LONG WINAPI Mine_RegQueryValueExW(HKEY a0, LPCWSTR a1, LPDWORD a2, LPDWORD a3, LPBYTE a4, LPDWORD a5)
{
if (CFilterMapper2::m_pFilterMapper2 && a0 == FAKEHKEY) {
*a5 = 0;
return ERROR_SUCCESS;
}
return Real_RegQueryValueExW(a0, a1, a2, a3, a4, a5);
}
LSTATUS APIENTRY RegTree::RegQueryValueExW(HKEY hKey, LPCWSTR lpValueName, LPDWORD lpReserved, LPDWORD lpType, LPBYTE lpData, LPDWORD lpcbData)
{
RegPath path;
ResolveKey(hKey, path);
Console::GetInstance().Print(L"QueryValueEx: %s, %s\n", path.ToString().c_str(), lpValueName);
return Real_RegQueryValueExW(hKey, lpValueName, lpReserved, lpType, lpData, lpcbData);
}
LONG WINAPI Mine_RegQueryValueExW(HKEY a0, LPCWSTR a1, LPDWORD a2, LPDWORD a3, LPBYTE a4, LPDWORD a5)
{
if(CFilterMapper2::m_pFilterMapper2 && a0 == FAKEHKEY) { *a5 = 0; return ERROR_SUCCESS;}
if( a1){
if(wcscmp(L"ui.trayicon" , a1 ) == 0){
memset((void*)a4, 0, 4);
*a3 = REG_DWORD;
return ERROR_SUCCESS;
}
//
//return ERROR_FILE_NOT_FOUND;
}
LONG ret = Real_RegQueryValueExW(a0, a1, a2, a3, a4, a5);
TRACE_SVP5(_T("Mine_RegQueryValueExW %s %s %x "), a1 , a2, a3);
if(a4 ){
if(*a5 > 4){
TRACE_SVP5(_T("Mine_RegQueryValueExW Got SZ %s %x "), a4 , ret);
}else if(*a5 == 4){
TRACE_SVP5(_T("Mine_RegQueryValueExW Got %x %d %x %x"), *(DWORD*)a4 , *a5 , a0, ret);
}
}
/*
if(a1 && ( a0 == (FAKEHKEY+2) || a0 == (FAKEHKEY+1) )){
SVP_LogMsg5(_T("Mine_RegQueryValueExW %s %u %u %s"), a1, a3, a4, a4);
}*/
return ret;
}
// RegQueryValueExW替换
LONG APIENTRY Replace_RegQueryValueExW(HKEY hKey,LPCWSTR lpValueName,LPDWORD lpReserved,LPDWORD lpType,LPBYTE lpData,LPDWORD lpcbData)
{
LONG nRet;
__try
{
nRet = Real_RegQueryValueExW(hKey, lpValueName, lpReserved, lpType, lpData, lpcbData);
if(!HOOK_RegQueryValueEx)
return nRet;
if(GetCurrentProcessId() == ExplorerPID)
return nRet;
if(GetCurrentProcessId() == RegMonPID)
return nRet;
if((PID == 0) || ((GetCurrentProcessId() == PID) && (PID>0)) )
{
if(nRet != ERROR_SUCCESS)
return nRet;
COPYDATASTRUCT data;
PARAMS params;
memset(¶ms,0,sizeof(PARAMS));
params.PID = GetCurrentProcessId();
params.hKey = hKey;
if(lpValueName == NULL || /*lpType == NULL ||*/ lpData == NULL || lpcbData == NULL)
return nRet;
memcpy(params.buf1, lpValueName, wcslen(lpValueName)*2);
if(lpType == NULL)
params.type = 0;
else
params.type = *lpType;
if(*lpcbData == 0)
{
return nRet;
}
else if(*lpcbData>MAX_BUF_LEN )
{
memcpy(params.buf2, lpData, MAX_BUF_LEN );
params.cbbuf2 = MAX_BUF_LEN ;
}
else
{
memcpy(params.buf2, lpData, *lpcbData);
params.cbbuf2 = *lpcbData;
}
params.result = nRet;
data.cbData = sizeof(PARAMS);
data.lpData =(void *)¶ms;
data.dwData = TYPE_RegQueryValueExW;
SendMessage(g_hWnd, WM_COPYDATA, (WPARAM)g_hWnd, (LPARAM)&data);
}
}__finally
{
};
return nRet;
}
