📄 w2k_call.c
字号:
{
fOk = w2kCall (puliResult, NULL, pie->pAddress,
pie->dConvention == IMG_CONVENTION_FASTCALL,
dArgumentBytes, pArguments);
}
else
{
if (puliResult != NULL) puliResult->QuadPart = 0;
}
return fOk;
}
// -----------------------------------------------------------------
BOOL WINAPI w2kXCallV (PULARGE_INTEGER puliResult,
PBYTE pbSymbol,
DWORD dArgumentBytes,
...)
{
return w2kXCall (puliResult, pbSymbol,
dArgumentBytes, &dArgumentBytes + 1);
}
// -----------------------------------------------------------------
NTSTATUS WINAPI w2kXCallNT (PBYTE pbSymbol,
DWORD dArgumentBytes,
...)
{
ULARGE_INTEGER uliResult;
return (w2kXCall (&uliResult, pbSymbol,
dArgumentBytes, &dArgumentBytes + 1)
? uliResult.LowPart
: STATUS_IO_DEVICE_ERROR);
}
// -----------------------------------------------------------------
BYTE WINAPI w2kXCall08 (BYTE bDefault,
PBYTE pbSymbol,
DWORD dArgumentBytes,
...)
{
ULARGE_INTEGER uliResult;
return (w2kXCall (&uliResult, pbSymbol,
dArgumentBytes, &dArgumentBytes + 1)
? (BYTE) uliResult.LowPart
: bDefault);
}
// -----------------------------------------------------------------
WORD WINAPI w2kXCall16 (WORD wDefault,
PBYTE pbSymbol,
DWORD dArgumentBytes,
...)
{
ULARGE_INTEGER uliResult;
return (w2kXCall (&uliResult, pbSymbol,
dArgumentBytes, &dArgumentBytes + 1)
? (WORD) uliResult.LowPart
: wDefault);
}
// -----------------------------------------------------------------
DWORD WINAPI w2kXCall32 (DWORD dDefault,
PBYTE pbSymbol,
DWORD dArgumentBytes,
...)
{
ULARGE_INTEGER uliResult;
return (w2kXCall (&uliResult, pbSymbol,
dArgumentBytes, &dArgumentBytes + 1)
? uliResult.LowPart
: dDefault);
}
// -----------------------------------------------------------------
QWORD WINAPI w2kXCall64 (QWORD qDefault,
PBYTE pbSymbol,
DWORD dArgumentBytes,
...)
{
ULARGE_INTEGER uliResult;
return (w2kXCall (&uliResult, pbSymbol,
dArgumentBytes, &dArgumentBytes + 1)
? uliResult.QuadPart
: qDefault);
}
// -----------------------------------------------------------------
PVOID WINAPI w2kXCallP (PVOID pDefault,
PBYTE pbSymbol,
DWORD dArgumentBytes,
...)
{
ULARGE_INTEGER uliResult;
return (w2kXCall (&uliResult, pbSymbol,
dArgumentBytes, &dArgumentBytes + 1)
? (PVOID) uliResult.LowPart
: pDefault);
}
// =================================================================
// EXTENDED KERNEL COPY INTERFACE
// =================================================================
BOOL WINAPI w2kXCopy (PULARGE_INTEGER puliResult,
PBYTE pbSymbol,
DWORD dBytes)
{
return w2kXCall (puliResult, pbSymbol,
0xFFFFFFFF - dBytes, NULL);
}
// -----------------------------------------------------------------
BYTE WINAPI w2kXCopy08 (BYTE bDefault,
PBYTE pbSymbol)
{
ULARGE_INTEGER uliResult;
return (w2kXCopy (&uliResult, pbSymbol, 1)
? (BYTE) uliResult.LowPart
: bDefault);
}
// -----------------------------------------------------------------
WORD WINAPI w2kXCopy16 (WORD wDefault,
PBYTE pbSymbol)
{
ULARGE_INTEGER uliResult;
return (w2kXCopy (&uliResult, pbSymbol, 2)
? (WORD) uliResult.LowPart
: wDefault);
}
// -----------------------------------------------------------------
