📄 skdrv_misc.c
字号:
// SkDrv_Misc.c
////////////////////////////////////////////////////////////////////////////////
// the file contain functions that on base MONITOR DRIVER Need...
// start at 2000/9/28 ... by snake.
////////////////////////////////////////////////////////////////////////////////
#include <ntddk.h>
#include <stdarg.h>
#include <stdio.h> //for sprintf using...
#include "SkDrv_Misc.h"
//==============================================================================
// PROCESS NAME FUNCTIONS.
//==============================================================================
int l_iProcessNameOffset=0;
#define MAX_PROC_DATA_SIZE 12000
BOOLEAN InitGetProcessName(PCHAR lpszProcName)
{
PEPROCESS peCurProc;
int i, iLen;
char *pszCurPointer;
l_iProcessNameOffset = 0; //init to 0.
peCurProc = PsGetCurrentProcess();
if( !peCurProc || !lpszProcName)
return FALSE;
iLen = strlen( lpszProcName);
if( !iLen) return FALSE;
//search for all process data.
pszCurPointer = peCurProc;
for( i=0; i<MAX_PROC_DATA_SIZE ; i++){
if( strncmp( lpszProcName, pszCurPointer, iLen) == 0)
break;
pszCurPointer++;
}
if( i == MAX_PROC_DATA_SIZE )
return FALSE;
l_iProcessNameOffset = i;
return TRUE;
}
//Get Current Process's name.
// IN: pszName-- the buffer for output,size is at least 512 bytes.
//
// return TRUE if Success. FALSE if failure.!
BOOLEAN GetProcessName( IN OUT PCHAR pszName, IN OUT ULONG *pID)
{
PEPROCESS peCurProc;
char *nameStr;
if( l_iProcessNameOffset){
peCurProc = PsGetCurrentProcess();
nameStr = (PCHAR)peCurProc + l_iProcessNameOffset;
strcpy( pszName, nameStr);
if( pID)
*pID = PsGetCurrentProcessId();
return TRUE;
}
return FALSE; //failure to get.
}
//==============================================================================
// Logs function.
//==============================================================================
//Initialize Unit's Link.
void Sk_LogUnit_InitLink(Sk_LogUnit_Mang *pMang)
{
pMang->pHead = pMang->pTail = NULL;
KeInitializeMutex( &pMang->LinkMutex, 0);
pMang->iLogUnitNum = 0;
pMang->iMaxLogUnitNum = 1000;
}
//DeInit.
void Sk_LogUnit_DeInitLink(Sk_LogUnit_Mang *pMang)
{
Sk_LogUnit_FreeAll(pMang);
}
//Free Unit's Link memory.
void Sk_LogUnit_FreeAll(Sk_LogUnit_Mang *pMang)
{
LogUnit *pUnit, *pUnit2;
KeWaitForMutexObject( &pMang->LinkMutex, Executive, KernelMode, FALSE, NULL);
pUnit = pMang->pHead;
while( pUnit){
pUnit2 = pUnit->pNext;
Sk_LogUnit_FreeLogUnit(pMang, pUnit);
pUnit = pUnit2;
}
pMang->pHead = pMang->pTail = NULL;
pMang->iLogUnitNum = 0;
KeReleaseMutex( &pMang->LinkMutex, FALSE);
}
//Set Max Log Unit Num.
void Sk_LogUnit_SetMaxUnitNum( Sk_LogUnit_Mang *pMang, int iNewValue)
{
KeWaitForMutexObject( &pMang->LinkMutex, Executive, KernelMode, FALSE, NULL);
if( iNewValue == 0) iNewValue = 1;
pMang->iMaxLogUnitNum = iNewValue;
KeReleaseMutex( &pMang->LinkMutex, FALSE);
}
//Get size's memory's New Unit's
LogUnit *Sk_LogUnit_GetNewUnit_BySize(Sk_LogUnit_Mang *pMang, IN ULONG size)
{
LogUnit *pNewUnit;
int iSize;
iSize = size;
pNewUnit = (LogUnit *)ExAllocatePool( PagedPool, iSize+sizeof(LogUnit));
if( !pNewUnit) return NULL;
pNewUnit->iStrSize = iSize;
pNewUnit->pNext = pNewUnit->pBack = NULL;
pNewUnit->dataType = TYPE_UNDEFINED;
return pNewUnit;
}
//Alloc memory for new unit.
// and set the unit's content into pszStr.
// return NULL if failure.
LogUnit *Sk_LogUnit_GetNewUnit(Sk_LogUnit_Mang *pMang, IN PCHAR pszStr)
{
LogUnit *pNewUnit;
int iSize;
iSize = strlen( pszStr)+1;
pNewUnit = (LogUnit*)ExAllocatePool( PagedPool, iSize + sizeof(LogUnit));
if( !pNewUnit) return NULL;
pNewUnit->iStrSize = iSize;
pNewUnit->pNext = pNewUnit->pBack = NULL;
pNewUnit->dataType = TYPE_STRING;
strncpy( pNewUnit->pszStr, pszStr, iSize);
return pNewUnit;
}
//Alloc memory for new unit.
// and set the unit's content into pszStr.
// return NULL if failure.
LogUnit *Sk_LogUnit_GetNewUnit_Dword( Sk_LogUnit_Mang *pMang, IN ULONG dwData)
{
LogUnit *pNewUnit;
int iSize;
iSize = sizeof(ULONG);
pNewUnit = (LogUnit*)ExAllocatePool( PagedPool, iSize + sizeof(LogUnit));
if( !pNewUnit) return NULL;
pNewUnit->iStrSize = iSize;
pNewUnit->pNext = pNewUnit->pBack = NULL;
pNewUnit->dataType = TYPE_STRING;
*(ULONG *)( pNewUnit->pszStr) = dwData;
return pNewUnit;
}
//Add string to log.
