本文整理汇总了C++中NtCurrentPeb函数的典型用法代码示例。如果您正苦于以下问题:C++ NtCurrentPeb函数的具体用法?C++ NtCurrentPeb怎么用?C++ NtCurrentPeb使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了NtCurrentPeb函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: DllMain
/*
* @implemented
*/
BOOLEAN
WINAPI
DllMain(HINSTANCE hDllHandle,
DWORD nReason,
LPVOID Reserved)
{
switch(nReason)
{
case DLL_PROCESS_ATTACH:
DisableThreadLibraryCalls(hDllHandle);
if (NtCurrentPeb()->ProcessParameters->Flags & RTL_USER_PROCESS_PARAMETERS_PROFILE_USER)
{
PsParseCommandLine();
PsInitializeAndStartProfile();
}
break;
case DLL_PROCESS_DETACH:
if (NtCurrentPeb()->ProcessParameters->Flags & RTL_USER_PROCESS_PARAMETERS_PROFILE_USER)
{
PsStopAndAnalyzeProfile();
}
break;
}
return TRUE;
}示例2: TaskDialogCreateIcons
VOID TaskDialogCreateIcons(
_In_ PPH_SETUP_CONTEXT Context
)
{
HICON largeIcon;
HICON smallIcon;
largeIcon = PhLoadIcon(
NtCurrentPeb()->ImageBaseAddress,
MAKEINTRESOURCE(IDI_ICON1),
PH_LOAD_ICON_SIZE_LARGE,
GetSystemMetrics(SM_CXICON),
GetSystemMetrics(SM_CYICON)
);
smallIcon = PhLoadIcon(
NtCurrentPeb()->ImageBaseAddress,
MAKEINTRESOURCE(IDI_ICON1),
PH_LOAD_ICON_SIZE_LARGE,
GetSystemMetrics(SM_CXSMICON),
GetSystemMetrics(SM_CYSMICON)
);
Context->IconLargeHandle = largeIcon;
Context->IconSmallHandle = smallIcon;
SendMessage(Context->DialogHandle, WM_SETICON, ICON_SMALL, (LPARAM)largeIcon);
SendMessage(Context->DialogHandle, WM_SETICON, ICON_BIG, (LPARAM)smallIcon);
}示例3: TlsAlloc
/*
* @implemented
*/
DWORD
WINAPI
TlsAlloc(VOID)
{
ULONG Index;
RtlAcquirePebLock();
/* Try to get regular TEB slot. */
Index = RtlFindClearBitsAndSet(NtCurrentPeb()->TlsBitmap, 1, 0);
if (Index == ~0U)
{
/* If it fails, try to find expansion TEB slot. */
Index = RtlFindClearBitsAndSet(NtCurrentPeb()->TlsExpansionBitmap, 1, 0);
if (Index != ~0U)
{
if (NtCurrentTeb()->TlsExpansionSlots == NULL)
{
NtCurrentTeb()->TlsExpansionSlots = HeapAlloc(RtlGetProcessHeap(),
HEAP_ZERO_MEMORY,
TLS_EXPANSION_SLOTS *
sizeof(PVOID));
}
if (NtCurrentTeb()->TlsExpansionSlots == NULL)
{
RtlClearBits(NtCurrentPeb()->TlsExpansionBitmap, Index, 1);
Index = ~0;
SetLastError(ERROR_NOT_ENOUGH_MEMORY);
}
else
{
/* Clear the value. */
NtCurrentTeb()->TlsExpansionSlots[Index] = 0;
Index += TLS_MINIMUM_AVAILABLE;
}
}
else
{
SetLastError(ERROR_NO_MORE_ITEMS);
}
}
else
{
/* Clear the value. */
NtCurrentTeb()->TlsSlots[Index] = 0;
}
RtlReleasePebLock();
return Index;
}示例4: TlsFree
/*
* @implemented
*/
BOOL
WINAPI
TlsFree(DWORD Index)
{
BOOL BitSet;
if (Index >= TLS_EXPANSION_SLOTS + TLS_MINIMUM_AVAILABLE)
{
SetLastErrorByStatus(STATUS_INVALID_PARAMETER);
return FALSE;
}
RtlAcquirePebLock();
if (Index >= TLS_MINIMUM_AVAILABLE)
{
BitSet = RtlAreBitsSet(NtCurrentPeb()->TlsExpansionBitmap,
Index - TLS_MINIMUM_AVAILABLE,
1);
if (BitSet)
RtlClearBits(NtCurrentPeb()->TlsExpansionBitmap,
Index - TLS_MINIMUM_AVAILABLE,
1);
}
else
{
BitSet = RtlAreBitsSet(NtCurrentPeb()->TlsBitmap, Index, 1);
if (BitSet)
RtlClearBits(NtCurrentPeb()->TlsBitmap, Index, 1);
}
if (BitSet)
{
/* Clear the TLS cells (slots) in all threads of the current process. */
NtSetInformationThread(NtCurrentThread(),
ThreadZeroTlsCell,
&Index,
sizeof(DWORD));
}
else
{
SetLastError(ERROR_INVALID_PARAMETER);
}
RtlReleasePebLock();
return BitSet;
}示例5: MemAlloc
PVOID
WINAPI
MemAlloc(IN HANDLE Heap,
IN PVOID Ptr,
IN ULONG Size)
{
PVOID pBuf = NULL;
if(Size == 0 && Ptr == NULL)
{
return NULL;
}
if(Heap == NULL)
{
Heap = NtCurrentPeb()->ProcessHeap;
}
if(Size > 0)
{
if(Ptr == NULL)
/* malloc */
pBuf = RtlAllocateHeap(Heap, 0, Size);
else
/* realloc */
pBuf = RtlReAllocateHeap(Heap, 0, Ptr, Size);
}
else
/* free */
RtlFreeHeap(Heap, 0, Ptr);
return pBuf;
}示例6: PhInitializeSecurity
static VOID PhInitializeSecurity(
_In_ ULONG Flags
)
{
HANDLE tokenHandle;
PhElevated = TRUE;
PhElevationType = TokenElevationTypeDefault;
PhCurrentSessionId = NtCurrentPeb()->SessionId;
if (Flags & PHLIB_INIT_TOKEN_INFO)
{
if (NT_SUCCESS(PhOpenProcessToken(
&tokenHandle,
TOKEN_QUERY,
NtCurrentProcess()
)))
{
if (WINDOWS_HAS_UAC)
{
PhGetTokenIsElevated(tokenHandle, &PhElevated);
PhGetTokenElevationType(tokenHandle, &PhElevationType);
}
PhCurrentTokenQueryHandle = tokenHandle;
}
}
}示例7: ucmLoadCallback
/*
* ucmLoadCallback
*
* Purpose:
*
* Image load notify callback, when kernel32 available - acquire import and run target application.
