diff --git a/project/windll_winhook/Makefile b/project/windll_winhook/Makefile index 45a2963..3d5666a 100644 --- a/project/windll_winhook/Makefile +++ b/project/windll_winhook/Makefile @@ -1,7 +1,8 @@ -# build example +# build example, tested in linux 10.0.0-3, gcc 12, wine-9.0 # make libwinhook helloexe hellodll libwinhook_test CC=i686-w64-mingw32-gcc BUILD_TYPE=32d # make libwinhook helloexe hellodll libwinhook_test CC=x86_64-w64-mingw32-gcc BUILD_TYPE=64d -# wine build/libwinhook_test32d.exe && wine build/libwinhook_test64d.exe +# cd build; wine libwinhook_test32d.exe; cd - +# cd build; wine libwinhook_test64d.exe; cd - # general config CC:=gcc # clang (llvm-mingw), gcc (mingw-w64), tcc (x86 stdcall name has problem) @@ -42,7 +43,7 @@ clean: @rm -rf $(BUILD_DIR)/*test* prepare: - @if ! [ -d $(BUILD_DIR) ]; then mkdir -p $(BUILD_DIR); fi + @mkdir -p $(BUILD_DIR) libwinhook: src/libwinhook.c @echo "## $@" diff --git a/project/windll_winpe/Makefile b/project/windll_winpe/Makefile index 9e49d2a..30c0b27 100644 --- a/project/windll_winpe/Makefile +++ b/project/windll_winpe/Makefile @@ -1,7 +1,8 @@ -# build example +# build example, tested in linux 10.0.0-3, gcc 12, wine-9.0 # make libwinpe libwinpe_test CC=i686-w64-mingw32-gcc BUILD_TYPE=32d # make libwinpe libwinpe_test CC=x86_64-w64-mingw32-gcc BUILD_TYPE=64d -# wine build/libwinpe_test32d.exe && wine build/libwinpe_test64d.exe +# wine build/libwinpe_test32d.exe +# wine build/libwinpe_test64d.exe # general config CC:=gcc # clang (llvm-mingw), gcc (mingw-w64), tcc (x86 stdcall name has problem) @@ -40,11 +41,11 @@ clean: @rm -rf $(BUILD_DIR)/*libwinpe* prepare: - @if ! [ -d $(BUILD_DIR) ]; then mkdir -p $(BUILD_DIR); fi + @mkdir -p $(BUILD_DIR) libwinpe: src/libwinpe.c @echo "## $@" - $(CC) -shared $^ -o $(BUILD_DIR)/$@$(BUILD_TYPE).dll \ + $(CC) -shared $< -o $(BUILD_DIR)/$@$(BUILD_TYPE).dll \ $(INCS) $(LIBS) \ $(CFLAGS) $(LDFLAGS) diff --git a/project/winexe_winloader/Makefile b/project/winexe_winloader/Makefile index aa4db58..1fb0b63 100644 --- a/project/winexe_winloader/Makefile +++ b/project/winexe_winloader/Makefile @@ -1,4 +1,4 @@ -# build example +# build example, tested in linux 10.0.0-3, gcc 12, wine-9.0 # make winloader CC=i686-w64-mingw32-gcc WINDRES=i686-w64-mingw32-windres BUILD_TYPE=32d # make winloader CC=x86_64-w64-mingw32-gcc WINDRES=x86_64-w64-mingw32-windres BUILD_TYPE=64d diff --git a/project/winexe_winloader/src/winloader.rc b/project/winexe_winloader/src/winloader.rc index 61e3c26..656b832 100644 --- a/project/winexe_winloader/src/winloader.rc +++ b/project/winexe_winloader/src/winloader.rc @@ -1,3 +1,3 @@ #include "resource.h" #include "winres.h" -IDI_ICON1 ICON ".\\..\\..\\..\\asset\\default.ico" \ No newline at end of file +IDI_ICON1 ICON "../../../asset/default.ico" \ No newline at end of file diff --git a/src/commdef.h b/src/commdef.h new file mode 100644 index 0000000..1f6904c --- /dev/null +++ b/src/commdef.h @@ -0,0 +1,219 @@ +/** + * common macro define + * v0.1, developed by devseed +*/ + +#ifndef _COMMDEF_H +#define _COMMDEF_H +#define COMMDEF_VERSION 100 +#include +#include + +// function declear macro +#if defined(_MSC_VER) || defined(__TINYC__) +#ifndef STDCALL +#define STDCALL __stdcall +#endif +#ifndef NAKED +#define NAKED __declspec(naked) +#endif +#ifndef INLINE +#define INLINE __forceinline +#endif +#ifndef EXPORT +#define EXPORT __declspec(dllexport) +#endif +#else +#ifndef STDCALL +#define STDCALL __attribute__((stdcall)) +#endif +#ifndef NAKED +#define NAKED __attribute__((naked)) +#endif +#ifndef INLINE +#define INLINE __attribute__((always_inline)) inline +#endif +#ifndef EXPORT +#define EXPORT __attribute__((visibility("default"))) +#endif +#endif // _MSC_VER +#if defined(__TINYC__) // fix tcc not support inline +#ifdef INLINE +#undef INLINE +#endif +#define INLINE +#endif // __TINYC__ +#ifndef IN +#define IN +#endif // IN +#ifndef OUT +#define OUT +#endif // OUT +#ifndef OPTIONAL +#define OPTIONAL +#endif // OPTIONAL + +// log macro +#ifndef LOG_LEVEL_ +#define LOG_LEVEL_ +#define LOG_LEVEL_ERROR 1 +#define LOG_LEVEL_WARNING 2 +#define LOG_LEVEL_INFO 3 +#define LOG_LEVEL_DEBUG 4 +#define LOG_LEVEL_VERBOSE 5 +#define LogTagPrintf(format, tag, ...) \ + printf("[%s,%d,%s,%s] ", __FILE__, __LINE__, __func__, tag);\ + printf(format, ##__VA_ARGS__); +#define LogTagWprintf(format, tag, ...) \ + wprintf(L"[%ls,%d,%ls,%ls] ", __FILE__, __LINE__, __func__, tag);\ + wprintf(format, ##__VA_ARGS__); +#define DummyPrintf(format, ...) +#define LOG(format, ...) LogTagPrintf(format, "I", ##__VA_ARGS__) +#define LOGL(format, ...) LogTagWprintf(format, L"I", ##__VA_ARGS__) +#define LOGe(format, ...) LogTagPrintf(format, "E", ##__VA_ARGS__) +#define LOGLe(format, ...) LogTagWprintf(format, L"E", ##__VA_ARGS__) +#define LOGw(format, ...) LogTagPrintf(format, "W", ##__VA_ARGS__) +#define LOGLw(format, ...) LogTagWprintf(format, L"W", ##__VA_ARGS__) +#define LOGi(format, ...) LogTagPrintf(format, "I", ##__VA_ARGS__) +#define LOGLi(format, ...) LogTagWprintf(format, L"I", ##__VA_ARGS__) +#define LOGd(format, ...) LogTagPrintf(format, "D", ##__VA_ARGS__) +#define LOGLd(format, ...) LogTagWprintf(format, L"D", ##__VA_ARGS__) +#define LOGv(format, ...) LogTagPrintf(format, "V", ##__VA_ARGS__) +#define LOGLv(format, ...) LogTagWprintf(format, L"V", ##__VA_ARGS__) +#endif // LOG_LEVEL_ +#ifndef LOG_LEVEL +#define LOG_LEVEL LOG_LEVEL_INFO +#endif // LOG_LEVEL +#if LOG_LEVEL < LOG_LEVEL_WARNING +#undef LOGw +#undef LOGLw +#define LOGw DummyPrintf +#define LOGLw DummyPrintf +#endif // LOG_LEVEL_WARNING +#if LOG_LEVEL < LOG_LEVEL_INFO +#undef LOGi +#undef LOGLi +#define LOGi DummyPrintf +#define LOGLi DummyPrintf +#endif // LOG_LEVEL_INFO +#if LOG_LEVEL < LOG_LEVEL_DEBUG +#undef LOGd +#undef LOGLd +#define LOGd DummyPrintf +#define LOGLd DummyPrintf +#endif // LOG_LEVEL_DEBUG +#if LOG_LEVEL < LOG_LEVEL_VERBOSE +#undef LOGv +#undef LOGLv +#define LOGv DummyPrintf +#define LOGLv DummyPrintf +#endif // LOG_LEVEL_VERBOSE + +// util macro +#define DUMP(path, addr, size) \ + FILE *fp = fopen(path, "wb"); \ + fwrite(addr, 1, size, fp); \ + fclose(fp); + +// inline functions +static INLINE size_t inl_strlen(const char *str1) +{ + const char* p = str1; + while(*p) p++; + return p - str1; +} + +static INLINE int inl_stricmp(const char *str1, const char *str2) +{ + int i=0; + while(str1[i]!