/** * Set the ten Windows Error Reporting parameters * * Parameters 0 through 7 are predefined for Windows * Parameters 8 and 9 are user defined */ static void SetReportParameters( HREPORT ReportHandle, EXCEPTION_POINTERS* ExceptionInfo ) { HRESULT Result; TCHAR StringBuffer[1024] = { 0 }; TCHAR ModuleName[1024] = { 0 }; // Set the parameters for the standard problem signature HMODULE ModuleHandle = GetModuleHandle( NULL ); StringCchPrintf( StringBuffer, 1024, TEXT( "UE4-%s" ), FApp::GetGameName() ); Result = WerReportSetParameter( ReportHandle, WER_P0, TEXT( "Application Name" ), StringBuffer ); GetModuleFileName( ModuleHandle, ModuleName, 1024 ); PathStripPath( ModuleName ); GetModuleVersion( ModuleName, StringBuffer, 1024 ); Result = WerReportSetParameter( ReportHandle, WER_P1, TEXT( "Application Version" ), StringBuffer ); StringCchPrintf( StringBuffer, 1024, TEXT( "%08x" ), GetTimestampForLoadedLibrary( ModuleHandle ) ); Result = WerReportSetParameter( ReportHandle, WER_P2, TEXT( "Application Timestamp" ), StringBuffer ); HMODULE FaultModuleHandle = NULL; GetModuleHandleEx( GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS | GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT, ( LPCTSTR )ExceptionInfo->ExceptionRecord->ExceptionAddress, &FaultModuleHandle ); GetModuleFileName( FaultModuleHandle, ModuleName, 1024 ); PathStripPath( ModuleName ); Result = WerReportSetParameter( ReportHandle, WER_P3, TEXT( "Fault Module Name" ), ModuleName ); GetModuleVersion( ModuleName, StringBuffer, 1024 ); Result = WerReportSetParameter( ReportHandle, WER_P4, TEXT( "Fault Module Version" ), StringBuffer ); StringCchPrintf( StringBuffer, 1024, TEXT( "%08x" ), GetTimestampForLoadedLibrary( FaultModuleHandle ) ); Result = WerReportSetParameter( ReportHandle, WER_P5, TEXT( "Fault Module Timestamp" ), StringBuffer ); StringCchPrintf( StringBuffer, 1024, TEXT( "%08x" ), ExceptionInfo->ExceptionRecord->ExceptionCode ); Result = WerReportSetParameter( ReportHandle, WER_P6, TEXT( "Exception Code" ), StringBuffer ); INT_PTR ExceptionOffset = ( char* )( ExceptionInfo->ExceptionRecord->ExceptionAddress ) - ( char* )FaultModuleHandle; StringCchPrintf( StringBuffer, 1024, TEXT( "%p" ), ExceptionOffset ); Result = WerReportSetParameter( ReportHandle, WER_P7, TEXT( "Exception Offset" ), StringBuffer ); StringCchPrintf( StringBuffer, 1024, TEXT( "!%s!" ), FCommandLine::Get() ); Result = WerReportSetParameter( ReportHandle, WER_P8, TEXT( "Commandline" ), StringBuffer ); StringCchPrintf( StringBuffer, 1024, TEXT( "%s!%s!%s!%d" ), TEXT( BRANCH_NAME ), FPlatformProcess::BaseDir(), GetEngineMode(), BUILT_FROM_CHANGELIST ); Result = WerReportSetParameter( ReportHandle, WER_P9, TEXT( "BranchBaseDir" ), StringBuffer ); }
CHttpDownloadDlg::CHttpDownloadDlg(CWnd* pParent /*=NULL*/) : CDialog(CHttpDownloadDlg::IDD, pParent) { //{{AFX_DATA_INIT(CHttpDownloadDlg) //}}AFX_DATA_INIT m_hInternetSession = NULL; m_hHttpConnection = NULL; m_hHttpFile = NULL; m_bAbort = FALSE; m_bSafeToClose = FALSE; m_pThread = NULL; if (sm_ullWinInetVer == 0) sm_ullWinInetVer = GetModuleVersion(GetModuleHandle(_T("wininet"))); }
static void SetWindowModuleVersion(HWND hWndChild, LPCTSTR szModuleName) { LARGE_INTEGER Version; TCHAR szFormat[255]; TCHAR szText[255]; // Is such window really there ? if(hWndChild != NULL) { GetWindowText(hWndChild, szFormat, _maxchars(szFormat)); GetModuleVersion(szModuleName, &Version); StringCchPrintf(szText, _countof(szText), szFormat, HIWORD(Version.HighPart), LOWORD(Version.HighPart), HIWORD(Version.LowPart), LOWORD(Version.LowPart)); SetWindowText(hWndChild, szText); } }
