You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1099 lines
38 KiB
1099 lines
38 KiB
#include <wmiexts.h>
|
|
|
|
#include <oleauto.h>
|
|
|
|
#include <wbemutil.h>
|
|
|
|
#ifndef COREPROX_POLARITY
|
|
#define COREPROX_POLARITY
|
|
#endif
|
|
|
|
#include <arena.h>
|
|
#include <faster.h>
|
|
#include <faststr.h>
|
|
#include <wbemint.h>
|
|
#include <fastcls.h>
|
|
#include <var.h>
|
|
#include <fastinst.h>
|
|
#include <wbemdatapacket.h>
|
|
|
|
//#include <smartnextpacket.h>
|
|
|
|
#pragma pack( push )
|
|
#pragma pack( 1 )
|
|
|
|
// IWbemWCOSmartEnum::Next() Header. Changing this will
|
|
// cause the main version to change
|
|
typedef struct tagWBEM_DATAPACKET_SMARTENUM_NEXT
|
|
{
|
|
DWORD dwSizeOfHeader; // Size of the header struct. Data immediately follows header.
|
|
DWORD dwDataSize; // Size of Data following header.
|
|
} WBEM_DATAPACKET_SMARTENUM_NEXT;
|
|
|
|
typedef WBEM_DATAPACKET_SMARTENUM_NEXT* PWBEM_DATAPACKET_SMARTENUM_NEXT;
|
|
|
|
// restore packing
|
|
#pragma pack( pop )
|
|
|
|
|
|
//#include <objarraypacket.h>
|
|
|
|
#pragma pack( push )
|
|
#pragma pack( 1 )
|
|
|
|
// IWbemClassObject Array Header. Changing this will
|
|
// cause the main version to change
|
|
typedef struct tagWBEM_DATAPACKET_OBJECT_ARRAY
|
|
{
|
|
DWORD dwSizeOfHeader; // Size of the header struct. Data immediately follows header.
|
|
DWORD dwDataSize; // Size of Data following header.
|
|
DWORD dwNumObjects; // Number of objects in the array
|
|
} WBEM_DATAPACKET_OBJECT_ARRAY;
|
|
|
|
typedef WBEM_DATAPACKET_OBJECT_ARRAY* PWBEM_DATAPACKET_OBJECT_ARRAY;
|
|
|
|
// restore packing
|
|
#pragma pack( pop )
|
|
|
|
|
|
#pragma pack( push )
|
|
#pragma pack( 1 )
|
|
|
|
// IWbemObjectSink::Indicate() Header. Changing this will
|
|
// cause the main version to change
|
|
typedef struct tagWBEM_DATAPACKET_OBJECTSINK_INDICATE
|
|
{
|
|
DWORD dwSizeOfHeader; // Size of the header struct. Data immediately follows header.
|
|
DWORD dwDataSize; // Size of Data following header.
|
|
} WBEM_DATAPACKET_OBJECTSINK_INDICATE;
|
|
|
|
typedef WBEM_DATAPACKET_OBJECTSINK_INDICATE* PWBEM_DATAPACKET_OBJECTSINK_INDICATE;
|
|
|
|
// restore packing
|
|
#pragma pack( pop )
|
|
|
|
#pragma pack( push )
|
|
#pragma pack( 1 )
|
|
|
|
// IWbemObjectSink::Indicate() Header. Changing this will
|
|
// cause the main version to change
|
|
typedef struct tagWBEM_DATAPACKET_UNBOUNDSINK_INDICATE
|
|
{
|
|
DWORD dwSizeOfHeader; // Size of the header struct. Data immediately follows header.
|
|
DWORD dwDataSize; // Size of Data following header.
|
|
DWORD dwLogicalConsumerSize; // Size of Logical Consumer Object
|
|
} WBEM_DATAPACKET_UNBOUNDSINK_INDICATE;
|
|
|
|
#ifdef _WIN64
|
|
typedef UNALIGNED WBEM_DATAPACKET_UNBOUNDSINK_INDICATE * PWBEM_DATAPACKET_UNBOUNDSINK_INDICATE;
|
|
#else
|
|
typedef WBEM_DATAPACKET_UNBOUNDSINK_INDICATE * PWBEM_DATAPACKET_UNBOUNDSINK_INDICATE;
|
|
#endif
|
|
|
|
// restore packing
|
|
#pragma pack( pop )
|
|
|
|
#pragma pack( push )
|
|
#pragma pack( 1 )
|
|
|
|
// IWbemMultiTarget::DeliverEvent() Header. Changing this will
|
|
// cause the main version to change
|
|
typedef struct tagWBEM_DATAPACKET_MULTITARGET_DELIVEREVENT
|
|
{
|
|
DWORD dwSizeOfHeader; // Size of the header struct. Data immediately follows header.
|
|
DWORD dwDataSize; // Size of Data following header.
|
|
} WBEM_DATAPACKET_MULTITARGET_DELIVEREVENT;
|
|
|
|
typedef WBEM_DATAPACKET_MULTITARGET_DELIVEREVENT* PWBEM_DATAPACKET_MULTITARGET_DELIVEREVENT;
|
|
|
|
// restore packing
|
|
#pragma pack( pop )
|
|
|
|
|
|
|
|
#include <wbemobjpacket.h>
|
|
|
|
#include <malloc.h>
|
|
|
|
#ifndef HEAP_ENTRY
|
|
|
|
typedef struct _HEAP_ENTRY
|
|
{
|
|
USHORT Size;
|
|
USHORT PreviousSize;
|
|
UCHAR SmallTagIndex;
|
|
UCHAR Flags;
|
|
UCHAR UnusedBytes;
|
|
UCHAR SegmentIndex;
|
|
#if defined(_WIN64)
|
|
ULONGLONG Reserved1;
|
|
#endif
|
|
|
|
} HEAP_ENTRY, *PHEAP_ENTRY;
|
|
|
|
#endif
|
|
|
|
void GetCompressedString(ULONG_PTR pRemoteAddr,
|
|
BYTE * pBuff,
|
|
DWORD Size){
|
|
|
|
if (pRemoteAddr) {
|
|
|
|
CCompressedString * pCS = (CCompressedString *)_alloca(Size*2);
|
|
ReadMemory(pRemoteAddr,pCS,Size*2,0);
|
|
|
|
pBuff[Size-2]=0;
|
|
pBuff[Size-1]=0;
|
|
if (pCS->m_fFlags == STRING_FLAG_UNICODE){
|
|
WideCharToMultiByte(CP_ACP,0,(WCHAR *)&(pCS->m_cFirstByte),-1,(LPSTR)pBuff,Size-2,NULL,NULL);
