Changeset 9617 for trunk/src

Timestamp:

Jan 5, 2003, 1:31:26 PM (23 years ago)

Author:

sandervl

Message:

added dll load hook and function to override named or ordinal exports

Location:

trunk/src/kernel32

Files:

• KERNEL32.DEF (modified) (2 diffs)
• kernel32dbg.def (modified) (2 diffs)
• oslibdebug.h (modified) (3 diffs)
• oslibdos.h (modified) (3 diffs)
• oslibexcept.h (modified) (3 diffs)
• osliblvm.h (modified) (3 diffs)
• oslibmem.h (modified) (3 diffs)
• oslibmisc.h (modified) (3 diffs)
• oslibtime.h (modified) (2 diffs)
• windllbase.cpp (modified) (1 diff)
• winimagebase.cpp (modified) (2 diffs)
• winimagebase.h (modified) (2 diffs)
• winimagepeldr.cpp (modified) (11 diffs)
• winimagepeldr.h (modified) (3 diffs)
• wprocess.cpp (modified) (2 diffs)

trunk/src/kernel32/KERNEL32.DEF

@@ -1 @@
-; $Id: KERNEL32.DEF,v 1.147 2002-12-20 11:39:40 sandervl Exp $
+; $Id: KERNEL32.DEF,v 1.148 2003-01-05 12:31:22 sandervl Exp $
 
 ;Basis is Windows95 KERNEL32
@@ -1210 +1210 @@
     OSLibDosDevIOCtl                                              @2026 NONAME
 
+; custom dll hook installer
+    _ODIN_SetDllLoadCallback@4                                    @2100 NONAME
+; override export
+    _ODIN_SetProcAddress@12                                       @2101 NONAME
+
     GetDisplayCodepage                                            @3000 NONAME
     GetWindowsCodepage                                            @3001 NONAME

trunk/src/kernel32/kernel32dbg.def

@@ -1 @@
-; $Id: kernel32dbg.def,v 1.22 2002-12-20 11:39:41 sandervl Exp $
+; $Id: kernel32dbg.def,v 1.23 2003-01-05 12:31:23 sandervl Exp $
 
 ;Basis is Windows95 KERNEL32
@@ -1210 +1210 @@
     OSLibDosDevIOCtl                                              @2026 NONAME
 
+; custom dll hook installer
+    _ODIN_SetDllLoadCallback@4                                    @2100 NONAME
+; override export
+    _ODIN_SetProcAddress@12                                       @2101 NONAME
+
     GetDisplayCodepage                                            @3000 NONAME
     GetWindowsCodepage                                            @3001 NONAME

trunk/src/kernel32/oslibdebug.h

@@ -1 @@
-/* $Id: oslibdebug.h,v 1.2 2002-05-28 09:53:34 sandervl Exp $ */
+/* $Id: oslibdebug.h,v 1.3 2003-01-05 12:31:23 sandervl Exp $ */
 
 /*
@@ -13 +13 @@
 #define __OSLIBDEBUG_H__
 
+#ifdef __cplusplus
+extern "C" {
+#endif
+
 #ifndef PAGE_SIZE
 #define PAGE_SIZE 4096
@@ -23 +27 @@
 VOID OSLibDebugReadMemory(LPCVOID lpBaseAddress,LPVOID lpBuffer, DWORD cbRead, LPDWORD lpNumberOfBytesRead);
 BOOL OSLibAddWin32Event(LPDEBUG_EVENT lpde);
+
+#ifdef __cplusplus
+}
+#endif
+
 #endif //__OSLIBDEBUG_H__

trunk/src/kernel32/oslibdos.h

@@ -1 @@
-/* $Id: oslibdos.h,v 1.49 2002-12-19 12:55:27 sandervl Exp $ */
+/* $Id: oslibdos.h,v 1.50 2003-01-05 12:31:24 sandervl Exp $ */
 
 /*
@@ -13 +13 @@
 #define __OSLIBDOS_H__
 
+#ifdef __cplusplus
+extern "C" {
+#endif
 
 #ifdef OS2_INCLUDED
@@ -358 +361 @@
 DWORD OSLibDosGetNumPhysDrives();
 
+#ifdef __cplusplus
+}
+#endif
+
 #endif //__OSLIBDOS_H__
 

trunk/src/kernel32/oslibexcept.h

@@ -1 @@
-/* $Id: oslibexcept.h,v 1.2 2000-09-08 18:07:50 sandervl Exp $ */
+/* $Id: oslibexcept.h,v 1.3 2003-01-05 12:31:24 sandervl Exp $ */
 /*
  * Exception handler util. procedures
@@ -8 +8 @@
 #ifndef __OSLIBEXCEPT_H__
 #define __OSLIBEXCEPT_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
 