#define MAX_LOG_UNIT_SIZE 2048
void Sk_LogUnit_AddStrToLog(Sk_LogUnit_Mang *pMang, const char *format, ...)
{
char szTempStr[MAX_LOG_UNIT_SIZE];
va_list arg_ptr;
LogUnit *pUnit;
int len;
va_start( arg_ptr, format);
len = vsprintf( szTempStr, format, arg_ptr);
va_end( arg_ptr);
pUnit = Sk_LogUnit_GetNewUnit( pMang, szTempStr);
if( pUnit){
Sk_LogUnit_InsertUnitToLink( pMang, pUnit, TRUE);
}
}
//Free the Unit's memory.
void Sk_LogUnit_FreeLogUnit( Sk_LogUnit_Mang *pMang, IN LogUnit *pUnit)
{
if( pUnit)
ExFreePool( pUnit);
}
//Insert Unit to Link.
// IN LogUnit --- Unit to be add.
// bHead -- TRUE if Insert to Head. FALSE if Insert to Tail.
void Sk_LogUnit_InsertUnitToLink( Sk_LogUnit_Mang *pMang, IN LogUnit *pUnit, IN BOOLEAN bHead)
{
if( !pUnit) return;
if( pMang->iLogUnitNum > pMang->iMaxLogUnitNum){ //when number exceed max unitnum.
Sk_LogUnit_FreeLogUnit( pMang, pUnit); //discard this one.
return;
}
KeWaitForMutexObject( &pMang->LinkMutex, Executive, KernelMode, FALSE, NULL);
if( !pMang->pHead ){
pMang->pHead = pMang->pTail = pUnit;
pUnit->pNext = pUnit->pBack = NULL;
goto quit;
}
if( bHead){ //insert to head.
pUnit->pNext = pMang->pHead;
pMang->pHead->pBack = pUnit;
pMang->pHead = pUnit;
pUnit->pBack = NULL;
//keep pTail no change.
}
else{ //insert to tail.
pMang->pTail->pNext = pUnit;
pUnit->pBack = pMang->pTail;
pMang->pTail = pUnit;
pUnit->pNext = NULL;
}
quit:
pMang->iLogUnitNum ++;
KeReleaseMutex( &pMang->LinkMutex, FALSE);
}
//Pop a unit from Link.
// IN bHead -- TRUE if Pop from HEAD. FALSE if Tail.
LogUnit *Sk_LogUnit_PopUnitFromLink( Sk_LogUnit_Mang *pMang, IN BOOLEAN bHead)
{
LogUnit *pUnit;
KeWaitForMutexObject( &pMang->LinkMutex, Executive, KernelMode, FALSE, NULL);
if( pMang->pHead == pMang->pTail){
pUnit = pMang->pHead;
pMang->pHead = pMang->pTail = NULL;
goto quit;
}
if( bHead){
pUnit = pMang->pHead;
pMang->pHead = pMang->pHead->pNext;
pMang->pHead->pBack = NULL;
}
else{
pUnit = pMang->pTail;
pMang->pTail = pMang->pTail->pBack;
pMang->pTail->pNext = NULL;
}
quit:
if( pUnit)
pMang->iLogUnitNum --;
KeReleaseMutex( &pMang->LinkMutex, FALSE);
return pUnit;
}
//从链表中,删除一个单元, I don't free the memory yet.
void Sk_LogUnit_DeleteUnitFromLink( Sk_LogUnit_Mang *pMang, LogUnit *pDelUnit)
{
LogUnit *pUnit, *pUnit2;
KeWaitForMutexObject( &pMang->LinkMutex, Executive, KernelMode, FALSE, NULL);
pUnit = pMang->pHead;
while( pUnit){
if( pUnit == pDelUnit)
break;
pUnit = pUnit->pNext;
}
if( pUnit){ //success search out?
if( pMang->pHead == pUnit){ //reset parent.
pMang->pHead = pUnit->pNext;
if( pMang->pHead){
pMang->pHead->pBack = NULL; //reset it's parent pointer.
}
}
if( pMang->pTail == pUnit){ //reset tail.
pMang->pTail = pUnit->pBack;
if( pMang->pTail){
pMang->pTail->pNext = NULL; //reset it's child pointer.
}
}
}
KeReleaseMutex( &pMang->LinkMutex, FALSE);
}
//Search the unit which contain Dword data value = dwData.
LogUnit *Sk_LogUnit_SearchData_Dword( Sk_LogUnit_Mang *pMang, ULONG dwData)
{
LogUnit *pUnit;
KeWaitForMutexObject( &pMang->LinkMutex, Executive, KernelMode, FALSE, NULL);
pUnit = pMang->pHead;
while( pUnit){
if( *(ULONG *)(pUnit->pszStr) == dwData)
break;
pUnit = pUnit->pNext;
}
KeReleaseMutex( &pMang->LinkMutex, FALSE);
return pUnit;
}
//Search the unit which contain Str data value = str.
LogUnit *Sk_LogUnit_SearchData_Str( Sk_LogUnit_Mang *pMang, char *str, BOOLEAN bIgnoreCase)
{
LogUnit *pUnit;
int iValue;
KeWaitForMutexObject( &pMang->LinkMutex, Executive, KernelMode, FALSE, NULL);
pUnit = pMang->pHead;
while( pUnit){
if( bIgnoreCase)
iValue = Sk_stricmp( pUnit->pszStr, str);
else
iValue = strcmp( pUnit->pszStr, str);
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -