added GetFileAttributes hook for overload

ThirteenAG · Sep 16, 2023 · 4f7d905 · 4f7d905
1 parent 445b619
commit 4f7d905
Show file tree

Hide file tree

Showing 5 changed files with 156 additions and 2 deletions.
diff --git a/external/d3d8to9 b/external/d3d8to9
diff --git a/source/demo_plugins/OverloadFromFolderDLL.cpp b/source/demo_plugins/OverloadFromFolderDLL.cpp
@@ -125,8 +125,16 @@ class DllCallbackHandler
 
 typedef HANDLE(WINAPI* tCreateFileA)(LPCSTR lpFilename, DWORD dwAccess, DWORD dwSharing, LPSECURITY_ATTRIBUTES saAttributes, DWORD dwCreation, DWORD dwAttributes, HANDLE hTemplate);
 typedef HANDLE(WINAPI* tCreateFileW)(LPCWSTR lpFilename, DWORD dwAccess, DWORD dwSharing, LPSECURITY_ATTRIBUTES saAttributes, DWORD dwCreation, DWORD dwAttributes, HANDLE hTemplate);
+typedef DWORD(WINAPI* tGetFileAttributesA)(LPCSTR lpFileName);
+typedef DWORD(WINAPI* tGetFileAttributesW)(LPCWSTR lpFileName);
+typedef BOOL(WINAPI* tGetFileAttributesExA)(LPCSTR lpFileName, GET_FILEEX_INFO_LEVELS fInfoLevelId, LPVOID lpFileInformation);
+typedef BOOL(WINAPI* tGetFileAttributesExW)(LPCWSTR lpFileName, GET_FILEEX_INFO_LEVELS fInfoLevelId, LPVOID lpFileInformation);
 tCreateFileA ptrCreateFileA;
 tCreateFileW ptrCreateFileW;
+tGetFileAttributesA ptrGetFileAttributesA;
+tGetFileAttributesW ptrGetFileAttributesW;
+tGetFileAttributesExA ptrGetFileAttributesExA;
+tGetFileAttributesExW ptrGetFileAttributesExW;
 
 PIMAGE_SECTION_HEADER getSection(const PIMAGE_NT_HEADERS nt_headers, unsigned section)
 {
@@ -191,6 +199,26 @@ bool HookKernel32IATForOverride(HMODULE mod)
                 *(size_t*)i = (size_t)ptrCreateFileW;
                 matchedImports++;
             }
+            else if (ptr == (size_t)GetProcAddress(GetModuleHandle(TEXT("KERNEL32.DLL")), "GetFileAttributesA"))
+            {
+                *(size_t*)i = (size_t)ptrGetFileAttributesA;
+                matchedImports++;
+            }
+            else if (ptr == (size_t)GetProcAddress(GetModuleHandle(TEXT("KERNEL32.DLL")), "GetFileAttributesW"))
+            {
+                *(size_t*)i = (size_t)ptrGetFileAttributesW;
+                matchedImports++;
+            }
+            else if (ptr == (size_t)GetProcAddress(GetModuleHandle(TEXT("KERNEL32.DLL")), "GetFileAttributesExA"))
+            {
+                *(size_t*)i = (size_t)ptrGetFileAttributesExA;
+                matchedImports++;
+            }
+            else if (ptr == (size_t)GetProcAddress(GetModuleHandle(TEXT("KERNEL32.DLL")), "GetFileAttributesExW"))
+            {
+                *(size_t*)i = (size_t)ptrGetFileAttributesExW;
+                matchedImports++;
+            }
 
             VirtualProtect((size_t*)i, sizeof(size_t), dwProtect[0], &dwProtect[1]);
         }
@@ -235,11 +263,23 @@ extern "C" __declspec(dllexport) void InitializeASI()
             auto m = std::get<HMODULE>(e);
             auto pCreateFileA = (tCreateFileA)GetProcAddress(m, "CustomCreateFileA");
             auto pCreateFileW = (tCreateFileW)GetProcAddress(m, "CustomCreateFileW");
+            auto pGetFileAttributesA = (tGetFileAttributesA)GetProcAddress(m, "CustomGetFileAttributesA");
+            auto pGetFileAttributesW = (tGetFileAttributesW)GetProcAddress(m, "CustomGetFileAttributesW");
+            auto pGetFileAttributesExA = (tGetFileAttributesExA)GetProcAddress(m, "CustomGetFileAttributesExA");
+            auto pGetFileAttributesExW = (tGetFileAttributesExW)GetProcAddress(m, "CustomGetFileAttributesExW");
             if (pCreateFileA && pCreateFileW)
             {
                 ual = m;
                 ptrCreateFileA = pCreateFileA;
                 ptrCreateFileW = pCreateFileW;
+                if (pGetFileAttributesA)
+                    ptrGetFileAttributesA = pGetFileAttributesA;
+                if (pGetFileAttributesW)
+                    ptrGetFileAttributesW = pGetFileAttributesW;
+                if (pGetFileAttributesExA)
+                    ptrGetFileAttributesExA = pGetFileAttributesExA;
+                if (pGetFileAttributesExW)
+                    ptrGetFileAttributesExW = pGetFileAttributesExW;
                 break;
             }
         }

diff --git a/source/dllmain.cpp b/source/dllmain.cpp
@@ -168,6 +168,10 @@ enum Kernel32ExportsNames
     eSleep,
     eCreateFileA,
     eCreateFileW,
+    eGetFileAttributesA,
+    eGetFileAttributesW,
+    eGetFileAttributesExA,
+    eGetFileAttributesExW,
 
     Kernel32ExportsNamesCount
 };
@@ -581,7 +585,9 @@ void LoadPluginsAndRestoreIAT(uintptr_t retaddr)
 
     for (size_t i = 0; i < Kernel32ExportsNamesCount; i++)
     {
-        if (!sFileLoaderPath.empty() && (i == eCreateFileA || i == eCreateFileW))
+        if (!sFileLoaderPath.empty() && 
+           (i == eCreateFileA || i == eCreateFileW || i == eGetFileAttributesA ||
+            i == eGetFileAttributesW || i == eGetFileAttributesExA || i == eGetFileAttributesExW))
             continue;
 
         if (Kernel32Data[i][IATPtr] && Kernel32Data[i][ProcAddress])
@@ -773,6 +779,74 @@ HANDLE WINAPI CustomCreateFileW(LPCWSTR lpFilename, DWORD dwAccess, DWORD dwShar
         return CreateFileW(GetFileName(lpFilename).wstring().c_str(), dwAccess, dwSharing, saAttributes, dwCreation, dwAttributes, hTemplate);
 }
 
+typedef DWORD(WINAPI* tGetFileAttributesA)(LPCSTR lpFileName);
+tGetFileAttributesA ptrGetFileAttributesA;
+DWORD WINAPI CustomGetFileAttributesA(LPCSTR lpFileName)
+{
+    static bool once = false;
+    if (!once)
+    {
+        LoadPluginsAndRestoreIAT((uintptr_t)_ReturnAddress());
+        once = true;
+    }
+
+    if (ptrGetFileAttributesA)
+        return ptrGetFileAttributesA(GetFileName(lpFileName).string().c_str());
+    else
+        return GetFileAttributesA(GetFileName(lpFileName).string().c_str());
+}
+
+typedef DWORD(WINAPI* tGetFileAttributesW)(LPCWSTR lpFileName);
+tGetFileAttributesW ptrGetFileAttributesW;
+DWORD WINAPI CustomGetFileAttributesW(LPCWSTR lpFileName)
+{
+    static bool once = false;
+    if (!once)
+    {
+        LoadPluginsAndRestoreIAT((uintptr_t)_ReturnAddress());
+        once = true;
+    }
+
+    if (ptrGetFileAttributesW)
+        return ptrGetFileAttributesW(GetFileName(lpFileName).wstring().c_str());
+    else
+        return GetFileAttributesW(GetFileName(lpFileName).wstring().c_str());
+}
+
+typedef BOOL(WINAPI* tGetFileAttributesExA)(LPCSTR lpFileName, GET_FILEEX_INFO_LEVELS fInfoLevelId, LPVOID lpFileInformation);
+tGetFileAttributesExA ptrGetFileAttributesExA;
+BOOL WINAPI CustomGetFileAttributesExA(LPCSTR lpFileName, GET_FILEEX_INFO_LEVELS fInfoLevelId, LPVOID lpFileInformation)
+{
+    static bool once = false;
+    if (!once)
+    {
+        LoadPluginsAndRestoreIAT((uintptr_t)_ReturnAddress());
+        once = true;
+    }
+
+    if (ptrGetFileAttributesExA)
+        return ptrGetFileAttributesExA(GetFileName(lpFileName).string().c_str(), fInfoLevelId, lpFileInformation);
+    else
+        return GetFileAttributesExA(GetFileName(lpFileName).string().c_str(), fInfoLevelId, lpFileInformation);
+}
+
+typedef BOOL(WINAPI* tGetFileAttributesExW)(LPCWSTR lpFileName, GET_FILEEX_INFO_LEVELS fInfoLevelId, LPVOID lpFileInformation);
+tGetFileAttributesExW ptrGetFileAttributesExW;
+BOOL WINAPI CustomGetFileAttributesExW(LPCWSTR lpFileName, GET_FILEEX_INFO_LEVELS fInfoLevelId, LPVOID lpFileInformation)
+{
+    static bool once = false;
+    if (!once)
+    {
+        LoadPluginsAndRestoreIAT((uintptr_t)_ReturnAddress());
+        once = true;
+    }
+
+    if (ptrGetFileAttributesExW)
+        return ptrGetFileAttributesExW(GetFileName(lpFileName).wstring().c_str(), fInfoLevelId, lpFileInformation);
+    else
+        return GetFileAttributesExW(GetFileName(lpFileName).wstring().c_str(), fInfoLevelId, lpFileInformation);
+}
+
 DEFINE_GUID(CLSID_DirectInput, 0x25E609E0, 0xB259, 0x11CF, 0xBF, 0xC7, 0x44, 0x45, 0x53, 0x54, 0x00, 0x00);
 DEFINE_GUID(CLSID_DirectInput8, 0x25E609E4, 0xB259, 0x11CF, 0xBF, 0xC7, 0x44, 0x45, 0x53, 0x54, 0x00, 0x00);
 DEFINE_GUID(CLSID_WinInet, 0xC39EE728, 0xD419, 0x4BD4, 0xA3, 0xEF, 0xED, 0xA0, 0x59, 0xDB, 0xD9, 0x35);
@@ -840,6 +914,10 @@ bool HookKernel32IAT(HMODULE mod, bool exe)
         Kernel32Data[eSleep][ProcAddress] = (size_t)GetProcAddress(GetModuleHandle(TEXT("KERNEL32.DLL")), "Sleep");
         Kernel32Data[eCreateFileA][ProcAddress] = (size_t)GetProcAddress(GetModuleHandle(TEXT("KERNEL32.DLL")), "CreateFileA");
         Kernel32Data[eCreateFileW][ProcAddress] = (size_t)GetProcAddress(GetModuleHandle(TEXT("KERNEL32.DLL")), "CreateFileW");
+        Kernel32Data[eGetFileAttributesA][ProcAddress] = (size_t)GetProcAddress(GetModuleHandle(TEXT("KERNEL32.DLL")), "GetFileAttributesA");
+        Kernel32Data[eGetFileAttributesW][ProcAddress] = (size_t)GetProcAddress(GetModuleHandle(TEXT("KERNEL32.DLL")), "GetFileAttributesW");
+        Kernel32Data[eGetFileAttributesExA][ProcAddress] = (size_t)GetProcAddress(GetModuleHandle(TEXT("KERNEL32.DLL")), "GetFileAttributesExA");
+        Kernel32Data[eGetFileAttributesExW][ProcAddress] = (size_t)GetProcAddress(GetModuleHandle(TEXT("KERNEL32.DLL")), "GetFileAttributesExW");
     }
 
     uint32_t matchedImports = 0;
@@ -978,6 +1056,34 @@ bool HookKernel32IAT(HMODULE mod, bool exe)
                 *(size_t*)i = (size_t)CustomCreateFileW;
                 matchedImports++;
             }
+            else if (ptr == Kernel32Data[eGetFileAttributesA][ProcAddress])
+            {
+                if (exe) Kernel32Data[eGetFileAttributesA][IATPtr] = i;
+                ptrGetFileAttributesA = *(tGetFileAttributesA*)i;
+                *(size_t*)i = (size_t)CustomGetFileAttributesA;
+                matchedImports++;
+            }
+            else if (ptr == Kernel32Data[eGetFileAttributesW][ProcAddress])
+            {
+                if (exe) Kernel32Data[eGetFileAttributesW][IATPtr] = i;
+                ptrGetFileAttributesW = *(tGetFileAttributesW*)i;
+                *(size_t*)i = (size_t)CustomGetFileAttributesW;
+                matchedImports++;
+            }
+            else if (ptr == Kernel32Data[eGetFileAttributesExA][ProcAddress])
+            {
+                if (exe) Kernel32Data[eGetFileAttributesExA][IATPtr] = i;
+                ptrGetFileAttributesExA = *(tGetFileAttributesExA*)i;
+                *(size_t*)i = (size_t)CustomGetFileAttributesExA;
+                matchedImports++;
+            }
+            else if (ptr == Kernel32Data[eGetFileAttributesExW][ProcAddress])
+            {
+                if (exe) Kernel32Data[eGetFileAttributesExW][IATPtr] = i;
+                ptrGetFileAttributesExW = *(tGetFileAttributesExW*)i;
+                *(size_t*)i = (size_t)CustomGetFileAttributesExW;
+                matchedImports++;
+            }
 
             VirtualProtect((size_t*)i, sizeof(size_t), dwProtect[0], &dwProtect[1]);
         }

diff --git a/source/x64.def b/source/x64.def
@@ -2,6 +2,10 @@ LIBRARY "UAL"
 EXPORTS
 CustomCreateFileA = CustomCreateFileA
 CustomCreateFileW = CustomCreateFileW
+CustomGetFileAttributesA = CustomGetFileAttributesA
+CustomGetFileAttributesW = CustomGetFileAttributesW
+CustomGetFileAttributesExA = CustomGetFileAttributesExA
+CustomGetFileAttributesExW = CustomGetFileAttributesExW
 
 LIBRARY "dinput8"
 EXPORTS

diff --git a/source/x86.def b/source/x86.def
@@ -2,6 +2,10 @@ LIBRARY "UAL"
 EXPORTS
 CustomCreateFileA = CustomCreateFileA
 CustomCreateFileW = CustomCreateFileW
+CustomGetFileAttributesA = CustomGetFileAttributesA
+CustomGetFileAttributesW = CustomGetFileAttributesW
+CustomGetFileAttributesExA = CustomGetFileAttributesExA
+CustomGetFileAttributesExW = CustomGetFileAttributesExW
 
 LIBRARY "vorbisfile"
 EXPORTS