 //******************************************************************************
@@ -18 +22 @@
                                      PCONTEXTRECORD pContextRec, PVOID p);
 
+#ifdef __cplusplus
+}
 #endif
+
+#endif

trunk/src/kernel32/osliblvm.h

@@ -1 @@
-/* $Id: osliblvm.h,v 1.4 2002-09-27 14:35:56 sandervl Exp $ */
+/* $Id: osliblvm.h,v 1.5 2003-01-05 12:31:24 sandervl Exp $ */
 /*
  * OS/2 LVM (Logical Volume Management) functions
@@ -10 +10 @@
 #ifndef __OSLIBLVM_H__
 #define __OSLIBLVM_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
 
 #include <win\winioctl.h>
@@ -345 +349 @@
 BOOL   OSLibLVMGetDiskGeometry(DWORD dwDiskNr, PDISK_GEOMETRY pGeom);
 
+#ifdef __cplusplus
+}
+#endif
+
 #endif //__OSLIBLVM_H__

trunk/src/kernel32/oslibmem.h

@@ -1 @@
-/* $Id: oslibmem.h,v 1.2 2002-07-16 08:16:48 sandervl Exp $ */
+/* $Id: oslibmem.h,v 1.3 2003-01-05 12:31:24 sandervl Exp $ */
 /*
  * OS/2 Memory management procedures
@@ -8 +8 @@
 #ifndef __OSLIBMEM_H__
 #define __OSLIBMISC_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
 
 #ifndef __OS2_H__
@@ -50 +54 @@
 PVOID OSLibDosFindMemBase(LPVOID lpMemAddr);
 
+#ifdef __cplusplus
+}
+#endif
 
 #endif

trunk/src/kernel32/oslibmisc.h

@@ -1 @@
-/* $Id: oslibmisc.h,v 1.10 2003-01-02 11:50:46 sandervl Exp $ */
+/* $Id: oslibmisc.h,v 1.11 2003-01-05 12:31:24 sandervl Exp $ */
 /*
  * Misc util. procedures
@@ -13 +13 @@
 char *OSLibGetDllName(ULONG hModule);
 BOOL  OSLibGetDllName(ULONG hModule, char *name, int length);
+
+#ifdef __cplusplus
+extern "C" {
+#endif
 
 char *OSLibStripPath(char *path);
@@ -90 +94 @@
 ULONG OSLibQueryCountry();
 
+#ifdef __cplusplus
+}
 #endif
+
+#endif

trunk/src/kernel32/oslibtime.h

@@ -1 @@
-/* $Id: oslibtime.h,v 1.1 2002-06-26 07:14:18 sandervl Exp $ */
+/* $Id: oslibtime.h,v 1.2 2003-01-05 12:31:24 sandervl Exp $ */
 /*
  * OS/2 time procedures
@@ -11 +11 @@
 #define __OSLIBTIME_H__
 
+#ifdef __cplusplus
+extern "C" {
+#endif
+
 ULONG OSLibDosGetTickCount();
 
+#ifdef __cplusplus
+}
+#endif
+
 #endif //__OSLIBTIME_H__

trunk/src/kernel32/windllbase.cpp

@@ -1 @@
-/* $Id: windllbase.cpp,v 1.31 2002-12-20 10:38:57 sandervl Exp $ */
+/* $Id: windllbase.cpp,v 1.32 2003-01-05 12:31:25 sandervl Exp $ */
 
 /*

trunk/src/kernel32/winimagebase.cpp

@@ -1 @@
-/* $Id: winimagebase.cpp,v 1.35 2002-04-29 17:05:30 sandervl Exp $ */
+/* $Id: winimagebase.cpp,v 1.36 2003-01-05 12:31:25 sandervl Exp $ */
 
 /*
@@ -151 +151 @@
   //dummy
   return 0;
+}
+//******************************************************************************
+//******************************************************************************
+ULONG Win32ImageBase::setApi(char *name, ULONG pfnNewProc)
+{
+    return -1; //only implemented for PE modules
+}
+//******************************************************************************
+//******************************************************************************
+ULONG Win32ImageBase::setApi(int ordinal, ULONG pfnNewProc)
+{
+    return -1; //only implemented for PE modules
 }
 //******************************************************************************

trunk/src/kernel32/winimagebase.h

@@ -1 @@
-/* $Id: winimagebase.h,v 1.22 2002-12-20 11:39:41 sandervl Exp $ */
+/* $Id: winimagebase.h,v 1.23 2003-01-05 12:31:25 sandervl Exp $ */
 
 /*
@@ -113 +113 @@
 virtual ULONG getApi(int ordinal) = 0;
 