void LoadedDeviceAdapter::CheckInterfaceVersion() const { long moduleInterfaceVersion, deviceInterfaceVersion; try { moduleInterfaceVersion = GetModuleVersion(); deviceInterfaceVersion = GetDeviceInterfaceVersion(); } catch (const CMMError& e) { throw CMMError("Cannot verify interface compatibility of device adapter", e); } if (moduleInterfaceVersion != MODULE_INTERFACE_VERSION) throw CMMError("Incompatible module interface version (required = " + ToString(MODULE_INTERFACE_VERSION) + "; found = " + ToString(moduleInterfaceVersion) + ")"); if (deviceInterfaceVersion != DEVICE_INTERFACE_VERSION) throw CMMError("Incompatible device interface version (required = " + ToString(DEVICE_INTERFACE_VERSION) + "; found = " + ToString(deviceInterfaceVersion) + ")"); }
/*---------------------------------------------------------------------------------------------- // This method is called when a Throwable exception is caught at the end of a COM method, // or (with a dummy ThrowableSd) when some other exception is caught. It transforms the info // in the Throwable into a standard COM error report (creating an IErrorInfo and registering // it.) It returns the HRESULT that should be returned by the COM method. // There are several different situations which this method has to handle. The following // comments describe the situations, and how they are indicated. Each "indication" presumes // that the previous "indications" failed. // 1. We called a COM method which supports IErrorInfo and already provides all the information // we need to pass to our own caller. This is indicated by a help ID of -1. // 2. We, or a method we called that doesn't support IErrorInfo, ran out of memory. // We need to set up the special error object pre-created for this case. This is // indicated by thr.Error() being E_OUTOFMEMORY. // 3. A programming error has been caught and a stack dump generated, either in our own code // or in the code that called us. This is indicated by finding that thr is actually // a ThrowableSd. Make an error object, with a description that includes the stack dump. ----------------------------------------------------------------------------------------------*/ HRESULT HandleThrowable(Throwable & thr, REFGUID iid, DummyFactory * pfact) { StrUni stuDesc; HRESULT hrErr = thr.Error(); HRESULT hr; // If we already have error info, we set it again (very likely got cleared by previous // CheckHr), and then just return the HRESULT. if (thr.GetErrorInfo()) { ::SetErrorInfo(0, thr.GetErrorInfo()); return hrErr; } // We need a Unicode version of the ProgId, but we should avoid allocating memory // since we don't yet know that we have not run out. // Since all our progids are in simple ascii, we can do the simplest possible conversion. // Since we hopefully have at least a little stack to work with, use _alloca. OLECHAR * pszSrc = (OLECHAR *)_alloca((StrLen(pfact->GetProgId()) + 1) * isizeof(OLECHAR)); OLECHAR * pchw = pszSrc; for (const TCHAR * pch = pfact->GetProgId(); *pch; pch++, pchw++) *pchw = *pch; *pchw = 0; if (hrErr == E_OUTOFMEMORY) { // Use the pre-created error info object so we don't have to allocate now. // It already has a description, help file path, and help context ID. // If a further E_OUTOFMEMORY occurs calling SetGUID or SetSource, just ignore it. s_qcerrinfoMem->SetGUID(iid); s_qcerrinfoMem->SetSource(pszSrc); SetErrorInfo(0, s_qerrinfoMem); return hrErr; } // Otherwise we are going to make a new error info object. // Get any message supplied by the Throwable. StrUni stuUserMsg(thr.Message()); // See if a stack dump is available. ThrowableSd * pthrs = dynamic_cast<ThrowableSd *>(&thr); char * pchDump = NULL; if (pthrs) pchDump = const_cast<char *>(pthrs->GetDump()); else if (!stuUserMsg.Length()) { // If we don't have any sort of nice message, treat it as an internal error. DumpStackHere("HandleThrowable caught an error with no description"); pchDump = const_cast<char *>(StackDumper::GetDump()); } if (pchDump) { // We have a stack dump. StrUni stuModName = ModuleEntry::GetModulePathName(); // Do we already have a description? If not make one. if (!stuUserMsg.Length()) { // No, use a default one. StrUni stuHrMsg = ConvertException((DWORD)hrErr); StrUni stuUserMsgFmt; stuUserMsgFmt.Load(kstidInternalError); // Would it be better to strip off the path? stuUserMsg.Format(stuUserMsgFmt, stuHrMsg.Chars(), stuModName.Chars()); } stuDesc.Format(L"%s%s%S\r\n\r\n%s", stuUserMsg.Chars(), ThrowableSd::MoreSep(), pchDump, GetModuleVersion(stuModName.Chars()).Chars()); } else { // We've made sure we have a message already; use it. stuDesc = stuUserMsg; } StrUni stuSource(pszSrc); hr = StackDumper::RecordError(iid, stuDesc, stuSource, thr.HelpId(), GetModuleHelpFilePath()); if (FAILED(hr)) { if (hr == E_OUTOFMEMORY) { Throwable thr2(E_OUTOFMEMORY); return HandleThrowable(thr2, iid, pfact); } // just report the failure to the developer WarnHr(hr); // Hard to know what do do here. It should never happen. For paranoia's sake at least // return the original problem. } return hrErr; }
void Hook() { extern FARJMP Old_SLGetWindowsInformationDWORD, Stub_SLGetWindowsInformationDWORD; extern SLGETWINDOWSINFORMATIONDWORD _SLGetWindowsInformationDWORD; extern HMODULE hTermSrv; extern HMODULE hSLC; extern PLATFORM_DWORD TermSrvBase; extern FILE_VERSION FV; extern wchar_t LogFile[256]; AlreadyHooked = true; char *Log; wchar_t ConfigFile[256] = { 0x00 }; WriteToLog("Loading configuration...\r\n"); GetModuleFileName(GetCurrentModule(), ConfigFile, 255); for (DWORD i = wcslen(ConfigFile); i > 0; i--) { if (ConfigFile[i] == '\\') { memset(&ConfigFile[i + 1], 0x00, ((256 - (i + 1))) * 2); memcpy(&ConfigFile[i + 1], L"rdpwrap.ini", strlen("rdpwrap.ini") * 2); break; } } Log = new char[1024]; wsprintfA(Log, "Configuration file: %S\r\n", ConfigFile); WriteToLog(Log); delete[] Log; IniFile = new INI_FILE(ConfigFile); // TODO: implement this if (IniFile == NULL) { WriteToLog("Error: Failed to load configuration\r\n"); return; } INI_VAR_STRING LogFileVar; if(!(IniFile->GetVariableInSection("Main", "LogFile", &LogFileVar))) { GetModuleFileName(GetCurrentModule(), LogFile, 255); for(DWORD i = wcslen(LogFile); i > 0; i--) { if(LogFile[i] == '\\') { memset(&LogFile[i+1], 0x00, ((256-(i+1)))*2); memcpy(&LogFile[i+1], L"rdpwrap.txt", strlen("rdpwrap.txt")*2); break; } } } else { // TODO: Change it before add UNICODE in IniFile wchar_t wcLogFile[256]; memset(wcLogFile, 0x00, 256); mbstowcs(wcLogFile, LogFileVar.Value, 255); wcscpy(LogFile, wcLogFile); } SIZE_T bw; WORD Ver = 0; PLATFORM_DWORD TermSrvSize, SignPtr; FARJMP Jump; WriteToLog("Initializing RDP Wrapper...\r\n"); hTermSrv = LoadLibrary(L"termsrv.dll"); if (hTermSrv == 0) { WriteToLog("Error: Failed to load Terminal Services library\r\n"); return; } _ServiceMain = (SERVICEMAIN)GetProcAddress(hTermSrv, "ServiceMain"); _SvchostPushServiceGlobals = (SVCHOSTPUSHSERVICEGLOBALS)GetProcAddress(hTermSrv, "SvchostPushServiceGlobals"); Log = new char[4096]; wsprintfA(Log, "Base addr: 0x%p\r\n" "SvcMain: termsrv.dll+0x%p\r\n" "SvcGlobals: termsrv.dll+0x%p\r\n", hTermSrv, (PLATFORM_DWORD)_ServiceMain - (PLATFORM_DWORD)hTermSrv, (PLATFORM_DWORD)_SvchostPushServiceGlobals - (PLATFORM_DWORD)hTermSrv); WriteToLog(Log); delete[] Log; // check termsrv version if (GetModuleVersion(L"termsrv.dll", &FV)) { Ver = (BYTE)FV.wVersion.Minor | ((BYTE)FV.wVersion.Major << 8); } else { // check NT version // Ver = GetVersion(); // deprecated // Ver = ((Ver & 0xFF) << 8) | ((Ver & 0xFF00) >> 8); } if (Ver == 0) { WriteToLog("Error: Failed to detect Terminal Services version\r\n"); return; } Log = new char[1024]; wsprintfA(Log, "Version: %d.%d.%d.%d\r\n", FV.wVersion.Major, FV.wVersion.Minor, FV.Release, FV.Build); WriteToLog(Log); delete[] Log; // temporarily freeze threads WriteToLog("Freezing threads...\r\n"); SetThreadsState(false); bool Bool; if (!(IniFile->GetVariableInSection("Main", "SLPolicyHookNT60", &Bool))) Bool = true; if ((Ver == 0x0600) && Bool) { // Windows Vista // uses SL Policy API (slc.dll) // load slc.dll and hook function hSLC = LoadLibrary(L"slc.dll"); _SLGetWindowsInformationDWORD = (SLGETWINDOWSINFORMATIONDWORD)GetProcAddress(hSLC, "SLGetWindowsInformationDWORD"); if (_SLGetWindowsInformationDWORD != INVALID_HANDLE_VALUE) { // rewrite original function to call our function (make hook) WriteToLog("Hook SLGetWindowsInformationDWORD\r\n"); #ifdef _WIN64 Stub_SLGetWindowsInformationDWORD.MovOp = 0x48; Stub_SLGetWindowsInformationDWORD.MovRegArg = 0xB8; Stub_SLGetWindowsInformationDWORD.MovArg = (PLATFORM_DWORD)New_SLGetWindowsInformationDWORD; Stub_SLGetWindowsInformationDWORD.PushRaxOp = 0x50; Stub_SLGetWindowsInformationDWORD.RetOp = 0xC3; #else Stub_SLGetWindowsInformationDWORD.PushOp = 0x68; Stub_SLGetWindowsInformationDWORD.PushArg = (PLATFORM_DWORD)New_SLGetWindowsInformationDWORD; Stub_SLGetWindowsInformationDWORD.RetOp = 0xC3; #endif ReadProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Old_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw); WriteProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Stub_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw); } } if (!(IniFile->GetVariableInSection("Main", "SLPolicyHookNT61", &Bool))) Bool = true; if ((Ver == 0x0601) && Bool) { // Windows 7 // uses SL Policy API (slc.dll) // load slc.dll and hook function hSLC = LoadLibrary(L"slc.dll"); _SLGetWindowsInformationDWORD = (SLGETWINDOWSINFORMATIONDWORD)GetProcAddress(hSLC, "SLGetWindowsInformationDWORD"); if (_SLGetWindowsInformationDWORD != INVALID_HANDLE_VALUE) { // rewrite original function to call our function (make hook) WriteToLog("Hook SLGetWindowsInformationDWORD\r\n"); #ifdef _WIN64 Stub_SLGetWindowsInformationDWORD.MovOp = 0x48; Stub_SLGetWindowsInformationDWORD.MovRegArg = 0xB8; Stub_SLGetWindowsInformationDWORD.MovArg = (PLATFORM_DWORD)New_SLGetWindowsInformationDWORD; Stub_SLGetWindowsInformationDWORD.PushRaxOp = 0x50; Stub_SLGetWindowsInformationDWORD.RetOp = 0xC3; #else Stub_SLGetWindowsInformationDWORD.PushOp = 0x68; Stub_SLGetWindowsInformationDWORD.PushArg = (PLATFORM_DWORD)New_SLGetWindowsInformationDWORD; Stub_SLGetWindowsInformationDWORD.RetOp = 0xC3; #endif ReadProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Old_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw); WriteProcessMemory(GetCurrentProcess(), _SLGetWindowsInformationDWORD, &Stub_SLGetWindowsInformationDWORD, sizeof(FARJMP), &bw); } } if (Ver == 0x0602) { // Windows 8 // uses SL Policy internal unexported function // load slc.dll and get function // (will be used on intercepting undefined values) hSLC = LoadLibrary(L"slc.dll"); _SLGetWindowsInformationDWORD = (SLGETWINDOWSINFORMATIONDWORD)GetProcAddress(hSLC, "SLGetWindowsInformationDWORD"); } if (Ver == 0x0603) { // Windows 8.1 // uses SL Policy internal inline code } if (Ver == 0x0604) { // Windows 10 // uses SL Policy internal inline code } char *Sect; INI_VAR_STRING PatchName; INI_VAR_BYTEARRAY Patch; Sect = new char[256]; memset(Sect, 0x00, 256); wsprintfA(Sect, "%d.%d.%d.%d", FV.wVersion.Major, FV.wVersion.Minor, FV.Release, FV.Build); if (IniFile->SectionExists(Sect)) { if (GetModuleCodeSectionInfo(hTermSrv, &TermSrvBase, &TermSrvSize)) { #ifdef _WIN64 if (!(IniFile->GetVariableInSection(Sect, "LocalOnlyPatch.x64", &Bool))) Bool = false; #else if (!(IniFile->GetVariableInSection(Sect, "LocalOnlyPatch.x86", &Bool))) Bool = false; #endif if (Bool) { WriteToLog("Patch CEnforcementCore::GetInstanceOfTSLicense\r\n"); Bool = false; #ifdef _WIN64 SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "LocalOnlyOffset.x64", 0)); Bool = IniFile->GetVariableInSection(Sect, "LocalOnlyCode.x64", &PatchName); #else SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "LocalOnlyOffset.x86", 0)); Bool = IniFile->GetVariableInSection(Sect, "LocalOnlyCode.x86", &PatchName); #endif if (Bool) Bool = IniFile->GetVariableInSection("PatchCodes", PatchName.Value, &Patch); if (Bool && (SignPtr > TermSrvBase)) WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, Patch.Value, Patch.ArraySize, &bw); } #ifdef _WIN64 if (!(IniFile->GetVariableInSection(Sect, "SingleUserPatch.x64", &Bool))) Bool = false; #else if (!(IniFile->GetVariableInSection(Sect, "SingleUserPatch.x86", &Bool))) Bool = false; #endif if (Bool) { WriteToLog("Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled\r\n"); Bool = false; #ifdef _WIN64 SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SingleUserOffset.x64", 0)); Bool = IniFile->GetVariableInSection(Sect, "SingleUserCode.x64", &PatchName); #else SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SingleUserOffset.x86", 0)); Bool = IniFile->GetVariableInSection(Sect, "SingleUserCode.x86", &PatchName); #endif if (Bool) Bool = IniFile->GetVariableInSection("PatchCodes", PatchName.Value, &Patch); if (Bool && (SignPtr > TermSrvBase)) WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, Patch.Value, Patch.ArraySize, &bw); } #ifdef _WIN64 if (!(IniFile->GetVariableInSection(Sect, "DefPolicyPatch.x64", &Bool))) Bool = false; #else if (!(IniFile->GetVariableInSection(Sect, "DefPolicyPatch.x86", &Bool))) Bool = false; #endif if (Bool) { WriteToLog("Patch CDefPolicy::Query\r\n"); Bool = false; #ifdef _WIN64 SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "DefPolicyOffset.x64", 0)); Bool = IniFile->GetVariableInSection(Sect, "DefPolicyCode.x64", &PatchName); #else SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "DefPolicyOffset.x86", 0)); Bool = IniFile->GetVariableInSection(Sect, "DefPolicyCode.x86", &PatchName); #endif if (Bool) Bool = IniFile->GetVariableInSection("PatchCodes", PatchName.Value, &Patch); if (Bool && (SignPtr > TermSrvBase)) WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, Patch.Value, Patch.ArraySize, &bw); } #ifdef _WIN64 if (!(IniFile->GetVariableInSection(Sect, "SLPolicyInternal.x64", &Bool))) Bool = false; #else if (!