git_admin/Virtual-File-System
1
0
Fork 0
mirror of https://github.com/CloudDelphi/Virtual-File-System synced 2025-12-19 09:53:54 +01:00
Code Issues Packages Projects Releases Wiki Activity

v1.0.3. Added support for NtQueryDirectoryFileEx, used in Win10 v1709+

Browse Source
This commit is contained in:
Berserker 2019-06-01 22:55:37 +03:00
parent a73db6fc47
commit 4d304d2483
5 changed files with 43 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -4,5 +4,6 @@
*.ini *.ini
*.identcache *.identcache
*.map *.map
*.res
_LOG_.txt _LOG_.txt
__history/ __history/

6
Vfs.dproj
View File

@ -30,7 +30,11 @@
<Borland.Personality>Delphi.Personality</Borland.Personality> <Borland.Personality>Delphi.Personality</Borland.Personality>
<Borland.ProjectType>VCLApplication</Borland.ProjectType> <Borland.ProjectType>VCLApplication</Borland.ProjectType>
<BorlandProject> <BorlandProject>
<BorlandProject><Delphi.Personality><Parameters><Parameters Name="UseLauncher">False</Parameters><Parameters Name="LoadAllSymbols">True</Parameters><Parameters Name="LoadUnspecifiedSymbols">False</Parameters></Parameters><VersionInfo><VersionInfo Name="IncludeVerInfo">True</VersionInfo><VersionInfo Name="AutoIncBuild">True</VersionInfo><VersionInfo Name="MajorVer">1</VersionInfo><VersionInfo Name="MinorVer">0</VersionInfo><VersionInfo Name="Release">2</VersionInfo><VersionInfo Name="Build">4</VersionInfo><VersionInfo Name="Debug">False</VersionInfo><VersionInfo Name="PreRelease">False</VersionInfo><VersionInfo Name="Special">False</VersionInfo><VersionInfo Name="Private">False</VersionInfo><VersionInfo Name="DLL">False</VersionInfo><VersionInfo Name="Locale">1049</VersionInfo><VersionInfo Name="CodePage">1251</VersionInfo></VersionInfo><VersionInfoKeys><VersionInfoKeys Name="CompanyName">Alexander Shostak (aka EtherniDee)</VersionInfoKeys><VersionInfoKeys Name="FileDescription">Virtual File System</VersionInfoKeys><VersionInfoKeys Name="FileVersion">1.0.2.4</VersionInfoKeys><VersionInfoKeys Name="InternalName"></VersionInfoKeys><VersionInfoKeys Name="LegalCopyright"></VersionInfoKeys><VersionInfoKeys Name="LegalTrademarks"></VersionInfoKeys><VersionInfoKeys Name="OriginalFilename"></VersionInfoKeys><VersionInfoKeys Name="ProductName"></VersionInfoKeys><VersionInfoKeys Name="ProductVersion">1.0.0.0</VersionInfoKeys><VersionInfoKeys Name="Comments"></VersionInfoKeys></VersionInfoKeys><Source><Source Name="MainSource">Vfs.dpr</Source></Source><Excluded_Packages> <BorlandProject><Delphi.Personality><Parameters><Parameters Name="UseLauncher">False</Parameters><Parameters Name="LoadAllSymbols">True</Parameters><Parameters Name="LoadUnspecifiedSymbols">False</Parameters></Parameters><VersionInfo><VersionInfo Name="IncludeVerInfo">True</VersionInfo><VersionInfo Name="AutoIncBuild">True</VersionInfo><VersionInfo Name="MajorVer">1</VersionInfo><VersionInfo Name="MinorVer">0</VersionInfo><VersionInfo Name="Release">3</VersionInfo><VersionInfo Name="Build">2</VersionInfo><VersionInfo Name="Debug">False</VersionInfo><VersionInfo Name="PreRelease">False</VersionInfo><VersionInfo Name="Special">False</VersionInfo><VersionInfo Name="Private">False</VersionInfo><VersionInfo Name="DLL">False</VersionInfo><VersionInfo Name="Locale">1049</VersionInfo><VersionInfo Name="CodePage">1251</VersionInfo></VersionInfo><VersionInfoKeys><VersionInfoKeys Name="CompanyName">Alexander Shostak (aka EtherniDee)</VersionInfoKeys><VersionInfoKeys Name="FileDescription">Virtual File System</VersionInfoKeys><VersionInfoKeys Name="FileVersion">1.0.3.2</VersionInfoKeys><VersionInfoKeys Name="InternalName"></VersionInfoKeys><VersionInfoKeys Name="LegalCopyright"></VersionInfoKeys><VersionInfoKeys Name="LegalTrademarks"></VersionInfoKeys><VersionInfoKeys Name="OriginalFilename"></VersionInfoKeys><VersionInfoKeys Name="ProductName"></VersionInfoKeys><VersionInfoKeys Name="ProductVersion">1.0.0.0</VersionInfoKeys><VersionInfoKeys Name="Comments"></VersionInfoKeys></VersionInfoKeys><Source><Source Name="MainSource">Vfs.dpr</Source></Source><Excluded_Packages>
<Excluded_Packages Name="$(BDS)\bin\dcloffice2k100.bpl">Microsoft Office 2000 Sample Automation Server Wrapper Components</Excluded_Packages> <Excluded_Packages Name="$(BDS)\bin\dcloffice2k100.bpl">Microsoft Office 2000 Sample Automation Server Wrapper Components</Excluded_Packages>

BIN
Vfs.res
View File

Binary file not shown.

