📄 ntlib.c
字号:
// -----------------------------------------------------------------
BOOL WINAPI
NtlCommandExecute (PNTL_CMD_DATA pncd)
{
BOOL fOk = FALSE;
if ((pncd->pnco != NULL) && (pncd->pnco->Handler != NULL))
{
pncd->pnco->Handler (pncd);
fOk = TRUE;
}
pncd->pnco = NULL;
pncd->dCount = 0;
return fOk;
}
// -----------------------------------------------------------------
DWORD WINAPI
NtlCommandEvaluate (PNTL_CMD_OPTION pncoTable,
PNTL_CMD_FLAG pncfTable,
PTBYTE ptPrefixes,
PPTBYTE pptData,
DWORD dCount,
PNTL_CMD_CALLBACK CmdCallback,
PVOID pClient)
{
PNTL_CMD_OPTION pnco;
NTL_CMD_DATA ncd;
PTBYTE ptName;
BOOL fAmbiguous, fMore;
DWORD i, j, k;
DWORD n = 0;
ncd.pnco = NULL;
ncd.dCount = NTL_CMD_PARAMETERS;
for (i = 0; i < dCount; i++)
{
for (j = 0; ptPrefixes [j]; j++)
{
if (ptPrefixes [j] == pptData [i] [0]) break;
}
if (ptPrefixes [j])
{
if (NtlCommandExecute (&ncd)) n++;
if ((pnco = NtlCommandOption (pncoTable,
pptData [i] + 1,
&fAmbiguous))
!= NULL)
{
ncd.pnco = pnco;
ncd.pncfTable = pncfTable;
ncd.tPrefix = ptPrefixes [j];
ncd.dFlags = 0;
ncd.dCount = 0;
ncd.dNumbers = 0;
}
else
{
if (fAmbiguous)
{
fMore = CmdCallback (NTL_CMD_CALLBACK_AMBIGUOUS,
ptPrefixes [j],
pptData [i], pClient);
ptName = pptData [i] + 1;
}
else
{
fMore = CmdCallback (NTL_CMD_CALLBACK_INVALID,
ptPrefixes [j],
pptData [i], pClient);
ptName = atNull;
}
if (fMore)
{
k = 0;
while (((pnco = NtlCommandEnumerate (pncoTable,
ptName,
&k))
!= NULL)
&&
CmdCallback (NTL_CMD_CALLBACK_ENUMERATE,
ptPrefixes [j],
pnco->ptName, pClient));
CmdCallback (NTL_CMD_CALLBACK_ENUMERATE,
ptPrefixes [j],
NULL, pClient);
}
}
}
else
{
if (ncd.dCount < NTL_CMD_PARAMETERS)
{
NtlCommandFlag (pncfTable, pptData [i],
&ncd.dFlags);
NtlCommandParameter (pptData [i],
ncd.ancp + ncd.dCount);
if (ncd.ancp [ncd.dCount++].fNumeric)
{
ncd.dNumbers++;
}
}
else
{
CmdCallback (NTL_CMD_CALLBACK_OVERFLOW,
ptPrefixes [j],
pptData [i], pClient);
}
}
if ((i+1 == dCount) && NtlCommandExecute (&ncd)) n++;
}
return n;
}
// =================================================================
// LINKED LIST MANAGEMENT
// =================================================================
PVOID WINAPI
NtlListNext (PLIST_ENTRY pleHead,
DWORD dOffset,
PVOID pCurrent)
{
PLIST_ENTRY ple;
PVOID pNext = NULL;
ple = (pCurrent != NULL
? (PLIST_ENTRY) ((PBYTE) pCurrent + dOffset)
: pleHead);
if ((ple != NULL) && (ple->Flink != pleHead))
{
pNext = (PBYTE) ple->Flink - dOffset;
}
return pNext;
}
// -----------------------------------------------------------------
PVOID WINAPI
NtlListFirst (PLIST_ENTRY pleHead,
DWORD dOffset)
{
return NtlListNext (pleHead, dOffset, NULL);
}
// =================================================================
// BASIC TABLE MANAGEMENT
// =================================================================
NTSTATUS WINAPI
NtlTableReset (PNTL_TABLE pnt,
PVOID pData,
DWORD dData)
{
return NtlTableResetEx (pnt, pData, dData, 0, 0, 0, FALSE);
}
// -----------------------------------------------------------------
NTSTATUS WINAPI
NtlTableResetEx (PNTL_TABLE pnt,
PVOID pData,
DWORD dData,
DWORD dHeader,
DWORD dEntry,
DWORD dFlags,
BOOL fCount)
{
NTSTATUS ns = STATUS_INVALID_PARAMETER;
if (pnt != NULL)
{
pnt->pData = pData;
pnt->dData = (pData != NULL ? dData : 0);
pnt->dHeader = dHeader;
pnt->dEntry = dEntry;
pnt->dFlags = dFlags;
pnt->dIndex = 0;
pnt->dCount = (fCount ? NtlTableCount (pnt) : 0);
ns = STATUS_SUCCESS;
}
return ns;
}
// -----------------------------------------------------------------
NTSTATUS WINAPI
NtlTableLoad (PNTL_TABLE pnt,
DWORD dInfoGroup,
DWORD dInfoClass,
HANDLE hObject)
{
PVOID pData, pData1;
DWORD dData, dData1;
NTSTATUS ns = STATUS_INVALID_PARAMETER;
