Process Hacker
Macros | Typedefs | Functions | Variables
support.c File Reference
#include <phgui.h>
#include <guisupp.h>
#include <winsta.h>
#include <md5.h>
#include <sha.h>

Go to the source code of this file.

Macros

#define PHP_USE_IFILEDIALOG   (WINDOWS_HAS_IFILEDIALOG)
 

Typedefs

typedef BOOLEAN(NTAPI * _WinStationQueryInformationW )(_In_opt_ HANDLE ServerHandle, _In_ ULONG LogonId, _In_ WINSTATIONINFOCLASS WinStationInformationClass, _Out_writes_bytes_(WinStationInformationLength) PVOID WinStationInformation, _In_ ULONG WinStationInformationLength, _Out_ PULONG ReturnLength)
 
typedef BOOL(WINAPI * _CreateEnvironmentBlock )(_Out_ LPVOID *lpEnvironment, _In_opt_ HANDLE hToken, _In_ BOOL bInherit)
 
typedef BOOL(WINAPI * _DestroyEnvironmentBlock )(_In_ LPVOID lpEnvironment)
 
typedef struct _PHP_FILE_DIALOG PHP_FILE_DIALOG
 
typedef struct _PHP_FILE_DIALOG * PPHP_FILE_DIALOG
 

Functions

VOID PhAdjustRectangleToBounds (_Inout_ PPH_RECTANGLE Rectangle, _In_ PPH_RECTANGLE Bounds)
 Ensures a rectangle is positioned within the specified bounds.
 
VOID PhCenterRectangle (_Inout_ PPH_RECTANGLE Rectangle, _In_ PPH_RECTANGLE Bounds)
 Positions a rectangle in the center of the specified bounds.
 
VOID PhAdjustRectangleToWorkingArea (_In_ HWND hWnd, _Inout_ PPH_RECTANGLE Rectangle)
 Ensures a rectangle is positioned within the working area of the specified window's monitor.
 
VOID PhCenterWindow (_In_ HWND WindowHandle, _In_opt_ HWND ParentWindowHandle)
 Centers a window.
 
VOID PhReferenceObjects (_In_reads_(NumberOfObjects) PVOID *Objects, _In_ ULONG NumberOfObjects)
 References an array of objects.
 
VOID PhDereferenceObjects (_In_reads_(NumberOfObjects) PVOID *Objects, _In_ ULONG NumberOfObjects)
 Dereferences an array of objects.
 
PPH_STRING PhGetMessage (_In_ PVOID DllHandle, _In_ ULONG MessageTableId, _In_ ULONG MessageLanguageId, _In_ ULONG MessageId)
 Gets a string stored in a DLL's message table.
 
PPH_STRING PhGetNtMessage (_In_ NTSTATUS Status)
 Gets a message describing a NT status value.
 
PPH_STRING PhGetWin32Message (_In_ ULONG Result)
 Gets a message describing a Win32 error code.
 
INT PhShowMessage (_In_ HWND hWnd, _In_ ULONG Type, _In_ PWSTR Format,...)
 Displays a message box.
 
INT PhShowMessage_V (_In_ HWND hWnd, _In_ ULONG Type, _In_ PWSTR Format, _In_ va_list ArgPtr)
 
PPH_STRING PhGetStatusMessage (_In_ NTSTATUS Status, _In_opt_ ULONG Win32Result)
 
VOID PhShowStatus (_In_ HWND hWnd, _In_opt_ PWSTR Message, _In_ NTSTATUS Status, _In_opt_ ULONG Win32Result)
 Displays an error message for a NTSTATUS value or Win32 error code.
 
BOOLEAN PhShowContinueStatus (_In_ HWND hWnd, _In_opt_ PWSTR Message, _In_ NTSTATUS Status, _In_opt_ ULONG Win32Result)
 Displays an error message for a NTSTATUS value or Win32 error code, and allows the user to cancel the current operation.
 
BOOLEAN PhShowConfirmMessage (_In_ HWND hWnd, _In_ PWSTR Verb, _In_ PWSTR Object, _In_opt_ PWSTR Message, _In_ BOOLEAN Warning)
 Displays a confirmation message.
 
BOOLEAN PhFindIntegerSiKeyValuePairs (_In_ PPH_KEY_VALUE_PAIR KeyValuePairs, _In_ ULONG SizeOfKeyValuePairs, _In_ PWSTR String, _Out_ PULONG Integer)
 Finds an integer in an array of string-integer pairs.
 
BOOLEAN PhFindStringSiKeyValuePairs (_In_ PPH_KEY_VALUE_PAIR KeyValuePairs, _In_ ULONG SizeOfKeyValuePairs, _In_ ULONG Integer, _Out_ PWSTR *String)
 Finds a string in an array of string-integer pairs.
 
VOID PhGenerateGuid (_Out_ PGUID Guid)
 Creates a random (type 4) UUID.
 
FORCEINLINE VOID PhpReverseGuid (_Inout_ PGUID Guid)
 
VOID PhGenerateGuidFromName (_Out_ PGUID Guid, _In_ PGUID Namespace, _In_ PCHAR Name, _In_ ULONG NameLength, _In_ UCHAR Version)
 Creates a name-based (type 3 or 5) UUID.
 
VOID PhGenerateRandomAlphaString (_Out_writes_z_(Count) PWSTR Buffer, _In_ ULONG Count)
 Fills a buffer with random uppercase alphabetical characters.
 
PPH_STRING PhEllipsisString (_In_ PPH_STRING String, _In_ ULONG DesiredCount)
 Modifies a string to ensure it is within the specified length.
 
PPH_STRING PhEllipsisStringPath (_In_ PPH_STRING String, _In_ ULONG DesiredCount)
 Modifies a string to ensure it is within the specified length, parsing the string as a path.
 
FORCEINLINE BOOLEAN PhpMatchWildcards (_In_ PWSTR Pattern, _In_ PWSTR String, _In_ BOOLEAN IgnoreCase)
 
BOOLEAN PhMatchWildcards (_In_ PWSTR Pattern, _In_ PWSTR String, _In_ BOOLEAN IgnoreCase)
 Matches a pattern against a string.
 
PPH_STRING PhEscapeStringForMenuPrefix (_In_ PPH_STRINGREF String)
 Escapes a string for prefix characters (ampersands).
 
LONG PhCompareUnicodeStringZIgnoreMenuPrefix (_In_ PWSTR A, _In_ PWSTR B, _In_ BOOLEAN IgnoreCase, _In_ BOOLEAN MatchIfPrefix)
 Compares two strings, ignoring prefix characters (ampersands).
 
PPH_STRING PhFormatDate (_In_opt_ PSYSTEMTIME Date, _In_opt_ PWSTR Format)
 Formats a date using the user's default locale.
 
PPH_STRING PhFormatTime (_In_opt_ PSYSTEMTIME Time, _In_opt_ PWSTR Format)
 Formats a time using the user's default locale.
 
PPH_STRING PhFormatDateTime (_In_opt_ PSYSTEMTIME DateTime)
 Formats a date and time using the user's default locale.
 
PPH_STRING PhFormatTimeSpanRelative (_In_ ULONG64 TimeSpan)
 Formats a relative time span.
 
PPH_STRING PhFormatUInt64 (_In_ ULONG64 Value, _In_ BOOLEAN GroupDigits)
 Formats a 64-bit unsigned integer.
 
PPH_STRING PhFormatDecimal (_In_ PWSTR Value, _In_ ULONG FractionalDigits, _In_ BOOLEAN GroupDigits)
 
PPH_STRING PhFormatSize (_In_ ULONG64 Size, _In_ ULONG MaxSizeUnit)
 Gets a string representing a size.
 