*
*/
VOID NTAPI ucmLoadCallback(
PWSTR DllName,
PVOID DllBase,
SIZE_T DllSize,
PVOID Reserved
)
{
BOOL bReadSuccess, bIsLocalSystem = FALSE;
PWSTR lpParameter = NULL;
ULONG cbParameter = 0L;
UNREFERENCED_PARAMETER(DllSize);
UNREFERENCED_PARAMETER(Reserved);
if (DllName == NULL) {
return;
}
if (_strcmpi(DllName, L"kernel32.dll") == 0) {
g_pvKernel32 = DllBase;
}
if (_strcmpi(DllName, L"user32.dll") == 0) {
if (g_pvKernel32) {
pCreateProcessW = ucmLdrGetProcAddress(
(PCHAR)g_pvKernel32,
"CreateProcessW");
if (pCreateProcessW != NULL) {
ucmIsLocalSystem(&bIsLocalSystem);
bReadSuccess = ucmReadParameters(
&lpParameter,
&cbParameter,
NULL,
NULL,
bIsLocalSystem);
ucmLaunchPayloadEx(
pCreateProcessW,
lpParameter,
cbParameter);
if ((bReadSuccess) &&
(lpParameter != NULL))
{
RtlFreeHeap(
NtCurrentPeb()->ProcessHeap,
0,
lpParameter);
}
NtTerminateProcess(NtCurrentProcess(), STATUS_SUCCESS);
}
}
}
}示例8: ShowLatestVersionDialog
VOID ShowLatestVersionDialog(
_In_ PPH_UPDATER_CONTEXT Context
)
{
TASKDIALOGCONFIG config;
LARGE_INTEGER time;
SYSTEMTIME systemTime = { 0 };
PIMAGE_DOS_HEADER imageDosHeader;
PIMAGE_NT_HEADERS imageNtHeader;
memset(&config, 0, sizeof(TASKDIALOGCONFIG));
config.cbSize = sizeof(TASKDIALOGCONFIG);
config.dwFlags = TDF_USE_HICON_MAIN | TDF_ALLOW_DIALOG_CANCELLATION | TDF_CAN_BE_MINIMIZED | TDF_ENABLE_HYPERLINKS | TDF_EXPAND_FOOTER_AREA;
config.dwCommonButtons = TDCBF_CLOSE_BUTTON;
config.hMainIcon = Context->IconLargeHandle;
config.cxWidth = 200;
config.pfCallback = FinalTaskDialogCallbackProc;
config.lpCallbackData = (LONG_PTR)Context;
// HACK
imageDosHeader = (PIMAGE_DOS_HEADER)NtCurrentPeb()->ImageBaseAddress;
imageNtHeader = (PIMAGE_NT_HEADERS)PTR_ADD_OFFSET(imageDosHeader, imageDosHeader->e_lfanew);
RtlSecondsSince1970ToTime(imageNtHeader->FileHeader.TimeDateStamp, &time);
PhLargeIntegerToLocalSystemTime(&systemTime, &time);
config.pszWindowTitle = L"Process Hacker - Updater";
config.pszMainInstruction = L"You're running the latest version.";
config.pszContent = PhaFormatString(
L"Version: v%s\r\nCompiled: %s\r\n\r\n<A HREF=\"changelog.txt\">View Changelog</A>",
PhGetStringOrEmpty(Context->CurrentVersionString),
PhaFormatDateTime(&systemTime)->Buffer
)->Buffer;
TaskDialogNavigatePage(Context->DialogHandle, &config);
}示例9: RtlpAddVectoredHandler
PVOID WINAPI
RtlpAddVectoredHandler(ULONG FirstHandler,
PVECTORED_EXCEPTION_HANDLER VectorHandler,
ULONG Type)
{
PVOID Peb = NtCurrentPeb();
PVEH_NODE VehNode = NULL;
VehNode = (PVEH_NODE)fnRtlAllocateHeap(*(PVOID*)((PBYTE)Peb + 0x18), // Peb.ProcessHeap
0, // No flags
sizeof(VEH_NODE)); // 0x10 bytes
if (VehNode == NULL) {
return NULL;
}
VehNode->RefCount = 1;
VehNode->Handler = (PVECTORED_EXCEPTION_HANDLER)fnRtlEncodePointer(VectorHandler);
fnRtlAcquireSRWLockExclusive(&LdrpVectorHandlerList[Type].Lock);
if (IsListEmpty(&LdrpVectorHandlerList[Type].Head)) {
InterlockedBitTestAndSet((LONG*)((PBYTE)Peb+0x28), // Peb.EnvironmentUpdateCount, seems not a count...
Type + 2);
}
if (FirstHandler == 0) {
InsertHeadList(&LdrpVectorHandlerList[Type].Head, &VehNode->Entry);
}
else {
InsertTailList(&LdrpVectorHandlerList[Type].Head, &VehNode->Entry);
}
fnRtlReleaseSRWLockExclusive(&LdrpVectorHandlerList[Type].Lock);
return VehNode;
}示例10: GetStartupInfoW
/*
* @implemented
*/
VOID
WINAPI
GetStartupInfoW(LPSTARTUPINFOW lpStartupInfo)
{
PRTL_USER_PROCESS_PARAMETERS Params;
if (lpStartupInfo == NULL)
{
SetLastError(ERROR_INVALID_PARAMETER);
return;
}
Params = NtCurrentPeb()->ProcessParameters;
lpStartupInfo->cb = sizeof(STARTUPINFOW);
lpStartupInfo->lpDesktop = Params->DesktopInfo.Buffer;
lpStartupInfo->lpTitle = Params->WindowTitle.Buffer;
lpStartupInfo->dwX = Params->StartingX;
lpStartupInfo->dwY = Params->StartingY;
lpStartupInfo->dwXSize = Params->CountX;
lpStartupInfo->dwYSize = Params->CountY;
lpStartupInfo->dwXCountChars = Params->CountCharsX;
lpStartupInfo->dwYCountChars = Params->CountCharsY;
lpStartupInfo->dwFillAttribute = Params->FillAttribute;
lpStartupInfo->dwFlags = Params->WindowFlags;
lpStartupInfo->wShowWindow = (WORD)Params->ShowWindowFlags;
lpStartupInfo->cbReserved2 = Params->RuntimeData.Length;
lpStartupInfo->lpReserved2 = (LPBYTE)Params->RuntimeData.Buffer;
lpStartupInfo->hStdInput = Params->StandardInput;
lpStartupInfo->hStdOutput = Params->StandardOutput;
lpStartupInfo->hStdError = Params->StandardError;
}示例11: IntGetConsoleCommandHistory
static DWORD
IntGetConsoleCommandHistory(LPVOID lpHistory, DWORD cbHistory, LPCVOID lpExeName, BOOLEAN bUnicode)
{
CONSOLE_API_MESSAGE ApiMessage;
PCONSOLE_GETCOMMANDHISTORY GetCommandHistoryRequest = &ApiMessage.Data.GetCommandHistoryRequest;
PCSR_CAPTURE_BUFFER CaptureBuffer;
USHORT NumChars = (USHORT)(lpExeName ? (bUnicode ? wcslen(lpExeName) : strlen(lpExeName)) : 0);
if (lpExeName == NULL || NumChars == 0)
{
SetLastError(ERROR_INVALID_PARAMETER);
return 0;
}
GetCommandHistoryRequest->ConsoleHandle = NtCurrentPeb()->ProcessParameters->ConsoleHandle;
GetCommandHistoryRequest->HistoryLength = cbHistory;
GetCommandHistoryRequest->ExeLength = NumChars * (bUnicode ? sizeof(WCHAR) : sizeof(CHAR));
GetCommandHistoryRequest->Unicode =
GetCommandHistoryRequest->Unicode2 = bUnicode;
// CaptureBuffer = CsrAllocateCaptureBuffer(2, IntStringSize(lpExeName, bUnicode) +
// HistoryLength);
CaptureBuffer = CsrAllocateCaptureBuffer(2, GetCommandHistoryRequest->ExeLength +
GetCommandHistoryRequest->HistoryLength);
if (!CaptureBuffer)
{
DPRINT1("CsrAllocateCaptureBuffer failed!\n");
SetLastError(ERROR_NOT_ENOUGH_MEMORY);
return 0;
}
CsrCaptureMessageBuffer(CaptureBuffer,
(PVOID)lpExeName,
GetCommandHistoryRequest->ExeLength,
(PVOID)&GetCommandHistoryRequest->ExeName);
CsrAllocateMessagePointer(CaptureBuffer, GetCommandHistoryRequest->HistoryLength,
(PVOID*)&GetCommandHistoryRequest->History);
CsrClientCallServer((PCSR_API_MESSAGE)&ApiMessage,
CaptureBuffer,
CSR_CREATE_API_NUMBER(CONSRV_SERVERDLL_INDEX, ConsolepGetCommandHistory),
sizeof(*GetCommandHistoryRequest));
if (!NT_SUCCESS(ApiMessage.Status))
{
CsrFreeCaptureBuffer(CaptureBuffer);
BaseSetLastNTError(ApiMessage.Status);
return 0;
}
RtlCopyMemory(lpHistory,
GetCommandHistoryRequest->History,
GetCommandHistoryRequest->HistoryLength);
CsrFreeCaptureBuffer(CaptureBuffer);
return GetCommandHistoryRequest->HistoryLength;
}示例12: GetEnvironmentStringsW
/*
* @implemented
*/
LPWSTR
WINAPI
GetEnvironmentStringsW (
VOID
)
{
return (LPWSTR)(NtCurrentPeb ()->ProcessParameters->Environment);
}示例13: _main
int
_cdecl
_main(int argc,
char *argv[],
char *envp[],
int DebugFlag)
{
KPRIORITY BasePriority = (8 + 1) + 4;
NTSTATUS Status;
//ULONG Response; // see the #if 0
UNREFERENCED_PARAMETER(envp);
UNREFERENCED_PARAMETER(DebugFlag);
/* Set the Priority */
NtSetInformationProcess(NtCurrentProcess(),
ProcessBasePriority,
&BasePriority,
sizeof(KPRIORITY));
/* Give us IOPL so that we can access the VGA registers */
Status = NtSetInformationProcess(NtCurrentProcess(),
ProcessUserModeIOPL,
NULL,
0);
if (!NT_SUCCESS(Status))
{
/* Raise a hard error */
DPRINT1("CSRSS: Could not raise IOPL, Status: 0x%08lx\n", Status);
#if 0
Status = NtRaiseHardError(STATUS_IO_PRIVILEGE_FAILED,
0,
0,
NULL,
OptionOk,
&Response);
#endif
}
/* Initialize CSR through CSRSRV */
Status = CsrServerInitialization(argc, argv);
if (!NT_SUCCESS(Status))
{
/* Kill us */
DPRINT1("CSRSS: Unable to initialize server, Status: 0x%08lx\n", Status);
NtTerminateProcess(NtCurrentProcess(), Status);
}
/* Disable errors */
CsrpSetDefaultProcessHardErrorMode();
/* If this is Session 0, make sure killing us bugchecks the system */
if (NtCurrentPeb()->SessionId == 0) RtlSetProcessIsCritical(TRUE, NULL, FALSE);
/* Kill this thread. CSRSRV keeps us going */
NtTerminateThread(NtCurrentThread(), Status);
return 0;
}示例14: DbgUiRemoteBreakin
/*
* @implemented
*/
VOID
NTAPI
DbgUiRemoteBreakin(VOID)
{
/* Make sure a debugger is enabled; if so, breakpoint */
if (NtCurrentPeb()->BeingDebugged) DbgBreakPoint();
/* Exit the thread */
RtlExitUserThread(STATUS_SUCCESS);
}示例15: RtlSetCurrentEnvironment
/*
* @implemented
*/
VOID NTAPI
RtlSetCurrentEnvironment(PWSTR NewEnvironment,
PWSTR *OldEnvironment)
{
PVOID EnvPtr;
DPRINT("NewEnvironment 0x%p OldEnvironment 0x%p\n",
NewEnvironment, OldEnvironment);
RtlAcquirePebLock();
EnvPtr = NtCurrentPeb()->ProcessParameters->Environment;
NtCurrentPeb()->ProcessParameters->Environment = NewEnvironment;
if (OldEnvironment != NULL)
*OldEnvironment = EnvPtr;
RtlReleasePebLock();
}