archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
3.8 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/windows/appcompat/shims/layer/emulatemissingexe.cpp

987 lines
24 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 2000 Microsoft Corporation
  5. Module Name:
  7. EmulateMissingEXE.cpp
  9. Abstract:
  11. Win9x had scandskw.exe and defrag.exe in %windir%, NT does not.
  12. Whistler has a hack in the shell32 for scandisk for app compatability
  13. purposes. Whistler can also invoke defrag via
  14. "%windir%\system32\mmc.exe %windir%\system32\dfrg.msc".
  16. This shim redirects CreateProcess and Winexec to execute these two
  17. substitutes, as well as FindFile to indicate their presence.
  19. Notes:
  21. This is a general purpose shim.
  23. History:
  25. 01/02/2001 prashkud Created
  26. 02/18/2001 prashkud Merged HandleStartKeyword SHIM with this.
  27. 02/21/2001 prashkud Replaced most strings with CString class.
  29. --*/
  31. #include "precomp.h"
  33. IMPLEMENT_SHIM_BEGIN(EmulateMissingEXE)
  34. #include "ShimHookMacro.h"
  36. APIHOOK_ENUM_BEGIN
  37. APIHOOK_ENUM_ENTRY(CreateProcessA)
  38. APIHOOK_ENUM_ENTRY(CreateProcessW)
  39. APIHOOK_ENUM_ENTRY(WinExec)
  40. APIHOOK_ENUM_ENTRY(FindFirstFileA)
  41. APIHOOK_ENUM_ENTRY(FindFirstFileW)
  42. APIHOOK_ENUM_ENTRY_COMSERVER(SHELL32)
  43. APIHOOK_ENUM_END
  45. IMPLEMENT_COMSERVER_HOOK(SHELL32)
  47. // Type for the functions that builds the New EXES
  48. typedef BOOL (*_pfn_STUBFUNC)(CString&, CString&, BOOL);
  50. // Main Data structure to hold the New strings
  51. struct REPLACEENTRY {
  52. WCHAR *OrigExeName; // original EXE to be replaced
  53. _pfn_STUBFUNC pfnFuncName; // function to call to correct the name
  54. };
  56. CRITICAL_SECTION g_CritSec;
  57. WCHAR g_szSysDir[MAX_PATH]; // system directory for stubs to use
  59. BOOL StubScandisk(CString&, CString&, BOOL);
  60. BOOL StubDefrag(CString&, CString&, BOOL);
  61. BOOL StubStart(CString&, CString&, BOOL);
  62. BOOL StubControl(CString&, CString&, BOOL);
  63. BOOL StubDxDiag(CString&, CString&, BOOL);
  64. BOOL StubWinhlp(CString&, CString&, BOOL);
  65. BOOL StubRundll(CString&, CString&, BOOL);
  66. BOOL StubPbrush(CString&, CString&, BOOL);
  68. // Add variations of these missing Exes like in HandleStartKeyword
  69. // Start has been put at the top of the list as there seem to be more apps
  70. // that need the SHIM for this EXE than others. In fact there was a
  71. // seperate SHIM HandleStartKeyword that was merged with this.
  72. REPLACEENTRY g_ReplList[] = {
  73. {L"start", StubStart },
  74. {L"start.exe", StubStart },
  75. {L"scandskw", StubScandisk },
  76. {L"scandskw.exe", StubScandisk },
  77. {L"defrag", StubDefrag },
  78. {L"defrag.exe", StubDefrag },
  79. {L"control", StubControl },
  80. {L"control.exe", StubControl },
  81. {L"dxdiag", StubDxDiag },
  82. {L"dxdiag.exe", StubDxDiag },
  83. {L"winhelp", StubWinhlp },
  84. {L"winhelp.exe", StubWinhlp },
  85. {L"rundll", StubRundll },
  86. {L"rundll.exe", StubRundll },
  87. {L"Pbrush", StubPbrush },
  88. {L"Pbrush.exe", StubPbrush },
  89. // Always the last one
  90. {L"", NULL }
  91. };
  93. // Added to merge HandleStartKeyword
  94. // Link list of shell link object this pointers.
  95. struct THISPOINTER
  96. {
  97. THISPOINTER *next;
  98. LPCVOID pThisPointer;
  99. };
  101. THISPOINTER *g_pThisPointerList;
  103. /*++
  105. Function Description:
  107. Add a this pointer to the linked list of pointers. Does not add if the
  108. pointer is NULL or a duplicate.
  110. Arguments:
  112. IN pThisPointer - the pointer to add.
  114. Return Value:
  116. None
  118. History:
  120. 12/14/2000 maonis Created
  122. --*/
  124. VOID
  125. AddThisPointer(
  126. IN LPCVOID pThisPointer
  127. )
  128. {
  129. EnterCriticalSection(&g_CritSec);
  131. if (pThisPointer)
  132. {
  133. THISPOINTER *pPointer = g_pThisPointerList;
  134. while (pPointer)
  135. {
  136. if (pPointer->pThisPointer == pThisPointer)
  137. {
  138. return;
  139. }
  140. pPointer = pPointer->next;
  141. }
  143. pPointer = (THISPOINTER *) malloc(sizeof THISPOINTER);
  145. if (pPointer)
  146. {
  147. pPointer->pThisPointer = pThisPointer;
  148. pPointer->next = g_pThisPointerList;
  149. g_pThisPointerList = pPointer;
  150. }
  151. }
  153. LeaveCriticalSection(&g_CritSec);
  154. }
  156. /*++
  158. Function Description:
  160. Remove a this pointer if it can be found in the linked list of pointers.
  162. Arguments:
  164. IN pThisPointer - the pointer to remove.
  166. Return Value:
  168. TRUE if the pointer is found.
  169. FALSE if the pointer is not found.
  171. History:
  173. 12/14/2000 maonis Created
  175. --*/
  177. BOOL
  178. RemoveThisPointer(
  179. IN LPCVOID pThisPointer
  180. )
  181. {
  182. THISPOINTER *pPointer = g_pThisPointerList;
  183. THISPOINTER *last = NULL;
  184. BOOL lRet = FALSE;
  186. EnterCriticalSection(&g_CritSec);
  188. while (pPointer)
  189. {
  190. if (pPointer->pThisPointer == pThisPointer)
  191. {
  192. if (last)
  193. {
  194. last->next = pPointer->next;
  195. }
  196. else
  197. {
  198. g_pThisPointerList = pPointer->next;
  199. }
  201. free(pPointer);
  202. lRet = TRUE;
  203. break;
  204. }
  206. last = pPointer;
  207. pPointer = pPointer->next;
  208. }
  210. LeaveCriticalSection(&g_CritSec);
  211. return lRet;
  212. }
  215. /*++
  217. We are here because the application name: scandskw.exe, matches the one in the
  218. static array. Fill the News for scandskw.exe as:
  220. rundll32.exe shell32.dll,AppCompat_RunDLL SCANDSKW
  222. --*/
  224. BOOL
  225. StubScandisk(
  226. CString& csNewApplicationName,
  227. CString& csNewCommandLine,
  228. BOOL bExists
  229. )
  230. {
  231. csNewApplicationName = g_szSysDir;
  232. csNewApplicationName += L"\\rundll32.exe";
  233. csNewCommandLine = L"shell32.dll,AppCompat_RunDLL SCANDSKW";
  235. return TRUE;
  237. }
  239. /*++
  241. We are here because the application name: defrag.exe, matches the one in the
  242. static array. Fill the News for .exe as:
  244. %windir%\\system32\\mmc.exe %windir%\\system32\\dfrg.msc
  246. --*/
  248. BOOL
  249. StubDefrag(
  250. CString& csNewApplicationName,
  251. CString& csNewCommandLine,
  252. BOOL bExists
  253. )
  254. {
  255. csNewApplicationName = g_szSysDir;
  256. csNewApplicationName += L"\\mmc.exe";
  258. csNewCommandLine = g_szSysDir;
  259. csNewCommandLine += L"\\dfrg.msc";
  260. return TRUE;
  261. }
  263. /*++
  265. We are here because the application name: start.exe, matches the one in the
  266. static array. Fill the News for .exe as:
  268. %windir%\\system32\\cmd.exe" "/c start"
  270. Many applications have a "start.exe" in their current working directories
  271. which needs to take precendence over any New we make.
  273. --*/
  275. BOOL
  276. StubStart(
  277. CString& csNewApplicationName,
  278. CString& csNewCommandLine,
  279. BOOL bExists
  280. )
  281. {
  282. //
  283. // First check the current working directory for start.exe
  284. //
  286. if (bExists) {
  287. return FALSE;
  288. }
  290. //
  291. // There is no start.exe in the current working directory
  292. //
  293. csNewApplicationName = g_szSysDir;
  294. csNewApplicationName += L"\\cmd.exe";
  295. csNewCommandLine = L"/d /c start \"\"";
  297. return TRUE;
  298. }
  300. /*++
  302. We are here because the application name: control.exe, matches the one in the
  303. static array. Fill the News for .exe as:
  305. %windir%\\system32\\control.exe
  307. --*/
  309. BOOL
  310. StubControl(
  311. CString& csNewApplicationName,
  312. CString& csNewCommandLine,
  313. BOOL bExists
  314. )
  315. {
  316. csNewApplicationName = g_szSysDir;
  317. csNewApplicationName += L"\\control.exe";
  318. csNewCommandLine = L"";
  320. return TRUE;
  322. }
  324. /*++
  326. We are here because the application name: dxdiag.exe, matches the one in the
  327. static array. Fill the News for .exe as:
  329. %windir%\system32\dxdiag.exe
  331. --*/
  333. BOOL
  334. StubDxDiag(
  335. CString& csNewApplicationName,
  336. CString& csNewCommandLine,
  337. BOOL bExists
  338. )
  339. {
  340. csNewApplicationName = g_szSysDir;
  341. csNewApplicationName += L"\\dxdiag.exe";
  342. csNewCommandLine = L"";
  344. return TRUE;
  345. }
  347. /*++
  349. We are here because the application name: Winhlp.exe, matches the one in the
  350. static array. Fill the News for .exe as:
  352. %windir%\system32\winhlp32.exe
  354. --*/
  356. BOOL
  357. StubWinhlp(
  358. CString& csNewApplicationName,
  359. CString& csNewCommandLine,
  360. BOOL bExists
  361. )
  362. {
  363. csNewApplicationName = g_szSysDir;
  364. csNewApplicationName += L"\\winhlp32.exe";
  365. // Winhlp32.exe needs the app name to be in the commandline.
  366. csNewCommandLine = csNewApplicationName;
  368. return TRUE;
  369. }
  371. /*++
  373. We are here because the application name: rundll.exe matches the one in the
  374. static array. Fill the News for .exe as:
  376. %windir%\system32\rundll32.exe
  378. --*/
  380. BOOL
  381. StubRundll(
  382. CString& csNewApplicationName,
  383. CString& csNewCommandLine,
  384. BOOL bExists
  385. )
  386. {
  387. csNewApplicationName = g_szSysDir;
  388. csNewApplicationName += L"\\rundll32.exe";
  389. csNewCommandLine = L"";
  391. return TRUE;
  392. }
  394. /*++
  396. We are here because the application name: Pbrush.exe matches the one in the
  397. static array. Fill the New for .exe as:
  399. %windir%\system32\mspaint.exe
  401. --*/
  403. BOOL
  404. StubPbrush(
  405. CString& csNewApplicationName,
  406. CString& csNewCommandLine,
  407. BOOL bExists
  408. )
  409. {
  410. csNewApplicationName = g_szSysDir;
  411. csNewApplicationName += L"\\mspaint.exe";
  412. csNewCommandLine = L"";
  414. return TRUE;
  415. }
  417. /*++
  419. GetTitle takes the app path and returns just the EXE name.
  421. --*/
  423. VOID
  424. GetTitle(CString& csAppName,CString& csAppTitle)
  425. {
  426. csAppTitle = csAppName;
  427. int len = csAppName.ReverseFind(L'\\');
  428. if (len)
  429. {
  430. csAppTitle.Delete(0, len+1);
  431. }
  432. }
  434. /*++
  436. This is the main function where the New logic happens. This function
  437. goes through the static array and fills the suitable New appname and
  438. the commandline.
  440. --*/
  442. BOOL
  443. Redirect(
  444. const CString& csApplicationName,
  445. const CString& csCommandLine,
  446. CString& csNewApplicationName,
  447. CString& csNewCommandLine,
  448. BOOL bJustCheckExePresence
  449. )
  450. {
  451. BOOL bRet = FALSE;
  452. CSTRING_TRY
  453. {
  455. CString csOrigAppName;
  456. CString csOrigCommandLine;
  457. BOOL bExists = FALSE;
  459. AppAndCommandLine AppObj(csApplicationName, csCommandLine);
  460. csOrigAppName = AppObj.GetApplicationName();
  461. csOrigCommandLine = AppObj.GetCommandlineNoAppName();
  463. if (csOrigAppName.IsEmpty())
  464. {
  465. goto Exit;
  466. }
  468. //
  469. // Loop through the list of redirectors
  470. //
  472. REPLACEENTRY *rEntry = &g_ReplList[0];
  473. CString csAppTitle;
  474. GetTitle(csOrigAppName, csAppTitle);
  476. while (rEntry && rEntry->OrigExeName[0])
  477. {
  478. if (_wcsicmp(rEntry->OrigExeName, csAppTitle) == 0)
  479. {
  480. //
  481. // This final parameter has been added for the merger
  482. // of HandleStartKeyword Shim. If this is TRUE, we don't
  483. // go any further but just return.
  484. //
  485. if (bJustCheckExePresence)
  486. {
  487. bRet = TRUE;
  488. goto Exit;
  489. }
  491. //
  492. // Check if the current working directory contains the exe in question
  493. //
  494. WCHAR szCurrentDirectory[MAX_PATH];
  495. if (szCurrentDirectory &&
  496. GetCurrentDirectoryW(MAX_PATH, szCurrentDirectory))
  497. {
  498. CString csFullAppName(szCurrentDirectory);
  499. csFullAppName += L"\\";
  500. csFullAppName += csAppTitle;
  502. // Check if the file exists and is not a directory
  503. DWORD dwAttr = GetFileAttributesW(csFullAppName);
  504. if ((dwAttr != 0xFFFFFFFF) &&
  505. !(dwAttr & FILE_ATTRIBUTE_DIRECTORY))
  506. {
  507. DPFN( eDbgLevelInfo,
  508. "[Redirect] %s found in current working directory");
  509. bExists = TRUE;
  510. }
  511. }
  513. //
  514. // We have a match, so call the corresponding function
  515. //
  517. if (bRet = (*(rEntry->pfnFuncName))(csNewApplicationName,
  518. csNewCommandLine, bExists))
  519. {
  520. //
  521. // Append the original command line
  522. //
  523. csNewCommandLine += L" ";
  524. csNewCommandLine += csOrigCommandLine;
  525. }
  527. // We matched an EXE, so we're done
  528. break;
  529. }
  531. rEntry++;
  532. }
  534. if (bRet)
  535. {
  536. DPFN( eDbgLevelWarning, "Redirected:");
  537. DPFN( eDbgLevelWarning, "\tFrom: %S %S", csApplicationName, csCommandLine);
  538. DPFN( eDbgLevelWarning, "\tTo: %S %S", csNewApplicationName, csNewCommandLine);
  539. }
  540. }
  541. CSTRING_CATCH
  542. {
  543. DPFN( eDbgLevelError, "Not Redirecting: Exception encountered");
  544. bRet = FALSE;
  545. }
  547. Exit:
  548. return bRet;
  549. }
  551. /*++
  553. Hooks the CreateProcessA function to see if any News need to be
  554. substituted.
  556. --*/
  558. BOOL
  559. APIHOOK(CreateProcessA)(
  560. LPCSTR lpApplicationName,
  561. LPSTR lpCommandLine,
  562. LPSECURITY_ATTRIBUTES lpProcessAttributes,
  563. LPSECURITY_ATTRIBUTES lpThreadAttributes,
  564. BOOL bInheritHandles,
  565. DWORD dwCreationFlags,
  566. LPVOID lpEnvironment,
  567. LPCSTR lpCurrentDirectory,
  568. LPSTARTUPINFOA lpStartupInfo,
  569. LPPROCESS_INFORMATION lpProcessInformation
  570. )
  571. {
  572. if ((NULL == lpApplicationName) &&
  573. (NULL == lpCommandLine))
  574. {
  575. // If both are NULL, return FALSE.
  576. SetLastError(ERROR_INVALID_PARAMETER);
  577. return FALSE;
  578. }
  580. CSTRING_TRY
  581. {
  582. CString csNewApplicationName;
  583. CString csNewCommandLine;
  584. CString csPassedAppName(lpApplicationName);
  585. CString csPassedCommandLine(lpCommandLine);
  587. if ((csPassedAppName.IsEmpty()) &&
  588. (csPassedCommandLine.IsEmpty()))
  589. {
  590. goto exit;
  591. }
  593. //
  594. // Run the list of New stubs: call to the main New routine
  595. //
  596. if (Redirect(csPassedAppName, csPassedCommandLine, csNewApplicationName,
  597. csNewCommandLine, FALSE))
  598. {
  599. LOGN(
  600. eDbgLevelWarning,
  601. "[CreateProcessA] \" %s %s \": changed to \" %s %s \"",
  602. lpApplicationName, lpCommandLine,
  603. csNewApplicationName.GetAnsi(), csNewCommandLine.GetAnsi());
  604. }
  605. else
  606. {
  607. csNewApplicationName = lpApplicationName;
  608. csNewCommandLine = lpCommandLine;
  609. }
  612. // Convert back to ANSI using the GetAnsi() method exposed by the CString class.
  613. return ORIGINAL_API(CreateProcessA)(
  614. csNewApplicationName.IsEmpty() ? NULL : csNewApplicationName.GetAnsi(),
  615. csNewCommandLine.IsEmpty() ? NULL : csNewCommandLine.GetAnsi(),
  616. lpProcessAttributes, lpThreadAttributes, bInheritHandles,
  617. dwCreationFlags, lpEnvironment, lpCurrentDirectory, lpStartupInfo,
  618. lpProcessInformation);
  620. }
  621. CSTRING_CATCH
  622. {
  623. DPFN( eDbgLevelError, "[CreateProcessA]:Original API called.Exception occured!");
  625. }
  627. exit:
  628. return ORIGINAL_API(CreateProcessA)(lpApplicationName, lpCommandLine,
  629. lpProcessAttributes, lpThreadAttributes, bInheritHandles,
  630. dwCreationFlags, lpEnvironment, lpCurrentDirectory, lpStartupInfo,
  631. lpProcessInformation);
  632. }
  634. /*++
  636. Hooks the CreateProcessW function to see if any News need to be
  637. substituted.
  639. --*/
  641. BOOL
  642. APIHOOK(CreateProcessW)(
  643. LPCWSTR lpApplicationName,
  644. LPWSTR lpCommandLine,
  645. LPSECURITY_ATTRIBUTES lpProcessAttributes,
  646. LPSECURITY_ATTRIBUTES lpThreadAttributes,
  647. BOOL bInheritHandles,
  648. DWORD dwCreationFlags,
  649. LPVOID lpEnvironment,
  650. LPCWSTR lpCurrentDirectory,
  651. LPSTARTUPINFOW lpStartupInfo,
  652. LPPROCESS_INFORMATION lpProcessInformation
  653. )
  654. {
  655. if ((NULL == lpApplicationName) &&
  656. (NULL == lpCommandLine))
  657. {
  658. // If both are NULL, return FALSE.
  659. SetLastError(ERROR_INVALID_PARAMETER);
  660. return FALSE;
  661. }
  663. CSTRING_TRY
  664. {
  665. CString csNewApplicationName;
  666. CString csNewCommandLine;
  667. CString csApplicationName(lpApplicationName);
  668. CString csCommandLine(lpCommandLine);
  670. if ((csApplicationName.IsEmpty()) &&
  671. (csCommandLine.IsEmpty()))
  672. {
  673. goto exit;
  674. }
  676. //
  677. // Run the list of New stubs
  678. //
  680. if (Redirect(csApplicationName, csCommandLine, csNewApplicationName,
  681. csNewCommandLine, FALSE))
  682. {
  683. LOGN(
  684. eDbgLevelWarning,
  685. "[CreateProcessW] \" %S %S \": changed to \" %S %S \"",
  686. lpApplicationName, lpCommandLine, csNewApplicationName, csNewCommandLine);
  687. }
  688. else
  689. {
  690. csNewApplicationName = lpApplicationName;
  691. csNewCommandLine = lpCommandLine;
  692. }
  695. return ORIGINAL_API(CreateProcessW)(
  696. csNewApplicationName.IsEmpty() ? NULL : csNewApplicationName.Get(),
  697. csNewCommandLine.IsEmpty() ? NULL : (LPWSTR)csNewCommandLine.Get(),
  698. lpProcessAttributes, lpThreadAttributes, bInheritHandles,
  699. dwCreationFlags, lpEnvironment, lpCurrentDirectory, lpStartupInfo,
  700. lpProcessInformation);
  701. }
  702. CSTRING_CATCH
  703. {
  704. DPFN( eDbgLevelError, "[CreateProcessW] Original API called. Exception occured!");
  705. }
  707. exit:
  708. return ORIGINAL_API(CreateProcessW)(lpApplicationName, lpCommandLine,
  709. lpProcessAttributes, lpThreadAttributes, bInheritHandles,
  710. dwCreationFlags, lpEnvironment, lpCurrentDirectory, lpStartupInfo,
  711. lpProcessInformation);
  712. }
  714. /*++
  716. Hooks WinExec to redirect if necessary.
  718. --*/
  720. UINT
  721. APIHOOK(WinExec)(
  722. LPCSTR lpCmdLine,
  723. UINT uCmdShow
  724. )
  725. {
  726. if (NULL == lpCmdLine)
  727. {
  728. SetLastError(ERROR_INVALID_PARAMETER);
  729. return ERROR_PATH_NOT_FOUND;
  730. }
  732. CSTRING_TRY
  733. {
  734. CString csNewApplicationName;
  735. CString csNewCommandLine;
  736. CString csAppName;
  737. CString csNewCmdLine;
  738. CString csCommandLine(lpCmdLine);
  740. if (csCommandLine.IsEmpty())
  741. {
  742. goto exit;
  743. }
  744. // Check for redirection
  745. if (Redirect(csAppName, csCommandLine, csNewApplicationName,
  746. csNewCommandLine, FALSE))
  747. {
  748. // Modification for the WinHlp32 strange behaviour
  749. if (csNewCommandLine.Find(csNewApplicationName.Get()) == -1)
  750. {
  751. // If the new Command line does not contain the new application
  752. // name as the substring, we are here.
  753. csNewCmdLine = csNewApplicationName;
  754. csNewCmdLine += L" ";
  755. }
  756. csNewCmdLine += csNewCommandLine;
  758. // Assign to csCommandLine as this can be commonly used
  759. csCommandLine = csNewCmdLine;
  761. LOGN(
  762. eDbgLevelInfo,
  763. "[WinExec] \" %s \": changed to \" %s \"",
  764. lpCmdLine, csCommandLine.GetAnsi());
  765. }
  767. return ORIGINAL_API(WinExec)(csCommandLine.GetAnsi(), uCmdShow);
  769. }
  770. CSTRING_CATCH
  771. {
  772. DPFN( eDbgLevelError, "[WinExec]:Original API called.Exception occured!");
  773. }
  775. exit:
  776. return ORIGINAL_API(WinExec)(lpCmdLine, uCmdShow);
  777. }
  779. /*++
  781. Hooks the FindFirstFileA function to see if any replacements need to be
  782. substituted. This is a requirement for cmd.exe.
  784. --*/
  786. HANDLE
  787. APIHOOK(FindFirstFileA)(
  788. LPCSTR lpFileName,
  789. LPWIN32_FIND_DATAA lpFindFileData
  790. )
  791. {
  792. CSTRING_TRY
  793. {
  794. CString csNewApplicationName;
  795. CString csNewCommandLine;
  796. CString csFileName(lpFileName);
  797. CString csAppName;
  799. // Call the main replacement routine.
  800. if (Redirect(csFileName, csAppName, csNewApplicationName, csNewCommandLine, FALSE))
  801. {
  802. // Assign to csFileName
  803. csFileName = csNewApplicationName;
  804. LOGN(
  805. eDbgLevelInfo,
  806. "[FindFirstFileA] \" %s \": changed to \" %s \"",
  807. lpFileName, csFileName.GetAnsi());
  808. }
  810. return ORIGINAL_API(FindFirstFileA)(csFileName.GetAnsi(), lpFindFileData);
  811. }
  812. CSTRING_CATCH
  813. {
  814. DPFN( eDbgLevelError, "[FindFirstFileA]:Original API called.Exception occured!");
  815. return ORIGINAL_API(FindFirstFileA)(lpFileName, lpFindFileData);
  816. }
  817. }
  819. /*++
  821. Hooks the FindFirstFileW function to see if any replacements need to be
  822. substituted. This is a requirement for cmd.exe.
  824. --*/
  826. HANDLE
  827. APIHOOK(FindFirstFileW)(
  828. LPCWSTR lpFileName,
  829. LPWIN32_FIND_DATAW lpFindFileData
  830. )
  831. {
  832. CSTRING_TRY
  833. {
  834. CString csNewApplicationName(lpFileName);
  835. CString csNewCommandLine;
  836. CString csFileName(lpFileName);
  837. CString csAppName;
  839. // Call the main replacement routine.
  840. if (Redirect(csFileName, csAppName, csNewApplicationName,
  841. csNewCommandLine, FALSE))
  842. {
  843. LOGN(
  844. eDbgLevelInfo,
  845. "[FindFirstFileW] \" %S \": changed to \" %S \"",
  846. lpFileName, (const WCHAR*)csNewApplicationName);
  847. }
  849. return ORIGINAL_API(FindFirstFileW)(csNewApplicationName, lpFindFileData);
  850. }
  851. CSTRING_CATCH
  852. {
  853. DPFN( eDbgLevelError, "[FindFirstFileW]:Original API called.Exception occured!");
  854. return ORIGINAL_API(FindFirstFileW)(lpFileName, lpFindFileData);
  855. }
  856. }
  858. // Added for the merge of HandleStartKeyword
  860. /*++
  862. Hook IShellLinkA::SetPath - check if it's start, if so change it to cmd and add the
  863. this pointer to the list.
  865. --*/
  867. HRESULT STDMETHODCALLTYPE
  868. COMHOOK(IShellLinkA, SetPath)(
  869. PVOID pThis,
  870. LPCSTR pszFile
  871. )
  872. {
  873. _pfn_IShellLinkA_SetPath pfnSetPath = ORIGINAL_COM( IShellLinkA, SetPath, pThis);
  875. CSTRING_TRY
  876. {
  877. CString csExeName;
  878. CString csCmdLine;
  879. CString csNewAppName;
  880. CString csNewCmdLine;
  881. CString cscmdCommandLine(pszFile);
  883. // Assign the ANSI string to the WCHAR CString
  884. csExeName = pszFile;
  885. csExeName.TrimLeft();
  887. // Check to see whether the Filename conatains the "Start" keyword.
  888. // The last parameter to the Rediect function controls this.
  889. if (Redirect(csExeName, csCmdLine, csNewAppName, csNewCmdLine, TRUE))
  890. {
  891. // Found a match. We add the this pointer to the list.
  892. AddThisPointer(pThis);
  893. DPFN( eDbgLevelInfo, "[SetPath] Changing start.exe to cmd.exe\n");
  895. // Prefix of new "start" command line, use full path to CMD.EXE
  896. // Append the WCHAR global system directory path to ANSI CString
  897. cscmdCommandLine = g_szSysDir;
  898. cscmdCommandLine += L"\\cmd.exe";
  899. }
  901. return (*pfnSetPath)(pThis, cscmdCommandLine.GetAnsi());
  902. }
  903. CSTRING_CATCH
  904. {
  905. DPFN( eDbgLevelError, "[SetPath] Original API called. Exception occured!");
  906. return (*pfnSetPath)(pThis, pszFile);
  907. }
  908. }
  910. /*++
  912. Hook IShellLinkA::SetArguments - if the this pointer can be found in the list, remove it
  913. from the list and add "/d /c start" in front of the original argument list.
  915. --*/
  917. HRESULT STDMETHODCALLTYPE
  918. COMHOOK(IShellLinkA, SetArguments)(
  919. PVOID pThis,
  920. LPCSTR pszFile
  921. )
  922. {
  923. _pfn_IShellLinkA_SetArguments pfnSetArguments = ORIGINAL_COM(IShellLinkA, SetArguments, pThis);
  925. CSTRING_TRY
  926. {
  927. CString csNewFile(pszFile);
  928. if (RemoveThisPointer(pThis))
  929. {
  930. csNewFile = "/d /c start \"\" ";
  931. csNewFile += pszFile;
  933. DPFN( eDbgLevelInfo, "[SetArguments] Arg list is now %S", csNewFile);
  934. }
  936. return (*pfnSetArguments)( pThis, csNewFile.GetAnsi());
  937. }
  938. CSTRING_CATCH
  939. {
  940. DPFN( eDbgLevelError, "[SetArguments]:Original API called.Exception occured!");
  941. return (*pfnSetArguments)( pThis, pszFile );
  942. }
  943. }
  945. /*++
  947. Register hooked functions
  949. --*/
  951. BOOL
  952. NOTIFY_FUNCTION(
  953. DWORD fdwReason
  954. )
  955. {
  956. if (fdwReason == DLL_PROCESS_ATTACH)
  957. {
  958. if (!GetSystemDirectory(g_szSysDir, MAX_PATH))
  959. {
  960. DPFN( eDbgLevelError, "[Notify] GetSystemDirectory failed");
  961. return FALSE;
  962. }
  964. InitializeCriticalSection(&g_CritSec);
  965. }
  967. return TRUE;
  968. }
  970. HOOK_BEGIN
  972. CALL_NOTIFY_FUNCTION
  974. APIHOOK_ENTRY(KERNEL32.DLL, CreateProcessA)
  975. APIHOOK_ENTRY(KERNEL32.DLL, CreateProcessW)
  976. APIHOOK_ENTRY(KERNEL32.DLL, WinExec)
  977. APIHOOK_ENTRY(KERNEL32.DLL, FindFirstFileA)
  978. APIHOOK_ENTRY(KERNEL32.DLL, FindFirstFileW)
  979. APIHOOK_ENTRY_COMSERVER(SHELL32)
  980. COMHOOK_ENTRY(ShellLink, IShellLinkA, SetPath, 20)
  981. COMHOOK_ENTRY(ShellLink, IShellLinkA, SetArguments, 11)
  983. HOOK_END
  985. IMPLEMENT_SHIM_END