// DSASMER.cpp : 定義應用程序的入口點。
//
#include <windows.h>
#include "DSASMER.h"
#include <vector>
#include <map>
#include "fastlist.h"
#include "PEFuncs.h"
#include "Disasm.h"
#include "HDisasm.h"

using namespace std;

// 全局變量:
HINSTANCE hInst;								// 當前實例
TCHAR szTitle[MAX_LOADSTRING];					// 標題欄文本
TCHAR szWindowClass[MAX_LOADSTRING];			// 主窗口類名
TCHAR szFileName[MAX_STRINGLEN];				// 打開的文件名
MAP_FILE_STRUCT stMapFile={0,0,0};				// 內存映射文件
FLDATA g_stFList;								// 快速列表控件
vector<DISASSEMBLY> g_stDisasmList;				// 反匯編后的結果集合
vector<char *>		g_stPCHList;				// 分配的內存集合

FLDATA g_stFLShowIMP;							// 輸入表顯示窗口控件
map<DWORD,ImportFunc> ImportFuncMap;			// 輸入函數表
typedef pair <DWORD,ImportFunc> ImportFuncPair;


// 此代碼模塊中包含的函數的前向聲明:
ATOM				MyRegisterClass(HINSTANCE hInstance);
BOOL				InitInstance(HINSTANCE, int);
LRESULT CALLBACK	WndProc(HWND, UINT, WPARAM, LPARAM);
LRESULT CALLBACK	About(HWND, UINT, WPARAM, LPARAM);

int APIENTRY WinMain(HINSTANCE hInstance,
                     HINSTANCE hPrevInstance,
                     LPTSTR    lpCmdLine,
                     int       nCmdShow)
{
 	// TODO: 在此放置代碼。
	MSG msg;
	HACCEL hAccelTable;

	// 初始化全局字符串
	LoadString(hInstance, IDS_APP_TITLE, szTitle, MAX_LOADSTRING);
	LoadString(hInstance, IDC_DSASMER, szWindowClass, MAX_LOADSTRING);
	MyRegisterClass(hInstance);

	// 執行應用程序初始化:
	if (!InitInstance (hInstance, nCmdShow)) 
	{
		return FALSE;
	}

	hAccelTable = LoadAccelerators(hInstance, (LPCTSTR)IDC_DSASMER);

	// 主消息循環:
	while (GetMessage(&msg, NULL, 0, 0)) 
	{
		if (!TranslateAccelerator(msg.hwnd, hAccelTable, &msg)) 
		{
			TranslateMessage(&msg);
			DispatchMessage(&msg);
		}
	}

	return (int) msg.wParam;
}



//
//  函數: MyRegisterClass()
//
//  目的: 注冊窗口類。
//
//  注釋: 
//
//    僅當希望在已添加到 Windows 95 的
//    “RegisterClassEx”函數之前此代碼與 Win32 系統兼容時，
//    才需要此函數及其用法。調用此函數
//    十分重要，這樣應用程序就可以獲得關聯的
//   “格式正確的”小圖標。
//
ATOM MyRegisterClass(HINSTANCE hInstance)
{
	WNDCLASSEX wcex;

	wcex.cbSize = sizeof(WNDCLASSEX); 

	wcex.style			= CS_HREDRAW | CS_VREDRAW;
	wcex.lpfnWndProc	= (WNDPROC)WndProc;
	wcex.cbClsExtra		= 0;
	wcex.cbWndExtra		= 0;
	wcex.hInstance		= hInstance;
	wcex.hIcon			= LoadIcon(hInstance, (LPCTSTR)IDI_DSASMER);
	wcex.hCursor		= LoadCursor(NULL, IDC_ARROW);
	wcex.hbrBackground	= (HBRUSH)(COLOR_WINDOW+1);
	wcex.lpszMenuName	= (LPCTSTR)IDC_DSASMER;
	wcex.lpszClassName	= szWindowClass;
	wcex.hIconSm		= LoadIcon(wcex.hInstance, (LPCTSTR)IDI_SMALL);

	return RegisterClassEx(&wcex);
}

//
//   函數: InitInstance(HANDLE, int)
//
//   目的: 保存實例句柄并創建主窗口
//
//   注釋: 
//
//        在此函數中，我們在全局變量中保存實例句柄并
//        創建和顯示主程序窗口。
//
BOOL InitInstance(HINSTANCE hInstance, int nCmdShow)
{
   HWND hWnd;

   hInst = hInstance; // 將實例句柄存儲在全局變量中

   hWnd = CreateWindow(szWindowClass, szTitle, WS_OVERLAPPED|WS_CAPTION|WS_SYSMENU|WS_MINIMIZEBOX,
      CW_USEDEFAULT, 0, 807,600, NULL, NULL, hInstance, NULL);

   if (!hWnd)
   {
      return FALSE;
   }

   ShowWindow(hWnd, nCmdShow);
   UpdateWindow(hWnd);
	
   g_stFList.hwnd = hWnd;
   return TRUE;
}

//
//  函數: WndProc(HWND, unsigned, WORD, LONG)
//
//  目的: 處理主窗口的消息。
//
//  WM_COMMAND	- 處理應用程序菜單
//  WM_PAINT	- 繪制主窗口
//  WM_DESTROY	- 發送退出消息并返回
//
//
LRESULT CALLBACK WndProc(HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam)
{
	int wmId, wmEvent;
	PAINTSTRUCT ps;
	HDC hdc;

	switch (message) 
	{
	case WM_COMMAND:
		wmId    = LOWORD(wParam); 
		wmEvent = HIWORD(wParam); 
		// 分析菜單選擇:
		switch (wmId)
		{
		case IDM_ABOUT:
			DialogBox(hInst, (LPCTSTR)IDD_ABOUTBOX, hWnd, (DLGPROC)About);
			break;
		case IDM_EXIT:
			DestroyWindow(hWnd);
			break;
		case IDM_OPENFILE:
			if(!OpenFileDlg(hWnd))
				return false;
			g_stFList.hInstance = hInst;
			g_stFList.hwnd = hWnd;
			g_stFList.dwBackColor = RGB(252,255,230);
			g_stFList.dwHeightOfRow = 20;
			g_stFList.flHeader.headerBackColor = RGB(221,240,255);
			g_stFList.flHeader.headerFrontColor = RGB(0,0,0);
			initFastListControl(g_stFList);
			flSetHeader(g_stFList,4,140,160,280,200,"Address","OpCode","Disassemble","Comment");
			//flAddNewRow(g_stFList,"123","456","789","0");
			DasmAndShow();
			flSetNewView(g_stFList,1);
			break;
		case IDM_GOENTRY:
			gotoTheEntry();
			break;
		case IDM_SHOWPEIMPORT:
			ShowPeImport();
			break;
			return DefWindowProc(hWnd, message, wParam, lParam);
		}
		break;
	case WM_PAINT:
		hdc = BeginPaint(hWnd, &ps);
		// TODO: 在此添加任意繪圖代碼...
		EndPaint(hWnd, &ps);
		break;
	case WM_DESTROY:
		flClose(g_stFList);
		for(int i=0;i<g_stPCHList.size();i++)
			free(g_stPCHList[i]);
		PostQuitMessage(0);
		break;
	default:
		return DefWindowProc(hWnd, message, wParam, lParam);
	}
	return 0;
}

// “關于”框的消息處理程序。
LRESULT CALLBACK About(HWND hDlg, UINT message, WPARAM wParam, LPARAM lParam)
{
	switch (message)
	{
	case WM_INITDIALOG:
		return TRUE;

	case WM_COMMAND:
		if (LOWORD(wParam) == IDOK || LOWORD(wParam) == IDCANCEL) 
		{
			EndDialog(hDlg, LOWORD(wParam));
			return TRUE;
		}
		break;
	}
	return FALSE;
}

BOOL  OpenFileDlg(HWND hwnd)   
{
	OPENFILENAME ofn;
    memset(szFileName,0,MAX_STRINGLEN);
	memset(&ofn, 0, sizeof(ofn));

	ofn.lStructSize      =sizeof(ofn);
	ofn.hwndOwner        =hwnd;
	ofn.hInstance        =GetModuleHandle(NULL);
	ofn.nMaxFile         =MAX_PATH;
	ofn.lpstrInitialDir  =".";
	ofn.lpstrFile        =szFileName;
	ofn.lpstrTitle       ="Open ...[DSASMER] by 何非[hefei2]";
	ofn.Flags            =OFN_PATHMUSTEXIST | OFN_FILEMUSTEXIST | OFN_HIDEREADONLY;
	ofn.lpstrFilter      ="*.*\0*.*\0";
	if(!GetOpenFileName(&ofn))
		return FALSE;
	return TRUE;
}

void  DasmAndShow()
{
	PIMAGE_FILE_HEADER      pFH=NULL;
	PIMAGE_SECTION_HEADER   pSH=NULL;
	PIMAGE_OPTIONAL_HEADER  pOH=NULL;

	if(!LoadFileR((LPTSTR)szFileName,&stMapFile))
	{
		MessageBox(NULL,"ERROR FILE!","ERROR",MB_OK);
		return;
	}

	if(!IsPEFile(stMapFile.ImageBase))
	{
		MessageBox(NULL,"NOT PE FILE!","ERROR",MB_OK);
		UnLoadFile(&stMapFile);
		return;
	}

	pFH = GetFileHeader(stMapFile.ImageBase);
	pOH = GetOptionalHeader(stMapFile.ImageBase);
	pSH = GetFirstSectionHeader(stMapFile.ImageBase);

	for(int i=0;i<pFH->NumberOfSections;i++)
	{
		char *pOpCode = (char*)(pSH->PointerToRawData + (char*)stMapFile.ImageBase);
		HDisasm(pOpCode,pSH->VirtualAddress+pOH->ImageBase,pSH->SizeOfRawData);
		pSH++;
	}
	
	UnLoadFile(&stMapFile);
}

void HDisasm(LPVOID ImageBase,DWORD Address,DWORD length)
{
	DISASSEMBLY Disasm; // Creates an Disasm Struct
	// Pointer to linear address
	char *Linear="";
	// Index of opcoded to decode
    DWORD Index=0;

	char *pszaddr;
	char *pszopcode;
	char *pszdisassemble;
	char *pszcomment;

	Linear=(char*)ImageBase;     // Points to the address of array to decode.
    Disasm.Address=Address; // Common Entry Point (usually default..)
    FlushDecoded(&Disasm);     // reset all content

	for(Index=0;Index<length;Index++)
    {
		// Decode instruction
        Decode(&Disasm,Linear,&Index);

		// Upper case Assembly (Optional)
        CharUpper(Disasm.Assembly);
		// Show Decoded instruction, size, remarks...
        //ShowDecoded(Disasm);
		pszaddr = (char *)malloc(MAX_STRINGLEN*sizeof(char));
		pszopcode = (char *)malloc(MAX_STRINGLEN*sizeof(char));
		pszdisassemble = (char *)malloc(MAX_STRINGLEN*sizeof(char));
		pszcomment = (char *)malloc(MAX_STRINGLEN*sizeof(char));

		wsprintf(pszaddr,"%08X",Disasm.Address);
		wsprintf(pszopcode,"%s", Disasm.Opcode);
		wsprintf(pszdisassemble,"%s",Disasm.Assembly);
		wsprintf(pszcomment,"%d",Disasm.OpcodeSize+Disasm.PrefixSize);

		g_stDisasmList.push_back(Disasm);
		g_stPCHList.push_back(pszaddr);
		g_stPCHList.push_back(pszopcode);
		g_stPCHList.push_back(pszdisassemble);
		g_stPCHList.push_back(pszcomment);

		flAddNewRow(g_stFList,pszaddr,pszopcode,pszdisassemble,pszcomment);


		// Calculate total Size of an instruction + Prefixes, and
		// Fix the address of IP 
        Disasm.Address+=Disasm.OpcodeSize+Disasm.PrefixSize;
		// Clear all information
        FlushDecoded(&Disasm);
    }

}

void gotoTheEntry()
{
	PIMAGE_OPTIONAL_HEADER  pOH=NULL;
	if(!LoadFileR((LPTSTR)szFileName,&stMapFile))
	{
		MessageBox(NULL,"ERROR FILE!","ERROR",MB_OK);
		return;
	}

	if(!IsPEFile(stMapFile.ImageBase))
	{
		MessageBox(NULL,"NOT PE FILE!","ERROR",MB_OK);
		UnLoadFile(&stMapFile);
		return;
	}
	pOH = GetOptionalHeader(stMapFile.ImageBase);

	char AddrOfEnty[MAX_STRINGLEN];
	wsprintf(AddrOfEnty,"%08X",pOH->AddressOfEntryPoint+pOH->ImageBase);

	FLROW *flRow = g_stFList.flTheFirstRow;
	int nIndexRow = 1;
	while(flRow && strcmp(flRow->cols[0].szString,AddrOfEnty)!=0)
	{
		flRow = flRow->flrowNext;
		nIndexRow++;
	}

	g_stFList.flTheFirstRowOfThePage = flRow;
	SetScrollPos(g_stFList.flScrollbar.hwndscrollbar,SB_CTL,nIndexRow,true);	
	flRedrawFastList(g_stFList);
	UnLoadFile(&stMapFile);
}

void ShowPeImport()
{
	WNDCLASSEX wc;

	wc.cbSize        = sizeof( WNDCLASSEX );
    wc.style         = 0;
    wc.lpfnWndProc   = WndShowImportTableProc;
    wc.cbClsExtra    = 0;
    wc.cbWndExtra    = 4;
    wc.hInstance     = hInst;
    wc.hIcon         = LoadIcon(NULL, IDI_APPLICATION);
    wc.hCursor       = LoadCursor(NULL, IDC_ARROW);
	wc.hbrBackground = (HBRUSH)( COLOR_WINDOW);
    wc.lpszMenuName  = 0;
    wc.lpszClassName = "WndShowImportTable";
    wc.hIconSm       = LoadIcon(NULL, IDI_APPLICATION);

    RegisterClassEx(&wc);
	RECT rt;

	GetWindowRect(g_stFList.hwnd,&rt);
	HWND hwnd = CreateWindowEx(WS_EX_TOOLWINDOW,"WndShowImportTable","ImportTable",WS_OVERLAPPED|WS_SYSMENU,rt.left+50,rt.top+100,577,300,g_stFList.hwnd,NULL,hInst,NULL);
	ShowWindow(hwnd,SW_SHOW);
	UpdateWindow(hwnd);
}

LRESULT CALLBACK WndShowImportTableProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam)
{
	static bool flInited = false;
	static bool flIsShow = false;
	switch (msg) 
	{
	case WM_CREATE:
		g_stFLShowIMP.hInstance = hInst;

		g_stFLShowIMP.hwnd = hwnd;

		g_stFLShowIMP.dwBackColor = RGB(252,255,230);

		g_stFLShowIMP.dwHeightOfRow = 20;

		g_stFLShowIMP.flHeader.headerBackColor = RGB(221,240,255);

		g_stFLShowIMP.flHeader.headerFrontColor = RGB(0,0,0);

		initFastListControl(g_stFLShowIMP);
		flSetHeader(g_stFLShowIMP,3,100,300,150,"DLL Name","Func Name","Address");

		//得到輸入表
		GetImportTable(szFileName);
		//

		flSetNewView(g_stFLShowIMP,1);
		break;
	case WM_COMMAND:
		// 分析菜單選擇:
		break;
	case WM_PAINT:
		flRedrawFastList(g_stFLShowIMP);
		break;
	case WM_DESTROY:
		//PostQuitMessage(0);
		flClose(g_stFLShowIMP);
		break;
	default:
		return DefWindowProc(hwnd, msg, wParam, lParam);
	}
	return 0;
}

void GetImportTable(char *szFN)
{
	if(!LoadFileR((LPTSTR)szFN,&stMapFile))
	{
		MessageBox(NULL,"ERROR FILE!","ERROR",MB_OK);
		return;
	}

	if(!IsPEFile(stMapFile.ImageBase))
	{
		MessageBox(NULL,"NOT PE FILE!","ERROR",MB_OK);
		UnLoadFile(&stMapFile);
		return;
	}
	
	PIMAGE_IMPORT_DESCRIPTOR pImportDesc=NULL;
	PIMAGE_NT_HEADERS		 pImageNtH=NULL;
	pImageNtH = GetNtHeaders(stMapFile.ImageBase);
	pImportDesc = GetFirstImportDesc(stMapFile.ImageBase);

	while(pImportDesc->FirstThunk)
	{
		//char *szDllName;
		//szDllName = (char*)malloc(MAX_STRINGLEN*sizeof(char));
		//wsprintf(szDllName,"%s",(char*)RvaToPtr(pImageNtH,stMapFile.ImageBase,pImportDesc->Name));
		//flAddNewRow(g_stFLShowIMP,szDllName,"1","2");
		ImportFunc ImportF;
		wsprintf(ImportF.DllName,"%s",(char*)RvaToPtr(pImageNtH,stMapFile.ImageBase,pImportDesc->Name));

		++pImportDesc;
	}

	UnLoadFile(&stMapFile);
}