/* ----------------------------------------------------------------------------------------------------------------- */ /* inline functions which mask real system functions /* ----------------------------------------------------------------------------------------------------------------- */ #include #ifndef _PTCFCTS_H_ /* {*/ #define _PTCFCTS_H_ #ifdef PTC_SYSTEM_ACTIVED /* {*/ /* ----------------------------------------------------------------------------------------------------------------- */ /* ----------------------------------------------------------------------------------------------------------------- */ /* ----------------------------------------------------------------------------------------------------------------- */ /* ----------------------------------------------------------------------------------------------------------------- */ /* ----------------------------------------------------------------------------------------------------------------- */ /* ---------------- */ /* random functions */ /* ---------------- */ __inline long PTC_fn_lGetRandom() { long lTmp; PTC_g_lCurrentRandom ^= 123459876; lTmp = PTC_g_lCurrentRandom / 127773; PTC_g_lCurrentRandom = 16807 * (PTC_g_lCurrentRandom - lTmp * 127773) - 2836 * lTmp; if (PTC_g_lCurrentRandom < 0) PTC_g_lCurrentRandom += 2147483647; return PTC_g_lCurrentRandom; } __inline long PTC_fn_lGetRandomRange(long _lMin , long _lMax) { /* ANNECY OA - 20/07/99 { */ if (_lMin != _lMax) return (_lMin + (PTC_fn_lGetRandom() % (_lMax - _lMin))); else return _lMax; /* END ANNECY OA } */ } /* ----------------------------------------------------------------------------------------------------------------- */ /* ----------------------------------------------------------------------------------------------------------------- */ /* ----------------------------------------------------------------------------------------------------------------- */ /* ----------------------------------------------------------------------------------------------------------------- */ /* ----------------------------------------------------------------------------------------------------------------- */ /* Macro to create dynamical code for calling system functions */ /* -------------------- */ /* Compute BufferUpdate */ /* -------------------- */ __inline DWORD PTC_fn_dwGetAddressOfBuffer() { return (DWORD)(PTC_ga_cGeneratedCode + PTC_fn_lGetRandomRange(0 , PTC_C_CODESIZE - 15)); } #define PTC_M_EndGeneratedCode(dwBeginAddress)\ {\ char *p_cBegin = (char*)dwBeginAddress;\ char *p_cEnd = p_cBegin + 15;\ while(p_cBegin < p_cEnd) *p_cBegin++ = (char)PTC_fn_lGetRandomRange(0,255);\ } /* ----------------------- */ /* jmp indirect : 12 bytes */ /* ----------------------- */ //#define PTC_M_IndirectJmp(IndexFunctionPtr,lOffset)\ //{\ // PTC_ga_cGeneratedCode [lOffset + 0] = (char) 0xA1;\ // *((DWORD*)&PTC_ga_cGeneratedCode [lOffset + 1]) = (DWORD) &(PTC_ga_stImportedFunctions [IndexFunctionPtr] . dwAddress);\ // PTC_ga_cGeneratedCode [lOffset + 5] = (char) 0x33;\ // PTC_ga_cGeneratedCode [lOffset + 6] = (char) 0x05;\ // *((DWORD*)&PTC_ga_cGeneratedCode [lOffset + 7]) = (DWORD) (PTC_ga_stImportedFunctions [IndexFunctionPtr] . szName);\ // PTC_ga_cGeneratedCode [lOffset + 11] = (char) 0xFF;\ // PTC_ga_cGeneratedCode [lOffset + 12] = (char) 0xE0;\ // PTC_FlushInstructionCache (PTC_GetCurrentProcess () , PTC_ga_cGeneratedCode , PTC_C_CODESIZE);\ //} #define PTC_M_IndirectJmp2(IndexFunctionPtr,dwBeginAddress)\ {\ char *p_cBeginOfCode = (char*) (dwBeginAddress);\ *p_cBeginOfCode = (char) 0xA1;\ *((DWORD*)(p_cBeginOfCode + 