Главная Обзор Помощь
Регистрация Вход
Apq
/
obs-studio
зеркало из https://github.com/obsproject/obs-studio.git
1
0
Ответвить 0
Файлы Задачи 0 Вики
Ветка: release/28.1
Ветки Метки
obs-studio
/
plugins
/
win-capture
/
nt-stuff.c

nt-stuff.c 6.4 KB
Постоянная ссылка История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242 
  1. #include <windows.h>
    2. 

  2. #include <winternl.h>
    3. 

  3. #include <stdbool.h>
    4. 

  4. 

  5. #define THREAD_STATE_WAITING 5
    6. 

  6. #define THREAD_WAIT_REASON_SUSPENDED 5
    7. 

  7. 

  8. typedef struct _OBS_SYSTEM_PROCESS_INFORMATION2 {
    9. 

  9. 	ULONG NextEntryOffset;
    10. 

  10. 	ULONG ThreadCount;
    11. 

  11. 	BYTE Reserved1[48];
    12. 

  12. 	PVOID Reserved2[3];
    13. 

  13. 	HANDLE UniqueProcessId;
    14. 

  14. 	PVOID Reserved3;
    15. 

  15. 	ULONG HandleCount;
    16. 

  16. 	BYTE Reserved4[4];
    17. 

  17. 	PVOID Reserved5[11];
    18. 

  18. 	SIZE_T PeakPagefileUsage;
    19. 

  19. 	SIZE_T PrivatePageCount;
    20. 

  20. 	LARGE_INTEGER Reserved6[6];
    21. 

  21. } OBS_SYSTEM_PROCESS_INFORMATION2;
    22. 

  22. 

  23. typedef struct _OBS_SYSTEM_THREAD_INFORMATION {
    24. 

  24. 	FILETIME KernelTime;
    25. 

  25. 	FILETIME UserTime;
    26. 

  26. 	FILETIME CreateTime;
    27. 

  27. 	DWORD WaitTime;
    28. 

  28. 	PVOID Address;
    29. 

  29. 	HANDLE UniqueProcessId;
    30. 

  30. 	HANDLE UniqueThreadId;
    31. 

  31. 	DWORD Priority;
    32. 

  32. 	DWORD BasePriority;
    33. 

  33. 	DWORD ContextSwitches;
    34. 

  34. 	DWORD ThreadState;
    35. 

  35. 	DWORD WaitReason;
    36. 

  36. 	DWORD Reserved1;
    37. 

  37. } OBS_SYSTEM_THREAD_INFORMATION;
    38. 

  38. 

  39. #ifndef NT_SUCCESS
    40. 

  40. #define NT_SUCCESS(status) ((NTSTATUS)(status) >= 0)
    41. 

  41. #endif
    42. 

  42. 

  43. #define STATUS_INFO_LENGTH_MISMATCH ((NTSTATUS)0xC0000004L)
    44. 

  44. 

  45. #define init_named_attribs(o, name)                   \
    46. 

  46. 	do {                                          \
    47. 

  47. 		(o)->Length = sizeof(*(o));           \
    48. 

  48. 		(o)->ObjectName = name;               \
    49. 

  49. 		(o)->RootDirectory = NULL;            \
    50. 

  50. 		(o)->Attributes = 0;                  \
    51. 

  51. 		(o)->SecurityDescriptor = NULL;       \
    52. 

  52. 		(o)->SecurityQualityOfService = NULL; \
    53. 

  53. 	} while (false)
    54. 

  54. 

  55. typedef void(WINAPI *RTLINITUNICODESTRINGFUNC)(PCUNICODE_STRING pstr,
    56. 

  56. 					       const wchar_t *lpstrName);
    57. 

  57. typedef NTSTATUS(WINAPI *NTOPENFUNC)(PHANDLE phandle, ACCESS_MASK access,
    58. 

  58. 				     POBJECT_ATTRIBUTES objattr);
    59. 

  59. typedef NTSTATUS(WINAPI *NTCREATEMUTANT)(PHANDLE phandle, ACCESS_MASK access,
    60. 

  60. 					 POBJECT_ATTRIBUTES objattr,
    61. 

  61. 					 BOOLEAN isowner);
    62. 

  62. typedef ULONG(WINAPI *RTLNTSTATUSTODOSERRORFUNC)(NTSTATUS status);
    63. 

  63. typedef NTSTATUS(WINAPI *NTQUERYSYSTEMINFORMATIONFUNC)(SYSTEM_INFORMATION_CLASS,
    64. 

  64. 						       PVOID, ULONG, PULONG);
    65. 

  65. 

  66. FARPROC get_nt_func(const char *name)
    67. 

  67. {
    68. 

  68. 	static bool initialized = false;
    69. 

  69. 	static HANDLE ntdll = NULL;
    70. 

  70. 	if (!initialized) {
    71. 

  71. 		ntdll = GetModuleHandleW(L"ntdll");
    72. 

  72. 		initialized = true;
    73. 

  73. 	}
    74. 

  74. 

  75. 	return GetProcAddress(ntdll, name);
    76. 

  76. }
    77. 

  77. 

  78. void nt_set_last_error(NTSTATUS status)
    79. 

  79. {
    80. 

  80. 	static bool initialized = false;
    81. 

  81. 	static RTLNTSTATUSTODOSERRORFUNC func = NULL;
    82. 

  82. 

  83. 	if (!initialized) {
    84. 

  84. 		func = (RTLNTSTATUSTODOSERRORFUNC)get_nt_func(
    85. 

  85. 			"RtlNtStatusToDosError");
    86. 

  86. 		initialized = true;
    87. 

  87. 	}
    88. 

  88. 

  89. 	if (func)
    90. 

  90. 		SetLastError(func(status));
    91. 

  91. }
    92. 

  92. 

  93. void rtl_init_str(UNICODE_STRING *unistr, const wchar_t *str)
    94. 

  94. {
    95. 

  95. 	static bool initialized = false;
    96. 

  96. 	static RTLINITUNICODESTRINGFUNC func = NULL;
    97. 

  97. 

  98. 	if (!initialized) {
    99. 

  99. 		func = (RTLINITUNICODESTRINGFUNC)get_nt_func(
    100. 

  100. 			"RtlInitUnicodeString");
    101. 

  101. 		initialized = true;
    102. 

  102. 	}
    103. 

  103. 

  104. 	if (func)
    105. 

  105. 		func(unistr, str);
    106. 

  106. }
    107. 

  107. 

  108. #define MAKE_NT_OPEN_FUNC(func_name, nt_name, access)             \
    109. 

  109. 	HANDLE func_name(const wchar_t *name)                     \
    110. 

  110. 	{                                                         \
    111. 

  111. 		static bool initialized = false;                  \
    112. 

  112. 		static NTOPENFUNC open = NULL;                    \
    113. 

  113. 		HANDLE handle;                                    \
    114. 

  114. 		NTSTATUS status;                                  \
    115. 

  115. 		UNICODE_STRING unistr;                            \
    116. 

  116. 		OBJECT_ATTRIBUTES attr;                           \
    117. 

  117.                                                                   \
    118. 

  118. 		if (!initialized) {                               \
    119. 

  119. 			open = (NTOPENFUNC)get_nt_func(#nt_name); \
    120. 

  120. 			initialized = true;                       \
    121. 

  121. 		}                                                 \
    122. 

  122.                                                                   \
    123. 

  123. 		if (!open)                                        \
    124. 

  124. 			return NULL;                              \
    125. 

  125.                                                                   \
    126. 

  126. 		rtl_init_str(&unistr, name);                      \
    127. 

  127. 		init_named_attribs(&attr, &unistr);               \
    128. 

  128.                                                                   \
    129. 

  129. 		status = open(&handle, access, &attr);            \
    130. 

  130. 		if (NT_SUCCESS(status))                           \
    131. 

  131. 			return handle;                            \
    132. 

  132. 		nt_set_last_error(status);                        \
    133. 

  133. 		return NULL;                                      \
    134. 

  134. 	}
    135. 

  135. 

  136. MAKE_NT_OPEN_FUNC(nt_open_mutex, NtOpenMutant, SYNCHRONIZE)
    137. 

  137. MAKE_NT_OPEN_FUNC(nt_open_event, NtOpenEvent, EVENT_MODIFY_STATE | SYNCHRONIZE)
    138. 

  138. MAKE_NT_OPEN_FUNC(nt_open_map, NtOpenSection, FILE_MAP_READ | FILE_MAP_WRITE)
    139. 

  139. 

  140. NTSTATUS nt_query_information(SYSTEM_INFORMATION_CLASS info_class, PVOID info,
    141. 

  141. 			      ULONG info_len, PULONG ret_len)
    142. 

  142. {
    143. 

  143. 	static bool initialized = false;
    144. 

  144. 	static NTQUERYSYSTEMINFORMATIONFUNC func = NULL;
    145. 

  145. 

  146. 	if (!initialized) {
    147. 

  147. 		func = (NTQUERYSYSTEMINFORMATIONFUNC)get_nt_func(
    148. 

  148. 			"NtQuerySystemInformation");
    149. 

  149. 		initialized = true;
    150. 

  150. 	}
    151. 

  151. 

  152. 	if (func)
    153. 

  153. 		return func(info_class, info, info_len, ret_len);
    154. 

  154. 	return (NTSTATUS)-1;
    155. 

  155. }
    156. 

  156. 

  157. bool thread_is_suspended(DWORD process_id, DWORD thread_id)
    158. 

  158. {
    159. 

  159. 	ULONG size = 524288;
    160. 

  160. 	bool suspended = false;
    161. 

  161. 	void *data = malloc(size);
    162. 

  162. 	if (!data)
    163. 

  163. 		return false;
    164. 

  164. 

  165. 	for (;;) {
    166. 

  166. 		NTSTATUS stat = nt_query_information(SystemProcessInformation,
    167. 

  167. 						     data, size, &size);
    168. 

  168. 		if (NT_SUCCESS(stat))
    169. 

  169. 			break;
    170. 

  170. 

  171. 		if (stat != STATUS_INFO_LENGTH_MISMATCH) {
    172. 

  172. 			goto fail;
    173. 

  173. 		}
    174. 

  174. 

  175. 		free(data);
    176. 

  176. 		size += 524288;
    177. 

  177. 		data = malloc(size);
    178. 

  178. 		if (!data)
    179. 

  179. 			return false;
    180. 

  180. 	}
    181. 

  181. 

  182. 	OBS_SYSTEM_PROCESS_INFORMATION2 *spi = data;
    183. 

  183. 

  184. 	for (;;) {
    185. 

  185. 		if (spi->UniqueProcessId == (HANDLE)(DWORD_PTR)process_id) {
    186. 

  186. 			break;
    187. 

  187. 		}
    188. 

  188. 

  189. 		ULONG offset = spi->NextEntryOffset;
    190. 

  190. 		if (!offset)
    191. 

  191. 			goto fail;
    192. 

  192. 

  193. 		spi = (OBS_SYSTEM_PROCESS_INFORMATION2 *)((BYTE *)spi + offset);
    194. 

  194. 	}
    195. 

  195. 

  196. 	OBS_SYSTEM_THREAD_INFORMATION *sti;
    197. 

  197. 	OBS_SYSTEM_THREAD_INFORMATION *info = NULL;
    198. 

  198. 	sti = (OBS_SYSTEM_THREAD_INFORMATION *)((BYTE *)spi + sizeof(*spi));
    199. 

  199. 

  200. 	for (ULONG i = 0; i < spi->ThreadCount; i++) {
    201. 

  201. 		if (sti[i].UniqueThreadId == (HANDLE)(DWORD_PTR)thread_id) {
    202. 

  202. 			info = &sti[i];
    203. 

  203. 			break;
    204. 

  204. 		}
    205. 

  205. 	}
    206. 

  206. 

  207. 	if (info) {
    208. 

  208. 		suspended = info->ThreadState == THREAD_STATE_WAITING &&
    209. 

  209. 			    info->WaitReason == THREAD_WAIT_REASON_SUSPENDED;
    210. 

  210. 	}
    211. 

  211. 

  212. fail:
    213. 

  213. 	free(data);
    214. 

  214. 	return suspended;
    215. 

  215. }
    216. 

  216. 

  217. HANDLE nt_create_mutex(const wchar_t *name)
    218. 

  218. {
    219. 

  219. 	static bool initialized = false;
    220. 

  220. 	static NTCREATEMUTANT create = NULL;
    221. 

  221. 	HANDLE handle;
    222. 

  222. 	NTSTATUS status;
    223. 

  223. 	UNICODE_STRING unistr;
    224. 

  224. 	OBJECT_ATTRIBUTES attr;
    225. 

  225. 

  226. 	if (!initialized) {
    227. 

  227. 		create = (NTCREATEMUTANT)get_nt_func("NtCreateMutant");
    228. 

  228. 		initialized = true;
    229. 

  229. 	}
    230. 

  230. 

  231. 	if (!create)
    232. 

  232. 		return NULL;
    233. 

  233. 

  234. 	rtl_init_str(&unistr, name);
    235. 

  235. 	init_named_attribs(&attr, &unistr);
    236. 

  236. 

  237. 	status = create(&handle, SYNCHRONIZE, &attr, FALSE);
    238. 

  238. 	if (NT_SUCCESS(status))
    239. 

  239. 		return handle;
    240. 

  240. 	nt_set_last_error(status);
    241. 

  241. 	return NULL;
    242. 

  242. }
    243.