![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to pwalk.h CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [WindowsNT SDKs] / mstools / samples / sdktools / walker|
Return to pwalk.h CVS log | Up to [WindowsNT SDKs] / mstools / samples / sdktools / walker |
1.1 ! root 1: #include <windows.h> ! 2: #include <stdlib.h> ! 3: #include <stdio.h> ! 4: #include "pefile.h" ! 5: ! 6: ! 7: #define IDR_MAINICON 20 ! 8: #define IDR_SYSSTATICON 21 ! 9: #define IDR_PROSTATICON 22 ! 10: #define IDR_WALKERMENU 30 ! 11: ! 12: #define IDS_WALKERCLASS 11000 ! 13: #define IDS_SYSSTATCLASS 11001 ! 14: #define IDS_PROSTATCLASS 11002 ! 15: #define IDS_STATUSCLASS 11004 ! 16: #define IDS_MEMVIEWCLASS 11005 ! 17: #define IDS_SYSSTATTITLE 11010 ! 18: #define IDS_PROSTATTITLE 11011 ! 19: #define IDS_MEMVIEWTITLE 11013 ! 20: #define IDS_CAPTION 11020 ! 21: #define IDS_UNAVAILABLE 11021 ! 22: #define IDS_LISTBOX 11022 ! 23: #define IDS_EXEFILEEXT 11023 ! 24: #define IDS_FILEOPENTITLE 11024 ! 25: #define IDS_SELF 11025 ! 26: #define IDS_ERROR 11030 ! 27: #define IDS_NOTENOUGHMEM 11031 ! 28: #define IDS_HEAPCREATEFAILED 11032 ! 29: #define IDS_DBGEVNTACTIVE 11042 ! 30: #define IDS_DBGEVNTCLOSE 11043 ! 31: #define IDS_DBGEVNTSTOP 11044 ! 32: #define IDS_DBGEVNTSTART 11045 ! 33: #define IDS_DBGEVNTREAD 11046 ! 34: #define IDS_DBGEVNTWRITE 11047 ! 35: #define IDS_DBGEVNTACK 11048 ! 36: #define IDS_EXCEPTION 11050 ! 37: #define IDS_APPEXCEPTION 11051 ! 38: #define IDS_CHILDAPPEXCEPTION 11052 ! 39: #define IDS_ERRDUPLICATEHANDLE 11060 ! 40: #define IDS_ERRGETTHREADCONTEXT 11061 ! 41: #define IDS_ERRCREATEPROCESS 11062 ! 42: #define IDS_ERROPENPROCESS 11063 ! 43: #define IDS_ERRCREATEFILEMAPPING 11064 ! 44: #define IDS_ERRHEAPALLOC 11065 ! 45: #define IDS_ERRREADPROCESSMEMORY 11066 ! 46: #define IDS_ERRCREATEWINDOW 11067 ! 47: #define IDS_ERRVIRTUALFREE 11068 ! 48: #define IDS_ERRVIRTUALALLOC 11069 ! 49: #define IDS_STATUSREADY 11070 ! 50: #define IDS_NOTCOMMITTEDMEMORY 11071 ! 51: #define IDS_ERRWRITEPROCESSMEMORY 11072 ! 52: #define IDS_COULDNOTREADPROCESS 11073 ! 53: #define IDS_ERRSETTHREADCONTEXT 11074 ! 54: #define IDS_EXITPROCESS 12000 ! 55: #define IDS_EXITTHREAD 12001 ! 56: #define IDS_CREATEPROCESS 12002 ! 57: #define IDS_CREATETHREAD 12003 ! 58: #define IDS_LOADDLL 12004 ! 59: #define IDS_UNLOADDLL 12005 ! 60: #define IDS_OUTPUTDEBUGSTRING 12006 ! 61: #define IDS_RIPEVENT 12007 ! 62: #define IDS_BREAKPOINTEXCEPTION 12008 ! 63: #define IDS_ACCESSVIOLATIONEXCEPTION 12009 ! 64: #define IDS_UNHANDLEDEXCEPTION 12010 ! 65: #define IDS_PROCESSSUSPENDED 12011 ! 66: #define IDS_PROCESSRESUMED 12012 ! 67: #define IDS_PROCESSINIT 12013 ! 68: #define IDS_MAPFILENAME 12014 ! 69: #define IDS_INITPROCESSFAILURE 12015 ! 70: #define IDS_INITPROBE 12016 ! 71: #define IDS_HOOKPROCESS 12017 ! 72: ! 73: #define IDC_LISTBOX 100 ! 74: #define IDC_STATUSWND 101 ! 75: #define IDC_REFRESH 200 ! 76: #define IDC_CANCEL 201 ! 77: #define IDC_REWALK 202 ! 78: ! 79: #define IDM_POPUPMENUS 1000 ! 80: #define IDM_POPUPPROCESS 1000 ! 