=0 && str2[i]!=0) + { + if (str1[i] == str2[i] + || str1[i] + 0x20 == str2[i] + || str2[i] + 0x20 == str1[i]) + { + i++; + } + else + { + return (int)str1[i] - (int)str2[i]; + } + } + return (int)str1[i] - (int)str2[i]; +} + +static INLINE int inl_stricmp2(const char *str1, const wchar_t *str2) +{ + int i=0; + while(str1[i]!=0 && str2[i]!=0) + { + if ((wchar_t)str1[i] == str2[i] + || (wchar_t)str1[i] + 0x20 == str2[i] + || str2[i] + 0x20 == (wchar_t)str1[i]) + { + i++; + } + else + { + return (int)str1[i] - (int)str2[i]; + } + } + return (int)str1[i] - (int)str2[i]; +} + +static INLINE int inl_wcsicmp(const wchar_t *str1, const wchar_t *str2) +{ + int i = 0; + while (str1[i] != 0 && str2[i] != 0) + { + if (str1[i] == str2[i] + || str1[i] + 0x20 == str2[i] + || str2[i] + 0x20 == str1[i]) + { + i++; + } + else + { + return (int)str1[i] - (int)str2[i]; + } + } + return (int)str1[i] - (int)str2[i]; +} + +static INLINE uint32_t inl_crc32(const void *buf, size_t n) +{ + uint32_t crc32 = ~0; + for(size_t i=0; i< n; i++) + { + crc32 ^= *(const uint8_t*)((uint8_t*)buf+i); + + for(int i = 0; i < 8; i++) + { + uint32_t t = ~((crc32&1) - 1); + crc32 = (crc32>>1) ^ (0xEDB88320 & t); + } + } + return ~crc32; +} + +static INLINE void* inl_memset(void *buf, int ch, size_t n) +{ + char *p = (char *)buf; + for(size_t i=0;iNumberOfNames; i++)\ {\ LPCSTR curname = (LPCSTR)((uint8_t*)mempe + namerva[i]);\ - if (windyn_stricmp(curname, funcname) == 0)\ + if (inl_stricmp(curname, funcname) == 0)\ {\ exp = (void*)((uint8_t*)mempe + funcrva[ordrva[i]]); \ break;\ @@ -316,7 +287,7 @@ typedef NTSTATUS (NTAPI * PFN_NtQueryInformationProcess)( int i; \ for (i = ustr->Length / 2 - 1; i > 0 && ustr->Buffer[i] != '\\'; i--); \ if (ustr->Buffer[i] == '\\') i++; \ - if (windyn_stricmp2(modulename, ustr->Buffer + i) == 0)\ + if (inl_stricmp2(modulename, ustr->Buffer + i) == 0)\ {\ hmod = ldrentry->DllBase; \ break; \ @@ -346,25 +317,6 @@ typedef NTSTATUS (NTAPI * PFN_NtQueryInformationProcess)( WINDYN_FINDEXP((void*)kernel32, name_GetProcAddress, pfnGetProcAddress);\ } -// stdc inline functions declear -WINDYN_API -int windyn_strlen(const char* str1); - -WINDYN_API -int windyn_stricmp(const char* str1, const char* str2); - -WINDYN_API -int windyn_stricmp2(const char* str1, const wchar_t* str2); - -WINDYN_API -int windyn_wcsicmp(const wchar_t* str1, const wchar_t* str2); - -WINDYN_API -void* windyn_memset(void* buf, int ch, size_t n); - -WINDYN_API -void* windyn_memcpy(void* dst, const void* src, size_t n); - // winapi inline functions declear WINDYN_API HMODULE WINAPI windyn_GetModuleHandleA( @@ -502,86 +454,6 @@ BOOL WINAPI windyn_Process32Next( #include // util functions -// stdc inline functions define -int windyn_strlen(const char* str1) -{ - const char* p = str1; - while (*p) p++; - return (int)(p - str1); -} - -int windyn_stricmp(const char* str1, const char* str2) -{ - int i = 0; - while (str1[i] != 0 && str2[i] != 0) - { - if (str1[i] == str2[i] - || str1[i] + 0x20 == str2[i] - || str2[i] + 0x20 == str1[i]) - { - i++; - } - else - { - return (int)str1[i] - (int)str2[i]; - } - } - return (int)str1[i] - (int)str2[i]; -} - -int windyn_stricmp2(const char* str1, const wchar_t* str2) -{ - int i = 0; - while (str1[i] != 0 && str2[i] != 0) - { - if ((wchar_t)str1[i] == str2[i] - || (wchar_t)str1[i] + 0x20 == str2[i] - || str2[i] + 0x20 == (wchar_t)str1[i]) - { - i++; - } - else - { - return (int)str1[i] - (int)str2[i]; - } - } - return (int)str1[i] - (int)str2[i]; -} - -int windyn_wcsicmp(const wchar_t * str1, const wchar_t* str2) -{ - int i = 0; - while (str1[i] != 0 && str2[i] != 0) - { - if (str1[i] == str2[i] - || str1[i] + 0x20 == str2[i] - || str2[i] + 0x20 == str1[i]) - { - i++; - } - else - { - return (int)str1[i] - (int)str2[i]; - } - } - return (int)str1[i] - (int)str2[i]; -} - -void* windyn_memset(void* buf, int ch, size_t n) -{ - char* p = buf; - for (size_t i = 0; i < n; i++) p[i] = (char)ch; - return buf; -} - -void* windyn_memcpy(void* dst, const void* src, size_t n) -{ - char* p1 = (char*)dst; - char* p2 = (char*)src; - for (size_t i = 0; i < n; i++) p1[i] = p2[i]; - return dst; -} - // winapi inline functions define HMODULE WINAPI windyn_GetModuleHandleA( LPCSTR lpModuleName) @@ -722,19 +594,20 @@ BOOL WINAPI windyn_Process32Next( HANDLE hSnapshot, LPPROCESSENTRY32 lppe); -#endif +#endif // WINDYN_IMPLEMENTATION #ifdef __cplusplus } -#endif +#endif // __cplusplus -#endif +#endif // _WINDYN_H /** -* history -* v0.1, initial version -* v0.1.1, add some function pointer -* v0.1.2, add some inline stdc function -* v0.1.3, add some inline windows api -* v0.1.4, improve macro style + * history + * v0.1, initial version + * v0.1.1, add some function pointer + * v0.1.2, add some inline stdc function + * v0.1.3, add some inline windows api + * v0.1.4, improve macro style + * v0.1.5, seperate some macro to commdef */ \ No newline at end of file diff --git a/src/winhook.h b/src/winhook.h index c1b9210..9529bad 100644 --- a/src/winhook.h +++ b/src/winhook.h @@ -1,6 +1,6 @@ /** * windows dyamic hook util functions wrappers - * v0.3.2, developed by devseed + * v0.3.3, developed by devseed * * macros: * WINHOOK_IMPLEMENT, include defines of each function @@ -13,42 +13,13 @@ #ifndef _WINHOOK_H #define _WINHOOK_H -#define WINHOOK_VERSION 320 +#define WINHOOK_VERSION 330 -// define general macro -#if defined(_MSC_VER) || defined(__TINYC__) -#ifndef STDCALL -#define STDCALL __stdcall -#endif -#ifndef NAKED -#define NAKED __declspec(naked) -#endif -#ifndef INLINE -#define INLINE __forceinline -#endif -#ifndef EXPORT -#define EXPORT __declspec(dllexport) -#endif +#ifdef USECOMPAT +#include "commdef_v100.h" #else -#ifndef STDCALL -#define STDCALL __attribute__((stdcall)) -#endif -#ifndef NAKED -#define NAKED __attribute__((naked)) -#endif -#ifndef INLINE -#define INLINE __attribute__((always_inline)) inline -#endif -#ifndef EXPORT -#define EXPORT __attribute__((visibility("default"))) -#endif -#endif // _MSC_VER -#if defined(__TINYC__) // fix tcc not support inline -#ifdef INLINE -#undef INLINE -#endif -#define INLINE -#endif +#include "commdef.h" +#endif // USECOMPAT // define specific macro #ifdef WINHOOK_API @@ -240,10 +211,6 @@ int winhook_inlinehooks(PVOID pfnTargets[], PVOID pfnNews[], PVOID pfnOlds[], si WINHOOK_API int winhook_inlineunhooks(PVOID pfnTargets[], PVOID pfnNews[], PVOID pfnOlds[], size_t n); -#ifdef __cplusplus -} -#endif - #ifdef WINHOOK_IMPLEMENTATION #include #include @@ -255,19 +222,23 @@ int winhook_inlineunhooks(PVOID pfnTargets[], PVOID pfnNews[], PVOID pfnOlds[], #ifdef WINHOOK_USEDYNBIND #ifndef WINDYN_IMPLEMENTATION #define WINDYN_IMPLEMENTATION -#endif +#endif // WINDYN_IMPLEMENTATION #ifndef WINDYN_STATIC #define WINDYN_STATIC -#endif +#endif // WINDYN_STATIC +#ifdef USECOMPAT +#include "windyn_v150.h" +#else #include "windyn.h" -#define strlen windyn_strlen -#define _stricmp windyn_stricmp -#define _wcsicmp windyn_wcsicmp +#endif // USECOMPAT +#define strlen inl_strlen +#define _stricmp inl_stricmp +#define _wcsicmp inl_wcsicmp #define GetModuleHandleA windyn_GetModuleHandleA #define LoadLibraryA windyn_LoadLibraryA #define GetProcAddress windyn_GetProcAddress #define VirtualAllocEx windyn_VirtualAllocEx -#endif +#endif // WINHOOK_USEDYNBIND // loader functions DWORD winhook_startexeinject(LPCSTR exepath, LPSTR cmdstr, LPCSTR dllpath) @@ -701,18 +672,15 @@ BOOL winhook_iathookpe(LPCSTR targetDllName, void* mempe, PROC pfnOrg, PROC pfnN LPCSTR pDllName = (LPCSTR)(imagebase + pImpDescriptor->Name); if (!_stricmp(pDllName, targetDllName)) // ignore case { - PIMAGE_THUNK_DATA pFirstThunk = (PIMAGE_THUNK_DATA) - (imagebase + pImpDescriptor->FirstThunk); + PIMAGE_THUNK_DATA pFirstThunk = (PIMAGE_THUNK_DATA)(imagebase + pImpDescriptor->FirstThunk); // find the iat function va for (; pFirstThunk->u1.Function; pFirstThunk++) { if (pFirstThunk->u1.Function == (size_t)pfnOrg) { - VirtualProtect((LPVOID)&pFirstThunk->u1.Function, - 4, PAGE_EXECUTE_READWRITE, &dwOldProtect); + VirtualProtect((LPVOID)&pFirstThunk->u1.Function, 4, PAGE_EXECUTE_READWRITE, &dwOldProtect); pFirstThunk->u1.Function = (size_t)pfnNew; - VirtualProtect((LPVOID)&pFirstThunk->u1.Function, - 4, dwOldProtect, &dwOldProtect); + VirtualProtect((LPVOID)&pFirstThunk->u1.Function, 4, dwOldProtect, &dwOldProtect); return TRUE; } } @@ -724,8 +692,8 @@ BOOL winhook_iathookpe(LPCSTR targetDllName, void* mempe, PROC pfnOrg, PROC pfnN #ifndef WINHOOK_NO3RDLIB #ifndef MINHOOK_IMPLEMENTATION #define MINHOOK_IMPLEMENTATION -#endif -#ifdef USE_COMPAT +#endif // MINHOOK_IMPLEMENTATION +#ifdef USECOMPAT #include "stb_minhook_v1330.h" #else #include "stb_minhook.h" @@ -758,10 +726,14 @@ int winhook_inlineunhooks(PVOID pfnTargets[], PVOID pfnNews[], PVOID pfnOlds[], if(MH_Uninitialize() != MH_OK) return 0; return i; } -#endif -#endif +#endif // WINHOOK_NO3RDLIB +#endif // MINHOOK_IMPLEMENTATION -#endif +#ifdef __cplusplus +} +#endif // __cplusplus + +#endif // _WINHOOK_H /** * history: @@ -776,4 +748,5 @@ int winhook_inlineunhooks(PVOID pfnTargets[], PVOID pfnNews[], PVOID pfnOlds[], * v0.3, use javadoc style, add winhook_patchmemorypattern * v0.3.1, add winhook_patchmemory1337, winhook_patchmemoryips * v0.3.2, improve macro style, chaneg some of macro to function + * v0.3.3, seperate some macro to commdef */ \ No newline at end of file diff --git a/src/winpe.h b/src/winpe.h index c70a1fe..137a32b 100644 --- a/src/winpe.h +++ b/src/winpe.h @@ -1,6 +1,6 @@ /** * Single header project for windows pe structure, adjusting realoc addrs, or iat. - * v0.3.6, developed by devseed + * v0.3.7, developed by devseed * * macros: * WINPE_IMPLEMENT, include defines of each function @@ -12,36 +12,13 @@ #ifndef _WINPE_H #define _WINPE_H -#define WINPE_VERSION 360 +#define WINPE_VERSION 370 -// define general macro -#if defined(_MSC_VER) || defined(__TINYC__) -#ifndef STDCALL -#define STDCALL __stdcall -#endif -#ifndef NAKED -#define NAKED __declspec(naked) -#endif -#ifndef INLINE -#define INLINE __forceinline -#endif -#ifndef EXPORT -#define EXPORT __declspec(dllexport) -#endif +#ifdef USECOMPAT +#include "commdef_v100.h" #else -#ifndef STDCALL -#define STDCALL __attribute__((stdcall)) -#endif -#ifndef NAKED -#define NAKED __attribute__((naked)) -#endif -#ifndef INLINE -#define INLINE __attribute__((always_inline)) inline -#endif -#ifndef EXPORT -#define EXPORT __attribute__((visibility("default"))) -#endif -#endif // _MSC_VER +#include "commdef.h" +#endif // USECOMPAT // define specific macro #ifdef WINPE_API @@ -56,12 +33,6 @@ #ifdef WINPE_API_INLINE #undef WINPE_API_INLINE #endif -#if defined(__TINYC__) // fix tcc not support inline -#ifdef INLINE -#undef INLINE -#endif -#define INLINE -#endif #ifdef WINPE_STATIC #define WINPE_API_DEF static @@ -351,83 +322,6 @@ size_t STDCALL winpe_appendsecth(void *mempe, PIMAGE_SECTION_HEADER psecth); #define assert(x) #endif -// util INLINE functions -INLINE size_t _winpeinl_strlen(const char* str1) -{ - const char* p = str1; - while(*p) p++; - return p - str1; -} - -INLINE int _winpeinl_stricmp(const char *str1, const char *str2) -{ - int i=0; - while(str1[i]!=0 && str2[i]!=0) - { - if (str1[i] == str2[i] - || str1[i] + 0x20 == str2[i] - || str2[i] + 0x20 == str1[i]) - { - i++; - } - else - { - return (int)str1[i] - (int)str2[i]; - } - } - return (int)str1[i] - (int)str2[i]; -} - -INLINE int _winpeinl_stricmp2(const char *str1, const wchar_t* str2) -{ - int i=0; - while(str1[i]!=0 && str2[i]!