VOID PhpInitializeFindObjMenu( _In_ PPH_EMENU Menu, _In_ PPHP_OBJECT_SEARCH_RESULT *Results, _In_ ULONG NumberOfResults ) { BOOLEAN allCanBeClosed = TRUE; ULONG i; if (NumberOfResults == 1) { PH_HANDLE_ITEM_INFO info; info.ProcessId = Results[0]->ProcessId; info.Handle = Results[0]->Handle; info.TypeName = Results[0]->TypeName; info.BestObjectName = Results[0]->Name; PhInsertHandleObjectPropertiesEMenuItems(Menu, ID_OBJECT_PROPERTIES, FALSE, &info); } else { PhSetFlagsAllEMenuItems(Menu, PH_EMENU_DISABLED, PH_EMENU_DISABLED); PhEnableEMenuItem(Menu, ID_OBJECT_COPY, TRUE); } for (i = 0; i < NumberOfResults; i++) { if (Results[i]->ResultType != HandleSearchResult) { allCanBeClosed = FALSE; break; } } PhEnableEMenuItem(Menu, ID_OBJECT_CLOSE, allCanBeClosed); }
VOID PhpInitializeMemoryMenu( _In_ PPH_EMENU Menu, _In_ HANDLE ProcessId, _In_ PPH_MEMORY_NODE *MemoryNodes, _In_ ULONG NumberOfMemoryNodes ) { if (NumberOfMemoryNodes == 0) { PhSetFlagsAllEMenuItems(Menu, PH_EMENU_DISABLED, PH_EMENU_DISABLED); } else if (NumberOfMemoryNodes == 1 && !MemoryNodes[0]->IsAllocationBase) { if (MemoryNodes[0]->MemoryItem->State & MEM_FREE) { PhEnableEMenuItem(Menu, ID_MEMORY_CHANGEPROTECTION, FALSE); PhEnableEMenuItem(Menu, ID_MEMORY_FREE, FALSE); PhEnableEMenuItem(Menu, ID_MEMORY_DECOMMIT, FALSE); } else if (MemoryNodes[0]->MemoryItem->Type & (MEM_MAPPED | MEM_IMAGE)) { PhEnableEMenuItem(Menu, ID_MEMORY_DECOMMIT, FALSE); } } else { ULONG i; ULONG numberOfAllocationBase = 0; PhSetFlagsAllEMenuItems(Menu, PH_EMENU_DISABLED, PH_EMENU_DISABLED); PhEnableEMenuItem(Menu, ID_MEMORY_COPY, TRUE); for (i = 0; i < NumberOfMemoryNodes; i++) { if (MemoryNodes[i]->IsAllocationBase) numberOfAllocationBase++; } if (numberOfAllocationBase == 0 || numberOfAllocationBase == NumberOfMemoryNodes) PhEnableEMenuItem(Menu, ID_MEMORY_SAVE, TRUE); } PhEnableEMenuItem(Menu, ID_MEMORY_READWRITEADDRESS, TRUE); }
VOID PhpInitializeThreadMenu( _In_ PPH_EMENU Menu, _In_ HANDLE ProcessId, _In_ PPH_THREAD_ITEM *Threads, _In_ ULONG NumberOfThreads ) { PPH_EMENU_ITEM item; if (NumberOfThreads == 0) { PhSetFlagsAllEMenuItems(Menu, PH_EMENU_DISABLED, PH_EMENU_DISABLED); } else if (NumberOfThreads == 1) { // All menu items are enabled by default. } else { ULONG menuItemsMultiEnabled[] = { ID_THREAD_TERMINATE, ID_THREAD_SUSPEND, ID_THREAD_RESUME, ID_THREAD_COPY }; ULONG i; PhSetFlagsAllEMenuItems(Menu, PH_EMENU_DISABLED, PH_EMENU_DISABLED); // These menu items are capable of manipulating // multiple threads. for (i = 0; i < sizeof(menuItemsMultiEnabled) / sizeof(ULONG); i++) { PhEnableEMenuItem(Menu, menuItemsMultiEnabled[i], TRUE); } } // Remove irrelevant menu items. if (WindowsVersion < WINDOWS_VISTA) { // Remove I/O priority. if (item = PhFindEMenuItem(Menu, 0, L"I/O Priority", 0)) PhDestroyEMenuItem(item); // Remove page priority. if (item = PhFindEMenuItem(Menu, 0, L"Page Priority", 0)) PhDestroyEMenuItem(item); } PhEnableEMenuItem(Menu, ID_THREAD_TOKEN, FALSE); // Priority if (NumberOfThreads == 1) { HANDLE threadHandle; ULONG threadPriority = THREAD_PRIORITY_ERROR_RETURN; IO_PRIORITY_HINT ioPriority = -1; ULONG pagePriority = -1; ULONG id = 0; if (NT_SUCCESS(PhOpenThread( &threadHandle, ThreadQueryAccess, Threads[0]->ThreadId ))) { THREAD_BASIC_INFORMATION basicInfo; if (NT_SUCCESS(PhGetThreadBasicInformation(threadHandle, &basicInfo))) { threadPriority = basicInfo.BasePriority; } if (WindowsVersion >= WINDOWS_VISTA) { PhGetThreadIoPriority(threadHandle, &ioPriority); PhGetThreadPagePriority(threadHandle, &pagePriority); } // Token { HANDLE tokenHandle; if (NT_SUCCESS(NtOpenThreadToken( threadHandle, TOKEN_QUERY, TRUE, &tokenHandle ))) { PhEnableEMenuItem(Menu, ID_THREAD_TOKEN, TRUE); NtClose(tokenHandle); } } NtClose(threadHandle); } switch (threadPriority) { case THREAD_PRIORITY_TIME_CRITICAL + 1: case THREAD_PRIORITY_TIME_CRITICAL: id = ID_PRIORITY_TIMECRITICAL; break; case THREAD_PRIORITY_HIGHEST: id = ID_PRIORITY_HIGHEST; break; case THREAD_PRIORITY_ABOVE_NORMAL: id = ID_PRIORITY_ABOVENORMAL; break; case THREAD_PRIORITY_NORMAL: id = ID_PRIORITY_NORMAL; break; case THREAD_PRIORITY_BELOW_NORMAL: id = ID_PRIORITY_BELOWNORMAL; break; case THREAD_PRIORITY_LOWEST: id = ID_PRIORITY_LOWEST; break; case THREAD_PRIORITY_IDLE: case THREAD_PRIORITY_IDLE - 1: id = ID_PRIORITY_IDLE; break; } if (id != 0) { PhSetFlagsEMenuItem(Menu, id, PH_EMENU_CHECKED | PH_EMENU_RADIOCHECK, PH_EMENU_CHECKED | PH_EMENU_RADIOCHECK); } if (ioPriority != -1) { id = 0; switch (ioPriority) { case IoPriorityVeryLow: id = ID_IOPRIORITY_VERYLOW; break; case IoPriorityLow: id = ID_IOPRIORITY_LOW; break; case IoPriorityNormal: id = ID_IOPRIORITY_NORMAL; break; case IoPriorityHigh: id = ID_IOPRIORITY_HIGH; break; } if (id != 0) { PhSetFlagsEMenuItem(Menu, id, PH_EMENU_CHECKED | PH_EMENU_RADIOCHECK, PH_EMENU_CHECKED | PH_EMENU_RADIOCHECK); } } if (pagePriority != -1) { id = 0; switch (pagePriority) { case MEMORY_PRIORITY_VERY_LOW: id = ID_PAGEPRIORITY_VERYLOW; break; case MEMORY_PRIORITY_LOW: id = ID_PAGEPRIORITY_LOW; break; case MEMORY_PRIORITY_MEDIUM: id = ID_PAGEPRIORITY_MEDIUM; break; case MEMORY_PRIORITY_BELOW_NORMAL: id = ID_PAGEPRIORITY_BELOWNORMAL; break; case MEMORY_PRIORITY_NORMAL: id = ID_PAGEPRIORITY_NORMAL; break; } if (id != 0) { PhSetFlagsEMenuItem(Menu, id, PH_EMENU_CHECKED | PH_EMENU_RADIOCHECK, PH_EMENU_CHECKED | PH_EMENU_RADIOCHECK); } } } }