102 Patches: Detours to the Rescue
C reference for DttR maintainers and modders.
Loading...
Searching...
No Matches
nt_process.c File Reference
#include <dttr_errors.h>
#include <dttr_loader.h>
#include <dttr_log.h>
#include <string.h>
#include <windows.h>

Go to the source code of this file.

Data Structures

struct  unicode_string
struct  object_attributes
struct  client_id
struct  attribute
struct  attribute_list
struct  create_info

Macros

#define PS_ATTRIBUTE_IMAGE_NAME   0x00020005
#define PS_ATTRIBUTE_CLIENT_ID   0x00010003
#define RTL_USER_PROC_PARAMS_NORMALIZED   0x01
#define THREAD_CREATE_FLAGS_CREATE_SUSPENDED   0x00000001
#define PEB_SHIM_DATA_OFFSET   0x1E8
#define NT_SUCCESS(s)
#define RESOLVE(module, type, name)

Typedefs

typedef LONG NTSTATUS
typedef NTSTATUS(NTAPI * nt_create_user_process_fn) (PHANDLE, PHANDLE, ACCESS_MASK, ACCESS_MASK, object_attributes *, object_attributes *, ULONG, ULONG, PVOID, create_info *, attribute_list *)
typedef NTSTATUS(NTAPI * rtl_create_process_parameters_ex_fn) (PVOID *, unicode_string *, unicode_string *, unicode_string *, unicode_string *, PVOID, unicode_string *, unicode_string *, unicode_string *, unicode_string *, ULONG)
typedef NTSTATUS(NTAPI * rtl_destroy_process_parameters_fn) (PVOID)
typedef VOID(NTAPI * rtl_init_unicode_string_fn) (unicode_string *, PCWSTR)

Functions

static void resolve_nt_path_and_cwd (WCHAR *nt_path, size_t nt_path_size, WCHAR *cwd, size_t cwd_size, const WCHAR *image_name)
static void write_remote_shim_data (HANDLE process, uintptr_t peb_addr, const char *shim_data, size_t shim_data_len)
void DTTR_Compat_CreateProcess (const WCHAR *image_name, const char *shim_data, size_t shim_data_len, PROCESS_INFORMATION *child_info)

Variables

static const WCHAR NT_PATH_PREFIX [] = L"\\??\\"

Macro Definition Documentation

◆ NT_SUCCESS

#define NT_SUCCESS ( s)
Value:
((NTSTATUS)(s) >= 0)
NTSTATUS
LONG NTSTATUS
Definition nt_process.c:15

Definition at line 16 of file nt_process.c.

Referenced by DTTR_Compat_CreateProcess().

◆ PEB_SHIM_DATA_OFFSET

#define PEB_SHIM_DATA_OFFSET   0x1E8

Definition at line 11 of file nt_process.c.

Referenced by write_remote_shim_data().

◆ PS_ATTRIBUTE_CLIENT_ID

#define PS_ATTRIBUTE_CLIENT_ID   0x00010003

Definition at line 8 of file nt_process.c.

Referenced by DTTR_Compat_CreateProcess().

◆ PS_ATTRIBUTE_IMAGE_NAME

#define PS_ATTRIBUTE_IMAGE_NAME   0x00020005

Definition at line 7 of file nt_process.c.

Referenced by DTTR_Compat_CreateProcess().

◆ RESOLVE

#define RESOLVE ( module,
type,
name )
Value:
((type)DTTR_UNWRAP_WINAPI_EXISTS(GetProcAddress(module, name)))
type
const DTTR_PrimitiveType type
Definition com_direct3ddevice7.c:884
DTTR_UNWRAP_WINAPI_EXISTS
#define DTTR_UNWRAP_WINAPI_EXISTS(result)
Definition dttr_errors.h:79

Definition at line 97 of file nt_process.c.

Referenced by DTTR_Compat_CreateProcess().