DWORD WINAPI w2kXCopy32 (DWORD dDefault,
PBYTE pbSymbol)
{
ULARGE_INTEGER uliResult;
return (w2kXCopy (&uliResult, pbSymbol, 4)
? uliResult.LowPart
: dDefault);
}
// -----------------------------------------------------------------
QWORD WINAPI w2kXCopy64 (QWORD qDefault,
PBYTE pbSymbol)
{
ULARGE_INTEGER uliResult;
return (w2kXCopy (&uliResult, pbSymbol, 8)
? uliResult.QuadPart
: qDefault);
}
// -----------------------------------------------------------------
PVOID WINAPI w2kXCopyP (PVOID pDefault,
PBYTE pbSymbol)
{
ULARGE_INTEGER uliResult;
return (w2kXCopy (&uliResult, pbSymbol, 4)
? (PVOID) uliResult.LowPart
: pDefault);
}
// -----------------------------------------------------------------
PVOID WINAPI w2kXCopyEP (PVOID pDefault,
PBYTE pbSymbol)
{
ULARGE_INTEGER uliResult;
return (w2kXCopy (&uliResult, pbSymbol, 0)
? (PVOID) uliResult.LowPart
: pDefault);
}
// =================================================================
// BEEP CONTROL
// =================================================================
BOOL WINAPI
w2kBeep (DWORD dDuration,
DWORD dPitch)
{
BOOL fOk = TRUE;
if (!_HalMakeBeep (dPitch)) fOk = FALSE;
Sleep (dDuration);
if (!_HalMakeBeep (0 )) fOk = FALSE;
return fOk;
}
// -----------------------------------------------------------------
BOOL WINAPI
w2kBeepEx (DWORD dData,
...)
{
PDWORD pdData;
BOOL fOk = TRUE;
for (pdData = &dData; pdData [0]; pdData += 2)
{
if (!w2kBeep (pdData [0], pdData [1])) fOk = FALSE;
}
return fOk;
}
// =================================================================
// OBJECT MANAGEMENT
// =================================================================
POBJECT_HEADER WINAPI
w2kObjectHeader (POBJECT pObject)
{
DWORD dOffset = OBJECT_HEADER_;
POBJECT_HEADER pHeader = NULL;
if (pObject != NULL)
{
pHeader = w2kSpyClone (BACK (pObject, dOffset),
dOffset);
}
return pHeader;
}
// -----------------------------------------------------------------
POBJECT_CREATOR_INFO WINAPI
w2kObjectCreatorInfo (POBJECT_HEADER pHeader,
POBJECT pObject)
{
DWORD dOffset;
POBJECT_CREATOR_INFO pCreatorInfo = NULL;
if ((pHeader != NULL) && (pObject != NULL) &&
(pHeader->ObjectFlags & OB_FLAG_CREATOR_INFO))
{
dOffset = OBJECT_CREATOR_INFO_ + OBJECT_HEADER_;
pCreatorInfo = w2kSpyClone (BACK (pObject, dOffset),
OBJECT_CREATOR_INFO_);
}
return pCreatorInfo;
}
// -----------------------------------------------------------------
POBJECT_NAME WINAPI
w2kObjectName (POBJECT_HEADER pHeader,
POBJECT pObject)
{
DWORD dOffset;
POBJECT_NAME pName = NULL;
if ((pHeader != NULL) && (pObject != NULL) &&
(dOffset = pHeader->NameOffset))
{
dOffset += OBJECT_HEADER_;
pName = w2kSpyClone (BACK (pObject, dOffset),
OBJECT_NAME_);
}
return pName;
}
// -----------------------------------------------------------------
POBJECT_HANDLE_DB WINAPI
w2kObjectHandleDB (POBJECT_HEADER pHeader,
POBJECT pObject)
{
DWORD dOffset;
POBJECT_HANDLE_DB pHandleDB = NULL;
if ((pHeader != NULL) && (pObject != NULL) &&
(dOffset = pHeader->HandleDBOffset))
{
dOffset += OBJECT_HEADER_;
pHandleDB = w2kSpyClone (BACK (pObject, dOffset),
OBJECT_HANDLE_DB_);
}
