uzix/KernelEx
1
0
Fork 0
mirror of https://github.com/UzixLS/KernelEx.git synced 2025-07-18 23:11:19 +03:00
Code Issues Projects Releases Wiki Activity

import KernelEx-4.5.1

Browse Source
This commit is contained in:
UzixLS
2018-11-03 16:23:39 +03:00
parent 7571e3c60d
commit 2948e23961
77 changed files with 2603 additions and 883 deletions
Download Patch File Download Diff File Expand all files Collapse all files

138
core/Core.rc
View File

@ -20,57 +20,6 @@ LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL
#pragma code_page(1250)
#endif //_WIN32
/////////////////////////////////////////////////////////////////////////////
//
// String Table
//
STRINGTABLE DISCARDABLE
BEGIN
IDS_NOTREADY "System is not KernelEx-ready.\nPlease reinstall KernelEx."
IDS_STUBMISMATCH "Stub version mismatch (expected: %d, got: %d).\nPlease reinstall KernelEx."
IDS_OLDVER "Another KernelEx version has been detected: %s.\nPlease uninstall all other versions and reinstall latest version."
END
#endif // Neutral resources
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
// Polish resources
#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_POL)
#ifdef _WIN32
LANGUAGE LANG_POLISH, SUBLANG_DEFAULT
#pragma code_page(1250)
#endif //_WIN32
#ifdef APSTUDIO_INVOKED
/////////////////////////////////////////////////////////////////////////////
//
// TEXTINCLUDE
//
1 TEXTINCLUDE DISCARDABLE
BEGIN
"resource.h\0"
END
2 TEXTINCLUDE DISCARDABLE
BEGIN
"#include ""afxres.h""\r\n"
"\0"
END
3 TEXTINCLUDE DISCARDABLE
BEGIN
"\r\n"
"\0"
END
#endif // APSTUDIO_INVOKED
#ifndef _MAC
/////////////////////////////////////////////////////////////////////////////
//
@ -112,75 +61,60 @@ END
#endif // !_MAC
#ifdef _DEBUG
/////////////////////////////////////////////////////////////////////////////
//
// Dialog
//
IDD_DEBUG DIALOG DISCARDABLE 0, 0, 186, 100
STYLE WS_MINIMIZEBOX | WS_MAXIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU |
WS_THICKFRAME
CAPTION "KernelEx Debug Console"
FONT 8, "MS Sans Serif"
BEGIN
CONTROL "",IDC_LOG,"SysListView32",LVS_REPORT | WS_TABSTOP,0,0,
185,100
END
IDD_DEBUGFILTER DIALOG DISCARDABLE 0, 0, 177, 90
STYLE DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "Filter settings"
FONT 8, "MS Sans Serif"
BEGIN
DEFPUSHBUTTON "OK",IDOK,65,70,50,14
PUSHBUTTON "Cancel",IDCANCEL,120,70,50,14
EDITTEXT IDC_DFINCLUDE,5,15,165,14,ES_AUTOHSCROLL
EDITTEXT IDC_DFEXCLUDE,5,45,165,14,ES_AUTOHSCROLL
LTEXT "Include:",IDC_STATIC,5,5,26,8
LTEXT "Exclude:",IDC_STATIC,5,35,28,8
END
/////////////////////////////////////////////////////////////////////////////
//
// Menu
// String Table
//
IDR_LOGMENU MENU DISCARDABLE
STRINGTABLE DISCARDABLE
BEGIN
POPUP ""
BEGIN
MENUITEM "Enabled", IDM_ENABLE, CHECKED
MENUITEM SEPARATOR
MENUITEM "Save to file", IDM_TOFILE
MENUITEM "Clear", IDM_CLEAR
MENUITEM "Filter", IDM_FILTER
END
IDS_NOTREADY "System is not KernelEx-ready.\nPlease reinstall KernelEx."
IDS_STUBMISMATCH "Stub version mismatch (expected: %d, got: %d).\nPlease reinstall KernelEx."
IDS_OLDVER "Another KernelEx version has been detected: %s.\nPlease uninstall all other versions and reinstall latest version."
END
#endif // Neutral resources
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
//
// DESIGNINFO
//
// Polish resources
#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_PLK)
#ifdef _WIN32
LANGUAGE LANG_POLISH, SUBLANG_DEFAULT
#pragma code_page(1250)
#endif //_WIN32
#ifdef APSTUDIO_INVOKED
GUIDELINES DESIGNINFO DISCARDABLE
/////////////////////////////////////////////////////////////////////////////
//
// TEXTINCLUDE
//
1 TEXTINCLUDE DISCARDABLE
BEGIN
IDD_DEBUGFILTER, DIALOG
BEGIN
LEFTMARGIN, 7
RIGHTMARGIN, 170
TOPMARGIN, 7
BOTTOMMARGIN, 83
END
"resource.h\0"
END
2 TEXTINCLUDE DISCARDABLE
BEGIN
"#include ""afxres.h""\r\n"
"\0"
END
3 TEXTINCLUDE DISCARDABLE
BEGIN
"\r\n"
"\0"
END
#endif // APSTUDIO_INVOKED
#endif // Polish resources
/////////////////////////////////////////////////////////////////////////////
#endif // _DEBUG
#ifndef APSTUDIO_INVOKED

477
core/DebugWindow.cpp
View File

@ -1,477 +0,0 @@
/*
* KernelEx
* Copyright (C) 2009, Xeno86
*
* This file is part of KernelEx source code.
*
* KernelEx is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published
* by the Free Software Foundation; version 2 of the License.
*
* KernelEx is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with GNU Make; see the file COPYING. If not, write to
* the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
*
*/
#include <windows.h>
#include <commctrl.h>
#include <malloc.h>
#include "DebugWindow.h"
#include "resource.h"
#include "internals.h"
#include "debug.h"
extern bool apilog_enabled;
const unsigned short WM_KEXSTOPDEBUG = 0x6eee;
const unsigned short WM_KEXAPPENDLOG = 0x6eef;
DebugWindow* DebugWindow::instance = NULL;
extern "C"
char* strtok_r(char* s, const char* delim, char** holder);
DebugWindow::DebugWindow()
{
DWORD tid;
DBGPRINTF(("Creating DebugWindow\n"));
hwnd = (HWND) -1;
//we're interested in everything
includes.push_back("*");
//these usually aren't interesting
excludes.push_back("Tls");
excludes.push_back("Heap");
excludes.push_back("CriticalSection");
excludes.push_back("Interlocked");
InitializeCriticalSection(&cs);
MakeCriticalSectionGlobal(&cs);
LoadLibrary("COMCTL32.DLL");
hThread = CreateThread(NULL, 0, thread, (void*) this, 0, &tid);
}
DebugWindow::~DebugWindow()
{
DBGPRINTF(("Destroying DebugWindow\n"));
DeleteCriticalSection(&cs);
SendMessage(hwnd, WM_KEXSTOPDEBUG, 0, 0);
}
BOOL CALLBACK DebugWindow::DebugDlgProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam)
{
NMHDR* nmhdr;
DebugWindow* _this = (DebugWindow*) GetWindowLong(hwnd, GWL_USERDATA);
switch (msg)
{
case WM_INITDIALOG:
_this = (DebugWindow*) lParam;
SetWindowLong(hwnd, GWL_USERDATA, lParam);
_this->InitDialog(hwnd);
break;
case WM_SIZE:
MoveWindow(GetDlgItem(hwnd, IDC_LOG), 0, 0, LOWORD(lParam), HIWORD(lParam), TRUE);
SendDlgItemMessage(hwnd, IDC_LOG, WM_VSCROLL, SB_BOTTOM, 0);
break;
case WM_KEXSTOPDEBUG:
DestroyWindow(hwnd);
break;
case WM_KEXAPPENDLOG:
_this->AppendLog((char*) lParam);
break;
case WM_DESTROY:
PostQuitMessage(0);
break;
case WM_NOTIFY:
nmhdr = (NMHDR*) lParam;
if (nmhdr->idFrom == IDC_LOG)
if (nmhdr->code == NM_RCLICK)
{
_this->HandleMenu();
break;
}
else if (nmhdr->code == LVN_KEYDOWN)
{
LPNMLVKEYDOWN nm = (LPNMLVKEYDOWN) lParam;
if (nm->wVKey == VK_DELETE)
{
_this->DeleteSelItems();
break;
}
}
default:
return FALSE;
}
return TRUE;
}
void DebugWindow::InitDialog(HWND hwnd)
{
hList = GetDlgItem(hwnd, IDC_LOG);
SetClassLong(hwnd, GCL_STYLE, GetClassLong(hwnd, GCL_STYLE) | CS_NOCLOSE);
MoveWindow(hwnd, 0, 0, 480, 200, TRUE);
SendMessage(hList, LVM_SETEXTENDEDLISTVIEWSTYLE,
0, LVS_EX_FULLROWSELECT);
LV_COLUMN col;
memset(&col, 0, sizeof(col));
col.mask = LVCF_TEXT | LVCF_SUBITEM | LVCF_WIDTH | LVCF_FMT;
col.cx = 20;
col.pszText = "Depth";
col.fmt = LVCFMT_RIGHT;
ListView_InsertColumn(hList, 0, &col);
col.cx = 60;
col.fmt = LVCFMT_LEFT;
col.pszText = "Thread";
ListView_InsertColumn(hList, 1, &col);
col.cx = 310;
col.pszText = "Info";
ListView_InsertColumn(hList, 2, &col);
col.cx = 60;
col.fmt = LVCFMT_RIGHT;
col.pszText = "Return";
ListView_InsertColumn(hList, 3, &col);
#define NUM_COLS 4
menu = LoadMenu(hInstance, MAKEINTRESOURCE(IDR_LOGMENU));
menu = GetSubMenu(menu, 0);
}
void DebugWindow::HandleMenu()
{
POINT p;
GetCursorPos(&p);
int res = TrackPopupMenu(menu, TPM_LEFTALIGN | TPM_LEFTBUTTON | TPM_RETURNCMD,
p.x, p.y, 0, hwnd, NULL);
switch (res)
{
case IDM_ENABLE:
apilog_enabled = !apilog_enabled;
CheckMenuItem(menu, IDM_ENABLE, apilog_enabled ? MF_CHECKED : MF_UNCHECKED);
break;
case IDM_TOFILE:
WriteToFile();
break;
case IDM_CLEAR:
//FIXME: when there is a lot of entries it takes very long to clear the list
//how to improve this?
ListView_DeleteAllItems(hList);
break;
case IDM_FILTER:
DialogBoxParam(hInstance, MAKEINTRESOURCE(IDD_DEBUGFILTER),
hwnd, FilterDlgProc, (LPARAM) this);
break;
}
}
void DebugWindow::DeleteSelItems()
{
if (ListView_GetSelectedCount(hList) == 0)
return;
for (int i = ListView_GetItemCount(hList) - 1 ; i >= 0 ; i--)
{
if (ListView_GetItemState(hList, i, LVIS_SELECTED))
ListView_DeleteItem(hList, i);
}
}
void DebugWindow::AppendLog(char* msg)
{
LV_ITEM item;
int idx;
HWND hList = GetDlgItem(hwnd, IDC_LOG);
char* p;
char* pch;
memset(&item, 0, sizeof(item));
pch = strtok_r(msg, "|", &p);
if (!pch)
return;
item.mask = LVIF_TEXT;
item.iItem = ListView_GetItemCount(hList);
item.iSubItem = 0;
item.pszText = pch;
idx = ListView_InsertItem(hList, &item);
while ((pch = strtok_r(NULL, "|", &p)) != NULL)
{
item.iSubItem++;
item.pszText = pch;
ListView_SetItem(hList, &item);
}
}
BOOL CALLBACK DebugWindow::FilterDlgProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam)
{
DebugWindow* _this = (DebugWindow*) GetWindowLong(hwnd, GWL_USERDATA);
int len1, len2;
char* buf;
char* pch;
char* p;
list<sstring>::const_iterator it;
switch (msg)
{
case WM_INITDIALOG:
_this = (DebugWindow*) lParam;
SetWindowLong(hwnd, GWL_USERDATA, lParam);
len1 = 0;
len2 = 0;
for (it = _this->includes.begin() ; it != _this->includes.end() ; it++)
len1 += it->length() + 1;
for (it = _this->excludes.begin() ; it != _this->excludes.end() ; it++)
len2 += it->length() + 1;
buf = (char*) alloca(max(len1, len2));
buf[0] = '\0';
for (it = _this->includes.begin() ; it != _this->includes.end() ; it++)
{
if (it != _this->includes.begin())
strcat(buf, ";");
strcat(buf, *it);
}
SetDlgItemText(hwnd, IDC_DFINCLUDE, buf);
buf[0] = '\0';
for (it = _this->excludes.begin() ; it != _this->excludes.end() ; it++)
{
if (it != _this->excludes.begin())
strcat(buf, ";");
strcat(buf, *it);
}
SetDlgItemText(hwnd, IDC_DFEXCLUDE, buf);
break;
case WM_COMMAND:
switch (LOWORD(wParam))
{
case IDCANCEL:
EndDialog(hwnd, 0);
break;
case IDOK:
len1 = GetWindowTextLength(GetDlgItem(hwnd, IDC_DFINCLUDE)) + 1;
len2 = GetWindowTextLength(GetDlgItem(hwnd, IDC_DFEXCLUDE)) + 1;
buf = (char*) alloca(max(len1, len2));
GetDlgItemText(hwnd, IDC_DFINCLUDE, buf, len1);
EnterCriticalSection(&_this->cs);
_this->includes.clear();
pch = strtok_r(buf, ";", &p);
if (pch)
{
_this->includes.push_back(pch);
while ((pch = strtok_r(NULL, ";", &p)) != NULL)
_this->includes.push_back(pch);
}
LeaveCriticalSection(&_this->cs);
GetDlgItemText(hwnd, IDC_DFEXCLUDE, buf, len2);
EnterCriticalSection(&_this->cs);
_this->excludes.clear();
pch = strtok_r(buf, ";", &p);
if (pch)
{
_this->excludes.push_back(pch);
while ((pch = strtok_r(NULL, ";", &p)) != NULL)
_this->excludes.push_back(pch);
}
LeaveCriticalSection(&_this->cs);
EndDialog(hwnd, 0);
break;
}
break;
case WM_CLOSE:
EndDialog(hwnd, 0);
break;
default:
return FALSE;
}
return TRUE;
}
void DebugWindow::WriteToFile()
{
char buf[DEBUGMSG_MAXLEN];
OPENFILENAME ofn;
int rows;
LV_COLUMN col;
char filename[MAX_PATH];
HANDLE hFile;
HMODULE hComDlg32;
BOOL (WINAPI* pGetSaveFileName)(OPENFILENAME*);
hComDlg32 = GetModuleHandle("COMDLG32.DLL");
if (!hComDlg32)
hComDlg32 = LoadLibrary("COMDLG32.DLL");
if (!hComDlg32)
return;
pGetSaveFileName = (BOOL (WINAPI*)(OPENFILENAME*))
GetProcAddress(hComDlg32, "GetSaveFileNameA");
if (!pGetSaveFileName)
return;
filename[0] = '\0';
memset(&ofn, 0, sizeof(ofn));
ofn.lStructSize = sizeof(ofn);
ofn.hwndOwner = hwnd;
ofn.hInstance = hInstance;
ofn.lpstrFilter = "Text file\0*.txt\0";
ofn.lpstrDefExt = ".txt";
ofn.lpstrFile = filename;
ofn.nMaxFile = sizeof(filename);
ofn.Flags = OFN_EXPLORER | OFN_PATHMUSTEXIST | OFN_HIDEREADONLY | OFN_OVERWRITEPROMPT;
if (!pGetSaveFileName(&ofn))
return;
hFile = CreateFile(filename, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
if (hFile == INVALID_HANDLE_VALUE)
return;
//write column headers
col.mask = LVCF_TEXT;
col.pszText = buf;
col.cchTextMax = sizeof(buf);
DWORD wlen;
for (int j = 0 ; j < NUM_COLS ; j++)
{
DWORD len;
ListView_GetColumn(hList, j, &col);
len = strlen(buf);
if (j) WriteFile(hFile, " ", 1, &wlen, NULL);
WriteFile(hFile, buf, len, &wlen, NULL);
}
WriteFile(hFile, "\r\n", 2, &wlen, NULL);
//write rows
rows = ListView_GetItemCount(hList);
for (int i = 0 ; i < rows ; i++)
{
for (int j = 0 ; j < NUM_COLS ; j++)
{
DWORD len; DWORD wlen;
ListView_GetItemText(hList, i, j, buf, sizeof(buf));
len = strlen(buf);
if (j == 1 || j == 2) WriteFile(hFile, " ", 1, &wlen, NULL);
else if (j == 3 && len) WriteFile(hFile, " = ", 3, &wlen, NULL);
WriteFile(hFile, buf, len, &wlen, NULL);
}
WriteFile(hFile, "\r\n", 2, &wlen, NULL);
}
CloseHandle(hFile);
MessageBox(hwnd, "File written successfully", "Information", MB_ICONINFORMATION | MB_OK);
}
DWORD WINAPI DebugWindow::thread(void* param)
{
MSG msg;
DebugWindow* _this = (DebugWindow*) param;
_this->hwnd = CreateDialogParam(hInstance, MAKEINTRESOURCE(IDD_DEBUG),
NULL, DebugDlgProc, (LPARAM) _this);
ShowWindow(_this->hwnd, SW_MINIMIZE);
while (GetMessage(&msg, NULL, 0, 0))
DispatchMessage(&msg);
return 0;
}
void DebugWindow::append(const char* str)
{
static char msg[DEBUGMSG_MAXLEN];
bool filter_out = true;
EnterCriticalSection(&cs);
//filter out based on includes and excludes
if (includes.size() != 0)
{
if (includes.size() == 1 && strcmp(includes.front(), "*") == 0)
filter_out = false;
else
{
list<sstring>::const_iterator it;
for (it = includes.begin() ; it != includes.end() ; it++)
if (strstr(str, *it))
{
filter_out = false;
break;
}
}
}
if (!filter_out)
{
list<sstring>::const_iterator it;
for (it = excludes.begin() ; it != excludes.end() ; it++)
if (strstr(str, *it))
{
filter_out = true;
break;
}
}
if (filter_out)
{
LeaveCriticalSection(&cs);
return;
}
strncpy(msg, str, sizeof(msg));
msg[sizeof(msg) - 1] = '\0';
SendMessage(hwnd, WM_KEXAPPENDLOG, 0, (LPARAM) msg);
LeaveCriticalSection(&cs);
SendMessage(hList, WM_VSCROLL, SB_BOTTOM, 0);
}
DebugWindow* DebugWindow::get()
{
if (instance->hwnd == (HWND) -1 || instance->hwnd == NULL)
{
delete instance;
instance = NULL;
}
return instance;
}
bool DebugWindow::create()
{
instance = new DebugWindow;
if (instance->hThread)
return true;
else
{
delete instance;
instance = NULL;
return false;
}
}
void DebugWindow::destroy()
{
if (instance)
delete instance;
instance = NULL;
}

64
core/DebugWindow.h
View File

@ -1,64 +0,0 @@
/*
* KernelEx
* Copyright (C) 2009, Xeno86
*
* This file is part of KernelEx source code.
*
* KernelEx is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published
* by the Free Software Foundation; version 2 of the License.
*
* KernelEx is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with GNU Make; see the file COPYING. If not, write to
* the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
*
*/
#ifndef __DEBUG_WINDOW_H
#define __DEBUG_WINDOW_H
#include "sstring.hpp"
#pragma warning(disable:4530) //we don't do exception handling
#include <list>
#pragma warning(default:4530)
using namespace std;
class DebugWindow
{
public:
static bool create();
static void destroy();
static DebugWindow* get();
void append(const char* str);
private:
DebugWindow();
~DebugWindow();
static DebugWindow* instance;
HWND hwnd;
HWND hList;
HANDLE hThread;
CRITICAL_SECTION cs;
HMENU menu;
list<sstring> includes;
list<sstring> excludes;
static BOOL CALLBACK DebugDlgProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam);
static BOOL CALLBACK FilterDlgProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam);
void InitDialog(HWND hwnd);
void HandleMenu();
void DeleteSelItems();
void AppendLog(char* msg);
void WriteToFile();
static DWORD WINAPI thread(void* param);
};
#endif

173
core/apihook.cpp Executable file
View File

@ -0,0 +1,173 @@
/*
* KernelEx
* Copyright (C) 2011, Xeno86
*
* This file is part of KernelEx source code.
*
* KernelEx is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published
* by the Free Software Foundation; version 2 of the License.
*
* KernelEx is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with GNU Make; see the file COPYING. If not, write to
* the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
*
*/
#ifdef _ENABLE_APIHOOK
#include "apihook.h"
#include "resolver.h"
#include "internals.h"
#include "ModInit.h"
#include "ProcessStorage.h"
#include "debug.h"
extern "C" int snprintf(char*, size_t, const char*, ...);
PROC apihook::prepare(BOOL is_static)
{
typedef int (*init_once_t)(void);
HMODULE hApiHookDll;
MODREF* mr;
PROC ah_reg;
init_once_t init_once;
DBGPRINTF(("Preparing API HOOK DLL"));
_EnterSysLevel(krnl32lock);
mr = MRLoadTree("kexApiHook.dll");
if (!mr)
{
char path[MAX_PATH];
FreeLibRemove();
get_default_dll_path(path, sizeof(path));
mr = MRLoadTree(path);
}
if (mr)
{
IMTE** pmteModTable = *ppmteModTable;
IMTE_KEX* imte = (IMTE_KEX*) pmteModTable[mr->mteIndex];
hApiHookDll = (HMODULE) imte->pNTHdr->OptionalHeader.ImageBase;
}
else
{
FreeLibRemove();
hApiHookDll = NULL;
}
_LeaveSysLevel(krnl32lock);
//this will also create heap for us if one isn't there
ModuleInitializer* mi = ModuleInitializer::get_instance(true);
if (hApiHookDll)
{
init_once = (init_once_t) GetProcAddress(hApiHookDll, "kexApiHook_initonce");
__try
{
if (!init_once || !init_once())
hApiHookDll = NULL;
}
__except (EXCEPTION_EXECUTE_HANDLER)
{
OutputDebugString("KernelEx: API HOOK DLL crashed during init");
hApiHookDll = NULL;
}
}
if (hApiHookDll && !is_static)
{
DBGPRINTF(("Explicitly initializing APIHOOK [PID=%08x]\n",
GetCurrentProcessId()));
if (FLoadTreeNotify(mr, FALSE))
{
FreeLibTree(mr);
hApiHookDll = NULL;
}
}
if (hApiHookDll)
ah_reg = GetProcAddress(hApiHookDll, "kexApiHook_register");
if (!hApiHookDll || !init_once || !ah_reg)
{
if (mr)
{
_EnterSysLevel(krnl32lock);
FreeLibTree(mr);
_LeaveSysLevel(krnl32lock);
}
return NULL;
}
mi->add_module(mr);
return ah_reg;
}
VOID apihook::get_default_dll_path(LPSTR buf, DWORD len)
{
HKEY key;
DWORD type;
LONG result;
DWORD len2 = len;
result = RegOpenKey(HKEY_LOCAL_MACHINE, "Software\\KernelEx", &key);
if (result == ERROR_SUCCESS)
{
result = RegQueryValueEx(key, "ApiHookPath", NULL, &type, (BYTE*)buf, &len2);
RegCloseKey(key);
}
if (result != ERROR_SUCCESS || type != REG_SZ)
{
snprintf(buf, len, "%s%s", (LPCSTR) kernelex_dir, "kexApiHook.dll");
}
}
PROC apihook::hook(BOOL is_static, LPCSTR caller, LPCSTR target, LPCSTR api, PROC orig)
{
typedef PROC (*apihook_register_t)(LPCSTR, LPCSTR, LPCSTR, PROC);
static const int psidx = ProcessStorage::allocate();
ProcessStorage* ps = ProcessStorage::get_instance();
apihook_register_t ah_reg = (apihook_register_t) ps->get(psidx);
if (!ah_reg)
{
//to avoid recursion in hook dll, disable the hook first
ps->set(psidx, (void*) -1);
ah_reg = (apihook_register_t) prepare(is_static);
if (!ah_reg)
{
OutputDebugString("KernelEx: Couldn't locate API HOOK DLL or DLL failed to init.");
ah_reg = (apihook_register_t)-1;
}
else
{
ps->set(psidx, (void*) ah_reg);
}
}
if ((int)ah_reg == -1)
{
//failed once - so run normally as promised
return orig;
}
__try
{
return ah_reg(caller, target, api, orig);
}
__except (EXCEPTION_EXECUTE_HANDLER)
{
OutputDebugString("KernelEx: API HOOK DLL crashed. Destroying process");
return NULL;
}
}
#endif

40
core/apihook.h Executable file
View File

@ -0,0 +1,40 @@
/*
* KernelEx
* Copyright (C) 2011, Xeno86
*
* This file is part of KernelEx source code.
*
* KernelEx is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published
* by the Free Software Foundation; version 2 of the License.
*
* KernelEx is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with GNU Make; see the file COPYING. If not, write to
* the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
*
*/
#ifndef __APIHOOK_H
#define __APIHOOK_H
#ifdef _ENABLE_APIHOOK
#include <windows.h>
class apihook
{
protected:
static PROC prepare(BOOL is_static);
static VOID get_default_dll_path(LPSTR buf, DWORD len);
public:
static PROC hook(BOOL is_static, LPCSTR caller, LPCSTR target, LPCSTR api, PROC orig);
};
#endif /* _ENABLE_APIHOOK */
#endif

187
core/apilog.cpp
View File

@ -1,187 +0,0 @@
/*
* KernelEx
* Copyright (C) 2009, Xeno86
*
* This file is part of KernelEx source code.
*
* KernelEx is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published
* by the Free Software Foundation; version 2 of the License.
*
* KernelEx is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with GNU Make; see the file COPYING. If not, write to
* the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
*
*/
#include <new>
#include <windows.h>
#include "apilog.h"
#include "debug.h"
#include "internals.h"
#include "DebugWindow.h"
#include "ProcessStorage.h"
#define APILOG_TLS_INDEX 78
static int apilog_ps_index = -1;
bool apilog_enabled = true;
void* tls_creator()
{
for (int i = 0 ; i < APILOG_TLS_INDEX+1 ; i++)
TlsAlloc();
for (int i = 0 ; i < APILOG_TLS_INDEX ; i++)
TlsFree(i);
return (void*) APILOG_TLS_INDEX;
}
void get_process_debug_tls()
{
ProcessStorage* ps = ProcessStorage::get_instance();
if (apilog_ps_index == -1)
apilog_ps_index = ps->allocate();
if (APILOG_TLS_INDEX != (DWORD) ps->get(apilog_ps_index))
{
ps->set(apilog_ps_index, tls_creator());
}
}
extern "C"
int snprintf(char *buffer, size_t n, const char* format, ...);
ThreadAddrStack::ThreadAddrStack()
{
pos = 0;
}
void __stdcall ThreadAddrStack::push_ret_addr(DWORD addr)
{
ThreadAddrStack* tas = (ThreadAddrStack*) TlsGetValue(APILOG_TLS_INDEX);
if (!tas)
{
void* mem = HeapAlloc(_GetProcessHeap(), 0, sizeof(ThreadAddrStack));
tas = new (mem) ThreadAddrStack;
TlsSetValue(APILOG_TLS_INDEX, mem);
}
tas->stack[tas->pos++] = addr;
DBGASSERT(tas->pos < countof(tas->stack));
}
DWORD __stdcall ThreadAddrStack::pop_ret_addr()
{
ThreadAddrStack* tas = (ThreadAddrStack*) TlsGetValue(APILOG_TLS_INDEX);
DBGASSERT(tas->pos > 0);
return tas->stack[--tas->pos];
}
DWORD __stdcall ThreadAddrStack::get_level()
{
ThreadAddrStack* tas = (ThreadAddrStack*) TlsGetValue(APILOG_TLS_INDEX);
return tas->pos;
}
log_stub::log_stub(const char* source, const char* target, const char* name,
unsigned long proc)
: call_prelog(DWORD(pre_log)), call_postlog(DWORD(post_log)),
call_orig(proc)
{
c_pushad1 = c_pushad2 = 0x60;
c_popad1 = c_popad2 = 0x61;
c_ret = 0xc3;
c_push1 = c_push2 = 0x68;
v_lgd1 = &lgd;
v_lgd2 = &lgd;
c_push_eax = 0x50;
c_add_esp = 0xc483;
c_sub_esp = 0xec83;
c_byte_4 = c_byte_4_1 = 4;
lgd.source = source;
lgd.target = target;
lgd.api_name = name;
}
void __stdcall log_stub::pre_log(log_data* lgd)
{
DWORD last_err;
DWORD caller_addr;
caller_addr = *((DWORD*) &lgd + 9);
last_err = GetLastError();
ThreadAddrStack::push_ret_addr(caller_addr);
DebugWindow* dw = DebugWindow::get();
if (dw && apilog_enabled)
{
DWORD level;
char msg[DEBUGMSG_MAXLEN];
level = ThreadAddrStack::get_level();
snprintf(msg, sizeof(msg), "%-2d|%x|%*s[%s]%08x:<%s>%s",
level,
GetCurrentThreadId(),
(level-1) * 2, "",
lgd->source, caller_addr,
lgd->target, lgd->api_name);
dw->append(msg);
}
SetLastError(last_err);
}
void __stdcall log_stub::post_log(log_data* lgd, DWORD retval)
{
DWORD last_err;
DWORD& caller_addr = *((DWORD*) &retval + 9);
last_err = GetLastError();
caller_addr = ThreadAddrStack::pop_ret_addr();
DebugWindow* dw = DebugWindow::get();
if (dw && apilog_enabled)
{
DWORD level;
char msg[DEBUGMSG_MAXLEN];
level = ThreadAddrStack::get_level();
snprintf(msg, sizeof(msg), "%-2d|%x|%*s[%s]%08x:<%s>%s|%x",
level,
GetCurrentThreadId(),
(level-1) * 2, "",
lgd->source, caller_addr,
lgd->target, lgd->api_name,
retval);
dw->append(msg);
}
SetLastError(last_err);
}
PROC create_log_stub(const char* caller, const char* target, const char* api, PROC orig)
{
char* new_api = (char*) HeapAlloc(_GetProcessHeap(), 0, strlen(api) + 1);
strcpy(new_api, api);
get_process_debug_tls();
void* mem = HeapAlloc(_GetProcessHeap(), 0, sizeof(log_stub));
return (PROC) new (mem) log_stub(caller,
target, new_api, (unsigned long) orig);
}
PROC create_log_stub(const char* caller, const char* target, WORD ord, PROC orig)
{
char ord_name[16];
snprintf(ord_name, sizeof(ord_name), "Ordinal:%d", ord);
return create_log_stub(caller, target, ord_name, orig);
}

107
core/apilog.h
View File

@ -1,107 +0,0 @@
/*
* KernelEx
* Copyright (C) 2009, Xeno86
*
* This file is part of KernelEx source code.
*
* KernelEx is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published
* by the Free Software Foundation; version 2 of the License.
*
* KernelEx is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with GNU Make; see the file COPYING. If not, write to
* the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
*
*/
#ifndef __APILOG_H
#define __APILOG_H
#include "resolver.h"
class ThreadAddrStack
{
public:
ThreadAddrStack();
static void __stdcall push_ret_addr(DWORD addr);
static DWORD __stdcall pop_ret_addr();
static DWORD __stdcall get_level();
private:
int pos;
DWORD stack[1023];
};
#pragma pack(push,1)
/* Creates a stub for api logging. */
class log_stub
{
public:
log_stub(const char* source, const char* target, const char* name,
unsigned long proc);
private:
struct log_data
{
const char* source;
const char* target;
const char* api_name;
};
static void __stdcall pre_log(log_data* lgd);
static void __stdcall post_log(log_data* lgd, DWORD retval);
/*
pushad
push lgd
call pre_log@4
popad
add esp, 4
call orig
sub esp, 4
pushad
push eax
push lgd
call post_log@8
popad
ret
*/
BYTE c_pushad1;
BYTE c_push1;
log_data* v_lgd1;
redir_stub call_prelog;
BYTE c_popad1;
WORD c_add_esp;
BYTE c_byte_4;
redir_stub call_orig;
WORD c_sub_esp;
BYTE c_byte_4_1;
BYTE c_pushad2;
BYTE c_push_eax;
BYTE c_push2;
log_data* v_lgd2;
redir_stub call_postlog;
BYTE c_popad2;
BYTE c_ret;
log_data lgd;
};
#pragma pack(pop)
PROC create_log_stub(const char* caller, const char* target, const char* api, PROC orig);
PROC create_log_stub(const char* caller, const char* target, WORD ord, PROC orig);
#endif