◆ RTL_USER_PROC_PARAMS_NORMALIZED

#define RTL_USER_PROC_PARAMS_NORMALIZED   0x01

Definition at line 9 of file nt_process.c.

Referenced by DTTR_Compat_CreateProcess().

◆ THREAD_CREATE_FLAGS_CREATE_SUSPENDED

#define THREAD_CREATE_FLAGS_CREATE_SUSPENDED   0x00000001

Definition at line 10 of file nt_process.c.

Referenced by DTTR_Compat_CreateProcess().

Typedef Documentation

◆ nt_create_user_process_fn

typedef NTSTATUS(NTAPI * nt_create_user_process_fn) (PHANDLE, PHANDLE, ACCESS_MASK, ACCESS_MASK, object_attributes *, object_attributes *, ULONG, ULONG, PVOID, create_info *, attribute_list *)

Definition at line 66 of file nt_process.c.

◆ NTSTATUS

typedef LONG NTSTATUS

Definition at line 15 of file nt_process.c.

◆ rtl_create_process_parameters_ex_fn

typedef NTSTATUS(NTAPI * rtl_create_process_parameters_ex_fn) (PVOID *, unicode_string *, unicode_string *, unicode_string *, unicode_string *, PVOID, unicode_string *, unicode_string *, unicode_string *, unicode_string *, ULONG)

Definition at line 80 of file nt_process.c.

◆ rtl_destroy_process_parameters_fn

typedef NTSTATUS(NTAPI * rtl_destroy_process_parameters_fn) (PVOID)

Definition at line 94 of file nt_process.c.

◆ rtl_init_unicode_string_fn

typedef VOID(NTAPI * rtl_init_unicode_string_fn) (unicode_string *, PCWSTR)

Definition at line 95 of file nt_process.c.

Function Documentation

◆ DTTR_Compat_CreateProcess()

void DTTR_Compat_CreateProcess ( const WCHAR * image_name,
const char * shim_data,
size_t shim_data_len,
PROCESS_INFORMATION * child_info )

Definition at line 163 of file nt_process.c.

References attribute_list::attributes, unicode_string::buffer, DTTR_FATAL, DTTR_LOG_DEBUG, DTTR_UNWRAP_WINAPI_EXISTS, DTTR_UNWRAP_WINAPI_NONZERO, DWORD, unicode_string::length, NT_SUCCESS, NULL, client_id::process, PS_ATTRIBUTE_CLIENT_ID, PS_ATTRIBUTE_IMAGE_NAME, RESOLVE, resolve_nt_path_and_cwd(), RTL_USER_PROC_PARAMS_NORMALIZED, create_info::size, client_id::thread, THREAD_CREATE_FLAGS_CREATE_SUSPENDED, attribute_list::total_length, and write_remote_shim_data().

Referenced by dttr_launcher_main().

◆ resolve_nt_path_and_cwd()

void resolve_nt_path_and_cwd ( WCHAR * nt_path,
size_t nt_path_size,
WCHAR * cwd,
size_t cwd_size,
const WCHAR * image_name )
static

Definition at line 100 of file nt_process.c.

References DTTR_FATAL, DWORD, NT_PATH_PREFIX, and NULL.

Referenced by DTTR_Compat_CreateProcess().

◆ write_remote_shim_data()

void write_remote_shim_data ( HANDLE process,
uintptr_t peb_addr,
const char * shim_data,
size_t shim_data_len )
static

Definition at line 130 of file nt_process.c.

References DTTR_LOG_DEBUG, DTTR_UNWRAP_WINAPI_EXISTS, DTTR_UNWRAP_WINAPI_NONZERO, NULL, and PEB_SHIM_DATA_OFFSET.

Referenced by DTTR_Compat_CreateProcess().

Variable Documentation

◆ NT_PATH_PREFIX

const WCHAR NT_PATH_PREFIX[] = L"\\??\\"
static

Definition at line 13 of file nt_process.c.

Referenced by resolve_nt_path_and_cwd().