#include "pch.h" #include "bs1fltctrl_helper.h" #include "strsafe.h" Bs1fltControl::Bs1fltControl() { } Bs1fltControl::~Bs1fltControl() { } DWORD Bs1fltControl::Init(LPCTSTR path, fpCallBack logcb) { DWORD state = 0; WCHAR syspath[MAX_PATH] = { 0, }; wstring dllpath = path; current_path_ = dllpath; dllpath += L"\\bs1fltctrl.dll"; h_ = LoadLibraryW(dllpath.c_str()); if (h_ == NULL) { return 1; } PVOID fuc[29] = { NULL, }; fuc[0] = Bs1FltCleanup = (fpCleanup)GetProcAddress(h_, (LPCSTR)MAKELONG(1, 0)); fuc[1] = Bs1FltInit = (fpInit)GetProcAddress(h_, (LPCSTR)MAKELONG(2, 0)); fuc[2] = Bs1FltSetPath = (fpSetPath)GetProcAddress(h_, (LPCSTR)MAKELONG(3, 0)); fuc[3] = Bs1FltDelPath = (fpDelPath)GetProcAddress(h_, (LPCSTR)MAKELONG(4, 0)); fuc[4] = Bs1FltBegin = (fpBegin)GetProcAddress(h_, (LPCSTR)MAKELONG(5, 0)); fuc[5] = Bs1FltSetPid = (fpSetPid)GetProcAddress(h_, (LPCSTR)MAKELONG(6, 0)); fuc[6] = Bs1FltDelPid = (fpDelPid)GetProcAddress(h_, (LPCSTR)MAKELONG(7, 0)); fuc[7] = Bs1FltDebug = (fpDebug)GetProcAddress(h_, (LPCSTR)MAKELONG(8, 0)); fuc[8] = Bs1FltSetProcessPath = (fpSetProcessPath)GetProcAddress(h_, (LPCSTR)MAKELONG(9, 0)); fuc[9] = Bs1FltDelProcessPath = (fpDelProcessPath)GetProcAddress(h_, (LPCSTR)MAKELONG(10, 0)); fuc[10] = Bs1FltFolderProtectControl = (fpFolderProtectControl)GetProcAddress(h_, (LPCSTR)MAKELONG(11, 0)); fuc[11] = Bs1FltStartShareWatch = (fpStartShareWatch)GetProcAddress(h_, (LPCSTR)MAKELONG(12, 0)); fuc[12] = Bs1FltSetFileName = (fpSetFileName)GetProcAddress(h_, (LPCSTR)MAKELONG(13, 0)); fuc[13] = Bs1FltDeleteFile = (fpDeleteFile)GetProcAddress(h_, (LPCSTR)MAKELONG(14, 0)); fuc[14] = Bs1FltTerminateProcess = (fpTerminateProcess)GetProcAddress(h_, (LPCSTR)MAKELONG(15, 0)); fuc[15] = Bs1FltSetHook = (fpSetHook)GetProcAddress(h_, (LPCSTR)MAKELONG(16, 0)); fuc[16] = Bs1FltSetPolicy = (fpSetPolicy)GetProcAddress(h_, (LPCSTR)MAKELONG(17, 0)); fuc[17] = Bs1FltProcessProtect = (fpProcessProtect)GetProcAddress(h_, (LPCSTR)MAKELONG(18, 0)); fuc[18] = Bs1FltSetProcessProtectName = (fpSetProcessProtectName)GetProcAddress(h_, (LPCSTR)MAKELONG(19, 0)); fuc[19] = Bs1FltDelProcessProtectName = (fpDelProcessProtectName)GetProcAddress(h_, (LPCSTR)MAKELONG(20, 0)); fuc[20] = Bs1FltSetProcessProtectId = (fpSetProcessProtectId)GetProcAddress(h_, (LPCSTR)MAKELONG(21, 0)); fuc[21] = Bs1FltDelProcessProtectId = (fpDelProcessProtectId)GetProcAddress(h_, (LPCSTR)MAKELONG(22, 0)); fuc[22] = Bs1FltSetRegProtect = (fpSetRegProtect)GetProcAddress(h_, (LPCSTR)MAKELONG(23, 0)); fuc[23] = Bs1FltSetRegProtectName = (fpSetRegProtectName)GetProcAddress(h_, (LPCSTR)MAKELONG(24, 0)); fuc[24] = Bs1FltDelRegProtectName = (fpDelRegProtectName)GetProcAddress(h_, (LPCSTR)MAKELONG(25, 0)); fuc[25] = Bs1fltSetDeviceProtect = (fpBs1fltSetDeviceProtect)GetProcAddress(h_, (LPCSTR)MAKELONG(26, 0)); fuc[26] = Bs1fltSetUsbException = (fpBs1fltSetUsbException)GetProcAddress(h_, (LPCSTR)MAKELONG(27, 0)); fuc[27] = Bs1fltSetUsbPortException = (fpBs1fltSetUsbPortException)GetProcAddress(h_, (LPCSTR)MAKELONG(28, 0)); fuc[28] = Bs1fltDelUsbPortException = (fpBs1fltDelUsbPortException)GetProcAddress(h_, (LPCSTR)MAKELONG(29, 0)); for (DWORD i = 0; i < ARRAYSIZE(fuc); ++i) { if (fuc[i] == NULL) { return 1; } } //GetSystemDirectoryW(syspath, ARRAYSIZE(syspath)); //StringCbCatW(syspath, sizeof(syspath), L"\\Drivers"); state = Bs1FltInit(path, logcb, NULL); state = Bs1FltSetPid(PG_PID_ALLOW, GetCurrentProcessId()); return state; }