VOID PhpMappedArchiveProbe(
_In_ PPH_MAPPED_ARCHIVE MappedArchive,
_In_ PVOID Address,
_In_ SIZE_T Length
)
{
PhProbeAddress(Address, Length, MappedArchive->ViewBase, MappedArchive->Size, 1);
}
VOID PhpMappedImageProbe(
_In_ PPH_MAPPED_IMAGE MappedImage,
_In_ PVOID Address,
_In_ SIZE_T Length
)
{
PhProbeAddress(Address, Length, MappedImage->ViewBase, MappedImage->Size, 1);
}
VOID PvPeProperties(
VOID
)
{
NTSTATUS status;
PROPSHEETHEADER propSheetHeader = { sizeof(propSheetHeader) };
PROPSHEETPAGE propSheetPage;
HPROPSHEETPAGE pages[5];
PH_MAPPED_IMAGE_IMPORTS imports;
PH_MAPPED_IMAGE_EXPORTS exports;
PIMAGE_DATA_DIRECTORY entry;
status = PhLoadMappedImage(PvFileName->Buffer, NULL, TRUE, &PvMappedImage);
if (!NT_SUCCESS(status))
{
PhShowStatus(NULL, L"Unable to load the PE file", status, 0);
return;
}
propSheetHeader.dwFlags =
PSH_NOAPPLYNOW |
PSH_NOCONTEXTHELP |
PSH_PROPTITLE;
propSheetHeader.hwndParent = NULL;
propSheetHeader.pszCaption = PvFileName->Buffer;
propSheetHeader.nPages = 0;
propSheetHeader.nStartPage = 0;
propSheetHeader.phpage = pages;
// General page
memset(&propSheetPage, 0, sizeof(PROPSHEETPAGE));
propSheetPage.dwSize = sizeof(PROPSHEETPAGE);
propSheetPage.pszTemplate = MAKEINTRESOURCE(IDD_PEGENERAL);
propSheetPage.pfnDlgProc = PvpPeGeneralDlgProc;
pages[propSheetHeader.nPages++] = CreatePropertySheetPage(&propSheetPage);
// Imports page
if ((NT_SUCCESS(PhGetMappedImageImports(&imports, &PvMappedImage)) && imports.NumberOfDlls != 0) ||
(NT_SUCCESS(PhGetMappedImageDelayImports(&imports, &PvMappedImage)) && imports.NumberOfDlls != 0))
{
memset(&propSheetPage, 0, sizeof(PROPSHEETPAGE));
propSheetPage.dwSize = sizeof(PROPSHEETPAGE);
propSheetPage.pszTemplate = MAKEINTRESOURCE(IDD_PEIMPORTS);
propSheetPage.pfnDlgProc = PvpPeImportsDlgProc;
pages[propSheetHeader.nPages++] = CreatePropertySheetPage(&propSheetPage);
}
// Exports page
if (NT_SUCCESS(PhGetMappedImageExports(&exports, &PvMappedImage)) && exports.NumberOfEntries != 0)
{
memset(&propSheetPage, 0, sizeof(PROPSHEETPAGE));
propSheetPage.dwSize = sizeof(PROPSHEETPAGE);
propSheetPage.pszTemplate = MAKEINTRESOURCE(IDD_PEEXPORTS);
propSheetPage.pfnDlgProc = PvpPeExportsDlgProc;
pages[propSheetHeader.nPages++] = CreatePropertySheetPage(&propSheetPage);
}
// Load Config page
if (NT_SUCCESS(PhGetMappedImageDataEntry(&PvMappedImage, IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG, &entry)) && entry->VirtualAddress)
{
memset(&propSheetPage, 0, sizeof(PROPSHEETPAGE));
propSheetPage.dwSize = sizeof(PROPSHEETPAGE);
propSheetPage.pszTemplate = MAKEINTRESOURCE(IDD_PELOADCONFIG);
propSheetPage.pfnDlgProc = PvpPeLoadConfigDlgProc;
pages[propSheetHeader.nPages++] = CreatePropertySheetPage(&propSheetPage);
}
// CLR page
if (NT_SUCCESS(PhGetMappedImageDataEntry(&PvMappedImage, IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR, &entry)) &&
entry->VirtualAddress &&
(PvImageCor20Header = PhMappedImageRvaToVa(&PvMappedImage, entry->VirtualAddress, NULL)))
{
status = STATUS_SUCCESS;
__try
{
PhProbeAddress(PvImageCor20Header, sizeof(IMAGE_COR20_HEADER),
PvMappedImage.ViewBase, PvMappedImage.Size, 4);
}
__except (EXCEPTION_EXECUTE_HANDLER)
{
status = GetExceptionCode();
}
if (NT_SUCCESS(status))
{
memset(&propSheetPage, 0, sizeof(PROPSHEETPAGE));
propSheetPage.dwSize = sizeof(PROPSHEETPAGE);
propSheetPage.pszTemplate = MAKEINTRESOURCE(IDD_PECLR);
propSheetPage.pfnDlgProc = PvpPeClrDlgProc;
pages[propSheetHeader.nPages++] = CreatePropertySheetPage(&propSheetPage);
}
}
