INT_PTR CALLBACK PhpProcessHeapsDlgProc(
__in HWND hwndDlg,
__in UINT uMsg,
__in WPARAM wParam,
__in LPARAM lParam
)
{
PPROCESS_HEAPS_CONTEXT context = NULL;
if (uMsg != WM_INITDIALOG)
{
context = (PPROCESS_HEAPS_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom());
}
else
{
context = (PPROCESS_HEAPS_CONTEXT)lParam;
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)context);
}
if (!context)
return FALSE;
switch (uMsg)
{
case WM_INITDIALOG:
{
HWND lvHandle;
ULONG i;
PhCenterWindow(hwndDlg, GetParent(hwndDlg));
context->ListViewHandle = lvHandle = GetDlgItem(hwndDlg, IDC_LIST);
PhAddListViewColumn(lvHandle, 0, 0, 0, LVCFMT_LEFT, 100, L"Address");
PhAddListViewColumn(lvHandle, 1, 1, 1, LVCFMT_LEFT, 120, L"Used");
PhAddListViewColumn(lvHandle, 2, 2, 2, LVCFMT_LEFT, 120, L"Committed");
PhAddListViewColumn(lvHandle, 3, 3, 3, LVCFMT_LEFT, 80, L"Entries");
PhSetListViewStyle(lvHandle, FALSE, TRUE);
PhSetControlTheme(lvHandle, L"explorer");
PhSetExtendedListView(lvHandle);
ExtendedListView_SetContext(lvHandle, context);
ExtendedListView_SetCompareFunction(lvHandle, 0, PhpHeapAddressCompareFunction);
ExtendedListView_SetCompareFunction(lvHandle, 1, PhpHeapUsedCompareFunction);
ExtendedListView_SetCompareFunction(lvHandle, 2, PhpHeapCommittedCompareFunction);
ExtendedListView_SetCompareFunction(lvHandle, 3, PhpHeapEntriesCompareFunction);
ExtendedListView_SetItemFontFunction(lvHandle, PhpHeapFontFunction);
for (i = 0; i < context->ProcessHeaps->NumberOfHeaps; i++)
{
PRTL_HEAP_INFORMATION heapInfo = &context->ProcessHeaps->Heaps[i];
WCHAR addressString[PH_PTR_STR_LEN_1];
INT lvItemIndex;
PPH_STRING usedString;
PPH_STRING committedString;
PPH_STRING numberOfEntriesString;
PhPrintPointer(addressString, heapInfo->BaseAddress);
lvItemIndex = PhAddListViewItem(lvHandle, MAXINT, addressString, heapInfo);
usedString = PhFormatSize(heapInfo->BytesAllocated, -1);
committedString = PhFormatSize(heapInfo->BytesCommitted, -1);
numberOfEntriesString = PhFormatUInt64(heapInfo->NumberOfEntries, TRUE);
PhSetListViewSubItem(lvHandle, lvItemIndex, 1, usedString->Buffer);
PhSetListViewSubItem(lvHandle, lvItemIndex, 2, committedString->Buffer);
PhSetListViewSubItem(lvHandle, lvItemIndex, 3, numberOfEntriesString->Buffer);
PhDereferenceObject(usedString);
PhDereferenceObject(committedString);
PhDereferenceObject(numberOfEntriesString);
}
ExtendedListView_SortItems(lvHandle);
}
break;
case WM_DESTROY:
{
RemoveProp(hwndDlg, PhMakeContextAtom());
}
break;
case WM_COMMAND:
{
switch (LOWORD(wParam))
{
case IDCANCEL:
case IDOK:
EndDialog(hwndDlg, IDOK);
break;
case IDC_SIZESINBYTES:
{
BOOLEAN sizesInBytes = Button_GetCheck(GetDlgItem(hwndDlg, IDC_SIZESINBYTES)) == BST_CHECKED;
INT index = -1;
ExtendedListView_SetRedraw(context->ListViewHandle, FALSE);
while ((index = ListView_GetNextItem(context->ListViewHandle, index, LVNI_ALL)) != -1)
{
PRTL_HEAP_INFORMATION heapInfo;
PPH_STRING usedString;
PPH_STRING committedString;
if (PhGetListViewItemParam(context->ListViewHandle, index, &heapInfo))
{
usedString = PhFormatSize(heapInfo->BytesAllocated, sizesInBytes ? 0 : -1);
committedString = PhFormatSize(heapInfo->BytesCommitted, sizesInBytes ? 0 : -1);
PhSetListViewSubItem(context->ListViewHandle, index, 1, usedString->Buffer);
PhSetListViewSubItem(context->ListViewHandle, index, 2, committedString->Buffer);
PhDereferenceObject(usedString);
PhDereferenceObject(committedString);
}
}
ExtendedListView_SetRedraw(context->ListViewHandle, TRUE);
}
break;
}
}
break;
case WM_NOTIFY:
{
PhHandleListViewNotifyForCopy(lParam, context->ListViewHandle);
}
break;
case WM_CONTEXTMENU:
{
if ((HWND)wParam == context->ListViewHandle)
{
POINT point;
PRTL_HEAP_INFORMATION heapInfo;
PPH_EMENU menu;
INT selectedCount;
PPH_EMENU_ITEM menuItem;
point.x = (SHORT)LOWORD(lParam);
point.y = (SHORT)HIWORD(lParam);
if (point.x == -1 && point.y == -1)
PhGetListViewContextMenuPoint((HWND)wParam, &point);
selectedCount = ListView_GetSelectedCount(context->ListViewHandle);
heapInfo = PhGetSelectedListViewItemParam(context->ListViewHandle);
if (selectedCount != 0)
{
menu = PhCreateEMenu();
PhInsertEMenuItem(menu, PhCreateEMenuItem(selectedCount != 1 ? PH_EMENU_DISABLED : 0, 1, L"Destroy", NULL, NULL), -1);
PhInsertEMenuItem(menu, PhCreateEMenuItem(0, 2, L"Copy\bCtrl+C", NULL, NULL), -1);
menuItem = PhShowEMenu(menu, context->ListViewHandle, PH_EMENU_SHOW_LEFTRIGHT | PH_EMENU_SHOW_NONOTIFY,
PH_ALIGN_LEFT | PH_ALIGN_TOP, point.x, point.y);
if (menuItem)
{
switch (menuItem->Id)
{
case 1:
if (PhUiDestroyHeap(hwndDlg, context->ProcessItem->ProcessId, heapInfo->BaseAddress))
ListView_DeleteItem(context->ListViewHandle, PhFindListViewItemByParam(context->ListViewHandle, -1, heapInfo));
break;
case 2:
PhCopyListView(context->ListViewHandle);
break;
}
}
PhDestroyEMenu(menu);
}
}
}
break;
}
REFLECT_MESSAGE_DLG(hwndDlg, context->ListViewHandle, uMsg, wParam, lParam);
return FALSE;
}
INT_PTR CALLBACK PhpProcessRecordDlgProc(
__in HWND hwndDlg,
__in UINT uMsg,
__in WPARAM wParam,
__in LPARAM lParam
)
{
PPROCESS_RECORD_CONTEXT context = NULL;
if (uMsg == WM_INITDIALOG)
{
context = (PPROCESS_RECORD_CONTEXT)lParam;
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)context);
}
else
{
context = (PPROCESS_RECORD_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom());
if (uMsg == WM_DESTROY)
{
RemoveProp(hwndDlg, PhMakeContextAtom());
}
}
if (!context)
return FALSE;
switch (uMsg)
{
case WM_INITDIALOG:
{
PH_IMAGE_VERSION_INFO versionInfo;
BOOLEAN versionInfoInitialized;
PPH_STRING processNameString;
PPH_PROCESS_ITEM processItem;
if (!PH_IS_FAKE_PROCESS_ID(context->Record->ProcessId))
{
processNameString = PhaFormatString(L"%s (%u)",
context->Record->ProcessName->Buffer, (ULONG)context->Record->ProcessId);
}
else
{
processNameString = context->Record->ProcessName;
}
PhCenterWindow(hwndDlg, GetParent(hwndDlg));
SetWindowText(hwndDlg, processNameString->Buffer);
SetDlgItemText(hwndDlg, IDC_PROCESSNAME, processNameString->Buffer);
if (processItem = PhReferenceProcessItemForRecord(context->Record))
{
PPH_PROCESS_ITEM parentProcess;
if (parentProcess = PhReferenceProcessItemForParent(
processItem->ParentProcessId,
processItem->ProcessId,
&processItem->CreateTime
))
{
CLIENT_ID clientId;
clientId.UniqueProcess = parentProcess->ProcessId;
clientId.UniqueThread = NULL;
SetDlgItemText(hwndDlg, IDC_PARENT,
((PPH_STRING)PHA_DEREFERENCE(PhGetClientIdNameEx(&clientId, parentProcess->ProcessName)))->Buffer);
PhDereferenceObject(parentProcess);
}
else
{
SetDlgItemText(hwndDlg, IDC_PARENT, PhaFormatString(L"Non-existent process (%u)",
(ULONG)context->Record->ParentProcessId)->Buffer);
}
PhDereferenceObject(processItem);
}
else
{
SetDlgItemText(hwndDlg, IDC_PARENT, PhaFormatString(L"Unknown process (%u)",
(ULONG)context->Record->ParentProcessId)->Buffer);
EnableWindow(GetDlgItem(hwndDlg, IDC_PROPERTIES), FALSE);
}
memset(&versionInfo, 0, sizeof(PH_IMAGE_VERSION_INFO));
versionInfoInitialized = FALSE;
if (context->Record->FileName)
{
if (PhInitializeImageVersionInfo(&versionInfo, context->Record->FileName->Buffer))
versionInfoInitialized = TRUE;
}
context->FileIcon = PhGetFileShellIcon(PhGetString(context->Record->FileName), L".exe", TRUE);
SendMessage(GetDlgItem(hwndDlg, IDC_OPENFILENAME), BM_SETIMAGE, IMAGE_BITMAP,
(LPARAM)PH_LOAD_SHARED_IMAGE(MAKEINTRESOURCE(IDB_FOLDER), IMAGE_BITMAP));
SendMessage(GetDlgItem(hwndDlg, IDC_FILEICON), STM_SETICON,
(WPARAM)context->FileIcon, 0);
SetDlgItemText(hwndDlg, IDC_NAME, PhpGetStringOrNa(versionInfo.FileDescription));
SetDlgItemText(hwndDlg, IDC_COMPANYNAME, PhpGetStringOrNa(versionInfo.CompanyName));
SetDlgItemText(hwndDlg, IDC_VERSION, PhpGetStringOrNa(versionInfo.FileVersion));
SetDlgItemText(hwndDlg, IDC_FILENAME, PhpGetStringOrNa(context->Record->FileName));
if (versionInfoInitialized)
PhDeleteImageVersionInfo(&versionInfo);
if (!context->Record->FileName)
EnableWindow(GetDlgItem(hwndDlg, IDC_OPENFILENAME), FALSE);
SetDlgItemText(hwndDlg, IDC_CMDLINE, PhpGetStringOrNa(context->Record->CommandLine));
if (context->Record->CreateTime.QuadPart != 0)
SetDlgItemText(hwndDlg, IDC_STARTED, PhapGetRelativeTimeString(&context->Record->CreateTime)->Buffer);
else
SetDlgItemText(hwndDlg, IDC_STARTED, L"N/A");
if (context->Record->ExitTime.QuadPart != 0)
SetDlgItemText(hwndDlg, IDC_TERMINATED, PhapGetRelativeTimeString(&context->Record->ExitTime)->Buffer);
else
SetDlgItemText(hwndDlg, IDC_TERMINATED, L"N/A");
SetDlgItemInt(hwndDlg, IDC_SESSIONID, context->Record->SessionId, FALSE);
}
break;
case WM_DESTROY:
{
if (context->FileIcon)
DestroyIcon(context->FileIcon);
}
break;
case WM_COMMAND:
{
switch (LOWORD(wParam))
{
case IDCANCEL:
case IDOK:
{
EndDialog(hwndDlg, IDOK);
}
break;
case IDC_OPENFILENAME:
{
if (context->Record->FileName)
PhShellExploreFile(hwndDlg, context->Record->FileName->Buffer);
}
break;
case IDC_PROPERTIES:
{
PPH_PROCESS_ITEM processItem;
if (processItem = PhReferenceProcessItemForRecord(context->Record))
{
ProcessHacker_ShowProcessProperties(PhMainWndHandle, processItem);
PhDereferenceObject(processItem);
}
else
{
PhShowError(hwndDlg, L"The process has already terminated; only the process record is available.");
}
}
break;
}
}
break;
}
return FALSE;
}
static INT_PTR CALLBACK PhpNetworkStackDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
switch (uMsg)
{
case WM_INITDIALOG:
{
PNETWORK_STACK_CONTEXT networkStackContext;
HWND lvHandle;
PPH_LAYOUT_MANAGER layoutManager;
PVOID address;
ULONG i;
PhCenterWindow(hwndDlg, GetParent(hwndDlg));
networkStackContext = (PNETWORK_STACK_CONTEXT)lParam;
