organize includes, fix possible null pointer, update patternfind.c, change some types

2018-03-02 15:43:05 -08:00
parent 6f2b140060
commit 99778376ff
15 changed files with 108 additions and 98 deletions
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@@ -0,0 +1,22 @@
 Before you create an issue, make sure it has not already been reported.
 Then, make sure the following things are included in your issue:
 - wufuc version (can be viewed in Add & Remove Programs).
 - Operating system version and Service Pack (including 32- or 64-bit).
 - Short description of the issue.
 - Elaborate steps to reproduce the bug/issue being reported.
 - Attach wufuc's log file (located at `C:\ProgramData\wufuc\wufuc.log`).
 - Any supporting information that could help solve/understand the issue.
 Any issues that do not include these, or go more than a week without a
 response from the original poster will be subject to closure at my discretion.
 If you have questions, be sure to check here:
 - https://github.com/zeffy/wufuc/blob/master/FAQ.md
 It is common for issues to go unanswered for several days or even weeks,
 so please do not take offense at this. 
 I read every issue and usually only reply if there is clarification needed,
 or if there is a new release pending that will solve the issue.
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,31 +0,0 @@
 # Contributing guidelines
 [:de:] [:es:] [:fr:] [:it:] [:hungary:] [:brazil:] [:ru:] [:cn:] [:taiwan:]
 ## Reporting an issue [![](https://isitmaintained.com/badge/resolution/zeffy/wufuc.svg)](https://isitmaintained.com/project/zeffy/wufuc)
 ### Before you create an issue, please make sure of the following:
 - Are you using at least the [latest stable version](https://github.com/zeffy/wufuc/releases/latest)?
 - Have you tried restarting your computer?
 ### After you've confirmed those things, please create an issue and include the following information:
 - Navigate to where you installed wufuc, and attach `wufuc.log` to your issue.
 - What is the file version and/or SHA-1 hash of `C:\Windows\System32\wuaueng.dll`?
 - Any other information you feel is relevant to your issue.
 ## Closure policy
 - Issues that don't have the information requested above (when applicable) will be closed immediately and the poster directed to the contributing guidelines.
 - Issues that go a week without a response from original poster are subject to closure at my discretion.
 [:de:]: https://github.com/zeffy/wufuc/wiki/CONTRIBUTING-(Deutsch)
 [:es:]: https://github.com/zeffy/wufuc/wiki/CONTRIBUTING-(Espa%C3%B1ol)
 [:fr:]: https://github.com/zeffy/wufuc/wiki/CONTRIBUTING-(Fran%C3%A7ais)
 [:it:]: https://github.com/zeffy/wufuc/wiki/CONTRIBUTING-(Italiano)
 [:hungary:]: https://github.com/zeffy/wufuc/wiki/CONTRIBUTING-(Magyar)
 [:brazil:]: https://github.com/zeffy/wufuc/wiki/CONTRIBUTING-(Portugu%C3%AAs%20Brasileiro)
 [:ru:]: https://github.com/zeffy/wufuc/wiki/CONTRIBUTING-(%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9)
 [:cn:]: https://github.com/zeffy/wufuc/wiki/CONTRIBUTING-(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)
 [:taiwan:]: https://github.com/zeffy/wufuc/wiki/CONTRIBUTING-(%E7%B9%81%E9%AB%94%E4%B8%AD%E6%96%87)
--- a/FAQ.md
+++ b/FAQ.md
@@ -0,0 +1,26 @@
 # FAQ
 ## How to deploy wufuc using Group Policy
 [There is a tutorial on the Advanced Installer website that explains how to do this](http://www.advancedinstaller.com/user-guide/tutorial-gpo.html).
 ## How to use unattended feature in the batch setup scripts
 `install_wufuc.bat` and `uninstall_wufuc.bat` both support two command line parameters that can be used alone, or combined to change the behavior of the scripts:
 - `/NORESTART` - Automatically declines rebooting after the setup finishes.
 - `/UNATTENDED` - Skips all prompts for user interaction, and automatically restarts unless `/NORESTART` is also specified.
 These must be used from an elevated command line prompt.
 ## How to manually remove wufuc v0.8.0.143 when it is impossible to uninstall it normally
 This only applies to wufuc version 0.8.0.143, which was only available for download for a short period of time. Other versions are unaffected.
 1. [Boot into Safe Mode with Command Prompt](https://support.microsoft.com/en-us/help/17419/windows-7-advanced-startup-options-safe-mode).
 2. In the command prompt type `regedit` and press enter.
 3. Navigate to the key `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options`
 4. Expand the `Image File Execution Options` tree.
 5. Locate the `svchost.exe` sub key, right-click it and press **Delete**.
 6. Reboot, and you should be able to log in normally again.
 7. Open Add and Remove Programs, locate and run the normal wufuc uninstaller to complete the removal process.
--- a/README.md
+++ b/README.md
@@ -11,7 +11,7 @@ Disables the "Unsupported Hardware" message in Windows Update, and allows you to
 [Unstable builds][AppVeyor] - Probably contains bugs; do not report issues with these builds.
-## Donate
+## Donate :heart:
 [**Click here for donation options!**](https://github.com/zeffy/wufuc/blob/master/DONATE.md)
@@ -24,9 +24,7 @@ The release notes for Windows updates KB4012218 and KB4012219 included the follo
 These updates marked the implementation of a [policy change](https://blogs.windows.com/windowsexperience/2016/01/15/windows-10-embracing-silicon-innovation/) they announced some time ago, where Microsoft stated that they would not be supporting Windows 7 or 8.1 on next-gen Intel, AMD and Qualcomm processors.
 This was essentially a big middle finger to anyone who decides to not "upgrade" to the steaming pile of :shit: known as Windows 10, especially considering the extended support periods for Windows 7 and 8.1 won't be ending until January 4, 2020 and January 10, 2023 respectively.
-## Some people with older Intel and AMD processors are also affected!
+Some people with older Intel and AMD processors are also affected! I've received user reports of the following CPUs all being blocked from receiving updates:
 I've received user reports of the following CPUs all being blocked from receiving updates:
 - [Intel Atom Z530](https://github.com/zeffy/wufuc/issues/7)
 - [Intel Atom D525](https://github.com/zeffy/wufuc/issues/34)
@@ -38,7 +36,10 @@ I've received user reports of the following CPUs all being blocked from receivin
 ## Bad Microsoft!
-If you are interested, you can read my original write up on discovering the CPU check [here](https://github.com/zeffy/wufuc/tree/old-kb4012218-19).
+If you are interested, you can read my original write-up on discovering the CPU check [here](https://github.com/zeffy/wufuc/tree/old-kb4012218-19).
 Basically, inside a system file named `wuaueng.dll`, there are two functions responsible for the CPU check: `IsDeviceServiceable(void)` and `IsCPUSupported(void)`. 
 `IsDeviceServiceable` simply calls `IsCPUSupported` once, and then re-uses the result that it receives on subsequent calls.
 ## Features
@@ -49,51 +50,22 @@ If you are interested, you can read my original write up on discovering the CPU
 - Byte pattern-based patching, which means it will usually keep working even after new updates come out.
 - No dependencies.
 ## Frequently Asked Questions
 See [FAQ.md](https://github.com/zeffy/wufuc/blob/master/FAQ.md).
 ## How it works
-Basically, inside a system file called `wuaueng.dll` there are two functions responsible for the CPU check: `IsDeviceServiceable(void)` and `IsCPUSupported(void)`. 
+This is a basic run-down of what wufuc does when you install it:
 `IsDeviceServiceable` simply calls `IsCPUSupported` once, and then re-uses the result that it receives on subsequent calls.
 My patch takes advantage of this behavior by patching a couple of boolean values and basically making Windows Update think that it has already checked your processor, and the result was that it is indeed supported.
 - The installer registers a scheduled task that automatically starts wufuc on system boot/user log on.
 - Depending on how the Windows Update service is configured to run, wufuc will:
    * **Shared process**: inject itself into the service host process that Windows Update will run in when it starts.
    * **Own process**: wait for the Windows Update service to start and then inject into it.
- After that, wufuc will install some API hooks when appropriate:
+- Once injected, wufuc will hook some functions where appropriate:
    * `LoadLibraryExW` hook will automatically hook the `IsDeviceServiceable()` function inside `wuaueng.dll` when it is loaded.
    * `RegQueryValueExW` hook is necessary to provide compatibility with [UpdatePack7R2](../../issues/100). This hook not applied when `wuauserv` is configured to run in its own process.
 ## FAQ
 ### How to deploy wufuc using Group Policy
 [There is a tutorial on the Advanced Installer website that explains how to do this](http://www.advancedinstaller.com/user-guide/tutorial-gpo.html).
 ### How to use unattended feature in the batch setup scripts
 `install_wufuc.bat` and `uninstall_wufuc.bat` both support two command line parameters that can be used alone, or combined to change the behavior of the scripts:
 - `/NORESTART` - Automatically declines rebooting after the setup finishes.
 - `/UNATTENDED` - Skips all prompts for user interaction, and automatically restarts unless `/NORESTART` is also specified.
 These must be used from an elevated command line prompt.
 ### How to manually remove wufuc v0.8.0.x when it is impossible to uninstall it normally
 This only applies to wufuc version 0.8.0.x, which was only available for download for a short period of time. Other versions are unaffected. 
 There was a fundamental issue with the method I tried using in this version that caused very serious system instability, such as User Account Control breaking, getting a black screen with just a cursor at boot or after logging out, or very slow overall system performance from multiple services crashing repeatedly which would eventually end in a blue screen of death. Many of these issues unfortunately made uninstalling wufuc nearly impossible. I apologize for any inconvenience this version of wufuc may have caused.
 #### To manually uninstall wufuc v0.8.0.x:
 1. [Boot into Safe Mode with Command Prompt](https://support.microsoft.com/en-us/help/17419/windows-7-advanced-startup-options-safe-mode).
 2. In the command prompt type `regedit` and press enter.
 3. Navigate to the key `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options`
 4. Expand the `Image File Execution Options` tree.
 5. Locate the `svchost.exe` sub key, right-click it and press **Delete**.
 6. Reboot, and you should be able to log in normally again.
 7. Open Add and Remove Programs, locate and run the normal wufuc uninstaller to complete the removal process.
 ## Sponsors
 ### [Advanced Installer](https://www.advancedinstaller.com/)
--- a/src/wufuc.sln
+++ b/src/wufuc.sln
@@ -1,7 +1,7 @@
 Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio 15
-VisualStudioVersion = 15.0.27130.2024
+VisualStudioVersion = 15.0.27130.2036
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "wufuc", "wufuc\wufuc.vcxproj", "{00F96695-CE41-4C2F-A344-6219DFB4F887}"
 EndProject
@@ -13,6 +13,20 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "wufuc_setup_bat", "wufuc_se
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "AdvancedInstallerHelper", "AdvancedInstallerHelper\AdvancedInstallerHelper.vcxproj", "{12498D61-02AF-4C13-925D-E130EEDE2543}"
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Repository Items", "Repository Items", "{E7EDB493-4D31-4646-8537-C515613689A6}"
 	ProjectSection(SolutionItems) = preProject
 		..\.gitignore = ..\.gitignore
 		..\appveyor.yml = ..\appveyor.yml
 		..\COPYING = ..\COPYING
 		..\DONATE.md = ..\DONATE.md
 		..\README.md = ..\README.md
 	EndProjectSection
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = ".github", ".github", "{ACE23C8E-C137-4B93-9147-DCF126E1248E}"
 	ProjectSection(SolutionItems) = preProject
 		..\.github\ISSUE_TEMPLATE.md = ..\.github\ISSUE_TEMPLATE.md
 	EndProjectSection
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|x64 = Debug|x64
@@ -39,6 +53,9 @@ Global
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
 	EndGlobalSection
 	GlobalSection(NestedProjects) = preSolution
 		{ACE23C8E-C137-4B93-9147-DCF126E1248E} = {E7EDB493-4D31-4646-8537-C515613689A6}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {5070ABC4-3344-4D6E-B744-E3508B10A327}
 	EndGlobalSection
--- a/src/wufuc/callbacks.c
+++ b/src/wufuc/callbacks.c
@@ -1,5 +1,4 @@
 #include "stdafx.h"
 #include "context.h"
 #include "callbacks.h"
 #include "hooks.h"
@@ -89,7 +88,13 @@ DWORD WINAPI cb_start(context *ctx)
        str = (wchar_t *)reg_query_value_alloc(HKEY_LOCAL_MACHINE,
                L"SYSTEM\\CurrentControlSet\\services\\wuauserv\\Parameters",
                L"ServiceDll", NULL, NULL);
        if ( !str ) {
 abort_hook:
                MH_RemoveHook(g_pfnRegQueryValueExW);
                goto release;
        }
        g_pszWUServiceDll = env_expand_strings_alloc(str, NULL);
        if ( !g_pszWUServiceDll ) goto abort_hook;
        free(str);
        MH_CreateHookApi(L"kernel32.dll",
@@ -97,9 +102,8 @@ DWORD WINAPI cb_start(context *ctx)
                LoadLibraryExW_hook,
                &(PVOID)g_pfnLoadLibraryExW);
-        if ( g_pszWUServiceDll
+        if ( GetModuleHandleExW(0, g_pszWUServiceDll, &hModule)
-                && (GetModuleHandleExW(0, g_pszWUServiceDll, &hModule)
+                || GetModuleHandleExW(0, PathFindFileNameW(g_pszWUServiceDll), &hModule) ) {
                        || GetModuleHandleExW(0, PathFindFileNameW(g_pszWUServiceDll), &hModule))) {
                // hook IsDeviceServiceable if wuaueng.dll is already loaded
                wufuc_hook(hModule);
@@ -110,7 +114,7 @@ DWORD WINAPI cb_start(context *ctx)
        // wait for unload event or parent mutex to be abandoned.
        // for example if the user killed rundll32.exe with task manager.
-        result = WaitForMultipleObjects(_countof(ctx->handles), ctx->handles, FALSE, INFINITE);
+        result = WaitForMultipleObjects(ctx->count, ctx->handles, FALSE, INFINITE);
        trace(L"Unload condition has been met.");
        switch ( result ) {
--- a/src/wufuc/context.c
+++ b/src/wufuc/context.c
@@ -1,5 +1,6 @@
 #include "stdafx.h"
 #include "context.h"
 #include <sddl.h>
 static bool ctxp_remove_handle(context *ctx, unsigned Index)
--- a/src/wufuc/dllmain.c
+++ b/src/wufuc/dllmain.c
@@ -1,4 +1,5 @@
 #include "stdafx.h"
 #include <minhook.h>
 BOOL APIENTRY DllMain(HMODULE hModule,
--- a/src/wufuc/hooks.c
+++ b/src/wufuc/hooks.c
@@ -1,9 +1,8 @@
 #include "stdafx.h"
-
+#include "context.h"
 #include "hooks.h"
 #include "log.h"
 #include "registryhelper.h"
 #include "context.h"
 #include "wufuc.h"
 wchar_t *g_pszWUServiceDll;
--- a/src/wufuc/log.c
+++ b/src/wufuc/log.c
@@ -1,4 +1,5 @@
 #include "stdafx.h"
 #include "log.h"
 void logp_debug_write(const wchar_t *const format, ...)
--- a/src/wufuc/patternfind.c
+++ b/src/wufuc/patternfind.c
@@ -144,7 +144,7 @@ void patternwrite(uint8_t *data, size_t datasize, const char *pattern)
        if ( patterntransform(pattern, writepattern, writepatternsize) ) {
                DWORD OldProtect;
-                BOOL result = VirtualProtect(data, writepatternsize, PAGE_READWRITE, &OldProtect);
+                BOOL result = VirtualProtect(data, writepatternsize, PAGE_EXECUTE_READWRITE, &OldProtect);
                if ( writepatternsize > datasize )
                        writepatternsize = datasize;
                for ( size_t i = 0; i < writepatternsize; i++ )
--- a/src/wufuc/registryhelper.c
+++ b/src/wufuc/registryhelper.c
@@ -1,11 +1,10 @@
 #include "stdafx.h"
 #include "registryhelper.h"
 #include <sddl.h>
 PVOID reg_get_value_alloc(
        HKEY hKey,
-        const wchar_t *SubKey,
+        LPCWSTR SubKey,
-        const wchar_t *Value,
+        LPCWSTR Value,
        DWORD dwFlags,
        LPDWORD pdwType,
        LPDWORD pcbData)
@@ -31,8 +30,8 @@ PVOID reg_get_value_alloc(
 LPBYTE reg_query_value_alloc(
        HKEY hKey,
-        const wchar_t *SubKey,
+        LPCWSTR SubKey,
-        const wchar_t *Value,
+        LPCWSTR Value,
        LPDWORD pdwType,
        LPDWORD pcbData)
 {
@@ -100,15 +99,15 @@ PVOID reg_query_key_alloc(
        return result;
 }
-wchar_t *env_expand_strings_alloc(const wchar_t *src, LPDWORD pcchLength)
+LPWSTR env_expand_strings_alloc(LPCWSTR Src, LPDWORD pcchLength)
 {
-        wchar_t *result;
+        LPWSTR result;
        DWORD buffersize;
        DWORD size;
-        buffersize = ExpandEnvironmentStringsW(src, NULL, 0);
+        buffersize = ExpandEnvironmentStringsW(Src, NULL, 0);
        result = calloc(buffersize, sizeof *result);
-        size = ExpandEnvironmentStringsW(src, result, buffersize);
+        size = ExpandEnvironmentStringsW(Src, result, buffersize);
        if ( !size || size > buffersize ) {
                free(result);
                result = NULL;
--- a/src/wufuc/registryhelper.h
+++ b/src/wufuc/registryhelper.h
@@ -2,19 +2,19 @@
 PVOID reg_get_value_alloc(
        HKEY hkey,
-        const wchar_t *pSubKey,
+        LPCWSTR pSubKey,
-        const wchar_t *pValue,
+        LPCWSTR pValue,
        DWORD dwFlags,
        LPDWORD pdwType,
        LPDWORD pcbData);
 LPBYTE reg_query_value_alloc(
        HKEY hKey,
-        const wchar_t *pSubKey,
+        LPCWSTR pSubKey,
-        const wchar_t *pValueName,
+        LPCWSTR pValueName,
        LPDWORD pType,
        LPDWORD pcbData);
 PVOID reg_query_key_alloc(
        HANDLE KeyHandle,
        KEY_INFORMATION_CLASS KeyInformationClass,
        PULONG pResultLength);
-wchar_t *env_expand_strings_alloc(const wchar_t *src, LPDWORD pcchLength);
+LPWSTR env_expand_strings_alloc(LPCWSTR Src, LPDWORD pcchLength);
--- a/src/wufuc/rundll32.c
+++ b/src/wufuc/rundll32.c
@@ -1,10 +1,10 @@
 #include "stdafx.h"
 #include "context.h"
 #include "callbacks.h"
 #include "log.h"
 #include "modulehelper.h"
 #include "registryhelper.h"
 #include "servicehelper.h"
 #include "log.h"
 #include "wufuc.h"
 void CALLBACK RUNDLL32_StartW(HWND hwnd, HINSTANCE hinst, LPWSTR lpszCmdLine, int nCmdShow)
--- a/src/wufuc/wufuc.c
+++ b/src/wufuc/wufuc.c
@@ -1,12 +1,11 @@
 #include "stdafx.h"
 #include "context.h"
 #include "wufuc.h"
 #include "modulehelper.h"
 #include "versionhelper.h"
 #include "hooks.h"
 #include "log.h"
 #include "modulehelper.h"
 #include "patternfind.h"
 #include "versionhelper.h"
 #include <minhook.h>