VOID PhpInitializeFindObjMenu(
_In_ PPH_EMENU Menu,
_In_ PPHP_OBJECT_SEARCH_RESULT *Results,
_In_ ULONG NumberOfResults
)
{
BOOLEAN allCanBeClosed = TRUE;
ULONG i;
if (NumberOfResults == 1)
{
PH_HANDLE_ITEM_INFO info;
info.ProcessId = Results[0]->ProcessId;
info.Handle = Results[0]->Handle;
info.TypeName = Results[0]->TypeName;
info.BestObjectName = Results[0]->Name;
PhInsertHandleObjectPropertiesEMenuItems(Menu, ID_OBJECT_PROPERTIES, FALSE, &info);
}
else
{
PhSetFlagsAllEMenuItems(Menu, PH_EMENU_DISABLED, PH_EMENU_DISABLED);
PhEnableEMenuItem(Menu, ID_OBJECT_COPY, TRUE);
}
for (i = 0; i < NumberOfResults; i++)
{
if (Results[i]->ResultType != HandleSearchResult)
{
allCanBeClosed = FALSE;
break;
}
}
PhEnableEMenuItem(Menu, ID_OBJECT_CLOSE, allCanBeClosed);
}
VOID PhpInitializeMemoryMenu(
_In_ PPH_EMENU Menu,
_In_ HANDLE ProcessId,
_In_ PPH_MEMORY_NODE *MemoryNodes,
_In_ ULONG NumberOfMemoryNodes
)
{
if (NumberOfMemoryNodes == 0)
{
PhSetFlagsAllEMenuItems(Menu, PH_EMENU_DISABLED, PH_EMENU_DISABLED);
}
else if (NumberOfMemoryNodes == 1 && !MemoryNodes[0]->IsAllocationBase)
{
if (MemoryNodes[0]->MemoryItem->State & MEM_FREE)
{
PhEnableEMenuItem(Menu, ID_MEMORY_CHANGEPROTECTION, FALSE);
PhEnableEMenuItem(Menu, ID_MEMORY_FREE, FALSE);
PhEnableEMenuItem(Menu, ID_MEMORY_DECOMMIT, FALSE);
}
else if (MemoryNodes[0]->MemoryItem->Type & (MEM_MAPPED | MEM_IMAGE))
{
PhEnableEMenuItem(Menu, ID_MEMORY_DECOMMIT, FALSE);
}
}
else
{
ULONG i;
ULONG numberOfAllocationBase = 0;
PhSetFlagsAllEMenuItems(Menu, PH_EMENU_DISABLED, PH_EMENU_DISABLED);
PhEnableEMenuItem(Menu, ID_MEMORY_COPY, TRUE);
for (i = 0; i < NumberOfMemoryNodes; i++)
{
if (MemoryNodes[i]->IsAllocationBase)
numberOfAllocationBase++;
}
if (numberOfAllocationBase == 0 || numberOfAllocationBase == NumberOfMemoryNodes)
PhEnableEMenuItem(Menu, ID_MEMORY_SAVE, TRUE);
}
PhEnableEMenuItem(Menu, ID_MEMORY_READWRITEADDRESS, TRUE);
}
VOID PhpInitializeThreadMenu(
_In_ PPH_EMENU Menu,
_In_ HANDLE ProcessId,
_In_ PPH_THREAD_ITEM *Threads,
_In_ ULONG NumberOfThreads
)
{
PPH_EMENU_ITEM item;
if (NumberOfThreads == 0)
{
PhSetFlagsAllEMenuItems(Menu, PH_EMENU_DISABLED, PH_EMENU_DISABLED);
}
else if (NumberOfThreads == 1)
{
// All menu items are enabled by default.
}
else
{
ULONG menuItemsMultiEnabled[] =
{
ID_THREAD_TERMINATE,
ID_THREAD_SUSPEND,
ID_THREAD_RESUME,
ID_THREAD_COPY
};
ULONG i;
PhSetFlagsAllEMenuItems(Menu, PH_EMENU_DISABLED, PH_EMENU_DISABLED);
// These menu items are capable of manipulating
// multiple threads.
for (i = 0; i < sizeof(menuItemsMultiEnabled) / sizeof(ULONG); i++)
{
PhEnableEMenuItem(Menu, menuItemsMultiEnabled[i], TRUE);
}
}
// Remove irrelevant menu items.
if (WindowsVersion < WINDOWS_VISTA)
{
// Remove I/O priority.
if (item = PhFindEMenuItem(Menu, 0, L"I/O Priority", 0))
PhDestroyEMenuItem(item);
// Remove page priority.
if (item = PhFindEMenuItem(Menu, 0, L"Page Priority", 0))
PhDestroyEMenuItem(item);
}
PhEnableEMenuItem(Menu, ID_THREAD_TOKEN, FALSE);
// Priority
if (NumberOfThreads == 1)
{
HANDLE threadHandle;
ULONG threadPriority = THREAD_PRIORITY_ERROR_RETURN;
IO_PRIORITY_HINT ioPriority = -1;
ULONG pagePriority = -1;
ULONG id = 0;
if (NT_SUCCESS(PhOpenThread(
&threadHandle,
ThreadQueryAccess,
Threads[0]->ThreadId
)))
{
THREAD_BASIC_INFORMATION basicInfo;
if (NT_SUCCESS(PhGetThreadBasicInformation(threadHandle, &basicInfo)))
{
threadPriority = basicInfo.BasePriority;
}
if (WindowsVersion >= WINDOWS_VISTA)
{
PhGetThreadIoPriority(threadHandle, &ioPriority);
PhGetThreadPagePriority(threadHandle, &pagePriority);
}
// Token
{
HANDLE tokenHandle;
if (NT_SUCCESS(NtOpenThreadToken(
threadHandle,
TOKEN_QUERY,
TRUE,
&tokenHandle
)))
{
PhEnableEMenuItem(Menu, ID_THREAD_TOKEN, TRUE);
NtClose(tokenHandle);
}
}
NtClose(threadHandle);
}
switch (threadPriority)
{
case THREAD_PRIORITY_TIME_CRITICAL + 1:
case THREAD_PRIORITY_TIME_CRITICAL:
id = ID_PRIORITY_TIMECRITICAL;
break;
case THREAD_PRIORITY_HIGHEST:
id = ID_PRIORITY_HIGHEST;
break;
case THREAD_PRIORITY_ABOVE_NORMAL:
id = ID_PRIORITY_ABOVENORMAL;
break;
case THREAD_PRIORITY_NORMAL:
id = ID_PRIORITY_NORMAL;
break;
case THREAD_PRIORITY_BELOW_NORMAL:
id = ID_PRIORITY_BELOWNORMAL;
break;
case THREAD_PRIORITY_LOWEST:
id = ID_PRIORITY_LOWEST;
break;
case THREAD_PRIORITY_IDLE:
case THREAD_PRIORITY_IDLE - 1:
id = ID_PRIORITY_IDLE;
break;
}
if (id != 0)
{
PhSetFlagsEMenuItem(Menu, id,
PH_EMENU_CHECKED | PH_EMENU_RADIOCHECK,
PH_EMENU_CHECKED | PH_EMENU_RADIOCHECK);
}
if (ioPriority != -1)
{
id = 0;
switch (ioPriority)
{
case IoPriorityVeryLow:
id = ID_IOPRIORITY_VERYLOW;
break;
case IoPriorityLow:
id = ID_IOPRIORITY_LOW;
break;
case IoPriorityNormal:
id = ID_IOPRIORITY_NORMAL;
break;
case IoPriorityHigh:
id = ID_IOPRIORITY_HIGH;
break;
}
if (id != 0)
{
PhSetFlagsEMenuItem(Menu, id,
PH_EMENU_CHECKED | PH_EMENU_RADIOCHECK,
PH_EMENU_CHECKED | PH_EMENU_RADIOCHECK);
}
}
if (pagePriority != -1)
{
id = 0;
switch (pagePriority)
{
case MEMORY_PRIORITY_VERY_LOW:
id = ID_PAGEPRIORITY_VERYLOW;
break;
case MEMORY_PRIORITY_LOW:
id = ID_PAGEPRIORITY_LOW;
break;
case MEMORY_PRIORITY_MEDIUM:
id = ID_PAGEPRIORITY_MEDIUM;
break;
case MEMORY_PRIORITY_BELOW_NORMAL:
id = ID_PAGEPRIORITY_BELOWNORMAL;
break;
case MEMORY_PRIORITY_NORMAL:
id = ID_PAGEPRIORITY_NORMAL;
break;
}
if (id != 0)
{
PhSetFlagsEMenuItem(Menu, id,
PH_EMENU_CHECKED | PH_EMENU_RADIOCHECK,
PH_EMENU_CHECKED | PH_EMENU_RADIOCHECK);
}
}
}
}
