NTSTATUS kListNotifyRegistry(LPWSTR pszDest, size_t cbDest, LPWSTR *ppszDestEnd, size_t *pcbRemaining)
{
NTSTATUS status;
ULONG i;
PKIWI_CALLBACK monCallBack;
PLIST_ENTRY maListe;
PKIWI_REGISTRY6_CALLBACK monCallBack6;
*ppszDestEnd = pszDest; *pcbRemaining= cbDest;
status = RtlStringCbPrintfExW(*ppszDestEnd, *pcbRemaining, ppszDestEnd, pcbRemaining, STRSAFE_NO_TRUNCATION, L"kListNotifyRegistry\n\n");
if(NT_SUCCESS(status))
{
status = getNotifyRegistryRoutine();
if(NT_SUCCESS(status))
{
if(INDEX_OS < INDEX_VISTA)
{
for(i = 0; (i < *CmpCallBackCount) && NT_SUCCESS(status) ; i++)
{
monCallBack = (PKIWI_CALLBACK) KIWI_mask3bits(CmpCallBackVector[i]);
if(monCallBack != NULL)
{
status = RtlStringCbPrintfExW(*ppszDestEnd, *pcbRemaining, ppszDestEnd, pcbRemaining, STRSAFE_NO_TRUNCATION, L"[%.2u] ", i);
if(NT_SUCCESS(status))
{
status = getModuleFromAddr((ULONG_PTR) monCallBack->callback, *ppszDestEnd, *pcbRemaining, ppszDestEnd, pcbRemaining);
if(NT_SUCCESS(status) || status == STATUS_NOT_FOUND)
{
status = RtlStringCbPrintfExW(*ppszDestEnd, *pcbRemaining, ppszDestEnd, pcbRemaining, STRSAFE_NO_TRUNCATION,
L" - cookie %#.I64x\n", *(monCallBack->opt_cookie)
);
}
}
}
}
}
else
{
for(maListe = CallbackListHead->Flink, i = 0; (maListe != CallbackListHead) && NT_SUCCESS(status) ; maListe = maListe->Flink, i++)
{
monCallBack6 = (PKIWI_REGISTRY6_CALLBACK) (((ULONG_PTR) maListe) + sizeof(LIST_ENTRY) + 2*((INDEX_OS < INDEX_7) ? sizeof(PVOID) : sizeof(ULONG)));
status = RtlStringCbPrintfExW(*ppszDestEnd, *pcbRemaining, ppszDestEnd, pcbRemaining, STRSAFE_NO_TRUNCATION, L"[%.2u] ", i);
if(NT_SUCCESS(status))
{
status = getModuleFromAddr((ULONG_PTR) monCallBack6->callback, *ppszDestEnd, *pcbRemaining, ppszDestEnd, pcbRemaining);
if(NT_SUCCESS(status) || status == STATUS_NOT_FOUND)
{
status = RtlStringCbPrintfExW(*ppszDestEnd, *pcbRemaining, ppszDestEnd, pcbRemaining, STRSAFE_NO_TRUNCATION,
L" - alt %wZ - cookie %#.I64x\n", &(monCallBack6->altitude), monCallBack6->cookie);
}
}
}
}
}
}
return status;
}
NTSTATUS kkll_m_notify_list(PKIWI_BUFFER outBuffer, PKKLL_M_MEMORY_GENERIC generics, SIZE_T cbGenerics, PUCHAR * ptr, PULONG pRoutineMax)
{
NTSTATUS status = STATUS_SUCCESS;
PKKLL_M_NOTIFY_CALLBACK pNotifyCallback;
ULONG i;
if(!*ptr)
status = kkll_m_notify_search(generics, cbGenerics, ptr, pRoutineMax, NULL);
if(*ptr)
{
for(i = 0; NT_SUCCESS(status) && (i < *pRoutineMax); i++)
{
if(pNotifyCallback = (PKKLL_M_NOTIFY_CALLBACK) KIWI_mask3bits(((PVOID *) *ptr)[i]))
{
status = kprintf(outBuffer, L"[%.2u] ", i);
if(NT_SUCCESS(status))
status = kkll_m_modules_fromAddr(outBuffer, pNotifyCallback->callback);
}
}
}
return status;
}
NTSTATUS kkll_m_notify_list_reg(PKIWI_BUFFER outBuffer)
{
NTSTATUS status = STATUS_SUCCESS;
PKKLL_M_NOTIFY_CALLBACK pNotifyCallback;
PLIST_ENTRY pEntry;
ULONG i;
if(!CallbackListHeadOrCmpCallBackVector)
status = kkll_m_notify_search(RegReferences, ARRAYSIZE(RegReferences), (PUCHAR *) &CallbackListHeadOrCmpCallBackVector, NULL, &pCmpCallBackOffsets);
if(CallbackListHeadOrCmpCallBackVector)
{
if(KiwiOsIndex < KiwiOsIndex_VISTA)
{
for(i = 0; NT_SUCCESS(status) && (i < CM_REG_MAX_CALLBACKS); i++)
{
if(pNotifyCallback = (PKKLL_M_NOTIFY_CALLBACK) KIWI_mask3bits(CallbackListHeadOrCmpCallBackVector[i]))
{
status = kprintf(outBuffer, L"[%.2u] ", i);
if(NT_SUCCESS(status))
status = kkll_m_modules_fromAddr(outBuffer, pNotifyCallback->callback);
}
}
}
else
{
for(pEntry = (PLIST_ENTRY) *CallbackListHeadOrCmpCallBackVector, i = 0 ; NT_SUCCESS(status) && (pEntry != (PLIST_ENTRY) CallbackListHeadOrCmpCallBackVector); pEntry = (PLIST_ENTRY) (pEntry->Flink), i++)
{
status = kprintf(outBuffer, L"[%.2u] ", i);
if(NT_SUCCESS(status))
status = kkll_m_modules_fromAddr(outBuffer, *(PVOID *) ((ULONG_PTR) pEntry + pCmpCallBackOffsets->off1));
}
}
}
return status;
}