PPH_STRING PhFormatGuid (_In_ PGUID Guid)
 Converts a UUID to its string representation.
 
PVOID PhGetFileVersionInfo (_In_ PWSTR FileName)
 Retrieves image version information for a file.
 
ULONG PhGetFileVersionInfoLangCodePage (_In_ PVOID VersionInfo)
 Retrieves the language ID and code page used by a version information block.
 
PPH_STRING PhGetFileVersionInfoString (_In_ PVOID VersionInfo, _In_ PWSTR SubBlock)
 Retrieves a string in a version information block.
 
PPH_STRING PhGetFileVersionInfoString2 (_In_ PVOID VersionInfo, _In_ ULONG LangCodePage, _In_ PWSTR StringName)
 Retrieves a string in a version information block.
 
VOID PhpGetImageVersionInfoFields (_Out_ PPH_IMAGE_VERSION_INFO ImageVersionInfo, _In_ PVOID VersionInfo, _In_ ULONG LangCodePage)
 
BOOLEAN PhInitializeImageVersionInfo (_Out_ PPH_IMAGE_VERSION_INFO ImageVersionInfo, _In_ PWSTR FileName)
 Initializes a structure with version information.
 
VOID PhDeleteImageVersionInfo (_Inout_ PPH_IMAGE_VERSION_INFO ImageVersionInfo)
 Frees a version information structure initialized by PhInitializeImageVersionInfo().
 
PPH_STRING PhFormatImageVersionInfo (_In_opt_ PPH_STRING FileName, _In_ PPH_IMAGE_VERSION_INFO ImageVersionInfo, _In_opt_ PPH_STRINGREF Indent, _In_opt_ ULONG LineLimit)
 
PPH_STRING PhGetFullPath (_In_ PWSTR FileName, _Out_opt_ PULONG IndexOfFileName)
 Gets an absolute file name.
 
PPH_STRING PhExpandEnvironmentStrings (_In_ PPH_STRINGREF String)
 Expands environment variables in a string.
 
PPH_STRING PhGetBaseName (_In_ PPH_STRING FileName)
 Gets the base name from a file name.
 
PPH_STRING PhGetSystemDirectory (VOID)
 Retrieves the system directory path.
 
VOID PhGetSystemRoot (_Out_ PPH_STRINGREF SystemRoot)
 Retrieves the Windows directory path.
 
PLDR_DATA_TABLE_ENTRY PhFindLoaderEntry (_In_opt_ PVOID DllBase, _In_opt_ PPH_STRINGREF FullDllName, _In_opt_ PPH_STRINGREF BaseDllName)
 Locates a loader entry in the current process.
 
PPH_STRING PhGetDllFileName (_In_ PVOID DllHandle, _Out_opt_ PULONG IndexOfFileName)
 Retrieves the file name of a DLL loaded by the current process.
 
PPH_STRING PhGetApplicationFileName (VOID)
 Retrieves the file name of the current process image.
 
PPH_STRING PhGetApplicationDirectory (VOID)
 Retrieves the directory of the current process image.
 
PPH_STRING PhGetKnownLocation (_In_ ULONG Folder, _In_opt_ PWSTR AppendPath)
 Gets a known location as a file name.
 
NTSTATUS PhWaitForMultipleObjectsAndPump (_In_opt_ HWND hWnd, _In_ ULONG NumberOfHandles, _In_ PHANDLE Handles, _In_ ULONG Timeout)
 Waits on multiple objects while processing window messages.
 
NTSTATUS PhCreateProcess (_In_ PWSTR FileName, _In_opt_ PPH_STRINGREF CommandLine, _In_opt_ PVOID Environment, _In_opt_ PPH_STRINGREF CurrentDirectory, _In_opt_ PPH_CREATE_PROCESS_INFO Information, _In_ ULONG Flags, _In_opt_ HANDLE ParentProcessHandle, _Out_opt_ PCLIENT_ID ClientId, _Out_opt_ PHANDLE ProcessHandle, _Out_opt_ PHANDLE ThreadHandle)
 Creates a native process and an initial thread.
 
NTSTATUS PhCreateProcessWin32 (_In_opt_ PWSTR FileName, _In_opt_ PWSTR CommandLine, _In_opt_ PVOID Environment, _In_opt_ PWSTR CurrentDirectory, _In_ ULONG Flags, _In_opt_ HANDLE TokenHandle, _Out_opt_ PHANDLE ProcessHandle, _Out_opt_ PHANDLE ThreadHandle)
 Creates a Win32 process and an initial thread.
 
FORCEINLINE VOID PhpConvertProcessInformation (_In_ PPROCESS_INFORMATION ProcessInfo, _Out_opt_ PCLIENT_ID ClientId, _Out_opt_ PHANDLE ProcessHandle, _Out_opt_ PHANDLE ThreadHandle)
 
NTSTATUS PhCreateProcessWin32Ex (_In_opt_ PWSTR FileName, _In_opt_ PWSTR CommandLine, _In_opt_ PVOID Environment, _In_opt_ PWSTR CurrentDirectory, _In_opt_ STARTUPINFO *StartupInfo, _In_ ULONG Flags, _In_opt_ HANDLE TokenHandle, _Out_opt_ PCLIENT_ID ClientId, _Out_opt_ PHANDLE ProcessHandle, _Out_opt_ PHANDLE ThreadHandle)
 Creates a Win32 process and an initial thread.
 
NTSTATUS PhCreateProcessAsUser (_In_ PPH_CREATE_PROCESS_AS_USER_INFO Information, _In_ ULONG Flags, _Out_opt_ PCLIENT_ID ClientId, _Out_opt_ PHANDLE ProcessHandle, _Out_opt_ PHANDLE ThreadHandle)
 Creates a Win32 process and an initial thread under the specified user.
 
NTSTATUS PhpGetAccountPrivileges (_In_ PSID AccountSid, _Out_ PTOKEN_PRIVILEGES *Privileges)
 
NTSTATUS PhFilterTokenForLimitedUser (_In_ HANDLE TokenHandle, _Out_ PHANDLE NewTokenHandle)
 Filters a token to create a limited user security context.
 
VOID PhShellExecute (_In_ HWND hWnd, _In_ PWSTR FileName, _In_opt_ PWSTR Parameters)
 Opens a file or location through the shell.
 
BOOLEAN PhShellExecuteEx (_In_opt_ HWND hWnd, _In_ PWSTR FileName, _In_opt_ PWSTR Parameters, _In_ ULONG ShowWindowType, _In_ ULONG Flags, _In_opt_ ULONG Timeout, _Out_opt_ PHANDLE ProcessHandle)
 Opens a file or location through the shell.
 
VOID PhShellExploreFile (_In_ HWND hWnd, _In_ PWSTR FileName)
 Opens Windows Explorer with a file selected.
 
VOID PhShellProperties (_In_ HWND hWnd, _In_ PWSTR FileName)
 Shows properties for a file.
 
PPH_STRING PhExpandKeyName (_In_ PPH_STRING KeyName, _In_ BOOLEAN Computer)
 Expands registry name abbreviations.
 
VOID PhShellOpenKey (_In_ HWND hWnd, _In_ PPH_STRING KeyName)
 Opens a key in the Registry Editor.
 
PKEY_VALUE_PARTIAL_INFORMATION PhQueryRegistryValue (_In_ HANDLE KeyHandle, _In_opt_ PWSTR ValueName)
 Gets a registry value of any type.
 
PPH_STRING PhQueryRegistryString (_In_ HANDLE KeyHandle, _In_opt_ PWSTR ValueName)
 Gets a registry string value.
 
VOID PhMapFlags1 (_Inout_ PULONG Value2, _In_ ULONG Value1, _In_ const PH_FLAG_MAPPING *Mappings, _In_ ULONG NumberOfMappings)
 
VOID PhMapFlags2 (_Inout_ PULONG Value1, _In_ ULONG Value2, _In_ const PH_FLAG_MAPPING *Mappings, _In_ ULONG NumberOfMappings)
 
UINT_PTR CALLBACK PhpOpenFileNameHookProc (_In_ HWND hdlg, _In_ UINT uiMsg, _In_ WPARAM wParam, _In_ LPARAM lParam)
 
OPENFILENAME * PhpCreateOpenFileName (VOID)
 
VOID PhpFreeOpenFileName (_In_ OPENFILENAME *OpenFileName)
 
PPHP_FILE_DIALOG PhpCreateFileDialog (_In_ BOOLEAN Save, _In_opt_ OPENFILENAME *OpenFileName, _In_opt_ IFileDialog *FileDialog)
 
PVOID PhCreateOpenFileDialog (VOID)
 Creates a file dialog for the user to select a file to open.
 
PVOID PhCreateSaveFileDialog (VOID)
 Creates a file dialog for the user to select a file to save to.
 
VOID PhFreeFileDialog (_In_ PVOID FileDialog)
 Frees a file dialog.
 
BOOLEAN PhShowFileDialog (_In_ HWND hWnd, _In_ PVOID FileDialog)
 Shows a file dialog to the user.
 
ULONG PhGetFileDialogOptions (_In_ PVOID FileDialog)
 Gets the options for a file dialog.
 
VOID PhSetFileDialogOptions (_In_ PVOID FileDialog, _In_ ULONG Options)
 Sets the options for a file dialog.
 
ULONG PhGetFileDialogFilterIndex (_In_ PVOID FileDialog)
 Gets the index of the currently selected file type filter for a file dialog.
 
VOID PhSetFileDialogFilter (_In_ PVOID FileDialog, _In_ PPH_FILETYPE_FILTER Filters, _In_ ULONG NumberOfFilters)
 Sets the file type filter for a file dialog.
 
PPH_STRING PhGetFileDialogFileName (_In_ PVOID FileDialog)
 Gets the file name selected in a file dialog.
 
VOID PhSetFileDialogFileName (_In_ PVOID FileDialog, _In_ PWSTR FileName)
 Sets the file name of a file dialog.
 
NTSTATUS PhIsExecutablePacked (_In_ PWSTR FileName, _Out_ PBOOLEAN IsPacked, _Out_opt_ PULONG NumberOfModules, _Out_opt_ PULONG NumberOfFunctions)
 Determines if an executable image is packed.
 
ULONG PhCrc32 (_In_ ULONG Crc, _In_reads_(Length) PCHAR Buffer, _In_ SIZE_T Length)
 
 C_ASSERT (RTL_FIELD_SIZE(PH_HASH_CONTEXT, Context) >=sizeof(MD5_CTX))
 
 C_ASSERT (RTL_FIELD_SIZE(PH_HASH_CONTEXT, Context) >=sizeof(A_SHA_CTX))
 
VOID PhInitializeHash (_Out_ PPH_HASH_CONTEXT Context, _In_ PH_HASH_ALGORITHM Algorithm)
 Initializes hashing.
 
VOID PhUpdateHash (_Inout_ PPH_HASH_CONTEXT Context, _In_reads_bytes_(Length) PVOID Buffer, _In_ ULONG Length)
 Hashes a block of data.
 
BOOLEAN PhFinalHash (_Inout_ PPH_HASH_CONTEXT Context, _Out_writes_bytes_(HashLength) PVOID Hash, _In_ ULONG HashLength, _Out_opt_ PULONG ReturnLength)
 Computes the final hash value.
 
PPH_STRING PhParseCommandLinePart (_In_ PPH_STRINGREF CommandLine, _Inout_ PULONG_PTR Index)
 Parses one part of a command line string.
 
BOOLEAN PhParseCommandLine (_In_ PPH_STRINGREF CommandLine, _In_opt_ PPH_COMMAND_LINE_OPTION Options, _In_ ULONG NumberOfOptions, _In_ ULONG Flags, _In_ PPH_COMMAND_LINE_CALLBACK Callback, _In_opt_ PVOID Context)
 Parses a command line string.
 
PPH_STRING PhEscapeCommandLinePart (_In_ PPH_STRINGREF String)
 Escapes a string for use in a command line.
 
BOOLEAN PhpSearchFilePath (_In_ PWSTR FileName, _In_opt_ PWSTR Extension, _Out_writes_(MAX_PATH) PWSTR Buffer)
 
BOOLEAN PhParseCommandLineFuzzy (_In_ PPH_STRINGREF CommandLine, _Out_ PPH_STRINGREF FileName, _Out_ PPH_STRINGREF Arguments, _Out_opt_ PPH_STRING *FullFileName)
 Parses a command line string.
 

Variables

DECLSPEC_SELECTANY WCHAR * PhSizeUnitNames [7] = { L"B", L"kB", L"MB", L"GB", L"TB", L"PB", L"EB" }
 
DECLSPEC_SELECTANY ULONG PhMaxSizeUnit = MAXULONG32
 

Macro Definition Documentation

#define PHP_USE_IFILEDIALOG   (WINDOWS_HAS_IFILEDIALOG)

Definition at line 30 of file support.c.

Typedef Documentation

typedef BOOL(WINAPI * _CreateEnvironmentBlock)(_Out_ LPVOID *lpEnvironment, _In_opt_ HANDLE hToken, _In_ BOOL bInherit)

Definition at line 41 of file support.c.

typedef BOOL(WINAPI * _DestroyEnvironmentBlock)(_In_ LPVOID lpEnvironment)

Definition at line 47 of file support.c.

typedef BOOLEAN(NTAPI * _WinStationQueryInformationW)(_In_opt_ HANDLE ServerHandle, _In_ ULONG LogonId, _In_ WINSTATIONINFOCLASS WinStationInformationClass, _Out_writes_bytes_(WinStationInformationLength) PVOID WinStationInformation, _In_ ULONG WinStationInformationLength, _Out_ PULONG ReturnLength)

Definition at line 32 of file support.c.

typedef struct _PHP_FILE_DIALOG PHP_FILE_DIALOG
typedef struct _PHP_FILE_DIALOG * PPHP_FILE_DIALOG

Function Documentation

C_ASSERT ( RTL_FIELD_SIZE(PH_HASH_CONTEXT, Context) >=sizeof(MD5_CTX )
C_ASSERT ( RTL_FIELD_SIZE(PH_HASH_CONTEXT, Context) >=sizeof(A_SHA_CTX )
VOID PhAdjustRectangleToBounds ( _Inout_ PPH_RECTANGLE  Rectangle,
_In_ PPH_RECTANGLE  Bounds 
)

Ensures a rectangle is positioned within the specified bounds.

Parameters
RectangleThe rectangle to be adjusted.
BoundsThe bounds.
Remarks
If the rectangle is too large to fit inside the bounds, it is positioned at the top-left of the bounds.

Definition at line 65 of file support.c.

VOID PhAdjustRectangleToWorkingArea ( _In_ HWND  hWnd,
_Inout_ PPH_RECTANGLE  Rectangle 
)

Ensures a rectangle is positioned within the working area of the specified window's monitor.

Parameters
hWndA handle to a window.
RectangleThe rectangle to be adjusted.

Definition at line 104 of file support.c.

VOID PhCenterRectangle ( _Inout_ PPH_RECTANGLE  Rectangle,
_In_ PPH_RECTANGLE  Bounds 
)

Positions a rectangle in the center of the specified bounds.

Parameters
RectangleThe rectangle to be adjusted.
BoundsThe bounds.

Definition at line 88 of file support.c.

VOID PhCenterWindow ( _In_ HWND  WindowHandle,
_In_opt_ HWND  ParentWindowHandle 
)

Centers a window.

Parameters
WindowHandleThe window to center.
ParentWindowHandleIf specified, the window will be positioned at the center of this window. Otherwise, the window will be positioned at the center of the monitor.

Definition at line 131 of file support.c.

LONG PhCompareUnicodeStringZIgnoreMenuPrefix ( _In_ PWSTR  A,
_In_ PWSTR  B,
_In_ BOOLEAN  IgnoreCase,
_In_ BOOLEAN  MatchIfPrefix 
)

Compares two strings, ignoring prefix characters (ampersands).

Parameters
AThe first string.
BThe second string.
IgnoreCaseWhether to ignore character cases.
MatchIfPrefixSpecify TRUE to return 0 when A is a prefix of B.

Definition at line 1064 of file support.c.

ULONG PhCrc32 ( _In_ ULONG  Crc,
_In_reads_(Length) PCHAR  Buffer,
_In_ SIZE_T  Length 
)

Definition at line 4389 of file support.c.

PVOID PhCreateOpenFileDialog ( VOID  )

Creates a file dialog for the user to select a file to open.

Returns
An opaque pointer representing the file dialog. You must free the file dialog using PhFreeFileDialog() when you no longer need it.

Definition at line 3742 of file support.c.

NTSTATUS PhCreateProcess ( _In_ PWSTR  FileName,
_In_opt_ PPH_STRINGREF  CommandLine,
_In_opt_ PVOID  Environment,
_In_opt_ PPH_STRINGREF  CurrentDirectory,
_In_opt_ PPH_CREATE_PROCESS_INFO  Information,
_In_ ULONG  Flags,
_In_opt_ HANDLE  ParentProcessHandle,
_Out_opt_ PCLIENT_ID  ClientId,
_Out_opt_ PHANDLE  ProcessHandle,
_Out_opt_ PHANDLE  ThreadHandle 
)

Creates a native process and an initial thread.

Parameters
FileNameThe Win32 file name of the image.
CommandLineThe command line string to pass to the process. This string cannot be used to specify the image to execute.
EnvironmentThe environment block for the process. Specify NULL to use the environment of the current process.
CurrentDirectoryThe current directory string to pass to the process.
InformationAdditional parameters to pass to the process.
FlagsA combination of the following:
  • PH_CREATE_PROCESS_INHERIT_HANDLES Inheritable handles will be duplicated to the process from the parent process.
  • PH_CREATE_PROCESS_SUSPENDED The initial thread will be created suspended.
  • PH_CREATE_PROCESS_BREAKAWAY_FROM_JOB The process will not be assigned to the job object associated with the parent process.
  • PH_CREATE_PROCESS_NEW_CONSOLE The process will have its own console, instead of inheriting the console of the parent process.
ParentProcessHandleThe process from which the new process will inherit attributes. Specify NULL for the current process.
ClientIdA variable which recieves the identifier of the initial thread.
ProcessHandleA variable which receives a handle to the process.
ThreadHandleA variable which receives a handle to the initial thread.

Definition at line 2312 of file support.c.

NTSTATUS PhCreateProcessAsUser ( _In_ PPH_CREATE_PROCESS_AS_USER_INFO  Information,
_In_ ULONG  Flags,
_Out_opt_ PCLIENT_ID  ClientId,
_Out_opt_ PHANDLE  ProcessHandle,
_Out_opt_ PHANDLE  ThreadHandle 
)

Creates a Win32 process and an initial thread under the specified user.

Parameters
InformationParameters specifying how to create the process.
FlagsSee PhCreateProcess(). Additional flags may be used:
  • PH_CREATE_PROCESS_USE_PROCESS_TOKEN Use the token of the process specified by ProcessIdWithToken in Information.
  • PH_CREATE_PROCESS_USE_SESSION_TOKEN Use the token of the session specified by SessionIdWithToken in Information.
  • PH_CREATE_PROCESS_USE_LINKED_TOKEN Use the linked token to create the process; this causes the process to be elevated or unelevated depending on the specified options.
  • PH_CREATE_PROCESS_SET_SESSION_ID SessionId is specified in Information.
  • PH_CREATE_PROCESS_WITH_PROFILE Load the user profile, if supported.
ClientIdA variable which recieves the identifier of the initial thread.
ProcessHandleA variable which receives a handle to the process.
ThreadHandleA variable which receives a handle to the initial thread.

Definition at line 2622 of file support.c.

NTSTATUS PhCreateProcessWin32 ( _In_opt_ PWSTR  FileName,
_In_opt_ PWSTR  CommandLine,
_In_opt_ PVOID  Environment,
_In_opt_ PWSTR  CurrentDirectory,
_In_ ULONG  Flags,
_In_opt_ HANDLE  TokenHandle,
_Out_opt_ PHANDLE  ProcessHandle,
_Out_opt_ PHANDLE  ThreadHandle 
)

Creates a Win32 process and an initial thread.

Parameters
FileNameThe Win32 file name of the image.
CommandLineThe command line to execute. This can be specified instead of FileName to indicate the image to execute.
EnvironmentThe environment block for the process. Specify NULL to use the environment of the current process.
CurrentDirectoryThe current directory string to pass to the process.
FlagsSee PhCreateProcess().
TokenHandleThe token of the process. Specify NULL for the token of the parent process.
ProcessHandleA variable which receives a handle to the process.
ThreadHandleA variable which receives a handle to the initial thread.

Definition at line 2441 of file support.c.

NTSTATUS PhCreateProcessWin32Ex ( _In_opt_ PWSTR  FileName,
_In_opt_ PWSTR  CommandLine,
_In_opt_ PVOID  Environment,
_In_opt_ PWSTR  CurrentDirectory,
_In_opt_ STARTUPINFO *  StartupInfo,
_In_ ULONG  Flags,
_In_opt_ HANDLE  TokenHandle,
_Out_opt_ PCLIENT_ID  ClientId,
_Out_opt_ PHANDLE  ProcessHandle,
_Out_opt_ PHANDLE  ThreadHandle 
)

Creates a Win32 process and an initial thread.

Parameters
FileNameThe Win32 file name of the image.
CommandLineThe command line to execute. This can be specified instead of FileName to indicate the image to execute.
EnvironmentThe environment block for the process. Specify NULL to use the environment of the current process.
CurrentDirectoryThe current directory string to pass to the process.
StartupInfoA STARTUPINFO structure containing additional parameters for the process.
FlagsSee PhCreateProcess().
TokenHandleThe token of the process. Specify NULL for the token of the parent process.
ClientIdA variable which recieves the identifier of the initial thread.
ProcessHandleA variable which receives a handle to the process.
ThreadHandleA variable which receives a handle to the initial thread.

Definition at line 2518 of file support.c.

PVOID PhCreateSaveFileDialog ( VOID  )

Creates a file dialog for the user to select a file to save to.

Returns
An opaque pointer representing the file dialog. You must free the file dialog using PhFreeFileDialog() when you no longer need it.

Definition at line 3781 of file support.c.

VOID PhDeleteImageVersionInfo ( _Inout_ PPH_IMAGE_VERSION_INFO  ImageVersionInfo)

Frees a version information structure initialized by PhInitializeImageVersionInfo().

Parameters
ImageVersionInfoThe version information structure.

Definition at line 1684 of file support.c.

VOID PhDereferenceObjects ( _In_reads_(NumberOfObjects) PVOID *  Objects,
_In_ ULONG  NumberOfObjects 
)

Dereferences an array of objects.

Parameters
ObjectsAn array of objects.
NumberOfObjectsThe number of elements in Objects.

Definition at line 198 of file support.c.

PPH_STRING PhEllipsisString ( _In_ PPH_STRING  String,
_In_ ULONG  DesiredCount 
)

Modifies a string to ensure it is within the specified length.

Parameters
StringThe input string.
DesiredCountThe desired number of characters in the new string. If necessary, parts of the string are replaced with an ellipsis to indicate characters have been omitted.
Returns
The new string.

Definition at line 817 of file support.c.

PPH_STRING PhEllipsisStringPath ( _In_ PPH_STRING  String,
_In_ ULONG  DesiredCount 
)

Modifies a string to ensure it is within the specified length, parsing the string as a path.

Parameters
StringThe input string.
DesiredCountThe desired number of characters in the new string. If necessary, parts of the string are replaced with an ellipsis to indicate characters have been omitted.
Returns
The new string.

Definition at line 852 of file support.c.

PPH_STRING PhEscapeCommandLinePart ( _In_ PPH_STRINGREF  String)

Escapes a string for use in a command line.

Parameters
StringThe string to escape.
Returns
The escaped string.
Remarks
Only the double quotation mark is escaped.

Definition at line 4788 of file support.c.

PPH_STRING PhEscapeStringForMenuPrefix ( _In_ PPH_STRINGREF  String)

Escapes a string for prefix characters (ampersands).

Parameters
StringThe string to process.
Returns
The escaped string, with each ampersand replaced by 2 ampersands.

Definition at line 1005 of file support.c.

PPH_STRING PhExpandEnvironmentStrings ( _In_ PPH_STRINGREF  String)

Expands environment variables in a string.

Parameters
StringThe string.

Definition at line 1865 of file support.c.

PPH_STRING PhExpandKeyName ( _In_ PPH_STRING  KeyName,
_In_ BOOLEAN  Computer 
)

Expands registry name abbreviations.

Parameters
KeyNameThe key name.
ComputerTRUE to prepend "Computer" or "My Computer" for use with the Registry Editor.

Definition at line 3338 of file support.c.

NTSTATUS PhFilterTokenForLimitedUser ( _In_ HANDLE  TokenHandle,
_Out_ PHANDLE  NewTokenHandle 
)

Filters a token to create a limited user security context.

Parameters
TokenHandleA handle to an existing token. The handle must have TOKEN_DUPLICATE, TOKEN_QUERY, TOKEN_ADJUST_GROUPS, TOKEN_ADJUST_DEFAULT, READ_CONTROL and WRITE_DAC access.
NewTokenHandleA variable which receives a handle to the filtered token. The handle will have the same granted access as TokenHandle.

Definition at line 2976 of file support.c.

BOOLEAN PhFinalHash ( _Inout_ PPH_HASH_CONTEXT  Context,
_Out_writes_bytes_(HashLength) PVOID  Hash,
_In_ ULONG  HashLength,
_Out_opt_ PULONG  ReturnLength 
)

Computes the final hash value.

Parameters
ContextA hashing context structure.
HashA buffer which receives the final hash value.
HashLengthThe size of the buffer, in bytes.
ReturnLengthA variable which receives the required size of the buffer, in bytes.

Definition at line 4477 of file support.c.

BOOLEAN PhFindIntegerSiKeyValuePairs ( _In_ PPH_KEY_VALUE_PAIR  KeyValuePairs,
_In_ ULONG  SizeOfKeyValuePairs,
_In_ PWSTR  String,
_Out_ PULONG  Integer 
)

Finds an integer in an array of string-integer pairs.

Parameters
KeyValuePairsThe array.
SizeOfKeyValuePairsThe size of the array, in bytes.
StringThe string to search for.
IntegerA variable which receives the found integer.
Returns
TRUE if the string was found, otherwise FALSE.
Remarks
The search is case-sensitive.

Definition at line 608 of file support.c.

PLDR_DATA_TABLE_ENTRY PhFindLoaderEntry ( _In_opt_ PVOID  DllBase,
_In_opt_ PPH_STRINGREF  FullDllName,
_In_opt_ PPH_STRINGREF  BaseDllName 
)

Locates a loader entry in the current process.

Parameters
DllBaseThe base address of the DLL. Specify NULL if this is not a search criteria.
FullDllNameThe full name of the DLL. Specify NULL if this is not a search criteria.
BaseDllNameThe base name of the DLL. Specify NULL if this is not a search criteria.
Remarks
This function must be called with the loader lock acquired. The first entry matching all of the specified values is returned.

Definition at line 2040 of file support.c.

BOOLEAN PhFindStringSiKeyValuePairs ( _In_ PPH_KEY_VALUE_PAIR  KeyValuePairs,
_In_ ULONG  SizeOfKeyValuePairs,
_In_ ULONG  Integer,
_Out_ PWSTR *  String 
)

Finds a string in an array of string-integer pairs.

Parameters
KeyValuePairsThe array.
SizeOfKeyValuePairsThe size of the array, in bytes.
IntegerThe integer to search for.
StringA variable which receives the found string.
Returns
TRUE if the integer was found, otherwise FALSE.

Definition at line 639 of file support.c.

PPH_STRING PhFormatDate ( _In_opt_ PSYSTEMTIME  Date,
_In_opt_ PWSTR  Format 
)

Formats a date using the user's default locale.

Parameters
DateThe time structure. If NULL, the current time is used.
FormatThe format of the date. If NULL, the format appropriate to the user's locale is used.

Definition at line 1140 of file support.c.

PPH_STRING PhFormatDateTime ( _In_opt_ PSYSTEMTIME  DateTime)

Formats a date and time using the user's default locale.

Parameters
DateTimeThe time structure. If NULL, the current time is used.
Returns
A string containing the time, a space character, then the date.

Definition at line 1198 of file support.c.

PPH_STRING PhFormatDecimal ( _In_ PWSTR  Value,
_In_ ULONG  FractionalDigits,
_In_ BOOLEAN  GroupDigits 
)

Definition at line 1373 of file support.c.

PPH_STRING PhFormatGuid ( _In_ PGUID  Guid)

Converts a UUID to its string representation.

Parameters
GuidA UUID.

Definition at line 1460 of file support.c.

PPH_STRING PhFormatImageVersionInfo ( _In_opt_ PPH_STRING  FileName,
_In_ PPH_IMAGE_VERSION_INFO  ImageVersionInfo,
_In_opt_ PPH_STRINGREF  Indent,
_In_opt_ ULONG  LineLimit 
)

Definition at line 1694 of file support.c.

PPH_STRING PhFormatSize ( _In_ ULONG64  Size,
_In_ ULONG  MaxSizeUnit 
)

Gets a string representing a size.

Parameters
SizeThe size value.
MaxSizeUnitThe largest unit of size to use, -1 to use PhMaxSizeUnit, or -2 for no limit.
  • 0 Bytes.
  • 1 Kilobytes.
  • 2 Megabytes.
  • 3 Gigabytes.
  • 4 Terabytes.
  • 5 Petabytes.
  • 6 Exabytes.

Definition at line 1439 of file support.c.

PPH_STRING PhFormatTime ( _In_opt_ PSYSTEMTIME  Time,
_In_opt_ PWSTR  Format 
)

Formats a time using the user's default locale.

Parameters
TimeThe time structure. If NULL, the current time is used.
FormatThe format of the time. If NULL, the format appropriate to the user's locale is used.

Definition at line 1169 of file support.c.

PPH_STRING PhFormatTimeSpanRelative ( _In_ ULONG64  TimeSpan)

Formats a relative time span.

Parameters
TimeSpanThe time span, in ticks.

Definition at line 1237 of file support.c.

PPH_STRING PhFormatUInt64 ( _In_ ULONG64  Value,
_In_ BOOLEAN  GroupDigits 
)

Formats a 64-bit unsigned integer.

Parameters
ValueThe integer.
GroupDigitsTRUE to group digits, otherwise FALSE.

Definition at line 1360 of file support.c.

VOID PhFreeFileDialog ( _In_ PVOID  FileDialog)

Frees a file dialog.

Parameters
FileDialogThe file dialog.

Definition at line 3817 of file support.c.

VOID PhGenerateGuid ( _Out_ PGUID  Guid)

Creates a random (type 4) UUID.

Parameters
GuidThe destination UUID.

Definition at line 665 of file support.c.

VOID PhGenerateGuidFromName ( _Out_ PGUID  Guid,
_In_ PGUID  Namespace,
_In_ PCHAR  Name,
_In_ ULONG  NameLength,
_In_ UCHAR  Version 
)

Creates a name-based (type 3 or 5) UUID.

Parameters
GuidThe destination UUID.
NamespaceThe UUID of the namespace.
NameThe input name.
NameLengthThe length of the input name, not including the null terminator if present.
VersionThe type of UUID.
  • GUID_VERSION_MD5 Creates a type 3, MD5-based UUID.
  • GUID_VERSION_SHA1 Creates a type 5, SHA1-based UUID.

Definition at line 723 of file support.c.

VOID PhGenerateRandomAlphaString ( _Out_writes_z_(Count) PWSTR  Buffer,
_In_ ULONG  Count 
)

Fills a buffer with random uppercase alphabetical characters.

Parameters
BufferThe buffer to fill with random characters, plus a null terminator.
CountThe number of characters available in the buffer, including space for the null terminator.

Definition at line 788 of file support.c.

PPH_STRING PhGetApplicationDirectory ( VOID  )

Retrieves the directory of the current process image.

Definition at line 2144 of file support.c.

PPH_STRING PhGetApplicationFileName ( VOID  )

Retrieves the file name of the current process image.

Definition at line 2134 of file support.c.

PPH_STRING PhGetBaseName ( _In_ PPH_STRING  FileName)

Gets the base name from a file name.

Parameters
FileNameThe file name.

Definition at line 1924 of file support.c.

PPH_STRING PhGetDllFileName ( _In_ PVOID  DllHandle,
_Out_opt_ PULONG  IndexOfFileName 
)

Retrieves the file name of a DLL loaded by the current process.

Parameters
DllHandleThe base address of the DLL.
IndexOfFileNameA variable which receives the index of the base name of the DLL in the returned string.
Returns
The file name of the DLL, or NULL if the DLL could not be found.

Definition at line 2088 of file support.c.

PPH_STRING PhGetFileDialogFileName ( _In_ PVOID  FileDialog)

Gets the file name selected in a file dialog.

Parameters
FileDialogThe file dialog.
Returns
A pointer to a string containing the file name. You must free the string using PhDereferenceObject() when you no longer need it.

Definition at line 4112 of file support.c.

ULONG PhGetFileDialogFilterIndex ( _In_ PVOID  FileDialog)

Gets the index of the currently selected file type filter for a file dialog.

Parameters
FileDialogThe file dialog.
Returns
The one-based index of the selected file type, or 0 if an error occurred.

Definition at line 4024 of file support.c.

ULONG PhGetFileDialogOptions ( _In_ PVOID  FileDialog)

Gets the options for a file dialog.

Parameters
FileDialogThe file dialog.
Returns
The currently enabled options. See the documentation for PhSetFileDialogOptions() for details.

Definition at line 3909 of file support.c.

PVOID PhGetFileVersionInfo ( _In_ PWSTR  FileName)

Retrieves image version information for a file.

Parameters
FileNameThe file name.
Returns
A version information block. You must free this using PhFree() when you no longer need it.

Definition at line 1484 of file support.c.

ULONG PhGetFileVersionInfoLangCodePage ( _In_ PVOID  VersionInfo)

Retrieves the language ID and code page used by a version information block.

Parameters
VersionInfoThe version information block.

Definition at line 1527 of file support.c.

PPH_STRING PhGetFileVersionInfoString ( _In_ PVOID  VersionInfo,
_In_ PWSTR  SubBlock 
)

Retrieves a string in a version information block.

Parameters
VersionInfoThe version information block.
SubBlockThe path to the sub-block.

Definition at line 1551 of file support.c.

PPH_STRING PhGetFileVersionInfoString2 ( _In_ PVOID  VersionInfo,
_In_ ULONG  LangCodePage,
_In_ PWSTR  StringName 
)

Retrieves a string in a version information block.

Parameters
VersionInfoThe version information block.
LangCodePageThe language ID and code page of the string.
StringNameThe name of the string.

Definition at line 1582 of file support.c.

PPH_STRING PhGetFullPath ( _In_ PWSTR  FileName,
_Out_opt_ PULONG  IndexOfFileName 
)

Gets an absolute file name.

Parameters
FileNameA file name.
IndexOfFileNameA variable which receives the index of the base name.
Returns
An absolute file name, or NULL if the function failed.

Definition at line 1811 of file support.c.

PPH_STRING PhGetKnownLocation ( _In_ ULONG  Folder,
_In_opt_ PWSTR  AppendPath 
)

Gets a known location as a file name.

Parameters
FolderA CSIDL value representing the known location.
AppendPathA string to append to the folder path.

Definition at line 2174 of file support.c.

PPH_STRING PhGetMessage ( _In_ PVOID  DllHandle,
_In_ ULONG  MessageTableId,
_In_ ULONG  MessageLanguageId,
_In_ ULONG  MessageId 
)

Gets a string stored in a DLL's message table.

Parameters
DllHandleThe base address of the DLL.
MessageTableIdThe identifier of the message table.
MessageLanguageIdThe language ID of the message.
MessageIdThe identifier of the message.
Returns
A pointer to a string containing the message. You must free the string using PhDereferenceObject() when you no longer need it.

Definition at line 221 of file support.c.

PPH_STRING PhGetNtMessage ( _In_ NTSTATUS  Status)

Gets a message describing a NT status value.

Parameters
StatusThe NT status value.

Definition at line 281 of file support.c.

PPH_STRING PhGetStatusMessage ( _In_ NTSTATUS  Status,
_In_opt_ ULONG  Win32Result 
)

Definition at line 387 of file support.c.

PPH_STRING PhGetSystemDirectory ( VOID  )

Retrieves the system directory path.

Definition at line 1940 of file support.c.

VOID PhGetSystemRoot ( _Out_ PPH_STRINGREF  SystemRoot)

Retrieves the Windows directory path.

Definition at line 1996 of file support.c.

PPH_STRING PhGetWin32Message ( _In_ ULONG  Result)

Gets a message describing a Win32 error code.

Parameters
ResultThe Win32 error code.

Definition at line 324 of file support.c.

VOID PhInitializeHash ( _Out_ PPH_HASH_CONTEXT  Context,
_In_ PH_HASH_ALGORITHM  Algorithm 
)

Initializes hashing.

Parameters
ContextA hashing context structure.
AlgorithmThe hash algorithm to use:
  • Md5HashAlgorithm MD5 (128 bits)
  • Sha1HashAlgorithm SHA-1 (160 bits)
  • Crc32HashAlgorithm CRC-32-IEEE 802.3 (32 bits)

Definition at line 4415 of file support.c.

BOOLEAN PhInitializeImageVersionInfo ( _Out_ PPH_IMAGE_VERSION_INFO  ImageVersionInfo,
_In_ PWSTR  FileName 
)

Initializes a structure with version information.

Parameters
ImageVersionInfoThe version information structure.
FileNameThe file name of an image.

Definition at line 1621 of file support.c.

NTSTATUS PhIsExecutablePacked ( _In_ PWSTR  FileName,
_Out_ PBOOLEAN  IsPacked,
_Out_opt_ PULONG  NumberOfModules,
_Out_opt_ PULONG  NumberOfFunctions 
)

Determines if an executable image is packed.

Parameters
FileNameThe file name of the image.
IsPackedA variable that receives TRUE if the image is packed, otherwise FALSE.
NumberOfModulesA variable that receives the number of DLLs that the image imports functions from.
NumberOfFunctionsA variable that receives the number of functions that the image imports.

Definition at line 4235 of file support.c.

VOID PhMapFlags1 ( _Inout_ PULONG  Value2,
_In_ ULONG  Value1,
_In_ const PH_FLAG_MAPPING Mappings,
_In_ ULONG  NumberOfMappings 
)

Definition at line 3536 of file support.c.

VOID PhMapFlags2 ( _Inout_ PULONG  Value1,
_In_ ULONG  Value2,
_In_ const PH_FLAG_MAPPING Mappings,
_In_ ULONG  NumberOfMappings 
)

Definition at line 3578 of file support.c.

BOOLEAN PhMatchWildcards ( _In_ PWSTR  Pattern,
_In_ PWSTR  String,
_In_ BOOLEAN  IgnoreCase 
)

Matches a pattern against a string.

Parameters
PatternThe pattern, which can contain asterisks and question marks.
StringThe string which the pattern is matched against.
IgnoreCaseWhether to ignore character cases.

Definition at line 985 of file support.c.

BOOLEAN PhParseCommandLine ( _In_ PPH_STRINGREF  CommandLine,
_In_opt_ PPH_COMMAND_LINE_OPTION  Options,
_In_ ULONG  NumberOfOptions,
_In_ ULONG  Flags,
_In_ PPH_COMMAND_LINE_CALLBACK  Callback,
_In_opt_ PVOID  Context 
)

Parses a command line string.

Parameters
CommandLineThe command line string.
OptionsAn array of supported command line options.
NumberOfOptionsThe number of elements in Options.
FlagsA combination of flags.
  • PH_COMMAND_LINE_IGNORE_UNKNOWN_OPTIONS Unknown command line options are ignored instead of failing the function.
  • PH_COMMAND_LINE_IGNORE_FIRST_PART The first part of the command line string is ignored. This is used when the first part of the string contains the executable file name.
CallbackA callback function to execute for each command line option found.
ContextA user-defined value to pass to Callback.

Definition at line 4650 of file support.c.

BOOLEAN PhParseCommandLineFuzzy ( _In_ PPH_STRINGREF  CommandLine,
_Out_ PPH_STRINGREF  FileName,
_Out_ PPH_STRINGREF  Arguments,
_Out_opt_ PPH_STRING FullFileName 
)

Parses a command line string.

If the string does not contain quotation marks around the file name part, the function determines the file name to use.

Parameters
CommandLineThe command line string.
FileNameA variable which receives the part of CommandLine that contains the file name.
ArgumentsA variable which receives the part of CommandLine that contains the arguments.
FullFileNameA variable which receives the full path and file name. This may be NULL if the file was not found.

Definition at line 4906 of file support.c.

PPH_STRING PhParseCommandLinePart ( _In_ PPH_STRINGREF  CommandLine,
_Inout_ PULONG_PTR  Index 
)

Parses one part of a command line string.

Quotation marks and backslashes are handled appropriately.

Parameters
CommandLineThe entire command line string.
IndexThe starting index of the command line part to be parsed. There should be no leading whitespace at this index. The index is updated to point to the end of the command line part.

Definition at line 4541 of file support.c.

FORCEINLINE VOID PhpConvertProcessInformation ( _In_ PPROCESS_INFORMATION  ProcessInfo,
_Out_opt_ PCLIENT_ID  ClientId,
_Out_opt_ PHANDLE  ProcessHandle,
_Out_opt_ PHANDLE  ThreadHandle 
)

Definition at line 2474 of file support.c.

PPHP_FILE_DIALOG PhpCreateFileDialog ( _In_ BOOLEAN  Save,
_In_opt_ OPENFILENAME *  OpenFileName,
_In_opt_ IFileDialog *  FileDialog 
)

Definition at line 3704 of file support.c.

OPENFILENAME* PhpCreateOpenFileName ( VOID  )

Definition at line 3662 of file support.c.

VOID PhpFreeOpenFileName ( _In_ OPENFILENAME *  OpenFileName)

Definition at line 3683 of file support.c.

NTSTATUS PhpGetAccountPrivileges ( _In_ PSID  AccountSid,
_Out_ PTOKEN_PRIVILEGES *  Privileges 
)

Definition at line 2935 of file support.c.

VOID PhpGetImageVersionInfoFields ( _Out_ PPH_IMAGE_VERSION_INFO  ImageVersionInfo,
_In_ PVOID  VersionInfo,
_In_ ULONG  LangCodePage 
)

Definition at line 1604 of file support.c.

FORCEINLINE BOOLEAN PhpMatchWildcards ( _In_ PWSTR  Pattern,
_In_ PWSTR  String,
_In_ BOOLEAN  IgnoreCase 
)

Definition at line 917 of file support.c.

UINT_PTR CALLBACK PhpOpenFileNameHookProc ( _In_ HWND  hdlg,
_In_ UINT  uiMsg,
_In_ WPARAM  wParam,
_In_ LPARAM  lParam 
)

Definition at line 3612 of file support.c.

FORCEINLINE VOID PhpReverseGuid ( _Inout_ PGUID  Guid)

Definition at line 702 of file support.c.

BOOLEAN PhpSearchFilePath ( _In_ PWSTR  FileName,
_In_opt_ PWSTR  Extension,
_Out_writes_(MAX_PATH) PWSTR  Buffer 
)

Definition at line 4840 of file support.c.

PPH_STRING PhQueryRegistryString ( _In_ HANDLE  KeyHandle,
_In_opt_ PWSTR  ValueName 
)

Gets a registry string value.

Parameters
KeyHandleA handle to the key.
ValueNameThe name of the value.
Returns
A pointer to a string containing the value, or NULL if the function failed. You must free the string using PhDereferenceObject() when you no longer need it.

Definition at line 3506 of file support.c.

PKEY_VALUE_PARTIAL_INFORMATION PhQueryRegistryValue ( _In_ HANDLE  KeyHandle,
_In_opt_ PWSTR  ValueName 
)

Gets a registry value of any type.

Parameters
KeyHandleA handle to the key.
ValueNameThe name of the value.
Returns
A buffer containing information about the registry value, or NULL if the function failed. You must free the buffer with PhFree() when you no longer need it.

Definition at line 3450 of file support.c.

VOID PhReferenceObjects ( _In_reads_(NumberOfObjects) PVOID *  Objects,
_In_ ULONG  NumberOfObjects 
)

References an array of objects.

Parameters
ObjectsAn array of objects.
NumberOfObjectsThe number of elements in Objects.

Definition at line 181 of file support.c.

VOID PhSetFileDialogFileName ( _In_ PVOID  FileDialog,
_In_ PWSTR  FileName 
)

Sets the file name of a file dialog.

Parameters
FileDialogThe file dialog.
FileNameThe new file name.

Definition at line 4161 of file support.c.

VOID PhSetFileDialogFilter ( _In_ PVOID  FileDialog,
_In_ PPH_FILETYPE_FILTER  Filters,
_In_ ULONG  NumberOfFilters 
)

Sets the file type filter for a file dialog.

Parameters
FileDialogThe file dialog.
FiltersA pointer to an array of file type structures.
NumberOfFiltersThe number of file types.

Definition at line 4059 of file support.c.

VOID PhSetFileDialogOptions ( _In_ PVOID  FileDialog,
_In_ ULONG  Options 
)

Sets the options for a file dialog.

Parameters
FileDialogThe file dialog.
OptionsA combination of flags specifying the options.
  • PH_FILEDIALOG_CREATEPROMPT A prompt for creation will be displayed when the selected item does not exist. This is only valid for Save dialogs.
  • PH_FILEDIALOG_PATHMUSTEXIST The selected item must be in an existing folder. This is enabled by default.
  • PH_FILEDIALOG_FILEMUSTEXIST The selected item must exist. This is enabled by default and is only valid for Open dialogs.
  • PH_FILEDIALOG_SHOWHIDDEN Items with the System and Hidden attributes will be displayed.
  • PH_FILEDIALOG_NODEREFERENCELINKS Shortcuts will not be followed, allowing .lnk files to be opened.
  • PH_FILEDIALOG_OVERWRITEPROMPT An overwrite prompt will be displayed if an existing item is selected. This is enabled by default and is only valid for Save dialogs.
  • PH_FILEDIALOG_DEFAULTEXPANDED The file dialog should be expanded by default (i.e. the folder browser should be displayed). This is only valid for Save dialogs.

Definition at line 3979 of file support.c.

VOID PhShellExecute ( _In_ HWND  hWnd,
_In_ PWSTR  FileName,
_In_opt_ PWSTR  Parameters 
)

Opens a file or location through the shell.

Parameters
hWndThe window to display user interface components on.
FileNameA file name or location.
ParametersThe parameters to pass to the executed application.

Definition at line 3184 of file support.c.

BOOLEAN PhShellExecuteEx ( _In_opt_ HWND  hWnd,
_In_ PWSTR  FileName,
_In_opt_ PWSTR  Parameters,
_In_ ULONG  ShowWindowType,
_In_ ULONG  Flags,
_In_opt_ ULONG  Timeout,
_Out_opt_ PHANDLE  ProcessHandle 
)

Opens a file or location through the shell.

Parameters
hWndThe window to display user interface components on.
FileNameA file name or location.
ParametersThe parameters to pass to the executed application.
ShowWindowTypeA value specifying how to show the application.
FlagsA combination of the following:
  • PH_SHELL_EXECUTE_ADMIN Execute the application elevated.
  • PH_SHELL_EXECUTE_PUMP_MESSAGES Waits on the application while pumping messages, if Timeout is specified.
TimeoutThe number of milliseconds to wait on the application, or 0 to return immediately after the application is started.
ProcessHandleA variable which receives a handle to the new process.

Definition at line 3219 of file support.c.

VOID PhShellExploreFile ( _In_ HWND  hWnd,
_In_ PWSTR  FileName 
)

Opens Windows Explorer with a file selected.

Parameters
hWndA handle to the parent window.
FileNameA file name.

Definition at line 3275 of file support.c.

VOID PhShellOpenKey ( _In_ HWND  hWnd,
_In_ PPH_STRING  KeyName 
)

Opens a key in the Registry Editor.

Parameters
hWndA handle to the parent window.
KeyNameThe key name to open.

Definition at line 3387 of file support.c.

VOID PhShellProperties ( _In_ HWND  hWnd,
_In_ PWSTR  FileName 
)

Shows properties for a file.

Parameters
hWndA handle to the parent window.
FileNameA file name.

Definition at line 3311 of file support.c.

BOOLEAN PhShowConfirmMessage ( _In_ HWND  hWnd,
_In_ PWSTR  Verb,
_In_ PWSTR  Object,
_In_opt_ PWSTR  Message,
_In_ BOOLEAN  Warning 
)

Displays a confirmation message.

Parameters
hWndThe owner window of the message box.
VerbA verb describing the operation, e.g. "terminate".
ObjectThe object of the operation, e.g. "the process".
MessageA message describing the operation.
WarningTRUE to display the confirmation message as a warning, otherwise FALSE.
Returns
TRUE if the user wishes to continue, otherwise FALSE.

Definition at line 524 of file support.c.

BOOLEAN PhShowContinueStatus ( _In_ HWND  hWnd,
_In_opt_ PWSTR  Message,
_In_ NTSTATUS  Status,
_In_opt_ ULONG  Win32Result 
)

Displays an error message for a NTSTATUS value or Win32 error code, and allows the user to cancel the current operation.

Parameters
hWndThe owner window of the message box.
MessageA message describing the operation that failed.
StatusA NTSTATUS value, or 0 if there is none.
Win32ResultA Win32 error code, or 0 if there is none.
Returns
TRUE if the user wishes to continue with the current operation, otherwise FALSE.

Definition at line 472 of file support.c.

BOOLEAN PhShowFileDialog ( _In_ HWND  hWnd,
_In_ PVOID  FileDialog 
)

Shows a file dialog to the user.

Parameters
hWndA handle to the parent window.
FileDialogThe file dialog.
Returns
TRUE if the user selected a file, FALSE if the user cancelled the operation or an error occurred.

Definition at line 3845 of file support.c.

INT PhShowMessage ( _In_ HWND  hWnd,
_In_ ULONG  Type,
_In_ PWSTR  Format,
  ... 
)

Displays a message box.

Parameters
hWndThe owner window of the message box.
TypeThe type of message box to display.
FormatA format string.
Returns
The user's response.

Definition at line 355 of file support.c.

INT PhShowMessage_V ( _In_ HWND  hWnd,
_In_ ULONG  Type,
_In_ PWSTR  Format,
_In_ va_list  ArgPtr 
)

Definition at line 369 of file support.c.

VOID PhShowStatus ( _In_ HWND  hWnd,
_In_opt_ PWSTR  Message,
_In_ NTSTATUS  Status,
_In_opt_ ULONG  Win32Result 
)

Displays an error message for a NTSTATUS value or Win32 error code.

Parameters
hWndThe owner window of the message box.
MessageA message describing the operation that failed.
StatusA NTSTATUS value, or 0 if there is none.
Win32ResultA Win32 error code, or 0 if there is none.

Definition at line 423 of file support.c.

VOID PhUpdateHash ( _Inout_ PPH_HASH_CONTEXT  Context,
_In_reads_bytes_(Length) PVOID  Buffer,
_In_ ULONG  Length 
)

Hashes a block of data.

Parameters
ContextA hashing context structure.
BufferThe block of data.
LengthThe number of bytes in the block.

Definition at line 4446 of file support.c.

NTSTATUS PhWaitForMultipleObjectsAndPump ( _In_opt_ HWND  hWnd,
_In_ ULONG  NumberOfHandles,
_In_ PHANDLE  Handles,
_In_ ULONG  Timeout 
)

Waits on multiple objects while processing window messages.

Parameters
hWndThe window to process messages for, or NULL to process all messages for the current thread.
NumberOfHandlesThe number of handles specified in Handles. This must not be greater than MAXIMUM_WAIT_OBJECTS - 1.
HandlesAn array of handles.
TimeoutThe number of milliseconds to wait on the objects, or INFINITE for no timeout.
Remarks
The wait is always in WaitAny mode.

Definition at line 2226 of file support.c.

Variable Documentation

DECLSPEC_SELECTANY ULONG PhMaxSizeUnit = MAXULONG32

Definition at line 52 of file support.c.

DECLSPEC_SELECTANY WCHAR* PhSizeUnitNames[7] = { L"B", L"kB", L"MB", L"GB", L"TB", L"PB", L"EB" }

Definition at line 51 of file support.c.