321 lines
9.1 KiB
C++
321 lines
9.1 KiB
C++
|
/*++
|
||
|
|
||
|
Copyright (c) 2000-2002 Microsoft Corporation
|
||
|
|
||
|
Module Name:
|
||
|
|
||
|
HoyleGames.cpp
|
||
|
|
||
|
Abstract:
|
||
|
|
||
|
All Hoyle apps have one common problem and that is a hard
|
||
|
coded "C:\" in its data section of the image.The apps crash
|
||
|
because of this if installed and run from any other drive
|
||
|
other than C:\.
|
||
|
This shim goes through the image of the app searching
|
||
|
for the hardcoded string and replaces them if found. This
|
||
|
shim replaces all the existing app specific shims for
|
||
|
Hoyle Games.
|
||
|
|
||
|
This is an app specific shim.
|
||
|
|
||
|
|
||
|
History:
|
||
|
|
||
|
04/17/2001 Prashkud Created
|
||
|
|
||
|
--*/
|
||
|
|
||
|
#include "precomp.h"
|
||
|
|
||
|
IMPLEMENT_SHIM_BEGIN(HoyleGames)
|
||
|
#include "ShimHookMacro.h"
|
||
|
|
||
|
APIHOOK_ENUM_BEGIN
|
||
|
APIHOOK_ENUM_ENTRY(GetPrivateProfileStringA)
|
||
|
APIHOOK_ENUM_END
|
||
|
|
||
|
// Max Virtual address replacements in all sections
|
||
|
#define MAX_VA 50
|
||
|
|
||
|
// Global array to hold the replacement VA
|
||
|
DWORD g_ReplaceVA[MAX_VA];
|
||
|
|
||
|
// Replacement count
|
||
|
int g_ReplaceCnt;
|
||
|
|
||
|
/*++
|
||
|
|
||
|
Parse the Section and fill in the location index into the
|
||
|
SECTION structure. This function also fills in the number
|
||
|
of occurences of the hard-coded "C:\" string in this section.
|
||
|
|
||
|
--*/
|
||
|
|
||
|
BOOL
|
||
|
GetReplacementLocations(
|
||
|
DWORD dwSecPtr,
|
||
|
DWORD dwSize
|
||
|
)
|
||
|
{
|
||
|
BYTE *pbFilePtr = (BYTE*)dwSecPtr;
|
||
|
BOOL bRet = FALSE;
|
||
|
|
||
|
|
||
|
for (DWORD i = 0; i < dwSize - 2 && g_ReplaceCnt < MAX_VA; i++)
|
||
|
{
|
||
|
if ((BYTE)*(pbFilePtr + i) == 'c')
|
||
|
{
|
||
|
if((BYTE)*(pbFilePtr + i + 1) == ':' &&
|
||
|
(BYTE)*(pbFilePtr + i + 2) == '\\')
|
||
|
{
|
||
|
g_ReplaceVA[g_ReplaceCnt++] = dwSecPtr + i;
|
||
|
bRet = TRUE;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
return bRet;
|
||
|
}
|
||
|
|
||
|
/*++
|
||
|
|
||
|
This function loops through each section looking for a Initialized Data
|
||
|
section. Once it gets the Initialized Data section, it calls the helper
|
||
|
function GetReplacementLocations() to get the offset from the base of the
|
||
|
section. It then calculates the Virtual Address at which the replacement
|
||
|
should occur.
|
||
|
|
||
|
--*/
|
||
|
|
||
|
BOOL
|
||
|
GetInitializedDataSection()
|
||
|
{
|
||
|
PIMAGE_NT_HEADERS NtHeader;
|
||
|
PIMAGE_FILE_HEADER FileHeader;
|
||
|
PIMAGE_OPTIONAL_HEADER OptionalHeader;
|
||
|
PIMAGE_SECTION_HEADER NtSection;
|
||
|
DWORD dwSectionVA = 0, dwSize = 0;
|
||
|
BOOL bRet = FALSE;
|
||
|
|
||
|
// Get the module base address
|
||
|
PUCHAR Base = (PUCHAR)GetModuleHandle(NULL);
|
||
|
|
||
|
if ((ULONG_PTR)Base & 0x00000001)
|
||
|
{
|
||
|
Base = (PUCHAR)((ULONG_PTR)Base & ~0x1);
|
||
|
}
|
||
|
|
||
|
NtHeader = RtlpImageNtHeader(Base);
|
||
|
|
||
|
if (NtHeader)
|
||
|
{
|
||
|
FileHeader = &NtHeader->FileHeader;
|
||
|
OptionalHeader = &NtHeader->OptionalHeader;
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
// Handle case where Image passed in doesn't have a dos stub (ROM images for instance);
|
||
|
FileHeader = (PIMAGE_FILE_HEADER)Base;
|
||
|
OptionalHeader = (PIMAGE_OPTIONAL_HEADER) ((ULONG_PTR)Base + IMAGE_SIZEOF_FILE_HEADER);
|
||
|
}
|
||
|
|
||
|
NtSection = (PIMAGE_SECTION_HEADER)((ULONG_PTR)OptionalHeader +
|
||
|
FileHeader->SizeOfOptionalHeader);
|
||
|
|
||
|
|
||
|
for (DWORD i=0; i<FileHeader->NumberOfSections; i++)
|
||
|
{
|
||
|
// Check whether the section is a Initialized Data Section
|
||
|
if (NtSection->Characteristics & IMAGE_SCN_CNT_INITIALIZED_DATA)
|
||
|
{
|
||
|
// Size of the Section to search
|
||
|
dwSize = NtSection->SizeOfRawData;
|
||
|
|
||
|
// Get the Section's Virtual address
|
||
|
dwSectionVA = (DWORD)(Base + NtSection->VirtualAddress);
|
||
|
|
||
|
__try
|
||
|
{
|
||
|
if(GetReplacementLocations(dwSectionVA, dwSize))
|
||
|
{
|
||
|
bRet = TRUE;
|
||
|
}
|
||
|
DPFN( eDbgLevelError, "Replacing was successful");
|
||
|
|
||
|
}
|
||
|
__except(EXCEPTION_EXECUTE_HANDLER)
|
||
|
{
|
||
|
DPFN( eDbgLevelError, "Replacing crashed");
|
||
|
goto Exit;
|
||
|
}
|
||
|
|
||
|
}
|
||
|
|
||
|
++NtSection;
|
||
|
}
|
||
|
return bRet;
|
||
|
|
||
|
|
||
|
Exit:
|
||
|
return FALSE;
|
||
|
}
|
||
|
|
||
|
/*++
|
||
|
|
||
|
This function hooks GetVersion (called early on by Hoyle Board Games)
|
||
|
and replaces the hard coded 'c's with the correct install drive letter
|
||
|
that it looks up in the registry.
|
||
|
|
||
|
It uses g_HoyleWordGames_bPatched to patch only once.
|
||
|
|
||
|
--*/
|
||
|
|
||
|
BOOL
|
||
|
NOTIFY_FUNCTION(
|
||
|
DWORD fdwReason
|
||
|
)
|
||
|
{
|
||
|
if (fdwReason == SHIM_STATIC_DLLS_INITIALIZED)
|
||
|
{
|
||
|
CHAR szProgFilesDir[MAX_PATH]; // Added by Noah Young on 1/26/01
|
||
|
DWORD cch = ARRAYSIZE(szProgFilesDir);
|
||
|
HKEY hKey = 0;
|
||
|
DWORD dwOldProtect = 0;
|
||
|
|
||
|
|
||
|
|
||
|
// Fix problem where Program Files dir isn't on same drive as BOARD3.EXE
|
||
|
if( ERROR_SUCCESS == RegOpenKeyExA(HKEY_LOCAL_MACHINE,
|
||
|
"SOFTWARE\\Microsoft\\Windows\\CurrentVersion",
|
||
|
0,
|
||
|
KEY_QUERY_VALUE,
|
||
|
&hKey) )
|
||
|
{
|
||
|
if( ERROR_SUCCESS == RegQueryValueExA(hKey,
|
||
|
"ProgramFilesDir",
|
||
|
NULL,
|
||
|
NULL, // REG_SZ
|
||
|
(LPBYTE)szProgFilesDir,
|
||
|
&cch) )
|
||
|
{
|
||
|
// Scan the image's initialized data section....
|
||
|
char szModule[MAX_PATH];
|
||
|
|
||
|
cch = GetModuleFileNameA(NULL, szModule, ARRAYSIZE(szModule));
|
||
|
if( cch > 0 && cch < ARRAYSIZE(szModule) )
|
||
|
{
|
||
|
// Get the Virtual adresses that need to be replaced
|
||
|
if(GetInitializedDataSection())
|
||
|
{
|
||
|
long PATCH_LENGTH = g_ReplaceVA[ g_ReplaceCnt - 1] - g_ReplaceVA[0] + 1;
|
||
|
|
||
|
// Make the memory page writable
|
||
|
if( VirtualProtect( (PVOID) g_ReplaceVA[0],
|
||
|
PATCH_LENGTH,
|
||
|
PAGE_READWRITE,
|
||
|
&dwOldProtect ) )
|
||
|
{
|
||
|
for (int i=0; i< g_ReplaceCnt; i++)
|
||
|
{
|
||
|
// Make sure it's what we expect
|
||
|
if( 'c' == *((CHAR*) g_ReplaceVA[i]) )
|
||
|
{
|
||
|
if (i==0)
|
||
|
{
|
||
|
*((CHAR*) g_ReplaceVA[i]) = szProgFilesDir[0];
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
*((CHAR*) g_ReplaceVA[i]) = szModule[0];
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
} else {
|
||
|
DPFN( eDbgLevelError, "No patching done!");
|
||
|
}
|
||
|
} else {
|
||
|
DPFN( eDbgLevelError, "GetModuleFileNameA failed!");
|
||
|
}
|
||
|
} else {
|
||
|
DPFN( eDbgLevelError, "Failed to query \"ProgramFilesDir\"!");
|
||
|
}
|
||
|
RegCloseKey(hKey);
|
||
|
} else {
|
||
|
DPFN( eDbgLevelError, "Failed to open key \"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\"!");
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return TRUE;
|
||
|
}
|
||
|
|
||
|
/*++
|
||
|
|
||
|
Very specific hack to return a good FaceMaker path, so the app doesn't fail
|
||
|
when it is installed on the wrong drive.
|
||
|
|
||
|
--*/
|
||
|
|
||
|
DWORD
|
||
|
APIHOOK(GetPrivateProfileStringA)(
|
||
|
LPCSTR lpAppName,
|
||
|
LPCSTR lpKeyName,
|
||
|
LPCSTR lpDefault,
|
||
|
LPSTR lpReturnedString,
|
||
|
DWORD nSize,
|
||
|
LPCSTR lpFileName
|
||
|
)
|
||
|
{
|
||
|
CSTRING_TRY
|
||
|
{
|
||
|
CString csApp = lpAppName;
|
||
|
CString csKey = lpKeyName;
|
||
|
CString csFile = lpFileName;
|
||
|
|
||
|
if ((csApp.Compare(L"Settings") == 0) &&
|
||
|
(csKey.Compare(L"FaceMakerPath") == 0) &&
|
||
|
(csFile.Find(L"CARDGAME.INI") > -1)) {
|
||
|
|
||
|
DWORD dwRet = ORIGINAL_API(GetPrivateProfileStringA)(lpAppName, lpKeyName,
|
||
|
lpDefault, lpReturnedString, nSize, lpFileName);
|
||
|
|
||
|
if (!dwRet) {
|
||
|
// Substitute the right path
|
||
|
CString csPath = L"%ProgramFiles%\\WON\\FaceMaker";
|
||
|
csPath.ExpandEnvironmentStringsW();
|
||
|
if (lpReturnedString && ((int)nSize > csPath.GetLength())) {
|
||
|
LOGN(eDbgLevelError, "[GetPrivateProfileStringA] Forced correct FaceMaker path");
|
||
|
strncpy(lpReturnedString, csPath.GetAnsi(), nSize);
|
||
|
dwRet = csPath.GetLength();
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return dwRet;
|
||
|
}
|
||
|
}
|
||
|
CSTRING_CATCH
|
||
|
{
|
||
|
// fall through
|
||
|
}
|
||
|
|
||
|
|
||
|
return ORIGINAL_API(GetPrivateProfileStringA)(lpAppName, lpKeyName,
|
||
|
lpDefault, lpReturnedString, nSize, lpFileName);
|
||
|
}
|
||
|
|
||
|
/*++
|
||
|
|
||
|
Register hooked functions
|
||
|
|
||
|
--*/
|
||
|
|
||
|
HOOK_BEGIN
|
||
|
|
||
|
CALL_NOTIFY_FUNCTION
|
||
|
APIHOOK_ENTRY(KERNEL32.DLL, GetPrivateProfileStringA)
|
||
|
|
||
|
HOOK_END
|
||
|
|
||
|
IMPLEMENT_SHIM_END
|
||
|
|