static PPH_STRING PhGetOpaqueXmlNodeText(
__in mxml_node_t *xmlNode
)
{
if (xmlNode && xmlNode->child && xmlNode->child->type == MXML_OPAQUE && xmlNode->child->value.opaque)
{
return PhCreateStringFromAnsi(xmlNode->child->value.opaque);
}
return PhReferenceEmptyString();
}
PPH_STRING GetGfxName(VOID)
{
NvStatus status;
NvAPI_ShortString version = {0};
status = NvAPI_GetFullName(physHandle, version);
if (NV_SUCCESS(status))
{
return PhCreateStringFromAnsi(version);
}
else
{
LogEvent(L"gfxinfo: (GetFullName) NvAPI_GetFullName failed (%s)", status);
}
return NULL;
}
VOID LogEvent(__in PWSTR str, __in int status)
{
switch (GraphicsType)
{
case NvidiaGraphics:
{
if (NvAPI_GetErrorMessage != NULL)
{
PPH_STRING nvPhString = NULL;
PPH_STRING statusString = NULL;
NvAPI_ShortString nvString = { 0 };
NvAPI_GetErrorMessage((NvStatus)status, nvString);
nvPhString = PhCreateStringFromAnsi(nvString);
statusString = PhFormatString(str, nvPhString->Buffer);
PhLogMessageEntry(PH_LOG_ENTRY_MESSAGE, statusString);
PhDereferenceObject(statusString);
PhDereferenceObject(nvPhString);
}
else
{
PPH_STRING string = PhCreateString(L"gfxinfo: (LogEvent) NvAPI_GetErrorMessage was not initialized.");
PhLogMessageEntry(PH_LOG_ENTRY_MESSAGE, string);
PhDereferenceObject(string);
}
}
break;
case AtiGraphics:
{
//PPH_STRING string = PhFormatString(str, status);
//PhLogMessageEntry(PH_LOG_ENTRY_MESSAGE, string);
//PhDereferenceObject(string);
}
break;
}
}
BOOLEAN PhGetLineFromAddress(
_In_ PPH_SYMBOL_PROVIDER SymbolProvider,
_In_ ULONG64 Address,
_Out_ PPH_STRING *FileName,
_Out_opt_ PULONG Displacement,
_Out_opt_ PPH_SYMBOL_LINE_INFORMATION Information
)
{
IMAGEHLP_LINEW64 line;
BOOL result;
ULONG displacement;
PPH_STRING fileName;
if (!SymGetLineFromAddrW64_I && !SymGetLineFromAddr64_I)
return FALSE;
#ifdef PH_SYMBOL_PROVIDER_DELAY_INIT
PhpRegisterSymbolProvider(SymbolProvider);
#endif
line.SizeOfStruct = sizeof(IMAGEHLP_LINEW64);
PH_LOCK_SYMBOLS();
if (SymGetLineFromAddrW64_I)
{
result = SymGetLineFromAddrW64_I(
SymbolProvider->ProcessHandle,
Address,
&displacement,
&line
);
if (result)
fileName = PhCreateString(line.FileName);
}
else
{
IMAGEHLP_LINE64 lineA;
lineA.SizeOfStruct = sizeof(IMAGEHLP_LINE64);
result = SymGetLineFromAddr64_I(
SymbolProvider->ProcessHandle,
Address,
&displacement,
&lineA
);
if (result)
{
fileName = PhCreateStringFromAnsi(lineA.FileName);
line.LineNumber = lineA.LineNumber;
line.Address = lineA.Address;
}
}
PH_UNLOCK_SYMBOLS();
if (!result)
return FALSE;
*FileName = fileName;
if (Displacement)
*Displacement = displacement;
if (Information)
{
Information->LineNumber = line.LineNumber;
Information->Address = line.Address;
}
return TRUE;
}
INT_PTR CALLBACK PvpLibExportsDlgProc(
__in HWND hwndDlg,
__in UINT uMsg,
__in WPARAM wParam,
__in LPARAM lParam
)
{
switch (uMsg)
{
case WM_INITDIALOG:
{
ULONG fallbackColumns[] = { 0, 1, 2, 3 };
HWND lvHandle;
PH_MAPPED_ARCHIVE_MEMBER member;
PH_MAPPED_ARCHIVE_IMPORT_ENTRY importEntry;
PhCenterWindow(GetParent(hwndDlg), NULL);
lvHandle = GetDlgItem(hwndDlg, IDC_LIST);
PhSetListViewStyle(lvHandle, FALSE, TRUE);
PhSetControlTheme(lvHandle, L"explorer");
PhAddListViewColumn(lvHandle, 0, 0, 0, LVCFMT_LEFT, 60, L"DLL");
PhAddListViewColumn(lvHandle, 1, 1, 1, LVCFMT_LEFT, 200, L"Name");
PhAddListViewColumn(lvHandle, 2, 2, 2, LVCFMT_LEFT, 40, L"Ordinal/Hint");
PhAddListViewColumn(lvHandle, 3, 3, 3, LVCFMT_LEFT, 40, L"Type");
PhAddListViewColumn(lvHandle, 4, 4, 4, LVCFMT_LEFT, 60, L"Name Type");
PhSetExtendedListView(lvHandle);
ExtendedListView_AddFallbackColumns(lvHandle, 4, fallbackColumns);
member = *PvMappedArchive.LastStandardMember;
while (NT_SUCCESS(PhGetNextMappedArchiveMember(&member, &member)))
{
if (NT_SUCCESS(PhGetMappedArchiveImportEntry(&member, &importEntry)))
{
INT lvItemIndex;
PPH_STRING name;
WCHAR number[PH_INT32_STR_LEN_1];
PWSTR type;
name = PhCreateStringFromAnsi(importEntry.DllName);
lvItemIndex = PhAddListViewItem(lvHandle, MAXINT, name->Buffer, NULL);
PhDereferenceObject(name);
name = PhCreateStringFromAnsi(importEntry.Name);
PhSetListViewSubItem(lvHandle, lvItemIndex, 1, name->Buffer);
PhDereferenceObject(name);
// Ordinal is unioned with NameHint, so this works both ways.
PhPrintUInt32(number, importEntry.Ordinal);
PhSetListViewSubItem(lvHandle, lvItemIndex, 2, number);
switch (importEntry.Type)
{
case IMPORT_OBJECT_CODE:
type = L"Code";
break;
case IMPORT_OBJECT_DATA:
type = L"Data";
break;
case IMPORT_OBJECT_CONST:
type = L"Const";
break;
default:
type = L"Unknown";
break;
}
PhSetListViewSubItem(lvHandle, lvItemIndex, 3, type);
switch (importEntry.NameType)
{
case IMPORT_OBJECT_ORDINAL:
type = L"Ordinal";
break;
case IMPORT_OBJECT_NAME:
type = L"Name";
break;
case IMPORT_OBJECT_NAME_NO_PREFIX:
type = L"Name, No Prefix";
break;
case IMPORT_OBJECT_NAME_UNDECORATE:
type = L"Name, Undecorate";
break;
default:
type = L"Unknown";
break;
}
PhSetListViewSubItem(lvHandle, lvItemIndex, 4, type);
}
}
ExtendedListView_SortItems(lvHandle);
}
break;
case WM_NOTIFY:
{
PvHandleListViewNotifyForCopy(lParam, GetDlgItem(hwndDlg, IDC_LIST));
}
break;
}
return FALSE;
}
NTSTATUS PhpThreadProviderLoadSymbols(
__in PVOID Parameter
)
{
PPH_THREAD_PROVIDER threadProvider = (PPH_THREAD_PROVIDER)Parameter;
PH_THREAD_SYMBOL_LOAD_CONTEXT loadContext;
loadContext.ThreadProvider = threadProvider;
loadContext.SymbolProvider = threadProvider->SymbolProvider;
PhLoadSymbolProviderOptions(threadProvider->SymbolProvider);
if (threadProvider->ProcessId != SYSTEM_IDLE_PROCESS_ID)
{
if (
threadProvider->SymbolProvider->IsRealHandle ||
threadProvider->ProcessId == SYSTEM_PROCESS_ID
)
{
loadContext.ProcessId = threadProvider->ProcessId;
PhEnumGenericModules(
threadProvider->ProcessId,
threadProvider->SymbolProvider->ProcessHandle,
0,
LoadSymbolsEnumGenericModulesCallback,
&loadContext
);
}
else
{
// We can't enumerate the process modules. Load
// symbols for ntdll.dll and kernel32.dll.
loadContext.ProcessId = NtCurrentProcessId();
PhEnumGenericModules(
NtCurrentProcessId(),
NtCurrentProcess(),
0,
LoadBasicSymbolsEnumGenericModulesCallback,
&loadContext
);
}
// Load kernel module symbols as well.
if (threadProvider->ProcessId != SYSTEM_PROCESS_ID)
{
loadContext.ProcessId = SYSTEM_PROCESS_ID;
PhEnumGenericModules(
SYSTEM_PROCESS_ID,
NULL,
0,
LoadSymbolsEnumGenericModulesCallback,
&loadContext
);
}
}
else
{
// System Idle Process has one thread for each CPU,
// each having a start address at KiIdleLoop. We
// need to load symbols for the kernel.
PRTL_PROCESS_MODULES kernelModules;
if (NT_SUCCESS(PhEnumKernelModules(&kernelModules)))
{
if (kernelModules->NumberOfModules > 0)
{
PPH_STRING fileName;
PPH_STRING newFileName;
fileName = PhCreateStringFromAnsi(kernelModules->Modules[0].FullPathName);
newFileName = PhGetFileName(fileName);
PhDereferenceObject(fileName);
PhLoadModuleSymbolProvider(
threadProvider->SymbolProvider,
newFileName->Buffer,
(ULONG64)kernelModules->Modules[0].ImageBase,
kernelModules->Modules[0].ImageSize
);
PhDereferenceObject(newFileName);
}
PhFree(kernelModules);
}
}
// Check if the process has services - we'll need to know before getting service tag/name
// information.
if (WINDOWS_HAS_SERVICE_TAGS)
{
PPH_PROCESS_ITEM processItem;
if (processItem = PhReferenceProcessItem(threadProvider->ProcessId))
{
threadProvider->HasServices = processItem->ServiceList && processItem->ServiceList->Count != 0;
PhDereferenceObject(processItem);
}
}
PhSetEvent(&threadProvider->SymbolsLoadedEvent);
PhDereferenceObject(threadProvider);
return STATUS_SUCCESS;
}
static BOOLEAN NetAdapterSectionCallback(
_In_ PPH_SYSINFO_SECTION Section,
_In_ PH_SYSINFO_SECTION_MESSAGE Message,
_In_opt_ PVOID Parameter1,
_In_opt_ PVOID Parameter2
)
{
PPH_NETADAPTER_SYSINFO_CONTEXT context = (PPH_NETADAPTER_SYSINFO_CONTEXT)Section->Context;
switch (Message)
{
case SysInfoCreate:
{
if (PhGetIntegerSetting(SETTING_NAME_ENABLE_NDIS))
{
PhCreateFileWin32(
&context->DeviceHandle,
PhaFormatString(L"\\\\.\\%s", context->AdapterEntry->InterfaceGuid->Buffer)->Buffer,
FILE_GENERIC_READ,
FILE_ATTRIBUTE_NORMAL,
FILE_SHARE_READ | FILE_SHARE_WRITE,
FILE_OPEN,
FILE_NON_DIRECTORY_FILE | FILE_SYNCHRONOUS_IO_NONALERT
);
if (context->DeviceHandle)
{
if (!NetworkAdapterQuerySupported(context->DeviceHandle))
{
NtClose(context->DeviceHandle);
context->DeviceHandle = NULL;
}
}
}
if (WindowsVersion > WINDOWS_VISTA)
{
if ((context->IphlpHandle = LoadLibrary(L"iphlpapi.dll")))
{
context->GetIfEntry2_I = (_GetIfEntry2)GetProcAddress(context->IphlpHandle, "GetIfEntry2");
context->GetInterfaceDescriptionFromGuid_I = (_GetInterfaceDescriptionFromGuid)GetProcAddress(context->IphlpHandle, "NhGetInterfaceDescriptionFromGuid");
}
}
PhInitializeCircularBuffer_ULONG64(&context->InboundBuffer, PhGetIntegerSetting(L"SampleCount"));
PhInitializeCircularBuffer_ULONG64(&context->OutboundBuffer, PhGetIntegerSetting(L"SampleCount"));
}
return TRUE;
case SysInfoDestroy:
{
if (context->AdapterName)
PhDereferenceObject(context->AdapterName);
PhDeleteCircularBuffer_ULONG64(&context->InboundBuffer);
PhDeleteCircularBuffer_ULONG64(&context->OutboundBuffer);
if (context->IphlpHandle)
FreeLibrary(context->IphlpHandle);
if (context->DeviceHandle)
NtClose(context->DeviceHandle);
PhFree(context);
}
return TRUE;
case SysInfoTick:
{
ULONG64 networkInboundSpeed = 0;
ULONG64 networkOutboundSpeed = 0;
ULONG64 networkInOctets = 0;
ULONG64 networkOutOctets = 0;
ULONG64 xmitLinkSpeed = 0;
ULONG64 rcvLinkSpeed = 0;
if (context->DeviceHandle)
{
NDIS_STATISTICS_INFO interfaceStats;
NDIS_LINK_STATE interfaceState;
if (NT_SUCCESS(NetworkAdapterQueryStatistics(context->DeviceHandle, &interfaceStats)))
{
networkInboundSpeed = interfaceStats.ifHCInOctets - context->LastInboundValue;
networkOutboundSpeed = interfaceStats.ifHCOutOctets - context->LastOutboundValue;
networkInOctets = interfaceStats.ifHCInOctets;
networkOutOctets = interfaceStats.ifHCOutOctets;
}
else
{
ULONG64 inOctets = NetworkAdapterQueryValue(context->DeviceHandle, OID_GEN_BYTES_RCV);
ULONG64 outOctets = NetworkAdapterQueryValue(context->DeviceHandle, OID_GEN_BYTES_XMIT);
networkInboundSpeed = inOctets - context->LastInboundValue;
networkOutboundSpeed = outOctets - context->LastOutboundValue;
networkInOctets = inOctets;
networkOutOctets = outOctets;
}
if (NT_SUCCESS(NetworkAdapterQueryLinkState(context, &interfaceState)))
{
xmitLinkSpeed = interfaceState.XmitLinkSpeed;
rcvLinkSpeed = interfaceState.RcvLinkSpeed;
}
// HACK: Pull the Adapter name from the current query.
if (context->SysinfoSection->Name.Length == 0)
{
if (context->AdapterName = NetworkAdapterQueryName(context))
{
context->SysinfoSection->Name = context->AdapterName->sr;
}
}
}
else
{
if (context->GetIfEntry2_I)
{
MIB_IF_ROW2 interfaceRow;
interfaceRow = QueryInterfaceRowVista(context);
networkInboundSpeed = interfaceRow.InOctets - context->LastInboundValue;
networkOutboundSpeed = interfaceRow.OutOctets - context->LastOutboundValue;
networkInOctets = interfaceRow.InOctets;
networkOutOctets = interfaceRow.OutOctets;
xmitLinkSpeed = interfaceRow.TransmitLinkSpeed;
rcvLinkSpeed = interfaceRow.ReceiveLinkSpeed;
// HACK: Pull the Adapter name from the current query.
if (context->SysinfoSection->Name.Length == 0)
{
if (context->AdapterName = PhCreateString(interfaceRow.Description))
{
context->SysinfoSection->Name = context->AdapterName->sr;
}
}
}
else
{
MIB_IFROW interfaceRow;
interfaceRow = QueryInterfaceRowXP(context);
networkInboundSpeed = interfaceRow.dwInOctets - context->LastInboundValue;
networkOutboundSpeed = interfaceRow.dwOutOctets - context->LastOutboundValue;
networkInOctets = interfaceRow.dwInOctets;
networkOutOctets = interfaceRow.dwOutOctets;
xmitLinkSpeed = interfaceRow.dwSpeed;
rcvLinkSpeed = interfaceRow.dwSpeed;
// HACK: Pull the Adapter name from the current query.
if (context->SysinfoSection->Name.Length == 0)
{
if (context->AdapterName = PhCreateStringFromAnsi(interfaceRow.bDescr))
{
context->SysinfoSection->Name = context->AdapterName->sr;
}
}
}
}
if (!context->HaveFirstSample)
{
networkInboundSpeed = 0;
networkOutboundSpeed = 0;
context->HaveFirstSample = TRUE;
}
PhAddItemCircularBuffer_ULONG64(&context->InboundBuffer, networkInboundSpeed);
PhAddItemCircularBuffer_ULONG64(&context->OutboundBuffer, networkOutboundSpeed);
context->InboundValue = networkInboundSpeed;
context->OutboundValue = networkOutboundSpeed;
context->LastInboundValue = networkInOctets;
context->LastOutboundValue = networkOutOctets;
context->MaxSendSpeed = xmitLinkSpeed;
context->MaxReceiveSpeed = rcvLinkSpeed;
}
return TRUE;
case SysInfoCreateDialog:
{
PPH_SYSINFO_CREATE_DIALOG createDialog = (PPH_SYSINFO_CREATE_DIALOG)Parameter1;
createDialog->Instance = PluginInstance->DllBase;
createDialog->Template = MAKEINTRESOURCE(IDD_NETADAPTER_DIALOG);
createDialog->DialogProc = NetAdapterDialogProc;
createDialog->Parameter = context;
}
return TRUE;
case SysInfoGraphGetDrawInfo:
{
PPH_GRAPH_DRAW_INFO drawInfo = (PPH_GRAPH_DRAW_INFO)Parameter1;
drawInfo->Flags = PH_GRAPH_USE_GRID | PH_GRAPH_USE_LINE_2;
Section->Parameters->ColorSetupFunction(drawInfo, PhGetIntegerSetting(L"ColorCpuKernel"), PhGetIntegerSetting(L"ColorCpuUser"));
PhGetDrawInfoGraphBuffers(&Section->GraphState.Buffers, drawInfo, context->InboundBuffer.Count);
if (!Section->GraphState.Valid)
{
FLOAT maxGraphHeight1 = 0;
FLOAT maxGraphHeight2 = 0;
for (ULONG i = 0; i < drawInfo->LineDataCount; i++)
{
Section->GraphState.Data1[i] = (FLOAT)PhGetItemCircularBuffer_ULONG64(&context->InboundBuffer, i);
Section->GraphState.Data2[i] = (FLOAT)PhGetItemCircularBuffer_ULONG64(&context->OutboundBuffer, i);
if (Section->GraphState.Data1[i] > maxGraphHeight1)
maxGraphHeight1 = Section->GraphState.Data1[i];
if (Section->GraphState.Data2[i] > maxGraphHeight2)
maxGraphHeight2 = Section->GraphState.Data2[i];
}
// Scale the data.
PhxfDivideSingle2U(
Section->GraphState.Data1,
maxGraphHeight1, // (FLOAT)context->MaxReceiveSpeed,
drawInfo->LineDataCount
);
// Scale the data.
PhxfDivideSingle2U(
Section->GraphState.Data2,
maxGraphHeight2, // (FLOAT)context->MaxSendSpeed,
drawInfo->LineDataCount
);
Section->GraphState.Valid = TRUE;
}
}
return TRUE;
case SysInfoGraphGetTooltipText:
{
PPH_SYSINFO_GRAPH_GET_TOOLTIP_TEXT getTooltipText = (PPH_SYSINFO_GRAPH_GET_TOOLTIP_TEXT)Parameter1;
ULONG64 adapterInboundValue = PhGetItemCircularBuffer_ULONG64(
&context->InboundBuffer,
getTooltipText->Index
);
ULONG64 adapterOutboundValue = PhGetItemCircularBuffer_ULONG64(
&context->OutboundBuffer,
getTooltipText->Index
);
PhSwapReference2(&Section->GraphState.TooltipText, PhFormatString(
L"R: %s\nS: %s\n%s",
PhaFormatSize(adapterInboundValue, -1)->Buffer,
PhaFormatSize(adapterOutboundValue, -1)->Buffer,
((PPH_STRING)PHA_DEREFERENCE(PhGetStatisticsTimeString(NULL, getTooltipText->Index)))->Buffer
));
getTooltipText->Text = Section->GraphState.TooltipText->sr;
}
return TRUE;
case SysInfoGraphDrawPanel:
{
PPH_SYSINFO_DRAW_PANEL drawPanel = (PPH_SYSINFO_DRAW_PANEL)Parameter1;
drawPanel->Title = PhCreateString(Section->Name.Buffer);
drawPanel->SubTitle = PhFormatString(
L"R: %s\nS: %s",
PhaFormatSize(context->InboundValue, -1)->Buffer,
PhaFormatSize(context->OutboundValue, -1)->Buffer
);
}
return TRUE;
}
return FALSE;
}