archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/base/screg/sc/ntsdexts/scexts.cxx

1497 lines
46 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1993 Microsoft Corporation
  5. Module Name:
  7. scexts.cxx
  9. Abstract:
  11. This function contains the eventlog ntsd debugger extensions
  13. Each DLL entry point is called with a handle to the process being
  14. debugged, as well as pointers to functions.
  16. This process cannot just _read data in the process being debugged.
  17. Therefore, some macros are defined that will copy data from
  18. the debuggee process into a location in this processes memory.
  19. The GET_DATA and GET_STRING macros (defined in this file) are used
  20. to _read memory in the process being debugged. The DebuggeeAddr is the
  21. address of the memory in the debuggee process. The LocalAddr is the
  22. address of memory in the debugger (this programs context) that data is
  23. to be copied into. Length describes the number of bytes to be copied.
  26. Author:
  28. Dan Lafferty (DanL) 12-Aug-1993
  30. Revision History:
  32. --*/
  34. #include <nt.h>
  35. #include <ntrtl.h>
  36. #include <nturtl.h>
  37. #include <windows.h>
  38. #include <ntsdexts.h>
  39. #include <stdio.h>
  40. #include <stdlib.h>
  41. #include <string.h>
  42. #include <malloc.h>
  43. #include <time.h>
  44. #include <winsvc.h>
  45. #include <dataman.h>
  46. #include <tstr.h>
  48. //#define DbgPrint(_x_) (lpOutputRoutine) _x_
  49. #define DbgPrint(_x_)
  50. #define MAX_NAME 256
  51. #define printf (lpOutputRoutine)
  53. #define GET_DATA(DebugeeAddr, LocalAddr, Length) \
  54. Status = ReadProcessMemory( \
  55. GlobalhCurrentProcess, \
  56. (LPVOID)DebugeeAddr, \
  57. LocalAddr, \
  58. Length, \
  59. NULL \
  60. );
  61. //
  62. // This macro copies a string from the debuggee
  63. // process, one character at a time into this
  64. // process's address space.
  65. //
  66. // CODEWORK: This macro should check the length
  67. // to make sure we don't overflow the LocalAddr
  68. // buffer. Perhaps this should be a function
  69. // rather than a macro.
  70. //
  71. #define GET_STRING(DebugeeAddr, LocalAddr, Length) \
  72. \
  73. { \
  74. WCHAR UnicodeChar; \
  75. LPWSTR pDest; \
  76. LPWSTR pSource; \
  77. pDest = LocalAddr; \
  78. pSource = DebugeeAddr; \
  79. do { \
  80. \
  81. Status = ReadProcessMemory( \
  82. GlobalhCurrentProcess, \
  83. (LPVOID)pSource, \
  84. &UnicodeChar, \
  85. sizeof(WCHAR), \
  86. NULL \
  87. ); \
  88. \
  89. *pDest = UnicodeChar; \
  90. pDest++; \
  91. pSource++; \
  92. } while (UnicodeChar != L'\0');}
  94. //=======================
  95. // Function Prototypes
  96. //=======================
  97. PNTSD_OUTPUT_ROUTINE lpOutputRoutine;
  98. PNTSD_GET_EXPRESSION lpGetExpressionRoutine;
  99. PNTSD_CHECK_CONTROL_C lpCheckControlCRoutine;
  101. VOID
  102. BackDepend(
  103. HANDLE hCurrentProcess,
  104. HANDLE hCurrentThread,
  105. DWORD dwCurrentPc,
  106. PNTSD_EXTENSION_APIS lpExtensionApis,
  107. LPSTR lpArgumentString
  108. );
  110. VOID
  111. DumpFwdDependentNames(
  112. LPSERVICE_RECORD pServiceRecord
  113. );
  115. VOID
  116. DumpBkwdDependentNames(
  117. LPSERVICE_RECORD pServiceRecord
  118. );
  120. LPIMAGE_RECORD
  121. DumpImageRecord(
  122. HANDLE hCurrentProcess,
  123. LPIMAGE_RECORD pImageRecord,
  124. LPDWORD NumBytes, // number of bytes in GroupRecord.
  125. BOOL JustSizeInfo
  126. );
  128. LPLOAD_ORDER_GROUP
  129. DumpGroupRecord(
  130. HANDLE hCurrentProcess,
  131. LPLOAD_ORDER_GROUP pGroupRecord,
  132. LPDWORD NumBytes, // number of bytes in GroupRecord.
  133. BOOL JustSizeInfo
  134. );
  136. LPSERVICE_RECORD
  137. DumpServiceRecord(
  138. HANDLE hCurrentProcess,
  139. LPSERVICE_RECORD pServiceRecord,
  140. LPDWORD NumBytes, // number of bytes in ServiceRecord.
  141. LPDWORD NumDependBytes, // number of bytes in DependRecords.
  142. BOOL JustSizeInfo
  143. );
  145. BOOL
  146. FindServiceRecordByName(
  147. LPSTR ServiceName,
  148. LPSERVICE_RECORD *pServiceRecord
  149. );
  151. VOID
  152. GetDependTreeSize(
  153. LPSERVICE_RECORD pServiceRecord,
  154. LPDWORD pNumDependStructs,
  155. LPDWORD pNumBytes,
  156. BOOL StartDepend
  157. );
  159. BOOL
  160. ConvertToUnicode(
  161. OUT LPWSTR *UnicodeOut,
  162. IN LPSTR AnsiIn
  163. );
  165. HANDLE GlobalhCurrentProcess;
  166. BOOL Status;
  168. //
  169. // Initialize the global function pointers
  170. //
  172. VOID
  173. InitFunctionPointers(
  174. HANDLE hCurrentProcess,
  175. PNTSD_EXTENSION_APIS lpExtensionApis
  176. )
  177. {
  178. //
  179. // Load these to speed access if we haven't already
  180. //
  182. if (!lpOutputRoutine) {
  183. lpOutputRoutine = lpExtensionApis->lpOutputRoutine;
  184. lpGetExpressionRoutine = lpExtensionApis->lpGetExpressionRoutine;
  185. lpCheckControlCRoutine = lpExtensionApis->lpCheckControlCRoutine;
  186. }
  188. //
  189. // Stick this in a global
  190. //
  192. GlobalhCurrentProcess = hCurrentProcess;
  193. }
  195. VOID
  196. ServiceRecord(
  197. HANDLE hCurrentProcess,
  198. HANDLE hCurrentThread,
  199. DWORD dwCurrentPc,
  200. PNTSD_EXTENSION_APIS lpExtensionApis,
  201. LPSTR lpArgumentString
  202. )
  203. /*++
  204. Routine Description:
  205. Dump Service Records.
  207. Arguments:
  208. hCurrentProcess - Handle for the process being debugged.
  210. hCurrentThread - Handle for the thread that has the debugger focus.
  212. dwCurrentPc - Current Program Counter?
  214. lpExtensionApis - Pointer to a structure that contains pointers to
  215. various routines. (see \nt\public\sdk\inc\ntsdexts.h)
  216. typedef struct _NTSD_EXTENSION_APIS {
  217. DWORD nSize;
  218. PNTSD_OUTPUT_ROUTINE lpOutputRoutine;
  219. PNTSD_GET_EXPRESSION lpGetExpressionRoutine;
  220. PNTSD_GET_SYMBOL lpGetSymbolRoutine;
  221. PNTSD_DISASM lpDisasmRoutine;
  222. PNTSD_CHECK_CONTROL_C lpCheckControlCRoutine;
  223. } NTSD_EXTENSION_APIS, *PNTSD_EXTENSION_APIS;
  225. lpArgumentString - This is a pointer to a string that contains
  226. space seperated arguments that are passed to debugger
  227. extension function.
  229. Return Value:
  230. none
  232. --*/
  233. {
  234. DWORD pDatabaseAnchor;
  235. SERVICE_RECORD ServiceRecord;
  236. LPSERVICE_RECORD pServiceRecord;
  237. DWORD numBytes=0;
  238. DWORD numDependBytes=0;
  239. DWORD numEntries=0;
  240. LPSTR pToken;
  242. InitFunctionPointers(hCurrentProcess, lpExtensionApis);
  244. printf("ArgumentString = %s\n\n",lpArgumentString);
  246. //
  247. // Get the address of the top of the Service Database.
  248. //
  249. pDatabaseAnchor = (lpGetExpressionRoutine)("ServiceDatabase");
  251. //
  252. // Get the first service record.
  253. // This is a dummy record that points to the first real record.
  254. //
  255. GET_DATA(pDatabaseAnchor, &ServiceRecord, sizeof(ServiceRecord))
  256. pServiceRecord = ServiceRecord.Next;
  258. if (_strnicmp(lpArgumentString, "mem", 3) == 0) {
  259. //--------------------------------------
  260. // Dump Memory Usage only.
  261. //--------------------------------------
  262. do {
  263. pServiceRecord = DumpServiceRecord(
  264. hCurrentProcess,
  265. pServiceRecord,
  266. &numBytes,
  267. &numDependBytes,
  268. TRUE);
  269. numEntries++;
  270. } while (pServiceRecord != NULL);
  271. printf("NumSRBytes = %d NumDependBytes = %d\n",numBytes,numDependBytes);
  272. printf("NumEntries = %d\n",numEntries);
  273. }
  275. else if (_strnicmp(lpArgumentString, "name=", 5) == 0) {
  276. //--------------------------------------
  277. // Find a particular Service Record
  278. // based on Name.
  279. //--------------------------------------
  280. pToken = strtok(lpArgumentString+6," ,\t\n");
  281. if (pToken == NULL) {
  282. printf("A Name was not given\n");
  283. return;
  284. }
  285. if (FindServiceRecordByName(pToken, &pServiceRecord)) {
  286. pServiceRecord = DumpServiceRecord(
  287. hCurrentProcess,
  288. pServiceRecord,
  289. &numBytes,
  290. &numDependBytes,
  291. FALSE);
  292. printf("NumSRBytes = %d NumDependBytes = %d\n",numBytes,numDependBytes);
  293. printf("NumEntries = %d\n",1);
  294. }
  295. else {
  296. printf("No service record found for \"%s\"\n", pToken);
  297. }
  298. }
  299. else if (_strnicmp(lpArgumentString, "address=", 8) == 0) {
  300. //--------------------------------------
  301. // Find a particular Service Record
  302. // based on Address.
  303. //--------------------------------------
  304. pToken = strtok(lpArgumentString+9," ,\t\n");
  305. if (pToken == NULL) {
  306. printf("An Address was not given\n");
  307. return;
  308. }
  309. else {
  310. LPSERVICE_RECORD ServiceAddress;
  311. LPSTR pMore;
  313. ServiceAddress = (LPSERVICE_RECORD)strtoul(pToken, &pMore, 16);
  314. printf("pToken = %s\n",pToken);
  315. printf("strtoul on Service Address yields %d(decimal) %x(hex)\n",
  316. ServiceAddress, ServiceAddress);
  318. pServiceRecord = DumpServiceRecord(
  319. hCurrentProcess,
  320. ServiceAddress,
  321. &numBytes,
  322. &numDependBytes,
  323. FALSE);
  325. printf("NumSRBytes = %d NumDependBytes = %d\n",numBytes,numDependBytes);
  326. printf("NumEntries = %d\n",1);
  327. }
  328. }
  329. else {
  330. //--------------------------------------
  331. // Dump All Service Records.
  332. //--------------------------------------
  333. do {
  334. pServiceRecord = DumpServiceRecord(
  335. hCurrentProcess,
  336. pServiceRecord,
  337. &numBytes,
  338. &numDependBytes,
  339. FALSE);
  340. numEntries++;
  341. } while (pServiceRecord != NULL);
  342. printf("NumSRBytes = %d NumDependBytes = %d\n",numBytes,numDependBytes);
  343. printf("NumEntries = %d\n",numEntries);
  344. }
  345. return;
  346. }
  348. VOID
  349. Dependencies(
  350. HANDLE hCurrentProcess,
  351. HANDLE hCurrentThread,
  352. DWORD dwCurrentPc,
  353. PNTSD_EXTENSION_APIS lpExtensionApis,
  354. LPSTR lpArgumentString
  355. )
  356. /*++
  357. Routine Description:
  358. Dump Service Record Dependencies.
  360. Arguments:
  361. hCurrentProcess - Handle for the process being debugged.
  363. hCurrentThread - Handle for the thread that has the debugger focus.
  365. dwCurrentPc - Current Program Counter?
  367. lpExtensionApis - Pointer to a structure that contains pointers to
  368. various routines. (see \nt\public\sdk\inc\ntsdexts.h)
  369. typedef struct _NTSD_EXTENSION_APIS {
  370. DWORD nSize;
  371. PNTSD_OUTPUT_ROUTINE lpOutputRoutine;
  372. PNTSD_GET_EXPRESSION lpGetExpressionRoutine;
  373. PNTSD_GET_SYMBOL lpGetSymbolRoutine;
  374. PNTSD_DISASM lpDisasmRoutine;
  375. PNTSD_CHECK_CONTROL_C lpCheckControlCRoutine;
  376. } NTSD_EXTENSION_APIS, *PNTSD_EXTENSION_APIS;
  378. lpArgumentString - This is a pointer to a string that contains
  379. space seperated arguments that are passed to debugger
  380. extension function.
  382. Return Value:
  383. none
  385. --*/
  386. {
  387. DWORD pDatabaseAnchor;
  388. SERVICE_RECORD ServiceRecord;
  389. LPSERVICE_RECORD pServiceRecord;
  390. DWORD numBytes=0;
  391. DWORD numEntries=0;
  392. LPSTR pToken;
  394. InitFunctionPointers(hCurrentProcess, lpExtensionApis);
  396. printf("ArgumentString = %s\n\n",lpArgumentString);
  398. //
  399. // Get the address of the top of the Service Database.
  400. //
  401. pDatabaseAnchor = (lpGetExpressionRoutine)("ServiceDatabase");
  403. //
  404. // Get the first service record.
  405. // This is a dummy record that points to the first real record.
  406. //
  407. GET_DATA(pDatabaseAnchor, &ServiceRecord, sizeof(ServiceRecord))
  408. pServiceRecord = ServiceRecord.Next;
  410. if (_strnicmp(lpArgumentString, "name=", 5) == 0) {
  411. //--------------------------------------
  412. // Find a particular Service Record
  413. // based on Name.
  414. //--------------------------------------
  415. pToken = strtok(lpArgumentString+6," ,\t\n");
  416. if (pToken == NULL) {
  417. printf("A Name was not given\n");
  418. return;
  419. }
  420. if (FindServiceRecordByName(pToken, &pServiceRecord)) {
  421. DumpFwdDependentNames(pServiceRecord);
  422. }
  423. }
  424. else if (_strnicmp(lpArgumentString, "address=", 8) == 0) {
  425. //--------------------------------------
  426. // Find a particular Service Record
  427. // based on Address.
  428. //--------------------------------------
  429. pToken = strtok(lpArgumentString+9," ,\t\n");
  430. if (pToken == NULL) {
  431. printf("An Address was not given\n");
  432. return;
  433. }
  434. else {
  435. LPSERVICE_RECORD ServiceAddress;
  436. LPSTR pMore;
  438. ServiceAddress = (LPSERVICE_RECORD)strtoul(pToken, &pMore, 16);
  439. printf("pToken = %s\n",pToken);
  440. printf("strtoul on Service Address yields %d(decimal) %x(hex)\n",
  441. ServiceAddress, ServiceAddress);
  443. DumpFwdDependentNames(ServiceAddress);
  444. }
  445. }
  446. return;
  447. }
  449. VOID
  450. BackDepend(
  451. HANDLE hCurrentProcess,
  452. HANDLE hCurrentThread,
  453. DWORD dwCurrentPc,
  454. PNTSD_EXTENSION_APIS lpExtensionApis,
  455. LPSTR lpArgumentString
  456. )
  457. /*++
  458. Routine Description:
  459. Dump Service Record Dependencies.
  461. Arguments:
  462. hCurrentProcess - Handle for the process being debugged.
  464. hCurrentThread - Handle for the thread that has the debugger focus.
  466. dwCurrentPc - Current Program Counter?
  468. lpExtensionApis - Pointer to a structure that contains pointers to
  469. various routines. (see \nt\public\sdk\inc\ntsdexts.h)
  470. typedef struct _NTSD_EXTENSION_APIS {
  471. DWORD nSize;
  472. PNTSD_OUTPUT_ROUTINE lpOutputRoutine;
  473. PNTSD_GET_EXPRESSION lpGetExpressionRoutine;
  474. PNTSD_GET_SYMBOL lpGetSymbolRoutine;
  475. PNTSD_DISASM lpDisasmRoutine;
  476. PNTSD_CHECK_CONTROL_C lpCheckControlCRoutine;
  477. } NTSD_EXTENSION_APIS, *PNTSD_EXTENSION_APIS;
  479. lpArgumentString - This is a pointer to a string that contains
  480. space seperated arguments that are passed to debugger
  481. extension function.
  483. Return Value:
  484. none
  486. --*/
  487. {
  488. DWORD pDatabaseAnchor;
  489. SERVICE_RECORD ServiceRecord;
  490. LPSERVICE_RECORD pServiceRecord;
  491. DWORD numBytes=0;
  492. DWORD numEntries=0;
  493. LPSTR pToken;
  495. InitFunctionPointers(hCurrentProcess, lpExtensionApis);
  497. printf("ArgumentString = %s\n\n",lpArgumentString);
  499. //
  500. // Get the address of the top of the Service Database.
  501. //
  502. pDatabaseAnchor = (lpGetExpressionRoutine)("ServiceDatabase");
  504. //
  505. // Get the first service record.
  506. // This is a dummy record that points to the first real record.
  507. //
  508. GET_DATA(pDatabaseAnchor, &ServiceRecord, sizeof(ServiceRecord))
  509. pServiceRecord = ServiceRecord.Next;
  511. if (_strnicmp(lpArgumentString, "name=", 5) == 0) {
  512. //--------------------------------------
  513. // Find a particular Service Record
  514. // based on Name.
  515. //--------------------------------------
  516. pToken = strtok(lpArgumentString+6," ,\t\n");
  517. if (pToken == NULL) {
  518. printf("A Name was not given\n");
  519. return;
  520. }
  521. if (FindServiceRecordByName(pToken, &pServiceRecord)) {
  522. printf("Backwards dependencies:\n");
  523. DumpBkwdDependentNames(pServiceRecord);
  524. }
  525. }
  526. else if (_strnicmp(lpArgumentString, "address=", 8) == 0) {
  527. //--------------------------------------
  528. // Find a particular Service Record
  529. // based on Address.
  530. //--------------------------------------
  531. pToken = strtok(lpArgumentString+9," ,\t\n");
  532. if (pToken == NULL) {
  533. printf("An Address was not given\n");
  534. return;
  535. }
  536. else {
  537. LPSERVICE_RECORD ServiceAddress;
  538. LPSTR pMore;
  540. ServiceAddress = (LPSERVICE_RECORD)strtoul(pToken, &pMore, 16);
  541. printf("pToken = %s\n",pToken);
  542. printf("strtoul on Service Address yields %d(decimal) %x(hex)\n",
  543. ServiceAddress, ServiceAddress);
  545. DumpBkwdDependentNames(ServiceAddress);
  546. }
  547. }
  548. return;
  549. }
  551. VOID
  552. ImageRecord(
  553. HANDLE hCurrentProcess,
  554. HANDLE hCurrentThread,
  555. DWORD dwCurrentPc,
  556. PNTSD_EXTENSION_APIS lpExtensionApis,
  557. LPSTR lpArgumentString
  558. )
  559. /*++
  560. Routine Description:
  561. Dump ImageRecords.
  563. Arguments:
  564. hCurrentProcess - Handle for the process being debugged.
  566. hCurrentThread - Handle for the thread that has the debugger focus.
  568. dwCurrentPc - Current Program Counter?
  570. lpExtensionApis - Pointer to a structure that contains pointers to
  571. various routines. (see \nt\public\sdk\inc\ntsdexts.h)
  572. typedef struct _NTSD_EXTENSION_APIS {
  573. DWORD nSize;
  574. PNTSD_OUTPUT_ROUTINE lpOutputRoutine;
  575. PNTSD_GET_EXPRESSION lpGetExpressionRoutine;
  576. PNTSD_GET_SYMBOL lpGetSymbolRoutine;
  577. PNTSD_DISASM lpDisasmRoutine;
  578. PNTSD_CHECK_CONTROL_C lpCheckControlCRoutine;
  579. } NTSD_EXTENSION_APIS, *PNTSD_EXTENSION_APIS;
  581. lpArgumentString - This is a pointer to a string that contains
  582. space seperated arguments that are passed to debugger
  583. extension function.
  585. Return Value:
  586. none
  588. --*/
  589. {
  590. DWORD pDatabaseAnchor;
  591. IMAGE_RECORD ImageRecord;
  592. LPIMAGE_RECORD pImageRecord;
  593. DWORD numBytes=0;
  594. DWORD numEntries=0;
  596. InitFunctionPointers(hCurrentProcess, lpExtensionApis);
  598. printf("ArgumentString = %s\n\n",lpArgumentString);
  600. //
  601. // Get the address of the top of the Service Database.
  602. //
  603. pDatabaseAnchor = (lpGetExpressionRoutine)("ImageDatabase");
  605. //
  606. // Get the first service record.
  607. // This is a dummy record that points to the first real record.
  608. //
  609. GET_DATA(pDatabaseAnchor, &ImageRecord, sizeof(ImageRecord))
  610. pImageRecord = ImageRecord.Next;
  612. if (_strnicmp(lpArgumentString, "mem", 3) == 0) {
  613. //--------------------------------------
  614. // Dump Memory Usage only.
  615. //--------------------------------------
  616. do {
  617. pImageRecord = DumpImageRecord(
  618. hCurrentProcess,
  619. pImageRecord,
  620. &numBytes,
  621. TRUE);
  622. numEntries++;
  623. } while (pImageRecord != NULL);
  624. printf("NumIRBytes = %d\n",numBytes);
  625. printf("NumEntries = %d\n",numEntries);
  626. }
  628. else if (_strnicmp(lpArgumentString, "name=", 5) == 0) {
  630. }
  631. else {
  632. //--------------------------------------
  633. // Dump All Image Records.
  634. //--------------------------------------
  635. do {
  636. pImageRecord = DumpImageRecord(
  637. hCurrentProcess,
  638. pImageRecord,
  639. &numBytes,
  640. FALSE);
  641. numEntries++;
  642. } while (pImageRecord != NULL);
  644. printf("NumIRBytes = %d\n",numBytes);
  645. printf("NumEntries = %d\n",numEntries);
  646. }
  647. return;
  648. }
  650. VOID
  651. GroupRecord(
  652. HANDLE hCurrentProcess,
  653. HANDLE hCurrentThread,
  654. DWORD dwCurrentPc,
  655. PNTSD_EXTENSION_APIS lpExtensionApis,
  656. LPSTR lpArgumentString
  657. )
  658. /*++
  659. Routine Description:
  660. Dump GroupRecords.
  662. Arguments:
  663. hCurrentProcess - Handle for the process being debugged.
  665. hCurrentThread - Handle for the thread that has the debugger focus.
  667. dwCurrentPc - Current Program Counter?
  669. lpExtensionApis - Pointer to a structure that contains pointers to
  670. various routines. (see \nt\public\sdk\inc\ntsdexts.h)
  671. typedef struct _NTSD_EXTENSION_APIS {
  672. DWORD nSize;
  673. PNTSD_OUTPUT_ROUTINE lpOutputRoutine;
  674. PNTSD_GET_EXPRESSION lpGetExpressionRoutine;
  675. PNTSD_GET_SYMBOL lpGetSymbolRoutine;
  676. PNTSD_DISASM lpDisasmRoutine;
  677. PNTSD_CHECK_CONTROL_C lpCheckControlCRoutine;
  678. } NTSD_EXTENSION_APIS, *PNTSD_EXTENSION_APIS;
  680. lpArgumentString - This is a pointer to a string that contains
  681. space seperated arguments that are passed to debugger
  682. extension function.
  684. Return Value:
  685. none
  687. --*/
  688. {
  689. DWORD pDatabaseAnchor;
  690. DWORD pStandaloneAnchor;
  691. LOAD_ORDER_GROUP StandaloneGroupRecord;
  692. LOAD_ORDER_GROUP GroupRecord;
  693. LPLOAD_ORDER_GROUP pStandaloneGroupRecord;
  694. LPLOAD_ORDER_GROUP pGroupRecord;
  695. DWORD numBytes=0;
  696. DWORD numEntries=0;
  698. InitFunctionPointers(hCurrentProcess, lpExtensionApis);
  700. printf("ArgumentString = %s\n\n",lpArgumentString);
  702. //
  703. // Get the address of the top of the Service Database.
  704. //
  705. pDatabaseAnchor = (lpGetExpressionRoutine)("OrderGroupList");
  706. pStandaloneAnchor = (lpGetExpressionRoutine)("StandaloneGroupList");
  708. //
  709. // Get the first service record.
  710. // This is a dummy record that points to the first real record.
  711. //
  712. GET_DATA(pDatabaseAnchor, &GroupRecord, sizeof(GroupRecord))
  713. pGroupRecord = GroupRecord.Next;
  714. GET_DATA(pStandaloneAnchor, &StandaloneGroupRecord, sizeof(GroupRecord))
  715. pStandaloneGroupRecord = StandaloneGroupRecord.Next;
  717. if (_strnicmp(lpArgumentString, "mem", 3) == 0) {
  718. //--------------------------------------
  719. // Dump Memory Usage only.
  720. //--------------------------------------
  721. printf("ORDER GROUP LIST:\n");
  722. do {
  723. pGroupRecord = DumpGroupRecord(
  724. hCurrentProcess,
  725. pGroupRecord,
  726. &numBytes,
  727. TRUE);
  728. numEntries++;
  729. } while (pGroupRecord != NULL);
  731. printf("STANDALONE GROUP LIST:\n");
  732. pGroupRecord = pStandaloneGroupRecord;
  733. do {
  734. pGroupRecord = DumpGroupRecord(
  735. hCurrentProcess,
  736. pGroupRecord,
  737. &numBytes,
  738. TRUE);
  739. numEntries++;
  740. } while (pGroupRecord != NULL);
  741. printf("NumGRBytes = %d\n",numBytes);
  742. printf("NumEntries = %d\n",numEntries);
  743. }
  745. else if (_strnicmp(lpArgumentString, "name=", 5) == 0) {
  747. }
  748. else {
  749. //--------------------------------------
  750. // Dump All Group Records.
  751. //--------------------------------------
  752. printf("ORDER GROUP LIST:\n");
  753. do {
  754. pGroupRecord = DumpGroupRecord(
  755. hCurrentProcess,
  756. pGroupRecord,
  757. &numBytes,
  758. FALSE);
  759. numEntries++;
  760. } while (pGroupRecord != NULL);
  762. printf("STANDALONE GROUP LIST:\n");
  763. pGroupRecord = pStandaloneGroupRecord;
  764. do {
  765. pGroupRecord = DumpGroupRecord(
  766. hCurrentProcess,
  767. pGroupRecord,
  768. &numBytes,
  769. FALSE);
  770. numEntries++;
  771. } while (pGroupRecord != NULL);
  773. printf("NumGRBytes = %d\n",numBytes);
  774. printf("NumEntries = %d\n",numEntries);
  775. }
  777. return;
  778. }
  780. BOOL
  781. FindServiceRecordByName(
  782. LPSTR ServiceName,
  783. LPSERVICE_RECORD *pServiceRecord
  784. )
  786. /*++
  788. Routine Description:
  791. Arguments:
  793. ServiceName - This is the name of the service that we are looking for.
  795. pServiceRecord - A pointer to a location to where the pointer to the
  796. service record is to be placed.
  798. Return Value:
  799. TRUE - Success
  800. FALSE - The name couldn't be found in any of the service records.
  802. --*/
  803. {
  804. SERVICE_RECORD ServiceRecord;
  805. WCHAR StringBuffer[200];
  806. LPWSTR uniNameString;
  808. if (!ConvertToUnicode(&uniNameString,ServiceName)) {
  809. printf("Could not convert to unicode\n");
  810. return(FALSE);
  811. }
  812. //
  813. // Find a Service Record that matches the name in the uniNameString.
  814. //
  815. do {
  816. //
  817. // Map the memory for the service record into our process.
  818. //
  819. GET_DATA(*pServiceRecord, &ServiceRecord, sizeof(ServiceRecord))
  821. //
  822. // Get the ServiceName String.
  823. //
  824. GET_STRING(ServiceRecord.ServiceName, StringBuffer, sizeof(StringBuffer))
  825. if (_wcsicmp(StringBuffer, uniNameString) == 0) {
  826. //
  827. // If a name match was found, return SUCCESS.
  828. //
  829. LocalFree(uniNameString);
  830. return(TRUE);
  831. }
  832. *pServiceRecord = ServiceRecord.Next;
  833. } while (*pServiceRecord != NULL);
  835. LocalFree(uniNameString);
  836. return(FALSE);
  837. }
  839. BOOL
  840. ConvertToUnicode(
  841. OUT LPWSTR *UnicodeOut,
  842. IN LPSTR AnsiIn
  843. )
  845. /*++
  847. Routine Description:
  849. This function translates an AnsiString into a Unicode string.
  850. A new string buffer is created by this function. If the call to
  851. this function is successful, the caller must take responsibility for
  852. the unicode string buffer that was allocated by this function.
  853. The allocated buffer should be free'd with a call to LocalFree.
  855. NOTE: This function allocates memory for the Unicode String.
  857. Arguments:
  859. AnsiIn - This is a pointer to an ansi string that is to be converted.
  861. UnicodeOut - This is a pointer to a location where the pointer to the
  862. unicode string is to be placed.
  864. Return Value:
  866. TRUE - The conversion was successful.
  868. FALSE - The conversion was unsuccessful. In this case a buffer for
  869. the unicode string was not allocated.
  871. --*/
  872. {
  874. NTSTATUS ntStatus;
  875. DWORD bufSize;
  876. UNICODE_STRING unicodeString;
  877. ANSI_STRING ansiString;
  879. //
  880. // Allocate a buffer for the unicode string.
  881. //
  883. bufSize = (strlen(AnsiIn)+1) * sizeof(WCHAR);
  885. *UnicodeOut = (LPWSTR)LocalAlloc(LMEM_ZEROINIT, (UINT)bufSize);
  887. if (*UnicodeOut == NULL) {
  888. printf("ScConvertToUnicode:LocalAlloc Failure %ld\n",GetLastError());
  889. return(FALSE);
  890. }
  892. //
  893. // Initialize the string structures
  894. //
  895. RtlInitAnsiString( &ansiString, AnsiIn);
  897. unicodeString.Buffer = *UnicodeOut;
  898. unicodeString.MaximumLength = (USHORT)bufSize;
  899. unicodeString.Length = 0;
  901. //
  902. // Call the conversion function.
  903. //
  904. ntStatus = RtlAnsiStringToUnicodeString (
  905. &unicodeString, // Destination
  906. &ansiString, // Source
  907. (BOOLEAN)FALSE); // Allocate the destination
  909. if (!NT_SUCCESS(ntStatus)) {
  911. printf("ScConvertToUnicode:RtlAnsiStringToUnicodeString Failure %lx\n",
  912. ntStatus);
  914. return(FALSE);
  915. }
  917. //
  918. // Fill in the pointer location with the unicode string buffer pointer.
  919. //
  920. *UnicodeOut = unicodeString.Buffer;
  922. return(TRUE);
  924. }
  926. LPSERVICE_RECORD
  927. DumpServiceRecord(
  928. HANDLE hCurrentProcess,
  929. LPSERVICE_RECORD pServiceRecord,
  930. LPDWORD NumBytes, // number of bytes in ServiceRecord.
  931. LPDWORD NumDependBytes, // number of bytes in DependRecords.
  932. BOOL JustSizeInfo
  933. )
  934. /*++
  936. Routine Description:
  939. Arguments:
  942. Return Value:
  945. --*/
  946. {
  947. SERVICE_RECORD ServiceRecord;
  948. WCHAR StringBuffer[200];
  949. DWORD NameStringSize;
  950. DWORD EntrySize=0;
  951. DWORD DependEntrySize=0;
  952. DWORD numDependStructs=0;
  954. //------------------------------------------
  955. // Dump Size information only.
  956. //------------------------------------------
  957. if (JustSizeInfo) {
  958. EntrySize += sizeof(SERVICE_RECORD);
  959. GET_DATA(pServiceRecord, &ServiceRecord, sizeof(ServiceRecord))
  960. GET_STRING(ServiceRecord.ServiceName, StringBuffer, sizeof(StringBuffer))
  961. NameStringSize = WCSSIZE(StringBuffer);
  962. EntrySize += NameStringSize;
  963. printf("\t\t\t\tAddress = 0x%lx\r%ws\n",pServiceRecord,StringBuffer);
  964. #ifdef remove
  965. if (NameStringSize < 22) {
  966. printf("\t");
  967. }
  968. #endif
  969. GET_STRING(ServiceRecord.DisplayName, StringBuffer, sizeof(StringBuffer))
  970. if (ServiceRecord.DisplayName != ServiceRecord.DisplayName) {
  971. EntrySize += WCSSIZE(StringBuffer);
  972. }
  973. if (ServiceRecord.Dependencies != NULL) {
  974. GET_STRING(ServiceRecord.Dependencies, StringBuffer, sizeof(StringBuffer))
  975. EntrySize += WCSSIZE(StringBuffer);
  976. }
  977. GetDependTreeSize(&ServiceRecord,&numDependStructs, &DependEntrySize, TRUE);
  978. GetDependTreeSize(&ServiceRecord,&numDependStructs, &DependEntrySize, FALSE);
  981. *NumBytes += EntrySize;
  982. printf(" SRBytes=%d DependBytes=%d TotalBytes=%d\n",
  983. EntrySize,
  984. DependEntrySize,
  985. *NumBytes);
  987. *NumDependBytes += DependEntrySize;
  988. return (ServiceRecord.Next);
  989. }
  990. //------------------------------------------
  991. // Dump other information.
  992. //------------------------------------------
  993. *NumBytes += sizeof(SERVICE_RECORD);
  994. //
  995. // Map the memory for the service record into our process.
  996. //
  997. GET_DATA(pServiceRecord, &ServiceRecord, sizeof(ServiceRecord))
  999. //
  1000. // Get the ServiceName and DisplayName Strings.
  1001. //
  1002. GET_STRING(ServiceRecord.ServiceName, StringBuffer, sizeof(StringBuffer))
  1003. NameStringSize = WCSSIZE(StringBuffer);
  1004. *NumBytes += NameStringSize;
  1006. printf("ServiceName : %ws (0x%lx)\n",StringBuffer,pServiceRecord);
  1008. GET_STRING(ServiceRecord.DisplayName, StringBuffer, sizeof(StringBuffer))
  1009. if (ServiceRecord.DisplayName != ServiceRecord.DisplayName) {
  1010. *NumBytes += WCSSIZE(StringBuffer);
  1011. }
  1012. printf("DisplayName : %ws\n",StringBuffer);
  1014. printf("ResumeNum : %d\t\t", ServiceRecord.ResumeNum);
  1015. printf("ServerAnnounce : %d\n", ServiceRecord.ServerAnnounce);
  1016. printf("Signature : 0x%lx\t", ServiceRecord.Signature);
  1017. printf("UseCount : %d\n", ServiceRecord.UseCount);
  1018. printf("StatusFlag : %d\t\t",ServiceRecord.StatusFlag);
  1019. printf("pImageRecord : 0x%lx\n",ServiceRecord.ImageRecord);
  1021. printf(" **** STATUS **** \n"
  1022. " dwServiceType : 0x%lx\t",ServiceRecord.ServiceStatus.dwServiceType);
  1023. printf("dwCurrentState : 0x%lx\n",ServiceRecord.ServiceStatus.dwCurrentState);
  1024. printf(" dwControlsAccepted : 0x%lx\t",ServiceRecord.ServiceStatus.dwControlsAccepted);
  1025. printf("dwWin32ExitCode : 0x%lx\n",ServiceRecord.ServiceStatus.dwWin32ExitCode);
  1026. printf(" dwSpecificExitCode : 0x%lx\t",ServiceRecord.ServiceStatus.dwServiceSpecificExitCode);
  1027. printf("dwCheckPoint : 0x%lx\n",ServiceRecord.ServiceStatus.dwCheckPoint);
  1028. printf(" dwWaitHint : 0x%lx\n",ServiceRecord.ServiceStatus.dwWaitHint);
  1030. printf("StartType : %d\t\t",ServiceRecord.StartType);
  1031. printf("ErrorControl : %d\n",ServiceRecord.ErrorControl);
  1032. printf("Tag : 0x%x\t\t",ServiceRecord.Tag);
  1033. printf("StartDepend : 0x%lx\n",ServiceRecord.StartDepend);
  1034. if (ServiceRecord.StopDepend > (LPDEPEND_RECORD)10) {
  1035. printf("StopDepend : 0x%lx\t",ServiceRecord.StopDepend);
  1036. }
  1037. else {
  1038. printf("StopDepend : 0x%lx\t\t",ServiceRecord.StopDepend);
  1039. }
  1041. if (ServiceRecord.Dependencies != NULL) {
  1042. GET_STRING(ServiceRecord.Dependencies, StringBuffer, sizeof(StringBuffer))
  1043. *NumBytes += WCSSIZE(StringBuffer);
  1044. printf("Dependencies : %ws\n",StringBuffer);
  1045. }
  1046. else {
  1047. printf("Dependencies : (none)\n");
  1048. }
  1050. printf("pServiceSd : 0x%lx\t",ServiceRecord.ServiceSd);
  1051. printf("StartError : %d\n",ServiceRecord.StartError);
  1052. printf("StartState : 0x%lx\t\t",ServiceRecord.StartState);
  1053. printf("pMemberOfGroup : 0x%lx\n",ServiceRecord.MemberOfGroup);
  1054. printf("pRegistryGroup : 0x%lx\n",ServiceRecord.RegistryGroup);
  1055. printf("pCrashRecord : 0x%lx\n\n",ServiceRecord.CrashRecord);
  1057. GetDependTreeSize(&ServiceRecord,&numDependStructs, NumBytes, TRUE);
  1058. GetDependTreeSize(&ServiceRecord,&numDependStructs, NumBytes, FALSE);
  1061. return (ServiceRecord.Next);
  1062. }
  1064. LPIMAGE_RECORD
  1065. DumpImageRecord(
  1066. HANDLE hCurrentProcess,
  1067. LPIMAGE_RECORD pImageRecord,
  1068. LPDWORD NumBytes, // number of bytes in ImageRecord.
  1069. BOOL JustSizeInfo
  1070. )
  1071. /*++
  1073. Routine Description:
  1076. Arguments:
  1079. Return Value:
  1082. --*/
  1083. {
  1084. IMAGE_RECORD ImageRecord;
  1085. WCHAR StringBuffer[200];
  1086. DWORD NameStringSize;
  1087. DWORD EntrySize=0;
  1088. DWORD DependEntrySize=0;
  1089. DWORD numDependStructs=0;
  1091. //------------------------------------------
  1092. // Dump Size information only.
  1093. //------------------------------------------
  1094. if (JustSizeInfo) {
  1095. EntrySize += sizeof(IMAGE_RECORD);
  1096. GET_DATA(pImageRecord, &ImageRecord, sizeof(ImageRecord))
  1097. GET_STRING(ImageRecord.ImageName, StringBuffer, sizeof(StringBuffer))
  1098. NameStringSize = WCSSIZE(StringBuffer);
  1099. EntrySize += NameStringSize;
  1100. printf("%ws \tAddress = 0x%lx\n",StringBuffer,pImageRecord);
  1101. #ifdef remove
  1102. if (NameStringSize < 22) {
  1103. printf("\t");
  1104. }
  1105. #endif
  1106. *NumBytes += EntrySize;
  1107. printf(" IRBytes=%d TotalBytes=%d\n",EntrySize,*NumBytes);
  1108. return (ImageRecord.Next);
  1109. }
  1110. //------------------------------------------
  1111. // Dump other information.
  1112. //------------------------------------------
  1113. *NumBytes += sizeof(IMAGE_RECORD);
  1114. //
  1115. // Map the memory for the service record into our process.
  1116. //
  1117. GET_DATA(pImageRecord, &ImageRecord, sizeof(ImageRecord))
  1119. //
  1120. // Get the ImageName and DisplayName Strings.
  1121. //
  1122. GET_STRING(ImageRecord.ImageName, StringBuffer, sizeof(StringBuffer))
  1123. NameStringSize = WCSSIZE(StringBuffer);
  1124. *NumBytes += NameStringSize;
  1126. printf("ImageName : %ws (0x%lx)\n",StringBuffer,pImageRecord);
  1128. printf(" Pid : %d\t\t", ImageRecord.Pid);
  1129. printf("ServiceCount : %d\n", ImageRecord.ServiceCount);
  1130. printf(" PipeHandle : 0x%lx\t", ImageRecord.PipeHandle);
  1131. printf("ProcessHandle : 0x%lx\n", ImageRecord.ProcessHandle);
  1132. printf(" StatusFlag : 0x%lx\n",ImageRecord.TokenHandle);
  1134. return (ImageRecord.Next);
  1135. }
  1137. LPLOAD_ORDER_GROUP
  1138. DumpGroupRecord(
  1139. HANDLE hCurrentProcess,
  1140. LPLOAD_ORDER_GROUP pGroupRecord,
  1141. LPDWORD NumBytes, // number of bytes in GroupRecord.
  1142. BOOL JustSizeInfo
  1143. )
  1144. /*++
  1146. Routine Description:
  1149. Arguments:
  1152. Return Value:
  1155. --*/
  1156. {
  1157. LOAD_ORDER_GROUP GroupRecord;
  1158. WCHAR StringBuffer[200];
  1159. DWORD NameStringSize;
  1160. DWORD EntrySize=0;
  1161. DWORD DependEntrySize=0;
  1162. DWORD numDependStructs=0;
  1164. //------------------------------------------
  1165. // Dump Size information only.
  1166. //------------------------------------------
  1167. if (JustSizeInfo) {
  1168. EntrySize += sizeof(LOAD_ORDER_GROUP);
  1169. GET_DATA(pGroupRecord, &GroupRecord, sizeof(GroupRecord))
  1170. GET_STRING(GroupRecord.GroupName, StringBuffer, sizeof(StringBuffer))
  1171. NameStringSize = WCSSIZE(StringBuffer);
  1172. EntrySize += NameStringSize;
  1173. printf("\t\t\t\tAddress = 0x%lx\r%ws\n",pGroupRecord,StringBuffer);
  1174. *NumBytes += EntrySize;
  1175. printf(" GRBytes=%d TotalBytes=%d\n",EntrySize,*NumBytes);
  1176. return (GroupRecord.Next);
  1177. }
  1178. //------------------------------------------
  1179. // Dump other information.
  1180. //------------------------------------------
  1181. *NumBytes += sizeof(LOAD_ORDER_GROUP);
  1182. //
  1183. // Map the memory for the service record into our process.
  1184. //
  1185. GET_DATA(pGroupRecord, &GroupRecord, sizeof(GroupRecord))
  1187. //
  1188. // Get the GroupName and DisplayName Strings.
  1189. //
  1190. GET_STRING(GroupRecord.GroupName, StringBuffer, sizeof(StringBuffer))
  1191. NameStringSize = WCSSIZE(StringBuffer);
  1192. *NumBytes += NameStringSize;
  1194. printf("GroupName : %ws (0x%lx)\n",StringBuffer,pGroupRecord);
  1195. printf(" RefCount : %d\n", GroupRecord.RefCount);
  1197. return (GroupRecord.Next);
  1198. }
  1200. VOID
  1201. GetDependTreeSize(
  1202. LPSERVICE_RECORD pServiceRecord,
  1203. LPDWORD pNumDependStructs,
  1204. LPDWORD pNumBytes,
  1205. BOOL StartDepend
  1206. )
  1208. /*++
  1210. Routine Description:
  1212. pServiceRecord - This is a pointer to a ServiceRecord that is already
  1213. mapped into our address space.
  1214. pNumDependStructs -
  1215. pNumBytes -
  1216. StartDepend - TRUE indicates to look through StartDepend list.
  1217. FALSE indicates to look through StopDepend list.
  1219. Arguments:
  1222. Return Value:
  1225. --*/
  1226. {
  1227. DEPEND_RECORD DependRecord;
  1228. BOOL MoreRecords=TRUE;
  1230. if (StartDepend) {
  1231. if (pServiceRecord->StartDepend == NULL) {
  1232. return;
  1233. }
  1234. printf(" StartDependRecordAddress = 0x%x\n",pServiceRecord->StartDepend);
  1235. GET_DATA(pServiceRecord->StartDepend, &DependRecord, sizeof(DependRecord))
  1236. }
  1237. else {
  1238. if (pServiceRecord->StopDepend == NULL) {
  1239. return;
  1240. }
  1241. printf(" StopDependRecordAddress = 0x%x\n",pServiceRecord->StopDepend);
  1242. GET_DATA(pServiceRecord->StopDepend, &DependRecord, sizeof(DependRecord))
  1243. }
  1245. if (pServiceRecord->StartDepend != NULL) {
  1246. do {
  1247. *pNumBytes += sizeof(DependRecord);
  1248. (*pNumDependStructs)++;
  1250. if (DependRecord.Next != NULL) {
  1251. printf(" DependRecordAddress = 0x%x\n",DependRecord.Next);
  1252. GET_DATA(DependRecord.Next, &DependRecord, sizeof(DependRecord))
  1253. }
  1254. else {
  1255. MoreRecords = FALSE;
  1256. }
  1257. } while ((MoreRecords) && (*pNumDependStructs < 50));
  1258. }
  1259. }
  1261. VOID
  1262. DumpFwdDependentNames(
  1263. LPSERVICE_RECORD pServiceRecord
  1264. )
  1266. /*++
  1268. Routine Description:
  1271. Arguments:
  1274. Return Value:
  1277. --*/
  1278. {
  1279. SERVICE_RECORD ServiceRecord;
  1280. DEPEND_RECORD DependRecord;
  1281. LOAD_ORDER_GROUP GroupRecord;
  1282. UNRESOLVED_DEPEND UnresolvedRecord;
  1283. WCHAR StringBuffer[200];
  1284. static CHAR LeadingSpaces[80]="";
  1285. BOOL MoreRecords=TRUE;
  1287. //
  1288. // Map the memory for the service record into our process.
  1289. //
  1290. GET_DATA(pServiceRecord, &ServiceRecord, sizeof(ServiceRecord))
  1292. //
  1293. // Get the ServiceName String.
  1294. //
  1295. GET_STRING(ServiceRecord.ServiceName, StringBuffer, sizeof(StringBuffer))
  1296. printf("%s%ws (service) depends on: \t\n",LeadingSpaces,StringBuffer);
  1298. strcat(LeadingSpaces," ");
  1300. if (ServiceRecord.StartDepend != NULL) {
  1301. GET_DATA(ServiceRecord.StartDepend, &DependRecord, sizeof(DependRecord))
  1302. do {
  1303. switch (DependRecord.DependType) {
  1304. case TypeDependOnService:
  1305. DumpFwdDependentNames(DependRecord.DependService);
  1306. break;
  1307. case TypeDependOnGroup:
  1308. GET_DATA(DependRecord.DependGroup, &GroupRecord, sizeof(GroupRecord))
  1309. GET_STRING(GroupRecord.GroupName, StringBuffer, sizeof(StringBuffer))
  1310. printf("%s%ws (group)\n", LeadingSpaces,StringBuffer);
  1311. break;
  1312. case TypeDependOnUnresolved:
  1313. GET_DATA(DependRecord.DependUnresolved, &UnresolvedRecord, sizeof(UnresolvedRecord))
  1314. GET_STRING(UnresolvedRecord.Name, StringBuffer, sizeof(StringBuffer))
  1315. printf("%s%ws (unresolved)\n", LeadingSpaces,StringBuffer);
  1316. break;
  1317. default:
  1318. printf("%s(Unknown Depend Type)\n",LeadingSpaces);
  1319. MoreRecords = FALSE;
  1320. break;
  1321. }
  1323. if (DependRecord.Next != NULL) {
  1324. GET_DATA(DependRecord.Next, &DependRecord, sizeof(DependRecord))
  1325. }
  1326. else {
  1327. MoreRecords = FALSE;
  1328. }
  1329. } while (MoreRecords);
  1331. }
  1332. else {
  1333. printf("%s(nothing)\n",LeadingSpaces);
  1334. }
  1335. LeadingSpaces[strlen(LeadingSpaces)-2] = '\0';
  1336. }
  1338. VOID
  1339. DumpBkwdDependentNames(
  1340. LPSERVICE_RECORD pServiceRecord
  1341. )
  1343. /*++
  1345. Routine Description:
  1348. Arguments:
  1351. Return Value:
  1354. --*/
  1355. {
  1356. SERVICE_RECORD ServiceRecord;
  1357. DEPEND_RECORD DependRecord;
  1358. LOAD_ORDER_GROUP GroupRecord;
  1359. UNRESOLVED_DEPEND UnresolvedRecord;
  1360. WCHAR StringBuffer[200];
  1361. static CHAR LeadingSpaces[80]="";
  1362. BOOL MoreRecords=TRUE;
  1364. //
  1365. // Map the memory for the service record into our process.
  1366. //
  1367. GET_DATA(pServiceRecord, &ServiceRecord, sizeof(ServiceRecord))
  1369. //
  1370. // Get the ServiceName String.
  1371. //
  1372. GET_STRING(ServiceRecord.ServiceName, StringBuffer, sizeof(StringBuffer))
  1373. printf("%s%ws (service): \t\n",LeadingSpaces,StringBuffer);
  1375. strcat(LeadingSpaces," ");
  1377. if (ServiceRecord.StopDepend != NULL) {
  1378. GET_DATA(ServiceRecord.StopDepend, &DependRecord, sizeof(DependRecord))
  1379. do {
  1380. switch (DependRecord.DependType) {
  1381. case TypeDependOnService:
  1382. DumpBkwdDependentNames(DependRecord.DependService);
  1383. break;
  1384. case TypeDependOnGroup:
  1385. GET_DATA(DependRecord.DependGroup, &GroupRecord, sizeof(GroupRecord))
  1386. GET_STRING(GroupRecord.GroupName, StringBuffer, sizeof(StringBuffer))
  1387. printf("%s%ws (group)\n", LeadingSpaces,StringBuffer);
  1388. break;
  1389. case TypeDependOnUnresolved:
  1390. GET_DATA(DependRecord.DependUnresolved, &UnresolvedRecord, sizeof(UnresolvedRecord))
  1391. GET_STRING(UnresolvedRecord.Name, StringBuffer, sizeof(StringBuffer))
  1392. printf("%s%ws (unresolved)\n", LeadingSpaces,StringBuffer);
  1393. break;
  1394. default:
  1395. printf("%s(Unknown Depend Type)\n",LeadingSpaces);
  1396. MoreRecords = FALSE;
  1397. break;
  1398. }
  1400. if (DependRecord.Next != NULL) {
  1401. GET_DATA(DependRecord.Next, &DependRecord, sizeof(DependRecord))
  1402. }
  1403. else {
  1404. MoreRecords = FALSE;
  1405. }
  1406. } while (MoreRecords);
  1408. }
  1409. else {
  1410. printf("%s(nothing)\n",LeadingSpaces);
  1411. }
  1412. LeadingSpaces[strlen(LeadingSpaces)-2] = '\0';
  1413. }
  1415. VOID
  1416. help(
  1417. HANDLE hCurrentProcess,
  1418. HANDLE hCurrentThread,
  1419. DWORD dwCurrentPc,
  1420. PNTSD_EXTENSION_APIS lpExtensionApis,
  1421. LPSTR lpArgumentString
  1422. )
  1423. /*++
  1425. Routine Description:
  1426. Provides online help for the user of this debugger extension.
  1428. Arguments:
  1429. hCurrentProcess - Handle for the process being debugged.
  1431. hCurrentThread - Handle for the thread that has the debugger focus.
  1433. dwCurrentPc - Current Program Counter?
  1435. lpExtensionApis - Pointer to a structure that contains pointers to
  1436. various routines. (see \nt\public\sdk\inc\ntsdexts.h)
  1437. typedef struct _NTSD_EXTENSION_APIS {
  1438. DWORD nSize;
  1439. PNTSD_OUTPUT_ROUTINE lpOutputRoutine;
  1440. PNTSD_GET_EXPRESSION lpGetExpressionRoutine;
  1441. PNTSD_GET_SYMBOL lpGetSymbolRoutine;
  1442. PNTSD_DISASM lpDisasmRoutine;
  1443. PNTSD_CHECK_CONTROL_C lpCheckControlCRoutine;
  1444. } NTSD_EXTENSION_APIS, *PNTSD_EXTENSION_APIS;
  1446. lpArgumentString - This is a pointer to a string that contains
  1447. space seperated arguments that are passed to debugger
  1448. extension function.
  1450. Return Value:
  1453. --*/
  1454. {
  1455. InitFunctionPointers(hCurrentProcess, lpExtensionApis);
  1457. printf("\nService Controller NTSD Extensions\n");
  1459. if (!lpArgumentString || *lpArgumentString == '\0' ||
  1460. *lpArgumentString == '\n' || *lpArgumentString == '\r')
  1461. {
  1462. printf("\tServiceRecord - dump a ServiceRecord structure\n");
  1463. printf("\tDependencies - dump a Service's Dependencies\n");
  1464. printf("\tBackDepend - dump a Service's that depend on this service\n");
  1465. printf("\tImageRecord - dump an ImageRecord structure\n");
  1466. printf("\tGroupRecord - dump a GroupRecord structure\n");
  1467. printf("\n\tEnter help <cmd> for detailed help on a command\n");
  1468. }
  1469. else if (!_stricmp(lpArgumentString, "ServiceRecord")) {
  1470. printf("\tServiceRecord <arg>, where <arg> can be one of:\n");
  1471. printf("\t\tno argument - dump all ServiceRecord structures\n");
  1472. printf("\t\tmem - dump ServiceRecord Address Info only\n");
  1473. printf("\t\tname= <name> - dump the ServiceRecord for <name>\n");
  1474. printf("\t\taddress= <address> - dump the ServiceRecord at specified address\n");
  1475. }
  1476. else if (!_stricmp(lpArgumentString, "Dependencies")) {
  1477. printf("\tDependencies <arg>, where <arg> can be one of:\n");
  1478. printf("\t\tname= <name> - dump the Dependency Chain for <name>\n");
  1479. printf("\t\taddress= <address> - dump the Dependency Chain for address\n");
  1480. }
  1481. else if (!_stricmp(lpArgumentString, "BackDepend")) {
  1482. printf("\tDependencies <arg>, where <arg> can be one of:\n");
  1483. printf("\t\tname= <name> - dump the Dependency Chain for <name>\n");
  1484. printf("\t\taddress= <address> - dump the Dependency Chain for address\n");
  1485. }
  1486. else if (!_stricmp(lpArgumentString, "ImageRecord")) {
  1487. printf("\t\tmem - dump ImageRecord Memory Info only\n");
  1488. }
  1489. else if (!_stricmp(lpArgumentString, "GroupRecord")) {
  1490. printf("\t\tmem - dump GroupRecord Memory Info only\n");
  1491. }
  1492. else {
  1493. printf("\tInvalid command [%s]\n", lpArgumentString);
  1494. }
  1495. }