if (pnt != NULL)
{
dData = NTL_UNIT_TABLE;
dData1 = 0;
while ((pData = LocalAlloc (LMEM_FIXED, dData)) != NULL)
{
switch (dInfoGroup)
{
case NTL_INFO_SYSTEM:
{
ns = NtQuerySystemInformation
(dInfoClass,
pData, dData, &dData1);
break;
}
case NTL_INFO_PROCESS:
{
ns = NtQueryInformationProcess
(hObject, dInfoClass,
pData, dData, &dData1);
break;
}
case NTL_INFO_THREAD:
{
ns = NtQueryInformationThread
(hObject, dInfoClass,
pData, dData, &dData1);
break;
}
case NTL_INFO_LOADER:
{
if (dInfoClass
== LoaderProcessModuleInformation)
{
ns = LdrQueryProcessModuleInformation
(pData, dData, &dData1);
}
else
{
ns = STATUS_INVALID_INFO_CLASS;
}
break;
}
}
if (ns != STATUS_SUCCESS) dData1 = 0;
if (ns != STATUS_INFO_LENGTH_MISMATCH) break;
LocalFree (pData);
dData += NTL_UNIT_TABLE;
}
dData = dData1;
if (pData != NULL)
{
pData1 = pData;
if ((ns == STATUS_SUCCESS)
&&
((pData = LocalReAlloc (pData1, (dData ? dData : 1),
LMEM_MOVEABLE))
== NULL))
{
ns = STATUS_NO_MEMORY;
}
if (ns != STATUS_SUCCESS)
{
LocalFree (pData1);
pData = NULL;
dData = 0;
}
}
else
{
ns = STATUS_NO_MEMORY;
}
NtlTableReset (pnt, pData, dData);
}
return ns;
}
// -----------------------------------------------------------------
NTSTATUS WINAPI
NtlTableLoadEx (PNTL_TABLE pnt,
DWORD dInfoGroup,
DWORD dInfoClass,
HANDLE hObject,
DWORD dHeader,
DWORD dEntry,
DWORD dFlags)
{
NTSTATUS ns = STATUS_INVALID_PARAMETER;
if (pnt != NULL)
{
ns = NtlTableLoad (pnt, dInfoGroup, dInfoClass, hObject);
NtlTableResetEx (pnt, pnt->pData, pnt->dData,
dHeader, dEntry, dFlags, TRUE);
}
return ns;
}
// -----------------------------------------------------------------
NTSTATUS WINAPI
NtlTableUnload (PNTL_TABLE pnt)
{
NTSTATUS ns = STATUS_INVALID_PARAMETER;
if (pnt != NULL)
{
if (pnt->pData != NULL)
{
ns = (LocalFree (pnt->pData) == NULL
? STATUS_SUCCESS
: STATUS_UNSUCCESSFUL);
}
NtlTableReset (pnt, NULL, 0);
}
return ns;
}
// -----------------------------------------------------------------
DWORD WINAPI
NtlTableSize (PNTL_TABLE pnt)
{
return ((pnt != NULL) && (pnt->pData != NULL) ? pnt->dData : 0);
}
// -----------------------------------------------------------------
DWORD WINAPI
NtlTableCount (PNTL_TABLE pnt)
{
PVOID pData;
DWORD dData, dOffset, dNext;
DWORD n = 0;
if (pnt != NULL)
{
if (pnt->pData != NULL)
{
if (pnt->dData >= pnt->dHeader + pnt->dEntry)
{
dData = pnt->dData - pnt->dHeader;
if (pnt->dFlags & NTL_TABLE_COUNT)
{
if (pnt->dFlags & NTL_TABLE_FIXED)
{
n = (pnt->dEntry ? dData / pnt->dEntry : 1);
}
if (pnt->dHeader >= DWORD_)
{
n = min (n, *(PDWORD) pnt->pData);
}
}
else
{
if (pnt->dFlags & NTL_TABLE_FIXED)
{
n = (pnt->dEntry ? dData / pnt->dEntry : 1);
}
else
{
dOffset = pnt->dHeader;
while (dOffset + max (pnt->dEntry, DWORD_)
<= pnt->dData)
{
pData = (PBYTE) pnt->pData + dOffset;
n++;
if (!(dNext = *(PDWORD) pData)) break;
if (pnt->dFlags & NTL_TABLE_ABSOLUTE)
{
dOffset = dNext;
}
else
{
dOffset += dNext;
}
}
}
}
}
}
pnt->dCount = n;
}
return n;
}
// -----------------------------------------------------------------
PVOID WINAPI
NtlTableFirst (PNTL_TABLE pnt)
{
PVOID pData = NULL;
if (pnt != NULL)
{
if (pnt->dCount)
{
pData = (PBYTE) pnt->pData + pnt->dHeader;
}
pnt->dIndex = 0;
}
return pData;
}
// -----------------------------------------------------------------
PVOID WINAPI
NtlTableNext (PNTL_TABLE pnt,
PVOID pEntry)
{
DWORD dNext;
PVOID pData = NULL;
if (pnt != NULL)
{
if (pEntry == NULL)
{
pData = NtlTableFirst (pnt);
}
else
{
if (pnt->dIndex < pnt->dCount)
{
if (pnt->dFlags & NTL_TABLE_FIXED)
{
pData = (PBYTE) pEntry + pnt->dEntry;
}
else
{
dNext = *(PDWORD) pEntry;
if (pnt->dFlags & NTL_TABLE_ABSOLUTE)
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -