Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

320 lines
9.1 KiB

/*++
Copyright (c) 2000-2002 Microsoft Corporation
Module Name:
HoyleGames.cpp
Abstract:
All Hoyle apps have one common problem and that is a hard
coded "C:\" in its data section of the image.The apps crash
because of this if installed and run from any other drive
other than C:\.
This shim goes through the image of the app searching
for the hardcoded string and replaces them if found. This
shim replaces all the existing app specific shims for
Hoyle Games.
This is an app specific shim.
History:
04/17/2001 Prashkud Created
--*/
#include "precomp.h"
IMPLEMENT_SHIM_BEGIN(HoyleGames)
#include "ShimHookMacro.h"
APIHOOK_ENUM_BEGIN
APIHOOK_ENUM_ENTRY(GetPrivateProfileStringA)
APIHOOK_ENUM_END
// Max Virtual address replacements in all sections
#define MAX_VA 50
// Global array to hold the replacement VA
DWORD g_ReplaceVA[MAX_VA];
// Replacement count
int g_ReplaceCnt;
/*++
Parse the Section and fill in the location index into the
SECTION structure. This function also fills in the number
of occurences of the hard-coded "C:\" string in this section.
--*/
BOOL
GetReplacementLocations(
DWORD dwSecPtr,
DWORD dwSize
)
{
BYTE *pbFilePtr = (BYTE*)dwSecPtr;
BOOL bRet = FALSE;
for (DWORD i = 0; i < dwSize - 2 && g_ReplaceCnt < MAX_VA; i++)
{
if ((BYTE)*(pbFilePtr + i) == 'c')
{
if((BYTE)*(pbFilePtr + i + 1) == ':' &&
(BYTE)*(pbFilePtr + i + 2) == '\\')
{
g_ReplaceVA[g_ReplaceCnt++] = dwSecPtr + i;
bRet = TRUE;
}
}
}
return bRet;
}
/*++
This function loops through each section looking for a Initialized Data
section. Once it gets the Initialized Data section, it calls the helper
function GetReplacementLocations() to get the offset from the base of the
section. It then calculates the Virtual Address at which the replacement
should occur.
--*/
BOOL
GetInitializedDataSection()
{
PIMAGE_NT_HEADERS NtHeader;
PIMAGE_FILE_HEADER FileHeader;
PIMAGE_OPTIONAL_HEADER OptionalHeader;
PIMAGE_SECTION_HEADER NtSection;
DWORD dwSectionVA = 0, dwSize = 0;
BOOL bRet = FALSE;
// Get the module base address
PUCHAR Base = (PUCHAR)GetModuleHandle(NULL);
if ((ULONG_PTR)Base & 0x00000001)
{
Base = (PUCHAR)((ULONG_PTR)Base & ~0x1);
}
NtHeader = RtlpImageNtHeader(Base);
if (NtHeader)
{
FileHeader = &NtHeader->FileHeader;
OptionalHeader = &NtHeader->OptionalHeader;
}
else
{
// Handle case where Image passed in doesn't have a dos stub (ROM images for instance);
FileHeader = (PIMAGE_FILE_HEADER)Base;
OptionalHeader = (PIMAGE_OPTIONAL_HEADER) ((ULONG_PTR)Base + IMAGE_SIZEOF_FILE_HEADER);
}
NtSection = (PIMAGE_SECTION_HEADER)((ULONG_PTR)OptionalHeader +
FileHeader->SizeOfOptionalHeader);
for (DWORD i=0; i<FileHeader->NumberOfSections; i++)
{
// Check whether the section is a Initialized Data Section
if (NtSection->Characteristics & IMAGE_SCN_CNT_INITIALIZED_DATA)
{
// Size of the Section to search
dwSize = NtSection->SizeOfRawData;
// Get the Section's Virtual address
dwSectionVA = (DWORD)(Base + NtSection->VirtualAddress);
__try
{
if(GetReplacementLocations(dwSectionVA, dwSize))
{
bRet = TRUE;
}
DPFN( eDbgLevelError, "Replacing was successful");
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
DPFN( eDbgLevelError, "Replacing crashed");
goto Exit;
}
}
++NtSection;
}
return bRet;
Exit:
return FALSE;
}
/*++
This function hooks GetVersion (called early on by Hoyle Board Games)
and replaces the hard coded 'c's with the correct install drive letter
that it looks up in the registry.