33
VfsHooks.pas
View File

@ -31,6 +31,8 @@ var
NativeNtCreateFile: WinNative.TNtCreateFile; NativeNtCreateFile: WinNative.TNtCreateFile;
NativeNtClose: WinNative.TNtClose; NativeNtClose: WinNative.TNtClose;
NativeNtQueryDirectoryFile: WinNative.TNtQueryDirectoryFile; NativeNtQueryDirectoryFile: WinNative.TNtQueryDirectoryFile;
NativeNtQueryDirectoryFileEx: WinNative.TNtQueryDirectoryFileEx;
NtQueryAttributesFilePatch: VfsPatching.TAppliedPatch; NtQueryAttributesFilePatch: VfsPatching.TAppliedPatch;
NtQueryFullAttributesFilePatch: VfsPatching.TAppliedPatch; NtQueryFullAttributesFilePatch: VfsPatching.TAppliedPatch;
@ -38,6 +40,7 @@ var
NtCreateFilePatch: VfsPatching.TAppliedPatch; NtCreateFilePatch: VfsPatching.TAppliedPatch;
NtClosePatch: VfsPatching.TAppliedPatch; NtClosePatch: VfsPatching.TAppliedPatch;
NtQueryDirectoryFilePatch: VfsPatching.TAppliedPatch; NtQueryDirectoryFilePatch: VfsPatching.TAppliedPatch;
NtQueryDirectoryFileExPatch: VfsPatching.TAppliedPatch;
(* There is no 100% portable and reliable way to get file path by handle, unless file creation/opening (* There is no 100% portable and reliable way to get file path by handle, unless file creation/opening
@ -543,11 +546,28 @@ begin
end; end;
end; // .function Hook_NtQueryDirectoryFile end; // .function Hook_NtQueryDirectoryFile
function Hook_NtQueryDirectoryFileEx (OrigFunc: WinNative.TNtQueryDirectoryFileEx; FileHandle: HANDLE; Event: HANDLE; ApcRoutine: pointer; ApcContext: PVOID; Io: PIO_STATUS_BLOCK;
Buffer: PVOID; BufLength: ULONG; InfoClass: integer (* FILE_INFORMATION_CLASS *); QueryFlags: integer; Mask: PUNICODE_STRING): NTSTATUS; stdcall;
var
SingleEntry: LONGBOOL;
RestartScan: LONGBOOL;
begin
if VfsDebug.LoggingEnabled then begin
WriteLog('NtQueryDirectoryFileEx', Format('Handle: %x. QueryFlags: %x', [FileHandle, QueryFlags]));
end;
RestartScan := Utils.Flags(QueryFlags).Have(WinNative.SL_RESTART_SCAN);
SingleEntry := Utils.Flags(QueryFlags).Have(WinNative.SL_RETURN_SINGLE_ENTRY);
result := WinNative.NtQueryDirectoryFile(FileHandle, Event, ApcRoutine, ApcContext, Io, Buffer, BufLength, InfoClass, SingleEntry, Mask, RestartScan);
end;
procedure InstallHooks; procedure InstallHooks;
var var
SetProcessDEPPolicy: function (dwFlags: integer): LONGBOOL; stdcall; SetProcessDEPPolicy: function (dwFlags: integer): LONGBOOL; stdcall;
hDll: Windows.THandle; hDll: Windows.THandle;
NtdllHandle: integer; NtdllHandle: integer;
NtQueryDirectoryFileExAddr: WinNative.TNtQueryDirectoryFileEx;
begin begin
with HooksCritSection do begin with HooksCritSection do begin
@ -622,6 +642,18 @@ begin
@Hook_NtQueryDirectoryFile, @Hook_NtQueryDirectoryFile,
@NtQueryDirectoryFilePatch @NtQueryDirectoryFilePatch
); );
NtQueryDirectoryFileExAddr := VfsApiDigger.GetRealProcAddress(NtdllHandle, 'NtQueryDirectoryFileEx');
if @NtQueryDirectoryFileExAddr <> nil then begin
WriteLog('InstallHook', 'Installing NtQueryDirectoryFileEx hook');
NativeNtQueryDirectoryFileEx := VfsPatching.SpliceWinApi
(
@NtQueryDirectoryFileExAddr,
@Hook_NtQueryDirectoryFileEx,
@NtQueryDirectoryFileExPatch
);
end;
end; // .if end; // .if
Leave; Leave;
@ -639,6 +671,7 @@ begin
NtCreateFilePatch.Rollback; NtCreateFilePatch.Rollback;
NtClosePatch.Rollback; NtClosePatch.Rollback;
NtQueryDirectoryFilePatch.Rollback; NtQueryDirectoryFilePatch.Rollback;
NtQueryDirectoryFileExPatch.Rollback;
Leave; Leave;
end; end;

2
_update_dll.bat
View File

@ -4,7 +4,7 @@ cls
set h3dir=D:\Heroes 3 set h3dir=D:\Heroes 3
copy /Y Vfs.dll "%h3dir%\vfs.dll" copy /Y Vfs.dll "%h3dir%\vfs.dll"
copy /Y Vfs.map "%h3dir%\Vfs.map" copy /Y Vfs.map "%h3dir%\Vfs.map"
php "%h3dir%\Tools\ExeMapCompiler\compile.phc" "vfs.map" "./DebugMaps" php "%h3dir%\Tools\ExeMapCompiler\compile.phc" "vfs.map" "%h3dir%/DebugMaps"
echo. echo.
echo. echo.
echo %date% %time% echo %date% %time%