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)networkStackContext);
lvHandle = GetDlgItem(hwndDlg, IDC_LIST);
PhAddListViewColumn(lvHandle, 0, 0, 0, LVCFMT_LEFT, 350, L"Name");
PhSetListViewStyle(lvHandle, FALSE, TRUE);
PhSetControlTheme(lvHandle, L"explorer");
networkStackContext->ListViewHandle = lvHandle;
layoutManager = PhAllocate(sizeof(PH_LAYOUT_MANAGER));
PhInitializeLayoutManager(layoutManager, hwndDlg);
SetProp(hwndDlg, L"LayoutManager", (HANDLE)layoutManager);
PhAddLayoutItem(layoutManager, lvHandle, NULL,
PH_ANCHOR_ALL);
PhAddLayoutItem(layoutManager, GetDlgItem(hwndDlg, IDOK),
NULL, PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
if (MinimumSize.left == -1)
{
RECT rect;
rect.left = 0;
rect.top = 0;
rect.right = 190;
rect.bottom = 120;
MapDialogRect(hwndDlg, &rect);
MinimumSize = rect;
MinimumSize.left = 0;
}
for (i = 0; i < PH_NETWORK_OWNER_INFO_SIZE; i++)
{
PPH_STRING name;
address = *(PVOID *)&networkStackContext->NetworkItem->OwnerInfo[i];
if ((ULONG_PTR)address < PAGE_SIZE) // stop at an invalid address
break;
name = PhGetSymbolFromAddress(
networkStackContext->SymbolProvider,
(ULONG64)address,
NULL,
NULL,
NULL,
NULL
);
PhAddListViewItem(lvHandle, MAXINT, name->Buffer, NULL);
PhDereferenceObject(name);
}
}
break;
case WM_DESTROY:
{
PPH_LAYOUT_MANAGER layoutManager;
PNETWORK_STACK_CONTEXT networkStackContext;
layoutManager = (PPH_LAYOUT_MANAGER)GetProp(hwndDlg, L"LayoutManager");
PhDeleteLayoutManager(layoutManager);
PhFree(layoutManager);
networkStackContext = (PNETWORK_STACK_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom());
RemoveProp(hwndDlg, PhMakeContextAtom());
RemoveProp(hwndDlg, L"LayoutManager");
}
break;
case WM_COMMAND:
{
INT id = LOWORD(wParam);
switch (id)
{
case IDCANCEL: // Esc and X button to close
case IDOK:
EndDialog(hwndDlg, IDOK);
break;
}
}
break;
case WM_SIZE:
{
PPH_LAYOUT_MANAGER layoutManager;
layoutManager = (PPH_LAYOUT_MANAGER)GetProp(hwndDlg, L"LayoutManager");
PhLayoutManagerLayout(layoutManager);
}
break;
case WM_SIZING:
{
PhResizingMinimumSize((PRECT)lParam, wParam, MinimumSize.right, MinimumSize.bottom);
}
break;
}
return FALSE;
}
INT_PTR CALLBACK PhpServiceGeneralDlgProc(
__in HWND hwndDlg,
__in UINT uMsg,
__in WPARAM wParam,
__in LPARAM lParam
)
{
switch (uMsg)
{
case WM_INITDIALOG:
{
LPPROPSHEETPAGE propSheetPage = (LPPROPSHEETPAGE)lParam;
PSERVICE_PROPERTIES_CONTEXT context = (PSERVICE_PROPERTIES_CONTEXT)propSheetPage->lParam;
PPH_SERVICE_ITEM serviceItem = context->ServiceItem;
SC_HANDLE serviceHandle;
// HACK
PhCenterWindow(GetParent(hwndDlg), GetParent(GetParent(hwndDlg)));
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)context);
PhAddComboBoxStrings(GetDlgItem(hwndDlg, IDC_TYPE), PhServiceTypeStrings,
sizeof(PhServiceTypeStrings) / sizeof(WCHAR *));
PhAddComboBoxStrings(GetDlgItem(hwndDlg, IDC_STARTTYPE), PhServiceStartTypeStrings,
sizeof(PhServiceStartTypeStrings) / sizeof(WCHAR *));
PhAddComboBoxStrings(GetDlgItem(hwndDlg, IDC_ERRORCONTROL), PhServiceErrorControlStrings,
sizeof(PhServiceErrorControlStrings) / sizeof(WCHAR *));
SetDlgItemText(hwndDlg, IDC_DESCRIPTION, serviceItem->DisplayName->Buffer);
ComboBox_SelectString(GetDlgItem(hwndDlg, IDC_TYPE), -1,
PhGetServiceTypeString(serviceItem->Type));
ComboBox_SelectString(GetDlgItem(hwndDlg, IDC_STARTTYPE), -1,
PhGetServiceStartTypeString(serviceItem->StartType));
ComboBox_SelectString(GetDlgItem(hwndDlg, IDC_ERRORCONTROL), -1,
PhGetServiceErrorControlString(serviceItem->ErrorControl));
serviceHandle = PhOpenService(serviceItem->Name->Buffer, SERVICE_QUERY_CONFIG);
if (serviceHandle)
{
LPQUERY_SERVICE_CONFIG config;
PPH_STRING description;
BOOLEAN delayedStart;
if (config = PhGetServiceConfig(serviceHandle))
{
SetDlgItemText(hwndDlg, IDC_GROUP, config->lpLoadOrderGroup);
SetDlgItemText(hwndDlg, IDC_BINARYPATH, config->lpBinaryPathName);
SetDlgItemText(hwndDlg, IDC_USERACCOUNT, config->lpServiceStartName);
PhFree(config);
}
if (description = PhGetServiceDescription(serviceHandle))
{
SetDlgItemText(hwndDlg, IDC_DESCRIPTION, description->Buffer);
PhDereferenceObject(description);
}
if (PhGetServiceDelayedAutoStart(serviceHandle, &delayedStart))
{
context->OldDelayedStart = delayedStart;
if (delayedStart)
Button_SetCheck(GetDlgItem(hwndDlg, IDC_DELAYEDSTART), BST_CHECKED);
}
CloseServiceHandle(serviceHandle);
}
SetDlgItemText(hwndDlg, IDC_PASSWORD, L"password");
Button_SetCheck(GetDlgItem(hwndDlg, IDC_PASSWORDCHECK), BST_UNCHECKED);
SetDlgItemText(hwndDlg, IDC_SERVICEDLL, L"N/A");
{
HANDLE keyHandle;
PPH_STRING keyName;
keyName = PhConcatStrings(
3,
L"System\\CurrentControlSet\\Services\\",
serviceItem->Name->Buffer,
L"\\Parameters"
);
if (NT_SUCCESS(PhOpenKey(
&keyHandle,
KEY_READ,
PH_KEY_LOCAL_MACHINE,
&keyName->sr,
0
)))
{
PPH_STRING serviceDllString;
if (serviceDllString = PhQueryRegistryString(keyHandle, L"ServiceDll"))
{
PPH_STRING expandedString;
if (expandedString = PhExpandEnvironmentStrings(&serviceDllString->sr))
{
SetDlgItemText(hwndDlg, IDC_SERVICEDLL, expandedString->Buffer);
PhDereferenceObject(expandedString);
}
PhDereferenceObject(serviceDllString);
}
NtClose(keyHandle);
}
PhDereferenceObject(keyName);
}
PhpRefreshControls(hwndDlg);
context->Ready = TRUE;
}
break;
case WM_DESTROY:
{
RemoveProp(hwndDlg, PhMakeContextAtom());
}
break;
case WM_COMMAND:
{
PSERVICE_PROPERTIES_CONTEXT context =
(PSERVICE_PROPERTIES_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom());
switch (LOWORD(wParam))
{
case IDCANCEL:
{
// Workaround for property sheet + multiline edit: http://support.microsoft.com/kb/130765
SendMessage(GetParent(hwndDlg), uMsg, wParam, lParam);
}
break;
case IDC_PASSWORD:
{
if (HIWORD(wParam) == EN_CHANGE)
{
Button_SetCheck(GetDlgItem(hwndDlg, IDC_PASSWORDCHECK), BST_CHECKED);
}
}
break;
case IDC_DELAYEDSTART:
{
context->Dirty = TRUE;
}
break;
case IDC_BROWSE:
{
static PH_FILETYPE_FILTER filters[] =
{
{ L"Executable files (*.exe;*.sys)", L"*.exe;*.sys" },
{ L"All files (*.*)", L"*.*" }
};
PVOID fileDialog;
PPH_STRING fileName;
fileDialog = PhCreateOpenFileDialog();
PhSetFileDialogFilter(fileDialog, filters, sizeof(filters) / sizeof(PH_FILETYPE_FILTER));
fileName = PhGetFileName(PHA_GET_DLGITEM_TEXT(hwndDlg, IDC_BINARYPATH));
PhSetFileDialogFileName(fileDialog, fileName->Buffer);
PhDereferenceObject(fileName);
if (PhShowFileDialog(hwndDlg, fileDialog))
{
fileName = PhGetFileDialogFileName(fileDialog);
SetDlgItemText(hwndDlg, IDC_BINARYPATH, fileName->Buffer);
PhDereferenceObject(fileName);
}
PhFreeFileDialog(fileDialog);
}
break;
}
switch (HIWORD(wParam))
{
case EN_CHANGE:
case CBN_SELCHANGE:
{
PhpRefreshControls(hwndDlg);
if (context->Ready)
context->Dirty = TRUE;
}
break;
}
}
break;
case WM_NOTIFY:
{
LPNMHDR header = (LPNMHDR)lParam;
switch (header->code)
{
case PSN_QUERYINITIALFOCUS:
{
SetWindowLongPtr(hwndDlg, DWLP_MSGRESULT, (LONG_PTR)GetDlgItem(hwndDlg, IDC_TYPE));
}
return TRUE;
case PSN_KILLACTIVE:
{
SetWindowLongPtr(hwndDlg, DWLP_MSGRESULT, FALSE);
}
return TRUE;
case PSN_APPLY:
{
NTSTATUS status;
PSERVICE_PROPERTIES_CONTEXT context =
(PSERVICE_PROPERTIES_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom());
PPH_SERVICE_ITEM serviceItem = context->ServiceItem;
SC_HANDLE serviceHandle;
PPH_STRING newServiceTypeString;
PPH_STRING newServiceStartTypeString;
PPH_STRING newServiceErrorControlString;
ULONG newServiceType;
ULONG newServiceStartType;
ULONG newServiceErrorControl;
PPH_STRING newServiceGroup;
PPH_STRING newServiceBinaryPath;
PPH_STRING newServiceUserAccount;
PPH_STRING newServicePassword;
SetWindowLongPtr(hwndDlg, DWLP_MSGRESULT, PSNRET_NOERROR);
if (!context->Dirty)
{
return TRUE;
}
newServiceTypeString = PHA_DEREFERENCE(PhGetWindowText(GetDlgItem(hwndDlg, IDC_TYPE)));
newServiceStartTypeString = PHA_DEREFERENCE(PhGetWindowText(GetDlgItem(hwndDlg, IDC_STARTTYPE)));
newServiceErrorControlString = PHA_DEREFERENCE(PhGetWindowText(GetDlgItem(hwndDlg, IDC_ERRORCONTROL)));
newServiceType = PhGetServiceTypeInteger(newServiceTypeString->Buffer);
newServiceStartType = PhGetServiceStartTypeInteger(newServiceStartTypeString->Buffer);
newServiceErrorControl = PhGetServiceErrorControlInteger(newServiceErrorControlString->Buffer);
newServiceGroup = PHA_DEREFERENCE(PhGetWindowText(GetDlgItem(hwndDlg, IDC_GROUP)));
newServiceBinaryPath = PHA_DEREFERENCE(PhGetWindowText(GetDlgItem(hwndDlg, IDC_BINARYPATH)));
newServiceUserAccount = PHA_DEREFERENCE(PhGetWindowText(GetDlgItem(hwndDlg, IDC_USERACCOUNT)));
if (Button_GetCheck(GetDlgItem(hwndDlg, IDC_PASSWORDCHECK)) == BST_CHECKED)
{
newServicePassword = PhGetWindowText(GetDlgItem(hwndDlg, IDC_PASSWORD));
}
else
{
newServicePassword = NULL;
}
if (newServiceType == SERVICE_KERNEL_DRIVER && newServiceUserAccount->Length == 0)
{
newServiceUserAccount = NULL;
}
serviceHandle = PhOpenService(serviceItem->Name->Buffer, SERVICE_CHANGE_CONFIG);
if (serviceHandle)
{
if (ChangeServiceConfig(
serviceHandle,
newServiceType,
newServiceStartType,
newServiceErrorControl,
newServiceBinaryPath->Buffer,
newServiceGroup->Buffer,
NULL,
NULL,
PhGetString(newServiceUserAccount),
PhGetString(newServicePassword),
NULL
))
{
BOOLEAN newDelayedStart;
newDelayedStart = Button_GetCheck(GetDlgItem(hwndDlg, IDC_DELAYEDSTART)) == BST_CHECKED;
if (newDelayedStart != context->OldDelayedStart)
{
PhSetServiceDelayedAutoStart(serviceHandle, newDelayedStart);
}
PhMarkNeedsConfigUpdateServiceItem(serviceItem);
CloseServiceHandle(serviceHandle);
}
else
{
CloseServiceHandle(serviceHandle);
goto ErrorCase;
}
}
else
{
if (GetLastError() == ERROR_ACCESS_DENIED && !PhElevated)
{
// Elevate using phsvc.
if (PhUiConnectToPhSvc(hwndDlg, FALSE))
{
if (NT_SUCCESS(status = PhSvcCallChangeServiceConfig(
serviceItem->Name->Buffer,
newServiceType,
newServiceStartType,
newServiceErrorControl,
newServiceBinaryPath->Buffer,
newServiceGroup->Buffer,
NULL,
NULL,
PhGetString(newServiceUserAccount),
PhGetString(newServicePassword),
NULL
)))
{
BOOLEAN newDelayedStart;
newDelayedStart = Button_GetCheck(GetDlgItem(hwndDlg, IDC_DELAYEDSTART)) == BST_CHECKED;
if (newDelayedStart != context->OldDelayedStart)
{
SERVICE_DELAYED_AUTO_START_INFO info;
info.fDelayedAutostart = newDelayedStart;
PhSvcCallChangeServiceConfig2(
serviceItem->Name->Buffer,
SERVICE_CONFIG_DELAYED_AUTO_START_INFO,
&info
);
}
PhMarkNeedsConfigUpdateServiceItem(serviceItem);
}
PhUiDisconnectFromPhSvc();
if (!NT_SUCCESS(status))
{
SetLastError(PhNtStatusToDosError(status));
goto ErrorCase;
}
}
else
{
// User cancelled elevation.
SetWindowLongPtr(hwndDlg, DWLP_MSGRESULT, PSNRET_INVALID);
}
}
else
{
goto ErrorCase;
}
}
goto Cleanup;
ErrorCase:
if (PhShowMessage(
hwndDlg,
MB_ICONERROR | MB_RETRYCANCEL,
L"Unable to change service configuration: %s",
((PPH_STRING)PHA_DEREFERENCE(PhGetWin32Message(GetLastError())))->Buffer
) == IDRETRY)
{
SetWindowLongPtr(hwndDlg, DWLP_MSGRESULT, PSNRET_INVALID);
}
Cleanup:
if (newServicePassword)
{
RtlSecureZeroMemory(newServicePassword->Buffer, newServicePassword->Length);
PhDereferenceObject(newServicePassword);
}
}
return TRUE;
}
}
break;
}
return FALSE;
}
INT_PTR CALLBACK PhpMemoryEditorDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
PMEMORY_EDITOR_CONTEXT context;
if (uMsg != WM_INITDIALOG)
{
context = GetProp(hwndDlg, PhMakeContextAtom());
}
else
{
context = (PMEMORY_EDITOR_CONTEXT)lParam;
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)context);
}
if (!context)
return FALSE;
switch (uMsg)
{
case WM_INITDIALOG:
{
NTSTATUS status;
SendMessage(hwndDlg, WM_SETICON, ICON_SMALL, (LPARAM)PH_LOAD_SHARED_ICON_SMALL(PhInstanceHandle, MAKEINTRESOURCE(IDI_PROCESSHACKER)));
SendMessage(hwndDlg, WM_SETICON, ICON_BIG, (LPARAM)PH_LOAD_SHARED_ICON_LARGE(PhInstanceHandle, MAKEINTRESOURCE(IDI_PROCESSHACKER)));
if (context->Title)
{
SetWindowText(hwndDlg, context->Title->Buffer);
}
else
{
PPH_PROCESS_ITEM processItem;
if (processItem = PhReferenceProcessItem(context->ProcessId))
{
SetWindowText(hwndDlg, PhaFormatString(L"%s (%u) (0x%Ix - 0x%Ix)",
processItem->ProcessName->Buffer, HandleToUlong(context->ProcessId),
context->BaseAddress, (ULONG_PTR)context->BaseAddress + context->RegionSize)->Buffer);
PhDereferenceObject(processItem);
}
}
PhInitializeLayoutManager(&context->LayoutManager, hwndDlg);
if (context->RegionSize > 1024 * 1024 * 1024) // 1 GB
{
PhShowError(context->OwnerHandle, L"Unable to edit the memory region because it is too large.");
return TRUE;
}
if (!NT_SUCCESS(status = PhOpenProcess(
&context->ProcessHandle,
PROCESS_VM_READ,
context->ProcessId
)))
{
PhShowStatus(context->OwnerHandle, L"Unable to open the process", status, 0);
return TRUE;
}
context->Buffer = PhAllocatePage(context->RegionSize, NULL);
if (!context->Buffer)
{
PhShowError(context->OwnerHandle, L"Unable to allocate memory for the buffer.");
return TRUE;
}
if (!NT_SUCCESS(status = NtReadVirtualMemory(
context->ProcessHandle,
context->BaseAddress,
context->Buffer,
context->RegionSize,
NULL
)))
{
PhShowStatus(context->OwnerHandle, L"Unable to read memory", status, 0);
return TRUE;
}
PhAddLayoutItem(&context->LayoutManager, GetDlgItem(hwndDlg, IDOK), NULL,
PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhAddLayoutItem(&context->LayoutManager, GetDlgItem(hwndDlg, IDC_SAVE), NULL,
PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhAddLayoutItem(&context->LayoutManager, GetDlgItem(hwndDlg, IDC_BYTESPERROW), NULL,
PH_ANCHOR_BOTTOM | PH_ANCHOR_LEFT);
PhAddLayoutItem(&context->LayoutManager, GetDlgItem(hwndDlg, IDC_GOTO), NULL,
PH_ANCHOR_BOTTOM | PH_ANCHOR_LEFT);
PhAddLayoutItem(&context->LayoutManager, GetDlgItem(hwndDlg, IDC_WRITE), NULL,
PH_ANCHOR_BOTTOM | PH_ANCHOR_LEFT);
PhAddLayoutItem(&context->LayoutManager, GetDlgItem(hwndDlg, IDC_REREAD), NULL,
PH_ANCHOR_BOTTOM | PH_ANCHOR_LEFT);
if (MinimumSize.left == -1)
{
RECT rect;
rect.left = 0;
rect.top = 0;
rect.right = 290;
rect.bottom = 140;
MapDialogRect(hwndDlg, &rect);
MinimumSize = rect;
MinimumSize.left = 0;
}
context->HexEditHandle = GetDlgItem(hwndDlg, IDC_MEMORY);
PhAddLayoutItem(&context->LayoutManager, context->HexEditHandle, NULL, PH_ANCHOR_ALL);
HexEdit_SetBuffer(context->HexEditHandle, context->Buffer, (ULONG)context->RegionSize);
{
PH_RECTANGLE windowRectangle;
windowRectangle.Position = PhGetIntegerPairSetting(L"MemEditPosition");
windowRectangle.Size = PhGetScalableIntegerPairSetting(L"MemEditSize", TRUE).Pair;
PhAdjustRectangleToWorkingArea(NULL, &windowRectangle);
MoveWindow(hwndDlg, windowRectangle.Left, windowRectangle.Top,
windowRectangle.Width, windowRectangle.Height, FALSE);
// Implement cascading by saving an offsetted rectangle.
windowRectangle.Left += 20;
windowRectangle.Top += 20;
PhSetIntegerPairSetting(L"MemEditPosition", windowRectangle.Position);
PhSetScalableIntegerPairSetting2(L"MemEditSize", windowRectangle.Size);
}
{
PWSTR bytesPerRowStrings[7];
ULONG i;
ULONG bytesPerRow;
for (i = 0; i < sizeof(bytesPerRowStrings) / sizeof(PWSTR); i++)
bytesPerRowStrings[i] = PhaFormatString(L"%u bytes per row", 1 << (2 + i))->Buffer;
PhAddComboBoxStrings(GetDlgItem(hwndDlg, IDC_BYTESPERROW),
bytesPerRowStrings, sizeof(bytesPerRowStrings) / sizeof(PWSTR));
bytesPerRow = PhGetIntegerSetting(L"MemEditBytesPerRow");
if (bytesPerRow >= 4)
{
HexEdit_SetBytesPerRow(context->HexEditHandle, bytesPerRow);
PhSelectComboBoxString(GetDlgItem(hwndDlg, IDC_BYTESPERROW),
PhaFormatString(L"%u bytes per row", bytesPerRow)->Buffer, FALSE);
}
}
context->LoadCompleted = TRUE;
}
break;
case WM_DESTROY:
{
if (context->LoadCompleted)
{
PhSaveWindowPlacementToSetting(L"MemEditPosition", L"MemEditSize", hwndDlg);
PhRemoveElementAvlTree(&PhMemoryEditorSet, &context->Links);
PhUnregisterDialog(hwndDlg);
}
RemoveProp(hwndDlg, PhMakeContextAtom());
PhDeleteLayoutManager(&context->LayoutManager);
if (context->Buffer) PhFreePage(context->Buffer);
if (context->ProcessHandle) NtClose(context->ProcessHandle);
PhClearReference(&context->Title);
if ((context->Flags & PH_MEMORY_EDITOR_UNMAP_VIEW_OF_SECTION) && context->ProcessId == NtCurrentProcessId())
NtUnmapViewOfSection(NtCurrentProcess(), context->BaseAddress);
PhFree(context);
}
break;
case WM_SHOWWINDOW:
{
SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM)context->HexEditHandle, TRUE);
}
break;
case WM_COMMAND:
{
switch (GET_WM_COMMAND_ID(wParam, lParam))
{
case IDCANCEL:
case IDOK:
DestroyWindow(hwndDlg);
break;
case IDC_SAVE:
{
static PH_FILETYPE_FILTER filters[] =
{
{ L"Binary files (*.bin)", L"*.bin" },
{ L"All files (*.*)", L"*.*" }
};
PVOID fileDialog;
PPH_PROCESS_ITEM processItem;
fileDialog = PhCreateSaveFileDialog();
PhSetFileDialogFilter(fileDialog, filters, sizeof(filters) / sizeof(PH_FILETYPE_FILTER));
if (!context->Title && (processItem = PhReferenceProcessItem(context->ProcessId)))
{
PhSetFileDialogFileName(fileDialog,
PhaFormatString(L"%s_0x%Ix-0x%Ix.bin", processItem->ProcessName->Buffer,
context->BaseAddress, context->RegionSize)->Buffer);
PhDereferenceObject(processItem);
}
else
{
PhSetFileDialogFileName(fileDialog, L"Memory.bin");
}
if (PhShowFileDialog(hwndDlg, fileDialog))
{
NTSTATUS status;
PPH_STRING fileName;
PPH_FILE_STREAM fileStream;
fileName = PH_AUTO(PhGetFileDialogFileName(fileDialog));
if (NT_SUCCESS(status = PhCreateFileStream(
&fileStream,
fileName->Buffer,
FILE_GENERIC_WRITE,
FILE_SHARE_READ,
FILE_OVERWRITE_IF,
0
)))
{
status = PhWriteFileStream(fileStream, context->Buffer, (ULONG)context->RegionSize);
PhDereferenceObject(fileStream);
}
if (!NT_SUCCESS(status))
PhShowStatus(hwndDlg, L"Unable to create the file", status, 0);
}
PhFreeFileDialog(fileDialog);
}
break;
case IDC_GOTO:
{
PPH_STRING selectedChoice = NULL;
while (PhaChoiceDialog(
hwndDlg,
L"Go to Offset",
L"Enter an offset:",
NULL,
0,
NULL,
PH_CHOICE_DIALOG_USER_CHOICE,
&selectedChoice,
NULL,
L"MemEditGotoChoices"
))
{
ULONG64 offset;
if (selectedChoice->Length == 0)
continue;
if (PhStringToInteger64(&selectedChoice->sr, 0, &offset))
{
if (offset >= context->RegionSize)
{
PhShowError(hwndDlg, L"The offset is too large.");
continue;
}
SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM)context->HexEditHandle, TRUE);
HexEdit_SetSel(context->HexEditHandle, (LONG)offset, (LONG)offset);
break;
}
}
}
break;
case IDC_WRITE:
{
NTSTATUS status;
if (!context->WriteAccess)
{
HANDLE processHandle;
if (!NT_SUCCESS(status = PhOpenProcess(
&processHandle,
PROCESS_VM_READ | PROCESS_VM_WRITE,
context->ProcessId
)))
{
PhShowStatus(hwndDlg, L"Unable to open the process", status, 0);
break;
}
if (context->ProcessHandle) NtClose(context->ProcessHandle);
context->ProcessHandle = processHandle;
context->WriteAccess = TRUE;
}
if (!NT_SUCCESS(status = NtWriteVirtualMemory(
context->ProcessHandle,
context->BaseAddress,
context->Buffer,
context->RegionSize,
NULL
)))
{
PhShowStatus(hwndDlg, L"Unable to write memory", status, 0);
}
}
break;
case IDC_REREAD:
{
NTSTATUS status;