|
|
} else {
|
|
memcpy(pBuff,&(pCS->m_cFirstByte),Size-2);
|
|
}
|
|
} else {
|
|
lstrcpyA((LPSTR)pBuff,"<NULL>");
|
|
}
|
|
|
|
}
|
|
|
|
/*
|
|
protected:
|
|
length_t m_nTotalLength;
|
|
//CDecorationPart m_DecorationPart;
|
|
CClassAndMethods m_ParentPart;
|
|
CClassAndMethods m_CombinedPart;
|
|
|
|
int m_nCurrentMethod;
|
|
CLimitationMapping* m_pLimitMapping;
|
|
friend class CWbemInstance;
|
|
|
|
*/
|
|
|
|
/*
|
|
CClassPart m_ClassPart;
|
|
CMethodPart m_MethodPart;
|
|
CWbemClass* m_pClass;
|
|
*/
|
|
|
|
|
|
void
|
|
DumpClass(CClassPart * pCls){
|
|
|
|
BYTE pBuff[256];
|
|
|
|
dprintf(" m_pContainer %p m_pParent %p m_pHeader %p\n",pCls->m_pContainer,pCls->m_pParent,pCls->m_pHeader);
|
|
|
|
DEFINE_CPP_VAR(CClassPart::CClassPartHeader,varHeader);
|
|
CClassPart::CClassPartHeader * pHeader = GET_CPP_VAR_PTR( CClassPart::CClassPartHeader , varHeader );
|
|
|
|
if (pCls->m_pHeader){
|
|
ReadMemory((ULONG_PTR)pCls->m_pHeader,pHeader,sizeof(CClassPart::CClassPartHeader),0);
|
|
|
|
dprintf(" nLength %x fFlags %02x ptrClassName %08x nDataLength %x\n",pHeader->nLength,pHeader->fFlags,pHeader->ptrClassName,pHeader->nDataLength);
|
|
}
|
|
|
|
dprintf(" DL m_nNumStrings %x %08x\n",pCls->m_Derivation.m_nNumStrings,pCls->m_Derivation.m_pnLength);
|
|
|
|
dprintf(" QS m_nLength %x m_pOthers %08x m_pHeap %08x\n",pCls->m_Qualifiers.m_nLength,pCls->m_Qualifiers.m_pOthers,pCls->m_Qualifiers.m_pHeap);
|
|
|
|
DEFINE_CPP_VAR(CFastHeap,varCFastHeap);
|
|
CFastHeap * pFHeap = GET_CPP_VAR_PTR( CFastHeap , varCFastHeap );
|
|
ReadMemory((ULONG_PTR)pCls->m_Qualifiers.m_pHeap,pFHeap,sizeof(CFastHeap),0);
|
|
dprintf(" FH m_pHeapData %08x m_pHeapHeader %08x m_pContainer %08x\n",pFHeap->m_pHeapData,pFHeap->m_pHeapHeader,pFHeap->m_pContainer);
|
|
|
|
dprintf(" m_nPropagationFlag %x m_nRef %x\n",pCls->m_Qualifiers.m_nPropagationFlag,pCls->m_Qualifiers.m_nRef);
|
|
dprintf(" m_pControl %08x m_pContainer %08x m_pSecondarySet %08x\n",pCls->m_Qualifiers.m_pControl,pCls->m_Qualifiers.m_pContainer,pCls->m_Qualifiers.m_pSecondarySet);
|
|
|
|
dprintf(" BA m_nSize %x m_astrStrings %08x\n",pCls->m_Qualifiers.m_astrCurrentNames.m_nSize,pCls->m_Qualifiers.m_astrCurrentNames.m_astrStrings);
|
|
|
|
int nProp;
|
|
if (pCls->m_Properties.m_pnProps) {
|
|
|
|
ReadMemory((ULONG_PTR)pCls->m_Properties.m_pnProps,&nProp,sizeof(int),0);
|
|
dprintf(" PR m_pnProps %08x %x m_pContainer %08x\n",pCls->m_Properties.m_pnProps,nProp,pCls->m_Properties.m_pContainer);
|
|
|
|
CPropertyLookup * pPropLook = (CPropertyLookup *)_alloca(nProp*sizeof(CPropertyLookup));
|
|
ReadMemory((ULONG_PTR)pCls->m_Properties.m_pnProps+sizeof(int),pPropLook,nProp*sizeof(CPropertyLookup),0);
|
|
|
|
DWORD i;
|
|
for (i=0;i<nProp;i++){
|
|
|
|
pBuff[0]=0;
|
|
if ((ULONG_PTR)(pCls->m_Heap.m_pHeapData+pPropLook[i].ptrName) != 0xffffffff){
|
|
GetCompressedString((ULONG_PTR)(pCls->m_Heap.m_pHeapData+pPropLook[i].ptrName),pBuff,sizeof(pBuff));
|
|
}
|
|
|
|
DEFINE_CPP_VAR(CPropertyInformation,varCPropertyInformation);
|
|
CPropertyInformation * pPropInfo = GET_CPP_VAR_PTR( CPropertyInformation , varCPropertyInformation );
|
|
ReadMemory((ULONG_PTR)pCls->m_Heap.m_pHeapData+pPropLook[i].ptrInformation,pPropInfo ,sizeof(CPropertyInformation),0);
|
|
|
|
|
|
dprintf(" prop %d %s Type %08x DataIdx %04x DataOff %08x Origin %08x\n",i,
|
|
pBuff,
|
|
pPropInfo->nType,
|
|
pPropInfo->nDataIndex,
|
|
pPropInfo->nDataOffset,
|
|
pPropInfo->nOrigin);
|
|
if (CheckControlC())
|
|
break;
|
|
}
|
|
|
|
} else {
|
|
dprintf(" PR m_pnProps %08x m_pContainer %08x\n",pCls->m_Properties.m_pnProps,pCls->m_Properties.m_pContainer);
|
|
}
|
|
|
|
CDataTable * pCData = &pCls->m_Defaults;
|
|
dprintf(" DT m_pNullness %08x m_pData %08x m_nLength %x m_nProps %x m_pContainer %08x\n",pCData->m_pNullness,pCData->m_pData,pCData->m_nLength,pCData->m_nProps,pCData->m_pContainer);
|
|
|
|
dprintf(" FH m_pHeapData %08x m_pHeapHeader %08x m_pContainer %08x\n",pCls->m_Heap.m_pHeapData,pCls->m_Heap.m_pHeapHeader,pCls->m_Heap.m_pContainer);
|
|
//CHeapHeader m_LocalHeapHeader;
|
|
|
|
BYTE * pHeap = pCls->m_Heap.m_pHeapData;
|
|
pBuff[0]=0;
|
|
if ((DWORD)(pHeader->ptrClassName) != 0xffffffff){
|
|
GetCompressedString((ULONG_PTR)(pHeap+pHeader->ptrClassName),pBuff,sizeof(pBuff));
|
|
}
|
|
dprintf(" __RELPATH %s\n",pBuff);
|
|
|
|
|
|
}
|
|
|
|
void DecodeStatus(DWORD dwInternalStatus)
|
|
{
|
|
if (dwInternalStatus & WBEM_OBJ_DECORATION_PART) dprintf("WBEM_OBJ_DECORATION_PART ");
|
|
if (dwInternalStatus & WBEM_OBJ_INSTANCE_PART) dprintf("WBEM_OBJ_INSTANCE_PART ");
|
|
if (dwInternalStatus & WBEM_OBJ_CLASS_PART) dprintf("WBEM_OBJ_CLASS_PART ");
|
|
if (dwInternalStatus & WBEM_OBJ_CLASS_PART_INTERNAL) dprintf("WBEM_OBJ_CLASS_PART_INTERNAL ");
|
|
if (dwInternalStatus & WBEM_OBJ_CLASS_PART_SHARED) dprintf("WBEM_OBJ_CLASS_PART_SHARED ");
|
|
};
|
|
|
|
DECLARE_API(wc) {
|
|
|
|
INIT_API();
|
|
|
|
DEFINE_CPP_VAR( CWbemClass, varCWbemClass);
|
|
CWbemClass * pCls = GET_CPP_VAR_PTR( CWbemClass , varCWbemClass );
|
|
|
|
ULONG_PTR pByte = 0;
|
|
pByte = GetExpression(args);
|
|
|
|
if (pByte){
|
|
ReadMemory(pByte,pCls,sizeof(CWbemClass),0);
|
|
|
|
dprintf(" m_nRef %d m_bOwnMemory %d\n",pCls->m_nRef,pCls->m_bOwnMemory);
|
|
dprintf(" m_nCurrentProp %08x m_lEnumFlags %08x m_lExtEnumFlags %08x\n",pCls->m_nCurrentProp,pCls->m_lEnumFlags,pCls->m_lExtEnumFlags);
|
|
dprintf(" m_dwInternalStatus %08x m_pMergedClassObject %08x\n",pCls->m_dwInternalStatus,pCls->m_pMergedClassObject);
|
|
|
|
BYTE * pData = pCls->m_DecorationPart.m_pfFlags;
|
|
BYTE pBuff1[256];
|
|
GetCompressedString((ULONG_PTR)pCls->m_DecorationPart.m_pcsServer,pBuff1,sizeof(pBuff1));
|
|
BYTE pBuff2[256];
|
|
GetCompressedString((ULONG_PTR)pCls->m_DecorationPart.m_pcsNamespace,pBuff2,sizeof(pBuff2));
|
|
|
|
BYTE b=0xff;
|
|
if (pData){
|
|
ReadMemory((ULONG_PTR)pData,&b,sizeof(b),0);
|
|
}
|
|
dprintf(" m_DecorationPart.m_pfFlags %p FLAG %02x\n",pData,b);
|
|
dprintf(" Server: %s Namespace: %s\n",pBuff1,pBuff2);
|
|
|
|
dprintf(" m_LockData: m_lLock %d m_lLockCount %d m_dwThreadId %x\n",pCls->m_LockData.m_lLock,pCls->m_LockData.m_lLockCount,pCls->m_LockData.m_dwThreadId);
|
|
|
|
dprintf(" m_Lock.m_pData %p\n",pCls->m_Lock.m_pData);
|
|
|
|
//dprintf(" m_pBlobControl %08x m_refDataTable %08x m_refDataHeap %08x m_refDerivationList %08x\n",pCls->m_pBlobControl,((void *)&pCls->m_refDataTable),((void *)&pCls->m_refDataHeap),((void *)&pCls->m_refDerivationList));
|
|
dprintf(" m_pBlobControl %p\n",pCls->m_pBlobControl);
|
|
|
|
DEFINE_CPP_VAR( CDataTable,varCDataTable);
|
|
CDataTable * pCData = GET_CPP_VAR_PTR(CDataTable,varCDataTable);
|
|
if(pCData){
|
|
ReadMemory((ULONG_PTR)(&(pCls->m_refDataTable)),pCData,sizeof(CDataTable),0);
|
|
dprintf(" m_pNullness %p m_pData %p m_nLength %x m_nProps %x m_pContainer %08x\n",pCData->m_pNullness,pCData->m_pData,pCData->m_nLength,pCData->m_nProps,pCData->m_pContainer);
|
|
}
|
|
|
|
DEFINE_CPP_VAR(CFastHeap,varCFastHeap);
|
|
CFastHeap * pFHeap = GET_CPP_VAR_PTR( CFastHeap , varCFastHeap );
|
|
DWORD * pFoo = (DWORD *)&(pCls->m_refDataHeap);
|
|
ReadMemory((ULONG_PTR )pFoo,pFHeap,sizeof(CFastHeap),0);
|
|
dprintf(" FH m_pHeapData %p m_pHeapHeader %p m_pContainer %p\n",pFHeap->m_pHeapData,pFHeap->m_pHeapHeader,pFHeap->m_pContainer);
|
|
|
|
dprintf(" m_nTotalLength %x\n",pCls->m_nTotalLength);
|
|
|
|
dprintf(" m_ParentPart at offset %x\n",(ULONG_PTR)&pCls->m_ParentPart-(ULONG_PTR)pCls);
|
|
dprintf(" m_ParentPart.m_pClassPart at offset %x\n",(ULONG_PTR)&(pCls->m_ParentPart.m_ClassPart)-(ULONG_PTR)pCls);
|
|
|
|
|
|
DumpClass(&(pCls->m_ParentPart.m_ClassPart));
|
|
|
|
dprintf(" m_CombinedPart at offset %x\n",(ULONG_PTR)&pCls->m_CombinedPart-(ULONG_PTR)pCls);
|
|
|
|
DumpClass(&(pCls->m_CombinedPart.m_ClassPart));
|
|
|
|
dprintf(" m_pClass %08x\n",pCls->m_ParentPart.m_pClass);
|
|
|
|
} else {
|
|
dprintf("invalid address %s\n",args);
|
|
}
|
|
|
|
}
|
|
|
|
void
|
|
DumpInstance(CInstancePart * pIns)
|
|
{
|
|
dprintf(" m_pContainer %08x m_pHeader %08x\n",pIns->m_pContainer,pIns->m_pHeader);
|
|
|
|
dprintf(" DT m_DataTable m_pNullness %08x m_pData %08x\n",pIns->m_DataTable.m_pNullness,pIns->m_DataTable.m_pData);
|
|
dprintf(" m_nLength %x m_nProps %x m_pContainer %08x\n",pIns->m_DataTable.m_nLength,pIns->m_DataTable.m_nProps,pIns->m_DataTable.m_pContainer);
|
|
|
|
dprintf(" Q m_Qualifiers m_nPropagationFlag %08x m_nRef %x m_pControl %08x\n",pIns->m_Qualifiers.m_nPropagationFlag,pIns->m_Qualifiers.m_nRef,pIns->m_Qualifiers.m_pControl);
|
|
dprintf(" m_pContainer %08x m_pSecondarySet %08x\n",pIns->m_Qualifiers.m_pContainer,pIns->m_Qualifiers.m_pSecondarySet);
|
|
CFixedBSTRArray * pArr = &(pIns->m_Qualifiers.m_astrCurrentNames);
|
|
dprintf(" m_nCurrentIndex %x\n",pIns->m_Qualifiers.m_nCurrentIndex);
|
|
|
|
DEFINE_CPP_VAR(CInstancePart::CInstancePartHeader,varHeader);
|
|
CInstancePart::CInstancePartHeader * pHeader = GET_CPP_VAR_PTR( CInstancePart::CInstancePartHeader , varHeader );
|
|
|
|
if (pIns->m_pHeader)
|
|
{
|
|
if (ReadMemory((ULONG_PTR)pIns->m_pHeader,pHeader,sizeof(CInstancePart::CInstancePartHeader),0))
|
|
{
|
|
dprintf(" nLength %x fFlags %02x ptrClassName %08x \n",pHeader->nLength,pHeader->fFlags,pHeader->ptrClassName);
|
|
}
|
|
else
|
|
{
|
|
dprintf("RM %p\n",pIns->m_pHeader);
|
|
}
|
|
}
|
|
|
|
dprintf(" FH m_pHeapData %08x m_pHeapHeader %08x m_pContainer %08x\n",pIns->m_Heap.m_pHeapData,pIns->m_Heap.m_pHeapHeader,pIns->m_Heap.m_pContainer);
|
|
|
|
}
|
|
|
|
|
|
DECLARE_API(wi)
|
|
{
|
|
|
|
INIT_API();
|
|
|
|
DEFINE_CPP_VAR( CWbemInstance, varCWbemInstance);
|
|
CWbemInstance * pCls = GET_CPP_VAR_PTR( CWbemInstance , varCWbemInstance );
|
|
|
|
ULONG_PTR pByte = 0;
|
|
pByte = GetExpression(args);
|
|
|
|
if (pByte)
|
|
{
|
|
if (ReadMemory(pByte,pCls,sizeof(CWbemInstance),0))
|
|
{
|
|
//length_t m_nTotalLength;
|
|
//dprintf(" m_nTotalLength %08x\n",pCls->m_nTotalLength);
|
|
|
|
dprintf(" m_nRef %d m_bOwnMemory %d\n",pCls->m_nRef,pCls->m_bOwnMemory);
|
|
dprintf(" m_nCurrentProp %08x m_lEnumFlags %08x m_lExtEnumFlags %08x\n",pCls->m_nCurrentProp,pCls->m_lEnumFlags,pCls->m_lExtEnumFlags);
|
|
dprintf(" m_dwInternalStatus %08x\n",pCls->m_dwInternalStatus);
|
|
DecodeStatus(pCls->m_dwInternalStatus);
|
|
dprintf("\n");
|
|
dprintf(" m_pMergedClassObject %08x\n",pCls->m_pMergedClassObject);
|
|
|
|
BYTE * pData = pCls->m_DecorationPart.m_pfFlags;
|
|
BYTE pBuff1[256];
|
|
GetCompressedString((ULONG_PTR)pCls->m_DecorationPart.m_pcsServer,pBuff1,sizeof(pBuff1));
|
|
BYTE pBuff2[256];
|
|
GetCompressedString((ULONG_PTR)pCls->m_DecorationPart.m_pcsNamespace,pBuff2,sizeof(pBuff2));
|
|
|
|
BYTE b=0xff;
|
|
if (pData){
|
|
ReadMemory((ULONG_PTR)pData,&b,sizeof(b),0);
|
|
}
|
|
dprintf(" m_DecorationPart.m_pfFlags %p FLAG %02x\n",pData,b);
|
|
dprintf(" Server: %s Namespace: %s\n",pBuff1,pBuff2);
|
|
|
|
//CClassPart m_ClassPart;
|
|
DumpClass(&(pCls->m_ClassPart));
|
|
|
|
//CInstancePart m_InstancePart;
|
|
DumpInstance(&(pCls->m_InstancePart));
|
|
|
|
//CVar m_CachedKey;
|
|
dprintf(" m_vt %08x m_value %08x m_nStatus %08x m_bCanDelete %08x\n",pCls->m_CachedKey.m_vt,pCls->m_CachedKey.m_value.pUnk,pCls->m_CachedKey.m_nStatus,pCls->m_CachedKey.m_bCanDelete);
|
|
}
|
|
else
|
|
{
|
|
dprintf("RM %p\n",pByte);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
dprintf("invalid address %s\n",args);
|
|
}
|
|
}
|
|
|
|
|
|
DECLARE_API(cp) {
|
|
|
|
INIT_API();
|
|
|
|
DEFINE_CPP_VAR( CClassPart, varCClassPart);
|
|
CClassPart * pCls = GET_CPP_VAR_PTR( CClassPart , varCClassPart );
|
|
|
|
ULONG_PTR pByte = 0;
|
|
pByte = GetExpression(args);
|
|
|
|
if (pByte){
|
|
ReadMemory(pByte,pCls,sizeof(CClassPart),0);
|
|
|
|
DumpClass(pCls);
|
|
|
|
} else {
|
|
dprintf("invalid address %s\n",args);
|
|
}
|
|
|
|
}
|
|
|
|
/*
|
|
typedef union
|
|
{
|
|
char cVal; // VT_I1
|
|
BYTE bVal; // VT_UI1
|
|
SHORT iVal; // VT_I2
|
|
WORD wVal; // VT_UI2
|
|
LONG lVal; // VT_I4
|
|
DWORD dwVal; // VT_UI4
|
|
VARIANT_BOOL boolVal; // VT_BOOL
|
|
|
|
float fltVal; // VT_R4
|
|
double dblVal; // VT_R8
|
|
|
|
LPSTR pStr; // VT_LPSTR
|
|
LPWSTR pWStr; // VT_LPWSTR
|
|
BSTR Str; // VT_BSTR (stored as VT_LPWSTR)
|
|
|
|
FILETIME Time; // VT_FILETIME
|
|
BLOB Blob; // VT_BLOB
|
|
LPCLSID pClsId; // VT_CLSID
|
|
IUnknown* pUnk; // VT_UNKNOWN
|
|
IDispatch* pDisp; // VT_DISPATCH
|
|
CVarVector *pVarVector; // VT_EX_CVARVECTOR
|
|
|
|
} METAVALUE;
|
|
|
|
int m_vt;
|
|
METAVALUE m_value;
|
|
int m_nStatus;
|
|
BOOL m_bCanDelete;
|
|
|
|
|
|
*/
|
|
|
|
DECLARE_API(cvar) {
|
|
|
|
INIT_API();
|
|
|
|
DEFINE_CPP_VAR( CVar, varCVar);
|
|
CVar * pVar = GET_CPP_VAR_PTR( CVar , varCVar );
|
|
|
|
WCHAR pwBuff[128];
|
|
CHAR pBuff[128];
|
|
|
|
ULONG_PTR pByte = 0;
|
|
pByte = GetExpression(args);
|
|
|
|
if (pByte){
|
|
ReadMemory(pByte,pVar,sizeof(CVar),0);
|
|
|
|
switch(pVar->m_vt){
|
|
case VT_I1:
|
|
dprintf("VT_I1 %02x\n",pVar->m_value.cVal);
|
|
break;
|
|
case VT_UI1:
|
|
dprintf("VT_UI1 %02x\n",pVar->m_value.bVal);
|
|
break;
|
|
|
|
case VT_I2:
|
|
dprintf("VT_I2 %04x\n",pVar->m_value.iVal);
|
|
break;
|
|
|
|
case VT_UI2:
|
|
dprintf("VT_UI2 %04x\n",pVar->m_value.wVal);
|
|
break;
|
|
|
|
case VT_I4:
|
|
dprintf("VT_I4 %08x\n",pVar->m_value.lVal);
|
|
break;
|
|
|
|
case VT_UI4:
|
|
dprintf("VT_UI4 %08x\n",pVar->m_value.dwVal);
|
|
break;
|
|
|
|
case VT_BOOL:
|
|
dprintf("VT_BOOL %04x\n",pVar->m_value.boolVal);
|
|
break;
|
|
|
|
case VT_R4:
|
|
dprintf("VT_R4 %f\n",pVar->m_value.fltVal);
|
|
break;
|
|
|
|
case VT_R8:
|
|
dprintf("VT_R8 %e\n",pVar->m_value.dblVal);
|
|
break;
|
|
|
|
case VT_LPSTR:
|
|
ReadMemory((ULONG_PTR)pVar->m_value.pStr,pBuff,sizeof(pBuff),0);
|
|
pBuff[sizeof(pBuff)-1]=0;
|
|
dprintf("VT_LPSTR %s\n",pBuff);
|
|
break;
|
|
|
|
case VT_LPWSTR:
|
|
case VT_BSTR:
|
|
ReadMemory((ULONG_PTR)pVar->m_value.pWStr,pwBuff,sizeof(pwBuff),0);
|
|
pwBuff[sizeof(pwBuff)-1]=0;
|
|
WideCharToMultiByte(CP_ACP,0,pwBuff,-1,pBuff,sizeof(pBuff),NULL,NULL);
|
|
pBuff[sizeof(pBuff)-1]=0;
|
|
dprintf("VT_BSTR %s\n",pBuff);
|
|
break;
|
|
/*
|
|
|
|
FILETIME Time; // VT_FILETIME
|
|
BLOB Blob; // VT_BLOB
|
|
LPCLSID pClsId; // VT_CLSID
|
|
IUnknown* pUnk; // VT_UNKNOWN
|
|
IDispatch* pDisp; // VT_DISPATCH
|
|
*/
|
|
case VT_EX_CVARVECTOR:
|
|
//CVarVector *pVarVector; // VT_EX_CVARVECTOR
|
|
dprintf("VT_EX_CVARVECTOR %08x\n",pVar->m_value.pVarVector);
|
|
break;
|
|
default:
|
|
dprintf("m_vt %08x\n",pVar->m_vt);
|
|
}
|
|
|
|
} else {
|
|
dprintf("invalid address %s\n",args);
|
|
}
|
|
|
|
}
|
|
|
|
/*
|
|
class POLARITY CVarVector
|
|
{
|
|
int m_nType;
|
|
CFlexArray m_Array;
|
|
int m_nStatus;
|
|
*/
|
|
|
|
|
|
|
|
LPSTR g_QualStrings[] = {
|
|
"", // nothing for index 0
|
|
"key",
|
|
"",
|
|
"read",
|
|
"write",
|
|
"volatile",
|
|
"provider",
|
|
"dynamic",
|
|
"cimwin32",
|
|
"DWORD",
|
|
"CIMTYPE"
|
|
};
|
|
|
|
DWORD g_ValLengths[128] =
|
|
{
|
|
/* 0*/ 0, 0, 2, 4, 4, 8, 0, 0, 4, 0,
|
|
/*10*/ 0, 2, 0, 4, 0, 0, 1, 1, 2, 4,
|
|
/*20*/ 8, 8, 0, 0, 0, 0, 0, 0, 0, 0,
|
|
/*30*/ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
|
/*40*/ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
|
/*50*/ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
|
/*60*/ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
|
/*70*/ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
|
/*80*/ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
|
/*90*/ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
|
/*100*/0, 4, 4, 2, 0, 0, 0, 0, 0, 0,
|
|
/*110*/0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
|
/*120*/0, 0, 0, 0, 0, 0, 0, 0
|
|
};
|
|
|
|
int lstrlenWunal( WCHAR UNALIGNED * pStr)
|
|
{
|
|
int ret = 0;
|
|
while (*pStr++) ret++;
|
|
return ret;
|
|
};
|
|
|
|
VOID
|
|
ParseBlob(BYTE * pMemOrg,ULONG_PTR Addr)
|
|
{
|
|
DWORD ClassPartLength = 0;
|
|
DWORD i;
|
|
BYTE * pMem = pMemOrg;
|
|
BYTE Flags;
|
|
BOOL IsInstance = FALSE;
|
|
BOOL SkipDecoration = TRUE;
|
|
|
|
BYTE BFlags = *pMem;
|
|
pMem++;
|
|
if (OBJECT_FLAG_CLASS & BFlags )
|
|
{
|
|
dprintf("CLASS\n");
|
|
}
|
|
if (OBJECT_FLAG_INSTANCE & BFlags )
|
|
{
|
|
dprintf("INSTANCE\n");
|
|
IsInstance = TRUE;
|
|
}
|
|
if (OBJECT_FLAG_DECORATED & BFlags)
|
|
{
|
|
dprintf("DECORATED\n");
|
|
}
|
|
if (OBJECT_FLAG_LIMITED & BFlags)
|
|
{
|
|
dprintf("LIMITED\n");
|
|
}
|
|
if (OBJECT_FLAG_CLIENT_ONLY & BFlags)
|
|
{
|
|
dprintf("CLIENT_ONLY\n");
|
|
}
|
|
|
|
if (BFlags & OBJECT_FLAG_DECORATED)
|
|
{
|
|
SkipDecoration = FALSE;
|
|
//dprintf("decoration:\n");
|
|
Flags = *pMem;
|
|
pMem++;
|
|
if (Flags == STRING_FLAG_UNICODE)
|
|
{
|
|
dprintf("SERVER : %S\n",pMem);
|
|
pMem+=(1+2*lstrlenWunal((WCHAR UNALIGNED *)pMem));
|
|
}
|
|
else
|
|
{
|
|
dprintf("SERVER : %s\n",pMem);
|
|
pMem+=(1+lstrlenA((CHAR *)pMem));
|
|
}
|
|
Flags = *pMem;
|
|
pMem++;
|
|
if (Flags == STRING_FLAG_UNICODE)
|
|
{
|
|
dprintf("namespace: %S\n",pMem);
|
|
pMem+=(1+2*lstrlenWunal((WCHAR UNALIGNED *)pMem));
|
|
}
|
|
else
|
|
{
|
|
dprintf("NAMESPACE: %s\n",pMem);
|
|
pMem+=(1+lstrlenA((CHAR *)pMem));
|
|
}
|
|
};
|
|
|
|
ClassPartLength = *((DWORD UNALIGNED *)pMem);
|
|
pMem += sizeof(DWORD);
|
|
|
|
BYTE Unused = *pMem;
|
|
pMem++;
|
|
|
|
DWORD HeapPtrName = *((DWORD UNALIGNED *)pMem);
|
|
pMem += sizeof(DWORD);
|
|
|
|
DWORD NullDefaultSize = *((DWORD UNALIGNED *)pMem);
|
|
pMem += sizeof(DWORD);
|
|
|
|
DWORD DerivationSize = *((DWORD UNALIGNED *)pMem);
|
|
DerivationSize &= 0xFFFF;
|
|
|
|
//dprintf("D %08x\n",DerivationSize);
|
|
|
|
DWORD QualSetSize = *((DWORD UNALIGNED *)(pMem+DerivationSize));
|
|
//dprintf("Q %08x\n",QualSetSize);
|
|
QualSetSize &= 0xFFFF;
|
|
DWORD NumProps = *((DWORD UNALIGNED *)(pMem+DerivationSize+QualSetSize));
|
|
|
|
DWORD UNALIGNED * pPropLookup = (DWORD UNALIGNED *)(pMem+DerivationSize+QualSetSize+sizeof(DWORD));
|
|
BYTE * pPropLookup_OOP = (BYTE *)Addr + (pMem - pMemOrg) + DerivationSize+QualSetSize;
|
|
BYTE * HeapPtr = pMem + DerivationSize + QualSetSize + sizeof(DWORD) + NumProps*(2*sizeof(DWORD)) + NullDefaultSize;
|
|
BYTE * HeapPtr_OOP = (BYTE *)Addr + (pMem - pMemOrg) + DerivationSize + QualSetSize + sizeof(DWORD) + NumProps*(2*sizeof(DWORD)) + NullDefaultSize;
|
|
|
|
//dprintf("CPLen %p N %p D %p Q %p Prop %p Heap %p\n",
|
|
// ClassPartLength,
|
|
// NullDefaultSize,
|
|
// DerivationSize,QualSetSize,NumProps,*((DWORD UNALIGNED *)HeapPtr));
|
|
|
|
dprintf(" class_and_method\n");
|
|
|
|
dprintf(" class_Part\n");
|
|
|
|
if (0xFFFFFFFF != HeapPtrName)
|
|
{
|
|
BYTE * pName = HeapPtr + sizeof(DWORD) + HeapPtrName;
|
|
Flags = *pName;
|
|
pName++;
|
|
if (Flags == STRING_FLAG_UNICODE)
|
|
{
|
|
dprintf(" class : %S\n",pName);
|
|
}
|
|
else
|
|
{
|
|
dprintf(" class : %s\n",pName);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
dprintf(" class : %08x\n",HeapPtrName);
|
|
}
|
|
// QualSet
|
|
dprintf(" qualifierset %p\n",Addr+(pMem + DerivationSize - pMemOrg));
|
|
ULONG_PTR pEndQualSet = (ULONG_PTR)pMem + DerivationSize + QualSetSize;
|
|
BYTE * pQualSet = pMem + DerivationSize + sizeof(DWORD);
|
|
|
|
//dprintf(" %p %p\n",pQualSet,pEndQualSet);
|
|
while((ULONG_PTR)pQualSet < pEndQualSet)
|
|
{
|
|
DWORD dwHeapPtr = (*((DWORD UNALIGNED *)pQualSet));
|
|
pQualSet += sizeof(DWORD);
|
|
BYTE Flavor = *pQualSet;
|
|
pQualSet += sizeof(BYTE);
|
|
DWORD Type = (*((DWORD UNALIGNED *)pQualSet));
|
|
pQualSet += sizeof(DWORD);
|
|
BYTE * pData = pQualSet;
|
|
pQualSet += g_ValLengths[Type&0x7F];
|
|
|
|
if (dwHeapPtr & 0x80000000)
|
|
{
|
|
dprintf(" %s %02x %08x %p\n",g_QualStrings[dwHeapPtr&0x7fffffff],Flavor,Type,*(DWORD UNALIGNED *)pData);
|
|
}
|
|
else
|
|
{
|
|
dprintf(" %s %02x %08x %p\n",HeapPtr+dwHeapPtr+1+sizeof(DWORD),Flavor,Type,*(DWORD UNALIGNED *)pData);
|
|
}
|
|
|
|
if (CheckControlC())
|
|
break;
|
|
}
|
|
// property lookup table
|
|
dprintf(" propertylookup %p\n",pPropLookup_OOP);
|
|
for (i=0;i<NumProps;i++)
|
|
{
|
|
WORD UNALIGNED * pPropInfo = (WORD UNALIGNED *)(HeapPtr+sizeof(DWORD)+pPropLookup[1]);
|
|
dprintf(" %08x %08x %s %08x %04x %08x %08x\n",
|
|
pPropLookup[0],pPropLookup[1],
|
|
HeapPtr+pPropLookup[0]+1+sizeof(DWORD),
|
|
*((DWORD UNALIGNED *)pPropInfo),
|
|
*(pPropInfo+2),
|
|
*(DWORD UNALIGNED *)(pPropInfo+3),
|
|
*(DWORD UNALIGNED *)(pPropInfo+5));
|
|
pPropLookup += 2;
|
|
}
|
|
DWORD dwHeapSize_ClassPart = (*((DWORD UNALIGNED *)HeapPtr))&0x7FFFFFFF;
|
|
dprintf(" Heap %p size %08x\n",HeapPtr_OOP,dwHeapSize_ClassPart);
|
|
|
|
dprintf(" method_Part\n");
|
|
BYTE * pMethodPart = HeapPtr + sizeof(DWORD) + dwHeapSize_ClassPart;
|
|
BYTE * pMethodPart_OOP = HeapPtr_OOP + sizeof(DWORD) + dwHeapSize_ClassPart;
|
|
|
|
DWORD dwSizeMethodPart = *((DWORD UNALIGNED *)pMethodPart);
|
|
DWORD NumMethods = *((DWORD UNALIGNED *)(pMethodPart+sizeof(DWORD)));
|
|
BYTE * pMethodDescription= pMethodPart + 2*sizeof(DWORD);
|
|
BYTE * pMethodDescription_OOP = pMethodPart_OOP + 2*sizeof(DWORD);
|
|
|
|
//BYTE * pHeapMethod_OOP = ;
|
|
dprintf(" num_methods : %08x\n",NumMethods);
|
|
dprintf(" methods_descr : %p\n",pMethodDescription_OOP);
|
|
//dprintf(" heap : %p\n");
|
|
|
|
BYTE * pCombinedPart = pMethodPart + dwSizeMethodPart;
|
|
BYTE * pCombinedPart_OOP = pMethodPart_OOP + dwSizeMethodPart;
|
|
|
|
if (IsInstance)
|
|
{
|
|
dprintf(" instance\n");
|
|
|
|
DWORD dwHeapSize = 4 + (*((DWORD UNALIGNED *)HeapPtr)) & 0x7fffffff;
|
|
//BYTE * HeapPtr_OOP
|
|
BYTE * pInstancePart = HeapPtr+dwHeapSize;
|
|
BYTE * pInstancePart_OOP = HeapPtr_OOP+dwHeapSize;
|
|
|
|
DWORD dwSize = *((DWORD UNALIGNED *)pInstancePart);
|
|
pInstancePart += sizeof(DWORD);
|
|
BYTE IFlag = *pInstancePart;
|
|
pInstancePart++;
|
|
DWORD dwClassNameOffset = *((DWORD UNALIGNED *)pInstancePart);
|
|
pInstancePart += sizeof(DWORD);
|
|
|
|
BYTE * pDataTable = pInstancePart;
|
|
BYTE * pDataTable_OOP = pInstancePart_OOP + 2*sizeof(DWORD) + sizeof(BYTE);
|
|
|
|
DWORD NumBytedNullNess = ((NumProps*2)%8)?(1+((NumProps*2)/8)):((NumProps*2)/8);
|
|
BYTE * pDataTableData = pInstancePart + NumBytedNullNess;
|
|
BYTE * pDataTableData_OOP = pDataTable_OOP + NumBytedNullNess;
|
|
|
|
pInstancePart += NullDefaultSize; // this is crucial
|
|
|
|
BYTE * pQualSet = pInstancePart;
|
|
BYTE * pQualSet_OOP = pDataTable_OOP + NullDefaultSize;
|
|
DWORD dwQualSetSize = *((DWORD UNALIGNED *)pQualSet);
|
|
pInstancePart += dwQualSetSize;
|
|
|
|
BYTE * pQualSetList = pInstancePart;
|
|
BYTE * pInstanceHeap;
|
|
BYTE * pInstanceHeap_OOP;
|
|
if (0x01 == *pQualSetList)
|
|
{
|
|
// empty qual set OK
|
|
pInstancePart++;
|
|
pInstanceHeap = pInstancePart;
|
|
pInstanceHeap_OOP = pQualSet_OOP+dwQualSetSize+sizeof(BYTE);
|
|
}
|
|
else if (0x02 == *pQualSetList)
|
|
{
|
|
// multiple qualifier set
|
|
dprintf("unimplemented");
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
// invalid qualset
|
|
}
|
|
|
|
|
|
//NullDefaultSize
|
|
|
|
dprintf(" begin %p\n",pInstancePart_OOP);
|
|
dprintf(" data_table: null %p data %p\n",pDataTable_OOP,pDataTableData_OOP);
|
|
dprintf(" qual_set %p\n",pQualSet_OOP);
|
|
dprintf(" heap %p\n",pInstanceHeap_OOP);
|
|
}
|
|
else
|
|
{
|
|
dprintf(" class_and_method\n");
|
|
|
|
dprintf(" start : %p\n",pCombinedPart_OOP);
|
|
|
|
}
|
|
}
|
|
|
|
DECLARE_API(blob)
|
|
{
|
|
INIT_API();
|
|
|
|
char * pArgs = (char *)_alloca(strlen(args)+1);
|
|
lstrcpy(pArgs,args);
|
|
|
|
ULONG_PTR pByte = 0;
|
|
ULONG_PTR Size = 0;
|
|
|
|
while (isspace(*pArgs)) pArgs++;
|
|
char * pAddress = pArgs;
|
|
//dprintf("%s %s\n",pAddress,pArgs);
|
|
// skip good chars
|
|
while(*pArgs && !isspace(*pArgs)) pArgs++;
|
|
|
|
if(*pArgs) // if there are more chars
|
|
{
|
|
*pArgs = 0; //terminate string
|
|
pArgs++;
|
|
// skip spaces
|
|
while(isspace(*pArgs)) pArgs++;
|
|
if (*pArgs)
|
|
{
|
|
//dprintf("%s\n",pArgs);
|
|
Size = GetExpression(pArgs);
|
|
}
|
|
}
|
|
|
|
pByte = GetExpression(pAddress);
|
|
if (pByte)
|
|
{
|
|
if (Size)
|
|
{
|
|
BYTE * pHereMem = (BYTE *)HeapAlloc(GetProcessHeap(),0,Size*2);
|
|
if (ReadMemory(pByte,pHereMem,Size*2,0))
|
|
{
|
|
//dprintf(" object @ %p size %x\n",pByte,Size);
|
|
ParseBlob(pHereMem,pByte);
|
|
}
|
|
else
|
|
{
|
|
dprintf("RM %p\n",pByte);
|
|
}
|
|
HeapFree(GetProcessHeap(),0,pHereMem);
|
|
}
|
|
else
|
|
{
|
|
HEAP_ENTRY HeapEntry;
|
|
if (ReadMemory(pByte-(sizeof(HEAP_ENTRY)),&HeapEntry,sizeof(HEAP_ENTRY),0))
|
|
{
|
|
Size = HeapEntry.Size*sizeof(HEAP_ENTRY);
|
|
|
|
BYTE * pHereMem = (BYTE *)HeapAlloc(GetProcessHeap(),0,Size);
|
|
if (ReadMemory(pByte,pHereMem,Size,0))
|
|
{
|
|
ParseBlob(pHereMem,pByte);
|
|
}
|
|
else
|
|
{
|
|
dprintf("RM %p\n",pByte);
|
|
}
|
|
HeapFree(GetProcessHeap(),0,pHereMem);
|
|
}
|
|
else
|
|
{
|
|
dprintf("RM %p\n",pByte);
|
|
}
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
|
|
DECLARE_API(datap)
|
|
{
|
|
INIT_API();
|
|
|
|
ULONG_PTR Addr = GetExpression(args);
|
|
if (Addr)
|
|
{
|
|
|
|
DWORD dwSize = 256; // and let's hope
|
|
//sizeof(WBEM_DATAPACKET_HEADER) +
|
|
//sizeof(WBEM_DATAPACKET_SMARTENUM_NEXT) +
|
|
//sizeof(WBEM_DATAPACKET_OBJECT_ARRAY) +
|
|
//sizeof(WBEM_DATAPACKET_OBJECT_HEADER);
|
|
WBEM_DATAPACKET_HEADER * pData = (WBEM_DATAPACKET_HEADER *)_alloca(dwSize);
|
|
if (ReadMemory(Addr,pData,dwSize,NULL))
|
|
{
|
|
dprintf(" Order %08x\n",pData->dwByteOrdering);
|
|
dprintf(" Header %08x DSize %08x Flags %08x %02x ",
|
|
pData->dwSizeOfHeader,
|
|
pData->dwDataSize,
|
|
pData->dwFlags,
|
|
pData->bVersion);
|
|
switch(pData->bPacketType)
|
|
{
|
|
case WBEM_DATAPACKETTYPE_OBJECTSINK_INDICATE:
|
|
{
|
|
dprintf("WBEM_DATAPACKETTYPE_OBJECTSINK_INDICATE\n");
|
|
|
|
WBEM_DATAPACKET_OBJECTSINK_INDICATE UNALIGNED * pIndicate = (WBEM_DATAPACKET_OBJECTSINK_INDICATE UNALIGNED *)((BYTE *)pData + pData->dwSizeOfHeader);
|
|
dprintf(" Header %08x Size %08x\n",pIndicate->dwSizeOfHeader,pIndicate->dwDataSize);
|
|
|
|
WBEM_DATAPACKET_OBJECT_ARRAY UNALIGNED * pArrayPacket = (WBEM_DATAPACKET_OBJECT_ARRAY UNALIGNED *)((BYTE * )pIndicate+pIndicate->dwSizeOfHeader);
|
|
dprintf(" Header %08x Size %08x NumObj %08x\n",
|
|
pArrayPacket->dwSizeOfHeader,
|
|
pArrayPacket->dwDataSize,
|
|
pArrayPacket->dwNumObjects);
|
|
|
|
WBEM_DATAPACKET_OBJECT_HEADER UNALIGNED * pObjHeader = (WBEM_DATAPACKET_OBJECT_HEADER UNALIGNED *)((BYTE*)pArrayPacket+pArrayPacket->dwSizeOfHeader);
|
|
dprintf(" Header %08x dwSizeOfData %08x bObjectType ",pObjHeader->dwSizeOfHeader,pObjHeader->dwSizeOfData);
|
|
|
|
switch(pObjHeader->bObjectType)
|
|
{
|
|
case WBEMOBJECT_NONE:
|
|
dprintf("WBEMOBJECT_NONE\n");
|
|
break;
|
|
case WBEMOBJECT_CLASS_FULL:
|
|
dprintf("WBEMOBJECT_CLASS_FULL\n");
|
|
break;
|
|
case WBEMOBJECT_INSTANCE_FULL:
|
|
dprintf("WBEMOBJECT_INSTANCE_FULL\n");
|
|
break;
|
|
case WBEMOBJECT_INSTANCE_NOCLASS:
|
|
dprintf("WBEMOBJECT_INSTANCE_NOCLASS\n");
|
|
break;
|
|
};
|
|
|
|
dprintf(" data: %p\n",Addr+pData->dwSizeOfHeader+pIndicate->dwSizeOfHeader+pArrayPacket->dwSizeOfHeader+pObjHeader->dwSizeOfHeader);
|
|
}
|
|
break;
|
|
case WBEM_DATAPACKETTYPE_SMARTENUM_NEXT:
|
|
{
|
|
dprintf("WBEM_DATAPACKETTYPE_SMARTENUM_NEXT\n");
|
|
|
|
WBEM_DATAPACKET_SMARTENUM_NEXT UNALIGNED * pSNext = (WBEM_DATAPACKET_SMARTENUM_NEXT UNALIGNED *)((BYTE *)pData + pData->dwSizeOfHeader);
|
|
dprintf(" Header %08x dwDataSize %08x\n",pSNext->dwSizeOfHeader,pSNext->dwDataSize);
|
|
|
|
WBEM_DATAPACKET_OBJECT_ARRAY UNALIGNED * pArrayPacket = (WBEM_DATAPACKET_OBJECT_ARRAY UNALIGNED *)((BYTE * )pSNext+pSNext->dwSizeOfHeader);
|
|
dprintf(" Header %08x Size %08x NumObj %08x\n",
|
|
pArrayPacket->dwSizeOfHeader,
|
|
pArrayPacket->dwDataSize,
|
|
pArrayPacket->dwNumObjects);
|
|
|
|
WBEM_DATAPACKET_OBJECT_HEADER UNALIGNED * pObjHeader = (WBEM_DATAPACKET_OBJECT_HEADER UNALIGNED *)((BYTE*)pArrayPacket+pArrayPacket->dwSizeOfHeader);
|
|
dprintf(" Header %08x dwSizeOfData %08x bObjectType ",pObjHeader->dwSizeOfHeader,pObjHeader->dwSizeOfData);
|
|
|
|
switch(pObjHeader->bObjectType)
|
|
{
|
|
case WBEMOBJECT_NONE:
|
|
dprintf("WBEMOBJECT_NONE\n");
|
|
break;
|
|
case WBEMOBJECT_CLASS_FULL:
|
|
dprintf("WBEMOBJECT_CLASS_FULL\n");
|
|
break;
|
|
case WBEMOBJECT_INSTANCE_FULL:
|
|
dprintf("WBEMOBJECT_INSTANCE_FULL\n");
|
|
break;
|
|
case WBEMOBJECT_INSTANCE_NOCLASS:
|
|
dprintf("WBEMOBJECT_INSTANCE_NOCLASS\n");
|
|
break;
|
|
};
|
|
|
|
dprintf(" data: %p\n",Addr+pData->dwSizeOfHeader+pSNext->dwSizeOfHeader+pArrayPacket->dwSizeOfHeader+pObjHeader->dwSizeOfHeader);
|
|
}
|
|
break;
|
|
case WBEM_DATAPACKETTYPE_UNBOUNDSINK_INDICATE:
|
|
{
|
|
dprintf("WBEM_DATAPACKETTYPE_UNBOUNDSINK_INDICATE\n");
|
|
WBEM_DATAPACKET_UNBOUNDSINK_INDICATE UNALIGNED * pUnBoundI = (WBEM_DATAPACKET_UNBOUNDSINK_INDICATE UNALIGNED *)((BYTE *)pData + pData->dwSizeOfHeader);
|
|
dprintf(" Header %08x dwDataSize %08x dwLogicalConsumerSize %08x\n",pUnBoundI->dwSizeOfHeader,pUnBoundI->dwDataSize,pUnBoundI->dwLogicalConsumerSize);
|
|
|
|
}
|
|
break;
|
|
case WBEM_DATAPACKETTYPE_MULTITARGET_DELIVEREVENT:
|
|
{
|
|
dprintf("WBEM_DATAPACKETTYPE_MULTITARGET_DELIVEREVENT\n");
|
|
WBEM_DATAPACKET_MULTITARGET_DELIVEREVENT UNALIGNED * pMultiTgtEvt = (WBEM_DATAPACKET_MULTITARGET_DELIVEREVENT UNALIGNED *)((BYTE*)pData + pData->dwSizeOfHeader);
|
|
dprintf(" Header %08x dwDataSize %08x\n",pMultiTgtEvt->dwSizeOfHeader,pMultiTgtEvt->dwDataSize);
|
|
|
|
WBEM_DATAPACKET_OBJECT_ARRAY UNALIGNED * pArrayPacket = (WBEM_DATAPACKET_OBJECT_ARRAY UNALIGNED *)((BYTE * )pMultiTgtEvt+pMultiTgtEvt->dwSizeOfHeader);
|
|
dprintf(" Header %08x Size %08x NumObj %08x\n",
|
|
pArrayPacket->dwSizeOfHeader,
|
|
pArrayPacket->dwDataSize,
|
|
pArrayPacket->dwNumObjects);
|
|
|
|
WBEM_DATAPACKET_OBJECT_HEADER UNALIGNED * pObjHeader = (WBEM_DATAPACKET_OBJECT_HEADER UNALIGNED *)((BYTE*)pArrayPacket+pArrayPacket->dwSizeOfHeader);
|
|
dprintf(" Header %08x dwSizeOfData %08x bObjectType ",pObjHeader->dwSizeOfHeader,pObjHeader->dwSizeOfData);
|
|
|
|
switch(pObjHeader->bObjectType)
|
|
{
|
|
case WBEMOBJECT_NONE:
|
|
dprintf("WBEMOBJECT_NONE\n");
|
|
break;
|
|
case WBEMOBJECT_CLASS_FULL:
|
|
dprintf("WBEMOBJECT_CLASS_FULL\n");
|
|
break;
|
|
case WBEMOBJECT_INSTANCE_FULL:
|
|
dprintf("WBEMOBJECT_INSTANCE_FULL\n");
|
|
break;
|
|
case WBEMOBJECT_INSTANCE_NOCLASS:
|
|
dprintf("WBEMOBJECT_INSTANCE_NOCLASS\n");
|
|
break;
|
|
};
|
|
|
|
}
|
|
break;
|
|
case WBEM_DATAPACKETTYPE_LAST:
|
|
dprintf("WBEM_DATAPACKETTYPE_LAST\n");
|
|
break;
|
|
}
|
|
|
|
}
|
|
else
|
|
{
|
|
dprintf("RM %p\n",Addr);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
dprintf("unable to resolve %s\n",args);
|
|
}
|
|
}
|
|
|
|
|
|
|