81: #define IDM_POPUPSORT 1001 ! 82: #define IDM_POPUPVIEW 1002 ! 83: #define IDM_POPUPOPTIONS 1003 ! 84: #define MENUPOPUPS 4 ! 85: ! 86: #define IDM_PROCESSREWALK 2000 ! 87: #define IDM_PROCESSLOAD 2001 ! 88: #define IDM_PROCESSUNLOAD 2002 ! 89: #define IDM_PROCESSSUSPEND 2003 ! 90: #define IDM_PROCESSRESUME 2004 ! 91: #define IDM_EXIT 2010 ! 92: #define IDM_SORTADDRESS 2020 ! 93: #define IDM_SORTSTATE 2021 ! 94: #define IDM_SORTPROTECTION 2022 ! 95: #define IDM_SORTSIZE 2023 ! 96: #define IDM_SORTBASEADDRESS 2024 ! 97: #define IDM_VIEWSYSSTAT 2030 ! 98: #define IDM_VIEWPROSTAT 2031 ! 99: #define IDM_VIEWMEMORY 2033 ! 100: #define IDM_VIEWADDRESS 2034 ! 101: #define IDM_OPTBYTES 2040 ! 102: #define IDM_OPTPAGES 2041 ! 103: ! 104: #define IDD_ADDR 3000 ! 105: #define IDC_ADDR 3001 ! 106: #define IDC_HEX 3002 ! 107: ! 108: #define IDD_INITIALIZING 4000 ! 109: #define UM_ENDDIALOG WM_USER+2 ! 110: ! 111: #define TOTALVMRESERVE 0x00100000 ! 112: #define PAGESIZE 0x1000 ! 113: #define IDM_REMOVEVIEWWND WM_USER+0 ! 114: ! 115: #define IDT_STATUS 3000 ! 116: #define UM_UPDATE WM_USER+1 ! 117: #define UM_STARTINITDIALOG WM_USER+3 ! 118: ! 119: #define STATUSWXB 12 ! 120: #define WXB_HPENHILITE 0 ! 121: #define WXB_HPENSHADOW 4 ! 122: #define WXB_LPWINDOWTEXT 8 ! 123: ! 124: #define VIEWWXB 8 ! 125: #define WXB_LPMEMVIEW 0 ! 126: #define WXB_LPOLDMEMVIEW 4 ! 127: ! 128: /* define event handle array indeces */ ! 129: #define CLOSEDEBUGGER 0 ! 130: #define SUSPENDDEBUGGER 1 ! 131: #define RESUMEDEBUGGER 2 ! 132: #define READMEMORY 3 ! 133: #define WRITEMEMORY 4 ! 134: #define DEBUGACTIVE 5 ! 135: #define ACKNOWLEDGE 6 ! 136: #define nDEBUGEVENTS 7 ! 137: ! 138: ! 139: typedef struct DBGTHREAD *LPDBGTHREAD; ! 140: typedef struct tagDbgThread ! 141: { ! 142: HANDLE hThread; ! 143: DWORD dwThreadID; ! 144: LPTHREAD_START_ROUTINE lpStartAddress; ! 145: int nPriority; ! 146: LPDBGTHREAD Next; ! 147: }DBGTHREAD; ! 148: ! 149: typedef struct DBGDLL *LPDBGDLL; ! 150: typedef struct tagDbgDll ! 151: { ! 152: HANDLE hFile; ! 153: LPVOID lpBaseOfDll; ! 154: DWORD dwDebugInfoFileOffset; ! 155: DWORD nDebugInfoSize; ! 156: char szImageName[MAX_PATH]; ! 157: WORD fUnicode; ! 158: LPDBGDLL Next; ! 159: SECTIONINFO *lpSection; /* from PEFILE.H */ ! 160: }DBGDLL; ! 161: ! 162: typedef struct DBGEXCEPTREC *LPDBGEXCEPTREC; ! 163: typedef struct tagDbgExcept ! 164: { ! 165: EXCEPTION_RECORD ExceptRecord; ! 166: CONTEXT Context; ! 167: DWORD dwThreadId; ! 168: DWORD dwFirstChance; ! 169: LPDBGEXCEPTREC Next; ! 170: }DBGEXCEPTREC; ! 171: ! 172: typedef struct tagDbgProcess ! 173: { ! 174: HANDLE hDbgHeap; ! 175: DWORD dwProcessID; ! 176: HANDLE hProcess; ! 177: HANDLE hFile; ! 178: LPVOID lpImage; ! 179: DWORD dwDbgInfoOffset; ! 180: DWORD nDbgInfoSize; ! 181: DBGTHREAD *lpThreads; ! 182: DBGDLL *lpDlls; ! 183: SECTIONINFO *lpSection; ! 184: HWND hWnd; ! 185: DWORD dwPriority; ! 186: BOOL bActive; ! 187: char szModule[MAX_PATH]; ! 188: DBGEXCEPTREC *lpERs; ! 189: }DBGPROCESS; ! 190: ! 191: typedef struct tagVMObject ! 192: { ! 193: MEMORY_BASIC_INFORMATION mbi; ! 194: char szObjType[12]; ! 195: char szModule[MAX_PATH]; ! 196: char szSection[IMAGE_SIZEOF_SHORT_NAME]; ! 197: BOOL bNew; ! 198: }VMOBJECT, * LPVMOBJECT; ! 199: ! 200: ! 201: /* struct for memory view window */ ! 202: typedef struct tagMemView ! 203: { ! 204: LPVOID lpMem; ! 205: int nBase; ! 206: int nSize; ! 207: int xWin, yWin; ! 208: int PosV, RangeV; ! 209: long nLines; ! 210: int nExtraBytes; ! 211: } MEMVIEW, * LPMEMVIEW; ! 212: ! 213: ! 214: /* struct for process probe dll */ ! 215: typedef struct tagProbe ! 216: { ! 217: HANDLE hProcess; ! 218: HANDLE hDefHeap; ! 219: }PROBE, * LPPROBE; ! 220: ! 221: ! 222: /* struct representing process state */ ! 223: typedef struct tagProcessState ! 224: { ! 225: CONTEXT Context; ! 226: LPVOID Esp; ! 227: LPVOID pStackPage; ! 228: BYTE Stack[PAGESIZE]; ! 229: LPVOID Eip; ! 230: LPVOID pCodePage; ! 231: BYTE Code[PAGESIZE]; ! 232: }PROCESS_STATE, * LPPROCESS_STATE; ! 233: ! 234: ! 235: /* prototypes for functions in pwalk.c */ ! 236: LONG WINAPI WalkerWndProc (HWND, UINT, WPARAM, LPARAM); ! 237: int WINAPI NotifyUser (HWND, int, int, char *, UINT); ! 238: void WINAPI ReportError (int); ! 239: BOOL WINAPI GetFreeDiskSpace (LPDWORD, LPDWORD); ! 240: BOOL WINAPI InitDlgProc (HWND, UINT, WPARAM, LPARAM); ! 241: ! 242: /* prototypes for functions in pwalkio.c */ ! 243: BOOL WINAPI GetFileName (HWND, char *, char *); ! 244: void WINAPI GetFileFromPath (char *, char *); ! 245: BOOL WINAPI GetCmdLine (char *, char *, BOOL *); ! 246: BOOL WINAPI IsValidFile (char *); ! 247: ! 248: /* prototypes for functions in pstat.c */ ! 249: LONG WINAPI SysStatWndProc (HWND, UINT, WPARAM, LPARAM); ! 250: LONG WINAPI ProStatWndProc (HWND, UINT, WPARAM, LPARAM); ! 251: LONG WINAPI StatusWndProc (HWND, UINT, WPARAM, LPARAM); ! 252: void WINAPI SetStatusText (HWND, int, COLORREF); ! 253: ! 254: /* prototypes for functions in pview.c */ ! 255: HWND WINAPI ViewMemory (HWND, char *, LPVOID, int, int); ! 256: LONG WINAPI MemWndProc (HWND, UINT, WPARAM, LPARAM); ! 257: void WINAPI ActivateViewWindow (ATOM); ! 258: HWND WINAPI EnumViewWindows (HWND, HWND); ! 259: BOOL WINAPI AddrDlgProc (HWND, UINT, WPARAM, LPARAM); ! 260: ! 261: /* prototypes for functions in pdebug.c */ ! 262: DBGPROCESS* WINAPI StartChildProcess (HWND, char *, LPHANDLE); ! 263: void WINAPI CloseChildProcess (DBGPROCESS *, LPHANDLE); ! 264: int WINAPI WhereIsStack (HANDLE); ! 265: int WINAPI WalkProcess (HANDLE, LPVOID *, LPINT *); ! 266: void WINAPI AnalyzeProcess (DBGPROCESS *, LPVMOBJECT, int); ! 267: void WINAPI IdentifyNewObjects (LPVMOBJECT, int, LPVMOBJECT, int); ! 268: BOOL WINAPI CommittedMemoryRange (int, int, LPVMOBJECT, int *); ! 269: BOOL WINAPI AccessProcessMemory (HANDLE, HANDLE, LPVOID, LPVOID, DWORD *); ! 270: ! 271: /* prototypes for functions in probe.c, a DLL */ ! 272: void WINAPI ResetProbe (); ! 273: LPPROBE WINAPI RetrieveProbeData ();
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.