Initial

remoteps/intercpt.hpp

@@ -0,0 +1,76 @@
+#ifndef _REMOTEPS_INTERCEPT_HPP_
+#define _REMOTEPS_INTERCEPT_HPP_
+#ifndef _COMMON_WINDOWS_HPP_
+#include <common/windows.hpp>
+#endif
+#ifndef _COMMON_VERSIONINFO_HPP_
+#include <common/version.hpp>
+#endif
+#ifndef _COMMON_BLOCK_HPP_
+#include <common/block.hpp>
+#endif
+#ifndef _COMMON_QUICKSORT_HPP_
+#include <common/qsort.hpp>
+#endif
+#ifndef _COMMON_BINARYSEARCH_HPP_
+#include <common/binsrch.hpp>
+#endif
+#ifndef _COMMON_ARRAY_HPP_
+#include <common/array.hpp>
+#endif
+#ifndef _IMAGE_PUREIMPORT_HPP_
+#include <image/pureimp.hpp>
+#endif
+
+template <class T>
+class BinaryTree;
+
+class Intercept : public Array<PureImport>
+{
+public:
+	Intercept(void);
+	~Intercept();
+	WORD performIntercept(Array<PureImport> &pureImports,DWORD baseAddress);
+private:
+	void loadImportDescriptors(Array<PureImport> &pureImports);
+	void loadImportModuleNames(void);
+	void moduleEntryPoints(void);
+  void resolveImportNames(Array<PureImport> &pureImport);
+  WORD importEntryPoint(PureImport &pureImport);
+  DWORD baseAddress(void)const;
+  WORD isWIN95Thunk(DWORD baseAddress);
+
+  void loadImportModuleNamesEx(void);
+  void loadImportModuleNames(Block<String> &importModuleNames,DWORD baseAddress);
+  BOOL isInModuleNames(const String &strModuleName,Block<String> &strModuleNames);
+  void entryPoints(BinaryTree<PureImport> &pureImports,DWORD baseAddress);
+
+	DWORD mBaseAddress;
+  Block<String> mImportModuleNames;
+	WinVersionInfo mVersionInfo;
+};
+
+inline
+Intercept::Intercept(void)
+{
+}
+
+inline
+Intercept::~Intercept()
+{
+}
+
+inline
+DWORD Intercept::baseAddress(void)const
+{
+  return mBaseAddress;
+}
+
+inline
+WORD Intercept::isWIN95Thunk(DWORD baseAddress)
+{
+	if(*((BYTE*)baseAddress)==0x68&&*(((BYTE*)baseAddress)+5)==0xE9)return TRUE;
+	return FALSE;
+}
+#endif
+