return pHandleDB;
}
// -----------------------------------------------------------------
POBJECT_QUOTA_CHARGES WINAPI
w2kObjectQuotaCharges (POBJECT_HEADER pHeader,
POBJECT pObject)
{
DWORD dOffset;
POBJECT_QUOTA_CHARGES pQuotaCharges = NULL;
if ((pHeader != NULL) && (pObject != NULL) &&
(dOffset = pHeader->QuotaChargesOffset))
{
dOffset += OBJECT_HEADER_;
pQuotaCharges = w2kSpyClone (BACK (pObject, dOffset),
OBJECT_QUOTA_CHARGES_);
}
return pQuotaCharges;
}
// -----------------------------------------------------------------
POBJECT_TYPE WINAPI
w2kObjectType (POBJECT_HEADER pHeader)
{
POBJECT_TYPE pType = NULL;
if (pHeader != NULL)
{
pType = w2kSpyClone (pHeader->ObjectType,
OBJECT_TYPE_);
}
return pType;
}
// -----------------------------------------------------------------
PQUOTA_BLOCK WINAPI
w2kObjectQuotaBlock (POBJECT_HEADER pHeader)
{
PQUOTA_BLOCK pQuotaBlock = NULL;
if ((pHeader != NULL) &&
(!(pHeader->ObjectFlags & OB_FLAG_CREATE_INFO)))
{
pQuotaBlock = w2kSpyClone (pHeader->QuotaBlock,
QUOTA_BLOCK_);
}
return pQuotaBlock;
}
// -----------------------------------------------------------------
POBJECT_CREATE_INFO WINAPI
w2kObjectCreateInfo (POBJECT_HEADER pHeader)
{
POBJECT_CREATE_INFO pCreateInfo = NULL;
if ((pHeader != NULL) &&
(pHeader->ObjectFlags & OB_FLAG_CREATE_INFO))
{
pCreateInfo = w2kSpyClone (pHeader->ObjectCreateInfo,
OBJECT_CREATE_INFO_);
}
return pCreateInfo;
}
// -----------------------------------------------------------------
PW2K_OBJECT WINAPI
w2kObjectOpen (POBJECT pObject)
{
DWORD dName, dType, dSize;
PWORD pwBuffer;
PUNICODE_STRING pus;
POBJECT_HEADER pHeader;
W2K_OBJECT wo;
PW2K_OBJECT_FRAME pwof = NULL;
if ((pHeader = w2kObjectHeader (pObject)) != NULL)
{
wo.pObject = pObject;
wo.pHeader = pHeader;
wo.pCreatorInfo = w2kObjectCreatorInfo (pHeader, pObject);
wo.pName = w2kObjectName (pHeader, pObject);
wo.pHandleDB = w2kObjectHandleDB (pHeader, pObject);
wo.pQuotaCharges = w2kObjectQuotaCharges (pHeader, pObject);
wo.pType = w2kObjectType (pHeader);
wo.pQuotaBlock = w2kObjectQuotaBlock (pHeader);
wo.pCreateInfo = w2kObjectCreateInfo (pHeader);
dName = ((wo.pName != NULL) &&
(wo.pName->Name.Buffer != NULL)
? wo.pName->Name.Length / WORD_
: 0);
dType = ((wo.pType != NULL) &&
(wo.pType->ObjectTypeName.Buffer != NULL)
? wo.pType->ObjectTypeName.Length / WORD_
: 0);
dSize = W2K_OBJECT_FRAME__ (dName+1 + dType+1);
if ((pwof = w2kMemoryCreate (dSize)) != NULL)
{
ZeroMemory (pwof, dSize);
pwBuffer = pwof->Buffer;
pwof->Header = *pHeader;
pwof->Header.ObjectFlags &= ~OB_FLAG_CREATOR_INFO;
pwof->Header.NameOffset = 0;
pwof->Header.HandleDBOffset = 0;
pwof->Header.QuotaChargesOffset = 0;
pwof->Header.ObjectType = NULL;
pwof->Header.QuotaBlock = NULL;
pwof->Header.ObjectCreateInfo = NULL;
pwof->Object = wo;
pwof->Object.pHeader = &pwof->Header;
if (wo.pCreatorInfo != NULL)
{
pwof->CreatorInfo = *wo.pCreatorInfo;
pwof->Object.pCreatorInfo = &pwof->CreatorInfo;
pwof->Header.ObjectFlags |= OB_FLAG_CREATOR_INFO;
}
pus = NULL;
if (wo.pName != NULL)
{
pwof->Name = *wo.pName;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -