private/sdktools/ntsdsapi/ph.c


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198

#include <string.h>

#include "ntsdp.h"
#include "types.h"
#include "cvtypes.h"
#include "shapi.h"
#include "cvproto.h"
#include "cvinfo.h"
#include "sapi.h"
#include "shiproto.h"
#include "ntsapi.h"

/*
 *  Function Prototypes
 */

BOOLEAN GetOffsetFromString(PUCHAR,PULONG,CHAR);	// NTSYM.C
PSYMBOL AllocSymbol(ULONG, PUCHAR, CHAR);		// NTSYM.C
void    DeallocSymbol(PSYMBOL);				// NTSYM.C
int	EnsureOffsetSymbolsLoaded(ULONG);		// NTSYM.C
void    EnsureModuleSymbolsLoaded(CHAR);		// NTSYM.C
int     AccessNode(PSYMCONTEXT, PNODE);			// NTSYM.C


/*
 *  Global Memory (Program)
 */


extern PPROCESS_INFO    pProcessCurrent;


/*
 *  Global Memory (File)
 */


static char chName[512];


/*
 *  Da Code
 */


/***    PHFindNameInPublics
**
**  Synopsis:
**	HSYM PHFindNameInPublics( HSYM hsym, HEXE hexe, LPSSTR lpsstr,
**						SHFLAG fcase, PFNCMP pFnCmp);
**
**  Entry:
**      hsym   - Not Referenced
**	hexe   - Exe to search in 
**	lpsstr - Length prefixed name to search for
**	fcase  - Not Referenced
**	pFnCmp - Not Referenced
**
**  Returns:
**      Handle to the symbol found or NULL if wasn't found.
**
**  Description:
**      Search a given exe for a symbol with a given name.  Currently the
**	search is non-case sensitive, and if not found will also try with 
**	an underscore prefix.
**
**      NOTE: Should use the pFnCmp routine for the actual comparsion
**      when we get around to it.
**
*/

HSYM PASCAL LOADDS PHFindNameInPublics( HSYM hsym, HEXE hexe, LPSSTR lpsstr,
					SHFLAG fcase, PFNCMP pFnCmp)
{
    PIMAGE_INFO pImage = (PIMAGE_INFO)hexe;
    PSYMBOL pSymSearch;
    PSYMBOL pSymbol = NULL;
    int     st;

    Unreferenced(hsym);
    Unreferenced(fcase);
    Unreferenced(pFnCmp);
    
    // Copy the Name to a null terminated string, and make a search record

    EnsureModuleSymbolsLoaded(pImage->index);
    MEMSET( chName, 0, 512);
    STRNCPY(chName, lpsstr->lpName, lpsstr->cb);
    pSymSearch = AllocSymbol(0L, chName, pImage->index);    
    
    // search for string in tree

    st = AccessNode(&(pProcessCurrent->symcontextSymbolString),
					&(pSymSearch->nodeString));

    // if not found, try again with underscore prepended to name

    if (st) {
        pSymSearch->underscores++;
        st = AccessNode(&(pProcessCurrent->symcontextSymbolString),
                                        &(pSymSearch->nodeString));
        }

    // if found, set the pSymbol (HSYM)

    if (!st)
	pSymbol = PNODE_TO_PSYMBOL
	    (pProcessCurrent->symcontextSymbolString.pNodeRoot,
		&(pProcessCurrent->symcontextSymbolString));

    DeallocSymbol(pSymSearch);
    return (HSYM)pSymbol;
}


/***    PHGetAddr
**
**  Synopsis:
**      BOOLEAN PHGetAddr( LPADDR pAddr, LSZ lszName);
**
**  Entry:
**      pAddr - Pointer to the Address that is to be passed back.
**
**	lszName - Pointer to the string containing the Publics Name.
**
**  Returns:
**      Returns TRUE or FALSE, TRUE is symbol was found and the address
**	was updated.
**
**  Description:
**      Given the name of a public.  Find the symbol and return its address
**	in the ADDR structure.  Return sucess/failure status.
**
*/

BOOL LOADDS PASCAL PHGetAddr ( LPADDR paddr, LSZ lszName )
{
    ULONG Offset;
    PIMAGE_INFO pImage = (PIMAGE_INFO)SHGetNextExe((HEXE)NULL); 

    if ( GetOffsetFromString(lszName, &Offset, pImage->index) ) {
	SH_SetAddr(paddr,Offset, (HEXE)pImage);
	return TRUE;
    }
    
    else
	return FALSE;
}


/***    FUNCNAME
**
**  Synopsis:
**      UOFF32 PHGetNearestHsym(LPADDR paddr, HEXE hexe, PHSYM phsym);
**
**  Entry:
**      paddr - Address of the symbol to find
**      hexe  - Exe to search
**      phsym - Pointer to a symbol handle.
**
**  Returns:
**      The offset in bytes between the sybol found and the address or
**	CV_MAXOFFSET if no symbol was found.
**
**  Description:
**      Find the nearest symbol to an address in a given hexe.
**
*/

UOFF32 LOADDS PASCAL PHGetNearestHsym(LPADDR paddr, HEXE hexe, PHSYM phsym)
{
    SYMBOL  Symbol;
    PSYMBOL pSymbol;
    
    Unreferenced(hexe);
    
    //  create temporary symbol with offset (module not needed)

    Symbol.offset = SH_OffsetFromAddr( paddr );
    Symbol.string[0] = '\0';

    //	load symbols if needed and check range, and if in range,
    //	access symbol in tree with value (or nearest lesser value)

    if (!EnsureOffsetSymbolsLoaded(Symbol.offset) &&
  	 AccessNode(&(pProcessCurrent->symcontextSymbolOffset),
                                        &(Symbol.nodeOffset)) != 1) {
        pSymbol = PNODE_TO_PSYMBOL
                        (pProcessCurrent->symcontextSymbolOffset.pNodeRoot,
                                &(pProcessCurrent->symcontextSymbolOffset));

        *phsym = (HSYM)pSymbol;
	return (Symbol.offset - pSymbol->offset);
    }
    
    else
	return CV_MAXOFFSET;
}