+virtual ULONG setApi(char *name, ULONG pfnNewProc);
+virtual ULONG setApi(int ordinal, ULONG pfnNewProc);
+
 virtual ULONG getImageSize();
 

trunk/src/kernel32/winimagepeldr.cpp

@@ -1 @@
-/* $Id: winimagepeldr.cpp,v 1.102 2002-12-20 11:39:42 sandervl Exp $ */
+/* $Id: winimagepeldr.cpp,v 1.103 2003-01-05 12:31:25 sandervl Exp $ */
 
 /*
@@ -44 +44 @@
 #include <win32api.h>
 #include <heapcode.h>
+#include <custombuild.h>
 #include "winimagebase.h"
 #include "winimagepeldr.h"
@@ -1372 +1373 @@
 }
 //******************************************************************************
+//Install a hook that gets called when the exports have been processed
+//******************************************************************************
+static ODINPROC_DLLLOAD pfnDllLoad = NULL;
+//******************************************************************************
+BOOL WIN32API ODIN_SetDllLoadCallback(ODINPROC_DLLLOAD pfnMyDllLoad)
+{
+    pfnDllLoad = pfnMyDllLoad;
+    return TRUE;
+}
+//******************************************************************************
 //******************************************************************************
 BOOL Win32PeLdrImage::processExports(char *win32file)
@@ -1437 +1448 @@
         }
     }
+  }
+
+  //Call the dll load hook; must be done here so noone has the opportunity
+  //to use this dll (get exports)
+  if(pfnDllLoad) {
+      pfnDllLoad(hinstance);
   }
 
@@ -1915 +1932 @@
 //******************************************************************************
 //******************************************************************************
-ULONG Win32PeLdrImage::getApi(char *name)
+NameExport *Win32PeLdrImage::findApi(char *name)
 {
   ULONG       apiaddr, i, apilen;
@@ -1940 +1957 @@
         {
             if(strcmp(curexport->name, apiname) == 0)
-                return(curexport->virtaddr);
+                return curexport;
         }
         curexport = (NameExport *)((ULONG)curexport->name + curexport->nlength);
     }
-    return(0);
-}
-//******************************************************************************
-//******************************************************************************
-ULONG Win32PeLdrImage::getApi(int ordinal)
+    return NULL;
+}
+//******************************************************************************
+//******************************************************************************
+ULONG Win32PeLdrImage::getApi(char *name)
+{
+    NameExport *curexport;
+
+    curexport = findApi(name);
+    if(curexport) {
+        return(curexport->virtaddr);
+    }
+    return 0;
+}
+//******************************************************************************
+//Override a name export
+//******************************************************************************
+ULONG Win32PeLdrImage::setApi(char *name, ULONG pfnNewProc)
+{
+    NameExport *curexport;
+
+    curexport = findApi(name);
+    if(curexport) {
+        ULONG pfnOldProc = curexport->virtaddr;
+
+        curexport->virtaddr = pfnNewProc;
+        return pfnOldProc;
+    }
+    return -1;
+}
+//******************************************************************************
+//******************************************************************************
+OrdExport *Win32PeLdrImage::findApi(int ordinal)
 {
  ULONG       apiaddr, i;
  OrdExport  *curexport;
- NameExport *nexport;
 
     curexport = ordexports;
@@ -1978 +2022 @@
     else
       if (iThisExport == ordinal)   // found the export?
-        return curexport[i].virtaddr;
+        return &curexport[i];
       else
         i -= min(iStep, (iThisExport-ordinal));                 // move farther up the list
@@ -2003 +2047 @@
           iThisExport = curexport[i].ordinal;
           if(iThisExport == ordinal)
-            return(curexport[i].virtaddr);
+            return &curexport[i];
           else
             if (iThisExport > ordinal)
@@ -2018 +2062 @@
           iThisExport = curexport[i].ordinal;
           if(curexport[i].ordinal == ordinal)
-            return(curexport[i].virtaddr);
+            return &curexport[i];
           else
             if (iThisExport < ordinal)
@@ -2030 +2074 @@
     }
   }
+  return NULL;
+}
+//******************************************************************************
+//******************************************************************************
+ULONG Win32PeLdrImage::getApi(int ordinal)
+{
+    OrdExport  *curexport;
+    NameExport *nexport;
+
+    curexport = findApi(ordinal);
+    if(curexport) {
+        return curexport->virtaddr;
+    }
 