150
core/core.dsp
View File

@ -19,6 +19,7 @@ CFG=Core - Win32 Debug
!MESSAGE
!MESSAGE "Core - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library")
!MESSAGE "Core - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library")
!MESSAGE "Core - Win32 Release APIHOOK" (based on "Win32 (x86) Dynamic-Link Library")
!MESSAGE
# Begin Project
@ -83,12 +84,42 @@ LINK32=link.exe
# ADD LINK32 kernel32.lib user32.lib gdi32.lib advapi32.lib comctl32.lib ..\kexcrt\kexcrt.lib libc.lib /nologo /entry:"PreDllMain@12" /dll /incremental:no /map /debug /machine:I386 /nodefaultlib /out:"Debug/KernelEx.dll" /implib:"../common/KernelEx.lib" /ignore:4092 /OPT:NOWIN98
# SUBTRACT LINK32 /pdb:none
!ELSEIF "$(CFG)" == "Core - Win32 Release APIHOOK"
# PROP BASE Use_MFC 0
# PROP BASE Use_Debug_Libraries 0
# PROP BASE Output_Dir "Release_APIHOOK"
# PROP BASE Intermediate_Dir "Release_APIHOOK"
# PROP BASE Ignore_Export_Lib 0
# PROP BASE Target_Dir ""
# PROP Use_MFC 0
# PROP Use_Debug_Libraries 0
# PROP Output_Dir "Release_APIHOOK"
# PROP Intermediate_Dir "Release_APIHOOK"
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /O2 /I "." /I "../common" /FI"msvc_quirks.h" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "KEXCORE_EXPORTS" /YX /FD /GF /c
# ADD CPP /nologo /W3 /O2 /I "." /I "../common" /FI"msvc_quirks.h" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "KEXCORE_EXPORTS" /D "_ENABLE_APIHOOK" /YX /FD /GF /c
# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /win32
# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32
# ADD BASE RSC /l 0x415 /i "../common" /d "NDEBUG"
# ADD RSC /l 0x415 /i "../common" /d "NDEBUG"
BSC32=bscmake.exe
# ADD BASE BSC32 /nologo
# ADD BSC32 /nologo
LINK32=link.exe
# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib advapi32.lib comctl32.lib ..\kexcrt\kexcrt.lib libc.lib /nologo /entry:"PreDllMain@12" /dll /map /machine:I386 /nodefaultlib /out:"Release_APIHOOK/KernelEx.dll" /implib:"../common/KernelEx.lib" /ignore:4092 /OPT:NOWIN98
# SUBTRACT BASE LINK32 /pdb:none
# ADD LINK32 kernel32.lib user32.lib gdi32.lib advapi32.lib comctl32.lib ..\kexcrt\kexcrt.lib libc.lib /nologo /entry:"PreDllMain@12" /dll /map /machine:I386 /nodefaultlib /out:"Release_APIHOOK/KernelEx.dll" /implib:"../common/KernelEx.lib" /ignore:4092 /OPT:NOWIN98
# SUBTRACT LINK32 /pdb:none
!ENDIF
# Begin Target
# Name "Core - Win32 Release"
# Name "Core - Win32 Debug"
# Name "Core - Win32 Release APIHOOK"
# Begin Group "Source Files"
# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
@ -102,20 +133,11 @@ SOURCE=.\apiconfmgr.cpp
# End Source File
# Begin Source File
SOURCE=.\apilib.cpp
SOURCE=.\apihook.cpp
# End Source File
# Begin Source File
SOURCE=.\apilog.cpp
!IF "$(CFG)" == "Core - Win32 Release"
# PROP Exclude_From_Build 1
!ELSEIF "$(CFG)" == "Core - Win32 Debug"
!ENDIF
SOURCE=.\apilib.cpp
# End Source File
# Begin Source File
@ -129,11 +151,21 @@ WkspDir=.
InputPath=.\core.def
"$(OutDir)\k32ord.lib" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"
cl /nologo /c /TC /DK32ORD_IMPLIB /Fo$(OutDir)\k32ord.obj "$(WkspDir)\common\k32ord.h"
link /DLL /NOENTRY /NOLOGO /IGNORE:4070 /MACHINE:IX86 /DEF:"$(WkspDir)\common\k32ord.def" /OUT:$(OutDir)\k32ord.dll /IMPLIB:$(OutDir)\k32ord.lib $(OutDir)\k32ord.obj
del $(OutDir)\k32ord.exp
del $(OutDir)\k32ord.obj
del $(OutDir)\k32ord.dll
echo /nologo /c /TC /DK32ORD_IMPLIB >"%TEMP%\resp1455.tmp"
echo /Fo"$(OutDir)\k32ord.obj" >>"%TEMP%\resp1455.tmp"
echo "$(WkspDir)\common\k32ord.h" >>"%TEMP%\resp1455.tmp"
cl @"%TEMP%\resp1455.tmp"
del "%TEMP%\resp1455.tmp" >NUL
echo /DLL /NOENTRY /NOLOGO /IGNORE:4070 /MACHINE:IX86 >"%TEMP%\resp1456.tmp"
echo /DEF:"$(WkspDir)\common\k32ord.def" >>"%TEMP%\resp1456.tmp"
echo /OUT:"$(OutDir)\k32ord.dll" >>"%TEMP%\resp1456.tmp"
echo /IMPLIB:"$(OutDir)\k32ord.lib" >>"%TEMP%\resp1456.tmp"
echo "$(OutDir)\k32ord.obj" >>"%TEMP%\resp1456.tmp"
link @"%TEMP%\resp1456.tmp"
del "%TEMP%\resp1456.tmp" >NUL
del "$(OutDir)\k32ord.exp" >NUL
del "$(OutDir)\k32ord.obj" >NUL
del "$(OutDir)\k32ord.dll" >NUL
# End Custom Build
@ -145,11 +177,47 @@ WkspDir=.
InputPath=.\core.def
"$(OutDir)\k32ord.lib" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"
cl /nologo /c /TC /DK32ORD_IMPLIB /Fo$(OutDir)\k32ord.obj "$(WkspDir)\common\k32ord.h"
link /DLL /NOENTRY /NOLOGO /IGNORE:4070 /MACHINE:IX86 /DEF:"$(WkspDir)\common\k32ord.def" /OUT:$(OutDir)\k32ord.dll /IMPLIB:$(OutDir)\k32ord.lib $(OutDir)\k32ord.obj
del $(OutDir)\k32ord.exp
del $(OutDir)\k32ord.obj
del $(OutDir)\k32ord.dll
echo /nologo /c /TC /DK32ORD_IMPLIB >"%TEMP%\resp1455.tmp"
echo /Fo"$(OutDir)\k32ord.obj" >>"%TEMP%\resp1455.tmp"
echo "$(WkspDir)\common\k32ord.h" >>"%TEMP%\resp1455.tmp"
cl @"%TEMP%\resp1455.tmp"
del "%TEMP%\resp1455.tmp" >NUL
echo /DLL /NOENTRY /NOLOGO /IGNORE:4070 /MACHINE:IX86 >"%TEMP%\resp1456.tmp"
echo /DEF:"$(WkspDir)\common\k32ord.def" >>"%TEMP%\resp1456.tmp"
echo /OUT:"$(OutDir)\k32ord.dll" >>"%TEMP%\resp1456.tmp"
echo /IMPLIB:"$(OutDir)\k32ord.lib" >>"%TEMP%\resp1456.tmp"
echo "$(OutDir)\k32ord.obj" >>"%TEMP%\resp1456.tmp"
link @"%TEMP%\resp1456.tmp"
del "%TEMP%\resp1456.tmp" >NUL
del "$(OutDir)\k32ord.exp" >NUL
del "$(OutDir)\k32ord.obj" >NUL
del "$(OutDir)\k32ord.dll" >NUL
# End Custom Build
!ELSEIF "$(CFG)" == "Core - Win32 Release APIHOOK"
# Begin Custom Build
OutDir=.\Release_APIHOOK
WkspDir=.
InputPath=.\core.def
"$(OutDir)\k32ord.lib" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"
echo /nologo /c /TC /DK32ORD_IMPLIB >"%TEMP%\resp1455.tmp"
echo /Fo"$(OutDir)\k32ord.obj" >>"%TEMP%\resp1455.tmp"
echo "$(WkspDir)\common\k32ord.h" >>"%TEMP%\resp1455.tmp"
cl @"%TEMP%\resp1455.tmp"
del "%TEMP%\resp1455.tmp" >NUL
echo /DLL /NOENTRY /NOLOGO /IGNORE:4070 /MACHINE:IX86 >"%TEMP%\resp1456.tmp"
echo /DEF:"$(WkspDir)\common\k32ord.def" >>"%TEMP%\resp1456.tmp"
echo /OUT:"$(OutDir)\k32ord.dll" >>"%TEMP%\resp1456.tmp"
echo /IMPLIB:"$(OutDir)\k32ord.lib" >>"%TEMP%\resp1456.tmp"
echo "$(OutDir)\k32ord.obj" >>"%TEMP%\resp1456.tmp"
link @"%TEMP%\resp1456.tmp"
del "%TEMP%\resp1456.tmp" >NUL
del "$(OutDir)\k32ord.exp" >NUL
del "$(OutDir)\k32ord.obj" >NUL
del "$(OutDir)\k32ord.dll" >NUL
# End Custom Build
@ -166,6 +234,11 @@ SOURCE=.\debug.cpp
!ELSEIF "$(CFG)" == "Core - Win32 Debug"
!ELSEIF "$(CFG)" == "Core - Win32 Release APIHOOK"
# PROP BASE Exclude_From_Build 1
# PROP Exclude_From_Build 1
!ENDIF
# End Source File
@ -179,19 +252,11 @@ SOURCE=.\debugproto.cpp
!ELSEIF "$(CFG)" == "Core - Win32 Debug"
!ENDIF
# End Source File
# Begin Source File
SOURCE=.\DebugWindow.cpp
!IF "$(CFG)" == "Core - Win32 Release"
!ELSEIF "$(CFG)" == "Core - Win32 Release APIHOOK"
# PROP BASE Exclude_From_Build 1
# PROP Exclude_From_Build 1
!ELSEIF "$(CFG)" == "Core - Win32 Debug"
!ENDIF
# End Source File
@ -253,11 +318,11 @@ SOURCE=.\apiconfmgr.h
# End Source File
# Begin Source File
SOURCE=.\apilib.h
SOURCE=.\apihook.h
# End Source File
# Begin Source File
SOURCE=.\apilog.h
SOURCE=.\apilib.h
# End Source File
# Begin Source File
@ -269,10 +334,6 @@ SOURCE=.\debugproto.h
# End Source File
# Begin Source File
SOURCE=.\DebugWindow.h
# End Source File
# Begin Source File
SOURCE=.\internals.h
# End Source File
# Begin Source File
@ -282,7 +343,22 @@ SOURCE=..\common\is_sorted.hpp
# Begin Source File
SOURCE=..\common\k32ord.def
!IF "$(CFG)" == "Core - Win32 Release"
# PROP Exclude_From_Build 1
!ELSEIF "$(CFG)" == "Core - Win32 Debug"
# PROP Exclude_From_Build 1
!ELSEIF "$(CFG)" == "Core - Win32 Release APIHOOK"
# PROP BASE Exclude_From_Build 1
# PROP Exclude_From_Build 1
!ENDIF
# End Source File
# Begin Source File