=0) - { - if ((wchar_t)str1[i] == str2[i] - || (wchar_t)str1[i] + 0x20 == str2[i] - || str2[i] + 0x20 == (wchar_t)str1[i]) - { - i++; - } - else - { - return (int)str1[i] - (int)str2[i]; - } - } - return (int)str1[i] - (int)str2[i]; -} - -INLINE uint32_t _winpeinl_crc32(const void *buf, size_t n) -{ - uint32_t crc32 = ~0; - for(size_t i=0; i< n; i++) - { - crc32 ^= *(const uint8_t*)((uint8_t*)buf+i); - - for(int i = 0; i < 8; i++) - { - uint32_t t = ~((crc32&1) - 1); - crc32 = (crc32>>1) ^ (0xEDB88320 & t); - } - } - return ~crc32; -} - -INLINE void* _winpeinl_memset(void *buf, int ch, size_t n) -{ - char *p = buf; - for(size_t i=0;iLength/2-1; i>0 && ustr->Buffer[i]!='\\';i--); if(ustr->Buffer[i]=='\\') i++; - if(_winpeinl_stricmp2(modulename, ustr->Buffer + i)==0) + if(inl_stricmp2(modulename, ustr->Buffer + i)==0) { return ldrentry->DllBase; } @@ -770,12 +664,12 @@ size_t STDCALL winpe_memload(const void *rawpe, size_t rawsize, if(!mempe) return imagesize; else if(memsize!=0 && memsizeSizeOfHeaders); + inl_memset(mempe, 0, imagesize); + inl_memcpy(mempe, rawpe, pOptHeader->SizeOfHeaders); for(WORD i=0;iName; pImpDescriptor++) { pDllName = (LPCSTR)((uint8_t*)mempe + pImpDescriptor->Name); - if(dllname && _winpeinl_stricmp(pDllName, dllname)!=0) continue; + if(dllname && inl_stricmp(pDllName, dllname)!=0) continue; pFtThunk = (PIMAGE_THUNK_DATA)((uint8_t*)mempe + pImpDescriptor->FirstThunk); pOftThunk = (PIMAGE_THUNK_DATA)((uint8_t*)mempe + pImpDescriptor->OriginalFirstThunk); @@ -956,7 +850,7 @@ void* STDCALL winpe_memfindiat(void *mempe, LPCSTR dllname, LPCSTR funcname) } else { - if(_winpeinl_stricmp(pImpByName->Name, funcname)==0) return &pFtThunk[j]; + if(inl_stricmp(pImpByName->Name, funcname)==0) return &pFtThunk[j]; } } } @@ -987,7 +881,7 @@ void* STDCALL winpe_memfindexp(void *mempe, LPCSTR funcname) for(DWORD i=0;iNumberOfNames;i++) { LPCSTR curname = (LPCSTR)((uint8_t*)mempe+namerva[i]); - if(_winpeinl_stricmp(curname, funcname)==0) + if(inl_stricmp(curname, funcname)==0) { return (void*)((uint8_t*)mempe + funcrva[ordrva[i]]); } @@ -1012,7 +906,7 @@ void* STDCALL winpe_memfindexpcrc32(void* mempe, uint32_t crc32) for (DWORD i = 0; i < pExpDescriptor->NumberOfNames; i++) { LPCSTR curname = (LPCSTR)((uint8_t*)mempe + namerva[i]); - if (crc32==_winpeinl_crc32(curname, _winpeinl_strlen(curname))) + if (crc32==inl_crc32(curname, inl_strlen(curname))) { return (void*)((uint8_t*)mempe + funcrva[ordrva[i]]); } @@ -1146,7 +1040,7 @@ size_t STDCALL winpe_appendsecth(void *pe, PIMAGE_SECTION_HEADER psecth) // adjust the section and imagesize pFileHeader->NumberOfSections++; - _winpeinl_memcpy(&pSectHeader[sectNum], psecth, sizeof(IMAGE_SECTION_HEADER)); + inl_memcpy(&pSectHeader[sectNum], psecth, sizeof(IMAGE_SECTION_HEADER)); align = pOptHeader->SectionAlignment; addr = psecth->VirtualAddress + psecth->Misc.VirtualSize; if(addr % align) addr += align - addr%align; @@ -1171,4 +1065,5 @@ size_t STDCALL winpe_appendsecth(void *pe, PIMAGE_SECTION_HEADER psecth) * v0.3.4, add WINPE_NOASM to make compatible for vs x64 * v0.3.5, add winpe_memfindexpcrc32 * v0.3.6, add AT&T format asm for gcc, improve macro style and comment + * v0.3.7, seperate some macro to commdef */ \ No newline at end of file