1 //////////////////////////////////////////////////////////////////// 2 // Copyright (C) Alexander Telyatnikov, Ivan Keliukh, Yegor Anchishkin, SKIF Software, 1999-2013. Kiev, Ukraine 3 // All rights reserved 4 // This file was released under the GPLv2 on June 2015. 5 //////////////////////////////////////////////////////////////////// 6 7 #include "regtools.h" 8 9 #ifndef WIN_32_MODE 10 11 NTSTATUS 12 RegTGetKeyHandle( 13 IN HKEY hRootKey, 14 IN PCWSTR KeyName, 15 OUT HKEY* hKey 16 ) 17 { 18 OBJECT_ATTRIBUTES ObjectAttributes; 19 UNICODE_STRING NameString; 20 NTSTATUS status; 21 22 //UDFPrint(("RegTGetKeyHandle: h=%x, %S\n", hRootKey, KeyName)); 23 24 RtlInitUnicodeString(&NameString, KeyName); 25 26 InitializeObjectAttributes( 27 &ObjectAttributes, 28 &NameString, 29 OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, 30 hRootKey, 31 NULL 32 ); 33 34 status = ZwOpenKey( 35 hKey, 36 KEY_WRITE | KEY_READ, 37 &ObjectAttributes 38 ); 39 40 if(!NT_SUCCESS(status)) { 41 //UDFPrint((" status %x\n", status)); 42 *hKey = NULL; 43 } 44 45 return status; 46 } // end RegTGetKeyHandle() 47 48 VOID 49 RegTCloseKeyHandle( 50 IN HKEY hKey 51 ) 52 { 53 ZwClose(hKey); 54 } // end RegTCloseKeyHandle() 55 56 #else //WIN_32_MODE 57 58 NTSTATUS 59 RegTGetKeyHandle( 60 IN HKEY hRootKey, 61 IN PWCHAR KeyName, 62 OUT HKEY* hKey 63 ) 64 { 65 LONG status; 66 67 if(!hRootKey) 68 hRootKey = HKEY_LOCAL_MACHINE; 69 70 status = RegOpenKeyExW( 71 hRootKey, 72 KeyName, 73 0, 74 KEY_WRITE | KEY_READ, 75 hKey 76 ); 77 78 if(status != ERROR_SUCCESS) { 79 *hKey = NULL; 80 } 81 82 return status; 83 } // end RegTGetKeyHandle() 84 85 VOID 86 RegTCloseKeyHandle( 87 IN HKEY hKey 88 ) 89 { 90 if(!hKey) { 91 return; 92 } 93 RegCloseKey(hKey); 94 } // end RegTCloseKeyHandle() 95 96 #endif //WIN_32_MODE 97 98 BOOLEAN 99 RegTGetDwordValue( 100 IN HKEY hRootKey, 101 IN PCWSTR RegistryPath, 102 IN PCWSTR Name, 103 IN PULONG pUlong 104 ) 105 { 106 #ifndef WIN_32_MODE 107 UNICODE_STRING NameString; 108 PKEY_VALUE_PARTIAL_INFORMATION ValInfo; 109 #endif //WIN_32_MODE 110 ULONG len; 111 NTSTATUS status; 112 HKEY hKey; 113 BOOLEAN retval = FALSE; 114 BOOLEAN free_h = FALSE; 115 116 #ifdef WIN_32_MODE 117 if(!hRootKey) 118 hRootKey = HKEY_LOCAL_MACHINE; 119 #endif //WIN_32_MODE 120 121 if(RegistryPath && RegistryPath[0]) { 122 status = RegTGetKeyHandle(hRootKey, RegistryPath, &hKey); 123 #ifdef WIN_32_MODE 124 if(status != ERROR_SUCCESS) 125 #else //WIN_32_MODE 126 if(!NT_SUCCESS(status)) 127 #endif //WIN_32_MODE 128 return FALSE; 129 free_h = TRUE; 130 } else { 131 hKey = hRootKey; 132 } 133 if(!hKey) 134 return FALSE; 135 136 #ifndef WIN_32_MODE 137 /* 138 UDFPrint(("h=%x|%S, %S (%x)\n", 139 hRootKey, RegistryPath, Name, *pUlong)); 140 */ 141 len = sizeof(KEY_VALUE_PARTIAL_INFORMATION) + sizeof(ULONG) + 0x20; 142 ValInfo = (PKEY_VALUE_PARTIAL_INFORMATION) 143 MyAllocatePool__(NonPagedPool, len); 144 if(!ValInfo) { 145 if(free_h) { 146 RegTCloseKeyHandle(hKey); 147 } 148 return FALSE; 149 } 150 151 RtlInitUnicodeString(&NameString, Name); 152 153 status = ZwQueryValueKey(hKey, 154 &NameString, 155 KeyValuePartialInformation, 156 ValInfo, 157 len, 158 &len); 159 if(NT_SUCCESS(status) && 160 ValInfo->DataLength == sizeof(ULONG)) { 161 RtlCopyMemory(pUlong, ValInfo->Data, sizeof(ULONG)); 162 retval = TRUE; 163 //UDFPrint((" -> %x\n",*pUlong)); 164 } else { 165 //UDFPrint((" err %x\n",status)); 166 } 167 168 MyFreePool__(ValInfo); 169 #else //WIN_32_MODE 170 len = sizeof(ULONG); 171 if (ERROR_SUCCESS == RegQueryValueExW( 172 hKey, // handle of key to query 173 Name, // address of name of value to query 174 0, // reserved 175 NULL, // address of buffer for value type 176 (BYTE *)pUlong, // address of data buffer 177 &len // address of data buffer size 178 ) && len == sizeof(ULONG)) { 179 retval = TRUE; 180 } 181 #endif //WIN_32_MODE 182 if(free_h) { 183 RegTCloseKeyHandle(hKey); 184 } 185 return retval; 186 } // end RegTGetDwordValue() 187 188 BOOLEAN 189 RegTGetStringValue( 190 IN HKEY hRootKey, 191 IN PCWSTR RegistryPath, 192 IN PCWSTR Name, 193 IN PWCHAR pStr, 194 IN ULONG MaxLen 195 ) 196 { 197 #ifndef WIN_32_MODE 198 UNICODE_STRING NameString; 199 PKEY_VALUE_PARTIAL_INFORMATION ValInfo; 200 #endif //USER_MODE 201 ULONG len; 202 NTSTATUS status; 203 HKEY hKey; 204 BOOLEAN retval = FALSE; 205 BOOLEAN free_h = FALSE; 206 207 #ifdef WIN_32_MODE 208 if(!hRootKey) 209 hRootKey = HKEY_LOCAL_MACHINE; 210 #endif //WIN_32_MODE 211 212 if(RegistryPath && RegistryPath[0]) { 213 status = RegTGetKeyHandle(hRootKey, RegistryPath, &hKey); 214 #ifdef WIN_32_MODE 215 if(status != ERROR_SUCCESS) 216 #else //WIN_32_MODE 217 if(!NT_SUCCESS(status)) 218 #endif //WIN_32_MODE 219 return FALSE; 220 free_h = TRUE; 221 } else { 222 hKey = hRootKey; 223 } 224 if(!hKey) 225 return FALSE; 226 227 pStr[0] = 0; 228 #ifndef WIN_32_MODE 229 len = sizeof(KEY_VALUE_PARTIAL_INFORMATION) + MaxLen + 0x20; 230 ValInfo = (PKEY_VALUE_PARTIAL_INFORMATION) 231 MyAllocatePool__(NonPagedPool, len); 232 if(!ValInfo) { 233 if(free_h) { 234 RegTCloseKeyHandle(hKey); 235 } 236 return FALSE; 237 } 238 239 RtlInitUnicodeString(&NameString, Name); 240 241 status = ZwQueryValueKey(hKey, 242 &NameString, 243 KeyValuePartialInformation, 244 ValInfo, 245 len, 246 &len); 247 if(NT_SUCCESS(status) && 248 ValInfo->DataLength) { 249 RtlCopyMemory(pStr, ValInfo->Data, min(ValInfo->DataLength, MaxLen) ); 250 if(pStr[(ValInfo->DataLength)/sizeof(WCHAR)-1]) { 251 pStr[(ValInfo->DataLength)/sizeof(WCHAR)-1] = 0; 252 } 253 retval = TRUE; 254 } 255 256 MyFreePool__(ValInfo); 257 #else //WIN_32_MODE 258 len = MaxLen; 259 if (ERROR_SUCCESS == RegQueryValueExW( 260 hKey, // handle of key to query 261 Name, // address of name of value to query 262 0, // reserved 263 NULL, // address of buffer for value type 264 (BYTE *)pStr, // address of data buffer 265 &len // address of data buffer size 266 ) && len) { 267 if(pStr[len-1]) { 268 pStr[len-1] = 0; 269 } 270 retval = TRUE; 271 } 272 #endif //WIN_32_MODE 273 274 if(free_h) { 275 RegTCloseKeyHandle(hKey); 276 } 277 return retval; 278 } // end RegTGetStringValue() 279