Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

838 lines
20 KiB

  1. /*++
  2. Copyright (c) 1997 Microsoft Corporation
  3. Module Name:
  4. badapps.c
  5. Abstract:
  6. Implements a library for CheckBadApps key.
  7. Author:
  8. Calin Negreanu (calinn) 20-Jan-1999
  9. Revision History:
  10. <alias> <date> <comments>
  11. --*/
  12. #include <windows.h>
  13. #include <winnt.h>
  14. #include <shlwapi.h>
  15. #include <badapps.h>
  16. #include "utils.h"
  17. #include "version.h"
  18. #include "modules.h"
  19. typedef struct {
  20. PCTSTR FileName;
  21. BOOL FindDataLoaded;
  22. WIN32_FIND_DATA FindData;
  23. PBYTE MappedImage;
  24. HANDLE FileHandle;
  25. HANDLE MapHandle;
  26. VERSION_STRUCT VersionData;
  27. HKEY PrevOsKey;
  28. } FILE_DATA, *PFILE_DATA;
  29. typedef BOOL (VERSION_CHECK_PROTOTYPE) (PFILE_DATA FileData, DWORD DataSize, PBYTE Data);
  30. typedef VERSION_CHECK_PROTOTYPE * PVERSION_CHECK_PROTOTYPE;
  31. typedef struct {
  32. DWORD VersionId;
  33. PVERSION_CHECK_PROTOTYPE VersionCheck;
  34. } VERSION_DATA, *PVERSION_DATA;
  35. #define LIBARGS(id, fn) VERSION_CHECK_PROTOTYPE fn;
  36. #define TOOLARGS(name, dispName, allowance, edit, query, output)
  37. VERSION_STAMPS
  38. #undef TOOLARGS
  39. #undef LIBARGS
  40. #define LIBARGS(id, fn) {id, fn},
  41. #define TOOLARGS(name, dispName, allowance, edit, query, output)
  42. VERSION_DATA g_VersionData [] = {
  43. VERSION_STAMPS
  44. {0, NULL}
  45. };
  46. #undef TOOLARGS
  47. #undef LIBARGS
  48. #define FD_FINDDATA 0x00000001
  49. #define FD_MAPPINGDATA 0x00000002
  50. #define FD_VERSIONDATA 0x00000003
  51. #define FD_PREVOSDATA 0x00000004
  52. BOOL
  53. ShLoadFileData (
  54. IN OUT PFILE_DATA FileData,
  55. IN DWORD FileDataType
  56. )
  57. {
  58. LONG status;
  59. HANDLE findHandle;
  60. UINT oldMode;
  61. switch (FileDataType) {
  62. case FD_FINDDATA:
  63. if (!FileData->FindDataLoaded) {
  64. oldMode = SetErrorMode (SEM_FAILCRITICALERRORS);
  65. findHandle = FindFirstFile (FileData->FileName, &FileData->FindData);
  66. SetErrorMode(oldMode);
  67. if (findHandle == INVALID_HANDLE_VALUE) {
  68. return FALSE;
  69. } else {
  70. FindClose (findHandle);
  71. FileData->FindDataLoaded = TRUE;
  72. }
  73. }
  74. break;
  75. case FD_MAPPINGDATA:
  76. if (!FileData->MappedImage) {
  77. FileData->MappedImage = ShMapFileIntoMemory (
  78. FileData->FileName,
  79. &FileData->FileHandle,
  80. &FileData->MapHandle
  81. );
  82. if (!FileData->MappedImage) {
  83. return FALSE;
  84. }
  85. }
  86. break;
  87. case FD_VERSIONDATA:
  88. if (!FileData->VersionData.VersionBuffer) {
  89. if (!ShCreateVersionStruct (&FileData->VersionData, FileData->FileName)) {
  90. FileData->VersionData.VersionBuffer = NULL;
  91. return FALSE;
  92. }
  93. }
  94. break;
  95. case FD_PREVOSDATA:
  96. if (!FileData->PrevOsKey) {
  97. status = RegOpenKey (
  98. HKEY_LOCAL_MACHINE,
  99. S_KEY_PREVOSVERSION,
  100. &FileData->PrevOsKey
  101. );
  102. if (status != ERROR_SUCCESS) {
  103. return FALSE;
  104. }
  105. }
  106. default:
  107. return FALSE;
  108. }
  109. return TRUE;
  110. }
  111. BOOL
  112. ShFreeFileData (
  113. IN OUT PFILE_DATA FileData
  114. )
  115. {
  116. FileData->FindDataLoaded = FALSE;
  117. if (FileData->MappedImage) {
  118. ShUnmapFile (
  119. FileData->MappedImage,
  120. FileData->FileHandle,
  121. FileData->MapHandle
  122. );
  123. FileData->MappedImage = NULL;
  124. FileData->FileHandle = NULL;
  125. FileData->MapHandle = NULL;
  126. }
  127. if (FileData->VersionData.VersionBuffer) {
  128. ShDestroyVersionStruct (&FileData->VersionData);
  129. FileData->VersionData.VersionBuffer = NULL;
  130. }
  131. if (FileData->PrevOsKey) {
  132. RegCloseKey (FileData->PrevOsKey);
  133. FileData->PrevOsKey = NULL;
  134. }
  135. return TRUE;
  136. }
  137. BOOL
  138. ShCheckFileSize (
  139. IN PFILE_DATA FileData,
  140. IN DWORD DataSize,
  141. IN PBYTE Data
  142. )
  143. {
  144. if (!ShLoadFileData (FileData, FD_FINDDATA)) {
  145. return FALSE;
  146. }
  147. return (*((UNALIGNED DWORD*)Data) == FileData->FindData.nFileSizeLow);
  148. }
  149. BOOL
  150. ShCheckModuleType (
  151. IN PFILE_DATA FileData,
  152. IN DWORD DataSize,
  153. IN PBYTE Data
  154. )
  155. {
  156. if (!ShLoadFileData (FileData, FD_MAPPINGDATA)) {
  157. return FALSE;
  158. }
  159. return (*((UNALIGNED DWORD*) Data) == ShGetModuleType (FileData->MappedImage));
  160. }
  161. BOOL
  162. ShCheckBinFileVer (
  163. IN PFILE_DATA FileData,
  164. IN DWORD DataSize,
  165. IN PBYTE Data
  166. )
  167. {
  168. ULONGLONG value;
  169. ULONGLONG mask;
  170. ULONGLONG currVer;
  171. if (!ShLoadFileData (FileData, FD_VERSIONDATA)) {
  172. currVer = 0;
  173. } else {
  174. currVer = ShVerGetFileVer (&FileData->VersionData);
  175. }
  176. value = *(UNALIGNED ULONGLONG*) Data;
  177. mask = *((UNALIGNED ULONGLONG*) (Data + sizeof (ULONGLONG)));
  178. return ((value & mask) == currVer);
  179. }
  180. BOOL
  181. ShCheckBinProductVer (
  182. IN PFILE_DATA FileData,
  183. IN DWORD DataSize,
  184. IN PBYTE Data
  185. )
  186. {
  187. ULONGLONG value;
  188. ULONGLONG mask;
  189. ULONGLONG currVer;
  190. if (!ShLoadFileData (FileData, FD_VERSIONDATA)) {
  191. currVer = 0;
  192. } else {
  193. currVer = ShVerGetProductVer (&FileData->VersionData);
  194. }
  195. value = *(UNALIGNED ULONGLONG*)Data;
  196. mask = *((UNALIGNED ULONGLONG*)(Data + sizeof (ULONGLONG)));
  197. return ((value & mask) == currVer);
  198. }
  199. BOOL
  200. ShCheckUpToBinProductVer (
  201. IN PFILE_DATA FileData,
  202. IN DWORD DataSize,
  203. IN PBYTE Data
  204. )
  205. {
  206. ULONGLONG ProdVerMS;
  207. ULONGLONG BadProdVer;
  208. if (!ShLoadFileData (FileData, FD_VERSIONDATA)) {
  209. ProdVerMS = 0;
  210. } else {
  211. ProdVerMS = ShVerGetProductVer (&FileData->VersionData);
  212. }
  213. BadProdVer = *(UNALIGNED ULONGLONG*)Data;
  214. return (ProdVerMS <= BadProdVer);
  215. }
  216. BOOL
  217. ShCheckFileDateHi (
  218. IN PFILE_DATA FileData,
  219. IN DWORD DataSize,
  220. IN PBYTE Data
  221. )
  222. {
  223. ULONGLONG value;
  224. ULONGLONG currVer;
  225. if (!ShLoadFileData (FileData, FD_VERSIONDATA)) {
  226. currVer = 0;
  227. } else {
  228. currVer = ShVerGetFileDateHi (&FileData->VersionData);
  229. }
  230. value = *(UNALIGNED ULONGLONG*)Data;
  231. return (value == currVer);
  232. }
  233. BOOL
  234. ShCheckFileDateLo (
  235. IN PFILE_DATA FileData,
  236. IN DWORD DataSize,
  237. IN PBYTE Data
  238. )
  239. {
  240. ULONGLONG value;
  241. ULONGLONG currVer;
  242. if (!ShLoadFileData (FileData, FD_VERSIONDATA)) {
  243. currVer = 0;
  244. } else {
  245. currVer = ShVerGetFileDateLo (&FileData->VersionData);
  246. }
  247. value = *(UNALIGNED ULONGLONG*)Data;
  248. return (value == currVer);
  249. }
  250. BOOL
  251. ShCheckFileVerOs (
  252. IN PFILE_DATA FileData,
  253. IN DWORD DataSize,
  254. IN PBYTE Data
  255. )
  256. {
  257. ULONG value;
  258. ULONG currVer;
  259. if (!ShLoadFileData (FileData, FD_VERSIONDATA)) {
  260. currVer = 0;
  261. } else {
  262. currVer = ShVerGetFileVerOs (&FileData->VersionData);
  263. }
  264. value = *(UNALIGNED ULONG*)Data;
  265. return (value == currVer);
  266. }
  267. BOOL
  268. ShCheckFileVerType (
  269. IN PFILE_DATA FileData,
  270. IN DWORD DataSize,
  271. IN PBYTE Data
  272. )
  273. {
  274. ULONG value;
  275. ULONG currVer;
  276. if (!ShLoadFileData (FileData, FD_VERSIONDATA)) {
  277. currVer = 0;
  278. } else {
  279. currVer = ShVerGetFileVerType (&FileData->VersionData);
  280. }
  281. value = *(UNALIGNED ULONG*)Data;
  282. return (value == currVer);
  283. }
  284. BOOL
  285. ShCheckFileCheckSum (
  286. IN PFILE_DATA FileData,
  287. IN DWORD DataSize,
  288. IN PBYTE Data
  289. )
  290. {
  291. ULONG value;
  292. if (!ShLoadFileData (FileData, FD_FINDDATA)) {
  293. return FALSE;
  294. }
  295. if (!ShLoadFileData (FileData, FD_MAPPINGDATA)) {
  296. return FALSE;
  297. }
  298. value = *(UNALIGNED ULONG*)Data;
  299. return (value == ShGetCheckSum (FileData->FindData.nFileSizeLow, FileData->MappedImage));
  300. }
  301. BOOL
  302. ShCheckFilePECheckSum (
  303. IN PFILE_DATA FileData,
  304. IN DWORD DataSize,
  305. IN PBYTE Data
  306. )
  307. {
  308. ULONG value;
  309. if (!ShLoadFileData (FileData, FD_MAPPINGDATA)) {
  310. return FALSE;
  311. }
  312. value = *(UNALIGNED ULONG*)Data;
  313. return (value == ShGetPECheckSum (FileData->MappedImage));
  314. }
  315. BOOL
  316. ShCheckStrVersion (
  317. IN PFILE_DATA FileData,
  318. IN PCTSTR ValueToCheck,
  319. IN DWORD DataSize,
  320. IN PBYTE Data
  321. )
  322. {
  323. BOOL result = FALSE;
  324. if (!ShLoadFileData (FileData, FD_VERSIONDATA)) {
  325. return FALSE;
  326. }
  327. {
  328. #ifndef UNICODE
  329. PSTR convStr = NULL;
  330. INT converted = 0;
  331. #endif
  332. LPCWSTR localData;
  333. WSTR_ALIGNED_STACK_COPY(&localData,(UNALIGNED TCHAR*)Data);
  334. #ifndef UNICODE
  335. convStr = HeapAlloc (GetProcessHeap (), 0, DataSize);
  336. if (convStr)
  337. {
  338. converted = WideCharToMultiByte (
  339. CP_ACP,
  340. 0,
  341. localData,
  342. -1,
  343. convStr,
  344. DataSize,
  345. NULL,
  346. NULL
  347. );
  348. }
  349. if (!converted)
  350. {
  351. if (convStr)
  352. HeapFree (GetProcessHeap (), 0, convStr);
  353. return FALSE;
  354. }
  355. result = ShGlobalVersionCheck (&FileData->VersionData, ValueToCheck, convStr);
  356. HeapFree (GetProcessHeap (), 0, convStr);
  357. #else
  358. result = ShGlobalVersionCheck (&FileData->VersionData, ValueToCheck, localData);
  359. #endif
  360. }
  361. return result;
  362. }
  363. BOOL
  364. ShCheckCompanyName (
  365. IN PFILE_DATA FileData,
  366. IN DWORD DataSize,
  367. IN PBYTE Data
  368. )
  369. {
  370. return (ShCheckStrVersion (FileData, S_VER_COMPANYNAME, DataSize, Data));
  371. }
  372. BOOL
  373. ShCheckProductVersion (
  374. IN PFILE_DATA FileData,
  375. IN DWORD DataSize,
  376. IN PBYTE Data
  377. )
  378. {
  379. return (ShCheckStrVersion (FileData, S_VER_PRODUCTVERSION, DataSize, Data));
  380. }
  381. BOOL
  382. ShCheckProductName (
  383. IN PFILE_DATA FileData,
  384. IN DWORD DataSize,
  385. IN PBYTE Data
  386. )
  387. {
  388. return (ShCheckStrVersion (FileData, S_VER_PRODUCTNAME, DataSize, Data));
  389. }
  390. BOOL
  391. ShCheckFileDescription (
  392. IN PFILE_DATA FileData,
  393. IN DWORD DataSize,
  394. IN PBYTE Data
  395. )
  396. {
  397. return (ShCheckStrVersion (FileData, S_VER_FILEDESCRIPTION, DataSize, Data));
  398. }
  399. BOOL
  400. ShCheckFileVersion (
  401. IN PFILE_DATA FileData,
  402. IN DWORD DataSize,
  403. IN PBYTE Data
  404. )
  405. {
  406. return (ShCheckStrVersion (FileData, S_VER_FILEVERSION, DataSize, Data));
  407. }
  408. BOOL
  409. ShCheckOriginalFileName (
  410. IN PFILE_DATA FileData,
  411. IN DWORD DataSize,
  412. IN PBYTE Data
  413. )
  414. {
  415. return (ShCheckStrVersion (FileData, S_VER_ORIGINALFILENAME, DataSize, Data));
  416. }
  417. BOOL
  418. ShCheckInternalName (
  419. IN PFILE_DATA FileData,
  420. IN DWORD DataSize,
  421. IN PBYTE Data
  422. )
  423. {
  424. return (ShCheckStrVersion (FileData, S_VER_INTERNALNAME, DataSize, Data));
  425. }
  426. BOOL
  427. ShCheckLegalCopyright (
  428. IN PFILE_DATA FileData,
  429. IN DWORD DataSize,
  430. IN PBYTE Data
  431. )
  432. {
  433. return (ShCheckStrVersion (FileData, S_VER_LEGALCOPYRIGHT, DataSize, Data));
  434. }
  435. BOOL
  436. ShCheck16BitDescription (
  437. IN PFILE_DATA FileData,
  438. IN DWORD DataSize,
  439. IN PBYTE Data
  440. )
  441. {
  442. PTSTR value;
  443. BOOL result = FALSE;
  444. value = ShGet16ModuleDescription (FileData->MappedImage);
  445. if (!value) {
  446. return FALSE;
  447. }
  448. {
  449. #ifndef UNICODE
  450. PSTR convStr = NULL;
  451. INT converted = 0;
  452. #endif
  453. LPCWSTR localData;
  454. WSTR_ALIGNED_STACK_COPY(&localData,(UNALIGNED TCHAR*)Data);
  455. #ifndef UNICODE
  456. convStr = HeapAlloc (GetProcessHeap (), 0, DataSize);
  457. if (convStr)
  458. {
  459. converted = WideCharToMultiByte (
  460. CP_ACP,
  461. 0,
  462. localData,
  463. -1,
  464. convStr,
  465. DataSize,
  466. NULL,
  467. NULL
  468. );
  469. }
  470. if (!converted)
  471. {
  472. if (convStr)
  473. HeapFree (GetProcessHeap (), 0, convStr);
  474. HeapFree (GetProcessHeap (), 0, value);
  475. return FALSE;
  476. }
  477. result = ShIsPatternMatch (convStr, value);
  478. HeapFree (GetProcessHeap (), 0, convStr);
  479. #else
  480. result = ShIsPatternMatch (localData, value);
  481. #endif
  482. }
  483. HeapFree (GetProcessHeap (), 0, value);
  484. return result;
  485. }
  486. BOOL
  487. pShLoadPrevOsData (
  488. IN PFILE_DATA FileData,
  489. IN PCTSTR ValueName,
  490. OUT PDWORD Value
  491. )
  492. {
  493. LONG status;
  494. BOOL result = FALSE;
  495. DWORD type;
  496. DWORD valueSize = sizeof (DWORD);
  497. if (ShLoadFileData (FileData, FD_PREVOSDATA)) {
  498. status = RegQueryValueEx (FileData->PrevOsKey, ValueName, NULL, &type, (PBYTE)Value, &valueSize);
  499. if ((status == ERROR_SUCCESS) &&
  500. (type == REG_DWORD)
  501. ) {
  502. result = TRUE;
  503. }
  504. }
  505. return result;
  506. }
  507. BOOL
  508. ShCheckPrevOsMajorVersion (
  509. IN PFILE_DATA FileData,
  510. IN DWORD DataSize,
  511. IN PBYTE Data
  512. )
  513. {
  514. BOOL result = FALSE;
  515. DWORD value = 0;
  516. if (pShLoadPrevOsData (FileData, S_VAL_MAJORVERSION, &value)) {
  517. result = (value == *(UNALIGNED DWORD*)(Data));
  518. }
  519. return result;
  520. }
  521. BOOL
  522. ShCheckPrevOsMinorVersion (
  523. IN PFILE_DATA FileData,
  524. IN DWORD DataSize,
  525. IN PBYTE Data
  526. )
  527. {
  528. BOOL result = FALSE;
  529. DWORD value = 0;
  530. if (pShLoadPrevOsData (FileData, S_VAL_MINORVERSION, &value)) {
  531. result = (value == *(UNALIGNED DWORD*)(Data));
  532. }
  533. return result;
  534. }
  535. BOOL
  536. ShCheckPrevOsPlatformId (
  537. IN PFILE_DATA FileData,
  538. IN DWORD DataSize,
  539. IN PBYTE Data
  540. )
  541. {
  542. BOOL result = FALSE;
  543. DWORD value = 0;
  544. if (pShLoadPrevOsData (FileData, S_VAL_PLATFORMID, &value)) {
  545. result = (value == *(UNALIGNED DWORD*)(Data));
  546. }
  547. return result;
  548. }
  549. BOOL
  550. ShCheckPrevOsBuildNo (
  551. IN PFILE_DATA FileData,
  552. IN DWORD DataSize,
  553. IN PBYTE Data
  554. )
  555. {
  556. BOOL result = FALSE;
  557. DWORD value = 0;
  558. if (pShLoadPrevOsData (FileData, S_VAL_BUILDNO, &value)) {
  559. result = (value == *(UNALIGNED DWORD*)(Data));
  560. }
  561. return result;
  562. }
  563. BOOL
  564. DoesPathExist (
  565. IN PCTSTR Path
  566. )
  567. {
  568. BOOL result = FALSE;
  569. DWORD errMode;
  570. if (Path)
  571. {
  572. errMode = SetErrorMode (SEM_FAILCRITICALERRORS);
  573. result = (GetFileAttributes (Path) != 0xFFFFFFFF);
  574. SetErrorMode(errMode);
  575. }
  576. return result;
  577. }
  578. BOOL
  579. pShCheckBlob (
  580. IN PCTSTR FileName,
  581. IN PBYTE Blob,
  582. IN BOOL QuickMode
  583. )
  584. {
  585. FILE_DATA fileData;
  586. PVERSION_DATA p;
  587. DWORD dataId;
  588. DWORD dataSize;
  589. BOOL result = TRUE;
  590. PTSTR reqFile = NULL;
  591. PTSTR oldReqFile = NULL;
  592. PCTSTR filePtr = NULL;
  593. UINT prefixPathChars;
  594. ZeroMemory (&fileData, sizeof (FILE_DATA));
  595. fileData.FileName = FileName;
  596. if (!DoesPathExist (fileData.FileName)) {
  597. return FALSE;
  598. }
  599. filePtr = ShGetFileNameFromPath (FileName);
  600. if (!filePtr) {
  601. return FALSE;
  602. }
  603. prefixPathChars = (UINT)(filePtr - FileName);
  604. __try {
  605. dataId = *((UNALIGNED DWORD*) Blob);
  606. while (dataId) {
  607. if (dataId == VTID_REQFILE) {
  608. Blob += sizeof (DWORD);
  609. dataSize = *((UNALIGNED DWORD*) Blob);
  610. if (!dataSize) {
  611. // should never happen
  612. dataSize = 1;
  613. }
  614. Blob += sizeof (DWORD);
  615. // if this is the first additional file, reqFile is NULL
  616. oldReqFile = reqFile;
  617. // dataSize includes terminating nul character
  618. reqFile = HeapAlloc (GetProcessHeap (), 0, prefixPathChars * sizeof (TCHAR) + dataSize);
  619. if (!reqFile) {
  620. result = FALSE;
  621. __leave;
  622. }
  623. lstrcpyn (reqFile, fileData.FileName, prefixPathChars + 1);
  624. // if this is the first additional file, oldReqFile is NULL
  625. if (oldReqFile) {
  626. HeapFree (GetProcessHeap (), 0, oldReqFile);
  627. }
  628. {
  629. #ifndef UNICODE
  630. PSTR convStr = NULL;
  631. INT converted = 0;
  632. #endif
  633. LPCWSTR localData;
  634. WSTR_ALIGNED_STACK_COPY(&localData,(UNALIGNED TCHAR*)Blob);
  635. #ifndef UNICODE
  636. convStr = HeapAlloc (GetProcessHeap (), 0, dataSize);
  637. if (convStr)
  638. {
  639. converted = WideCharToMultiByte (
  640. CP_ACP,
  641. 0,
  642. localData,
  643. -1,
  644. convStr,
  645. dataSize,
  646. NULL,
  647. NULL
  648. );
  649. }
  650. if (!converted)
  651. {
  652. if (convStr)
  653. HeapFree (GetProcessHeap (), 0, convStr);
  654. result = FALSE;
  655. __leave;
  656. }
  657. lstrcpyn (reqFile + prefixPathChars, convStr, dataSize / sizeof (TCHAR));
  658. HeapFree (GetProcessHeap (), 0, convStr);
  659. #else
  660. lstrcpyn (reqFile + prefixPathChars, localData, dataSize / sizeof (TCHAR));
  661. #endif
  662. }
  663. reqFile [prefixPathChars + (dataSize / sizeof (TCHAR)) - 1] = 0;
  664. ShFreeFileData (&fileData);
  665. fileData.FileName = reqFile;
  666. if (!DoesPathExist (fileData.FileName)) {
  667. result = FALSE;
  668. __leave;
  669. }
  670. Blob += dataSize;
  671. } else {
  672. if (dataId >= VTID_LASTID) {
  673. result = FALSE;
  674. __leave;
  675. }
  676. p = g_VersionData + (dataId - VTID_REQFILE - 1);
  677. if (p->VersionId != dataId) {
  678. result = FALSE;
  679. __leave;
  680. }
  681. Blob += sizeof (DWORD);
  682. dataSize = *((UNALIGNED DWORD*) Blob);
  683. Blob += sizeof (DWORD);
  684. if (!QuickMode) {
  685. if (!p->VersionCheck (&fileData, dataSize, Blob)) {
  686. result = FALSE;
  687. __leave;
  688. }
  689. }
  690. Blob += dataSize;
  691. }
  692. dataId = *((UNALIGNED DWORD*) Blob);
  693. }
  694. }
  695. __finally {
  696. if (reqFile) {
  697. HeapFree (GetProcessHeap (), 0, reqFile);
  698. }
  699. ShFreeFileData (&fileData);
  700. }
  701. return result;
  702. }
  703. BOOL
  704. SHIsBadApp (
  705. IN PBADAPP_DATA Data,
  706. OUT PBADAPP_PROP Prop
  707. )
  708. {
  709. BOOL result = FALSE;
  710. PBADAPP_PROP appProp;
  711. __try {
  712. if (Data->Size != sizeof (BADAPP_DATA)) {
  713. return FALSE;
  714. }
  715. if (Prop->Size != sizeof (BADAPP_PROP)) {
  716. return FALSE;
  717. }
  718. if (*(PDWORD)(Data->Blob) != sizeof (BADAPP_PROP)) {
  719. return FALSE;
  720. }
  721. if (pShCheckBlob (Data->FilePath, Data->Blob + sizeof (BADAPP_PROP), TRUE)) {
  722. result = pShCheckBlob (Data->FilePath, Data->Blob + sizeof (BADAPP_PROP), FALSE);
  723. }
  724. if (result) {
  725. appProp = (PBADAPP_PROP) Data->Blob;
  726. Prop->MsgId = appProp->MsgId;
  727. Prop->AppType = appProp->AppType;
  728. }
  729. }
  730. __except (1) {
  731. result = FALSE;
  732. }
  733. return result;
  734. }