1)) = (DWORD) &(PTC_ga_stImportedFunctions [IndexFunctionPtr] . dwAddress);\ *(p_cBeginOfCode + 5) = (char) 0x33;\ *(p_cBeginOfCode + 6) = (char) 0x05;\ *((DWORD*)(p_cBeginOfCode + 7)) = (DWORD) (PTC_ga_stImportedFunctions [IndexFunctionPtr] . szName);\ *(p_cBeginOfCode + 11) = (char) 0xFF;\ *(p_cBeginOfCode + 12) = (char) 0xE0;\ PTC_FlushInstructionCache (PTC_GetCurrentProcess () , PTC_ga_cGeneratedCode , PTC_C_CODESIZE);\ } /* ---------------------- */ /* jmp direct : 5 bytes */ /* ---------------------- */ //#define PTC_M_DirectJmp(IndexFunctionPtr,lOffset)\ //{\ // PTC_ga_cGeneratedCode [lOffset + 0] = (char) 0xE9;\ // *((DWORD*)&PTC_ga_cGeneratedCode [lOffset + 1]) = (DWORD) ((PTC_ga_stImportedFunctions [IndexFunctionPtr] . dwAddress ^ *((DWORD*)(PTC_ga_stImportedFunctions [IndexFunctionPtr] . szName)))- (DWORD) (PTC_ga_cGeneratedCode + lOffset + 5));\ // PTC_FlushInstructionCache (PTC_GetCurrentProcess () , PTC_ga_cGeneratedCode , PTC_C_CODESIZE);\ //} #define PTC_M_DirectJmp2(IndexFunctionPtr,dwBeginAddress)\ {\ char *p_cBeginOfCode = (char*) (dwBeginAddress);\ *p_cBeginOfCode = (char) 0xE9;\ *((DWORD*)(p_cBeginOfCode + 1)) = (DWORD) ((PTC_ga_stImportedFunctions [IndexFunctionPtr] . dwAddress ^ *((DWORD*)(PTC_ga_stImportedFunctions [IndexFunctionPtr] . szName)))- (DWORD) (p_cBeginOfCode + 5));\ PTC_FlushInstructionCache (PTC_GetCurrentProcess () , PTC_ga_cGeneratedCode , PTC_C_CODESIZE);\ } /* --------------------------- */ /* push direct + ret : 6 bytes */ /* --------------------------- */ //#define PTC_M_DirectPush(IndexFunctionPtr,lOffset)\ //{\ // PTC_ga_cGeneratedCode [lOffset + 0] = (char) 0x68;\ // *((DWORD*)&PTC_ga_cGeneratedCode [lOffset + 1]) = (DWORD) ((PTC_ga_stImportedFunctions [IndexFunctionPtr] . dwAddress ^ *((DWORD*)(PTC_ga_stImportedFunctions [IndexFunctionPtr] . szName))));\ // PTC_ga_cGeneratedCode [lOffset + 5] = (char) 0xC3;\ // PTC_FlushInstructionCache (PTC_GetCurrentProcess () , PTC_ga_cGeneratedCode , PTC_C_CODESIZE);\ //} #define PTC_M_DirectPush2(IndexFunctionPtr,dwBeginAddress)\ {\ char *p_cBeginOfCode = (char*) (dwBeginAddress);\ *p_cBeginOfCode = (char) 0x68;\ *((DWORD*)(p_cBeginOfCode + 1)) = (DWORD) ((PTC_ga_stImportedFunctions [IndexFunctionPtr] . dwAddress ^ *((DWORD*)(PTC_ga_stImportedFunctions [IndexFunctionPtr] . szName))));\ *(p_cBeginOfCode + 5) = (char) 0xC3;\ PTC_FlushInstructionCache (PTC_GetCurrentProcess () , PTC_ga_cGeneratedCode , PTC_C_CODESIZE);\ } /* ------------------------------ */ /* push indirect + ret : 12 bytes */ /* ------------------------------ */ //#define PTC_M_IndirectPush(IndexFunctionPtr,lOffset)\ //{\ // PTC_ga_cGeneratedCode [lOffset + 0] = (char) 0xA1;\ // *((DWORD*)&PTC_ga_cGeneratedCode [lOffset + 1]) = (DWORD) &(PTC_ga_stImportedFunctions [IndexFunctionPtr] . dwAddress);\ // PTC_ga_cGeneratedCode [lOffset + 5] = (char) 0x33;\ // PTC_ga_cGeneratedCode [lOffset + 6] = (char) 0x05;\ // *((DWORD*)&PTC_ga_cGeneratedCode [lOffset + 7]) = (DWORD) (PTC_ga_stImportedFunctions [IndexFunctionPtr] . szName);\ // PTC_ga_cGeneratedCode [lOffset + 11] = (char) 0x50;\ // PTC_ga_cGeneratedCode [lOffset + 12] = (char) 0xC3;\ // PTC_FlushInstructionCache (PTC_GetCurrentProcess () , PTC_ga_cGeneratedCode , PTC_C_CODESIZE);\ //} #define PTC_M_IndirectPush2(IndexFunctionPtr,dwBeginAddress)\ {\ char *p_cBeginOfCode = (char*) (dwBeginAddress);\ *p_cBeginOfCode = (char) 0xA1;\ *((DWORD*)(p_cBeginOfCode + 1)) = (DWORD) &(PTC_ga_stImportedFunctions [IndexFunctionPtr] . dwAddress);\ *(p_cBeginOfCode + 5) = (char) 0x33;\ *(p_cBeginOfCode + 6) = (char) 0x05;\ *((DWORD*)(p_cBeginOfCode + 7)) = (DWORD) (PTC_ga_stImportedFunctions [IndexFunctionPtr] . szName);\ *(p_cBeginOfCode + 11) = (char) 0x50;\ *(p_cBeginOfCode + 12) = (char) 0xC3;\ PTC_FlushInstructionCache (PTC_GetCurrentProcess () , PTC_ga_cGeneratedCode , PTC_C_CODESIZE);\ } /* ----------------------------------------------------------------------------------------------------------------- */ /* ----------------------------------------------------------------------------------------------------------------- */ /* ----------------------------------------------------------------------------------------------------------------- */ /* ----------------------------------------------------------------------------------------------------------------- */ /* System functions redefinition */ #pragma warning( disable : 4055) /* --------------------- */ /* FlushInstructionCache */ /* --------------------- */ typedef BOOL (WINAPI *PTC_tdFlushInstructionCacheFunctionPtr) (HANDLE hProcess, LPCVOID lpBaseAddress, DWORD dwSize); __inline BOOL WINAPI PTC_FlushInstructionCache(HANDLE hProcess, LPCVOID lpBaseAddress, DWORD dwSize) { DWORD dwAddress = PTC_ga_stImportedFunctions [PTC_C_FlushInstructionCacheIndex] . dwAddress; DWORD dwKey = *((DWORD*) PTC_ga_stImportedFunctions [PTC_C_FlushInstructionCacheIndex] . szName); return (((PTC_tdFlushInstructionCacheFunctionPtr)(dwAddress ^ dwKey)) (hProcess , lpBaseAddress , dwSize)); } /* ----------------- */ /* GetCurrentProcess */ /* ----------------- */ typedef HANDLE (WINAPI *PTC_tdGetCurrentProcessFunctionPtr)(VOID); __inline HANDLE WINAPI PTC_GetCurrentProcess(VOID) { DWORD dwAddress = PTC_ga_stImportedFunctions [PTC_C_GetCurrentProcessIndex] . dwAddress; DWORD dwKey = *((DWORD*) PTC_ga_stImportedFunctions [PTC_C_GetCurrentProcessIndex] . szName); return (((PTC_tdGetCurrentProcessFunctionPtr)(dwAddress ^ dwKey)) ()); } /* ----------------------------------------------------------------------------------------------------------------- */ /* --------------- */ /* GetModuleHandle */ /* --------------- */ typedef HMODULE (WINAPI *PTC_tdGetModuleHandle)(LPCTSTR lpModuleName); __inline HMODULE WINAPI PTC_GetModuleHandle(LPCTSTR lpModuleName) { HMODULE hResult; DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); PTC_M_IndirectJmp2(PTC_C_GetModuleHandleIndex , dwAddress); hResult = (((PTC_tdGetModuleHandle) dwAddress) (lpModuleName)); PTC_M_EndGeneratedCode(dwAddress); return hResult; } __inline HMODULE WINAPI PTC_DirectGetModuleHandle(LPCTSTR lpModuleName) { DWORD dwAddress = PTC_ga_stImportedFunctions [PTC_C_GetModuleHandleIndex] . dwAddress; DWORD dwKey = *((DWORD*) PTC_ga_stImportedFunctions [PTC_C_GetModuleHandleIndex] . szName); return (((PTC_tdGetModuleHandle)(dwAddress ^ dwKey)) (lpModuleName)); } /* ------------------------- */ /* QueryPerformanceFrequency */ /* ------------------------- */ typedef BOOL (WINAPI *PTC_tdQueryPerformanceFrequencyFunctionPtr)(LARGE_INTEGER *lpFrequency); __inline BOOL WINAPI PTC_QueryPerformanceFrequency(LARGE_INTEGER *lpFrequency) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_IndirectJmp2(PTC_C_QueryPerformanceFrequencyIndex , dwAddress); bResult = (((PTC_tdQueryPerformanceFrequencyFunctionPtr) dwAddress) (lpFrequency)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ---------- */ /* OpenEventA */ /* ---------- */ typedef HANDLE (WINAPI *PTC_tdOpenEventFunctionPtr)(DWORD dwDesiredAccess, BOOL bInheritHandle, LPCTSTR lpName); __inline HANDLE PTC_OpenEvent(DWORD dwDesiredAccess, BOOL bInheritHandle, LPCTSTR lpName) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); HANDLE hResult; PTC_M_DirectJmp2(PTC_C_OpenEventIndex , dwAddress); hResult = (((PTC_tdOpenEventFunctionPtr) dwAddress) (dwDesiredAccess, bInheritHandle, lpName)); PTC_M_EndGeneratedCode(dwAddress); return hResult; } /* ------------ */ /* CreateEventA */ /* ------------ */ typedef HANDLE (WINAPI *PTC_tdCreateEventFunctionPtr)(LPSECURITY_ATTRIBUTES lpEventAttributes, BOOL bManualReset, BOOL bInitialState, LPCTSTR lpName); __inline HANDLE WINAPI PTC_CreateEvent(LPSECURITY_ATTRIBUTES lpEventAttributes, BOOL bManualReset, BOOL bInitialState, LPCTSTR lpName) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); HANDLE hResult; PTC_M_DirectPush2(PTC_C_CreateEventIndex , dwAddress); hResult = (((PTC_tdCreateEventFunctionPtr) dwAddress) (lpEventAttributes, bManualReset, bInitialState, lpName)); PTC_M_EndGeneratedCode(dwAddress); return hResult; } /* ---------- */ /* ResetEvent */ /* ---------- */ typedef BOOL (WINAPI *PTC_tdResetEventFunctionPtr)(HANDLE hEvent); __inline BOOL PTC_ResetEvent(HANDLE hEvent) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_IndirectJmp2(PTC_C_ResetEventIndex , dwAddress); bResult = (((PTC_tdResetEventFunctionPtr) dwAddress) (hEvent)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* -------- */ /* SetEvent */ /* -------- */ typedef BOOL (WINAPI *PTC_tdSetEventFunctionPtr)(HANDLE hEvent); __inline BOOL PTC_SetEvent(HANDLE hEvent) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_IndirectJmp2(PTC_C_SetEventIndex , dwAddress); bResult = (((PTC_tdSetEventFunctionPtr) dwAddress) (hEvent)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ---------- */ /* CreateFile */ /* ---------- */ typedef HANDLE (WINAPI *PTC_tdCreateFileFunctionPtr)(LPCTSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDistribution, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile); __inline HANDLE WINAPI PTC_CreateFile(LPCTSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDistribution, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); HANDLE hResult; PTC_M_IndirectJmp2(PTC_C_CreateFileIndex , dwAddress); hResult = (((PTC_tdCreateFileFunctionPtr) dwAddress) (lpFileName, dwDesiredAccess, dwShareMode, lpSecurityAttributes, dwCreationDistribution, dwFlagsAndAttributes, hTemplateFile)); PTC_M_EndGeneratedCode(dwAddress); return hResult; } /* --------- */ /* WriteFile */ /* --------- */ typedef BOOL (WINAPI *PTC_tdWriteFileFunctionPtr)(HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite, LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped); __inline BOOL WINAPI PTC_WriteFile (HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite, LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_IndirectJmp2(PTC_C_WriteFileIndex , dwAddress); bResult = (((PTC_tdWriteFileFunctionPtr) dwAddress) (hFile, lpBuffer, nNumberOfBytesToWrite,lpNumberOfBytesWritten,lpOverlapped)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* -------- */ /* ReadFile */ /* -------- */ typedef BOOL (WINAPI *PTC_tdReadFileFunctionPtr)(HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToRead, LPDWORD lpNumberOfBytesRead, LPOVERLAPPED lpOverlapped); __inline BOOL WINAPI PTC_ReadFile (HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToRead, LPDWORD lpNumberOfBytesRead, LPOVERLAPPED lpOverlapped) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_IndirectPush2(PTC_C_ReadFileIndex , dwAddress); bResult = (((PTC_tdReadFileFunctionPtr) dwAddress) (hFile, lpBuffer, nNumberOfBytesToRead,lpNumberOfBytesRead,lpOverlapped)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ----------- */ /* CloseHandle */ /* ----------- */ typedef BOOL (WINAPI *PTC_tdCloseHandleFunctionPtr)(HANDLE