(IniFile->GetVariableInSection(Sect, "SLPolicyInternal.x86", &Bool))) Bool = false; #endif if (Bool) { WriteToLog("Hook SLGetWindowsInformationDWORDWrapper\r\n"); char *FuncName; FuncName = new char[1024]; #ifdef _WIN64 SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SLPolicyOffset.x64", 0)); Jump.MovOp = 0x48; Jump.MovRegArg = 0xB8; Jump.MovArg = (PLATFORM_DWORD)New_Win8SL; Jump.PushRaxOp = 0x50; Jump.RetOp = 0xC3; INIReadString(IniFile, Sect, "SLPolicyFunc.x64", "New_Win8SL", FuncName, 1024); if (strcmp(FuncName, "New_Win8SL")) { Jump.MovArg = (PLATFORM_DWORD)New_Win8SL; } #else SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SLPolicyOffset.x86", 0)); Jump.PushOp = 0x68; Jump.PushArg = (PLATFORM_DWORD)New_Win8SL; Jump.RetOp = 0xC3; INIReadString(IniFile, Sect, "SLPolicyFunc.x86", "New_Win8SL", FuncName, 1024); if (strcmp(FuncName, "New_Win8SL")) { Jump.PushArg = (PLATFORM_DWORD)New_Win8SL; } if (strcmp(FuncName, "New_Win8SL_CP")) { Jump.PushArg = (PLATFORM_DWORD)New_Win8SL_CP; } #endif delete[] FuncName; if (SignPtr > TermSrvBase) WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Jump, sizeof(FARJMP), &bw); } #ifdef _WIN64 if (!(IniFile->GetVariableInSection(Sect, "SLInitHook.x64", &Bool))) Bool = false; #else if (!(IniFile->GetVariableInSection(Sect, "SLInitHook.x86", &Bool))) Bool = false; #endif if (Bool) { WriteToLog("Hook CSLQuery::Initialize\r\n"); char *FuncName; FuncName = new char[1024]; #ifdef _WIN64 SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SLInitOffset.x64", 0)); Jump.MovOp = 0x48; Jump.MovRegArg = 0xB8; Jump.MovArg = (PLATFORM_DWORD)New_CSLQuery_Initialize; Jump.PushRaxOp = 0x50; Jump.RetOp = 0xC3; INIReadString(IniFile, Sect, "SLInitFunc.x64", "New_CSLQuery_Initialize", FuncName, 1024); if (strcmp(FuncName, "New_CSLQuery_Initialize")) { Jump.MovArg = (PLATFORM_DWORD)New_CSLQuery_Initialize; } #else SignPtr = (PLATFORM_DWORD)(TermSrvBase + INIReadDWordHex(IniFile, Sect, "SLInitOffset.x86", 0)); Jump.PushOp = 0x68; Jump.PushArg = (PLATFORM_DWORD)New_CSLQuery_Initialize; Jump.RetOp = 0xC3; INIReadString(IniFile, Sect, "SLInitFunc.x86", "New_CSLQuery_Initialize", FuncName, 1024); if (strcmp(FuncName, "New_CSLQuery_Initialize")) { Jump.PushArg = (PLATFORM_DWORD)New_CSLQuery_Initialize; } #endif delete[] FuncName; if (SignPtr > TermSrvBase) WriteProcessMemory(GetCurrentProcess(), (LPVOID)SignPtr, &Jump, sizeof(FARJMP), &bw); } } } delete[] Sect; WriteToLog("Resumimg threads...\r\n"); SetThreadsState(true); return; }
int SystemModuleInformation::MODULE_INFO::Insert( CSystemInfoListCtrl& list, BOOL bPid, size_t iItem, size_t iItemCount) const { iItem; // use var iItemCount; // use var CString strPID, strProcesName; CString strBase, strLength, strUsage, strFileSize, strVersion, strFilePath; // Get size INT64 i64FileSize = 0; LPCTSTR szFileName = _tcslen(FileFullPath) > 0 ? FileFullPath : FullPath; CFile file; if ( file.Open( szFileName, CFile::modeRead ) ) { i64FileSize = file.GetLength(); file.Close(); } strBase.Format( _T("0x%08IX"), Handle ); strLength.Format( _T("%d"), info.SizeOfImage ); if( me32.GlblcntUsage == 0 ) strUsage.Format( _T("") ); else if( me32.GlblcntUsage == 65535 ) strUsage = LocLoadString(IDS_MODULE_FIXED); else strUsage.Format( _T("%d"), me32.GlblcntUsage ); strFileSize.Format( _T("%I64d"), i64FileSize ); GetModuleVersion( szFileName, strVersion ); strFilePath = FullPath; if( _tcsicmp( FullPath, szFileName ) != 0 ) { strFilePath += _T(" ==> "); strFilePath += FileFullPath; } int sub = 0; int iListItemCount = list.GetItemCount(); int nPos = list.InsertItem( iListItemCount, _T("") ); list.SetItemText( nPos, sub+0, strBase ); list.SetItemText( nPos, sub+1, strLength ); if( bPid ) { strPID.Format( _T("%d"), ProcessId ); list.SetItemText( nPos, sub+2, strPID ); sub++; strProcesName = GetProcessName( ProcessId ); list.SetItemText( nPos, sub+2, strProcesName ); sub++; } list.SetItemText( nPos, sub+2, strUsage ); list.SetItemText( nPos, sub+3, Name ); list.SetItemText( nPos, sub+4, strFileSize ); list.SetItemText( nPos, sub+5, strVersion ); list.SetItemText( nPos, sub+6, strFilePath ); return nPos; }