     //Name exports also contain an ordinal, so check this
     nexport = nameexports;
-    for(i=0;i<nrNameExports;i++) {
+    for(int i=0;i<nrNameExports;i++) {
         if(nexport->ordinal == ordinal)
             return(nexport->virtaddr);
@@ -2040 +2097 @@
     }
     return(0);
+}
+//******************************************************************************
+//Override an ordinal export
+//******************************************************************************
+ULONG Win32PeLdrImage::setApi(int ordinal, ULONG pfnNewProc)
+{
+    OrdExport  *curexport;
+    NameExport *nexport;
+
+    curexport = findApi(ordinal);
+    if(curexport) {
+        ULONG pfnOldProc = curexport->virtaddr;
+
+        curexport->virtaddr = pfnNewProc;
+        return pfnOldProc;
+    }
+
+    //Name exports also contain an ordinal, so check this
+    nexport = nameexports;
+    for(int i=0;i<nrNameExports;i++) 
+    {
+        if(nexport->ordinal == ordinal) {
+            ULONG pfnOldProc = nexport->virtaddr;
+
+            nexport->virtaddr = pfnNewProc;
+            return pfnOldProc;
+        }
+
+        nexport = (NameExport *)((ULONG)nexport->name + nexport->nlength);
+    }
+    return -1;
 }
 //******************************************************************************

trunk/src/kernel32/winimagepeldr.h

@@ -1 @@
-/* $Id: winimagepeldr.h,v 1.18 2002-12-20 11:39:43 sandervl Exp $ */
+/* $Id: winimagepeldr.h,v 1.19 2003-01-05 12:31:26 sandervl Exp $ */
 
 /*
@@ -87 +87 @@
     virtual ULONG getApi(char *name);
     virtual ULONG getApi(int ordinal);
+    virtual ULONG setApi(char *name, ULONG pfnNewProc);
+    virtual ULONG setApi(int ordinal, ULONG pfnNewProc);
 
     virtual ULONG getImageSize();
@@ -111 +113 @@
      Section *findSectionByOS2Addr(ULONG addr);
      Section *findPreviousSectionByOS2Addr(ULONG addr);
+
+   OrdExport *findApi(int ordinal);
+  NameExport *findApi(char *name);
 
         BOOL  setMemFlags();

trunk/src/kernel32/wprocess.cpp

@@ -1 @@
-/* $Id: wprocess.cpp,v 1.168 2002-12-20 12:40:44 sandervl Exp $ */
+/* $Id: wprocess.cpp,v 1.169 2003-01-05 12:31:26 sandervl Exp $ */
 
 /*
@@ -2286 +2286 @@
 }
 //******************************************************************************
+// ODIN_SetProcAddress: Override a dll export
+// 
+// Parameters:
+//      HMODULE hModule         Module handle
+//      LPCSTR  lpszProc        Export name or ordinal
+//      FARPROC pfnNewProc      New export function address
+//
+// Returns: Success -> old address of export
+//          Failure -> -1
+//
+//******************************************************************************
+FARPROC WIN32API ODIN_SetProcAddress(HMODULE hModule, LPCSTR lpszProc, 
+                                     FARPROC pfnNewProc)
+{
+ Win32ImageBase *winmod;
+ FARPROC   proc;
+ ULONG     ulAPIOrdinal;
+
+  if(hModule == 0 || hModule == -1 || (WinExe && hModule == WinExe->getInstanceHandle())) {
+        winmod = WinExe;
+  }
+  else  winmod = (Win32ImageBase *)Win32DllBase::findModule((HINSTANCE)hModule);
+
+  if(winmod) {
+        ulAPIOrdinal = (ULONG)lpszProc;
+        if (ulAPIOrdinal <= 0x0000FFFF) {
+                proc = (FARPROC)winmod->setApi((int)ulAPIOrdinal, (ULONG)pfnNewProc);
+        }
+        else    proc = (FARPROC)winmod->setApi((char *)lpszProc, (ULONG)pfnNewProc);
+        if(proc == 0) {
+#ifdef DEBUG
+                if(ulAPIOrdinal <= 0x0000FFFF) {
+                        dprintf(("ODIN_SetProcAddress %x %x not found!", hModule, ulAPIOrdinal));
+                }
+                else    dprintf(("ODIN_SetProcAddress %x %s not found!", hModule, lpszProc));
+#endif
+                SetLastError(ERROR_PROC_NOT_FOUND);
+        }
+        if(HIWORD(lpszProc))
+                dprintf(("KERNEL32:  ODIN_SetProcAddress %s from %X returned %X\n", lpszProc, hModule, proc));
+        else    dprintf(("KERNEL32:  ODIN_SetProcAddress %x from %X returned %X\n", lpszProc, hModule, proc));
+
+        SetLastError(ERROR_SUCCESS);
+        return proc;
+  }
+  SetLastError(ERROR_INVALID_HANDLE);
+  return (FARPROC)-1;
+}
+//******************************************************************************
 //Retrieve the version
 //******************************************************************************