hObject); __inline BOOL WINAPI PTC_CloseHandle(HANDLE hObject) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_DirectPush2(PTC_C_CloseHandleIndex , dwAddress); bResult = (((PTC_tdCloseHandleFunctionPtr) dwAddress) (hObject)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* -------------- */ /* SetFilePointer */ /* -------------- */ typedef DWORD (WINAPI *PTC_tdSetFilePointerFunctionPtr)(HANDLE hFile, LONG lDistanceToMove, PLONG lpDistanceToMoveHigh, DWORD dwMoveMethod); __inline DWORD WINAPI PTC_SetFilePointer(HANDLE hFile, LONG lDistanceToMove, PLONG lpDistanceToMoveHigh, DWORD dwMoveMethod) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); DWORD dwResult; PTC_M_IndirectPush2(PTC_C_SetFilePointerIndex , dwAddress); dwResult = (((PTC_tdSetFilePointerFunctionPtr) dwAddress) (hFile, lDistanceToMove, lpDistanceToMoveHigh, dwMoveMethod)); PTC_M_EndGeneratedCode(dwAddress); return dwResult; } /* ---------------- */ /* FlushFileBuffers */ /* ---------------- */ typedef BOOL (WINAPI *PTC_tdFlushFileBuffersFunctionPtr)(HANDLE hObject); __inline BOOL WINAPI PTC_FlushFileBuffers(HANDLE hObject) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_DirectPush2(PTC_C_FlushFileBuffersIndex , dwAddress); bResult = (((PTC_tdFlushFileBuffersFunctionPtr) dwAddress) (hObject)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ----------------------- */ /* QueryPerformanceCounter */ /* ----------------------- */ typedef BOOL (WINAPI *PTC_tdQueryPerformanceCounterFunctionPtr)(LARGE_INTEGER *lpFrequency); __inline BOOL WINAPI PTC_QueryPerformanceCounter(LARGE_INTEGER *lpFrequency) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_IndirectJmp2(PTC_C_QueryPerformanceCounterIndex , dwAddress); bResult = (((PTC_tdQueryPerformanceCounterFunctionPtr) dwAddress) (lpFrequency)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ------------ */ /* GetDriveType */ /* ------------ */ typedef UINT (WINAPI *PTC_tdGetDriveTypeFunctionPtr)(LPCTSTR lpRootPathName); __inline UINT WINAPI PTC_GetDriveType(LPCTSTR lpRootPathName) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); UINT uiResult; PTC_M_IndirectJmp2(PTC_C_GetDriveTypeIndex , dwAddress); uiResult = (((PTC_tdGetDriveTypeFunctionPtr) dwAddress) (lpRootPathName)); PTC_M_EndGeneratedCode(dwAddress); return uiResult; } /* -------------------- */ /* GetVolumeInformation */ /* -------------------- */ typedef BOOL (WINAPI *PTC_tdGetVolumeInformationFunctionPtr)(LPCTSTR lpRootPathName, LPTSTR lpVolumeNameBuffer, DWORD nVolumeNameSize, LPDWORD lpVolumeSerialNumber, LPDWORD lpMaximumComponentLength, LPDWORD lpFileSystemFlags, LPTSTR lpFileSystemNameBuffer, DWORD nFileSystemNameSize); __inline BOOL WINAPI PTC_GetVolumeInformation(LPCTSTR lpRootPathName, LPTSTR lpVolumeNameBuffer, DWORD nVolumeNameSize, LPDWORD lpVolumeSerialNumber, LPDWORD lpMaximumComponentLength,LPDWORD lpFileSystemFlags, LPTSTR lpFileSystemNameBuffer, DWORD nFileSystemNameSize) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_IndirectPush2(PTC_C_GetVolumeInformationIndex , dwAddress); bResult = (((PTC_tdGetVolumeInformationFunctionPtr) dwAddress) (lpRootPathName, lpVolumeNameBuffer, nVolumeNameSize, lpVolumeSerialNumber, lpMaximumComponentLength, lpFileSystemFlags, lpFileSystemNameBuffer, nFileSystemNameSize)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ---------------------- */ /* GetLogicalDriveStrings */ /* ---------------------- */ typedef DWORD (WINAPI *PTC_tdGetLogicalDriveStringsFunctionPtr)(DWORD nBufferLength, LPTSTR lpBuffer); __inline DWORD WINAPI PTC_GetLogicalDriveStrings(DWORD nBufferLength, LPTSTR