNDuplicateA(const char *strToCopy, int nChars)
|
|
{
|
|
if (strToCopy == NULL)
|
|
{
|
|
return NULL;
|
|
}
|
|
|
|
size_t nBytes = (nChars + 1) * sizeof(strToCopy[0]);
|
|
|
|
char *strDuplicate = (char *) malloc(nBytes);
|
|
if (strDuplicate)
|
|
{
|
|
memcpy(strDuplicate, strToCopy, nBytes);
|
|
strDuplicate[nChars] = 0;
|
|
}
|
|
|
|
return strDuplicate;
|
|
}
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Duplicate a string into malloc memory.
|
|
|
|
Arguments:
|
|
|
|
IN strToCopy - String to copy
|
|
|
|
Return Value:
|
|
|
|
String in malloc memory
|
|
|
|
History:
|
|
|
|
01/10/2000 linstev Updated
|
|
02/14/2000 robkenny Converted from VirtualAlloc to malloc
|
|
06/02/2000 robkenny Use StringNDuplicateA
|
|
|
|
--*/
|
|
|
|
char *
|
|
StringDuplicateA(const char *strToCopy)
|
|
{
|
|
if (strToCopy == NULL)
|
|
{
|
|
return NULL;
|
|
}
|
|
|
|
char *strDuplicate = StringNDuplicateA(strToCopy, strlen(strToCopy));
|
|
return strDuplicate;
|
|
}
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Duplicate the first nChars of strToCopy string into malloc memory.
|
|
|
|
Arguments:
|
|
|
|
IN strToCopy - String to copy
|
|
IN nChar - Number of chars to duplicate, does not count NULL at end.
|
|
|
|
Return Value:
|
|
|
|
String in malloc memory
|
|
|
|
History:
|
|
|
|
06/02/2000 robkenny Created
|
|
|
|
--*/
|
|
|
|
WCHAR *
|
|
StringNDuplicateW(const WCHAR *strToCopy, int nChars)
|
|
{
|
|
if (strToCopy == NULL)
|
|
{
|
|
return NULL;
|
|
}
|
|
|
|
size_t nBytes = (nChars + 1) * sizeof(strToCopy[0]);
|
|
|
|
WCHAR *strDuplicate = (WCHAR *) malloc(nBytes);
|
|
if (strDuplicate)
|
|
{
|
|
memcpy(strDuplicate, strToCopy, nBytes);
|
|
strDuplicate[nChars] = 0;
|
|
}
|
|
|
|
return strDuplicate;
|
|
}
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Duplicate a string into malloc memory.
|
|
|
|
Arguments:
|
|
|
|
IN strToCopy - String to copy
|
|
|
|
Return Value:
|
|
|
|
String in malloc memory
|
|
|
|
History:
|
|
|
|
01/10/2000 linstev Updated
|
|
02/14/2000 robkenny Converted from VirtualAlloc to malloc
|
|
06/02/2000 robkenny Use StringNDuplicateW
|
|
|
|
--*/
|
|
|
|
WCHAR *
|
|
StringDuplicateW(const WCHAR *strToCopy)
|
|
{
|
|
if (strToCopy == NULL)
|
|
{
|
|
return NULL;
|
|
}
|
|
|
|
WCHAR *wstrDuplicate = StringNDuplicateW(strToCopy, wcslen(strToCopy));
|
|
return wstrDuplicate;
|
|
}
|
|
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Skip leading whitespace
|
|
|
|
Arguments:
|
|
|
|
IN str - String to scan
|
|
|
|
Return Value:
|
|
|
|
None
|
|
|
|
History:
|
|
|
|
01/10/2000 linstev Updated
|
|
|
|
--*/
|
|
|
|
VOID
|
|
SkipBlanksW(const WCHAR *& str)
|
|
{
|
|
if (str)
|
|
{
|
|
// Skip leading whitespace
|
|
static const WCHAR *WhiteSpaceString = L" \t";
|
|
str += wcsspn(str, WhiteSpaceString);
|
|
}
|
|
}
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Find the first occurance of strCharSet in string
|
|
Case insensitive
|
|
|
|
Arguments:
|
|
|
|
IN string - String to search
|
|
IN strCharSet - String to search for
|
|
|
|
Return Value:
|
|
|
|
First occurance or NULL
|
|
|
|
History:
|
|
|
|
12/01/1999 robkenny Created
|
|
12/15/1999 linstev Reformatted
|
|
|
|
--*/
|
|
|
|
char*
|
|
__cdecl
|
|
stristr(
|
|
IN const char* string,
|
|
IN const char* strCharSet
|
|
)
|
|
{
|
|
char *pszRet = NULL;
|
|
|
|
long nstringLen = strlen(string) + 1;
|
|
long nstrCharSetLen = strlen(strCharSet) + 1;
|
|
|
|
char *szTemp_string = (char *) malloc(nstringLen);
|
|
char *szTemp_strCharSet = (char *) malloc(nstrCharSetLen);
|
|
|
|
if ((!szTemp_string) || (!szTemp_strCharSet))
|
|
{
|
|
goto Fail;
|
|
}
|
|
|
|
StringCchCopyA(szTemp_string, nstringLen, string);
|
|
StringCchCopyA(szTemp_strCharSet, nstrCharSetLen, strCharSet);
|
|
|
|
_strlwr(szTemp_string);
|
|
_strlwr(szTemp_strCharSet);
|
|
|
|
pszRet = strstr(szTemp_string, szTemp_strCharSet);
|
|
|
|
if (pszRet)
|
|
{
|
|
pszRet = ((char *) string) + (pszRet - szTemp_string);
|
|
}
|
|
|
|
Fail:
|
|
if (szTemp_string)
|
|
{
|
|
free(szTemp_string);
|
|
}
|
|
|
|
if (szTemp_strCharSet)
|
|
{
|
|
free(szTemp_strCharSet);
|
|
}
|
|
|
|
return pszRet;
|
|
}
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Find the first occurance of strCharSet in string
|
|
Case insensitive
|
|
|
|
Arguments:
|
|
|
|
IN string - String to search
|
|
IN strCharSet - String to search for
|
|
|
|
Return Value:
|
|
|
|
First occurance or NULL
|
|
|
|
History:
|
|
|
|
12/01/1999 robkenny Created
|
|
12/15/1999 linstev Reformatted
|
|
05/04/2001 maonis Changed to use more efficient implementation.
|
|
|
|
--*/
|
|
|
|
#define _UPPER 0x1 /* upper case letter */
|
|
#define iswupper(_c) (iswctype(_c,_UPPER))
|
|
|
|
WCHAR*
|
|
__cdecl
|
|
wcsistr(
|
|
IN const WCHAR* wcs1,
|
|
IN const WCHAR* wcs2
|
|
)
|
|
{
|
|
wchar_t *cp = (wchar_t *) wcs1;
|
|
wchar_t *s1, *s2;
|
|
wchar_t cs1, cs2;
|
|
|
|
while (*cp)
|
|
{
|
|
s1 = cp;
|
|
s2 = (wchar_t *) wcs2;
|
|
|
|
cs1 = *s1;
|
|
cs2 = *s2;
|
|
|
|
if (iswupper(cs1))
|
|
cs1 = towlower(cs1);
|
|
|
|
if (iswupper(cs2))
|
|
cs2 = towlower(cs2);
|
|
|
|
|
|
while ( *s1 && *s2 && !(cs1-cs2) ) {
|
|
|
|
s1++, s2++;
|
|
|
|
cs1 = *s1;
|
|
cs2 = *s2;
|
|
|
|
if (iswupper(cs1))
|
|
cs1 = towlower(cs1);
|
|
|
|
if (iswupper(cs2))
|
|
cs2 = towlower(cs2);
|
|
}
|
|
|
|
if (!*s2)
|
|
return(cp);
|
|
|
|
cp++;
|
|
}
|
|
|
|
return(NULL);
|
|
}
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Find the next token in a string. See strtok in MSDN.
|
|
Implemented here so we don't need CRT.
|
|
|
|
Arguments:
|
|
|
|
OUT strToken - string containing token(s)
|
|
IN strDelimit - token list
|
|
|
|
Return Value:
|
|
|
|
Return a pointer to the next token found.
|
|
|
|
History:
|
|
|
|
04/19/2000 linstev Created
|
|
|
|
--*/
|
|
|
|
char *
|
|
__cdecl
|
|
_strtok(
|
|
char *strToken,
|
|
const char *strDelimit
|
|
)
|
|
{
|
|
unsigned char *str = (unsigned char *)strToken;
|
|
const unsigned char *ctrl = (const unsigned char *)strDelimit;
|
|
|
|
unsigned char map[32];
|
|
int count;
|
|
char *token;
|
|
|
|
static char *nextoken;
|
|
|
|
// Clear strDelimit map
|
|
for (count = 0; count < 32; count++)
|
|
{
|
|
map[count] = 0;
|
|
}
|
|
|
|
// Set bits in delimiter table
|
|
do
|
|
{
|
|
map[*ctrl >> 3] |= (1 << (*ctrl & 7));
|
|
} while (*ctrl++);
|
|
|
|
// If strToken==NULL, continue with previous strToken
|
|
if (!str)
|
|
{
|
|
str = (unsigned char *)nextoken;
|
|
}
|
|
|
|
// Find beginning of token (skip over leading delimiters). Note that
|
|
// there is no token iff this loop sets strToken to point to the terminal
|
|
// null (*strToken == '\0')
|
|
while ((map[*str >> 3] & (1 << (*str & 7))) && *str)
|
|
{
|
|
str++;
|
|
}
|
|
|
|
token = (char *)str;
|
|
|
|
// Find the end of the token. If it is not the end of the strToken,
|
|
// put a null there.
|
|
for (; *str; str++)
|
|
{
|
|
if (map[*str >> 3] & (1 << (*str & 7)))
|
|
{
|
|
*str++ = '\0';
|
|
break;
|
|
}
|
|
}
|
|
|
|
// Update nextoken (or the corresponding field in the per-thread data
|
|
// structure
|
|
nextoken = (char *)str;
|
|
|
|
// Determine if a token has been found
|
|
if (token == (char *)str)
|
|
{
|
|
return NULL;
|
|
}
|
|
else
|
|
{
|
|
return token;
|
|
}
|
|
}
|
|
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Tests whether an executable is 16-Bit.
|
|
|
|
Arguments:
|
|
|
|
IN szImageName - The name of the executable image.
|
|
|
|
Return Value:
|
|
|
|
TRUE if executable image is found to be 16-bit, FALSE otherwise.
|
|
|
|
History:
|
|
|
|
07/06/2000 t-adams Created
|
|
|
|
--*/
|
|
|
|
BOOL
|
|
IsImage16BitA(LPCSTR lpApplicationName)
|
|
{
|
|
DWORD dwBinaryType;
|
|
|
|
if (GetBinaryTypeA(lpApplicationName, &dwBinaryType))
|
|
{
|
|
return (dwBinaryType == SCS_WOW_BINARY);
|
|
}
|
|
else
|
|
{
|
|
return FALSE;
|
|
}
|
|
}
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Tests whether an executable is 16-Bit.
|
|
|
|
Arguments:
|
|
|
|
IN wstrImageName - The name of the executable image.
|
|
|
|
Return Value:
|
|
|
|
TRUE if executable image is found to be 16-bit, FALSE otherwise.
|
|
|
|
History:
|
|
|
|
07/06/2000 t-adams Created
|
|
|
|
--*/
|
|
|
|
BOOL
|
|
IsImage16BitW(LPCWSTR lpApplicationName)
|
|
{
|
|
DWORD dwBinaryType;
|
|
|
|
if (GetBinaryTypeW(lpApplicationName, &dwBinaryType))
|
|
{
|
|
return (dwBinaryType == SCS_WOW_BINARY);
|
|
}
|
|
else
|
|
{
|
|
return FALSE;
|
|
}
|
|
}
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Match these two strings, with wildcards.
|
|
? matches a single character
|
|
* matches 0 or more characters
|
|
The compare is case in-sensitive
|
|
|
|
Arguments:
|
|
|
|
IN pszPattern - Pattern for matching.
|
|
IN pszTestString - String to match against.
|
|
|
|
Return Value:
|
|
|
|
TRUE if pszTestString matches pszPattern.
|
|
|
|
History:
|
|
|
|
01/09/2001 markder Replaced non-straightforward version.
|
|
|
|
--*/
|
|
|
|
BOOL
|
|
PatternMatchW(
|
|
IN LPCWSTR pszPattern,
|
|
IN LPCWSTR pszTestString)
|
|
{
|
|
//
|
|
// March through pszTestString. Each time through the loop,
|
|
// pszTestString is advanced one character.
|
|
//
|
|
for (;;) {
|
|
|
|
//
|
|
// If pszPattern and pszTestString are both sitting on a NULL,
|
|
// then they reached the end at the same time and the strings
|
|
// must be equal.
|
|
//
|
|
if (*pszPattern == L'\0' && *pszTestString == L'\0') {
|
|
return TRUE;
|
|
}
|
|
|
|
if (*pszPattern != L'*') {
|
|
|
|
//
|
|
// Non-asterisk mode. Look for a match on this character.
|
|
//
|
|
|
|
switch (*(pszPattern)) {
|
|
|
|
case L'?':
|
|
//
|
|
// Match on any character, don't bother comparing.
|
|
//
|
|
pszPattern++;
|
|
break;
|
|
|
|
case L'\\':
|
|
//
|
|
// Backslash indicates to take the next character
|
|
// verbatim. Advance the pointer before making a
|
|
// comparison.
|
|
//
|
|
pszPattern++;
|
|
|
|
default:
|
|
//
|
|
// Compare the characters. If equal, continue traversing.
|
|
// Otherwise, the strings cannot be equal so return FALSE.
|
|
//
|
|
if (towupper(*pszPattern) == towupper(*pszTestString)) {
|
|
pszPattern++;
|
|
} else {
|
|
return FALSE;
|
|
}
|
|
}
|
|
|
|
} else {
|
|
|
|
//
|
|
// Asterisk mode. Look for a match on the character directly
|
|
// after the asterisk.
|
|
//
|
|
|
|
switch (*(pszPattern + 1)) {
|
|
|
|
case L'*':
|
|
//
|
|
// Asterisks exist side by side. Advance the pattern pointer
|
|
// and go through loop again.
|
|
//
|
|
pszPattern++;
|
|
continue;
|
|
|
|
case L'\0':
|
|
//
|
|
// Asterisk exists at the end of the pattern string. Any
|
|
// remaining part of pszTestString matches so we can
|
|
// immediately return TRUE.
|
|
//
|
|
return TRUE;
|
|
|
|
case L'?':
|
|
//
|
|
// Match on any character. If the remaining parts of
|
|
// pszPattern and pszTestString match, then the entire
|
|
// string matches. Otherwise, keep advancing the
|
|
// pszTestString pointer.
|
|
//
|
|
if (PatternMatchW(pszPattern + 1, pszTestString)) {
|
|
return TRUE;
|
|
}
|
|
break;
|
|
|
|
case L'\\':
|
|
//
|
|
// Backslash indicates to take the next character
|
|
// verbatim. Advance the pointer before making a
|
|
// comparison.
|
|
//
|
|
pszPattern++;
|
|
break;
|
|
}
|
|
|
|
if (towupper(*(pszPattern + 1)) == towupper(*pszTestString)) {
|
|
//
|
|
// Characters match. If the remaining parts of
|
|
// pszPattern and pszTestString match, then the entire
|
|
// string matches. Otherwise, keep advancing the
|
|
// pszTestString pointer.
|
|
//
|
|
if (PatternMatchW(pszPattern + 1, pszTestString)) {
|
|
return TRUE;
|
|
}
|
|
}
|
|
}
|
|
|
|
//
|
|
// No more pszTestString left. Must not be a match.
|
|
//
|
|
if (!*pszTestString) {
|
|
return FALSE;
|
|
}
|
|
|
|
pszTestString++;
|
|
}
|
|
return FALSE;
|
|
}
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Determine if the current process is a SafeDisc process. We do this by
|
|
simply by testing if both an .EXE and .ICD extension exist for the
|
|
process name.
|
|
|
|
Arguments:
|
|
|
|
None.
|
|
|
|
Return Value:
|
|
|
|
TRUE if Safedisc 1.x is detected.
|
|
|
|
History:
|
|
|
|
01/23/2001 linstev Created
|
|
|
|
--*/
|
|
|
|
BOOL
|
|
bIsSafeDisc1()
|
|
{
|
|
BOOL bRet = FALSE;
|
|
|
|
CSTRING_TRY
|
|
{
|
|
CString csFileName;
|
|
csFileName.GetModuleFileNameW(NULL);
|
|
|
|
if (csFileName.EndsWithNoCase(L".exe") == 0)
|
|
{
|
|
// Current file is .EXE, check for corresponding .ICD
|
|
|
|
csFileName.Truncate(csFileName.GetLength() - 4);
|
|
csFileName += L".icd";
|
|
|
|
bRet = GetFileAttributesW(csFileName) != 0xFFFFFFFF;
|
|
}
|
|
|
|
if (bRet) {
|
|
DPF("ShimLib", eDbgLevelInfo, "SafeDisc detected: %S", csFileName.Get());
|
|
}
|
|
}
|
|
CSTRING_CATCH
|
|
{
|
|
// Do nothing
|
|
}
|
|
|
|
return bRet;
|
|
}
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Determine if the current process is a SafeDisc process. We do this running the
|
|
image header and looking for a particular signature.
|
|
|
|
Arguments:
|
|
|
|
None.
|
|
|
|
Return Value:
|
|
|
|
TRUE if Safedisc 2 is detected.
|
|
|
|
History:
|
|
|
|
07/28/2001 linstev Created
|
|
|
|
--*/
|
|
|
|
BOOL
|
|
bIsSafeDisc2()
|
|
{
|
|
PPEB Peb = NtCurrentPeb();
|
|
PLIST_ENTRY LdrHead;
|
|
PLIST_ENTRY LdrNext;
|
|
DWORD dwCnt = 0;
|
|
|
|
//
|
|
// Use the try-except in case the module list changes while we're looking at it
|
|
//
|
|
__try {
|
|
//
|
|
// Loop through the loaded modules. We use a count to make sure we
|
|
// aren't looping infinitely
|
|
//
|
|
LdrHead = &Peb->Ldr->InMemoryOrderModuleList;
|
|
|
|
LdrNext = LdrHead->Flink;
|
|
|
|
while ((LdrNext != LdrHead) && (dwCnt < 256)) {
|
|
|
|
PLDR_DATA_TABLE_ENTRY LdrEntry;
|
|
|
|
LdrEntry = CONTAINING_RECORD(LdrNext, LDR_DATA_TABLE_ENTRY, InMemoryOrderLinks);
|
|
|
|
if ((SSIZE_T)LdrEntry->DllBase > 0) {
|
|
//
|
|
// A user mode dll, now check for temp name
|
|
//
|
|
WCHAR *wzName = LdrEntry->BaseDllName.Buffer;
|
|
DWORD dwLen;
|
|
|
|
if (wzName && (dwLen = wcslen(wzName)) && (dwLen > 4) && (_wcsicmp(wzName + dwLen - 4, L".tmp") == 0)) {
|
|
//
|
|
// Name ends in .tmp, so detect SafeDisc
|
|
//
|
|
DWORD_PTR hMod = (DWORD_PTR) LdrEntry->DllBase;
|
|
PIMAGE_DOS_HEADER pIDH = (PIMAGE_DOS_HEADER) hMod;
|
|
PIMAGE_NT_HEADERS pINTH = (PIMAGE_NT_HEADERS)(hMod + pIDH->e_lfanew);
|
|
PIMAGE_EXPORT_DIRECTORY pExport = (PIMAGE_EXPORT_DIRECTORY) (hMod + pINTH->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress);
|
|
LPSTR pName = (LPSTR)(hMod + pExport->Name);
|
|
|
|
if (_stricmp(pName, "SecServ.dll") == 0) {
|
|
//
|
|
// Export name says this is SafeDisc
|
|
//
|
|
DPF("ShimLib", eDbgLevelInfo, "SafeDisc 2 detected");
|
|
return TRUE;
|
|
}
|
|
}
|
|
}
|
|
|
|
dwCnt++;
|
|
LdrNext = LdrEntry->InMemoryOrderLinks.Flink;
|
|
}
|
|
} __except(EXCEPTION_EXECUTE_HANDLER) {
|
|
DPF("ShimLib", eDbgLevelError, "Exception encounterd while detecting SafeDisc 2");
|
|
}
|
|
|
|
return FALSE;
|
|
}
|
|
|
|
/*++
|
|
|
|
Function Description:
|
|
|
|
Determine if the current process is NTVDM.
|
|
|
|
Arguments:
|
|
|
|
None.
|
|
|
|
Return Value:
|
|
|
|
TRUE if NTVDM is detected.
|
|
|
|
History:
|
|
|
|
01/14/2002 clupu Created
|
|
|
|
--*/
|
|
|
|
BOOL
|
|
IsNTVDM(
|
|
void
|
|
)
|
|
{
|
|
PLDR_DATA_TABLE_ENTRY Entry;
|
|
PLIST_ENTRY Head;
|
|
PPEB Peb = NtCurrentPeb();
|
|
|
|
Head = &Peb->Ldr->InLoadOrderModuleList;
|
|
Head = Head->Flink;
|
|
|
|
Entry = CONTAINING_RECORD(Head, LDR_DATA_TABLE_ENTRY, InLoadOrderLinks);
|
|
|
|
if (_wcsicmp(Entry->FullDllName.Buffer, L"ntvdm.exe") == 0) {
|
|
return TRUE;
|
|
}
|
|
|
|
return FALSE;
|
|
}
|
|
|
|
}; // end of namespace ShimLib
|