if (!NT_SUCCESS(status = NtReadVirtualMemory(
context->ProcessHandle,
context->BaseAddress,
context->Buffer,
context->RegionSize,
NULL
)))
{
PhShowStatus(hwndDlg, L"Unable to read memory", status, 0);
}
InvalidateRect(context->HexEditHandle, NULL, TRUE);
}
break;
case IDC_BYTESPERROW:
if (HIWORD(wParam) == CBN_SELCHANGE)
{
PPH_STRING bytesPerRowString = PhaGetDlgItemText(hwndDlg, IDC_BYTESPERROW);
PH_STRINGREF firstPart;
PH_STRINGREF secondPart;
ULONG64 bytesPerRow64;
if (PhSplitStringRefAtChar(&bytesPerRowString->sr, ' ', &firstPart, &secondPart))
{
if (PhStringToInteger64(&firstPart, 10, &bytesPerRow64))
{
PhSetIntegerSetting(L"MemEditBytesPerRow", (ULONG)bytesPerRow64);
HexEdit_SetBytesPerRow(context->HexEditHandle, (ULONG)bytesPerRow64);
SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM)context->HexEditHandle, TRUE);
}
}
}
break;
}
}
break;
case WM_SIZE:
{
PhLayoutManagerLayout(&context->LayoutManager);
}
break;
case WM_SIZING:
{
PhResizingMinimumSize((PRECT)lParam, wParam, MinimumSize.right, MinimumSize.bottom);
}
break;
case WM_PH_SELECT_OFFSET:
{
HexEdit_SetEditMode(context->HexEditHandle, EDIT_ASCII);
HexEdit_SetSel(context->HexEditHandle, (ULONG)wParam, (ULONG)wParam + (ULONG)lParam);
}
break;
}
return FALSE;
}
INT_PTR CALLBACK PhpMemoryResultsDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
PMEMORY_RESULTS_CONTEXT context;
if (uMsg != WM_INITDIALOG)
{
context = GetProp(hwndDlg, PhMakeContextAtom());
}
else
{
context = (PMEMORY_RESULTS_CONTEXT)lParam;
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)context);
}
if (!context)
return FALSE;
switch (uMsg)
{
case WM_INITDIALOG:
{
HWND lvHandle;
PhRegisterDialog(hwndDlg);
{
PPH_PROCESS_ITEM processItem;
if (processItem = PhReferenceProcessItem(context->ProcessId))
{
SetWindowText(hwndDlg, PhaFormatString(L"Results - %s (%u)",
processItem->ProcessName->Buffer, HandleToUlong(processItem->ProcessId))->Buffer);
PhDereferenceObject(processItem);
}
}
lvHandle = GetDlgItem(hwndDlg, IDC_LIST);
PhSetListViewStyle(lvHandle, FALSE, TRUE);
PhSetControlTheme(lvHandle, L"explorer");
PhAddListViewColumn(lvHandle, 0, 0, 0, LVCFMT_LEFT, 120, L"Address");
PhAddListViewColumn(lvHandle, 1, 1, 1, LVCFMT_LEFT, 80, L"Length");
PhAddListViewColumn(lvHandle, 2, 2, 2, LVCFMT_LEFT, 200, L"Result");
PhLoadListViewColumnsFromSetting(L"MemResultsListViewColumns", lvHandle);
PhInitializeLayoutManager(&context->LayoutManager, hwndDlg);
PhAddLayoutItem(&context->LayoutManager, GetDlgItem(hwndDlg, IDC_LIST), NULL,
PH_ANCHOR_ALL);
PhAddLayoutItem(&context->LayoutManager, GetDlgItem(hwndDlg, IDOK), NULL,
PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhAddLayoutItem(&context->LayoutManager, GetDlgItem(hwndDlg, IDC_COPY), NULL,
PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhAddLayoutItem(&context->LayoutManager, GetDlgItem(hwndDlg, IDC_SAVE), NULL,
PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhAddLayoutItem(&context->LayoutManager, GetDlgItem(hwndDlg, IDC_FILTER), NULL,
PH_ANCHOR_BOTTOM | PH_ANCHOR_LEFT);
if (MinimumSize.left == -1)
{
RECT rect;
rect.left = 0;
rect.top = 0;
rect.right = 250;
rect.bottom = 180;
MapDialogRect(hwndDlg, &rect);
MinimumSize = rect;
MinimumSize.left = 0;
}
ListView_SetItemCount(lvHandle, context->Results->Count);
SetDlgItemText(hwndDlg, IDC_INTRO, PhaFormatString(L"%s results.",
PhaFormatUInt64(context->Results->Count, TRUE)->Buffer)->Buffer);
{
PH_RECTANGLE windowRectangle;
windowRectangle.Position = PhGetIntegerPairSetting(L"MemResultsPosition");
windowRectangle.Size = PhGetIntegerPairSetting(L"MemResultsSize");
PhAdjustRectangleToWorkingArea(NULL, &windowRectangle);
MoveWindow(hwndDlg, windowRectangle.Left, windowRectangle.Top,
windowRectangle.Width, windowRectangle.Height, FALSE);
// Implement cascading by saving an offsetted rectangle.
windowRectangle.Left += 20;
windowRectangle.Top += 20;
PhSetIntegerPairSetting(L"MemResultsPosition", windowRectangle.Position);
PhSetIntegerPairSetting(L"MemResultsSize", windowRectangle.Size);
}
}
break;
case WM_DESTROY:
{
PhSaveWindowPlacementToSetting(L"MemResultsPosition", L"MemResultsSize", hwndDlg);
PhSaveListViewColumnsToSetting(L"MemResultsListViewColumns", GetDlgItem(hwndDlg, IDC_LIST));
PhDeleteLayoutManager(&context->LayoutManager);
PhUnregisterDialog(hwndDlg);
RemoveProp(hwndDlg, PhMakeContextAtom());
PhDereferenceMemoryResults((PPH_MEMORY_RESULT *)context->Results->Items, context->Results->Count);
PhDereferenceObject(context->Results);
PhFree(context);
}
break;
case WM_COMMAND:
{
switch (LOWORD(wParam))
{
case IDCANCEL:
case IDOK:
DestroyWindow(hwndDlg);
break;
case IDC_COPY:
{
HWND lvHandle;
PPH_STRING string;
ULONG selectedCount;
lvHandle = GetDlgItem(hwndDlg, IDC_LIST);
selectedCount = ListView_GetSelectedCount(lvHandle);
if (selectedCount == 0)
{
// User didn't select anything, so copy all items.
string = PhpGetStringForSelectedResults(lvHandle, context->Results, TRUE);
PhSetStateAllListViewItems(lvHandle, LVIS_SELECTED, LVIS_SELECTED);
}
else
{
string = PhpGetStringForSelectedResults(lvHandle, context->Results, FALSE);
}
PhSetClipboardString(hwndDlg, &string->sr);
PhDereferenceObject(string);
SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM)lvHandle, TRUE);
}
break;
case IDC_SAVE:
{
static PH_FILETYPE_FILTER filters[] =
{
{ L"Text files (*.txt)", L"*.txt" },
{ L"All files (*.*)", L"*.*" }
};
PVOID fileDialog;
fileDialog = PhCreateSaveFileDialog();
PhSetFileDialogFilter(fileDialog, filters, sizeof(filters) / sizeof(PH_FILETYPE_FILTER));
PhSetFileDialogFileName(fileDialog, L"Search Results.txt");
if (PhShowFileDialog(hwndDlg, fileDialog))
{
NTSTATUS status;
PPH_STRING fileName;
PPH_FILE_STREAM fileStream;
PPH_STRING string;
fileName = PH_AUTO(PhGetFileDialogFileName(fileDialog));
if (NT_SUCCESS(status = PhCreateFileStream(
&fileStream,
fileName->Buffer,
FILE_GENERIC_WRITE,
FILE_SHARE_READ,
FILE_OVERWRITE_IF,
0
)))
{
PhWriteStringAsUtf8FileStream(fileStream, &PhUnicodeByteOrderMark);
PhWritePhTextHeader(fileStream);
string = PhpGetStringForSelectedResults(GetDlgItem(hwndDlg, IDC_LIST), context->Results, TRUE);
PhWriteStringAsUtf8FileStreamEx(fileStream, string->Buffer, string->Length);
PhDereferenceObject(string);
PhDereferenceObject(fileStream);
}
if (!NT_SUCCESS(status))
PhShowStatus(hwndDlg, L"Unable to create the file", status, 0);
}
PhFreeFileDialog(fileDialog);
}
break;
case IDC_FILTER:
{
PPH_EMENU menu;
RECT buttonRect;
POINT point;
PPH_EMENU_ITEM selectedItem;
ULONG filterType = 0;
menu = PhCreateEMenu();
PhLoadResourceEMenuItem(menu, PhInstanceHandle, MAKEINTRESOURCE(IDR_MEMFILTER), 0);
GetClientRect(GetDlgItem(hwndDlg, IDC_FILTER), &buttonRect);
point.x = 0;
point.y = buttonRect.bottom;
ClientToScreen(GetDlgItem(hwndDlg, IDC_FILTER), &point);
selectedItem = PhShowEMenu(menu, hwndDlg, PH_EMENU_SHOW_LEFTRIGHT,
PH_ALIGN_LEFT | PH_ALIGN_TOP, point.x, point.y);
if (selectedItem)
{
switch (selectedItem->Id)
{
case ID_FILTER_CONTAINS:
filterType = FILTER_CONTAINS;
break;
case ID_FILTER_CONTAINS_CASEINSENSITIVE:
filterType = FILTER_CONTAINS_IGNORECASE;
break;
case ID_FILTER_REGEX:
filterType = FILTER_REGEX;
break;
case ID_FILTER_REGEX_CASEINSENSITIVE:
filterType = FILTER_REGEX_IGNORECASE;
break;
}
}
if (filterType != 0)
FilterResults(hwndDlg, context, filterType);
PhDestroyEMenu(menu);
}
break;
}
}
break;
case WM_NOTIFY:
{
LPNMHDR header = (LPNMHDR)lParam;
HWND lvHandle;
lvHandle = GetDlgItem(hwndDlg, IDC_LIST);
PhHandleListViewNotifyForCopy(lParam, lvHandle);
switch (header->code)
{
case LVN_GETDISPINFO:
{
NMLVDISPINFO *dispInfo = (NMLVDISPINFO *)header;
if (dispInfo->item.mask & LVIF_TEXT)
{
PPH_MEMORY_RESULT result = context->Results->Items[dispInfo->item.iItem];
switch (dispInfo->item.iSubItem)
{
case 0:
{
WCHAR addressString[PH_PTR_STR_LEN_1];
PhPrintPointer(addressString, result->Address);
wcsncpy_s(
dispInfo->item.pszText,
dispInfo->item.cchTextMax,
addressString,
_TRUNCATE
);
}
break;
case 1:
{
WCHAR lengthString[PH_INT32_STR_LEN_1];
PhPrintUInt32(lengthString, (ULONG)result->Length);
wcsncpy_s(
dispInfo->item.pszText,
dispInfo->item.cchTextMax,
lengthString,
_TRUNCATE
);
}
break;
case 2:
wcsncpy_s(
dispInfo->item.pszText,
dispInfo->item.cchTextMax,
result->Display.Buffer,
_TRUNCATE
);
break;
}
}
}
break;
case NM_DBLCLK:
{
if (header->hwndFrom == lvHandle)
{
INT index;
if ((index = ListView_GetNextItem(
lvHandle,
-1,
LVNI_SELECTED
)) != -1)
{
NTSTATUS status;
PPH_MEMORY_RESULT result = context->Results->Items[index];
HANDLE processHandle;
MEMORY_BASIC_INFORMATION basicInfo;
PPH_SHOWMEMORYEDITOR showMemoryEditor;
if (NT_SUCCESS(status = PhOpenProcess(
&processHandle,
PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
context->ProcessId
)))
{
if (NT_SUCCESS(status = NtQueryVirtualMemory(
processHandle,
result->Address,
MemoryBasicInformation,
&basicInfo,
sizeof(MEMORY_BASIC_INFORMATION),
NULL
)))
{
showMemoryEditor = PhAllocate(sizeof(PH_SHOWMEMORYEDITOR));
memset(showMemoryEditor, 0, sizeof(PH_SHOWMEMORYEDITOR));
showMemoryEditor->ProcessId = context->ProcessId;
showMemoryEditor->BaseAddress = basicInfo.BaseAddress;
showMemoryEditor->RegionSize = basicInfo.RegionSize;
showMemoryEditor->SelectOffset = (ULONG)((ULONG_PTR)result->Address - (ULONG_PTR)basicInfo.BaseAddress);