lpBuffer) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); DWORD dwResult; PTC_M_IndirectPush2(PTC_C_GetLogicalDriveStringsIndex , dwAddress); dwResult = (((PTC_tdGetLogicalDriveStringsFunctionPtr) dwAddress) (nBufferLength, lpBuffer)); PTC_M_EndGeneratedCode(dwAddress); return dwResult; } /* GetModuleFileName */ /* ----------- */ /* GetFileSize */ /* ----------- */ typedef DWORD (WINAPI *PTC_tdGetFileSizeFunctionPtr)(HANDLE hFile, LPDWORD lpFileSizeHigh); __inline DWORD WINAPI PTC_GetFileSize(HANDLE hFile, LPDWORD lpFileSizeHigh) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); DWORD dwResult; PTC_M_DirectPush2(PTC_C_GetFileSizeIndex , dwAddress); dwResult = (((PTC_tdGetFileSizeFunctionPtr) dwAddress) (hFile, lpFileSizeHigh)); PTC_M_EndGeneratedCode(dwAddress); return dwResult; } /* ------------------------ */ /* CreateToolhelp32Snapshot */ /* ------------------------ */ typedef HANDLE (WINAPI * PTC_tdCreateToolhelp32SnapshotFunctionPtr)(DWORD dwFlags, DWORD th32ProcessID); __inline HANDLE WINAPI PTC_CreateToolhelp32Snapshot(DWORD dwFlags, DWORD th32ProcessID) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); HANDLE hResult; PTC_M_IndirectJmp2(PTC_C_CreateToolhelp32SnapshotIndex , dwAddress); hResult = (((PTC_tdCreateToolhelp32SnapshotFunctionPtr) dwAddress) (dwFlags, th32ProcessID)); PTC_M_EndGeneratedCode(dwAddress); return hResult; } /* -------------- */ /* Process32First */ /* -------------- */ typedef BOOL (WINAPI * PTC_tdProcess32FirstFunctionPtr)(HANDLE hSnapshot, LPPROCESSENTRY32 lppe); __inline BOOL WINAPI PTC_Process32First(HANDLE hSnapshot, LPPROCESSENTRY32 lppe) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_DirectJmp2(PTC_C_Process32FirstIndex , dwAddress); bResult = (((PTC_tdProcess32FirstFunctionPtr) dwAddress) (hSnapshot, lppe)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ------------- */ /* Process32Next */ /* ------------- */ typedef BOOL (WINAPI * PTC_tdProcess32NextFunctionPtr)(HANDLE hSnapshot, LPPROCESSENTRY32 lppe); __inline BOOL WINAPI PTC_Process32Next(HANDLE hSnapshot, LPPROCESSENTRY32 lppe) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_DirectJmp2(PTC_C_Process32NextIndex , dwAddress); bResult = (((PTC_tdProcess32NextFunctionPtr) dwAddress) (hSnapshot, lppe)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ------------- */ /* Module32First */ /* ------------- */ typedef BOOL (WINAPI * PTC_tdModule32FirstFunctionPtr)(HANDLE hSnapshot, LPMODULEENTRY32 lpme); __inline BOOL WINAPI PTC_Module32First(HANDLE hSnapshot, LPMODULEENTRY32 lpme) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_DirectJmp2(PTC_C_Module32FirstIndex , dwAddress); bResult = (((PTC_tdModule32FirstFunctionPtr) dwAddress) (hSnapshot, lpme)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ------------ */ /* Module32Next */ /* ------------ */ typedef BOOL (WINAPI * PTC_tdModule32NextFunctionPtr)(HANDLE hSnapshot, LPMODULEENTRY32 lpme); __inline BOOL WINAPI PTC_Module32Next(HANDLE hSnapshot, LPMODULEENTRY32 lpme) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_DirectJmp2(PTC_C_Module32NextIndex , dwAddress); bResult = (((PTC_tdModule32NextFunctionPtr) dwAddress) (hSnapshot, lpme)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ------------- */ /* EnumProcesses */ /* ------------- */ typedef BOOL (WINAPI * PTC_tdEnumProcessesFunctionPtr)(DWORD * lpidProcess,DWORD cb,DWORD * cbNeeded); __inline BOOL WINAPI PTC_EnumProcesses(DWORD * lpidProcess,DWORD cb,DWORD * cbNeeded) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_IndirectJmp2(PTC_C_EnumProcessesIndex , dwAddress); bResult = (((PTC_tdEnumProcessesFunctionPtr) dwAddress) (lpidProcess, cb, cbNeeded)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ------------------ */ /* EnumProcessModules */ /* ------------------ */ typedef BOOL (WINAPI * PTC_tdEnumProcessModulesFunctionPtr)(HANDLE hProcess,HMODULE *lphModule,DWORD cb,LPDWORD lpcbNeeded); __inline BOOL WINAPI PTC_EnumProcessModules(HANDLE hProcess,HMODULE *lphModule,DWORD cb,LPDWORD lpcbNeeded) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_IndirectPush2(PTC_C_EnumProcessModulesIndex , dwAddress); bResult = (((PTC_tdEnumProcessModulesFunctionPtr) dwAddress) (hProcess, lphModule, cb, lpcbNeeded)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ----------- */ /* LoadLibrary */ /* ----------- */ typedef HINSTANCE (WINAPI *PTC_tdLoadLibraryFunctionPtr)(LPCTSTR lpLibFileName); __inline HINSTANCE WINAPI PTC_LoadLibrary(LPCTSTR lpLibFileName) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); HINSTANCE hResult; PTC_M_IndirectJmp2(PTC_C_LoadLibraryIndex , dwAddress); hResult = (((PTC_tdLoadLibraryFunctionPtr) (dwAddress)) (lpLibFileName)); PTC_M_EndGeneratedCode(dwAddress); return hResult; } /* ----------- */ /* FreeLibrary */ /* ----------- */ typedef BOOL (WINAPI *PTC_tdFreeLibraryFunctionPtr)(HMODULE hLibModule); __inline BOOL WINAPI PTC_FreeLibrary(HMODULE hLibModule) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_DirectJmp2(PTC_C_FreeLibraryIndex , dwAddress); bResult = (((PTC_tdFreeLibraryFunctionPtr) dwAddress) (hLibModule)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ANNECY OA - 21/07/99 { */ /* ---------------- */ /* GetDiskFreeSpace */ /* ---------------- */ typedef BOOL (WINAPI *PTC_GetDiskFreeSpaceFunctionPtr)(LPCTSTR lpszFileName, LPDWORD lpSectorsPerCluster, LPDWORD lpBytesPerSector, LPDWORD lpFreeClusters, LPDWORD lpClusters); __inline BOOL WINAPI PTC_GetDiskFreeSpace(LPCTSTR lpszFileName, LPDWORD lpSectorsPerCluster, LPDWORD lpBytesPerSector, LPDWORD lpFreeClusters, LPDWORD lpClusters) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_IndirectJmp2(PTC_C_GetDiskFreeSpaceIndex , dwAddress); bResult = (((PTC_GetDiskFreeSpaceFunctionPtr) dwAddress) (lpszFileName, lpSectorsPerCluster, lpBytesPerSector, lpFreeClusters, lpClusters)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ---------------- */ /* SetFileAttributs */ /* ---------------- */ typedef BOOL (WINAPI *PTC_SetFileAttributsFunctionPtr)(LPCTSTR lpszFileName, DWORD dwFileAttributes); __inline BOOL WINAPI PTC_SetFileAttributs(LPCTSTR lpszFileName, DWORD dwFileAttributes) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_DirectJmp2(PTC_C_SetFileAttributsIndex , dwAddress); bResult = (((PTC_SetFileAttributsFunctionPtr) dwAddress) (lpszFileName, dwFileAttributes)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ---------------- */ /* GetFileAttributs */ /* ---------------- */ typedef BOOL (WINAPI *PTC_GetFileAttributsFunctionPtr)(LPCTSTR lpszFileName); __inline BOOL WINAPI PTC_GetFileAttributs(LPCTSTR lpszFileName) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_DirectPush2(PTC_C_GetFileAttributsIndex , dwAddress); bResult = (((PTC_GetFileAttributsFunctionPtr) dwAddress) (lpszFileName)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* -------------------------- */ /* GetFileInformationByHandle */ /* -------------------------- */ typedef BOOL (WINAPI *PTC_GetFileInformationByHandleFunctionPtr)(HANDLE hFile, LPBY_HANDLE_FILE_INFORMATION lpFileInformation); __inline BOOL WINAPI PTC_GetFileInformationByHandle(HANDLE hFile, LPBY_HANDLE_FILE_INFORMATION lpFileInformation) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_DirectPush2(PTC_C_GetFileInformationByHandleIndex , dwAddress); bResult = (((PTC_GetFileInformationByHandleFunctionPtr) dwAddress) (hFile, lpFileInformation)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ------------ */ /* SetErrorMode */ /* ------------ */ typedef UINT (WINAPI *PTC_SetErrorModeFunctionPtr)(UINT uNewErrorMode); __inline UINT WINAPI PTC_SetErrorMode(UINT uNewErrorMode) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); UINT uiResult; PTC_M_DirectPush2(PTC_C_SetErrorModeIndex , dwAddress); uiResult = (((PTC_SetErrorModeFunctionPtr) dwAddress) (uNewErrorMode)); PTC_M_EndGeneratedCode(dwAddress); return uiResult; } /* ------------ */ /* SetFileTime */ /* ------------ */ typedef BOOL (WINAPI *PTC_SetFileTimeFunctionPtr)(HANDLE hFile, CONST FILETIME* lpftCreation, CONST FILETIME* lpftLastAccess, CONST FILETIME* lpftLastWrite); __inline BOOL WINAPI PTC_SetFileTime(HANDLE hFile, CONST FILETIME* lpftCreation, CONST FILETIME* lpftLastAccess, CONST FILETIME* lpftLastWrite) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_DirectPush2(PTC_C_SetFileTimeIndex , dwAddress); bResult = (((PTC_SetFileTimeFunctionPtr) dwAddress) (hFile, lpftCreation, lpftLastAccess, lpftLastWrite)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* ------------ */ /* GetFileTime */ /* ------------ */ typedef BOOL (WINAPI *PTC_GetFileTimeFunctionPtr)(HANDLE hFile, LPFILETIME lpftCreation, LPFILETIME lpftLastAccess, LPFILETIME lpftLastWrite); __inline BOOL WINAPI PTC_GetFileTime(HANDLE hFile, LPFILETIME lpftCreation, LPFILETIME lpftLastAccess, LPFILETIME lpftLastWrite) { DWORD dwAddress = PTC_fn_dwGetAddressOfBuffer(); BOOL bResult; PTC_M_DirectPush2(PTC_C_GetFileTimeIndex , dwAddress); bResult = (((PTC_GetFileTimeFunctionPtr) dwAddress) (hFile, lpftCreation, lpftLastAccess, lpftLastWrite)); PTC_M_EndGeneratedCode(dwAddress); return bResult; } /* END ANNECY OA } */ #pragma warning( default : 4055) /* ----------------------------------------------------------------------------------------------------------------- */ /* ----------------------------------------------------------------------------------------------------------------- */ /* ----------------------------------------------------------------------------------------------------------------- */ /* ----------------------------------------------------------------------------------------------------------------- */ /* ----------------------------------------------------------------------------------------------------------------- */ #define PTC_M_SetLabelAddress(lValue,label) __asm{ mov lValue,offset label } #define PTC_M_BeginLabel(function) PTC_Label_B_##function #define PTC_M_EndLabel(function) PTC_Label_E_##function #define PTC_M_DeclareBeginLabel(function) PTC_Label_B_##function: #define PTC_M_DeclareEndLabel(function) PTC_Label_E_##function: #define PTC_M_AddFunctionCheckSum(index,function) \ { \ PTC_M_SetLabelAddress(PTC_g_dwBeginLabelAddress[index*4] , PTC_M_BeginLabel(function)); \ PTC_M_SetLabelAddress(PTC_g_dwEndLabelAddress[index*4] , PTC_M_EndLabel(function)); \ } #define PTC_M_AddFunctionDelete(index,function) \ { \ PTC_M_SetLabelAddress(PTC_g_dwBeginLabelAddressDelete[index*4] , PTC_M_BeginLabel(function)); \ PTC_M_SetLabelAddress(PTC_g_dwEndLabelAddressDelete[index*4] , PTC_M_EndLabel(function)); \ } /* ----------------------------------------------------------------------------------------------------------------- */ #endif /* PTC_SYSTEM_ACTIVED }*/ /* ----------------------------------------------------------------------------------------------------------------- */ #endif /* _PTCFCTS_H_ }*/