Skip to content

Commit

Permalink
2.0.3
Browse files Browse the repository at this point in the history 
203 release
  • Loading branch information
@hfiref0x
hfiref0x committed Jul 31, 2023
1 parent a5f6bc3 commit 0d43b13
Show file tree
Hide file tree
Showing 8 changed files with 132 additions and 75 deletions.
Binary file modified Compiled/WinObjEx64.chm
View file
Binary file not shown.
Binary file modified Compiled/WinObjEx64.exe
View file
Binary file not shown.
Binary file modified Source/WinObjEx64/Resource.rc
View file
Binary file not shown.
86 changes: 53 additions & 33 deletions Source/WinObjEx64/extras/extrasSSDT.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
*
* VERSION: 2.03
*
* DATE: 22 Jul 2023
* DATE: 28 Jul 2023
*
* THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
* ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED
Expand Down Expand Up @@ -182,16 +182,16 @@ BOOL SdtListCreateTable(
VOID
)
{
BOOL bResult = FALSE;
ULONG EntrySize = 0;
SIZE_T memIO;
PUTable TableDump = NULL;
PBYTE Module = NULL;
BOOL bResult = FALSE;
ULONG EntrySize = 0;
SIZE_T memIO;
PUTable TableDump = NULL;
PBYTE Module = NULL;
PIMAGE_EXPORT_DIRECTORY ExportDirectory = NULL;
PDWORD ExportNames, ExportFunctions;
PWORD NameOrdinals;
PDWORD ExportNames, ExportFunctions;
PWORD NameOrdinals;

PSDT_TABLE_ENTRY ServiceEntry;
PSDT_TABLE_ENTRY ServiceEntry;

CHAR* ServiceName;
CHAR* FunctionAddress;
Expand Down Expand Up @@ -367,25 +367,41 @@ VOID SdtListReportEvent(
}

/*
* SdtListReportFunctionResolveError
* SdtListErrorProcedureNotFound
*
* Purpose:
*
* Report function name resolve error.
*
*/
VOID SdtListReportFunctionResolveError(
_In_ LPCSTR FunctionName
VOID SdtListErrorProcedureNotFound(
_In_ LPCSTR FunctionName,
_In_ PCUNICODE_STRING ModuleName
)
{
WCHAR szErrorBuffer[512];
PWCHAR pszErrorMsg;
WCHAR szFunctionName[MAX_PATH];
SIZE_T sz;

sz = MAX_PATH +
(_strlen_a(FunctionName) * sizeof(WCHAR)) +
ModuleName->MaximumLength;

pszErrorMsg = (PWCHAR)supHeapAlloc(sz);
if (pszErrorMsg) {

RtlSecureZeroMemory(szErrorBuffer, sizeof(szErrorBuffer));
szFunctionName[0] = 0;
MultiByteToWideChar(CP_ACP, 0, FunctionName, -1, szFunctionName, MAX_PATH);

_strcpy(szErrorBuffer, TEXT("could not resolve function "));
MultiByteToWideChar(CP_ACP, 0, FunctionName, -1, _strend(szErrorBuffer), MAX_PATH);
_strcat(szErrorBuffer, TEXT(" address"));
SdtListReportEvent(EntryTypeError, __FUNCTIONW__, szErrorBuffer);
RtlStringCchPrintfSecure(pszErrorMsg, sz / sizeof(WCHAR),
L"the entry point for %ws was not found in module %wZ",
szFunctionName,
ModuleName);

SdtListReportEvent(EntryTypeError, __FUNCTIONW__, pszErrorMsg);

supHeapFree(pszErrorMsg);
}
}

/*
Expand All @@ -405,7 +421,7 @@ VOID SdtListReportResolveModuleError(
{
WCHAR szErrorBuffer[512];

RtlSecureZeroMemory(szErrorBuffer, sizeof(szErrorBuffer));
szErrorBuffer[0] = 0;

//
// Most of this errors are not critical and ok.
Expand All @@ -421,26 +437,26 @@ VOID SdtListReportResolveModuleError(
//
// Corresponding apiset not found.
//
_strcpy(szErrorBuffer, TEXT("not an apiset adapter for "));
_strcpy(szErrorBuffer, TEXT("not an ApiSet adapter for "));
MultiByteToWideChar(CP_ACP, 0, Table->Name, -1, _strend(szErrorBuffer), MAX_PATH);
break;

case STATUS_APISET_NOT_PRESENT:
//
// ApiSet extension present but empty.
//
_strcpy(szErrorBuffer, TEXT("extension contains a host for a non-existent apiset "));
_strcpy(szErrorBuffer, TEXT("ApiSet host is empty for "));
MultiByteToWideChar(CP_ACP, 0, Table->Name, -1, _strend(szErrorBuffer), MAX_PATH);
break;

case STATUS_PROCEDURE_NOT_FOUND:
//
// Not a critical issue. This mean we cannot pass this service next to forwarder lookup code.
//
_strcpy(szErrorBuffer, TEXT("could not resolve function name in module for service id "));
ultostr(Table->Index, _strend(szErrorBuffer));
_strcat(szErrorBuffer, TEXT(", service name "));
_strcpy(szErrorBuffer, TEXT("could not resolve function name in module for "));
MultiByteToWideChar(CP_ACP, 0, Table->Name, -1, _strend(szErrorBuffer), MAX_PATH);
_strcat(szErrorBuffer, TEXT(", service id "));
ultostr(Table->Index, _strend(szErrorBuffer));
break;

case STATUS_DLL_NOT_FOUND:
Expand All @@ -454,7 +470,8 @@ VOID SdtListReportResolveModuleError(

case STATUS_ILLEGAL_FUNCTION:

_strcpy(szErrorBuffer, TEXT("does not look like a import thunk"));
MultiByteToWideChar(CP_ACP, 0, Table->Name, -1, szErrorBuffer, MAX_PATH);
_strcpy(szErrorBuffer, TEXT(" code does not look like a import thunk"));
break;

default:
Expand Down Expand Up @@ -610,11 +627,8 @@ BOOL SdtListCreateTableShadow(
else if (sdtFn.ExportOrdinal)
lpFunctionName = MAKEINTRESOURCEA(sdtFn.ExportOrdinal);

if (!NT_SUCCESS(NtRawGetProcAddress(sdtModule.ImageBase, lpFunctionName, &resolveInfo))) {
//
// Log error.
//
SdtListReportFunctionResolveError(lpFunctionName);
if (!NT_SUCCESS(NtRawGetProcAddress(sdtModule.ImageBase, lpFunctionName, &resolveInfo))) {
SdtListErrorProcedureNotFound(lpFunctionName, &sdtModule.Name);
break;
}

Expand All @@ -626,7 +640,7 @@ BOOL SdtListCreateTableShadow(
lpForwarderDot = _strchr_a(resolveInfo.ForwarderName, '.');
lpForwarderFunctionName = lpForwarderDot + 1;
if (lpForwarderFunctionName) {

//
// Build forwarder module name.
//
Expand Down Expand Up @@ -665,7 +679,7 @@ BOOL SdtListCreateTableShadow(
//
SdtListReportEvent(EntryTypeError, __FUNCTIONW__, TEXT("could not load forwarded module"));
}

}

}
Expand Down Expand Up @@ -751,7 +765,13 @@ BOOL SdtListCreateTableShadow(

}

} // if (W32pServiceTable.Allocated == FALSE)
}
else {
//
// Table already allocated.
//
*Status = 0;
}

bResult = W32pServiceTable.Allocated;

Expand Down
91 changes: 64 additions & 27 deletions Source/WinObjEx64/log/log.c
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
/*******************************************************************************
*
* (C) COPYRIGHT AUTHORS, 2015 - 2022
* (C) COPYRIGHT AUTHORS, 2015 - 2023
*
* TITLE: LOG.C
*
* VERSION: 2.00
* VERSION: 2.03
*
* DATE: 19 Jun 2022
* DATE: 27 Jul 2023
*
* Simplified log.
*
Expand Down Expand Up @@ -144,27 +144,42 @@ BOOL logEnumEntries(
*
*/
VOID LogViewerPrintEntry(
_In_ HWND OutputWindow,
_In_ LPWSTR lpTime,
_In_ LPWSTR lpType,
_In_ LPWSTR lpValue)
_In_ HWND hwndRichEdit,
_In_ LPWSTR lpMessage,
_In_ BOOL bHighlight)
{
LONG StartPos = 0;
CHARRANGE SelectedRange;

SendMessage(OutputWindow, EM_EXGETSEL, (WPARAM)0, (LPARAM)&SelectedRange);
StartPos = SelectedRange.cpMin;
CHARFORMAT cf;
CHARRANGE cr, sr;

cr.cpMax = INT_MAX;
cr.cpMin = INT_MAX;

SendMessage(hwndRichEdit, EM_EXSETSEL, (WPARAM)0, (LPARAM)&cr);
SendMessage(hwndRichEdit, EM_EXGETSEL, (WPARAM)0, (LPARAM)&sr);
StartPos = sr.cpMin;

if (bHighlight) {
cf.cbSize = sizeof(CHARFORMAT);
cf.dwMask = CFM_BOLD;
SendMessage(hwndRichEdit, EM_SETCHARFORMAT, SCF_SELECTION, (LPARAM)&cf);
}

if (StartPos) {
SendMessage(OutputWindow, EM_REPLACESEL, (WPARAM)0, (LPARAM)L"\r\n");
StartPos += 1;
SendMessage(hwndRichEdit, EM_REPLACESEL, (WPARAM)0, (LPARAM)L"\r\n");
StartPos += 2;
}

SendMessage(OutputWindow, EM_REPLACESEL, (WPARAM)0, (LPARAM)lpTime);
SendMessage(OutputWindow, EM_REPLACESEL, (WPARAM)0, (LPARAM)L" (");
SendMessage(OutputWindow, EM_REPLACESEL, (WPARAM)0, (LPARAM)lpType);
SendMessage(OutputWindow, EM_REPLACESEL, (WPARAM)0, (LPARAM)L"): ");
SendMessage(OutputWindow, EM_REPLACESEL, (WPARAM)0, (LPARAM)lpValue);
SendMessage(hwndRichEdit, EM_REPLACESEL, (WPARAM)0, (LPARAM)lpMessage);

if (bHighlight) {
cf.dwEffects = CFE_BOLD;
cr.cpMin = StartPos;
cr.cpMax = (LONG)_strlen(lpMessage) + StartPos + 1;
SendMessage(hwndRichEdit, EM_EXSETSEL, (WPARAM)0, (LPARAM)&cr);
SendMessage(hwndRichEdit, EM_SETCHARFORMAT, SCF_SELECTION, (LPARAM)&cf);
}
}

/*
Expand All @@ -180,18 +195,22 @@ BOOL CALLBACK LogViewerAddEntryCallback(
_In_ PVOID CallbackContext
)
{
BOOL bHighlight = FALSE;
HWND hwndList = (HWND)CallbackContext;
TIME_FIELDS tFields = { 0, 0, 0, 0, 0, 0, 0, 0 };
LPWSTR lpType;
WCHAR szTime[64];
WCHAR szMessage[WOBJ_MAX_MESSAGE + 128];

switch (Entry->Type) {
case EntryTypeError:
bHighlight = TRUE;
lpType = TEXT("Error");
break;
case EntryTypeSuccess:
lpType = TEXT("Success");
break;
case EntryTypeWarning:
bHighlight = TRUE;
lpType = TEXT("Warning");
break;
case EntryTypeInformation:
Expand All @@ -202,9 +221,20 @@ BOOL CALLBACK LogViewerAddEntryCallback(
break;
}

szTime[0] = 0;
supPrintTimeToBuffer(&Entry->LoggedTime, szTime, RTL_NUMBER_OF(szTime));
LogViewerPrintEntry(hwndList, szTime, lpType, Entry->MessageData);
szMessage[0] = 0;

RtlTimeToTimeFields(&Entry->LoggedTime, &tFields);
RtlStringCchPrintfSecure(szMessage,
RTL_NUMBER_OF(szMessage),
L"%02hd:%02hd:%02hd.%03hd (%ws): %ws",
tFields.Hour,
tFields.Minute,
tFields.Second,
tFields.Milliseconds,
lpType,
Entry->MessageData);

LogViewerPrintEntry(hwndList, szMessage, bHighlight);

return TRUE; //continue with next entry
}
Expand All @@ -221,15 +251,23 @@ VOID LogViewerListLog(
_In_ HWND hwndParent
)
{
CHARRANGE CharRange;
CHARRANGE charRange;
HWND hwndList = GetDlgItem(hwndParent, IDC_LOGLIST);
PARAFORMAT ParaFormat;

//
// Prepare RichEdit.
//
SendMessage(hwndList, EM_SETEVENTMASK, (WPARAM)0, (LPARAM)0);
SendMessage(hwndList, WM_SETREDRAW, (WPARAM)0, (LPARAM)0);

RtlSecureZeroMemory(&ParaFormat, sizeof(ParaFormat));
ParaFormat.cbSize = sizeof(ParaFormat);
ParaFormat.cTabCount = 1;
ParaFormat.dwMask = PFM_TABSTOPS;
ParaFormat.rgxTabs[0] = 3500;
SendMessage(hwndList, EM_SETPARAFORMAT, (WPARAM)0, (LPARAM)&ParaFormat);

logEnumEntries(LogViewerAddEntryCallback, (PVOID)hwndList);

//
Expand All @@ -240,12 +278,11 @@ VOID LogViewerListLog(
InvalidateRect(hwndList, NULL, TRUE);

SendMessage(hwndList, EM_SETEVENTMASK, (WPARAM)0, (LPARAM)ENM_SELCHANGE);

charRange.cpMax = 0;
charRange.cpMin = 0;
SendMessage(hwndList, EM_EXSETSEL, (WPARAM)0, (LPARAM)&charRange);

CharRange.cpMax = 0;
CharRange.cpMin = 0;
SendMessage(hwndList, EM_EXSETSEL, (WPARAM)0, (LPARAM)&CharRange);

SetFocus(hwndList);
}

/*
Expand Down
10 changes: 5 additions & 5 deletions Source/WinObjEx64/log/log.h
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
/*******************************************************************************
*
* (C) COPYRIGHT AUTHORS, 2015 - 2022
* (C) COPYRIGHT AUTHORS, 2015 - 2023
*
* TITLE: LOG.H
*
* VERSION: 2.00
* VERSION: 2.03
*
* DATE: 19 Jun 2022
* DATE: 27 Jul 2022
*
* Header file for simplified log support.
*
Expand Down Expand Up @@ -39,8 +39,8 @@ typedef enum _WOBJ_ENTRY_TYPE {
typedef struct _WOBJ_LOG_ENTRY {
WOBJ_ENTRY_TYPE Type;
LARGE_INTEGER LoggedTime;
WCHAR MessageData[WOBJ_MAX_MESSAGE + 1];
BYTE Reserved[72];
WCHAR MessageData[WOBJ_MAX_MESSAGE];
BYTE Reserved[74];
} WOBJ_LOG_ENTRY, * PWOBJ_LOG_ENTRY;

typedef struct _WOBJ_LOG {
Expand Down
6 changes: 3 additions & 3 deletions Source/WinObjEx64/sysinfoDlg.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
*
* VERSION: 2.03
*
* DATE: 21 Jul 2023
* DATE: 27 Jul 2023
*
* System Information Dialog.
*
Expand Down Expand Up @@ -55,8 +55,8 @@ VOID AddParameterValue(
CHARFORMAT CharFormat;
CHARRANGE CharRange, SelectedRange;

CharRange.cpMax = 0x7FFFFFFF;
CharRange.cpMin = 0x7FFFFFFF;
CharRange.cpMax = INT_MAX;
CharRange.cpMin = INT_MAX;

SendMessage(OutputWindow, EM_EXSETSEL, (WPARAM)0, (LPARAM)&CharRange);
SendMessage(OutputWindow, EM_EXGETSEL, (WPARAM)0, (LPARAM)&SelectedRange);
Expand Down
Loading

0 comments on commit 0d43b13

Please sign in to comment.