![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to probe.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [WindowsNT SDKs] / mstools / samples / sdktools / walker|
Return to probe.c CVS log | Up to [WindowsNT SDKs] / mstools / samples / sdktools / walker |
1.1 ! root 1: #include "pwalk.h" ! 2: ! 3: ! 4: /* process globals */ ! 5: HANDLE hMMFile = 0; ! 6: LPPROBE lpProbe = NULL; ! 7: CONTEXT gContext; ! 8: DWORD gReturn; ! 9: LPVOID gLocation; ! 10: CRITICAL_SECTION gCS; ! 11: ! 12: ! 13: BOOL WINAPI ProbeProcess (HANDLE); ! 14: void WINAPI FreeProbe (); ! 15: void WINAPI GetFuncAddrInChildProc (char *, char *, DBGDLL *, LPVOID *); ! 16: ! 17: ! 18: /* entry point for DLL loading and unloading */ ! 19: BOOL WINAPI DllMain ( ! 20: HANDLE hModule, ! 21: DWORD dwFunction, ! 22: LPVOID lpNot) ! 23: { ! 24: switch (dwFunction) ! 25: { ! 26: case DLL_PROCESS_ATTACH: ! 27: ProbeProcess (hModule); ! 28: break; ! 29: ! 30: case DLL_PROCESS_DETACH: ! 31: FreeProbe (); ! 32: break; ! 33: ! 34: default: ! 35: break; ! 36: } ! 37: ! 38: return TRUE; ! 39: } ! 40: ! 41: ! 42: ! 43: /* function initializes port structures */ ! 44: BOOL WINAPI ProbeProcess ( ! 45: HANDLE hDLL) ! 46: { ! 47: char szMapFileName[MAX_PATH]; ! 48: ! 49: /* load name for global file mapping */ ! 50: LoadString (hDLL, IDS_MAPFILENAME, szMapFileName, MAX_PATH); ! 51: ! 52: /* ProcessWalker creates file mapping then child process attaches */ ! 53: if ((hMMFile = OpenFileMapping (FILE_MAP_WRITE, FALSE, szMapFileName))) ! 54: { ! 55: /* map global view of file for hook function access */ ! 56: lpProbe = (LPPROBE)MapViewOfFile (hMMFile, FILE_MAP_WRITE, 0, 0, 0); ! 57: ! 58: /* initialize known process specific information in probe */ ! 59: lpProbe->hProcess = GetCurrentProcess (); ! 60: lpProbe->hDefHeap = GetProcessHeap (); ! 61: } ! 62: ! 63: else ! 64: if (!(hMMFile = CreateFileMapping ((HANDLE)0xffffffff, ! 65: NULL, ! 66: PAGE_READWRITE, ! 67: 0, ! 68: 0x100000, ! 69: szMapFileName))) ! 70: return FALSE; ! 71: else ! 72: { ! 73: lpProbe = (LPPROBE)MapViewOfFile (hMMFile, FILE_MAP_WRITE, 0, 0, 0); ! 74: ResetProbe (); ! 75: } ! 76: ! 77: /* success */ ! 78: return TRUE; ! 79: } ! 80: ! 81: ! 82: ! 83: ! 84: /* release process objects */ ! 85: void WINAPI FreeProbe () ! 86: { ! 87: if (lpProbe != NULL) ! 88: /* remove child process objects */ ! 89: UnmapViewOfFile ((char *)lpProbe); ! 90: ! 91: CloseHandle (hMMFile); ! 92: } ! 93: ! 94: ! 95: ! 96: ! 97: /* function passes pointer to probe info back to ProcessWalker */ ! 98: LPPROBE WINAPI RetrieveProbeData () ! 99: { ! 100: return lpProbe; ! 101: } ! 102: ! 103: ! 104: ! 105: ! 106: /* reset probe data to null */ ! 107: void WINAPI ResetProbe () ! 108: { ! 109: lpProbe->hProcess = NULL; ! 110: lpProbe->hDefHeap = NULL; ! 111: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.