archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/sdktools/psapi/module.c

458 lines
9.8 KiB
Raw Normal View History

Add source files
4 years ago
  1. #include <nt.h>
  2. #include <ntrtl.h>
  3. #include <nturtl.h>
  4. #include <windows.h>
  6. #include "psapi.h"
  9. BOOL
  10. FindModule(
  11. IN HANDLE hProcess,
  12. IN HMODULE hModule,
  13. OUT PLDR_DATA_TABLE_ENTRY LdrEntryData
  14. )
  16. /*++
  18. Routine Description:
  20. This function retrieves the loader table entry for the specified
  21. module. The function copies the entry into the buffer pointed to
  22. by the LdrEntryData parameter.
  24. Arguments:
  26. hProcess - Supplies the target process.
  28. hModule - Identifies the module whose loader entry is being
  29. requested. A value of NULL references the module handle
  30. associated with the image file that was used to create the
  31. process.
  33. LdrEntryData - Returns the requested table entry.
  35. Return Value:
  37. TRUE if a matching entry was found.
  39. --*/
  41. {
  42. PROCESS_BASIC_INFORMATION BasicInfo;
  43. NTSTATUS Status;
  44. PPEB Peb;
  45. PPEB_LDR_DATA Ldr;
  46. PLIST_ENTRY LdrHead;
  47. PLIST_ENTRY LdrNext;
  49. Status = NtQueryInformationProcess(
  50. hProcess,
  51. ProcessBasicInformation,
  52. &BasicInfo,
  53. sizeof(BasicInfo),
  54. NULL
  55. );
  57. if ( !NT_SUCCESS(Status) ) {
  58. SetLastError( RtlNtStatusToDosError( Status ) );
  59. return(FALSE);
  60. }
  62. Peb = BasicInfo.PebBaseAddress;
  65. if ( !ARGUMENT_PRESENT( hModule )) {
  66. if (!ReadProcessMemory(hProcess, &Peb->ImageBaseAddress, &hModule, sizeof(hModule), NULL)) {
  67. return(FALSE);
  68. }
  69. }
  71. //
  72. // Ldr = Peb->Ldr
  73. //
  75. if (!ReadProcessMemory(hProcess, &Peb->Ldr, &Ldr, sizeof(Ldr), NULL)) {
  76. return (FALSE);
  77. }
  79. if (!Ldr) {
  80. // Ldr might be null (for instance, if the process hasn't started yet).
  81. SetLastError(ERROR_INVALID_HANDLE);
  82. return (FALSE);
  83. }
  86. LdrHead = &Ldr->InMemoryOrderModuleList;
  88. //
  89. // LdrNext = Head->Flink;
  90. //
  92. if (!ReadProcessMemory(hProcess, &LdrHead->Flink, &LdrNext, sizeof(LdrNext), NULL)) {
  93. return(FALSE);
  94. }
  96. while (LdrNext != LdrHead) {
  97. PLDR_DATA_TABLE_ENTRY LdrEntry;
  99. LdrEntry = CONTAINING_RECORD(LdrNext, LDR_DATA_TABLE_ENTRY, InMemoryOrderLinks);
  101. if (!ReadProcessMemory(hProcess, LdrEntry, LdrEntryData, sizeof(*LdrEntryData), NULL)) {
  102. return(FALSE);
  103. }
  105. if ((HMODULE) LdrEntryData->DllBase == hModule) {
  106. return(TRUE);
  107. }
  109. LdrNext = LdrEntryData->InMemoryOrderLinks.Flink;
  110. }
  112. SetLastError(ERROR_INVALID_HANDLE);
  113. return(FALSE);
  114. }
  117. BOOL
  118. WINAPI
  119. EnumProcessModules(
  120. HANDLE hProcess,
  121. HMODULE *lphModule,
  122. DWORD cb,
  123. LPDWORD lpcbNeeded
  124. )
  125. {
  126. PROCESS_BASIC_INFORMATION BasicInfo;
  127. NTSTATUS Status;
  128. PPEB Peb;
  129. PPEB_LDR_DATA Ldr;
  130. PLIST_ENTRY LdrHead;
  131. PLIST_ENTRY LdrNext;
  132. DWORD chMax;
  133. DWORD ch;
  135. Status = NtQueryInformationProcess(
  136. hProcess,
  137. ProcessBasicInformation,
  138. &BasicInfo,
  139. sizeof(BasicInfo),
  140. NULL
  141. );
  143. if ( !NT_SUCCESS(Status) ) {
  144. SetLastError( RtlNtStatusToDosError( Status ) );
  145. return(FALSE);
  146. }
  148. Peb = BasicInfo.PebBaseAddress;
  150. //
  151. // Ldr = Peb->Ldr
  152. //
  154. if (!ReadProcessMemory(hProcess, &Peb->Ldr, &Ldr, sizeof(Ldr), NULL)) {
  155. return(FALSE);
  156. }
  158. LdrHead = &Ldr->InMemoryOrderModuleList;
  160. //
  161. // LdrNext = Head->Flink;
  162. //
  164. if (!ReadProcessMemory(hProcess, &LdrHead->Flink, &LdrNext, sizeof(LdrNext), NULL)) {
  165. return(FALSE);
  166. }
  168. chMax = cb / sizeof(HMODULE);
  169. ch = 0;