It uses g_HoyleWordGames_bPatched to patch only once.
--*/
BOOL
NOTIFY_FUNCTION(
DWORD fdwReason
)
{
if (fdwReason == SHIM_STATIC_DLLS_INITIALIZED)
{
CHAR szProgFilesDir[MAX_PATH]; // Added by Noah Young on 1/26/01
DWORD cch = ARRAYSIZE(szProgFilesDir);
HKEY hKey = 0;
DWORD dwOldProtect = 0;
// Fix problem where Program Files dir isn't on same drive as BOARD3.EXE
if( ERROR_SUCCESS == RegOpenKeyExA(HKEY_LOCAL_MACHINE,
"SOFTWARE\\Microsoft\\Windows\\CurrentVersion",
0,
KEY_QUERY_VALUE,
&hKey) )
{
if( ERROR_SUCCESS == RegQueryValueExA(hKey,
"ProgramFilesDir",
NULL,
NULL, // REG_SZ
(LPBYTE)szProgFilesDir,
&cch) )
{
// Scan the image's initialized data section....
char szModule[MAX_PATH];
cch = GetModuleFileNameA(NULL, szModule, ARRAYSIZE(szModule));
if( cch > 0 && cch < ARRAYSIZE(szModule) )
{
// Get the Virtual adresses that need to be replaced
if(GetInitializedDataSection())
{
long PATCH_LENGTH = g_ReplaceVA[ g_ReplaceCnt - 1] - g_ReplaceVA[0] + 1;
// Make the memory page writable
if( VirtualProtect( (PVOID) g_ReplaceVA[0],
PATCH_LENGTH,
PAGE_READWRITE,
&dwOldProtect ) )
{
for (int i=0; i< g_ReplaceCnt; i++)
{
// Make sure it's what we expect
if( 'c' == *((CHAR*) g_ReplaceVA[i]) )
{
if (i==0)
{
*((CHAR*) g_ReplaceVA[i]) = szProgFilesDir[0];
}
else
{
*((CHAR*) g_ReplaceVA[i]) = szModule[0];
}
}
}
}
} else {
DPFN( eDbgLevelError, "No patching done!");
}
} else {
DPFN( eDbgLevelError, "GetModuleFileNameA failed!");
}
} else {
DPFN( eDbgLevelError, "Failed to query \"ProgramFilesDir\"!");
}
RegCloseKey(hKey);
} else {
DPFN( eDbgLevelError, "Failed to open key \"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\"!");
}
}
return TRUE;
}
/*++
Very specific hack to return a good FaceMaker path, so the app doesn't fail
when it is installed on the wrong drive.
--*/
DWORD
APIHOOK(GetPrivateProfileStringA)(
LPCSTR lpAppName,
LPCSTR lpKeyName,
LPCSTR lpDefault,
LPSTR lpReturnedString,
DWORD nSize,
LPCSTR lpFileName
)
{
CSTRING_TRY
{
CString csApp = lpAppName;
CString csKey = lpKeyName;
CString csFile = lpFileName;
if ((csApp.Compare(L"Settings") == 0) &&
(csKey.Compare(L"FaceMakerPath") == 0) &&
(csFile.Find(L"CARDGAME.INI") > -1)) {
DWORD dwRet = ORIGINAL_API(GetPrivateProfileStringA)(lpAppName, lpKeyName,
lpDefault, lpReturnedString, nSize, lpFileName);
if (!dwRet) {
// Substitute the right path
CString csPath = L"%ProgramFiles%\\WON\\FaceMaker";
csPath.ExpandEnvironmentStringsW();
if (lpReturnedString && ((int)nSize > csPath.GetLength())) {
LOGN(eDbgLevelError, "[GetPrivateProfileStringA] Forced correct FaceMaker path");
strncpy(lpReturnedString, csPath.GetAnsi(), nSize);
dwRet = csPath.GetLength();
}
}
return dwRet;
}
}
CSTRING_CATCH
{
// fall through
}
return ORIGINAL_API(GetPrivateProfileStringA)(lpAppName, lpKeyName,
lpDefault, lpReturnedString, nSize, lpFileName);
}
/*++
Register hooked functions
--*/
HOOK_BEGIN
CALL_NOTIFY_FUNCTION
APIHOOK_ENTRY(KERNEL32.DLL, GetPrivateProfileStringA)
HOOK_END
IMPLEMENT_SHIM_END