showMemoryEditor->SelectLength = (ULONG)result->Length;
ProcessHacker_ShowMemoryEditor(PhMainWndHandle, showMemoryEditor);
}
NtClose(processHandle);
}
if (!NT_SUCCESS(status))
PhShowStatus(hwndDlg, L"Unable to edit memory", status, 0);
}
}
}
break;
}
}
break;
case WM_SIZE:
{
PhLayoutManagerLayout(&context->LayoutManager);
}
break;
case WM_SIZING:
{
PhResizingMinimumSize((PRECT)lParam, wParam, MinimumSize.right, MinimumSize.bottom);
}
break;
}
return FALSE;
}
static INT_PTR CALLBACK PhpThreadStackDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
switch (uMsg)
{
case WM_INITDIALOG:
{
NTSTATUS status;
PTHREAD_STACK_CONTEXT threadStackContext;
PPH_STRING title;
HWND lvHandle;
PPH_LAYOUT_MANAGER layoutManager;
threadStackContext = (PTHREAD_STACK_CONTEXT)lParam;
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)threadStackContext);
title = PhFormatString(L"Stack - thread %u", HandleToUlong(threadStackContext->ThreadId));
SetWindowText(hwndDlg, title->Buffer);
PhDereferenceObject(title);
lvHandle = GetDlgItem(hwndDlg, IDC_LIST);
PhAddListViewColumn(lvHandle, 0, 0, 0, LVCFMT_LEFT, 30, L" ");
PhAddListViewColumn(lvHandle, 1, 1, 1, LVCFMT_LEFT, 300, L"Name");
PhSetListViewStyle(lvHandle, FALSE, TRUE);
PhSetControlTheme(lvHandle, L"explorer");
PhLoadListViewColumnsFromSetting(L"ThreadStackListViewColumns", lvHandle);
threadStackContext->ListViewHandle = lvHandle;
layoutManager = PhAllocate(sizeof(PH_LAYOUT_MANAGER));
PhInitializeLayoutManager(layoutManager, hwndDlg);
SetProp(hwndDlg, L"LayoutManager", (HANDLE)layoutManager);
PhAddLayoutItem(layoutManager, lvHandle, NULL,
PH_ANCHOR_ALL);
PhAddLayoutItem(layoutManager, GetDlgItem(hwndDlg, IDC_COPY),
NULL, PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhAddLayoutItem(layoutManager, GetDlgItem(hwndDlg, IDC_REFRESH),
NULL, PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhAddLayoutItem(layoutManager, GetDlgItem(hwndDlg, IDOK),
NULL, PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
if (MinimumSize.left == -1)
{
RECT rect;
rect.left = 0;
rect.top = 0;
rect.right = 190;
rect.bottom = 120;
MapDialogRect(hwndDlg, &rect);
MinimumSize = rect;
MinimumSize.left = 0;
}
PhLoadWindowPlacementFromSetting(NULL, L"ThreadStackWindowSize", hwndDlg);
PhCenterWindow(hwndDlg, GetParent(hwndDlg));
if (PhPluginsEnabled)
{
PH_PLUGIN_THREAD_STACK_CONTROL control;
control.Type = PluginThreadStackInitializing;
control.UniqueKey = threadStackContext;
control.u.Initializing.ProcessId = threadStackContext->ProcessId;
control.u.Initializing.ThreadId = threadStackContext->ThreadId;
control.u.Initializing.ThreadHandle = threadStackContext->ThreadHandle;
control.u.Initializing.SymbolProvider = threadStackContext->SymbolProvider;
control.u.Initializing.CustomWalk = FALSE;
PhInvokeCallback(PhGetGeneralCallback(GeneralCallbackThreadStackControl), &control);
threadStackContext->CustomWalk = control.u.Initializing.CustomWalk;
}
status = PhpRefreshThreadStack(hwndDlg, threadStackContext);
if (status == STATUS_ABANDONED)
EndDialog(hwndDlg, IDCANCEL);
else if (!NT_SUCCESS(status))
PhShowStatus(hwndDlg, L"Unable to load the stack", status, 0);
}
break;
case WM_DESTROY:
{
PPH_LAYOUT_MANAGER layoutManager;
PTHREAD_STACK_CONTEXT threadStackContext;
ULONG i;
layoutManager = (PPH_LAYOUT_MANAGER)GetProp(hwndDlg, L"LayoutManager");
PhDeleteLayoutManager(layoutManager);
PhFree(layoutManager);
threadStackContext = (PTHREAD_STACK_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom());
if (PhPluginsEnabled)
{
PH_PLUGIN_THREAD_STACK_CONTROL control;
control.Type = PluginThreadStackUninitializing;
control.UniqueKey = threadStackContext;
PhInvokeCallback(PhGetGeneralCallback(GeneralCallbackThreadStackControl), &control);
}
for (i = 0; i < threadStackContext->List->Count; i++)
PhpFreeThreadStackItem(threadStackContext->List->Items[i]);
PhSaveListViewColumnsToSetting(L"ThreadStackListViewColumns", GetDlgItem(hwndDlg, IDC_LIST));
PhSaveWindowPlacementToSetting(NULL, L"ThreadStackWindowSize", hwndDlg);
RemoveProp(hwndDlg, PhMakeContextAtom());
RemoveProp(hwndDlg, L"LayoutManager");
}
break;
case WM_COMMAND:
{
INT id = LOWORD(wParam);
switch (id)
{
case IDCANCEL: // Esc and X button to close
case IDOK:
EndDialog(hwndDlg, IDOK);
break;
case IDC_REFRESH:
{
NTSTATUS status;
if (!NT_SUCCESS(status = PhpRefreshThreadStack(
hwndDlg,
(PTHREAD_STACK_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom())
)))
{
PhShowStatus(hwndDlg, L"Unable to load the stack", status, 0);
}
}
break;
case IDC_COPY:
{
HWND lvHandle;
lvHandle = GetDlgItem(hwndDlg, IDC_LIST);
if (ListView_GetSelectedCount(lvHandle) == 0)
PhSetStateAllListViewItems(lvHandle, LVIS_SELECTED, LVIS_SELECTED);
PhCopyListView(lvHandle);
SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM)lvHandle, TRUE);
}
break;
}
}
break;
case WM_NOTIFY:
{
LPNMHDR header = (LPNMHDR)lParam;
switch (header->code)
{
case LVN_GETINFOTIP:
{
LPNMLVGETINFOTIP getInfoTip = (LPNMLVGETINFOTIP)header;
HWND lvHandle;
PTHREAD_STACK_CONTEXT threadStackContext;
lvHandle = GetDlgItem(hwndDlg, IDC_LIST);
threadStackContext = (PTHREAD_STACK_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom());
if (header->hwndFrom == lvHandle)
{
PTHREAD_STACK_ITEM stackItem;
PPH_THREAD_STACK_FRAME stackFrame;
if (PhGetListViewItemParam(lvHandle, getInfoTip->iItem, &stackItem))
{
PH_STRING_BUILDER stringBuilder;
PPH_STRING fileName;
PH_SYMBOL_LINE_INFORMATION lineInfo;
stackFrame = &stackItem->StackFrame;
PhInitializeStringBuilder(&stringBuilder, 40);
PhAppendFormatStringBuilder(
&stringBuilder,
L"Stack: 0x%Ix, Frame: 0x%Ix\n",
stackFrame->StackAddress,
stackFrame->FrameAddress
);
// There are no params for kernel-mode stack traces.
if ((ULONG_PTR)stackFrame->PcAddress <= PhSystemBasicInformation.MaximumUserModeAddress)
{
PhAppendFormatStringBuilder(
&stringBuilder,
L"Parameters: 0x%Ix, 0x%Ix, 0x%Ix, 0x%Ix\n",
stackFrame->Params[0],
stackFrame->Params[1],
stackFrame->Params[2],
stackFrame->Params[3]
);
}
if (PhGetLineFromAddress(
threadStackContext->SymbolProvider,
(ULONG64)stackFrame->PcAddress,
&fileName,
NULL,
&lineInfo
))
{
PhAppendFormatStringBuilder(
&stringBuilder,
L"File: %s: line %u\n",
fileName->Buffer,
lineInfo.LineNumber
);
PhDereferenceObject(fileName);
}
if (stringBuilder.String->Length != 0)
PhRemoveEndStringBuilder(&stringBuilder, 1);
if (PhPluginsEnabled)
{
PH_PLUGIN_THREAD_STACK_CONTROL control;
control.Type = PluginThreadStackGetTooltip;
control.UniqueKey = threadStackContext;
control.u.GetTooltip.StackFrame = stackFrame;
control.u.GetTooltip.StringBuilder = &stringBuilder;
PhInvokeCallback(PhGetGeneralCallback(GeneralCallbackThreadStackControl), &control);
}
PhCopyListViewInfoTip(getInfoTip, &stringBuilder.String->sr);
PhDeleteStringBuilder(&stringBuilder);
}
}
}
break;
}
}
break;
case WM_SIZE:
{
PPH_LAYOUT_MANAGER layoutManager;
layoutManager = (PPH_LAYOUT_MANAGER)GetProp(hwndDlg, L"LayoutManager");
PhLayoutManagerLayout(layoutManager);
}
break;
case WM_SIZING:
{
PhResizingMinimumSize((PRECT)lParam, wParam, MinimumSize.right, MinimumSize.bottom);
}
break;
}
return FALSE;
}
static INT_PTR CALLBACK PhpThreadStackProgressDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
switch (uMsg)
{
case WM_INITDIALOG:
{
PTHREAD_STACK_CONTEXT threadStackContext;
HANDLE threadHandle;
threadStackContext = (PTHREAD_STACK_CONTEXT)lParam;
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)threadStackContext);
threadStackContext->ProgressWindowHandle = hwndDlg;
if (threadHandle = PhCreateThread(0, PhpRefreshThreadStackThreadStart, threadStackContext))
{
NtClose(threadHandle);
}
else
{
threadStackContext->WalkStatus = STATUS_UNSUCCESSFUL;
EndDialog(hwndDlg, IDOK);
break;
}
PhCenterWindow(hwndDlg, GetParent(hwndDlg));
PhSetWindowStyle(GetDlgItem(hwndDlg, IDC_PROGRESS), PBS_MARQUEE, PBS_MARQUEE);
SendMessage(GetDlgItem(hwndDlg, IDC_PROGRESS), PBM_SETMARQUEE, TRUE, 75);
SetWindowText(hwndDlg, L"Loading stack...");
}
break;
case WM_DESTROY:
{
RemoveProp(hwndDlg, PhMakeContextAtom());
}
break;
case WM_COMMAND:
{
switch (LOWORD(wParam))
{
case IDCANCEL:
{
PTHREAD_STACK_CONTEXT threadStackContext = (PTHREAD_STACK_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom());
EnableWindow(GetDlgItem(hwndDlg, IDCANCEL), FALSE);
threadStackContext->StopWalk = TRUE;
}
break;
}
}
break;
case WM_PH_COMPLETED:
{
EndDialog(hwndDlg, IDOK);
}
break;
case WM_PH_STATUS_UPDATE:
{
PTHREAD_STACK_CONTEXT threadStackContext = (PTHREAD_STACK_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom());
PPH_STRING message;
PhAcquireQueuedLockExclusive(&threadStackContext->StatusLock);
message = threadStackContext->StatusMessage;
PhReferenceObject(message);
PhReleaseQueuedLockExclusive(&threadStackContext->StatusLock);
SetDlgItemText(hwndDlg, IDC_PROGRESSTEXT, message->Buffer);
PhDereferenceObject(message);
}
break;
}
return 0;
}
INT_PTR CALLBACK PhpHandleGeneralDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
switch (uMsg)
{
case WM_INITDIALOG:
{
LPPROPSHEETPAGE propSheetPage = (LPPROPSHEETPAGE)lParam;
PHANDLE_PROPERTIES_CONTEXT context = (PHANDLE_PROPERTIES_CONTEXT)propSheetPage->lParam;
PPH_ACCESS_ENTRY accessEntries;
ULONG numberOfAccessEntries;
HANDLE processHandle;
OBJECT_BASIC_INFORMATION basicInfo;
