Rizin
unix-like reverse engineering framework and cli tools
winapi.c
Go to the documentation of this file.
1 /* Copyright Joyent, Inc. and other Node contributors. All rights reserved.
2  *
3  * Permission is hereby granted, free of charge, to any person obtaining a copy
4  * of this software and associated documentation files (the "Software"), to
5  * deal in the Software without restriction, including without limitation the
6  * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
7  * sell copies of the Software, and to permit persons to whom the Software is
8  * furnished to do so, subject to the following conditions:
9  *
10  * The above copyright notice and this permission notice shall be included in
11  * all copies or substantial portions of the Software.
12  *
13  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
14  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
16  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
17  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
18  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
19  * IN THE SOFTWARE.
20  */
21 
22 #include <assert.h>
23 
24 #include "uv.h"
25 #include "internal.h"
26 
27 
28 /* Ntdll function pointers */
29 sRtlGetVersion pRtlGetVersion;
30 sRtlNtStatusToDosError pRtlNtStatusToDosError;
31 sNtDeviceIoControlFile pNtDeviceIoControlFile;
32 sNtQueryInformationFile pNtQueryInformationFile;
33 sNtSetInformationFile pNtSetInformationFile;
34 sNtQueryVolumeInformationFile pNtQueryVolumeInformationFile;
35 sNtQueryDirectoryFile pNtQueryDirectoryFile;
36 sNtQuerySystemInformation pNtQuerySystemInformation;
37 sNtQueryInformationProcess pNtQueryInformationProcess;
38 
39 /* Kernel32 function pointers */
40 sGetQueuedCompletionStatusEx pGetQueuedCompletionStatusEx;
41 
42 /* Powrprof.dll function pointer */
43 sPowerRegisterSuspendResumeNotification pPowerRegisterSuspendResumeNotification;
44 
45 /* User32.dll function pointer */
46 sSetWinEventHook pSetWinEventHook;
47 
48 
49 void uv_winapi_init(void) {
50  HMODULE ntdll_module;
51  HMODULE powrprof_module;
52  HMODULE user32_module;
53  HMODULE kernel32_module;
54 
55  ntdll_module = GetModuleHandleA("ntdll.dll");
56  if (ntdll_module == NULL) {
57  uv_fatal_error(GetLastError(), "GetModuleHandleA");
58  }
59 
60  pRtlGetVersion = (sRtlGetVersion) GetProcAddress(ntdll_module,
61  "RtlGetVersion");
62 
63  pRtlNtStatusToDosError = (sRtlNtStatusToDosError) GetProcAddress(
64  ntdll_module,
65  "RtlNtStatusToDosError");
66  if (pRtlNtStatusToDosError == NULL) {
67  uv_fatal_error(GetLastError(), "GetProcAddress");
68  }
69 
70  pNtDeviceIoControlFile = (sNtDeviceIoControlFile) GetProcAddress(
71  ntdll_module,
72  "NtDeviceIoControlFile");
73  if (pNtDeviceIoControlFile == NULL) {
74  uv_fatal_error(GetLastError(), "GetProcAddress");
75  }
76 
77  pNtQueryInformationFile = (sNtQueryInformationFile) GetProcAddress(
78  ntdll_module,
79  "NtQueryInformationFile");
80  if (pNtQueryInformationFile == NULL) {
81  uv_fatal_error(GetLastError(), "GetProcAddress");
82  }
83 
84  pNtSetInformationFile = (sNtSetInformationFile) GetProcAddress(
85  ntdll_module,
86  "NtSetInformationFile");
87  if (pNtSetInformationFile == NULL) {
88  uv_fatal_error(GetLastError(), "GetProcAddress");
89  }
90 
91  pNtQueryVolumeInformationFile = (sNtQueryVolumeInformationFile)
92  GetProcAddress(ntdll_module, "NtQueryVolumeInformationFile");
93  if (pNtQueryVolumeInformationFile == NULL) {
94  uv_fatal_error(GetLastError(), "GetProcAddress");
95  }
96 
97  pNtQueryDirectoryFile = (sNtQueryDirectoryFile)
98  GetProcAddress(ntdll_module, "NtQueryDirectoryFile");
99  if (pNtQueryVolumeInformationFile == NULL) {
100  uv_fatal_error(GetLastError(), "GetProcAddress");
101  }
102 
103  pNtQuerySystemInformation = (sNtQuerySystemInformation) GetProcAddress(
104  ntdll_module,
105  "NtQuerySystemInformation");
106  if (pNtQuerySystemInformation == NULL) {
107  uv_fatal_error(GetLastError(), "GetProcAddress");
108  }
109 
110  pNtQueryInformationProcess = (sNtQueryInformationProcess) GetProcAddress(
111  ntdll_module,
112  "NtQueryInformationProcess");
113  if (pNtQueryInformationProcess == NULL) {
114  uv_fatal_error(GetLastError(), "GetProcAddress");
115  }
116 
117  kernel32_module = GetModuleHandleA("kernel32.dll");
118  if (kernel32_module == NULL) {
119  uv_fatal_error(GetLastError(), "GetModuleHandleA");
120  }
121 
122  pGetQueuedCompletionStatusEx = (sGetQueuedCompletionStatusEx) GetProcAddress(
123  kernel32_module,
124  "GetQueuedCompletionStatusEx");
125 
126  powrprof_module = LoadLibraryA("powrprof.dll");
127  if (powrprof_module != NULL) {
128  pPowerRegisterSuspendResumeNotification = (sPowerRegisterSuspendResumeNotification)
129  GetProcAddress(powrprof_module, "PowerRegisterSuspendResumeNotification");
130  }
131 
132  user32_module = LoadLibraryA("user32.dll");
133  if (user32_module != NULL) {
134  pSetWinEventHook = (sSetWinEventHook)
135  GetProcAddress(user32_module, "SetWinEventHook");
136  }
137 }
NULL
#define NULL
Definition: cris-opc.c:27
uv_fatal_error
void uv_fatal_error(const int errorno, const char *syscall)
Definition: error.c:35
pNtQueryVolumeInformationFile
sNtQueryVolumeInformationFile pNtQueryVolumeInformationFile
Definition: winapi.c:34
pNtQueryDirectoryFile
sNtQueryDirectoryFile pNtQueryDirectoryFile
Definition: winapi.c:35
pNtQueryInformationProcess
sNtQueryInformationProcess pNtQueryInformationProcess
Definition: winapi.c:37
pGetQueuedCompletionStatusEx
sGetQueuedCompletionStatusEx pGetQueuedCompletionStatusEx
Definition: winapi.c:40
pNtDeviceIoControlFile
sNtDeviceIoControlFile pNtDeviceIoControlFile
Definition: winapi.c:31
pRtlGetVersion
sRtlGetVersion pRtlGetVersion
Definition: winapi.c:29
uv_winapi_init
void uv_winapi_init(void)
Definition: winapi.c:49
pNtSetInformationFile
sNtSetInformationFile pNtSetInformationFile
Definition: winapi.c:33
pNtQueryInformationFile
sNtQueryInformationFile pNtQueryInformationFile
Definition: winapi.c:32
pSetWinEventHook
sSetWinEventHook pSetWinEventHook
Definition: winapi.c:46
pRtlNtStatusToDosError
sRtlNtStatusToDosError pRtlNtStatusToDosError
Definition: winapi.c:30
pNtQuerySystemInformation
sNtQuerySystemInformation pNtQuerySystemInformation
Definition: winapi.c:36
pPowerRegisterSuspendResumeNotification
sPowerRegisterSuspendResumeNotification pPowerRegisterSuspendResumeNotification
Definition: winapi.c:43
sSetWinEventHook
HWINEVENTHOOK(WINAPI * sSetWinEventHook)(UINT eventMin, UINT eventMax, HMODULE hmodWinEventProc, WINEVENTPROC lpfnWinEventProc, DWORD idProcess, DWORD idThread, UINT dwflags)
Definition: winapi.h:4721
sGetQueuedCompletionStatusEx
BOOL(WINAPI * sGetQueuedCompletionStatusEx)(HANDLE CompletionPort, LPOVERLAPPED_ENTRY lpCompletionPortEntries, ULONG ulCount, PULONG ulNumEntriesRemoved, DWORD dwMilliseconds, BOOL fAlertable)
Definition: winapi.h:4670
sNtSetInformationFile
NTSTATUS(NTAPI * sNtSetInformationFile)(HANDLE FileHandle, PIO_STATUS_BLOCK IoStatusBlock, PVOID FileInformation, ULONG Length, FILE_INFORMATION_CLASS FileInformationClass)
Definition: winapi.h:4559
sRtlGetVersion
NTSTATUS(NTAPI * sRtlGetVersion)(PRTL_OSVERSIONINFOW lpVersionInformation)
Definition: winapi.h:4534
sNtQueryInformationProcess
NTSTATUS(NTAPI * sNtQueryInformationProcess)(HANDLE ProcessHandle, UINT ProcessInformationClass, PVOID ProcessInformation, ULONG Length, PULONG ReturnLength)
Definition: winapi.h:4593
sRtlNtStatusToDosError
ULONG(NTAPI * sRtlNtStatusToDosError)(NTSTATUS Status)
Definition: winapi.h:4537
sNtQueryInformationFile
NTSTATUS(NTAPI * sNtQueryInformationFile)(HANDLE FileHandle, PIO_STATUS_BLOCK IoStatusBlock, PVOID FileInformation, ULONG Length, FILE_INFORMATION_CLASS FileInformationClass)
Definition: winapi.h:4552
sPowerRegisterSuspendResumeNotification
DWORD(WINAPI * sPowerRegisterSuspendResumeNotification)(DWORD Flags, HANDLE Recipient, _PHPOWERNOTIFY RegistrationHandle)
Definition: winapi.h:4706
sNtQueryVolumeInformationFile
NTSTATUS(NTAPI * sNtQueryVolumeInformationFile)(HANDLE FileHandle, PIO_STATUS_BLOCK IoStatusBlock, PVOID FsInformation, ULONG Length, FS_INFORMATION_CLASS FsInformationClass)
Definition: winapi.h:4566
sNtQueryDirectoryFile
NTSTATUS(NTAPI * sNtQueryDirectoryFile)(HANDLE FileHandle, HANDLE Event, PIO_APC_ROUTINE ApcRoutine, PVOID ApcContext, PIO_STATUS_BLOCK IoStatusBlock, PVOID FileInformation, ULONG Length, FILE_INFORMATION_CLASS FileInformationClass, BOOLEAN ReturnSingleEntry, PUNICODE_STRING FileName, BOOLEAN RestartScan)
Definition: winapi.h:4579
sNtDeviceIoControlFile
NTSTATUS(NTAPI * sNtDeviceIoControlFile)(HANDLE FileHandle, HANDLE Event, PIO_APC_ROUTINE ApcRoutine, PVOID ApcContext, PIO_STATUS_BLOCK IoStatusBlock, ULONG IoControlCode, PVOID InputBuffer, ULONG InputBufferLength, PVOID OutputBuffer, ULONG OutputBufferLength)
Definition: winapi.h:4540
sNtQuerySystemInformation
NTSTATUS(NTAPI * sNtQuerySystemInformation)(UINT SystemInformationClass, PVOID SystemInformation, ULONG SystemInformationLength, PULONG ReturnLength)
Definition: winapi.h:4573