MCH3: W10 32b MCH driver's GetExeFileName

c++ / delphi package - dll injection and api hooking

MCH3: W10 32b MCH driver's GetExeFileName

Postby EaSy » Fri Mar 24, 2017 12:43 pm

Hi,
we have some problems with MCH driver's GetExeFileName function in W10 32b.

I looked at your code and there is huge difference how you get process name from the system because of w2000 support.

Lets say we have an application with NBS path \\server\\apps\app.exe. We map this path as a disk (\\server\\apps is now Y:). There is a difference between your 32b and 64b code. If I run this app as \\server\\apps\app.exe it is OK on both versions. If I run Y:\app.exe it is matched as a Y:\app.exe on 32b, but it is matched as \\server\\apps\app.exe on 64b. I believe that 64b code is correct, because it is easier to setup network app rule simply as: "\\server\\apps\app.exe" and not to care about any mountpoint that was set up.

If I delete that _WIN64 define and user the 64b code for 32b and 64b it works correctly in all cases.

So I suggest to drop w2000 support. :o
Thx.

PP
EaSy
 
Posts: 146
Joined: Tue Oct 23, 2012 12:33 pm

Re: MCH3: W10 32b MCH driver's GetExeFileName

Postby madshi » Tue Mar 28, 2017 1:51 pm

I've changed the code now to still support Windows 2000, but to always use the "better" code if we're on XP/2003 or newer.
madshi
Site Admin
 
Posts: 9340
Joined: Sun Mar 21, 2004 5:25 pm

Re: MCH3: W10 32b MCH driver's GetExeFileName

Postby EaSy » Tue Apr 04, 2017 5:51 am

Hi,
great, thx.

PP
EaSy
 
Posts: 146
Joined: Tue Oct 23, 2012 12:33 pm


Return to madCodeHook

Who is online

Users browsing this forum: No registered users and 3 guests