BOOLEAN haveBasicInfo = FALSE;
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)context);
SetDlgItemText(hwndDlg, IDC_NAME, PhGetString(context->HandleItem->BestObjectName));
SetDlgItemText(hwndDlg, IDC_TYPE, context->HandleItem->TypeName->Buffer);
SetDlgItemText(hwndDlg, IDC_ADDRESS, context->HandleItem->ObjectString);
if (PhGetAccessEntries(
context->HandleItem->TypeName->Buffer,
&accessEntries,
&numberOfAccessEntries
))
{
PPH_STRING accessString;
PPH_STRING grantedAccessString;
accessString = PhGetAccessString(
context->HandleItem->GrantedAccess,
accessEntries,
numberOfAccessEntries
);
if (accessString->Length != 0)
{
grantedAccessString = PhFormatString(
L"%s (%s)",
context->HandleItem->GrantedAccessString,
accessString->Buffer
);
SetDlgItemText(hwndDlg, IDC_GRANTED_ACCESS, grantedAccessString->Buffer);
PhDereferenceObject(grantedAccessString);
}
else
{
SetDlgItemText(hwndDlg, IDC_GRANTED_ACCESS, context->HandleItem->GrantedAccessString);
}
PhDereferenceObject(accessString);
PhFree(accessEntries);
}
else
{
SetDlgItemText(hwndDlg, IDC_GRANTED_ACCESS, context->HandleItem->GrantedAccessString);
}
if (NT_SUCCESS(PhOpenProcess(
&processHandle,
PROCESS_DUP_HANDLE,
context->ProcessId
)))
{
if (NT_SUCCESS(PhGetHandleInformation(
processHandle,
context->HandleItem->Handle,
-1,
&basicInfo,
NULL,
NULL,
NULL
)))
{
SetDlgItemInt(hwndDlg, IDC_REFERENCES, basicInfo.PointerCount, FALSE);
SetDlgItemInt(hwndDlg, IDC_HANDLES, basicInfo.HandleCount, FALSE);
SetDlgItemInt(hwndDlg, IDC_PAGED, basicInfo.PagedPoolCharge, FALSE);
SetDlgItemInt(hwndDlg, IDC_NONPAGED, basicInfo.NonPagedPoolCharge, FALSE);
haveBasicInfo = TRUE;
}
NtClose(processHandle);
}
if (!haveBasicInfo)
{
SetDlgItemText(hwndDlg, IDC_REFERENCES, L"Unknown");
SetDlgItemText(hwndDlg, IDC_HANDLES, L"Unknown");
SetDlgItemText(hwndDlg, IDC_PAGED, L"Unknown");
SetDlgItemText(hwndDlg, IDC_NONPAGED, L"Unknown");
}
}
break;
case WM_DESTROY:
{
RemoveProp(hwndDlg, PhMakeContextAtom());
}
break;
case WM_NOTIFY:
{
LPNMHDR header = (LPNMHDR)lParam;
switch (header->code)
{
case PSN_QUERYINITIALFOCUS:
{
SetWindowLongPtr(hwndDlg, DWLP_MSGRESULT, (LONG_PTR)GetDlgItem(hwndDlg, IDC_BASICINFORMATION));
}
return TRUE;
}
}
break;
}
return FALSE;
}
INT_PTR CALLBACK PhpColumnSetEditorDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
PCOLUMNSET_DIALOG_CONTEXT context = NULL;
if (uMsg == WM_INITDIALOG)
{
context = PhAllocate(sizeof(COLUMNSET_DIALOG_CONTEXT));
memset(context, 0, sizeof(COLUMNSET_DIALOG_CONTEXT));
context->SettingName = PhCreateString((PWSTR)lParam);
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)context);
}
else
{
context = (PCOLUMNSET_DIALOG_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom());
}
if (!context)
return FALSE;
switch (uMsg)
{
case WM_INITDIALOG:
{
context->DialogHandle = hwndDlg;
context->ListViewHandle = GetDlgItem(hwndDlg, IDC_COLUMNSETLIST);
context->RenameButtonHandle = GetDlgItem(hwndDlg, IDC_RENAME);
context->MoveUpButtonHandle = GetDlgItem(hwndDlg, IDC_MOVEUP);
context->MoveDownButtonHandle = GetDlgItem(hwndDlg, IDC_MOVEDOWN);
context->RemoveButtonHandle = GetDlgItem(hwndDlg, IDC_REMOVE);
PhCenterWindow(hwndDlg, GetParent(hwndDlg));
PhSetListViewStyle(context->ListViewHandle, FALSE, TRUE);
PhSetControlTheme(context->ListViewHandle, L"explorer");
PhAddListViewColumn(context->ListViewHandle, 0, 0, 0, LVCFMT_LEFT, 250, L"Name");
PhSetExtendedListView(context->ListViewHandle);
context->ColumnSetList = PhInitializeColumnSetList(PhGetString(context->SettingName));
for (ULONG i = 0; i < context->ColumnSetList->Count; i++)
{
PPH_COLUMN_SET_ENTRY entry = context->ColumnSetList->Items[i];
PhAddListViewItem(context->ListViewHandle, MAXINT, entry->Name->Buffer, entry);
}
Button_Enable(context->RenameButtonHandle, FALSE);
Button_Enable(context->MoveUpButtonHandle, FALSE);
Button_Enable(context->MoveDownButtonHandle, FALSE);
Button_Enable(context->RemoveButtonHandle, FALSE);
}
break;
case WM_DESTROY:
{
PhDeleteColumnSetList(context->ColumnSetList);
RemoveProp(hwndDlg, PhMakeContextAtom());
PhFree(context);
}
break;
case WM_COMMAND:
{
switch (GET_WM_COMMAND_ID(wParam, lParam))
{
case IDCANCEL:
EndDialog(hwndDlg, IDCANCEL);
break;
case IDOK:
{
if (context->LabelEditActive)
break;
PhSaveSettingsColumnList(PhGetString(context->SettingName), context->ColumnSetList);
EndDialog(hwndDlg, IDOK);
}
break;
case IDC_RENAME:
{
INT lvItemIndex;
lvItemIndex = ListView_GetNextItem(context->ListViewHandle, -1, LVNI_SELECTED);
if (lvItemIndex != -1)
{
SetFocus(context->ListViewHandle);
ListView_EditLabel(context->ListViewHandle, lvItemIndex);
}
}
break;
case IDC_MOVEUP:
{
INT lvItemIndex;
PPH_COLUMN_SET_ENTRY entry;
ULONG index;
PhpMoveSelectedListViewItemUp(context->ListViewHandle);
lvItemIndex = ListView_GetNextItem(context->ListViewHandle, -1, LVNI_SELECTED);
if (lvItemIndex != -1 && PhGetListViewItemParam(context->ListViewHandle, lvItemIndex, (PVOID *)&entry))
{
index = PhFindItemList(context->ColumnSetList, entry);
if (index != -1)
{
PhRemoveItemList(context->ColumnSetList, index);
PhInsertItemList(context->ColumnSetList, lvItemIndex, entry);
}
}
}
break;
case IDC_MOVEDOWN:
{
INT lvItemIndex;
PPH_COLUMN_SET_ENTRY entry;
ULONG index;
PhpMoveSelectedListViewItemDown(context->ListViewHandle);
lvItemIndex = ListView_GetNextItem(context->ListViewHandle, -1, LVNI_SELECTED);
if (lvItemIndex != -1 && PhGetListViewItemParam(context->ListViewHandle, lvItemIndex, (PVOID *)&entry))
{
index = PhFindItemList(context->ColumnSetList, entry);
if (index != -1)
{
PhRemoveItemList(context->ColumnSetList, index);
PhInsertItemList(context->ColumnSetList, lvItemIndex, entry);
}
}
}
break;
case IDC_REMOVE:
{
INT lvItemIndex;
PPH_COLUMN_SET_ENTRY entry;
ULONG index;
lvItemIndex = ListView_GetNextItem(context->ListViewHandle, -1, LVNI_SELECTED);
if (lvItemIndex != -1 && PhGetListViewItemParam(context->ListViewHandle, lvItemIndex, (PVOID *)&entry))
{
index = PhFindItemList(context->ColumnSetList, entry);
if (index != -1)
{
PhRemoveItemList(context->ColumnSetList, index);
PhRemoveListViewItem(context->ListViewHandle, lvItemIndex);
PhClearReference(&entry->Name);
PhClearReference(&entry->Setting);
PhClearReference(&entry->Sorting);
PhFree(entry);
}
SetFocus(context->ListViewHandle);
ListView_SetItemState(context->ListViewHandle, 0, LVNI_SELECTED, LVNI_SELECTED);
//ListView_EnsureVisible(context->ListViewHandle, 0, FALSE);
}
}
break;
}
}
break;
case WM_NOTIFY:
{
LPNMHDR header = (LPNMHDR)lParam;
switch (header->code)
{
case NM_DBLCLK:
{
INT lvItemIndex;
lvItemIndex = ListView_GetNextItem(context->ListViewHandle, -1, LVNI_SELECTED);
if (lvItemIndex != -1)
{
SetFocus(context->ListViewHandle);
ListView_EditLabel(context->ListViewHandle, lvItemIndex);
}
}
break;
case LVN_ITEMCHANGED:
{
LPNMLISTVIEW listview = (LPNMLISTVIEW)lParam;
INT index;
INT lvItemIndex;
INT count;
index = listview->iItem;
lvItemIndex = ListView_GetNextItem(context->ListViewHandle, -1, LVNI_SELECTED);
count = ListView_GetItemCount(context->ListViewHandle);
if (count == 0 || index == -1 || lvItemIndex == -1)
{
Button_Enable(context->RenameButtonHandle, FALSE);
Button_Enable(context->MoveUpButtonHandle, FALSE);
Button_Enable(context->MoveDownButtonHandle, FALSE);
Button_Enable(context->RemoveButtonHandle, FALSE);
break;
}
if (index != lvItemIndex)
break;
if (index == 0 && count == 1)
{
// First and last item
Button_Enable(context->MoveUpButtonHandle, FALSE);
Button_Enable(context->MoveDownButtonHandle, FALSE);
}
else if (index == (count - 1))
{
// Last item
Button_Enable(context->MoveUpButtonHandle, TRUE);
Button_Enable(context->MoveDownButtonHandle, FALSE);
}
else if (index == 0)
{
// First item
Button_Enable(context->MoveUpButtonHandle, FALSE);
Button_Enable(context->MoveDownButtonHandle, TRUE);
}
else
{
Button_Enable(context->MoveUpButtonHandle, TRUE);
Button_Enable(context->MoveDownButtonHandle, TRUE);
}
Button_Enable(context->RenameButtonHandle, TRUE);
Button_Enable(context->RemoveButtonHandle, TRUE);
}
break;
case LVN_BEGINLABELEDIT:
context->LabelEditActive = TRUE;
break;
case LVN_ENDLABELEDIT:
{
LV_DISPINFO* lvinfo = (LV_DISPINFO*)lParam;
if (lvinfo->item.iItem != -1 && lvinfo->item.pszText)
{
BOOLEAN found = FALSE;
PPH_COLUMN_SET_ENTRY entry;
ULONG index;
for (ULONG i = 0; i < context->ColumnSetList->Count; i++)
{
entry = context->ColumnSetList->Items[i];
if (PhEqualStringRef2(&entry->Name->sr, lvinfo->item.pszText, FALSE))
{
found = TRUE;
break;
}
}
if (!found && PhGetListViewItemParam(context->ListViewHandle, lvinfo->item.iItem, (PVOID *)&entry))
{
index = PhFindItemList(context->ColumnSetList, entry);
if (index != -1)
{
PhMoveReference(&entry->Name, PhCreateString(lvinfo->item.pszText));
ListView_SetItemText(context->ListViewHandle, lvinfo->item.iItem, 0, lvinfo->item.pszText);
}
}
}
context->LabelEditActive = FALSE;
}
break;
}
}
break;
}
return FALSE;
}
INT_PTR CALLBACK PhpProcessTokenHookProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
switch (uMsg)
{
case WM_DESTROY:
{
RemoveProp(hwndDlg, PhMakeContextAtom());
}
break;
case WM_SHOWWINDOW:
{
if (!GetProp(hwndDlg, PhMakeContextAtom())) // LayoutInitialized
{
PPH_LAYOUT_ITEM dialogItem;
HWND groupsLv;
HWND privilegesLv;
// This is a big violation of abstraction...
dialogItem = PhAddPropPageLayoutItem(hwndDlg, hwndDlg,
PH_PROP_PAGE_TAB_CONTROL_PARENT, PH_ANCHOR_ALL);
PhAddPropPageLayoutItem(hwndDlg, GetDlgItem(hwndDlg, IDC_USER),
dialogItem, PH_ANCHOR_LEFT | PH_ANCHOR_TOP | PH_ANCHOR_RIGHT);
PhAddPropPageLayoutItem(hwndDlg, GetDlgItem(hwndDlg, IDC_USERSID),
dialogItem, PH_ANCHOR_LEFT | PH_ANCHOR_TOP | PH_ANCHOR_RIGHT);
PhAddPropPageLayoutItem(hwndDlg, GetDlgItem(hwndDlg, IDC_VIRTUALIZED),
dialogItem, PH_ANCHOR_LEFT | PH_ANCHOR_TOP | PH_ANCHOR_RIGHT);
PhAddPropPageLayoutItem(hwndDlg, GetDlgItem(hwndDlg, IDC_APPCONTAINERSID),
dialogItem, PH_ANCHOR_LEFT | PH_ANCHOR_TOP | PH_ANCHOR_RIGHT);
PhAddPropPageLayoutItem(hwndDlg, GetDlgItem(hwndDlg, IDC_GROUPS),
dialogItem, PH_ANCHOR_LEFT | PH_ANCHOR_TOP | PH_ANCHOR_RIGHT);
PhAddPropPageLayoutItem(hwndDlg, GetDlgItem(hwndDlg, IDC_PRIVILEGES),
dialogItem, PH_ANCHOR_ALL);
PhAddPropPageLayoutItem(hwndDlg, GetDlgItem(hwndDlg, IDC_INSTRUCTION),
dialogItem, PH_ANCHOR_LEFT | PH_ANCHOR_BOTTOM);
PhAddPropPageLayoutItem(hwndDlg, GetDlgItem(hwndDlg, IDC_INTEGRITY),
dialogItem, PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhAddPropPageLayoutItem(hwndDlg, GetDlgItem(hwndDlg, IDC_ADVANCED),
dialogItem, PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhDoPropPageLayout(hwndDlg);
groupsLv = GetDlgItem(hwndDlg, IDC_GROUPS);
privilegesLv = GetDlgItem(hwndDlg, IDC_PRIVILEGES);
if (ListView_GetItemCount(groupsLv) != 0)
{
ListView_SetColumnWidth(groupsLv, 0, LVSCW_AUTOSIZE);
ExtendedListView_SetColumnWidth(groupsLv, 1, ELVSCW_AUTOSIZE_REMAININGSPACE);
}
if (ListView_GetItemCount(privilegesLv) != 0)
{
ListView_SetColumnWidth(privilegesLv, 0, LVSCW_AUTOSIZE);
ListView_SetColumnWidth(privilegesLv, 1, LVSCW_AUTOSIZE);
ExtendedListView_SetColumnWidth(privilegesLv, 2, ELVSCW_AUTOSIZE_REMAININGSPACE);
}
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)TRUE);
}
}
break;
}
return FALSE;
}
INT_PTR CALLBACK PhpChooseProcessDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
PCHOOSE_PROCESS_DIALOG_CONTEXT context = NULL;
if (uMsg == WM_INITDIALOG)
{
context = (PCHOOSE_PROCESS_DIALOG_CONTEXT)lParam;
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)context);
}
else
{
context = (PCHOOSE_PROCESS_DIALOG_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom());
if (uMsg == WM_DESTROY)
{
RemoveProp(hwndDlg, PhMakeContextAtom());
}
}
if (!context)
return FALSE;
switch (uMsg)
{
case WM_INITDIALOG:
{
HWND lvHandle;
PhCenterWindow(hwndDlg, GetParent(hwndDlg));
SetDlgItemText(hwndDlg, IDC_MESSAGE, context->Message);
PhInitializeLayoutManager(&context->LayoutManager, hwndDlg);
PhAddLayoutItem(&context->LayoutManager, GetDlgItem(hwndDlg, IDC_MESSAGE), NULL,
PH_ANCHOR_LEFT | PH_ANCHOR_TOP | PH_ANCHOR_RIGHT | PH_LAYOUT_FORCE_INVALIDATE);
PhAddLayoutItem(&context->LayoutManager, GetDlgItem(hwndDlg, IDC_LIST), NULL,
PH_ANCHOR_ALL);
PhAddLayoutItem(&context->LayoutManager, GetDlgItem(hwndDlg, IDOK), NULL,
PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhAddLayoutItem(&context->LayoutManager, GetDlgItem(hwndDlg, IDCANCEL), NULL,
PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhAddLayoutItem(&context->LayoutManager, GetDlgItem(hwndDlg, IDC_REFRESH), NULL,
PH_ANCHOR_BOTTOM | PH_ANCHOR_LEFT);
PhLayoutManagerLayout(&context->LayoutManager);
context->MinimumSize.left = 0;
context->MinimumSize.top = 0;
context->MinimumSize.right = 280;
context->MinimumSize.bottom = 170;
MapDialogRect(hwndDlg, &context->MinimumSize);
context->ListViewHandle = lvHandle = GetDlgItem(hwndDlg, IDC_LIST);
context->ImageList = ImageList_Create(PhSmallIconSize.X, PhSmallIconSize.Y, ILC_COLOR32 | ILC_MASK, 0, 40);
PhSetListViewStyle(lvHandle, FALSE, TRUE);
PhSetControlTheme(lvHandle, L"explorer");
PhAddListViewColumn(lvHandle, 0, 0, 0, LVCFMT_LEFT, 180, L"Name");
PhAddListViewColumn(lvHandle, 1, 1, 1, LVCFMT_LEFT, 60, L"PID");
PhAddListViewColumn(lvHandle, 2, 2, 2, LVCFMT_LEFT, 160, L"User name");
PhSetExtendedListView(lvHandle);
ListView_SetImageList(lvHandle, context->ImageList, LVSIL_SMALL);
PhpRefreshProcessList(hwndDlg, context);
EnableWindow(GetDlgItem(hwndDlg, IDOK), FALSE);
}
break;
case WM_DESTROY:
{
ImageList_Destroy(context->ImageList);
PhDeleteLayoutManager(&context->LayoutManager);
}
break;
case WM_COMMAND:
{
switch (LOWORD(wParam))
{
case IDCANCEL:
{
EndDialog(hwndDlg, IDCANCEL);
}
break;
case IDOK:
{
if (ListView_GetSelectedCount(context->ListViewHandle) == 1)
{
context->ProcessId = (HANDLE)PhGetSelectedListViewItemParam(context->ListViewHandle);
EndDialog(hwndDlg, IDOK);
}
}
break;
case IDC_REFRESH:
{
PhpRefreshProcessList(hwndDlg, context);
}
break;
}
}
break;
case WM_NOTIFY:
{
LPNMHDR header = (LPNMHDR)lParam;
switch (header->code)
{
case LVN_ITEMCHANGED:
{
EnableWindow(GetDlgItem(hwndDlg, IDOK), ListView_GetSelectedCount(context->ListViewHandle) == 1);
}
break;
case NM_DBLCLK:
{
SendMessage(hwndDlg, WM_COMMAND, IDOK, 0);
}
break;
}
}
break;
case WM_SIZE:
{
PhLayoutManagerLayout(&context->LayoutManager);
}
break;
case WM_SIZING:
{
PhResizingMinimumSize((PRECT)lParam, wParam, context->MinimumSize.right, context->MinimumSize.bottom);
}
break;
}
return FALSE;
}
static INT_PTR CALLBACK PhpMemoryProtectDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
switch (uMsg)
{
case WM_INITDIALOG:
{
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)lParam);
SetDlgItemText(hwndDlg, IDC_INTRO,
L"Possible values:\r\n"
L"\r\n"
L"0x01 - PAGE_NOACCESS\r\n"
L"0x02 - PAGE_READONLY\r\n"
L"0x04 - PAGE_READWRITE\r\n"
L"0x08 - PAGE_WRITECOPY\r\n"
L"0x10 - PAGE_EXECUTE\r\n"
L"0x20 - PAGE_EXECUTE_READ\r\n"
L"0x40 - PAGE_EXECUTE_READWRITE\r\n"
L"0x80 - PAGE_EXECUTE_WRITECOPY\r\n"
L"Modifiers:\r\n"
L"0x100 - PAGE_GUARD\r\n"
L"0x200 - PAGE_NOCACHE\r\n"
L"0x400 - PAGE_WRITECOMBINE\r\n"
);
SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM)GetDlgItem(hwndDlg, IDC_VALUE), TRUE);
}
break;
case WM_DESTROY:
{
RemoveProp(hwndDlg, PhMakeContextAtom());
}
break;
case WM_COMMAND:
{
switch (LOWORD(wParam))
{
case IDCANCEL:
EndDialog(hwndDlg, IDCANCEL);
break;
case IDOK:
{
NTSTATUS status;
PMEMORY_PROTECT_CONTEXT context = (PMEMORY_PROTECT_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom());
HANDLE processHandle;
ULONG64 protect;
PhStringToInteger64(&PhaGetDlgItemText(hwndDlg, IDC_VALUE)->sr, 0, &protect);
if (NT_SUCCESS(status = PhOpenProcess(
&processHandle,
PROCESS_VM_OPERATION,
context->ProcessItem->ProcessId
)))
{
PVOID baseAddress;
SIZE_T regionSize;
ULONG oldProtect;
baseAddress = context->MemoryItem->BaseAddress;
regionSize = context->MemoryItem->RegionSize;
status = NtProtectVirtualMemory(
processHandle,
&baseAddress,
®ionSize,
(ULONG)protect,
&oldProtect
);
if (NT_SUCCESS(status))
context->MemoryItem->Protect = (ULONG)protect;
}
if (NT_SUCCESS(status))
{
EndDialog(hwndDlg, IDOK);
}
else
{
PhShowStatus(hwndDlg, L"Unable to change memory protection", status, 0);
SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM)GetDlgItem(hwndDlg, IDC_VALUE), TRUE);
Edit_SetSel(GetDlgItem(hwndDlg, IDC_VALUE), 0, -1);
}
}
break;
}
}
break;
}
return FALSE;
}
INT_PTR CALLBACK PhpServicesPageProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
PPH_SERVICES_CONTEXT servicesContext;
HWND lvHandle;
if (uMsg == WM_INITDIALOG)
{
servicesContext = (PPH_SERVICES_CONTEXT)lParam;
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)servicesContext);
}
else
{
servicesContext = (PPH_SERVICES_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom());
if (uMsg == WM_DESTROY)
{
RemoveProp(hwndDlg, PhMakeContextAtom());
}
}
if (!servicesContext)
return FALSE;
lvHandle = GetDlgItem(hwndDlg, IDC_LIST);
switch (uMsg)
{
case WM_INITDIALOG:
{
ULONG i;
PhRegisterCallback(
&PhServiceModifiedEvent,
ServiceModifiedHandler,
servicesContext,
&servicesContext->ModifiedEventRegistration
);
servicesContext->WindowHandle = hwndDlg;
// Initialize the list.
PhSetListViewStyle(lvHandle, TRUE, TRUE);
PhSetControlTheme(lvHandle, L"explorer");
PhAddListViewColumn(lvHandle, 0, 0, 0, LVCFMT_LEFT, 120, L"Name");
PhAddListViewColumn(lvHandle, 1, 1, 1, LVCFMT_LEFT, 220, L"Display name");
PhSetExtendedListView(lvHandle);
for (i = 0; i < servicesContext->NumberOfServices; i++)
{
PPH_SERVICE_ITEM serviceItem;
INT lvItemIndex;
serviceItem = servicesContext->Services[i];
lvItemIndex = PhAddListViewItem(lvHandle, MAXINT, serviceItem->Name->Buffer, serviceItem);
PhSetListViewSubItem(lvHandle, lvItemIndex, 1, serviceItem->DisplayName->Buffer);
}
ExtendedListView_SortItems(lvHandle);
PhpFixProcessServicesControls(hwndDlg, NULL);
PhInitializeLayoutManager(&servicesContext->LayoutManager, hwndDlg);
PhAddLayoutItem(&servicesContext->LayoutManager, GetDlgItem(hwndDlg, IDC_LIST),
NULL, PH_ANCHOR_ALL);
PhAddLayoutItem(&servicesContext->LayoutManager, GetDlgItem(hwndDlg, IDC_DESCRIPTION),
NULL, PH_ANCHOR_LEFT | PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhAddLayoutItem(&servicesContext->LayoutManager, GetDlgItem(hwndDlg, IDC_START),
NULL, PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhAddLayoutItem(&servicesContext->LayoutManager, GetDlgItem(hwndDlg, IDC_PAUSE),
NULL, PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
}
break;
case WM_DESTROY:
{
ULONG i;
for (i = 0; i < servicesContext->NumberOfServices; i++)
PhDereferenceObject(servicesContext->Services[i]);
PhFree(servicesContext->Services);
PhUnregisterCallback(
&PhServiceModifiedEvent,
&servicesContext->ModifiedEventRegistration
);
if (servicesContext->ListViewSettingName)
PhSaveListViewColumnsToSetting(servicesContext->ListViewSettingName, lvHandle);
PhDeleteLayoutManager(&servicesContext->LayoutManager);
PhFree(servicesContext);
}
break;
case WM_COMMAND:
{
INT id = LOWORD(wParam);
switch (id)
{
case IDC_START:
{
PPH_SERVICE_ITEM serviceItem = PhGetSelectedListViewItemParam(lvHandle);
if (serviceItem)
{
switch (serviceItem->State)
{
case SERVICE_RUNNING:
PhUiStopService(hwndDlg, serviceItem);
break;
case SERVICE_PAUSED:
PhUiStopService(hwndDlg, serviceItem);
break;
case SERVICE_STOPPED:
PhUiStartService(hwndDlg, serviceItem);
break;
}
}
}
break;
case IDC_PAUSE:
{
PPH_SERVICE_ITEM serviceItem = PhGetSelectedListViewItemParam(lvHandle);
if (serviceItem)
{
switch (serviceItem->State)
{
case SERVICE_RUNNING:
PhUiPauseService(hwndDlg, serviceItem);
break;
case SERVICE_PAUSED:
PhUiContinueService(hwndDlg, serviceItem);
break;
}
}
}
break;
}
}
break;
case WM_NOTIFY:
{
LPNMHDR header = (LPNMHDR)lParam;
PhHandleListViewNotifyBehaviors(lParam, lvHandle, PH_LIST_VIEW_DEFAULT_1_BEHAVIORS);
switch (header->code)
{
case NM_DBLCLK:
{
if (header->hwndFrom == lvHandle)
{
PPH_SERVICE_ITEM serviceItem = PhGetSelectedListViewItemParam(lvHandle);
if (serviceItem)
{
PhShowServiceProperties(hwndDlg, serviceItem);
}
}
}
break;
case LVN_ITEMCHANGED:
{
if (header->hwndFrom == lvHandle)
{
//LPNMITEMACTIVATE itemActivate = (LPNMITEMACTIVATE)header;
PPH_SERVICE_ITEM serviceItem = NULL;
if (ListView_GetSelectedCount(lvHandle) == 1)
serviceItem = PhGetSelectedListViewItemParam(lvHandle);
PhpFixProcessServicesControls(hwndDlg, serviceItem);
}
}
break;
}
}
break;
case WM_SIZE:
{
PhLayoutManagerLayout(&servicesContext->LayoutManager);
}
break;
case WM_PH_SERVICE_MODIFIED:
{
PPH_SERVICE_MODIFIED_DATA serviceModifiedData = (PPH_SERVICE_MODIFIED_DATA)lParam;
PPH_SERVICE_ITEM serviceItem = NULL;
if (ListView_GetSelectedCount(lvHandle) == 1)
serviceItem = PhGetSelectedListViewItemParam(lvHandle);
if (serviceModifiedData->Service == serviceItem)
{
PhpFixProcessServicesControls(hwndDlg, serviceItem);
}
PhFree(serviceModifiedData);
}
break;
case WM_PH_SET_LIST_VIEW_SETTINGS:
{
PWSTR settingName = (PWSTR)lParam;
servicesContext->ListViewSettingName = settingName;
PhLoadListViewColumnsFromSetting(settingName, lvHandle);
}
break;
}
return FALSE;
}
INT_PTR CALLBACK PhpColumnsDlgProc(
__in HWND hwndDlg,
__in UINT uMsg,
__in WPARAM wParam,
__in LPARAM lParam
)
{
PCOLUMNS_DIALOG_CONTEXT context = NULL;
if (uMsg == WM_INITDIALOG)
{
context = (PCOLUMNS_DIALOG_CONTEXT)lParam;
SetProp(hwndDlg, PhMakeContextAtom(), (HANDLE)context);
}
else
{
context = (PCOLUMNS_DIALOG_CONTEXT)GetProp(hwndDlg, PhMakeContextAtom());
}
if (!context)
return FALSE;
switch (uMsg)
{
case WM_INITDIALOG:
{
ULONG count;
ULONG total;
ULONG i;
PPH_LIST displayOrderList;
context->InactiveList = GetDlgItem(hwndDlg, IDC_INACTIVE);
context->ActiveList = GetDlgItem(hwndDlg, IDC_ACTIVE);
if (context->Type == PH_CONTROL_TYPE_TREE_NEW)
{
PH_TREENEW_COLUMN column;
count = 0;
total = TreeNew_GetColumnCount(context->ControlHandle);
i = 0;
displayOrderList = PhCreateList(total);
while (count < total)
{
if (TreeNew_GetColumn(context->ControlHandle, i, &column))
{
PPH_TREENEW_COLUMN copy;
if (column.Fixed)
{
i++;
total--;
continue;
}
copy = PhAllocateCopy(&column, sizeof(PH_TREENEW_COLUMN));
PhAddItemList(context->Columns, copy);
count++;
if (column.Visible)
{
PhAddItemList(displayOrderList, copy);
}
else
{
ListBox_AddString(context->InactiveList, column.Text);
}
}
i++;
}
qsort(displayOrderList->Items, displayOrderList->Count, sizeof(PVOID), PhpColumnsCompareDisplayIndexTn);
}
for (i = 0; i < displayOrderList->Count; i++)
{
if (context->Type == PH_CONTROL_TYPE_TREE_NEW)
{
PPH_TREENEW_COLUMN copy = displayOrderList->Items[i];
ListBox_AddString(context->ActiveList, copy->Text);
}
}
PhDereferenceObject(displayOrderList);
SendMessage(hwndDlg, WM_COMMAND, MAKEWPARAM(IDC_INACTIVE, LBN_SELCHANGE), (LPARAM)context->InactiveList);
SendMessage(hwndDlg, WM_COMMAND, MAKEWPARAM(IDC_ACTIVE, LBN_SELCHANGE), (LPARAM)context->ActiveList);
}
break;
case WM_DESTROY:
{
ULONG i;
for (i = 0; i < context->Columns->Count; i++)
PhFree(context->Columns->Items[i]);
RemoveProp(hwndDlg, PhMakeContextAtom());
}
break;
case WM_COMMAND:
{
switch (LOWORD(wParam))
{
case IDCANCEL:
EndDialog(hwndDlg, IDCANCEL);
break;
case IDOK:
{
#define ORDER_LIMIT 100
PPH_LIST activeList;
ULONG activeCount;
ULONG i;
INT orderArray[ORDER_LIMIT];
INT maxOrder;
memset(orderArray, 0, sizeof(orderArray));
maxOrder = 0;
activeCount = ListBox_GetCount(context->ActiveList);
activeList = PhCreateList(activeCount);
for (i = 0; i < activeCount; i++)
PhAddItemList(activeList, PhGetListBoxString(context->ActiveList, i));
if (context->Type == PH_CONTROL_TYPE_TREE_NEW)
{
// Apply visiblity settings.
TreeNew_SetRedraw(context->ControlHandle, FALSE);
for (i = 0; i < context->Columns->Count; i++)
{
PPH_TREENEW_COLUMN column = context->Columns->Items[i];
ULONG index;
index = IndexOfStringInList(activeList, column->Text);
column->Visible = index != -1;
column->DisplayIndex = index; // the active list box order is the actual display order
TreeNew_SetColumn(context->ControlHandle, TN_COLUMN_FLAG_VISIBLE, column);
}
// Do a second pass to create the order array. This is because the ViewIndex of each column
// were unstable in the previous pass since we were both adding and removing columns.
for (i = 0; i < context->Columns->Count; i++)
{
PPH_TREENEW_COLUMN column = context->Columns->Items[i];
PH_TREENEW_COLUMN tempColumn;
if (column->Visible)
{
if (column->DisplayIndex < ORDER_LIMIT)
{
TreeNew_GetColumn(context->ControlHandle, column->Id, &tempColumn);
orderArray[column->DisplayIndex] = tempColumn.s.ViewIndex;
if ((ULONG)maxOrder < column->DisplayIndex + 1)
maxOrder = column->DisplayIndex + 1;
}
}
}
// Apply display order.
TreeNew_SetColumnOrderArray(context->ControlHandle, maxOrder, orderArray);
TreeNew_SetRedraw(context->ControlHandle, TRUE);
PhDereferenceObject(activeList);
InvalidateRect(context->ControlHandle, NULL, FALSE);
}
EndDialog(hwndDlg, IDOK);
}
break;
case IDC_INACTIVE:
{
switch (HIWORD(wParam))
{
case LBN_DBLCLK:
{
SendMessage(hwndDlg, WM_COMMAND, IDC_SHOW, 0);
}
break;
case LBN_SELCHANGE:
{
INT sel = ListBox_GetCurSel(context->InactiveList);
EnableWindow(GetDlgItem(hwndDlg, IDC_SHOW), sel != -1);
}
break;
}
}
break;
case IDC_ACTIVE:
{
switch (HIWORD(wParam))
{
case LBN_DBLCLK:
{
SendMessage(hwndDlg, WM_COMMAND, IDC_HIDE, 0);
}
break;
case LBN_SELCHANGE:
{
INT sel = ListBox_GetCurSel(context->ActiveList);
INT count = ListBox_GetCount(context->ActiveList);
EnableWindow(GetDlgItem(hwndDlg, IDC_HIDE), sel != -1 && count != 1);
EnableWindow(GetDlgItem(hwndDlg, IDC_MOVEUP), sel != 0 && sel != -1);
EnableWindow(GetDlgItem(hwndDlg, IDC_MOVEDOWN), sel != count - 1 && sel != -1);
}
break;
}
}
break;
case IDC_SHOW:
{
INT sel;
INT count;
PPH_STRING string;
sel = ListBox_GetCurSel(context->InactiveList);
count = ListBox_GetCount(context->InactiveList);
if (string = PhGetListBoxString(context->InactiveList, sel))
{
ListBox_DeleteString(context->InactiveList, sel);
ListBox_AddString(context->ActiveList, string->Buffer);
PhDereferenceObject(string);
count--;
if (sel >= count - 1)
sel = count - 1;
ListBox_SetCurSel(context->InactiveList, sel);
SendMessage(hwndDlg, WM_COMMAND, MAKEWPARAM(IDC_INACTIVE, LBN_SELCHANGE), (LPARAM)context->InactiveList);
SendMessage(hwndDlg, WM_COMMAND, MAKEWPARAM(IDC_ACTIVE, LBN_SELCHANGE), (LPARAM)context->ActiveList);
}
}
break;
case IDC_HIDE:
{
INT sel;
INT count;
PPH_STRING string;
sel = ListBox_GetCurSel(context->ActiveList);
count = ListBox_GetCount(context->ActiveList);
if (count != 1)
{
if (string = PhGetListBoxString(context->ActiveList, sel))
{
ListBox_DeleteString(context->ActiveList, sel);
ListBox_AddString(context->InactiveList, string->Buffer);
PhDereferenceObject(string);
count--;
if (sel >= count - 1)
sel = count - 1;
ListBox_SetCurSel(context->ActiveList, sel);
SendMessage(hwndDlg, WM_COMMAND, MAKEWPARAM(IDC_INACTIVE, LBN_SELCHANGE), (LPARAM)context->InactiveList);
SendMessage(hwndDlg, WM_COMMAND, MAKEWPARAM(IDC_ACTIVE, LBN_SELCHANGE), (LPARAM)context->ActiveList);
}
}
}
break;
case IDC_MOVEUP:
{
INT sel;
INT count;
PPH_STRING string;
sel = ListBox_GetCurSel(context->ActiveList);
count = ListBox_GetCount(context->ActiveList);
if (sel != 0)
{
if (string = PhGetListBoxString(context->ActiveList, sel))
{
ListBox_DeleteString(context->ActiveList, sel);
ListBox_InsertString(context->ActiveList, sel - 1, string->Buffer);
PhDereferenceObject(string);
sel -= 1;
ListBox_SetCurSel(context->ActiveList, sel);
EnableWindow(GetDlgItem(hwndDlg, IDC_MOVEUP), sel != 0);
EnableWindow(GetDlgItem(hwndDlg, IDC_MOVEDOWN), sel != count - 1);
}
}
}
break;
case IDC_MOVEDOWN:
{
INT sel;
INT count;
PPH_STRING string;
sel = ListBox_GetCurSel(context->ActiveList);
count = ListBox_GetCount(context->ActiveList);
if (sel != count - 1)
{
if (string = PhGetListBoxString(context->ActiveList, sel))
{
ListBox_DeleteString(context->ActiveList, sel);
ListBox_InsertString(context->ActiveList, sel + 1, string->Buffer);
PhDereferenceObject(string);
sel += 1;
ListBox_SetCurSel(context->ActiveList, sel);
EnableWindow(GetDlgItem(hwndDlg, IDC_MOVEUP), sel != 0);
EnableWindow(GetDlgItem(hwndDlg, IDC_MOVEDOWN), sel != count - 1);
}
}
}
break;
}
}
break;
}
return FALSE;
}
