From d3f06a4e221732e6df075182fc812b262773836b Mon Sep 17 00:00:00 2001 From: Milan Hauth Date: Tue, 16 Apr 2024 15:08:02 +0200 Subject: [PATCH 01/12] fix C++ error: convert between void pointer and function pointer --- peloader/winnt_types.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/peloader/winnt_types.h b/peloader/winnt_types.h index 9ae9544..67d2aa5 100644 --- a/peloader/winnt_types.h +++ b/peloader/winnt_types.h @@ -1103,7 +1103,15 @@ IoSetCompletionRoutine(struct irp *irp, void *routine, void *context, BOOLEAN success, BOOLEAN error, BOOLEAN cancel) { struct io_stack_location *irp_sl = IoGetNextIrpStackLocation(irp); + +#ifdef __cplusplus + // https://stackoverflow.com/questions/1096341/function-pointers-casting-in-c + // fix: error: assigning to x from y converts between void pointer and function pointer + irp_sl->completion_routine = (typeof(irp_sl->completion_routine))(routine); +#else irp_sl->completion_routine = routine; +#endif + irp_sl->context = context; irp_sl->control = 0; if (success) From 7a68a6734d2ade34616c5604da2c35add53504c1 Mon Sep 17 00:00:00 2001 From: Milan Hauth Date: Tue, 16 Apr 2024 15:15:50 +0200 Subject: [PATCH 02/12] fix C++ error: invalid parameter name: 'this' is a keyword --- include/scanreply.h | 2 +- include/streambuffer.h | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/include/scanreply.h b/include/scanreply.h index be100db..c99c918 100644 --- a/include/scanreply.h +++ b/include/scanreply.h @@ -45,7 +45,7 @@ typedef struct _SCANSTRUCT { } SCANSTRUCT, *PSCANSTRUCT; typedef struct _SCAN_REPLY { - DWORD (*EngineScanCallback)(PSCANSTRUCT this); + DWORD (*EngineScanCallback)(PSCANSTRUCT _this); DWORD field_4; DWORD UserPtr; DWORD field_C; diff --git a/include/streambuffer.h b/include/streambuffer.h index 0368d67..d2f34d8 100644 --- a/include/streambuffer.h +++ b/include/streambuffer.h @@ -93,13 +93,13 @@ enum { typedef struct _STREAMBUFFER_DESCRIPTOR { PVOID UserPtr; - DWORD (* Read)(PVOID this, uint64_t Offset, PVOID Buffer, DWORD Size, PDWORD SizeRead); - DWORD (* Write)(PVOID this, uint64_t Offset, PVOID Buffer, DWORD Size, PDWORD TotalWritten); - DWORD (* GetSize)(PVOID this, uint64_t *FileSize); - DWORD (* SetSize)(PVOID this, uint64_t *FileSize); - PWCHAR (* GetName)(PVOID this); - DWORD (* SetAttributes)(PVOID this, DWORD Attribute, PVOID Data, DWORD DataSize); - DWORD (* GetAttributes)(PVOID this, DWORD Attribute, PVOID Data, DWORD DataSize, PDWORD DataSizeWritten); + DWORD (* Read)(PVOID _this, uint64_t Offset, PVOID Buffer, DWORD Size, PDWORD SizeRead); + DWORD (* Write)(PVOID _this, uint64_t Offset, PVOID Buffer, DWORD Size, PDWORD TotalWritten); + DWORD (* GetSize)(PVOID _this, uint64_t *FileSize); + DWORD (* SetSize)(PVOID _this, uint64_t *FileSize); + PWCHAR (* GetName)(PVOID _this); + DWORD (* SetAttributes)(PVOID _this, DWORD Attribute, PVOID Data, DWORD DataSize); + DWORD (* GetAttributes)(PVOID _this, DWORD Attribute, PVOID Data, DWORD DataSize, PDWORD DataSizeWritten); } STREAMBUFFER_DESCRIPTOR, *PSTREAMBUFFER_DESCRIPTOR; typedef struct _SCANSTREAM_PARAMS { From 55074b190e5a0a79f35313b7dcdc350cfa82cf4b Mon Sep 17 00:00:00 2001 From: Milan Hauth Date: Tue, 16 Apr 2024 15:17:46 +0200 Subject: [PATCH 03/12] fix header guard __RSIGNAL_H --- include/rsignal.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/rsignal.h b/include/rsignal.h index 87e9aff..5bba005 100644 --- a/include/rsignal.h +++ b/include/rsignal.h @@ -1,5 +1,5 @@ #ifndef __RSIGNAL_H -#define __RESIGNAL_H +#define __RSIGNAL_H #define RSIG_BASE 0x4000 #define RSIG_RESERVED1 0x4003 From 43e79fe320ae0560b89f7dd8b782b06aba81f843 Mon Sep 17 00:00:00 2001 From: Milan Hauth Date: Tue, 16 Apr 2024 15:25:16 +0200 Subject: [PATCH 04/12] fix type of pe_image.size --- peloader/ntoskernel.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/peloader/ntoskernel.h b/peloader/ntoskernel.h index 6e6f14f..d1f8f88 100644 --- a/peloader/ntoskernel.h +++ b/peloader/ntoskernel.h @@ -43,7 +43,7 @@ struct pe_image { char name[128]; BOOL WINAPI (*entry)(PVOID hinstDLL, DWORD fdwReason, PVOID lpvReserved); void *image; - int size; + size_t size; int type; IMAGE_NT_HEADERS *nt_hdr; From 65d70d389902b92dc8767bf90ae57abf4aa3011f Mon Sep 17 00:00:00 2001 From: Milan Hauth Date: Tue, 16 Apr 2024 15:43:37 +0200 Subject: [PATCH 05/12] fix C++ error: arithmetic on a pointer to void --- mpclient.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/mpclient.c b/mpclient.c index 5391235..a51a578 100644 --- a/mpclient.c +++ b/mpclient.c @@ -145,7 +145,12 @@ int main(int argc, char **argv, char **envp) // Fetch the headers to get base offsets. DosHeader = (PIMAGE_DOS_HEADER) image.image; +#ifdef __cplusplus + // fix: error: arithmetic on a pointer to void + PeHeader = (PIMAGE_NT_HEADERS)(static_cast(image.image) + DosHeader->e_lfanew); +#else PeHeader = (PIMAGE_NT_HEADERS)(image.image + DosHeader->e_lfanew); +#endif // Load any additional exports. if (!process_extra_exports(image.image, PeHeader->OptionalHeader.BaseOfCode, "engine/mpengine.map")) { From a687a7c1fcaf2989ae283c76567089b9c7d90ea4 Mon Sep 17 00:00:00 2001 From: Milan Hauth Date: Tue, 16 Apr 2024 15:55:13 +0200 Subject: [PATCH 06/12] fix C++ error: function definition is not allowed here --- mpclient.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/mpclient.c b/mpclient.c index a51a578..48f6453 100644 --- a/mpclient.c +++ b/mpclient.c @@ -178,7 +178,13 @@ int main(int argc, char **argv, char **envp) errx(EXIT_FAILURE, "Failed to resolve mpengine entrypoint"); } - EXCEPTION_DISPOSITION ExceptionHandler(struct _EXCEPTION_RECORD *ExceptionRecord, +#ifdef __cplusplus + // fix C++ error: function definition is not allowed here + PEXCEPTION_HANDLER ExceptionHandler = reinterpret_cast(+[]( +#else + EXCEPTION_DISPOSITION ExceptionHandler( +#endif + struct _EXCEPTION_RECORD *ExceptionRecord, struct _EXCEPTION_FRAME *EstablisherFrame, struct _CONTEXT *ContextRecord, struct _EXCEPTION_FRAME **DispatcherContext) @@ -186,6 +192,9 @@ int main(int argc, char **argv, char **envp) LogMessage("Toplevel Exception Handler Caught Exception"); abort(); } +#ifdef __cplusplus + ); +#endif VOID ResourceExhaustedHandler(int Signal) { From cf0665882e550cabe8dedc4a48c08d62c13e7b15 Mon Sep 17 00:00:00 2001 From: Milan Hauth Date: Tue, 16 Apr 2024 16:29:14 +0200 Subject: [PATCH 07/12] fix C++ error: function definition is not allowed here --- mpclient.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/mpclient.c b/mpclient.c index 48f6453..a6f78a8 100644 --- a/mpclient.c +++ b/mpclient.c @@ -196,10 +196,18 @@ int main(int argc, char **argv, char **envp) ); #endif +#ifdef __cplusplus + // fix C++ error: function definition is not allowed here + auto ResourceExhaustedHandler = [](int Signal) +#else VOID ResourceExhaustedHandler(int Signal) +#endif { errx(EXIT_FAILURE, "Resource Limits Exhausted, Signal %s", strsignal(Signal)); } +#ifdef __cplusplus + ; +#endif setup_nt_threadinfo(ExceptionHandler); From 67f1fe6b9043dc334dc29a634def5ade09679ef5 Mon Sep 17 00:00:00 2001 From: Milan Hauth Date: Tue, 16 Apr 2024 16:32:39 +0200 Subject: [PATCH 08/12] fix C++ error: assigning to 'PWCHAR' from incompatible type --- mpclient.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/mpclient.c b/mpclient.c index a6f78a8..57e3e0a 100644 --- a/mpclient.c +++ b/mpclient.c @@ -234,10 +234,12 @@ int main(int argc, char **argv, char **envp) BootParams.ClientVersion = BOOTENGINE_PARAMS_VERSION; BootParams.Attributes = BOOT_ATTR_NORMAL; - BootParams.SignatureLocation = L"engine"; - BootParams.ProductName = L"Legitimate Antivirus"; - EngineConfig.QuarantineLocation = L"quarantine"; - EngineConfig.Inclusions = L"*.*"; + // fix C++ error: assigning to 'PWCHAR' from incompatible type + //BootParams.SignatureLocation = L"engine"; + BootParams.SignatureLocation = (PWCHAR)"engine"; + BootParams.ProductName = (PWCHAR)"Legitimate Antivirus"; + EngineConfig.QuarantineLocation = (PWCHAR)"quarantine"; + EngineConfig.Inclusions = (PWCHAR)"*.*"; EngineConfig.EngineFlags = 1 << 1; BootParams.EngineInfo = &EngineInfo; BootParams.EngineConfig = &EngineConfig; From 63f01026a97c3fd1a2bde60beae4a44822b28624 Mon Sep 17 00:00:00 2001 From: Milan Hauth Date: Tue, 16 Apr 2024 16:35:47 +0200 Subject: [PATCH 09/12] fix C++ error: invalid parameter name: 'this' is a keyword --- mpclient.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/mpclient.c b/mpclient.c index 57e3e0a..b359481 100644 --- a/mpclient.c +++ b/mpclient.c @@ -91,21 +91,21 @@ static DWORD EngineScanCallback(PSCANSTRUCT Scan) return 0; } -static DWORD ReadStream(PVOID this, ULONGLONG Offset, PVOID Buffer, DWORD Size, PDWORD SizeRead) +static DWORD ReadStream(PVOID _this, ULONGLONG Offset, PVOID Buffer, DWORD Size, PDWORD SizeRead) { - fseek(this, Offset, SEEK_SET); - *SizeRead = fread(Buffer, 1, Size, this); + fseek(_this, Offset, SEEK_SET); + *SizeRead = fread(Buffer, 1, Size, _this); return TRUE; } -static DWORD GetStreamSize(PVOID this, PULONGLONG FileSize) +static DWORD GetStreamSize(PVOID _this, PULONGLONG FileSize) { - fseek(this, 0, SEEK_END); - *FileSize = ftell(this); + fseek(_this, 0, SEEK_END); + *FileSize = ftell(_this); return TRUE; } -static PWCHAR GetStreamName(PVOID this) +static PWCHAR GetStreamName(PVOID _this) { return L"input"; } From 7be2b75283fd6c6dc0cef5446ff1da58fb414e29 Mon Sep 17 00:00:00 2001 From: Milan Hauth Date: Tue, 16 Apr 2024 16:46:10 +0200 Subject: [PATCH 10/12] fix C++ error: no matching function for call to 'fseek' --- mpclient.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mpclient.c b/mpclient.c index b359481..d98049b 100644 --- a/mpclient.c +++ b/mpclient.c @@ -93,15 +93,15 @@ static DWORD EngineScanCallback(PSCANSTRUCT Scan) static DWORD ReadStream(PVOID _this, ULONGLONG Offset, PVOID Buffer, DWORD Size, PDWORD SizeRead) { - fseek(_this, Offset, SEEK_SET); - *SizeRead = fread(Buffer, 1, Size, _this); + fseek((FILE *)_this, Offset, SEEK_SET); + *SizeRead = fread((FILE *)Buffer, 1, Size, (FILE *)_this); return TRUE; } static DWORD GetStreamSize(PVOID _this, PULONGLONG FileSize) { - fseek(_this, 0, SEEK_END); - *FileSize = ftell(_this); + fseek((FILE *)_this, 0, SEEK_END); + *FileSize = ftell((FILE *)_this); return TRUE; } From 4fee665f929993e5e0693b917ab94f2eb495fe2d Mon Sep 17 00:00:00 2001 From: Milan Hauth Date: Tue, 16 Apr 2024 16:48:03 +0200 Subject: [PATCH 11/12] fix C++ error: cannot initialize return object of type 'PWCHAR' --- mpclient.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mpclient.c b/mpclient.c index d98049b..e2f9171 100644 --- a/mpclient.c +++ b/mpclient.c @@ -107,7 +107,7 @@ static DWORD GetStreamSize(PVOID _this, PULONGLONG FileSize) static PWCHAR GetStreamName(PVOID _this) { - return L"input"; + return (PWCHAR)"input"; } // These are available for pintool. From f8aae629f433395a1d7e9bc68744a2fc228f39b8 Mon Sep 17 00:00:00 2001 From: Milan Hauth Date: Wed, 17 Apr 2024 09:34:04 +0200 Subject: [PATCH 12/12] wchar_t to uint16_t --- peloader/winnt_types.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/peloader/winnt_types.h b/peloader/winnt_types.h index 67d2aa5..04bc206 100644 --- a/peloader/winnt_types.h +++ b/peloader/winnt_types.h @@ -144,7 +144,7 @@ typedef uint8_t *PBYTE; typedef uint8_t *LPBYTE; typedef int8_t CHAR; typedef char *PCHAR; -typedef wchar_t WCHAR; +typedef uint16_t WCHAR; typedef CHAR *LPSTR; typedef const char *LPCSTR; typedef WCHAR *LPWSTR;