  171. while (LdrNext != LdrHead) {
  172. PLDR_DATA_TABLE_ENTRY LdrEntry;
  173. LDR_DATA_TABLE_ENTRY LdrEntryData;
  175. LdrEntry = CONTAINING_RECORD(LdrNext, LDR_DATA_TABLE_ENTRY, InMemoryOrderLinks);
  177. if (!ReadProcessMemory(hProcess, LdrEntry, &LdrEntryData, sizeof(LdrEntryData), NULL)) {
  178. return(FALSE);
  179. }
  181. if (ch < chMax) {
  182. try {
  183. lphModule[ch] = (HMODULE) LdrEntryData.DllBase;
  184. }
  185. except (EXCEPTION_EXECUTE_HANDLER) {
  186. SetLastError( RtlNtStatusToDosError( GetExceptionCode() ) );
  187. return(FALSE);
  188. }
  189. }
  191. ch++;
  193. LdrNext = LdrEntryData.InMemoryOrderLinks.Flink;
  194. }
  196. try {
  197. *lpcbNeeded = ch * sizeof(HMODULE);
  198. }
  199. except (EXCEPTION_EXECUTE_HANDLER) {
  200. SetLastError( RtlNtStatusToDosError( GetExceptionCode() ) );
  201. return(FALSE);
  202. }
  204. return(TRUE);
  205. }
  208. DWORD
  209. WINAPI
  210. GetModuleFileNameExW(
  211. HANDLE hProcess,
  212. HMODULE hModule,
  213. LPWSTR lpFilename,
  214. DWORD nSize
  215. )
  217. /*++
  219. Routine Description:
  221. This function retrieves the full pathname of the executable file
  222. from which the specified module was loaded. The function copies the
  223. null-terminated filename into the buffer pointed to by the
  224. lpFilename parameter.
  226. Routine Description:
  228. hModule - Identifies the module whose executable file name is being
  229. requested. A value of NULL references the module handle
  230. associated with the image file that was used to create the
  231. process.
  233. lpFilename - Points to the buffer that is to receive the filename.
  235. nSize - Specifies the maximum number of characters to copy. If the
  236. filename is longer than the maximum number of characters
  237. specified by the nSize parameter, it is truncated.
  239. Return Value:
  241. The return value specifies the actual length of the string copied to
  242. the buffer. A return value of zero indicates an error and extended
  243. error status is available using the GetLastError function.
  245. Arguments:
  247. --*/
  249. {
  250. LDR_DATA_TABLE_ENTRY LdrEntryData;
  251. DWORD cb;
  253. if (!FindModule(hProcess, hModule, &LdrEntryData)) {
  254. return(0);
  255. }
  257. nSize *= sizeof(WCHAR);
  259. cb = LdrEntryData.FullDllName.Length + sizeof (WCHAR);
  260. if ( nSize < cb ) {
  261. cb = nSize;
  262. }
  264. if (!ReadProcessMemory(hProcess, LdrEntryData.FullDllName.Buffer, lpFilename, cb, NULL)) {
  265. return(0);
  266. }
  268. if (cb == LdrEntryData.FullDllName.Length + sizeof (WCHAR)) {
  269. cb -= sizeof(WCHAR);
  270. }
  272. return(cb / sizeof(WCHAR));
  273. }
  277. DWORD
  278. WINAPI
  279. GetModuleFileNameExA(
  280. HANDLE hProcess,
  281. HMODULE hModule,
  282. LPSTR lpFilename,
  283. DWORD nSize
  284. )
  285. {
  286. LPWSTR lpwstr;
  287. DWORD cwch;
  288. DWORD cch;
  290. lpwstr = (LPWSTR) LocalAlloc(LMEM_FIXED, nSize * 2);
  292. if (lpwstr == NULL) {
  293. return(0);
  294. }
  296. cwch = cch = GetModuleFileNameExW(hProcess, hModule, lpwstr, nSize);
  298. if (cwch < nSize) {
  299. //
  300. // Include NULL terminator
  301. //
  303. cwch++;
  304. }
  306. if (!WideCharToMultiByte(CP_ACP, 0, lpwstr, cwch, lpFilename, nSize, NULL, NULL)) {
  307. cch = 0;
  308. }
  310. LocalFree((HLOCAL) lpwstr);
  312. return(cch);
  313. }
  316. DWORD
  317. WINAPI
  318. GetModuleBaseNameW(
  319. HANDLE hProcess,
  320. HMODULE hModule,
  321. LPWSTR lpFilename,
  322. DWORD nSize
  323. )
  325. /*++
  327. Routine Description:
  329. This function retrieves the full pathname of the executable file
  330. from which the specified module was loaded. The function copies the
  331. null-terminated filename into the buffer pointed to by the
  332. lpFilename parameter.
  334. Routine Description:
  336. hModule - Identifies the module whose executable file name is being
  337. requested. A value of NULL references the module handle
  338. associated with the image file that was used to create the
  339. process.
  341. lpFilename - Points to the buffer that is to receive the filename.
  343. nSize - Specifies the maximum number of characters to copy. If the
  344. filename is longer than the maximum number of characters
  345. specified by the nSize parameter, it is truncated.
  347. Return Value:
  349. The return value specifies the actual length of the string copied to
  350. the buffer. A return value of zero indicates an error and extended
  351. error status is available using the GetLastError function.
  353. Arguments:
  355. --*/
  357. {
  358. LDR_DATA_TABLE_ENTRY LdrEntryData;
  359. DWORD cb;
  361. if (!FindModule(hProcess, hModule, &LdrEntryData)) {
  362. return(0);
  363. }
  365. nSize *= sizeof(WCHAR);
  367. cb = LdrEntryData.BaseDllName.Length + sizeof (WCHAR);
  368. if ( nSize < cb ) {
  369. cb = nSize;
  370. }
  372. if (!ReadProcessMemory(hProcess, LdrEntryData.BaseDllName.Buffer, lpFilename, cb, NULL)) {
  373. return(0);
  374. }
  376. if (cb == LdrEntryData.BaseDllName.Length + sizeof (WCHAR)) {
  377. cb -= sizeof(WCHAR);
  378. }
  380. return(cb / sizeof(WCHAR));
  381. }
  385. DWORD
  386. WINAPI
  387. GetModuleBaseNameA(
  388. HANDLE hProcess,
  389. HMODULE hModule,
  390. LPSTR lpFilename,
  391. DWORD nSize
  392. )
  393. {
  394. LPWSTR lpwstr;
  395. DWORD cwch;
  396. DWORD cch;
  398. lpwstr = (LPWSTR) LocalAlloc(LMEM_FIXED, nSize * 2);
  400. if (lpwstr == NULL) {
  401. return(0);
  402. }
  404. cwch = cch = GetModuleBaseNameW(hProcess, hModule, lpwstr, nSize);
  406. if (cwch < nSize) {
  407. //
  408. // Include NULL terminator
  409. //
  411. cwch++;
  412. }
  414. if (!WideCharToMultiByte(CP_ACP, 0, lpwstr, cwch, lpFilename, nSize, NULL, NULL)) {
  415. cch = 0;
  416. }
  418. LocalFree((HLOCAL) lpwstr);
  420. return(cch);
  421. }
  424. BOOL
  425. WINAPI
  426. GetModuleInformation(
  427. HANDLE hProcess,
  428. HMODULE hModule,
  429. LPMODULEINFO lpmodinfo,
  430. DWORD cb
  431. )
  432. {
  433. LDR_DATA_TABLE_ENTRY LdrEntryData;
  434. MODULEINFO modinfo;
  436. if (cb < sizeof(MODULEINFO)) {
  437. SetLastError( ERROR_INSUFFICIENT_BUFFER );
  438. return(FALSE);
  439. }
  441. if (!FindModule(hProcess, hModule, &LdrEntryData)) {
  442. return(0);
  443. }
  445. modinfo.lpBaseOfDll = (PVOID) hModule;
  446. modinfo.SizeOfImage = LdrEntryData.SizeOfImage;
  447. modinfo.EntryPoint = LdrEntryData.EntryPoint;
  449. try {
  450. *lpmodinfo = modinfo;
  451. }
  452. except (EXCEPTION_EXECUTE_HANDLER) {
  453. SetLastError( RtlNtStatusToDosError( GetExceptionCode() ) );
  454. return(FALSE);
  455. }
  457. return(TRUE);
  458. }