15
core/kexcoresdk.cpp
View File

@ -35,13 +35,16 @@ unsigned long kexGetKEXVersion()
return VERSION_CODE;
}
int kexIsDebugCore()
DWORD kexGetCoreCaps()
{
DWORD caps = 0;
#ifdef _DEBUG
return 1;
#else
return 0;
caps |= KCC_DEBUG;
#endif
#ifdef _ENABLE_APIHOOK
caps |= KCC_APIHOOK;
#endif
return caps;
}
void kexDebugPrint(const char* format, ...)
@ -91,7 +94,7 @@ void kexGetModuleSettings(const char* module,
DWORD flags = 0;
if (as.flags & LDR_KEX_DISABLE) flags |= KRF_KEX_DISABLE;
if (as.flags & LDR_OVERRIDE_PROC_MOD) flags |= KRF_OVERRIDE_PROC_MOD;
if (as.flags & LDR_LOG_APIS) flags |= KRF_LOG_APIS;
if (as.flags & LDR_HOOK_APIS) flags |= KRF_HOOK_APIS;
if (as.flags & LDR_NO_INHERIT) flags |= KRF_NO_INHERIT;
if (as.flags & LDR_VALID_FLAG) flags |= KRF_VALID_FLAG;
*mod_flags = flags;
@ -103,7 +106,7 @@ void kexSetModuleSettings(const char* module,
BYTE flags = 0;
if (mod_flags & KRF_KEX_DISABLE) flags |= LDR_KEX_DISABLE;
if (mod_flags & KRF_OVERRIDE_PROC_MOD) flags |= LDR_OVERRIDE_PROC_MOD;
if (mod_flags & KRF_LOG_APIS) flags |= LDR_LOG_APIS;
if (mod_flags & KRF_HOOK_APIS) flags |= LDR_HOOK_APIS;
if (mod_flags & KRF_NO_INHERIT) flags |= LDR_NO_INHERIT;
SettingsDB::instance.write_single(module, conf_name, flags);
}

