static void static_debug_native_break(void *d) {
static BOOL WINAPI (*w32_dbgbreak)(HANDLE) = NULL;
static HANDLE WINAPI (*w32_openprocess)(DWORD, BOOL, DWORD) = NULL;
RDebug *dbg = (RDebug *)d;
HANDLE lib;
HANDLE hProcess;
lib = LoadLibrary ("kernel32.dll");
if (!w32_dbgbreak) {
w32_dbgbreak = (HANDLE WINAPI (*)(HANDLE))
GetProcAddress (GetModuleHandle ("kernel32"),
"DebugBreakProcess");
}
if (!w32_openprocess) {
w32_openprocess=(HANDLE WINAPI (*)(DWORD, BOOL, DWORD))
GetProcAddress (GetModuleHandle ("kernel32"),
"OpenProcess");
}
if (w32_dbgbreak!=NULL && w32_openprocess!=NULL) {
hProcess=w32_openprocess(PROCESS_ALL_ACCESS,FALSE, dbg->pid );
winbreak=1;
w32_dbgbreak(hProcess);
CloseHandle(lib);
CloseHandle(hProcess);
}
}
static RList *win_desc_list (int pid) {
RDebugDesc *desc;
RList *ret = r_list_new();
int i;
HANDLE processHandle;
PSYSTEM_HANDLE_INFORMATION handleInfo;
NTSTATUS status;
ULONG handleInfoSize = 0x10000;
LPVOID buff;
if (!(processHandle=w32_openprocess(0x0040,FALSE,pid))) {
eprintf("win_desc_list: Error opening process.\n");
return NULL;
}
handleInfo = (PSYSTEM_HANDLE_INFORMATION)malloc(handleInfoSize);
#define STATUS_INFO_LENGTH_MISMATCH 0xc0000004
#define SystemHandleInformation 16
while ((status = w32_ntquerysysteminformation(SystemHandleInformation,handleInfo,handleInfoSize,NULL)) == STATUS_INFO_LENGTH_MISMATCH)
handleInfo = (PSYSTEM_HANDLE_INFORMATION)realloc(handleInfo, handleInfoSize *= 2);
if (status) {
eprintf("win_desc_list: NtQuerySystemInformation failed!\n");
return NULL;
}
for (i = 0; i < handleInfo->HandleCount; i++) {
SYSTEM_HANDLE handle = handleInfo->Handles[i];
HANDLE dupHandle = NULL;
POBJECT_TYPE_INFORMATION objectTypeInfo;
PVOID objectNameInfo;
UNICODE_STRING objectName;
ULONG returnLength;
if (handle.ProcessId != pid)
continue;
if (handle.ObjectTypeNumber != 0x1c)
continue;
if (w32_ntduplicateobject (processHandle, &handle.Handle, GetCurrentProcess(), &dupHandle, 0, 0, 0))
continue;
objectTypeInfo = (POBJECT_TYPE_INFORMATION)malloc(0x1000);
if (w32_ntqueryobject(dupHandle,2,objectTypeInfo,0x1000,NULL)) {
CloseHandle(dupHandle);
continue;
}
objectNameInfo = malloc(0x1000);
if (w32_ntqueryobject(dupHandle,1,objectNameInfo,0x1000,&returnLength)) {
objectNameInfo = realloc(objectNameInfo, returnLength);
if (w32_ntqueryobject(dupHandle,1,objectNameInfo,returnLength,NULL)) {
free(objectTypeInfo);
free(objectNameInfo);
CloseHandle(dupHandle);
continue;
}
}
objectName = *(PUNICODE_STRING)objectNameInfo;
if (objectName.Length) {
//objectTypeInfo->Name.Length ,objectTypeInfo->Name.Buffer,objectName.Length / 2,objectName.Buffer
buff=malloc((objectName.Length/2)+1);
wcstombs(buff,objectName.Buffer,objectName.Length/2);
desc = r_debug_desc_new (handle.Handle,
buff, 0, '?', 0);
if (!desc) break;
r_list_append (ret, desc);
free(buff);
} else {
buff=malloc((objectTypeInfo->Name.Length / 2)+1);
wcstombs(buff,objectTypeInfo->Name.Buffer,objectTypeInfo->Name.Length);
desc = r_debug_desc_new (handle.Handle,
buff, 0, '?', 0);
if (!desc) break;
r_list_append (ret, desc);
free(buff);
}
free(objectTypeInfo);
free(objectNameInfo);
CloseHandle(dupHandle);
}
free(handleInfo);
CloseHandle(processHandle);
return ret;
}
