fix symbol lookup with invalid handles

Cheat Engine/NewKernelHandler.pas

@@ -1442,6 +1442,7 @@ procedure UseDBKOpenProcess;
 var
   nthookscript: Tstringlist;
   zwc: pointer;
+  func: pointer;
 begin
 {$ifdef windows}
   LoadDBK32;
@@ -1450,20 +1451,27 @@ begin
   OpenThread:=@OT;
 
   nthookscript:=tstringlist.create;
-  nthookscript.add('NtOpenProcess:');
-  nthookscript.add('jmp '+IntToHex(ptruint(@NOP),8));
-  autoassemble(nthookscript, false, true, false, true);
+
+  if not assigned(oldNtOpenProcess) then
+  begin
+    nthookscript.clear;
+    func:=GetProcAddress(NTDLLHandle,'NtOpenProcess');
+    generateAPIHookScript(nthookscript,IntToHex(ptruint(func),8),IntToHex(ptruint(@NOP),8),IntToHex(ptruint(@@oldNtOpenProcess),8),'0',true);
+    autoassemble(nthookscript, false, true, false, true);
+  end;
+
+
+
+  //nthookscript.add('NtOpenProcess:');
+  //nthookscript.add('jmp '+IntToHex(ptruint(@NOP),8));
+  //autoassemble(nthookscript, false, true, false, true);
 
 
   if not assigned(oldZwClose) then
   begin
     nthookscript.clear;
-
-    zwc:=GetProcAddress(NTDLLHandle,'NtClose');
-
-    generateAPIHookScript(nthookscript,IntToHex(ptruint(zwc),8),IntToHex(ptruint(@ZC),8),IntToHex(ptruint(@@oldZwClose),8),'0',true);
-   // clipboard.AsText:=nthookscript.Text;
-
+    func:=GetProcAddress(NTDLLHandle,'NtClose');
+    generateAPIHookScript(nthookscript,IntToHex(ptruint(func),8),IntToHex(ptruint(@ZC),8),IntToHex(ptruint(@@oldZwClose),8),'0',true);
     autoassemble(nthookscript, false, true, false, true);
   end;
 

Cheat Engine/dbk32/DBK32functions.pas

@@ -257,6 +257,7 @@ var hdevice: thandle=INVALID_HANDLE_VALUE; //handle to my the device driver
     oldZwClose: function (Handle: THandle): NTSTATUS; stdcall;
     oldNtQueryInformationProcess: function(ProcessHandle: HANDLE; ProcessInformationClass: PROCESSINFOCLASS; ProcessInformation: PVOID; ProcessInformationLength: ULONG; ReturnLength: PULONG): NTSTATUS; stdcall;
     oldNtReadVirtualMemory: function(ProcessHandle : HANDLE; BaseAddress : PVOID; Buffer : PVOID; BufferLength : ULONG; ReturnLength : PSIZE_T): NTSTATUS; stdcall;
+    oldNtOpenProcess: function(Handle: PHandle; AccessMask: dword; objectattributes: pointer; clientid: PClient_ID):DWORD; stdcall;
 
     NextPseudoHandle: integer=$ce000000;
     DoNotOpenProcessHandles: Boolean=false;
@@ -273,7 +274,7 @@ function {WriteProcessMemory}WPM(hProcess:THANDLE;lpBaseAddress:pointer;lpBuffer
 function {WriteProcessMemory}WriteProcessMemory64(hProcess:THANDLE;BaseAddress:qword;lpBuffer:pointer;nSize:DWORD;var NumberOfBytesWritten:PtrUInt):BOOL; stdcall;
 
 function {VirtualQueryEx}VQE(hProcess: THandle; address: pointer; var mbi: _MEMORY_BASIC_INFORMATION; bufsize: DWORD):dword; stdcall;
-Function {NtOpenProcess}NOP(var Handle: THandle; AccessMask: dword; objectattributes: pointer; clientid: PClient_ID):DWORD; stdcall;
+Function {NtOpenProcess}NOP(Handle: PHandle; AccessMask: dword; objectattributes: pointer; clientid: PClient_ID):DWORD; stdcall;
 Function {ZwClose}ZC(Handle: THandle): NTSTATUS; stdcall;
 
 function DBK_NtQueryInformationProcess(ProcessHandle: HANDLE; ProcessInformationClass: PROCESSINFOCLASS; ProcessInformation: PVOID; ProcessInformationLength: ULONG; ReturnLength: PULONG): NTSTATUS; stdcall;
@@ -1716,7 +1717,7 @@ begin
     end;
   end;
 
-  OutputDebugString('Unknown handle. Using original code');
+//  OutputDebugString('Unknown handle. Using original code');
   result:=oldNtQueryInformationProcess(ProcessHandle, ProcessInformationClass, ProcessInformation, ProcessInformationLength, ReturnLength);
 end;
 
@@ -1758,13 +1759,13 @@ begin
   if dwProcessId=0 then
     exit;
 
-  if not DoNotOpenProcessHandles then
+  if (not DoNotOpenProcessHandles) then
   begin
     if hdevice<>INVALID_HANDLE_VALUE then
     begin
       cc:=IOCTL_CE_OPENPROCESS;
 
-  //    OutputDebugString(inttostr(dwProcessid)+' OpenProcess kernelmode');
+     // OutputDebugString(inttostr(dwProcessid)+' OpenProcess kernelmode');
       if deviceiocontrol(hdevice,cc,@dwProcessId,4,@output,sizeof(output),x,nil) then
       begin
         result:=output.Processhandle;
@@ -1835,10 +1836,32 @@ begin
   if handle<>0 then result:=0 else result:=$c000000e;
 end;
 
-Function {NtOpenProcess}NOP(var Handle: THandle; AccessMask: dword; objectattributes: pointer; clientid: PClient_ID):DWORD; stdcall;
+Function {NtOpenProcess}NOP(Handle: PHandle; AccessMask: dword; objectattributes: pointer; clientid: PClient_ID):DWORD; stdcall;
+var h: thandle;
 begin
-  Handle:=OP(process_all_access,true,clientid.processid);
-  if handle<>0 then result:=0 else result:=$C000000E;
+  //comment this out to fix the c0000008 exception while debugging (do call oldNtOpenProcess)
+
+  //OutputDebugString('NtOpenProcess hook');
+  if ((hdevice<>INVALID_HANDLE_VALUE) and (clientid<>nil)) and (clientid^.processid<>GetCurrentProcessId) then
+  begin
+    h:=OP(process_all_access,true,clientid^.processid);
+    if h<>0 then
+    begin
+      result:=0;
+      if handle<>nil then
+      begin
+        try
+          handle^:=h;
+        except
+          result:=STATUS_ACCESS_VIOLATION;
+        end;
+      end;
+    end
+    else result:=$C000000E;
+
+  end
+  else
+    result:=oldNtOpenProcess(Handle, AccessMask, objectattributes, clientid);
 end;
 
 Function {ZwClose}ZC(Handle: THandle): NTSTATUS; stdcall;

Cheat Engine/symbolhandler.pas

@@ -1032,6 +1032,9 @@ begin
 
         SymbolsLoaded:=SymInitialize(thisprocesshandle, sp, true);
 
+        if symbolsloaded=false then
+          SymbolsLoaded:=SymInitialize(thisprocesshandle, sp, false);
+
         if symbolsloaded then
         begin
           symsetoptions(symgetoptions or SYMOPT_CASE_INSENSITIVE);