8
core/main.cpp
View File

@ -25,7 +25,6 @@
#include "debug.h"
#include "apiconfmgr.h"
#include "internals.h"
#include "DebugWindow.h"
extern int internals_init();
extern void internals_uninit();
@ -61,10 +60,6 @@ int kexInit()
resolver_hook();
#ifdef _DEBUG
DebugWindow::create();
#endif
DBGPRINTF(("Initialized successfully\n"));
return ++init_count;
@ -91,9 +86,6 @@ int kexUninit()
DBGPRINTF(("Uninitializing\n"));
resolver_unhook();
resolver_uninit();
#ifdef _DEBUG
DebugWindow::destroy();
#endif
internals_uninit();
return --init_count;
}

40
core/resolver.cpp
View File

@ -1,6 +1,6 @@
/*
* KernelEx
* Copyright (C) 2008-2009, Xeno86
* Copyright (C) 2008-2011, Xeno86
*
* This file is part of KernelEx source code.
*
@ -30,9 +30,7 @@
#include "thunks.h"
#include "SettingsDB.h"
#include "ModInit.h"
#ifdef _DEBUG
#include "apilog.h"
#endif
#include "apihook.h"
using namespace std;
@ -90,8 +88,9 @@ static bool get_config(MODREF* moduleMR, config_params& cp)
if ((parent.as.flags & LDR_VALID_FLAG) && !(parent.as.flags & LDR_NO_INHERIT))
{
process.as = parent.as;
#ifdef _DEBUG //don't inherit log flag
process.as.flags &= ~LDR_LOG_APIS;
#ifdef _ENABLE_APIHOOK
//don't inherit hook flag
process.as.flags &= ~LDR_HOOK_APIS;
#endif
}
}
@ -133,9 +132,10 @@ static bool get_config(MODREF* moduleMR, config_params& cp)
if (module.as.flags & LDR_VALID_FLAG)
{
#ifdef _DEBUG //copy log flag from process to module
if (process.as.flags & LDR_LOG_APIS)
module.as.flags |= LDR_LOG_APIS;
#ifdef _ENABLE_APIHOOK
//copy hook flag from process to module
if (process.as.flags & LDR_HOOK_APIS)
module.as.flags |= LDR_HOOK_APIS;
#endif
goto __end;
}
@ -150,8 +150,8 @@ __end:
DBGASSERT(module.as.conf != NULL);
cp.apiconf = module.as.conf;
#ifdef _DEBUG
cp.log_apis = (module.as.flags & LDR_LOG_APIS) != 0;
#ifdef _ENABLE_APIHOOK
cp.hook_apis = (module.as.flags & LDR_HOOK_APIS) != 0;
#endif
return true;
}
@ -513,13 +513,16 @@ PROC WINAPI ExportFromOrdinal(IMTE_KEX* target, MODREF* caller, BOOL is_static,
target->pNTHdr, caller, is_static);
else
ret = OriExportFromOrdinal(target->pNTHdr, ordinal);
#ifdef _DEBUG
if (ret && cp.log_apis)
#ifdef _ENABLE_APIHOOK
if (cp.hook_apis)
{
IMTE* icaller = (*ppmteModTable)[caller->mteIndex];
if (DWORD(ret) < target->pNTHdr->OptionalHeader.ImageBase
+ target->pNTHdr->OptionalHeader.BaseOfData)
ret = create_log_stub(icaller->pszModName, target->pszModName, ordinal, ret);
{
ret = apihook::hook(is_static, icaller->pszFileName,
target->pszFileName, (LPSTR) ordinal, ret);
}
}
#endif
}
@ -568,13 +571,16 @@ PROC WINAPI ExportFromName(IMTE_KEX* target, MODREF* caller, BOOL is_static, WOR
target->pNTHdr, caller, is_static);
else
ret = OriExportFromName(target->pNTHdr, hint, name);
#ifdef _DEBUG
if (ret && cp.log_apis)
#ifdef _ENABLE_APIHOOK
if (cp.hook_apis)
{
IMTE* icaller = (*ppmteModTable)[caller->mteIndex];
if (DWORD(ret) < target->pNTHdr->OptionalHeader.ImageBase
+ target->pNTHdr->OptionalHeader.BaseOfData)
ret = create_log_stub(icaller->pszModName, target->pszModName, name, ret);
{
ret = apihook::hook(is_static, icaller->pszFileName,
target->pszFileName, name, ret);
}
}
#endif
}

11
core/resolver.h
View File

@ -1,6 +1,6 @@
/*
* KernelEx
* Copyright (C) 2008-2009, Xeno86
* Copyright (C) 2008-2011, Xeno86
*
* This file is part of KernelEx source code.
*
@ -28,8 +28,7 @@
/***** loader flags *****/
#define LDR_KEX_DISABLE 1 /* disable KernelEx API extensions for this module */
#define LDR_OVERRIDE_PROC_MOD 2 /* use same configuration and flags for all modules in a process */
#define LDR_LOG_APIS 4 /* enable API tracing */
#define LDR_FILTER_APIS 8 /* allow to control single APIs - enable, disable, switch */
#define LDR_HOOK_APIS 8 /* enable API tracing */
#define LDR_NO_INHERIT 16 /* don't inherit configuration and flags to child processes */
#define LDR_VALID_FLAG 128 /* denotes that flags field is valid */
@ -67,7 +66,7 @@ public:
redir_stub(unsigned long target, bool make_call = true)
{
op = make_call ? 0xe8 : 0xe9;
addr = target - (unsigned long(this) + 5);
addr = target - ((unsigned long)(this) + 5);
}
private:
@ -78,8 +77,8 @@ private:
struct config_params
{
ApiConfiguration* apiconf;
#ifdef _DEBUG
bool log_apis;
#ifdef _ENABLE_APIHOOK
bool hook_apis;
#endif
};

16
core/resource.h
View File

@ -5,24 +5,14 @@
#define IDS_NOTREADY 1
#define IDS_STUBMISMATCH 2
#define IDS_OLDVER 3
#define IDD_DEBUG 101
#define IDR_LOGMENU 102
#define IDD_DEBUGFILTER 103
#define IDC_LOG 1003
#define IDC_DFINCLUDE 1004
#define IDC_DFEXCLUDE 1005
#define IDM_TOFILE 40001
#define IDM_CLEAR 40002
#define IDM_FILTER 40003
#define IDM_ENABLE 40004
// Next default values for new objects
//
#ifdef APSTUDIO_INVOKED
#ifndef APSTUDIO_READONLY_SYMBOLS
#define _APS_NEXT_RESOURCE_VALUE 104
#define _APS_NEXT_COMMAND_VALUE 40005
#define _APS_NEXT_CONTROL_VALUE 1006
#define _APS_NEXT_RESOURCE_VALUE 101
#define _APS_NEXT_COMMAND_VALUE 40001
#define _APS_NEXT_CONTROL_VALUE 1001
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif