From 707a700d8cfc0ae499593b20f24d0e7f3d681437 Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Tue, 10 Mar 2026 12:55:17 +0100 Subject: [PATCH 1/6] Fix mutable class variable and default arguments in Process and Hook Process.ldr_entries was a class-level mutable list shared across all instances, causing PEB corruption in sequential emulations. Move it to __init__. Also fix Process(user_modules=[]) and Hook(ctx=[]) family of mutable default arguments. --- speakeasy/common.py | 14 +++++++------- speakeasy/windows/objman.py | 4 ++-- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/speakeasy/common.py b/speakeasy/common.py index 76a60b79..de360b55 100644 --- a/speakeasy/common.py +++ b/speakeasy/common.py @@ -55,7 +55,7 @@ class Hook: Base class for all emulator hooks """ - def __init__(self, se_obj, emu_eng, cb, ctx=[], native_hook=False): + def __init__(self, se_obj, emu_eng, cb, ctx=None, native_hook=False): """ Arguments: se_obj: speakeasy emulator object @@ -74,7 +74,7 @@ def __init__(self, se_obj, emu_eng, cb, ctx=[], native_hook=False): self.native_hook = native_hook self.emu_eng = emu_eng self.se_obj = se_obj - self.ctx = ctx + self.ctx = ctx if ctx is not None else [] def enable(self): self.enabled = True @@ -148,7 +148,7 @@ class DynCodeHook(Hook): Currently, this will only fire once per dynamic code mapping. Could be useful for unpacking. """ - def __init__(self, se_obj, emu_eng, cb, ctx=[]): + def __init__(self, se_obj, emu_eng, cb, ctx=None): super().__init__(se_obj, emu_eng, cb) @@ -157,7 +157,7 @@ class CodeHook(Hook): This hook callback will fire for every CPU instruction """ - def __init__(self, se_obj, emu_eng, cb, begin=1, end=0, ctx=[], native_hook=True): + def __init__(self, se_obj, emu_eng, cb, begin=1, end=0, ctx=None, native_hook=True): super().__init__(se_obj, emu_eng, cb, ctx=ctx, native_hook=native_hook) self.begin = begin self.end = end @@ -242,7 +242,7 @@ class InterruptHook(Hook): This hook will fire each time a a software interrupt is triggered """ - def __init__(self, se_obj, emu_eng, cb, ctx=[], native_hook=True): + def __init__(self, se_obj, emu_eng, cb, ctx=None, native_hook=True): super().__init__(se_obj, emu_eng, cb, ctx=ctx, native_hook=native_hook) def add(self): @@ -258,7 +258,7 @@ class InstructionHook(Hook): Only the instructions: IN, OUT, SYSCALL, and SYSENTER are supported by unicorn. """ - def __init__(self, se_obj, emu_eng, cb, ctx=[], native_hook=True, insn=None): + def __init__(self, se_obj, emu_eng, cb, ctx=None, native_hook=True, insn=None): super().__init__(se_obj, emu_eng, cb, ctx=ctx, native_hook=native_hook) self.insn = insn @@ -275,7 +275,7 @@ class InvalidInstructionHook(Hook): to be executed """ - def __init__(self, se_obj, emu_eng, cb, ctx=[], native_hook=True): + def __init__(self, se_obj, emu_eng, cb, ctx=None, native_hook=True): super().__init__(se_obj, emu_eng, cb, ctx=ctx, native_hook=native_hook) def add(self): diff --git a/speakeasy/windows/objman.py b/speakeasy/windows/objman.py index 56091c3b..30d35ced 100644 --- a/speakeasy/windows/objman.py +++ b/speakeasy/windows/objman.py @@ -463,7 +463,7 @@ class Process(KernelObject): An EPROCESS object used by the Windows kernel to represent a process """ - def __init__(self, emu, pe=None, user_modules=[], name="", path="", cmdline="", base=0, session=0): + def __init__(self, emu, pe=None, user_modules=None, name="", path="", cmdline="", base=0, session=0): super().__init__(emu=emu) self.ldr_entries: list[LdrDataTableEntry] = [] # TODO: For now just allocate a blank opaque struct for an EPROCESS @@ -480,7 +480,7 @@ def __init__(self, emu, pe=None, user_modules=[], name="", path="", cmdline="", self.name: str = name self.base: int = base self.pid: int = self.id - self.modules: list[Any] = user_modules + self.modules: list[Any] = user_modules if user_modules is not None else [] self.threads: list[Thread] = [] self.console: Console | None = None self.curr_thread: Thread | None = None From adb7f1e4dba4aad6f70dbb0eb86f8f0767bac5dc Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Tue, 10 Mar 2026 12:55:58 +0100 Subject: [PATCH 2/6] Fix mutable default arguments in Speakeasy, Win32Emulator, File, Pipe Replace argv=[], config={} defaults with None and materialize fresh collections in __init__ bodies. --- speakeasy/speakeasy.py | 4 ++-- speakeasy/windows/fileman.py | 6 +++--- speakeasy/windows/win32.py | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/speakeasy/speakeasy.py b/speakeasy/speakeasy.py index 147416e0..9ac28402 100644 --- a/speakeasy/speakeasy.py +++ b/speakeasy/speakeasy.py @@ -37,7 +37,7 @@ def wrap(self, *args, **kwargs): return wrap - def __init__(self, config=None, argv=[], debug=False, exit_event=None, gdb_port=None, volumes=None): + def __init__(self, config=None, argv=None, debug=False, exit_event=None, gdb_port=None, volumes=None): if volumes: if isinstance(config, SpeakeasyConfig): @@ -55,7 +55,7 @@ def __init__(self, config=None, argv=[], debug=False, exit_event=None, gdb_port= self.dyn_code_hooks: list[tuple[Callable, dict]] = [] self.invalid_insn_hooks: list[tuple[Callable, list]] = [] self.mem_read_hooks: list[tuple[Callable, int, int]] = [] - self.argv = argv + self.argv = argv if argv is not None else [] self.exit_event = exit_event self.debug = debug self.gdb_port = gdb_port diff --git a/speakeasy/windows/fileman.py b/speakeasy/windows/fileman.py index 494382f3..98c96011 100644 --- a/speakeasy/windows/fileman.py +++ b/speakeasy/windows/fileman.py @@ -71,7 +71,7 @@ class File: curr_handle = 0x80 - def __init__(self, path, config={}, data=b""): + def __init__(self, path, config=None, data=b""): self.path: str = path self.data: io.BytesIO | bytes | None = None self.bytes_written: int = 0 @@ -79,7 +79,7 @@ def __init__(self, path, config={}, data=b""): self.data = io.BytesIO(data) self.curr_offset: int = 0 self.is_dir: bool = False - self.config: Any = config + self.config: Any = config if config is not None else {} def duplicate(self): if not self.data and self.config: @@ -195,7 +195,7 @@ class Pipe(File): curr_handle = 0x400 - def __init__(self, name, mode, num_instances, out_size, in_size, config={}): + def __init__(self, name, mode, num_instances, out_size, in_size, config=None): super().__init__(path=name, config=config) self.name = name self.mode = mode diff --git a/speakeasy/windows/win32.py b/speakeasy/windows/win32.py index cd1c0d7c..1652b850 100644 --- a/speakeasy/windows/win32.py +++ b/speakeasy/windows/win32.py @@ -31,13 +31,13 @@ class Win32Emulator(WindowsEmulator): User Mode Windows Emulator Class """ - def __init__(self, config, argv=[], debug=False, exit_event=None, gdb_port=None): + def __init__(self, config, argv=None, debug=False, exit_event=None, gdb_port=None): super().__init__(config, debug=debug, exit_event=exit_event, gdb_port=gdb_port) self.last_error = 0 self.peb_addr = 0 self.heap_allocs = [] - self.argv = argv + self.argv = argv if argv is not None else [] self.sessman = SessionManager(config) self.com = COM(config) From 5312648d43d66f72fb164a234b83baeb9db7551d Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Tue, 10 Mar 2026 12:57:52 +0100 Subject: [PATCH 3/6] Replace ctx={} mutable default with typed None default in API handlers All ~1016 API handler methods used ctx={} as a mutable default argument. Replace with ctx: dict[str, str] | None = None and guard with ctx = ctx or {} in each method body. --- speakeasy/winenv/api/kernelmode/fwpkclnt.py | 36 +- speakeasy/winenv/api/kernelmode/hal.py | 9 +- speakeasy/winenv/api/kernelmode/ndis.py | 48 +- speakeasy/winenv/api/kernelmode/netio.py | 54 +- speakeasy/winenv/api/kernelmode/ntoskrnl.py | 462 ++++++---- speakeasy/winenv/api/kernelmode/usbd.py | 3 +- speakeasy/winenv/api/kernelmode/wdfldr.py | 90 +- speakeasy/winenv/api/usermode/advapi32.py | 180 ++-- speakeasy/winenv/api/usermode/advpack.py | 3 +- speakeasy/winenv/api/usermode/bcrypt.py | 15 +- speakeasy/winenv/api/usermode/com_api.py | 15 +- speakeasy/winenv/api/usermode/comctl32.py | 6 +- speakeasy/winenv/api/usermode/crypt32.py | 3 +- speakeasy/winenv/api/usermode/dnsapi.py | 3 +- speakeasy/winenv/api/usermode/gdi32.py | 66 +- speakeasy/winenv/api/usermode/iphlpapi.py | 3 +- speakeasy/winenv/api/usermode/kernel32.py | 912 +++++++++++++------- speakeasy/winenv/api/usermode/lz32.py | 3 +- speakeasy/winenv/api/usermode/mpr.py | 12 +- speakeasy/winenv/api/usermode/mscoree.py | 3 +- speakeasy/winenv/api/usermode/msi32.py | 3 +- speakeasy/winenv/api/usermode/msimg32.py | 3 +- speakeasy/winenv/api/usermode/msvcrt.py | 378 +++++--- speakeasy/winenv/api/usermode/msvfw32.py | 9 +- speakeasy/winenv/api/usermode/ncrypt.py | 12 +- speakeasy/winenv/api/usermode/netapi32.py | 9 +- speakeasy/winenv/api/usermode/netutils.py | 3 +- speakeasy/winenv/api/usermode/ntdll.py | 54 +- speakeasy/winenv/api/usermode/ole32.py | 27 +- speakeasy/winenv/api/usermode/oleaut32.py | 12 +- speakeasy/winenv/api/usermode/psapi.py | 12 +- speakeasy/winenv/api/usermode/rpcrt4.py | 6 +- speakeasy/winenv/api/usermode/secur32.py | 6 +- speakeasy/winenv/api/usermode/sfc.py | 6 +- speakeasy/winenv/api/usermode/shell32.py | 27 +- speakeasy/winenv/api/usermode/shlwapi.py | 45 +- speakeasy/winenv/api/usermode/urlmon.py | 6 +- speakeasy/winenv/api/usermode/user32.py | 315 ++++--- speakeasy/winenv/api/usermode/winhttp.py | 39 +- speakeasy/winenv/api/usermode/wininet.py | 42 +- speakeasy/winenv/api/usermode/winmm.py | 3 +- speakeasy/winenv/api/usermode/wkscli.py | 3 +- speakeasy/winenv/api/usermode/ws2_32.py | 96 ++- speakeasy/winenv/api/usermode/wtsapi32.py | 6 +- 44 files changed, 2032 insertions(+), 1016 deletions(-) diff --git a/speakeasy/winenv/api/kernelmode/fwpkclnt.py b/speakeasy/winenv/api/kernelmode/fwpkclnt.py index 023fd026..41bba216 100644 --- a/speakeasy/winenv/api/kernelmode/fwpkclnt.py +++ b/speakeasy/winenv/api/kernelmode/fwpkclnt.py @@ -73,7 +73,7 @@ def new_filter(self, name, desc, key): return ret @apihook("FwpmEngineOpen0", argc=5) - def FwpmEngineOpen0(self, emu, argv, ctx={}): + def FwpmEngineOpen0(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD FwpmEngineOpen0( const wchar_t *serverName, @@ -83,6 +83,7 @@ def FwpmEngineOpen0(self, emu, argv, ctx={}): HANDLE *engineHandle ); """ + ctx = ctx or {} sname, asvc, authid, sess, eng = argv @@ -95,7 +96,7 @@ def FwpmEngineOpen0(self, emu, argv, ctx={}): return rv @apihook("FwpsInjectionHandleCreate0", argc=3) - def FwpsInjectionHandleCreate0(self, emu, argv, ctx={}): + def FwpsInjectionHandleCreate0(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS FwpsInjectionHandleCreate0( ADDRESS_FAMILY addressFamily, @@ -103,6 +104,7 @@ def FwpsInjectionHandleCreate0(self, emu, argv, ctx={}): HANDLE *injectionHandle ); """ + ctx = ctx or {} family, flags, inj_handle = argv rv = ddk.STATUS_SUCCESS @@ -114,7 +116,7 @@ def FwpsInjectionHandleCreate0(self, emu, argv, ctx={}): return rv @apihook("FwpmSubLayerAdd0", argc=3) - def FwpmSubLayerAdd0(self, emu, argv, ctx={}): + def FwpmSubLayerAdd0(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD FwpmSubLayerAdd0( HANDLE engineHandle, @@ -122,6 +124,7 @@ def FwpmSubLayerAdd0(self, emu, argv, ctx={}): PSECURITY_DESCRIPTOR sd ); """ + ctx = ctx or {} engineHandle, subLayer, sd = argv name = "" @@ -156,7 +159,7 @@ def FwpmSubLayerAdd0(self, emu, argv, ctx={}): return rv @apihook("FwpsCalloutRegister1", argc=3) - def FwpsCalloutRegister1(self, emu, argv, ctx={}): + def FwpsCalloutRegister1(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS FwpsCalloutRegister1( void *deviceObject, @@ -164,6 +167,7 @@ def FwpsCalloutRegister1(self, emu, argv, ctx={}): UINT32 *calloutId ); """ + ctx = ctx or {} deviceObject, pCallout, calloutId = argv rv = ddk.STATUS_SUCCESS @@ -199,7 +203,7 @@ def FwpsCalloutRegister1(self, emu, argv, ctx={}): return rv @apihook("FwpmCalloutAdd0", argc=4) - def FwpmCalloutAdd0(self, emu, argv, ctx={}): + def FwpmCalloutAdd0(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD FwpmCalloutAdd0( HANDLE engineHandle, @@ -208,6 +212,7 @@ def FwpmCalloutAdd0(self, emu, argv, ctx={}): UINT32 *id ); """ + ctx = ctx or {} eng, pCallout, sd, pCid = argv name = "" @@ -240,7 +245,7 @@ def FwpmCalloutAdd0(self, emu, argv, ctx={}): return rv @apihook("FwpmFilterAdd0", argc=4) - def FwpmFilterAdd0(self, emu, argv, ctx={}): + def FwpmFilterAdd0(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD FwpmFilterAdd0( HANDLE engineHandle, @@ -249,6 +254,7 @@ def FwpmFilterAdd0(self, emu, argv, ctx={}): UINT64 *id ); """ + ctx = ctx or {} eng, pFilter, sd, pId = argv self.mem_write(pId, b"\x41\x41") @@ -280,13 +286,14 @@ def FwpmFilterAdd0(self, emu, argv, ctx={}): return rv @apihook("FwpmFilterDeleteById0", argc=2) - def FwpmFilterDeleteById0(self, emu, argv, ctx={}): + def FwpmFilterDeleteById0(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD FwpmFilterDeleteById0( HANDLE engineHandle, UINT64 id ); """ + ctx = ctx or {} eng, fid = argv rv = ddk.STATUS_SUCCESS @@ -294,13 +301,14 @@ def FwpmFilterDeleteById0(self, emu, argv, ctx={}): return rv @apihook("FwpmCalloutDeleteById0", argc=2) - def FwpmCalloutDeleteById0(self, emu, argv, ctx={}): + def FwpmCalloutDeleteById0(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD FwpmCalloutDeleteById0( HANDLE engineHandle, UINT32 id ); """ + ctx = ctx or {} eng, cid = argv rv = FWP_E_CALLOUT_NOT_FOUND @@ -310,12 +318,13 @@ def FwpmCalloutDeleteById0(self, emu, argv, ctx={}): return rv @apihook("FwpsCalloutUnregisterById0", argc=1) - def FwpsCalloutUnregisterById0(self, emu, argv, ctx={}): + def FwpsCalloutUnregisterById0(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS FwpsCalloutUnregisterById0( const UINT32 calloutId ); """ + ctx = ctx or {} (cid,) = argv rv = FWP_E_CALLOUT_NOT_FOUND @@ -325,13 +334,14 @@ def FwpsCalloutUnregisterById0(self, emu, argv, ctx={}): return rv @apihook("FwpmSubLayerDeleteByKey0", argc=2) - def FwpmSubLayerDeleteByKey0(self, emu, argv, ctx={}): + def FwpmSubLayerDeleteByKey0(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD FwpmSubLayerDeleteByKey0( HANDLE engineHandle, const GUID *key ); """ + ctx = ctx or {} eng, key = argv rv = FWP_E_SUBLAYER_NOT_FOUND @@ -345,24 +355,26 @@ def FwpmSubLayerDeleteByKey0(self, emu, argv, ctx={}): return rv @apihook("FwpmEngineClose0", argc=1) - def FwpmEngineClose0(self, emu, argv, ctx={}): + def FwpmEngineClose0(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD FwpmEngineClose0( HANDLE engineHandle ); """ + ctx = ctx or {} (eng,) = argv rv = ddk.STATUS_SUCCESS return rv @apihook("FwpsInjectionHandleDestroy0", argc=1) - def FwpsInjectionHandleDestroy0(self, emu, argv, ctx={}): + def FwpsInjectionHandleDestroy0(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS FwpsInjectionHandleDestroy0( HANDLE injectionHandle ); """ + ctx = ctx or {} (handle,) = argv rv = ddk.STATUS_SUCCESS diff --git a/speakeasy/winenv/api/kernelmode/hal.py b/speakeasy/winenv/api/kernelmode/hal.py index 6c13f547..96aa35b8 100644 --- a/speakeasy/winenv/api/kernelmode/hal.py +++ b/speakeasy/winenv/api/kernelmode/hal.py @@ -28,27 +28,30 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("KeGetCurrentIrql", argc=0) - def KeGetCurrentIrql(self, emu, argv, ctx={}): + def KeGetCurrentIrql(self, emu, argv, ctx: dict[str, str] | None = None): """ NTHALAPI KIRQL KeGetCurrentIrql(); """ + ctx = ctx or {} irql = emu.get_current_irql() return irql @apihook("ExAcquireFastMutex", argc=1, conv=_arch.CALL_CONV_FASTCALL) - def ExAcquireFastMutex(self, emu, argv, ctx={}): + def ExAcquireFastMutex(self, emu, argv, ctx: dict[str, str] | None = None): """ VOID ExAcquireFastMutex( _Inout_ PFAST_MUTEX FastMutex ); """ + ctx = ctx or {} return @apihook("ExReleaseFastMutex", argc=1, conv=_arch.CALL_CONV_FASTCALL) - def ExReleaseFastMutex(self, emu, argv, ctx={}): + def ExReleaseFastMutex(self, emu, argv, ctx: dict[str, str] | None = None): """ VOID ExReleaseFastMutex( _Inout_ PFAST_MUTEX FastMutex ); """ + ctx = ctx or {} return diff --git a/speakeasy/winenv/api/kernelmode/ndis.py b/speakeasy/winenv/api/kernelmode/ndis.py index 7c046264..78bd20b5 100644 --- a/speakeasy/winenv/api/kernelmode/ndis.py +++ b/speakeasy/winenv/api/kernelmode/ndis.py @@ -53,10 +53,11 @@ def new_id(self): return tmp @apihook("NdisGetVersion", argc=0) - def NdisGetVersion(self, emu, argv, ctx={}): + def NdisGetVersion(self, emu, argv, ctx: dict[str, str] | None = None): """ UINT NdisGetVersion(); """ + ctx = ctx or {} ndis_major = 5 ndis_minor = 0 @@ -76,12 +77,13 @@ def NdisGetVersion(self, emu, argv, ctx={}): return out_ver @apihook("NdisGetRoutineAddress", argc=1) - def NdisGetRoutineAddress(self, emu, argv, ctx={}): + def NdisGetRoutineAddress(self, emu, argv, ctx: dict[str, str] | None = None): """ PVOID NdisGetRoutineAddress( PNDIS_STRING NdisRoutineName ); """ + ctx = ctx or {} (NdisRoutineName,) = argv fn = self.read_unicode_string(NdisRoutineName) @@ -90,7 +92,7 @@ def NdisGetRoutineAddress(self, emu, argv, ctx={}): return addr @apihook("NdisMRegisterMiniportDriver", argc=5) - def NdisMRegisterMiniportDriver(self, emu, argv, ctx={}): + def NdisMRegisterMiniportDriver(self, emu, argv, ctx: dict[str, str] | None = None): """ NDIS_STATUS NdisMRegisterMiniportDriver( PDRIVER_OBJECT DriverObject, @@ -100,6 +102,7 @@ def NdisMRegisterMiniportDriver(self, emu, argv, ctx={}): PNDIS_HANDLE NdisMiniportDriverHandle ); """ + ctx = ctx or {} drv, reg, drv_ctx, chars, phnd = argv rv = NDIS_STATUS_SUCCESS @@ -110,7 +113,7 @@ def NdisMRegisterMiniportDriver(self, emu, argv, ctx={}): return rv @apihook("NdisInitializeWrapper", argc=4) - def NdisInitializeWrapper(self, emu, argv, ctx={}): + def NdisInitializeWrapper(self, emu, argv, ctx: dict[str, str] | None = None): """ VOID NdisInitializeWrapper( PNDIS_HANDLE NdisWrapperHandle, @@ -118,6 +121,7 @@ def NdisInitializeWrapper(self, emu, argv, ctx={}): PVOID SystemSpecific2, PVOID SystemSpecific3) """ + ctx = ctx or {} pHandle, ss1, ss2, ss3 = argv hnd = self.new_id() @@ -125,36 +129,39 @@ def NdisInitializeWrapper(self, emu, argv, ctx={}): self.mem_write(pHandle, hnd.to_bytes(self.get_ptr_size(), "little")) @apihook("NdisTerminateWrapper", argc=2) - def NdisTerminateWrapper(self, emu, argv, ctx={}): + def NdisTerminateWrapper(self, emu, argv, ctx: dict[str, str] | None = None): """ VOID NdisTerminateWrapper( _In_ NDIS_HANDLE NdisWrapperHandle, _In_ PVOID SystemSpecific ); """ + ctx = ctx or {} hnd, ss = argv @apihook("NdisInitializeReadWriteLock", argc=1) - def NdisInitializeReadWriteLock(self, emu, argv, ctx={}): + def NdisInitializeReadWriteLock(self, emu, argv, ctx: dict[str, str] | None = None): """ void NdisInitializeReadWriteLock( PNDIS_RW_LOCK Lock ); """ + ctx = ctx or {} (lock,) = argv @apihook("NdisMRegisterUnloadHandler", argc=2) - def NdisMRegisterUnloadHandler(self, emu, argv, ctx={}): + def NdisMRegisterUnloadHandler(self, emu, argv, ctx: dict[str, str] | None = None): """ VOID NdisMRegisterUnloadHandler( _In_ NDIS_HANDLE NdisWrapperHandle, _In_ PDRIVER_UNLOAD UnloadHandler ); """ + ctx = ctx or {} hnd, unload = argv @apihook("NdisRegisterProtocol", argc=4) - def NdisRegisterProtocol(self, emu, argv, ctx={}): + def NdisRegisterProtocol(self, emu, argv, ctx: dict[str, str] | None = None): """ VOID NdisRegisterProtocol( _Out_ PNDIS_STATUS Status, @@ -163,6 +170,7 @@ def NdisRegisterProtocol(self, emu, argv, ctx={}): _In_ UINT CharacteristicsLength ); """ + ctx = ctx or {} pStatus, pProtoHandle, pChars, clen = argv rv = NDIS_STATUS_SUCCESS hnd = self.new_id() @@ -177,7 +185,7 @@ def NdisRegisterProtocol(self, emu, argv, ctx={}): self.mem_write(pProtoHandle, hnd.to_bytes(4, "little")) @apihook("NdisIMRegisterLayeredMiniport", argc=4) - def NdisIMRegisterLayeredMiniport(self, emu, argv, ctx={}): + def NdisIMRegisterLayeredMiniport(self, emu, argv, ctx: dict[str, str] | None = None): """ NDIS_STATUS NdisIMRegisterLayeredMiniport( _In_ NDIS_HANDLE NdisWrapperHandle, @@ -186,6 +194,7 @@ def NdisIMRegisterLayeredMiniport(self, emu, argv, ctx={}): _Out_ PNDIS_HANDLE DriverHandle ); """ + ctx = ctx or {} hnd, mp_chars, clen, drv_hnd = argv rv = NDIS_STATUS_SUCCESS @@ -202,17 +211,18 @@ def NdisIMRegisterLayeredMiniport(self, emu, argv, ctx={}): return rv @apihook("NdisIMAssociateMiniport", argc=2) - def NdisIMAssociateMiniport(self, emu, argv, ctx={}): + def NdisIMAssociateMiniport(self, emu, argv, ctx: dict[str, str] | None = None): """ void NdisIMAssociateMiniport( NDIS_HANDLE DriverHandle, NDIS_HANDLE ProtocolHandle ); """ + ctx = ctx or {} drv_hnd, phnd = argv @apihook("NdisAllocateGenericObject", argc=3) - def NdisAllocateGenericObject(self, emu, argv, ctx={}): + def NdisAllocateGenericObject(self, emu, argv, ctx: dict[str, str] | None = None): """ PNDIS_GENERIC_OBJECT NdisAllocateGenericObject( PDRIVER_OBJECT DriverObject, @@ -220,6 +230,7 @@ def NdisAllocateGenericObject(self, emu, argv, ctx={}): USHORT Size ); """ + ctx = ctx or {} drv, tag, size = argv ptr = 0 @@ -237,7 +248,7 @@ def NdisAllocateGenericObject(self, emu, argv, ctx={}): return ptr @apihook("NdisAllocateMemoryWithTag", argc=3) - def NdisAllocateMemoryWithTag(self, emu, argv, ctx={}): + def NdisAllocateMemoryWithTag(self, emu, argv, ctx: dict[str, str] | None = None): """ NDIS_STATUS NdisAllocateMemoryWithTag( _Out_ PVOID *VirtualAddress, @@ -245,6 +256,7 @@ def NdisAllocateMemoryWithTag(self, emu, argv, ctx={}): _In_ ULONG Tag ); """ + ctx = ctx or {} va, size, tag = argv rv = ddk.STATUS_SUCCESS @@ -258,13 +270,14 @@ def NdisAllocateMemoryWithTag(self, emu, argv, ctx={}): return rv @apihook("NdisAllocateNetBufferListPool", argc=2) - def NdisAllocateNetBufferListPool(self, emu, argv, ctx={}): + def NdisAllocateNetBufferListPool(self, emu, argv, ctx: dict[str, str] | None = None): """ NDIS_HANDLE NdisAllocateNetBufferListPool( NDIS_HANDLE NdisHandle, PNET_BUFFER_LIST_POOL_PARAMETERS Parameters ); """ + ctx = ctx or {} NdisHandle, Parameters = argv params = self.mem_cast(self.ndis.NET_BUFFER_LIST_POOL_PARAMETERS(emu.get_ptr_size()), Parameters) @@ -284,18 +297,19 @@ def NdisAllocateNetBufferListPool(self, emu, argv, ctx={}): return nbl_ptr @apihook("NdisFreeNetBufferListPool", argc=1) - def NdisFreeNetBufferListPool(self, emu, argv, ctx={}): + def NdisFreeNetBufferListPool(self, emu, argv, ctx: dict[str, str] | None = None): """ void NdisFreeNetBufferListPool( NDIS_HANDLE PoolHandle ); """ + ctx = ctx or {} (handle,) = argv return @apihook("NdisFreeMemory", argc=3) - def NdisFreeMemory(self, emu, argv, ctx={}): + def NdisFreeMemory(self, emu, argv, ctx: dict[str, str] | None = None): """ void NdisFreeMemory( PVOID VirtualAddress, @@ -303,17 +317,19 @@ def NdisFreeMemory(self, emu, argv, ctx={}): UINT MemoryFlags ); """ + ctx = ctx or {} va, length, flags = argv return @apihook("NdisFreeGenericObject", argc=1) - def NdisFreeGenericObject(self, emu, argv, ctx={}): + def NdisFreeGenericObject(self, emu, argv, ctx: dict[str, str] | None = None): """ void NdisFreeGenericObject( PNDIS_GENERIC_OBJECT NdisObject ); """ + ctx = ctx or {} (pObj,) = argv return diff --git a/speakeasy/winenv/api/kernelmode/netio.py b/speakeasy/winenv/api/kernelmode/netio.py index 5bbe97c2..64989d72 100644 --- a/speakeasy/winenv/api/kernelmode/netio.py +++ b/speakeasy/winenv/api/kernelmode/netio.py @@ -114,12 +114,13 @@ def __init__(self, emu): self.prov_disp.WskGetNameInfo = addr @apihook("WskRegister", argc=2) - def WskRegister(self, emu, argv, ctx={}): + def WskRegister(self, emu, argv, ctx: dict[str, str] | None = None): """NTSTATUS WskRegister( PWSK_CLIENT_NPI WskClientNpi, PWSK_REGISTRATION WskRegistration ); """ + ctx = ctx or {} WskClientNpi, WskRegistration = argv rv = 0 @@ -128,13 +129,14 @@ def WskRegister(self, emu, argv, ctx={}): return rv @apihook("WskCaptureProviderNPI", argc=3) - def WskCaptureProviderNPI(self, emu, argv, ctx={}): + def WskCaptureProviderNPI(self, emu, argv, ctx: dict[str, str] | None = None): """NTSTATUS WskCaptureProviderNPI( PWSK_REGISTRATION WskRegistration, ULONG WaitTimeout, PWSK_PROVIDER_NPI WskProviderNpi ); """ + ctx = ctx or {} WskRegistration, WaitTimeout, WskProviderNpi = argv rv = 0 @@ -160,7 +162,7 @@ def WskCaptureProviderNPI(self, emu, argv, ctx={}): return rv @apihook("callback_WskSocket", argc=11) - def WskSocket(self, emu, argv, ctx={}): + def WskSocket(self, emu, argv, ctx: dict[str, str] | None = None): """NTSTATUS PfnWskSocket( PWSK_CLIENT Client, ADDRESS_FAMILY AddressFamily, @@ -174,6 +176,7 @@ def WskSocket(self, emu, argv, ctx={}): PSECURITY_DESCRIPTOR SecurityDescriptor, PIRP Irp )""" + ctx = ctx or {} cli, af, stype, proto, flags, sctx, disp, proc, thr, secdesc, pIrp = argv # noqa rv = ddk.STATUS_INVALID_PARAMETER @@ -190,7 +193,7 @@ def WskSocket(self, emu, argv, ctx={}): return rv @apihook("callback_WskSocketConnect", argc=12) - def WskSocketConnect(self, emu, argv, ctx={}): + def WskSocketConnect(self, emu, argv, ctx: dict[str, str] | None = None): """NTSTATUS PfnWskSocketConnect( PWSK_CLIENT Client, USHORT SocketType, @@ -205,6 +208,7 @@ def WskSocketConnect(self, emu, argv, ctx={}): PSECURITY_DESCRIPTOR SecurityDescriptor, PIRP Irp )""" + ctx = ctx or {} cli, stype, proto, laddr, raddr, flags, sctx, disp, proc, thr, secdesc, irp = argv # noqa rv = 0 @@ -212,7 +216,7 @@ def WskSocketConnect(self, emu, argv, ctx={}): return rv @apihook("callback_WskControlClient", argc=8) - def WskControlClient(self, emu, argv, ctx={}): + def WskControlClient(self, emu, argv, ctx: dict[str, str] | None = None): """NTSTATUS PfnWskControlClient( PWSK_CLIENT Client, ULONG ControlCode, @@ -223,13 +227,14 @@ def WskControlClient(self, emu, argv, ctx={}): SIZE_T *OutputSizeReturned, PIRP Irp )""" + ctx = ctx or {} cli, ctl, insiz, inbuf, osiz, obuf, oret, irp = argv rv = 0 return rv @apihook("callback_WskGetAddressInfo", argc=10) - def WskGetAddressInfo(self, emu, argv, ctx={}): + def WskGetAddressInfo(self, emu, argv, ctx: dict[str, str] | None = None): """NTSTATUS PfnWskGetAddressInfo( PWSK_CLIENT Client, PUNICODE_STRING NodeName, @@ -242,24 +247,26 @@ def WskGetAddressInfo(self, emu, argv, ctx={}): PETHREAD OwningThread, PIRP Irp )""" + ctx = ctx or {} cli, node, svc, namespace, prov, hints, res, proc, thr, irp = argv rv = 0 return rv @apihook("callback_WskFreeAddressInfo", argc=2) - def WskFreeAddressInfo(self, emu, argv, ctx={}): + def WskFreeAddressInfo(self, emu, argv, ctx: dict[str, str] | None = None): """void PfnWskFreeAddressInfo( PWSK_CLIENT Client, PADDRINFOEXW AddrInfo )""" + ctx = ctx or {} cli, addr = argv rv = 0 return rv @apihook("callback_WskGetNameInfo", argc=9) - def WskGetNameInfo(self, emu, argv, ctx={}): + def WskGetNameInfo(self, emu, argv, ctx: dict[str, str] | None = None): """NTSTATUS PfnWskGetNameInfo( PWSK_CLIENT Client, PSOCKADDR SockAddr, @@ -271,13 +278,14 @@ def WskGetNameInfo(self, emu, argv, ctx={}): PETHREAD OwningThread, PIRP Irp )""" + ctx = ctx or {} cli, saddr, saddrlen, node, svc, flags, proc, thr, irp = argv rv = 0 return rv @apihook("callback_WskControlSocket", argc=10) - def WskControlSocket(self, emu, argv, ctx={}): + def WskControlSocket(self, emu, argv, ctx: dict[str, str] | None = None): """NTSTATUS PfnWskControlSocket( PWSK_SOCKET Socket, WSK_CONTROL_SOCKET_TYPE RequestType, @@ -290,30 +298,33 @@ def WskControlSocket(self, emu, argv, ctx={}): SIZE_T *OutputSizeReturned, PIRP Irp )""" + ctx = ctx or {} sock, rtype, ctl, level, isize, ibuf, osize, obuf, oret, irp = argv rv = 0 return rv @apihook("callback_WskCloseSocket", argc=2) - def WskCloseSocket(self, emu, argv, ctx={}): + def WskCloseSocket(self, emu, argv, ctx: dict[str, str] | None = None): """NTSTATUS PfnWskCloseSocket( PWSK_SOCKET Socket, PIRP Irp )""" + ctx = ctx or {} sock, irp = argv rv = 0 return rv @apihook("callback_WskBind", argc=4) - def WskBind(self, emu, argv, ctx={}): + def WskBind(self, emu, argv, ctx: dict[str, str] | None = None): """NTSTATUS PfnWskBind( PWSK_SOCKET Socket, PSOCKADDR LocalAddress, ULONG Flags, PIRP Irp )""" + ctx = ctx or {} sock, laddr, flags, irp = argv rv = 0 @@ -327,7 +338,7 @@ def WskBind(self, emu, argv, ctx={}): return rv @apihook("callback_WskSendTo", argc=7) - def WskSendTo(self, emu, argv, ctx={}): + def WskSendTo(self, emu, argv, ctx: dict[str, str] | None = None): """NTSTATUS PfnWskSendTo( PWSK_SOCKET Socket, PWSK_BUF Buffer, @@ -337,13 +348,14 @@ def WskSendTo(self, emu, argv, ctx={}): PCMSGHDR ControlInfo, PIRP Irp )""" + ctx = ctx or {} sock, buf, flags, raddr, infolen, ctlinfo, irp = argv rv = 0 return rv @apihook("callback_WskReceiveFrom", argc=8) - def WskReceiveFrom(self, emu, argv, ctx={}): + def WskReceiveFrom(self, emu, argv, ctx: dict[str, str] | None = None): """NTSTATUS PfnWskReceiveFrom( PWSK_SOCKET Socket, PWSK_BUF Buffer, @@ -354,59 +366,65 @@ def WskReceiveFrom(self, emu, argv, ctx={}): PULONG ControlFlags, PIRP Irp )""" + ctx = ctx or {} sock, buf, flags, raddr, ctllen, ctlinfo, irp = argv rv = 0 return rv @apihook("callback_WskRelease", argc=2) - def WskRelease(self, emu, argv, ctx={}): + def WskRelease(self, emu, argv, ctx: dict[str, str] | None = None): """NTSTATUS WSKAPI WSKAPI * WskRelease( _In_ PWSK_SOCKET Socket, _In_ PWSK_DATA_INDICATION DataIndication )""" + ctx = ctx or {} sock, data_indic = argv rv = 0 return rv @apihook("callback_WskGetLocalAddress", argc=2) - def WskGetLocalAddress(self, emu, argv, ctx={}): + def WskGetLocalAddress(self, emu, argv, ctx: dict[str, str] | None = None): """NTSTATUS PfnWskGetLocalAddress( PWSK_SOCKET Socket, PSOCKADDR LocalAddress, PIRP Irp )""" + ctx = ctx or {} sock, laddr = argv rv = 0 return rv @apihook("WskReleaseProviderNPI", argc=1) - def WskReleaseProviderNPI(self, emu, argv, ctx={}): + def WskReleaseProviderNPI(self, emu, argv, ctx: dict[str, str] | None = None): """ void WskReleaseProviderNPI( PWSK_REGISTRATION WskRegistration ); """ + ctx = ctx or {} (reg,) = argv return @apihook("NsiEnumerateObjectsAllParametersEx", argc=0) - def NsiEnumerateObjectsAllParametersEx(self, emu, argv, ctx={}): + def NsiEnumerateObjectsAllParametersEx(self, emu, argv, ctx: dict[str, str] | None = None): """ N/A """ + ctx = ctx or {} return @apihook("WskDeregister", argc=1) - def WskDeregister(self, emu, argv, ctx={}): + def WskDeregister(self, emu, argv, ctx: dict[str, str] | None = None): """ void WskDeregister( PWSK_REGISTRATION WskRegistration ); """ + ctx = ctx or {} (reg,) = argv return diff --git a/speakeasy/winenv/api/kernelmode/ntoskrnl.py b/speakeasy/winenv/api/kernelmode/ntoskrnl.py index 50bd4297..29f748c6 100644 --- a/speakeasy/winenv/api/kernelmode/ntoskrnl.py +++ b/speakeasy/winenv/api/kernelmode/ntoskrnl.py @@ -101,10 +101,11 @@ def KdDebuggerEnabled(self, ptr=0): return ptr @apihook("ObfDereferenceObject", argc=1, conv=_arch.CALL_CONV_FASTCALL) - def ObfDereferenceObject(self, emu, argv, ctx={}): + def ObfDereferenceObject(self, emu, argv, ctx: dict[str, str] | None = None): """ void ObfDereferenceObject(a); """ + ctx = ctx or {} Object = argv[0] obj = self.get_object_from_addr(Object) @@ -112,25 +113,27 @@ def ObfDereferenceObject(self, emu, argv, ctx={}): obj.ref_cnt -= 1 @apihook("ZwClose", argc=1) - def ZwClose(self, emu, argv, ctx={}): + def ZwClose(self, emu, argv, ctx: dict[str, str] | None = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS ZwClose( HANDLE Handle ); """ + ctx = ctx or {} rv = ddk.STATUS_SUCCESS # For now, just leave the handle open so we can reference it later return rv @apihook("DbgPrint", argc=_arch.VAR_ARGS, conv=_arch.CALL_CONV_CDECL) - def DbgPrint(self, emu, argv, ctx={}): + def DbgPrint(self, emu, argv, ctx: dict[str, str] | None = None): """ ULONG DbgPrint( PCSTR Format, ... ); """ + ctx = ctx or {} fmt = emu.get_func_argv(_arch.CALL_CONV_CDECL, 1)[0] fmt_str = self.read_string(fmt) @@ -144,7 +147,7 @@ def DbgPrint(self, emu, argv, ctx={}): return len(fin) @apihook("DbgPrintEx", argc=_arch.VAR_ARGS, conv=_arch.CALL_CONV_CDECL) - def DbgPrintEx(self, emu, argv, ctx={}): + def DbgPrintEx(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI ULONG DbgPrintEx( ULONG ComponentId, @@ -153,6 +156,7 @@ def DbgPrintEx(self, emu, argv, ctx={}): ... ); """ + ctx = ctx or {} cid, level, fmt = emu.get_func_argv(_arch.CALL_CONV_CDECL, 3) @@ -171,7 +175,7 @@ def DbgPrintEx(self, emu, argv, ctx={}): return len(fin) @apihook("_vsnprintf", argc=4, conv=_arch.CALL_CONV_CDECL) - def _vsnprintf(self, emu, argv, ctx={}): + def _vsnprintf(self, emu, argv, ctx: dict[str, str] | None = None): """ int _vsnprintf( char *buffer, @@ -180,6 +184,7 @@ def _vsnprintf(self, emu, argv, ctx={}): va_list argptr ); """ + ctx = ctx or {} buffer, count, _format, argptr = argv rv = 0 @@ -199,11 +204,12 @@ def _vsnprintf(self, emu, argv, ctx={}): return rv @apihook("vsprintf_s", argc=4, conv=_arch.CALL_CONV_CDECL) - def vsprintf_s(self, emu, argv, ctx={}): + def vsprintf_s(self, emu, argv, ctx: dict[str, str] | None = None): + ctx = ctx or {} return self._vsnprintf(emu, argv, ctx) @apihook("RtlAnsiStringToUnicodeString", argc=3) - def RtlAnsiStringToUnicodeString(self, emu, argv, ctx={}): + def RtlAnsiStringToUnicodeString(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI NTSTATUS RtlAnsiStringToUnicodeString( PUNICODE_STRING DestinationString, @@ -211,6 +217,7 @@ def RtlAnsiStringToUnicodeString(self, emu, argv, ctx={}): BOOLEAN AllocateDestinationString ); """ + ctx = ctx or {} dest, src, do_alloc = argv nts = ddk.STATUS_SUCCESS @@ -247,13 +254,14 @@ def RtlAnsiStringToUnicodeString(self, emu, argv, ctx={}): return nts @apihook("RtlInitAnsiString", argc=2) - def RtlInitAnsiString(self, emu, argv, ctx={}): + def RtlInitAnsiString(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI VOID RtlInitAnsiString( PANSI_STRING DestinationString, PCSZ SourceString ); """ + ctx = ctx or {} ansi = self.win.STRING(emu.get_ptr_size()) dest, src = argv @@ -270,13 +278,14 @@ def RtlInitAnsiString(self, emu, argv, ctx={}): argv[1] = ansi_str @apihook("RtlInitUnicodeString", argc=2) - def RtlInitUnicodeString(self, emu, argv, ctx={}): + def RtlInitUnicodeString(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI VOID RtlInitUnicodeString( PUNICODE_STRING DestinationString, PCWSTR SourceString ); """ + ctx = ctx or {} us = self.win.UNICODE_STRING(emu.get_ptr_size()) dest, src = argv @@ -298,12 +307,13 @@ def RtlInitUnicodeString(self, emu, argv, ctx={}): argv[1] = uni_str @apihook("RtlFreeUnicodeString", argc=1) - def RtlFreeUnicodeString(self, emu, argv, ctx={}): + def RtlFreeUnicodeString(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI VOID RtlFreeUnicodeString( PUNICODE_STRING UnicodeString ); """ + ctx = ctx or {} (UnicodeString,) = argv us_str = self.read_unicode_string(UnicodeString) @@ -314,7 +324,7 @@ def RtlFreeUnicodeString(self, emu, argv, ctx={}): self.mem_free(us.Buffer) @apihook("ExAllocatePoolWithTag", argc=3, conv=_arch.CALL_CONV_STDCALL) - def ExAllocatePoolWithTag(self, emu, argv, ctx={}): + def ExAllocatePoolWithTag(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI PVOID ExAllocatePoolWithTag( POOL_TYPE PoolType, @@ -322,6 +332,7 @@ def ExAllocatePoolWithTag(self, emu, argv, ctx={}): ULONG Tag ); """ + ctx = ctx or {} PoolType, NumberOfBytes, Tag = argv @@ -336,13 +347,14 @@ def ExAllocatePoolWithTag(self, emu, argv, ctx={}): return chunk @apihook("ExFreePoolWithTag", argc=2) - def ExFreePoolWithTag(self, emu, argv, ctx={}): + def ExFreePoolWithTag(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI VOID ExFreePoolWithTag( PVOID P, ULONG Tag ); """ + ctx = ctx or {} P, Tag = argv if Tag: @@ -354,30 +366,32 @@ def ExFreePoolWithTag(self, emu, argv, ctx={}): self.mem_free(P) @apihook("ExAllocatePool", argc=2) - def ExAllocatePool(self, emu, argv, ctx={}): + def ExAllocatePool(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI PVOID ExAllocatePool( POOL_TYPE PoolType, SIZE_T NumberOfBytes ); """ + ctx = ctx or {} PoolType, NumberOfBytes = argv chunk = self.pool_alloc(PoolType, NumberOfBytes, "None") return chunk @apihook("ExFreePool", argc=1) - def ExFreePool(self, emu, argv, ctx={}): + def ExFreePool(self, emu, argv, ctx: dict[str, str] | None = None): """ void ExFreePool( addr ); """ + ctx = ctx or {} (addr,) = argv self.mem_free(addr) @apihook("memmove", argc=3) - def memmove(self, emu, argv, ctx={}): + def memmove(self, emu, argv, ctx: dict[str, str] | None = None): """ void *memmove( void *dest, @@ -385,6 +399,7 @@ def memmove(self, emu, argv, ctx={}): size_t count ); """ + ctx = ctx or {} dest, src, count = argv data = self.mem_read(src, count) @@ -392,16 +407,17 @@ def memmove(self, emu, argv, ctx={}): return dest @apihook("IoDeleteDriver", argc=1) - def IoDeleteDriver(self, emu, argv, ctx={}): + def IoDeleteDriver(self, emu, argv, ctx: dict[str, str] | None = None): """ VOID IoDeleteDriver(PDRIVER_OBJECT DriverObject) """ + ctx = ctx or {} (drv,) = argv return @apihook("IoCreateDevice", argc=7) - def IoCreateDevice(self, emu, argv, ctx={}): + def IoCreateDevice(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS IoCreateDevice( PDRIVER_OBJECT DriverObject, @@ -413,6 +429,7 @@ def IoCreateDevice(self, emu, argv, ctx={}): PDEVICE_OBJECT *DeviceObject ); """ + ctx = ctx or {} nts = ddk.STATUS_SUCCESS drv, ext_size, name, devtype, chars, exclusive, out_addr = argv @@ -432,7 +449,7 @@ def IoCreateDevice(self, emu, argv, ctx={}): return nts @apihook("IoCreateDeviceSecure", argc=9) - def IoCreateDeviceSecure(self, emu, argv, ctx={}): + def IoCreateDeviceSecure(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS IoCreateDeviceSecure( _In_ PDRIVER_OBJECT DriverObject, @@ -446,6 +463,7 @@ def IoCreateDeviceSecure(self, emu, argv, ctx={}): _Out_ PDEVICE_OBJECT *DeviceObject ); """ + ctx = ctx or {} nts = ddk.STATUS_SUCCESS drv, ext_size, name, devtype, chars, exclusive, sddl, guid, out_addr = argv @@ -463,13 +481,14 @@ def IoCreateDeviceSecure(self, emu, argv, ctx={}): return nts @apihook("IoCreateSymbolicLink", argc=2) - def IoCreateSymbolicLink(self, emu, argv, ctx={}): + def IoCreateSymbolicLink(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS IoCreateSymbolicLink( PUNICODE_STRING SymbolicLinkName, PUNICODE_STRING DeviceName ); """ + ctx = ctx or {} SymbolicLinkName, DeviceName = argv link_name = self.read_unicode_string(SymbolicLinkName).replace("\x00", "") dev_name = self.read_unicode_string(DeviceName).replace("\x00", "") @@ -482,25 +501,27 @@ def IoCreateSymbolicLink(self, emu, argv, ctx={}): return nts @apihook("IofCompleteRequest", argc=2, conv=_arch.CALL_CONV_FASTCALL) - def IofCompleteRequest(self, emu, argv, ctx={}): + def IofCompleteRequest(self, emu, argv, ctx: dict[str, str] | None = None): """ VOID IoCompleteRequest( _In_ PIRP Irp, _In_ CCHAR PriorityBoost ); """ + ctx = ctx or {} pIrp, boost = argv argv[1] = 0xFF & argv[1] return @apihook("IoDeleteSymbolicLink", argc=1) - def IoDeleteSymbolicLink(self, emu, argv, ctx={}): + def IoDeleteSymbolicLink(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS IoDeleteSymbolicLink( PUNICODE_STRING SymbolicLinkName ); """ + ctx = ctx or {} nts = ddk.STATUS_SUCCESS SymbolicLinkName = argv[0] @@ -509,28 +530,31 @@ def IoDeleteSymbolicLink(self, emu, argv, ctx={}): return nts @apihook("KeInitializeMutex", argc=2) - def KeInitializeMutex(self, emu, argv, ctx={}): + def KeInitializeMutex(self, emu, argv, ctx: dict[str, str] | None = None): + ctx = ctx or {} return @apihook("IoDeleteDevice", argc=1) - def IoDeleteDevice(self, emu, argv, ctx={}): + def IoDeleteDevice(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI VOID IoDeleteDevice( __drv_freesMem(Mem)PDEVICE_OBJECT DeviceObject ); """ + ctx = ctx or {} nts = ddk.STATUS_SUCCESS # devobj = argv[0] return nts @apihook("MmIsAddressValid", argc=1) - def MmIsAddressValid(self, emu, argv, ctx={}): + def MmIsAddressValid(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLEAN MmIsAddressValid( PVOID VirtualAddress ); """ + ctx = ctx or {} rv = 0 (addr,) = argv @@ -539,7 +563,7 @@ def MmIsAddressValid(self, emu, argv, ctx={}): return rv @apihook("ZwQuerySystemInformation", argc=4) - def ZwQuerySystemInformation(self, emu, argv, ctx={}): + def ZwQuerySystemInformation(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS WINAPI ZwQuerySystemInformation( _In_ SYSTEM_INFORMATION_CLASS SystemInformationClass, @@ -548,6 +572,7 @@ def ZwQuerySystemInformation(self, emu, argv, ctx={}): _Out_opt_ PULONG ReturnLength ); """ + ctx = ctx or {} sysclass, sysinfo, syslen, retlen = argv size = 0 @@ -669,7 +694,7 @@ def ZwQuerySystemInformation(self, emu, argv, ctx={}): return nts @apihook("_allshl", argc=2, conv=_arch.CALL_CONV_CDECL) - def _allshl(self, emu, argv, ctx={}): + def _allshl(self, emu, argv, ctx: dict[str, str] | None = None): """ LONGLONG _allshl ( @@ -677,19 +702,21 @@ def _allshl(self, emu, argv, ctx={}): LONG b ) """ + ctx = ctx or {} a, b = argv rv = 0xFFFFFFFFFFFFFFFF & a << (0xFFFFFFFF & b) return rv @apihook("wcscpy", argc=2, conv=_arch.CALL_CONV_CDECL) - def wcscpy(self, emu, argv, ctx={}): + def wcscpy(self, emu, argv, ctx: dict[str, str] | None = None): """ wchar_t *wcscpy( wchar_t *strDestination, const wchar_t *strSource ); """ + ctx = ctx or {} dest, src = argv ws = self.read_wide_string(src) @@ -699,7 +726,7 @@ def wcscpy(self, emu, argv, ctx={}): return len(ws) @apihook("wcsncpy", argc=3, conv=_arch.CALL_CONV_CDECL) - def wcsncpy(self, emu, argv, ctx={}): + def wcsncpy(self, emu, argv, ctx: dict[str, str] | None = None): """ wchar_t *wcsncpy( wchar_t *strDest, @@ -707,6 +734,7 @@ def wcsncpy(self, emu, argv, ctx={}): size_t count ); """ + ctx = ctx or {} dest, src, count = argv ws = self.read_wide_string(src) @@ -715,7 +743,7 @@ def wcsncpy(self, emu, argv, ctx={}): return len(ws) @apihook("RtlMoveMemory", argc=3) - def RtlMoveMemory(self, emu, argv, ctx={}): + def RtlMoveMemory(self, emu, argv, ctx: dict[str, str] | None = None): """ void RtlMoveMemory( void* Destination, @@ -723,10 +751,11 @@ def RtlMoveMemory(self, emu, argv, ctx={}): size_t Length ); """ + ctx = ctx or {} self.memcpy(emu, argv) @apihook("memcpy", argc=3, conv=_arch.CALL_CONV_CDECL) - def memcpy(self, emu, argv, ctx={}): + def memcpy(self, emu, argv, ctx: dict[str, str] | None = None): """ void *memcpy( void *dest, @@ -734,6 +763,7 @@ def memcpy(self, emu, argv, ctx={}): size_t count ); """ + ctx = ctx or {} dest, src, count = argv data = self.mem_read(src, count) @@ -741,7 +771,7 @@ def memcpy(self, emu, argv, ctx={}): return dest @apihook("memset", argc=3, conv=_arch.CALL_CONV_CDECL) - def memset(self, emu, argv, ctx={}): + def memset(self, emu, argv, ctx: dict[str, str] | None = None): """ void *memset( void *dest, @@ -749,6 +779,7 @@ def memset(self, emu, argv, ctx={}): size_t count ); """ + ctx = ctx or {} dest, c, count = argv data = c.to_bytes(1, "little") @@ -756,7 +787,7 @@ def memset(self, emu, argv, ctx={}): return dest @apihook("sprintf", argc=_arch.VAR_ARGS, conv=_arch.CALL_CONV_CDECL) - def sprintf(self, emu, argv, ctx={}): + def sprintf(self, emu, argv, ctx: dict[str, str] | None = None): """ int sprintf( char *buffer, @@ -764,6 +795,7 @@ def sprintf(self, emu, argv, ctx={}): argument] ... ); """ + ctx = ctx or {} buf, fmt = emu.get_func_argv(_arch.CALL_CONV_CDECL, 2) fmt_str = self.read_string(fmt) fmt_cnt = self.get_va_arg_count(fmt_str) @@ -780,7 +812,7 @@ def sprintf(self, emu, argv, ctx={}): return len(fin) @apihook("_snprintf", argc=_arch.VAR_ARGS, conv=_arch.CALL_CONV_CDECL) - def _snprintf(self, emu, argv, ctx={}): + def _snprintf(self, emu, argv, ctx: dict[str, str] | None = None): """ int _snprintf( char *buffer, @@ -789,6 +821,7 @@ def _snprintf(self, emu, argv, ctx={}): argument] ... ); """ + ctx = ctx or {} buf, cnt, fmt = emu.get_func_argv(_arch.CALL_CONV_CDECL, 3) fmt_str = self.read_string(fmt) fmt_cnt = self.get_va_arg_count(fmt_str) @@ -805,12 +838,13 @@ def _snprintf(self, emu, argv, ctx={}): return len(fin) @apihook("wcslen", argc=1, conv=_arch.CALL_CONV_CDECL) - def wcslen(self, emu, argv, ctx={}): + def wcslen(self, emu, argv, ctx: dict[str, str] | None = None): """ size_t wcslen( const wchar_t *str ); """ + ctx = ctx or {} string = argv[0] ws = self.read_wide_string(string) @@ -823,13 +857,14 @@ def wcslen(self, emu, argv, ctx={}): return slen @apihook("wcschr", argc=2, conv=_arch.CALL_CONV_CDECL) - def wcschr(self, emu, argv, ctx={}): + def wcschr(self, emu, argv, ctx: dict[str, str] | None = None): """ wchar_t *wcschr( const wchar_t *str, wchar_t c ); """ + ctx = ctx or {} wstr, c = argv ws = self.read_wide_string(wstr) hay = ws.encode("utf-16le") @@ -847,13 +882,14 @@ def wcschr(self, emu, argv, ctx={}): return rv @apihook("wcscat", argc=2, conv=_arch.CALL_CONV_CDECL) - def wcscat(self, emu, argv, ctx={}): + def wcscat(self, emu, argv, ctx: dict[str, str] | None = None): """ wchar_t *wcscat( wchar_t *strDestination, const wchar_t *strSource ); """ + ctx = ctx or {} dest, src = argv sws = self.read_wide_string(src) dws = self.read_wide_string(dest) @@ -870,13 +906,14 @@ def wcscat(self, emu, argv, ctx={}): return dest @apihook("strrchr", argc=2, conv=_arch.CALL_CONV_CDECL) - def strrchr(self, emu, argv, ctx={}): + def strrchr(self, emu, argv, ctx: dict[str, str] | None = None): """ char *strrchr( const char *str, int c ); """ + ctx = ctx or {} cstr, c = argv cs = self.read_string(cstr) hay = cs.encode("utf-8") @@ -894,13 +931,14 @@ def strrchr(self, emu, argv, ctx={}): return rv @apihook("strchr", argc=2, conv=_arch.CALL_CONV_CDECL) - def strchr(self, emu, argv, ctx={}): + def strchr(self, emu, argv, ctx: dict[str, str] | None = None): """ char *strchr( const char *str, int c ); """ + ctx = ctx or {} cstr, c = argv cs = self.read_string(cstr) hay = cs.encode("utf-8") @@ -918,7 +956,7 @@ def strchr(self, emu, argv, ctx={}): return rv @apihook("_wcsnicmp", argc=3, conv=_arch.CALL_CONV_CDECL) - def _wcsnicmp(self, emu, argv, ctx={}): + def _wcsnicmp(self, emu, argv, ctx: dict[str, str] | None = None): """ int _wcsnicmp( const wchar_t *string1, @@ -926,6 +964,7 @@ def _wcsnicmp(self, emu, argv, ctx={}): size_t count ); """ + ctx = ctx or {} string1, string2, count = argv rv = 1 @@ -941,13 +980,14 @@ def _wcsnicmp(self, emu, argv, ctx={}): return rv @apihook("_stricmp", argc=2, conv=_arch.CALL_CONV_CDECL) - def _stricmp(self, emu, argv, ctx={}): + def _stricmp(self, emu, argv, ctx: dict[str, str] | None = None): """ int _stricmp( const char *string1, const char *string2 ); """ + ctx = ctx or {} string1, string2 = argv rv = 1 @@ -966,13 +1006,14 @@ def _stricmp(self, emu, argv, ctx={}): return rv @apihook("_wcsicmp", argc=2, conv=_arch.CALL_CONV_CDECL) - def _wcsicmp(self, emu, argv, ctx={}): + def _wcsicmp(self, emu, argv, ctx: dict[str, str] | None = None): """ int _wcsicmp( const wchar_t *string1, const wchar_t *string2 ); """ + ctx = ctx or {} string1, string2 = argv rv = 1 @@ -988,7 +1029,7 @@ def _wcsicmp(self, emu, argv, ctx={}): return rv @apihook("PsCreateSystemThread", argc=7) - def PsCreateSystemThread(self, emu, argv, ctx={}): + def PsCreateSystemThread(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS PsCreateSystemThread( PHANDLE ThreadHandle, @@ -1000,6 +1041,7 @@ def PsCreateSystemThread(self, emu, argv, ctx={}): PVOID StartContext ); """ + ctx = ctx or {} hThrd, access, objattr, hProc, client_id, start, startctx = argv rv = ddk.STATUS_SUCCESS @@ -1020,13 +1062,14 @@ def PsCreateSystemThread(self, emu, argv, ctx={}): return rv @apihook("RtlCopyUnicodeString", argc=2) - def RtlCopyUnicodeString(self, emu, argv, ctx={}): + def RtlCopyUnicodeString(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI VOID RtlCopyUnicodeString( PUNICODE_STRING DestinationString, PCUNICODE_STRING SourceString ); """ + ctx = ctx or {} dest_str, src_str = argv dest = self.win.UNICODE_STRING(emu.get_ptr_size()) @@ -1053,7 +1096,7 @@ def RtlCopyUnicodeString(self, emu, argv, ctx={}): return @apihook("RtlEqualUnicodeString", argc=3) - def RtlEqualUnicodeString(self, emu, argv, ctx={}): + def RtlEqualUnicodeString(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI BOOLEAN RtlEqualUnicodeString( PCUNICODE_STRING String1, @@ -1061,6 +1104,7 @@ def RtlEqualUnicodeString(self, emu, argv, ctx={}): BOOLEAN CaseInSensitive ); """ + ctx = ctx or {} str1, str2, ci = argv us = self.win.UNICODE_STRING(emu.get_ptr_size()) @@ -1079,13 +1123,14 @@ def RtlEqualUnicodeString(self, emu, argv, ctx={}): return int(rv) @apihook("IoAllocateIrp", argc=2) - def IoAllocateIrp(self, emu, argv, ctx={}): + def IoAllocateIrp(self, emu, argv, ctx: dict[str, str] | None = None): """ PIRP IoAllocateIrp( CCHAR StackSize, BOOLEAN ChargeQuota ); """ + ctx = ctx or {} StackSize, ChargeQuota = argv StackSize = StackSize & 0xFF @@ -1098,30 +1143,32 @@ def IoAllocateIrp(self, emu, argv, ctx={}): return rv @apihook("IoFreeIrp", argc=1) - def IoFreeIrp(self, emu, argv, ctx={}): + def IoFreeIrp(self, emu, argv, ctx: dict[str, str] | None = None): """ void IoFreeIrp( PIRP Irp ); """ + ctx = ctx or {} (Irp,) = argv return @apihook("IoReuseIrp", argc=2) - def IoReuseIrp(self, emu, argv, ctx={}): + def IoReuseIrp(self, emu, argv, ctx: dict[str, str] | None = None): """ void IoReuseIrp( PIRP Irp, NTSTATUS Iostatus ); """ + ctx = ctx or {} Irp, Iostatus = argv return @apihook("IoAllocateMdl", argc=5) - def IoAllocateMdl(self, emu, argv, ctx={}): + def IoAllocateMdl(self, emu, argv, ctx: dict[str, str] | None = None): """ PMDL IoAllocateMdl( __drv_aliasesMem PVOID VirtualAddress, @@ -1131,6 +1178,7 @@ def IoAllocateMdl(self, emu, argv, ctx={}): PIRP Irp ); """ + ctx = ctx or {} va, length, sec_buf, quota, irp = argv mdl = self.win.MDL(emu.get_ptr_size()) @@ -1148,7 +1196,7 @@ def IoAllocateMdl(self, emu, argv, ctx={}): return ptr @apihook("MmProbeAndLockPages", argc=3) - def MmProbeAndLockPages(self, emu, argv, ctx={}): + def MmProbeAndLockPages(self, emu, argv, ctx: dict[str, str] | None = None): """ void MmProbeAndLockPages( PMDL MemoryDescriptorList, @@ -1156,10 +1204,11 @@ def MmProbeAndLockPages(self, emu, argv, ctx={}): LOCK_OPERATION Operation ); """ + ctx = ctx or {} return @apihook("KeDelayExecutionThread", argc=3) - def KeDelayExecutionThread(self, emu, argv, ctx={}): + def KeDelayExecutionThread(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS KeDelayExecutionThread( KPROCESSOR_MODE WaitMode, @@ -1167,13 +1216,14 @@ def KeDelayExecutionThread(self, emu, argv, ctx={}): PLARGE_INTEGER Interval ); """ + ctx = ctx or {} mode, alert, interval = argv rv = ddk.STATUS_SUCCESS return rv @apihook("KeSetEvent", argc=3) - def KeSetEvent(self, emu, argv, ctx={}): + def KeSetEvent(self, emu, argv, ctx: dict[str, str] | None = None): """ LONG KeSetEvent( PRKEVENT Event, @@ -1181,19 +1231,21 @@ def KeSetEvent(self, emu, argv, ctx={}): BOOLEAN Wait ); """ + ctx = ctx or {} Event, Increment, Wait = argv rv = 0 return rv @apihook("IoCreateSynchronizationEvent", argc=2) - def IoCreateSynchronizationEvent(self, emu, argv, ctx={}): + def IoCreateSynchronizationEvent(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI PKEVENT IoCreateSynchronizationEvent( PUNICODE_STRING EventName, PHANDLE EventHandle ); """ + ctx = ctx or {} EventName, EventHandle = argv name = self.read_unicode_string(EventName) @@ -1207,7 +1259,7 @@ def IoCreateSynchronizationEvent(self, emu, argv, ctx={}): return evt.address @apihook("KeInitializeEvent", argc=3) - def KeInitializeEvent(self, emu, argv, ctx={}): + def KeInitializeEvent(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI VOID KeInitializeEvent( PRKEVENT Event, @@ -1215,40 +1267,44 @@ def KeInitializeEvent(self, emu, argv, ctx={}): BOOLEAN State ); """ + ctx = ctx or {} return @apihook("KeResetEvent", argc=1) - def KeResetEvent(self, emu, argv, ctx={}): + def KeResetEvent(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI LONG KeResetEvent( PRKEVENT Event ); """ + ctx = ctx or {} rv = 0 return rv @apihook("KeClearEvent", argc=1) - def KeClearEvent(self, emu, argv, ctx={}): + def KeClearEvent(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI VOID KeClearEvent( PRKEVENT Event ); """ + ctx = ctx or {} return @apihook("KeInitializeTimer", argc=1) - def KeInitializeTimer(self, emu, argv, ctx={}): + def KeInitializeTimer(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI VOID KeInitializeTimer( PKTIMER Timer ); """ + ctx = ctx or {} return @apihook("KeSetTimer", argc=3) - def KeSetTimer(self, emu, argv, ctx={}): + def KeSetTimer(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI BOOLEAN KeSetTimer( PKTIMER Timer, @@ -1256,16 +1312,18 @@ def KeSetTimer(self, emu, argv, ctx={}): PKDPC Dpc ); """ + ctx = ctx or {} return True @apihook("PsLookupProcessByProcessId", argc=2) - def PsLookupProcessByProcessId(self, emu, argv, ctx={}): + def PsLookupProcessByProcessId(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS PsLookupProcessByProcessId( HANDLE ProcessId, PEPROCESS *Process ); """ + ctx = ctx or {} ProcessId, Process = argv rv = ddk.STATUS_SUCCESS @@ -1285,7 +1343,7 @@ def PsLookupProcessByProcessId(self, emu, argv, ctx={}): return rv @apihook("ObOpenObjectByPointer", argc=7) - def ObOpenObjectByPointer(self, emu, argv, ctx={}): + def ObOpenObjectByPointer(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS ObOpenObjectByPointer( PVOID Object, @@ -1297,6 +1355,7 @@ def ObOpenObjectByPointer(self, emu, argv, ctx={}): PHANDLE Handle ); """ + ctx = ctx or {} Object, HandleAttributes, pAccess, dAccess, ObjectType, AccessMode, Handle = argv rv = ddk.STATUS_SUCCESS @@ -1309,12 +1368,13 @@ def ObOpenObjectByPointer(self, emu, argv, ctx={}): return rv @apihook("PsGetProcessPeb", argc=1) - def PsGetProcessPeb(self, emu, argv, ctx={}): + def PsGetProcessPeb(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI PPEB PsGetProcessPeb( PEPROCESS Object, ); """ + ctx = ctx or {} Object = argv[0] proc = self.get_object_from_addr(Object) @@ -1322,13 +1382,14 @@ def PsGetProcessPeb(self, emu, argv, ctx={}): return peb.address @apihook("KeStackAttachProcess", argc=2) - def KeStackAttachProcess(self, emu, argv, ctx={}): + def KeStackAttachProcess(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI VOID KeStackAttachProcess( PRKPROCESS PROCESS, PRKAPC_STATE ApcState ); """ + ctx = ctx or {} Process, ApcState = argv @@ -1336,17 +1397,18 @@ def KeStackAttachProcess(self, emu, argv, ctx={}): emu.set_current_process(proc) @apihook("KeUnstackDetachProcess", argc=1) - def KeUnstackDetachProcess(self, emu, argv, ctx={}): + def KeUnstackDetachProcess(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI VOID KeUnstackDetachProcess( PRKAPC_STATE ApcState ); """ + ctx = ctx or {} # ApcState = argv[0] return @apihook("ZwProtectVirtualMemory", argc=5) - def ZwProtectVirtualMemory(self, emu, argv, ctx={}): + def ZwProtectVirtualMemory(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS ZwProtectVirtualMemory( IN HANDLE ProcessHandle, @@ -1356,6 +1418,7 @@ def ZwProtectVirtualMemory(self, emu, argv, ctx={}): OUT PULONG OldAccessProtection ) """ + ctx = ctx or {} hnd, base, byte_len, new_prot, old_prot = argv if base: @@ -1370,7 +1433,7 @@ def ZwProtectVirtualMemory(self, emu, argv, ctx={}): return rv @apihook("ZwWriteVirtualMemory", argc=5) - def ZwWriteVirtualMemory(self, emu, argv, ctx={}): + def ZwWriteVirtualMemory(self, emu, argv, ctx: dict[str, str] | None = None): """ ZwWriteVirtualMemory( HANDLE ProcessHandle, @@ -1379,6 +1442,7 @@ def ZwWriteVirtualMemory(self, emu, argv, ctx={}): ULONG NumberOfBytesToWrite, PULONG NumberOfBytesWritten); """ + ctx = ctx or {} rv = ddk.STATUS_SUCCESS hProcess, lpBaseAddress, lpBuffer, nSize, lpNumberOfBytesWritten = argv rv = False @@ -1406,7 +1470,7 @@ def ZwWriteVirtualMemory(self, emu, argv, ctx={}): return rv @apihook("ZwAllocateVirtualMemory", argc=6) - def ZwAllocateVirtualMemory(self, emu, argv, ctx={}): + def ZwAllocateVirtualMemory(self, emu, argv, ctx: dict[str, str] | None = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS ZwAllocateVirtualMemory( HANDLE ProcessHandle, @@ -1417,6 +1481,7 @@ def ZwAllocateVirtualMemory(self, emu, argv, ctx={}): ULONG Protect ); """ + ctx = ctx or {} ProcessHandle, BaseAddress, ZeroBits, RegionSize, Type, Protect = argv rv = ddk.STATUS_SUCCESS @@ -1438,13 +1503,14 @@ def ZwAllocateVirtualMemory(self, emu, argv, ctx={}): return rv @apihook("PsLookupThreadByThreadId", argc=2) - def PsLookupThreadByThreadId(self, emu, argv, ctx={}): + def PsLookupThreadByThreadId(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS PsLookupThreadByThreadId( HANDLE ThreadId, PETHREAD *Thread ); """ + ctx = ctx or {} ThreadId, pThread = argv rv = ddk.STATUS_INVALID_PARAMETER @@ -1460,12 +1526,13 @@ def PsLookupThreadByThreadId(self, emu, argv, ctx={}): return rv @apihook("RtlGetVersion", argc=1) - def RtlGetVersion(self, emu, argv, ctx={}): + def RtlGetVersion(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI NTSTATUS RtlGetVersion( PRTL_OSVERSIONINFOW lpVersionInformation ); """ + ctx = ctx or {} lpVersionInformation = argv[0] rv = ddk.STATUS_SUCCESS @@ -1488,7 +1555,7 @@ def RtlGetVersion(self, emu, argv, ctx={}): return rv @apihook("KeWaitForSingleObject", argc=5) - def KeWaitForSingleObject(self, emu, argv, ctx={}): + def KeWaitForSingleObject(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS KeWaitForSingleObject( PVOID Object, @@ -1498,13 +1565,14 @@ def KeWaitForSingleObject(self, emu, argv, ctx={}): PLARGE_INTEGER Timeout ); """ + ctx = ctx or {} Object, WaitReason, WaitMode, Alertable, Timeout = argv rv = ddk.STATUS_SUCCESS return rv @apihook("KeInitializeApc", argc=8) - def KeInitializeApc(self, emu, argv, ctx={}): + def KeInitializeApc(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI VOID KeInitializeApc( PKAPC Apc, @@ -1517,6 +1585,7 @@ def KeInitializeApc(self, emu, argv, ctx={}): PVOID NormalContext ); """ + ctx = ctx or {} pApc, Thread, env, KernelRoutine, rundown, NormalRoutine, procmode, ctx = argv apc = self.win.KAPC(emu.get_ptr_size()) @@ -1532,7 +1601,7 @@ def KeInitializeApc(self, emu, argv, ctx={}): apc.NormalContext = ctx @apihook("MmMapLockedPagesSpecifyCache", argc=6) - def MmMapLockedPagesSpecifyCache(self, emu, argv, ctx={}): + def MmMapLockedPagesSpecifyCache(self, emu, argv, ctx: dict[str, str] | None = None): """ PVOID MmMapLockedPagesSpecifyCache( PMDL MemoryDescriptorList, @@ -1543,6 +1612,7 @@ def MmMapLockedPagesSpecifyCache(self, emu, argv, ctx={}): ULONG Priority ); """ + ctx = ctx or {} p_mdl, am, ctype, addr, bugcheck, priority = argv rv = 0 @@ -1553,7 +1623,7 @@ def MmMapLockedPagesSpecifyCache(self, emu, argv, ctx={}): return rv @apihook("KeInsertQueueApc", argc=4) - def KeInsertQueueApc(self, emu, argv, ctx={}): + def KeInsertQueueApc(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI BOOLEAN KeInsertQueueApc( PKAPC Apc, @@ -1561,13 +1631,14 @@ def KeInsertQueueApc(self, emu, argv, ctx={}): PVOID SystemArgument2, KPRIORITY PriorityBoost) """ + ctx = ctx or {} Apc, SystemArgument1, SystemArgument2, PriorityBoost = argv rv = True return rv @apihook("KeInitializeDpc", argc=3) - def KeInitializeDpc(self, emu, argv, ctx={}): + def KeInitializeDpc(self, emu, argv, ctx: dict[str, str] | None = None): """ void KeInitializeDpc( __drv_aliasesMem PRKDPC Dpc, @@ -1575,12 +1646,13 @@ def KeInitializeDpc(self, emu, argv, ctx={}): __drv_aliasesMem PVOID DeferredContext ); """ + ctx = ctx or {} Dpc, DeferredRoutine, DeferredContext = argv return @apihook("ObReferenceObjectByName", argc=8) - def ObReferenceObjectByName(self, emu, argv, ctx={}): + def ObReferenceObjectByName(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS NTAPI @@ -1595,6 +1667,7 @@ def ObReferenceObjectByName(self, emu, argv, ctx={}): PVOID* ObjectPtr ); """ + ctx = ctx or {} ObjectName, Attributes, Passed, DesiredAccess, objtype, Access, ParseContext, objptr = argv rv = ddk.STATUS_INVALID_PARAMETER obj = None @@ -1620,7 +1693,7 @@ def ObReferenceObjectByName(self, emu, argv, ctx={}): return rv @apihook("IoGetDeviceObjectPointer", argc=4) - def IoGetDeviceObjectPointer(self, emu, argv, ctx={}): + def IoGetDeviceObjectPointer(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS IoGetDeviceObjectPointer( PUNICODE_STRING ObjectName, @@ -1629,6 +1702,7 @@ def IoGetDeviceObjectPointer(self, emu, argv, ctx={}): PDEVICE_OBJECT *DeviceObject ); """ + ctx = ctx or {} ObjectName, DesiredAccess, pFileObject, pDeviceObject = argv rv = ddk.STATUS_INVALID_PARAMETER @@ -1645,19 +1719,20 @@ def IoGetDeviceObjectPointer(self, emu, argv, ctx={}): return rv @apihook("PsTerminateSystemThread", argc=1) - def PsTerminateSystemThread(self, emu, argv, ctx={}): + def PsTerminateSystemThread(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS PsTerminateSystemThread( NTSTATUS ExitStatus ); """ + ctx = ctx or {} # ExitStatus = argv[0] rv = ddk.STATUS_SUCCESS return rv @apihook("IoRegisterBootDriverReinitialization", argc=3) - def IoRegisterBootDriverReinitialization(self, emu, argv, ctx={}): + def IoRegisterBootDriverReinitialization(self, emu, argv, ctx: dict[str, str] | None = None): """ void IoRegisterBootDriverReinitialization( PDRIVER_OBJECT DriverObject, @@ -1665,6 +1740,7 @@ def IoRegisterBootDriverReinitialization(self, emu, argv, ctx={}): PVOID Context ); """ + ctx = ctx or {} DriverObject, routine, context = argv @@ -1673,14 +1749,15 @@ def IoRegisterBootDriverReinitialization(self, emu, argv, ctx={}): return @apihook("KdDisableDebugger", argc=0) - def KdDisableDebugger(self, emu, argv, ctx={}): + def KdDisableDebugger(self, emu, argv, ctx: dict[str, str] | None = None): """NTKERNELAPI NTSTATUS KdDisableDebugger();""" + ctx = ctx or {} rv = ddk.STATUS_DEBUGGER_INACTIVE return rv @apihook("KdChangeOption", argc=0) - def KdChangeOption(self, emu, argv, ctx={}): + def KdChangeOption(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS KdChangeOption( KD_OPTION Option, @@ -1691,17 +1768,19 @@ def KdChangeOption(self, emu, argv, ctx={}): PULONG OutBufferNeeded ); """ + ctx = ctx or {} rv = ddk.STATUS_DEBUGGER_INACTIVE return rv @apihook("MmGetSystemRoutineAddress", argc=1) - def MmGetSystemRoutineAddress(self, emu, argv, ctx={}): + def MmGetSystemRoutineAddress(self, emu, argv, ctx: dict[str, str] | None = None): """ DECLSPEC_IMPORT PVOID MmGetSystemRoutineAddress( PUNICODE_STRING SystemRoutineName ); """ + ctx = ctx or {} (SystemRoutineName,) = argv fn = self.read_unicode_string(SystemRoutineName) @@ -1710,38 +1789,41 @@ def MmGetSystemRoutineAddress(self, emu, argv, ctx={}): return addr @apihook("KeQuerySystemTime", argc=1) - def KeQuerySystemTime(self, emu, argv, ctx={}): + def KeQuerySystemTime(self, emu, argv, ctx: dict[str, str] | None = None): """ void KeQuerySystemTime( PLARGE_INTEGER CurrentTime ); """ + ctx = ctx or {} (CurrentTime,) = argv data = emu.get_system_time() data = data.to_bytes(8, "little") self.mem_write(CurrentTime, data) @apihook("RtlTimeToTimeFields", argc=2) - def RtlTimeToTimeFields(self, emu, argv, ctx={}): + def RtlTimeToTimeFields(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI VOID RtlTimeToTimeFields( PLARGE_INTEGER Time, PTIME_FIELDS TimeFields ); """ + ctx = ctx or {} Time, TimeFields = argv sys_time = self.mem_read(Time, 8) sys_time @apihook("ExSystemTimeToLocalTime", argc=2) - def ExSystemTimeToLocalTime(self, emu, argv, ctx={}): + def ExSystemTimeToLocalTime(self, emu, argv, ctx: dict[str, str] | None = None): """ void ExSystemTimeToLocalTime( PLARGE_INTEGER SystemTime, PLARGE_INTEGER LocalTime ); """ + ctx = ctx or {} SystemTime, LocalTime = argv sys_time = self.mem_read(SystemTime, 8) @@ -1749,7 +1831,7 @@ def ExSystemTimeToLocalTime(self, emu, argv, ctx={}): self.mem_write(LocalTime, int_sys_time.to_bytes(8, "little")) @apihook("CmRegisterCallbackEx", argc=6) - def CmRegisterCallbackEx(self, emu, argv, ctx={}): + def CmRegisterCallbackEx(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS CmRegisterCallbackEx( PEX_CALLBACK_FUNCTION Function, @@ -1760,13 +1842,14 @@ def CmRegisterCallbackEx(self, emu, argv, ctx={}): PVOID Reserved ); """ + ctx = ctx or {} # TODO: Emulate the callback routine rv = ddk.STATUS_SUCCESS return rv @apihook("CmRegisterCallback", argc=3) - def CmRegisterCallback(self, emu, argv, ctx={}): + def CmRegisterCallback(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS CmRegisterCallback( PEX_CALLBACK_FUNCTION Function, @@ -1774,6 +1857,7 @@ def CmRegisterCallback(self, emu, argv, ctx={}): PLARGE_INTEGER Cookie ); """ + ctx = ctx or {} # TODO: Emulate the callback routine Function, Context, Cookie = argv @@ -1782,19 +1866,20 @@ def CmRegisterCallback(self, emu, argv, ctx={}): return rv @apihook("CmUnRegisterCallback", argc=1) - def CmUnRegisterCallback(self, emu, argv, ctx={}): + def CmUnRegisterCallback(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS CmUnRegisterCallback( LARGE_INTEGER Cookie ); """ + ctx = ctx or {} (Cookie,) = argv rv = ddk.STATUS_SUCCESS return rv @apihook("EtwRegister", argc=4) - def EtwRegister(self, emu, argv, ctx={}): + def EtwRegister(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS EtwRegister( LPCGUID ProviderId, @@ -1803,6 +1888,7 @@ def EtwRegister(self, emu, argv, ctx={}): PREGHANDLE RegHandle ); """ + ctx = ctx or {} ProviderId, EnableCallback, CallbackContext, RegHandle = argv rv = ddk.STATUS_SUCCESS @@ -1814,7 +1900,7 @@ def EtwRegister(self, emu, argv, ctx={}): return rv @apihook("RtlImageDirectoryEntryToData", argc=4) - def RtlImageDirectoryEntryToData(self, emu, argv, ctx={}): + def RtlImageDirectoryEntryToData(self, emu, argv, ctx: dict[str, str] | None = None): """ PVOID IMAGEAPI ImageDirectoryEntryToData( PVOID Base, @@ -1823,6 +1909,7 @@ def RtlImageDirectoryEntryToData(self, emu, argv, ctx={}): PULONG Size ); """ + ctx = ctx or {} Base, MappedAsImage, DirectoryEntry, Size = argv MappedAsImage &= 0xFF @@ -1835,7 +1922,7 @@ def RtlImageDirectoryEntryToData(self, emu, argv, ctx={}): return rv @apihook("ZwOpenEvent", argc=3) - def ZwOpenEvent(self, emu, argv, ctx={}): + def ZwOpenEvent(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSCALLAPI NTSTATUS ZwOpenEvent( PHANDLE EventHandle, @@ -1843,6 +1930,7 @@ def ZwOpenEvent(self, emu, argv, ctx={}): POBJECT_ATTRIBUTES ObjectAttributes ); """ + ctx = ctx or {} EventHandle, DesiredAccess, ObjectAttributes = argv oa = self.win.OBJECT_ATTRIBUTES(emu.get_ptr_size()) @@ -1862,7 +1950,7 @@ def ZwOpenEvent(self, emu, argv, ctx={}): return rv @apihook("ZwCreateEvent", argc=5) - def ZwCreateEvent(self, emu, argv, ctx={}): + def ZwCreateEvent(self, emu, argv, ctx: dict[str, str] | None = None): """NTSYSAPI NTSTATUS ZwCreateEvent( PHANDLE EventHandle, ACCESS_MASK DesiredAccess, @@ -1871,6 +1959,7 @@ def ZwCreateEvent(self, emu, argv, ctx={}): BOOLEAN InitialState ); """ + ctx = ctx or {} EventHandle, access, objattr, evttype, state = argv @@ -1889,98 +1978,107 @@ def ZwCreateEvent(self, emu, argv, ctx={}): return rv @apihook("ExInitializeResourceLite", argc=1) - def ExInitializeResourceLite(self, emu, argv, ctx={}): + def ExInitializeResourceLite(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS ExInitializeResourceLite( PERESOURCE Resource ); """ + ctx = ctx or {} (Resource,) = argv return ddk.STATUS_SUCCESS @apihook("KeEnterCriticalRegion", argc=0) - def KeEnterCriticalRegion(self, emu, argv, ctx={}): + def KeEnterCriticalRegion(self, emu, argv, ctx: dict[str, str] | None = None): """NTKERNELAPI VOID KeEnterCriticalRegion();""" + ctx = ctx or {} return @apihook("ExAcquireResourceExclusiveLite", argc=2) - def ExAcquireResourceExclusiveLite(self, emu, argv, ctx={}): + def ExAcquireResourceExclusiveLite(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLEAN ExAcquireResourceExclusiveLite( PERESOURCE Resource, BOOLEAN Wait ); """ + ctx = ctx or {} rv = True return rv @apihook("ExAcquireResourceSharedLite", argc=2) - def ExAcquireResourceSharedLite(self, emu, argv, ctx={}): + def ExAcquireResourceSharedLite(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLEAN ExAcquireResourceSharedLite( _Inout_ PERESOURCE Resource, _In_ BOOLEAN Wait ); """ + ctx = ctx or {} rv = True return rv @apihook("ExReleaseResourceLite", argc=1, conv=_arch.CALL_CONV_FASTCALL) - def ExReleaseResourceLite(self, emu, argv, ctx={}): + def ExReleaseResourceLite(self, emu, argv, ctx: dict[str, str] | None = None): """ VOID ExReleaseResourceLite( _Inout_ PERESOURCE Resource ); """ + ctx = ctx or {} return @apihook("ExAcquireFastMutex", argc=1) - def ExAcquireFastMutex(self, emu, argv, ctx={}): + def ExAcquireFastMutex(self, emu, argv, ctx: dict[str, str] | None = None): """ VOID ExAcquireFastMutex( _Inout_ PFAST_MUTEX FastMutex ); """ + ctx = ctx or {} (FastMutex,) = argv return @apihook("ExReleaseFastMutex", argc=1) - def ExReleaseFastMutex(self, emu, argv, ctx={}): + def ExReleaseFastMutex(self, emu, argv, ctx: dict[str, str] | None = None): """ VOID ExReleaseFastMutex( _Inout_ PFAST_MUTEX FastMutex ); """ + ctx = ctx or {} (FastMutex,) = argv return @apihook("ObfReferenceObject", argc=1) - def ObfReferenceObject(self, emu, argv, ctx={}): + def ObfReferenceObject(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI LONG_PTR ObfReferenceObject( PVOID Object ); """ + ctx = ctx or {} return 0 @apihook("RtlLengthRequiredSid", argc=1) - def RtlLengthRequiredSid(self, emu, argv, ctx={}): + def RtlLengthRequiredSid(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI ULONG RtlLengthRequiredSid( ULONG SubAuthorityCount ); """ + ctx = ctx or {} (count,) = argv rv = count * 16 return rv @apihook("RtlInitializeSid", argc=3) - def RtlInitializeSid(self, emu, argv, ctx={}): + def RtlInitializeSid(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI NTSTATUS RtlInitializeSid( PSID Sid, @@ -1988,26 +2086,28 @@ def RtlInitializeSid(self, emu, argv, ctx={}): UCHAR SubAuthorityCount ); """ + ctx = ctx or {} # TODO, unimplemented rv = ddk.STATUS_SUCCESS return rv @apihook("RtlSubAuthoritySid", argc=2) - def RtlSubAuthoritySid(self, emu, argv, ctx={}): + def RtlSubAuthoritySid(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI PULONG RtlSubAuthoritySid( PSID Sid, ULONG SubAuthority ); """ + ctx = ctx or {} # TODO, unimplemented sid, sub_auth = argv return sid @apihook("RtlCreateAcl", argc=3) - def RtlCreateAcl(self, emu, argv, ctx={}): + def RtlCreateAcl(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI NTSTATUS RtlCreateAcl( PACL Acl, @@ -2015,6 +2115,7 @@ def RtlCreateAcl(self, emu, argv, ctx={}): ULONG AclRevision ); """ + ctx = ctx or {} # TODO, unimplemented acl, acl_len, acl_rev = argv rv = ddk.STATUS_SUCCESS @@ -2022,7 +2123,7 @@ def RtlCreateAcl(self, emu, argv, ctx={}): return rv @apihook("RtlSetDaclSecurityDescriptor", argc=4) - def RtlSetDaclSecurityDescriptor(self, emu, argv, ctx={}): + def RtlSetDaclSecurityDescriptor(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI NTSTATUS RtlSetDaclSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor, @@ -2031,6 +2132,7 @@ def RtlSetDaclSecurityDescriptor(self, emu, argv, ctx={}): BOOLEAN DaclDefaulted ); """ + ctx = ctx or {} # TODO, unimplemented sec_desc, dacl_present, dacl, dacl_default = argv rv = ddk.STATUS_SUCCESS @@ -2038,13 +2140,14 @@ def RtlSetDaclSecurityDescriptor(self, emu, argv, ctx={}): return rv @apihook("ObSetSecurityObjectByPointer", argc=3) - def ObSetSecurityObjectByPointer(self, emu, argv, ctx={}): + def ObSetSecurityObjectByPointer(self, emu, argv, ctx: dict[str, str] | None = None): """ ObSetSecurityObjectByPointer(IN PVOID Object, IN SECURITY_INFORMATION SecurityInformation, IN PSECURITY_DESCRIPTOR SecurityDescriptor) ); """ + ctx = ctx or {} # TODO, unimplemented Object, SecurityInformation, SecurityDescriptor = argv rv = ddk.STATUS_SUCCESS @@ -2052,13 +2155,14 @@ def ObSetSecurityObjectByPointer(self, emu, argv, ctx={}): return rv @apihook("RtlCreateSecurityDescriptor", argc=2) - def RtlCreateSecurityDescriptor(self, emu, argv, ctx={}): + def RtlCreateSecurityDescriptor(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI NTSTATUS RtlCreateSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor, ULONG Revision ); """ + ctx = ctx or {} # TODO, unimplemented sec_desc, rev = argv rv = ddk.STATUS_SUCCESS @@ -2066,7 +2170,7 @@ def RtlCreateSecurityDescriptor(self, emu, argv, ctx={}): return rv @apihook("RtlAddAccessAllowedAce", argc=4) - def RtlAddAccessAllowedAce(self, emu, argv, ctx={}): + def RtlAddAccessAllowedAce(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI NTSTATUS RtlAddAccessAllowedAce( PACL Acl, @@ -2075,6 +2179,7 @@ def RtlAddAccessAllowedAce(self, emu, argv, ctx={}): PSID Sid ); """ + ctx = ctx or {} # TODO, unimplemented acl, acl_rev, access, sid = argv rv = ddk.STATUS_SUCCESS @@ -2082,22 +2187,24 @@ def RtlAddAccessAllowedAce(self, emu, argv, ctx={}): return rv @apihook("PoDeletePowerRequest", argc=1) - def PoDeletePowerRequest(self, emu, argv, ctx={}): + def PoDeletePowerRequest(self, emu, argv, ctx: dict[str, str] | None = None): """ void PoDeletePowerRequest( PVOID PowerRequest ); """ + ctx = ctx or {} return @apihook("IoWMIRegistrationControl", argc=2) - def IoWMIRegistrationControl(self, emu, argv, ctx={}): + def IoWMIRegistrationControl(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS IoWMIRegistrationControl( PDEVICE_OBJECT DeviceObject, ULONG Action ); """ + ctx = ctx or {} rv = ddk.STATUS_INVALID_PARAMETER dev, action = argv @@ -2107,16 +2214,17 @@ def IoWMIRegistrationControl(self, emu, argv, ctx={}): return rv @apihook("ObMakeTemporaryObject", argc=1) - def ObMakeTemporaryObject(self, emu, argv, ctx={}): + def ObMakeTemporaryObject(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI VOID ObMakeTemporaryObject( PVOID Object ); """ + ctx = ctx or {} return None @apihook("RtlGetCompressionWorkSpaceSize", argc=3) - def RtlGetCompressionWorkSpaceSize(self, emu, argv, ctx={}): + def RtlGetCompressionWorkSpaceSize(self, emu, argv, ctx: dict[str, str] | None = None): """ NT_RTL_COMPRESS_API NTSTATUS RtlGetCompressionWorkSpaceSize( USHORT CompressionFormatAndEngine, @@ -2124,6 +2232,7 @@ def RtlGetCompressionWorkSpaceSize(self, emu, argv, ctx={}): PULONG CompressFragmentWorkSpaceSize ); """ + ctx = ctx or {} engine, buffer_workspace, frag_workspace = argv if buffer_workspace: self.mem_write(buffer_workspace, 0x1000.to_bytes(4, "little")) @@ -2132,7 +2241,7 @@ def RtlGetCompressionWorkSpaceSize(self, emu, argv, ctx={}): return ddk.STATUS_SUCCESS @apihook("RtlDecompressBuffer", argc=6) - def RtlDecompressBuffer(self, emu, argv, ctx={}): + def RtlDecompressBuffer(self, emu, argv, ctx: dict[str, str] | None = None): """ NT_RTL_COMPRESS_API NTSTATUS RtlDecompressBuffer( USHORT CompressionFormat, @@ -2143,6 +2252,7 @@ def RtlDecompressBuffer(self, emu, argv, ctx={}): PULONG FinalUncompressedSize ); """ + ctx = ctx or {} fmt, uncomp_buf, uncomp_buf_size, comp_buf, comp_buf_size, final_size = argv @@ -2169,25 +2279,27 @@ def RtlDecompressBuffer(self, emu, argv, ctx={}): return nts @apihook("FsRtlAllocatePool", argc=2) - def FsRtlAllocatePool(self, emu, argv, ctx={}): + def FsRtlAllocatePool(self, emu, argv, ctx: dict[str, str] | None = None): """ void FsRtlAllocatePool( PoolType, NumberOfBytes); """ + ctx = ctx or {} PoolType, NumberOfBytes = argv chunk = self.pool_alloc(PoolType, NumberOfBytes, "None") return chunk @apihook("IofCallDriver", argc=2, conv=_arch.CALL_CONV_FASTCALL) - def IofCallDriver(self, emu, argv, ctx={}): + def IofCallDriver(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS IofCallDriver( PDEVICE_OBJECT DeviceObject, __drv_aliasesMem PIRP Irp ); """ + ctx = ctx or {} DeviceObject, pIrp = argv rv = ddk.STATUS_SUCCESS @@ -2200,7 +2312,7 @@ def IofCallDriver(self, emu, argv, ctx={}): return rv @apihook("IoSetCompletionRoutineEx", argc=7) - def IoSetCompletionRoutineEx(self, emu, argv, ctx={}): + def IoSetCompletionRoutineEx(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS IoSetCompletionRoutineEx( PDEVICE_OBJECT DeviceObject, @@ -2212,25 +2324,27 @@ def IoSetCompletionRoutineEx(self, emu, argv, ctx={}): BOOLEAN InvokeOnCancel ); """ + ctx = ctx or {} DeviceObject, Irp, CompletionRoutine, Context, on_success, on_error, on_cancel = argv rv = ddk.STATUS_SUCCESS return rv @apihook("ExQueueWorkItem", argc=2) - def ExQueueWorkItem(self, emu, argv, ctx={}): + def ExQueueWorkItem(self, emu, argv, ctx: dict[str, str] | None = None): """ DECLSPEC_DEPRECATED_DDK NTKERNELAPI VOID ExQueueWorkItem( __drv_aliasesMem PWORK_QUEUE_ITEM WorkItem, WORK_QUEUE_TYPE QueueType ); """ + ctx = ctx or {} WorkItem, QueueType = argv return @apihook("ZwDeviceIoControlFile", argc=10) - def ZwDeviceIoControlFile(self, emu, argv, ctx={}): + def ZwDeviceIoControlFile(self, emu, argv, ctx: dict[str, str] | None = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS NtDeviceIoControlFile( HANDLE FileHandle, @@ -2245,6 +2359,7 @@ def ZwDeviceIoControlFile(self, emu, argv, ctx={}): ULONG OutputBufferLength ); """ + ctx = ctx or {} hnd, evt, apc_func, apc_ctx, isb, ioctl, InputBuffer, in_len, out_buf, out_len = argv # noqa nts = ddk.STATUS_SUCCESS @@ -2266,7 +2381,7 @@ def ZwDeviceIoControlFile(self, emu, argv, ctx={}): return nts @apihook("_snwprintf", argc=_arch.VAR_ARGS, conv=_arch.CALL_CONV_CDECL) - def _snwprintf(self, emu, argv, ctx={}): + def _snwprintf(self, emu, argv, ctx: dict[str, str] | None = None): """ int _snwprintf( wchar_t *buffer, @@ -2275,6 +2390,7 @@ def _snwprintf(self, emu, argv, ctx={}): argument] ... ); """ + ctx = ctx or {} buf, cnt, fmt = emu.get_func_argv(_arch.CALL_CONV_CDECL, 3) # the internal printf implementation requires uppercase S for wide string formatting, # otherwise the function replaces a latin1 string into an utf-16 string @@ -2295,7 +2411,7 @@ def _snwprintf(self, emu, argv, ctx={}): return len(fin) @apihook("ObReferenceObjectByHandle", argc=6) - def ObReferenceObjectByHandle(self, emu, argv, ctx={}): + def ObReferenceObjectByHandle(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS ObReferenceObjectByHandle( HANDLE Handle, @@ -2306,6 +2422,7 @@ def ObReferenceObjectByHandle(self, emu, argv, ctx={}): POBJECT_HANDLE_INFORMATION HandleInformation ); """ + ctx = ctx or {} hnd, access, obtype, mode, Object, ohi = argv nts = ddk.STATUS_SUCCESS @@ -2320,7 +2437,7 @@ def ObReferenceObjectByHandle(self, emu, argv, ctx={}): return nts @apihook("ObGetFilterVersion", argc=0) - def ObGetFilterVersion(self, emu, argv, ctx={}): + def ObGetFilterVersion(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI USHORT @@ -2328,10 +2445,11 @@ def ObGetFilterVersion(self, emu, argv, ctx={}): VOID ); """ + ctx = ctx or {} return 256 @apihook("ObRegisterCallbacks", argc=2) - def ObRegisterCallbacks(self, emu, argv, ctx={}): + def ObRegisterCallbacks(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS @@ -2340,25 +2458,27 @@ def ObRegisterCallbacks(self, emu, argv, ctx={}): _Outptr_ PVOID *RegistrationHandle ); """ + ctx = ctx or {} CallbackRegistration, RegistrationHandle = argv nts = ddk.STATUS_SUCCESS return nts @apihook("ZwDeleteKey", argc=1) - def ZwDeleteKey(self, emu, argv, ctx={}): + def ZwDeleteKey(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI NTSTATUS ZwDeleteKey( HANDLE KeyHandle ); """ + ctx = ctx or {} (KeyHandle,) = argv nts = ddk.STATUS_SUCCESS return nts @apihook("ZwQueryInformationProcess", argc=5) - def ZwQueryInformationProcess(self, emu, argv, ctx={}): + def ZwQueryInformationProcess(self, emu, argv, ctx: dict[str, str] | None = None): """ __kernel_entry NTSTATUS ZwQueryInformationProcess( IN HANDLE ProcessHandle, @@ -2368,6 +2488,7 @@ def ZwQueryInformationProcess(self, emu, argv, ctx={}): OUT PULONG ReturnLength OPTIONAL ); """ + ctx = ctx or {} hnd, info_class, proc_info, proc_info_len, retlen = argv nts = ddk.STATUS_OBJECT_TYPE_MISMATCH @@ -2399,14 +2520,15 @@ def ZwQueryInformationProcess(self, emu, argv, ctx={}): return nts @apihook("IoGetCurrentProcess", argc=0) - def IoGetCurrentProcess(self, emu, argv, ctx={}): + def IoGetCurrentProcess(self, emu, argv, ctx: dict[str, str] | None = None): """NTKERNELAPI PEPROCESS IoGetCurrentProcess();""" + ctx = ctx or {} p = emu.get_current_process() return p.address @apihook("NtSetInformationThread", argc=4) - def NtSetInformationThread(self, emu, argv, ctx={}): + def NtSetInformationThread(self, emu, argv, ctx: dict[str, str] | None = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS NtSetInformationThread( HANDLE ThreadHandle, @@ -2415,18 +2537,20 @@ def NtSetInformationThread(self, emu, argv, ctx={}): ULONG ThreadInformationLength ); """ + ctx = ctx or {} nts = ddk.STATUS_SUCCESS return nts @apihook("wcsnlen", argc=2) - def wcsnlen(self, emu, argv, ctx={}): + def wcsnlen(self, emu, argv, ctx: dict[str, str] | None = None): """s ize_t wcsnlen( const wchar_t *str, size_t numberOfElements ); """ + ctx = ctx or {} src, num_elements = argv ws = self.read_wide_string(src) @@ -2436,71 +2560,77 @@ def wcsnlen(self, emu, argv, ctx={}): return len(ws) @apihook("IoRegisterShutdownNotification", argc=1) - def IoRegisterShutdownNotification(self, emu, argv, ctx={}): + def IoRegisterShutdownNotification(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS IoRegisterShutdownNotification( PDEVICE_OBJECT DeviceObject ); """ + ctx = ctx or {} (DeviceObject,) = argv rv = ddk.STATUS_SUCCESS return rv @apihook("IoUnregisterShutdownNotification", argc=1) - def IoUnregisterShutdownNotification(self, emu, argv, ctx={}): + def IoUnregisterShutdownNotification(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS IoRegisterShutdownNotification( PDEVICE_OBJECT DeviceObject ); """ + ctx = ctx or {} (DeviceObject,) = argv return ddk.STATUS_SUCCESS @apihook("KeAcquireSpinLockRaiseToDpc", argc=1) - def KeAcquireSpinLockRaiseToDpc(self, emu, argv, ctx={}): + def KeAcquireSpinLockRaiseToDpc(self, emu, argv, ctx: dict[str, str] | None = None): """ KIRQL KeAcquireSpinLockRaiseToDpc( _Inout_ PKSPIN_LOCK SpinLock ); """ + ctx = ctx or {} (spinlock,) = argv irql = self.get_current_irql() self.set_current_irql(ddk.DISPATCH_LEVEL) return irql @apihook("MmUnlockPages", argc=1) - def MmUnlockPages(self, emu, argv, ctx={}): + def MmUnlockPages(self, emu, argv, ctx: dict[str, str] | None = None): """ void MmUnlockPages( PMDL MemoryDescriptorList ); """ + ctx = ctx or {} (mdl,) = argv return @apihook("IoFreeMdl", argc=1) - def IoFreeMdl(self, emu, argv, ctx={}): + def IoFreeMdl(self, emu, argv, ctx: dict[str, str] | None = None): """ void IoFreeMdl( PMDL Mdl ); """ + ctx = ctx or {} (mdl,) = argv return @apihook("KeCancelTimer", argc=1) - def KeCancelTimer(self, emu, argv, ctx={}): + def KeCancelTimer(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLEAN KeCancelTimer( PKTIMER Arg1 ); """ + ctx = ctx or {} rv = 1 return rv @apihook("PsGetVersion", argc=4) - def PsGetVersion(self, emu, argv, ctx={}): + def PsGetVersion(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLEAN PsGetVersion( PULONG MajorVersion, @@ -2509,6 +2639,7 @@ def PsGetVersion(self, emu, argv, ctx={}): PUNICODE_STRING CSDVersion ); """ + ctx = ctx or {} pmaj, pmin, bn, csdv = argv ver = self.emu.config.os_ver @@ -2526,7 +2657,7 @@ def PsGetVersion(self, emu, argv, ctx={}): return 0 @apihook("PsSetCreateProcessNotifyRoutineEx", argc=2) - def PsSetCreateProcessNotifyRoutineEx(self, emu, argv, ctx={}): + def PsSetCreateProcessNotifyRoutineEx(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS @@ -2535,13 +2666,14 @@ def PsSetCreateProcessNotifyRoutineEx(self, emu, argv, ctx={}): _In_ BOOLEAN Remove ); """ + ctx = ctx or {} NotifyRoutine, Remove = argv rv = ddk.STATUS_SUCCESS return rv @apihook("PsSetLoadImageNotifyRoutine", argc=1) - def PsSetLoadImageNotifyRoutine(self, emu, argv, ctx={}): + def PsSetLoadImageNotifyRoutine(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS @@ -2549,13 +2681,14 @@ def PsSetLoadImageNotifyRoutine(self, emu, argv, ctx={}): _In_ PLOAD_IMAGE_NOTIFY_ROUTINE NotifyRoutine ); """ + ctx = ctx or {} NotifyRoutine = argv # noqa rv = ddk.STATUS_SUCCESS return rv @apihook("PsRemoveLoadImageNotifyRoutine", argc=1) - def PsRemoveLoadImageNotifyRoutine(self, emu, argv, ctx={}): + def PsRemoveLoadImageNotifyRoutine(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS @@ -2563,13 +2696,14 @@ def PsRemoveLoadImageNotifyRoutine(self, emu, argv, ctx={}): _In_ PLOAD_IMAGE_NOTIFY_ROUTINE NotifyRoutine ); """ + ctx = ctx or {} NotifyRoutine = argv # noqa rv = ddk.STATUS_SUCCESS return rv @apihook("PsSetCreateThreadNotifyRoutine", argc=1) - def PsSetCreateThreadNotifyRoutine(self, emu, argv, ctx={}): + def PsSetCreateThreadNotifyRoutine(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS @@ -2577,13 +2711,14 @@ def PsSetCreateThreadNotifyRoutine(self, emu, argv, ctx={}): _In_ PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine ); """ + ctx = ctx or {} NotifyRoutine = argv # noqa rv = ddk.STATUS_SUCCESS return rv @apihook("PsRemoveCreateThreadNotifyRoutine", argc=1) - def PsRemoveCreateThreadNotifyRoutine(self, emu, argv, ctx={}): + def PsRemoveCreateThreadNotifyRoutine(self, emu, argv, ctx: dict[str, str] | None = None): """ NTKERNELAPI NTSTATUS @@ -2591,13 +2726,14 @@ def PsRemoveCreateThreadNotifyRoutine(self, emu, argv, ctx={}): _In_ PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine ); """ + ctx = ctx or {} NotifyRoutine = argv # noqa rv = ddk.STATUS_SUCCESS return rv @apihook("mbstowcs", argc=3) - def mbstowcs(self, emu, argv, ctx={}): + def mbstowcs(self, emu, argv, ctx: dict[str, str] | None = None): """ size_t mbstowcs( wchar_t *wcstr, @@ -2605,6 +2741,7 @@ def mbstowcs(self, emu, argv, ctx={}): size_t count ); """ + ctx = ctx or {} wcstr, mbstr, count = argv rv = 0 @@ -2621,7 +2758,7 @@ def mbstowcs(self, emu, argv, ctx={}): return rv @apihook("ZwOpenKey", argc=3) - def ZwOpenKey(self, emu, argv, ctx={}): + def ZwOpenKey(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI NTSTATUS ZwOpenKey( PHANDLE KeyHandle, @@ -2629,6 +2766,7 @@ def ZwOpenKey(self, emu, argv, ctx={}): POBJECT_ATTRIBUTES ObjectAttributes ); """ + ctx = ctx or {} phnd, access, objattr = argv rv = ddk.STATUS_SUCCESS @@ -2648,7 +2786,7 @@ def ZwOpenKey(self, emu, argv, ctx={}): return rv @apihook("ZwQueryValueKey", argc=6) - def ZwQueryValueKey(self, emu, argv, ctx={}): + def ZwQueryValueKey(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI NTSTATUS ZwQueryValueKey( HANDLE KeyHandle, @@ -2659,6 +2797,7 @@ def ZwQueryValueKey(self, emu, argv, ctx={}): PULONG ResultLength ); """ + ctx = ctx or {} hnd, val, info_class, val_info, length, ret_len = argv rv = ddk.STATUS_INVALID_HANDLE @@ -2699,7 +2838,7 @@ def ZwQueryValueKey(self, emu, argv, ctx={}): return rv @apihook("ZwCreateFile", argc=11) - def ZwCreateFile(self, emu, argv, ctx={}): + def ZwCreateFile(self, emu, argv, ctx: dict[str, str] | None = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS NtCreateFile( PHANDLE FileHandle, @@ -2715,6 +2854,7 @@ def ZwCreateFile(self, emu, argv, ctx={}): ULONG EaLength ); """ + ctx = ctx or {} pHndl, access, objattr, statblock, alloc_size, file_attrs, share, create_disp, create_opts, ea_buf, ea_len = ( argv ) @@ -2783,7 +2923,7 @@ def ZwCreateFile(self, emu, argv, ctx={}): return nts @apihook("ZwOpenFile", argc=6) - def ZwOpenFile(self, emu, argv, ctx={}): + def ZwOpenFile(self, emu, argv, ctx: dict[str, str] | None = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS NtOpenFile( PHANDLE FileHandle, @@ -2794,6 +2934,7 @@ def ZwOpenFile(self, emu, argv, ctx={}): ULONG OpenOptions ); """ + ctx = ctx or {} pHndl, access, objattr, statblock, share, open_opts = argv nts = ddk.STATUS_OBJECT_NAME_NOT_FOUND @@ -2830,7 +2971,7 @@ def ZwOpenFile(self, emu, argv, ctx={}): return nts @apihook("ZwQueryInformationFile", argc=5) - def ZwQueryInformationFile(self, emu, argv, ctx={}): + def ZwQueryInformationFile(self, emu, argv, ctx: dict[str, str] | None = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS NtQueryInformationFile( HANDLE FileHandle, @@ -2840,6 +2981,7 @@ def ZwQueryInformationFile(self, emu, argv, ctx={}): FILE_INFORMATION_CLASS FileInformationClass ); """ + ctx = ctx or {} FileHandle, IoStatusBlock, FileInformation, Length, FileInformationClass = argv nts = ddk.STATUS_INVALID_PARAMETER @@ -2860,7 +3002,7 @@ def ZwQueryInformationFile(self, emu, argv, ctx={}): return nts @apihook("RtlCompareMemory", argc=3) - def RtlCompareMemory(self, emu, argv, ctx={}): + def RtlCompareMemory(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI SIZE_T RtlCompareMemory( const VOID *Source1, @@ -2868,6 +3010,7 @@ def RtlCompareMemory(self, emu, argv, ctx={}): SIZE_T Length ); """ + ctx = ctx or {} s1, s2, Length = argv @@ -2882,7 +3025,7 @@ def RtlCompareMemory(self, emu, argv, ctx={}): return i @apihook("RtlQueryRegistryValuesEx", argc=5) - def RtlQueryRegistryValuesEx(self, emu, argv, ctx={}): + def RtlQueryRegistryValuesEx(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI NTSTATUS RtlQueryRegistryValuesEx( ULONG RelativeTo, @@ -2892,6 +3035,7 @@ def RtlQueryRegistryValuesEx(self, emu, argv, ctx={}): PVOID Environment ); """ + ctx = ctx or {} rv = ddk.STATUS_SUCCESS # TODO: complete this api handler @@ -2911,7 +3055,7 @@ def RtlQueryRegistryValuesEx(self, emu, argv, ctx={}): return rv @apihook("ZwWriteFile", argc=9) - def ZwWriteFile(self, emu, argv, ctx={}): + def ZwWriteFile(self, emu, argv, ctx: dict[str, str] | None = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS NtWriteFile( HANDLE FileHandle, @@ -2925,6 +3069,7 @@ def ZwWriteFile(self, emu, argv, ctx={}): PULONG Key ); """ + ctx = ctx or {} FileHandle, evt, apc, apc_ctx, ios, buf, length, offset, key = argv length = length & 0xFFFFFFFF @@ -2952,7 +3097,7 @@ def ZwWriteFile(self, emu, argv, ctx={}): return nts @apihook("ZwReadFile", argc=9) - def ZwReadFile(self, emu, argv, ctx={}): + def ZwReadFile(self, emu, argv, ctx: dict[str, str] | None = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS NtReadFile( HANDLE FileHandle, @@ -2966,6 +3111,7 @@ def ZwReadFile(self, emu, argv, ctx={}): PULONG Key ); """ + ctx = ctx or {} FileHandle, evt, apc, apc_ctx, ios, buf, length, offset, key = argv nts = ddk.STATUS_INVALID_PARAMETER @@ -2988,12 +3134,13 @@ def ZwReadFile(self, emu, argv, ctx={}): return nts @apihook("MmIsDriverVerifying", argc=1) - def MmIsDriverVerifying(self, emu, argv, ctx={}): + def MmIsDriverVerifying(self, emu, argv, ctx: dict[str, str] | None = None): """ LOGICAL MmIsDriverVerifying( _DRIVER_OBJECT *DriverObject ); """ + ctx = ctx or {} (DriverObject,) = argv rv = False @@ -3001,7 +3148,7 @@ def MmIsDriverVerifying(self, emu, argv, ctx={}): return rv @apihook("ZwCreateSection", argc=7) - def ZwCreateSection(self, emu, argv, ctx={}): + def ZwCreateSection(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI NTSTATUS ZwCreateSection( PHANDLE SectionHandle, @@ -3013,6 +3160,7 @@ def ZwCreateSection(self, emu, argv, ctx={}): HANDLE FileHandle ); """ + ctx = ctx or {} ( SectionHandle, @@ -3048,18 +3196,19 @@ def ZwCreateSection(self, emu, argv, ctx={}): return ddk.STATUS_SUCCESS @apihook("ZwUnmapViewOfSection", argc=2) - def ZwUnmapViewOfSection(self, emu, argv, ctx={}): + def ZwUnmapViewOfSection(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI NTSTATUS ZwUnmapViewOfSection( HANDLE ProcessHandle, PVOID BaseAddress ); """ + ctx = ctx or {} ProcessHandle, BaseAddress = argv return 0 @apihook("ZwMapViewOfSection", argc=10) - def ZwMapViewOfSection(self, emu, argv, ctx={}): + def ZwMapViewOfSection(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI NTSTATUS ZwMapViewOfSection( HANDLE SectionHandle, @@ -3074,6 +3223,7 @@ def ZwMapViewOfSection(self, emu, argv, ctx={}): ULONG Win32Protect ); """ + ctx = ctx or {} ( SectionHandle, @@ -3159,7 +3309,7 @@ def ZwMapViewOfSection(self, emu, argv, ctx={}): return rv @apihook("RtlAllocateHeap", argc=3) - def RtlAllocateHeap(self, emu, argv, ctx={}): + def RtlAllocateHeap(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI PVOID RtlAllocateHeap( PVOID HeapHandle, @@ -3167,6 +3317,7 @@ def RtlAllocateHeap(self, emu, argv, ctx={}): SIZE_T Size ); """ + ctx = ctx or {} heap, flags, size = argv block = self.heap_alloc(size, heap="RtlAllocateHeap") @@ -3174,13 +3325,14 @@ def RtlAllocateHeap(self, emu, argv, ctx={}): return block @apihook("ZwGetContextThread", argc=2) - def ZwGetContextThread(self, emu, argv, ctx={}): + def ZwGetContextThread(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL ZwGetContextThread( HANDLE hThread, LPCONTEXT lpContext ); """ + ctx = ctx or {} hThread, lpContext = argv obj = self.get_object_from_handle(hThread) @@ -3194,13 +3346,14 @@ def ZwGetContextThread(self, emu, argv, ctx={}): return True @apihook("ZwSetContextThread", argc=2) - def ZwSetContextThread(self, emu, argv, ctx={}): + def ZwSetContextThread(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL ZwSetContextThread( HANDLE hThread, LPCONTEXT lpContext ); """ + ctx = ctx or {} hThread, lpContext = argv obj = self.get_object_from_handle(hThread) @@ -3215,7 +3368,7 @@ def ZwSetContextThread(self, emu, argv, ctx={}): return True @apihook("RtlFreeHeap", argc=3) - def RtlFreeHeap(self, emu, argv, ctx={}): + def RtlFreeHeap(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI RtlFreeHeap( PVOID HeapHandle, @@ -3223,6 +3376,7 @@ def RtlFreeHeap(self, emu, argv, ctx={}): PVOID BaseAddress ); """ + ctx = ctx or {} rv = 1 hHeap, dwFlags, lpMem = argv diff --git a/speakeasy/winenv/api/kernelmode/usbd.py b/speakeasy/winenv/api/kernelmode/usbd.py index 9b847082..a3b42fda 100644 --- a/speakeasy/winenv/api/kernelmode/usbd.py +++ b/speakeasy/winenv/api/kernelmode/usbd.py @@ -26,7 +26,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("USBD_ValidateConfigurationDescriptor", argc=5) - def USBD_ValidateConfigurationDescriptor(self, emu, argv, ctx={}): + def USBD_ValidateConfigurationDescriptor(self, emu, argv, ctx: dict[str, str] | None = None): """ USBD_STATUS USBD_ValidateConfigurationDescriptor( PUSB_CONFIGURATION_DESCRIPTOR ConfigDesc, @@ -36,6 +36,7 @@ def USBD_ValidateConfigurationDescriptor(self, emu, argv, ctx={}): ULONG Tag ); """ + ctx = ctx or {} rv = ddk.STATUS_SUCCESS ConfigDesc, BufferLength, Level, Offset, Tag = argv diff --git a/speakeasy/winenv/api/kernelmode/wdfldr.py b/speakeasy/winenv/api/kernelmode/wdfldr.py index d52bf24a..048cce9c 100644 --- a/speakeasy/winenv/api/kernelmode/wdfldr.py +++ b/speakeasy/winenv/api/kernelmode/wdfldr.py @@ -195,7 +195,7 @@ def parse_usb_config(self, data): return interfaces @apihook("WdfVersionBind", argc=4) - def WdfVersionBind(self, emu, argv, ctx={}): + def WdfVersionBind(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS WdfVersionBind( @@ -205,6 +205,7 @@ def WdfVersionBind(self, emu, argv, ctx={}): __out PWDF_COMPONENT_GLOBALS* ComponentGlobals ); """ + ctx = ctx or {} rv = ddk.STATUS_SUCCESS drv, reg_path, BindInfo, comp_globals = argv @@ -228,7 +229,7 @@ def WdfVersionBind(self, emu, argv, ctx={}): return rv @apihook("WdfDriverCreate", argc=6) - def WdfDriverCreate(self, emu, argv, ctx={}): + def WdfDriverCreate(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS WdfDriverCreate( PWDF_DRIVER_GLOBALS DriverGlobals, @@ -239,6 +240,7 @@ def WdfDriverCreate(self, emu, argv, ctx={}): WDFDRIVER *Driver ); """ + ctx = ctx or {} DriverGlobals, DriverObject, RegistryPath, DriverAttributes, DriverConfig, Driver = argv driver = WdfDriver() @@ -258,31 +260,33 @@ def WdfDriverCreate(self, emu, argv, ctx={}): return rv @apihook("WdfDeviceInitSetPnpPowerEventCallbacks", argc=3) - def WdfDeviceInitSetPnpPowerEventCallbacks(self, emu, argv, ctx={}): + def WdfDeviceInitSetPnpPowerEventCallbacks(self, emu, argv, ctx: dict[str, str] | None = None): """ void WdfDeviceInitSetPnpPowerEventCallbacks( PWDFDEVICE_INIT DeviceInit, PWDF_PNPPOWER_EVENT_CALLBACKS PnpPowerEventCallbacks ); """ + ctx = ctx or {} DriverGlobals, DeviceInit, PnpPowerEventCallbacks = argv return @apihook("WdfDeviceInitSetRequestAttributes", argc=3) - def WdfDeviceInitSetRequestAttributes(self, emu, argv, ctx={}): + def WdfDeviceInitSetRequestAttributes(self, emu, argv, ctx: dict[str, str] | None = None): """ void WdfDeviceInitSetRequestAttributes( PWDFDEVICE_INIT DeviceInit, PWDF_OBJECT_ATTRIBUTES RequestAttributes ); """ + ctx = ctx or {} DriverGlobals, DeviceInit, RequestAttributes = argv return @apihook("WdfDeviceInitSetFileObjectConfig", argc=4) - def WdfDeviceInitSetFileObjectConfig(self, emu, argv, ctx={}): + def WdfDeviceInitSetFileObjectConfig(self, emu, argv, ctx: dict[str, str] | None = None): """ void WdfDeviceInitSetFileObjectConfig( PWDFDEVICE_INIT DeviceInit, @@ -290,24 +294,26 @@ def WdfDeviceInitSetFileObjectConfig(self, emu, argv, ctx={}): PWDF_OBJECT_ATTRIBUTES FileObjectAttributes ); """ + ctx = ctx or {} DriverGlobals, DeviceInit, FileObjectConfig, FileObjectAttributes = argv return @apihook("WdfDeviceInitSetIoType", argc=3) - def WdfDeviceInitSetIoType(self, emu, argv, ctx={}): + def WdfDeviceInitSetIoType(self, emu, argv, ctx: dict[str, str] | None = None): """ void WdfDeviceInitSetIoType( PWDFDEVICE_INIT DeviceInit, WDF_DEVICE_IO_TYPE IoType ); """ + ctx = ctx or {} DriverGlobals, DeviceInit, IoType = argv return @apihook("WdfDeviceCreate", argc=4) - def WdfDeviceCreate(self, emu, argv, ctx={}): + def WdfDeviceCreate(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS WdfDeviceCreate( PWDFDEVICE_INIT *DeviceInit, @@ -315,6 +321,7 @@ def WdfDeviceCreate(self, emu, argv, ctx={}): WDFDEVICE *Device ); """ + ctx = ctx or {} DriverGlobals, DeviceInit, DeviceAttributes, Device = argv rv = ddk.STATUS_SUCCESS @@ -336,13 +343,14 @@ def WdfDeviceCreate(self, emu, argv, ctx={}): return rv @apihook("WdfObjectGetTypedContextWorker", argc=3, conv=e_arch.CALL_CONV_FASTCALL) - def WdfObjectGetTypedContextWorker(self, emu, argv, ctx={}): + def WdfObjectGetTypedContextWorker(self, emu, argv, ctx: dict[str, str] | None = None): """ PVOID WdfObjectGetTypedContextWorker( WDFOBJECT Handle, PCWDF_OBJECT_CONTEXT_TYPE_INFO TypeInfo ); """ + ctx = ctx or {} DriverGlobals, Handle, TypeInfo = argv driver = self.wdf_drivers.get(DriverGlobals) @@ -355,7 +363,7 @@ def WdfObjectGetTypedContextWorker(self, emu, argv, ctx={}): return rv @apihook("WdfDriverOpenParametersRegistryKey", argc=5) - def WdfDriverOpenParametersRegistryKey(self, emu, argv, ctx={}): + def WdfDriverOpenParametersRegistryKey(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS WdfDriverOpenParametersRegistryKey( WDFDRIVER Driver, @@ -364,6 +372,7 @@ def WdfDriverOpenParametersRegistryKey(self, emu, argv, ctx={}): WDFKEY *Key ); """ + ctx = ctx or {} DriverGlobals, Driver, DesiredAccess, KeyAttributes, pKey = argv rv = ddk.STATUS_OBJECT_NAME_NOT_FOUND @@ -379,7 +388,7 @@ def WdfDriverOpenParametersRegistryKey(self, emu, argv, ctx={}): return rv @apihook("WdfRegistryQueryULong", argc=4) - def WdfRegistryQueryULong(self, emu, argv, ctx={}): + def WdfRegistryQueryULong(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS WdfRegistryQueryULong( WDFKEY Key, @@ -387,6 +396,7 @@ def WdfRegistryQueryULong(self, emu, argv, ctx={}): PULONG Value ); """ + ctx = ctx or {} DriverGlobals, Key, ValueName, Value = argv rv = ddk.STATUS_OBJECT_NAME_NOT_FOUND @@ -403,28 +413,30 @@ def WdfRegistryQueryULong(self, emu, argv, ctx={}): return rv @apihook("WdfRegistryClose", argc=2) - def WdfRegistryClose(self, emu, argv, ctx={}): + def WdfRegistryClose(self, emu, argv, ctx: dict[str, str] | None = None): """ void WdfRegistryClose( WDFKEY Key ); """ + ctx = ctx or {} DriverGlobals, Key = argv return @apihook("WdfDeviceSetPnpCapabilities", argc=3) - def WdfDeviceSetPnpCapabilities(self, emu, argv, ctx={}): + def WdfDeviceSetPnpCapabilities(self, emu, argv, ctx: dict[str, str] | None = None): """ void WdfDeviceSetPnpCapabilities( WDFDEVICE Device, PWDF_DEVICE_PNP_CAPABILITIES PnpCapabilities ); """ + ctx = ctx or {} DriverGlobals, Device, PnpCapabilities = argv return @apihook("WdfIoQueueReadyNotify", argc=4) - def WdfIoQueueReadyNotify(self, emu, argv, ctx={}): + def WdfIoQueueReadyNotify(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS WdfIoQueueReadyNotify( WDFQUEUE Queue, @@ -432,13 +444,14 @@ def WdfIoQueueReadyNotify(self, emu, argv, ctx={}): WDFCONTEXT Context ); """ + ctx = ctx or {} DriverGlobals, Queue, QueueReady, Context = argv rv = ddk.STATUS_SUCCESS return rv @apihook("WdfDeviceCreateDeviceInterface", argc=4) - def WdfDeviceCreateDeviceInterface(self, emu, argv, ctx={}): + def WdfDeviceCreateDeviceInterface(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS WdfDeviceCreateDeviceInterface( WDFDEVICE Device, @@ -446,6 +459,7 @@ def WdfDeviceCreateDeviceInterface(self, emu, argv, ctx={}): PCUNICODE_STRING ReferenceString ); """ + ctx = ctx or {} DriverGlobals, Device, InterfaceClassGUID, ReferenceString = argv rv = ddk.STATUS_SUCCESS @@ -461,7 +475,7 @@ def WdfDeviceCreateDeviceInterface(self, emu, argv, ctx={}): return rv @apihook("WdfIoQueueCreate", argc=5) - def WdfIoQueueCreate(self, emu, argv, ctx={}): + def WdfIoQueueCreate(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS WdfIoQueueCreate( WDFDEVICE Device, @@ -470,6 +484,7 @@ def WdfIoQueueCreate(self, emu, argv, ctx={}): WDFQUEUE *Queue ); """ + ctx = ctx or {} DriverGlobals, Device, Config, QueueAttributes, Queue = argv rv = ddk.STATUS_SUCCESS @@ -486,12 +501,13 @@ def WdfIoQueueCreate(self, emu, argv, ctx={}): return rv @apihook("WdfDeviceWdmGetAttachedDevice", argc=2) - def WdfDeviceWdmGetAttachedDevice(self, emu, argv, ctx={}): + def WdfDeviceWdmGetAttachedDevice(self, emu, argv, ctx: dict[str, str] | None = None): """ PDEVICE_OBJECT WdfDeviceWdmGetAttachedDevice( WDFDEVICE Device ); """ + ctx = ctx or {} DriverGlobals, Device = argv if not self.pnp_device: @@ -502,7 +518,7 @@ def WdfDeviceWdmGetAttachedDevice(self, emu, argv, ctx={}): return rv @apihook("WdfUsbTargetDeviceCreateWithParameters", argc=5) - def WdfUsbTargetDeviceCreateWithParameters(self, emu, argv, ctx={}): + def WdfUsbTargetDeviceCreateWithParameters(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS WdfUsbTargetDeviceCreateWithParameters( WDFDEVICE Device, @@ -511,6 +527,7 @@ def WdfUsbTargetDeviceCreateWithParameters(self, emu, argv, ctx={}): WDFUSBDEVICE *UsbDevice ); """ + ctx = ctx or {} DriverGlobals, Device, Config, Attributes, UsbDevice = argv rv = ddk.STATUS_SUCCESS @@ -523,12 +540,13 @@ def WdfUsbTargetDeviceCreateWithParameters(self, emu, argv, ctx={}): return rv @apihook("WdfDeviceWdmGetDeviceObject", argc=2) - def WdfDeviceWdmGetDeviceObject(self, emu, argv, ctx={}): + def WdfDeviceWdmGetDeviceObject(self, emu, argv, ctx: dict[str, str] | None = None): """ PDEVICE_OBJECT WdfDeviceWdmGetDeviceObject( WDFDEVICE Device ); """ + ctx = ctx or {} DriverGlobals, Device = argv rv = 0 @@ -538,13 +556,14 @@ def WdfDeviceWdmGetDeviceObject(self, emu, argv, ctx={}): return rv @apihook("WdfUsbTargetDeviceGetDeviceDescriptor", argc=3) - def WdfUsbTargetDeviceGetDeviceDescriptor(self, emu, argv, ctx={}): + def WdfUsbTargetDeviceGetDeviceDescriptor(self, emu, argv, ctx: dict[str, str] | None = None): """ void WdfUsbTargetDeviceGetDeviceDescriptor( WDFUSBDEVICE UsbDevice, PUSB_DEVICE_DESCRIPTOR UsbDeviceDescriptor ); """ + ctx = ctx or {} DriverGlobals, UsbDevice, UsbDeviceDescriptor = argv dev = self.usb_devices.get(UsbDevice) @@ -554,7 +573,7 @@ def WdfUsbTargetDeviceGetDeviceDescriptor(self, emu, argv, ctx={}): return @apihook("WdfMemoryCreate", argc=7) - def WdfMemoryCreate(self, emu, argv, ctx={}): + def WdfMemoryCreate(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS WdfMemoryCreate( PWDF_OBJECT_ATTRIBUTES Attributes, @@ -565,6 +584,7 @@ def WdfMemoryCreate(self, emu, argv, ctx={}): PVOID *Buffer ); """ + ctx = ctx or {} DriverGlobals, Attributes, PoolType, PoolTag, BufferSize, Mem, Buf = argv rv = ddk.STATUS_SUCCESS @@ -579,7 +599,7 @@ def WdfMemoryCreate(self, emu, argv, ctx={}): return rv @apihook("WdfUsbTargetDeviceSelectConfig", argc=4) - def WdfUsbTargetDeviceSelectConfig(self, emu, argv, ctx={}): + def WdfUsbTargetDeviceSelectConfig(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS WdfUsbTargetDeviceSelectConfig( WDFUSBDEVICE UsbDevice, @@ -587,6 +607,7 @@ def WdfUsbTargetDeviceSelectConfig(self, emu, argv, ctx={}): PWDF_USB_DEVICE_SELECT_CONFIG_PARAMS Params ); """ + ctx = ctx or {} DriverGlobals, UsbDevice, PipeAttributes, Params = argv rv = ddk.STATUS_SUCCESS @@ -614,7 +635,7 @@ def WdfUsbTargetDeviceSelectConfig(self, emu, argv, ctx={}): return rv @apihook("WdfUsbTargetDeviceRetrieveConfigDescriptor", argc=4) - def WdfUsbTargetDeviceRetrieveConfigDescriptor(self, emu, argv, ctx={}): + def WdfUsbTargetDeviceRetrieveConfigDescriptor(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS WdfUsbTargetDeviceRetrieveConfigDescriptor( WDFUSBDEVICE UsbDevice, @@ -622,6 +643,7 @@ def WdfUsbTargetDeviceRetrieveConfigDescriptor(self, emu, argv, ctx={}): PUSHORT ConfigDescriptorLength ); """ + ctx = ctx or {} DriverGlobals, UsbDevice, ConfigDescriptor, ConfigDescriptorLength = argv rv = ddk.STATUS_BUFFER_TOO_SMALL @@ -647,7 +669,7 @@ def WdfUsbTargetDeviceRetrieveConfigDescriptor(self, emu, argv, ctx={}): return rv @apihook("WdfUsbInterfaceSelectSetting", argc=4) - def WdfUsbInterfaceSelectSetting(self, emu, argv, ctx={}): + def WdfUsbInterfaceSelectSetting(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS WdfUsbInterfaceSelectSetting( WDFUSBINTERFACE UsbInterface, @@ -655,6 +677,7 @@ def WdfUsbInterfaceSelectSetting(self, emu, argv, ctx={}): PWDF_USB_INTERFACE_SELECT_SETTING_PARAMS Params ); """ + ctx = ctx or {} DriverGlobals, UsbInterface, PipesAttributes, Params = argv rv = ddk.STATUS_INVALID_HANDLE @@ -671,12 +694,13 @@ def WdfUsbInterfaceSelectSetting(self, emu, argv, ctx={}): return rv @apihook("WdfUsbTargetDeviceGetNumInterfaces", argc=2) - def WdfUsbTargetDeviceGetNumInterfaces(self, emu, argv, ctx={}): + def WdfUsbTargetDeviceGetNumInterfaces(self, emu, argv, ctx: dict[str, str] | None = None): """ UCHAR WdfUsbTargetDeviceGetNumInterfaces( WDFUSBDEVICE UsbDevice ); """ + ctx = ctx or {} DriverGlobals, UsbDevice = argv rv = 0 @@ -687,12 +711,13 @@ def WdfUsbTargetDeviceGetNumInterfaces(self, emu, argv, ctx={}): return rv @apihook("WdfUsbInterfaceGetNumConfiguredPipes", argc=2) - def WdfUsbInterfaceGetNumConfiguredPipes(self, emu, argv, ctx={}): + def WdfUsbInterfaceGetNumConfiguredPipes(self, emu, argv, ctx: dict[str, str] | None = None): """ BYTE WdfUsbInterfaceGetNumConfiguredPipes( WDFUSBINTERFACE UsbInterface ); """ + ctx = ctx or {} DriverGlobals, UsbInterface = argv rv = 0 @@ -708,12 +733,13 @@ def WdfUsbInterfaceGetNumConfiguredPipes(self, emu, argv, ctx={}): return rv @apihook("WdfUsbInterfaceGetNumSettings", argc=2) - def WdfUsbInterfaceGetNumSettings(self, emu, argv, ctx={}): + def WdfUsbInterfaceGetNumSettings(self, emu, argv, ctx: dict[str, str] | None = None): """ BYTE WdfUsbInterfaceGetNumSettings( WDFUSBINTERFACE UsbInterface ); """ + ctx = ctx or {} DriverGlobals, UsbInterface = argv rv = 0 @@ -728,13 +754,14 @@ def WdfUsbInterfaceGetNumSettings(self, emu, argv, ctx={}): return rv @apihook("WdfUsbTargetDeviceRetrieveInformation", argc=3) - def WdfUsbTargetDeviceRetrieveInformation(self, emu, argv, ctx={}): + def WdfUsbTargetDeviceRetrieveInformation(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS WdfUsbTargetDeviceRetrieveInformation( WDFUSBDEVICE UsbDevice, PWDF_USB_DEVICE_INFORMATION Information ); """ + ctx = ctx or {} DriverGlobals, UsbDevice, Information = argv rv = ddk.STATUS_INVALID_HANDLE @@ -750,7 +777,7 @@ def WdfUsbTargetDeviceRetrieveInformation(self, emu, argv, ctx={}): return rv @apihook("WdfUsbInterfaceGetConfiguredPipe", argc=4) - def WdfUsbInterfaceGetConfiguredPipe(self, emu, argv, ctx={}): + def WdfUsbInterfaceGetConfiguredPipe(self, emu, argv, ctx: dict[str, str] | None = None): """ WDFUSBPIPE WdfUsbInterfaceGetConfiguredPipe( WDFUSBINTERFACE UsbInterface, @@ -758,6 +785,7 @@ def WdfUsbInterfaceGetConfiguredPipe(self, emu, argv, ctx={}): PWDF_USB_PIPE_INFORMATION PipeInfo ); """ + ctx = ctx or {} DriverGlobals, UsbInterface, PipeIndex, PipeInfo = argv rv = 0 @@ -796,13 +824,14 @@ def WdfUsbInterfaceGetConfiguredPipe(self, emu, argv, ctx={}): return rv @apihook("WdfUsbTargetPipeGetInformation", argc=3) - def WdfUsbTargetPipeGetInformation(self, emu, argv, ctx={}): + def WdfUsbTargetPipeGetInformation(self, emu, argv, ctx: dict[str, str] | None = None): """ void WdfUsbTargetPipeGetInformation( WDFUSBPIPE Pipe, PWDF_USB_PIPE_INFORMATION PipeInformation ); """ + ctx = ctx or {} DriverGlobals, Pipe, PipeInfo = argv _pipe = self.usb_pipes.get(Pipe) @@ -835,12 +864,13 @@ def WdfUsbTargetPipeGetInformation(self, emu, argv, ctx={}): return @apihook("WdfUsbInterfaceGetInterfaceNumber", argc=2) - def WdfUsbInterfaceGetInterfaceNumber(self, emu, argv, ctx={}): + def WdfUsbInterfaceGetInterfaceNumber(self, emu, argv, ctx: dict[str, str] | None = None): """ BYTE WdfUsbInterfaceGetInterfaceNumber( WDFUSBINTERFACE UsbInterface ); """ + ctx = ctx or {} DriverGlobals, UsbInterface = argv rv = 0 diff --git a/speakeasy/winenv/api/usermode/advapi32.py b/speakeasy/winenv/api/usermode/advapi32.py index 84a26554..7dfddd38 100644 --- a/speakeasy/winenv/api/usermode/advapi32.py +++ b/speakeasy/winenv/api/usermode/advapi32.py @@ -48,7 +48,7 @@ def get_handle(self): return self.curr_handle @apihook("RegOpenKey", argc=3, conv=_arch.CALL_CONV_STDCALL) - def RegOpenKey(self, emu, argv, ctx={}): + def RegOpenKey(self, emu, argv, ctx: dict[str, str] | None = None): """ LSTATUS RegOpenKeyA( HKEY hKey, @@ -56,6 +56,7 @@ def RegOpenKey(self, emu, argv, ctx={}): PHKEY phkResult ); """ + ctx = ctx or {} hKey, lpSubKey, phkResult = argv rv = windefs.ERROR_SUCCESS @@ -94,7 +95,7 @@ def RegOpenKey(self, emu, argv, ctx={}): return rv @apihook("RegOpenKeyEx", argc=5, conv=_arch.CALL_CONV_STDCALL) - def RegOpenKeyEx(self, emu, argv, ctx={}): + def RegOpenKeyEx(self, emu, argv, ctx: dict[str, str] | None = None): """ LSTATUS RegOpenKeyEx( HKEY hKey, @@ -104,6 +105,7 @@ def RegOpenKeyEx(self, emu, argv, ctx={}): PHKEY phkResult ); """ + ctx = ctx or {} hKey, lpSubKey, ulOptions, samDesired, phkResult = argv rv = windefs.ERROR_SUCCESS @@ -138,7 +140,7 @@ def RegOpenKeyEx(self, emu, argv, ctx={}): return rv @apihook("RegQueryValueEx", argc=6, conv=_arch.CALL_CONV_STDCALL) - def RegQueryValueEx(self, emu, argv, ctx={}): + def RegQueryValueEx(self, emu, argv, ctx: dict[str, str] | None = None): """ LSTATUS RegQueryValueEx( HKEY hKey, @@ -149,6 +151,7 @@ def RegQueryValueEx(self, emu, argv, ctx={}): LPDWORD lpcbData ); """ + ctx = ctx or {} hKey, lpValueName, lpReserved, lpType, lpData, lpcbData = argv rv = windefs.ERROR_SUCCESS @@ -215,7 +218,7 @@ def RegQueryValueEx(self, emu, argv, ctx={}): return rv @apihook("RegSetValueEx", argc=6, conv=_arch.CALL_CONV_STDCALL) - def RegSetValueEx(self, emu, argv, ctx={}): + def RegSetValueEx(self, emu, argv, ctx: dict[str, str] | None = None): """ LSTATUS RegSetValueEx( HKEY hKey, @@ -226,6 +229,7 @@ def RegSetValueEx(self, emu, argv, ctx={}): DWORD cbData ); """ + ctx = ctx or {} hKey, lpValueName, _reserved, dwType, lpData, cbData = argv @@ -273,12 +277,13 @@ def RegSetValueEx(self, emu, argv, ctx={}): return windefs.ERROR_SUCCESS @apihook("RegCloseKey", argc=1, conv=_arch.CALL_CONV_STDCALL) - def RegCloseKey(self, emu, argv, ctx={}): + def RegCloseKey(self, emu, argv, ctx: dict[str, str] | None = None): """ LSTATUS RegCloseKey( HKEY hKey ); """ + ctx = ctx or {} (hKey,) = argv rv = windefs.ERROR_SUCCESS @@ -290,7 +295,7 @@ def RegCloseKey(self, emu, argv, ctx={}): return rv @apihook("RegEnumKey", argc=4, conv=_arch.CALL_CONV_STDCALL) - def RegEnumKey(self, emu, argv, ctx={}): + def RegEnumKey(self, emu, argv, ctx: dict[str, str] | None = None): """ LSTATUS RegEnumKey( HKEY hKey, @@ -299,6 +304,7 @@ def RegEnumKey(self, emu, argv, ctx={}): DWORD cchName ); """ + ctx = ctx or {} hKey, dwIndex, lpName, cchName = argv @@ -309,7 +315,7 @@ def RegEnumKey(self, emu, argv, ctx={}): return rv @apihook("RegEnumKeyEx", argc=8, conv=_arch.CALL_CONV_STDCALL) - def RegEnumKeyEx(self, emu, argv, ctx={}): + def RegEnumKeyEx(self, emu, argv, ctx: dict[str, str] | None = None): """ LSTATUS RegEnumKeyEx( HKEY hKey, @@ -322,6 +328,7 @@ def RegEnumKeyEx(self, emu, argv, ctx={}): PFILETIME lpftLastWriteTime ); """ + ctx = ctx or {} hKey, dwIndex, lpName, cchName, res, pcls, cchcls, last_write = argv @@ -350,7 +357,7 @@ def RegEnumKeyEx(self, emu, argv, ctx={}): return rv @apihook("RegCreateKey", argc=3) - def RegCreateKey(self, emu, argv, ctx={}): + def RegCreateKey(self, emu, argv, ctx: dict[str, str] | None = None): """ LSTATUS RegCreateKey( HKEY hKey, @@ -358,6 +365,7 @@ def RegCreateKey(self, emu, argv, ctx={}): PHKEY phkResult ); """ + ctx = ctx or {} hkey, lpSubKey, phkResult = argv rv = windefs.ERROR_INVALID_HANDLE if hkey: @@ -380,7 +388,7 @@ def RegCreateKey(self, emu, argv, ctx={}): return rv @apihook("RegCreateKeyEx", argc=9, conv=_arch.CALL_CONV_STDCALL) - def RegCreateKeyEx(self, emu, argv, ctx={}): + def RegCreateKeyEx(self, emu, argv, ctx: dict[str, str] | None = None): """ LSTATUS RegCreateKeyExA( HKEY hKey, @@ -394,6 +402,7 @@ def RegCreateKeyEx(self, emu, argv, ctx={}): LPDWORD lpdwDisposition ); """ + ctx = ctx or {} hKey, lpSubKey, _reserved, _lpClass, _dwOptions, _samDesired, _sa, phkResult, lpdwDisposition = argv key_path = "" @@ -432,13 +441,14 @@ def RegCreateKeyEx(self, emu, argv, ctx={}): return windefs.ERROR_SUCCESS @apihook("RegDeleteValue", argc=2, conv=_arch.CALL_CONV_STDCALL) - def RegDeleteValue(self, emu, argv, ctx={}): + def RegDeleteValue(self, emu, argv, ctx: dict[str, str] | None = None): """ LSTATUS RegDeleteValueA( HKEY hKey, LPCSTR lpValueName ); """ + ctx = ctx or {} hKey, lpValueName = argv key = self.reg_get_key(hKey) @@ -459,7 +469,8 @@ def RegDeleteValue(self, emu, argv, ctx={}): return windefs.ERROR_SUCCESS @apihook("RegQueryInfoKey", argc=12, conv=_arch.CALL_CONV_STDCALL) - def RegQueryInfoKey(self, emu, argv, ctx={}): + def RegQueryInfoKey(self, emu, argv, ctx: dict[str, str] | None = None): + ctx = ctx or {} # TODO: stub """ LSTATUS RegQueryInfoKeyA( @@ -506,7 +517,7 @@ def RegQueryInfoKey(self, emu, argv, ctx={}): return rv @apihook("OpenProcessToken", argc=3, conv=_arch.CALL_CONV_STDCALL) - def OpenProcessToken(self, emu, argv, ctx={}): + def OpenProcessToken(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL OpenProcessToken( HANDLE ProcessHandle, @@ -514,6 +525,7 @@ def OpenProcessToken(self, emu, argv, ctx={}): PHANDLE pTokenHandle ); """ + ctx = ctx or {} hProcess, DesiredAccess, pTokenHandle = argv rv = 0 @@ -538,7 +550,7 @@ def OpenProcessToken(self, emu, argv, ctx={}): return rv @apihook("OpenThreadToken", argc=4, conv=_arch.CALL_CONV_STDCALL) - def OpenThreadToken(self, emu, argv, ctx={}): + def OpenThreadToken(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL OpenThreadToken( HANDLE ThreadHandle, @@ -547,6 +559,7 @@ def OpenThreadToken(self, emu, argv, ctx={}): PHANDLE TokenHandle ); """ + ctx = ctx or {} ThreadHandle, DesiredAccess, OpenAsSelf, pTokenHandle = argv rv = 0 @@ -571,7 +584,7 @@ def OpenThreadToken(self, emu, argv, ctx={}): return rv @apihook("DuplicateTokenEx", argc=6, conv=_arch.CALL_CONV_STDCALL) - def DuplicateTokenEx(self, emu, argv, ctx={}): + def DuplicateTokenEx(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL DuplicateTokenEx( HANDLE hExistingToken, @@ -582,6 +595,7 @@ def DuplicateTokenEx(self, emu, argv, ctx={}): PHANDLE phNewToken ); """ + ctx = ctx or {} (hExistingToken, access, token_attrs, imp_level, toktype, phNewToken) = argv rv = 0 @@ -603,7 +617,7 @@ def DuplicateTokenEx(self, emu, argv, ctx={}): return rv @apihook("SetTokenInformation", argc=4, conv=_arch.CALL_CONV_STDCALL) - def SetTokenInformation(self, emu, argv, ctx={}): + def SetTokenInformation(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetTokenInformation( HANDLE TokenHandle, @@ -612,6 +626,7 @@ def SetTokenInformation(self, emu, argv, ctx={}): DWORD TokenInformationLength ); """ + ctx = ctx or {} handle, info_class, info, info_len = argv @@ -620,12 +635,13 @@ def SetTokenInformation(self, emu, argv, ctx={}): return rv @apihook("StartServiceCtrlDispatcher", argc=1) - def StartServiceCtrlDispatcher(self, emu, argv, ctx={}): + def StartServiceCtrlDispatcher(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL StartServiceCtrlDispatcher( const SERVICE_TABLE_ENTRY *lpServiceStartTable ); """ + ctx = ctx or {} (lpServiceStartTable,) = argv try: @@ -666,13 +682,14 @@ def StartServiceCtrlDispatcher(self, emu, argv, ctx={}): return rv @apihook("RegisterServiceCtrlHandler", argc=2) - def RegisterServiceCtrlHandler(self, emu, argv, ctx={}): + def RegisterServiceCtrlHandler(self, emu, argv, ctx: dict[str, str] | None = None): """ SERVICE_STATUS_HANDLE RegisterServiceCtrlHandlerA( LPCSTR lpServiceName, LPHANDLER_FUNCTION lpHandlerProc ); """ + ctx = ctx or {} lpServiceName, lpHandlerProc = argv @@ -684,7 +701,7 @@ def RegisterServiceCtrlHandler(self, emu, argv, ctx={}): return self.service_status_handle @apihook("RegisterServiceCtrlHandlerEx", argc=3) - def RegisterServiceCtrlHandlerEx(self, emu, argv, ctx={}): + def RegisterServiceCtrlHandlerEx(self, emu, argv, ctx: dict[str, str] | None = None): """ SERVICE_STATUS_HANDLE RegisterServiceCtrlHandlerExA( LPCSTR lpServiceName, @@ -692,18 +709,20 @@ def RegisterServiceCtrlHandlerEx(self, emu, argv, ctx={}): LPVOID lpContext ); """ + ctx = ctx or {} lpServiceName, lpHandlerProc, lpContext = argv return self.RegisterServiceCtrlHandler(self, emu, [lpServiceName, lpHandlerProc], ctx) @apihook("SetServiceStatus", argc=2) - def SetServiceStatus(self, emu, argv, ctx={}): + def SetServiceStatus(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetServiceStatus( SERVICE_STATUS_HANDLE hServiceStatus, LPSERVICE_STATUS lpServiceStatus ); """ + ctx = ctx or {} hServiceStatus, lpServiceStatus = argv @@ -712,23 +731,25 @@ def SetServiceStatus(self, emu, argv, ctx={}): return 0x1 @apihook("RevertToSelf", argc=0) - def RevertToSelf(self, emu, argv, ctx={}): + def RevertToSelf(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL RevertToSelf(); """ + ctx = ctx or {} return 1 @apihook("ImpersonateLoggedOnUser", argc=1) - def ImpersonateLoggedOnUser(self, emu, argv, ctx={}): + def ImpersonateLoggedOnUser(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL ImpersonateLoggedOnUser( HANDLE hToken ); """ + ctx = ctx or {} return 1 @apihook("OpenSCManager", argc=3) - def OpenSCManager(self, emu, argv, ctx={}): + def OpenSCManager(self, emu, argv, ctx: dict[str, str] | None = None): """ SC_HANDLE OpenSCManager( LPCSTR lpMachineName, @@ -736,6 +757,7 @@ def OpenSCManager(self, emu, argv, ctx={}): DWORD dwDesiredAccess ); """ + ctx = ctx or {} lpMachineName, lpDatabaseName, dwDesiredAccess = argv hScm = self.mem_alloc(size=8) @@ -744,7 +766,7 @@ def OpenSCManager(self, emu, argv, ctx={}): return hScm @apihook("CreateService", argc=13) - def CreateService(self, emu, argv, ctx={}): + def CreateService(self, emu, argv, ctx: dict[str, str] | None = None): """ SC_HANDLE CreateServiceA( SC_HANDLE hSCManager, @@ -762,6 +784,7 @@ def CreateService(self, emu, argv, ctx={}): LPCSTR lpPassword ); """ + ctx = ctx or {} ( hScm, svc_name, @@ -796,7 +819,7 @@ def CreateService(self, emu, argv, ctx={}): return hSvc @apihook("StartService", argc=3) - def StartService(self, emu, argv, ctx={}): + def StartService(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL StartService( SC_HANDLE hService, @@ -804,6 +827,7 @@ def StartService(self, emu, argv, ctx={}): LPCSTR *lpServiceArgVectors ); """ + ctx = ctx or {} hService, dwNumServiceArgs, lpServiceArgVectors = argv rv = 1 @@ -813,11 +837,12 @@ def StartService(self, emu, argv, ctx={}): return rv @apihook("StartServiceA", argc=3) - def StartServiceA(self, emu, argv, ctx={}): + def StartServiceA(self, emu, argv, ctx: dict[str, str] | None = None): + ctx = ctx or {} return self.StartService(emu, argv, ctx) @apihook("ControlService", argc=3) - def ControlService(self, emu, argv, ctx={}): + def ControlService(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL ControlService( [in] SC_HANDLE hService, @@ -825,6 +850,7 @@ def ControlService(self, emu, argv, ctx={}): [out] LPSERVICE_STATUS lpServiceStatus ); """ + ctx = ctx or {} hService, dwControl, lpServiceStatus = argv rv = 1 @@ -834,13 +860,14 @@ def ControlService(self, emu, argv, ctx={}): return rv @apihook("QueryServiceStatus", argc=2) - def QueryServiceStatus(self, emu, argv, ctx={}): + def QueryServiceStatus(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL QueryServiceStatus( SC_HANDLE hService, LPSERVICE_STATUS lpServiceStatus ); """ + ctx = ctx or {} hService, lpServiceStatus = argv if not hService: @@ -865,7 +892,7 @@ def QueryServiceStatus(self, emu, argv, ctx={}): @apihook("QueryServiceConfig", argc=4) @apihook("QueryServiceConfigA", argc=4) @apihook("QueryServiceConfigW", argc=4) - def QueryServiceConfig(self, emu, argv, ctx={}): + def QueryServiceConfig(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL QueryServiceConfigA( SC_HANDLE hService, @@ -874,6 +901,7 @@ def QueryServiceConfig(self, emu, argv, ctx={}): LPDWORD pcbBytesNeeded ); """ + ctx = ctx or {} hService, lpServiceConfig, cbBufSize, pcbBytesNeeded = argv if not hService: @@ -906,12 +934,13 @@ def QueryServiceConfig(self, emu, argv, ctx={}): return 1 @apihook("CloseServiceHandle", argc=1) - def CloseServiceHandle(self, emu, argv, ctx={}): + def CloseServiceHandle(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CloseServiceHandle( SC_HANDLE hSCObject ); """ + ctx = ctx or {} (CloseServiceHandle,) = argv self.mem_free(CloseServiceHandle) @@ -923,7 +952,7 @@ def CloseServiceHandle(self, emu, argv, ctx={}): return rv @apihook("ChangeServiceConfig", argc=11) - def ChangeServiceConfig(self, emu, argv, ctx={}): + def ChangeServiceConfig(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL ChangeServiceConfigA( SC_HANDLE hService, @@ -939,6 +968,7 @@ def ChangeServiceConfig(self, emu, argv, ctx={}): LPCSTR lpDisplayName ); """ + ctx = ctx or {} ( _hService, _dwServiceType, @@ -972,7 +1002,7 @@ def ChangeServiceConfig(self, emu, argv, ctx={}): return 1 @apihook("ChangeServiceConfig2", argc=3) - def ChangeServiceConfig2(self, emu, argv, ctx={}): + def ChangeServiceConfig2(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL ChangeServiceConfig2( SC_HANDLE hService, @@ -980,6 +1010,7 @@ def ChangeServiceConfig2(self, emu, argv, ctx={}): LPVOID lpInfo ); """ + ctx = ctx or {} hService, dwInfoLevel, lpInfo = argv rv = 1 @@ -989,13 +1020,14 @@ def ChangeServiceConfig2(self, emu, argv, ctx={}): return rv @apihook("SystemFunction036", argc=2) - def RtlGenRandom(self, emu, argv, ctx={}): + def RtlGenRandom(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLEAN RtlGenRandom( PVOID RandomBuffer, ULONG RandomBufferLength ); """ + ctx = ctx or {} RandomBuffer, RandomBufferLength = argv rv = False @@ -1007,7 +1039,7 @@ def RtlGenRandom(self, emu, argv, ctx={}): return rv @apihook("CryptAcquireContext", argc=5) - def CryptAcquireContext(self, emu, argv, ctx={}): + def CryptAcquireContext(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CryptAcquireContext( HCRYPTPROV *phProv, @@ -1017,6 +1049,7 @@ def CryptAcquireContext(self, emu, argv, ctx={}): DWORD dwFlags ); """ + ctx = ctx or {} phProv, szContainer, szProvider, dwProvType, dwFlags = argv cont_str, prov_str = "", "" cw = self.get_char_width(ctx) @@ -1040,7 +1073,7 @@ def CryptAcquireContext(self, emu, argv, ctx={}): return rv @apihook("CryptGenRandom", argc=3) - def CryptGenRandom(self, emu, argv, ctx={}): + def CryptGenRandom(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CryptGenRandom( HCRYPTPROV hProv, @@ -1048,6 +1081,7 @@ def CryptGenRandom(self, emu, argv, ctx={}): BYTE *pbBuffer ); """ + ctx = ctx or {} hProv, dwLen, pbBuffer = argv rv = False @@ -1059,7 +1093,7 @@ def CryptGenRandom(self, emu, argv, ctx={}): return rv @apihook("AllocateAndInitializeSid", argc=11) - def AllocateAndInitializeSid(self, emu, argv, ctx={}): + def AllocateAndInitializeSid(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, @@ -1075,6 +1109,7 @@ def AllocateAndInitializeSid(self, emu, argv, ctx={}): PSID *pSid ); """ + ctx = ctx or {} auth, count, sa0, sa1, sa2, sa3, sa4, sa5, sa6, sa7, pSid = argv rv = False @@ -1086,7 +1121,7 @@ def AllocateAndInitializeSid(self, emu, argv, ctx={}): return rv @apihook("CheckTokenMembership", argc=3) - def CheckTokenMembership(self, emu, argv, ctx={}): + def CheckTokenMembership(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CheckTokenMembership( HANDLE TokenHandle, @@ -1094,6 +1129,7 @@ def CheckTokenMembership(self, emu, argv, ctx={}): PBOOL IsMember ); """ + ctx = ctx or {} TokenHandle, SidToCheck, IsMember = argv rv = False @@ -1103,12 +1139,13 @@ def CheckTokenMembership(self, emu, argv, ctx={}): return rv @apihook("FreeSid", argc=1) - def FreeSid(self, emu, argv, ctx={}): + def FreeSid(self, emu, argv, ctx: dict[str, str] | None = None): """ PVOID FreeSid( PSID pSid ); """ + ctx = ctx or {} (pSid,) = argv rv = pSid @@ -1118,13 +1155,14 @@ def FreeSid(self, emu, argv, ctx={}): return rv @apihook("CryptReleaseContext", argc=2) - def CryptReleaseContext(self, emu, argv, ctx={}): + def CryptReleaseContext(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CryptReleaseContext( HCRYPTPROV hProv, DWORD dwFlags ); """ + ctx = ctx or {} hProv, dwFlags = argv rv = True @@ -1134,12 +1172,13 @@ def CryptReleaseContext(self, emu, argv, ctx={}): return rv @apihook("GetCurrentHwProfile", argc=1) - def GetCurrentHwProfile(self, emu, argv, ctx={}): + def GetCurrentHwProfile(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetCurrentHwProfileA( LPHW_PROFILE_INFOA lpHwProfileInfo ); """ + ctx = ctx or {} (lpHwProfileInfo,) = argv if not lpHwProfileInfo: @@ -1167,13 +1206,14 @@ def GetCurrentHwProfile(self, emu, argv, ctx={}): return 1 @apihook("GetUserName", argc=2) - def GetUserName(self, emu, argv, ctx={}): + def GetUserName(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetUserName( LPSTR lpBuffer, LPDWORD pcbBuffer ); """ + ctx = ctx or {} lpBuffer, pcbBuffer = argv rv = False cw = self.get_char_width(ctx) @@ -1194,7 +1234,7 @@ def GetUserName(self, emu, argv, ctx={}): return rv @apihook("LookupPrivilegeValue", argc=3) - def LookupPrivilegeValue(self, emu, argv, ctx={}): + def LookupPrivilegeValue(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL LookupPrivilegeValue( LPCSTR lpSystemName, @@ -1202,6 +1242,7 @@ def LookupPrivilegeValue(self, emu, argv, ctx={}): PLUID lpLuid ); """ + ctx = ctx or {} sysname, name, luid = argv rv = False cw = self.get_char_width(ctx) @@ -1217,7 +1258,7 @@ def LookupPrivilegeValue(self, emu, argv, ctx={}): return rv @apihook("AdjustTokenPrivileges", argc=6) - def AdjustTokenPrivileges(self, emu, argv, ctx={}): + def AdjustTokenPrivileges(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL AdjustTokenPrivileges( HANDLE TokenHandle, @@ -1228,12 +1269,13 @@ def AdjustTokenPrivileges(self, emu, argv, ctx={}): PDWORD ReturnLength ); """ + ctx = ctx or {} rv = True return rv @apihook("GetTokenInformation", argc=5) - def GetTokenInformation(self, emu, argv, ctx={}): + def GetTokenInformation(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetTokenInformation( HANDLE TokenHandle, @@ -1243,6 +1285,7 @@ def GetTokenInformation(self, emu, argv, ctx={}): PDWORD ReturnLength ); """ + ctx = ctx or {} hnd, info_class, info, info_len, ret_len = argv rv = True @@ -1258,13 +1301,14 @@ def GetTokenInformation(self, emu, argv, ctx={}): return rv @apihook("EqualSid", argc=2) - def EqualSid(self, emu, argv, ctx={}): + def EqualSid(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL EqualSid( PSID pSid1, PSID pSid2 ); """ + ctx = ctx or {} sid1, sid2 = argv rv = False @@ -1277,24 +1321,26 @@ def EqualSid(self, emu, argv, ctx={}): return rv @apihook("GetSidIdentifierAuthority", argc=1) - def GetSidIdentifierAuthority(self, emu, argv, ctx={}): + def GetSidIdentifierAuthority(self, emu, argv, ctx: dict[str, str] | None = None): """ PSID_IDENTIFIER_AUTHORITY GetSidIdentifierAuthority( [in] PSID pSid ); """ + ctx = ctx or {} (sid,) = argv # IdentifierAuthority is at offset 0x02 in the SID structure return sid + 2 @apihook("GetSidSubAuthorityCount", argc=1) - def GetSidSubAuthorityCount(self, emu, argv, ctx={}): + def GetSidSubAuthorityCount(self, emu, argv, ctx: dict[str, str] | None = None): """ PUCHAR GetSidSubAuthorityCount( PSID pSid ); """ + ctx = ctx or {} (sid,) = argv rv = 0 @@ -1304,20 +1350,21 @@ def GetSidSubAuthorityCount(self, emu, argv, ctx={}): return rv @apihook("GetSidSubAuthority", argc=2) - def GetSidSubAuthority(self, emu, argv, ctx={}): + def GetSidSubAuthority(self, emu, argv, ctx: dict[str, str] | None = None): """ PDWORD GetSidSubAuthority( [in] PSID pSid, [in] DWORD nSubAuthority ); """ + ctx = ctx or {} sid, nsub = argv # SubAuthorities begin at offset 0x8 return sid + 8 + (nsub * 4) @apihook("LookupAccountName", argc=7) - def LookupAccountName(self, emu, argv, ctx={}): + def LookupAccountName(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL LookupAccountNameA( [in, optional] LPCSTR lpSystemName, @@ -1329,6 +1376,7 @@ def LookupAccountName(self, emu, argv, ctx={}): [out] PSID_NAME_USE peUse ); """ + ctx = ctx or {} ptr_sysname, ptr_acctname, ptr_sid, ptr_cbsid, ptr_domname, ptr_cchdomname, ptr_peuse = argv rv = 0 @@ -1391,7 +1439,7 @@ def LookupAccountName(self, emu, argv, ctx={}): return rv @apihook("LookupAccountSid", argc=7) - def LookupAccountSid(self, emu, argv, ctx={}): + def LookupAccountSid(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL LookupAccountSid( LPCSTR lpSystemName, @@ -1403,6 +1451,7 @@ def LookupAccountSid(self, emu, argv, ctx={}): PSID_NAME_USE peUse ); """ + ctx = ctx or {} sysname, sid, name, cchname, domname, cchdomname, peuse = argv rv = False @@ -1428,7 +1477,7 @@ def LookupAccountSid(self, emu, argv, ctx={}): return rv @apihook("CreateProcessAsUser", argc=11, conv=_arch.CALL_CONV_STDCALL) - def CreateProcessAsUser(self, emu, argv, ctx={}): + def CreateProcessAsUser(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CreateProcessAsUser( HANDLE hToken, @@ -1444,6 +1493,7 @@ def CreateProcessAsUser(self, emu, argv, ctx={}): LPPROCESS_INFORMATION lpProcessInformation ); """ + ctx = ctx or {} token, app, cmd, pa, ta, inherit, flags, env, cd, si, ppi = argv cw = self.get_char_width(ctx) @@ -1479,7 +1529,7 @@ def CreateProcessAsUser(self, emu, argv, ctx={}): return rv @apihook("CryptCreateHash", argc=5) - def CryptCreateHash(self, emu, argv, ctx={}): + def CryptCreateHash(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CryptCreateHash( HCRYPTPROV hProv, @@ -1489,6 +1539,7 @@ def CryptCreateHash(self, emu, argv, ctx={}): HCRYPTHASH *phHash ); """ + ctx = ctx or {} hash_algs = { 0x00008004: ("CALG_SHA1", hashlib.sha1), @@ -1514,7 +1565,7 @@ def CryptCreateHash(self, emu, argv, ctx={}): return 1 @apihook("CryptHashData", argc=4) - def CryptHashData(self, emu, argv, ctx={}): + def CryptHashData(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CryptHashData( HCRYPTHASH hHash, @@ -1523,6 +1574,7 @@ def CryptHashData(self, emu, argv, ctx={}): DWORD dwFlags ); """ + ctx = ctx or {} hHash, pbData, dwDataLen, dwFlags = argv hnd = self.hash_objects.get(hHash, None) @@ -1538,7 +1590,7 @@ def CryptHashData(self, emu, argv, ctx={}): return 1 @apihook("CryptGetHashParam", argc=5) - def CryptGetHashParam(self, emu, argv, ctx={}): + def CryptGetHashParam(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CryptGetHashParam( HCRYPTHASH hHash, @@ -1548,6 +1600,7 @@ def CryptGetHashParam(self, emu, argv, ctx={}): DWORD dwFlags ); """ + ctx = ctx or {} hHash, dwParam, pbData, pdwDataLen, dwFlags = argv param_enums = {1: "HP_ALGID", 2: "HP_HASHVAL", 4: "HP_HASHSIZE", 5: "HP_HMAC_INFO"} @@ -1558,16 +1611,17 @@ def CryptGetHashParam(self, emu, argv, ctx={}): return 1 @apihook("CryptDestroyHash", argc=1) - def CryptDestroyHash(self, emu, argv, ctx={}): + def CryptDestroyHash(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CryptDestroyHash( HCRYPTHASH hHash ); """ + ctx = ctx or {} return 1 @apihook("CryptDeriveKey", argc=5) - def CryptDeriveKey(self, emu, argv, ctx={}): + def CryptDeriveKey(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CryptDeriveKey( HCRYPTPROV hProv, @@ -1577,6 +1631,7 @@ def CryptDeriveKey(self, emu, argv, ctx={}): HCRYPTKEY *phKey ); """ + ctx = ctx or {} hProv, Algid, hBaseData, dwFlags, phKey = argv @@ -1612,7 +1667,7 @@ def CryptDeriveKey(self, emu, argv, ctx={}): return 1 @apihook("CryptDecrypt", argc=6) - def CryptDecrypt(self, emu, argv, ctx={}): + def CryptDecrypt(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CryptDecrypt( HCRYPTKEY hKey, @@ -1623,6 +1678,7 @@ def CryptDecrypt(self, emu, argv, ctx={}): DWORD *pdwDataLen ); """ + ctx = ctx or {} hKey, hHash, Final, dwFlags, pbData, pdwDataLen = argv @@ -1660,7 +1716,7 @@ def CryptDecrypt(self, emu, argv, ctx={}): return 1 @apihook("RegGetValue", argc=7, conv=_arch.CALL_CONV_STDCALL) - def RegGetValue(self, emu, argv, ctx={}): + def RegGetValue(self, emu, argv, ctx: dict[str, str] | None = None): """ LSTATUS RegGetValueW( HKEY hkey, @@ -1672,6 +1728,7 @@ def RegGetValue(self, emu, argv, ctx={}): LPDWORD pcbData ); """ + ctx = ctx or {} hKey, lpSubKey, lpValue, dwFlags, lpType, lpData, lpcbData = argv rv = windefs.ERROR_SUCCESS @@ -1727,7 +1784,7 @@ def RegGetValue(self, emu, argv, ctx={}): return rv @apihook("EnumServicesStatus", argc=8, conv=_arch.CALL_CONV_STDCALL) - def EnumServicesStatus(self, emu, argv, ctx={}): + def EnumServicesStatus(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL EnumServicesStatusA( SC_HANDLE hSCManager, @@ -1740,6 +1797,7 @@ def EnumServicesStatus(self, emu, argv, ctx={}): LPDWORD lpResumeHandle ); """ + ctx = ctx or {} ( hSCManager, dwServiceType, @@ -1763,7 +1821,7 @@ def EnumServicesStatus(self, emu, argv, ctx={}): return 1 @apihook("OpenService", argc=3, conv=_arch.CALL_CONV_STDCALL) - def OpenService(self, emu, argv, ctx={}): + def OpenService(self, emu, argv, ctx: dict[str, str] | None = None): """ SC_HANDLE OpenServiceA( SC_HANDLE hSCManager, @@ -1771,6 +1829,7 @@ def OpenService(self, emu, argv, ctx={}): DWORD dwDesiredAccess ); """ + ctx = ctx or {} hSCManager, lpServiceName, dwDesiredAccess = argv cw = self.get_char_width(ctx) svcname = self.read_mem_string(lpServiceName, cw) @@ -1778,10 +1837,11 @@ def OpenService(self, emu, argv, ctx={}): return self.get_handle() @apihook("DeleteService", argc=1, conv=_arch.CALL_CONV_STDCALL) - def DeleteService(self, emu, argv, ctx={}): + def DeleteService(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL DeleteService( SC_HANDLE hService ); """ + ctx = ctx or {} return 1 diff --git a/speakeasy/winenv/api/usermode/advpack.py b/speakeasy/winenv/api/usermode/advpack.py index c4c8c183..285ce52a 100644 --- a/speakeasy/winenv/api/usermode/advpack.py +++ b/speakeasy/winenv/api/usermode/advpack.py @@ -22,8 +22,9 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("IsNTAdmin", argc=2) - def IsNTAdmin(self, emu, argv, ctx={}): + def IsNTAdmin(self, emu, argv, ctx: dict[str, str] | None = None): """ bool IsNTAdmin(); """ + ctx = ctx or {} return emu.config.user.is_admin diff --git a/speakeasy/winenv/api/usermode/bcrypt.py b/speakeasy/winenv/api/usermode/bcrypt.py index 513299a7..8ffa7d1b 100644 --- a/speakeasy/winenv/api/usermode/bcrypt.py +++ b/speakeasy/winenv/api/usermode/bcrypt.py @@ -26,7 +26,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("BCryptOpenAlgorithmProvider", argc=4) - def BCryptOpenAlgorithmProvider(self, emu, argv, ctx={}): + def BCryptOpenAlgorithmProvider(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS BCryptOpenAlgorithmProvider( BCRYPT_ALG_HANDLE *phAlgorithm, @@ -35,6 +35,7 @@ def BCryptOpenAlgorithmProvider(self, emu, argv, ctx={}): ULONG dwFlags ); """ + ctx = ctx or {} phAlgorithm, pszAlgId, pszImplementation, dwFlags = argv algid = self.read_wide_string(pszAlgId) @@ -56,7 +57,7 @@ def BCryptOpenAlgorithmProvider(self, emu, argv, ctx={}): return ntdefs.STATUS_SUCCESS @apihook("BCryptImportKeyPair", argc=7) - def BCryptImportKeyPair(self, emu, argv, ctx={}): + def BCryptImportKeyPair(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS BCryptImportKeyPair( BCRYPT_ALG_HANDLE hAlgorithm, @@ -68,6 +69,7 @@ def BCryptImportKeyPair(self, emu, argv, ctx={}): ULONG dwFlags ); """ + ctx = ctx or {} hAlgorithm, hImportKey, pszBlobType, phKey, pbInput, cbInput, dwFlags = argv blob_type = self.read_wide_string(pszBlobType) @@ -88,13 +90,14 @@ def BCryptImportKeyPair(self, emu, argv, ctx={}): return ntdefs.STATUS_SUCCESS @apihook("BCryptCloseAlgorithmProvider", argc=2) - def BCryptCloseAlgorithmProvider(self, emu, argv, ctx={}): + def BCryptCloseAlgorithmProvider(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS BCryptCloseAlgorithmProvider( BCRYPT_ALG_HANDLE hAlgorithm, ULONG dwFlags ); """ + ctx = ctx or {} hAlgorithm, dwFlags = argv cm = emu.get_crypt_manager() @@ -104,7 +107,7 @@ def BCryptCloseAlgorithmProvider(self, emu, argv, ctx={}): return ntdefs.STATUS_SUCCESS @apihook("BCryptGetProperty", argc=6) - def BCryptGetProperty(self, emu, argv, ctx={}): + def BCryptGetProperty(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS BCryptGetProperty( BCRYPT_HANDLE hObject, @@ -115,6 +118,7 @@ def BCryptGetProperty(self, emu, argv, ctx={}): ULONG dwFlags ); """ + ctx = ctx or {} hObject, pszProperty, pbOutput, cbOutput, pcbResult, dwFlags = argv property = self.read_wide_string(pszProperty) @@ -126,12 +130,13 @@ def BCryptGetProperty(self, emu, argv, ctx={}): return ntdefs.STATUS_SUCCESS @apihook("BCryptDestroyKey", argc=1) - def BCryptDestroyKey(self, emu, argv, ctx={}): + def BCryptDestroyKey(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSTATUS BCryptDestroyKey( BCRYPT_KEY_HANDLE hKey ); """ + ctx = ctx or {} (hKey,) = argv cm = emu.get_crypt_manager() for hnd, ctx in cm.ctx_handles.items(): diff --git a/speakeasy/winenv/api/usermode/com_api.py b/speakeasy/winenv/api/usermode/com_api.py index 5e84d760..2c08bf7e 100644 --- a/speakeasy/winenv/api/usermode/com_api.py +++ b/speakeasy/winenv/api/usermode/com_api.py @@ -25,34 +25,37 @@ def __init__(self, emu): # First argument (self) is not reflected in method definitions; note this increases argc by 1 @apihook("IUnknown.QueryInterface", argc=3) - def IUnknown_QueryInterface(self, emu, argv, ctx={}): + def IUnknown_QueryInterface(self, emu, argv, ctx: dict[str, str] | None = None): """ HRESULT QueryInterface( REFIID riid, void **ppvObject ); """ + ctx = ctx or {} # not implemented return comdefs.S_OK @apihook("IUnknown.AddRef", argc=1) - def IUnknown_AddRef(self, emu, argv, ctx={}): + def IUnknown_AddRef(self, emu, argv, ctx: dict[str, str] | None = None): """ ULONG AddRef(); """ + ctx = ctx or {} # not implemented return 1 @apihook("IUnknown.Release", argc=1) - def IUnknown_Release(self, emu, argv, ctx={}): + def IUnknown_Release(self, emu, argv, ctx: dict[str, str] | None = None): """ ULONG Release(); """ + ctx = ctx or {} # not implemented return 0 @apihook("IWbemLocator.ConnectServer", argc=9) - def IWbemLocator_ConnectServer(self, emu, argv, ctx={}): + def IWbemLocator_ConnectServer(self, emu, argv, ctx: dict[str, str] | None = None): """ HRESULT ConnectServer( const BSTR strNetworkResource, @@ -65,6 +68,7 @@ def IWbemLocator_ConnectServer(self, emu, argv, ctx={}): IWbemServices **ppNamespace ); """ + ctx = ctx or {} ptr, strNetworkResource, strUser, strPassword, strLocale, lSecurityFlags, strAuthority, pCtx, ppNamespace = argv argv[1] = self.read_wide_string(strNetworkResource) @@ -77,7 +81,7 @@ def IWbemLocator_ConnectServer(self, emu, argv, ctx={}): return comdefs.S_OK @apihook("IWbemServices.ExecQuery", argc=6) - def IWbemServices_ExecQuery(self, emu, argv, ctx={}): + def IWbemServices_ExecQuery(self, emu, argv, ctx: dict[str, str] | None = None): """ HRESULT ExecQuery( const BSTR strQueryLanguage, @@ -87,6 +91,7 @@ def IWbemServices_ExecQuery(self, emu, argv, ctx={}): IEnumWbemClassObject **ppEnum ); """ + ctx = ctx or {} ptr, strQueryLanguage, strQuery, lFlags, pCtx, ppEnum = argv argv[1] = self.read_wide_string(strQueryLanguage) argv[2] = self.read_wide_string(strQuery) diff --git a/speakeasy/winenv/api/usermode/comctl32.py b/speakeasy/winenv/api/usermode/comctl32.py index 2b21eada..1015ddbc 100644 --- a/speakeasy/winenv/api/usermode/comctl32.py +++ b/speakeasy/winenv/api/usermode/comctl32.py @@ -19,23 +19,25 @@ def __init__(self, emu): self.names = {} @apihook("InitCommonControlsEx", argc=1) - def InitCommonControlsEx(self, emu, argv, ctx={}): + def InitCommonControlsEx(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL InitCommonControlsEx( const INITCOMMONCONTROLSEX *picce ); """ + ctx = ctx or {} (picce,) = argv rv = True return rv @apihook("InitCommonControls", argc=0) - def InitCommonControls(self, emu, argv, ctx={}): + def InitCommonControls(self, emu, argv, ctx: dict[str, str] | None = None): """ void InitCommonControls(); Under Comctl32.dll version 6.0 and later, InitCommonControls does nothing. Applications must explicitly register all common controls through InitCommonControlsEx. """ + ctx = ctx or {} return diff --git a/speakeasy/winenv/api/usermode/crypt32.py b/speakeasy/winenv/api/usermode/crypt32.py index d27f48a2..11553a06 100644 --- a/speakeasy/winenv/api/usermode/crypt32.py +++ b/speakeasy/winenv/api/usermode/crypt32.py @@ -28,7 +28,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("CryptStringToBinary", argc=7) - def CryptStringToBinary(self, emu, argv, ctx={}): + def CryptStringToBinary(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CryptStringToBinaryA( LPCSTR pszString, @@ -40,6 +40,7 @@ def CryptStringToBinary(self, emu, argv, ctx={}): DWORD *pdwFlags ); """ + ctx = ctx or {} cw = self.get_char_width(ctx) diff --git a/speakeasy/winenv/api/usermode/dnsapi.py b/speakeasy/winenv/api/usermode/dnsapi.py index bac2bf41..af31b594 100644 --- a/speakeasy/winenv/api/usermode/dnsapi.py +++ b/speakeasy/winenv/api/usermode/dnsapi.py @@ -44,7 +44,7 @@ def __init__(self, emu): self.names = {} @apihook("DnsQuery_", argc=6) - def DnsQuery_(self, emu, argv, ctx={}): + def DnsQuery_(self, emu, argv, ctx: dict[str, str] | None = None): """ DNS_STATUS DnsQuery_A( PCSTR pszName, @@ -55,6 +55,7 @@ def DnsQuery_(self, emu, argv, ctx={}): PVOID *pReserved ); """ + ctx = ctx or {} pszName, wType, Options, pExtra, ppQueryResults, pReserved = argv rv = windefs.ERROR_INVALID_PARAMETER diff --git a/speakeasy/winenv/api/usermode/gdi32.py b/speakeasy/winenv/api/usermode/gdi32.py index 5d1c02db..50922f63 100644 --- a/speakeasy/winenv/api/usermode/gdi32.py +++ b/speakeasy/winenv/api/usermode/gdi32.py @@ -28,7 +28,7 @@ def get_handle(self): return hnd @apihook("CreateBitmap", argc=5) - def CreateBitmap(self, emu, argv, ctx={}): + def CreateBitmap(self, emu, argv, ctx: dict[str, str] | None = None): """ HBITMAP CreateBitmap( int nWidth, @@ -38,10 +38,11 @@ def CreateBitmap(self, emu, argv, ctx={}): const VOID *lpBits ); """ + ctx = ctx or {} return self.get_handle() @apihook("MoveToEx", argc=1) - def MoveToEx(self, emu, argv, ctx={}): + def MoveToEx(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL MoveToEx( HDC hdc, @@ -50,10 +51,11 @@ def MoveToEx(self, emu, argv, ctx={}): LPPOINT lppt ); """ + ctx = ctx or {} return 1 @apihook("LineTo", argc=1) - def LineTo(self, emu, argv, ctx={}): + def LineTo(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL LineTo( HDC hdc, @@ -61,47 +63,52 @@ def LineTo(self, emu, argv, ctx={}): int y ) """ + ctx = ctx or {} return 1 @apihook("GetStockObject", argc=1) - def GetStockObject(self, emu, argv, ctx={}): + def GetStockObject(self, emu, argv, ctx: dict[str, str] | None = None): """ HGDIOBJ GetStockObject( int i ); """ + ctx = ctx or {} return 0 @apihook("GetMapMode", argc=1) - def GetMapMode(self, emu, argv, ctx={}): + def GetMapMode(self, emu, argv, ctx: dict[str, str] | None = None): """ int GetMapMode( HDC hdc ); """ + ctx = ctx or {} return 1 @apihook("GetDeviceCaps", argc=2) - def GetDeviceCaps(self, emu, argv, ctx={}): + def GetDeviceCaps(self, emu, argv, ctx: dict[str, str] | None = None): """ int GetDeviceCaps( HDC hdc, int index ); """ + ctx = ctx or {} return 16 @apihook("GdiSetBatchLimit", argc=1) - def GdiSetBatchLimit(self, emu, argv, ctx={}): + def GdiSetBatchLimit(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD GdiSetBatchLimit( DWORD dw ); """ + ctx = ctx or {} return 0 @apihook("MaskBlt", argc=12) - def MaskBlt(self, emu, argv, ctx={}): + def MaskBlt(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL MaskBlt( HDC hdcDest, @@ -118,10 +125,11 @@ def MaskBlt(self, emu, argv, ctx={}): DWORD rop ); """ + ctx = ctx or {} return 1 @apihook("BitBlt", argc=9) - def BitBlt(self, emu, argv, ctx={}): + def BitBlt(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL BitBlt( HDC hdc, @@ -134,38 +142,42 @@ def BitBlt(self, emu, argv, ctx={}): int y1, DWORD rop """ + ctx = ctx or {} return 1 @apihook("DeleteDC", argc=1) - def DeleteDC(self, emu, argv, ctx={}): + def DeleteDC(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL DeleteDC( HDC hdc ); """ + ctx = ctx or {} return 1 @apihook("SelectObject", argc=2) - def SelectObject(self, emu, argv, ctx={}): + def SelectObject(self, emu, argv, ctx: dict[str, str] | None = None): """ HGDIOBJ SelectObject( HDC hdc, HGDIOBJ h ); """ + ctx = ctx or {} return 0 @apihook("DeleteObject", argc=1) - def DeleteObject(self, emu, argv, ctx={}): + def DeleteObject(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL DeleteObject( HGDIOBJ ho ); """ + ctx = ctx or {} return 1 @apihook("CreateCompatibleBitmap", argc=3) - def CreateCompatibleBitmap(self, emu, argv, ctx={}): + def CreateCompatibleBitmap(self, emu, argv, ctx: dict[str, str] | None = None): """ HBITMAP CreateCompatibleBitmap( HDC hdc, @@ -173,19 +185,21 @@ def CreateCompatibleBitmap(self, emu, argv, ctx={}): int cy ); """ + ctx = ctx or {} return 0 @apihook("CreateCompatibleDC", argc=1) - def CreateCompatibleDC(self, emu, argv, ctx={}): + def CreateCompatibleDC(self, emu, argv, ctx: dict[str, str] | None = None): """ HDC CreateCompatibleDC( HDC hdc ); """ + ctx = ctx or {} return 0 @apihook("GetDIBits", argc=7) - def GetDIBits(self, emu, argv, ctx={}): + def GetDIBits(self, emu, argv, ctx: dict[str, str] | None = None): """ int GetDIBits( HDC hdc, @@ -197,10 +211,11 @@ def GetDIBits(self, emu, argv, ctx={}): UINT usage ); """ + ctx = ctx or {} return 0 @apihook("CreateDIBSection", argc=6) - def CreateDIBSection(self, emu, argv, ctx={}): + def CreateDIBSection(self, emu, argv, ctx: dict[str, str] | None = None): """ HBITMAP CreateDIBSection( [in] HDC hdc, @@ -211,10 +226,11 @@ def CreateDIBSection(self, emu, argv, ctx={}): [in] DWORD offset ); """ + ctx = ctx or {} return 0 @apihook("CreateDCA", argc=4) - def CreateDCA(self, emu, argv, ctx={}): + def CreateDCA(self, emu, argv, ctx: dict[str, str] | None = None): """ HDC CreateDCA( LPCSTR pwszDriver, @@ -223,19 +239,21 @@ def CreateDCA(self, emu, argv, ctx={}): const DEVMODEA *pdm ); """ + ctx = ctx or {} return 0 @apihook("GetTextCharacterExtra", argc=1) - def GetTextCharacterExtra(self, emu, argv, ctx={}): + def GetTextCharacterExtra(self, emu, argv, ctx: dict[str, str] | None = None): """ int GetTextCharacterExtra( HDC hdc ); """ + ctx = ctx or {} return 0x8000000 @apihook("StretchBlt", argc=11) - def StretchBlt(self, emu, argv, ctx={}): + def StretchBlt(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL StretchBlt( HDC hdcDest, @@ -251,21 +269,23 @@ def StretchBlt(self, emu, argv, ctx={}): DWORD rop ); """ + ctx = ctx or {} return 0 @apihook("CreateFontIndirectA", argc=1) - def CreateFontIndirectA(self, emu, argv, ctx={}): + def CreateFontIndirectA(self, emu, argv, ctx: dict[str, str] | None = None): """ HFONT CreateFontIndirectA( const LOGFONTA *lplf ); """ + ctx = ctx or {} # Return a fake HFONT handle. # Any non-zero value is treated as success. return 0x6000 @apihook("GetObjectA", argc=3) - def GetObjectA(self, emu, argv, ctx={}): + def GetObjectA(self, emu, argv, ctx: dict[str, str] | None = None): """ int GetObjectA( HANDLE h, @@ -273,6 +293,7 @@ def GetObjectA(self, emu, argv, ctx={}): LPVOID pv ); """ + ctx = ctx or {} h, c, pv = argv # If caller provided a buffer, fill it with zeros. @@ -292,11 +313,12 @@ def GetObjectA(self, emu, argv, ctx={}): return c @apihook("WidenPath", argc=1) - def WidenPath(self, emu, argv, ctx={}): + def WidenPath(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL WidenPath( HDC hdc ); """ + ctx = ctx or {} # We don't emulate actual path widening; just report success. return 1 diff --git a/speakeasy/winenv/api/usermode/iphlpapi.py b/speakeasy/winenv/api/usermode/iphlpapi.py index 60233b49..d9726de1 100644 --- a/speakeasy/winenv/api/usermode/iphlpapi.py +++ b/speakeasy/winenv/api/usermode/iphlpapi.py @@ -24,7 +24,8 @@ def __init__(self, emu): self.iphlpapi_types = iphlpapi_types @apihook("GetAdaptersInfo", argc=2) - def GetAdaptersInfo(self, emu, argv, ctx={}): + def GetAdaptersInfo(self, emu, argv, ctx: dict[str, str] | None = None): + ctx = ctx or {} ptr_adapter_info, size_ptr = argv rv = 0 diff --git a/speakeasy/winenv/api/usermode/kernel32.py b/speakeasy/winenv/api/usermode/kernel32.py index 11429907..30c45bac 100644 --- a/speakeasy/winenv/api/usermode/kernel32.py +++ b/speakeasy/winenv/api/usermode/kernel32.py @@ -241,48 +241,52 @@ def find_resource(self, pe, name, type_): return None @apihook("GetThreadLocale", argc=0) - def GetThreadLocale(self, emu, argv, ctx={}): + def GetThreadLocale(self, emu, argv, ctx: dict[str, str] | None = None): """ LCID GetThreadLocale(); """ + ctx = ctx or {} return 0xC000 @apihook("SetThreadLocale", argc=1) - def SetThreadLocale(self, emu, argv, ctx={}): + def SetThreadLocale(self, emu, argv, ctx: dict[str, str] | None = None): """ LCID SetThreadLocale( LCID Locale ); """ + ctx = ctx or {} (lcid,) = argv return lcid @apihook("IsValidLocale", argc=2) - def IsValidLocale(self, emu, argv, ctx={}): + def IsValidLocale(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL IsValidLocale( LCID Locale, DWORD dwFlags ); """ + ctx = ctx or {} lcid, flags = argv return True @apihook("OutputDebugString", argc=1) - def OutputDebugString(self, emu, argv, ctx={}): + def OutputDebugString(self, emu, argv, ctx: dict[str, str] | None = None): """ void OutputDebugStringA( LPCSTR lpOutputString ); """ + ctx = ctx or {} (_str,) = argv cw = self.get_char_width(ctx) argv[0] = self.read_mem_string(_str, cw) @apihook("GetThreadTimes", argc=5) - def GetThreadTimes(self, emu, argv, ctx={}): + def GetThreadTimes(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetThreadTimes( HANDLE hThread, @@ -292,6 +296,7 @@ def GetThreadTimes(self, emu, argv, ctx={}): LPFILETIME lpUserTime ); """ + ctx = ctx or {} hnd, lpCreationTime, lpExitTime, lpKernelTime, lpUserTime = argv if lpCreationTime: @@ -299,10 +304,11 @@ def GetThreadTimes(self, emu, argv, ctx={}): return True @apihook("GetProcessHeap", argc=0) - def GetProcessHeap(self, emu, argv, ctx={}): + def GetProcessHeap(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE GetProcessHeap(); """ + ctx = ctx or {} if not self.heaps: heap = self.create_heap(emu) @@ -311,12 +317,13 @@ def GetProcessHeap(self, emu, argv, ctx={}): return heap @apihook("GetProcessVersion", argc=1) - def GetProcessVersion(self, emu, argv, ctx={}): + def GetProcessVersion(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD GetProcessVersion( DWORD ProcessId ); """ + ctx = ctx or {} ver = self.emu.config.os_ver major = ver.major @@ -327,19 +334,20 @@ def GetProcessVersion(self, emu, argv, ctx={}): return rv @apihook("DisableThreadLibraryCalls", argc=1) - def DisableThreadLibraryCalls(self, emu, argv, ctx={}): + def DisableThreadLibraryCalls(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL DisableThreadLibraryCalls( HMODULE hLibModule ); """ + ctx = ctx or {} (hLibModule,) = argv return True @apihook("CreateMutex", argc=3) - def CreateMutex(self, emu, argv, ctx={}): + def CreateMutex(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE CreateMutex( LPSECURITY_ATTRIBUTES lpMutexAttributes, @@ -347,6 +355,7 @@ def CreateMutex(self, emu, argv, ctx={}): LPCSTR lpName ); """ + ctx = ctx or {} attrs, owner, name = argv @@ -369,7 +378,7 @@ def CreateMutex(self, emu, argv, ctx={}): return hnd @apihook("CreateMutexEx", argc=4) - def CreateMutexEx(self, emu, argv, ctx={}): + def CreateMutexEx(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE CreateMutexExA( LPSECURITY_ATTRIBUTES lpMutexAttributes, @@ -378,6 +387,7 @@ def CreateMutexEx(self, emu, argv, ctx={}): DWORD dwDesiredAccess ); """ + ctx = ctx or {} attrs, name, flags, access = argv cw = self.get_char_width(ctx) @@ -399,10 +409,11 @@ def CreateMutexEx(self, emu, argv, ctx={}): return hnd @apihook("LoadLibrary", argc=1) - def LoadLibrary(self, emu, argv, ctx={}): + def LoadLibrary(self, emu, argv, ctx: dict[str, str] | None = None): """HMODULE LoadLibrary( LPTSTR lpLibFileName );""" + ctx = ctx or {} (lib_name,) = argv hmod = windefs.NULL @@ -417,13 +428,14 @@ def LoadLibrary(self, emu, argv, ctx={}): return hmod @apihook("CreateToolhelp32Snapshot", argc=2) - def CreateToolhelp32Snapshot(self, emu, argv, ctx={}): + def CreateToolhelp32Snapshot(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE CreateToolhelp32Snapshot( DWORD dwFlags, DWORD th32ProcessID ); """ + ctx = ctx or {} ( dwFlags, @@ -495,13 +507,14 @@ def CreateToolhelp32Snapshot(self, emu, argv, ctx={}): return hnd @apihook("Process32First", argc=2) - def Process32First(self, emu, argv, ctx={}): + def Process32First(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL Process32First( HANDLE hSnapshot, LPPROCESSENTRY32 lppe ); """ + ctx = ctx or {} ( hSnapshot, @@ -535,13 +548,14 @@ def Process32First(self, emu, argv, ctx={}): return rv @apihook("Process32Next", argc=2) - def Process32Next(self, emu, argv, ctx={}): + def Process32Next(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL Process32Next( HANDLE hSnapshot, LPPROCESSENTRY32 lppe ); """ + ctx = ctx or {} ( hSnapshot, @@ -577,13 +591,14 @@ def Process32Next(self, emu, argv, ctx={}): return rv @apihook("Thread32First", argc=2) - def Thread32First(self, emu, argv, ctx={}): + def Thread32First(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL Thread32First( HANDLE hSnapshot, LPTHREADENTRY32 lpte ); """ + ctx = ctx or {} ( hSnapshot, @@ -609,13 +624,14 @@ def Thread32First(self, emu, argv, ctx={}): return rv @apihook("Thread32Next", argc=2) - def Thread32Next(self, emu, argv, ctx={}): + def Thread32Next(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL Thread32Next( HANDLE hSnapshot, LPTHREADENTRY32 lpte ); """ + ctx = ctx or {} ( hSnapshot, @@ -643,13 +659,14 @@ def Thread32Next(self, emu, argv, ctx={}): return rv @apihook("Module32First", argc=2) - def Module32First(self, emu, argv, ctx={}): + def Module32First(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL Module32First( HANDLE hSnapshot, LPMODULEENTRY32 lpme ); """ + ctx = ctx or {} ( hSnapshot, @@ -689,13 +706,14 @@ def Module32First(self, emu, argv, ctx={}): return rv @apihook("Module32Next", argc=2) - def Module32Next(self, emu, argv, ctx={}): + def Module32Next(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL Module32Next( HANDLE hSnapshot, LPMODULEENTRY32 lpme ); """ + ctx = ctx or {} ( hSnapshot, @@ -736,7 +754,7 @@ def Module32Next(self, emu, argv, ctx={}): return rv @apihook("OpenProcess", argc=3) - def OpenProcess(self, emu, argv, ctx={}): + def OpenProcess(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE OpenProcess( DWORD dwDesiredAccess, @@ -744,6 +762,7 @@ def OpenProcess(self, emu, argv, ctx={}): DWORD dwProcessId ); """ + ctx = ctx or {} access, inherit, pid = argv @@ -764,7 +783,7 @@ def OpenProcess(self, emu, argv, ctx={}): return hnd @apihook("OpenMutex", argc=3) - def OpenMutex(self, emu, argv, ctx={}): + def OpenMutex(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE OpenMutex( DWORD dwDesiredAccess, @@ -772,6 +791,7 @@ def OpenMutex(self, emu, argv, ctx={}): LPCWSTR lpName ); """ + ctx = ctx or {} access, inherit, name = argv @@ -791,13 +811,14 @@ def OpenMutex(self, emu, argv, ctx={}): return hnd @apihook("TerminateProcess", argc=2) - def TerminateProcess(self, emu, argv, ctx={}): + def TerminateProcess(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL TerminateProcess( HANDLE hProcess, UINT uExitCode ); """ + ctx = ctx or {} hProcess, uExitCode = argv rv = False @@ -810,34 +831,37 @@ def TerminateProcess(self, emu, argv, ctx={}): rv = True @apihook("FreeLibraryAndExitThread", argc=2) - def FreeLibraryAndExitThread(self, emu, argv, ctx={}): + def FreeLibraryAndExitThread(self, emu, argv, ctx: dict[str, str] | None = None): """ void FreeLibraryAndExitThread( HMODULE hLibModule, DWORD dwExitCode ); """ + ctx = ctx or {} emu.exit_process() return @apihook("ExitThread", argc=1) - def ExitThread(self, emu, argv, ctx={}): + def ExitThread(self, emu, argv, ctx: dict[str, str] | None = None): """ void ExitThread( DWORD dwExitCode ); """ + ctx = ctx or {} emu.exit_process() return @apihook("WinExec", argc=2) - def WinExec(self, emu, argv, ctx={}): + def WinExec(self, emu, argv, ctx: dict[str, str] | None = None): """ UINT WinExec( LPCSTR lpCmdLine, UINT uCmdShow ); """ + ctx = ctx or {} lpCmdLine, uCmdShow = argv rv = 1 @@ -853,12 +877,13 @@ def WinExec(self, emu, argv, ctx={}): return rv @apihook("LoadLibraryEx", argc=3) - def LoadLibraryEx(self, emu, argv, ctx={}): + def LoadLibraryEx(self, emu, argv, ctx: dict[str, str] | None = None): """HMODULE LoadLibraryExA( LPCSTR lpLibFileName, HANDLE hFile, DWORD dwFlags );""" + ctx = ctx or {} lib_name, _, dwFlags = argv @@ -896,7 +921,7 @@ def LoadLibraryEx(self, emu, argv, ctx={}): return hmod @apihook("CreateProcessInternal", argc=12) - def CreateProcessInternal(self, emu, argv, ctx={}): + def CreateProcessInternal(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CreateProcessInternal( PVOID Reserved1, @@ -913,6 +938,7 @@ def CreateProcessInternal(self, emu, argv, ctx={}): PVOID Reserved2 ); """ + ctx = ctx or {} # Args are the same as CreateProcess except for argv[0] and argv[-1] _argv = argv[1:-1] rv = self.CreateProcess(emu, _argv, ctx) @@ -920,7 +946,7 @@ def CreateProcessInternal(self, emu, argv, ctx={}): return rv @apihook("CreateProcess", argc=10) - def CreateProcess(self, emu, argv, ctx={}): + def CreateProcess(self, emu, argv, ctx: dict[str, str] | None = None): """BOOL CreateProcess( LPTSTR lpApplicationName, LPTSTR lpCommandLine, @@ -933,6 +959,7 @@ def CreateProcess(self, emu, argv, ctx={}): LPSTARTUPINFO lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation );""" + ctx = ctx or {} app, cmd, pa, ta, inherit, flags, env, cd, si, ppi = argv cw = self.get_char_width(ctx) @@ -974,13 +1001,14 @@ def CreateProcess(self, emu, argv, ctx={}): return rv @apihook("VirtualAlloc", argc=4) - def VirtualAlloc(self, emu, argv, ctx={}): + def VirtualAlloc(self, emu, argv, ctx: dict[str, str] | None = None): """LPVOID WINAPI VirtualAlloc( _In_opt_ LPVOID lpAddress, _In_ SIZE_T dwSize, _In_ DWORD flAllocationType, _In_ DWORD flProtect );""" + ctx = ctx or {} lpAddress, dwSize, flAllocationType, flProtect = argv buf = 0 @@ -1033,7 +1061,7 @@ def VirtualAlloc(self, emu, argv, ctx={}): return buf @apihook("VirtualAllocEx", argc=5) - def VirtualAllocEx(self, emu, argv, ctx={}): + def VirtualAllocEx(self, emu, argv, ctx: dict[str, str] | None = None): """ LPVOID VirtualAllocEx( HANDLE hProcess, @@ -1043,6 +1071,7 @@ def VirtualAllocEx(self, emu, argv, ctx={}): DWORD flProtect ); """ + ctx = ctx or {} hProcess, lpAddress, dwSize, flAllocationType, flProtect = argv buf = 0 @@ -1095,7 +1124,7 @@ def VirtualAllocEx(self, emu, argv, ctx={}): return buf @apihook("WriteProcessMemory", argc=5) - def WriteProcessMemory(self, emu, argv, ctx={}): + def WriteProcessMemory(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL WriteProcessMemory( HANDLE hProcess, @@ -1105,6 +1134,7 @@ def WriteProcessMemory(self, emu, argv, ctx={}): SIZE_T *lpNumberOfBytesWritten ); """ + ctx = ctx or {} hProcess, lpBaseAddress, lpBuffer, nSize, lpNumberOfBytesWritten = argv rv = False @@ -1133,7 +1163,7 @@ def WriteProcessMemory(self, emu, argv, ctx={}): return rv @apihook("ReadProcessMemory", argc=5) - def ReadProcessMemory(self, emu, argv, ctx={}): + def ReadProcessMemory(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL ReadProcessMemory( HANDLE hProcess, @@ -1143,6 +1173,7 @@ def ReadProcessMemory(self, emu, argv, ctx={}): SIZE_T *lpNumberOfBytesRead ); """ + ctx = ctx or {} hProcess, lpBaseAddress, lpBuffer, nSize, lpNumberOfBytesRead = argv rv = False @@ -1175,7 +1206,7 @@ def ReadProcessMemory(self, emu, argv, ctx={}): return rv @apihook("CreateRemoteThread", argc=7) - def CreateRemoteThread(self, emu, argv, ctx={}): + def CreateRemoteThread(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE CreateRemoteThread( HANDLE hProcess, @@ -1187,6 +1218,7 @@ def CreateRemoteThread(self, emu, argv, ctx={}): LPDWORD lpThreadId ); """ + ctx = ctx or {} (hProcess, lpThreadAttributes, dwStackSize, lpStartAddress, lpParameter, dwCreationFlags, lpThreadId) = argv is_remote = False @@ -1223,7 +1255,7 @@ def CreateRemoteThread(self, emu, argv, ctx={}): return handle @apihook("CreateThread", argc=6) - def CreateThread(self, emu, argv, ctx={}): + def CreateThread(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE CreateThread( LPSECURITY_ATTRIBUTES lpThreadAttributes, @@ -1234,6 +1266,7 @@ def CreateThread(self, emu, argv, ctx={}): LPDWORD lpThreadId ); """ + ctx = ctx or {} (lpThreadAttributes, dwStackSize, lpStartAddress, lpParameter, dwCreationFlags, lpThreadId) = argv proc_obj = emu.get_current_process() @@ -1261,12 +1294,13 @@ def CreateThread(self, emu, argv, ctx={}): return handle @apihook("ResumeThread", argc=1) - def ResumeThread(self, emu, argv, ctx={}): + def ResumeThread(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD ResumeThread( HANDLE hThread ); """ + ctx = ctx or {} (hThread,) = argv rv = -1 obj = self.get_object_from_handle(hThread) @@ -1300,12 +1334,13 @@ def ResumeThread(self, emu, argv, ctx={}): return rv @apihook("SuspendThread", argc=1) - def SuspendThread(self, emu, argv, ctx={}): + def SuspendThread(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD SuspendThread( HANDLE hThread ); """ + ctx = ctx or {} (hThread,) = argv rv = -1 obj = self.get_object_from_handle(hThread) @@ -1317,13 +1352,14 @@ def SuspendThread(self, emu, argv, ctx={}): return rv @apihook("TerminateThread", argc=2) - def TerminateThread(self, emu, argv, ctx={}): + def TerminateThread(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL TerminateThread( [in, out] HANDLE hThread, [in] DWORD dwExitCode ); """ + ctx = ctx or {} hThread, dwExitCode = argv rv = 0 obj = self.get_object_from_handle(hThread) @@ -1336,12 +1372,13 @@ def TerminateThread(self, emu, argv, ctx={}): return rv @apihook("GetThreadId", argc=1) - def GetThreadId(self, emu, argv, ctx={}): + def GetThreadId(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD GetThreadId( HANDLE Thread ); """ + ctx = ctx or {} (Thread,) = argv if not Thread: @@ -1355,7 +1392,7 @@ def GetThreadId(self, emu, argv, ctx={}): return obj.id @apihook("VirtualQuery", argc=3) - def VirtualQuery(self, emu, argv, ctx={}): + def VirtualQuery(self, emu, argv, ctx: dict[str, str] | None = None): """ SIZE_T VirtualQuery( LPCVOID lpAddress, @@ -1363,6 +1400,7 @@ def VirtualQuery(self, emu, argv, ctx={}): SIZE_T dwLength ); """ + ctx = ctx or {} rv = 0 lpAddress, lpBuffer, dwLength = argv @@ -1391,13 +1429,14 @@ def VirtualQuery(self, emu, argv, ctx={}): return mbi.sizeof() @apihook("VirtualProtect", argc=4) - def VirtualProtect(self, emu, argv, ctx={}): + def VirtualProtect(self, emu, argv, ctx: dict[str, str] | None = None): """BOOL WINAPI VirtualProtect( _In_ LPVOID lpAddress, _In_ SIZE_T dwSize, _In_ DWORD flNewProtect, _Out_ PDWORD lpflOldProtect );""" + ctx = ctx or {} rv = 0 mm = None new = 0 @@ -1436,7 +1475,7 @@ def VirtualProtect(self, emu, argv, ctx={}): return rv @apihook("VirtualProtectEx", argc=5) - def VirtualProtectEx(self, emu, argv, ctx={}): + def VirtualProtectEx(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL VirtualProtectEx( HANDLE hProcess, @@ -1446,6 +1485,7 @@ def VirtualProtectEx(self, emu, argv, ctx={}): PDWORD lpflOldProtect ); """ + ctx = ctx or {} hProcess, lpAddress, dwSize, flNewProtect, lpflOldProtect = argv proc_obj = self.get_object_from_handle(hProcess) @@ -1464,7 +1504,7 @@ def VirtualProtectEx(self, emu, argv, ctx={}): return rv @apihook("VirtualFree", argc=3) - def VirtualFree(self, emu, argv, ctx={}): + def VirtualFree(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL VirtualFree( LPVOID lpAddress, @@ -1472,6 +1512,7 @@ def VirtualFree(self, emu, argv, ctx={}): DWORD dwFreeType ); """ + ctx = ctx or {} rv = 0 lpAddress, dwSize, dwFreeType = argv @@ -1487,18 +1528,20 @@ def VirtualFree(self, emu, argv, ctx={}): return rv @apihook("GetCurrentProcess", argc=0) - def GetCurrentProcess(self, emu, argv, ctx={}): + def GetCurrentProcess(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE GetCurrentProcess(); """ + ctx = ctx or {} rv = self.get_max_int() return rv @apihook("GetVersion", argc=0) - def GetVersion(self, emu, argv, ctx={}): + def GetVersion(self, emu, argv, ctx: dict[str, str] | None = None): """NOT_BUILD_WINDOWS_DEPRECATE DWORD GetVersion();""" + ctx = ctx or {} ver = self.emu.config.os_ver build = ver.build @@ -1510,8 +1553,9 @@ def GetVersion(self, emu, argv, ctx={}): return rv @apihook("GetLastError", argc=0) - def GetLastError(self, emu, argv, ctx={}): + def GetLastError(self, emu, argv, ctx: dict[str, str] | None = None): """DWORD WINAPI GetLastError(void);""" + ctx = ctx or {} rv = emu.get_last_error() @@ -1521,12 +1565,13 @@ def GetLastError(self, emu, argv, ctx={}): return rv @apihook("SetLastError", argc=1) - def SetLastError(self, emu, argv, ctx={}): + def SetLastError(self, emu, argv, ctx: dict[str, str] | None = None): """ void SetLastError( DWORD dwErrCode ); """ + ctx = ctx or {} (dwErrCode,) = argv emu.set_last_error(dwErrCode) @@ -1534,7 +1579,7 @@ def SetLastError(self, emu, argv, ctx={}): return None @apihook("SetHandleInformation", argc=3) - def SetHandleInformation(self, emu, argv, ctx={}): + def SetHandleInformation(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetHandleInformation( HANDLE hObject, @@ -1542,6 +1587,7 @@ def SetHandleInformation(self, emu, argv, ctx={}): DWORD dwFlags ); """ + ctx = ctx or {} # Non-zero value for success. rv = 1 @@ -1549,13 +1595,14 @@ def SetHandleInformation(self, emu, argv, ctx={}): return rv @apihook("GetHandleInformation", argc=2) - def GetHandleInformation(self, emu, argv, ctx={}): + def GetHandleInformation(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetHandleInformation( HANDLE hObject, LPDWORD lpdwFlags ); """ + ctx = ctx or {} # Non-zero value for success. rv = 1 @@ -1563,16 +1610,17 @@ def GetHandleInformation(self, emu, argv, ctx={}): return rv @apihook("ExitProcess", argc=1) - def ExitProcess(self, emu, argv, ctx={}): + def ExitProcess(self, emu, argv, ctx: dict[str, str] | None = None): """void ExitProcess( UINT uExitCode );""" + ctx = ctx or {} self.exit_process() return 0 @apihook("SystemTimeToTzSpecificLocalTime", argc=3) - def SystemTimeToTzSpecificLocalTime(self, emu, argv, ctx={}): + def SystemTimeToTzSpecificLocalTime(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SystemTimeToTzSpecificLocalTime( const TIME_ZONE_INFORMATION *lpTimeZoneInformation, @@ -1580,16 +1628,18 @@ def SystemTimeToTzSpecificLocalTime(self, emu, argv, ctx={}): LPSYSTEMTIME lpLocalTime ); """ + ctx = ctx or {} return True @apihook("FileTimeToSystemTime", argc=2) - def FileTimeToSystemTime(self, emu, argv, ctx={}): + def FileTimeToSystemTime(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL FileTimeToSystemTime( const FILETIME *lpFileTime, LPSYSTEMTIME lpSystemTime ); """ + ctx = ctx or {} lpFileTime, lpSystemTime = argv @@ -1617,10 +1667,11 @@ def FileTimeToSystemTime(self, emu, argv, ctx={}): return True @apihook("GetSystemTimeAsFileTime", argc=1) - def GetSystemTimeAsFileTime(self, emu, argv, ctx={}): + def GetSystemTimeAsFileTime(self, emu, argv, ctx: dict[str, str] | None = None): """void GetSystemTimeAsFileTime( LPFILETIME lpSystemTimeAsFileTime );""" + ctx = ctx or {} (lpSystemTimeAsFileTime,) = argv ft = self.k32types.FILETIME(emu.get_ptr_size()) @@ -1634,13 +1685,14 @@ def GetSystemTimeAsFileTime(self, emu, argv, ctx={}): return @apihook("SystemTimeToFileTime", argc=2) - def SystemTimeToFileTime(self, emu, argv, ctx={}): + def SystemTimeToFileTime(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SystemTimeToFileTime( const SYSTEMTIME *lpSystemTime, LPFILETIME lpFileTime ); """ + ctx = ctx or {} lpSystemTime, lpFileTime = argv self.GetSystemTimeAsFileTime(emu, argv[1:], ctx) @@ -1648,35 +1700,38 @@ def SystemTimeToFileTime(self, emu, argv, ctx={}): return True @apihook("SetThreadErrorMode", argc=2) - def SetThreadErrorMode(self, emu, argv, ctx={}): + def SetThreadErrorMode(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetThreadErrorMode( DWORD dwNewMode, LPDWORD lpOldMode ); """ + ctx = ctx or {} dwNewMode, lpOldMode = argv return True @apihook("SetDefaultDllDirectories", argc=1) - def SetDefaultDllDirectories(self, emu, argv, ctx={}): + def SetDefaultDllDirectories(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetDefaultDllDirectories( DWORD DirectoryFlags ); """ + ctx = ctx or {} return True @apihook("SetConsoleTitle", argc=1) - def SetConsoleTitle(self, emu, argv, ctx={}): + def SetConsoleTitle(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL WINAPI SetConsoleTitle( _In_ LPCTSTR lpConsoleTitle ); """ + ctx = ctx or {} (lpConsoleTitle,) = argv if lpConsoleTitle: @@ -1686,20 +1741,22 @@ def SetConsoleTitle(self, emu, argv, ctx={}): return True @apihook("GetLocalTime", argc=1) - def GetLocalTime(self, emu, argv, ctx={}): + def GetLocalTime(self, emu, argv, ctx: dict[str, str] | None = None): """ void GetLocalTime( LPSYSTEMTIME lpSystemTime ); """ + ctx = ctx or {} return self.GetSystemTime(emu, argv) @apihook("GetSystemTime", argc=1) - def GetSystemTime(self, emu, argv, ctx={}): + def GetSystemTime(self, emu, argv, ctx: dict[str, str] | None = None): """ void GetSystemTime( LPSYSTEMTIME lpSystemTime );""" + ctx = ctx or {} (lpSystemTime,) = argv st = self.k32types.SYSTEMTIME(emu.get_ptr_size()) @@ -1718,10 +1775,11 @@ def GetSystemTime(self, emu, argv, ctx={}): return @apihook("GetTimeZoneInformation", argc=1) - def GetTimeZoneInformation(self, emu, argv, ctx={}): + def GetTimeZoneInformation(self, emu, argv, ctx: dict[str, str] | None = None): """DWORD GetTimeZoneInformation( LPTIME_ZONE_INFORMATION lpTimeZoneInformation );""" + ctx = ctx or {} (lpTimeZoneInformation,) = argv if lpTimeZoneInformation: @@ -1730,8 +1788,9 @@ def GetTimeZoneInformation(self, emu, argv, ctx={}): return 0 @apihook("GetCurrentThreadId", argc=0) - def GetCurrentThreadId(self, emu, argv, ctx={}): + def GetCurrentThreadId(self, emu, argv, ctx: dict[str, str] | None = None): """DWORD GetCurrentThreadId();""" + ctx = ctx or {} thread = emu.get_current_thread() rv = thread.id @@ -1739,8 +1798,9 @@ def GetCurrentThreadId(self, emu, argv, ctx={}): return rv @apihook("GetCurrentProcessId", argc=0) - def GetCurrentProcessId(self, emu, argv, ctx={}): + def GetCurrentProcessId(self, emu, argv, ctx: dict[str, str] | None = None): """DWORD GetCurrentProcessId();""" + ctx = ctx or {} proc = emu.get_current_process() rv = proc.id @@ -1748,10 +1808,11 @@ def GetCurrentProcessId(self, emu, argv, ctx={}): return rv @apihook("IsProcessorFeaturePresent", argc=1, conv=e_arch.CALL_CONV_STDCALL) - def IsProcessorFeaturePresent(self, emu, argv, ctx={}): + def IsProcessorFeaturePresent(self, emu, argv, ctx: dict[str, str] | None = None): """BOOL IsProcessorFeaturePresent( DWORD ProcessorFeature );""" + ctx = ctx or {} rv = 1 """ @@ -1818,11 +1879,12 @@ def IsProcessorFeaturePresent(self, emu, argv, ctx={}): return rv @apihook("lstrcmpi", argc=2) - def lstrcmpi(self, emu, argv, ctx={}): + def lstrcmpi(self, emu, argv, ctx: dict[str, str] | None = None): """int lstrcmpiA( LPCSTR lpString1, LPCSTR lpString2 );""" + ctx = ctx or {} cw = self.get_char_width(ctx) string1, string2 = argv @@ -1840,11 +1902,12 @@ def lstrcmpi(self, emu, argv, ctx={}): return rv @apihook("lstrcmp", argc=2) - def lstrcmp(self, emu, argv, ctx={}): + def lstrcmp(self, emu, argv, ctx: dict[str, str] | None = None): """int lstrcmpiA( LPCSTR lpString1, LPCSTR lpString2 );""" + ctx = ctx or {} cw = self.get_char_width(ctx) string1, string2 = argv @@ -1862,10 +1925,11 @@ def lstrcmp(self, emu, argv, ctx={}): return rv @apihook("QueryPerformanceCounter", argc=1) - def QueryPerformanceCounter(self, emu, argv, ctx={}): + def QueryPerformanceCounter(self, emu, argv, ctx: dict[str, str] | None = None): """BOOL WINAPI QueryPerformanceCounter( _Out_ LARGE_INTEGER *lpPerformanceCount );""" + ctx = ctx or {} (lpPerformanceCount,) = argv rv = 1 @@ -1874,12 +1938,13 @@ def QueryPerformanceCounter(self, emu, argv, ctx={}): return rv @apihook("lstrlen", argc=1) - def lstrlen(self, emu, argv, ctx={}): + def lstrlen(self, emu, argv, ctx: dict[str, str] | None = None): """ int lstrlen( LPCSTR lpString ); """ + ctx = ctx or {} (src,) = argv try: cw = self.get_char_width(ctx) @@ -1892,7 +1957,7 @@ def lstrlen(self, emu, argv, ctx={}): return len(s) @apihook("GetModuleHandleEx", argc=3) - def GetModuleHandleEx(self, emu, argv, ctx={}): + def GetModuleHandleEx(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetModuleHandleExA( DWORD dwFlags, @@ -1900,6 +1965,7 @@ def GetModuleHandleEx(self, emu, argv, ctx={}): HMODULE *phModule ); """ + ctx = ctx or {} dwFlags, lpModuleName, phModule = argv hmod = self.GetModuleHandle(emu, [lpModuleName], ctx) @@ -1909,10 +1975,11 @@ def GetModuleHandleEx(self, emu, argv, ctx={}): return hmod @apihook("GetModuleHandle", argc=1) - def GetModuleHandle(self, emu, argv, ctx={}): + def GetModuleHandle(self, emu, argv, ctx: dict[str, str] | None = None): """HMODULE GetModuleHandle( LPCSTR lpModuleName );""" + ctx = ctx or {} (mod_name,) = argv @@ -1938,11 +2005,12 @@ def GetModuleHandle(self, emu, argv, ctx={}): return rv @apihook("GetProcAddress", argc=2) - def GetProcAddress(self, emu, argv, ctx={}): + def GetProcAddress(self, emu, argv, ctx: dict[str, str] | None = None): """FARPROC GetProcAddress( HMODULE hModule, LPCSTR lpProcName );""" + ctx = ctx or {} hmod, proc_name = argv rv = 0 @@ -1973,15 +2041,17 @@ def GetProcAddress(self, emu, argv, ctx={}): return rv @apihook("AllocConsole", argc=0) - def AllocConsole(self, emu, argv, ctx={}): + def AllocConsole(self, emu, argv, ctx: dict[str, str] | None = None): """BOOL WINAPI AllocConsole(void);""" + ctx = ctx or {} # On success, return != 0 return 1 @apihook("GetConsoleWindow", argc=0) - def GetConsoleWindow(self, emu, argv, ctx={}): + def GetConsoleWindow(self, emu, argv, ctx: dict[str, str] | None = None): """HWND WINAPI GetConsoleWindow(void);""" + ctx = ctx or {} hwnd = 0 proc = emu.get_current_process() @@ -1993,27 +2063,30 @@ def GetConsoleWindow(self, emu, argv, ctx={}): return hwnd @apihook("Sleep", argc=1) - def Sleep(self, emu, argv, ctx={}): + def Sleep(self, emu, argv, ctx: dict[str, str] | None = None): """void Sleep(DWORD dwMilliseconds);""" + ctx = ctx or {} (millisec,) = argv return @apihook("SleepEx", argc=2) - def SleepEx(self, emu, argv, ctx={}): + def SleepEx(self, emu, argv, ctx: dict[str, str] | None = None): """DWORD SleepEx(DWORD dwMilliseconds, BOOL bAlertable);""" + ctx = ctx or {} millisec, bAlertable = argv return @apihook("GlobalAlloc", argc=2) - def GlobalAlloc(self, emu, argv, ctx={}): + def GlobalAlloc(self, emu, argv, ctx: dict[str, str] | None = None): """ DECLSPEC_ALLOCATOR HGLOBAL GlobalAlloc( UINT uFlags, SIZE_T dwBytes ); """ + ctx = ctx or {} uFlags, dwBytes = argv @@ -2022,12 +2095,13 @@ def GlobalAlloc(self, emu, argv, ctx={}): return chunk @apihook("GlobalSize", argc=1) - def GlobalSize(self, emu, argv, ctx={}): + def GlobalSize(self, emu, argv, ctx: dict[str, str] | None = None): """ SIZE_T GlobalSize( [in] HGLOBAL hMem ); """ + ctx = ctx or {} (hMem,) = argv size = 0 @@ -2043,12 +2117,13 @@ def GlobalSize(self, emu, argv, ctx={}): return size @apihook("GlobalFlags", argc=1) - def GlobalFlags(self, emu, argv, ctx={}): + def GlobalFlags(self, emu, argv, ctx: dict[str, str] | None = None): """ UINT GlobalFlags( [in] HGLOBAL hMem ); """ + ctx = ctx or {} (hMem,) = argv flags = 0 for mmap in emu.get_mem_maps(): @@ -2063,13 +2138,14 @@ def GlobalFlags(self, emu, argv, ctx={}): return flags @apihook("LocalAlloc", argc=2) - def LocalAlloc(self, emu, argv, ctx={}): + def LocalAlloc(self, emu, argv, ctx: dict[str, str] | None = None): """ DECLSPEC_ALLOCATOR HLOCAL LocalAlloc( UINT uFlags, SIZE_T uBytes ); """ + ctx = ctx or {} uFlags, dwBytes = argv @@ -2078,7 +2154,7 @@ def LocalAlloc(self, emu, argv, ctx={}): return chunk @apihook("HeapAlloc", argc=3) - def HeapAlloc(self, emu, argv, ctx={}): + def HeapAlloc(self, emu, argv, ctx: dict[str, str] | None = None): """ DECLSPEC_ALLOCATOR LPVOID HeapAlloc( HANDLE hHeap, @@ -2086,6 +2162,7 @@ def HeapAlloc(self, emu, argv, ctx={}): SIZE_T dwBytes ); """ + ctx = ctx or {} hHeap, dwFlags, dwBytes = argv @@ -2096,7 +2173,7 @@ def HeapAlloc(self, emu, argv, ctx={}): return chunk @apihook("HeapSize", argc=3) - def HeapSize(self, emu, argv, ctx={}): + def HeapSize(self, emu, argv, ctx: dict[str, str] | None = None): """ SIZE_T HeapSize( HANDLE hHeap, @@ -2104,6 +2181,7 @@ def HeapSize(self, emu, argv, ctx={}): LPCVOID lpMem ); """ + ctx = ctx or {} hHeap, dwFlags, lpMem = argv @@ -2119,33 +2197,36 @@ def HeapSize(self, emu, argv, ctx={}): return size @apihook("GetTickCount", argc=0) - def GetTickCount(self, emu, argv, ctx={}): + def GetTickCount(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD GetTickCount(); """ + ctx = ctx or {} self.tick_counter += 20 return self.tick_counter @apihook("GetTickCount64", argc=0) - def GetTickCount64(self, emu, argv, ctx={}): + def GetTickCount64(self, emu, argv, ctx: dict[str, str] | None = None): """ ULONGLONG GetTickCount64(); """ + ctx = ctx or {} self.tick_counter += 20 return self.tick_counter @apihook("lstrcat", argc=2) - def lstrcat(self, emu, argv, ctx={}): + def lstrcat(self, emu, argv, ctx: dict[str, str] | None = None): """ LPSTR lstrcat( LPSTR lpString1, LPCSTR lpString2 ); """ + ctx = ctx or {} lpString1, lpString2 = argv cw = self.get_char_width(ctx) @@ -2165,7 +2246,7 @@ def lstrcat(self, emu, argv, ctx={}): return lpString1 @apihook("lstrcpyn", argc=3) - def lstrcpyn(self, emu, argv, ctx={}): + def lstrcpyn(self, emu, argv, ctx: dict[str, str] | None = None): """ LPSTR lstrcpynA( LPSTR lpString1, @@ -2173,6 +2254,7 @@ def lstrcpyn(self, emu, argv, ctx={}): int iMaxLength ); """ + ctx = ctx or {} dest, src, iMaxLength = argv cw = self.get_char_width(ctx) @@ -2186,13 +2268,14 @@ def lstrcpyn(self, emu, argv, ctx={}): return dest @apihook("lstrcpy", argc=2) - def lstrcpy(self, emu, argv, ctx={}): + def lstrcpy(self, emu, argv, ctx: dict[str, str] | None = None): """ LPSTR lstrcpyA( LPSTR lpString1, LPCSTR lpString2 ); """ + ctx = ctx or {} dest, src = argv cw = self.get_char_width(ctx) @@ -2205,13 +2288,14 @@ def lstrcpy(self, emu, argv, ctx={}): return dest @apihook("IsBadReadPtr", argc=2) - def IsBadReadPtr(self, emu, argv, ctx={}): + def IsBadReadPtr(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL IsBadReadPtr( const VOID *lp, UINT_PTR ucb ); """ + ctx = ctx or {} lp, ucb = argv @@ -2227,7 +2311,7 @@ def IsBadReadPtr(self, emu, argv, ctx={}): return rv @apihook("HeapReAlloc", argc=4) - def HeapReAlloc(self, emu, argv, ctx={}): + def HeapReAlloc(self, emu, argv, ctx: dict[str, str] | None = None): """ DECLSPEC_ALLOCATOR LPVOID HeapReAlloc( HANDLE hHeap, @@ -2236,6 +2320,7 @@ def HeapReAlloc(self, emu, argv, ctx={}): SIZE_T dwBytes ); """ + ctx = ctx or {} hHeap, dwFlags, lpMem, dwBytes = argv @@ -2253,7 +2338,7 @@ def HeapReAlloc(self, emu, argv, ctx={}): return new_buf @apihook("LocalReAlloc", argc=3) - def LocalReAlloc(self, emu, argv, ctx={}): + def LocalReAlloc(self, emu, argv, ctx: dict[str, str] | None = None): """ DECLSPEC_ALLOCATOR HLOCAL LocalReAlloc( _Frees_ptr_opt_ HLOCAL hMem, @@ -2261,6 +2346,7 @@ def LocalReAlloc(self, emu, argv, ctx={}): UINT uFlags ); """ + ctx = ctx or {} hMem, uBytes, uFlags = argv @@ -2278,7 +2364,7 @@ def LocalReAlloc(self, emu, argv, ctx={}): return new_buf @apihook("HeapCreate", argc=3) - def HeapCreate(self, emu, argv, ctx={}): + def HeapCreate(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE HeapCreate( DWORD flOptions, @@ -2286,6 +2372,7 @@ def HeapCreate(self, emu, argv, ctx={}): SIZE_T dwMaximumSize ); """ + ctx = ctx or {} flOptions, dwInitialSize, dwMaximumSize = argv @@ -2294,19 +2381,21 @@ def HeapCreate(self, emu, argv, ctx={}): return heap @apihook("GetCurrentThread", argc=0) - def GetCurrentThread(self, emu, argv, ctx={}): + def GetCurrentThread(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE GetCurrentThread(); """ + ctx = ctx or {} thread = emu.get_current_thread() obj = emu.om.get_object_from_addr(thread.address) return emu.get_object_handle(obj) @apihook("TlsAlloc", argc=0) - def TlsAlloc(self, emu, argv, ctx={}): + def TlsAlloc(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD TlsAlloc(); """ + ctx = ctx or {} thread = emu.get_current_thread() tls = thread.tls @@ -2318,13 +2407,14 @@ def TlsAlloc(self, emu, argv, ctx={}): return idx @apihook("TlsSetValue", argc=2) - def TlsSetValue(self, emu, argv, ctx={}): + def TlsSetValue(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL TlsSetValue( DWORD dwTlsIndex, LPVOID lpTlsValue ); """ + ctx = ctx or {} dwTlsIndex, lpTlsValue = argv rv = 0 @@ -2343,12 +2433,13 @@ def TlsSetValue(self, emu, argv, ctx={}): return rv @apihook("TlsGetValue", argc=1) - def TlsGetValue(self, emu, argv, ctx={}): + def TlsGetValue(self, emu, argv, ctx: dict[str, str] | None = None): """ LPVOID TlsGetValue( DWORD dwTlsIndex ); """ + ctx = ctx or {} (dwTlsIndex,) = argv dwTlsIndex &= 0xFFFFFFFF rv = 0 @@ -2365,12 +2456,13 @@ def TlsGetValue(self, emu, argv, ctx={}): return rv @apihook("FlsAlloc", argc=1) - def FlsAlloc(self, emu, argv, ctx={}): + def FlsAlloc(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD FlsAlloc( PFLS_CALLBACK_FUNCTION lpCallback ); """ + ctx = ctx or {} thread = emu.get_current_thread() fls = thread.fls @@ -2382,13 +2474,14 @@ def FlsAlloc(self, emu, argv, ctx={}): return idx @apihook("FlsSetValue", argc=2) - def FlsSetValue(self, emu, argv, ctx={}): + def FlsSetValue(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL FlsSetValue( DWORD dwFlsIndex, PVOID lpFlsData ); """ + ctx = ctx or {} dwFlsIndex, lpFlsData = argv rv = 0 @@ -2410,12 +2503,13 @@ def FlsSetValue(self, emu, argv, ctx={}): return rv @apihook("FlsGetValue", argc=1) - def FlsGetValue(self, emu, argv, ctx={}): + def FlsGetValue(self, emu, argv, ctx: dict[str, str] | None = None): """ PVOID FlsGetValue( DWORD dwFlsIndex ); """ + ctx = ctx or {} (dwFlsIndex,) = argv rv = 0 @@ -2431,12 +2525,13 @@ def FlsGetValue(self, emu, argv, ctx={}): return rv @apihook("EncodePointer", argc=1) - def EncodePointer(self, emu, argv, ctx={}): + def EncodePointer(self, emu, argv, ctx: dict[str, str] | None = None): """ PVOID EncodePointer( _In_ PVOID Ptr ); """ + ctx = ctx or {} (Ptr,) = argv # Just increment the pointer for now @@ -2445,12 +2540,13 @@ def EncodePointer(self, emu, argv, ctx={}): return rv @apihook("DecodePointer", argc=1) - def DecodePointer(self, emu, argv, ctx={}): + def DecodePointer(self, emu, argv, ctx: dict[str, str] | None = None): """ PVOID DecodePointer( PVOID Ptr ); """ + ctx = ctx or {} (Ptr,) = argv # Just decrement the pointer for now @@ -2459,13 +2555,14 @@ def DecodePointer(self, emu, argv, ctx={}): return rv @apihook("InitializeCriticalSectionAndSpinCount", argc=2) - def InitializeCriticalSectionAndSpinCount(self, emu, argv, ctx={}): + def InitializeCriticalSectionAndSpinCount(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL InitializeCriticalSectionAndSpinCount( LPCRITICAL_SECTION lpCriticalSection, DWORD dwSpinCount ); """ + ctx = ctx or {} lpCriticalSection, dwSpinCount = argv rv = 1 @@ -2473,32 +2570,35 @@ def InitializeCriticalSectionAndSpinCount(self, emu, argv, ctx={}): return rv @apihook("EnterCriticalSection", argc=1) - def EnterCriticalSection(self, emu, argv, ctx={}): + def EnterCriticalSection(self, emu, argv, ctx: dict[str, str] | None = None): """ void EnterCriticalSection( LPCRITICAL_SECTION lpCriticalSection ); """ + ctx = ctx or {} return @apihook("LeaveCriticalSection", argc=1) - def LeaveCriticalSection(self, emu, argv, ctx={}): + def LeaveCriticalSection(self, emu, argv, ctx: dict[str, str] | None = None): """ void LeaveCriticalSection( LPCRITICAL_SECTION lpCriticalSection ); """ + ctx = ctx or {} return @apihook("InterlockedIncrement", argc=1) - def InterlockedIncrement(self, emu, argv, ctx={}): + def InterlockedIncrement(self, emu, argv, ctx: dict[str, str] | None = None): """ LONG InterlockedIncrement( LONG volatile *Addend ); """ + ctx = ctx or {} (Addend,) = argv @@ -2511,12 +2611,13 @@ def InterlockedIncrement(self, emu, argv, ctx={}): return ival @apihook("InterlockedDecrement", argc=1) - def InterlockedDecrement(self, emu, argv, ctx={}): + def InterlockedDecrement(self, emu, argv, ctx: dict[str, str] | None = None): """ LONG InterlockedDecrement( LONG volatile *Addend ); """ + ctx = ctx or {} (Addend,) = argv @@ -2529,10 +2630,11 @@ def InterlockedDecrement(self, emu, argv, ctx={}): return ival @apihook("GetCommandLine", argc=0) - def GetCommandLine(self, emu, argv, ctx={}): + def GetCommandLine(self, emu, argv, ctx: dict[str, str] | None = None): """ LPTSTR GetCommandLine(); """ + ctx = ctx or {} fn = ctx["func_name"] cw = self.get_char_width(ctx) @@ -2555,7 +2657,7 @@ def GetCommandLine(self, emu, argv, ctx={}): return cmd_ptr @apihook("ExpandEnvironmentStrings", argc=3) - def ExpandEnvironmentStrings(self, emu, argv, ctx={}): + def ExpandEnvironmentStrings(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD ExpandEnvironmentStringsA( LPCSTR lpSrc, @@ -2563,6 +2665,7 @@ def ExpandEnvironmentStrings(self, emu, argv, ctx={}): DWORD nSize ); """ + ctx = ctx or {} lpSrc, lpDst, nSize = argv rv = 0 @@ -2586,10 +2689,11 @@ def ExpandEnvironmentStrings(self, emu, argv, ctx={}): return rv @apihook("GetEnvironmentStrings", argc=0) - def GetEnvironmentStrings(self, emu, argv, ctx={}): + def GetEnvironmentStrings(self, emu, argv, ctx: dict[str, str] | None = None): """ LPCH GetEnvironmentStrings(); """ + ctx = ctx or {} out = "" fn = ctx["func_name"] @@ -2611,12 +2715,13 @@ def GetEnvironmentStrings(self, emu, argv, ctx={}): return env_ptr @apihook("FreeEnvironmentStrings", argc=1) - def FreeEnvironmentStrings(self, emu, argv, ctx={}): + def FreeEnvironmentStrings(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL FreeEnvironmentStrings( LPCH penv ); """ + ctx = ctx or {} (penv,) = argv @@ -2625,7 +2730,7 @@ def FreeEnvironmentStrings(self, emu, argv, ctx={}): return True @apihook("GetFullPathName", argc=4) - def GetFullPathName(self, emu, argv, ctx={}): + def GetFullPathName(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD GetFullPathNameA( LPCSTR lpFileName, @@ -2634,6 +2739,7 @@ def GetFullPathName(self, emu, argv, ctx={}): LPSTR *lpFilePart ); """ + ctx = ctx or {} lpFileName, nBufferLength, lpBuffer, lpFilePart = argv cw = self.get_char_width(ctx) @@ -2656,12 +2762,13 @@ def GetFullPathName(self, emu, argv, ctx={}): return rv @apihook("GetStartupInfo", argc=1) - def GetStartupInfo(self, emu, argv, ctx={}): + def GetStartupInfo(self, emu, argv, ctx: dict[str, str] | None = None): """ void GetStartupInfo( LPSTARTUPINFO lpStartupInfo ); """ + ctx = ctx or {} (lpStartupInfo,) = argv @@ -2727,12 +2834,13 @@ def GetStartupInfo(self, emu, argv, ctx={}): return None @apihook("GetStdHandle", argc=1) - def GetStdHandle(self, emu, argv, ctx={}): + def GetStdHandle(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE WINAPI GetStdHandle( _In_ DWORD nStdHandle ); """ + ctx = ctx or {} (nStdHandle,) = argv @@ -2742,12 +2850,13 @@ def GetStdHandle(self, emu, argv, ctx={}): return hnd @apihook("GetFileType", argc=1) - def GetFileType(self, emu, argv, ctx={}): + def GetFileType(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD GetFileType( HANDLE hFile ); """ + ctx = ctx or {} FILE_TYPE_DISK = 1 (hFile,) = argv @@ -2755,12 +2864,13 @@ def GetFileType(self, emu, argv, ctx={}): return FILE_TYPE_DISK @apihook("SetHandleCount", argc=1) - def SetHandleCount(self, emu, argv, ctx={}): + def SetHandleCount(self, emu, argv, ctx: dict[str, str] | None = None): """ UINT SetHandleCount( UINT uNumber ); """ + ctx = ctx or {} (uNumber,) = argv emu.set_last_error(windefs.ERROR_INVALID_HANDLE) @@ -2768,35 +2878,38 @@ def SetHandleCount(self, emu, argv, ctx={}): return uNumber @apihook("GetACP", argc=0) - def GetACP(self, emu, argv, ctx={}): + def GetACP(self, emu, argv, ctx: dict[str, str] | None = None): """ UINT GetACP(); """ + ctx = ctx or {} windows_1252 = 1252 return windows_1252 @apihook("IsValidCodePage", argc=1) - def IsValidCodePage(self, emu, argv, ctx={}): + def IsValidCodePage(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL IsValidCodePage( UINT CodePage ); """ + ctx = ctx or {} (CodePage,) = argv return True @apihook("GetCPInfo", argc=2) - def GetCPInfo(self, emu, argv, ctx={}): + def GetCPInfo(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetCPInfo( UINT CodePage, LPCPINFO lpCPInfo ); """ + ctx = ctx or {} CodePage, lpCPInfo = argv @@ -2807,7 +2920,7 @@ def GetCPInfo(self, emu, argv, ctx={}): return True @apihook("WideCharToMultiByte", argc=8) - def WideCharToMultiByte(self, emu, argv, ctx={}): + def WideCharToMultiByte(self, emu, argv, ctx: dict[str, str] | None = None): """ int WideCharToMultiByte( UINT CodePage, @@ -2820,6 +2933,7 @@ def WideCharToMultiByte(self, emu, argv, ctx={}): LPBOOL lpUsedDefaultChar ); """ + ctx = ctx or {} rv = 0 @@ -2870,7 +2984,7 @@ def WideCharToMultiByte(self, emu, argv, ctx={}): return rv @apihook("MultiByteToWideChar", argc=6) - def MultiByteToWideChar(self, emu, argv, ctx={}): + def MultiByteToWideChar(self, emu, argv, ctx: dict[str, str] | None = None): """ int MultiByteToWideChar( UINT CodePage, @@ -2881,6 +2995,7 @@ def MultiByteToWideChar(self, emu, argv, ctx={}): int cchWideChar ); """ + ctx = ctx or {} (CodePage, dwFlags, lpMultiByteStr, cbMultiByte, lpWideCharStr, cchWideChar) = argv @@ -2925,7 +3040,7 @@ def MultiByteToWideChar(self, emu, argv, ctx={}): return rv @apihook("GetStringTypeA", argc=5) - def GetStringTypeA(self, emu, argv, ctx={}): + def GetStringTypeA(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetStringTypeA( LCID Locale, @@ -2935,11 +3050,12 @@ def GetStringTypeA(self, emu, argv, ctx={}): LPWORD lpCharType ); """ + ctx = ctx or {} args = argv[1:] return self.GetStringTypeW(emu, args, ctx) @apihook("GetStringTypeW", argc=4) - def GetStringTypeW(self, emu, argv, ctx={}): + def GetStringTypeW(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetStringTypeW( DWORD dwInfoType, @@ -2948,6 +3064,7 @@ def GetStringTypeW(self, emu, argv, ctx={}): LPWORD lpCharType ); """ + ctx = ctx or {} dwInfoType, lpSrcStr, cchSrc, lpCharType = argv rv = 0 @@ -3006,7 +3123,7 @@ def GetStringTypeW(self, emu, argv, ctx={}): return rv @apihook("LCMapString", argc=6) - def LCMapString(self, emu, argv, ctx={}): + def LCMapString(self, emu, argv, ctx: dict[str, str] | None = None): """ int LCMapString( LCID Locale, @@ -3017,6 +3134,7 @@ def LCMapString(self, emu, argv, ctx={}): int cchDest ); """ + ctx = ctx or {} (Locale, dwMapFlags, lpSrcStr, cchSrc, lpDestStr, cchDest) = argv @@ -3036,7 +3154,7 @@ def LCMapString(self, emu, argv, ctx={}): return rv @apihook("LCMapStringEx", argc=9) - def LCMapStringEx(self, emu, argv, ctx={}): + def LCMapStringEx(self, emu, argv, ctx: dict[str, str] | None = None): """ int LCMapStringEx( LPCWSTR lpLocaleName, @@ -3050,6 +3168,7 @@ def LCMapStringEx(self, emu, argv, ctx={}): LPARAM sortHandle ); """ + ctx = ctx or {} (lpLocaleName, dwMapFlags, lpSrcStr, cchSrc, lpDestStr, cchDest, ver_info, res, sort_handle) = argv @@ -3068,7 +3187,7 @@ def LCMapStringEx(self, emu, argv, ctx={}): return rv @apihook("GetModuleFileName", argc=3) - def GetModuleFileName(self, emu, argv, ctx={}): + def GetModuleFileName(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD GetModuleFileName( HMODULE hModule, @@ -3076,6 +3195,7 @@ def GetModuleFileName(self, emu, argv, ctx={}): DWORD nSize ); """ + ctx = ctx or {} hModule, lpFilename, nSize = argv size = 0 cw = self.get_char_width(ctx) @@ -3112,7 +3232,7 @@ def GetModuleFileName(self, emu, argv, ctx={}): return size @apihook("HeapFree", argc=3) - def HeapFree(self, emu, argv, ctx={}): + def HeapFree(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL HeapFree( HANDLE hHeap, @@ -3120,6 +3240,7 @@ def HeapFree(self, emu, argv, ctx={}): _Frees_ptr_opt_ LPVOID lpMem ); """ + ctx = ctx or {} rv = 1 hHeap, dwFlags, lpMem = argv @@ -3128,12 +3249,13 @@ def HeapFree(self, emu, argv, ctx={}): return rv @apihook("LocalFree", argc=1) - def LocalFree(self, emu, argv, ctx={}): + def LocalFree(self, emu, argv, ctx: dict[str, str] | None = None): """ HLOCAL LocalFree( _Frees_ptr_opt_ HLOCAL hMem ); """ + ctx = ctx or {} rv = 0 (hMem,) = argv @@ -3145,41 +3267,45 @@ def LocalFree(self, emu, argv, ctx={}): return rv @apihook("GlobalHandle", argc=1) - def GlobalHandle(self, emu, argv, ctx={}): + def GlobalHandle(self, emu, argv, ctx: dict[str, str] | None = None): """ HGLOBAL GlobalHandle( LPCVOID pMem ); """ + ctx = ctx or {} (pMem,) = argv return pMem @apihook("GlobalUnlock", argc=1) - def GlobalUnlock(self, emu, argv, ctx={}): + def GlobalUnlock(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GlobalUnlock( HGLOBAL hMem ); """ + ctx = ctx or {} return 0 @apihook("GlobalFree", argc=1) - def GlobalFree(self, emu, argv, ctx={}): + def GlobalFree(self, emu, argv, ctx: dict[str, str] | None = None): """ HGLOBAL GlobalFree( _Frees_ptr_opt_ HGLOBAL hMem ); """ + ctx = ctx or {} return 0 @apihook("GetSystemDirectory", argc=2) - def GetSystemDirectory(self, emu, argv, ctx={}): + def GetSystemDirectory(self, emu, argv, ctx: dict[str, str] | None = None): """ UINT GetSystemDirectory( LPSTR lpBuffer, UINT uSize ); """ + ctx = ctx or {} rv = 0 lpBuffer, uSize = argv @@ -3207,22 +3333,24 @@ def GetSystemDirectory(self, emu, argv, ctx={}): return rv @apihook("IsDBCSLeadByte", argc=1) - def IsDBCSLeadByte(self, emu, argv, ctx={}): + def IsDBCSLeadByte(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL IsDBCSLeadByte( BYTE TestChar ); """ + ctx = ctx or {} return True @apihook("SetEnvironmentVariable", argc=2) - def SetEnvironmentVariable(self, emu, argv, ctx={}): + def SetEnvironmentVariable(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetEnvironmentVariable( LPCTSTR lpName, LPCTSTR lpValue ); """ + ctx = ctx or {} lpName, lpValue = argv cw = self.get_char_width(ctx) if lpName and lpValue: @@ -3234,12 +3362,13 @@ def SetEnvironmentVariable(self, emu, argv, ctx={}): return True @apihook("SetDllDirectory", argc=1) - def SetDllDirectory(self, emu, argv, ctx={}): + def SetDllDirectory(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetDllDirectory( LPCSTR lpPathName ); """ + ctx = ctx or {} (path,) = argv cw = self.get_char_width(ctx) @@ -3249,17 +3378,18 @@ def SetDllDirectory(self, emu, argv, ctx={}): return True @apihook("GetWindowsDirectory", argc=2) - def GetWindowsDirectory(self, emu, argv, ctx={}): + def GetWindowsDirectory(self, emu, argv, ctx: dict[str, str] | None = None): """ UINT GetWindowsDirectory( LPSTR lpBuffer, UINT uSize ); """ + ctx = ctx or {} return self.GetSystemDirectory(emu, argv, ctx) @apihook("CreateFileMapping", argc=6) - def CreateFileMapping(self, emu, argv, ctx={}): + def CreateFileMapping(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE CreateFileMapping( HANDLE hFile, @@ -3270,6 +3400,7 @@ def CreateFileMapping(self, emu, argv, ctx={}): LPTSTR lpName ); """ + ctx = ctx or {} hfile, map_attrs, prot, max_size_high, max_size_low, map_name = argv cw = self.get_char_width(ctx) @@ -3287,7 +3418,7 @@ def CreateFileMapping(self, emu, argv, ctx={}): return hmap @apihook("MapViewOfFile", argc=5) - def MapViewOfFile(self, emu, argv, ctx={}): + def MapViewOfFile(self, emu, argv, ctx: dict[str, str] | None = None): """ LPVOID MapViewOfFile( HANDLE hFileMappingObject, @@ -3297,6 +3428,7 @@ def MapViewOfFile(self, emu, argv, ctx={}): SIZE_T dwNumberOfBytesToMap ); """ + ctx = ctx or {} hmap, access, offset_high, offset_low, bytes_to_map = argv fman = emu.get_file_manager() @@ -3362,12 +3494,13 @@ def MapViewOfFile(self, emu, argv, ctx={}): return buf @apihook("UnmapViewOfFile", argc=1) - def UnmapViewOfFile(self, emu, argv, ctx={}): + def UnmapViewOfFile(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL UnmapViewOfFile( LPCVOID lpBaseAddress ); """ + ctx = ctx or {} (lpBaseAddress,) = argv rv = False @@ -3382,12 +3515,13 @@ def UnmapViewOfFile(self, emu, argv, ctx={}): return rv @apihook("GetSystemInfo", argc=1) - def GetSystemInfo(self, emu, argv, ctx={}): + def GetSystemInfo(self, emu, argv, ctx: dict[str, str] | None = None): """ void GetSystemInfo( LPSYSTEM_INFO lpSystemInfo ); """ + ctx = ctx or {} (lpSystemInfo,) = argv ptr_size = emu.get_ptr_size() si = self.k32types.SYSTEM_INFO(ptr_size) @@ -3402,12 +3536,13 @@ def GetSystemInfo(self, emu, argv, ctx={}): return @apihook("GetFileAttributes", argc=1) - def GetFileAttributes(self, emu, argv, ctx={}): + def GetFileAttributes(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD GetFileAttributes( LPCSTR lpFileName ); """ + ctx = ctx or {} (fn,) = argv cw = self.get_char_width(ctx) rv = windefs.INVALID_FILE_ATTRIBUTES @@ -3418,7 +3553,7 @@ def GetFileAttributes(self, emu, argv, ctx={}): return rv @apihook("GetFileAttributesEx", argc=3) - def GetFileAttributesEx(self, emu, argv, ctx={}): + def GetFileAttributesEx(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetFileAttributesEx( LPCSTR lpFileName, @@ -3426,6 +3561,7 @@ def GetFileAttributesEx(self, emu, argv, ctx={}): LPVOID lpFileInformation ); """ + ctx = ctx or {} lpFileName, fInfoLevelId, lpFileInformation = argv cw = self.get_char_width(ctx) @@ -3473,7 +3609,7 @@ def GetFileAttributesEx(self, emu, argv, ctx={}): return True @apihook("GetFileTime", argc=4) - def GetFileTime(self, emu, argv, ctx={}): + def GetFileTime(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetFileTime( HANDLE hFile, @@ -3482,6 +3618,7 @@ def GetFileTime(self, emu, argv, ctx={}): LPFILETIME lpLastWriteTime ); """ + ctx = ctx or {} _hFile, lpCreationTime, lpLastAccessTime, lpLastWriteTime = argv ft = self.k32types.FILETIME(emu.get_ptr_size()) @@ -3501,7 +3638,7 @@ def GetFileTime(self, emu, argv, ctx={}): return True @apihook("SetFileTime", argc=4) - def SetFileTime(self, emu, argv, ctx={}): + def SetFileTime(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetFileTime( HANDLE hFile, @@ -3510,17 +3647,19 @@ def SetFileTime(self, emu, argv, ctx={}): const FILETIME *lpLastWriteTime ); """ + ctx = ctx or {} emu.set_last_error(windefs.ERROR_SUCCESS) return True @apihook("CreateDirectory", argc=2) - def CreateDirectory(self, emu, argv, ctx={}): + def CreateDirectory(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CreateDirectory( LPCSTR lpPathName, LPSECURITY_ATTRIBUTES lpSecurityAttributes ); """ + ctx = ctx or {} pn, sec = argv cw = self.get_char_width(ctx) @@ -3530,12 +3669,13 @@ def CreateDirectory(self, emu, argv, ctx={}): return True @apihook("RemoveDirectory", argc=1) - def RemoveDirectory(self, emu, argv, ctx={}): + def RemoveDirectory(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL RemoveDirectoryA( [in] LPCSTR lpPathName ); """ + ctx = ctx or {} (pn,) = argv cw = self.get_char_width(ctx) @@ -3546,7 +3686,7 @@ def RemoveDirectory(self, emu, argv, ctx={}): return True @apihook("CopyFile", argc=3) - def CopyFile(self, emu, argv, ctx={}): + def CopyFile(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CopyFile( LPCTSTR lpExistingFileName, @@ -3554,6 +3694,7 @@ def CopyFile(self, emu, argv, ctx={}): BOOL bFailIfExists ); """ + ctx = ctx or {} src, dst, fail = argv cw = self.get_char_width(ctx) @@ -3599,13 +3740,14 @@ def CopyFile(self, emu, argv, ctx={}): return True @apihook("MoveFile", argc=2) - def MoveFile(self, emu, argv, ctx={}): + def MoveFile(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL MoveFile( LPCTSTR lpExistingFileName, LPCTSTR lpNewFileName ); """ + ctx = ctx or {} src, dst = argv cw = self.get_char_width(ctx) @@ -3655,7 +3797,7 @@ def MoveFile(self, emu, argv, ctx={}): return 1 @apihook("CreateFile", argc=7) - def CreateFile(self, emu, argv, ctx={}): + def CreateFile(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE CreateFile( LPTSTR lpFileName, @@ -3667,6 +3809,7 @@ def CreateFile(self, emu, argv, ctx={}): HANDLE hTemplateFile ); """ + ctx = ctx or {} fname, access, share, sec_attr, disp, flags, template = argv hnd = windefs.INVALID_HANDLE_VALUE @@ -3734,12 +3877,13 @@ def CreateFile(self, emu, argv, ctx={}): return hnd @apihook("DeleteFile", argc=1) - def DeleteFile(self, emu, argv, ctx={}): + def DeleteFile(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL DeleteFileW( LPCWSTR lpFileName ); """ + ctx = ctx or {} lpFileName = argv[0] cw = self.get_char_width(ctx) if not lpFileName: @@ -3758,7 +3902,7 @@ def DeleteFile(self, emu, argv, ctx={}): return 0 @apihook("ReadFile", argc=5) - def ReadFile(self, emu, argv, ctx={}): + def ReadFile(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL ReadFile( HANDLE hFile, @@ -3768,6 +3912,7 @@ def ReadFile(self, emu, argv, ctx={}): LPOVERLAPPED lpOverlapped ); """ + ctx = ctx or {} def _write_output(emu, data, pBuffer, pBytesRead): self.mem_write(pBuffer, data) @@ -3806,7 +3951,7 @@ def _write_output(emu, data, pBuffer, pBytesRead): return rv @apihook("WriteFile", argc=5) - def WriteFile(self, emu, argv, ctx={}): + def WriteFile(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL WriteFile( HANDLE hFile, @@ -3816,6 +3961,7 @@ def WriteFile(self, emu, argv, ctx={}): LPOVERLAPPED lpOverlapped ); """ + ctx = ctx or {} hFile, lpBuffer, num_bytes, bytes_written, lpOverlapped = argv rv = 0 @@ -3873,7 +4019,7 @@ def WriteFile(self, emu, argv, ctx={}): return rv @apihook("SetFilePointer", argc=4) - def SetFilePointer(self, emu, argv, ctx={}): + def SetFilePointer(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD SetFilePointer( HANDLE hFile, @@ -3882,6 +4028,7 @@ def SetFilePointer(self, emu, argv, ctx={}): DWORD dwMoveMethod ); """ + ctx = ctx or {} hFile, lDistanceToMove, lpDistanceToMoveHigh, dwMoveMethod = argv rv = 0 @@ -3895,7 +4042,7 @@ def SetFilePointer(self, emu, argv, ctx={}): return rv @apihook("SetFilePointerEx", argc=4) - def SetFilePointerEx(self, emu, argv, ctx={}): + def SetFilePointerEx(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetFilePointerEx( [in] HANDLE hFile, @@ -3904,6 +4051,7 @@ def SetFilePointerEx(self, emu, argv, ctx={}): [in] DWORD dwMoveMethod ); """ + ctx = ctx or {} hFile, lDistanceToMove, lpNewFilePointer, dwMoveMethod = argv f = self.file_get(hFile) if f: @@ -3915,13 +4063,14 @@ def SetFilePointerEx(self, emu, argv, ctx={}): return False @apihook("GetFileSize", argc=2) - def GetFileSize(self, emu, argv, ctx={}): + def GetFileSize(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD GetFileSize( HANDLE hFile, LPDWORD lpFileSizeHigh ); """ + ctx = ctx or {} hFile, lpFileSizeHigh = argv f = self.file_get(hFile) @@ -3943,13 +4092,14 @@ def GetFileSize(self, emu, argv, ctx={}): return low @apihook("GetFileSizeEx", argc=2) - def GetFileSizeEx(self, emu, argv, ctx={}): + def GetFileSizeEx(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetFileSizeEx( HANDLE hFile, PLARGE_INTEGER lpFileSize ); """ + ctx = ctx or {} hFile, lpFileSize = argv f = self.file_get(hFile) @@ -3964,12 +4114,13 @@ def GetFileSizeEx(self, emu, argv, ctx={}): return 0 @apihook("CloseHandle", argc=1) - def CloseHandle(self, emu, argv, ctx={}): + def CloseHandle(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CloseHandle( HANDLE hObject ); """ + ctx = ctx or {} (hObject,) = argv reg_key = emu.reg_get_key(handle=hObject) @@ -3987,24 +4138,26 @@ def CloseHandle(self, emu, argv, ctx={}): return 0 @apihook("SetEndOfFile", argc=1) - def SetEndOfFile(self, emu, argv, ctx={}): + def SetEndOfFile(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetEndOfFile( HANDLE hFile ); """ + ctx = ctx or {} return True @apihook("IsDebuggerPresent", argc=0) - def IsDebuggerPresent(self, emu, argv, ctx={}): + def IsDebuggerPresent(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL IsDebuggerPresent(); """ + ctx = ctx or {} return False @apihook("GetVolumeInformation", argc=8) - def GetVolumeInformation(self, emu, argv, ctx={}): + def GetVolumeInformation(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetVolumeInformation( LPCSTR lpRootPathName, @@ -4017,6 +4170,7 @@ def GetVolumeInformation(self, emu, argv, ctx={}): DWORD nFileSystemNameSize ); """ + ctx = ctx or {} root, vol_buf, vol_size, serial, comp_len, fs_flags, fs_name, fs_name_len = argv cw = self.get_char_width(ctx) @@ -4027,7 +4181,7 @@ def GetVolumeInformation(self, emu, argv, ctx={}): return True @apihook("CreateEvent", argc=4) - def CreateEvent(self, emu, argv, ctx={}): + def CreateEvent(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE CreateEvent( LPSECURITY_ATTRIBUTES lpEventAttributes, @@ -4036,6 +4190,7 @@ def CreateEvent(self, emu, argv, ctx={}): LPCSTR lpName ); """ + ctx = ctx or {} attrs, reset, state, name = argv cw = self.get_char_width(ctx) @@ -4055,7 +4210,7 @@ def CreateEvent(self, emu, argv, ctx={}): return hnd @apihook("CreateWaitableTimer", argc=3) - def CreateWaitableTimer(self, emu, argv, ctx={}): + def CreateWaitableTimer(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE CreateWaitableTimer( LPSECURITY_ATTRIBUTES lpTimerAttributes, @@ -4063,6 +4218,7 @@ def CreateWaitableTimer(self, emu, argv, ctx={}): LPCSTR lpTimerName ); """ + ctx = ctx or {} _attrs, _manual_reset, name = argv cw = self.get_char_width(ctx) @@ -4083,7 +4239,7 @@ def CreateWaitableTimer(self, emu, argv, ctx={}): return hnd @apihook("CreateWaitableTimerEx", argc=4) - def CreateWaitableTimerEx(self, emu, argv, ctx={}): + def CreateWaitableTimerEx(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE CreateWaitableTimerEx( LPSECURITY_ATTRIBUTES lpTimerAttributes, @@ -4092,6 +4248,7 @@ def CreateWaitableTimerEx(self, emu, argv, ctx={}): DWORD dwDesiredAccess ); """ + ctx = ctx or {} _attrs, name, _flags, _access = argv cw = self.get_char_width(ctx) @@ -4112,7 +4269,7 @@ def CreateWaitableTimerEx(self, emu, argv, ctx={}): return hnd @apihook("OpenWaitableTimer", argc=3) - def OpenWaitableTimer(self, emu, argv, ctx={}): + def OpenWaitableTimer(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE OpenWaitableTimer( DWORD dwDesiredAccess, @@ -4120,6 +4277,7 @@ def OpenWaitableTimer(self, emu, argv, ctx={}): LPCSTR lpTimerName ); """ + ctx = ctx or {} _access, _inherit, name = argv cw = self.get_char_width(ctx) @@ -4140,7 +4298,7 @@ def OpenWaitableTimer(self, emu, argv, ctx={}): return hnd @apihook("SetWaitableTimer", argc=6) - def SetWaitableTimer(self, emu, argv, ctx={}): + def SetWaitableTimer(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetWaitableTimer( HANDLE hTimer, @@ -4151,6 +4309,7 @@ def SetWaitableTimer(self, emu, argv, ctx={}): BOOL fResume ); """ + ctx = ctx or {} hTimer, _due_time, _period, _completion_routine, _completion_arg, _resume = argv obj = self.get_object_from_handle(hTimer) @@ -4162,12 +4321,13 @@ def SetWaitableTimer(self, emu, argv, ctx={}): return True @apihook("CancelWaitableTimer", argc=1) - def CancelWaitableTimer(self, emu, argv, ctx={}): + def CancelWaitableTimer(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CancelWaitableTimer( HANDLE hTimer ); """ + ctx = ctx or {} (hTimer,) = argv obj = self.get_object_from_handle(hTimer) @@ -4179,7 +4339,7 @@ def CancelWaitableTimer(self, emu, argv, ctx={}): return True @apihook("OpenEvent", argc=3) - def OpenEvent(self, emu, argv, ctx={}): + def OpenEvent(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE OpenEvent( DWORD dwDesiredAccess, @@ -4187,6 +4347,7 @@ def OpenEvent(self, emu, argv, ctx={}): LPCSTR lpName ); """ + ctx = ctx or {} access, inherit, name = argv cw = self.get_char_width(ctx) @@ -4207,12 +4368,13 @@ def OpenEvent(self, emu, argv, ctx={}): return hnd @apihook("SetEvent", argc=1) - def SetEvent(self, emu, argv, ctx={}): + def SetEvent(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetEvent( HANDLE hEvent ); """ + ctx = ctx or {} (hEvent,) = argv obj = self.get_object_from_handle(hEvent) @@ -4224,12 +4386,13 @@ def SetEvent(self, emu, argv, ctx={}): return rv @apihook("SetUnhandledExceptionFilter", argc=1) - def SetUnhandledExceptionFilter(self, emu, argv, ctx={}): + def SetUnhandledExceptionFilter(self, emu, argv, ctx: dict[str, str] | None = None): """ LPTOP_LEVEL_EXCEPTION_FILTER SetUnhandledExceptionFilter( LPTOP_LEVEL_EXCEPTION_FILTER lpTopLevelExceptionFilter ); """ + ctx = ctx or {} (lpTopLevelExceptionFilter,) = argv emu.set_unhandled_exception_handler(lpTopLevelExceptionFilter) @@ -4237,43 +4400,47 @@ def SetUnhandledExceptionFilter(self, emu, argv, ctx={}): return 0 @apihook("DeleteCriticalSection", argc=1) - def DeleteCriticalSection(self, emu, argv, ctx={}): + def DeleteCriticalSection(self, emu, argv, ctx: dict[str, str] | None = None): """ void DeleteCriticalSection( LPCRITICAL_SECTION lpCriticalSection ); """ + ctx = ctx or {} return None @apihook("FlsFree", argc=1) - def FlsFree(self, emu, argv, ctx={}): + def FlsFree(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL FlsFree( DWORD dwFlsIndex ); """ + ctx = ctx or {} return True @apihook("TlsFree", argc=1) - def TlsFree(self, emu, argv, ctx={}): + def TlsFree(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL TlsFree( DWORD dwTlsIndex ); """ + ctx = ctx or {} return True @apihook("ProcessIdToSessionId", argc=2) - def ProcessIdToSessionId(self, emu, argv, ctx={}): + def ProcessIdToSessionId(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL ProcessIdToSessionId( DWORD dwProcessId, DWORD *pSessionId ); """ + ctx = ctx or {} dwProcessId, pSessionId = argv rv = False @@ -4290,7 +4457,7 @@ def ProcessIdToSessionId(self, emu, argv, ctx={}): return rv @apihook("InitializeCriticalSectionEx", argc=3) - def InitializeCriticalSectionEx(self, emu, argv, ctx={}): + def InitializeCriticalSectionEx(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL InitializeCriticalSectionEx( LPCRITICAL_SECTION lpCriticalSection, @@ -4298,69 +4465,76 @@ def InitializeCriticalSectionEx(self, emu, argv, ctx={}): DWORD Flags ); """ + ctx = ctx or {} emu.set_last_error(windefs.ERROR_SUCCESS) return True @apihook("InitializeCriticalSection", argc=1) - def InitializeCriticalSection(self, emu, argv, ctx={}): + def InitializeCriticalSection(self, emu, argv, ctx: dict[str, str] | None = None): """ void InitializeCriticalSection( LPCRITICAL_SECTION lpCriticalSection ); """ + ctx = ctx or {} emu.set_last_error(windefs.ERROR_SUCCESS) return None @apihook("GetOEMCP", argc=0) - def GetOEMCP(self, emu, argv, ctx={}): + def GetOEMCP(self, emu, argv, ctx: dict[str, str] | None = None): """ UINT GetOEMCP(); """ + ctx = ctx or {} return 1200 @apihook("GlobalLock", argc=1) - def GlobalLock(self, emu, argv, ctx={}): + def GlobalLock(self, emu, argv, ctx: dict[str, str] | None = None): """ LPVOID GlobalLock( HGLOBAL hMem ); """ + ctx = ctx or {} (hMem,) = argv emu.set_last_error(windefs.ERROR_SUCCESS) return hMem @apihook("LocalLock", argc=1) - def LocalLock(self, emu, argv, ctx={}): + def LocalLock(self, emu, argv, ctx: dict[str, str] | None = None): """ LPVOID LocalLock( HGLOBAL hMem ); """ + ctx = ctx or {} (hMem,) = argv emu.set_last_error(windefs.ERROR_SUCCESS) return hMem @apihook("HeapDestroy", argc=1) - def HeapDestroy(self, emu, argv, ctx={}): + def HeapDestroy(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL HeapDestroy( HANDLE hHeap ); """ + ctx = ctx or {} return True @apihook("InitializeSListHead", argc=1) - def InitializeSListHead(self, emu, argv, ctx={}): + def InitializeSListHead(self, emu, argv, ctx: dict[str, str] | None = None): """ void InitializeSListHead( PSLIST_HEADER ListHead ); """ + ctx = ctx or {} (ListHead,) = argv self.mem_write(ListHead, b"\x00" * 8) @@ -4368,23 +4542,25 @@ def InitializeSListHead(self, emu, argv, ctx={}): return None @apihook("FreeLibrary", argc=1) - def FreeLibrary(self, emu, argv, ctx={}): + def FreeLibrary(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL FreeLibrary( HMODULE hLibModule ); """ + ctx = ctx or {} return True @apihook("WaitForSingleObject", argc=2) - def WaitForSingleObject(self, emu, argv, ctx={}): + def WaitForSingleObject(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD WaitForSingleObject( HANDLE hHandle, DWORD dwMilliseconds ); """ + ctx = ctx or {} hHandle, dwMilliseconds = argv # TODO @@ -4396,18 +4572,19 @@ def WaitForSingleObject(self, emu, argv, ctx={}): return rv @apihook("GetConsoleMode", argc=2) - def GetConsoleMode(self, emu, argv, ctx={}): + def GetConsoleMode(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL WINAPI GetConsoleMode( _In_ HANDLE hConsoleHandle, _Out_ LPDWORD lpMode ); """ + ctx = ctx or {} return True @apihook("HeapSetInformation", argc=4) - def HeapSetInformation(self, emu, argv, ctx={}): + def HeapSetInformation(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL HeapSetInformation( HANDLE HeapHandle, @@ -4416,20 +4593,22 @@ def HeapSetInformation(self, emu, argv, ctx={}): SIZE_T HeapInformationLength ); """ + ctx = ctx or {} return True @apihook("SetErrorMode", argc=1) - def SetErrorMode(self, emu, argv, ctx={}): + def SetErrorMode(self, emu, argv, ctx: dict[str, str] | None = None): """ UINT SetErrorMode( UINT uMode ); """ + ctx = ctx or {} return 0 @apihook("InterlockedCompareExchange", argc=3) - def InterlockedCompareExchange(self, emu, argv, ctx={}): + def InterlockedCompareExchange(self, emu, argv, ctx: dict[str, str] | None = None): """ LONG InterlockedCompareExchange( LONG volatile *Destination, @@ -4437,6 +4616,7 @@ def InterlockedCompareExchange(self, emu, argv, ctx={}): LONG Comperand ); """ + ctx = ctx or {} pDest, ExChange, Comperand = argv dest_bytes = self.mem_read(pDest, 4) @@ -4448,13 +4628,14 @@ def InterlockedCompareExchange(self, emu, argv, ctx={}): return dest @apihook("InterlockedExchange", argc=2) - def InterlockedExchange(self, emu, argv, ctx={}): + def InterlockedExchange(self, emu, argv, ctx: dict[str, str] | None = None): """ LONG InterlockedExchange( LONG volatile *Target, LONG Value ); """ + ctx = ctx or {} Target, Value = argv tgt = self.mem_read(Target, 4) tgt = int.from_bytes(tgt, "little") @@ -4466,7 +4647,7 @@ def InterlockedExchange(self, emu, argv, ctx={}): return tgt @apihook("CreateNamedPipe", argc=8) - def CreateNamedPipe(self, emu, argv, ctx={}): + def CreateNamedPipe(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE CreateNamedPipe( LPCSTR lpName, @@ -4479,6 +4660,7 @@ def CreateNamedPipe(self, emu, argv, ctx={}): LPSECURITY_ATTRIBUTES lpSecurityAttributes ); """ + ctx = ctx or {} ( lpName, dwOpenMode, @@ -4503,7 +4685,7 @@ def CreateNamedPipe(self, emu, argv, ctx={}): return hnd @apihook("CreatePipe", argc=4) - def CreatePipe(self, emu, argv, ctx={}): + def CreatePipe(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CreatePipe( PHANDLE hReadPipe, @@ -4512,6 +4694,7 @@ def CreatePipe(self, emu, argv, ctx={}): DWORD nSize ); """ + ctx = ctx or {} hReadPipe, hWritePipe, lpPipeAttributes, nSize = argv if not hReadPipe or not hWritePipe: @@ -4529,7 +4712,7 @@ def CreatePipe(self, emu, argv, ctx={}): return 1 @apihook("PeekNamedPipe", argc=6) - def PeekNamedPipe(self, emu, argv, ctx={}): + def PeekNamedPipe(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL PeekNamedPipe( HANDLE hNamedPipe, @@ -4540,6 +4723,7 @@ def PeekNamedPipe(self, emu, argv, ctx={}): LPDWORD lpBytesLeftThisMessage ); """ + ctx = ctx or {} (hNamedPipe, lpBuffer, nBufferSize, lpBytesRead, lpTotalBytesAvail, lpBytesLeftThisMessage) = argv pipe = emu.pipe_get(hNamedPipe) if not pipe: @@ -4557,13 +4741,14 @@ def PeekNamedPipe(self, emu, argv, ctx={}): return 1 @apihook("ConnectNamedPipe", argc=2) - def ConnectNamedPipe(self, emu, argv, ctx={}): + def ConnectNamedPipe(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL ConnectNamedPipe( HANDLE hNamedPipe, LPOVERLAPPED lpOverlapped ); """ + ctx = ctx or {} hNamedPipe, lpOverlapped = argv rv = False pipe = emu.pipe_get(hNamedPipe) @@ -4572,12 +4757,13 @@ def ConnectNamedPipe(self, emu, argv, ctx={}): return rv @apihook("DisconnectNamedPipe", argc=1) - def DisconnectNamedPipe(self, emu, argv, ctx={}): + def DisconnectNamedPipe(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL DisconnectNamedPipe( HANDLE hNamedPipe ); """ + ctx = ctx or {} (hNamedPipe,) = argv rv = False pipe = emu.pipe_get(hNamedPipe) @@ -4586,7 +4772,7 @@ def DisconnectNamedPipe(self, emu, argv, ctx={}): return rv @apihook("GetLocaleInfo", argc=4) - def GetLocaleInfo(self, emu, argv, ctx={}): + def GetLocaleInfo(self, emu, argv, ctx: dict[str, str] | None = None): """ int GetLocaleInfo( LCID Locale, @@ -4595,6 +4781,7 @@ def GetLocaleInfo(self, emu, argv, ctx={}): int cchData ); """ + ctx = ctx or {} Locale, LCType, lpLCData, cchData = argv rv = 0 @@ -4620,13 +4807,14 @@ def GetLocaleInfo(self, emu, argv, ctx={}): return rv @apihook("IsWow64Process", argc=2) - def IsWow64Process(self, emu, argv, ctx={}): + def IsWow64Process(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL IsWow64Process( HANDLE hProcess, PBOOL Wow64Process ); """ + ctx = ctx or {} hProcess, Wow64Process = argv rv = False @@ -4637,13 +4825,14 @@ def IsWow64Process(self, emu, argv, ctx={}): return rv @apihook("CheckRemoteDebuggerPresent", argc=2) - def CheckRemoteDebuggerPresent(self, emu, argv, ctx={}): + def CheckRemoteDebuggerPresent(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL CheckRemoteDebuggerPresent( HANDLE hProcess, PBOOL pbDebuggerPresent ); """ + ctx = ctx or {} hProcess, pbDebuggerPresent = argv rv = False @@ -4654,13 +4843,14 @@ def CheckRemoteDebuggerPresent(self, emu, argv, ctx={}): return rv @apihook("GetComputerName", argc=2) - def GetComputerName(self, emu, argv, ctx={}): + def GetComputerName(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetComputerName( LPSTR lpBuffer, LPDWORD nSize ); """ + ctx = ctx or {} lpBuffer, nSize = argv rv = False @@ -4683,12 +4873,13 @@ def GetComputerName(self, emu, argv, ctx={}): return rv @apihook("GetVersionEx", argc=1) - def GetVersionEx(self, emu, argv, ctx={}): + def GetVersionEx(self, emu, argv, ctx: dict[str, str] | None = None): """ NOT_BUILD_WINDOWS_DEPRECATE BOOL GetVersionEx( LPOSVERSIONINFO lpVersionInformation ); """ + ctx = ctx or {} (lpVersionInformation,) = argv osver = self.k32types.OSVERSIONINFO(emu.get_ptr_size()) @@ -4710,7 +4901,7 @@ def GetVersionEx(self, emu, argv, ctx={}): return rv @apihook("GetEnvironmentVariable", argc=3) - def GetEnvironmentVariable(self, emu, argv, ctx={}): + def GetEnvironmentVariable(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD GetEnvironmentVariable( LPCTSTR lpName, @@ -4718,6 +4909,7 @@ def GetEnvironmentVariable(self, emu, argv, ctx={}): DWORD nSize ); """ + ctx = ctx or {} lpName, lpBuffer, nSize = argv rv = 0 @@ -4741,24 +4933,26 @@ def GetEnvironmentVariable(self, emu, argv, ctx={}): return rv @apihook("GetCurrentPackageId", argc=2) - def GetCurrentPackageId(self, emu, argv, ctx={}): + def GetCurrentPackageId(self, emu, argv, ctx: dict[str, str] | None = None): """ LONG GetCurrentPackageId( UINT32 *bufferLength, BYTE *buffer ); """ + ctx = ctx or {} return windefs.ERROR_SUCCESS @apihook("AreFileApisANSI", argc=0) - def AreFileApisANSI(self, emu, argv, ctx={}): + def AreFileApisANSI(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL AreFileApisANSI(); """ + ctx = ctx or {} return True @apihook("FindFirstFileEx", argc=6) - def FindFirstFileEx(self, emu, argv, ctx={}): + def FindFirstFileEx(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE FindFirstFileExA( LPCSTR lpFileName, @@ -4769,6 +4963,7 @@ def FindFirstFileEx(self, emu, argv, ctx={}): DWORD dwAdditionalFlags ); """ + ctx = ctx or {} ( lpFileName, fInfoLevelId, @@ -4785,13 +4980,14 @@ def FindFirstFileEx(self, emu, argv, ctx={}): return rv @apihook("FindFirstFile", argc=2) - def FindFirstFile(self, emu, argv, ctx={}): + def FindFirstFile(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE FindFirstFileA( LPCSTR lpFileName, LPWIN32_FIND_DATAA lpFindFileData ); """ + ctx = ctx or {} lpFileName, lpFindFileData = argv @@ -4828,13 +5024,14 @@ def FindFirstFile(self, emu, argv, ctx={}): return hnd @apihook("FindNextFile", argc=2) - def FindNextFile(self, emu, argv, ctx={}): + def FindNextFile(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL FindNextFile( HANDLE hFindFile, LPWIN32_FIND_DATAA lpFindFileData ); """ + ctx = ctx or {} hFindFile, lpFindFileData = argv rv = 1 @@ -4870,12 +5067,13 @@ def FindNextFile(self, emu, argv, ctx={}): return rv @apihook("FindClose", argc=1) - def FindClose(self, emu, argv, ctx={}): + def FindClose(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL FindClose( HANDLE hFindFile ); """ + ctx = ctx or {} (hFindFile,) = argv @@ -4887,7 +5085,7 @@ def FindClose(self, emu, argv, ctx={}): return True @apihook("GetSystemTimes", argc=3) - def GetSystemTimes(self, emu, argv, ctx={}): + def GetSystemTimes(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetSystemTimes( PFILETIME lpIdleTime, @@ -4895,6 +5093,7 @@ def GetSystemTimes(self, emu, argv, ctx={}): PFILETIME lpUserTime ); """ + ctx = ctx or {} lpIdleTime, lpKernelTime, lpUserTime = argv @@ -4911,13 +5110,14 @@ def GetSystemTimes(self, emu, argv, ctx={}): return True @apihook("GetThreadContext", argc=2) - def GetThreadContext(self, emu, argv, ctx={}): + def GetThreadContext(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetThreadContext( HANDLE hThread, LPCONTEXT lpContext ); """ + ctx = ctx or {} hThread, lpContext = argv @@ -4932,13 +5132,14 @@ def GetThreadContext(self, emu, argv, ctx={}): return True @apihook("SetThreadContext", argc=2) - def SetThreadContext(self, emu, argv, ctx={}): + def SetThreadContext(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetThreadContext( HANDLE hThread, const CONTEXT *lpContext ); """ + ctx = ctx or {} hThread, lpContext = argv @@ -4957,13 +5158,14 @@ def SetThreadContext(self, emu, argv, ctx={}): return True @apihook("CompareFileTime", argc=2) - def CompareFileTime(self, emu, argv, ctx={}): + def CompareFileTime(self, emu, argv, ctx: dict[str, str] | None = None): """ LONG CompareFileTime( const FILETIME *lpFileTime1, const FILETIME *lpFileTime2 ); """ + ctx = ctx or {} lpFileTime1, lpFileTime2 = argv rv = 0 @@ -4986,7 +5188,7 @@ def CompareFileTime(self, emu, argv, ctx={}): return rv @apihook("FindResource", argc=3) - def FindResource(self, emu, argv, ctx={}): + def FindResource(self, emu, argv, ctx: dict[str, str] | None = None): """ HRSRC FindResourceA( HMODULE hModule, @@ -4994,6 +5196,7 @@ def FindResource(self, emu, argv, ctx={}): LPCSTR lpType ); """ + ctx = ctx or {} cw = self.get_char_width(ctx) hModule, lpName, lpType = argv @@ -5020,7 +5223,7 @@ def FindResource(self, emu, argv, ctx={}): return pe.base + res.entry_rva @apihook("FindResourceEx", argc=4) - def FindResourceEx(self, emu, argv, ctx={}): + def FindResourceEx(self, emu, argv, ctx: dict[str, str] | None = None): """ HRSRC FindResourceExW( [in, optional] HMODULE hModule, @@ -5029,6 +5232,7 @@ def FindResourceEx(self, emu, argv, ctx={}): [in] WORD wLanguage ); """ + ctx = ctx or {} # repeats code from FindResource() cw = self.get_char_width(ctx) @@ -5054,13 +5258,14 @@ def FindResourceEx(self, emu, argv, ctx={}): return pe.base + res.entry_rva @apihook("LoadResource", argc=2) - def LoadResource(self, emu, argv, ctx={}): + def LoadResource(self, emu, argv, ctx: dict[str, str] | None = None): """ HGLOBAL LoadResource( HMODULE hModule, HRSRC hResInfo ); """ + ctx = ctx or {} hModule, hResInfo = argv @@ -5081,25 +5286,27 @@ def LoadResource(self, emu, argv, ctx={}): return 0 @apihook("LockResource", argc=1) - def LockResource(self, emu, argv, ctx={}): + def LockResource(self, emu, argv, ctx: dict[str, str] | None = None): """ LPVOID LockResource( HGLOBAL hResData ); """ + ctx = ctx or {} (hResData,) = argv return hResData @apihook("SizeofResource", argc=2) - def SizeofResource(self, emu, argv, ctx={}): + def SizeofResource(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD SizeofResource( HMODULE hModule, HRSRC hResInfo ); """ + ctx = ctx or {} hModule, hResInfo = argv @@ -5114,23 +5321,25 @@ def SizeofResource(self, emu, argv, ctx={}): return 0 @apihook("FreeResource", argc=1) - def FreeResource(self, emu, argv, ctx={}): + def FreeResource(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL FreeResource( [in] HGLOBAL hResData ); """ + ctx = ctx or {} return 0 @apihook("GetCurrentDirectory", argc=2) - def GetCurrentDirectory(self, emu, argv, ctx={}): + def GetCurrentDirectory(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD GetCurrentDirectory( DWORD nBufferLength, LPTSTR lpBuffer ); """ + ctx = ctx or {} nBufferLength, lpBuffer = argv cw = self.get_char_width(ctx) @@ -5145,7 +5354,7 @@ def GetCurrentDirectory(self, emu, argv, ctx={}): return len(cd) @apihook("VirtualAllocExNuma", argc=6) - def VirtualAllocExNuma(self, emu, argv, ctx={}): + def VirtualAllocExNuma(self, emu, argv, ctx: dict[str, str] | None = None): """ LPVOID VirtualAllocExNuma( HANDLE hProcess, @@ -5156,34 +5365,38 @@ def VirtualAllocExNuma(self, emu, argv, ctx={}): DWORD nndPreferred ); """ + ctx = ctx or {} argv = argv[:-1] return self.VirtualAllocEx(emu, argv, ctx) @apihook("GetNativeSystemInfo", argc=1) - def GetNativeSystemInfo(self, emu, argv, ctx={}): + def GetNativeSystemInfo(self, emu, argv, ctx: dict[str, str] | None = None): """ void GetNativeSystemInfo( LPSYSTEM_INFO lpSystemInfo ); """ + ctx = ctx or {} (lpSystemInfo,) = argv return 0 @apihook("GetUserDefaultUILanguage", argc=0) - def GetUserDefaultUILanguage(self, emu, argv, ctx={}): + def GetUserDefaultUILanguage(self, emu, argv, ctx: dict[str, str] | None = None): """ LANGID GetUserDefaultUILanguage(); """ + ctx = ctx or {} return 0xFFFF @apihook("SetCurrentDirectory", argc=1) - def SetCurrentDirectory(self, emu, argv, ctx={}): + def SetCurrentDirectory(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetCurrentDirectory( LPCTSTR lpPathName ); """ + ctx = ctx or {} (path,) = argv if path: @@ -5195,7 +5408,7 @@ def SetCurrentDirectory(self, emu, argv, ctx={}): return True @apihook("OpenThread", argc=3) - def OpenThread(self, emu, argv, ctx={}): + def OpenThread(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE OpenThread( DWORD dwDesiredAccess, @@ -5203,6 +5416,7 @@ def OpenThread(self, emu, argv, ctx={}): DWORD dwThreadId ); """ + ctx = ctx or {} access, bInheritHandle, dwThreadId = argv thread = emu.get_object_from_id(dwThreadId) hnd = emu.get_object_handle(thread) @@ -5211,7 +5425,7 @@ def OpenThread(self, emu, argv, ctx={}): return hnd @apihook("RaiseException", argc=4) - def RaiseException(self, emu, argv, ctx={}): + def RaiseException(self, emu, argv, ctx: dict[str, str] | None = None): """ VOID RaiseException( DWORD dwExceptionCode, @@ -5220,13 +5434,14 @@ def RaiseException(self, emu, argv, ctx={}): const ULONG_PTR *lpArguments ); """ + ctx = ctx or {} # Stub dwExceptionCode, dwExceptionFlags, nNumberOfArguments, lpArguments = argv return @apihook("VerSetConditionMask", argc=3, conv=e_arch.CALL_CONV_CDECL) - def VerSetConditionMask(self, emu, argv, ctx={}): + def VerSetConditionMask(self, emu, argv, ctx: dict[str, str] | None = None): """ NTSYSAPI ULONGLONG VerSetConditionMask( ULONGLONG ConditionMask, @@ -5234,13 +5449,14 @@ def VerSetConditionMask(self, emu, argv, ctx={}): BYTE Condition ); """ + ctx = ctx or {} # Stub con_mask, type_mask, cond = argv return 0 @apihook("VerifyVersionInfo", argc=3, conv=e_arch.CALL_CONV_CDECL) - def VerifyVersionInfo(self, emu, argv, ctx={}): + def VerifyVersionInfo(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL VerifyVersionInfo( LPOSVERSIONINFOEX lpVersionInformation, @@ -5248,26 +5464,29 @@ def VerifyVersionInfo(self, emu, argv, ctx={}): DWORDLONG dwlConditionMask ); """ + ctx = ctx or {} # Stub vinfo, type_mask, con_mask = argv return True @apihook("FreeConsole", argc=0) - def FreeConsole(self, emu, argv, ctx={}): + def FreeConsole(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL WINAPI FreeConsole(void); """ + ctx = ctx or {} return True @apihook("IsBadWritePtr", argc=2) - def IsBadWritePtr(self, emu, argv, ctx={}): + def IsBadWritePtr(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL IsBadWritePtr( LPVOID lp, UINT_PTR ucb ); """ + ctx = ctx or {} lp, ucb = argv rv = True @@ -5282,13 +5501,14 @@ def IsBadWritePtr(self, emu, argv, ctx={}): return rv @apihook("IsBadStringPtr", argc=2) - def IsBadStringPtr(self, emu, argv, ctx={}): + def IsBadStringPtr(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL IsBadStringPtrW( LPCWSTR lpsz, UINT_PTR ucchMax ); """ + ctx = ctx or {} lpsz, ucchMax = argv cw = self.get_char_width(ctx) rv = True @@ -5303,7 +5523,7 @@ def IsBadStringPtr(self, emu, argv, ctx={}): return rv @apihook("GetSystemFirmwareTable", argc=4) - def GetSystemFirmwareTable(self, emu, argv, ctx={}): + def GetSystemFirmwareTable(self, emu, argv, ctx: dict[str, str] | None = None): """ UINT GetSystemFirmwareTable( DWORD FirmwareTableProviderSignature, @@ -5312,6 +5532,7 @@ def GetSystemFirmwareTable(self, emu, argv, ctx={}): DWORD BufferSize ); """ + ctx = ctx or {} # Stub sig, tid, firm_buf, buf_size = argv @@ -5323,13 +5544,14 @@ def GetSystemFirmwareTable(self, emu, argv, ctx={}): return rv @apihook("GetTempPath", argc=2) - def GetTempPath(self, emu, argv, ctx={}): + def GetTempPath(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD GetTempPathA( DWORD nBufferLength, LPSTR lpBuffer ); """ + ctx = ctx or {} nBufferLength, lpBuffer = argv rv = 0 @@ -5346,33 +5568,36 @@ def GetTempPath(self, emu, argv, ctx={}): return rv @apihook("SetPriorityClass", argc=2) - def SetPriorityClass(self, emu, argv, ctx={}): + def SetPriorityClass(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetPriorityClass( HANDLE hProcess, DWORD dwPriorityClass ); """ + ctx = ctx or {} return 1 @apihook("SetProcessPriorityBoost", argc=2) - def SetProcessPriorityBoost(self, emu, argv, ctx={}): + def SetProcessPriorityBoost(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetProcessPriorityBoost( HANDLE hProcess, BOOL bDisablePriorityBoost ); """ + ctx = ctx or {} emu.set_last_error(windefs.ERROR_SUCCESS) return 1 @apihook("GetDriveType", argc=1) - def GetDriveType(self, emu, argv, ctx={}): + def GetDriveType(self, emu, argv, ctx: dict[str, str] | None = None): """ UINT GetDriveType( LPCSTR lpRootPathName ); """ + ctx = ctx or {} (lpRootPathName,) = argv cw = self.get_char_width(ctx) @@ -5390,39 +5615,42 @@ def GetDriveType(self, emu, argv, ctx={}): return dm.get_drive_type(name) @apihook("GetExitCodeProcess", argc=2) - def GetExitCodeProcess(self, emu, argv, ctx={}): + def GetExitCodeProcess(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetExitCodeProcess( HANDLE hProcess, LPDWORD lpExitCode ); """ + ctx = ctx or {} hProcess, lpExitCode = argv if lpExitCode: self.mem_write(lpExitCode, b"\x00" * 4) return 1 @apihook("SetThreadPriority", argc=2) - def SetThreadPriority(self, emu, argv, ctx={}): + def SetThreadPriority(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SetThreadPriority( HANDLE hThread, int nPriority ); """ + ctx = ctx or {} return 1 @apihook("ReleaseMutex", argc=1) - def ReleaseMutex(self, emu, argv, ctx={}): + def ReleaseMutex(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL ReleaseMutex( HANDLE hMutex ); """ + ctx = ctx or {} return 1 @apihook("GetShortPathName", argc=3) - def GetShortPathName(self, emu, argv, ctx={}): + def GetShortPathName(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD GetShortPathNameW( LPCWSTR lpszLongPath, @@ -5431,6 +5659,7 @@ def GetShortPathName(self, emu, argv, ctx={}): ); https://en.wikipedia.org/wiki/8.3_filename#VFAT_and_Computer-generated_8.3_filenames """ + ctx = ctx or {} lpszLongPath, lpszShortPath, cchBuffer = argv cw = self.get_char_width(ctx) s = self.read_mem_string(lpszLongPath, cw) @@ -5471,7 +5700,7 @@ def GetShortPathName(self, emu, argv, ctx={}): return len(out) + 1 @apihook("GetLongPathName", argc=3) - def GetLongPathName(self, emu, argv, ctx={}): + def GetLongPathName(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD GetLongPathNameA( LPCSTR lpszShortPath, @@ -5479,6 +5708,7 @@ def GetLongPathName(self, emu, argv, ctx={}): DWORD cchBuffer ); """ + ctx = ctx or {} lpszShortPath, lpszLongPath, cchBuffer = argv # Not an accurate implementation, just a placeholder for now @@ -5492,7 +5722,7 @@ def GetLongPathName(self, emu, argv, ctx={}): return len(s) * cw + 1 @apihook("QueueUserAPC", argc=3) - def QueueUserAPC(self, emu, argv, ctx={}): + def QueueUserAPC(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD QueueUserAPC( PAPCFUNC pfnAPC, @@ -5500,12 +5730,13 @@ def QueueUserAPC(self, emu, argv, ctx={}): ULONG_PTR dwData ); """ + ctx = ctx or {} pfnAPC, hThread, dwData = argv run_type = f"apc_thread_{hThread:x}" self.create_thread(pfnAPC, dwData, 0, thread_type=run_type) @apihook("DuplicateHandle", argc=7) - def DuplicateHandle(self, emu, argv, ctx={}): + def DuplicateHandle(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL DuplicateHandle( HANDLE hSourceProcessHandle, @@ -5517,71 +5748,79 @@ def DuplicateHandle(self, emu, argv, ctx={}): DWORD dwOptions ) """ + ctx = ctx or {} return 1 @apihook("GetBinaryType", argc=2) - def GetBinaryType(self, emu, argv, ctx={}): + def GetBinaryType(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetBinaryTypeA( LPCSTR lpApplicationName, LPDWORD lpBinaryType ); """ + ctx = ctx or {} return 0 @apihook("GetThreadUILanguage", argc=0) - def GetThreadUILanguage(self, emu, argv, ctx={}): + def GetThreadUILanguage(self, emu, argv, ctx: dict[str, str] | None = None): """ LANGID GetThreadUILanguage(); """ + ctx = ctx or {} return 0xFFFF @apihook("SetConsoleHistoryInfo", argc=1) - def SetConsoleHistoryInfo(self, emu, argv, ctx={}): + def SetConsoleHistoryInfo(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL WINAPI SetConsoleHistoryInfo( _In_ PCONSOLE_HISTORY_INFO lpConsoleHistoryInfo ); """ + ctx = ctx or {} return 1 @apihook("GetFileInformationByHandle", argc=2) - def GetFileInformationByHandle(self, emu, argv, ctx={}): + def GetFileInformationByHandle(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetFileInformationByHandle( HANDLE hFile, LPBY_HANDLE_FILE_INFORMATION lpFileInformation ); """ + ctx = ctx or {} return 0 @apihook("GetCommProperties", argc=2) - def GetCommProperties(self, emu, argv, ctx={}): + def GetCommProperties(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetCommProperties( HANDLE hFile, LPCOMMPROP lpCommProp ); """ + ctx = ctx or {} return 0 @apihook("GetCommTimeouts", argc=2) - def GetCommTimeouts(self, emu, argv, ctx={}): + def GetCommTimeouts(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetCommTimeouts( HANDLE hFile, LPCOMMTIMEOUTS lpCommTimeouts ); """ + ctx = ctx or {} return 0 @apihook("AddAtom", argc=1) - def AddAtom(self, emu, argv, ctx={}): + def AddAtom(self, emu, argv, ctx: dict[str, str] | None = None): """ ATOM AddAtomW( LPCWSTR lpString ); """ + ctx = ctx or {} ATOM_RESERVED = 0xC000 (lpString,) = argv cw = self.get_char_width(ctx) @@ -5597,12 +5836,13 @@ def AddAtom(self, emu, argv, ctx={}): return self.add_local_atom(s) @apihook("FindAtom", argc=1) - def FindAtom(self, emu, argv, ctx={}): + def FindAtom(self, emu, argv, ctx: dict[str, str] | None = None): """ ATOM FindAtomA( LPCSTR lpString ); """ + ctx = ctx or {} ATOM_RESERVED = 0xC000 (lpString,) = argv cw = self.get_char_width(ctx) @@ -5623,7 +5863,7 @@ def FindAtom(self, emu, argv, ctx={}): return atom @apihook("GetAtomName", argc=3) - def GetAtomName(self, emu, argv, ctx={}): + def GetAtomName(self, emu, argv, ctx: dict[str, str] | None = None): """ UINT GetAtomNameA( ATOM nAtom, @@ -5631,6 +5871,7 @@ def GetAtomName(self, emu, argv, ctx={}): int nSize ); """ + ctx = ctx or {} ATOM_RESERVED = 0xC000 nAtom, lpBuffer, nSize = argv cw = self.get_char_width(ctx) @@ -5651,12 +5892,13 @@ def GetAtomName(self, emu, argv, ctx={}): return len(s) - 1 @apihook("DeleteAtom", argc=1) - def DeleteAtom(self, emu, argv, ctx={}): + def DeleteAtom(self, emu, argv, ctx: dict[str, str] | None = None): """ ATOM DeleteAtom( ATOM nAtom ); """ + ctx = ctx or {} ATOM_RESERVED = 0xC000 (nAtom,) = argv @@ -5670,17 +5912,18 @@ def DeleteAtom(self, emu, argv, ctx={}): return nAtom @apihook("GetProcessHandleCount", argc=1) - def GetProcessHandleCount(self, emu, argv, ctx={}): + def GetProcessHandleCount(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetProcessHandleCount( HANDLE hProcess, PDWORD pdwHandleCount ); """ + ctx = ctx or {} return 0 @apihook("GetMailslotInfo", argc=5) - def GetMailslotInfo(self, emu, argv, ctx={}): + def GetMailslotInfo(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetMailslotInfo( HANDLE hMailslot, @@ -5690,48 +5933,53 @@ def GetMailslotInfo(self, emu, argv, ctx={}): LPDWORD lpReadTimeout ); """ + ctx = ctx or {} return 0 @apihook("RtlZeroMemory", argc=2) - def RtlZeroMemory(self, emu, argv, ctx={}): + def RtlZeroMemory(self, emu, argv, ctx: dict[str, str] | None = None): """ void RtlZeroMemory( void* Destination, size_t Length ); """ + ctx = ctx or {} dest, length = argv buf = b"\x00" * length self.mem_write(dest, buf) @apihook("RtlMoveMemory", argc=3) - def RtlMoveMemory(self, emu, argv, ctx={}): + def RtlMoveMemory(self, emu, argv, ctx: dict[str, str] | None = None): """ void RtlMoveMemory(void* pvDest, const void *pSrc, size_t Length); """ + ctx = ctx or {} dest, source, length = argv buf = self.mem_read(source, length) self.mem_write(dest, buf) @apihook("QueryPerformanceFrequency", argc=1) - def QueryPerformanceFrequency(self, emu, argv, ctx={}): + def QueryPerformanceFrequency(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL QueryPerformanceFrequency( LARGE_INTEGER *lpFrequency ); """ + ctx = ctx or {} lpFrequency = argv[0] self.mem_write(lpFrequency, (10000000).to_bytes(8, "little")) return 1 @apihook("FindFirstVolume", argc=2) - def FindFirstVolume(self, emu, argv, ctx={}): + def FindFirstVolume(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE FindFirstVolumeW( LPWSTR lpszVolumeName, DWORD cchBufferLength ); """ + ctx = ctx or {} lpszVolumeName, _ = argv cw = self.get_char_width(ctx) @@ -5752,7 +6000,7 @@ def FindFirstVolume(self, emu, argv, ctx={}): return hnd @apihook("FindNextVolume", argc=3) - def FindNextVolume(self, emu, argv, ctx={}): + def FindNextVolume(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL FindNextVolumeW( HANDLE hFindVolume, @@ -5760,6 +6008,7 @@ def FindNextVolume(self, emu, argv, ctx={}): DWORD cchBufferLength ); """ + ctx = ctx or {} hFindVolume, lpszVolumeName, cchBufferLength = argv cw = self.get_char_width(ctx) @@ -5783,12 +6032,13 @@ def FindNextVolume(self, emu, argv, ctx={}): return 1 @apihook("FindVolumeClose", argc=1) - def FindVolumeClose(self, emu, argv, ctx={}): + def FindVolumeClose(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL FindVolumeClose( HANDLE hFindVolume ); """ + ctx = ctx or {} (hFindVolume,) = argv try: @@ -5799,7 +6049,7 @@ def FindVolumeClose(self, emu, argv, ctx={}): return 1 @apihook("CreateIoCompletionPort", argc=4) - def CreateIoCompletionPort(self, emu, argv, ctx={}): + def CreateIoCompletionPort(self, emu, argv, ctx: dict[str, str] | None = None): """ HANDLE WINAPI CreateIoCompletionPort( _In_ HANDLE FileHandle, @@ -5808,6 +6058,7 @@ def CreateIoCompletionPort(self, emu, argv, ctx={}): _In_ DWORD NumberOfConcurrentThreads ); """ + ctx = ctx or {} FileHandle, ExistingCompletionPort, CompletionKey, NumberOfConcurrentThreads = argv # TODO: Implement completion port creation @@ -5816,7 +6067,7 @@ def CreateIoCompletionPort(self, emu, argv, ctx={}): return hnd @apihook("GetVolumePathNamesForVolumeName", argc=4) - def GetVolumePathNamesForVolumeName(self, emu, argv, ctx={}): + def GetVolumePathNamesForVolumeName(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL GetVolumePathNamesForVolumeNameW( LPCWSTR lpszVolumeName, @@ -5825,6 +6076,7 @@ def GetVolumePathNamesForVolumeName(self, emu, argv, ctx={}): PDWORD lpcchReturnLength ); """ + ctx = ctx or {} lpszVolumeName, lpszVolumePathNames, cchBufferLength, lpcchReturnLength = argv cw = self.get_char_width(ctx) @@ -5856,10 +6108,11 @@ def GetVolumePathNamesForVolumeName(self, emu, argv, ctx={}): return rv @apihook("GetLogicalDrives", argc=0) - def GetLogicalDrives(self, emu, argv, ctx={}): + def GetLogicalDrives(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD GetLogicalDrives(); """ + ctx = ctx or {} dm = emu.get_drive_manager() rv = 0 for i, dl in enumerate(string.ascii_uppercase): @@ -5869,16 +6122,17 @@ def GetLogicalDrives(self, emu, argv, ctx={}): return rv @apihook("GlobalMemoryStatus", argc=1) - def GlobalMemoryStatus(self, emu, argv, ctx={}): + def GlobalMemoryStatus(self, emu, argv, ctx: dict[str, str] | None = None): """ void GlobalMemoryStatus( LPMEMORYSTATUS lpBuffer ); """ + ctx = ctx or {} return @apihook("GlobalMemoryStatusEx", argc=1) - def GlobalMemoryStatusEx(self, emu, argv, ctx={}): + def GlobalMemoryStatusEx(self, emu, argv, ctx: dict[str, str] | None = None): """ void GlobalMemoryStatusEx( LPMEMORYSTATUSEX lpBuffer @@ -5896,6 +6150,7 @@ def GlobalMemoryStatusEx(self, emu, argv, ctx={}): DWORDLONG ullAvailExtendedVirtual; } MEMORYSTATUSEX, *LPMEMORYSTATUSEX; """ + ctx = ctx or {} GB = 1024 * 1024 * 1024 buf = struct.pack( ">> ctypes.windll.user32.GetKBCodePage() # 437 # https://docs.microsoft.com/en-us/windows/win32/intl/code-page-identifiers return 437 # OEM United States @apihook("GetClipboardViewer", argc=0) - def GetClipboardViewer(self, emu, argv, ctx={}): + def GetClipboardViewer(self, emu, argv, ctx: dict[str, str] | None = None): """ HWND GetClipboardViewer(); """ + ctx = ctx or {} hnd = 0 desk = self.sessman.get_current_desktop() @@ -1434,10 +1525,11 @@ def GetClipboardViewer(self, emu, argv, ctx={}): return hnd @apihook("GetClipboardOwner", argc=0) - def GetClipboardOwner(self, emu, argv, ctx={}): + def GetClipboardOwner(self, emu, argv, ctx: dict[str, str] | None = None): """ HWND GetClipboardOwner(); """ + ctx = ctx or {} hnd = 0 desk = self.sessman.get_current_desktop() @@ -1447,19 +1539,21 @@ def GetClipboardOwner(self, emu, argv, ctx={}): return hnd @apihook("GetMenuCheckMarkDimensions", argc=0) - def GetMenuCheckMarkDimensions(self, emu, argv, ctx={}): + def GetMenuCheckMarkDimensions(self, emu, argv, ctx: dict[str, str] | None = None): """ LONG GetMenuCheckMarkDimensions(); """ + ctx = ctx or {} # >>> ctypes.windll.user32.GetMenuCheckMarkDimensions() # 983055 return 983055 @apihook("GetOpenClipboardWindow", argc=0) - def GetOpenClipboardWindow(self, emu, argv, ctx={}): + def GetOpenClipboardWindow(self, emu, argv, ctx: dict[str, str] | None = None): """ HWND GetOpenClipboardWindow(); """ + ctx = ctx or {} hnd = 0 desk = self.sessman.get_current_desktop() @@ -1469,10 +1563,11 @@ def GetOpenClipboardWindow(self, emu, argv, ctx={}): return hnd @apihook("GetFocus", argc=0) - def GetFocus(self, emu, argv, ctx={}): + def GetFocus(self, emu, argv, ctx: dict[str, str] | None = None): """ HWND GetFocus(); """ + ctx = ctx or {} hnd = 0 desk = self.sessman.get_current_desktop() @@ -1482,10 +1577,11 @@ def GetFocus(self, emu, argv, ctx={}): return hnd @apihook("GetCursor", argc=0) - def GetCursor(self, emu, argv, ctx={}): + def GetCursor(self, emu, argv, ctx: dict[str, str] | None = None): """ HCURSOR GetCursor(); """ + ctx = ctx or {} hnd = 0 desk = self.sessman.get_current_desktop() @@ -1495,45 +1591,49 @@ def GetCursor(self, emu, argv, ctx={}): return hnd @apihook("GetClipboardSequenceNumber", argc=0) - def GetClipboardSequenceNumber(self, emu, argv, ctx={}): + def GetClipboardSequenceNumber(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD GetClipboardSequenceNumber(); """ + ctx = ctx or {} # >>> ctypes.windll.user32.GetClipboardSequenceNumber() # 295 return 295 @apihook("GetCaretBlinkTime", argc=0) - def GetCaretBlinkTime(self, emu, argv, ctx={}): + def GetCaretBlinkTime(self, emu, argv, ctx: dict[str, str] | None = None): """ UINT GetCaretBlinkTime(); """ + ctx = ctx or {} # >>> ctypes.windll.user32.GetCaretBlinkTime() # 530 return 530 @apihook("GetDoubleClickTime", argc=0) - def GetDoubleClickTime(self, emu, argv, ctx={}): + def GetDoubleClickTime(self, emu, argv, ctx: dict[str, str] | None = None): """ UINT GetDoubleClickTime(); """ + ctx = ctx or {} # >>> ctypes.windll.user32.GetDoubleClickTime() # 500 return 500 @apihook("RegisterClipboardFormatA", argc=1) - def RegisterClipboardFormatA(self, emu, argv, ctx={}): + def RegisterClipboardFormatA(self, emu, argv, ctx: dict[str, str] | None = None): """ UINT RegisterClipboardFormatA( LPCSTR lpszFormat ); """ + ctx = ctx or {} # Return a fake clipboard format ID. # Clipboard format IDs start at 0xC000 for custom formats. return 0xC000 @apihook("SystemParametersInfoA", argc=4) - def SystemParametersInfoA(self, emu, argv, ctx={}): + def SystemParametersInfoA(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL SystemParametersInfoA( UINT uiAction, @@ -1542,6 +1642,7 @@ def SystemParametersInfoA(self, emu, argv, ctx={}): UINT fWinIni ); """ + ctx = ctx or {} uiAction, uiParam, pvParam, fWinIni = argv # Many callers expect pvParam to be filled with something. @@ -1549,18 +1650,19 @@ def SystemParametersInfoA(self, emu, argv, ctx={}): return 1 @apihook("GetKeyboardLayout", argc=1) - def GetKeyboardLayout(self, emu, argv, ctx={}): + def GetKeyboardLayout(self, emu, argv, ctx: dict[str, str] | None = None): """ HKL GetKeyboardLayout( DWORD idThread ); """ + ctx = ctx or {} # Return a fake HKL (keyboard layout handle). # Real HKLs are typically like 0x04090409 (LANG + device id). return 0x04090409 @apihook("EnumDisplayMonitors", argc=4) - def EnumDisplayMonitors(self, emu, argv, ctx={}): + def EnumDisplayMonitors(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL EnumDisplayMonitors( HDC hdc, @@ -1569,6 +1671,7 @@ def EnumDisplayMonitors(self, emu, argv, ctx={}): LPARAM dwData ); """ + ctx = ctx or {} hdc, lprcClip, lpfnEnum, dwData = argv # Most callers expect TRUE to indicate success. @@ -1576,13 +1679,14 @@ def EnumDisplayMonitors(self, emu, argv, ctx={}): return 1 @apihook("OemToCharA", argc=2) - def OemToCharA(self, emu, argv, ctx={}): + def OemToCharA(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL OemToCharA( LPCSTR lpszSrc, LPSTR lpszDst ); """ + ctx = ctx or {} src, dst = argv # If destination buffer exists, copy source bytes into it. @@ -1602,13 +1706,14 @@ def OemToCharA(self, emu, argv, ctx={}): return 1 @apihook("CharPrevW", argc=2) - def CharPrevW(self, emu, argv, ctx={}): + def CharPrevW(self, emu, argv, ctx: dict[str, str] | None = None): """ LPWSTR CharPrevW( LPCWSTR lpszStart, LPCWSTR lpszCurrent ); """ + ctx = ctx or {} start, current = argv # If current > start, return current - 2 (one WCHAR back) diff --git a/speakeasy/winenv/api/usermode/winhttp.py b/speakeasy/winenv/api/usermode/winhttp.py index 68f3b8b7..578bf541 100644 --- a/speakeasy/winenv/api/usermode/winhttp.py +++ b/speakeasy/winenv/api/usermode/winhttp.py @@ -39,7 +39,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("WinHttpOpen", argc=5, conv=_arch.CALL_CONV_STDCALL) - def WinHttpOpen(self, emu, argv, ctx={}): + def WinHttpOpen(self, emu, argv, ctx: dict[str, str] | None = None): """ WINHTTPAPI HINTERNET WinHttpOpen( LPCWSTR pszAgentW, @@ -49,6 +49,7 @@ def WinHttpOpen(self, emu, argv, ctx={}): DWORD dwFlags ); """ + ctx = ctx or {} ua, access, proxy, bypass, flags = argv @@ -67,7 +68,7 @@ def WinHttpOpen(self, emu, argv, ctx={}): return hnd @apihook("WinHttpConnect", argc=4, conv=_arch.CALL_CONV_STDCALL) - def WinHttpConnect(self, emu, argv, ctx={}): + def WinHttpConnect(self, emu, argv, ctx: dict[str, str] | None = None): """ WINHTTPAPI HINTERNET WinHttpConnect( IN HINTERNET hSession, @@ -76,6 +77,7 @@ def WinHttpConnect(self, emu, argv, ctx={}): IN DWORD dwReserved ); """ + ctx = ctx or {} hnd, server, port, reserve = argv if server: @@ -92,7 +94,7 @@ def WinHttpConnect(self, emu, argv, ctx={}): return hdl @apihook("WinHttpOpenRequest", argc=7, conv=_arch.CALL_CONV_STDCALL) - def WinHttpOpenRequest(self, emu, argv, ctx={}): + def WinHttpOpenRequest(self, emu, argv, ctx: dict[str, str] | None = None): """ WINHTTPAPI HINTERNET WinHttpOpenRequest( IN HINTERNET hConnect, @@ -104,6 +106,7 @@ def WinHttpOpenRequest(self, emu, argv, ctx={}): IN DWORD dwFlags ); """ + ctx = ctx or {} hnd, verb, objname, ver, ref, accepts, flags = argv if verb: @@ -132,12 +135,13 @@ def WinHttpOpenRequest(self, emu, argv, ctx={}): return hdl @apihook("WinHttpGetIEProxyConfigForCurrentUser", argc=1, conv=_arch.CALL_CONV_STDCALL) - def WinHttpGetIEProxyConfigForCurrentUser(self, emu, argv, ctx={}): + def WinHttpGetIEProxyConfigForCurrentUser(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI WinHttpGetIEProxyConfigForCurrentUser( IN OUT WINHTTP_CURRENT_USER_IE_PROXY_CONFIG *pProxyConfig ); """ + ctx = ctx or {} (proxy_config,) = argv @@ -147,7 +151,7 @@ def WinHttpGetIEProxyConfigForCurrentUser(self, emu, argv, ctx={}): return True @apihook("WinHttpGetProxyForUrl", argc=4, conv=_arch.CALL_CONV_STDCALL) - def WinHttpGetProxyForUrl(self, emu, argv, ctx={}): + def WinHttpGetProxyForUrl(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI WinHttpGetProxyForUrl( IN HINTERNET hSession, @@ -156,6 +160,7 @@ def WinHttpGetProxyForUrl(self, emu, argv, ctx={}): OUT WINHTTP_PROXY_INFO *pProxyInfo ); """ + ctx = ctx or {} hnd, url, proxopts, proxinfo = argv @@ -166,7 +171,7 @@ def WinHttpGetProxyForUrl(self, emu, argv, ctx={}): return True @apihook("WinHttpSetOption", argc=4, conv=_arch.CALL_CONV_STDCALL) - def WinHttpSetOption(self, emu, argv, ctx={}): + def WinHttpSetOption(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI WinHttpSendRequest( IN HINTERNET hRequest, @@ -178,12 +183,13 @@ def WinHttpSetOption(self, emu, argv, ctx={}): IN DWORD_PTR dwContext ); """ + ctx = ctx or {} hnd, option, buff, buflen = argv return True @apihook("WinHttpSendRequest", argc=7, conv=_arch.CALL_CONV_STDCALL) - def WinHttpSendRequest(self, emu, argv, ctx={}): + def WinHttpSendRequest(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI WinHttpSendRequest( IN HINTERNET hRequest, @@ -195,6 +201,7 @@ def WinHttpSendRequest(self, emu, argv, ctx={}): IN DWORD_PTR dwContext ); """ + ctx = ctx or {} hnd, headers, hdrlen, lpOptional, dwOptionalLength, totlen, context = argv body = b"" @@ -220,19 +227,20 @@ def WinHttpSendRequest(self, emu, argv, ctx={}): return rv @apihook("WinHttpReceiveResponse", argc=2, conv=_arch.CALL_CONV_STDCALL) - def WinHttpReceiveResponse(self, emu, argv, ctx={}): + def WinHttpReceiveResponse(self, emu, argv, ctx: dict[str, str] | None = None): """ WINHTTPAPI BOOL WinHttpReceiveResponse( IN HINTERNET hRequest, IN LPVOID lpReserved ); """ + ctx = ctx or {} hnd, lpReserved = argv return True @apihook("WinHttpReadData", argc=4, conv=_arch.CALL_CONV_STDCALL) - def WinHttpReadData(self, emu, argv, ctx={}): + def WinHttpReadData(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI WinHttpReadData( IN HINTERNET hRequest, @@ -241,6 +249,7 @@ def WinHttpReadData(self, emu, argv, ctx={}): OUT LPDWORD lpdwNumberOfBytesRead ); """ + ctx = ctx or {} hnd, buf, size, bytes_read = argv rv = 1 @@ -258,7 +267,7 @@ def WinHttpReadData(self, emu, argv, ctx={}): return rv @apihook("WinHttpCrackUrl", argc=4, conv=_arch.CALL_CONV_STDCALL) - def WinHttpCrackUrl(self, emu, argv, ctx={}): + def WinHttpCrackUrl(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI WinHttpCrackUrl( LPCWSTR pwszUrl, @@ -267,6 +276,7 @@ def WinHttpCrackUrl(self, emu, argv, ctx={}): LPURL_COMPONENTS lpUrlComponents ); """ + ctx = ctx or {} pwszUrl, dwUrlLength, dwFlags, lpUrlComponents = argv cw = 2 # Wide rv = False @@ -301,7 +311,7 @@ def WinHttpCrackUrl(self, emu, argv, ctx={}): return rv @apihook("WinHttpAddRequestHeaders", argc=4, conv=_arch.CALL_CONV_STDCALL) - def WinHttpAddRequestHeaders(self, emu, argv, ctx={}): + def WinHttpAddRequestHeaders(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI WinHttpAddRequestHeaders( HINTERNET hRequest, @@ -310,6 +320,7 @@ def WinHttpAddRequestHeaders(self, emu, argv, ctx={}): DWORD dwModifiers ); """ + ctx = ctx or {} hnd, headers, dwHeaderlen, dwModfier = argv headers = self.read_wide_string(headers, dwHeaderlen) @@ -321,7 +332,7 @@ def WinHttpAddRequestHeaders(self, emu, argv, ctx={}): return rv @apihook("WinHttpQueryHeaders", argc=6, conv=_arch.CALL_CONV_STDCALL) - def WinHttpQueryHeaders(self, emu, argv, ctx={}): + def WinHttpQueryHeaders(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI WinHttpQueryHeaders( HINTERNET hRequest, @@ -332,6 +343,7 @@ def WinHttpQueryHeaders(self, emu, argv, ctx={}): LPDWORD lpdwIndex ); """ + ctx = ctx or {} hnd, dwInfoLevel, name, buffer, bufferLen, index = argv header_query = windefs.get_header_query(dwInfoLevel) @@ -354,12 +366,13 @@ def WinHttpQueryHeaders(self, emu, argv, ctx={}): return rv @apihook("WinHttpCloseHandle", argc=1, conv=_arch.CALL_CONV_STDCALL) - def WinHttpCloseHandle(self, emu, argv, ctx={}): + def WinHttpCloseHandle(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI WinHttpCloseHandle( HINTERNET hInternet ); """ + ctx = ctx or {} rv = 1 return rv diff --git a/speakeasy/winenv/api/usermode/wininet.py b/speakeasy/winenv/api/usermode/wininet.py index aa93bd22..88791ff9 100644 --- a/speakeasy/winenv/api/usermode/wininet.py +++ b/speakeasy/winenv/api/usermode/wininet.py @@ -39,7 +39,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("InternetOpen", argc=5, conv=_arch.CALL_CONV_STDCALL) - def InternetOpen(self, emu, argv, ctx={}): + def InternetOpen(self, emu, argv, ctx: dict[str, str] | None = None): """ void InternetOpenA( LPTSTR lpszAgent, @@ -49,6 +49,7 @@ def InternetOpen(self, emu, argv, ctx={}): DWORD dwFlags ); """ + ctx = ctx or {} ua, access, proxy, bypass, flags = argv cw = self.get_char_width(ctx) @@ -67,7 +68,7 @@ def InternetOpen(self, emu, argv, ctx={}): return hnd @apihook("InternetConnect", argc=8, conv=_arch.CALL_CONV_STDCALL) - def InternetConnect(self, emu, argv, ctx={}): + def InternetConnect(self, emu, argv, ctx: dict[str, str] | None = None): """ void InternetConnect( HINTERNET hInternet, @@ -80,6 +81,7 @@ def InternetConnect(self, emu, argv, ctx={}): DWORD_PTR dwContext ); """ + ctx = ctx or {} hnd, server, port, user, password, service, flags, dwctx = argv cw = self.get_char_width(ctx) @@ -103,7 +105,7 @@ def InternetConnect(self, emu, argv, ctx={}): return hdl @apihook("HttpOpenRequest", argc=8, conv=_arch.CALL_CONV_STDCALL) - def HttpOpenRequest(self, emu, argv, ctx={}): + def HttpOpenRequest(self, emu, argv, ctx: dict[str, str] | None = None): """ void HttpOpenRequest( HINTERNET hConnect, @@ -116,6 +118,7 @@ def HttpOpenRequest(self, emu, argv, ctx={}): DWORD_PTR dwContext ); """ + ctx = ctx or {} hnd, verb, objname, ver, ref, accepts, flags, dwctx = argv cw = self.get_char_width(ctx) @@ -141,7 +144,7 @@ def HttpOpenRequest(self, emu, argv, ctx={}): return hdl @apihook("InternetCrackUrl", argc=4, conv=_arch.CALL_CONV_STDCALL) - def InternetCrackUrl(self, emu, argv, ctx={}): + def InternetCrackUrl(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI InternetCrackUrl( LPCSTR lpszUrl, @@ -150,6 +153,7 @@ def InternetCrackUrl(self, emu, argv, ctx={}): LPURL_COMPONENTSA lpUrlComponents ); """ + ctx = ctx or {} lpszUrl, dwUrlLength, dwFlags, lpUrlComponents = argv rv = False @@ -184,7 +188,7 @@ def InternetCrackUrl(self, emu, argv, ctx={}): return rv @apihook("InternetSetOption", argc=4, conv=_arch.CALL_CONV_STDCALL) - def InternetSetOption(self, emu, argv, ctx={}): + def InternetSetOption(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI InternetSetOption( HINTERNET hInternet, @@ -193,6 +197,7 @@ def InternetSetOption(self, emu, argv, ctx={}): DWORD dwBufferLength ); """ + ctx = ctx or {} hnd, option, buf, length = argv rv = 1 @@ -200,13 +205,14 @@ def InternetSetOption(self, emu, argv, ctx={}): return rv @apihook("InternetGetConnectedState", argc=2, conv=_arch.CALL_CONV_STDCALL) - def InternetGetConnectedState(self, emu, argv, ctx={}): + def InternetGetConnectedState(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI InternetGetConnectedState( LPDWORD lpdwFlags, DWORD dwReserved ); """ + ctx = ctx or {} lpdwFlags, dwReserved = argv rv = True @@ -219,7 +225,7 @@ def InternetGetConnectedState(self, emu, argv, ctx={}): return rv @apihook("HttpSendRequest", argc=5, conv=_arch.CALL_CONV_STDCALL) - def HttpSendRequest(self, emu, argv, ctx={}): + def HttpSendRequest(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI HttpSendRequest( HINTERNET hRequest, @@ -229,6 +235,7 @@ def HttpSendRequest(self, emu, argv, ctx={}): DWORD dwOptionalLength ); """ + ctx = ctx or {} hnd, headers, hdrlen, lpOptional, dwOptionalLength = argv body = b"" @@ -255,7 +262,7 @@ def HttpSendRequest(self, emu, argv, ctx={}): return rv @apihook("InternetErrorDlg", argc=5, conv=_arch.CALL_CONV_STDCALL) - def InternetErrorDlg(self, emu, argv, ctx={}): + def InternetErrorDlg(self, emu, argv, ctx: dict[str, str] | None = None): """ void InternetErrorDlg( HWND hWnd, @@ -265,12 +272,13 @@ def InternetErrorDlg(self, emu, argv, ctx={}): LPVOID *lppvData ); """ + ctx = ctx or {} hWnd, req, error, flags, data = argv return @apihook("InternetQueryOption", argc=4) - def InternetQueryOption(self, emu, argv, ctx={}): + def InternetQueryOption(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI InternetQueryOption( HINTERNET hInternet, @@ -279,6 +287,7 @@ def InternetQueryOption(self, emu, argv, ctx={}): LPDWORD lpdwBufferLength ); """ + ctx = ctx or {} hInternet, dwOption, lpBuffer, lpdwBufferLength = argv rv = False opt = windefs.get_option_define(dwOption) @@ -294,7 +303,7 @@ def InternetQueryOption(self, emu, argv, ctx={}): return rv @apihook("InternetReadFile", argc=4, conv=_arch.CALL_CONV_STDCALL) - def InternetReadFile(self, emu, argv, ctx={}): + def InternetReadFile(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI InternetReadFile( HINTERNET hFile, @@ -303,6 +312,7 @@ def InternetReadFile(self, emu, argv, ctx={}): LPDWORD lpdwNumberOfBytesRead ); """ + ctx = ctx or {} hFile, buf, size, bytes_read = argv rv = 1 @@ -320,7 +330,7 @@ def InternetReadFile(self, emu, argv, ctx={}): return rv @apihook("HttpQueryInfo", argc=5) - def HttpQueryInfo(self, emu, argv, ctx={}): + def HttpQueryInfo(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI HttpQueryInfo( HINTERNET hRequest, @@ -330,6 +340,7 @@ def HttpQueryInfo(self, emu, argv, ctx={}): LPDWORD lpdwIndex ); """ + ctx = ctx or {} hRequest, dwInfoLevel, lpBuffer, lpdwBufferLength, lpdwIndex = argv cw = self.get_char_width(ctx) @@ -355,7 +366,7 @@ def HttpQueryInfo(self, emu, argv, ctx={}): return rv @apihook("InternetQueryDataAvailable", argc=4) - def InternetQueryDataAvailable(self, emu, argv, ctx={}): + def InternetQueryDataAvailable(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI InternetQueryDataAvailable( HINTERNET hFile, @@ -364,6 +375,7 @@ def InternetQueryDataAvailable(self, emu, argv, ctx={}): DWORD_PTR dwContext ); """ + ctx = ctx or {} hFile, lpdwNumberOfBytesAvailable, dwFlags, dwContext = argv rv = False @@ -377,12 +389,13 @@ def InternetQueryDataAvailable(self, emu, argv, ctx={}): return rv @apihook("InternetCloseHandle", argc=1) - def InternetCloseHandle(self, emu, argv, ctx={}): + def InternetCloseHandle(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOLAPI InternetCloseHandle( HINTERNET hInternet ); """ + ctx = ctx or {} (hInternet,) = argv rv = True @@ -391,7 +404,7 @@ def InternetCloseHandle(self, emu, argv, ctx={}): return rv @apihook("InternetOpenUrl", argc=6) - def InternetOpenUrl(self, emu, argv, ctx={}): + def InternetOpenUrl(self, emu, argv, ctx: dict[str, str] | None = None): """ void InternetOpenUrlA( HINTERNET hInternet, @@ -402,6 +415,7 @@ def InternetOpenUrl(self, emu, argv, ctx={}): DWORD_PTR dwContext ); """ + ctx = ctx or {} hInternet, lpszUrl, lpszHeaders, dwHeadersLength, dwFlags, dwContext = argv cw = self.get_char_width(ctx) if lpszUrl: diff --git a/speakeasy/winenv/api/usermode/winmm.py b/speakeasy/winenv/api/usermode/winmm.py index ff7a0896..99e0b7de 100644 --- a/speakeasy/winenv/api/usermode/winmm.py +++ b/speakeasy/winenv/api/usermode/winmm.py @@ -18,8 +18,9 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("timeGetTime", argc=0) - def timeGetTime(self, emu, argv, ctx={}): + def timeGetTime(self, emu, argv, ctx: dict[str, str] | None = None): """ DWORD timeGetTime(); // return the system time, in milliseconds """ + ctx = ctx or {} return int(time.monotonic() * 1000) & 0xFFFFFFFF diff --git a/speakeasy/winenv/api/usermode/wkscli.py b/speakeasy/winenv/api/usermode/wkscli.py index 627b48ea..75f8ba33 100644 --- a/speakeasy/winenv/api/usermode/wkscli.py +++ b/speakeasy/winenv/api/usermode/wkscli.py @@ -19,7 +19,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("NetGetJoinInformation", argc=3) - def NetGetJoinInformation(self, emu, argv, ctx={}): + def NetGetJoinInformation(self, emu, argv, ctx: dict[str, str] | None = None): """ NET_API_STATUS NET_API_FUNCTION NetGetJoinInformation( LPCWSTR lpServer, @@ -27,6 +27,7 @@ def NetGetJoinInformation(self, emu, argv, ctx={}): PNETSETUP_JOIN_STATUS BufferType ); """ + ctx = ctx or {} lpServer, lpNameBuffer, BufferType = argv if lpServer: diff --git a/speakeasy/winenv/api/usermode/ws2_32.py b/speakeasy/winenv/api/usermode/ws2_32.py index 96221434..8c6a4375 100644 --- a/speakeasy/winenv/api/usermode/ws2_32.py +++ b/speakeasy/winenv/api/usermode/ws2_32.py @@ -40,13 +40,14 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("WSAStartup", argc=2, conv=_arch.CALL_CONV_STDCALL, ordinal=115) - def WSAStartup(self, emu, argv, ctx={}): + def WSAStartup(self, emu, argv, ctx: dict[str, str] | None = None): """ int WSAStartup( WORD wVersionRequired, LPWSADATA lpWSAData ); """ + ctx = ctx or {} ver, lpWSAData = argv wsa = self.wstypes.WSAData(emu.get_ptr_size()) @@ -63,15 +64,16 @@ def WSAStartup(self, emu, argv, ctx={}): return rv @apihook("WSACleanup", argc=0, ordinal=116) - def WSACleanup(self, emu, argv, ctx={}): + def WSACleanup(self, emu, argv, ctx: dict[str, str] | None = None): """ int WSACleanup(); """ + ctx = ctx or {} return 0 @apihook("WSASocket", argc=6) - def WSASocket(self, emu, argv, ctx={}): + def WSASocket(self, emu, argv, ctx: dict[str, str] | None = None): """ SOCKET WSAAPI WSASocket( int af, @@ -82,6 +84,7 @@ def WSASocket(self, emu, argv, ctx={}): DWORD dwFlags ); """ + ctx = ctx or {} af, typ, protocol, lpProtocolInfo, g, dwFlags = argv fam_str = winsock.get_addr_family(af) @@ -97,7 +100,7 @@ def WSASocket(self, emu, argv, ctx={}): return fd @apihook("WSAIoctl", argc=9, conv=_arch.CALL_CONV_STDCALL) - def WSAIoctl(self, emu, argv, ctx={}): + def WSAIoctl(self, emu, argv, ctx: dict[str, str] | None = None): """ int WSAAPI WSAIoctl( SOCKET s, @@ -111,13 +114,14 @@ def WSAIoctl(self, emu, argv, ctx={}): LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine ); """ + ctx = ctx or {} # TODO: Add actual function logic. However, for now, returning 0 (success) should cover most use cases. return windefs.ERROR_SUCCESS @apihook("WSAConnect", argc=7, conv=_arch.CALL_CONV_STDCALL) - def WSAConnect(self, emu, argv, ctx={}): + def WSAConnect(self, emu, argv, ctx: dict[str, str] | None = None): """ int WSAAPI WSAConnect( SOCKET s, @@ -129,13 +133,14 @@ def WSAConnect(self, emu, argv, ctx={}): LPQOS lpGQOS ); """ + ctx = ctx or {} # TODO: Add actual function logic. However, for now, just call connect() return self.connect(emu, argv[:3], ctx) @apihook("socket", argc=3, conv=_arch.CALL_CONV_STDCALL, ordinal=23) - def socket(self, emu, argv, ctx={}): + def socket(self, emu, argv, ctx: dict[str, str] | None = None): """ SOCKET WSAAPI socket( int af, @@ -143,6 +148,7 @@ def socket(self, emu, argv, ctx={}): int protocol ); """ + ctx = ctx or {} af, typ, protocol = argv fam_str = winsock.get_addr_family(af) @@ -158,12 +164,13 @@ def socket(self, emu, argv, ctx={}): return fd @apihook("inet_addr", argc=1, ordinal=11) - def inet_addr(self, emu, argv, ctx={}): + def inet_addr(self, emu, argv, ctx: dict[str, str] | None = None): """ unsigned long inet_addr( _In_ const char *cp ); """ + ctx = ctx or {} (a,) = argv if a: @@ -178,12 +185,13 @@ def inet_addr(self, emu, argv, ctx={}): return rv @apihook("htons", argc=1, conv=_arch.CALL_CONV_STDCALL, ordinal=9) - def htons(self, emu, argv, ctx={}): + def htons(self, emu, argv, ctx: dict[str, str] | None = None): """ u_short htons( u_short hostshort ); """ + ctx = ctx or {} (hostshort,) = argv netshort = htons(hostshort) @@ -191,29 +199,31 @@ def htons(self, emu, argv, ctx={}): return netshort @apihook("ntohs", argc=1, ordinal=15) - def ntohs(self, emu, argv, ctx={}): + def ntohs(self, emu, argv, ctx: dict[str, str] | None = None): """ u_short ntohs( u_short netshort ); """ + ctx = ctx or {} (netshort,) = argv return ntohs(netshort) @apihook("ntohl", argc=1, ordinal=14) - def ntohl(self, emu, argv, ctx={}): + def ntohl(self, emu, argv, ctx: dict[str, str] | None = None): """ u_long ntohl( u_long netlong ); """ + ctx = ctx or {} (netlong,) = argv return ntohl(netlong) @apihook("setsockopt", argc=5, ordinal=21) - def setsockopt(self, emu, argv, ctx={}): + def setsockopt(self, emu, argv, ctx: dict[str, str] | None = None): """ int setsockopt( SOCKET s, @@ -223,6 +233,7 @@ def setsockopt(self, emu, argv, ctx={}): int optlen ); """ + ctx = ctx or {} s, level, optname, optval, optlen = argv rv = 0 @@ -241,25 +252,27 @@ def setsockopt(self, emu, argv, ctx={}): return rv @apihook("WSASetLastError", argc=1, ordinal=112) - def WSASetLastError(self, emu, argv, ctx={}): + def WSASetLastError(self, emu, argv, ctx: dict[str, str] | None = None): """ void WSASetLastError( int iError ); """ + ctx = ctx or {} (iError,) = argv self.last_error = iError return @apihook("gethostname", argc=2, ordinal=57) - def gethostname(self, emu, argv, ctx={}): + def gethostname(self, emu, argv, ctx: dict[str, str] | None = None): """ int gethostname( char *name, int namelen ); """ + ctx = ctx or {} ( name, namelen, @@ -276,10 +289,11 @@ def gethostname(self, emu, argv, ctx={}): return rv @apihook("gethostbyname", argc=1, conv=_arch.CALL_CONV_STDCALL, ordinal=52) - def gethostbyname(self, emu, argv, ctx={}): + def gethostbyname(self, emu, argv, ctx: dict[str, str] | None = None): """ struct hostent * gethostbyname(const char FAR * name); """ + ctx = ctx or {} (name,) = argv name = self.read_mem_string(name, 1) @@ -318,7 +332,7 @@ def gethostbyname(self, emu, argv, ctx={}): return ptr_hostent @apihook("connect", argc=3, conv=_arch.CALL_CONV_STDCALL, ordinal=4) - def connect(self, emu, argv, ctx={}): + def connect(self, emu, argv, ctx: dict[str, str] | None = None): """ int WSAAPI connect( SOCKET s, @@ -326,6 +340,7 @@ def connect(self, emu, argv, ctx={}): int namelen ); """ + ctx = ctx or {} s, pname, namelen = argv @@ -358,7 +373,7 @@ def connect(self, emu, argv, ctx={}): return rv @apihook("bind", argc=3, ordinal=2) - def bind(self, emu, argv, ctx={}): + def bind(self, emu, argv, ctx: dict[str, str] | None = None): """ int bind( SOCKET s, @@ -366,6 +381,7 @@ def bind(self, emu, argv, ctx={}): int namelen ); """ + ctx = ctx or {} s, pname, namelen = argv rv = windefs.ERROR_SUCCESS @@ -392,20 +408,21 @@ def bind(self, emu, argv, ctx={}): return rv @apihook("listen", argc=2, ordinal=13) - def listen(self, emu, argv, ctx={}): + def listen(self, emu, argv, ctx: dict[str, str] | None = None): """ int WSAAPI listen( SOCKET s, int backlog ); """ + ctx = ctx or {} s, backlog = argv rv = windefs.ERROR_SUCCESS return rv @apihook("select", argc=5, ordinal=18) - def select(self, emu, argv, ctx={}): + def select(self, emu, argv, ctx: dict[str, str] | None = None): """ int WSAAPI select( int nfds, @@ -415,6 +432,7 @@ def select(self, emu, argv, ctx={}): const timeval *timeout ); """ + ctx = ctx or {} nfds, readfds, writefds, exceptfds, timeout = argv fd_count = 0 @@ -436,7 +454,7 @@ def select(self, emu, argv, ctx={}): return fd_count @apihook("accept", argc=3, ordinal=1) - def accept(self, emu, argv, ctx={}): + def accept(self, emu, argv, ctx: dict[str, str] | None = None): """ SOCKET WSAAPI accept( SOCKET s, @@ -444,6 +462,7 @@ def accept(self, emu, argv, ctx={}): int *addrlen ); """ + ctx = ctx or {} s, addr, addrlen = argv socket = self.netman.get_socket(s) @@ -479,10 +498,11 @@ def accept(self, emu, argv, ctx={}): return new_sock.fd @apihook("inet_ntoa", argc=1, ordinal=12) - def inet_ntoa(self, emu, argv, ctx={}): + def inet_ntoa(self, emu, argv, ctx: dict[str, str] | None = None): """ char FAR* inet_ntoa(struct in_addr in); """ + ctx = ctx or {} (in_addr,) = argv raddr = inet_ntoa(in_addr.to_bytes(4, "little")) @@ -494,7 +514,7 @@ def inet_ntoa(self, emu, argv, ctx={}): return buf @apihook("inet_ntop", argc=4, ordinal=180) - def inet_ntop(self, emu, argv, ctx={}): + def inet_ntop(self, emu, argv, ctx: dict[str, str] | None = None): """ PCSTR WSAAPI inet_ntop( [in] INT Family, @@ -503,6 +523,7 @@ def inet_ntop(self, emu, argv, ctx={}): [in] size_t StringBufSize ); """ + ctx = ctx or {} family, pAddr, pStringBuf, StringBufSize = argv fam_str = winsock.get_addr_family(family) @@ -523,7 +544,7 @@ def inet_ntop(self, emu, argv, ctx={}): return 0 @apihook("inet_pton", argc=3, ordinal=181) - def inet_pton(self, emu, argv, ctx={}): + def inet_pton(self, emu, argv, ctx: dict[str, str] | None = None): """ INT WSAAPI inet_pton( [in] INT Family, @@ -531,6 +552,7 @@ def inet_pton(self, emu, argv, ctx={}): [out] PVOID pAddrBuf ); """ + ctx = ctx or {} family, pszAddrString, pAddrBuf = argv @@ -552,36 +574,39 @@ def inet_pton(self, emu, argv, ctx={}): return 0 @apihook("htonl", argc=1, ordinal=8) - def htonl(self, emu, argv, ctx={}): + def htonl(self, emu, argv, ctx: dict[str, str] | None = None): """ uint32_t htonl(uint32_t hostlong); """ + ctx = ctx or {} (hostlong,) = argv return htonl(hostlong) @apihook("__WSAFDIsSet", argc=2, ordinal=151) - def __WSAFDIsSet(self, emu, argv, ctx={}): + def __WSAFDIsSet(self, emu, argv, ctx: dict[str, str] | None = None): """ int __WSAFDIsSet( SOCKET , fd_set * ); """ + ctx = ctx or {} sock, fd_set = argv return 1 @apihook("shutdown", argc=2, ordinal=22) - def shutdown(self, emu, argv, ctx={}): + def shutdown(self, emu, argv, ctx: dict[str, str] | None = None): """ int shutdown( SOCKET s, int how ); """ + ctx = ctx or {} return 0 @apihook("recv", argc=4, ordinal=16) - def recv(self, emu, argv, ctx={}): + def recv(self, emu, argv, ctx: dict[str, str] | None = None): """ int recv( SOCKET s, @@ -590,6 +615,7 @@ def recv(self, emu, argv, ctx={}): int flags ); """ + ctx = ctx or {} s, buf, blen, flags = argv rv = 0 @@ -617,7 +643,7 @@ def recv(self, emu, argv, ctx={}): return rv @apihook("send", argc=4, ordinal=19) - def send(self, emu, argv, ctx={}): + def send(self, emu, argv, ctx: dict[str, str] | None = None): """ int WSAAPI send( SOCKET s, @@ -626,6 +652,7 @@ def send(self, emu, argv, ctx={}): int flags ); """ + ctx = ctx or {} s, buf, blen, flags = argv data = b"" @@ -648,12 +675,13 @@ def send(self, emu, argv, ctx={}): return len(data) @apihook("closesocket", argc=1, ordinal=3) - def closesocket(self, emu, argv, ctx={}): + def closesocket(self, emu, argv, ctx: dict[str, str] | None = None): """ int closesocket( IN SOCKET s ); """ + ctx = ctx or {} (s,) = argv rv = 0 @@ -668,7 +696,7 @@ def closesocket(self, emu, argv, ctx={}): return rv @apihook("ioctlsocket", argc=3, ordinal=10) - def ioctlsocket(self, emu, argv, ctx={}): + def ioctlsocket(self, emu, argv, ctx: dict[str, str] | None = None): """ int ioctlsocket( SOCKET s, @@ -676,6 +704,7 @@ def ioctlsocket(self, emu, argv, ctx={}): u_long *argp ); """ + ctx = ctx or {} s, cmd, argp = argv rv = winsock.WSAENOTSOCK @@ -686,7 +715,7 @@ def ioctlsocket(self, emu, argv, ctx={}): return rv @apihook("getaddrinfo", argc=4, ordinal=178) - def getaddrinfo(self, emu, argv, ctx={}): + def getaddrinfo(self, emu, argv, ctx: dict[str, str] | None = None): """ INT WSAAPI getaddrinfo( PCSTR pNodeName, @@ -695,6 +724,7 @@ def getaddrinfo(self, emu, argv, ctx={}): PADDRINFOA *ppResult ); """ + ctx = ctx or {} pNodeName, pServiceName, pHints, ppResult = argv rv = 0 @@ -754,18 +784,19 @@ def getaddrinfo(self, emu, argv, ctx={}): return rv @apihook("freeaddrinfo", argc=1, ordinal=177) - def freeaddrinfo(self, emu, argv, ctx={}): + def freeaddrinfo(self, emu, argv, ctx: dict[str, str] | None = None): """ VOID WSAAPI freeaddrinfo( PADDRINFOA pAddrInfo ); """ + ctx = ctx or {} self.mem_free(argv[0]) return @apihook("getsockopt", argc=5, ordinal=7) - def getsockopt(self, emu, argv, ctx={}): + def getsockopt(self, emu, argv, ctx: dict[str, str] | None = None): """ int getsockopt( SOCKET s, @@ -775,6 +806,7 @@ def getsockopt(self, emu, argv, ctx={}): int *optlen ); """ + ctx = ctx or {} s, level, optname, optval, optlen = argv rv = 0 diff --git a/speakeasy/winenv/api/usermode/wtsapi32.py b/speakeasy/winenv/api/usermode/wtsapi32.py index 3d1e16dd..2ab2d6c3 100644 --- a/speakeasy/winenv/api/usermode/wtsapi32.py +++ b/speakeasy/winenv/api/usermode/wtsapi32.py @@ -29,7 +29,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("WTSEnumerateSessions", argc=5, conv=_arch.CALL_CONV_STDCALL) - def WTSEnumerateSessions(self, emu, argv, ctx={}): + def WTSEnumerateSessions(self, emu, argv, ctx: dict[str, str] | None = None): """ BOOL WTSEnumerateSessions( IN HANDLE hServer, @@ -39,6 +39,7 @@ def WTSEnumerateSessions(self, emu, argv, ctx={}): DWORD *pCount ); """ + ctx = ctx or {} hServer, res, ver, ppSessionInfo, pCount = argv rv = 0 @@ -78,12 +79,13 @@ def WTSEnumerateSessions(self, emu, argv, ctx={}): return rv @apihook("WTSFreeMemory", argc=1, conv=_arch.CALL_CONV_STDCALL) - def WTSFreeMemory(self, emu, argv, ctx={}): + def WTSFreeMemory(self, emu, argv, ctx: dict[str, str] | None = None): """ void WTSFreeMemory( IN PVOID pMemory ); """ + ctx = ctx or {} (pMemory,) = argv rv = 1 From f7ddf7a6524d6ca3ffa41b0568d321ec4b513704 Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Tue, 10 Mar 2026 13:08:40 +0100 Subject: [PATCH 4/6] Introduce ApiContext type alias to reduce annotation noise Define ApiContext = dict[str, str] | None in api.py and reference it as api.ApiContext in all 1016 handler signatures, replacing the verbose inline dict[str, str] | None annotation. --- speakeasy/winenv/api/api.py | 2 + speakeasy/winenv/api/kernelmode/fwpkclnt.py | 24 +- speakeasy/winenv/api/kernelmode/hal.py | 6 +- speakeasy/winenv/api/kernelmode/ndis.py | 32 +- speakeasy/winenv/api/kernelmode/netio.py | 36 +- speakeasy/winenv/api/kernelmode/ntoskrnl.py | 308 +++++----- speakeasy/winenv/api/kernelmode/usbd.py | 2 +- speakeasy/winenv/api/kernelmode/wdfldr.py | 60 +- speakeasy/winenv/api/usermode/advapi32.py | 120 ++-- speakeasy/winenv/api/usermode/advpack.py | 2 +- speakeasy/winenv/api/usermode/bcrypt.py | 10 +- speakeasy/winenv/api/usermode/com_api.py | 10 +- speakeasy/winenv/api/usermode/comctl32.py | 4 +- speakeasy/winenv/api/usermode/crypt32.py | 2 +- speakeasy/winenv/api/usermode/dnsapi.py | 2 +- speakeasy/winenv/api/usermode/gdi32.py | 44 +- speakeasy/winenv/api/usermode/iphlpapi.py | 2 +- speakeasy/winenv/api/usermode/kernel32.py | 608 ++++++++++---------- speakeasy/winenv/api/usermode/lz32.py | 2 +- speakeasy/winenv/api/usermode/mpr.py | 8 +- speakeasy/winenv/api/usermode/mscoree.py | 2 +- speakeasy/winenv/api/usermode/msi32.py | 2 +- speakeasy/winenv/api/usermode/msimg32.py | 2 +- speakeasy/winenv/api/usermode/msvcrt.py | 252 ++++---- speakeasy/winenv/api/usermode/msvfw32.py | 6 +- speakeasy/winenv/api/usermode/ncrypt.py | 8 +- speakeasy/winenv/api/usermode/netapi32.py | 6 +- speakeasy/winenv/api/usermode/netutils.py | 2 +- speakeasy/winenv/api/usermode/ntdll.py | 36 +- speakeasy/winenv/api/usermode/ole32.py | 18 +- speakeasy/winenv/api/usermode/oleaut32.py | 8 +- speakeasy/winenv/api/usermode/psapi.py | 8 +- speakeasy/winenv/api/usermode/rpcrt4.py | 4 +- speakeasy/winenv/api/usermode/secur32.py | 4 +- speakeasy/winenv/api/usermode/sfc.py | 4 +- speakeasy/winenv/api/usermode/shell32.py | 18 +- speakeasy/winenv/api/usermode/shlwapi.py | 30 +- speakeasy/winenv/api/usermode/urlmon.py | 4 +- speakeasy/winenv/api/usermode/user32.py | 210 +++---- speakeasy/winenv/api/usermode/winhttp.py | 26 +- speakeasy/winenv/api/usermode/wininet.py | 28 +- speakeasy/winenv/api/usermode/winmm.py | 2 +- speakeasy/winenv/api/usermode/wkscli.py | 2 +- speakeasy/winenv/api/usermode/ws2_32.py | 64 +-- speakeasy/winenv/api/usermode/wtsapi32.py | 4 +- 45 files changed, 1018 insertions(+), 1016 deletions(-) diff --git a/speakeasy/winenv/api/api.py b/speakeasy/winenv/api/api.py index b6d9f890..97df758c 100644 --- a/speakeasy/winenv/api/api.py +++ b/speakeasy/winenv/api/api.py @@ -12,6 +12,8 @@ logger = logging.getLogger(__name__) +ApiContext = dict[str, str] | None + class ApiHandler: """ diff --git a/speakeasy/winenv/api/kernelmode/fwpkclnt.py b/speakeasy/winenv/api/kernelmode/fwpkclnt.py index 41bba216..142993a1 100644 --- a/speakeasy/winenv/api/kernelmode/fwpkclnt.py +++ b/speakeasy/winenv/api/kernelmode/fwpkclnt.py @@ -73,7 +73,7 @@ def new_filter(self, name, desc, key): return ret @apihook("FwpmEngineOpen0", argc=5) - def FwpmEngineOpen0(self, emu, argv, ctx: dict[str, str] | None = None): + def FwpmEngineOpen0(self, emu, argv, ctx: api.ApiContext = None): """ DWORD FwpmEngineOpen0( const wchar_t *serverName, @@ -96,7 +96,7 @@ def FwpmEngineOpen0(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("FwpsInjectionHandleCreate0", argc=3) - def FwpsInjectionHandleCreate0(self, emu, argv, ctx: dict[str, str] | None = None): + def FwpsInjectionHandleCreate0(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS FwpsInjectionHandleCreate0( ADDRESS_FAMILY addressFamily, @@ -116,7 +116,7 @@ def FwpsInjectionHandleCreate0(self, emu, argv, ctx: dict[str, str] | None = Non return rv @apihook("FwpmSubLayerAdd0", argc=3) - def FwpmSubLayerAdd0(self, emu, argv, ctx: dict[str, str] | None = None): + def FwpmSubLayerAdd0(self, emu, argv, ctx: api.ApiContext = None): """ DWORD FwpmSubLayerAdd0( HANDLE engineHandle, @@ -159,7 +159,7 @@ def FwpmSubLayerAdd0(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("FwpsCalloutRegister1", argc=3) - def FwpsCalloutRegister1(self, emu, argv, ctx: dict[str, str] | None = None): + def FwpsCalloutRegister1(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS FwpsCalloutRegister1( void *deviceObject, @@ -203,7 +203,7 @@ def FwpsCalloutRegister1(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("FwpmCalloutAdd0", argc=4) - def FwpmCalloutAdd0(self, emu, argv, ctx: dict[str, str] | None = None): + def FwpmCalloutAdd0(self, emu, argv, ctx: api.ApiContext = None): """ DWORD FwpmCalloutAdd0( HANDLE engineHandle, @@ -245,7 +245,7 @@ def FwpmCalloutAdd0(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("FwpmFilterAdd0", argc=4) - def FwpmFilterAdd0(self, emu, argv, ctx: dict[str, str] | None = None): + def FwpmFilterAdd0(self, emu, argv, ctx: api.ApiContext = None): """ DWORD FwpmFilterAdd0( HANDLE engineHandle, @@ -286,7 +286,7 @@ def FwpmFilterAdd0(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("FwpmFilterDeleteById0", argc=2) - def FwpmFilterDeleteById0(self, emu, argv, ctx: dict[str, str] | None = None): + def FwpmFilterDeleteById0(self, emu, argv, ctx: api.ApiContext = None): """ DWORD FwpmFilterDeleteById0( HANDLE engineHandle, @@ -301,7 +301,7 @@ def FwpmFilterDeleteById0(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("FwpmCalloutDeleteById0", argc=2) - def FwpmCalloutDeleteById0(self, emu, argv, ctx: dict[str, str] | None = None): + def FwpmCalloutDeleteById0(self, emu, argv, ctx: api.ApiContext = None): """ DWORD FwpmCalloutDeleteById0( HANDLE engineHandle, @@ -318,7 +318,7 @@ def FwpmCalloutDeleteById0(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("FwpsCalloutUnregisterById0", argc=1) - def FwpsCalloutUnregisterById0(self, emu, argv, ctx: dict[str, str] | None = None): + def FwpsCalloutUnregisterById0(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS FwpsCalloutUnregisterById0( const UINT32 calloutId @@ -334,7 +334,7 @@ def FwpsCalloutUnregisterById0(self, emu, argv, ctx: dict[str, str] | None = Non return rv @apihook("FwpmSubLayerDeleteByKey0", argc=2) - def FwpmSubLayerDeleteByKey0(self, emu, argv, ctx: dict[str, str] | None = None): + def FwpmSubLayerDeleteByKey0(self, emu, argv, ctx: api.ApiContext = None): """ DWORD FwpmSubLayerDeleteByKey0( HANDLE engineHandle, @@ -355,7 +355,7 @@ def FwpmSubLayerDeleteByKey0(self, emu, argv, ctx: dict[str, str] | None = None) return rv @apihook("FwpmEngineClose0", argc=1) - def FwpmEngineClose0(self, emu, argv, ctx: dict[str, str] | None = None): + def FwpmEngineClose0(self, emu, argv, ctx: api.ApiContext = None): """ DWORD FwpmEngineClose0( HANDLE engineHandle @@ -368,7 +368,7 @@ def FwpmEngineClose0(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("FwpsInjectionHandleDestroy0", argc=1) - def FwpsInjectionHandleDestroy0(self, emu, argv, ctx: dict[str, str] | None = None): + def FwpsInjectionHandleDestroy0(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS FwpsInjectionHandleDestroy0( HANDLE injectionHandle diff --git a/speakeasy/winenv/api/kernelmode/hal.py b/speakeasy/winenv/api/kernelmode/hal.py index 96aa35b8..2a9a1c0b 100644 --- a/speakeasy/winenv/api/kernelmode/hal.py +++ b/speakeasy/winenv/api/kernelmode/hal.py @@ -28,7 +28,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("KeGetCurrentIrql", argc=0) - def KeGetCurrentIrql(self, emu, argv, ctx: dict[str, str] | None = None): + def KeGetCurrentIrql(self, emu, argv, ctx: api.ApiContext = None): """ NTHALAPI KIRQL KeGetCurrentIrql(); """ @@ -37,7 +37,7 @@ def KeGetCurrentIrql(self, emu, argv, ctx: dict[str, str] | None = None): return irql @apihook("ExAcquireFastMutex", argc=1, conv=_arch.CALL_CONV_FASTCALL) - def ExAcquireFastMutex(self, emu, argv, ctx: dict[str, str] | None = None): + def ExAcquireFastMutex(self, emu, argv, ctx: api.ApiContext = None): """ VOID ExAcquireFastMutex( _Inout_ PFAST_MUTEX FastMutex @@ -47,7 +47,7 @@ def ExAcquireFastMutex(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("ExReleaseFastMutex", argc=1, conv=_arch.CALL_CONV_FASTCALL) - def ExReleaseFastMutex(self, emu, argv, ctx: dict[str, str] | None = None): + def ExReleaseFastMutex(self, emu, argv, ctx: api.ApiContext = None): """ VOID ExReleaseFastMutex( _Inout_ PFAST_MUTEX FastMutex diff --git a/speakeasy/winenv/api/kernelmode/ndis.py b/speakeasy/winenv/api/kernelmode/ndis.py index 78bd20b5..d6b0e112 100644 --- a/speakeasy/winenv/api/kernelmode/ndis.py +++ b/speakeasy/winenv/api/kernelmode/ndis.py @@ -53,7 +53,7 @@ def new_id(self): return tmp @apihook("NdisGetVersion", argc=0) - def NdisGetVersion(self, emu, argv, ctx: dict[str, str] | None = None): + def NdisGetVersion(self, emu, argv, ctx: api.ApiContext = None): """ UINT NdisGetVersion(); """ @@ -77,7 +77,7 @@ def NdisGetVersion(self, emu, argv, ctx: dict[str, str] | None = None): return out_ver @apihook("NdisGetRoutineAddress", argc=1) - def NdisGetRoutineAddress(self, emu, argv, ctx: dict[str, str] | None = None): + def NdisGetRoutineAddress(self, emu, argv, ctx: api.ApiContext = None): """ PVOID NdisGetRoutineAddress( PNDIS_STRING NdisRoutineName @@ -92,7 +92,7 @@ def NdisGetRoutineAddress(self, emu, argv, ctx: dict[str, str] | None = None): return addr @apihook("NdisMRegisterMiniportDriver", argc=5) - def NdisMRegisterMiniportDriver(self, emu, argv, ctx: dict[str, str] | None = None): + def NdisMRegisterMiniportDriver(self, emu, argv, ctx: api.ApiContext = None): """ NDIS_STATUS NdisMRegisterMiniportDriver( PDRIVER_OBJECT DriverObject, @@ -113,7 +113,7 @@ def NdisMRegisterMiniportDriver(self, emu, argv, ctx: dict[str, str] | None = No return rv @apihook("NdisInitializeWrapper", argc=4) - def NdisInitializeWrapper(self, emu, argv, ctx: dict[str, str] | None = None): + def NdisInitializeWrapper(self, emu, argv, ctx: api.ApiContext = None): """ VOID NdisInitializeWrapper( PNDIS_HANDLE NdisWrapperHandle, @@ -129,7 +129,7 @@ def NdisInitializeWrapper(self, emu, argv, ctx: dict[str, str] | None = None): self.mem_write(pHandle, hnd.to_bytes(self.get_ptr_size(), "little")) @apihook("NdisTerminateWrapper", argc=2) - def NdisTerminateWrapper(self, emu, argv, ctx: dict[str, str] | None = None): + def NdisTerminateWrapper(self, emu, argv, ctx: api.ApiContext = None): """ VOID NdisTerminateWrapper( _In_ NDIS_HANDLE NdisWrapperHandle, @@ -140,7 +140,7 @@ def NdisTerminateWrapper(self, emu, argv, ctx: dict[str, str] | None = None): hnd, ss = argv @apihook("NdisInitializeReadWriteLock", argc=1) - def NdisInitializeReadWriteLock(self, emu, argv, ctx: dict[str, str] | None = None): + def NdisInitializeReadWriteLock(self, emu, argv, ctx: api.ApiContext = None): """ void NdisInitializeReadWriteLock( PNDIS_RW_LOCK Lock @@ -150,7 +150,7 @@ def NdisInitializeReadWriteLock(self, emu, argv, ctx: dict[str, str] | None = No (lock,) = argv @apihook("NdisMRegisterUnloadHandler", argc=2) - def NdisMRegisterUnloadHandler(self, emu, argv, ctx: dict[str, str] | None = None): + def NdisMRegisterUnloadHandler(self, emu, argv, ctx: api.ApiContext = None): """ VOID NdisMRegisterUnloadHandler( _In_ NDIS_HANDLE NdisWrapperHandle, @@ -161,7 +161,7 @@ def NdisMRegisterUnloadHandler(self, emu, argv, ctx: dict[str, str] | None = Non hnd, unload = argv @apihook("NdisRegisterProtocol", argc=4) - def NdisRegisterProtocol(self, emu, argv, ctx: dict[str, str] | None = None): + def NdisRegisterProtocol(self, emu, argv, ctx: api.ApiContext = None): """ VOID NdisRegisterProtocol( _Out_ PNDIS_STATUS Status, @@ -185,7 +185,7 @@ def NdisRegisterProtocol(self, emu, argv, ctx: dict[str, str] | None = None): self.mem_write(pProtoHandle, hnd.to_bytes(4, "little")) @apihook("NdisIMRegisterLayeredMiniport", argc=4) - def NdisIMRegisterLayeredMiniport(self, emu, argv, ctx: dict[str, str] | None = None): + def NdisIMRegisterLayeredMiniport(self, emu, argv, ctx: api.ApiContext = None): """ NDIS_STATUS NdisIMRegisterLayeredMiniport( _In_ NDIS_HANDLE NdisWrapperHandle, @@ -211,7 +211,7 @@ def NdisIMRegisterLayeredMiniport(self, emu, argv, ctx: dict[str, str] | None = return rv @apihook("NdisIMAssociateMiniport", argc=2) - def NdisIMAssociateMiniport(self, emu, argv, ctx: dict[str, str] | None = None): + def NdisIMAssociateMiniport(self, emu, argv, ctx: api.ApiContext = None): """ void NdisIMAssociateMiniport( NDIS_HANDLE DriverHandle, @@ -222,7 +222,7 @@ def NdisIMAssociateMiniport(self, emu, argv, ctx: dict[str, str] | None = None): drv_hnd, phnd = argv @apihook("NdisAllocateGenericObject", argc=3) - def NdisAllocateGenericObject(self, emu, argv, ctx: dict[str, str] | None = None): + def NdisAllocateGenericObject(self, emu, argv, ctx: api.ApiContext = None): """ PNDIS_GENERIC_OBJECT NdisAllocateGenericObject( PDRIVER_OBJECT DriverObject, @@ -248,7 +248,7 @@ def NdisAllocateGenericObject(self, emu, argv, ctx: dict[str, str] | None = None return ptr @apihook("NdisAllocateMemoryWithTag", argc=3) - def NdisAllocateMemoryWithTag(self, emu, argv, ctx: dict[str, str] | None = None): + def NdisAllocateMemoryWithTag(self, emu, argv, ctx: api.ApiContext = None): """ NDIS_STATUS NdisAllocateMemoryWithTag( _Out_ PVOID *VirtualAddress, @@ -270,7 +270,7 @@ def NdisAllocateMemoryWithTag(self, emu, argv, ctx: dict[str, str] | None = None return rv @apihook("NdisAllocateNetBufferListPool", argc=2) - def NdisAllocateNetBufferListPool(self, emu, argv, ctx: dict[str, str] | None = None): + def NdisAllocateNetBufferListPool(self, emu, argv, ctx: api.ApiContext = None): """ NDIS_HANDLE NdisAllocateNetBufferListPool( NDIS_HANDLE NdisHandle, @@ -297,7 +297,7 @@ def NdisAllocateNetBufferListPool(self, emu, argv, ctx: dict[str, str] | None = return nbl_ptr @apihook("NdisFreeNetBufferListPool", argc=1) - def NdisFreeNetBufferListPool(self, emu, argv, ctx: dict[str, str] | None = None): + def NdisFreeNetBufferListPool(self, emu, argv, ctx: api.ApiContext = None): """ void NdisFreeNetBufferListPool( NDIS_HANDLE PoolHandle @@ -309,7 +309,7 @@ def NdisFreeNetBufferListPool(self, emu, argv, ctx: dict[str, str] | None = None return @apihook("NdisFreeMemory", argc=3) - def NdisFreeMemory(self, emu, argv, ctx: dict[str, str] | None = None): + def NdisFreeMemory(self, emu, argv, ctx: api.ApiContext = None): """ void NdisFreeMemory( PVOID VirtualAddress, @@ -323,7 +323,7 @@ def NdisFreeMemory(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("NdisFreeGenericObject", argc=1) - def NdisFreeGenericObject(self, emu, argv, ctx: dict[str, str] | None = None): + def NdisFreeGenericObject(self, emu, argv, ctx: api.ApiContext = None): """ void NdisFreeGenericObject( PNDIS_GENERIC_OBJECT NdisObject diff --git a/speakeasy/winenv/api/kernelmode/netio.py b/speakeasy/winenv/api/kernelmode/netio.py index 64989d72..e0348fd1 100644 --- a/speakeasy/winenv/api/kernelmode/netio.py +++ b/speakeasy/winenv/api/kernelmode/netio.py @@ -114,7 +114,7 @@ def __init__(self, emu): self.prov_disp.WskGetNameInfo = addr @apihook("WskRegister", argc=2) - def WskRegister(self, emu, argv, ctx: dict[str, str] | None = None): + def WskRegister(self, emu, argv, ctx: api.ApiContext = None): """NTSTATUS WskRegister( PWSK_CLIENT_NPI WskClientNpi, PWSK_REGISTRATION WskRegistration @@ -129,7 +129,7 @@ def WskRegister(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("WskCaptureProviderNPI", argc=3) - def WskCaptureProviderNPI(self, emu, argv, ctx: dict[str, str] | None = None): + def WskCaptureProviderNPI(self, emu, argv, ctx: api.ApiContext = None): """NTSTATUS WskCaptureProviderNPI( PWSK_REGISTRATION WskRegistration, ULONG WaitTimeout, @@ -162,7 +162,7 @@ def WskCaptureProviderNPI(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("callback_WskSocket", argc=11) - def WskSocket(self, emu, argv, ctx: dict[str, str] | None = None): + def WskSocket(self, emu, argv, ctx: api.ApiContext = None): """NTSTATUS PfnWskSocket( PWSK_CLIENT Client, ADDRESS_FAMILY AddressFamily, @@ -193,7 +193,7 @@ def WskSocket(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("callback_WskSocketConnect", argc=12) - def WskSocketConnect(self, emu, argv, ctx: dict[str, str] | None = None): + def WskSocketConnect(self, emu, argv, ctx: api.ApiContext = None): """NTSTATUS PfnWskSocketConnect( PWSK_CLIENT Client, USHORT SocketType, @@ -216,7 +216,7 @@ def WskSocketConnect(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("callback_WskControlClient", argc=8) - def WskControlClient(self, emu, argv, ctx: dict[str, str] | None = None): + def WskControlClient(self, emu, argv, ctx: api.ApiContext = None): """NTSTATUS PfnWskControlClient( PWSK_CLIENT Client, ULONG ControlCode, @@ -234,7 +234,7 @@ def WskControlClient(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("callback_WskGetAddressInfo", argc=10) - def WskGetAddressInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def WskGetAddressInfo(self, emu, argv, ctx: api.ApiContext = None): """NTSTATUS PfnWskGetAddressInfo( PWSK_CLIENT Client, PUNICODE_STRING NodeName, @@ -254,7 +254,7 @@ def WskGetAddressInfo(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("callback_WskFreeAddressInfo", argc=2) - def WskFreeAddressInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def WskFreeAddressInfo(self, emu, argv, ctx: api.ApiContext = None): """void PfnWskFreeAddressInfo( PWSK_CLIENT Client, PADDRINFOEXW AddrInfo @@ -266,7 +266,7 @@ def WskFreeAddressInfo(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("callback_WskGetNameInfo", argc=9) - def WskGetNameInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def WskGetNameInfo(self, emu, argv, ctx: api.ApiContext = None): """NTSTATUS PfnWskGetNameInfo( PWSK_CLIENT Client, PSOCKADDR SockAddr, @@ -285,7 +285,7 @@ def WskGetNameInfo(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("callback_WskControlSocket", argc=10) - def WskControlSocket(self, emu, argv, ctx: dict[str, str] | None = None): + def WskControlSocket(self, emu, argv, ctx: api.ApiContext = None): """NTSTATUS PfnWskControlSocket( PWSK_SOCKET Socket, WSK_CONTROL_SOCKET_TYPE RequestType, @@ -305,7 +305,7 @@ def WskControlSocket(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("callback_WskCloseSocket", argc=2) - def WskCloseSocket(self, emu, argv, ctx: dict[str, str] | None = None): + def WskCloseSocket(self, emu, argv, ctx: api.ApiContext = None): """NTSTATUS PfnWskCloseSocket( PWSK_SOCKET Socket, PIRP Irp @@ -317,7 +317,7 @@ def WskCloseSocket(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("callback_WskBind", argc=4) - def WskBind(self, emu, argv, ctx: dict[str, str] | None = None): + def WskBind(self, emu, argv, ctx: api.ApiContext = None): """NTSTATUS PfnWskBind( PWSK_SOCKET Socket, PSOCKADDR LocalAddress, @@ -338,7 +338,7 @@ def WskBind(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("callback_WskSendTo", argc=7) - def WskSendTo(self, emu, argv, ctx: dict[str, str] | None = None): + def WskSendTo(self, emu, argv, ctx: api.ApiContext = None): """NTSTATUS PfnWskSendTo( PWSK_SOCKET Socket, PWSK_BUF Buffer, @@ -355,7 +355,7 @@ def WskSendTo(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("callback_WskReceiveFrom", argc=8) - def WskReceiveFrom(self, emu, argv, ctx: dict[str, str] | None = None): + def WskReceiveFrom(self, emu, argv, ctx: api.ApiContext = None): """NTSTATUS PfnWskReceiveFrom( PWSK_SOCKET Socket, PWSK_BUF Buffer, @@ -373,7 +373,7 @@ def WskReceiveFrom(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("callback_WskRelease", argc=2) - def WskRelease(self, emu, argv, ctx: dict[str, str] | None = None): + def WskRelease(self, emu, argv, ctx: api.ApiContext = None): """NTSTATUS WSKAPI WSKAPI * WskRelease( _In_ PWSK_SOCKET Socket, _In_ PWSK_DATA_INDICATION DataIndication @@ -385,7 +385,7 @@ def WskRelease(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("callback_WskGetLocalAddress", argc=2) - def WskGetLocalAddress(self, emu, argv, ctx: dict[str, str] | None = None): + def WskGetLocalAddress(self, emu, argv, ctx: api.ApiContext = None): """NTSTATUS PfnWskGetLocalAddress( PWSK_SOCKET Socket, PSOCKADDR LocalAddress, @@ -398,7 +398,7 @@ def WskGetLocalAddress(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("WskReleaseProviderNPI", argc=1) - def WskReleaseProviderNPI(self, emu, argv, ctx: dict[str, str] | None = None): + def WskReleaseProviderNPI(self, emu, argv, ctx: api.ApiContext = None): """ void WskReleaseProviderNPI( PWSK_REGISTRATION WskRegistration @@ -410,7 +410,7 @@ def WskReleaseProviderNPI(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("NsiEnumerateObjectsAllParametersEx", argc=0) - def NsiEnumerateObjectsAllParametersEx(self, emu, argv, ctx: dict[str, str] | None = None): + def NsiEnumerateObjectsAllParametersEx(self, emu, argv, ctx: api.ApiContext = None): """ N/A """ @@ -418,7 +418,7 @@ def NsiEnumerateObjectsAllParametersEx(self, emu, argv, ctx: dict[str, str] | No return @apihook("WskDeregister", argc=1) - def WskDeregister(self, emu, argv, ctx: dict[str, str] | None = None): + def WskDeregister(self, emu, argv, ctx: api.ApiContext = None): """ void WskDeregister( PWSK_REGISTRATION WskRegistration diff --git a/speakeasy/winenv/api/kernelmode/ntoskrnl.py b/speakeasy/winenv/api/kernelmode/ntoskrnl.py index 29f748c6..fe93e799 100644 --- a/speakeasy/winenv/api/kernelmode/ntoskrnl.py +++ b/speakeasy/winenv/api/kernelmode/ntoskrnl.py @@ -101,7 +101,7 @@ def KdDebuggerEnabled(self, ptr=0): return ptr @apihook("ObfDereferenceObject", argc=1, conv=_arch.CALL_CONV_FASTCALL) - def ObfDereferenceObject(self, emu, argv, ctx: dict[str, str] | None = None): + def ObfDereferenceObject(self, emu, argv, ctx: api.ApiContext = None): """ void ObfDereferenceObject(a); """ @@ -113,7 +113,7 @@ def ObfDereferenceObject(self, emu, argv, ctx: dict[str, str] | None = None): obj.ref_cnt -= 1 @apihook("ZwClose", argc=1) - def ZwClose(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwClose(self, emu, argv, ctx: api.ApiContext = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS ZwClose( HANDLE Handle @@ -126,7 +126,7 @@ def ZwClose(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("DbgPrint", argc=_arch.VAR_ARGS, conv=_arch.CALL_CONV_CDECL) - def DbgPrint(self, emu, argv, ctx: dict[str, str] | None = None): + def DbgPrint(self, emu, argv, ctx: api.ApiContext = None): """ ULONG DbgPrint( PCSTR Format, @@ -147,7 +147,7 @@ def DbgPrint(self, emu, argv, ctx: dict[str, str] | None = None): return len(fin) @apihook("DbgPrintEx", argc=_arch.VAR_ARGS, conv=_arch.CALL_CONV_CDECL) - def DbgPrintEx(self, emu, argv, ctx: dict[str, str] | None = None): + def DbgPrintEx(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI ULONG DbgPrintEx( ULONG ComponentId, @@ -175,7 +175,7 @@ def DbgPrintEx(self, emu, argv, ctx: dict[str, str] | None = None): return len(fin) @apihook("_vsnprintf", argc=4, conv=_arch.CALL_CONV_CDECL) - def _vsnprintf(self, emu, argv, ctx: dict[str, str] | None = None): + def _vsnprintf(self, emu, argv, ctx: api.ApiContext = None): """ int _vsnprintf( char *buffer, @@ -204,12 +204,12 @@ def _vsnprintf(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("vsprintf_s", argc=4, conv=_arch.CALL_CONV_CDECL) - def vsprintf_s(self, emu, argv, ctx: dict[str, str] | None = None): + def vsprintf_s(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return self._vsnprintf(emu, argv, ctx) @apihook("RtlAnsiStringToUnicodeString", argc=3) - def RtlAnsiStringToUnicodeString(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlAnsiStringToUnicodeString(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI NTSTATUS RtlAnsiStringToUnicodeString( PUNICODE_STRING DestinationString, @@ -254,7 +254,7 @@ def RtlAnsiStringToUnicodeString(self, emu, argv, ctx: dict[str, str] | None = N return nts @apihook("RtlInitAnsiString", argc=2) - def RtlInitAnsiString(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlInitAnsiString(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI VOID RtlInitAnsiString( PANSI_STRING DestinationString, @@ -278,7 +278,7 @@ def RtlInitAnsiString(self, emu, argv, ctx: dict[str, str] | None = None): argv[1] = ansi_str @apihook("RtlInitUnicodeString", argc=2) - def RtlInitUnicodeString(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlInitUnicodeString(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI VOID RtlInitUnicodeString( PUNICODE_STRING DestinationString, @@ -307,7 +307,7 @@ def RtlInitUnicodeString(self, emu, argv, ctx: dict[str, str] | None = None): argv[1] = uni_str @apihook("RtlFreeUnicodeString", argc=1) - def RtlFreeUnicodeString(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlFreeUnicodeString(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI VOID RtlFreeUnicodeString( PUNICODE_STRING UnicodeString @@ -324,7 +324,7 @@ def RtlFreeUnicodeString(self, emu, argv, ctx: dict[str, str] | None = None): self.mem_free(us.Buffer) @apihook("ExAllocatePoolWithTag", argc=3, conv=_arch.CALL_CONV_STDCALL) - def ExAllocatePoolWithTag(self, emu, argv, ctx: dict[str, str] | None = None): + def ExAllocatePoolWithTag(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI PVOID ExAllocatePoolWithTag( POOL_TYPE PoolType, @@ -347,7 +347,7 @@ def ExAllocatePoolWithTag(self, emu, argv, ctx: dict[str, str] | None = None): return chunk @apihook("ExFreePoolWithTag", argc=2) - def ExFreePoolWithTag(self, emu, argv, ctx: dict[str, str] | None = None): + def ExFreePoolWithTag(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI VOID ExFreePoolWithTag( PVOID P, @@ -366,7 +366,7 @@ def ExFreePoolWithTag(self, emu, argv, ctx: dict[str, str] | None = None): self.mem_free(P) @apihook("ExAllocatePool", argc=2) - def ExAllocatePool(self, emu, argv, ctx: dict[str, str] | None = None): + def ExAllocatePool(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI PVOID ExAllocatePool( POOL_TYPE PoolType, @@ -380,7 +380,7 @@ def ExAllocatePool(self, emu, argv, ctx: dict[str, str] | None = None): return chunk @apihook("ExFreePool", argc=1) - def ExFreePool(self, emu, argv, ctx: dict[str, str] | None = None): + def ExFreePool(self, emu, argv, ctx: api.ApiContext = None): """ void ExFreePool( addr @@ -391,7 +391,7 @@ def ExFreePool(self, emu, argv, ctx: dict[str, str] | None = None): self.mem_free(addr) @apihook("memmove", argc=3) - def memmove(self, emu, argv, ctx: dict[str, str] | None = None): + def memmove(self, emu, argv, ctx: api.ApiContext = None): """ void *memmove( void *dest, @@ -407,7 +407,7 @@ def memmove(self, emu, argv, ctx: dict[str, str] | None = None): return dest @apihook("IoDeleteDriver", argc=1) - def IoDeleteDriver(self, emu, argv, ctx: dict[str, str] | None = None): + def IoDeleteDriver(self, emu, argv, ctx: api.ApiContext = None): """ VOID IoDeleteDriver(PDRIVER_OBJECT DriverObject) """ @@ -417,7 +417,7 @@ def IoDeleteDriver(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("IoCreateDevice", argc=7) - def IoCreateDevice(self, emu, argv, ctx: dict[str, str] | None = None): + def IoCreateDevice(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS IoCreateDevice( PDRIVER_OBJECT DriverObject, @@ -449,7 +449,7 @@ def IoCreateDevice(self, emu, argv, ctx: dict[str, str] | None = None): return nts @apihook("IoCreateDeviceSecure", argc=9) - def IoCreateDeviceSecure(self, emu, argv, ctx: dict[str, str] | None = None): + def IoCreateDeviceSecure(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS IoCreateDeviceSecure( _In_ PDRIVER_OBJECT DriverObject, @@ -481,7 +481,7 @@ def IoCreateDeviceSecure(self, emu, argv, ctx: dict[str, str] | None = None): return nts @apihook("IoCreateSymbolicLink", argc=2) - def IoCreateSymbolicLink(self, emu, argv, ctx: dict[str, str] | None = None): + def IoCreateSymbolicLink(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS IoCreateSymbolicLink( PUNICODE_STRING SymbolicLinkName, @@ -501,7 +501,7 @@ def IoCreateSymbolicLink(self, emu, argv, ctx: dict[str, str] | None = None): return nts @apihook("IofCompleteRequest", argc=2, conv=_arch.CALL_CONV_FASTCALL) - def IofCompleteRequest(self, emu, argv, ctx: dict[str, str] | None = None): + def IofCompleteRequest(self, emu, argv, ctx: api.ApiContext = None): """ VOID IoCompleteRequest( _In_ PIRP Irp, @@ -515,7 +515,7 @@ def IofCompleteRequest(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("IoDeleteSymbolicLink", argc=1) - def IoDeleteSymbolicLink(self, emu, argv, ctx: dict[str, str] | None = None): + def IoDeleteSymbolicLink(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS IoDeleteSymbolicLink( PUNICODE_STRING SymbolicLinkName @@ -530,12 +530,12 @@ def IoDeleteSymbolicLink(self, emu, argv, ctx: dict[str, str] | None = None): return nts @apihook("KeInitializeMutex", argc=2) - def KeInitializeMutex(self, emu, argv, ctx: dict[str, str] | None = None): + def KeInitializeMutex(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("IoDeleteDevice", argc=1) - def IoDeleteDevice(self, emu, argv, ctx: dict[str, str] | None = None): + def IoDeleteDevice(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI VOID IoDeleteDevice( __drv_freesMem(Mem)PDEVICE_OBJECT DeviceObject @@ -548,7 +548,7 @@ def IoDeleteDevice(self, emu, argv, ctx: dict[str, str] | None = None): return nts @apihook("MmIsAddressValid", argc=1) - def MmIsAddressValid(self, emu, argv, ctx: dict[str, str] | None = None): + def MmIsAddressValid(self, emu, argv, ctx: api.ApiContext = None): """ BOOLEAN MmIsAddressValid( PVOID VirtualAddress @@ -563,7 +563,7 @@ def MmIsAddressValid(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("ZwQuerySystemInformation", argc=4) - def ZwQuerySystemInformation(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwQuerySystemInformation(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS WINAPI ZwQuerySystemInformation( _In_ SYSTEM_INFORMATION_CLASS SystemInformationClass, @@ -694,7 +694,7 @@ def ZwQuerySystemInformation(self, emu, argv, ctx: dict[str, str] | None = None) return nts @apihook("_allshl", argc=2, conv=_arch.CALL_CONV_CDECL) - def _allshl(self, emu, argv, ctx: dict[str, str] | None = None): + def _allshl(self, emu, argv, ctx: api.ApiContext = None): """ LONGLONG _allshl ( @@ -709,7 +709,7 @@ def _allshl(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("wcscpy", argc=2, conv=_arch.CALL_CONV_CDECL) - def wcscpy(self, emu, argv, ctx: dict[str, str] | None = None): + def wcscpy(self, emu, argv, ctx: api.ApiContext = None): """ wchar_t *wcscpy( wchar_t *strDestination, @@ -726,7 +726,7 @@ def wcscpy(self, emu, argv, ctx: dict[str, str] | None = None): return len(ws) @apihook("wcsncpy", argc=3, conv=_arch.CALL_CONV_CDECL) - def wcsncpy(self, emu, argv, ctx: dict[str, str] | None = None): + def wcsncpy(self, emu, argv, ctx: api.ApiContext = None): """ wchar_t *wcsncpy( wchar_t *strDest, @@ -743,7 +743,7 @@ def wcsncpy(self, emu, argv, ctx: dict[str, str] | None = None): return len(ws) @apihook("RtlMoveMemory", argc=3) - def RtlMoveMemory(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlMoveMemory(self, emu, argv, ctx: api.ApiContext = None): """ void RtlMoveMemory( void* Destination, @@ -755,7 +755,7 @@ def RtlMoveMemory(self, emu, argv, ctx: dict[str, str] | None = None): self.memcpy(emu, argv) @apihook("memcpy", argc=3, conv=_arch.CALL_CONV_CDECL) - def memcpy(self, emu, argv, ctx: dict[str, str] | None = None): + def memcpy(self, emu, argv, ctx: api.ApiContext = None): """ void *memcpy( void *dest, @@ -771,7 +771,7 @@ def memcpy(self, emu, argv, ctx: dict[str, str] | None = None): return dest @apihook("memset", argc=3, conv=_arch.CALL_CONV_CDECL) - def memset(self, emu, argv, ctx: dict[str, str] | None = None): + def memset(self, emu, argv, ctx: api.ApiContext = None): """ void *memset( void *dest, @@ -787,7 +787,7 @@ def memset(self, emu, argv, ctx: dict[str, str] | None = None): return dest @apihook("sprintf", argc=_arch.VAR_ARGS, conv=_arch.CALL_CONV_CDECL) - def sprintf(self, emu, argv, ctx: dict[str, str] | None = None): + def sprintf(self, emu, argv, ctx: api.ApiContext = None): """ int sprintf( char *buffer, @@ -812,7 +812,7 @@ def sprintf(self, emu, argv, ctx: dict[str, str] | None = None): return len(fin) @apihook("_snprintf", argc=_arch.VAR_ARGS, conv=_arch.CALL_CONV_CDECL) - def _snprintf(self, emu, argv, ctx: dict[str, str] | None = None): + def _snprintf(self, emu, argv, ctx: api.ApiContext = None): """ int _snprintf( char *buffer, @@ -838,7 +838,7 @@ def _snprintf(self, emu, argv, ctx: dict[str, str] | None = None): return len(fin) @apihook("wcslen", argc=1, conv=_arch.CALL_CONV_CDECL) - def wcslen(self, emu, argv, ctx: dict[str, str] | None = None): + def wcslen(self, emu, argv, ctx: api.ApiContext = None): """ size_t wcslen( const wchar_t *str @@ -857,7 +857,7 @@ def wcslen(self, emu, argv, ctx: dict[str, str] | None = None): return slen @apihook("wcschr", argc=2, conv=_arch.CALL_CONV_CDECL) - def wcschr(self, emu, argv, ctx: dict[str, str] | None = None): + def wcschr(self, emu, argv, ctx: api.ApiContext = None): """ wchar_t *wcschr( const wchar_t *str, @@ -882,7 +882,7 @@ def wcschr(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("wcscat", argc=2, conv=_arch.CALL_CONV_CDECL) - def wcscat(self, emu, argv, ctx: dict[str, str] | None = None): + def wcscat(self, emu, argv, ctx: api.ApiContext = None): """ wchar_t *wcscat( wchar_t *strDestination, @@ -906,7 +906,7 @@ def wcscat(self, emu, argv, ctx: dict[str, str] | None = None): return dest @apihook("strrchr", argc=2, conv=_arch.CALL_CONV_CDECL) - def strrchr(self, emu, argv, ctx: dict[str, str] | None = None): + def strrchr(self, emu, argv, ctx: api.ApiContext = None): """ char *strrchr( const char *str, @@ -931,7 +931,7 @@ def strrchr(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("strchr", argc=2, conv=_arch.CALL_CONV_CDECL) - def strchr(self, emu, argv, ctx: dict[str, str] | None = None): + def strchr(self, emu, argv, ctx: api.ApiContext = None): """ char *strchr( const char *str, @@ -956,7 +956,7 @@ def strchr(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_wcsnicmp", argc=3, conv=_arch.CALL_CONV_CDECL) - def _wcsnicmp(self, emu, argv, ctx: dict[str, str] | None = None): + def _wcsnicmp(self, emu, argv, ctx: api.ApiContext = None): """ int _wcsnicmp( const wchar_t *string1, @@ -980,7 +980,7 @@ def _wcsnicmp(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_stricmp", argc=2, conv=_arch.CALL_CONV_CDECL) - def _stricmp(self, emu, argv, ctx: dict[str, str] | None = None): + def _stricmp(self, emu, argv, ctx: api.ApiContext = None): """ int _stricmp( const char *string1, @@ -1006,7 +1006,7 @@ def _stricmp(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_wcsicmp", argc=2, conv=_arch.CALL_CONV_CDECL) - def _wcsicmp(self, emu, argv, ctx: dict[str, str] | None = None): + def _wcsicmp(self, emu, argv, ctx: api.ApiContext = None): """ int _wcsicmp( const wchar_t *string1, @@ -1029,7 +1029,7 @@ def _wcsicmp(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("PsCreateSystemThread", argc=7) - def PsCreateSystemThread(self, emu, argv, ctx: dict[str, str] | None = None): + def PsCreateSystemThread(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS PsCreateSystemThread( PHANDLE ThreadHandle, @@ -1062,7 +1062,7 @@ def PsCreateSystemThread(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RtlCopyUnicodeString", argc=2) - def RtlCopyUnicodeString(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlCopyUnicodeString(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI VOID RtlCopyUnicodeString( PUNICODE_STRING DestinationString, @@ -1096,7 +1096,7 @@ def RtlCopyUnicodeString(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("RtlEqualUnicodeString", argc=3) - def RtlEqualUnicodeString(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlEqualUnicodeString(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI BOOLEAN RtlEqualUnicodeString( PCUNICODE_STRING String1, @@ -1123,7 +1123,7 @@ def RtlEqualUnicodeString(self, emu, argv, ctx: dict[str, str] | None = None): return int(rv) @apihook("IoAllocateIrp", argc=2) - def IoAllocateIrp(self, emu, argv, ctx: dict[str, str] | None = None): + def IoAllocateIrp(self, emu, argv, ctx: api.ApiContext = None): """ PIRP IoAllocateIrp( CCHAR StackSize, @@ -1143,7 +1143,7 @@ def IoAllocateIrp(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("IoFreeIrp", argc=1) - def IoFreeIrp(self, emu, argv, ctx: dict[str, str] | None = None): + def IoFreeIrp(self, emu, argv, ctx: api.ApiContext = None): """ void IoFreeIrp( PIRP Irp @@ -1155,7 +1155,7 @@ def IoFreeIrp(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("IoReuseIrp", argc=2) - def IoReuseIrp(self, emu, argv, ctx: dict[str, str] | None = None): + def IoReuseIrp(self, emu, argv, ctx: api.ApiContext = None): """ void IoReuseIrp( PIRP Irp, @@ -1168,7 +1168,7 @@ def IoReuseIrp(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("IoAllocateMdl", argc=5) - def IoAllocateMdl(self, emu, argv, ctx: dict[str, str] | None = None): + def IoAllocateMdl(self, emu, argv, ctx: api.ApiContext = None): """ PMDL IoAllocateMdl( __drv_aliasesMem PVOID VirtualAddress, @@ -1196,7 +1196,7 @@ def IoAllocateMdl(self, emu, argv, ctx: dict[str, str] | None = None): return ptr @apihook("MmProbeAndLockPages", argc=3) - def MmProbeAndLockPages(self, emu, argv, ctx: dict[str, str] | None = None): + def MmProbeAndLockPages(self, emu, argv, ctx: api.ApiContext = None): """ void MmProbeAndLockPages( PMDL MemoryDescriptorList, @@ -1208,7 +1208,7 @@ def MmProbeAndLockPages(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("KeDelayExecutionThread", argc=3) - def KeDelayExecutionThread(self, emu, argv, ctx: dict[str, str] | None = None): + def KeDelayExecutionThread(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS KeDelayExecutionThread( KPROCESSOR_MODE WaitMode, @@ -1223,7 +1223,7 @@ def KeDelayExecutionThread(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("KeSetEvent", argc=3) - def KeSetEvent(self, emu, argv, ctx: dict[str, str] | None = None): + def KeSetEvent(self, emu, argv, ctx: api.ApiContext = None): """ LONG KeSetEvent( PRKEVENT Event, @@ -1238,7 +1238,7 @@ def KeSetEvent(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("IoCreateSynchronizationEvent", argc=2) - def IoCreateSynchronizationEvent(self, emu, argv, ctx: dict[str, str] | None = None): + def IoCreateSynchronizationEvent(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI PKEVENT IoCreateSynchronizationEvent( PUNICODE_STRING EventName, @@ -1259,7 +1259,7 @@ def IoCreateSynchronizationEvent(self, emu, argv, ctx: dict[str, str] | None = N return evt.address @apihook("KeInitializeEvent", argc=3) - def KeInitializeEvent(self, emu, argv, ctx: dict[str, str] | None = None): + def KeInitializeEvent(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI VOID KeInitializeEvent( PRKEVENT Event, @@ -1272,7 +1272,7 @@ def KeInitializeEvent(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("KeResetEvent", argc=1) - def KeResetEvent(self, emu, argv, ctx: dict[str, str] | None = None): + def KeResetEvent(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI LONG KeResetEvent( PRKEVENT Event @@ -1284,7 +1284,7 @@ def KeResetEvent(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("KeClearEvent", argc=1) - def KeClearEvent(self, emu, argv, ctx: dict[str, str] | None = None): + def KeClearEvent(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI VOID KeClearEvent( PRKEVENT Event @@ -1294,7 +1294,7 @@ def KeClearEvent(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("KeInitializeTimer", argc=1) - def KeInitializeTimer(self, emu, argv, ctx: dict[str, str] | None = None): + def KeInitializeTimer(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI VOID KeInitializeTimer( PKTIMER Timer @@ -1304,7 +1304,7 @@ def KeInitializeTimer(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("KeSetTimer", argc=3) - def KeSetTimer(self, emu, argv, ctx: dict[str, str] | None = None): + def KeSetTimer(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI BOOLEAN KeSetTimer( PKTIMER Timer, @@ -1316,7 +1316,7 @@ def KeSetTimer(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("PsLookupProcessByProcessId", argc=2) - def PsLookupProcessByProcessId(self, emu, argv, ctx: dict[str, str] | None = None): + def PsLookupProcessByProcessId(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS PsLookupProcessByProcessId( HANDLE ProcessId, @@ -1343,7 +1343,7 @@ def PsLookupProcessByProcessId(self, emu, argv, ctx: dict[str, str] | None = Non return rv @apihook("ObOpenObjectByPointer", argc=7) - def ObOpenObjectByPointer(self, emu, argv, ctx: dict[str, str] | None = None): + def ObOpenObjectByPointer(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS ObOpenObjectByPointer( PVOID Object, @@ -1368,7 +1368,7 @@ def ObOpenObjectByPointer(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("PsGetProcessPeb", argc=1) - def PsGetProcessPeb(self, emu, argv, ctx: dict[str, str] | None = None): + def PsGetProcessPeb(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI PPEB PsGetProcessPeb( PEPROCESS Object, @@ -1382,7 +1382,7 @@ def PsGetProcessPeb(self, emu, argv, ctx: dict[str, str] | None = None): return peb.address @apihook("KeStackAttachProcess", argc=2) - def KeStackAttachProcess(self, emu, argv, ctx: dict[str, str] | None = None): + def KeStackAttachProcess(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI VOID KeStackAttachProcess( PRKPROCESS PROCESS, @@ -1397,7 +1397,7 @@ def KeStackAttachProcess(self, emu, argv, ctx: dict[str, str] | None = None): emu.set_current_process(proc) @apihook("KeUnstackDetachProcess", argc=1) - def KeUnstackDetachProcess(self, emu, argv, ctx: dict[str, str] | None = None): + def KeUnstackDetachProcess(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI VOID KeUnstackDetachProcess( PRKAPC_STATE ApcState @@ -1408,7 +1408,7 @@ def KeUnstackDetachProcess(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("ZwProtectVirtualMemory", argc=5) - def ZwProtectVirtualMemory(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwProtectVirtualMemory(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS ZwProtectVirtualMemory( IN HANDLE ProcessHandle, @@ -1433,7 +1433,7 @@ def ZwProtectVirtualMemory(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("ZwWriteVirtualMemory", argc=5) - def ZwWriteVirtualMemory(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwWriteVirtualMemory(self, emu, argv, ctx: api.ApiContext = None): """ ZwWriteVirtualMemory( HANDLE ProcessHandle, @@ -1470,7 +1470,7 @@ def ZwWriteVirtualMemory(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("ZwAllocateVirtualMemory", argc=6) - def ZwAllocateVirtualMemory(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwAllocateVirtualMemory(self, emu, argv, ctx: api.ApiContext = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS ZwAllocateVirtualMemory( HANDLE ProcessHandle, @@ -1503,7 +1503,7 @@ def ZwAllocateVirtualMemory(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("PsLookupThreadByThreadId", argc=2) - def PsLookupThreadByThreadId(self, emu, argv, ctx: dict[str, str] | None = None): + def PsLookupThreadByThreadId(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS PsLookupThreadByThreadId( HANDLE ThreadId, @@ -1526,7 +1526,7 @@ def PsLookupThreadByThreadId(self, emu, argv, ctx: dict[str, str] | None = None) return rv @apihook("RtlGetVersion", argc=1) - def RtlGetVersion(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlGetVersion(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI NTSTATUS RtlGetVersion( PRTL_OSVERSIONINFOW lpVersionInformation @@ -1555,7 +1555,7 @@ def RtlGetVersion(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("KeWaitForSingleObject", argc=5) - def KeWaitForSingleObject(self, emu, argv, ctx: dict[str, str] | None = None): + def KeWaitForSingleObject(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS KeWaitForSingleObject( PVOID Object, @@ -1572,7 +1572,7 @@ def KeWaitForSingleObject(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("KeInitializeApc", argc=8) - def KeInitializeApc(self, emu, argv, ctx: dict[str, str] | None = None): + def KeInitializeApc(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI VOID KeInitializeApc( PKAPC Apc, @@ -1601,7 +1601,7 @@ def KeInitializeApc(self, emu, argv, ctx: dict[str, str] | None = None): apc.NormalContext = ctx @apihook("MmMapLockedPagesSpecifyCache", argc=6) - def MmMapLockedPagesSpecifyCache(self, emu, argv, ctx: dict[str, str] | None = None): + def MmMapLockedPagesSpecifyCache(self, emu, argv, ctx: api.ApiContext = None): """ PVOID MmMapLockedPagesSpecifyCache( PMDL MemoryDescriptorList, @@ -1623,7 +1623,7 @@ def MmMapLockedPagesSpecifyCache(self, emu, argv, ctx: dict[str, str] | None = N return rv @apihook("KeInsertQueueApc", argc=4) - def KeInsertQueueApc(self, emu, argv, ctx: dict[str, str] | None = None): + def KeInsertQueueApc(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI BOOLEAN KeInsertQueueApc( PKAPC Apc, @@ -1638,7 +1638,7 @@ def KeInsertQueueApc(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("KeInitializeDpc", argc=3) - def KeInitializeDpc(self, emu, argv, ctx: dict[str, str] | None = None): + def KeInitializeDpc(self, emu, argv, ctx: api.ApiContext = None): """ void KeInitializeDpc( __drv_aliasesMem PRKDPC Dpc, @@ -1652,7 +1652,7 @@ def KeInitializeDpc(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("ObReferenceObjectByName", argc=8) - def ObReferenceObjectByName(self, emu, argv, ctx: dict[str, str] | None = None): + def ObReferenceObjectByName(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS NTAPI @@ -1693,7 +1693,7 @@ def ObReferenceObjectByName(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("IoGetDeviceObjectPointer", argc=4) - def IoGetDeviceObjectPointer(self, emu, argv, ctx: dict[str, str] | None = None): + def IoGetDeviceObjectPointer(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS IoGetDeviceObjectPointer( PUNICODE_STRING ObjectName, @@ -1719,7 +1719,7 @@ def IoGetDeviceObjectPointer(self, emu, argv, ctx: dict[str, str] | None = None) return rv @apihook("PsTerminateSystemThread", argc=1) - def PsTerminateSystemThread(self, emu, argv, ctx: dict[str, str] | None = None): + def PsTerminateSystemThread(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS PsTerminateSystemThread( NTSTATUS ExitStatus @@ -1732,7 +1732,7 @@ def PsTerminateSystemThread(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("IoRegisterBootDriverReinitialization", argc=3) - def IoRegisterBootDriverReinitialization(self, emu, argv, ctx: dict[str, str] | None = None): + def IoRegisterBootDriverReinitialization(self, emu, argv, ctx: api.ApiContext = None): """ void IoRegisterBootDriverReinitialization( PDRIVER_OBJECT DriverObject, @@ -1749,7 +1749,7 @@ def IoRegisterBootDriverReinitialization(self, emu, argv, ctx: dict[str, str] | return @apihook("KdDisableDebugger", argc=0) - def KdDisableDebugger(self, emu, argv, ctx: dict[str, str] | None = None): + def KdDisableDebugger(self, emu, argv, ctx: api.ApiContext = None): """NTKERNELAPI NTSTATUS KdDisableDebugger();""" ctx = ctx or {} @@ -1757,7 +1757,7 @@ def KdDisableDebugger(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("KdChangeOption", argc=0) - def KdChangeOption(self, emu, argv, ctx: dict[str, str] | None = None): + def KdChangeOption(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS KdChangeOption( KD_OPTION Option, @@ -1774,7 +1774,7 @@ def KdChangeOption(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("MmGetSystemRoutineAddress", argc=1) - def MmGetSystemRoutineAddress(self, emu, argv, ctx: dict[str, str] | None = None): + def MmGetSystemRoutineAddress(self, emu, argv, ctx: api.ApiContext = None): """ DECLSPEC_IMPORT PVOID MmGetSystemRoutineAddress( PUNICODE_STRING SystemRoutineName @@ -1789,7 +1789,7 @@ def MmGetSystemRoutineAddress(self, emu, argv, ctx: dict[str, str] | None = None return addr @apihook("KeQuerySystemTime", argc=1) - def KeQuerySystemTime(self, emu, argv, ctx: dict[str, str] | None = None): + def KeQuerySystemTime(self, emu, argv, ctx: api.ApiContext = None): """ void KeQuerySystemTime( PLARGE_INTEGER CurrentTime @@ -1802,7 +1802,7 @@ def KeQuerySystemTime(self, emu, argv, ctx: dict[str, str] | None = None): self.mem_write(CurrentTime, data) @apihook("RtlTimeToTimeFields", argc=2) - def RtlTimeToTimeFields(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlTimeToTimeFields(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI VOID RtlTimeToTimeFields( PLARGE_INTEGER Time, @@ -1816,7 +1816,7 @@ def RtlTimeToTimeFields(self, emu, argv, ctx: dict[str, str] | None = None): sys_time @apihook("ExSystemTimeToLocalTime", argc=2) - def ExSystemTimeToLocalTime(self, emu, argv, ctx: dict[str, str] | None = None): + def ExSystemTimeToLocalTime(self, emu, argv, ctx: api.ApiContext = None): """ void ExSystemTimeToLocalTime( PLARGE_INTEGER SystemTime, @@ -1831,7 +1831,7 @@ def ExSystemTimeToLocalTime(self, emu, argv, ctx: dict[str, str] | None = None): self.mem_write(LocalTime, int_sys_time.to_bytes(8, "little")) @apihook("CmRegisterCallbackEx", argc=6) - def CmRegisterCallbackEx(self, emu, argv, ctx: dict[str, str] | None = None): + def CmRegisterCallbackEx(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS CmRegisterCallbackEx( PEX_CALLBACK_FUNCTION Function, @@ -1849,7 +1849,7 @@ def CmRegisterCallbackEx(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CmRegisterCallback", argc=3) - def CmRegisterCallback(self, emu, argv, ctx: dict[str, str] | None = None): + def CmRegisterCallback(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS CmRegisterCallback( PEX_CALLBACK_FUNCTION Function, @@ -1866,7 +1866,7 @@ def CmRegisterCallback(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CmUnRegisterCallback", argc=1) - def CmUnRegisterCallback(self, emu, argv, ctx: dict[str, str] | None = None): + def CmUnRegisterCallback(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS CmUnRegisterCallback( LARGE_INTEGER Cookie @@ -1879,7 +1879,7 @@ def CmUnRegisterCallback(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("EtwRegister", argc=4) - def EtwRegister(self, emu, argv, ctx: dict[str, str] | None = None): + def EtwRegister(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS EtwRegister( LPCGUID ProviderId, @@ -1900,7 +1900,7 @@ def EtwRegister(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RtlImageDirectoryEntryToData", argc=4) - def RtlImageDirectoryEntryToData(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlImageDirectoryEntryToData(self, emu, argv, ctx: api.ApiContext = None): """ PVOID IMAGEAPI ImageDirectoryEntryToData( PVOID Base, @@ -1922,7 +1922,7 @@ def RtlImageDirectoryEntryToData(self, emu, argv, ctx: dict[str, str] | None = N return rv @apihook("ZwOpenEvent", argc=3) - def ZwOpenEvent(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwOpenEvent(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSCALLAPI NTSTATUS ZwOpenEvent( PHANDLE EventHandle, @@ -1950,7 +1950,7 @@ def ZwOpenEvent(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("ZwCreateEvent", argc=5) - def ZwCreateEvent(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwCreateEvent(self, emu, argv, ctx: api.ApiContext = None): """NTSYSAPI NTSTATUS ZwCreateEvent( PHANDLE EventHandle, ACCESS_MASK DesiredAccess, @@ -1978,7 +1978,7 @@ def ZwCreateEvent(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("ExInitializeResourceLite", argc=1) - def ExInitializeResourceLite(self, emu, argv, ctx: dict[str, str] | None = None): + def ExInitializeResourceLite(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS ExInitializeResourceLite( PERESOURCE Resource @@ -1990,14 +1990,14 @@ def ExInitializeResourceLite(self, emu, argv, ctx: dict[str, str] | None = None) return ddk.STATUS_SUCCESS @apihook("KeEnterCriticalRegion", argc=0) - def KeEnterCriticalRegion(self, emu, argv, ctx: dict[str, str] | None = None): + def KeEnterCriticalRegion(self, emu, argv, ctx: api.ApiContext = None): """NTKERNELAPI VOID KeEnterCriticalRegion();""" ctx = ctx or {} return @apihook("ExAcquireResourceExclusiveLite", argc=2) - def ExAcquireResourceExclusiveLite(self, emu, argv, ctx: dict[str, str] | None = None): + def ExAcquireResourceExclusiveLite(self, emu, argv, ctx: api.ApiContext = None): """ BOOLEAN ExAcquireResourceExclusiveLite( PERESOURCE Resource, @@ -2009,7 +2009,7 @@ def ExAcquireResourceExclusiveLite(self, emu, argv, ctx: dict[str, str] | None = return rv @apihook("ExAcquireResourceSharedLite", argc=2) - def ExAcquireResourceSharedLite(self, emu, argv, ctx: dict[str, str] | None = None): + def ExAcquireResourceSharedLite(self, emu, argv, ctx: api.ApiContext = None): """ BOOLEAN ExAcquireResourceSharedLite( _Inout_ PERESOURCE Resource, @@ -2021,7 +2021,7 @@ def ExAcquireResourceSharedLite(self, emu, argv, ctx: dict[str, str] | None = No return rv @apihook("ExReleaseResourceLite", argc=1, conv=_arch.CALL_CONV_FASTCALL) - def ExReleaseResourceLite(self, emu, argv, ctx: dict[str, str] | None = None): + def ExReleaseResourceLite(self, emu, argv, ctx: api.ApiContext = None): """ VOID ExReleaseResourceLite( _Inout_ PERESOURCE Resource @@ -2031,7 +2031,7 @@ def ExReleaseResourceLite(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("ExAcquireFastMutex", argc=1) - def ExAcquireFastMutex(self, emu, argv, ctx: dict[str, str] | None = None): + def ExAcquireFastMutex(self, emu, argv, ctx: api.ApiContext = None): """ VOID ExAcquireFastMutex( _Inout_ PFAST_MUTEX FastMutex @@ -2043,7 +2043,7 @@ def ExAcquireFastMutex(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("ExReleaseFastMutex", argc=1) - def ExReleaseFastMutex(self, emu, argv, ctx: dict[str, str] | None = None): + def ExReleaseFastMutex(self, emu, argv, ctx: api.ApiContext = None): """ VOID ExReleaseFastMutex( _Inout_ PFAST_MUTEX FastMutex @@ -2055,7 +2055,7 @@ def ExReleaseFastMutex(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("ObfReferenceObject", argc=1) - def ObfReferenceObject(self, emu, argv, ctx: dict[str, str] | None = None): + def ObfReferenceObject(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI LONG_PTR ObfReferenceObject( PVOID Object @@ -2065,7 +2065,7 @@ def ObfReferenceObject(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("RtlLengthRequiredSid", argc=1) - def RtlLengthRequiredSid(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlLengthRequiredSid(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI ULONG RtlLengthRequiredSid( ULONG SubAuthorityCount @@ -2078,7 +2078,7 @@ def RtlLengthRequiredSid(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RtlInitializeSid", argc=3) - def RtlInitializeSid(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlInitializeSid(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI NTSTATUS RtlInitializeSid( PSID Sid, @@ -2093,7 +2093,7 @@ def RtlInitializeSid(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RtlSubAuthoritySid", argc=2) - def RtlSubAuthoritySid(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlSubAuthoritySid(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI PULONG RtlSubAuthoritySid( PSID Sid, @@ -2107,7 +2107,7 @@ def RtlSubAuthoritySid(self, emu, argv, ctx: dict[str, str] | None = None): return sid @apihook("RtlCreateAcl", argc=3) - def RtlCreateAcl(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlCreateAcl(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI NTSTATUS RtlCreateAcl( PACL Acl, @@ -2123,7 +2123,7 @@ def RtlCreateAcl(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RtlSetDaclSecurityDescriptor", argc=4) - def RtlSetDaclSecurityDescriptor(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlSetDaclSecurityDescriptor(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI NTSTATUS RtlSetDaclSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor, @@ -2140,7 +2140,7 @@ def RtlSetDaclSecurityDescriptor(self, emu, argv, ctx: dict[str, str] | None = N return rv @apihook("ObSetSecurityObjectByPointer", argc=3) - def ObSetSecurityObjectByPointer(self, emu, argv, ctx: dict[str, str] | None = None): + def ObSetSecurityObjectByPointer(self, emu, argv, ctx: api.ApiContext = None): """ ObSetSecurityObjectByPointer(IN PVOID Object, IN SECURITY_INFORMATION SecurityInformation, @@ -2155,7 +2155,7 @@ def ObSetSecurityObjectByPointer(self, emu, argv, ctx: dict[str, str] | None = N return rv @apihook("RtlCreateSecurityDescriptor", argc=2) - def RtlCreateSecurityDescriptor(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlCreateSecurityDescriptor(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI NTSTATUS RtlCreateSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor, @@ -2170,7 +2170,7 @@ def RtlCreateSecurityDescriptor(self, emu, argv, ctx: dict[str, str] | None = No return rv @apihook("RtlAddAccessAllowedAce", argc=4) - def RtlAddAccessAllowedAce(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlAddAccessAllowedAce(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI NTSTATUS RtlAddAccessAllowedAce( PACL Acl, @@ -2187,7 +2187,7 @@ def RtlAddAccessAllowedAce(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("PoDeletePowerRequest", argc=1) - def PoDeletePowerRequest(self, emu, argv, ctx: dict[str, str] | None = None): + def PoDeletePowerRequest(self, emu, argv, ctx: api.ApiContext = None): """ void PoDeletePowerRequest( PVOID PowerRequest @@ -2197,7 +2197,7 @@ def PoDeletePowerRequest(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("IoWMIRegistrationControl", argc=2) - def IoWMIRegistrationControl(self, emu, argv, ctx: dict[str, str] | None = None): + def IoWMIRegistrationControl(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS IoWMIRegistrationControl( PDEVICE_OBJECT DeviceObject, @@ -2214,7 +2214,7 @@ def IoWMIRegistrationControl(self, emu, argv, ctx: dict[str, str] | None = None) return rv @apihook("ObMakeTemporaryObject", argc=1) - def ObMakeTemporaryObject(self, emu, argv, ctx: dict[str, str] | None = None): + def ObMakeTemporaryObject(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI VOID ObMakeTemporaryObject( PVOID Object @@ -2224,7 +2224,7 @@ def ObMakeTemporaryObject(self, emu, argv, ctx: dict[str, str] | None = None): return None @apihook("RtlGetCompressionWorkSpaceSize", argc=3) - def RtlGetCompressionWorkSpaceSize(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlGetCompressionWorkSpaceSize(self, emu, argv, ctx: api.ApiContext = None): """ NT_RTL_COMPRESS_API NTSTATUS RtlGetCompressionWorkSpaceSize( USHORT CompressionFormatAndEngine, @@ -2241,7 +2241,7 @@ def RtlGetCompressionWorkSpaceSize(self, emu, argv, ctx: dict[str, str] | None = return ddk.STATUS_SUCCESS @apihook("RtlDecompressBuffer", argc=6) - def RtlDecompressBuffer(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlDecompressBuffer(self, emu, argv, ctx: api.ApiContext = None): """ NT_RTL_COMPRESS_API NTSTATUS RtlDecompressBuffer( USHORT CompressionFormat, @@ -2279,7 +2279,7 @@ def RtlDecompressBuffer(self, emu, argv, ctx: dict[str, str] | None = None): return nts @apihook("FsRtlAllocatePool", argc=2) - def FsRtlAllocatePool(self, emu, argv, ctx: dict[str, str] | None = None): + def FsRtlAllocatePool(self, emu, argv, ctx: api.ApiContext = None): """ void FsRtlAllocatePool( PoolType, @@ -2292,7 +2292,7 @@ def FsRtlAllocatePool(self, emu, argv, ctx: dict[str, str] | None = None): return chunk @apihook("IofCallDriver", argc=2, conv=_arch.CALL_CONV_FASTCALL) - def IofCallDriver(self, emu, argv, ctx: dict[str, str] | None = None): + def IofCallDriver(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS IofCallDriver( PDEVICE_OBJECT DeviceObject, @@ -2312,7 +2312,7 @@ def IofCallDriver(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("IoSetCompletionRoutineEx", argc=7) - def IoSetCompletionRoutineEx(self, emu, argv, ctx: dict[str, str] | None = None): + def IoSetCompletionRoutineEx(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS IoSetCompletionRoutineEx( PDEVICE_OBJECT DeviceObject, @@ -2331,7 +2331,7 @@ def IoSetCompletionRoutineEx(self, emu, argv, ctx: dict[str, str] | None = None) return rv @apihook("ExQueueWorkItem", argc=2) - def ExQueueWorkItem(self, emu, argv, ctx: dict[str, str] | None = None): + def ExQueueWorkItem(self, emu, argv, ctx: api.ApiContext = None): """ DECLSPEC_DEPRECATED_DDK NTKERNELAPI VOID ExQueueWorkItem( __drv_aliasesMem PWORK_QUEUE_ITEM WorkItem, @@ -2344,7 +2344,7 @@ def ExQueueWorkItem(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("ZwDeviceIoControlFile", argc=10) - def ZwDeviceIoControlFile(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwDeviceIoControlFile(self, emu, argv, ctx: api.ApiContext = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS NtDeviceIoControlFile( HANDLE FileHandle, @@ -2381,7 +2381,7 @@ def ZwDeviceIoControlFile(self, emu, argv, ctx: dict[str, str] | None = None): return nts @apihook("_snwprintf", argc=_arch.VAR_ARGS, conv=_arch.CALL_CONV_CDECL) - def _snwprintf(self, emu, argv, ctx: dict[str, str] | None = None): + def _snwprintf(self, emu, argv, ctx: api.ApiContext = None): """ int _snwprintf( wchar_t *buffer, @@ -2411,7 +2411,7 @@ def _snwprintf(self, emu, argv, ctx: dict[str, str] | None = None): return len(fin) @apihook("ObReferenceObjectByHandle", argc=6) - def ObReferenceObjectByHandle(self, emu, argv, ctx: dict[str, str] | None = None): + def ObReferenceObjectByHandle(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS ObReferenceObjectByHandle( HANDLE Handle, @@ -2437,7 +2437,7 @@ def ObReferenceObjectByHandle(self, emu, argv, ctx: dict[str, str] | None = None return nts @apihook("ObGetFilterVersion", argc=0) - def ObGetFilterVersion(self, emu, argv, ctx: dict[str, str] | None = None): + def ObGetFilterVersion(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI USHORT @@ -2449,7 +2449,7 @@ def ObGetFilterVersion(self, emu, argv, ctx: dict[str, str] | None = None): return 256 @apihook("ObRegisterCallbacks", argc=2) - def ObRegisterCallbacks(self, emu, argv, ctx: dict[str, str] | None = None): + def ObRegisterCallbacks(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS @@ -2465,7 +2465,7 @@ def ObRegisterCallbacks(self, emu, argv, ctx: dict[str, str] | None = None): return nts @apihook("ZwDeleteKey", argc=1) - def ZwDeleteKey(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwDeleteKey(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI NTSTATUS ZwDeleteKey( HANDLE KeyHandle @@ -2478,7 +2478,7 @@ def ZwDeleteKey(self, emu, argv, ctx: dict[str, str] | None = None): return nts @apihook("ZwQueryInformationProcess", argc=5) - def ZwQueryInformationProcess(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwQueryInformationProcess(self, emu, argv, ctx: api.ApiContext = None): """ __kernel_entry NTSTATUS ZwQueryInformationProcess( IN HANDLE ProcessHandle, @@ -2520,7 +2520,7 @@ def ZwQueryInformationProcess(self, emu, argv, ctx: dict[str, str] | None = None return nts @apihook("IoGetCurrentProcess", argc=0) - def IoGetCurrentProcess(self, emu, argv, ctx: dict[str, str] | None = None): + def IoGetCurrentProcess(self, emu, argv, ctx: api.ApiContext = None): """NTKERNELAPI PEPROCESS IoGetCurrentProcess();""" ctx = ctx or {} @@ -2528,7 +2528,7 @@ def IoGetCurrentProcess(self, emu, argv, ctx: dict[str, str] | None = None): return p.address @apihook("NtSetInformationThread", argc=4) - def NtSetInformationThread(self, emu, argv, ctx: dict[str, str] | None = None): + def NtSetInformationThread(self, emu, argv, ctx: api.ApiContext = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS NtSetInformationThread( HANDLE ThreadHandle, @@ -2543,7 +2543,7 @@ def NtSetInformationThread(self, emu, argv, ctx: dict[str, str] | None = None): return nts @apihook("wcsnlen", argc=2) - def wcsnlen(self, emu, argv, ctx: dict[str, str] | None = None): + def wcsnlen(self, emu, argv, ctx: api.ApiContext = None): """s ize_t wcsnlen( const wchar_t *str, @@ -2560,7 +2560,7 @@ def wcsnlen(self, emu, argv, ctx: dict[str, str] | None = None): return len(ws) @apihook("IoRegisterShutdownNotification", argc=1) - def IoRegisterShutdownNotification(self, emu, argv, ctx: dict[str, str] | None = None): + def IoRegisterShutdownNotification(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS IoRegisterShutdownNotification( PDEVICE_OBJECT DeviceObject @@ -2573,7 +2573,7 @@ def IoRegisterShutdownNotification(self, emu, argv, ctx: dict[str, str] | None = return rv @apihook("IoUnregisterShutdownNotification", argc=1) - def IoUnregisterShutdownNotification(self, emu, argv, ctx: dict[str, str] | None = None): + def IoUnregisterShutdownNotification(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS IoRegisterShutdownNotification( PDEVICE_OBJECT DeviceObject @@ -2584,7 +2584,7 @@ def IoUnregisterShutdownNotification(self, emu, argv, ctx: dict[str, str] | None return ddk.STATUS_SUCCESS @apihook("KeAcquireSpinLockRaiseToDpc", argc=1) - def KeAcquireSpinLockRaiseToDpc(self, emu, argv, ctx: dict[str, str] | None = None): + def KeAcquireSpinLockRaiseToDpc(self, emu, argv, ctx: api.ApiContext = None): """ KIRQL KeAcquireSpinLockRaiseToDpc( _Inout_ PKSPIN_LOCK SpinLock @@ -2597,7 +2597,7 @@ def KeAcquireSpinLockRaiseToDpc(self, emu, argv, ctx: dict[str, str] | None = No return irql @apihook("MmUnlockPages", argc=1) - def MmUnlockPages(self, emu, argv, ctx: dict[str, str] | None = None): + def MmUnlockPages(self, emu, argv, ctx: api.ApiContext = None): """ void MmUnlockPages( PMDL MemoryDescriptorList @@ -2608,7 +2608,7 @@ def MmUnlockPages(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("IoFreeMdl", argc=1) - def IoFreeMdl(self, emu, argv, ctx: dict[str, str] | None = None): + def IoFreeMdl(self, emu, argv, ctx: api.ApiContext = None): """ void IoFreeMdl( PMDL Mdl @@ -2619,7 +2619,7 @@ def IoFreeMdl(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("KeCancelTimer", argc=1) - def KeCancelTimer(self, emu, argv, ctx: dict[str, str] | None = None): + def KeCancelTimer(self, emu, argv, ctx: api.ApiContext = None): """ BOOLEAN KeCancelTimer( PKTIMER Arg1 @@ -2630,7 +2630,7 @@ def KeCancelTimer(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("PsGetVersion", argc=4) - def PsGetVersion(self, emu, argv, ctx: dict[str, str] | None = None): + def PsGetVersion(self, emu, argv, ctx: api.ApiContext = None): """ BOOLEAN PsGetVersion( PULONG MajorVersion, @@ -2657,7 +2657,7 @@ def PsGetVersion(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("PsSetCreateProcessNotifyRoutineEx", argc=2) - def PsSetCreateProcessNotifyRoutineEx(self, emu, argv, ctx: dict[str, str] | None = None): + def PsSetCreateProcessNotifyRoutineEx(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS @@ -2673,7 +2673,7 @@ def PsSetCreateProcessNotifyRoutineEx(self, emu, argv, ctx: dict[str, str] | Non return rv @apihook("PsSetLoadImageNotifyRoutine", argc=1) - def PsSetLoadImageNotifyRoutine(self, emu, argv, ctx: dict[str, str] | None = None): + def PsSetLoadImageNotifyRoutine(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS @@ -2688,7 +2688,7 @@ def PsSetLoadImageNotifyRoutine(self, emu, argv, ctx: dict[str, str] | None = No return rv @apihook("PsRemoveLoadImageNotifyRoutine", argc=1) - def PsRemoveLoadImageNotifyRoutine(self, emu, argv, ctx: dict[str, str] | None = None): + def PsRemoveLoadImageNotifyRoutine(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS @@ -2703,7 +2703,7 @@ def PsRemoveLoadImageNotifyRoutine(self, emu, argv, ctx: dict[str, str] | None = return rv @apihook("PsSetCreateThreadNotifyRoutine", argc=1) - def PsSetCreateThreadNotifyRoutine(self, emu, argv, ctx: dict[str, str] | None = None): + def PsSetCreateThreadNotifyRoutine(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS @@ -2718,7 +2718,7 @@ def PsSetCreateThreadNotifyRoutine(self, emu, argv, ctx: dict[str, str] | None = return rv @apihook("PsRemoveCreateThreadNotifyRoutine", argc=1) - def PsRemoveCreateThreadNotifyRoutine(self, emu, argv, ctx: dict[str, str] | None = None): + def PsRemoveCreateThreadNotifyRoutine(self, emu, argv, ctx: api.ApiContext = None): """ NTKERNELAPI NTSTATUS @@ -2733,7 +2733,7 @@ def PsRemoveCreateThreadNotifyRoutine(self, emu, argv, ctx: dict[str, str] | Non return rv @apihook("mbstowcs", argc=3) - def mbstowcs(self, emu, argv, ctx: dict[str, str] | None = None): + def mbstowcs(self, emu, argv, ctx: api.ApiContext = None): """ size_t mbstowcs( wchar_t *wcstr, @@ -2758,7 +2758,7 @@ def mbstowcs(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("ZwOpenKey", argc=3) - def ZwOpenKey(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwOpenKey(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI NTSTATUS ZwOpenKey( PHANDLE KeyHandle, @@ -2786,7 +2786,7 @@ def ZwOpenKey(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("ZwQueryValueKey", argc=6) - def ZwQueryValueKey(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwQueryValueKey(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI NTSTATUS ZwQueryValueKey( HANDLE KeyHandle, @@ -2838,7 +2838,7 @@ def ZwQueryValueKey(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("ZwCreateFile", argc=11) - def ZwCreateFile(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwCreateFile(self, emu, argv, ctx: api.ApiContext = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS NtCreateFile( PHANDLE FileHandle, @@ -2923,7 +2923,7 @@ def ZwCreateFile(self, emu, argv, ctx: dict[str, str] | None = None): return nts @apihook("ZwOpenFile", argc=6) - def ZwOpenFile(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwOpenFile(self, emu, argv, ctx: api.ApiContext = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS NtOpenFile( PHANDLE FileHandle, @@ -2971,7 +2971,7 @@ def ZwOpenFile(self, emu, argv, ctx: dict[str, str] | None = None): return nts @apihook("ZwQueryInformationFile", argc=5) - def ZwQueryInformationFile(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwQueryInformationFile(self, emu, argv, ctx: api.ApiContext = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS NtQueryInformationFile( HANDLE FileHandle, @@ -3002,7 +3002,7 @@ def ZwQueryInformationFile(self, emu, argv, ctx: dict[str, str] | None = None): return nts @apihook("RtlCompareMemory", argc=3) - def RtlCompareMemory(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlCompareMemory(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI SIZE_T RtlCompareMemory( const VOID *Source1, @@ -3025,7 +3025,7 @@ def RtlCompareMemory(self, emu, argv, ctx: dict[str, str] | None = None): return i @apihook("RtlQueryRegistryValuesEx", argc=5) - def RtlQueryRegistryValuesEx(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlQueryRegistryValuesEx(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI NTSTATUS RtlQueryRegistryValuesEx( ULONG RelativeTo, @@ -3055,7 +3055,7 @@ def RtlQueryRegistryValuesEx(self, emu, argv, ctx: dict[str, str] | None = None) return rv @apihook("ZwWriteFile", argc=9) - def ZwWriteFile(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwWriteFile(self, emu, argv, ctx: api.ApiContext = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS NtWriteFile( HANDLE FileHandle, @@ -3097,7 +3097,7 @@ def ZwWriteFile(self, emu, argv, ctx: dict[str, str] | None = None): return nts @apihook("ZwReadFile", argc=9) - def ZwReadFile(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwReadFile(self, emu, argv, ctx: api.ApiContext = None): """ __kernel_entry NTSYSCALLAPI NTSTATUS NtReadFile( HANDLE FileHandle, @@ -3134,7 +3134,7 @@ def ZwReadFile(self, emu, argv, ctx: dict[str, str] | None = None): return nts @apihook("MmIsDriverVerifying", argc=1) - def MmIsDriverVerifying(self, emu, argv, ctx: dict[str, str] | None = None): + def MmIsDriverVerifying(self, emu, argv, ctx: api.ApiContext = None): """ LOGICAL MmIsDriverVerifying( _DRIVER_OBJECT *DriverObject @@ -3148,7 +3148,7 @@ def MmIsDriverVerifying(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("ZwCreateSection", argc=7) - def ZwCreateSection(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwCreateSection(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI NTSTATUS ZwCreateSection( PHANDLE SectionHandle, @@ -3196,7 +3196,7 @@ def ZwCreateSection(self, emu, argv, ctx: dict[str, str] | None = None): return ddk.STATUS_SUCCESS @apihook("ZwUnmapViewOfSection", argc=2) - def ZwUnmapViewOfSection(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwUnmapViewOfSection(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI NTSTATUS ZwUnmapViewOfSection( HANDLE ProcessHandle, @@ -3208,7 +3208,7 @@ def ZwUnmapViewOfSection(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("ZwMapViewOfSection", argc=10) - def ZwMapViewOfSection(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwMapViewOfSection(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI NTSTATUS ZwMapViewOfSection( HANDLE SectionHandle, @@ -3309,7 +3309,7 @@ def ZwMapViewOfSection(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RtlAllocateHeap", argc=3) - def RtlAllocateHeap(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlAllocateHeap(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI PVOID RtlAllocateHeap( PVOID HeapHandle, @@ -3325,7 +3325,7 @@ def RtlAllocateHeap(self, emu, argv, ctx: dict[str, str] | None = None): return block @apihook("ZwGetContextThread", argc=2) - def ZwGetContextThread(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwGetContextThread(self, emu, argv, ctx: api.ApiContext = None): """ BOOL ZwGetContextThread( HANDLE hThread, @@ -3346,7 +3346,7 @@ def ZwGetContextThread(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("ZwSetContextThread", argc=2) - def ZwSetContextThread(self, emu, argv, ctx: dict[str, str] | None = None): + def ZwSetContextThread(self, emu, argv, ctx: api.ApiContext = None): """ BOOL ZwSetContextThread( HANDLE hThread, @@ -3368,7 +3368,7 @@ def ZwSetContextThread(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("RtlFreeHeap", argc=3) - def RtlFreeHeap(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlFreeHeap(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI RtlFreeHeap( PVOID HeapHandle, diff --git a/speakeasy/winenv/api/kernelmode/usbd.py b/speakeasy/winenv/api/kernelmode/usbd.py index a3b42fda..d605289a 100644 --- a/speakeasy/winenv/api/kernelmode/usbd.py +++ b/speakeasy/winenv/api/kernelmode/usbd.py @@ -26,7 +26,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("USBD_ValidateConfigurationDescriptor", argc=5) - def USBD_ValidateConfigurationDescriptor(self, emu, argv, ctx: dict[str, str] | None = None): + def USBD_ValidateConfigurationDescriptor(self, emu, argv, ctx: api.ApiContext = None): """ USBD_STATUS USBD_ValidateConfigurationDescriptor( PUSB_CONFIGURATION_DESCRIPTOR ConfigDesc, diff --git a/speakeasy/winenv/api/kernelmode/wdfldr.py b/speakeasy/winenv/api/kernelmode/wdfldr.py index 048cce9c..2d60c8eb 100644 --- a/speakeasy/winenv/api/kernelmode/wdfldr.py +++ b/speakeasy/winenv/api/kernelmode/wdfldr.py @@ -195,7 +195,7 @@ def parse_usb_config(self, data): return interfaces @apihook("WdfVersionBind", argc=4) - def WdfVersionBind(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfVersionBind(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS WdfVersionBind( @@ -229,7 +229,7 @@ def WdfVersionBind(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("WdfDriverCreate", argc=6) - def WdfDriverCreate(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfDriverCreate(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS WdfDriverCreate( PWDF_DRIVER_GLOBALS DriverGlobals, @@ -260,7 +260,7 @@ def WdfDriverCreate(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("WdfDeviceInitSetPnpPowerEventCallbacks", argc=3) - def WdfDeviceInitSetPnpPowerEventCallbacks(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfDeviceInitSetPnpPowerEventCallbacks(self, emu, argv, ctx: api.ApiContext = None): """ void WdfDeviceInitSetPnpPowerEventCallbacks( PWDFDEVICE_INIT DeviceInit, @@ -273,7 +273,7 @@ def WdfDeviceInitSetPnpPowerEventCallbacks(self, emu, argv, ctx: dict[str, str] return @apihook("WdfDeviceInitSetRequestAttributes", argc=3) - def WdfDeviceInitSetRequestAttributes(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfDeviceInitSetRequestAttributes(self, emu, argv, ctx: api.ApiContext = None): """ void WdfDeviceInitSetRequestAttributes( PWDFDEVICE_INIT DeviceInit, @@ -286,7 +286,7 @@ def WdfDeviceInitSetRequestAttributes(self, emu, argv, ctx: dict[str, str] | Non return @apihook("WdfDeviceInitSetFileObjectConfig", argc=4) - def WdfDeviceInitSetFileObjectConfig(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfDeviceInitSetFileObjectConfig(self, emu, argv, ctx: api.ApiContext = None): """ void WdfDeviceInitSetFileObjectConfig( PWDFDEVICE_INIT DeviceInit, @@ -300,7 +300,7 @@ def WdfDeviceInitSetFileObjectConfig(self, emu, argv, ctx: dict[str, str] | None return @apihook("WdfDeviceInitSetIoType", argc=3) - def WdfDeviceInitSetIoType(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfDeviceInitSetIoType(self, emu, argv, ctx: api.ApiContext = None): """ void WdfDeviceInitSetIoType( PWDFDEVICE_INIT DeviceInit, @@ -313,7 +313,7 @@ def WdfDeviceInitSetIoType(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("WdfDeviceCreate", argc=4) - def WdfDeviceCreate(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfDeviceCreate(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS WdfDeviceCreate( PWDFDEVICE_INIT *DeviceInit, @@ -343,7 +343,7 @@ def WdfDeviceCreate(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("WdfObjectGetTypedContextWorker", argc=3, conv=e_arch.CALL_CONV_FASTCALL) - def WdfObjectGetTypedContextWorker(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfObjectGetTypedContextWorker(self, emu, argv, ctx: api.ApiContext = None): """ PVOID WdfObjectGetTypedContextWorker( WDFOBJECT Handle, @@ -363,7 +363,7 @@ def WdfObjectGetTypedContextWorker(self, emu, argv, ctx: dict[str, str] | None = return rv @apihook("WdfDriverOpenParametersRegistryKey", argc=5) - def WdfDriverOpenParametersRegistryKey(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfDriverOpenParametersRegistryKey(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS WdfDriverOpenParametersRegistryKey( WDFDRIVER Driver, @@ -388,7 +388,7 @@ def WdfDriverOpenParametersRegistryKey(self, emu, argv, ctx: dict[str, str] | No return rv @apihook("WdfRegistryQueryULong", argc=4) - def WdfRegistryQueryULong(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfRegistryQueryULong(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS WdfRegistryQueryULong( WDFKEY Key, @@ -413,7 +413,7 @@ def WdfRegistryQueryULong(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("WdfRegistryClose", argc=2) - def WdfRegistryClose(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfRegistryClose(self, emu, argv, ctx: api.ApiContext = None): """ void WdfRegistryClose( WDFKEY Key @@ -424,7 +424,7 @@ def WdfRegistryClose(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("WdfDeviceSetPnpCapabilities", argc=3) - def WdfDeviceSetPnpCapabilities(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfDeviceSetPnpCapabilities(self, emu, argv, ctx: api.ApiContext = None): """ void WdfDeviceSetPnpCapabilities( WDFDEVICE Device, @@ -436,7 +436,7 @@ def WdfDeviceSetPnpCapabilities(self, emu, argv, ctx: dict[str, str] | None = No return @apihook("WdfIoQueueReadyNotify", argc=4) - def WdfIoQueueReadyNotify(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfIoQueueReadyNotify(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS WdfIoQueueReadyNotify( WDFQUEUE Queue, @@ -451,7 +451,7 @@ def WdfIoQueueReadyNotify(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("WdfDeviceCreateDeviceInterface", argc=4) - def WdfDeviceCreateDeviceInterface(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfDeviceCreateDeviceInterface(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS WdfDeviceCreateDeviceInterface( WDFDEVICE Device, @@ -475,7 +475,7 @@ def WdfDeviceCreateDeviceInterface(self, emu, argv, ctx: dict[str, str] | None = return rv @apihook("WdfIoQueueCreate", argc=5) - def WdfIoQueueCreate(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfIoQueueCreate(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS WdfIoQueueCreate( WDFDEVICE Device, @@ -501,7 +501,7 @@ def WdfIoQueueCreate(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("WdfDeviceWdmGetAttachedDevice", argc=2) - def WdfDeviceWdmGetAttachedDevice(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfDeviceWdmGetAttachedDevice(self, emu, argv, ctx: api.ApiContext = None): """ PDEVICE_OBJECT WdfDeviceWdmGetAttachedDevice( WDFDEVICE Device @@ -518,7 +518,7 @@ def WdfDeviceWdmGetAttachedDevice(self, emu, argv, ctx: dict[str, str] | None = return rv @apihook("WdfUsbTargetDeviceCreateWithParameters", argc=5) - def WdfUsbTargetDeviceCreateWithParameters(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfUsbTargetDeviceCreateWithParameters(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS WdfUsbTargetDeviceCreateWithParameters( WDFDEVICE Device, @@ -540,7 +540,7 @@ def WdfUsbTargetDeviceCreateWithParameters(self, emu, argv, ctx: dict[str, str] return rv @apihook("WdfDeviceWdmGetDeviceObject", argc=2) - def WdfDeviceWdmGetDeviceObject(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfDeviceWdmGetDeviceObject(self, emu, argv, ctx: api.ApiContext = None): """ PDEVICE_OBJECT WdfDeviceWdmGetDeviceObject( WDFDEVICE Device @@ -556,7 +556,7 @@ def WdfDeviceWdmGetDeviceObject(self, emu, argv, ctx: dict[str, str] | None = No return rv @apihook("WdfUsbTargetDeviceGetDeviceDescriptor", argc=3) - def WdfUsbTargetDeviceGetDeviceDescriptor(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfUsbTargetDeviceGetDeviceDescriptor(self, emu, argv, ctx: api.ApiContext = None): """ void WdfUsbTargetDeviceGetDeviceDescriptor( WDFUSBDEVICE UsbDevice, @@ -573,7 +573,7 @@ def WdfUsbTargetDeviceGetDeviceDescriptor(self, emu, argv, ctx: dict[str, str] | return @apihook("WdfMemoryCreate", argc=7) - def WdfMemoryCreate(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfMemoryCreate(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS WdfMemoryCreate( PWDF_OBJECT_ATTRIBUTES Attributes, @@ -599,7 +599,7 @@ def WdfMemoryCreate(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("WdfUsbTargetDeviceSelectConfig", argc=4) - def WdfUsbTargetDeviceSelectConfig(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfUsbTargetDeviceSelectConfig(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS WdfUsbTargetDeviceSelectConfig( WDFUSBDEVICE UsbDevice, @@ -635,7 +635,7 @@ def WdfUsbTargetDeviceSelectConfig(self, emu, argv, ctx: dict[str, str] | None = return rv @apihook("WdfUsbTargetDeviceRetrieveConfigDescriptor", argc=4) - def WdfUsbTargetDeviceRetrieveConfigDescriptor(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfUsbTargetDeviceRetrieveConfigDescriptor(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS WdfUsbTargetDeviceRetrieveConfigDescriptor( WDFUSBDEVICE UsbDevice, @@ -669,7 +669,7 @@ def WdfUsbTargetDeviceRetrieveConfigDescriptor(self, emu, argv, ctx: dict[str, s return rv @apihook("WdfUsbInterfaceSelectSetting", argc=4) - def WdfUsbInterfaceSelectSetting(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfUsbInterfaceSelectSetting(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS WdfUsbInterfaceSelectSetting( WDFUSBINTERFACE UsbInterface, @@ -694,7 +694,7 @@ def WdfUsbInterfaceSelectSetting(self, emu, argv, ctx: dict[str, str] | None = N return rv @apihook("WdfUsbTargetDeviceGetNumInterfaces", argc=2) - def WdfUsbTargetDeviceGetNumInterfaces(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfUsbTargetDeviceGetNumInterfaces(self, emu, argv, ctx: api.ApiContext = None): """ UCHAR WdfUsbTargetDeviceGetNumInterfaces( WDFUSBDEVICE UsbDevice @@ -711,7 +711,7 @@ def WdfUsbTargetDeviceGetNumInterfaces(self, emu, argv, ctx: dict[str, str] | No return rv @apihook("WdfUsbInterfaceGetNumConfiguredPipes", argc=2) - def WdfUsbInterfaceGetNumConfiguredPipes(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfUsbInterfaceGetNumConfiguredPipes(self, emu, argv, ctx: api.ApiContext = None): """ BYTE WdfUsbInterfaceGetNumConfiguredPipes( WDFUSBINTERFACE UsbInterface @@ -733,7 +733,7 @@ def WdfUsbInterfaceGetNumConfiguredPipes(self, emu, argv, ctx: dict[str, str] | return rv @apihook("WdfUsbInterfaceGetNumSettings", argc=2) - def WdfUsbInterfaceGetNumSettings(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfUsbInterfaceGetNumSettings(self, emu, argv, ctx: api.ApiContext = None): """ BYTE WdfUsbInterfaceGetNumSettings( WDFUSBINTERFACE UsbInterface @@ -754,7 +754,7 @@ def WdfUsbInterfaceGetNumSettings(self, emu, argv, ctx: dict[str, str] | None = return rv @apihook("WdfUsbTargetDeviceRetrieveInformation", argc=3) - def WdfUsbTargetDeviceRetrieveInformation(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfUsbTargetDeviceRetrieveInformation(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS WdfUsbTargetDeviceRetrieveInformation( WDFUSBDEVICE UsbDevice, @@ -777,7 +777,7 @@ def WdfUsbTargetDeviceRetrieveInformation(self, emu, argv, ctx: dict[str, str] | return rv @apihook("WdfUsbInterfaceGetConfiguredPipe", argc=4) - def WdfUsbInterfaceGetConfiguredPipe(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfUsbInterfaceGetConfiguredPipe(self, emu, argv, ctx: api.ApiContext = None): """ WDFUSBPIPE WdfUsbInterfaceGetConfiguredPipe( WDFUSBINTERFACE UsbInterface, @@ -824,7 +824,7 @@ def WdfUsbInterfaceGetConfiguredPipe(self, emu, argv, ctx: dict[str, str] | None return rv @apihook("WdfUsbTargetPipeGetInformation", argc=3) - def WdfUsbTargetPipeGetInformation(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfUsbTargetPipeGetInformation(self, emu, argv, ctx: api.ApiContext = None): """ void WdfUsbTargetPipeGetInformation( WDFUSBPIPE Pipe, @@ -864,7 +864,7 @@ def WdfUsbTargetPipeGetInformation(self, emu, argv, ctx: dict[str, str] | None = return @apihook("WdfUsbInterfaceGetInterfaceNumber", argc=2) - def WdfUsbInterfaceGetInterfaceNumber(self, emu, argv, ctx: dict[str, str] | None = None): + def WdfUsbInterfaceGetInterfaceNumber(self, emu, argv, ctx: api.ApiContext = None): """ BYTE WdfUsbInterfaceGetInterfaceNumber( WDFUSBINTERFACE UsbInterface diff --git a/speakeasy/winenv/api/usermode/advapi32.py b/speakeasy/winenv/api/usermode/advapi32.py index 7dfddd38..eec9b824 100644 --- a/speakeasy/winenv/api/usermode/advapi32.py +++ b/speakeasy/winenv/api/usermode/advapi32.py @@ -48,7 +48,7 @@ def get_handle(self): return self.curr_handle @apihook("RegOpenKey", argc=3, conv=_arch.CALL_CONV_STDCALL) - def RegOpenKey(self, emu, argv, ctx: dict[str, str] | None = None): + def RegOpenKey(self, emu, argv, ctx: api.ApiContext = None): """ LSTATUS RegOpenKeyA( HKEY hKey, @@ -95,7 +95,7 @@ def RegOpenKey(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RegOpenKeyEx", argc=5, conv=_arch.CALL_CONV_STDCALL) - def RegOpenKeyEx(self, emu, argv, ctx: dict[str, str] | None = None): + def RegOpenKeyEx(self, emu, argv, ctx: api.ApiContext = None): """ LSTATUS RegOpenKeyEx( HKEY hKey, @@ -140,7 +140,7 @@ def RegOpenKeyEx(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RegQueryValueEx", argc=6, conv=_arch.CALL_CONV_STDCALL) - def RegQueryValueEx(self, emu, argv, ctx: dict[str, str] | None = None): + def RegQueryValueEx(self, emu, argv, ctx: api.ApiContext = None): """ LSTATUS RegQueryValueEx( HKEY hKey, @@ -218,7 +218,7 @@ def RegQueryValueEx(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RegSetValueEx", argc=6, conv=_arch.CALL_CONV_STDCALL) - def RegSetValueEx(self, emu, argv, ctx: dict[str, str] | None = None): + def RegSetValueEx(self, emu, argv, ctx: api.ApiContext = None): """ LSTATUS RegSetValueEx( HKEY hKey, @@ -277,7 +277,7 @@ def RegSetValueEx(self, emu, argv, ctx: dict[str, str] | None = None): return windefs.ERROR_SUCCESS @apihook("RegCloseKey", argc=1, conv=_arch.CALL_CONV_STDCALL) - def RegCloseKey(self, emu, argv, ctx: dict[str, str] | None = None): + def RegCloseKey(self, emu, argv, ctx: api.ApiContext = None): """ LSTATUS RegCloseKey( HKEY hKey @@ -295,7 +295,7 @@ def RegCloseKey(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RegEnumKey", argc=4, conv=_arch.CALL_CONV_STDCALL) - def RegEnumKey(self, emu, argv, ctx: dict[str, str] | None = None): + def RegEnumKey(self, emu, argv, ctx: api.ApiContext = None): """ LSTATUS RegEnumKey( HKEY hKey, @@ -315,7 +315,7 @@ def RegEnumKey(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RegEnumKeyEx", argc=8, conv=_arch.CALL_CONV_STDCALL) - def RegEnumKeyEx(self, emu, argv, ctx: dict[str, str] | None = None): + def RegEnumKeyEx(self, emu, argv, ctx: api.ApiContext = None): """ LSTATUS RegEnumKeyEx( HKEY hKey, @@ -357,7 +357,7 @@ def RegEnumKeyEx(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RegCreateKey", argc=3) - def RegCreateKey(self, emu, argv, ctx: dict[str, str] | None = None): + def RegCreateKey(self, emu, argv, ctx: api.ApiContext = None): """ LSTATUS RegCreateKey( HKEY hKey, @@ -388,7 +388,7 @@ def RegCreateKey(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RegCreateKeyEx", argc=9, conv=_arch.CALL_CONV_STDCALL) - def RegCreateKeyEx(self, emu, argv, ctx: dict[str, str] | None = None): + def RegCreateKeyEx(self, emu, argv, ctx: api.ApiContext = None): """ LSTATUS RegCreateKeyExA( HKEY hKey, @@ -441,7 +441,7 @@ def RegCreateKeyEx(self, emu, argv, ctx: dict[str, str] | None = None): return windefs.ERROR_SUCCESS @apihook("RegDeleteValue", argc=2, conv=_arch.CALL_CONV_STDCALL) - def RegDeleteValue(self, emu, argv, ctx: dict[str, str] | None = None): + def RegDeleteValue(self, emu, argv, ctx: api.ApiContext = None): """ LSTATUS RegDeleteValueA( HKEY hKey, @@ -469,7 +469,7 @@ def RegDeleteValue(self, emu, argv, ctx: dict[str, str] | None = None): return windefs.ERROR_SUCCESS @apihook("RegQueryInfoKey", argc=12, conv=_arch.CALL_CONV_STDCALL) - def RegQueryInfoKey(self, emu, argv, ctx: dict[str, str] | None = None): + def RegQueryInfoKey(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} # TODO: stub """ @@ -517,7 +517,7 @@ def RegQueryInfoKey(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("OpenProcessToken", argc=3, conv=_arch.CALL_CONV_STDCALL) - def OpenProcessToken(self, emu, argv, ctx: dict[str, str] | None = None): + def OpenProcessToken(self, emu, argv, ctx: api.ApiContext = None): """ BOOL OpenProcessToken( HANDLE ProcessHandle, @@ -550,7 +550,7 @@ def OpenProcessToken(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("OpenThreadToken", argc=4, conv=_arch.CALL_CONV_STDCALL) - def OpenThreadToken(self, emu, argv, ctx: dict[str, str] | None = None): + def OpenThreadToken(self, emu, argv, ctx: api.ApiContext = None): """ BOOL OpenThreadToken( HANDLE ThreadHandle, @@ -584,7 +584,7 @@ def OpenThreadToken(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("DuplicateTokenEx", argc=6, conv=_arch.CALL_CONV_STDCALL) - def DuplicateTokenEx(self, emu, argv, ctx: dict[str, str] | None = None): + def DuplicateTokenEx(self, emu, argv, ctx: api.ApiContext = None): """ BOOL DuplicateTokenEx( HANDLE hExistingToken, @@ -617,7 +617,7 @@ def DuplicateTokenEx(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("SetTokenInformation", argc=4, conv=_arch.CALL_CONV_STDCALL) - def SetTokenInformation(self, emu, argv, ctx: dict[str, str] | None = None): + def SetTokenInformation(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetTokenInformation( HANDLE TokenHandle, @@ -635,7 +635,7 @@ def SetTokenInformation(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("StartServiceCtrlDispatcher", argc=1) - def StartServiceCtrlDispatcher(self, emu, argv, ctx: dict[str, str] | None = None): + def StartServiceCtrlDispatcher(self, emu, argv, ctx: api.ApiContext = None): """ BOOL StartServiceCtrlDispatcher( const SERVICE_TABLE_ENTRY *lpServiceStartTable @@ -682,7 +682,7 @@ def StartServiceCtrlDispatcher(self, emu, argv, ctx: dict[str, str] | None = Non return rv @apihook("RegisterServiceCtrlHandler", argc=2) - def RegisterServiceCtrlHandler(self, emu, argv, ctx: dict[str, str] | None = None): + def RegisterServiceCtrlHandler(self, emu, argv, ctx: api.ApiContext = None): """ SERVICE_STATUS_HANDLE RegisterServiceCtrlHandlerA( LPCSTR lpServiceName, @@ -701,7 +701,7 @@ def RegisterServiceCtrlHandler(self, emu, argv, ctx: dict[str, str] | None = Non return self.service_status_handle @apihook("RegisterServiceCtrlHandlerEx", argc=3) - def RegisterServiceCtrlHandlerEx(self, emu, argv, ctx: dict[str, str] | None = None): + def RegisterServiceCtrlHandlerEx(self, emu, argv, ctx: api.ApiContext = None): """ SERVICE_STATUS_HANDLE RegisterServiceCtrlHandlerExA( LPCSTR lpServiceName, @@ -715,7 +715,7 @@ def RegisterServiceCtrlHandlerEx(self, emu, argv, ctx: dict[str, str] | None = N return self.RegisterServiceCtrlHandler(self, emu, [lpServiceName, lpHandlerProc], ctx) @apihook("SetServiceStatus", argc=2) - def SetServiceStatus(self, emu, argv, ctx: dict[str, str] | None = None): + def SetServiceStatus(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetServiceStatus( SERVICE_STATUS_HANDLE hServiceStatus, @@ -731,7 +731,7 @@ def SetServiceStatus(self, emu, argv, ctx: dict[str, str] | None = None): return 0x1 @apihook("RevertToSelf", argc=0) - def RevertToSelf(self, emu, argv, ctx: dict[str, str] | None = None): + def RevertToSelf(self, emu, argv, ctx: api.ApiContext = None): """ BOOL RevertToSelf(); """ @@ -739,7 +739,7 @@ def RevertToSelf(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("ImpersonateLoggedOnUser", argc=1) - def ImpersonateLoggedOnUser(self, emu, argv, ctx: dict[str, str] | None = None): + def ImpersonateLoggedOnUser(self, emu, argv, ctx: api.ApiContext = None): """ BOOL ImpersonateLoggedOnUser( HANDLE hToken @@ -749,7 +749,7 @@ def ImpersonateLoggedOnUser(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("OpenSCManager", argc=3) - def OpenSCManager(self, emu, argv, ctx: dict[str, str] | None = None): + def OpenSCManager(self, emu, argv, ctx: api.ApiContext = None): """ SC_HANDLE OpenSCManager( LPCSTR lpMachineName, @@ -766,7 +766,7 @@ def OpenSCManager(self, emu, argv, ctx: dict[str, str] | None = None): return hScm @apihook("CreateService", argc=13) - def CreateService(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateService(self, emu, argv, ctx: api.ApiContext = None): """ SC_HANDLE CreateServiceA( SC_HANDLE hSCManager, @@ -819,7 +819,7 @@ def CreateService(self, emu, argv, ctx: dict[str, str] | None = None): return hSvc @apihook("StartService", argc=3) - def StartService(self, emu, argv, ctx: dict[str, str] | None = None): + def StartService(self, emu, argv, ctx: api.ApiContext = None): """ BOOL StartService( SC_HANDLE hService, @@ -837,12 +837,12 @@ def StartService(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("StartServiceA", argc=3) - def StartServiceA(self, emu, argv, ctx: dict[str, str] | None = None): + def StartServiceA(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return self.StartService(emu, argv, ctx) @apihook("ControlService", argc=3) - def ControlService(self, emu, argv, ctx: dict[str, str] | None = None): + def ControlService(self, emu, argv, ctx: api.ApiContext = None): """ BOOL ControlService( [in] SC_HANDLE hService, @@ -860,7 +860,7 @@ def ControlService(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("QueryServiceStatus", argc=2) - def QueryServiceStatus(self, emu, argv, ctx: dict[str, str] | None = None): + def QueryServiceStatus(self, emu, argv, ctx: api.ApiContext = None): """ BOOL QueryServiceStatus( SC_HANDLE hService, @@ -892,7 +892,7 @@ def QueryServiceStatus(self, emu, argv, ctx: dict[str, str] | None = None): @apihook("QueryServiceConfig", argc=4) @apihook("QueryServiceConfigA", argc=4) @apihook("QueryServiceConfigW", argc=4) - def QueryServiceConfig(self, emu, argv, ctx: dict[str, str] | None = None): + def QueryServiceConfig(self, emu, argv, ctx: api.ApiContext = None): """ BOOL QueryServiceConfigA( SC_HANDLE hService, @@ -934,7 +934,7 @@ def QueryServiceConfig(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("CloseServiceHandle", argc=1) - def CloseServiceHandle(self, emu, argv, ctx: dict[str, str] | None = None): + def CloseServiceHandle(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CloseServiceHandle( SC_HANDLE hSCObject @@ -952,7 +952,7 @@ def CloseServiceHandle(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("ChangeServiceConfig", argc=11) - def ChangeServiceConfig(self, emu, argv, ctx: dict[str, str] | None = None): + def ChangeServiceConfig(self, emu, argv, ctx: api.ApiContext = None): """ BOOL ChangeServiceConfigA( SC_HANDLE hService, @@ -1002,7 +1002,7 @@ def ChangeServiceConfig(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("ChangeServiceConfig2", argc=3) - def ChangeServiceConfig2(self, emu, argv, ctx: dict[str, str] | None = None): + def ChangeServiceConfig2(self, emu, argv, ctx: api.ApiContext = None): """ BOOL ChangeServiceConfig2( SC_HANDLE hService, @@ -1020,7 +1020,7 @@ def ChangeServiceConfig2(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("SystemFunction036", argc=2) - def RtlGenRandom(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlGenRandom(self, emu, argv, ctx: api.ApiContext = None): """ BOOLEAN RtlGenRandom( PVOID RandomBuffer, @@ -1039,7 +1039,7 @@ def RtlGenRandom(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CryptAcquireContext", argc=5) - def CryptAcquireContext(self, emu, argv, ctx: dict[str, str] | None = None): + def CryptAcquireContext(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CryptAcquireContext( HCRYPTPROV *phProv, @@ -1073,7 +1073,7 @@ def CryptAcquireContext(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CryptGenRandom", argc=3) - def CryptGenRandom(self, emu, argv, ctx: dict[str, str] | None = None): + def CryptGenRandom(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CryptGenRandom( HCRYPTPROV hProv, @@ -1093,7 +1093,7 @@ def CryptGenRandom(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("AllocateAndInitializeSid", argc=11) - def AllocateAndInitializeSid(self, emu, argv, ctx: dict[str, str] | None = None): + def AllocateAndInitializeSid(self, emu, argv, ctx: api.ApiContext = None): """ BOOL AllocateAndInitializeSid( PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, @@ -1121,7 +1121,7 @@ def AllocateAndInitializeSid(self, emu, argv, ctx: dict[str, str] | None = None) return rv @apihook("CheckTokenMembership", argc=3) - def CheckTokenMembership(self, emu, argv, ctx: dict[str, str] | None = None): + def CheckTokenMembership(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CheckTokenMembership( HANDLE TokenHandle, @@ -1139,7 +1139,7 @@ def CheckTokenMembership(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("FreeSid", argc=1) - def FreeSid(self, emu, argv, ctx: dict[str, str] | None = None): + def FreeSid(self, emu, argv, ctx: api.ApiContext = None): """ PVOID FreeSid( PSID pSid @@ -1155,7 +1155,7 @@ def FreeSid(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CryptReleaseContext", argc=2) - def CryptReleaseContext(self, emu, argv, ctx: dict[str, str] | None = None): + def CryptReleaseContext(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CryptReleaseContext( HCRYPTPROV hProv, @@ -1172,7 +1172,7 @@ def CryptReleaseContext(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetCurrentHwProfile", argc=1) - def GetCurrentHwProfile(self, emu, argv, ctx: dict[str, str] | None = None): + def GetCurrentHwProfile(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetCurrentHwProfileA( LPHW_PROFILE_INFOA lpHwProfileInfo @@ -1206,7 +1206,7 @@ def GetCurrentHwProfile(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetUserName", argc=2) - def GetUserName(self, emu, argv, ctx: dict[str, str] | None = None): + def GetUserName(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetUserName( LPSTR lpBuffer, @@ -1234,7 +1234,7 @@ def GetUserName(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("LookupPrivilegeValue", argc=3) - def LookupPrivilegeValue(self, emu, argv, ctx: dict[str, str] | None = None): + def LookupPrivilegeValue(self, emu, argv, ctx: api.ApiContext = None): """ BOOL LookupPrivilegeValue( LPCSTR lpSystemName, @@ -1258,7 +1258,7 @@ def LookupPrivilegeValue(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("AdjustTokenPrivileges", argc=6) - def AdjustTokenPrivileges(self, emu, argv, ctx: dict[str, str] | None = None): + def AdjustTokenPrivileges(self, emu, argv, ctx: api.ApiContext = None): """ BOOL AdjustTokenPrivileges( HANDLE TokenHandle, @@ -1275,7 +1275,7 @@ def AdjustTokenPrivileges(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetTokenInformation", argc=5) - def GetTokenInformation(self, emu, argv, ctx: dict[str, str] | None = None): + def GetTokenInformation(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetTokenInformation( HANDLE TokenHandle, @@ -1301,7 +1301,7 @@ def GetTokenInformation(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("EqualSid", argc=2) - def EqualSid(self, emu, argv, ctx: dict[str, str] | None = None): + def EqualSid(self, emu, argv, ctx: api.ApiContext = None): """ BOOL EqualSid( PSID pSid1, @@ -1321,7 +1321,7 @@ def EqualSid(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetSidIdentifierAuthority", argc=1) - def GetSidIdentifierAuthority(self, emu, argv, ctx: dict[str, str] | None = None): + def GetSidIdentifierAuthority(self, emu, argv, ctx: api.ApiContext = None): """ PSID_IDENTIFIER_AUTHORITY GetSidIdentifierAuthority( [in] PSID pSid @@ -1334,7 +1334,7 @@ def GetSidIdentifierAuthority(self, emu, argv, ctx: dict[str, str] | None = None return sid + 2 @apihook("GetSidSubAuthorityCount", argc=1) - def GetSidSubAuthorityCount(self, emu, argv, ctx: dict[str, str] | None = None): + def GetSidSubAuthorityCount(self, emu, argv, ctx: api.ApiContext = None): """ PUCHAR GetSidSubAuthorityCount( PSID pSid @@ -1350,7 +1350,7 @@ def GetSidSubAuthorityCount(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetSidSubAuthority", argc=2) - def GetSidSubAuthority(self, emu, argv, ctx: dict[str, str] | None = None): + def GetSidSubAuthority(self, emu, argv, ctx: api.ApiContext = None): """ PDWORD GetSidSubAuthority( [in] PSID pSid, @@ -1364,7 +1364,7 @@ def GetSidSubAuthority(self, emu, argv, ctx: dict[str, str] | None = None): return sid + 8 + (nsub * 4) @apihook("LookupAccountName", argc=7) - def LookupAccountName(self, emu, argv, ctx: dict[str, str] | None = None): + def LookupAccountName(self, emu, argv, ctx: api.ApiContext = None): """ BOOL LookupAccountNameA( [in, optional] LPCSTR lpSystemName, @@ -1439,7 +1439,7 @@ def LookupAccountName(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("LookupAccountSid", argc=7) - def LookupAccountSid(self, emu, argv, ctx: dict[str, str] | None = None): + def LookupAccountSid(self, emu, argv, ctx: api.ApiContext = None): """ BOOL LookupAccountSid( LPCSTR lpSystemName, @@ -1477,7 +1477,7 @@ def LookupAccountSid(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CreateProcessAsUser", argc=11, conv=_arch.CALL_CONV_STDCALL) - def CreateProcessAsUser(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateProcessAsUser(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CreateProcessAsUser( HANDLE hToken, @@ -1529,7 +1529,7 @@ def CreateProcessAsUser(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CryptCreateHash", argc=5) - def CryptCreateHash(self, emu, argv, ctx: dict[str, str] | None = None): + def CryptCreateHash(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CryptCreateHash( HCRYPTPROV hProv, @@ -1565,7 +1565,7 @@ def CryptCreateHash(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("CryptHashData", argc=4) - def CryptHashData(self, emu, argv, ctx: dict[str, str] | None = None): + def CryptHashData(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CryptHashData( HCRYPTHASH hHash, @@ -1590,7 +1590,7 @@ def CryptHashData(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("CryptGetHashParam", argc=5) - def CryptGetHashParam(self, emu, argv, ctx: dict[str, str] | None = None): + def CryptGetHashParam(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CryptGetHashParam( HCRYPTHASH hHash, @@ -1611,7 +1611,7 @@ def CryptGetHashParam(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("CryptDestroyHash", argc=1) - def CryptDestroyHash(self, emu, argv, ctx: dict[str, str] | None = None): + def CryptDestroyHash(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CryptDestroyHash( HCRYPTHASH hHash @@ -1621,7 +1621,7 @@ def CryptDestroyHash(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("CryptDeriveKey", argc=5) - def CryptDeriveKey(self, emu, argv, ctx: dict[str, str] | None = None): + def CryptDeriveKey(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CryptDeriveKey( HCRYPTPROV hProv, @@ -1667,7 +1667,7 @@ def CryptDeriveKey(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("CryptDecrypt", argc=6) - def CryptDecrypt(self, emu, argv, ctx: dict[str, str] | None = None): + def CryptDecrypt(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CryptDecrypt( HCRYPTKEY hKey, @@ -1716,7 +1716,7 @@ def CryptDecrypt(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("RegGetValue", argc=7, conv=_arch.CALL_CONV_STDCALL) - def RegGetValue(self, emu, argv, ctx: dict[str, str] | None = None): + def RegGetValue(self, emu, argv, ctx: api.ApiContext = None): """ LSTATUS RegGetValueW( HKEY hkey, @@ -1784,7 +1784,7 @@ def RegGetValue(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("EnumServicesStatus", argc=8, conv=_arch.CALL_CONV_STDCALL) - def EnumServicesStatus(self, emu, argv, ctx: dict[str, str] | None = None): + def EnumServicesStatus(self, emu, argv, ctx: api.ApiContext = None): """ BOOL EnumServicesStatusA( SC_HANDLE hSCManager, @@ -1821,7 +1821,7 @@ def EnumServicesStatus(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("OpenService", argc=3, conv=_arch.CALL_CONV_STDCALL) - def OpenService(self, emu, argv, ctx: dict[str, str] | None = None): + def OpenService(self, emu, argv, ctx: api.ApiContext = None): """ SC_HANDLE OpenServiceA( SC_HANDLE hSCManager, @@ -1837,7 +1837,7 @@ def OpenService(self, emu, argv, ctx: dict[str, str] | None = None): return self.get_handle() @apihook("DeleteService", argc=1, conv=_arch.CALL_CONV_STDCALL) - def DeleteService(self, emu, argv, ctx: dict[str, str] | None = None): + def DeleteService(self, emu, argv, ctx: api.ApiContext = None): """ BOOL DeleteService( SC_HANDLE hService diff --git a/speakeasy/winenv/api/usermode/advpack.py b/speakeasy/winenv/api/usermode/advpack.py index 285ce52a..693c7cbf 100644 --- a/speakeasy/winenv/api/usermode/advpack.py +++ b/speakeasy/winenv/api/usermode/advpack.py @@ -22,7 +22,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("IsNTAdmin", argc=2) - def IsNTAdmin(self, emu, argv, ctx: dict[str, str] | None = None): + def IsNTAdmin(self, emu, argv, ctx: api.ApiContext = None): """ bool IsNTAdmin(); """ diff --git a/speakeasy/winenv/api/usermode/bcrypt.py b/speakeasy/winenv/api/usermode/bcrypt.py index 8ffa7d1b..46efc0fa 100644 --- a/speakeasy/winenv/api/usermode/bcrypt.py +++ b/speakeasy/winenv/api/usermode/bcrypt.py @@ -26,7 +26,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("BCryptOpenAlgorithmProvider", argc=4) - def BCryptOpenAlgorithmProvider(self, emu, argv, ctx: dict[str, str] | None = None): + def BCryptOpenAlgorithmProvider(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS BCryptOpenAlgorithmProvider( BCRYPT_ALG_HANDLE *phAlgorithm, @@ -57,7 +57,7 @@ def BCryptOpenAlgorithmProvider(self, emu, argv, ctx: dict[str, str] | None = No return ntdefs.STATUS_SUCCESS @apihook("BCryptImportKeyPair", argc=7) - def BCryptImportKeyPair(self, emu, argv, ctx: dict[str, str] | None = None): + def BCryptImportKeyPair(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS BCryptImportKeyPair( BCRYPT_ALG_HANDLE hAlgorithm, @@ -90,7 +90,7 @@ def BCryptImportKeyPair(self, emu, argv, ctx: dict[str, str] | None = None): return ntdefs.STATUS_SUCCESS @apihook("BCryptCloseAlgorithmProvider", argc=2) - def BCryptCloseAlgorithmProvider(self, emu, argv, ctx: dict[str, str] | None = None): + def BCryptCloseAlgorithmProvider(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS BCryptCloseAlgorithmProvider( BCRYPT_ALG_HANDLE hAlgorithm, @@ -107,7 +107,7 @@ def BCryptCloseAlgorithmProvider(self, emu, argv, ctx: dict[str, str] | None = N return ntdefs.STATUS_SUCCESS @apihook("BCryptGetProperty", argc=6) - def BCryptGetProperty(self, emu, argv, ctx: dict[str, str] | None = None): + def BCryptGetProperty(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS BCryptGetProperty( BCRYPT_HANDLE hObject, @@ -130,7 +130,7 @@ def BCryptGetProperty(self, emu, argv, ctx: dict[str, str] | None = None): return ntdefs.STATUS_SUCCESS @apihook("BCryptDestroyKey", argc=1) - def BCryptDestroyKey(self, emu, argv, ctx: dict[str, str] | None = None): + def BCryptDestroyKey(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS BCryptDestroyKey( BCRYPT_KEY_HANDLE hKey diff --git a/speakeasy/winenv/api/usermode/com_api.py b/speakeasy/winenv/api/usermode/com_api.py index 2c08bf7e..423db4f8 100644 --- a/speakeasy/winenv/api/usermode/com_api.py +++ b/speakeasy/winenv/api/usermode/com_api.py @@ -25,7 +25,7 @@ def __init__(self, emu): # First argument (self) is not reflected in method definitions; note this increases argc by 1 @apihook("IUnknown.QueryInterface", argc=3) - def IUnknown_QueryInterface(self, emu, argv, ctx: dict[str, str] | None = None): + def IUnknown_QueryInterface(self, emu, argv, ctx: api.ApiContext = None): """ HRESULT QueryInterface( REFIID riid, @@ -37,7 +37,7 @@ def IUnknown_QueryInterface(self, emu, argv, ctx: dict[str, str] | None = None): return comdefs.S_OK @apihook("IUnknown.AddRef", argc=1) - def IUnknown_AddRef(self, emu, argv, ctx: dict[str, str] | None = None): + def IUnknown_AddRef(self, emu, argv, ctx: api.ApiContext = None): """ ULONG AddRef(); """ @@ -46,7 +46,7 @@ def IUnknown_AddRef(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("IUnknown.Release", argc=1) - def IUnknown_Release(self, emu, argv, ctx: dict[str, str] | None = None): + def IUnknown_Release(self, emu, argv, ctx: api.ApiContext = None): """ ULONG Release(); """ @@ -55,7 +55,7 @@ def IUnknown_Release(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("IWbemLocator.ConnectServer", argc=9) - def IWbemLocator_ConnectServer(self, emu, argv, ctx: dict[str, str] | None = None): + def IWbemLocator_ConnectServer(self, emu, argv, ctx: api.ApiContext = None): """ HRESULT ConnectServer( const BSTR strNetworkResource, @@ -81,7 +81,7 @@ def IWbemLocator_ConnectServer(self, emu, argv, ctx: dict[str, str] | None = Non return comdefs.S_OK @apihook("IWbemServices.ExecQuery", argc=6) - def IWbemServices_ExecQuery(self, emu, argv, ctx: dict[str, str] | None = None): + def IWbemServices_ExecQuery(self, emu, argv, ctx: api.ApiContext = None): """ HRESULT ExecQuery( const BSTR strQueryLanguage, diff --git a/speakeasy/winenv/api/usermode/comctl32.py b/speakeasy/winenv/api/usermode/comctl32.py index 1015ddbc..564c4208 100644 --- a/speakeasy/winenv/api/usermode/comctl32.py +++ b/speakeasy/winenv/api/usermode/comctl32.py @@ -19,7 +19,7 @@ def __init__(self, emu): self.names = {} @apihook("InitCommonControlsEx", argc=1) - def InitCommonControlsEx(self, emu, argv, ctx: dict[str, str] | None = None): + def InitCommonControlsEx(self, emu, argv, ctx: api.ApiContext = None): """ BOOL InitCommonControlsEx( const INITCOMMONCONTROLSEX *picce @@ -32,7 +32,7 @@ def InitCommonControlsEx(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("InitCommonControls", argc=0) - def InitCommonControls(self, emu, argv, ctx: dict[str, str] | None = None): + def InitCommonControls(self, emu, argv, ctx: api.ApiContext = None): """ void InitCommonControls(); diff --git a/speakeasy/winenv/api/usermode/crypt32.py b/speakeasy/winenv/api/usermode/crypt32.py index 11553a06..53abcb0d 100644 --- a/speakeasy/winenv/api/usermode/crypt32.py +++ b/speakeasy/winenv/api/usermode/crypt32.py @@ -28,7 +28,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("CryptStringToBinary", argc=7) - def CryptStringToBinary(self, emu, argv, ctx: dict[str, str] | None = None): + def CryptStringToBinary(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CryptStringToBinaryA( LPCSTR pszString, diff --git a/speakeasy/winenv/api/usermode/dnsapi.py b/speakeasy/winenv/api/usermode/dnsapi.py index af31b594..e2dc8e27 100644 --- a/speakeasy/winenv/api/usermode/dnsapi.py +++ b/speakeasy/winenv/api/usermode/dnsapi.py @@ -44,7 +44,7 @@ def __init__(self, emu): self.names = {} @apihook("DnsQuery_", argc=6) - def DnsQuery_(self, emu, argv, ctx: dict[str, str] | None = None): + def DnsQuery_(self, emu, argv, ctx: api.ApiContext = None): """ DNS_STATUS DnsQuery_A( PCSTR pszName, diff --git a/speakeasy/winenv/api/usermode/gdi32.py b/speakeasy/winenv/api/usermode/gdi32.py index 50922f63..790c050b 100644 --- a/speakeasy/winenv/api/usermode/gdi32.py +++ b/speakeasy/winenv/api/usermode/gdi32.py @@ -28,7 +28,7 @@ def get_handle(self): return hnd @apihook("CreateBitmap", argc=5) - def CreateBitmap(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateBitmap(self, emu, argv, ctx: api.ApiContext = None): """ HBITMAP CreateBitmap( int nWidth, @@ -42,7 +42,7 @@ def CreateBitmap(self, emu, argv, ctx: dict[str, str] | None = None): return self.get_handle() @apihook("MoveToEx", argc=1) - def MoveToEx(self, emu, argv, ctx: dict[str, str] | None = None): + def MoveToEx(self, emu, argv, ctx: api.ApiContext = None): """ BOOL MoveToEx( HDC hdc, @@ -55,7 +55,7 @@ def MoveToEx(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("LineTo", argc=1) - def LineTo(self, emu, argv, ctx: dict[str, str] | None = None): + def LineTo(self, emu, argv, ctx: api.ApiContext = None): """ BOOL LineTo( HDC hdc, @@ -67,7 +67,7 @@ def LineTo(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetStockObject", argc=1) - def GetStockObject(self, emu, argv, ctx: dict[str, str] | None = None): + def GetStockObject(self, emu, argv, ctx: api.ApiContext = None): """ HGDIOBJ GetStockObject( int i @@ -77,7 +77,7 @@ def GetStockObject(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetMapMode", argc=1) - def GetMapMode(self, emu, argv, ctx: dict[str, str] | None = None): + def GetMapMode(self, emu, argv, ctx: api.ApiContext = None): """ int GetMapMode( HDC hdc @@ -87,7 +87,7 @@ def GetMapMode(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetDeviceCaps", argc=2) - def GetDeviceCaps(self, emu, argv, ctx: dict[str, str] | None = None): + def GetDeviceCaps(self, emu, argv, ctx: api.ApiContext = None): """ int GetDeviceCaps( HDC hdc, @@ -98,7 +98,7 @@ def GetDeviceCaps(self, emu, argv, ctx: dict[str, str] | None = None): return 16 @apihook("GdiSetBatchLimit", argc=1) - def GdiSetBatchLimit(self, emu, argv, ctx: dict[str, str] | None = None): + def GdiSetBatchLimit(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GdiSetBatchLimit( DWORD dw @@ -108,7 +108,7 @@ def GdiSetBatchLimit(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("MaskBlt", argc=12) - def MaskBlt(self, emu, argv, ctx: dict[str, str] | None = None): + def MaskBlt(self, emu, argv, ctx: api.ApiContext = None): """ BOOL MaskBlt( HDC hdcDest, @@ -129,7 +129,7 @@ def MaskBlt(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("BitBlt", argc=9) - def BitBlt(self, emu, argv, ctx: dict[str, str] | None = None): + def BitBlt(self, emu, argv, ctx: api.ApiContext = None): """ BOOL BitBlt( HDC hdc, @@ -146,7 +146,7 @@ def BitBlt(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("DeleteDC", argc=1) - def DeleteDC(self, emu, argv, ctx: dict[str, str] | None = None): + def DeleteDC(self, emu, argv, ctx: api.ApiContext = None): """ BOOL DeleteDC( HDC hdc @@ -156,7 +156,7 @@ def DeleteDC(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("SelectObject", argc=2) - def SelectObject(self, emu, argv, ctx: dict[str, str] | None = None): + def SelectObject(self, emu, argv, ctx: api.ApiContext = None): """ HGDIOBJ SelectObject( HDC hdc, @@ -167,7 +167,7 @@ def SelectObject(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("DeleteObject", argc=1) - def DeleteObject(self, emu, argv, ctx: dict[str, str] | None = None): + def DeleteObject(self, emu, argv, ctx: api.ApiContext = None): """ BOOL DeleteObject( HGDIOBJ ho @@ -177,7 +177,7 @@ def DeleteObject(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("CreateCompatibleBitmap", argc=3) - def CreateCompatibleBitmap(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateCompatibleBitmap(self, emu, argv, ctx: api.ApiContext = None): """ HBITMAP CreateCompatibleBitmap( HDC hdc, @@ -189,7 +189,7 @@ def CreateCompatibleBitmap(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("CreateCompatibleDC", argc=1) - def CreateCompatibleDC(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateCompatibleDC(self, emu, argv, ctx: api.ApiContext = None): """ HDC CreateCompatibleDC( HDC hdc @@ -199,7 +199,7 @@ def CreateCompatibleDC(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetDIBits", argc=7) - def GetDIBits(self, emu, argv, ctx: dict[str, str] | None = None): + def GetDIBits(self, emu, argv, ctx: api.ApiContext = None): """ int GetDIBits( HDC hdc, @@ -215,7 +215,7 @@ def GetDIBits(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("CreateDIBSection", argc=6) - def CreateDIBSection(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateDIBSection(self, emu, argv, ctx: api.ApiContext = None): """ HBITMAP CreateDIBSection( [in] HDC hdc, @@ -230,7 +230,7 @@ def CreateDIBSection(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("CreateDCA", argc=4) - def CreateDCA(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateDCA(self, emu, argv, ctx: api.ApiContext = None): """ HDC CreateDCA( LPCSTR pwszDriver, @@ -243,7 +243,7 @@ def CreateDCA(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetTextCharacterExtra", argc=1) - def GetTextCharacterExtra(self, emu, argv, ctx: dict[str, str] | None = None): + def GetTextCharacterExtra(self, emu, argv, ctx: api.ApiContext = None): """ int GetTextCharacterExtra( HDC hdc @@ -253,7 +253,7 @@ def GetTextCharacterExtra(self, emu, argv, ctx: dict[str, str] | None = None): return 0x8000000 @apihook("StretchBlt", argc=11) - def StretchBlt(self, emu, argv, ctx: dict[str, str] | None = None): + def StretchBlt(self, emu, argv, ctx: api.ApiContext = None): """ BOOL StretchBlt( HDC hdcDest, @@ -273,7 +273,7 @@ def StretchBlt(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("CreateFontIndirectA", argc=1) - def CreateFontIndirectA(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateFontIndirectA(self, emu, argv, ctx: api.ApiContext = None): """ HFONT CreateFontIndirectA( const LOGFONTA *lplf @@ -285,7 +285,7 @@ def CreateFontIndirectA(self, emu, argv, ctx: dict[str, str] | None = None): return 0x6000 @apihook("GetObjectA", argc=3) - def GetObjectA(self, emu, argv, ctx: dict[str, str] | None = None): + def GetObjectA(self, emu, argv, ctx: api.ApiContext = None): """ int GetObjectA( HANDLE h, @@ -313,7 +313,7 @@ def GetObjectA(self, emu, argv, ctx: dict[str, str] | None = None): return c @apihook("WidenPath", argc=1) - def WidenPath(self, emu, argv, ctx: dict[str, str] | None = None): + def WidenPath(self, emu, argv, ctx: api.ApiContext = None): """ BOOL WidenPath( HDC hdc diff --git a/speakeasy/winenv/api/usermode/iphlpapi.py b/speakeasy/winenv/api/usermode/iphlpapi.py index d9726de1..9bde5bf1 100644 --- a/speakeasy/winenv/api/usermode/iphlpapi.py +++ b/speakeasy/winenv/api/usermode/iphlpapi.py @@ -24,7 +24,7 @@ def __init__(self, emu): self.iphlpapi_types = iphlpapi_types @apihook("GetAdaptersInfo", argc=2) - def GetAdaptersInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def GetAdaptersInfo(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} ptr_adapter_info, size_ptr = argv rv = 0 diff --git a/speakeasy/winenv/api/usermode/kernel32.py b/speakeasy/winenv/api/usermode/kernel32.py index 30c45bac..cc6ee70a 100644 --- a/speakeasy/winenv/api/usermode/kernel32.py +++ b/speakeasy/winenv/api/usermode/kernel32.py @@ -241,7 +241,7 @@ def find_resource(self, pe, name, type_): return None @apihook("GetThreadLocale", argc=0) - def GetThreadLocale(self, emu, argv, ctx: dict[str, str] | None = None): + def GetThreadLocale(self, emu, argv, ctx: api.ApiContext = None): """ LCID GetThreadLocale(); """ @@ -249,7 +249,7 @@ def GetThreadLocale(self, emu, argv, ctx: dict[str, str] | None = None): return 0xC000 @apihook("SetThreadLocale", argc=1) - def SetThreadLocale(self, emu, argv, ctx: dict[str, str] | None = None): + def SetThreadLocale(self, emu, argv, ctx: api.ApiContext = None): """ LCID SetThreadLocale( LCID Locale @@ -261,7 +261,7 @@ def SetThreadLocale(self, emu, argv, ctx: dict[str, str] | None = None): return lcid @apihook("IsValidLocale", argc=2) - def IsValidLocale(self, emu, argv, ctx: dict[str, str] | None = None): + def IsValidLocale(self, emu, argv, ctx: api.ApiContext = None): """ BOOL IsValidLocale( LCID Locale, @@ -274,7 +274,7 @@ def IsValidLocale(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("OutputDebugString", argc=1) - def OutputDebugString(self, emu, argv, ctx: dict[str, str] | None = None): + def OutputDebugString(self, emu, argv, ctx: api.ApiContext = None): """ void OutputDebugStringA( LPCSTR lpOutputString @@ -286,7 +286,7 @@ def OutputDebugString(self, emu, argv, ctx: dict[str, str] | None = None): argv[0] = self.read_mem_string(_str, cw) @apihook("GetThreadTimes", argc=5) - def GetThreadTimes(self, emu, argv, ctx: dict[str, str] | None = None): + def GetThreadTimes(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetThreadTimes( HANDLE hThread, @@ -304,7 +304,7 @@ def GetThreadTimes(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("GetProcessHeap", argc=0) - def GetProcessHeap(self, emu, argv, ctx: dict[str, str] | None = None): + def GetProcessHeap(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE GetProcessHeap(); """ @@ -317,7 +317,7 @@ def GetProcessHeap(self, emu, argv, ctx: dict[str, str] | None = None): return heap @apihook("GetProcessVersion", argc=1) - def GetProcessVersion(self, emu, argv, ctx: dict[str, str] | None = None): + def GetProcessVersion(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetProcessVersion( DWORD ProcessId @@ -334,7 +334,7 @@ def GetProcessVersion(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("DisableThreadLibraryCalls", argc=1) - def DisableThreadLibraryCalls(self, emu, argv, ctx: dict[str, str] | None = None): + def DisableThreadLibraryCalls(self, emu, argv, ctx: api.ApiContext = None): """ BOOL DisableThreadLibraryCalls( HMODULE hLibModule @@ -347,7 +347,7 @@ def DisableThreadLibraryCalls(self, emu, argv, ctx: dict[str, str] | None = None return True @apihook("CreateMutex", argc=3) - def CreateMutex(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateMutex(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE CreateMutex( LPSECURITY_ATTRIBUTES lpMutexAttributes, @@ -378,7 +378,7 @@ def CreateMutex(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("CreateMutexEx", argc=4) - def CreateMutexEx(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateMutexEx(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE CreateMutexExA( LPSECURITY_ATTRIBUTES lpMutexAttributes, @@ -409,7 +409,7 @@ def CreateMutexEx(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("LoadLibrary", argc=1) - def LoadLibrary(self, emu, argv, ctx: dict[str, str] | None = None): + def LoadLibrary(self, emu, argv, ctx: api.ApiContext = None): """HMODULE LoadLibrary( LPTSTR lpLibFileName );""" @@ -428,7 +428,7 @@ def LoadLibrary(self, emu, argv, ctx: dict[str, str] | None = None): return hmod @apihook("CreateToolhelp32Snapshot", argc=2) - def CreateToolhelp32Snapshot(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateToolhelp32Snapshot(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE CreateToolhelp32Snapshot( DWORD dwFlags, @@ -507,7 +507,7 @@ def CreateToolhelp32Snapshot(self, emu, argv, ctx: dict[str, str] | None = None) return hnd @apihook("Process32First", argc=2) - def Process32First(self, emu, argv, ctx: dict[str, str] | None = None): + def Process32First(self, emu, argv, ctx: api.ApiContext = None): """ BOOL Process32First( HANDLE hSnapshot, @@ -548,7 +548,7 @@ def Process32First(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("Process32Next", argc=2) - def Process32Next(self, emu, argv, ctx: dict[str, str] | None = None): + def Process32Next(self, emu, argv, ctx: api.ApiContext = None): """ BOOL Process32Next( HANDLE hSnapshot, @@ -591,7 +591,7 @@ def Process32Next(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("Thread32First", argc=2) - def Thread32First(self, emu, argv, ctx: dict[str, str] | None = None): + def Thread32First(self, emu, argv, ctx: api.ApiContext = None): """ BOOL Thread32First( HANDLE hSnapshot, @@ -624,7 +624,7 @@ def Thread32First(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("Thread32Next", argc=2) - def Thread32Next(self, emu, argv, ctx: dict[str, str] | None = None): + def Thread32Next(self, emu, argv, ctx: api.ApiContext = None): """ BOOL Thread32Next( HANDLE hSnapshot, @@ -659,7 +659,7 @@ def Thread32Next(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("Module32First", argc=2) - def Module32First(self, emu, argv, ctx: dict[str, str] | None = None): + def Module32First(self, emu, argv, ctx: api.ApiContext = None): """ BOOL Module32First( HANDLE hSnapshot, @@ -706,7 +706,7 @@ def Module32First(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("Module32Next", argc=2) - def Module32Next(self, emu, argv, ctx: dict[str, str] | None = None): + def Module32Next(self, emu, argv, ctx: api.ApiContext = None): """ BOOL Module32Next( HANDLE hSnapshot, @@ -754,7 +754,7 @@ def Module32Next(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("OpenProcess", argc=3) - def OpenProcess(self, emu, argv, ctx: dict[str, str] | None = None): + def OpenProcess(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE OpenProcess( DWORD dwDesiredAccess, @@ -783,7 +783,7 @@ def OpenProcess(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("OpenMutex", argc=3) - def OpenMutex(self, emu, argv, ctx: dict[str, str] | None = None): + def OpenMutex(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE OpenMutex( DWORD dwDesiredAccess, @@ -811,7 +811,7 @@ def OpenMutex(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("TerminateProcess", argc=2) - def TerminateProcess(self, emu, argv, ctx: dict[str, str] | None = None): + def TerminateProcess(self, emu, argv, ctx: api.ApiContext = None): """ BOOL TerminateProcess( HANDLE hProcess, @@ -831,7 +831,7 @@ def TerminateProcess(self, emu, argv, ctx: dict[str, str] | None = None): rv = True @apihook("FreeLibraryAndExitThread", argc=2) - def FreeLibraryAndExitThread(self, emu, argv, ctx: dict[str, str] | None = None): + def FreeLibraryAndExitThread(self, emu, argv, ctx: api.ApiContext = None): """ void FreeLibraryAndExitThread( HMODULE hLibModule, @@ -843,7 +843,7 @@ def FreeLibraryAndExitThread(self, emu, argv, ctx: dict[str, str] | None = None) return @apihook("ExitThread", argc=1) - def ExitThread(self, emu, argv, ctx: dict[str, str] | None = None): + def ExitThread(self, emu, argv, ctx: api.ApiContext = None): """ void ExitThread( DWORD dwExitCode @@ -854,7 +854,7 @@ def ExitThread(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("WinExec", argc=2) - def WinExec(self, emu, argv, ctx: dict[str, str] | None = None): + def WinExec(self, emu, argv, ctx: api.ApiContext = None): """ UINT WinExec( LPCSTR lpCmdLine, @@ -877,7 +877,7 @@ def WinExec(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("LoadLibraryEx", argc=3) - def LoadLibraryEx(self, emu, argv, ctx: dict[str, str] | None = None): + def LoadLibraryEx(self, emu, argv, ctx: api.ApiContext = None): """HMODULE LoadLibraryExA( LPCSTR lpLibFileName, HANDLE hFile, @@ -921,7 +921,7 @@ def LoadLibraryEx(self, emu, argv, ctx: dict[str, str] | None = None): return hmod @apihook("CreateProcessInternal", argc=12) - def CreateProcessInternal(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateProcessInternal(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CreateProcessInternal( PVOID Reserved1, @@ -946,7 +946,7 @@ def CreateProcessInternal(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CreateProcess", argc=10) - def CreateProcess(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateProcess(self, emu, argv, ctx: api.ApiContext = None): """BOOL CreateProcess( LPTSTR lpApplicationName, LPTSTR lpCommandLine, @@ -1001,7 +1001,7 @@ def CreateProcess(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("VirtualAlloc", argc=4) - def VirtualAlloc(self, emu, argv, ctx: dict[str, str] | None = None): + def VirtualAlloc(self, emu, argv, ctx: api.ApiContext = None): """LPVOID WINAPI VirtualAlloc( _In_opt_ LPVOID lpAddress, _In_ SIZE_T dwSize, @@ -1061,7 +1061,7 @@ def VirtualAlloc(self, emu, argv, ctx: dict[str, str] | None = None): return buf @apihook("VirtualAllocEx", argc=5) - def VirtualAllocEx(self, emu, argv, ctx: dict[str, str] | None = None): + def VirtualAllocEx(self, emu, argv, ctx: api.ApiContext = None): """ LPVOID VirtualAllocEx( HANDLE hProcess, @@ -1124,7 +1124,7 @@ def VirtualAllocEx(self, emu, argv, ctx: dict[str, str] | None = None): return buf @apihook("WriteProcessMemory", argc=5) - def WriteProcessMemory(self, emu, argv, ctx: dict[str, str] | None = None): + def WriteProcessMemory(self, emu, argv, ctx: api.ApiContext = None): """ BOOL WriteProcessMemory( HANDLE hProcess, @@ -1163,7 +1163,7 @@ def WriteProcessMemory(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("ReadProcessMemory", argc=5) - def ReadProcessMemory(self, emu, argv, ctx: dict[str, str] | None = None): + def ReadProcessMemory(self, emu, argv, ctx: api.ApiContext = None): """ BOOL ReadProcessMemory( HANDLE hProcess, @@ -1206,7 +1206,7 @@ def ReadProcessMemory(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CreateRemoteThread", argc=7) - def CreateRemoteThread(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateRemoteThread(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE CreateRemoteThread( HANDLE hProcess, @@ -1255,7 +1255,7 @@ def CreateRemoteThread(self, emu, argv, ctx: dict[str, str] | None = None): return handle @apihook("CreateThread", argc=6) - def CreateThread(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateThread(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE CreateThread( LPSECURITY_ATTRIBUTES lpThreadAttributes, @@ -1294,7 +1294,7 @@ def CreateThread(self, emu, argv, ctx: dict[str, str] | None = None): return handle @apihook("ResumeThread", argc=1) - def ResumeThread(self, emu, argv, ctx: dict[str, str] | None = None): + def ResumeThread(self, emu, argv, ctx: api.ApiContext = None): """ DWORD ResumeThread( HANDLE hThread @@ -1334,7 +1334,7 @@ def ResumeThread(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("SuspendThread", argc=1) - def SuspendThread(self, emu, argv, ctx: dict[str, str] | None = None): + def SuspendThread(self, emu, argv, ctx: api.ApiContext = None): """ DWORD SuspendThread( HANDLE hThread @@ -1352,7 +1352,7 @@ def SuspendThread(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("TerminateThread", argc=2) - def TerminateThread(self, emu, argv, ctx: dict[str, str] | None = None): + def TerminateThread(self, emu, argv, ctx: api.ApiContext = None): """ BOOL TerminateThread( [in, out] HANDLE hThread, @@ -1372,7 +1372,7 @@ def TerminateThread(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetThreadId", argc=1) - def GetThreadId(self, emu, argv, ctx: dict[str, str] | None = None): + def GetThreadId(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetThreadId( HANDLE Thread @@ -1392,7 +1392,7 @@ def GetThreadId(self, emu, argv, ctx: dict[str, str] | None = None): return obj.id @apihook("VirtualQuery", argc=3) - def VirtualQuery(self, emu, argv, ctx: dict[str, str] | None = None): + def VirtualQuery(self, emu, argv, ctx: api.ApiContext = None): """ SIZE_T VirtualQuery( LPCVOID lpAddress, @@ -1429,7 +1429,7 @@ def VirtualQuery(self, emu, argv, ctx: dict[str, str] | None = None): return mbi.sizeof() @apihook("VirtualProtect", argc=4) - def VirtualProtect(self, emu, argv, ctx: dict[str, str] | None = None): + def VirtualProtect(self, emu, argv, ctx: api.ApiContext = None): """BOOL WINAPI VirtualProtect( _In_ LPVOID lpAddress, _In_ SIZE_T dwSize, @@ -1475,7 +1475,7 @@ def VirtualProtect(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("VirtualProtectEx", argc=5) - def VirtualProtectEx(self, emu, argv, ctx: dict[str, str] | None = None): + def VirtualProtectEx(self, emu, argv, ctx: api.ApiContext = None): """ BOOL VirtualProtectEx( HANDLE hProcess, @@ -1504,7 +1504,7 @@ def VirtualProtectEx(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("VirtualFree", argc=3) - def VirtualFree(self, emu, argv, ctx: dict[str, str] | None = None): + def VirtualFree(self, emu, argv, ctx: api.ApiContext = None): """ BOOL VirtualFree( LPVOID lpAddress, @@ -1528,7 +1528,7 @@ def VirtualFree(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetCurrentProcess", argc=0) - def GetCurrentProcess(self, emu, argv, ctx: dict[str, str] | None = None): + def GetCurrentProcess(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE GetCurrentProcess(); """ @@ -1539,7 +1539,7 @@ def GetCurrentProcess(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetVersion", argc=0) - def GetVersion(self, emu, argv, ctx: dict[str, str] | None = None): + def GetVersion(self, emu, argv, ctx: api.ApiContext = None): """NOT_BUILD_WINDOWS_DEPRECATE DWORD GetVersion();""" ctx = ctx or {} @@ -1553,7 +1553,7 @@ def GetVersion(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetLastError", argc=0) - def GetLastError(self, emu, argv, ctx: dict[str, str] | None = None): + def GetLastError(self, emu, argv, ctx: api.ApiContext = None): """DWORD WINAPI GetLastError(void);""" ctx = ctx or {} @@ -1565,7 +1565,7 @@ def GetLastError(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("SetLastError", argc=1) - def SetLastError(self, emu, argv, ctx: dict[str, str] | None = None): + def SetLastError(self, emu, argv, ctx: api.ApiContext = None): """ void SetLastError( DWORD dwErrCode @@ -1579,7 +1579,7 @@ def SetLastError(self, emu, argv, ctx: dict[str, str] | None = None): return None @apihook("SetHandleInformation", argc=3) - def SetHandleInformation(self, emu, argv, ctx: dict[str, str] | None = None): + def SetHandleInformation(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetHandleInformation( HANDLE hObject, @@ -1595,7 +1595,7 @@ def SetHandleInformation(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetHandleInformation", argc=2) - def GetHandleInformation(self, emu, argv, ctx: dict[str, str] | None = None): + def GetHandleInformation(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetHandleInformation( HANDLE hObject, @@ -1610,7 +1610,7 @@ def GetHandleInformation(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("ExitProcess", argc=1) - def ExitProcess(self, emu, argv, ctx: dict[str, str] | None = None): + def ExitProcess(self, emu, argv, ctx: api.ApiContext = None): """void ExitProcess( UINT uExitCode );""" @@ -1620,7 +1620,7 @@ def ExitProcess(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("SystemTimeToTzSpecificLocalTime", argc=3) - def SystemTimeToTzSpecificLocalTime(self, emu, argv, ctx: dict[str, str] | None = None): + def SystemTimeToTzSpecificLocalTime(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SystemTimeToTzSpecificLocalTime( const TIME_ZONE_INFORMATION *lpTimeZoneInformation, @@ -1632,7 +1632,7 @@ def SystemTimeToTzSpecificLocalTime(self, emu, argv, ctx: dict[str, str] | None return True @apihook("FileTimeToSystemTime", argc=2) - def FileTimeToSystemTime(self, emu, argv, ctx: dict[str, str] | None = None): + def FileTimeToSystemTime(self, emu, argv, ctx: api.ApiContext = None): """ BOOL FileTimeToSystemTime( const FILETIME *lpFileTime, @@ -1667,7 +1667,7 @@ def FileTimeToSystemTime(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("GetSystemTimeAsFileTime", argc=1) - def GetSystemTimeAsFileTime(self, emu, argv, ctx: dict[str, str] | None = None): + def GetSystemTimeAsFileTime(self, emu, argv, ctx: api.ApiContext = None): """void GetSystemTimeAsFileTime( LPFILETIME lpSystemTimeAsFileTime );""" @@ -1685,7 +1685,7 @@ def GetSystemTimeAsFileTime(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("SystemTimeToFileTime", argc=2) - def SystemTimeToFileTime(self, emu, argv, ctx: dict[str, str] | None = None): + def SystemTimeToFileTime(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SystemTimeToFileTime( const SYSTEMTIME *lpSystemTime, @@ -1700,7 +1700,7 @@ def SystemTimeToFileTime(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("SetThreadErrorMode", argc=2) - def SetThreadErrorMode(self, emu, argv, ctx: dict[str, str] | None = None): + def SetThreadErrorMode(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetThreadErrorMode( DWORD dwNewMode, @@ -1714,7 +1714,7 @@ def SetThreadErrorMode(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("SetDefaultDllDirectories", argc=1) - def SetDefaultDllDirectories(self, emu, argv, ctx: dict[str, str] | None = None): + def SetDefaultDllDirectories(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetDefaultDllDirectories( DWORD DirectoryFlags @@ -1725,7 +1725,7 @@ def SetDefaultDllDirectories(self, emu, argv, ctx: dict[str, str] | None = None) return True @apihook("SetConsoleTitle", argc=1) - def SetConsoleTitle(self, emu, argv, ctx: dict[str, str] | None = None): + def SetConsoleTitle(self, emu, argv, ctx: api.ApiContext = None): """ BOOL WINAPI SetConsoleTitle( _In_ LPCTSTR lpConsoleTitle @@ -1741,7 +1741,7 @@ def SetConsoleTitle(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("GetLocalTime", argc=1) - def GetLocalTime(self, emu, argv, ctx: dict[str, str] | None = None): + def GetLocalTime(self, emu, argv, ctx: api.ApiContext = None): """ void GetLocalTime( LPSYSTEMTIME lpSystemTime @@ -1751,7 +1751,7 @@ def GetLocalTime(self, emu, argv, ctx: dict[str, str] | None = None): return self.GetSystemTime(emu, argv) @apihook("GetSystemTime", argc=1) - def GetSystemTime(self, emu, argv, ctx: dict[str, str] | None = None): + def GetSystemTime(self, emu, argv, ctx: api.ApiContext = None): """ void GetSystemTime( LPSYSTEMTIME lpSystemTime @@ -1775,7 +1775,7 @@ def GetSystemTime(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("GetTimeZoneInformation", argc=1) - def GetTimeZoneInformation(self, emu, argv, ctx: dict[str, str] | None = None): + def GetTimeZoneInformation(self, emu, argv, ctx: api.ApiContext = None): """DWORD GetTimeZoneInformation( LPTIME_ZONE_INFORMATION lpTimeZoneInformation );""" @@ -1788,7 +1788,7 @@ def GetTimeZoneInformation(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetCurrentThreadId", argc=0) - def GetCurrentThreadId(self, emu, argv, ctx: dict[str, str] | None = None): + def GetCurrentThreadId(self, emu, argv, ctx: api.ApiContext = None): """DWORD GetCurrentThreadId();""" ctx = ctx or {} @@ -1798,7 +1798,7 @@ def GetCurrentThreadId(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetCurrentProcessId", argc=0) - def GetCurrentProcessId(self, emu, argv, ctx: dict[str, str] | None = None): + def GetCurrentProcessId(self, emu, argv, ctx: api.ApiContext = None): """DWORD GetCurrentProcessId();""" ctx = ctx or {} @@ -1808,7 +1808,7 @@ def GetCurrentProcessId(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("IsProcessorFeaturePresent", argc=1, conv=e_arch.CALL_CONV_STDCALL) - def IsProcessorFeaturePresent(self, emu, argv, ctx: dict[str, str] | None = None): + def IsProcessorFeaturePresent(self, emu, argv, ctx: api.ApiContext = None): """BOOL IsProcessorFeaturePresent( DWORD ProcessorFeature );""" @@ -1879,7 +1879,7 @@ def IsProcessorFeaturePresent(self, emu, argv, ctx: dict[str, str] | None = None return rv @apihook("lstrcmpi", argc=2) - def lstrcmpi(self, emu, argv, ctx: dict[str, str] | None = None): + def lstrcmpi(self, emu, argv, ctx: api.ApiContext = None): """int lstrcmpiA( LPCSTR lpString1, LPCSTR lpString2 @@ -1902,7 +1902,7 @@ def lstrcmpi(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("lstrcmp", argc=2) - def lstrcmp(self, emu, argv, ctx: dict[str, str] | None = None): + def lstrcmp(self, emu, argv, ctx: api.ApiContext = None): """int lstrcmpiA( LPCSTR lpString1, LPCSTR lpString2 @@ -1925,7 +1925,7 @@ def lstrcmp(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("QueryPerformanceCounter", argc=1) - def QueryPerformanceCounter(self, emu, argv, ctx: dict[str, str] | None = None): + def QueryPerformanceCounter(self, emu, argv, ctx: api.ApiContext = None): """BOOL WINAPI QueryPerformanceCounter( _Out_ LARGE_INTEGER *lpPerformanceCount );""" @@ -1938,7 +1938,7 @@ def QueryPerformanceCounter(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("lstrlen", argc=1) - def lstrlen(self, emu, argv, ctx: dict[str, str] | None = None): + def lstrlen(self, emu, argv, ctx: api.ApiContext = None): """ int lstrlen( LPCSTR lpString @@ -1957,7 +1957,7 @@ def lstrlen(self, emu, argv, ctx: dict[str, str] | None = None): return len(s) @apihook("GetModuleHandleEx", argc=3) - def GetModuleHandleEx(self, emu, argv, ctx: dict[str, str] | None = None): + def GetModuleHandleEx(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetModuleHandleExA( DWORD dwFlags, @@ -1975,7 +1975,7 @@ def GetModuleHandleEx(self, emu, argv, ctx: dict[str, str] | None = None): return hmod @apihook("GetModuleHandle", argc=1) - def GetModuleHandle(self, emu, argv, ctx: dict[str, str] | None = None): + def GetModuleHandle(self, emu, argv, ctx: api.ApiContext = None): """HMODULE GetModuleHandle( LPCSTR lpModuleName );""" @@ -2005,7 +2005,7 @@ def GetModuleHandle(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetProcAddress", argc=2) - def GetProcAddress(self, emu, argv, ctx: dict[str, str] | None = None): + def GetProcAddress(self, emu, argv, ctx: api.ApiContext = None): """FARPROC GetProcAddress( HMODULE hModule, LPCSTR lpProcName @@ -2041,7 +2041,7 @@ def GetProcAddress(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("AllocConsole", argc=0) - def AllocConsole(self, emu, argv, ctx: dict[str, str] | None = None): + def AllocConsole(self, emu, argv, ctx: api.ApiContext = None): """BOOL WINAPI AllocConsole(void);""" ctx = ctx or {} @@ -2049,7 +2049,7 @@ def AllocConsole(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetConsoleWindow", argc=0) - def GetConsoleWindow(self, emu, argv, ctx: dict[str, str] | None = None): + def GetConsoleWindow(self, emu, argv, ctx: api.ApiContext = None): """HWND WINAPI GetConsoleWindow(void);""" ctx = ctx or {} hwnd = 0 @@ -2063,7 +2063,7 @@ def GetConsoleWindow(self, emu, argv, ctx: dict[str, str] | None = None): return hwnd @apihook("Sleep", argc=1) - def Sleep(self, emu, argv, ctx: dict[str, str] | None = None): + def Sleep(self, emu, argv, ctx: api.ApiContext = None): """void Sleep(DWORD dwMilliseconds);""" ctx = ctx or {} (millisec,) = argv @@ -2071,7 +2071,7 @@ def Sleep(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("SleepEx", argc=2) - def SleepEx(self, emu, argv, ctx: dict[str, str] | None = None): + def SleepEx(self, emu, argv, ctx: api.ApiContext = None): """DWORD SleepEx(DWORD dwMilliseconds, BOOL bAlertable);""" ctx = ctx or {} millisec, bAlertable = argv @@ -2079,7 +2079,7 @@ def SleepEx(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("GlobalAlloc", argc=2) - def GlobalAlloc(self, emu, argv, ctx: dict[str, str] | None = None): + def GlobalAlloc(self, emu, argv, ctx: api.ApiContext = None): """ DECLSPEC_ALLOCATOR HGLOBAL GlobalAlloc( UINT uFlags, @@ -2095,7 +2095,7 @@ def GlobalAlloc(self, emu, argv, ctx: dict[str, str] | None = None): return chunk @apihook("GlobalSize", argc=1) - def GlobalSize(self, emu, argv, ctx: dict[str, str] | None = None): + def GlobalSize(self, emu, argv, ctx: api.ApiContext = None): """ SIZE_T GlobalSize( [in] HGLOBAL hMem @@ -2117,7 +2117,7 @@ def GlobalSize(self, emu, argv, ctx: dict[str, str] | None = None): return size @apihook("GlobalFlags", argc=1) - def GlobalFlags(self, emu, argv, ctx: dict[str, str] | None = None): + def GlobalFlags(self, emu, argv, ctx: api.ApiContext = None): """ UINT GlobalFlags( [in] HGLOBAL hMem @@ -2138,7 +2138,7 @@ def GlobalFlags(self, emu, argv, ctx: dict[str, str] | None = None): return flags @apihook("LocalAlloc", argc=2) - def LocalAlloc(self, emu, argv, ctx: dict[str, str] | None = None): + def LocalAlloc(self, emu, argv, ctx: api.ApiContext = None): """ DECLSPEC_ALLOCATOR HLOCAL LocalAlloc( UINT uFlags, @@ -2154,7 +2154,7 @@ def LocalAlloc(self, emu, argv, ctx: dict[str, str] | None = None): return chunk @apihook("HeapAlloc", argc=3) - def HeapAlloc(self, emu, argv, ctx: dict[str, str] | None = None): + def HeapAlloc(self, emu, argv, ctx: api.ApiContext = None): """ DECLSPEC_ALLOCATOR LPVOID HeapAlloc( HANDLE hHeap, @@ -2173,7 +2173,7 @@ def HeapAlloc(self, emu, argv, ctx: dict[str, str] | None = None): return chunk @apihook("HeapSize", argc=3) - def HeapSize(self, emu, argv, ctx: dict[str, str] | None = None): + def HeapSize(self, emu, argv, ctx: api.ApiContext = None): """ SIZE_T HeapSize( HANDLE hHeap, @@ -2197,7 +2197,7 @@ def HeapSize(self, emu, argv, ctx: dict[str, str] | None = None): return size @apihook("GetTickCount", argc=0) - def GetTickCount(self, emu, argv, ctx: dict[str, str] | None = None): + def GetTickCount(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetTickCount(); """ @@ -2208,7 +2208,7 @@ def GetTickCount(self, emu, argv, ctx: dict[str, str] | None = None): return self.tick_counter @apihook("GetTickCount64", argc=0) - def GetTickCount64(self, emu, argv, ctx: dict[str, str] | None = None): + def GetTickCount64(self, emu, argv, ctx: api.ApiContext = None): """ ULONGLONG GetTickCount64(); """ @@ -2219,7 +2219,7 @@ def GetTickCount64(self, emu, argv, ctx: dict[str, str] | None = None): return self.tick_counter @apihook("lstrcat", argc=2) - def lstrcat(self, emu, argv, ctx: dict[str, str] | None = None): + def lstrcat(self, emu, argv, ctx: api.ApiContext = None): """ LPSTR lstrcat( LPSTR lpString1, @@ -2246,7 +2246,7 @@ def lstrcat(self, emu, argv, ctx: dict[str, str] | None = None): return lpString1 @apihook("lstrcpyn", argc=3) - def lstrcpyn(self, emu, argv, ctx: dict[str, str] | None = None): + def lstrcpyn(self, emu, argv, ctx: api.ApiContext = None): """ LPSTR lstrcpynA( LPSTR lpString1, @@ -2268,7 +2268,7 @@ def lstrcpyn(self, emu, argv, ctx: dict[str, str] | None = None): return dest @apihook("lstrcpy", argc=2) - def lstrcpy(self, emu, argv, ctx: dict[str, str] | None = None): + def lstrcpy(self, emu, argv, ctx: api.ApiContext = None): """ LPSTR lstrcpyA( LPSTR lpString1, @@ -2288,7 +2288,7 @@ def lstrcpy(self, emu, argv, ctx: dict[str, str] | None = None): return dest @apihook("IsBadReadPtr", argc=2) - def IsBadReadPtr(self, emu, argv, ctx: dict[str, str] | None = None): + def IsBadReadPtr(self, emu, argv, ctx: api.ApiContext = None): """ BOOL IsBadReadPtr( const VOID *lp, @@ -2311,7 +2311,7 @@ def IsBadReadPtr(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("HeapReAlloc", argc=4) - def HeapReAlloc(self, emu, argv, ctx: dict[str, str] | None = None): + def HeapReAlloc(self, emu, argv, ctx: api.ApiContext = None): """ DECLSPEC_ALLOCATOR LPVOID HeapReAlloc( HANDLE hHeap, @@ -2338,7 +2338,7 @@ def HeapReAlloc(self, emu, argv, ctx: dict[str, str] | None = None): return new_buf @apihook("LocalReAlloc", argc=3) - def LocalReAlloc(self, emu, argv, ctx: dict[str, str] | None = None): + def LocalReAlloc(self, emu, argv, ctx: api.ApiContext = None): """ DECLSPEC_ALLOCATOR HLOCAL LocalReAlloc( _Frees_ptr_opt_ HLOCAL hMem, @@ -2364,7 +2364,7 @@ def LocalReAlloc(self, emu, argv, ctx: dict[str, str] | None = None): return new_buf @apihook("HeapCreate", argc=3) - def HeapCreate(self, emu, argv, ctx: dict[str, str] | None = None): + def HeapCreate(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE HeapCreate( DWORD flOptions, @@ -2381,7 +2381,7 @@ def HeapCreate(self, emu, argv, ctx: dict[str, str] | None = None): return heap @apihook("GetCurrentThread", argc=0) - def GetCurrentThread(self, emu, argv, ctx: dict[str, str] | None = None): + def GetCurrentThread(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE GetCurrentThread(); """ @@ -2391,7 +2391,7 @@ def GetCurrentThread(self, emu, argv, ctx: dict[str, str] | None = None): return emu.get_object_handle(obj) @apihook("TlsAlloc", argc=0) - def TlsAlloc(self, emu, argv, ctx: dict[str, str] | None = None): + def TlsAlloc(self, emu, argv, ctx: api.ApiContext = None): """ DWORD TlsAlloc(); """ @@ -2407,7 +2407,7 @@ def TlsAlloc(self, emu, argv, ctx: dict[str, str] | None = None): return idx @apihook("TlsSetValue", argc=2) - def TlsSetValue(self, emu, argv, ctx: dict[str, str] | None = None): + def TlsSetValue(self, emu, argv, ctx: api.ApiContext = None): """ BOOL TlsSetValue( DWORD dwTlsIndex, @@ -2433,7 +2433,7 @@ def TlsSetValue(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("TlsGetValue", argc=1) - def TlsGetValue(self, emu, argv, ctx: dict[str, str] | None = None): + def TlsGetValue(self, emu, argv, ctx: api.ApiContext = None): """ LPVOID TlsGetValue( DWORD dwTlsIndex @@ -2456,7 +2456,7 @@ def TlsGetValue(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("FlsAlloc", argc=1) - def FlsAlloc(self, emu, argv, ctx: dict[str, str] | None = None): + def FlsAlloc(self, emu, argv, ctx: api.ApiContext = None): """ DWORD FlsAlloc( PFLS_CALLBACK_FUNCTION lpCallback @@ -2474,7 +2474,7 @@ def FlsAlloc(self, emu, argv, ctx: dict[str, str] | None = None): return idx @apihook("FlsSetValue", argc=2) - def FlsSetValue(self, emu, argv, ctx: dict[str, str] | None = None): + def FlsSetValue(self, emu, argv, ctx: api.ApiContext = None): """ BOOL FlsSetValue( DWORD dwFlsIndex, @@ -2503,7 +2503,7 @@ def FlsSetValue(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("FlsGetValue", argc=1) - def FlsGetValue(self, emu, argv, ctx: dict[str, str] | None = None): + def FlsGetValue(self, emu, argv, ctx: api.ApiContext = None): """ PVOID FlsGetValue( DWORD dwFlsIndex @@ -2525,7 +2525,7 @@ def FlsGetValue(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("EncodePointer", argc=1) - def EncodePointer(self, emu, argv, ctx: dict[str, str] | None = None): + def EncodePointer(self, emu, argv, ctx: api.ApiContext = None): """ PVOID EncodePointer( _In_ PVOID Ptr @@ -2540,7 +2540,7 @@ def EncodePointer(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("DecodePointer", argc=1) - def DecodePointer(self, emu, argv, ctx: dict[str, str] | None = None): + def DecodePointer(self, emu, argv, ctx: api.ApiContext = None): """ PVOID DecodePointer( PVOID Ptr @@ -2555,7 +2555,7 @@ def DecodePointer(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("InitializeCriticalSectionAndSpinCount", argc=2) - def InitializeCriticalSectionAndSpinCount(self, emu, argv, ctx: dict[str, str] | None = None): + def InitializeCriticalSectionAndSpinCount(self, emu, argv, ctx: api.ApiContext = None): """ BOOL InitializeCriticalSectionAndSpinCount( LPCRITICAL_SECTION lpCriticalSection, @@ -2570,7 +2570,7 @@ def InitializeCriticalSectionAndSpinCount(self, emu, argv, ctx: dict[str, str] | return rv @apihook("EnterCriticalSection", argc=1) - def EnterCriticalSection(self, emu, argv, ctx: dict[str, str] | None = None): + def EnterCriticalSection(self, emu, argv, ctx: api.ApiContext = None): """ void EnterCriticalSection( LPCRITICAL_SECTION lpCriticalSection @@ -2581,7 +2581,7 @@ def EnterCriticalSection(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("LeaveCriticalSection", argc=1) - def LeaveCriticalSection(self, emu, argv, ctx: dict[str, str] | None = None): + def LeaveCriticalSection(self, emu, argv, ctx: api.ApiContext = None): """ void LeaveCriticalSection( LPCRITICAL_SECTION lpCriticalSection @@ -2592,7 +2592,7 @@ def LeaveCriticalSection(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("InterlockedIncrement", argc=1) - def InterlockedIncrement(self, emu, argv, ctx: dict[str, str] | None = None): + def InterlockedIncrement(self, emu, argv, ctx: api.ApiContext = None): """ LONG InterlockedIncrement( LONG volatile *Addend @@ -2611,7 +2611,7 @@ def InterlockedIncrement(self, emu, argv, ctx: dict[str, str] | None = None): return ival @apihook("InterlockedDecrement", argc=1) - def InterlockedDecrement(self, emu, argv, ctx: dict[str, str] | None = None): + def InterlockedDecrement(self, emu, argv, ctx: api.ApiContext = None): """ LONG InterlockedDecrement( LONG volatile *Addend @@ -2630,7 +2630,7 @@ def InterlockedDecrement(self, emu, argv, ctx: dict[str, str] | None = None): return ival @apihook("GetCommandLine", argc=0) - def GetCommandLine(self, emu, argv, ctx: dict[str, str] | None = None): + def GetCommandLine(self, emu, argv, ctx: api.ApiContext = None): """ LPTSTR GetCommandLine(); """ @@ -2657,7 +2657,7 @@ def GetCommandLine(self, emu, argv, ctx: dict[str, str] | None = None): return cmd_ptr @apihook("ExpandEnvironmentStrings", argc=3) - def ExpandEnvironmentStrings(self, emu, argv, ctx: dict[str, str] | None = None): + def ExpandEnvironmentStrings(self, emu, argv, ctx: api.ApiContext = None): """ DWORD ExpandEnvironmentStringsA( LPCSTR lpSrc, @@ -2689,7 +2689,7 @@ def ExpandEnvironmentStrings(self, emu, argv, ctx: dict[str, str] | None = None) return rv @apihook("GetEnvironmentStrings", argc=0) - def GetEnvironmentStrings(self, emu, argv, ctx: dict[str, str] | None = None): + def GetEnvironmentStrings(self, emu, argv, ctx: api.ApiContext = None): """ LPCH GetEnvironmentStrings(); """ @@ -2715,7 +2715,7 @@ def GetEnvironmentStrings(self, emu, argv, ctx: dict[str, str] | None = None): return env_ptr @apihook("FreeEnvironmentStrings", argc=1) - def FreeEnvironmentStrings(self, emu, argv, ctx: dict[str, str] | None = None): + def FreeEnvironmentStrings(self, emu, argv, ctx: api.ApiContext = None): """ BOOL FreeEnvironmentStrings( LPCH penv @@ -2730,7 +2730,7 @@ def FreeEnvironmentStrings(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("GetFullPathName", argc=4) - def GetFullPathName(self, emu, argv, ctx: dict[str, str] | None = None): + def GetFullPathName(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetFullPathNameA( LPCSTR lpFileName, @@ -2762,7 +2762,7 @@ def GetFullPathName(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetStartupInfo", argc=1) - def GetStartupInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def GetStartupInfo(self, emu, argv, ctx: api.ApiContext = None): """ void GetStartupInfo( LPSTARTUPINFO lpStartupInfo @@ -2834,7 +2834,7 @@ def GetStartupInfo(self, emu, argv, ctx: dict[str, str] | None = None): return None @apihook("GetStdHandle", argc=1) - def GetStdHandle(self, emu, argv, ctx: dict[str, str] | None = None): + def GetStdHandle(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE WINAPI GetStdHandle( _In_ DWORD nStdHandle @@ -2850,7 +2850,7 @@ def GetStdHandle(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("GetFileType", argc=1) - def GetFileType(self, emu, argv, ctx: dict[str, str] | None = None): + def GetFileType(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetFileType( HANDLE hFile @@ -2864,7 +2864,7 @@ def GetFileType(self, emu, argv, ctx: dict[str, str] | None = None): return FILE_TYPE_DISK @apihook("SetHandleCount", argc=1) - def SetHandleCount(self, emu, argv, ctx: dict[str, str] | None = None): + def SetHandleCount(self, emu, argv, ctx: api.ApiContext = None): """ UINT SetHandleCount( UINT uNumber @@ -2878,7 +2878,7 @@ def SetHandleCount(self, emu, argv, ctx: dict[str, str] | None = None): return uNumber @apihook("GetACP", argc=0) - def GetACP(self, emu, argv, ctx: dict[str, str] | None = None): + def GetACP(self, emu, argv, ctx: api.ApiContext = None): """ UINT GetACP(); """ @@ -2889,7 +2889,7 @@ def GetACP(self, emu, argv, ctx: dict[str, str] | None = None): return windows_1252 @apihook("IsValidCodePage", argc=1) - def IsValidCodePage(self, emu, argv, ctx: dict[str, str] | None = None): + def IsValidCodePage(self, emu, argv, ctx: api.ApiContext = None): """ BOOL IsValidCodePage( UINT CodePage @@ -2902,7 +2902,7 @@ def IsValidCodePage(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("GetCPInfo", argc=2) - def GetCPInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def GetCPInfo(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetCPInfo( UINT CodePage, @@ -2920,7 +2920,7 @@ def GetCPInfo(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("WideCharToMultiByte", argc=8) - def WideCharToMultiByte(self, emu, argv, ctx: dict[str, str] | None = None): + def WideCharToMultiByte(self, emu, argv, ctx: api.ApiContext = None): """ int WideCharToMultiByte( UINT CodePage, @@ -2984,7 +2984,7 @@ def WideCharToMultiByte(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("MultiByteToWideChar", argc=6) - def MultiByteToWideChar(self, emu, argv, ctx: dict[str, str] | None = None): + def MultiByteToWideChar(self, emu, argv, ctx: api.ApiContext = None): """ int MultiByteToWideChar( UINT CodePage, @@ -3040,7 +3040,7 @@ def MultiByteToWideChar(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetStringTypeA", argc=5) - def GetStringTypeA(self, emu, argv, ctx: dict[str, str] | None = None): + def GetStringTypeA(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetStringTypeA( LCID Locale, @@ -3055,7 +3055,7 @@ def GetStringTypeA(self, emu, argv, ctx: dict[str, str] | None = None): return self.GetStringTypeW(emu, args, ctx) @apihook("GetStringTypeW", argc=4) - def GetStringTypeW(self, emu, argv, ctx: dict[str, str] | None = None): + def GetStringTypeW(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetStringTypeW( DWORD dwInfoType, @@ -3123,7 +3123,7 @@ def GetStringTypeW(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("LCMapString", argc=6) - def LCMapString(self, emu, argv, ctx: dict[str, str] | None = None): + def LCMapString(self, emu, argv, ctx: api.ApiContext = None): """ int LCMapString( LCID Locale, @@ -3154,7 +3154,7 @@ def LCMapString(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("LCMapStringEx", argc=9) - def LCMapStringEx(self, emu, argv, ctx: dict[str, str] | None = None): + def LCMapStringEx(self, emu, argv, ctx: api.ApiContext = None): """ int LCMapStringEx( LPCWSTR lpLocaleName, @@ -3187,7 +3187,7 @@ def LCMapStringEx(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetModuleFileName", argc=3) - def GetModuleFileName(self, emu, argv, ctx: dict[str, str] | None = None): + def GetModuleFileName(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetModuleFileName( HMODULE hModule, @@ -3232,7 +3232,7 @@ def GetModuleFileName(self, emu, argv, ctx: dict[str, str] | None = None): return size @apihook("HeapFree", argc=3) - def HeapFree(self, emu, argv, ctx: dict[str, str] | None = None): + def HeapFree(self, emu, argv, ctx: api.ApiContext = None): """ BOOL HeapFree( HANDLE hHeap, @@ -3249,7 +3249,7 @@ def HeapFree(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("LocalFree", argc=1) - def LocalFree(self, emu, argv, ctx: dict[str, str] | None = None): + def LocalFree(self, emu, argv, ctx: api.ApiContext = None): """ HLOCAL LocalFree( _Frees_ptr_opt_ HLOCAL hMem @@ -3267,7 +3267,7 @@ def LocalFree(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GlobalHandle", argc=1) - def GlobalHandle(self, emu, argv, ctx: dict[str, str] | None = None): + def GlobalHandle(self, emu, argv, ctx: api.ApiContext = None): """ HGLOBAL GlobalHandle( LPCVOID pMem @@ -3278,7 +3278,7 @@ def GlobalHandle(self, emu, argv, ctx: dict[str, str] | None = None): return pMem @apihook("GlobalUnlock", argc=1) - def GlobalUnlock(self, emu, argv, ctx: dict[str, str] | None = None): + def GlobalUnlock(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GlobalUnlock( HGLOBAL hMem @@ -3288,7 +3288,7 @@ def GlobalUnlock(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GlobalFree", argc=1) - def GlobalFree(self, emu, argv, ctx: dict[str, str] | None = None): + def GlobalFree(self, emu, argv, ctx: api.ApiContext = None): """ HGLOBAL GlobalFree( _Frees_ptr_opt_ HGLOBAL hMem @@ -3298,7 +3298,7 @@ def GlobalFree(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetSystemDirectory", argc=2) - def GetSystemDirectory(self, emu, argv, ctx: dict[str, str] | None = None): + def GetSystemDirectory(self, emu, argv, ctx: api.ApiContext = None): """ UINT GetSystemDirectory( LPSTR lpBuffer, @@ -3333,7 +3333,7 @@ def GetSystemDirectory(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("IsDBCSLeadByte", argc=1) - def IsDBCSLeadByte(self, emu, argv, ctx: dict[str, str] | None = None): + def IsDBCSLeadByte(self, emu, argv, ctx: api.ApiContext = None): """ BOOL IsDBCSLeadByte( BYTE TestChar @@ -3343,7 +3343,7 @@ def IsDBCSLeadByte(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("SetEnvironmentVariable", argc=2) - def SetEnvironmentVariable(self, emu, argv, ctx: dict[str, str] | None = None): + def SetEnvironmentVariable(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetEnvironmentVariable( LPCTSTR lpName, @@ -3362,7 +3362,7 @@ def SetEnvironmentVariable(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("SetDllDirectory", argc=1) - def SetDllDirectory(self, emu, argv, ctx: dict[str, str] | None = None): + def SetDllDirectory(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetDllDirectory( LPCSTR lpPathName @@ -3378,7 +3378,7 @@ def SetDllDirectory(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("GetWindowsDirectory", argc=2) - def GetWindowsDirectory(self, emu, argv, ctx: dict[str, str] | None = None): + def GetWindowsDirectory(self, emu, argv, ctx: api.ApiContext = None): """ UINT GetWindowsDirectory( LPSTR lpBuffer, @@ -3389,7 +3389,7 @@ def GetWindowsDirectory(self, emu, argv, ctx: dict[str, str] | None = None): return self.GetSystemDirectory(emu, argv, ctx) @apihook("CreateFileMapping", argc=6) - def CreateFileMapping(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateFileMapping(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE CreateFileMapping( HANDLE hFile, @@ -3418,7 +3418,7 @@ def CreateFileMapping(self, emu, argv, ctx: dict[str, str] | None = None): return hmap @apihook("MapViewOfFile", argc=5) - def MapViewOfFile(self, emu, argv, ctx: dict[str, str] | None = None): + def MapViewOfFile(self, emu, argv, ctx: api.ApiContext = None): """ LPVOID MapViewOfFile( HANDLE hFileMappingObject, @@ -3494,7 +3494,7 @@ def MapViewOfFile(self, emu, argv, ctx: dict[str, str] | None = None): return buf @apihook("UnmapViewOfFile", argc=1) - def UnmapViewOfFile(self, emu, argv, ctx: dict[str, str] | None = None): + def UnmapViewOfFile(self, emu, argv, ctx: api.ApiContext = None): """ BOOL UnmapViewOfFile( LPCVOID lpBaseAddress @@ -3515,7 +3515,7 @@ def UnmapViewOfFile(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetSystemInfo", argc=1) - def GetSystemInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def GetSystemInfo(self, emu, argv, ctx: api.ApiContext = None): """ void GetSystemInfo( LPSYSTEM_INFO lpSystemInfo @@ -3536,7 +3536,7 @@ def GetSystemInfo(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("GetFileAttributes", argc=1) - def GetFileAttributes(self, emu, argv, ctx: dict[str, str] | None = None): + def GetFileAttributes(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetFileAttributes( LPCSTR lpFileName @@ -3553,7 +3553,7 @@ def GetFileAttributes(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetFileAttributesEx", argc=3) - def GetFileAttributesEx(self, emu, argv, ctx: dict[str, str] | None = None): + def GetFileAttributesEx(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetFileAttributesEx( LPCSTR lpFileName, @@ -3609,7 +3609,7 @@ def GetFileAttributesEx(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("GetFileTime", argc=4) - def GetFileTime(self, emu, argv, ctx: dict[str, str] | None = None): + def GetFileTime(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetFileTime( HANDLE hFile, @@ -3638,7 +3638,7 @@ def GetFileTime(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("SetFileTime", argc=4) - def SetFileTime(self, emu, argv, ctx: dict[str, str] | None = None): + def SetFileTime(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetFileTime( HANDLE hFile, @@ -3652,7 +3652,7 @@ def SetFileTime(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("CreateDirectory", argc=2) - def CreateDirectory(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateDirectory(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CreateDirectory( LPCSTR lpPathName, @@ -3669,7 +3669,7 @@ def CreateDirectory(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("RemoveDirectory", argc=1) - def RemoveDirectory(self, emu, argv, ctx: dict[str, str] | None = None): + def RemoveDirectory(self, emu, argv, ctx: api.ApiContext = None): """ BOOL RemoveDirectoryA( [in] LPCSTR lpPathName @@ -3686,7 +3686,7 @@ def RemoveDirectory(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("CopyFile", argc=3) - def CopyFile(self, emu, argv, ctx: dict[str, str] | None = None): + def CopyFile(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CopyFile( LPCTSTR lpExistingFileName, @@ -3740,7 +3740,7 @@ def CopyFile(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("MoveFile", argc=2) - def MoveFile(self, emu, argv, ctx: dict[str, str] | None = None): + def MoveFile(self, emu, argv, ctx: api.ApiContext = None): """ BOOL MoveFile( LPCTSTR lpExistingFileName, @@ -3797,7 +3797,7 @@ def MoveFile(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("CreateFile", argc=7) - def CreateFile(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateFile(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE CreateFile( LPTSTR lpFileName, @@ -3877,7 +3877,7 @@ def CreateFile(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("DeleteFile", argc=1) - def DeleteFile(self, emu, argv, ctx: dict[str, str] | None = None): + def DeleteFile(self, emu, argv, ctx: api.ApiContext = None): """ BOOL DeleteFileW( LPCWSTR lpFileName @@ -3902,7 +3902,7 @@ def DeleteFile(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("ReadFile", argc=5) - def ReadFile(self, emu, argv, ctx: dict[str, str] | None = None): + def ReadFile(self, emu, argv, ctx: api.ApiContext = None): """ BOOL ReadFile( HANDLE hFile, @@ -3951,7 +3951,7 @@ def _write_output(emu, data, pBuffer, pBytesRead): return rv @apihook("WriteFile", argc=5) - def WriteFile(self, emu, argv, ctx: dict[str, str] | None = None): + def WriteFile(self, emu, argv, ctx: api.ApiContext = None): """ BOOL WriteFile( HANDLE hFile, @@ -4019,7 +4019,7 @@ def WriteFile(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("SetFilePointer", argc=4) - def SetFilePointer(self, emu, argv, ctx: dict[str, str] | None = None): + def SetFilePointer(self, emu, argv, ctx: api.ApiContext = None): """ DWORD SetFilePointer( HANDLE hFile, @@ -4042,7 +4042,7 @@ def SetFilePointer(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("SetFilePointerEx", argc=4) - def SetFilePointerEx(self, emu, argv, ctx: dict[str, str] | None = None): + def SetFilePointerEx(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetFilePointerEx( [in] HANDLE hFile, @@ -4063,7 +4063,7 @@ def SetFilePointerEx(self, emu, argv, ctx: dict[str, str] | None = None): return False @apihook("GetFileSize", argc=2) - def GetFileSize(self, emu, argv, ctx: dict[str, str] | None = None): + def GetFileSize(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetFileSize( HANDLE hFile, @@ -4092,7 +4092,7 @@ def GetFileSize(self, emu, argv, ctx: dict[str, str] | None = None): return low @apihook("GetFileSizeEx", argc=2) - def GetFileSizeEx(self, emu, argv, ctx: dict[str, str] | None = None): + def GetFileSizeEx(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetFileSizeEx( HANDLE hFile, @@ -4114,7 +4114,7 @@ def GetFileSizeEx(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("CloseHandle", argc=1) - def CloseHandle(self, emu, argv, ctx: dict[str, str] | None = None): + def CloseHandle(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CloseHandle( HANDLE hObject @@ -4138,7 +4138,7 @@ def CloseHandle(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("SetEndOfFile", argc=1) - def SetEndOfFile(self, emu, argv, ctx: dict[str, str] | None = None): + def SetEndOfFile(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetEndOfFile( HANDLE hFile @@ -4148,7 +4148,7 @@ def SetEndOfFile(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("IsDebuggerPresent", argc=0) - def IsDebuggerPresent(self, emu, argv, ctx: dict[str, str] | None = None): + def IsDebuggerPresent(self, emu, argv, ctx: api.ApiContext = None): """ BOOL IsDebuggerPresent(); """ @@ -4157,7 +4157,7 @@ def IsDebuggerPresent(self, emu, argv, ctx: dict[str, str] | None = None): return False @apihook("GetVolumeInformation", argc=8) - def GetVolumeInformation(self, emu, argv, ctx: dict[str, str] | None = None): + def GetVolumeInformation(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetVolumeInformation( LPCSTR lpRootPathName, @@ -4181,7 +4181,7 @@ def GetVolumeInformation(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("CreateEvent", argc=4) - def CreateEvent(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateEvent(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE CreateEvent( LPSECURITY_ATTRIBUTES lpEventAttributes, @@ -4210,7 +4210,7 @@ def CreateEvent(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("CreateWaitableTimer", argc=3) - def CreateWaitableTimer(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateWaitableTimer(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE CreateWaitableTimer( LPSECURITY_ATTRIBUTES lpTimerAttributes, @@ -4239,7 +4239,7 @@ def CreateWaitableTimer(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("CreateWaitableTimerEx", argc=4) - def CreateWaitableTimerEx(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateWaitableTimerEx(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE CreateWaitableTimerEx( LPSECURITY_ATTRIBUTES lpTimerAttributes, @@ -4269,7 +4269,7 @@ def CreateWaitableTimerEx(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("OpenWaitableTimer", argc=3) - def OpenWaitableTimer(self, emu, argv, ctx: dict[str, str] | None = None): + def OpenWaitableTimer(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE OpenWaitableTimer( DWORD dwDesiredAccess, @@ -4298,7 +4298,7 @@ def OpenWaitableTimer(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("SetWaitableTimer", argc=6) - def SetWaitableTimer(self, emu, argv, ctx: dict[str, str] | None = None): + def SetWaitableTimer(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetWaitableTimer( HANDLE hTimer, @@ -4321,7 +4321,7 @@ def SetWaitableTimer(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("CancelWaitableTimer", argc=1) - def CancelWaitableTimer(self, emu, argv, ctx: dict[str, str] | None = None): + def CancelWaitableTimer(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CancelWaitableTimer( HANDLE hTimer @@ -4339,7 +4339,7 @@ def CancelWaitableTimer(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("OpenEvent", argc=3) - def OpenEvent(self, emu, argv, ctx: dict[str, str] | None = None): + def OpenEvent(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE OpenEvent( DWORD dwDesiredAccess, @@ -4368,7 +4368,7 @@ def OpenEvent(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("SetEvent", argc=1) - def SetEvent(self, emu, argv, ctx: dict[str, str] | None = None): + def SetEvent(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetEvent( HANDLE hEvent @@ -4386,7 +4386,7 @@ def SetEvent(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("SetUnhandledExceptionFilter", argc=1) - def SetUnhandledExceptionFilter(self, emu, argv, ctx: dict[str, str] | None = None): + def SetUnhandledExceptionFilter(self, emu, argv, ctx: api.ApiContext = None): """ LPTOP_LEVEL_EXCEPTION_FILTER SetUnhandledExceptionFilter( LPTOP_LEVEL_EXCEPTION_FILTER lpTopLevelExceptionFilter @@ -4400,7 +4400,7 @@ def SetUnhandledExceptionFilter(self, emu, argv, ctx: dict[str, str] | None = No return 0 @apihook("DeleteCriticalSection", argc=1) - def DeleteCriticalSection(self, emu, argv, ctx: dict[str, str] | None = None): + def DeleteCriticalSection(self, emu, argv, ctx: api.ApiContext = None): """ void DeleteCriticalSection( LPCRITICAL_SECTION lpCriticalSection @@ -4411,7 +4411,7 @@ def DeleteCriticalSection(self, emu, argv, ctx: dict[str, str] | None = None): return None @apihook("FlsFree", argc=1) - def FlsFree(self, emu, argv, ctx: dict[str, str] | None = None): + def FlsFree(self, emu, argv, ctx: api.ApiContext = None): """ BOOL FlsFree( DWORD dwFlsIndex @@ -4422,7 +4422,7 @@ def FlsFree(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("TlsFree", argc=1) - def TlsFree(self, emu, argv, ctx: dict[str, str] | None = None): + def TlsFree(self, emu, argv, ctx: api.ApiContext = None): """ BOOL TlsFree( DWORD dwTlsIndex @@ -4433,7 +4433,7 @@ def TlsFree(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("ProcessIdToSessionId", argc=2) - def ProcessIdToSessionId(self, emu, argv, ctx: dict[str, str] | None = None): + def ProcessIdToSessionId(self, emu, argv, ctx: api.ApiContext = None): """ BOOL ProcessIdToSessionId( DWORD dwProcessId, @@ -4457,7 +4457,7 @@ def ProcessIdToSessionId(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("InitializeCriticalSectionEx", argc=3) - def InitializeCriticalSectionEx(self, emu, argv, ctx: dict[str, str] | None = None): + def InitializeCriticalSectionEx(self, emu, argv, ctx: api.ApiContext = None): """ BOOL InitializeCriticalSectionEx( LPCRITICAL_SECTION lpCriticalSection, @@ -4471,7 +4471,7 @@ def InitializeCriticalSectionEx(self, emu, argv, ctx: dict[str, str] | None = No return True @apihook("InitializeCriticalSection", argc=1) - def InitializeCriticalSection(self, emu, argv, ctx: dict[str, str] | None = None): + def InitializeCriticalSection(self, emu, argv, ctx: api.ApiContext = None): """ void InitializeCriticalSection( LPCRITICAL_SECTION lpCriticalSection @@ -4483,7 +4483,7 @@ def InitializeCriticalSection(self, emu, argv, ctx: dict[str, str] | None = None return None @apihook("GetOEMCP", argc=0) - def GetOEMCP(self, emu, argv, ctx: dict[str, str] | None = None): + def GetOEMCP(self, emu, argv, ctx: api.ApiContext = None): """ UINT GetOEMCP(); """ @@ -4491,7 +4491,7 @@ def GetOEMCP(self, emu, argv, ctx: dict[str, str] | None = None): return 1200 @apihook("GlobalLock", argc=1) - def GlobalLock(self, emu, argv, ctx: dict[str, str] | None = None): + def GlobalLock(self, emu, argv, ctx: api.ApiContext = None): """ LPVOID GlobalLock( HGLOBAL hMem @@ -4504,7 +4504,7 @@ def GlobalLock(self, emu, argv, ctx: dict[str, str] | None = None): return hMem @apihook("LocalLock", argc=1) - def LocalLock(self, emu, argv, ctx: dict[str, str] | None = None): + def LocalLock(self, emu, argv, ctx: api.ApiContext = None): """ LPVOID LocalLock( HGLOBAL hMem @@ -4517,7 +4517,7 @@ def LocalLock(self, emu, argv, ctx: dict[str, str] | None = None): return hMem @apihook("HeapDestroy", argc=1) - def HeapDestroy(self, emu, argv, ctx: dict[str, str] | None = None): + def HeapDestroy(self, emu, argv, ctx: api.ApiContext = None): """ BOOL HeapDestroy( HANDLE hHeap @@ -4528,7 +4528,7 @@ def HeapDestroy(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("InitializeSListHead", argc=1) - def InitializeSListHead(self, emu, argv, ctx: dict[str, str] | None = None): + def InitializeSListHead(self, emu, argv, ctx: api.ApiContext = None): """ void InitializeSListHead( PSLIST_HEADER ListHead @@ -4542,7 +4542,7 @@ def InitializeSListHead(self, emu, argv, ctx: dict[str, str] | None = None): return None @apihook("FreeLibrary", argc=1) - def FreeLibrary(self, emu, argv, ctx: dict[str, str] | None = None): + def FreeLibrary(self, emu, argv, ctx: api.ApiContext = None): """ BOOL FreeLibrary( HMODULE hLibModule @@ -4553,7 +4553,7 @@ def FreeLibrary(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("WaitForSingleObject", argc=2) - def WaitForSingleObject(self, emu, argv, ctx: dict[str, str] | None = None): + def WaitForSingleObject(self, emu, argv, ctx: api.ApiContext = None): """ DWORD WaitForSingleObject( HANDLE hHandle, @@ -4572,7 +4572,7 @@ def WaitForSingleObject(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetConsoleMode", argc=2) - def GetConsoleMode(self, emu, argv, ctx: dict[str, str] | None = None): + def GetConsoleMode(self, emu, argv, ctx: api.ApiContext = None): """ BOOL WINAPI GetConsoleMode( _In_ HANDLE hConsoleHandle, @@ -4584,7 +4584,7 @@ def GetConsoleMode(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("HeapSetInformation", argc=4) - def HeapSetInformation(self, emu, argv, ctx: dict[str, str] | None = None): + def HeapSetInformation(self, emu, argv, ctx: api.ApiContext = None): """ BOOL HeapSetInformation( HANDLE HeapHandle, @@ -4598,7 +4598,7 @@ def HeapSetInformation(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("SetErrorMode", argc=1) - def SetErrorMode(self, emu, argv, ctx: dict[str, str] | None = None): + def SetErrorMode(self, emu, argv, ctx: api.ApiContext = None): """ UINT SetErrorMode( UINT uMode @@ -4608,7 +4608,7 @@ def SetErrorMode(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("InterlockedCompareExchange", argc=3) - def InterlockedCompareExchange(self, emu, argv, ctx: dict[str, str] | None = None): + def InterlockedCompareExchange(self, emu, argv, ctx: api.ApiContext = None): """ LONG InterlockedCompareExchange( LONG volatile *Destination, @@ -4628,7 +4628,7 @@ def InterlockedCompareExchange(self, emu, argv, ctx: dict[str, str] | None = Non return dest @apihook("InterlockedExchange", argc=2) - def InterlockedExchange(self, emu, argv, ctx: dict[str, str] | None = None): + def InterlockedExchange(self, emu, argv, ctx: api.ApiContext = None): """ LONG InterlockedExchange( LONG volatile *Target, @@ -4647,7 +4647,7 @@ def InterlockedExchange(self, emu, argv, ctx: dict[str, str] | None = None): return tgt @apihook("CreateNamedPipe", argc=8) - def CreateNamedPipe(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateNamedPipe(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE CreateNamedPipe( LPCSTR lpName, @@ -4685,7 +4685,7 @@ def CreateNamedPipe(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("CreatePipe", argc=4) - def CreatePipe(self, emu, argv, ctx: dict[str, str] | None = None): + def CreatePipe(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CreatePipe( PHANDLE hReadPipe, @@ -4712,7 +4712,7 @@ def CreatePipe(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("PeekNamedPipe", argc=6) - def PeekNamedPipe(self, emu, argv, ctx: dict[str, str] | None = None): + def PeekNamedPipe(self, emu, argv, ctx: api.ApiContext = None): """ BOOL PeekNamedPipe( HANDLE hNamedPipe, @@ -4741,7 +4741,7 @@ def PeekNamedPipe(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("ConnectNamedPipe", argc=2) - def ConnectNamedPipe(self, emu, argv, ctx: dict[str, str] | None = None): + def ConnectNamedPipe(self, emu, argv, ctx: api.ApiContext = None): """ BOOL ConnectNamedPipe( HANDLE hNamedPipe, @@ -4757,7 +4757,7 @@ def ConnectNamedPipe(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("DisconnectNamedPipe", argc=1) - def DisconnectNamedPipe(self, emu, argv, ctx: dict[str, str] | None = None): + def DisconnectNamedPipe(self, emu, argv, ctx: api.ApiContext = None): """ BOOL DisconnectNamedPipe( HANDLE hNamedPipe @@ -4772,7 +4772,7 @@ def DisconnectNamedPipe(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetLocaleInfo", argc=4) - def GetLocaleInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def GetLocaleInfo(self, emu, argv, ctx: api.ApiContext = None): """ int GetLocaleInfo( LCID Locale, @@ -4807,7 +4807,7 @@ def GetLocaleInfo(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("IsWow64Process", argc=2) - def IsWow64Process(self, emu, argv, ctx: dict[str, str] | None = None): + def IsWow64Process(self, emu, argv, ctx: api.ApiContext = None): """ BOOL IsWow64Process( HANDLE hProcess, @@ -4825,7 +4825,7 @@ def IsWow64Process(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CheckRemoteDebuggerPresent", argc=2) - def CheckRemoteDebuggerPresent(self, emu, argv, ctx: dict[str, str] | None = None): + def CheckRemoteDebuggerPresent(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CheckRemoteDebuggerPresent( HANDLE hProcess, @@ -4843,7 +4843,7 @@ def CheckRemoteDebuggerPresent(self, emu, argv, ctx: dict[str, str] | None = Non return rv @apihook("GetComputerName", argc=2) - def GetComputerName(self, emu, argv, ctx: dict[str, str] | None = None): + def GetComputerName(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetComputerName( LPSTR lpBuffer, @@ -4873,7 +4873,7 @@ def GetComputerName(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetVersionEx", argc=1) - def GetVersionEx(self, emu, argv, ctx: dict[str, str] | None = None): + def GetVersionEx(self, emu, argv, ctx: api.ApiContext = None): """ NOT_BUILD_WINDOWS_DEPRECATE BOOL GetVersionEx( LPOSVERSIONINFO lpVersionInformation @@ -4901,7 +4901,7 @@ def GetVersionEx(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetEnvironmentVariable", argc=3) - def GetEnvironmentVariable(self, emu, argv, ctx: dict[str, str] | None = None): + def GetEnvironmentVariable(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetEnvironmentVariable( LPCTSTR lpName, @@ -4933,7 +4933,7 @@ def GetEnvironmentVariable(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetCurrentPackageId", argc=2) - def GetCurrentPackageId(self, emu, argv, ctx: dict[str, str] | None = None): + def GetCurrentPackageId(self, emu, argv, ctx: api.ApiContext = None): """ LONG GetCurrentPackageId( UINT32 *bufferLength, @@ -4944,7 +4944,7 @@ def GetCurrentPackageId(self, emu, argv, ctx: dict[str, str] | None = None): return windefs.ERROR_SUCCESS @apihook("AreFileApisANSI", argc=0) - def AreFileApisANSI(self, emu, argv, ctx: dict[str, str] | None = None): + def AreFileApisANSI(self, emu, argv, ctx: api.ApiContext = None): """ BOOL AreFileApisANSI(); """ @@ -4952,7 +4952,7 @@ def AreFileApisANSI(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("FindFirstFileEx", argc=6) - def FindFirstFileEx(self, emu, argv, ctx: dict[str, str] | None = None): + def FindFirstFileEx(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE FindFirstFileExA( LPCSTR lpFileName, @@ -4980,7 +4980,7 @@ def FindFirstFileEx(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("FindFirstFile", argc=2) - def FindFirstFile(self, emu, argv, ctx: dict[str, str] | None = None): + def FindFirstFile(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE FindFirstFileA( LPCSTR lpFileName, @@ -5024,7 +5024,7 @@ def FindFirstFile(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("FindNextFile", argc=2) - def FindNextFile(self, emu, argv, ctx: dict[str, str] | None = None): + def FindNextFile(self, emu, argv, ctx: api.ApiContext = None): """ BOOL FindNextFile( HANDLE hFindFile, @@ -5067,7 +5067,7 @@ def FindNextFile(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("FindClose", argc=1) - def FindClose(self, emu, argv, ctx: dict[str, str] | None = None): + def FindClose(self, emu, argv, ctx: api.ApiContext = None): """ BOOL FindClose( HANDLE hFindFile @@ -5085,7 +5085,7 @@ def FindClose(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("GetSystemTimes", argc=3) - def GetSystemTimes(self, emu, argv, ctx: dict[str, str] | None = None): + def GetSystemTimes(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetSystemTimes( PFILETIME lpIdleTime, @@ -5110,7 +5110,7 @@ def GetSystemTimes(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("GetThreadContext", argc=2) - def GetThreadContext(self, emu, argv, ctx: dict[str, str] | None = None): + def GetThreadContext(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetThreadContext( HANDLE hThread, @@ -5132,7 +5132,7 @@ def GetThreadContext(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("SetThreadContext", argc=2) - def SetThreadContext(self, emu, argv, ctx: dict[str, str] | None = None): + def SetThreadContext(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetThreadContext( HANDLE hThread, @@ -5158,7 +5158,7 @@ def SetThreadContext(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("CompareFileTime", argc=2) - def CompareFileTime(self, emu, argv, ctx: dict[str, str] | None = None): + def CompareFileTime(self, emu, argv, ctx: api.ApiContext = None): """ LONG CompareFileTime( const FILETIME *lpFileTime1, @@ -5188,7 +5188,7 @@ def CompareFileTime(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("FindResource", argc=3) - def FindResource(self, emu, argv, ctx: dict[str, str] | None = None): + def FindResource(self, emu, argv, ctx: api.ApiContext = None): """ HRSRC FindResourceA( HMODULE hModule, @@ -5223,7 +5223,7 @@ def FindResource(self, emu, argv, ctx: dict[str, str] | None = None): return pe.base + res.entry_rva @apihook("FindResourceEx", argc=4) - def FindResourceEx(self, emu, argv, ctx: dict[str, str] | None = None): + def FindResourceEx(self, emu, argv, ctx: api.ApiContext = None): """ HRSRC FindResourceExW( [in, optional] HMODULE hModule, @@ -5258,7 +5258,7 @@ def FindResourceEx(self, emu, argv, ctx: dict[str, str] | None = None): return pe.base + res.entry_rva @apihook("LoadResource", argc=2) - def LoadResource(self, emu, argv, ctx: dict[str, str] | None = None): + def LoadResource(self, emu, argv, ctx: api.ApiContext = None): """ HGLOBAL LoadResource( HMODULE hModule, @@ -5286,7 +5286,7 @@ def LoadResource(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("LockResource", argc=1) - def LockResource(self, emu, argv, ctx: dict[str, str] | None = None): + def LockResource(self, emu, argv, ctx: api.ApiContext = None): """ LPVOID LockResource( HGLOBAL hResData @@ -5299,7 +5299,7 @@ def LockResource(self, emu, argv, ctx: dict[str, str] | None = None): return hResData @apihook("SizeofResource", argc=2) - def SizeofResource(self, emu, argv, ctx: dict[str, str] | None = None): + def SizeofResource(self, emu, argv, ctx: api.ApiContext = None): """ DWORD SizeofResource( HMODULE hModule, @@ -5321,7 +5321,7 @@ def SizeofResource(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("FreeResource", argc=1) - def FreeResource(self, emu, argv, ctx: dict[str, str] | None = None): + def FreeResource(self, emu, argv, ctx: api.ApiContext = None): """ BOOL FreeResource( [in] HGLOBAL hResData @@ -5332,7 +5332,7 @@ def FreeResource(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetCurrentDirectory", argc=2) - def GetCurrentDirectory(self, emu, argv, ctx: dict[str, str] | None = None): + def GetCurrentDirectory(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetCurrentDirectory( DWORD nBufferLength, @@ -5354,7 +5354,7 @@ def GetCurrentDirectory(self, emu, argv, ctx: dict[str, str] | None = None): return len(cd) @apihook("VirtualAllocExNuma", argc=6) - def VirtualAllocExNuma(self, emu, argv, ctx: dict[str, str] | None = None): + def VirtualAllocExNuma(self, emu, argv, ctx: api.ApiContext = None): """ LPVOID VirtualAllocExNuma( HANDLE hProcess, @@ -5371,7 +5371,7 @@ def VirtualAllocExNuma(self, emu, argv, ctx: dict[str, str] | None = None): return self.VirtualAllocEx(emu, argv, ctx) @apihook("GetNativeSystemInfo", argc=1) - def GetNativeSystemInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def GetNativeSystemInfo(self, emu, argv, ctx: api.ApiContext = None): """ void GetNativeSystemInfo( LPSYSTEM_INFO lpSystemInfo @@ -5382,7 +5382,7 @@ def GetNativeSystemInfo(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetUserDefaultUILanguage", argc=0) - def GetUserDefaultUILanguage(self, emu, argv, ctx: dict[str, str] | None = None): + def GetUserDefaultUILanguage(self, emu, argv, ctx: api.ApiContext = None): """ LANGID GetUserDefaultUILanguage(); """ @@ -5390,7 +5390,7 @@ def GetUserDefaultUILanguage(self, emu, argv, ctx: dict[str, str] | None = None) return 0xFFFF @apihook("SetCurrentDirectory", argc=1) - def SetCurrentDirectory(self, emu, argv, ctx: dict[str, str] | None = None): + def SetCurrentDirectory(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetCurrentDirectory( LPCTSTR lpPathName @@ -5408,7 +5408,7 @@ def SetCurrentDirectory(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("OpenThread", argc=3) - def OpenThread(self, emu, argv, ctx: dict[str, str] | None = None): + def OpenThread(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE OpenThread( DWORD dwDesiredAccess, @@ -5425,7 +5425,7 @@ def OpenThread(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("RaiseException", argc=4) - def RaiseException(self, emu, argv, ctx: dict[str, str] | None = None): + def RaiseException(self, emu, argv, ctx: api.ApiContext = None): """ VOID RaiseException( DWORD dwExceptionCode, @@ -5441,7 +5441,7 @@ def RaiseException(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("VerSetConditionMask", argc=3, conv=e_arch.CALL_CONV_CDECL) - def VerSetConditionMask(self, emu, argv, ctx: dict[str, str] | None = None): + def VerSetConditionMask(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI ULONGLONG VerSetConditionMask( ULONGLONG ConditionMask, @@ -5456,7 +5456,7 @@ def VerSetConditionMask(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("VerifyVersionInfo", argc=3, conv=e_arch.CALL_CONV_CDECL) - def VerifyVersionInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def VerifyVersionInfo(self, emu, argv, ctx: api.ApiContext = None): """ BOOL VerifyVersionInfo( LPOSVERSIONINFOEX lpVersionInformation, @@ -5471,7 +5471,7 @@ def VerifyVersionInfo(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("FreeConsole", argc=0) - def FreeConsole(self, emu, argv, ctx: dict[str, str] | None = None): + def FreeConsole(self, emu, argv, ctx: api.ApiContext = None): """ BOOL WINAPI FreeConsole(void); """ @@ -5479,7 +5479,7 @@ def FreeConsole(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("IsBadWritePtr", argc=2) - def IsBadWritePtr(self, emu, argv, ctx: dict[str, str] | None = None): + def IsBadWritePtr(self, emu, argv, ctx: api.ApiContext = None): """ BOOL IsBadWritePtr( LPVOID lp, @@ -5501,7 +5501,7 @@ def IsBadWritePtr(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("IsBadStringPtr", argc=2) - def IsBadStringPtr(self, emu, argv, ctx: dict[str, str] | None = None): + def IsBadStringPtr(self, emu, argv, ctx: api.ApiContext = None): """ BOOL IsBadStringPtrW( LPCWSTR lpsz, @@ -5523,7 +5523,7 @@ def IsBadStringPtr(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetSystemFirmwareTable", argc=4) - def GetSystemFirmwareTable(self, emu, argv, ctx: dict[str, str] | None = None): + def GetSystemFirmwareTable(self, emu, argv, ctx: api.ApiContext = None): """ UINT GetSystemFirmwareTable( DWORD FirmwareTableProviderSignature, @@ -5544,7 +5544,7 @@ def GetSystemFirmwareTable(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetTempPath", argc=2) - def GetTempPath(self, emu, argv, ctx: dict[str, str] | None = None): + def GetTempPath(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetTempPathA( DWORD nBufferLength, @@ -5568,7 +5568,7 @@ def GetTempPath(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("SetPriorityClass", argc=2) - def SetPriorityClass(self, emu, argv, ctx: dict[str, str] | None = None): + def SetPriorityClass(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetPriorityClass( HANDLE hProcess, @@ -5579,7 +5579,7 @@ def SetPriorityClass(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("SetProcessPriorityBoost", argc=2) - def SetProcessPriorityBoost(self, emu, argv, ctx: dict[str, str] | None = None): + def SetProcessPriorityBoost(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetProcessPriorityBoost( HANDLE hProcess, @@ -5591,7 +5591,7 @@ def SetProcessPriorityBoost(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetDriveType", argc=1) - def GetDriveType(self, emu, argv, ctx: dict[str, str] | None = None): + def GetDriveType(self, emu, argv, ctx: api.ApiContext = None): """ UINT GetDriveType( LPCSTR lpRootPathName @@ -5615,7 +5615,7 @@ def GetDriveType(self, emu, argv, ctx: dict[str, str] | None = None): return dm.get_drive_type(name) @apihook("GetExitCodeProcess", argc=2) - def GetExitCodeProcess(self, emu, argv, ctx: dict[str, str] | None = None): + def GetExitCodeProcess(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetExitCodeProcess( HANDLE hProcess, @@ -5629,7 +5629,7 @@ def GetExitCodeProcess(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("SetThreadPriority", argc=2) - def SetThreadPriority(self, emu, argv, ctx: dict[str, str] | None = None): + def SetThreadPriority(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetThreadPriority( HANDLE hThread, @@ -5640,7 +5640,7 @@ def SetThreadPriority(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("ReleaseMutex", argc=1) - def ReleaseMutex(self, emu, argv, ctx: dict[str, str] | None = None): + def ReleaseMutex(self, emu, argv, ctx: api.ApiContext = None): """ BOOL ReleaseMutex( HANDLE hMutex @@ -5650,7 +5650,7 @@ def ReleaseMutex(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetShortPathName", argc=3) - def GetShortPathName(self, emu, argv, ctx: dict[str, str] | None = None): + def GetShortPathName(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetShortPathNameW( LPCWSTR lpszLongPath, @@ -5700,7 +5700,7 @@ def GetShortPathName(self, emu, argv, ctx: dict[str, str] | None = None): return len(out) + 1 @apihook("GetLongPathName", argc=3) - def GetLongPathName(self, emu, argv, ctx: dict[str, str] | None = None): + def GetLongPathName(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetLongPathNameA( LPCSTR lpszShortPath, @@ -5722,7 +5722,7 @@ def GetLongPathName(self, emu, argv, ctx: dict[str, str] | None = None): return len(s) * cw + 1 @apihook("QueueUserAPC", argc=3) - def QueueUserAPC(self, emu, argv, ctx: dict[str, str] | None = None): + def QueueUserAPC(self, emu, argv, ctx: api.ApiContext = None): """ DWORD QueueUserAPC( PAPCFUNC pfnAPC, @@ -5736,7 +5736,7 @@ def QueueUserAPC(self, emu, argv, ctx: dict[str, str] | None = None): self.create_thread(pfnAPC, dwData, 0, thread_type=run_type) @apihook("DuplicateHandle", argc=7) - def DuplicateHandle(self, emu, argv, ctx: dict[str, str] | None = None): + def DuplicateHandle(self, emu, argv, ctx: api.ApiContext = None): """ BOOL DuplicateHandle( HANDLE hSourceProcessHandle, @@ -5752,7 +5752,7 @@ def DuplicateHandle(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetBinaryType", argc=2) - def GetBinaryType(self, emu, argv, ctx: dict[str, str] | None = None): + def GetBinaryType(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetBinaryTypeA( LPCSTR lpApplicationName, @@ -5763,7 +5763,7 @@ def GetBinaryType(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetThreadUILanguage", argc=0) - def GetThreadUILanguage(self, emu, argv, ctx: dict[str, str] | None = None): + def GetThreadUILanguage(self, emu, argv, ctx: api.ApiContext = None): """ LANGID GetThreadUILanguage(); """ @@ -5771,7 +5771,7 @@ def GetThreadUILanguage(self, emu, argv, ctx: dict[str, str] | None = None): return 0xFFFF @apihook("SetConsoleHistoryInfo", argc=1) - def SetConsoleHistoryInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def SetConsoleHistoryInfo(self, emu, argv, ctx: api.ApiContext = None): """ BOOL WINAPI SetConsoleHistoryInfo( _In_ PCONSOLE_HISTORY_INFO lpConsoleHistoryInfo @@ -5781,7 +5781,7 @@ def SetConsoleHistoryInfo(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetFileInformationByHandle", argc=2) - def GetFileInformationByHandle(self, emu, argv, ctx: dict[str, str] | None = None): + def GetFileInformationByHandle(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetFileInformationByHandle( HANDLE hFile, @@ -5792,7 +5792,7 @@ def GetFileInformationByHandle(self, emu, argv, ctx: dict[str, str] | None = Non return 0 @apihook("GetCommProperties", argc=2) - def GetCommProperties(self, emu, argv, ctx: dict[str, str] | None = None): + def GetCommProperties(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetCommProperties( HANDLE hFile, @@ -5803,7 +5803,7 @@ def GetCommProperties(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetCommTimeouts", argc=2) - def GetCommTimeouts(self, emu, argv, ctx: dict[str, str] | None = None): + def GetCommTimeouts(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetCommTimeouts( HANDLE hFile, @@ -5814,7 +5814,7 @@ def GetCommTimeouts(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("AddAtom", argc=1) - def AddAtom(self, emu, argv, ctx: dict[str, str] | None = None): + def AddAtom(self, emu, argv, ctx: api.ApiContext = None): """ ATOM AddAtomW( LPCWSTR lpString @@ -5836,7 +5836,7 @@ def AddAtom(self, emu, argv, ctx: dict[str, str] | None = None): return self.add_local_atom(s) @apihook("FindAtom", argc=1) - def FindAtom(self, emu, argv, ctx: dict[str, str] | None = None): + def FindAtom(self, emu, argv, ctx: api.ApiContext = None): """ ATOM FindAtomA( LPCSTR lpString @@ -5863,7 +5863,7 @@ def FindAtom(self, emu, argv, ctx: dict[str, str] | None = None): return atom @apihook("GetAtomName", argc=3) - def GetAtomName(self, emu, argv, ctx: dict[str, str] | None = None): + def GetAtomName(self, emu, argv, ctx: api.ApiContext = None): """ UINT GetAtomNameA( ATOM nAtom, @@ -5892,7 +5892,7 @@ def GetAtomName(self, emu, argv, ctx: dict[str, str] | None = None): return len(s) - 1 @apihook("DeleteAtom", argc=1) - def DeleteAtom(self, emu, argv, ctx: dict[str, str] | None = None): + def DeleteAtom(self, emu, argv, ctx: api.ApiContext = None): """ ATOM DeleteAtom( ATOM nAtom @@ -5912,7 +5912,7 @@ def DeleteAtom(self, emu, argv, ctx: dict[str, str] | None = None): return nAtom @apihook("GetProcessHandleCount", argc=1) - def GetProcessHandleCount(self, emu, argv, ctx: dict[str, str] | None = None): + def GetProcessHandleCount(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetProcessHandleCount( HANDLE hProcess, @@ -5923,7 +5923,7 @@ def GetProcessHandleCount(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetMailslotInfo", argc=5) - def GetMailslotInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def GetMailslotInfo(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetMailslotInfo( HANDLE hMailslot, @@ -5937,7 +5937,7 @@ def GetMailslotInfo(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("RtlZeroMemory", argc=2) - def RtlZeroMemory(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlZeroMemory(self, emu, argv, ctx: api.ApiContext = None): """ void RtlZeroMemory( void* Destination, @@ -5950,7 +5950,7 @@ def RtlZeroMemory(self, emu, argv, ctx: dict[str, str] | None = None): self.mem_write(dest, buf) @apihook("RtlMoveMemory", argc=3) - def RtlMoveMemory(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlMoveMemory(self, emu, argv, ctx: api.ApiContext = None): """ void RtlMoveMemory(void* pvDest, const void *pSrc, size_t Length); """ @@ -5960,7 +5960,7 @@ def RtlMoveMemory(self, emu, argv, ctx: dict[str, str] | None = None): self.mem_write(dest, buf) @apihook("QueryPerformanceFrequency", argc=1) - def QueryPerformanceFrequency(self, emu, argv, ctx: dict[str, str] | None = None): + def QueryPerformanceFrequency(self, emu, argv, ctx: api.ApiContext = None): """ BOOL QueryPerformanceFrequency( LARGE_INTEGER *lpFrequency @@ -5972,7 +5972,7 @@ def QueryPerformanceFrequency(self, emu, argv, ctx: dict[str, str] | None = None return 1 @apihook("FindFirstVolume", argc=2) - def FindFirstVolume(self, emu, argv, ctx: dict[str, str] | None = None): + def FindFirstVolume(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE FindFirstVolumeW( LPWSTR lpszVolumeName, @@ -6000,7 +6000,7 @@ def FindFirstVolume(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("FindNextVolume", argc=3) - def FindNextVolume(self, emu, argv, ctx: dict[str, str] | None = None): + def FindNextVolume(self, emu, argv, ctx: api.ApiContext = None): """ BOOL FindNextVolumeW( HANDLE hFindVolume, @@ -6032,7 +6032,7 @@ def FindNextVolume(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("FindVolumeClose", argc=1) - def FindVolumeClose(self, emu, argv, ctx: dict[str, str] | None = None): + def FindVolumeClose(self, emu, argv, ctx: api.ApiContext = None): """ BOOL FindVolumeClose( HANDLE hFindVolume @@ -6049,7 +6049,7 @@ def FindVolumeClose(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("CreateIoCompletionPort", argc=4) - def CreateIoCompletionPort(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateIoCompletionPort(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE WINAPI CreateIoCompletionPort( _In_ HANDLE FileHandle, @@ -6067,7 +6067,7 @@ def CreateIoCompletionPort(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("GetVolumePathNamesForVolumeName", argc=4) - def GetVolumePathNamesForVolumeName(self, emu, argv, ctx: dict[str, str] | None = None): + def GetVolumePathNamesForVolumeName(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetVolumePathNamesForVolumeNameW( LPCWSTR lpszVolumeName, @@ -6108,7 +6108,7 @@ def GetVolumePathNamesForVolumeName(self, emu, argv, ctx: dict[str, str] | None return rv @apihook("GetLogicalDrives", argc=0) - def GetLogicalDrives(self, emu, argv, ctx: dict[str, str] | None = None): + def GetLogicalDrives(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetLogicalDrives(); """ @@ -6122,7 +6122,7 @@ def GetLogicalDrives(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GlobalMemoryStatus", argc=1) - def GlobalMemoryStatus(self, emu, argv, ctx: dict[str, str] | None = None): + def GlobalMemoryStatus(self, emu, argv, ctx: api.ApiContext = None): """ void GlobalMemoryStatus( LPMEMORYSTATUS lpBuffer @@ -6132,7 +6132,7 @@ def GlobalMemoryStatus(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("GlobalMemoryStatusEx", argc=1) - def GlobalMemoryStatusEx(self, emu, argv, ctx: dict[str, str] | None = None): + def GlobalMemoryStatusEx(self, emu, argv, ctx: api.ApiContext = None): """ void GlobalMemoryStatusEx( LPMEMORYSTATUSEX lpBuffer @@ -6169,7 +6169,7 @@ def GlobalMemoryStatusEx(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("GetDiskFreeSpaceEx", argc=4) - def GetDiskFreeSpaceEx(self, emu, argv, ctx: dict[str, str] | None = None): + def GetDiskFreeSpaceEx(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetDiskFreeSpaceEx( LPCSTR lpDirectoryName, @@ -6182,7 +6182,7 @@ def GetDiskFreeSpaceEx(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("GetSystemDefaultLangID", argc=0) - def GetSystemDefaultLangID(self, emu, argv, ctx: dict[str, str] | None = None): + def GetSystemDefaultLangID(self, emu, argv, ctx: api.ApiContext = None): """ LANGID GetSystemDefaultLangID(); """ @@ -6190,7 +6190,7 @@ def GetSystemDefaultLangID(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("ResetEvent", argc=1) - def ResetEvent(self, emu, argv, ctx: dict[str, str] | None = None): + def ResetEvent(self, emu, argv, ctx: api.ApiContext = None): """ BOOL ResetEvent( HANDLE hEvent @@ -6200,7 +6200,7 @@ def ResetEvent(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("WaitForMultipleObjects", argc=4) - def WaitForMultipleObjects(self, emu, argv, ctx: dict[str, str] | None = None): + def WaitForMultipleObjects(self, emu, argv, ctx: api.ApiContext = None): """ DWORD WaitForMultipleObjects( DWORD nCount, @@ -6213,7 +6213,7 @@ def WaitForMultipleObjects(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetComputerNameEx", argc=3) - def GetComputerNameEx(self, emu, argv, ctx: dict[str, str] | None = None): + def GetComputerNameEx(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetComputerNameExA( COMPUTER_NAME_FORMAT NameType, @@ -6242,7 +6242,7 @@ def GetComputerNameEx(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetDateFormat", argc=6) - def GetDateFormat(self, emu, argv, ctx: dict[str, str] | None = None): + def GetDateFormat(self, emu, argv, ctx: api.ApiContext = None): """ int GetDateFormatA( LCID Locale, @@ -6293,7 +6293,7 @@ def GetDateFormat(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("DeviceIoControl", argc=8) - def DeviceIoControl(self, emu, argv, ctx: dict[str, str] | None = None): + def DeviceIoControl(self, emu, argv, ctx: api.ApiContext = None): """ BOOL DeviceIoControl( HANDLE hDevice, @@ -6348,7 +6348,7 @@ def DeviceIoControl(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetTimeFormat", argc=6) - def GetTimeFormat(self, emu, argv, ctx: dict[str, str] | None = None): + def GetTimeFormat(self, emu, argv, ctx: api.ApiContext = None): """ int GetTimeFormatA( LCID Locale, @@ -6403,7 +6403,7 @@ def GetTimeFormat(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("FlushFileBuffers", argc=1) - def FlushFileBuffers(self, emu, argv, ctx: dict[str, str] | None = None): + def FlushFileBuffers(self, emu, argv, ctx: api.ApiContext = None): """BOOL FlushFileBuffers( HANDLE hFile );""" @@ -6416,7 +6416,7 @@ def FlushFileBuffers(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetExitCodeThread", argc=2) - def GetExitCodeThread(self, emu, argv, ctx: dict[str, str] | None = None): + def GetExitCodeThread(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetExitCodeThread( HANDLE hThread, @@ -6431,7 +6431,7 @@ def GetExitCodeThread(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("InitializeConditionVariable", argc=1) - def InitializeConditionVariable(self, emu, argv, ctx: dict[str, str] | None = None): + def InitializeConditionVariable(self, emu, argv, ctx: api.ApiContext = None): """ void InitializeConditionVariable( PCONDITION_VARIABLE ConditionVariable @@ -6444,7 +6444,7 @@ def InitializeConditionVariable(self, emu, argv, ctx: dict[str, str] | None = No return rv @apihook("WakeAllConditionVariable", argc=1) - def WakeAllConditionVariable(self, emu, argv, ctx: dict[str, str] | None = None): + def WakeAllConditionVariable(self, emu, argv, ctx: api.ApiContext = None): """ void WakeAllConditionVariable( PCONDITION_VARIABLE ConditionVariable @@ -6454,7 +6454,7 @@ def WakeAllConditionVariable(self, emu, argv, ctx: dict[str, str] | None = None) return @apihook("Wow64DisableWow64FsRedirection", argc=1) - def Wow64DisableWow64FsRedirection(self, emu, argv, ctx: dict[str, str] | None = None): + def Wow64DisableWow64FsRedirection(self, emu, argv, ctx: api.ApiContext = None): """ BOOL Wow64DisableWow64FsRedirection( PVOID *OldValue @@ -6467,7 +6467,7 @@ def Wow64DisableWow64FsRedirection(self, emu, argv, ctx: dict[str, str] | None = return rv @apihook("Wow64RevertWow64FsRedirection", argc=1) - def Wow64RevertWow64FsRedirection(self, emu, argv, ctx: dict[str, str] | None = None): + def Wow64RevertWow64FsRedirection(self, emu, argv, ctx: api.ApiContext = None): """ BOOL Wow64RevertWow64FsRedirection( PVOID OlValue @@ -6480,7 +6480,7 @@ def Wow64RevertWow64FsRedirection(self, emu, argv, ctx: dict[str, str] | None = return rv @apihook("EnumProcesses", argc=3) - def EnumProcesses(self, emu, argv, ctx: dict[str, str] | None = None): + def EnumProcesses(self, emu, argv, ctx: api.ApiContext = None): """ BOOL EnumProcesses( DWORD *lpidProcess, @@ -6506,7 +6506,7 @@ def EnumProcesses(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetModuleFileNameExA", argc=4) - def GetModuleFileNameExA(self, emu, argv, ctx: dict[str, str] | None = None): + def GetModuleFileNameExA(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetModuleFileNameExA( HANDLE hProcess, @@ -6549,7 +6549,7 @@ def GetModuleFileNameExA(self, emu, argv, ctx: dict[str, str] | None = None): return size @apihook("GetThreadPriority", argc=1) - def GetThreadPriority(self, emu, argv, ctx: dict[str, str] | None = None): + def GetThreadPriority(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE hThread; """ @@ -6557,7 +6557,7 @@ def GetThreadPriority(self, emu, argv, ctx: dict[str, str] | None = None): return k32types.THREAD_PRIORITY_NORMAL @apihook("RtlUnwind", argc=4) - def RtlUnwind(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlUnwind(self, emu, argv, ctx: api.ApiContext = None): """ VOID RtlUnwind( PVOID TargetFrame, @@ -6570,7 +6570,7 @@ def RtlUnwind(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("UnhandledExceptionFilter", argc=1) - def UnhandledExceptionFilter(self, emu, argv, ctx: dict[str, str] | None = None): + def UnhandledExceptionFilter(self, emu, argv, ctx: api.ApiContext = None): """ _EXCEPTION_POINTERS *ExceptionInfo; """ @@ -6578,7 +6578,7 @@ def UnhandledExceptionFilter(self, emu, argv, ctx: dict[str, str] | None = None) return k32types.EXCEPTION_EXECUTE_HANDLER @apihook("GetSystemTimePreciseAsFileTime", argc=1) - def GetSystemTimePreciseAsFileTime(self, emu, argv, ctx: dict[str, str] | None = None): + def GetSystemTimePreciseAsFileTime(self, emu, argv, ctx: api.ApiContext = None): """void GetSystemTimePreciseAsFileTime( LPFILETIME lpSystemTimeAsFileTime );""" @@ -6596,7 +6596,7 @@ def GetSystemTimePreciseAsFileTime(self, emu, argv, ctx: dict[str, str] | None = return @apihook("AddVectoredExceptionHandler", argc=2) - def AddVectoredExceptionHandler(self, emu, argv, ctx: dict[str, str] | None = None): + def AddVectoredExceptionHandler(self, emu, argv, ctx: api.ApiContext = None): """ PVOID AddVectoredExceptionHandler( ULONG First, @@ -6611,7 +6611,7 @@ def AddVectoredExceptionHandler(self, emu, argv, ctx: dict[str, str] | None = No return Handler @apihook("RemoveVectoredExceptionHandler", argc=1) - def RemoveVectoredExceptionHandler(self, emu, argv, ctx: dict[str, str] | None = None): + def RemoveVectoredExceptionHandler(self, emu, argv, ctx: api.ApiContext = None): """ ULONG RemoveVectoredExceptionHandler( PVOID Handle); @@ -6622,7 +6622,7 @@ def RemoveVectoredExceptionHandler(self, emu, argv, ctx: dict[str, str] | None = return 1 @apihook("GetSystemDefaultUILanguage", argc=0) - def GetSystemDefaultUILanguage(self, emu, argv, ctx: dict[str, str] | None = None): + def GetSystemDefaultUILanguage(self, emu, argv, ctx: api.ApiContext = None): """ LANGID GetSystemDefaultUILanguage(); """ @@ -6630,7 +6630,7 @@ def GetSystemDefaultUILanguage(self, emu, argv, ctx: dict[str, str] | None = Non return LANG_EN_US @apihook("GetUserDefaultLangID", argc=0) - def GetUserDefaultLangID(self, emu, argv, ctx: dict[str, str] | None = None): + def GetUserDefaultLangID(self, emu, argv, ctx: api.ApiContext = None): """ LANGID GetUserDefaultLangID(); """ @@ -6638,7 +6638,7 @@ def GetUserDefaultLangID(self, emu, argv, ctx: dict[str, str] | None = None): return LANG_EN_US @apihook("GetUserDefaultLCID", argc=0) - def GetUserDefaultLCID(self, emu, argv, ctx: dict[str, str] | None = None): + def GetUserDefaultLCID(self, emu, argv, ctx: api.ApiContext = None): """ LCID GetUserDefaultLCID(); """ @@ -6647,7 +6647,7 @@ def GetUserDefaultLCID(self, emu, argv, ctx: dict[str, str] | None = None): return LOCALE_USER_DEFAULT @apihook("GetSystemDefaultLCID", argc=0) - def GetSystemDefaultLCID(self, emu, argv, ctx: dict[str, str] | None = None): + def GetSystemDefaultLCID(self, emu, argv, ctx: api.ApiContext = None): """ LCID GetUserDefaultLCID(); """ @@ -6656,7 +6656,7 @@ def GetSystemDefaultLCID(self, emu, argv, ctx: dict[str, str] | None = None): return LOCALE_SYSTEM_DEFAULT @apihook("GetTempFileName", argc=4) - def GetTempFileName(self, emu, argv, ctx: dict[str, str] | None = None): + def GetTempFileName(self, emu, argv, ctx: api.ApiContext = None): """ UINT GetTempFileName( [in] LPCSTR lpPathName, @@ -6684,7 +6684,7 @@ def GetTempFileName(self, emu, argv, ctx: dict[str, str] | None = None): return len(out) + 1 @apihook("_llseek", argc=3) - def _llseek(self, emu, argv, ctx: dict[str, str] | None = None): + def _llseek(self, emu, argv, ctx: api.ApiContext = None): """ LONG _llseek( HFILE hFile, @@ -6707,7 +6707,7 @@ def _llseek(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_lopen", argc=2) - def _lopen(self, emu, argv, ctx: dict[str, str] | None = None): + def _lopen(self, emu, argv, ctx: api.ApiContext = None): """ HFILE _lopen( LPCSTR lpPathName, @@ -6722,7 +6722,7 @@ def _lopen(self, emu, argv, ctx: dict[str, str] | None = None): return fHandle @apihook("_lclose", argc=1) - def _lclose(self, emu, argv, ctx: dict[str, str] | None = None): + def _lclose(self, emu, argv, ctx: api.ApiContext = None): """ HFILE _lclose( HFILE hFile @@ -6737,7 +6737,7 @@ def _lclose(self, emu, argv, ctx: dict[str, str] | None = None): return False @apihook("GetConsoleTitle", argc=2) - def GetConsoleTitle(self, emu, argv, ctx: dict[str, str] | None = None): + def GetConsoleTitle(self, emu, argv, ctx: api.ApiContext = None): """ DWORD WINAPI GetConsoleTitle( _Out_ LPTSTR lpConsoleTitle, @@ -6769,7 +6769,7 @@ def GetConsoleTitle(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("InitializeSRWLock", argc=1) - def InitializeSRWLock(self, emu, argv, ctx: dict[str, str] | None = None): + def InitializeSRWLock(self, emu, argv, ctx: api.ApiContext = None): """ void InitializeSRWLock( [out] PSRWLOCK SRWLock @@ -6780,7 +6780,7 @@ def InitializeSRWLock(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("AcquireSRWLockShared", argc=1) - def AcquireSRWLockShared(self, emu, argv, ctx: dict[str, str] | None = None): + def AcquireSRWLockShared(self, emu, argv, ctx: api.ApiContext = None): """ void AcquireSRWLockShared( [in, out] PSRWLOCK SRWLock @@ -6791,7 +6791,7 @@ def AcquireSRWLockShared(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("ReleaseSRWLockShared", argc=1) - def ReleaseSRWLockShared(self, emu, argv, ctx: dict[str, str] | None = None): + def ReleaseSRWLockShared(self, emu, argv, ctx: api.ApiContext = None): """ void ReleaseSRWLockShared( [in, out] PSRWLOCK SRWLock @@ -6802,7 +6802,7 @@ def ReleaseSRWLockShared(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("AcquireSRWLockExclusive", argc=1) - def AcquireSRWLockExclusive(self, emu, argv, ctx: dict[str, str] | None = None): + def AcquireSRWLockExclusive(self, emu, argv, ctx: api.ApiContext = None): """ void AcquireSRWLockExclusive( [in, out] PSRWLOCK SRWLock @@ -6813,7 +6813,7 @@ def AcquireSRWLockExclusive(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("ReleaseSRWLockExclusive", argc=1) - def ReleaseSRWLockExclusive(self, emu, argv, ctx: dict[str, str] | None = None): + def ReleaseSRWLockExclusive(self, emu, argv, ctx: api.ApiContext = None): """ void ReleaseSRWLockExclusive( [in, out] PSRWLOCK SRWLock @@ -6824,7 +6824,7 @@ def ReleaseSRWLockExclusive(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("GetPhysicallyInstalledSystemMemory", argc=1) - def GetPhysicallyInstalledSystemMemory(self, emu, argv, ctx: dict[str, str] | None = None): + def GetPhysicallyInstalledSystemMemory(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetPhysicallyInstalledSystemMemory( [out] PULONGLONG TotalMemoryInKilobytes @@ -6839,23 +6839,23 @@ def GetPhysicallyInstalledSystemMemory(self, emu, argv, ctx: dict[str, str] | No return 1 @apihook("WTSGetActiveConsoleSessionId", argc=0) - def WTSGetActiveConsoleSessionId(self, emu, argv, ctx: dict[str, str] | None = None): + def WTSGetActiveConsoleSessionId(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return emu.get_current_process().session @apihook("WaitForSingleObjectEx", argc=3) - def WaitForSingleObjectEx(self, emu, argv, ctx: dict[str, str] | None = None): + def WaitForSingleObjectEx(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return 0 # = WAIT_OBJECT_0 @apihook("GetProfileInt", argc=3) - def GetProfileInt(self, emu, argv, ctx: dict[str, str] | None = None): + def GetProfileInt(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} _, _, nDefault = argv return nDefault @apihook("CreateSemaphoreW", argc=4) - def CreateSemaphoreW(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateSemaphoreW(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE CreateSemaphoreW( [in, optional] LPSECURITY_ATTRIBUTES lpSemaphoreAttributes, @@ -6868,7 +6868,7 @@ def CreateSemaphoreW(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("SetThreadStackGuarantee", argc=1) - def SetThreadStackGuarantee(self, emu, argv, ctx: dict[str, str] | None = None): + def SetThreadStackGuarantee(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetThreadStackGuarantee( [in, out] PULONG StackSizeInBytes @@ -6878,7 +6878,7 @@ def SetThreadStackGuarantee(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("SetThreadDescription", argc=2) - def SetThreadDescription(self, emu, argv, ctx: dict[str, str] | None = None): + def SetThreadDescription(self, emu, argv, ctx: api.ApiContext = None): """ HRESULT SetThreadDescription( [in] HANDLE hThread, @@ -6889,7 +6889,7 @@ def SetThreadDescription(self, emu, argv, ctx: dict[str, str] | None = None): return windefs.ERROR_SUCCESS @apihook("InitOnceBeginInitialize", argc=4) - def InitOnceBeginInitialize(self, emu, argv, ctx: dict[str, str] | None = None): + def InitOnceBeginInitialize(self, emu, argv, ctx: api.ApiContext = None): """ BOOL InitOnceBeginInitialize( [in, out] LPINIT_ONCE lpInitOnce, @@ -6902,7 +6902,7 @@ def InitOnceBeginInitialize(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("FlsGetValue2", argc=1) - def FlsGetValue2(self, emu, argv, ctx: dict[str, str] | None = None): + def FlsGetValue2(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} fls_index = argv[0] try: @@ -6912,7 +6912,7 @@ def FlsGetValue2(self, emu, argv, ctx: dict[str, str] | None = None): return 0x1000 @apihook("RtlCaptureContext", argc=1) - def RtlCaptureContext(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlCaptureContext(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} ptr = self.emu.reg_read("rcx") if ptr: @@ -6929,12 +6929,12 @@ def RtlCaptureContext(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("RtlLookupFunctionEntry", argc=3) - def RtlLookupFunctionEntry(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlLookupFunctionEntry(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return 0 @apihook("MulDiv", argc=3) - def MulDiv(self, emu, argv, ctx: dict[str, str] | None = None): + def MulDiv(self, emu, argv, ctx: api.ApiContext = None): """ int MulDiv( int nNumber, @@ -6952,7 +6952,7 @@ def MulDiv(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GlobalAddAtomA", argc=1) - def GlobalAddAtomA(self, emu, argv, ctx: dict[str, str] | None = None): + def GlobalAddAtomA(self, emu, argv, ctx: api.ApiContext = None): """ ATOM GlobalAddAtomA( LPCSTR lpString diff --git a/speakeasy/winenv/api/usermode/lz32.py b/speakeasy/winenv/api/usermode/lz32.py index 90da28c8..aa398bba 100644 --- a/speakeasy/winenv/api/usermode/lz32.py +++ b/speakeasy/winenv/api/usermode/lz32.py @@ -16,7 +16,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("LZSeek", argc=3, conv=_arch.CALL_CONV_STDCALL) - def LZSeek(self, emu, argv, ctx: dict[str, str] | None = None): + def LZSeek(self, emu, argv, ctx: api.ApiContext = None): """ LONG LZSeek( INT hFile, diff --git a/speakeasy/winenv/api/usermode/mpr.py b/speakeasy/winenv/api/usermode/mpr.py index e070872f..843916d6 100644 --- a/speakeasy/winenv/api/usermode/mpr.py +++ b/speakeasy/winenv/api/usermode/mpr.py @@ -17,7 +17,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("WNetOpenEnum", argc=5, conv=_arch.CALL_CONV_STDCALL) - def WNetOpenEnum(self, emu, argv, ctx: dict[str, str] | None = None): + def WNetOpenEnum(self, emu, argv, ctx: api.ApiContext = None): """ DWORD WNetOpenEnum( DWORD dwScope, @@ -45,7 +45,7 @@ def WNetOpenEnum(self, emu, argv, ctx: dict[str, str] | None = None): return mpr.ERROR_NO_NETWORK @apihook("WNetEnumResource", argc=4, conv=_arch.CALL_CONV_STDCALL) - def WNetEnumResource(self, emu, argv, ctx: dict[str, str] | None = None): + def WNetEnumResource(self, emu, argv, ctx: api.ApiContext = None): """ DWORD WNetEnumResourceA( HANDLE hEnum, @@ -58,7 +58,7 @@ def WNetEnumResource(self, emu, argv, ctx: dict[str, str] | None = None): return mpr.ERROR_NO_NETWORK @apihook("WNetAddConnection2", argc=4, conv=_arch.CALL_CONV_STDCALL) - def WNetAddConnection2(self, emu, argv, ctx: dict[str, str] | None = None): + def WNetAddConnection2(self, emu, argv, ctx: api.ApiContext = None): """ DWORD WNetAddConnection2W( LPNETRESOURCEW lpNetResource, @@ -71,7 +71,7 @@ def WNetAddConnection2(self, emu, argv, ctx: dict[str, str] | None = None): return mpr.ERROR_NO_NETWORK @apihook("WNetGetConnection", argc=3, conv=_arch.CALL_CONV_STDCALL) - def WNetGetConnection(self, emu, argv, ctx: dict[str, str] | None = None): + def WNetGetConnection(self, emu, argv, ctx: api.ApiContext = None): """ DWORD WNetGetConnectionA( LPCSTR lpLocalName, diff --git a/speakeasy/winenv/api/usermode/mscoree.py b/speakeasy/winenv/api/usermode/mscoree.py index a5ddfeb6..ee738816 100644 --- a/speakeasy/winenv/api/usermode/mscoree.py +++ b/speakeasy/winenv/api/usermode/mscoree.py @@ -22,7 +22,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("CorExitProcess", argc=1) - def CorExitProcess(self, emu, argv, ctx: dict[str, str] | None = None): + def CorExitProcess(self, emu, argv, ctx: api.ApiContext = None): """ void STDMETHODCALLTYPE CorExitProcess ( int exitCode diff --git a/speakeasy/winenv/api/usermode/msi32.py b/speakeasy/winenv/api/usermode/msi32.py index d2a9ac7a..a47eaf01 100644 --- a/speakeasy/winenv/api/usermode/msi32.py +++ b/speakeasy/winenv/api/usermode/msi32.py @@ -16,7 +16,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("MsiDatabaseMergeA", argc=3, conv=_arch.CALL_CONV_STDCALL, ordinal=29) - def MsiDatabaseMergeA(self, emu, argv, ctx: dict[str, str] | None = None): + def MsiDatabaseMergeA(self, emu, argv, ctx: api.ApiContext = None): """ UINT MsiDatabaseMergeA( MSIHANDLE hDatabase, diff --git a/speakeasy/winenv/api/usermode/msimg32.py b/speakeasy/winenv/api/usermode/msimg32.py index 0c2b9c73..9dbd5be3 100644 --- a/speakeasy/winenv/api/usermode/msimg32.py +++ b/speakeasy/winenv/api/usermode/msimg32.py @@ -19,7 +19,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("TransparentBlt", argc=11) - def TransparentBlt(self, emu, argv, ctx: dict[str, str] | None = None): + def TransparentBlt(self, emu, argv, ctx: api.ApiContext = None): """ BOOL TransparentBlt( HDC hdcDest, diff --git a/speakeasy/winenv/api/usermode/msvcrt.py b/speakeasy/winenv/api/usermode/msvcrt.py index 679a1714..0eb0cfb1 100644 --- a/speakeasy/winenv/api/usermode/msvcrt.py +++ b/speakeasy/winenv/api/usermode/msvcrt.py @@ -90,7 +90,7 @@ def _acmdln(self, ptr=0): return cmdln @apihook("__p__acmdln", argc=0) - def __p__acmdln(self, emu, argv, ctx: dict[str, str] | None = None): + def __p__acmdln(self, emu, argv, ctx: api.ApiContext = None): """Command line global CRT variable""" ctx = ctx or {} @@ -99,7 +99,7 @@ def __p__acmdln(self, emu, argv, ctx: dict[str, str] | None = None): return cmdln @apihook("_onexit", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _onexit(self, emu, argv, ctx: dict[str, str] | None = None): + def _onexit(self, emu, argv, ctx: api.ApiContext = None): """ _onexit_t _onexit( _onexit_t function @@ -111,7 +111,7 @@ def _onexit(self, emu, argv, ctx: dict[str, str] | None = None): return func @apihook("mbstowcs_s", argc=5, conv=e_arch.CALL_CONV_CDECL) - def mbstowcs_s(self, emu, argv, ctx: dict[str, str] | None = None): + def mbstowcs_s(self, emu, argv, ctx: api.ApiContext = None): """ errno_t mbstowcs_s( size_t *pReturnValue, @@ -159,7 +159,7 @@ def mbstowcs_s(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_wcsnicmp", argc=3, conv=e_arch.CALL_CONV_CDECL) - def _wcsnicmp(self, emu, argv, ctx: dict[str, str] | None = None): + def _wcsnicmp(self, emu, argv, ctx: api.ApiContext = None): """ int _wcsnicmp( const wchar_t *string1, @@ -185,7 +185,7 @@ def _wcsnicmp(self, emu, argv, ctx: dict[str, str] | None = None): # Reference: https://wiki.osdev.org/Visual_C%2B%2B_Runtime @apihook("_initterm_e", argc=2, conv=e_arch.CALL_CONV_CDECL) - def _initterm_e(self, emu, argv, ctx: dict[str, str] | None = None): + def _initterm_e(self, emu, argv, ctx: api.ApiContext = None): """ static int _initterm_e(_PIFV * pfbegin, _PIFV * pfend) @@ -199,7 +199,7 @@ def _initterm_e(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_initterm", argc=2, conv=e_arch.CALL_CONV_CDECL) - def _initterm(self, emu, argv, ctx: dict[str, str] | None = None): + def _initterm(self, emu, argv, ctx: api.ApiContext = None): """static void _initterm (_PVFV * pfbegin, _PVFV * pfend)""" ctx = ctx or {} @@ -210,7 +210,7 @@ def _initterm(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("__getmainargs", argc=5) - def __getmainargs(self, emu, argv, ctx: dict[str, str] | None = None): + def __getmainargs(self, emu, argv, ctx: api.ApiContext = None): """ int __getmainargs( int * _Argc, @@ -277,7 +277,7 @@ def __getmainargs(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("__wgetmainargs", argc=5) - def __wgetmainargs(self, emu, argv, ctx: dict[str, str] | None = None): + def __wgetmainargs(self, emu, argv, ctx: api.ApiContext = None): """ int __wgetmainargs ( int *_Argc, @@ -294,7 +294,7 @@ def __wgetmainargs(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("__p___wargv", argc=0, conv=e_arch.CALL_CONV_CDECL) - def __p___wargv(self, emu, argv, ctx: dict[str, str] | None = None): + def __p___wargv(self, emu, argv, ctx: api.ApiContext = None): """WCHAR *** __p___wargv ()""" ctx = ctx or {} @@ -326,7 +326,7 @@ def __p___wargv(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("__p___argv", argc=0, conv=e_arch.CALL_CONV_CDECL) - def __p___argv(self, emu, argv, ctx: dict[str, str] | None = None): + def __p___argv(self, emu, argv, ctx: api.ApiContext = None): """char *** __p___argv ()""" ctx = ctx or {} @@ -358,7 +358,7 @@ def __p___argv(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("__p___argc", argc=0, conv=e_arch.CALL_CONV_CDECL) - def __p___argc(self, emu, argv, ctx: dict[str, str] | None = None): + def __p___argc(self, emu, argv, ctx: api.ApiContext = None): """int * __p___argc ()""" ctx = ctx or {} @@ -369,7 +369,7 @@ def __p___argc(self, emu, argv, ctx: dict[str, str] | None = None): return argc @apihook("__p___initenv", argc=0, conv=e_arch.CALL_CONV_CDECL) - def __p___initenv(self, emu, argv, ctx: dict[str, str] | None = None): + def __p___initenv(self, emu, argv, ctx: api.ApiContext = None): """char *** __p___initenv ()""" ctx = ctx or {} ptr_size = self.get_ptr_size() @@ -377,7 +377,7 @@ def __p___initenv(self, emu, argv, ctx: dict[str, str] | None = None): return ptr @apihook("_get_initial_narrow_environment", argc=0, conv=e_arch.CALL_CONV_CDECL) - def _get_initial_narrow_environment(self, emu, argv, ctx: dict[str, str] | None = None): + def _get_initial_narrow_environment(self, emu, argv, ctx: api.ApiContext = None): """char** _get_initial_narrow_environment ()""" ctx = ctx or {} @@ -408,7 +408,7 @@ def _get_initial_narrow_environment(self, emu, argv, ctx: dict[str, str] | None return envp @apihook("_get_initial_wide_environment", argc=0, conv=e_arch.CALL_CONV_CDECL) - def _get_initial_wide_environment(self, emu, argv, ctx: dict[str, str] | None = None): + def _get_initial_wide_environment(self, emu, argv, ctx: api.ApiContext = None): """WCHAR** _get_initial_wide_environment ()""" ctx = ctx or {} @@ -439,7 +439,7 @@ def _get_initial_wide_environment(self, emu, argv, ctx: dict[str, str] | None = return envp @apihook("exit", argc=1, conv=e_arch.CALL_CONV_CDECL) - def exit(self, emu, argv, ctx: dict[str, str] | None = None): + def exit(self, emu, argv, ctx: api.ApiContext = None): """ void exit( int const status @@ -450,7 +450,7 @@ def exit(self, emu, argv, ctx: dict[str, str] | None = None): self.exit_process() @apihook("_exit", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _exit(self, emu, argv, ctx: dict[str, str] | None = None): + def _exit(self, emu, argv, ctx: api.ApiContext = None): """ void _exit( int const status @@ -461,7 +461,7 @@ def _exit(self, emu, argv, ctx: dict[str, str] | None = None): self.exit_process() @apihook("_XcptFilter", argc=2, conv=e_arch.CALL_CONV_CDECL) - def _XcptFilter(self, emu, argv, ctx: dict[str, str] | None = None): + def _XcptFilter(self, emu, argv, ctx: api.ApiContext = None): """ int _XcptFilter( unsigned long xcptnum, @@ -474,7 +474,7 @@ def _XcptFilter(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("_CxxThrowException", argc=2, conv=e_arch.CALL_CONV_STDCALL) - def _CxxThrowException(self, emu, argv, ctx: dict[str, str] | None = None): + def _CxxThrowException(self, emu, argv, ctx: api.ApiContext = None): """ void _CxxThrowException( void *pExceptionObject, @@ -485,7 +485,7 @@ def _CxxThrowException(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("__acrt_iob_func", argc=1, conv=e_arch.CALL_CONV_CDECL) - def __acrt_iob_func(self, emu, argv, ctx: dict[str, str] | None = None): + def __acrt_iob_func(self, emu, argv, ctx: api.ApiContext = None): """FILE * __acrt_iob_func (fd)""" ctx = ctx or {} @@ -494,7 +494,7 @@ def __acrt_iob_func(self, emu, argv, ctx: dict[str, str] | None = None): return fd @apihook("pow", argc=2, conv=e_arch.CALL_CONV_FLOAT) - def pow(self, emu, argv, ctx: dict[str, str] | None = None): + def pow(self, emu, argv, ctx: api.ApiContext = None): """ double pow( double x, @@ -514,7 +514,7 @@ def pow(self, emu, argv, ctx: dict[str, str] | None = None): return z @apihook("floor", argc=1, conv=e_arch.CALL_CONV_FLOAT) - def floor(self, emu, argv, ctx: dict[str, str] | None = None): + def floor(self, emu, argv, ctx: api.ApiContext = None): """ double floor( double x @@ -530,7 +530,7 @@ def floor(self, emu, argv, ctx: dict[str, str] | None = None): return z @apihook("sin", argc=1, conv=e_arch.CALL_CONV_FLOAT) - def sin(self, emu, argv, ctx: dict[str, str] | None = None): + def sin(self, emu, argv, ctx: api.ApiContext = None): """ double sin( double x @@ -546,7 +546,7 @@ def sin(self, emu, argv, ctx: dict[str, str] | None = None): return z @apihook("abs", argc=1, conv=e_arch.CALL_CONV_CDECL) - def abs(self, emu, argv, ctx: dict[str, str] | None = None): + def abs(self, emu, argv, ctx: api.ApiContext = None): """ int abs( int x @@ -558,7 +558,7 @@ def abs(self, emu, argv, ctx: dict[str, str] | None = None): return y @apihook("strstr", argc=2, conv=e_arch.CALL_CONV_CDECL) - def strstr(self, emu, argv, ctx: dict[str, str] | None = None): + def strstr(self, emu, argv, ctx: api.ApiContext = None): """ char *strstr( const char *str, @@ -585,7 +585,7 @@ def strstr(self, emu, argv, ctx: dict[str, str] | None = None): return ret @apihook("wcsstr", argc=2, conv=e_arch.CALL_CONV_CDECL) - def wcsstr(self, emu, argv, ctx: dict[str, str] | None = None): + def wcsstr(self, emu, argv, ctx: api.ApiContext = None): """ wchar_t *wcsstr( const wchar_t *str, @@ -612,7 +612,7 @@ def wcsstr(self, emu, argv, ctx: dict[str, str] | None = None): return ret @apihook("strncat_s", argc=4, conv=e_arch.CALL_CONV_CDECL) - def strncat_s(self, emu, argv, ctx: dict[str, str] | None = None): + def strncat_s(self, emu, argv, ctx: api.ApiContext = None): """ errno_t strncat_s( char *strDest, @@ -651,7 +651,7 @@ def strncat_s(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("__stdio_common_vfprintf", argc=e_arch.VAR_ARGS, conv=e_arch.CALL_CONV_CDECL) - def __stdio_common_vfprintf(self, emu, argv, ctx: dict[str, str] | None = None): + def __stdio_common_vfprintf(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} arch = emu.get_arch() @@ -674,7 +674,7 @@ def __stdio_common_vfprintf(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("fprintf", argc=e_arch.VAR_ARGS, conv=e_arch.CALL_CONV_CDECL) - def fprintf(self, emu, argv, ctx: dict[str, str] | None = None): + def fprintf(self, emu, argv, ctx: api.ApiContext = None): """ int fprintf( FILE *stream, @@ -699,7 +699,7 @@ def fprintf(self, emu, argv, ctx: dict[str, str] | None = None): return len(fin) @apihook("printf", argc=e_arch.VAR_ARGS, conv=e_arch.CALL_CONV_CDECL) - def printf(self, emu, argv, ctx: dict[str, str] | None = None): + def printf(self, emu, argv, ctx: api.ApiContext = None): """ int printf( const char *format, @@ -723,7 +723,7 @@ def printf(self, emu, argv, ctx: dict[str, str] | None = None): return len(fin) @apihook("memset", argc=3, conv=e_arch.CALL_CONV_CDECL) - def memset(self, emu, argv, ctx: dict[str, str] | None = None): + def memset(self, emu, argv, ctx: api.ApiContext = None): """ void *memset ( void * ptr, int value, @@ -739,7 +739,7 @@ def memset(self, emu, argv, ctx: dict[str, str] | None = None): return ptr @apihook("time", argc=1, conv=e_arch.CALL_CONV_CDECL) - def time(self, emu, argv, ctx: dict[str, str] | None = None): + def time(self, emu, argv, ctx: api.ApiContext = None): """ time_t time( time_t *destTime ); """ @@ -754,7 +754,7 @@ def time(self, emu, argv, ctx: dict[str, str] | None = None): return out_time @apihook("_strtime", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _strtime(self, emu, argv, ctx: dict[str, str] | None = None): + def _strtime(self, emu, argv, ctx: api.ApiContext = None): """ char *_strtime(char *buffer); """ @@ -766,7 +766,7 @@ def _strtime(self, emu, argv, ctx: dict[str, str] | None = None): return buffer @apihook("_strdate", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _strdate(self, emu, argv, ctx: dict[str, str] | None = None): + def _strdate(self, emu, argv, ctx: api.ApiContext = None): """ char *_strdate(char *buffer); """ @@ -778,7 +778,7 @@ def _strdate(self, emu, argv, ctx: dict[str, str] | None = None): return buffer @apihook("clock", argc=0, conv=e_arch.CALL_CONV_CDECL) - def clock(self, emu, argv, ctx: dict[str, str] | None = None): + def clock(self, emu, argv, ctx: api.ApiContext = None): """ clock_t clock( void ); """ @@ -789,7 +789,7 @@ def clock(self, emu, argv, ctx: dict[str, str] | None = None): return self.tick_counter @apihook("srand", argc=1, conv=e_arch.CALL_CONV_CDECL) - def srand(self, emu, argv, ctx: dict[str, str] | None = None): + def srand(self, emu, argv, ctx: api.ApiContext = None): """ void srand (unsigned int seed); """ @@ -800,7 +800,7 @@ def srand(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("sprintf", argc=e_arch.VAR_ARGS, conv=e_arch.CALL_CONV_CDECL) - def sprintf(self, emu, argv, ctx: dict[str, str] | None = None): + def sprintf(self, emu, argv, ctx: api.ApiContext = None): """ int sprintf( char *buffer, @@ -825,7 +825,7 @@ def sprintf(self, emu, argv, ctx: dict[str, str] | None = None): return len(fin) @apihook("_snprintf", argc=e_arch.VAR_ARGS, conv=e_arch.CALL_CONV_CDECL) - def _snprintf(self, emu, argv, ctx: dict[str, str] | None = None): + def _snprintf(self, emu, argv, ctx: api.ApiContext = None): """ int _snprintf( char *buffer, @@ -851,7 +851,7 @@ def _snprintf(self, emu, argv, ctx: dict[str, str] | None = None): return len(fin) @apihook("atoi", argc=1, conv=e_arch.CALL_CONV_CDECL) - def atoi(self, emu, argv, ctx: dict[str, str] | None = None): + def atoi(self, emu, argv, ctx: api.ApiContext = None): """ int atoi( const char *str @@ -872,7 +872,7 @@ def atoi(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("rand", argc=0, conv=e_arch.CALL_CONV_CDECL) - def rand(self, emu, argv, ctx: dict[str, str] | None = None): + def rand(self, emu, argv, ctx: api.ApiContext = None): """ int rand( void ); """ @@ -883,7 +883,7 @@ def rand(self, emu, argv, ctx: dict[str, str] | None = None): return self.rand_int @apihook("__set_app_type", argc=1, conv=e_arch.CALL_CONV_CDECL) - def __set_app_type(self, emu, argv, ctx: dict[str, str] | None = None): + def __set_app_type(self, emu, argv, ctx: api.ApiContext = None): """ void __set_app_type ( int at @@ -893,12 +893,12 @@ def __set_app_type(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("_set_app_type", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _set_app_type(self, emu, argv, ctx: dict[str, str] | None = None): + def _set_app_type(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("__p__fmode", argc=0, conv=e_arch.CALL_CONV_CDECL) - def __p__fmode(self, emu, argv, ctx: dict[str, str] | None = None): + def __p__fmode(self, emu, argv, ctx: api.ApiContext = None): """ int* __p__fmode(); """ @@ -911,7 +911,7 @@ def __p__fmode(self, emu, argv, ctx: dict[str, str] | None = None): return ptr @apihook("__p__commode", argc=0, conv=e_arch.CALL_CONV_CDECL) - def __p__commode(self, emu, argv, ctx: dict[str, str] | None = None): + def __p__commode(self, emu, argv, ctx: api.ApiContext = None): """ int* __p__commode(); """ @@ -924,7 +924,7 @@ def __p__commode(self, emu, argv, ctx: dict[str, str] | None = None): return ptr @apihook("_controlfp", argc=2, conv=e_arch.CALL_CONV_CDECL) - def _controlfp(self, emu, argv, ctx: dict[str, str] | None = None): + def _controlfp(self, emu, argv, ctx: api.ApiContext = None): """ unsigned int _controlfp(unsigned int new, unsinged int mask) @@ -933,7 +933,7 @@ def _controlfp(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("strcpy", argc=2, conv=e_arch.CALL_CONV_CDECL) - def strcpy(self, emu, argv, ctx: dict[str, str] | None = None): + def strcpy(self, emu, argv, ctx: api.ApiContext = None): """ char *strcpy( char *strDestination, @@ -949,7 +949,7 @@ def strcpy(self, emu, argv, ctx: dict[str, str] | None = None): return dest @apihook("wcscpy", argc=2, conv=e_arch.CALL_CONV_CDECL) - def wcscpy(self, emu, argv, ctx: dict[str, str] | None = None): + def wcscpy(self, emu, argv, ctx: api.ApiContext = None): """ wchar_t *wcscpy( wchar_t *strDestination, @@ -964,7 +964,7 @@ def wcscpy(self, emu, argv, ctx: dict[str, str] | None = None): return dest @apihook("strncpy", argc=3, conv=e_arch.CALL_CONV_CDECL) - def strncpy(self, emu, argv, ctx: dict[str, str] | None = None): + def strncpy(self, emu, argv, ctx: api.ApiContext = None): """ char * strncpy( char * destination, @@ -982,7 +982,7 @@ def strncpy(self, emu, argv, ctx: dict[str, str] | None = None): return dest @apihook("wcsncpy", argc=3, conv=e_arch.CALL_CONV_CDECL) - def wcsncpy(self, emu, argv, ctx: dict[str, str] | None = None): + def wcsncpy(self, emu, argv, ctx: api.ApiContext = None): """ wchar_t *wcsncpy( wchar_t *strDest, @@ -1000,7 +1000,7 @@ def wcsncpy(self, emu, argv, ctx: dict[str, str] | None = None): return dest @apihook("memcpy", argc=3, conv=e_arch.CALL_CONV_CDECL) - def memcpy(self, emu, argv, ctx: dict[str, str] | None = None): + def memcpy(self, emu, argv, ctx: api.ApiContext = None): """ void *memcpy( void *dest, @@ -1015,7 +1015,7 @@ def memcpy(self, emu, argv, ctx: dict[str, str] | None = None): return dest @apihook("memmove", argc=3, conv=e_arch.CALL_CONV_CDECL) - def memmove(self, emu, argv, ctx: dict[str, str] | None = None): + def memmove(self, emu, argv, ctx: api.ApiContext = None): """ void *memmove( void *dest, @@ -1030,7 +1030,7 @@ def memmove(self, emu, argv, ctx: dict[str, str] | None = None): return dest @apihook("memcmp", argc=3, conv=e_arch.CALL_CONV_CDECL) - def memcmp(self, emu, argv, ctx: dict[str, str] | None = None): + def memcmp(self, emu, argv, ctx: api.ApiContext = None): """ int memcmp( const void *buffer1, @@ -1054,7 +1054,7 @@ def memcmp(self, emu, argv, ctx: dict[str, str] | None = None): return diff @apihook("_except_handler4_common", argc=6, conv=e_arch.CALL_CONV_CDECL) - def _except_handler4_common(self, emu, argv, ctx: dict[str, str] | None = None): + def _except_handler4_common(self, emu, argv, ctx: api.ApiContext = None): """ _CRTIMP __C_specific_handler( _In_ struct _EXCEPTION_RECORD *ExceptionRecord, @@ -1124,7 +1124,7 @@ def _except_handler4_common(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_seh_filter_exe", argc=2, conv=e_arch.CALL_CONV_CDECL) - def _seh_filter_exe(self, emu, argv, ctx: dict[str, str] | None = None): + def _seh_filter_exe(self, emu, argv, ctx: api.ApiContext = None): """ int __cdecl _seh_filter_exe( unsigned long _ExceptionNum, @@ -1138,7 +1138,7 @@ def _seh_filter_exe(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_except_handler3", argc=4, conv=e_arch.CALL_CONV_CDECL) - def _except_handler3(self, emu, argv, ctx: dict[str, str] | None = None): + def _except_handler3(self, emu, argv, ctx: api.ApiContext = None): """ int _except_handler3( PEXCEPTION_RECORD exception_record, @@ -1152,7 +1152,7 @@ def _except_handler3(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_seh_filter_dll", argc=2, conv=e_arch.CALL_CONV_CDECL) - def _seh_filter_dll(self, emu, argv, ctx: dict[str, str] | None = None): + def _seh_filter_dll(self, emu, argv, ctx: api.ApiContext = None): """ int __cdecl _seh_filter_dll( unsigned long _ExceptionNum, @@ -1166,7 +1166,7 @@ def _seh_filter_dll(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("puts", argc=1, conv=e_arch.CALL_CONV_CDECL) - def puts(self, emu, argv, ctx: dict[str, str] | None = None): + def puts(self, emu, argv, ctx: api.ApiContext = None): """ int puts( const char *str @@ -1182,7 +1182,7 @@ def puts(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_initialize_onexit_table", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _initialize_onexit_table(self, emu, argv, ctx: dict[str, str] | None = None): + def _initialize_onexit_table(self, emu, argv, ctx: api.ApiContext = None): """ int _initialize_onexit_table( _onexit_table_t* table @@ -1194,7 +1194,7 @@ def _initialize_onexit_table(self, emu, argv, ctx: dict[str, str] | None = None) return rv @apihook("_register_onexit_function", argc=2, conv=e_arch.CALL_CONV_CDECL) - def _register_onexit_function(self, emu, argv, ctx: dict[str, str] | None = None): + def _register_onexit_function(self, emu, argv, ctx: api.ApiContext = None): """ int _register_onexit_function( _onexit_table_t* table, @@ -1207,7 +1207,7 @@ def _register_onexit_function(self, emu, argv, ctx: dict[str, str] | None = None return rv @apihook("malloc", argc=1, conv=e_arch.CALL_CONV_CDECL) - def malloc(self, emu, argv, ctx: dict[str, str] | None = None): + def malloc(self, emu, argv, ctx: api.ApiContext = None): """ void *malloc( size_t size @@ -1220,7 +1220,7 @@ def malloc(self, emu, argv, ctx: dict[str, str] | None = None): return chunk @apihook("calloc", argc=2, conv=e_arch.CALL_CONV_CDECL) - def calloc(self, emu, argv, ctx: dict[str, str] | None = None): + def calloc(self, emu, argv, ctx: api.ApiContext = None): """ void *calloc( size_t num, @@ -1241,7 +1241,7 @@ def calloc(self, emu, argv, ctx: dict[str, str] | None = None): return chunk @apihook("free", argc=1, conv=e_arch.CALL_CONV_CDECL) - def free(self, emu, argv, ctx: dict[str, str] | None = None): + def free(self, emu, argv, ctx: api.ApiContext = None): """ void free( void *memblock @@ -1252,7 +1252,7 @@ def free(self, emu, argv, ctx: dict[str, str] | None = None): self.mem_free(mem) @apihook("_beginthreadex", argc=6, conv=e_arch.CALL_CONV_CDECL) - def _beginthreadex(self, emu, argv, ctx: dict[str, str] | None = None): + def _beginthreadex(self, emu, argv, ctx: api.ApiContext = None): """ uintptr_t _beginthreadex( void *security, @@ -1274,7 +1274,7 @@ def _beginthreadex(self, emu, argv, ctx: dict[str, str] | None = None): return handle @apihook("_beginthread", argc=3, conv=e_arch.CALL_CONV_CDECL) - def _beginthread(self, emu, argv, ctx: dict[str, str] | None = None): + def _beginthread(self, emu, argv, ctx: api.ApiContext = None): """ uintptr_t _beginthread void( __cdecl *start_address )( void * ), @@ -1289,7 +1289,7 @@ def _beginthread(self, emu, argv, ctx: dict[str, str] | None = None): return handle @apihook("system", argc=1, conv=e_arch.CALL_CONV_CDECL) - def system(self, emu, argv, ctx: dict[str, str] | None = None): + def system(self, emu, argv, ctx: api.ApiContext = None): """ int system( const char *command @@ -1305,7 +1305,7 @@ def system(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("toupper", argc=1, conv=e_arch.CALL_CONV_CDECL) - def toupper(self, emu, argv, ctx: dict[str, str] | None = None): + def toupper(self, emu, argv, ctx: api.ApiContext = None): """ int toupper( int c @@ -1321,7 +1321,7 @@ def toupper(self, emu, argv, ctx: dict[str, str] | None = None): return c @apihook("strlen", argc=1, conv=e_arch.CALL_CONV_CDECL) - def strlen(self, emu, argv, ctx: dict[str, str] | None = None): + def strlen(self, emu, argv, ctx: api.ApiContext = None): """ size_t strlen( const char *str @@ -1337,7 +1337,7 @@ def strlen(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("strcat", argc=2, conv=e_arch.CALL_CONV_CDECL) - def strcat(self, emu, argv, ctx: dict[str, str] | None = None): + def strcat(self, emu, argv, ctx: api.ApiContext = None): """ char *strcat( char *strDestination, @@ -1355,7 +1355,7 @@ def strcat(self, emu, argv, ctx: dict[str, str] | None = None): return _str1 @apihook("_strlwr", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _strlwr(self, emu, argv, ctx: dict[str, str] | None = None): + def _strlwr(self, emu, argv, ctx: api.ApiContext = None): """ char *_strlwr( char *str @@ -1373,7 +1373,7 @@ def _strlwr(self, emu, argv, ctx: dict[str, str] | None = None): return string_ptr @apihook("strncat", argc=3, conv=e_arch.CALL_CONV_CDECL) - def strncat(self, emu, argv, ctx: dict[str, str] | None = None): + def strncat(self, emu, argv, ctx: api.ApiContext = None): """ char *strncat( char *destination, @@ -1392,7 +1392,7 @@ def strncat(self, emu, argv, ctx: dict[str, str] | None = None): return dest @apihook("wcscat", argc=2, conv=e_arch.CALL_CONV_CDECL) - def wcscat(self, emu, argv, ctx: dict[str, str] | None = None): + def wcscat(self, emu, argv, ctx: api.ApiContext = None): """ wchar_t *wcscat( wchar_t *strDestination, @@ -1410,7 +1410,7 @@ def wcscat(self, emu, argv, ctx: dict[str, str] | None = None): return _str1 @apihook("wcslen", argc=1, conv=e_arch.CALL_CONV_CDECL) - def wcslen(self, emu, argv, ctx: dict[str, str] | None = None): + def wcslen(self, emu, argv, ctx: api.ApiContext = None): """ size_t wcslen( const wchar_t* wcs @@ -1425,7 +1425,7 @@ def wcslen(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_lock", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _lock(self, emu, argv, ctx: dict[str, str] | None = None): + def _lock(self, emu, argv, ctx: api.ApiContext = None): """ void __cdecl _lock int locknum @@ -1435,7 +1435,7 @@ def _lock(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("_unlock", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _unlock(self, emu, argv, ctx: dict[str, str] | None = None): + def _unlock(self, emu, argv, ctx: api.ApiContext = None): """ void __cdecl _unlock int locknum @@ -1445,7 +1445,7 @@ def _unlock(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("_ltoa", argc=3, conv=e_arch.CALL_CONV_CDECL) - def _ltoa(self, emu, argv, ctx: dict[str, str] | None = None): + def _ltoa(self, emu, argv, ctx: api.ApiContext = None): """ char *_ltoa( long value, @@ -1465,7 +1465,7 @@ def _ltoa(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("__dllonexit", argc=3, conv=e_arch.CALL_CONV_CDECL) - def __dllonexit(self, emu, argv, ctx: dict[str, str] | None = None): + def __dllonexit(self, emu, argv, ctx: api.ApiContext = None): """ onexit_t __dllonexit( _onexit_t func, @@ -1482,7 +1482,7 @@ def __dllonexit(self, emu, argv, ctx: dict[str, str] | None = None): return func @apihook("strncmp", argc=3, conv=e_arch.CALL_CONV_CDECL) - def strncmp(self, emu, argv, ctx: dict[str, str] | None = None): + def strncmp(self, emu, argv, ctx: api.ApiContext = None): """ int strncmp( const char *string1, @@ -1504,7 +1504,7 @@ def strncmp(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("strcmp", argc=2, conv=e_arch.CALL_CONV_CDECL) - def strcmp(self, emu, argv, ctx: dict[str, str] | None = None): + def strcmp(self, emu, argv, ctx: api.ApiContext = None): """ int strcmp( const char *string1, @@ -1525,7 +1525,7 @@ def strcmp(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("strrchr", argc=2, conv=e_arch.CALL_CONV_CDECL) - def strrchr(self, emu, argv, ctx: dict[str, str] | None = None): + def strrchr(self, emu, argv, ctx: api.ApiContext = None): """ char *strrchr( const char *str, @@ -1550,7 +1550,7 @@ def strrchr(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_ftol", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _ftol(self, emu, argv, ctx: dict[str, str] | None = None): + def _ftol(self, emu, argv, ctx: api.ApiContext = None): """ int _ftol(int); """ @@ -1559,7 +1559,7 @@ def _ftol(self, emu, argv, ctx: dict[str, str] | None = None): return int(f) @apihook("_adjust_fdiv", argc=0, conv=e_arch.CALL_CONV_CDECL) - def _adjust_fdiv(self, emu, argv, ctx: dict[str, str] | None = None): + def _adjust_fdiv(self, emu, argv, ctx: api.ApiContext = None): """ void _adjust_fdiv(void) """ @@ -1567,7 +1567,7 @@ def _adjust_fdiv(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("tolower", argc=1, conv=e_arch.CALL_CONV_CDECL) - def tolower(self, emu, argv, ctx: dict[str, str] | None = None): + def tolower(self, emu, argv, ctx: api.ApiContext = None): """ int tolower ( int c ); """ @@ -1576,7 +1576,7 @@ def tolower(self, emu, argv, ctx: dict[str, str] | None = None): return c | 0x20 @apihook("isdigit", argc=1, conv=e_arch.CALL_CONV_CDECL) - def isdigit(self, emu, argv, ctx: dict[str, str] | None = None): + def isdigit(self, emu, argv, ctx: api.ApiContext = None): """ int isdigit( int c @@ -1587,7 +1587,7 @@ def isdigit(self, emu, argv, ctx: dict[str, str] | None = None): return int(48 <= c <= 57) @apihook("sscanf", argc=e_arch.VAR_ARGS, conv=e_arch.CALL_CONV_CDECL) - def sscanf(self, emu, argv, ctx: dict[str, str] | None = None): + def sscanf(self, emu, argv, ctx: api.ApiContext = None): """ int sscanf ( const char * s, const char * format, ...); """ @@ -1595,7 +1595,7 @@ def sscanf(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("strchr", argc=2, conv=e_arch.CALL_CONV_CDECL) - def strchr(self, emu, argv, ctx: dict[str, str] | None = None): + def strchr(self, emu, argv, ctx: api.ApiContext = None): """ char *strchr( const char *str, @@ -1620,7 +1620,7 @@ def strchr(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_set_invalid_parameter_handler", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _set_invalid_parameter_handler(self, emu, argv, ctx: dict[str, str] | None = None): + def _set_invalid_parameter_handler(self, emu, argv, ctx: api.ApiContext = None): """ _invalid_parameter_handler _set_invalid_parameter_handler( _invalid_parameter_handler pNew @@ -1632,7 +1632,7 @@ def _set_invalid_parameter_handler(self, emu, argv, ctx: dict[str, str] | None = return 0 @apihook("__CxxFrameHandler", argc=4, conv=e_arch.CALL_CONV_CDECL) - def __CxxFrameHandler(self, emu, argv, ctx: dict[str, str] | None = None): + def __CxxFrameHandler(self, emu, argv, ctx: api.ApiContext = None): """ EXCEPTION_DISPOSITION __CxxFrameHandler( EHExceptionRecord *pExcept, @@ -1651,7 +1651,7 @@ def __CxxFrameHandler(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("_vsnprintf", argc=4, conv=e_arch.CALL_CONV_CDECL) - def _vsnprintf(self, emu, argv, ctx: dict[str, str] | None = None): + def _vsnprintf(self, emu, argv, ctx: api.ApiContext = None): """ int _vsnprintf( char *buffer, @@ -1680,7 +1680,7 @@ def _vsnprintf(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("__stdio_common_vsprintf", argc=7, conv=e_arch.CALL_CONV_CDECL) - def __stdio_common_vsprintf(self, emu, argv, ctx: dict[str, str] | None = None): + def __stdio_common_vsprintf(self, emu, argv, ctx: api.ApiContext = None): """ int __stdio_common_vsprintf( unsigned int64 Options, @@ -1710,7 +1710,7 @@ def __stdio_common_vsprintf(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_strcmpi", argc=2, conv=e_arch.CALL_CONV_CDECL) - def _strcmpi(self, emu, argv, ctx: dict[str, str] | None = None): + def _strcmpi(self, emu, argv, ctx: api.ApiContext = None): """ int _strcmpi( const char *string1, @@ -1736,7 +1736,7 @@ def _strcmpi(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_wcsicmp", argc=2, conv=e_arch.CALL_CONV_CDECL) - def _wcsicmp(self, emu, argv, ctx: dict[str, str] | None = None): + def _wcsicmp(self, emu, argv, ctx: api.ApiContext = None): """ int _wcsicmp( const wchar_t *string1, @@ -1762,7 +1762,7 @@ def _wcsicmp(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("??3@YAXPAX@Z", argc=1, conv=e_arch.CALL_CONV_CDECL) - def __3_YAXPAX_Z(self, emu, argv, ctx: dict[str, str] | None = None): + def __3_YAXPAX_Z(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} (ptr,) = argv if ptr: @@ -1770,7 +1770,7 @@ def __3_YAXPAX_Z(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("??2@YAPAXI@Z", argc=1, conv=e_arch.CALL_CONV_CDECL) - def __2_YAPAXI_Z(self, emu, argv, ctx: dict[str, str] | None = None): + def __2_YAPAXI_Z(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} (size,) = argv if size <= 0: @@ -1778,98 +1778,98 @@ def __2_YAPAXI_Z(self, emu, argv, ctx: dict[str, str] | None = None): return self.mem_alloc(size, tag="api.msvcrt.operator_new") @apihook("__current_exception_context", argc=0, conv=e_arch.CALL_CONV_CDECL) - def __current_exception_context(self, emu, argv, ctx: dict[str, str] | None = None): + def __current_exception_context(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("__current_exception", argc=0, conv=e_arch.CALL_CONV_CDECL) - def __current_exception(self, emu, argv, ctx: dict[str, str] | None = None): + def __current_exception(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("_set_new_mode", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _set_new_mode(self, emu, argv, ctx: dict[str, str] | None = None): + def _set_new_mode(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("_configthreadlocale", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _configthreadlocale(self, emu, argv, ctx: dict[str, str] | None = None): + def _configthreadlocale(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("_setusermatherr", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _setusermatherr(self, emu, argv, ctx: dict[str, str] | None = None): + def _setusermatherr(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("__setusermatherr", argc=1, conv=e_arch.CALL_CONV_CDECL) - def __setusermatherr(self, emu, argv, ctx: dict[str, str] | None = None): + def __setusermatherr(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("_cexit", argc=0, conv=e_arch.CALL_CONV_CDECL) - def _cexit(self, emu, argv, ctx: dict[str, str] | None = None): + def _cexit(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} # TODO: handle atexit flavor functions self.exit_process() @apihook("_c_exit", argc=0, conv=e_arch.CALL_CONV_CDECL) - def _c_exit(self, emu, argv, ctx: dict[str, str] | None = None): + def _c_exit(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} self.exit_process() @apihook("_register_thread_local_exe_atexit_callback", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _register_thread_local_exe_atexit_callback(self, emu, argv, ctx: dict[str, str] | None = None): + def _register_thread_local_exe_atexit_callback(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("_crt_atexit", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _crt_atexit(self, emu, argv, ctx: dict[str, str] | None = None): + def _crt_atexit(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("_controlfp_s", argc=3, conv=e_arch.CALL_CONV_CDECL) - def _controlfp_s(self, emu, argv, ctx: dict[str, str] | None = None): + def _controlfp_s(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("terminate", argc=1, conv=e_arch.CALL_CONV_CDECL) - def terminate(self, emu, argv, ctx: dict[str, str] | None = None): + def terminate(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} self.exit_process() @apihook("_crt_atexit", argc=1, conv=e_arch.CALL_CONV_CDECL) # type: ignore[no-redef] - def _crt_atexit(self, emu, argv, ctx: dict[str, str] | None = None): + def _crt_atexit(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("_initialize_narrow_environment", argc=0, conv=e_arch.CALL_CONV_CDECL) - def _initialize_narrow_environment(self, emu, argv, ctx: dict[str, str] | None = None): + def _initialize_narrow_environment(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("_configure_narrow_argv", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _configure_narrow_argv(self, emu, argv, ctx: dict[str, str] | None = None): + def _configure_narrow_argv(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("_set_fmode", argc=1, conv=e_arch.CALL_CONV_CDECL) - def _set_fmode(self, emu, argv, ctx: dict[str, str] | None = None): + def _set_fmode(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("_itoa", argc=3, conv=e_arch.CALL_CONV_CDECL) - def _itoa(self, emu, argv, ctx: dict[str, str] | None = None): + def _itoa(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("_itow", argc=3, conv=e_arch.CALL_CONV_CDECL) - def _itow(self, emu, argv, ctx: dict[str, str] | None = None): + def _itow(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return @apihook("_EH_prolog", argc=0, conv=e_arch.CALL_CONV_CDECL) - def _EH_prolog(self, emu, argv, ctx: dict[str, str] | None = None): + def _EH_prolog(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} # push -1 emu.push_stack(0xFFFFFFFF) @@ -1899,7 +1899,7 @@ def _EH_prolog(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("wcstombs", argc=3, conv=e_arch.CALL_CONV_CDECL) - def wcstombs(self, emu, argv, ctx: dict[str, str] | None = None): + def wcstombs(self, emu, argv, ctx: api.ApiContext = None): """ size_t wcstombs( char *mbstr, @@ -1915,7 +1915,7 @@ def wcstombs(self, emu, argv, ctx: dict[str, str] | None = None): return len(s.encode("ascii")) @apihook("_stricmp", argc=2, conv=e_arch.CALL_CONV_CDECL) - def _stricmp(self, emu, argv, ctx: dict[str, str] | None = None): + def _stricmp(self, emu, argv, ctx: api.ApiContext = None): """ int _stricmp( const char *string1, @@ -1941,7 +1941,7 @@ def _stricmp(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_strnicmp", argc=3, conv=e_arch.CALL_CONV_CDECL) - def _strnicmp(self, emu, argv, ctx: dict[str, str] | None = None): + def _strnicmp(self, emu, argv, ctx: api.ApiContext = None): """ int _strnicmp( const char *string1, @@ -1968,7 +1968,7 @@ def _strnicmp(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_wcsicmp", argc=2, conv=e_arch.CALL_CONV_CDECL) # type: ignore[no-redef] - def _wcsicmp(self, emu, argv, ctx: dict[str, str] | None = None): + def _wcsicmp(self, emu, argv, ctx: api.ApiContext = None): """ int wcsicmp( const wchar_t *string1, @@ -1991,7 +1991,7 @@ def _wcsicmp(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("wcscmp", argc=2, conv=e_arch.CALL_CONV_CDECL) - def wcscmp(self, emu, argv, ctx: dict[str, str] | None = None): + def wcscmp(self, emu, argv, ctx: api.ApiContext = None): """ int wcscmp( const wchar_t *string1, @@ -2012,7 +2012,7 @@ def wcscmp(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("_snwprintf", argc=e_arch.VAR_ARGS, conv=e_arch.CALL_CONV_CDECL) - def _snwprintf(self, emu, argv, ctx: dict[str, str] | None = None): + def _snwprintf(self, emu, argv, ctx: api.ApiContext = None): """ int _snwprintf( wchar_t *buffer, @@ -2042,7 +2042,7 @@ def _snwprintf(self, emu, argv, ctx: dict[str, str] | None = None): return len(fin) @apihook("_errno", argc=0) - def _errno(self, emu, argv, ctx: dict[str, str] | None = None): + def _errno(self, emu, argv, ctx: api.ApiContext = None): """ """ ctx = ctx or {} _VAL = 0x0C @@ -2054,7 +2054,7 @@ def _errno(self, emu, argv, ctx: dict[str, str] | None = None): return self.errno_t @apihook("fopen", argc=2, conv=e_arch.CALL_CONV_CDECL) - def fopen(self, emu, argv, ctx: dict[str, str] | None = None): + def fopen(self, emu, argv, ctx: api.ApiContext = None): """ FILE *fopen( const char *filename, @@ -2086,7 +2086,7 @@ def fopen(self, emu, argv, ctx: dict[str, str] | None = None): return stream @apihook("_wfopen", argc=2, conv=e_arch.CALL_CONV_CDECL) - def _wfopen(self, emu, argv, ctx: dict[str, str] | None = None): + def _wfopen(self, emu, argv, ctx: api.ApiContext = None): """ FILE *_wfopen( const wchar_t *filename, @@ -2118,7 +2118,7 @@ def _wfopen(self, emu, argv, ctx: dict[str, str] | None = None): return stream @apihook("fclose", argc=1, conv=e_arch.CALL_CONV_CDECL) - def fclose(self, emu, argv, ctx: dict[str, str] | None = None): + def fclose(self, emu, argv, ctx: api.ApiContext = None): """ int fclose( FILE *stream @@ -2135,7 +2135,7 @@ def fclose(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("fseek", argc=3, conv=e_arch.CALL_CONV_CDECL) - def fseek(self, emu, argv, ctx: dict[str, str] | None = None): + def fseek(self, emu, argv, ctx: api.ApiContext = None): """ int fseek( FILE *stream, @@ -2160,7 +2160,7 @@ def fseek(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("ftell", argc=1, conv=e_arch.CALL_CONV_CDECL) - def ftell(self, emu, argv, ctx: dict[str, str] | None = None): + def ftell(self, emu, argv, ctx: api.ApiContext = None): """ long ftell( FILE *stream @@ -2183,7 +2183,7 @@ def ftell(self, emu, argv, ctx: dict[str, str] | None = None): return pos @apihook("fread", argc=4, conv=e_arch.CALL_CONV_CDECL) - def fread(self, emu, argv, ctx: dict[str, str] | None = None): + def fread(self, emu, argv, ctx: api.ApiContext = None): """ size_t fread( void *ptr, @@ -2213,7 +2213,7 @@ def fread(self, emu, argv, ctx: dict[str, str] | None = None): return len(data) // size @apihook("fputc", argc=2) - def fputc(self, emu, argv, ctx: dict[str, str] | None = None): + def fputc(self, emu, argv, ctx: api.ApiContext = None): """ int fputc( int c, @@ -2225,7 +2225,7 @@ def fputc(self, emu, argv, ctx: dict[str, str] | None = None): return c @apihook("signal", argc=2) - def signal(self, emu, argv, ctx: dict[str, str] | None = None): + def signal(self, emu, argv, ctx: api.ApiContext = None): """ void __cdecl *signal( int sig, diff --git a/speakeasy/winenv/api/usermode/msvfw32.py b/speakeasy/winenv/api/usermode/msvfw32.py index 96c8db69..2fc6dfe0 100644 --- a/speakeasy/winenv/api/usermode/msvfw32.py +++ b/speakeasy/winenv/api/usermode/msvfw32.py @@ -21,7 +21,7 @@ def get_handle(self): return handle @apihook("ICOpen", argc=3) - def ICOpen(self, emu, argv, ctx: dict[str, str] | None = None): + def ICOpen(self, emu, argv, ctx: api.ApiContext = None): """ HIC ICOpen( DWORD fccType, @@ -34,7 +34,7 @@ def ICOpen(self, emu, argv, ctx: dict[str, str] | None = None): return self.get_handle() @apihook("ICSendMessage", argc=4) - def ICSendMessage(self, emu, argv, ctx: dict[str, str] | None = None): + def ICSendMessage(self, emu, argv, ctx: api.ApiContext = None): """ LRESULT ICSendMessage( HIC hic, @@ -48,7 +48,7 @@ def ICSendMessage(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("ICClose", argc=1) - def ICClose(self, emu, argv, ctx: dict[str, str] | None = None): + def ICClose(self, emu, argv, ctx: api.ApiContext = None): """ LRESULT ICClose( HIC hic diff --git a/speakeasy/winenv/api/usermode/ncrypt.py b/speakeasy/winenv/api/usermode/ncrypt.py index 84fceb9e..5549bce3 100644 --- a/speakeasy/winenv/api/usermode/ncrypt.py +++ b/speakeasy/winenv/api/usermode/ncrypt.py @@ -26,7 +26,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("NCryptOpenStorageProvider", argc=3) - def NCryptOpenStorageProvider(self, emu, argv, ctx: dict[str, str] | None = None): + def NCryptOpenStorageProvider(self, emu, argv, ctx: api.ApiContext = None): """ SECURITY_STATUS NCryptOpenStorageProvider( NCRYPT_PROV_HANDLE *phProvider, @@ -48,7 +48,7 @@ def NCryptOpenStorageProvider(self, emu, argv, ctx: dict[str, str] | None = None return windefs.ERROR_SUCCESS @apihook("NCryptImportKey", argc=8) - def NCryptImportKey(self, emu, argv, ctx: dict[str, str] | None = None): + def NCryptImportKey(self, emu, argv, ctx: api.ApiContext = None): """ SECURITY_STATUS NCryptImportKey( NCRYPT_PROV_HANDLE hProvider, @@ -86,7 +86,7 @@ def NCryptImportKey(self, emu, argv, ctx: dict[str, str] | None = None): return windefs.ERROR_SUCCESS @apihook("NCryptDeleteKey", argc=2) - def NCryptDeleteKey(self, emu, argv, ctx: dict[str, str] | None = None): + def NCryptDeleteKey(self, emu, argv, ctx: api.ApiContext = None): """ SECURITY_STATUS NCryptDeleteKey( NCRYPT_KEY_HANDLE hKey, @@ -105,7 +105,7 @@ def NCryptDeleteKey(self, emu, argv, ctx: dict[str, str] | None = None): return windefs.ERROR_SUCCESS @apihook("NCryptFreeObject", argc=1) - def NCryptFreeObject(self, emu, argv, ctx: dict[str, str] | None = None): + def NCryptFreeObject(self, emu, argv, ctx: api.ApiContext = None): """ SECURITY_STATUS NCryptFreeObject( NCRYPT_HANDLE hObject diff --git a/speakeasy/winenv/api/usermode/netapi32.py b/speakeasy/winenv/api/usermode/netapi32.py index f5da3457..abf7c3b4 100644 --- a/speakeasy/winenv/api/usermode/netapi32.py +++ b/speakeasy/winenv/api/usermode/netapi32.py @@ -20,7 +20,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("NetGetJoinInformation", argc=3) - def NetGetJoinInformation(self, emu, argv, ctx: dict[str, str] | None = None): + def NetGetJoinInformation(self, emu, argv, ctx: api.ApiContext = None): """ NET_API_STATUS NET_API_FUNCTION NetGetJoinInformation( LPCWSTR lpServer, @@ -48,7 +48,7 @@ def NetGetJoinInformation(self, emu, argv, ctx: dict[str, str] | None = None): return netapi32defs.NERR_Success @apihook("NetWkstaGetInfo", argc=3) - def NetWkstaGetInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def NetWkstaGetInfo(self, emu, argv, ctx: api.ApiContext = None): """ NET_API_STATUS NET_API_FUNCTION NetWkstaGetInfo( LMSTR servername, @@ -127,7 +127,7 @@ def NetUserAdd(self, emu, argv, ctx={}): return netapi32defs.NERR_Success @apihook("NetApiBufferFree", argc=1) - def NetApiBufferFree(self, emu, argv, ctx: dict[str, str] | None = None): + def NetApiBufferFree(self, emu, argv, ctx: api.ApiContext = None): """ NET_API_STATUS NET_API_FUNCTION NetApiBufferFree( _Frees_ptr_opt_ LPVOID Buffer diff --git a/speakeasy/winenv/api/usermode/netutils.py b/speakeasy/winenv/api/usermode/netutils.py index 0d6f3857..ec7770ec 100644 --- a/speakeasy/winenv/api/usermode/netutils.py +++ b/speakeasy/winenv/api/usermode/netutils.py @@ -16,7 +16,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("NetApiBufferFree", argc=1) - def NetApiBufferFree(self, emu, argv, ctx: dict[str, str] | None = None): + def NetApiBufferFree(self, emu, argv, ctx: api.ApiContext = None): """ NET_API_STATUS NET_API_FUNCTION NetApiBufferFree( _Frees_ptr_opt_ LPVOID Buffer diff --git a/speakeasy/winenv/api/usermode/ntdll.py b/speakeasy/winenv/api/usermode/ntdll.py index 586b4e6e..49031605 100644 --- a/speakeasy/winenv/api/usermode/ntdll.py +++ b/speakeasy/winenv/api/usermode/ntdll.py @@ -31,26 +31,26 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("RtlGetLastWin32Error", argc=0) - def RtlGetLastWin32Error(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlGetLastWin32Error(self, emu, argv, ctx: api.ApiContext = None): """DWORD RtlGetLastWin32Error();""" ctx = ctx or {} return emu.get_last_error() @apihook("RtlNtStatusToDosError", argc=1) - def RtlNtStatusToDosError(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlNtStatusToDosError(self, emu, argv, ctx: api.ApiContext = None): """ULONG RtlNtStatusToDosError(NTSTATUS Status);""" ctx = ctx or {} return 0 @apihook("RtlFlushSecureMemoryCache", argc=2) - def RtlFlushSecureMemoryCache(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlFlushSecureMemoryCache(self, emu, argv, ctx: api.ApiContext = None): """DWORD RtlFlushSecureMemoryCache(PVOID arg0, PVOID arg1);""" ctx = ctx or {} return True @apihook("RtlAddVectoredExceptionHandler", argc=2) - def RtlAddVectoredExceptionHandler(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlAddVectoredExceptionHandler(self, emu, argv, ctx: api.ApiContext = None): """ PVOID AddVectoredExceptionHandler( ULONG First, @@ -65,7 +65,7 @@ def RtlAddVectoredExceptionHandler(self, emu, argv, ctx: dict[str, str] | None = return Handler @apihook("NtYieldExecution", argc=0) - def NtYieldExecution(self, emu, argv, ctx: dict[str, str] | None = None): + def NtYieldExecution(self, emu, argv, ctx: api.ApiContext = None): """ NtYieldExecution(); """ @@ -73,7 +73,7 @@ def NtYieldExecution(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("RtlRemoveVectoredExceptionHandler", argc=1) - def RtlRemoveVectoredExceptionHandler(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlRemoveVectoredExceptionHandler(self, emu, argv, ctx: api.ApiContext = None): """ ULONG RemoveVectoredExceptionHandler( PVOID Handle @@ -87,7 +87,7 @@ def RtlRemoveVectoredExceptionHandler(self, emu, argv, ctx: dict[str, str] | Non return Handler @apihook("LdrLoadDll", argc=4) - def LdrLoadDll(self, emu, argv, ctx: dict[str, str] | None = None): + def LdrLoadDll(self, emu, argv, ctx: api.ApiContext = None): """NTSTATUS NTAPI LdrLoadDll( @@ -139,7 +139,7 @@ def LdrLoadDll(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("LdrGetProcedureAddress", argc=4) - def LdrGetProcedureAddress(self, emu, argv, ctx: dict[str, str] | None = None): + def LdrGetProcedureAddress(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS LdrGetProcedureAddress( HMODULE ModuleHandle, @@ -175,7 +175,7 @@ def LdrGetProcedureAddress(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RtlZeroMemory", argc=2) - def RtlZeroMemory(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlZeroMemory(self, emu, argv, ctx: api.ApiContext = None): """ void RtlZeroMemory( void* Destination, @@ -188,7 +188,7 @@ def RtlZeroMemory(self, emu, argv, ctx: dict[str, str] | None = None): self.mem_write(dest, buf) @apihook("RtlMoveMemory", argc=3) - def RtlMoveMemory(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlMoveMemory(self, emu, argv, ctx: api.ApiContext = None): """ void RtlMoveMemory(void* pvDest, const void *pSrc, size_t Length); """ @@ -198,7 +198,7 @@ def RtlMoveMemory(self, emu, argv, ctx: dict[str, str] | None = None): self.mem_write(dest, buf) @apihook("NtSetInformationProcess", argc=4) - def NtSetInformationProcess(self, emu, argv, ctx: dict[str, str] | None = None): + def NtSetInformationProcess(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS NTAPI @@ -213,7 +213,7 @@ def NtSetInformationProcess(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("RtlEncodePointer", argc=1) - def RtlEncodePointer(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlEncodePointer(self, emu, argv, ctx: api.ApiContext = None): """ PVOID NTAPI @@ -227,7 +227,7 @@ def RtlEncodePointer(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RtlDecodePointer", argc=1) - def RtlDecodePointer(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlDecodePointer(self, emu, argv, ctx: api.ApiContext = None): """ PVOID NTAPI @@ -241,7 +241,7 @@ def RtlDecodePointer(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("NtWaitForSingleObject", argc=3) - def NtWaitForSingleObject(self, emu, argv, ctx: dict[str, str] | None = None): + def NtWaitForSingleObject(self, emu, argv, ctx: api.ApiContext = None): """ NTSYSAPI NTSTATUS @@ -265,7 +265,7 @@ def NtWaitForSingleObject(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RtlComputeCrc32", argc=3) - def RtlComputeCrc32(self, emu, argv, ctx: dict[str, str] | None = None): + def RtlComputeCrc32(self, emu, argv, ctx: api.ApiContext = None): """ DWORD RtlComputeCrc32( DWORD dwInitial, @@ -282,7 +282,7 @@ def RtlComputeCrc32(self, emu, argv, ctx: dict[str, str] | None = None): return dwInitial @apihook("LdrFindResource_U", argc=4) - def LdrFindResource_U(self, emu, argv, ctx: dict[str, str] | None = None): + def LdrFindResource_U(self, emu, argv, ctx: api.ApiContext = None): """ pub unsafe extern "system" fn LdrFindResource_U( DllHandle: PVOID, @@ -344,7 +344,7 @@ def LdrFindResource_U(self, emu, argv, ctx: dict[str, str] | None = None): return ddk.STATUS_SUCCESS @apihook("NtUnmapViewOfSection", argc=2) - def NtUnmapViewOfSection(self, emu, argv, ctx: dict[str, str] | None = None): + def NtUnmapViewOfSection(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS NtUnmapViewOfSection( HANDLE ProcessHandle, @@ -355,7 +355,7 @@ def NtUnmapViewOfSection(self, emu, argv, ctx: dict[str, str] | None = None): return ddk.STATUS_SUCCESS @apihook("LdrAccessResource", argc=4) - def LdrAccessResource(self, emu, argv, ctx: dict[str, str] | None = None): + def LdrAccessResource(self, emu, argv, ctx: api.ApiContext = None): """ NTSTATUS NTAPI LdrAccessResource ( _In_ PVOID BaseAddress, _In_ PIMAGE_RESOURCE_DATA_ENTRY ResourceDataEntry, diff --git a/speakeasy/winenv/api/usermode/ole32.py b/speakeasy/winenv/api/usermode/ole32.py index a224e24d..299967bc 100644 --- a/speakeasy/winenv/api/usermode/ole32.py +++ b/speakeasy/winenv/api/usermode/ole32.py @@ -25,7 +25,7 @@ def __init__(self, emu): self.names = {} @apihook("OleInitialize", argc=1) - def OleInitialize(self, emu, argv, ctx: dict[str, str] | None = None): + def OleInitialize(self, emu, argv, ctx: api.ApiContext = None): """ HRESULT OleInitialize( IN LPVOID pvReserved @@ -38,7 +38,7 @@ def OleInitialize(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CoInitialize", argc=1) - def CoInitialize(self, emu, argv, ctx: dict[str, str] | None = None): + def CoInitialize(self, emu, argv, ctx: api.ApiContext = None): """ HRESULT CoInitialize( LPVOID pvReserved @@ -51,7 +51,7 @@ def CoInitialize(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CoInitializeEx", argc=2) - def CoInitializeEx(self, emu, argv, ctx: dict[str, str] | None = None): + def CoInitializeEx(self, emu, argv, ctx: api.ApiContext = None): """ HRESULT CoInitializeEx( LPVOID pvReserved, @@ -65,14 +65,14 @@ def CoInitializeEx(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CoUninitialize", argc=0) - def CoUninitialize(self, emu, argv, ctx: dict[str, str] | None = None): + def CoUninitialize(self, emu, argv, ctx: api.ApiContext = None): """ void CoUninitialize(); """ ctx = ctx or {} @apihook("CoInitializeSecurity", argc=9) - def CoInitializeSecurity(self, emu, argv, ctx: dict[str, str] | None = None): + def CoInitializeSecurity(self, emu, argv, ctx: api.ApiContext = None): """ HRESULT CoInitializeSecurity( PSECURITY_DESCRIPTOR pSecDesc, @@ -101,7 +101,7 @@ def CoInitializeSecurity(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CoCreateInstance", argc=5) - def CoCreateInstance(self, emu, argv, ctx: dict[str, str] | None = None): + def CoCreateInstance(self, emu, argv, ctx: api.ApiContext = None): """ HRESULT CoCreateInstance( REFCLSID rclsid, @@ -138,7 +138,7 @@ def CoCreateInstance(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CoSetProxyBlanket", argc=8) - def CoSetProxyBlanket(self, emu, argv, ctx: dict[str, str] | None = None): + def CoSetProxyBlanket(self, emu, argv, ctx: api.ApiContext = None): """ HRESULT CoSetProxyBlanket( IUnknown *pProxy, @@ -155,7 +155,7 @@ def CoSetProxyBlanket(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("StringFromCLSID", argc=2) - def StringFromCLSID(self, emu, argv, ctx: dict[str, str] | None = None): + def StringFromCLSID(self, emu, argv, ctx: api.ApiContext = None): """ HRESULT StringFromCLSID( REFCLSID rclsid, @@ -180,7 +180,7 @@ def StringFromCLSID(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CoCreateGuid", argc=1) - def CoCreateGuid(self, emu, argv, ctx: dict[str, str] | None = None): + def CoCreateGuid(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} pguid = argv[0] guid_bytes = b"\xde\xad\xc0\xde\xbe\xef\xca\xfe\xba\xbe\x01\x23\x45\x67\x89\xab" diff --git a/speakeasy/winenv/api/usermode/oleaut32.py b/speakeasy/winenv/api/usermode/oleaut32.py index e99757d4..82ce5a7b 100644 --- a/speakeasy/winenv/api/usermode/oleaut32.py +++ b/speakeasy/winenv/api/usermode/oleaut32.py @@ -16,7 +16,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("SysAllocString", argc=1, ordinal=2) - def SysAllocString(self, emu, argv, ctx: dict[str, str] | None = None): + def SysAllocString(self, emu, argv, ctx: api.ApiContext = None): """ BSTR SysAllocString( const OLECHAR *psz @@ -43,7 +43,7 @@ def SysAllocString(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("SysAllocStringLen", argc=2, ordinal=4) - def SysAllocStringLen(self, emu, argv, ctx: dict[str, str] | None = None): + def SysAllocStringLen(self, emu, argv, ctx: api.ApiContext = None): """ BSTR SysAllocStringLen( [in] const OLECHAR *strIn, @@ -74,7 +74,7 @@ def SysAllocStringLen(self, emu, argv, ctx: dict[str, str] | None = None): return bstr + 4 @apihook("SysFreeString", argc=1, ordinal=6) - def SysFreeString(self, emu, argv, ctx: dict[str, str] | None = None): + def SysFreeString(self, emu, argv, ctx: api.ApiContext = None): """ void SysFreeString( BSTR bstrString @@ -85,7 +85,7 @@ def SysFreeString(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("VariantInit", argc=1, ordinal=8) - def VariantInit(self, emu, argv, ctx: dict[str, str] | None = None): + def VariantInit(self, emu, argv, ctx: api.ApiContext = None): """ void VariantInit( VARIANTARG *pvarg diff --git a/speakeasy/winenv/api/usermode/psapi.py b/speakeasy/winenv/api/usermode/psapi.py index eee843fa..de27a8f8 100644 --- a/speakeasy/winenv/api/usermode/psapi.py +++ b/speakeasy/winenv/api/usermode/psapi.py @@ -53,7 +53,7 @@ def _get_module_file_name(self, proc, hModule): return proc.path or "" @apihook("EnumProcesses", argc=3) - def EnumProcesses(self, emu, argv, ctx: dict[str, str] | None = None): + def EnumProcesses(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} lpidProcess, cb, lpcbNeeded = argv processes = emu.get_processes() @@ -74,7 +74,7 @@ def EnumProcesses(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("EnumProcessModules", argc=4) - def EnumProcessModules(self, emu, argv, ctx: dict[str, str] | None = None): + def EnumProcessModules(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} hProcess, lphModule, cb, lpcbNeeded = argv proc = self.get_object_from_handle(hProcess) @@ -101,7 +101,7 @@ def EnumProcessModules(self, emu, argv, ctx: dict[str, str] | None = None): @apihook("GetModuleBaseName", argc=4) @apihook("GetModuleBaseNameA", argc=4) @apihook("GetModuleBaseNameW", argc=4) - def GetModuleBaseName(self, emu, argv, ctx: dict[str, str] | None = None): + def GetModuleBaseName(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} hProcess, hModule, lpBaseName, nSize = argv if not lpBaseName or nSize == 0: @@ -132,7 +132,7 @@ def GetModuleBaseName(self, emu, argv, ctx: dict[str, str] | None = None): @apihook("GetModuleFileNameEx", argc=4) @apihook("GetModuleFileNameExA", argc=4) @apihook("GetModuleFileNameExW", argc=4) - def GetModuleFileNameEx(self, emu, argv, ctx: dict[str, str] | None = None): + def GetModuleFileNameEx(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} hProcess, hModule, lpFilename, nSize = argv if not lpFilename or nSize == 0: diff --git a/speakeasy/winenv/api/usermode/rpcrt4.py b/speakeasy/winenv/api/usermode/rpcrt4.py index f0c39cd3..d131bbf2 100644 --- a/speakeasy/winenv/api/usermode/rpcrt4.py +++ b/speakeasy/winenv/api/usermode/rpcrt4.py @@ -21,7 +21,7 @@ def __init__(self, emu): super().__init__(emu) @apihook("UuidCreate", argc=1) - def UuidCreate(self, emu, argv, ctx: dict[str, str] | None = None): + def UuidCreate(self, emu, argv, ctx: api.ApiContext = None): """ RPC_STATUS UuidCreate( UUID *Uuid @@ -44,7 +44,7 @@ def UuidCreate(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("UuidToStringA", argc=2) - def UuidToStringA(self, emu, argv, ctx: dict[str, str] | None = None): + def UuidToStringA(self, emu, argv, ctx: api.ApiContext = None): """ RPC_STATUS UuidToStringA( const UUID *Uuid, diff --git a/speakeasy/winenv/api/usermode/secur32.py b/speakeasy/winenv/api/usermode/secur32.py index b80118da..8cfd5223 100644 --- a/speakeasy/winenv/api/usermode/secur32.py +++ b/speakeasy/winenv/api/usermode/secur32.py @@ -17,7 +17,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("GetUserNameEx", argc=3, conv=_arch.CALL_CONV_STDCALL) - def GetUserNameEx(self, emu, argv, ctx: dict[str, str] | None = None): + def GetUserNameEx(self, emu, argv, ctx: api.ApiContext = None): """ BOOLEAN SEC_ENTRY GetUserNameExA( EXTENDED_NAME_FORMAT NameFormat, @@ -46,7 +46,7 @@ def GetUserNameEx(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("EncryptMessage", argc=4) - def EncryptMessage(self, emu, argv, ctx: dict[str, str] | None = None): + def EncryptMessage(self, emu, argv, ctx: api.ApiContext = None): """ SECURITY_STATUS SEC_ENTRY EncryptMessage( PCtxtHandle phContext, diff --git a/speakeasy/winenv/api/usermode/sfc.py b/speakeasy/winenv/api/usermode/sfc.py index b4847ec4..643a6969 100644 --- a/speakeasy/winenv/api/usermode/sfc.py +++ b/speakeasy/winenv/api/usermode/sfc.py @@ -15,11 +15,11 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("SfcIsFileProtected", argc=2) - def SfcIsFileProtected(self, emu, argv, ctx: dict[str, str] | None = None): + def SfcIsFileProtected(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return False @apihook("SfcTerminateWatcherThread", argc=0, ordinal=2) - def SfcTerminateWatcherThread(self, emu, argv, ctx: dict[str, str] | None = None): + def SfcTerminateWatcherThread(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} return 0 diff --git a/speakeasy/winenv/api/usermode/shell32.py b/speakeasy/winenv/api/usermode/shell32.py index ddeaa4c4..07646cad 100644 --- a/speakeasy/winenv/api/usermode/shell32.py +++ b/speakeasy/winenv/api/usermode/shell32.py @@ -36,7 +36,7 @@ def get_handle(self): return self.curr_handle @apihook("SHCreateDirectoryEx", argc=3) - def SHCreateDirectoryEx(self, emu, argv, ctx: dict[str, str] | None = None): + def SHCreateDirectoryEx(self, emu, argv, ctx: api.ApiContext = None): """ int SHCreateDirectoryExA( HWND hwnd, @@ -59,7 +59,7 @@ def SHCreateDirectoryEx(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("ShellExecute", argc=6) - def ShellExecute(self, emu, argv, ctx: dict[str, str] | None = None): + def ShellExecute(self, emu, argv, ctx: api.ApiContext = None): """ HINSTANCE ShellExecuteA( HWND hwnd, @@ -101,7 +101,7 @@ def ShellExecute(self, emu, argv, ctx: dict[str, str] | None = None): return 33 @apihook("ShellExecuteEx", argc=1) - def ShellExecuteEx(self, emu, argv, ctx: dict[str, str] | None = None): + def ShellExecuteEx(self, emu, argv, ctx: api.ApiContext = None): """ BOOL ShellExecuteExA( [in, out] SHELLEXECUTEINFOA *pExecInfo @@ -120,7 +120,7 @@ def ShellExecuteEx(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("SHChangeNotify", argc=4) - def SHChangeNotify(self, emu, argv, ctx: dict[str, str] | None = None): + def SHChangeNotify(self, emu, argv, ctx: api.ApiContext = None): """ void SHChangeNotify( LONG wEventId, @@ -133,7 +133,7 @@ def SHChangeNotify(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("IsUserAnAdmin", argc=0, ordinal=680) - def IsUserAnAdmin(self, emu, argv, ctx: dict[str, str] | None = None): + def IsUserAnAdmin(self, emu, argv, ctx: api.ApiContext = None): """ BOOL IsUserAnAdmin(); """ @@ -141,7 +141,7 @@ def IsUserAnAdmin(self, emu, argv, ctx: dict[str, str] | None = None): return emu.config.user.is_admin @apihook("SHGetMalloc", argc=1) - def SHGetMalloc(self, emu, argv, ctx: dict[str, str] | None = None): + def SHGetMalloc(self, emu, argv, ctx: api.ApiContext = None): """ SHSTDAPI SHGetMalloc( IMalloc **ppMalloc @@ -157,7 +157,7 @@ def SHGetMalloc(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CommandLineToArgv", argc=2) - def CommandLineToArgv(self, emu, argv, ctx: dict[str, str] | None = None): + def CommandLineToArgv(self, emu, argv, ctx: api.ApiContext = None): """ LPWSTR * CommandLineToArgv( LPCWSTR lpCmdLine, @@ -201,7 +201,7 @@ def CommandLineToArgv(self, emu, argv, ctx: dict[str, str] | None = None): return buf @apihook("ExtractIcon", argc=3) - def ExtractIcon(self, emu, argv, ctx: dict[str, str] | None = None): + def ExtractIcon(self, emu, argv, ctx: api.ApiContext = None): """ HICON ExtractIconA( HINSTANCE hInst, @@ -214,7 +214,7 @@ def ExtractIcon(self, emu, argv, ctx: dict[str, str] | None = None): return self.get_handle() @apihook("SHGetFolderPath", argc=5) - def SHGetFolderPath(self, emu, argv, ctx: dict[str, str] | None = None): + def SHGetFolderPath(self, emu, argv, ctx: api.ApiContext = None): """ HWND hwnd, int csidl, diff --git a/speakeasy/winenv/api/usermode/shlwapi.py b/speakeasy/winenv/api/usermode/shlwapi.py index 0d801c73..68c8893a 100644 --- a/speakeasy/winenv/api/usermode/shlwapi.py +++ b/speakeasy/winenv/api/usermode/shlwapi.py @@ -37,7 +37,7 @@ def join_windows_path(self, *args, **kwargs): return os.path.join(*args, **kwargs).replace("/", "\\") @apihook("PathIsRelative", argc=1) - def PathIsRelative(self, emu, argv, ctx: dict[str, str] | None = None): + def PathIsRelative(self, emu, argv, ctx: api.ApiContext = None): """ BOOL PathIsRelativeA( LPCSTR pszPath @@ -60,7 +60,7 @@ def PathIsRelative(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("StrStr", argc=2) - def StrStr(self, emu, argv, ctx: dict[str, str] | None = None): + def StrStr(self, emu, argv, ctx: api.ApiContext = None): """ PCSTR StrStr( PCSTR pszFirst, @@ -90,7 +90,7 @@ def StrStr(self, emu, argv, ctx: dict[str, str] | None = None): return ret @apihook("StrStrI", argc=2) - def StrStrI(self, emu, argv, ctx: dict[str, str] | None = None): + def StrStrI(self, emu, argv, ctx: api.ApiContext = None): """ PCSTR StrStrI( PCSTR pszFirst, @@ -122,7 +122,7 @@ def StrStrI(self, emu, argv, ctx: dict[str, str] | None = None): return ret @apihook("PathFindExtension", argc=1) - def PathFindExtension(self, emu, argv, ctx: dict[str, str] | None = None): + def PathFindExtension(self, emu, argv, ctx: api.ApiContext = None): """LPCSTR PathFindExtensionA( LPCSTR pszPath ); @@ -142,7 +142,7 @@ def PathFindExtension(self, emu, argv, ctx: dict[str, str] | None = None): return pszPath + idx1 + 1 + idx2 @apihook("StrCmpI", argc=2) - def StrCmpI(self, emu, argv, ctx: dict[str, str] | None = None): + def StrCmpI(self, emu, argv, ctx: api.ApiContext = None): """ int StrCmpI( PCWSTR psz1, @@ -166,7 +166,7 @@ def StrCmpI(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("PathFindFileName", argc=1) - def PathFindFileName(self, emu, argv, ctx: dict[str, str] | None = None): + def PathFindFileName(self, emu, argv, ctx: api.ApiContext = None): """ LPCSTR PathFindFileNameA( LPCSTR pszPath @@ -185,7 +185,7 @@ def PathFindFileName(self, emu, argv, ctx: dict[str, str] | None = None): return pszPath + idx + 1 @apihook("PathRemoveExtension", argc=1) - def PathRemoveExtension(self, emu, argv, ctx: dict[str, str] | None = None): + def PathRemoveExtension(self, emu, argv, ctx: api.ApiContext = None): """ void PathRemoveExtensionA( LPSTR pszPath @@ -208,7 +208,7 @@ def PathRemoveExtension(self, emu, argv, ctx: dict[str, str] | None = None): return pszPath @apihook("PathStripPath", argc=1) - def PathStripPath(self, emu, argv, ctx: dict[str, str] | None = None): + def PathStripPath(self, emu, argv, ctx: api.ApiContext = None): """ void PathStripPath( LPSTR pszPath @@ -226,7 +226,7 @@ def PathStripPath(self, emu, argv, ctx: dict[str, str] | None = None): self.mem_write(pszPath, mod_name) @apihook("wvnsprintfA", argc=4) - def wvnsprintfA(self, emu, argv, ctx: dict[str, str] | None = None): + def wvnsprintfA(self, emu, argv, ctx: api.ApiContext = None): """ int wvnsprintfA( PSTR pszDest, @@ -255,7 +255,7 @@ def wvnsprintfA(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("wnsprintf", argc=e_arch.VAR_ARGS, conv=e_arch.CALL_CONV_CDECL) - def wnsprintf(self, emu, argv, ctx: dict[str, str] | None = None): + def wnsprintf(self, emu, argv, ctx: api.ApiContext = None): """ int wnsprintfA( PSTR pszDest, @@ -289,7 +289,7 @@ def wnsprintf(self, emu, argv, ctx: dict[str, str] | None = None): return -1 @apihook("PathAppend", argc=2) - def PathAppend(self, emu, argv, ctx: dict[str, str] | None = None): + def PathAppend(self, emu, argv, ctx: api.ApiContext = None): """ BOOL PathAppendA( LPSTR pszPath, @@ -309,7 +309,7 @@ def PathAppend(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("PathCanonicalize", argc=2) - def PathCanonicalize(self, emu, argv, ctx: dict[str, str] | None = None): + def PathCanonicalize(self, emu, argv, ctx: api.ApiContext = None): """ BOOL PathCanonicalizeW( [out] LPWSTR pszBuf, @@ -323,7 +323,7 @@ def PathCanonicalize(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("PathRemoveFileSpec", argc=1) - def PathRemoveFileSpec(self, emu, argv, ctx: dict[str, str] | None = None): + def PathRemoveFileSpec(self, emu, argv, ctx: api.ApiContext = None): """ BOOL PathRemoveFileSpec(LPTSTR pszPath); """ @@ -340,7 +340,7 @@ def PathRemoveFileSpec(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("PathAddBackslash", argc=1) - def PathAddBackslash(self, emu, argv, ctx: dict[str, str] | None = None): + def PathAddBackslash(self, emu, argv, ctx: api.ApiContext = None): """ LPTSTR PathAddBackslash(LPTSTR pszPath); """ @@ -357,7 +357,7 @@ def PathAddBackslash(self, emu, argv, ctx: dict[str, str] | None = None): return pszPath @apihook("PathRenameExtension", argc=2) - def PathRenameExtension(self, emu, argv, ctx: dict[str, str] | None = None): + def PathRenameExtension(self, emu, argv, ctx: api.ApiContext = None): """ BOOL PathRenameExtension( [in, out] LPSTR pszPath, diff --git a/speakeasy/winenv/api/usermode/urlmon.py b/speakeasy/winenv/api/usermode/urlmon.py index fb0d045c..17cfc06d 100644 --- a/speakeasy/winenv/api/usermode/urlmon.py +++ b/speakeasy/winenv/api/usermode/urlmon.py @@ -23,7 +23,7 @@ def __init__(self, emu): self.names = {} @apihook("URLDownloadToFile", argc=5) - def URLDownloadToFile(self, emu, argv, ctx: dict[str, str] | None = None): + def URLDownloadToFile(self, emu, argv, ctx: api.ApiContext = None): """ HRESULT URLDownloadToFile( LPUNKNOWN pCaller, @@ -56,7 +56,7 @@ def URLDownloadToFile(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("URLDownloadToCacheFile", argc=6) - def URLDownloadToCacheFile(self, emu, argv, ctx: dict[str, str] | None = None): + def URLDownloadToCacheFile(self, emu, argv, ctx: api.ApiContext = None): """ HRESULT URLDownloadToCacheFileA( LPUNKNOWN pCaller, diff --git a/speakeasy/winenv/api/usermode/user32.py b/speakeasy/winenv/api/usermode/user32.py index 47783ef2..3c123ff5 100644 --- a/speakeasy/winenv/api/usermode/user32.py +++ b/speakeasy/winenv/api/usermode/user32.py @@ -111,7 +111,7 @@ def find_string_resource_by_id(self, pe, uID): return pe_metadata.string_table.get(uID) @apihook("GetDesktopWindow", argc=0) - def GetDesktopWindow(self, emu, argv, ctx: dict[str, str] | None = None): + def GetDesktopWindow(self, emu, argv, ctx: api.ApiContext = None): """HWND GetDesktopWindow();""" ctx = ctx or {} @@ -124,7 +124,7 @@ def GetDesktopWindow(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("ShowWindow", argc=2) - def ShowWindow(self, emu, argv, ctx: dict[str, str] | None = None): + def ShowWindow(self, emu, argv, ctx: api.ApiContext = None): """BOOL ShowWindow( HWND hWnd, int nCmdShow @@ -136,7 +136,7 @@ def ShowWindow(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CreateWindowStation", argc=4) - def CreateWindowStation(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateWindowStation(self, emu, argv, ctx: api.ApiContext = None): """ HWINSTA CreateWindowStation( LPCSTR lpwinsta, @@ -151,7 +151,7 @@ def CreateWindowStation(self, emu, argv, ctx: dict[str, str] | None = None): return self.get_handle() @apihook("SetProcessWindowStation", argc=1) - def SetProcessWindowStation(self, emu, argv, ctx: dict[str, str] | None = None): + def SetProcessWindowStation(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetProcessWindowStation( HWINSTA hWinSta @@ -167,7 +167,7 @@ def SetProcessWindowStation(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetDC", argc=1) - def GetDC(self, emu, argv, ctx: dict[str, str] | None = None): + def GetDC(self, emu, argv, ctx: api.ApiContext = None): """ HDC GetDC( HWND hWnd @@ -180,7 +180,7 @@ def GetDC(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("RegisterClassEx", argc=1) - def RegisterClassEx(self, emu, argv, ctx: dict[str, str] | None = None): + def RegisterClassEx(self, emu, argv, ctx: api.ApiContext = None): """ ATOM RegisterClassEx( const WNDCLASSEXA *Arg1 @@ -201,7 +201,7 @@ def RegisterClassEx(self, emu, argv, ctx: dict[str, str] | None = None): return atom @apihook("UnregisterClass", argc=2) - def UnregisterClass(self, emu, argv, ctx: dict[str, str] | None = None): + def UnregisterClass(self, emu, argv, ctx: api.ApiContext = None): """ BOOL UnregisterClass( LPCSTR lpClassName, @@ -213,7 +213,7 @@ def UnregisterClass(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("SetCursorPos", argc=2) - def SetCursorPos(self, emu, argv, ctx: dict[str, str] | None = None): + def SetCursorPos(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetCursorPos( int X, @@ -224,7 +224,7 @@ def SetCursorPos(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("CloseDesktop", argc=1) - def CloseDesktop(self, emu, argv, ctx: dict[str, str] | None = None): + def CloseDesktop(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CloseDesktop( HDESK hDesktop @@ -234,7 +234,7 @@ def CloseDesktop(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("CloseWindowStation", argc=1) - def CloseWindowStation(self, emu, argv, ctx: dict[str, str] | None = None): + def CloseWindowStation(self, emu, argv, ctx: api.ApiContext = None): """ BOOL CloseWindowStation( HWINSTA hWinSta @@ -244,7 +244,7 @@ def CloseWindowStation(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetThreadDesktop", argc=1) - def GetThreadDesktop(self, emu, argv, ctx: dict[str, str] | None = None): + def GetThreadDesktop(self, emu, argv, ctx: api.ApiContext = None): """ HDESK GetThreadDesktop( DWORD dwThreadId @@ -254,7 +254,7 @@ def GetThreadDesktop(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("OpenWindowStation", argc=3) - def OpenWindowStation(self, emu, argv, ctx: dict[str, str] | None = None): + def OpenWindowStation(self, emu, argv, ctx: api.ApiContext = None): """ HWINSTA OpenWindowStation( LPCSTR lpszWinSta, @@ -266,7 +266,7 @@ def OpenWindowStation(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("ChangeWindowMessageFilter", argc=2) - def ChangeWindowMessageFilter(self, emu, argv, ctx: dict[str, str] | None = None): + def ChangeWindowMessageFilter(self, emu, argv, ctx: api.ApiContext = None): """ BOOL ChangeWindowMessageFilter( UINT message, @@ -279,7 +279,7 @@ def ChangeWindowMessageFilter(self, emu, argv, ctx: dict[str, str] | None = None return True @apihook("UpdateWindow", argc=1) - def UpdateWindow(self, emu, argv, ctx: dict[str, str] | None = None): + def UpdateWindow(self, emu, argv, ctx: api.ApiContext = None): """ BOOL UpdateWindow( HWND hWnd @@ -299,7 +299,7 @@ def UpdateWindow(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("PostQuitMessage", argc=1) - def PostQuitMessage(self, emu, argv, ctx: dict[str, str] | None = None): + def PostQuitMessage(self, emu, argv, ctx: api.ApiContext = None): """ void PostQuitMessage( int nExitCode @@ -309,7 +309,7 @@ def PostQuitMessage(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("DestroyWindow", argc=1) - def DestroyWindow(self, emu, argv, ctx: dict[str, str] | None = None): + def DestroyWindow(self, emu, argv, ctx: api.ApiContext = None): """ BOOL DestroyWindow( HWND hWnd @@ -319,7 +319,7 @@ def DestroyWindow(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("DefWindowProc", argc=4) - def DefWindowProc(self, emu, argv, ctx: dict[str, str] | None = None): + def DefWindowProc(self, emu, argv, ctx: api.ApiContext = None): """ LRESULT LRESULT DefWindowProc( HWND hWnd, @@ -332,7 +332,7 @@ def DefWindowProc(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("CreateWindowEx", argc=12) - def CreateWindowEx(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateWindowEx(self, emu, argv, ctx: api.ApiContext = None): """ HWND CreateWindowExA( DWORD dwExStyle, @@ -366,7 +366,7 @@ def CreateWindowEx(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("SetLayeredWindowAttributes", argc=4) - def SetLayeredWindowAttributes(self, emu, argv, ctx: dict[str, str] | None = None): + def SetLayeredWindowAttributes(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetLayeredWindowAttributes( [in] HWND hwnd, @@ -380,7 +380,7 @@ def SetLayeredWindowAttributes(self, emu, argv, ctx: dict[str, str] | None = Non return 1 @apihook("MessageBox", argc=4) - def MessageBox(self, emu, argv, ctx: dict[str, str] | None = None): + def MessageBox(self, emu, argv, ctx: api.ApiContext = None): """int MessageBox( HWND hWnd, LPCTSTR lpText, @@ -403,7 +403,7 @@ def MessageBox(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("MessageBoxEx", argc=5) - def MessageBoxEx(self, emu, argv, ctx: dict[str, str] | None = None): + def MessageBoxEx(self, emu, argv, ctx: api.ApiContext = None): """ int MessageBoxExA( HWND hWnd, @@ -420,7 +420,7 @@ def MessageBoxEx(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("LoadString", argc=4) - def LoadString(self, emu, argv, ctx: dict[str, str] | None = None): + def LoadString(self, emu, argv, ctx: api.ApiContext = None): """ int LoadStringW( HINSTANCE hInstance, @@ -477,7 +477,7 @@ def LoadString(self, emu, argv, ctx: dict[str, str] | None = None): return len(encoded) @apihook("GetCursorPos", argc=1) - def GetCursorPos(self, emu, argv, ctx: dict[str, str] | None = None): + def GetCursorPos(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetCursorPos( LPPOINT lpPoint @@ -491,7 +491,7 @@ def GetCursorPos(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetAsyncKeyState", argc=1) - def GetAsyncKeyState(self, emu, argv, ctx: dict[str, str] | None = None): + def GetAsyncKeyState(self, emu, argv, ctx: api.ApiContext = None): """ SHORT GetAsyncKeyState( [in] int vKey @@ -503,7 +503,7 @@ def GetAsyncKeyState(self, emu, argv, ctx: dict[str, str] | None = None): return self.get_synthetic_async_key_state(vkey) @apihook("GetKeyboardType", argc=1) - def GetKeyboardType(self, emu, argv, ctx: dict[str, str] | None = None): + def GetKeyboardType(self, emu, argv, ctx: api.ApiContext = None): """ int GetKeyboardType( int nTypeFlag @@ -520,7 +520,7 @@ def GetKeyboardType(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetSystemMetrics", argc=1) - def GetSystemMetrics(self, emu, argv, ctx: dict[str, str] | None = None): + def GetSystemMetrics(self, emu, argv, ctx: api.ApiContext = None): """ int GetSystemMetrics( int nIndex @@ -534,7 +534,7 @@ def GetSystemMetrics(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("LoadBitmap", argc=2) - def LoadBitmap(self, emu, argv, ctx: dict[str, str] | None = None): + def LoadBitmap(self, emu, argv, ctx: api.ApiContext = None): """ HBITMAP LoadBitmap( HINSTANCE hInstance, @@ -547,7 +547,7 @@ def LoadBitmap(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetClientRect", argc=2) - def GetClientRect(self, emu, argv, ctx: dict[str, str] | None = None): + def GetClientRect(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetClientRect( [in] HWND hWnd, @@ -558,7 +558,7 @@ def GetClientRect(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("RegisterWindowMessage", argc=1) - def RegisterWindowMessage(self, emu, argv, ctx: dict[str, str] | None = None): + def RegisterWindowMessage(self, emu, argv, ctx: api.ApiContext = None): """ UINT RegisterWindowMessageA( LPCSTR lpString @@ -577,7 +577,7 @@ def RegisterWindowMessage(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("wsprintf", argc=_arch.VAR_ARGS, conv=_arch.CALL_CONV_CDECL) - def wsprintf(self, emu, argv, ctx: dict[str, str] | None = None): + def wsprintf(self, emu, argv, ctx: api.ApiContext = None): """ int WINAPIV wsprintf( LPSTR , @@ -606,7 +606,7 @@ def wsprintf(self, emu, argv, ctx: dict[str, str] | None = None): return len(fin) @apihook("PeekMessage", argc=5) - def PeekMessage(self, emu, argv, ctx: dict[str, str] | None = None): + def PeekMessage(self, emu, argv, ctx: api.ApiContext = None): """ BOOL PeekMessageA( LPMSG lpMsg, @@ -620,7 +620,7 @@ def PeekMessage(self, emu, argv, ctx: dict[str, str] | None = None): return False @apihook("PostMessage", argc=4) - def PostMessage(self, emu, argv, ctx: dict[str, str] | None = None): + def PostMessage(self, emu, argv, ctx: api.ApiContext = None): """ BOOL PostMessage( HWND hWnd, @@ -633,7 +633,7 @@ def PostMessage(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("SendMessage", argc=4) - def SendMessage(self, emu, argv, ctx: dict[str, str] | None = None): + def SendMessage(self, emu, argv, ctx: api.ApiContext = None): """ LRESULT SendMessage( HWND hWnd, @@ -650,7 +650,7 @@ def SendMessage(self, emu, argv, ctx: dict[str, str] | None = None): return False @apihook("CallNextHookEx", argc=4) - def CallNextHookEx(self, emu, argv, ctx: dict[str, str] | None = None): + def CallNextHookEx(self, emu, argv, ctx: api.ApiContext = None): """ LRESULT CallNextHookEx( HHOOK hhk, @@ -664,7 +664,7 @@ def CallNextHookEx(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("SetWindowsHookEx", argc=4) - def SetWindowsHookEx(self, emu, argv, ctx: dict[str, str] | None = None): + def SetWindowsHookEx(self, emu, argv, ctx: api.ApiContext = None): """ HHOOK SetWindowsHookEx( int idHook, @@ -686,7 +686,7 @@ def SetWindowsHookEx(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("UnhookWindowsHookEx", argc=1) - def UnhookWindowsHookEx(self, emu, argv, ctx: dict[str, str] | None = None): + def UnhookWindowsHookEx(self, emu, argv, ctx: api.ApiContext = None): """ BOOL UnhookWindowsHookEx( HHOOK hhk @@ -702,7 +702,7 @@ def UnhookWindowsHookEx(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("MsgWaitForMultipleObjects", argc=5) - def MsgWaitForMultipleObjects(self, emu, argv, ctx: dict[str, str] | None = None): + def MsgWaitForMultipleObjects(self, emu, argv, ctx: api.ApiContext = None): """ DWORD MsgWaitForMultipleObjects( DWORD nCount, @@ -716,7 +716,7 @@ def MsgWaitForMultipleObjects(self, emu, argv, ctx: dict[str, str] | None = None return 0 @apihook("GetMessage", argc=4) - def GetMessage(self, emu, argv, ctx: dict[str, str] | None = None): + def GetMessage(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetMessage( LPMSG lpMsg, @@ -758,7 +758,7 @@ def GetMessage(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("TranslateMessage", argc=1) - def TranslateMessage(self, emu, argv, ctx: dict[str, str] | None = None): + def TranslateMessage(self, emu, argv, ctx: api.ApiContext = None): """ BOOL TranslateMessage( const MSG *lpMsg @@ -768,7 +768,7 @@ def TranslateMessage(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("DispatchMessage", argc=1) - def DispatchMessage(self, emu, argv, ctx: dict[str, str] | None = None): + def DispatchMessage(self, emu, argv, ctx: api.ApiContext = None): """ LRESULT DispatchMessage( const MSG *lpMsg @@ -783,7 +783,7 @@ def DispatchMessage(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetForegroundWindow", argc=0) - def GetForegroundWindow(self, emu, argv, ctx: dict[str, str] | None = None): + def GetForegroundWindow(self, emu, argv, ctx: api.ApiContext = None): """ HWND GetForegroundWindow(); """ @@ -791,7 +791,7 @@ def GetForegroundWindow(self, emu, argv, ctx: dict[str, str] | None = None): return self.get_handle() @apihook("LoadCursor", argc=2) - def LoadCursor(self, emu, argv, ctx: dict[str, str] | None = None): + def LoadCursor(self, emu, argv, ctx: api.ApiContext = None): """ HCURSOR LoadCursor( HINSTANCE hInstance, @@ -802,7 +802,7 @@ def LoadCursor(self, emu, argv, ctx: dict[str, str] | None = None): return self.get_handle() @apihook("FindWindow", argc=2) - def FindWindow(self, emu, argv, ctx: dict[str, str] | None = None): + def FindWindow(self, emu, argv, ctx: api.ApiContext = None): """ HWND FindWindow( LPCSTR lpClassName, @@ -821,7 +821,7 @@ def FindWindow(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetWindowText", argc=3) - def GetWindowText(self, emu, argv, ctx: dict[str, str] | None = None): + def GetWindowText(self, emu, argv, ctx: api.ApiContext = None): """ int GetWindowText( HWND hWnd, @@ -844,7 +844,7 @@ def GetWindowText(self, emu, argv, ctx: dict[str, str] | None = None): return len(win_text) @apihook("PaintDesktop", argc=1) - def PaintDesktop(self, emu, argv, ctx: dict[str, str] | None = None): + def PaintDesktop(self, emu, argv, ctx: api.ApiContext = None): """ BOOL PaintDesktop( HDC hdc @@ -854,7 +854,7 @@ def PaintDesktop(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("wvsprintf", argc=_arch.VAR_ARGS, conv=_arch.CALL_CONV_CDECL) - def wvsprintf(self, emu, argv, ctx: dict[str, str] | None = None): + def wvsprintf(self, emu, argv, ctx: api.ApiContext = None): ctx = ctx or {} buf, fmt, va_list = emu.get_func_argv(_arch.CALL_CONV_CDECL, 3)[:3] cw = self.get_char_width(ctx) @@ -870,7 +870,7 @@ def wvsprintf(self, emu, argv, ctx: dict[str, str] | None = None): return len(fin) @apihook("ReleaseDC", argc=2) - def ReleaseDC(self, emu, argv, ctx: dict[str, str] | None = None): + def ReleaseDC(self, emu, argv, ctx: api.ApiContext = None): """ int ReleaseDC( HWND hWnd, @@ -881,7 +881,7 @@ def ReleaseDC(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("CharNext", argc=1) - def CharNext(self, emu, argv, ctx: dict[str, str] | None = None): + def CharNext(self, emu, argv, ctx: api.ApiContext = None): """ LPSTR CharNext( LPCSTR lpsz @@ -896,7 +896,7 @@ def CharNext(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CharPrev", argc=2) - def CharPrev(self, emu, argv, ctx: dict[str, str] | None = None): + def CharPrev(self, emu, argv, ctx: api.ApiContext = None): """ LPSTR CharPrev( LPCSTR lpszStart, @@ -919,7 +919,7 @@ def CharPrev(self, emu, argv, ctx: dict[str, str] | None = None): return s @apihook("EnumWindows", argc=2) - def EnumWindows(self, emu, argv, ctx: dict[str, str] | None = None): + def EnumWindows(self, emu, argv, ctx: api.ApiContext = None): """ BOOL EnumWindows( WNDENUMPROC lpEnumFunc, @@ -933,7 +933,7 @@ def EnumWindows(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetSysColor", argc=1) - def GetSysColor(self, emu, argv, ctx: dict[str, str] | None = None): + def GetSysColor(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetSysColor( int nIndex @@ -946,7 +946,7 @@ def GetSysColor(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetParent", argc=1) - def GetParent(self, emu, argv, ctx: dict[str, str] | None = None): + def GetParent(self, emu, argv, ctx: api.ApiContext = None): """ HWND GetParent( HWND hWnd @@ -956,7 +956,7 @@ def GetParent(self, emu, argv, ctx: dict[str, str] | None = None): return self.get_handle() @apihook("GetSysColorBrush", argc=1) - def GetSysColorBrush(self, emu, argv, ctx: dict[str, str] | None = None): + def GetSysColorBrush(self, emu, argv, ctx: api.ApiContext = None): """ HBRUSH GetSysColorBrush( int nIndex @@ -969,7 +969,7 @@ def GetSysColorBrush(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("GetWindowLong", argc=2) - def GetWindowLong(self, emu, argv, ctx: dict[str, str] | None = None): + def GetWindowLong(self, emu, argv, ctx: api.ApiContext = None): """ LONG GetWindowLongA( HWND hWnd, @@ -986,7 +986,7 @@ def GetWindowLong(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("SetWindowLong", argc=3) - def SetWindowLong(self, emu, argv, ctx: dict[str, str] | None = None): + def SetWindowLong(self, emu, argv, ctx: api.ApiContext = None): """ LONG SetWindowLongA( HWND hWnd, @@ -1004,7 +1004,7 @@ def SetWindowLong(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("DialogBoxParam", argc=5) - def DialogBoxParam(self, emu, argv, ctx: dict[str, str] | None = None): + def DialogBoxParam(self, emu, argv, ctx: api.ApiContext = None): """ INT_PTR DialogBoxParam( HINSTANCE hInstance, @@ -1025,7 +1025,7 @@ def DialogBoxParam(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("CreateDialogIndirectParam", argc=5) - def CreateDialogIndirectParam(self, emu, argv, ctx: dict[str, str] | None = None): + def CreateDialogIndirectParam(self, emu, argv, ctx: api.ApiContext = None): """ HWND CreateDialogIndirectParam( HINSTANCE hInstance, @@ -1050,7 +1050,7 @@ def CreateDialogIndirectParam(self, emu, argv, ctx: dict[str, str] | None = None return self.get_handle() @apihook("GetMenuInfo", argc=2) - def GetMenuInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def GetMenuInfo(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetMenuInfo( HMENU, @@ -1061,7 +1061,7 @@ def GetMenuInfo(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetProcessWindowStation", argc=0) - def GetProcessWindowStation(self, emu, argv, ctx: dict[str, str] | None = None): + def GetProcessWindowStation(self, emu, argv, ctx: api.ApiContext = None): """ HWINSTA GetProcessWindowStation(); """ @@ -1070,7 +1070,7 @@ def GetProcessWindowStation(self, emu, argv, ctx: dict[str, str] | None = None): return sta.get_handle() @apihook("LoadAccelerators", argc=2) - def LoadAccelerators(self, emu, argv, ctx: dict[str, str] | None = None): + def LoadAccelerators(self, emu, argv, ctx: api.ApiContext = None): """ HACCEL LoadAccelerators( HINSTANCE hInstance, @@ -1081,7 +1081,7 @@ def LoadAccelerators(self, emu, argv, ctx: dict[str, str] | None = None): return self.get_handle() @apihook("IsWindowVisible", argc=1) - def IsWindowVisible(self, emu, argv, ctx: dict[str, str] | None = None): + def IsWindowVisible(self, emu, argv, ctx: api.ApiContext = None): """ BOOL IsWindowVisible( HWND hWnd @@ -1091,7 +1091,7 @@ def IsWindowVisible(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("BeginPaint", argc=2) - def BeginPaint(self, emu, argv, ctx: dict[str, str] | None = None): + def BeginPaint(self, emu, argv, ctx: api.ApiContext = None): """ HDC BeginPaint( HWND hWnd, @@ -1102,7 +1102,7 @@ def BeginPaint(self, emu, argv, ctx: dict[str, str] | None = None): return self.get_handle() @apihook("LookupIconIdFromDirectory", argc=2) - def LookupIconIdFromDirectory(self, emu, argv, ctx: dict[str, str] | None = None): + def LookupIconIdFromDirectory(self, emu, argv, ctx: api.ApiContext = None): """ int LookupIconIdFromDirectory( PBYTE presbits, @@ -1113,7 +1113,7 @@ def LookupIconIdFromDirectory(self, emu, argv, ctx: dict[str, str] | None = None return 1 @apihook("GetActiveWindow", argc=0) - def GetActiveWindow(self, emu, argv, ctx: dict[str, str] | None = None): + def GetActiveWindow(self, emu, argv, ctx: api.ApiContext = None): """ HWND GetActiveWindow(); """ @@ -1121,7 +1121,7 @@ def GetActiveWindow(self, emu, argv, ctx: dict[str, str] | None = None): return self.get_handle() @apihook("GetLastActivePopup", argc=1) - def GetLastActivePopup(self, emu, argv, ctx: dict[str, str] | None = None): + def GetLastActivePopup(self, emu, argv, ctx: api.ApiContext = None): """ HWND GetLastActivePopup( HWND hWnd @@ -1132,7 +1132,7 @@ def GetLastActivePopup(self, emu, argv, ctx: dict[str, str] | None = None): return self.get_handle() @apihook("GetUserObjectInformation", argc=5) - def GetUserObjectInformation(self, emu, argv, ctx: dict[str, str] | None = None): + def GetUserObjectInformation(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetUserObjectInformation( HANDLE hObj, @@ -1156,7 +1156,7 @@ def GetUserObjectInformation(self, emu, argv, ctx: dict[str, str] | None = None) return True @apihook("LoadIcon", argc=2) - def LoadIcon(self, emu, argv, ctx: dict[str, str] | None = None): + def LoadIcon(self, emu, argv, ctx: api.ApiContext = None): """ HICON LoadIcon( HINSTANCE hInstance, @@ -1185,7 +1185,7 @@ def LoadIcon(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetRawInputDeviceList", argc=3) - def GetRawInputDeviceList(self, emu, argv, ctx: dict[str, str] | None = None): + def GetRawInputDeviceList(self, emu, argv, ctx: api.ApiContext = None): """ UINT GetRawInputDeviceList( PRAWINPUTDEVICELIST pRawInputDeviceList, @@ -1200,7 +1200,7 @@ def GetRawInputDeviceList(self, emu, argv, ctx: dict[str, str] | None = None): return num_devices @apihook("GetNextDlgTabItem", argc=3) - def GetNextDlgTabItem(self, emu, argv, ctx: dict[str, str] | None = None): + def GetNextDlgTabItem(self, emu, argv, ctx: api.ApiContext = None): """ HWND GetNextDlgTabItem( HWND hDlg, @@ -1212,7 +1212,7 @@ def GetNextDlgTabItem(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetCaretPos", argc=1) - def GetCaretPos(self, emu, argv, ctx: dict[str, str] | None = None): + def GetCaretPos(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetCaretPos( LPPOINT lpPoint @@ -1227,7 +1227,7 @@ def GetCaretPos(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetMonitorInfo", argc=2) - def GetMonitorInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def GetMonitorInfo(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetMonitorInfo( HMONITOR hMonitor, @@ -1243,7 +1243,7 @@ def GetMonitorInfo(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("EndPaint", argc=2) - def EndPaint(self, emu, argv, ctx: dict[str, str] | None = None): + def EndPaint(self, emu, argv, ctx: api.ApiContext = None): """ BOOL EndPaint( HWND hWnd, @@ -1254,7 +1254,7 @@ def EndPaint(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetDlgCtrlID", argc=1) - def GetDlgCtrlID(self, emu, argv, ctx: dict[str, str] | None = None): + def GetDlgCtrlID(self, emu, argv, ctx: api.ApiContext = None): """ int GetDlgCtrlID( HWND hWnd @@ -1264,7 +1264,7 @@ def GetDlgCtrlID(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetUpdateRect", argc=3) - def GetUpdateRect(self, emu, argv, ctx: dict[str, str] | None = None): + def GetUpdateRect(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetUpdateRect( HWND hWnd, @@ -1276,7 +1276,7 @@ def GetUpdateRect(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetAltTabInfo", argc=5) - def GetAltTabInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def GetAltTabInfo(self, emu, argv, ctx: api.ApiContext = None): """ BOOL GetAltTabInfoA( HWND hwnd, @@ -1290,7 +1290,7 @@ def GetAltTabInfo(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetUpdateRgn", argc=3) - def GetUpdateRgn(self, emu, argv, ctx: dict[str, str] | None = None): + def GetUpdateRgn(self, emu, argv, ctx: api.ApiContext = None): """ int GetUpdateRgn( HWND hWnd, @@ -1302,7 +1302,7 @@ def GetUpdateRgn(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("FlashWindow", argc=2) - def FlashWindow(self, emu, argv, ctx: dict[str, str] | None = None): + def FlashWindow(self, emu, argv, ctx: api.ApiContext = None): """ BOOL FlashWindow( HWND hWnd, @@ -1313,7 +1313,7 @@ def FlashWindow(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("IsClipboardFormatAvailable", argc=1) - def IsClipboardFormatAvailable(self, emu, argv, ctx: dict[str, str] | None = None): + def IsClipboardFormatAvailable(self, emu, argv, ctx: api.ApiContext = None): """ BOOL IsClipboardFormatAvailable( UINT format @@ -1323,7 +1323,7 @@ def IsClipboardFormatAvailable(self, emu, argv, ctx: dict[str, str] | None = Non return 0 @apihook("IsWindow", argc=1) - def IsWindow(self, emu, argv, ctx: dict[str, str] | None = None): + def IsWindow(self, emu, argv, ctx: api.ApiContext = None): """ BOOL IsWindow( HWND hWnd @@ -1335,7 +1335,7 @@ def IsWindow(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("EnableWindow", argc=2) - def EnableWindow(self, emu, argv, ctx: dict[str, str] | None = None): + def EnableWindow(self, emu, argv, ctx: api.ApiContext = None): """ BOOL EnableWindow( HWND hWnd, @@ -1348,7 +1348,7 @@ def EnableWindow(self, emu, argv, ctx: dict[str, str] | None = None): return False @apihook("CharLowerBuff", argc=2) - def CharLowerBuff(self, emu, argv, ctx: dict[str, str] | None = None): + def CharLowerBuff(self, emu, argv, ctx: api.ApiContext = None): """ DWORD CharLowerBuffA( LPSTR lpsz, @@ -1365,7 +1365,7 @@ def CharLowerBuff(self, emu, argv, ctx: dict[str, str] | None = None): return cchLength @apihook("CharUpperBuff", argc=2) - def CharUpperBuff(self, emu, argv, ctx: dict[str, str] | None = None): + def CharUpperBuff(self, emu, argv, ctx: api.ApiContext = None): """ DWORD CharUpperBuffA( LPSTR lpsz, @@ -1382,7 +1382,7 @@ def CharUpperBuff(self, emu, argv, ctx: dict[str, str] | None = None): return cchLength @apihook("CharLower", argc=1) - def CharLower(self, emu, argv, ctx: dict[str, str] | None = None): + def CharLower(self, emu, argv, ctx: api.ApiContext = None): """ LPSTR CharLowerA( LPSTR lpsz @@ -1404,7 +1404,7 @@ def CharLower(self, emu, argv, ctx: dict[str, str] | None = None): return _str @apihook("CharUpper", argc=1) - def CharUpper(self, emu, argv, ctx: dict[str, str] | None = None): + def CharUpper(self, emu, argv, ctx: api.ApiContext = None): """ LPSTR CharUpperA( LPSTR lpsz @@ -1426,7 +1426,7 @@ def CharUpper(self, emu, argv, ctx: dict[str, str] | None = None): return _str @apihook("SetTimer", argc=4) - def SetTimer(self, emu, argv, ctx: dict[str, str] | None = None): + def SetTimer(self, emu, argv, ctx: api.ApiContext = None): """ UINT_PTR SetTimer( HWND hWnd, @@ -1441,7 +1441,7 @@ def SetTimer(self, emu, argv, ctx: dict[str, str] | None = None): return self.get_handle() @apihook("KillTimer", argc=2) - def KillTimer(self, emu, argv, ctx: dict[str, str] | None = None): + def KillTimer(self, emu, argv, ctx: api.ApiContext = None): """ BOOL KillTimer( HWND hWnd, @@ -1454,7 +1454,7 @@ def KillTimer(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("OpenDesktop", argc=4) - def OpenDesktop(self, emu, argv, ctx: dict[str, str] | None = None): + def OpenDesktop(self, emu, argv, ctx: api.ApiContext = None): """ HDESK OpenDesktopA( LPCSTR lpszDesktop, @@ -1471,7 +1471,7 @@ def OpenDesktop(self, emu, argv, ctx: dict[str, str] | None = None): return self.get_handle() @apihook("SetThreadDesktop", argc=1) - def SetThreadDesktop(self, emu, argv, ctx: dict[str, str] | None = None): + def SetThreadDesktop(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SetThreadDesktop( HDESK hDesktop @@ -1481,7 +1481,7 @@ def SetThreadDesktop(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("GetKeyboardLayoutList", argc=2) - def GetKeyboardLayoutList(self, emu, argv, ctx: dict[str, str] | None = None): + def GetKeyboardLayoutList(self, emu, argv, ctx: api.ApiContext = None): """ int GetKeyboardLayoutList( int nBuff, @@ -1500,7 +1500,7 @@ def GetKeyboardLayoutList(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetKBCodePage", argc=0) - def GetKBCodePage(self, emu, argv, ctx: dict[str, str] | None = None): + def GetKBCodePage(self, emu, argv, ctx: api.ApiContext = None): """ INT GetKBCodePage(); """ @@ -1511,7 +1511,7 @@ def GetKBCodePage(self, emu, argv, ctx: dict[str, str] | None = None): return 437 # OEM United States @apihook("GetClipboardViewer", argc=0) - def GetClipboardViewer(self, emu, argv, ctx: dict[str, str] | None = None): + def GetClipboardViewer(self, emu, argv, ctx: api.ApiContext = None): """ HWND GetClipboardViewer(); """ @@ -1525,7 +1525,7 @@ def GetClipboardViewer(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("GetClipboardOwner", argc=0) - def GetClipboardOwner(self, emu, argv, ctx: dict[str, str] | None = None): + def GetClipboardOwner(self, emu, argv, ctx: api.ApiContext = None): """ HWND GetClipboardOwner(); """ @@ -1539,7 +1539,7 @@ def GetClipboardOwner(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("GetMenuCheckMarkDimensions", argc=0) - def GetMenuCheckMarkDimensions(self, emu, argv, ctx: dict[str, str] | None = None): + def GetMenuCheckMarkDimensions(self, emu, argv, ctx: api.ApiContext = None): """ LONG GetMenuCheckMarkDimensions(); """ @@ -1549,7 +1549,7 @@ def GetMenuCheckMarkDimensions(self, emu, argv, ctx: dict[str, str] | None = Non return 983055 @apihook("GetOpenClipboardWindow", argc=0) - def GetOpenClipboardWindow(self, emu, argv, ctx: dict[str, str] | None = None): + def GetOpenClipboardWindow(self, emu, argv, ctx: api.ApiContext = None): """ HWND GetOpenClipboardWindow(); """ @@ -1563,7 +1563,7 @@ def GetOpenClipboardWindow(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("GetFocus", argc=0) - def GetFocus(self, emu, argv, ctx: dict[str, str] | None = None): + def GetFocus(self, emu, argv, ctx: api.ApiContext = None): """ HWND GetFocus(); """ @@ -1577,7 +1577,7 @@ def GetFocus(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("GetCursor", argc=0) - def GetCursor(self, emu, argv, ctx: dict[str, str] | None = None): + def GetCursor(self, emu, argv, ctx: api.ApiContext = None): """ HCURSOR GetCursor(); """ @@ -1591,7 +1591,7 @@ def GetCursor(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("GetClipboardSequenceNumber", argc=0) - def GetClipboardSequenceNumber(self, emu, argv, ctx: dict[str, str] | None = None): + def GetClipboardSequenceNumber(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetClipboardSequenceNumber(); """ @@ -1601,7 +1601,7 @@ def GetClipboardSequenceNumber(self, emu, argv, ctx: dict[str, str] | None = Non return 295 @apihook("GetCaretBlinkTime", argc=0) - def GetCaretBlinkTime(self, emu, argv, ctx: dict[str, str] | None = None): + def GetCaretBlinkTime(self, emu, argv, ctx: api.ApiContext = None): """ UINT GetCaretBlinkTime(); """ @@ -1611,7 +1611,7 @@ def GetCaretBlinkTime(self, emu, argv, ctx: dict[str, str] | None = None): return 530 @apihook("GetDoubleClickTime", argc=0) - def GetDoubleClickTime(self, emu, argv, ctx: dict[str, str] | None = None): + def GetDoubleClickTime(self, emu, argv, ctx: api.ApiContext = None): """ UINT GetDoubleClickTime(); """ @@ -1621,7 +1621,7 @@ def GetDoubleClickTime(self, emu, argv, ctx: dict[str, str] | None = None): return 500 @apihook("RegisterClipboardFormatA", argc=1) - def RegisterClipboardFormatA(self, emu, argv, ctx: dict[str, str] | None = None): + def RegisterClipboardFormatA(self, emu, argv, ctx: api.ApiContext = None): """ UINT RegisterClipboardFormatA( LPCSTR lpszFormat @@ -1633,7 +1633,7 @@ def RegisterClipboardFormatA(self, emu, argv, ctx: dict[str, str] | None = None) return 0xC000 @apihook("SystemParametersInfoA", argc=4) - def SystemParametersInfoA(self, emu, argv, ctx: dict[str, str] | None = None): + def SystemParametersInfoA(self, emu, argv, ctx: api.ApiContext = None): """ BOOL SystemParametersInfoA( UINT uiAction, @@ -1650,7 +1650,7 @@ def SystemParametersInfoA(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("GetKeyboardLayout", argc=1) - def GetKeyboardLayout(self, emu, argv, ctx: dict[str, str] | None = None): + def GetKeyboardLayout(self, emu, argv, ctx: api.ApiContext = None): """ HKL GetKeyboardLayout( DWORD idThread @@ -1662,7 +1662,7 @@ def GetKeyboardLayout(self, emu, argv, ctx: dict[str, str] | None = None): return 0x04090409 @apihook("EnumDisplayMonitors", argc=4) - def EnumDisplayMonitors(self, emu, argv, ctx: dict[str, str] | None = None): + def EnumDisplayMonitors(self, emu, argv, ctx: api.ApiContext = None): """ BOOL EnumDisplayMonitors( HDC hdc, @@ -1679,7 +1679,7 @@ def EnumDisplayMonitors(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("OemToCharA", argc=2) - def OemToCharA(self, emu, argv, ctx: dict[str, str] | None = None): + def OemToCharA(self, emu, argv, ctx: api.ApiContext = None): """ BOOL OemToCharA( LPCSTR lpszSrc, @@ -1706,7 +1706,7 @@ def OemToCharA(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("CharPrevW", argc=2) - def CharPrevW(self, emu, argv, ctx: dict[str, str] | None = None): + def CharPrevW(self, emu, argv, ctx: api.ApiContext = None): """ LPWSTR CharPrevW( LPCWSTR lpszStart, diff --git a/speakeasy/winenv/api/usermode/winhttp.py b/speakeasy/winenv/api/usermode/winhttp.py index 578bf541..124127b8 100644 --- a/speakeasy/winenv/api/usermode/winhttp.py +++ b/speakeasy/winenv/api/usermode/winhttp.py @@ -39,7 +39,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("WinHttpOpen", argc=5, conv=_arch.CALL_CONV_STDCALL) - def WinHttpOpen(self, emu, argv, ctx: dict[str, str] | None = None): + def WinHttpOpen(self, emu, argv, ctx: api.ApiContext = None): """ WINHTTPAPI HINTERNET WinHttpOpen( LPCWSTR pszAgentW, @@ -68,7 +68,7 @@ def WinHttpOpen(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("WinHttpConnect", argc=4, conv=_arch.CALL_CONV_STDCALL) - def WinHttpConnect(self, emu, argv, ctx: dict[str, str] | None = None): + def WinHttpConnect(self, emu, argv, ctx: api.ApiContext = None): """ WINHTTPAPI HINTERNET WinHttpConnect( IN HINTERNET hSession, @@ -94,7 +94,7 @@ def WinHttpConnect(self, emu, argv, ctx: dict[str, str] | None = None): return hdl @apihook("WinHttpOpenRequest", argc=7, conv=_arch.CALL_CONV_STDCALL) - def WinHttpOpenRequest(self, emu, argv, ctx: dict[str, str] | None = None): + def WinHttpOpenRequest(self, emu, argv, ctx: api.ApiContext = None): """ WINHTTPAPI HINTERNET WinHttpOpenRequest( IN HINTERNET hConnect, @@ -135,7 +135,7 @@ def WinHttpOpenRequest(self, emu, argv, ctx: dict[str, str] | None = None): return hdl @apihook("WinHttpGetIEProxyConfigForCurrentUser", argc=1, conv=_arch.CALL_CONV_STDCALL) - def WinHttpGetIEProxyConfigForCurrentUser(self, emu, argv, ctx: dict[str, str] | None = None): + def WinHttpGetIEProxyConfigForCurrentUser(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI WinHttpGetIEProxyConfigForCurrentUser( IN OUT WINHTTP_CURRENT_USER_IE_PROXY_CONFIG *pProxyConfig @@ -151,7 +151,7 @@ def WinHttpGetIEProxyConfigForCurrentUser(self, emu, argv, ctx: dict[str, str] | return True @apihook("WinHttpGetProxyForUrl", argc=4, conv=_arch.CALL_CONV_STDCALL) - def WinHttpGetProxyForUrl(self, emu, argv, ctx: dict[str, str] | None = None): + def WinHttpGetProxyForUrl(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI WinHttpGetProxyForUrl( IN HINTERNET hSession, @@ -171,7 +171,7 @@ def WinHttpGetProxyForUrl(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("WinHttpSetOption", argc=4, conv=_arch.CALL_CONV_STDCALL) - def WinHttpSetOption(self, emu, argv, ctx: dict[str, str] | None = None): + def WinHttpSetOption(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI WinHttpSendRequest( IN HINTERNET hRequest, @@ -189,7 +189,7 @@ def WinHttpSetOption(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("WinHttpSendRequest", argc=7, conv=_arch.CALL_CONV_STDCALL) - def WinHttpSendRequest(self, emu, argv, ctx: dict[str, str] | None = None): + def WinHttpSendRequest(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI WinHttpSendRequest( IN HINTERNET hRequest, @@ -227,7 +227,7 @@ def WinHttpSendRequest(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("WinHttpReceiveResponse", argc=2, conv=_arch.CALL_CONV_STDCALL) - def WinHttpReceiveResponse(self, emu, argv, ctx: dict[str, str] | None = None): + def WinHttpReceiveResponse(self, emu, argv, ctx: api.ApiContext = None): """ WINHTTPAPI BOOL WinHttpReceiveResponse( IN HINTERNET hRequest, @@ -240,7 +240,7 @@ def WinHttpReceiveResponse(self, emu, argv, ctx: dict[str, str] | None = None): return True @apihook("WinHttpReadData", argc=4, conv=_arch.CALL_CONV_STDCALL) - def WinHttpReadData(self, emu, argv, ctx: dict[str, str] | None = None): + def WinHttpReadData(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI WinHttpReadData( IN HINTERNET hRequest, @@ -267,7 +267,7 @@ def WinHttpReadData(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("WinHttpCrackUrl", argc=4, conv=_arch.CALL_CONV_STDCALL) - def WinHttpCrackUrl(self, emu, argv, ctx: dict[str, str] | None = None): + def WinHttpCrackUrl(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI WinHttpCrackUrl( LPCWSTR pwszUrl, @@ -311,7 +311,7 @@ def WinHttpCrackUrl(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("WinHttpAddRequestHeaders", argc=4, conv=_arch.CALL_CONV_STDCALL) - def WinHttpAddRequestHeaders(self, emu, argv, ctx: dict[str, str] | None = None): + def WinHttpAddRequestHeaders(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI WinHttpAddRequestHeaders( HINTERNET hRequest, @@ -332,7 +332,7 @@ def WinHttpAddRequestHeaders(self, emu, argv, ctx: dict[str, str] | None = None) return rv @apihook("WinHttpQueryHeaders", argc=6, conv=_arch.CALL_CONV_STDCALL) - def WinHttpQueryHeaders(self, emu, argv, ctx: dict[str, str] | None = None): + def WinHttpQueryHeaders(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI WinHttpQueryHeaders( HINTERNET hRequest, @@ -366,7 +366,7 @@ def WinHttpQueryHeaders(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("WinHttpCloseHandle", argc=1, conv=_arch.CALL_CONV_STDCALL) - def WinHttpCloseHandle(self, emu, argv, ctx: dict[str, str] | None = None): + def WinHttpCloseHandle(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI WinHttpCloseHandle( HINTERNET hInternet diff --git a/speakeasy/winenv/api/usermode/wininet.py b/speakeasy/winenv/api/usermode/wininet.py index 88791ff9..9ea095d7 100644 --- a/speakeasy/winenv/api/usermode/wininet.py +++ b/speakeasy/winenv/api/usermode/wininet.py @@ -39,7 +39,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("InternetOpen", argc=5, conv=_arch.CALL_CONV_STDCALL) - def InternetOpen(self, emu, argv, ctx: dict[str, str] | None = None): + def InternetOpen(self, emu, argv, ctx: api.ApiContext = None): """ void InternetOpenA( LPTSTR lpszAgent, @@ -68,7 +68,7 @@ def InternetOpen(self, emu, argv, ctx: dict[str, str] | None = None): return hnd @apihook("InternetConnect", argc=8, conv=_arch.CALL_CONV_STDCALL) - def InternetConnect(self, emu, argv, ctx: dict[str, str] | None = None): + def InternetConnect(self, emu, argv, ctx: api.ApiContext = None): """ void InternetConnect( HINTERNET hInternet, @@ -105,7 +105,7 @@ def InternetConnect(self, emu, argv, ctx: dict[str, str] | None = None): return hdl @apihook("HttpOpenRequest", argc=8, conv=_arch.CALL_CONV_STDCALL) - def HttpOpenRequest(self, emu, argv, ctx: dict[str, str] | None = None): + def HttpOpenRequest(self, emu, argv, ctx: api.ApiContext = None): """ void HttpOpenRequest( HINTERNET hConnect, @@ -144,7 +144,7 @@ def HttpOpenRequest(self, emu, argv, ctx: dict[str, str] | None = None): return hdl @apihook("InternetCrackUrl", argc=4, conv=_arch.CALL_CONV_STDCALL) - def InternetCrackUrl(self, emu, argv, ctx: dict[str, str] | None = None): + def InternetCrackUrl(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI InternetCrackUrl( LPCSTR lpszUrl, @@ -188,7 +188,7 @@ def InternetCrackUrl(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("InternetSetOption", argc=4, conv=_arch.CALL_CONV_STDCALL) - def InternetSetOption(self, emu, argv, ctx: dict[str, str] | None = None): + def InternetSetOption(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI InternetSetOption( HINTERNET hInternet, @@ -205,7 +205,7 @@ def InternetSetOption(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("InternetGetConnectedState", argc=2, conv=_arch.CALL_CONV_STDCALL) - def InternetGetConnectedState(self, emu, argv, ctx: dict[str, str] | None = None): + def InternetGetConnectedState(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI InternetGetConnectedState( LPDWORD lpdwFlags, @@ -225,7 +225,7 @@ def InternetGetConnectedState(self, emu, argv, ctx: dict[str, str] | None = None return rv @apihook("HttpSendRequest", argc=5, conv=_arch.CALL_CONV_STDCALL) - def HttpSendRequest(self, emu, argv, ctx: dict[str, str] | None = None): + def HttpSendRequest(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI HttpSendRequest( HINTERNET hRequest, @@ -262,7 +262,7 @@ def HttpSendRequest(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("InternetErrorDlg", argc=5, conv=_arch.CALL_CONV_STDCALL) - def InternetErrorDlg(self, emu, argv, ctx: dict[str, str] | None = None): + def InternetErrorDlg(self, emu, argv, ctx: api.ApiContext = None): """ void InternetErrorDlg( HWND hWnd, @@ -278,7 +278,7 @@ def InternetErrorDlg(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("InternetQueryOption", argc=4) - def InternetQueryOption(self, emu, argv, ctx: dict[str, str] | None = None): + def InternetQueryOption(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI InternetQueryOption( HINTERNET hInternet, @@ -303,7 +303,7 @@ def InternetQueryOption(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("InternetReadFile", argc=4, conv=_arch.CALL_CONV_STDCALL) - def InternetReadFile(self, emu, argv, ctx: dict[str, str] | None = None): + def InternetReadFile(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI InternetReadFile( HINTERNET hFile, @@ -330,7 +330,7 @@ def InternetReadFile(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("HttpQueryInfo", argc=5) - def HttpQueryInfo(self, emu, argv, ctx: dict[str, str] | None = None): + def HttpQueryInfo(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI HttpQueryInfo( HINTERNET hRequest, @@ -366,7 +366,7 @@ def HttpQueryInfo(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("InternetQueryDataAvailable", argc=4) - def InternetQueryDataAvailable(self, emu, argv, ctx: dict[str, str] | None = None): + def InternetQueryDataAvailable(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI InternetQueryDataAvailable( HINTERNET hFile, @@ -389,7 +389,7 @@ def InternetQueryDataAvailable(self, emu, argv, ctx: dict[str, str] | None = Non return rv @apihook("InternetCloseHandle", argc=1) - def InternetCloseHandle(self, emu, argv, ctx: dict[str, str] | None = None): + def InternetCloseHandle(self, emu, argv, ctx: api.ApiContext = None): """ BOOLAPI InternetCloseHandle( HINTERNET hInternet @@ -404,7 +404,7 @@ def InternetCloseHandle(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("InternetOpenUrl", argc=6) - def InternetOpenUrl(self, emu, argv, ctx: dict[str, str] | None = None): + def InternetOpenUrl(self, emu, argv, ctx: api.ApiContext = None): """ void InternetOpenUrlA( HINTERNET hInternet, diff --git a/speakeasy/winenv/api/usermode/winmm.py b/speakeasy/winenv/api/usermode/winmm.py index 99e0b7de..998838f2 100644 --- a/speakeasy/winenv/api/usermode/winmm.py +++ b/speakeasy/winenv/api/usermode/winmm.py @@ -18,7 +18,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("timeGetTime", argc=0) - def timeGetTime(self, emu, argv, ctx: dict[str, str] | None = None): + def timeGetTime(self, emu, argv, ctx: api.ApiContext = None): """ DWORD timeGetTime(); // return the system time, in milliseconds """ diff --git a/speakeasy/winenv/api/usermode/wkscli.py b/speakeasy/winenv/api/usermode/wkscli.py index 75f8ba33..ad0bc79e 100644 --- a/speakeasy/winenv/api/usermode/wkscli.py +++ b/speakeasy/winenv/api/usermode/wkscli.py @@ -19,7 +19,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("NetGetJoinInformation", argc=3) - def NetGetJoinInformation(self, emu, argv, ctx: dict[str, str] | None = None): + def NetGetJoinInformation(self, emu, argv, ctx: api.ApiContext = None): """ NET_API_STATUS NET_API_FUNCTION NetGetJoinInformation( LPCWSTR lpServer, diff --git a/speakeasy/winenv/api/usermode/ws2_32.py b/speakeasy/winenv/api/usermode/ws2_32.py index 8c6a4375..c9478776 100644 --- a/speakeasy/winenv/api/usermode/ws2_32.py +++ b/speakeasy/winenv/api/usermode/ws2_32.py @@ -40,7 +40,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("WSAStartup", argc=2, conv=_arch.CALL_CONV_STDCALL, ordinal=115) - def WSAStartup(self, emu, argv, ctx: dict[str, str] | None = None): + def WSAStartup(self, emu, argv, ctx: api.ApiContext = None): """ int WSAStartup( WORD wVersionRequired, @@ -64,7 +64,7 @@ def WSAStartup(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("WSACleanup", argc=0, ordinal=116) - def WSACleanup(self, emu, argv, ctx: dict[str, str] | None = None): + def WSACleanup(self, emu, argv, ctx: api.ApiContext = None): """ int WSACleanup(); """ @@ -73,7 +73,7 @@ def WSACleanup(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("WSASocket", argc=6) - def WSASocket(self, emu, argv, ctx: dict[str, str] | None = None): + def WSASocket(self, emu, argv, ctx: api.ApiContext = None): """ SOCKET WSAAPI WSASocket( int af, @@ -100,7 +100,7 @@ def WSASocket(self, emu, argv, ctx: dict[str, str] | None = None): return fd @apihook("WSAIoctl", argc=9, conv=_arch.CALL_CONV_STDCALL) - def WSAIoctl(self, emu, argv, ctx: dict[str, str] | None = None): + def WSAIoctl(self, emu, argv, ctx: api.ApiContext = None): """ int WSAAPI WSAIoctl( SOCKET s, @@ -121,7 +121,7 @@ def WSAIoctl(self, emu, argv, ctx: dict[str, str] | None = None): return windefs.ERROR_SUCCESS @apihook("WSAConnect", argc=7, conv=_arch.CALL_CONV_STDCALL) - def WSAConnect(self, emu, argv, ctx: dict[str, str] | None = None): + def WSAConnect(self, emu, argv, ctx: api.ApiContext = None): """ int WSAAPI WSAConnect( SOCKET s, @@ -140,7 +140,7 @@ def WSAConnect(self, emu, argv, ctx: dict[str, str] | None = None): return self.connect(emu, argv[:3], ctx) @apihook("socket", argc=3, conv=_arch.CALL_CONV_STDCALL, ordinal=23) - def socket(self, emu, argv, ctx: dict[str, str] | None = None): + def socket(self, emu, argv, ctx: api.ApiContext = None): """ SOCKET WSAAPI socket( int af, @@ -164,7 +164,7 @@ def socket(self, emu, argv, ctx: dict[str, str] | None = None): return fd @apihook("inet_addr", argc=1, ordinal=11) - def inet_addr(self, emu, argv, ctx: dict[str, str] | None = None): + def inet_addr(self, emu, argv, ctx: api.ApiContext = None): """ unsigned long inet_addr( _In_ const char *cp @@ -185,7 +185,7 @@ def inet_addr(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("htons", argc=1, conv=_arch.CALL_CONV_STDCALL, ordinal=9) - def htons(self, emu, argv, ctx: dict[str, str] | None = None): + def htons(self, emu, argv, ctx: api.ApiContext = None): """ u_short htons( u_short hostshort @@ -199,7 +199,7 @@ def htons(self, emu, argv, ctx: dict[str, str] | None = None): return netshort @apihook("ntohs", argc=1, ordinal=15) - def ntohs(self, emu, argv, ctx: dict[str, str] | None = None): + def ntohs(self, emu, argv, ctx: api.ApiContext = None): """ u_short ntohs( u_short netshort @@ -211,7 +211,7 @@ def ntohs(self, emu, argv, ctx: dict[str, str] | None = None): return ntohs(netshort) @apihook("ntohl", argc=1, ordinal=14) - def ntohl(self, emu, argv, ctx: dict[str, str] | None = None): + def ntohl(self, emu, argv, ctx: api.ApiContext = None): """ u_long ntohl( u_long netlong @@ -223,7 +223,7 @@ def ntohl(self, emu, argv, ctx: dict[str, str] | None = None): return ntohl(netlong) @apihook("setsockopt", argc=5, ordinal=21) - def setsockopt(self, emu, argv, ctx: dict[str, str] | None = None): + def setsockopt(self, emu, argv, ctx: api.ApiContext = None): """ int setsockopt( SOCKET s, @@ -252,7 +252,7 @@ def setsockopt(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("WSASetLastError", argc=1, ordinal=112) - def WSASetLastError(self, emu, argv, ctx: dict[str, str] | None = None): + def WSASetLastError(self, emu, argv, ctx: api.ApiContext = None): """ void WSASetLastError( int iError @@ -265,7 +265,7 @@ def WSASetLastError(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("gethostname", argc=2, ordinal=57) - def gethostname(self, emu, argv, ctx: dict[str, str] | None = None): + def gethostname(self, emu, argv, ctx: api.ApiContext = None): """ int gethostname( char *name, @@ -289,7 +289,7 @@ def gethostname(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("gethostbyname", argc=1, conv=_arch.CALL_CONV_STDCALL, ordinal=52) - def gethostbyname(self, emu, argv, ctx: dict[str, str] | None = None): + def gethostbyname(self, emu, argv, ctx: api.ApiContext = None): """ struct hostent * gethostbyname(const char FAR * name); """ @@ -332,7 +332,7 @@ def gethostbyname(self, emu, argv, ctx: dict[str, str] | None = None): return ptr_hostent @apihook("connect", argc=3, conv=_arch.CALL_CONV_STDCALL, ordinal=4) - def connect(self, emu, argv, ctx: dict[str, str] | None = None): + def connect(self, emu, argv, ctx: api.ApiContext = None): """ int WSAAPI connect( SOCKET s, @@ -373,7 +373,7 @@ def connect(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("bind", argc=3, ordinal=2) - def bind(self, emu, argv, ctx: dict[str, str] | None = None): + def bind(self, emu, argv, ctx: api.ApiContext = None): """ int bind( SOCKET s, @@ -408,7 +408,7 @@ def bind(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("listen", argc=2, ordinal=13) - def listen(self, emu, argv, ctx: dict[str, str] | None = None): + def listen(self, emu, argv, ctx: api.ApiContext = None): """ int WSAAPI listen( SOCKET s, @@ -422,7 +422,7 @@ def listen(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("select", argc=5, ordinal=18) - def select(self, emu, argv, ctx: dict[str, str] | None = None): + def select(self, emu, argv, ctx: api.ApiContext = None): """ int WSAAPI select( int nfds, @@ -454,7 +454,7 @@ def select(self, emu, argv, ctx: dict[str, str] | None = None): return fd_count @apihook("accept", argc=3, ordinal=1) - def accept(self, emu, argv, ctx: dict[str, str] | None = None): + def accept(self, emu, argv, ctx: api.ApiContext = None): """ SOCKET WSAAPI accept( SOCKET s, @@ -498,7 +498,7 @@ def accept(self, emu, argv, ctx: dict[str, str] | None = None): return new_sock.fd @apihook("inet_ntoa", argc=1, ordinal=12) - def inet_ntoa(self, emu, argv, ctx: dict[str, str] | None = None): + def inet_ntoa(self, emu, argv, ctx: api.ApiContext = None): """ char FAR* inet_ntoa(struct in_addr in); """ @@ -514,7 +514,7 @@ def inet_ntoa(self, emu, argv, ctx: dict[str, str] | None = None): return buf @apihook("inet_ntop", argc=4, ordinal=180) - def inet_ntop(self, emu, argv, ctx: dict[str, str] | None = None): + def inet_ntop(self, emu, argv, ctx: api.ApiContext = None): """ PCSTR WSAAPI inet_ntop( [in] INT Family, @@ -544,7 +544,7 @@ def inet_ntop(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("inet_pton", argc=3, ordinal=181) - def inet_pton(self, emu, argv, ctx: dict[str, str] | None = None): + def inet_pton(self, emu, argv, ctx: api.ApiContext = None): """ INT WSAAPI inet_pton( [in] INT Family, @@ -574,7 +574,7 @@ def inet_pton(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("htonl", argc=1, ordinal=8) - def htonl(self, emu, argv, ctx: dict[str, str] | None = None): + def htonl(self, emu, argv, ctx: api.ApiContext = None): """ uint32_t htonl(uint32_t hostlong); """ @@ -583,7 +583,7 @@ def htonl(self, emu, argv, ctx: dict[str, str] | None = None): return htonl(hostlong) @apihook("__WSAFDIsSet", argc=2, ordinal=151) - def __WSAFDIsSet(self, emu, argv, ctx: dict[str, str] | None = None): + def __WSAFDIsSet(self, emu, argv, ctx: api.ApiContext = None): """ int __WSAFDIsSet( SOCKET , @@ -595,7 +595,7 @@ def __WSAFDIsSet(self, emu, argv, ctx: dict[str, str] | None = None): return 1 @apihook("shutdown", argc=2, ordinal=22) - def shutdown(self, emu, argv, ctx: dict[str, str] | None = None): + def shutdown(self, emu, argv, ctx: api.ApiContext = None): """ int shutdown( SOCKET s, @@ -606,7 +606,7 @@ def shutdown(self, emu, argv, ctx: dict[str, str] | None = None): return 0 @apihook("recv", argc=4, ordinal=16) - def recv(self, emu, argv, ctx: dict[str, str] | None = None): + def recv(self, emu, argv, ctx: api.ApiContext = None): """ int recv( SOCKET s, @@ -643,7 +643,7 @@ def recv(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("send", argc=4, ordinal=19) - def send(self, emu, argv, ctx: dict[str, str] | None = None): + def send(self, emu, argv, ctx: api.ApiContext = None): """ int WSAAPI send( SOCKET s, @@ -675,7 +675,7 @@ def send(self, emu, argv, ctx: dict[str, str] | None = None): return len(data) @apihook("closesocket", argc=1, ordinal=3) - def closesocket(self, emu, argv, ctx: dict[str, str] | None = None): + def closesocket(self, emu, argv, ctx: api.ApiContext = None): """ int closesocket( IN SOCKET s @@ -696,7 +696,7 @@ def closesocket(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("ioctlsocket", argc=3, ordinal=10) - def ioctlsocket(self, emu, argv, ctx: dict[str, str] | None = None): + def ioctlsocket(self, emu, argv, ctx: api.ApiContext = None): """ int ioctlsocket( SOCKET s, @@ -715,7 +715,7 @@ def ioctlsocket(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("getaddrinfo", argc=4, ordinal=178) - def getaddrinfo(self, emu, argv, ctx: dict[str, str] | None = None): + def getaddrinfo(self, emu, argv, ctx: api.ApiContext = None): """ INT WSAAPI getaddrinfo( PCSTR pNodeName, @@ -784,7 +784,7 @@ def getaddrinfo(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("freeaddrinfo", argc=1, ordinal=177) - def freeaddrinfo(self, emu, argv, ctx: dict[str, str] | None = None): + def freeaddrinfo(self, emu, argv, ctx: api.ApiContext = None): """ VOID WSAAPI freeaddrinfo( PADDRINFOA pAddrInfo @@ -796,7 +796,7 @@ def freeaddrinfo(self, emu, argv, ctx: dict[str, str] | None = None): return @apihook("getsockopt", argc=5, ordinal=7) - def getsockopt(self, emu, argv, ctx: dict[str, str] | None = None): + def getsockopt(self, emu, argv, ctx: api.ApiContext = None): """ int getsockopt( SOCKET s, diff --git a/speakeasy/winenv/api/usermode/wtsapi32.py b/speakeasy/winenv/api/usermode/wtsapi32.py index 2ab2d6c3..aaf0ce87 100644 --- a/speakeasy/winenv/api/usermode/wtsapi32.py +++ b/speakeasy/winenv/api/usermode/wtsapi32.py @@ -29,7 +29,7 @@ def __init__(self, emu): super().__get_hook_attrs__(self) @apihook("WTSEnumerateSessions", argc=5, conv=_arch.CALL_CONV_STDCALL) - def WTSEnumerateSessions(self, emu, argv, ctx: dict[str, str] | None = None): + def WTSEnumerateSessions(self, emu, argv, ctx: api.ApiContext = None): """ BOOL WTSEnumerateSessions( IN HANDLE hServer, @@ -79,7 +79,7 @@ def WTSEnumerateSessions(self, emu, argv, ctx: dict[str, str] | None = None): return rv @apihook("WTSFreeMemory", argc=1, conv=_arch.CALL_CONV_STDCALL) - def WTSFreeMemory(self, emu, argv, ctx: dict[str, str] | None = None): + def WTSFreeMemory(self, emu, argv, ctx: api.ApiContext = None): """ void WTSFreeMemory( IN PVOID pMemory From efbf1e7bdd4fce8260a711318f6950247ed4aa5b Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Tue, 10 Mar 2026 13:12:47 +0100 Subject: [PATCH 5/6] Remove unused ctx guards in API handlers 852 of the 1016 handlers never reference ctx after the guard line. Remove the dead `ctx = ctx or {}` assignment in those methods, keeping it only in the 164 that actually use ctx downstream. --- speakeasy/winenv/api/kernelmode/fwpkclnt.py | 12 -- speakeasy/winenv/api/kernelmode/hal.py | 3 - speakeasy/winenv/api/kernelmode/ndis.py | 16 -- speakeasy/winenv/api/kernelmode/netio.py | 18 -- speakeasy/winenv/api/kernelmode/ntoskrnl.py | 152 ------------- speakeasy/winenv/api/kernelmode/usbd.py | 1 - speakeasy/winenv/api/kernelmode/wdfldr.py | 30 --- speakeasy/winenv/api/usermode/advapi32.py | 37 ---- speakeasy/winenv/api/usermode/advpack.py | 1 - speakeasy/winenv/api/usermode/bcrypt.py | 3 - speakeasy/winenv/api/usermode/com_api.py | 5 - speakeasy/winenv/api/usermode/comctl32.py | 2 - speakeasy/winenv/api/usermode/gdi32.py | 22 -- speakeasy/winenv/api/usermode/iphlpapi.py | 1 - speakeasy/winenv/api/usermode/kernel32.py | 223 -------------------- speakeasy/winenv/api/usermode/lz32.py | 1 - speakeasy/winenv/api/usermode/mpr.py | 3 - speakeasy/winenv/api/usermode/mscoree.py | 1 - speakeasy/winenv/api/usermode/msi32.py | 1 - speakeasy/winenv/api/usermode/msimg32.py | 1 - speakeasy/winenv/api/usermode/msvcrt.py | 126 ----------- speakeasy/winenv/api/usermode/msvfw32.py | 3 - speakeasy/winenv/api/usermode/ncrypt.py | 1 - speakeasy/winenv/api/usermode/netapi32.py | 3 - speakeasy/winenv/api/usermode/netutils.py | 1 - speakeasy/winenv/api/usermode/ntdll.py | 18 -- speakeasy/winenv/api/usermode/ole32.py | 9 - speakeasy/winenv/api/usermode/oleaut32.py | 4 - speakeasy/winenv/api/usermode/psapi.py | 2 - speakeasy/winenv/api/usermode/rpcrt4.py | 2 - speakeasy/winenv/api/usermode/secur32.py | 1 - speakeasy/winenv/api/usermode/sfc.py | 2 - speakeasy/winenv/api/usermode/shell32.py | 4 - speakeasy/winenv/api/usermode/shlwapi.py | 2 - speakeasy/winenv/api/usermode/user32.py | 87 -------- speakeasy/winenv/api/usermode/winhttp.py | 13 -- speakeasy/winenv/api/usermode/wininet.py | 7 - speakeasy/winenv/api/usermode/winmm.py | 1 - speakeasy/winenv/api/usermode/wkscli.py | 1 - speakeasy/winenv/api/usermode/ws2_32.py | 31 --- speakeasy/winenv/api/usermode/wtsapi32.py | 1 - 41 files changed, 852 deletions(-) diff --git a/speakeasy/winenv/api/kernelmode/fwpkclnt.py b/speakeasy/winenv/api/kernelmode/fwpkclnt.py index 142993a1..8c0e097f 100644 --- a/speakeasy/winenv/api/kernelmode/fwpkclnt.py +++ b/speakeasy/winenv/api/kernelmode/fwpkclnt.py @@ -83,7 +83,6 @@ def FwpmEngineOpen0(self, emu, argv, ctx: api.ApiContext = None): HANDLE *engineHandle ); """ - ctx = ctx or {} sname, asvc, authid, sess, eng = argv @@ -104,7 +103,6 @@ def FwpsInjectionHandleCreate0(self, emu, argv, ctx: api.ApiContext = None): HANDLE *injectionHandle ); """ - ctx = ctx or {} family, flags, inj_handle = argv rv = ddk.STATUS_SUCCESS @@ -124,7 +122,6 @@ def FwpmSubLayerAdd0(self, emu, argv, ctx: api.ApiContext = None): PSECURITY_DESCRIPTOR sd ); """ - ctx = ctx or {} engineHandle, subLayer, sd = argv name = "" @@ -167,7 +164,6 @@ def FwpsCalloutRegister1(self, emu, argv, ctx: api.ApiContext = None): UINT32 *calloutId ); """ - ctx = ctx or {} deviceObject, pCallout, calloutId = argv rv = ddk.STATUS_SUCCESS @@ -212,7 +208,6 @@ def FwpmCalloutAdd0(self, emu, argv, ctx: api.ApiContext = None): UINT32 *id ); """ - ctx = ctx or {} eng, pCallout, sd, pCid = argv name = "" @@ -254,7 +249,6 @@ def FwpmFilterAdd0(self, emu, argv, ctx: api.ApiContext = None): UINT64 *id ); """ - ctx = ctx or {} eng, pFilter, sd, pId = argv self.mem_write(pId, b"\x41\x41") @@ -293,7 +287,6 @@ def FwpmFilterDeleteById0(self, emu, argv, ctx: api.ApiContext = None): UINT64 id ); """ - ctx = ctx or {} eng, fid = argv rv = ddk.STATUS_SUCCESS @@ -308,7 +301,6 @@ def FwpmCalloutDeleteById0(self, emu, argv, ctx: api.ApiContext = None): UINT32 id ); """ - ctx = ctx or {} eng, cid = argv rv = FWP_E_CALLOUT_NOT_FOUND @@ -324,7 +316,6 @@ def FwpsCalloutUnregisterById0(self, emu, argv, ctx: api.ApiContext = None): const UINT32 calloutId ); """ - ctx = ctx or {} (cid,) = argv rv = FWP_E_CALLOUT_NOT_FOUND @@ -341,7 +332,6 @@ def FwpmSubLayerDeleteByKey0(self, emu, argv, ctx: api.ApiContext = None): const GUID *key ); """ - ctx = ctx or {} eng, key = argv rv = FWP_E_SUBLAYER_NOT_FOUND @@ -361,7 +351,6 @@ def FwpmEngineClose0(self, emu, argv, ctx: api.ApiContext = None): HANDLE engineHandle ); """ - ctx = ctx or {} (eng,) = argv rv = ddk.STATUS_SUCCESS @@ -374,7 +363,6 @@ def FwpsInjectionHandleDestroy0(self, emu, argv, ctx: api.ApiContext = None): HANDLE injectionHandle ); """ - ctx = ctx or {} (handle,) = argv rv = ddk.STATUS_SUCCESS diff --git a/speakeasy/winenv/api/kernelmode/hal.py b/speakeasy/winenv/api/kernelmode/hal.py index 2a9a1c0b..77e862e2 100644 --- a/speakeasy/winenv/api/kernelmode/hal.py +++ b/speakeasy/winenv/api/kernelmode/hal.py @@ -32,7 +32,6 @@ def KeGetCurrentIrql(self, emu, argv, ctx: api.ApiContext = None): """ NTHALAPI KIRQL KeGetCurrentIrql(); """ - ctx = ctx or {} irql = emu.get_current_irql() return irql @@ -43,7 +42,6 @@ def ExAcquireFastMutex(self, emu, argv, ctx: api.ApiContext = None): _Inout_ PFAST_MUTEX FastMutex ); """ - ctx = ctx or {} return @apihook("ExReleaseFastMutex", argc=1, conv=_arch.CALL_CONV_FASTCALL) @@ -53,5 +51,4 @@ def ExReleaseFastMutex(self, emu, argv, ctx: api.ApiContext = None): _Inout_ PFAST_MUTEX FastMutex ); """ - ctx = ctx or {} return diff --git a/speakeasy/winenv/api/kernelmode/ndis.py b/speakeasy/winenv/api/kernelmode/ndis.py index d6b0e112..d3699297 100644 --- a/speakeasy/winenv/api/kernelmode/ndis.py +++ b/speakeasy/winenv/api/kernelmode/ndis.py @@ -57,7 +57,6 @@ def NdisGetVersion(self, emu, argv, ctx: api.ApiContext = None): """ UINT NdisGetVersion(); """ - ctx = ctx or {} ndis_major = 5 ndis_minor = 0 @@ -83,7 +82,6 @@ def NdisGetRoutineAddress(self, emu, argv, ctx: api.ApiContext = None): PNDIS_STRING NdisRoutineName ); """ - ctx = ctx or {} (NdisRoutineName,) = argv fn = self.read_unicode_string(NdisRoutineName) @@ -102,7 +100,6 @@ def NdisMRegisterMiniportDriver(self, emu, argv, ctx: api.ApiContext = None): PNDIS_HANDLE NdisMiniportDriverHandle ); """ - ctx = ctx or {} drv, reg, drv_ctx, chars, phnd = argv rv = NDIS_STATUS_SUCCESS @@ -121,7 +118,6 @@ def NdisInitializeWrapper(self, emu, argv, ctx: api.ApiContext = None): PVOID SystemSpecific2, PVOID SystemSpecific3) """ - ctx = ctx or {} pHandle, ss1, ss2, ss3 = argv hnd = self.new_id() @@ -136,7 +132,6 @@ def NdisTerminateWrapper(self, emu, argv, ctx: api.ApiContext = None): _In_ PVOID SystemSpecific ); """ - ctx = ctx or {} hnd, ss = argv @apihook("NdisInitializeReadWriteLock", argc=1) @@ -146,7 +141,6 @@ def NdisInitializeReadWriteLock(self, emu, argv, ctx: api.ApiContext = None): PNDIS_RW_LOCK Lock ); """ - ctx = ctx or {} (lock,) = argv @apihook("NdisMRegisterUnloadHandler", argc=2) @@ -157,7 +151,6 @@ def NdisMRegisterUnloadHandler(self, emu, argv, ctx: api.ApiContext = None): _In_ PDRIVER_UNLOAD UnloadHandler ); """ - ctx = ctx or {} hnd, unload = argv @apihook("NdisRegisterProtocol", argc=4) @@ -170,7 +163,6 @@ def NdisRegisterProtocol(self, emu, argv, ctx: api.ApiContext = None): _In_ UINT CharacteristicsLength ); """ - ctx = ctx or {} pStatus, pProtoHandle, pChars, clen = argv rv = NDIS_STATUS_SUCCESS hnd = self.new_id() @@ -194,7 +186,6 @@ def NdisIMRegisterLayeredMiniport(self, emu, argv, ctx: api.ApiContext = None): _Out_ PNDIS_HANDLE DriverHandle ); """ - ctx = ctx or {} hnd, mp_chars, clen, drv_hnd = argv rv = NDIS_STATUS_SUCCESS @@ -218,7 +209,6 @@ def NdisIMAssociateMiniport(self, emu, argv, ctx: api.ApiContext = None): NDIS_HANDLE ProtocolHandle ); """ - ctx = ctx or {} drv_hnd, phnd = argv @apihook("NdisAllocateGenericObject", argc=3) @@ -230,7 +220,6 @@ def NdisAllocateGenericObject(self, emu, argv, ctx: api.ApiContext = None): USHORT Size ); """ - ctx = ctx or {} drv, tag, size = argv ptr = 0 @@ -256,7 +245,6 @@ def NdisAllocateMemoryWithTag(self, emu, argv, ctx: api.ApiContext = None): _In_ ULONG Tag ); """ - ctx = ctx or {} va, size, tag = argv rv = ddk.STATUS_SUCCESS @@ -277,7 +265,6 @@ def NdisAllocateNetBufferListPool(self, emu, argv, ctx: api.ApiContext = None): PNET_BUFFER_LIST_POOL_PARAMETERS Parameters ); """ - ctx = ctx or {} NdisHandle, Parameters = argv params = self.mem_cast(self.ndis.NET_BUFFER_LIST_POOL_PARAMETERS(emu.get_ptr_size()), Parameters) @@ -303,7 +290,6 @@ def NdisFreeNetBufferListPool(self, emu, argv, ctx: api.ApiContext = None): NDIS_HANDLE PoolHandle ); """ - ctx = ctx or {} (handle,) = argv return @@ -317,7 +303,6 @@ def NdisFreeMemory(self, emu, argv, ctx: api.ApiContext = None): UINT MemoryFlags ); """ - ctx = ctx or {} va, length, flags = argv return @@ -329,7 +314,6 @@ def NdisFreeGenericObject(self, emu, argv, ctx: api.ApiContext = None): PNDIS_GENERIC_OBJECT NdisObject ); """ - ctx = ctx or {} (pObj,) = argv return diff --git a/speakeasy/winenv/api/kernelmode/netio.py b/speakeasy/winenv/api/kernelmode/netio.py index e0348fd1..aff1c813 100644 --- a/speakeasy/winenv/api/kernelmode/netio.py +++ b/speakeasy/winenv/api/kernelmode/netio.py @@ -120,7 +120,6 @@ def WskRegister(self, emu, argv, ctx: api.ApiContext = None): PWSK_REGISTRATION WskRegistration ); """ - ctx = ctx or {} WskClientNpi, WskRegistration = argv rv = 0 @@ -136,7 +135,6 @@ def WskCaptureProviderNPI(self, emu, argv, ctx: api.ApiContext = None): PWSK_PROVIDER_NPI WskProviderNpi ); """ - ctx = ctx or {} WskRegistration, WaitTimeout, WskProviderNpi = argv rv = 0 @@ -176,7 +174,6 @@ def WskSocket(self, emu, argv, ctx: api.ApiContext = None): PSECURITY_DESCRIPTOR SecurityDescriptor, PIRP Irp )""" - ctx = ctx or {} cli, af, stype, proto, flags, sctx, disp, proc, thr, secdesc, pIrp = argv # noqa rv = ddk.STATUS_INVALID_PARAMETER @@ -208,7 +205,6 @@ def WskSocketConnect(self, emu, argv, ctx: api.ApiContext = None): PSECURITY_DESCRIPTOR SecurityDescriptor, PIRP Irp )""" - ctx = ctx or {} cli, stype, proto, laddr, raddr, flags, sctx, disp, proc, thr, secdesc, irp = argv # noqa rv = 0 @@ -227,7 +223,6 @@ def WskControlClient(self, emu, argv, ctx: api.ApiContext = None): SIZE_T *OutputSizeReturned, PIRP Irp )""" - ctx = ctx or {} cli, ctl, insiz, inbuf, osiz, obuf, oret, irp = argv rv = 0 @@ -247,7 +242,6 @@ def WskGetAddressInfo(self, emu, argv, ctx: api.ApiContext = None): PETHREAD OwningThread, PIRP Irp )""" - ctx = ctx or {} cli, node, svc, namespace, prov, hints, res, proc, thr, irp = argv rv = 0 @@ -259,7 +253,6 @@ def WskFreeAddressInfo(self, emu, argv, ctx: api.ApiContext = None): PWSK_CLIENT Client, PADDRINFOEXW AddrInfo )""" - ctx = ctx or {} cli, addr = argv rv = 0 @@ -278,7 +271,6 @@ def WskGetNameInfo(self, emu, argv, ctx: api.ApiContext = None): PETHREAD OwningThread, PIRP Irp )""" - ctx = ctx or {} cli, saddr, saddrlen, node, svc, flags, proc, thr, irp = argv rv = 0 @@ -298,7 +290,6 @@ def WskControlSocket(self, emu, argv, ctx: api.ApiContext = None): SIZE_T *OutputSizeReturned, PIRP Irp )""" - ctx = ctx or {} sock, rtype, ctl, level, isize, ibuf, osize, obuf, oret, irp = argv rv = 0 @@ -310,7 +301,6 @@ def WskCloseSocket(self, emu, argv, ctx: api.ApiContext = None): PWSK_SOCKET Socket, PIRP Irp )""" - ctx = ctx or {} sock, irp = argv rv = 0 @@ -324,7 +314,6 @@ def WskBind(self, emu, argv, ctx: api.ApiContext = None): ULONG Flags, PIRP Irp )""" - ctx = ctx or {} sock, laddr, flags, irp = argv rv = 0 @@ -348,7 +337,6 @@ def WskSendTo(self, emu, argv, ctx: api.ApiContext = None): PCMSGHDR ControlInfo, PIRP Irp )""" - ctx = ctx or {} sock, buf, flags, raddr, infolen, ctlinfo, irp = argv rv = 0 @@ -366,7 +354,6 @@ def WskReceiveFrom(self, emu, argv, ctx: api.ApiContext = None): PULONG ControlFlags, PIRP Irp )""" - ctx = ctx or {} sock, buf, flags, raddr, ctllen, ctlinfo, irp = argv rv = 0 @@ -378,7 +365,6 @@ def WskRelease(self, emu, argv, ctx: api.ApiContext = None): _In_ PWSK_SOCKET Socket, _In_ PWSK_DATA_INDICATION DataIndication )""" - ctx = ctx or {} sock, data_indic = argv rv = 0 @@ -391,7 +377,6 @@ def WskGetLocalAddress(self, emu, argv, ctx: api.ApiContext = None): PSOCKADDR LocalAddress, PIRP Irp )""" - ctx = ctx or {} sock, laddr = argv rv = 0 @@ -404,7 +389,6 @@ def WskReleaseProviderNPI(self, emu, argv, ctx: api.ApiContext = None): PWSK_REGISTRATION WskRegistration ); """ - ctx = ctx or {} (reg,) = argv return @@ -414,7 +398,6 @@ def NsiEnumerateObjectsAllParametersEx(self, emu, argv, ctx: api.ApiContext = No """ N/A """ - ctx = ctx or {} return @apihook("WskDeregister", argc=1) @@ -424,7 +407,6 @@ def WskDeregister(self, emu, argv, ctx: api.ApiContext = None): PWSK_REGISTRATION WskRegistration ); """ - ctx = ctx or {} (reg,) = argv return diff --git a/speakeasy/winenv/api/kernelmode/ntoskrnl.py b/speakeasy/winenv/api/kernelmode/ntoskrnl.py index fe93e799..7d8ba27e 100644 --- a/speakeasy/winenv/api/kernelmode/ntoskrnl.py +++ b/speakeasy/winenv/api/kernelmode/ntoskrnl.py @@ -105,7 +105,6 @@ def ObfDereferenceObject(self, emu, argv, ctx: api.ApiContext = None): """ void ObfDereferenceObject(a); """ - ctx = ctx or {} Object = argv[0] obj = self.get_object_from_addr(Object) @@ -119,7 +118,6 @@ def ZwClose(self, emu, argv, ctx: api.ApiContext = None): HANDLE Handle ); """ - ctx = ctx or {} rv = ddk.STATUS_SUCCESS # For now, just leave the handle open so we can reference it later @@ -133,7 +131,6 @@ def DbgPrint(self, emu, argv, ctx: api.ApiContext = None): ... ); """ - ctx = ctx or {} fmt = emu.get_func_argv(_arch.CALL_CONV_CDECL, 1)[0] fmt_str = self.read_string(fmt) @@ -156,7 +153,6 @@ def DbgPrintEx(self, emu, argv, ctx: api.ApiContext = None): ... ); """ - ctx = ctx or {} cid, level, fmt = emu.get_func_argv(_arch.CALL_CONV_CDECL, 3) @@ -184,7 +180,6 @@ def _vsnprintf(self, emu, argv, ctx: api.ApiContext = None): va_list argptr ); """ - ctx = ctx or {} buffer, count, _format, argptr = argv rv = 0 @@ -217,7 +212,6 @@ def RtlAnsiStringToUnicodeString(self, emu, argv, ctx: api.ApiContext = None): BOOLEAN AllocateDestinationString ); """ - ctx = ctx or {} dest, src, do_alloc = argv nts = ddk.STATUS_SUCCESS @@ -261,7 +255,6 @@ def RtlInitAnsiString(self, emu, argv, ctx: api.ApiContext = None): PCSZ SourceString ); """ - ctx = ctx or {} ansi = self.win.STRING(emu.get_ptr_size()) dest, src = argv @@ -285,7 +278,6 @@ def RtlInitUnicodeString(self, emu, argv, ctx: api.ApiContext = None): PCWSTR SourceString ); """ - ctx = ctx or {} us = self.win.UNICODE_STRING(emu.get_ptr_size()) dest, src = argv @@ -313,7 +305,6 @@ def RtlFreeUnicodeString(self, emu, argv, ctx: api.ApiContext = None): PUNICODE_STRING UnicodeString ); """ - ctx = ctx or {} (UnicodeString,) = argv us_str = self.read_unicode_string(UnicodeString) @@ -332,7 +323,6 @@ def ExAllocatePoolWithTag(self, emu, argv, ctx: api.ApiContext = None): ULONG Tag ); """ - ctx = ctx or {} PoolType, NumberOfBytes, Tag = argv @@ -354,7 +344,6 @@ def ExFreePoolWithTag(self, emu, argv, ctx: api.ApiContext = None): ULONG Tag ); """ - ctx = ctx or {} P, Tag = argv if Tag: @@ -373,7 +362,6 @@ def ExAllocatePool(self, emu, argv, ctx: api.ApiContext = None): SIZE_T NumberOfBytes ); """ - ctx = ctx or {} PoolType, NumberOfBytes = argv chunk = self.pool_alloc(PoolType, NumberOfBytes, "None") @@ -386,7 +374,6 @@ def ExFreePool(self, emu, argv, ctx: api.ApiContext = None): addr ); """ - ctx = ctx or {} (addr,) = argv self.mem_free(addr) @@ -399,7 +386,6 @@ def memmove(self, emu, argv, ctx: api.ApiContext = None): size_t count ); """ - ctx = ctx or {} dest, src, count = argv data = self.mem_read(src, count) @@ -411,7 +397,6 @@ def IoDeleteDriver(self, emu, argv, ctx: api.ApiContext = None): """ VOID IoDeleteDriver(PDRIVER_OBJECT DriverObject) """ - ctx = ctx or {} (drv,) = argv return @@ -429,7 +414,6 @@ def IoCreateDevice(self, emu, argv, ctx: api.ApiContext = None): PDEVICE_OBJECT *DeviceObject ); """ - ctx = ctx or {} nts = ddk.STATUS_SUCCESS drv, ext_size, name, devtype, chars, exclusive, out_addr = argv @@ -463,7 +447,6 @@ def IoCreateDeviceSecure(self, emu, argv, ctx: api.ApiContext = None): _Out_ PDEVICE_OBJECT *DeviceObject ); """ - ctx = ctx or {} nts = ddk.STATUS_SUCCESS drv, ext_size, name, devtype, chars, exclusive, sddl, guid, out_addr = argv @@ -488,7 +471,6 @@ def IoCreateSymbolicLink(self, emu, argv, ctx: api.ApiContext = None): PUNICODE_STRING DeviceName ); """ - ctx = ctx or {} SymbolicLinkName, DeviceName = argv link_name = self.read_unicode_string(SymbolicLinkName).replace("\x00", "") dev_name = self.read_unicode_string(DeviceName).replace("\x00", "") @@ -508,7 +490,6 @@ def IofCompleteRequest(self, emu, argv, ctx: api.ApiContext = None): _In_ CCHAR PriorityBoost ); """ - ctx = ctx or {} pIrp, boost = argv argv[1] = 0xFF & argv[1] @@ -521,7 +502,6 @@ def IoDeleteSymbolicLink(self, emu, argv, ctx: api.ApiContext = None): PUNICODE_STRING SymbolicLinkName ); """ - ctx = ctx or {} nts = ddk.STATUS_SUCCESS SymbolicLinkName = argv[0] @@ -531,7 +511,6 @@ def IoDeleteSymbolicLink(self, emu, argv, ctx: api.ApiContext = None): @apihook("KeInitializeMutex", argc=2) def KeInitializeMutex(self, emu, argv, ctx: api.ApiContext = None): - ctx = ctx or {} return @apihook("IoDeleteDevice", argc=1) @@ -541,7 +520,6 @@ def IoDeleteDevice(self, emu, argv, ctx: api.ApiContext = None): __drv_freesMem(Mem)PDEVICE_OBJECT DeviceObject ); """ - ctx = ctx or {} nts = ddk.STATUS_SUCCESS # devobj = argv[0] @@ -554,7 +532,6 @@ def MmIsAddressValid(self, emu, argv, ctx: api.ApiContext = None): PVOID VirtualAddress ); """ - ctx = ctx or {} rv = 0 (addr,) = argv @@ -572,7 +549,6 @@ def ZwQuerySystemInformation(self, emu, argv, ctx: api.ApiContext = None): _Out_opt_ PULONG ReturnLength ); """ - ctx = ctx or {} sysclass, sysinfo, syslen, retlen = argv size = 0 @@ -702,7 +678,6 @@ def _allshl(self, emu, argv, ctx: api.ApiContext = None): LONG b ) """ - ctx = ctx or {} a, b = argv rv = 0xFFFFFFFFFFFFFFFF & a << (0xFFFFFFFF & b) @@ -716,7 +691,6 @@ def wcscpy(self, emu, argv, ctx: api.ApiContext = None): const wchar_t *strSource ); """ - ctx = ctx or {} dest, src = argv ws = self.read_wide_string(src) @@ -734,7 +708,6 @@ def wcsncpy(self, emu, argv, ctx: api.ApiContext = None): size_t count ); """ - ctx = ctx or {} dest, src, count = argv ws = self.read_wide_string(src) @@ -751,7 +724,6 @@ def RtlMoveMemory(self, emu, argv, ctx: api.ApiContext = None): size_t Length ); """ - ctx = ctx or {} self.memcpy(emu, argv) @apihook("memcpy", argc=3, conv=_arch.CALL_CONV_CDECL) @@ -763,7 +735,6 @@ def memcpy(self, emu, argv, ctx: api.ApiContext = None): size_t count ); """ - ctx = ctx or {} dest, src, count = argv data = self.mem_read(src, count) @@ -779,7 +750,6 @@ def memset(self, emu, argv, ctx: api.ApiContext = None): size_t count ); """ - ctx = ctx or {} dest, c, count = argv data = c.to_bytes(1, "little") @@ -795,7 +765,6 @@ def sprintf(self, emu, argv, ctx: api.ApiContext = None): argument] ... ); """ - ctx = ctx or {} buf, fmt = emu.get_func_argv(_arch.CALL_CONV_CDECL, 2) fmt_str = self.read_string(fmt) fmt_cnt = self.get_va_arg_count(fmt_str) @@ -821,7 +790,6 @@ def _snprintf(self, emu, argv, ctx: api.ApiContext = None): argument] ... ); """ - ctx = ctx or {} buf, cnt, fmt = emu.get_func_argv(_arch.CALL_CONV_CDECL, 3) fmt_str = self.read_string(fmt) fmt_cnt = self.get_va_arg_count(fmt_str) @@ -844,7 +812,6 @@ def wcslen(self, emu, argv, ctx: api.ApiContext = None): const wchar_t *str ); """ - ctx = ctx or {} string = argv[0] ws = self.read_wide_string(string) @@ -864,7 +831,6 @@ def wcschr(self, emu, argv, ctx: api.ApiContext = None): wchar_t c ); """ - ctx = ctx or {} wstr, c = argv ws = self.read_wide_string(wstr) hay = ws.encode("utf-16le") @@ -889,7 +855,6 @@ def wcscat(self, emu, argv, ctx: api.ApiContext = None): const wchar_t *strSource ); """ - ctx = ctx or {} dest, src = argv sws = self.read_wide_string(src) dws = self.read_wide_string(dest) @@ -913,7 +878,6 @@ def strrchr(self, emu, argv, ctx: api.ApiContext = None): int c ); """ - ctx = ctx or {} cstr, c = argv cs = self.read_string(cstr) hay = cs.encode("utf-8") @@ -938,7 +902,6 @@ def strchr(self, emu, argv, ctx: api.ApiContext = None): int c ); """ - ctx = ctx or {} cstr, c = argv cs = self.read_string(cstr) hay = cs.encode("utf-8") @@ -964,7 +927,6 @@ def _wcsnicmp(self, emu, argv, ctx: api.ApiContext = None): size_t count ); """ - ctx = ctx or {} string1, string2, count = argv rv = 1 @@ -987,7 +949,6 @@ def _stricmp(self, emu, argv, ctx: api.ApiContext = None): const char *string2 ); """ - ctx = ctx or {} string1, string2 = argv rv = 1 @@ -1013,7 +974,6 @@ def _wcsicmp(self, emu, argv, ctx: api.ApiContext = None): const wchar_t *string2 ); """ - ctx = ctx or {} string1, string2 = argv rv = 1 @@ -1041,7 +1001,6 @@ def PsCreateSystemThread(self, emu, argv, ctx: api.ApiContext = None): PVOID StartContext ); """ - ctx = ctx or {} hThrd, access, objattr, hProc, client_id, start, startctx = argv rv = ddk.STATUS_SUCCESS @@ -1069,7 +1028,6 @@ def RtlCopyUnicodeString(self, emu, argv, ctx: api.ApiContext = None): PCUNICODE_STRING SourceString ); """ - ctx = ctx or {} dest_str, src_str = argv dest = self.win.UNICODE_STRING(emu.get_ptr_size()) @@ -1104,7 +1062,6 @@ def RtlEqualUnicodeString(self, emu, argv, ctx: api.ApiContext = None): BOOLEAN CaseInSensitive ); """ - ctx = ctx or {} str1, str2, ci = argv us = self.win.UNICODE_STRING(emu.get_ptr_size()) @@ -1130,7 +1087,6 @@ def IoAllocateIrp(self, emu, argv, ctx: api.ApiContext = None): BOOLEAN ChargeQuota ); """ - ctx = ctx or {} StackSize, ChargeQuota = argv StackSize = StackSize & 0xFF @@ -1149,7 +1105,6 @@ def IoFreeIrp(self, emu, argv, ctx: api.ApiContext = None): PIRP Irp ); """ - ctx = ctx or {} (Irp,) = argv return @@ -1162,7 +1117,6 @@ def IoReuseIrp(self, emu, argv, ctx: api.ApiContext = None): NTSTATUS Iostatus ); """ - ctx = ctx or {} Irp, Iostatus = argv return @@ -1178,7 +1132,6 @@ def IoAllocateMdl(self, emu, argv, ctx: api.ApiContext = None): PIRP Irp ); """ - ctx = ctx or {} va, length, sec_buf, quota, irp = argv mdl = self.win.MDL(emu.get_ptr_size()) @@ -1204,7 +1157,6 @@ def MmProbeAndLockPages(self, emu, argv, ctx: api.ApiContext = None): LOCK_OPERATION Operation ); """ - ctx = ctx or {} return @apihook("KeDelayExecutionThread", argc=3) @@ -1216,7 +1168,6 @@ def KeDelayExecutionThread(self, emu, argv, ctx: api.ApiContext = None): PLARGE_INTEGER Interval ); """ - ctx = ctx or {} mode, alert, interval = argv rv = ddk.STATUS_SUCCESS @@ -1231,7 +1182,6 @@ def KeSetEvent(self, emu, argv, ctx: api.ApiContext = None): BOOLEAN Wait ); """ - ctx = ctx or {} Event, Increment, Wait = argv rv = 0 @@ -1245,7 +1195,6 @@ def IoCreateSynchronizationEvent(self, emu, argv, ctx: api.ApiContext = None): PHANDLE EventHandle ); """ - ctx = ctx or {} EventName, EventHandle = argv name = self.read_unicode_string(EventName) @@ -1267,7 +1216,6 @@ def KeInitializeEvent(self, emu, argv, ctx: api.ApiContext = None): BOOLEAN State ); """ - ctx = ctx or {} return @@ -1278,7 +1226,6 @@ def KeResetEvent(self, emu, argv, ctx: api.ApiContext = None): PRKEVENT Event ); """ - ctx = ctx or {} rv = 0 return rv @@ -1290,7 +1237,6 @@ def KeClearEvent(self, emu, argv, ctx: api.ApiContext = None): PRKEVENT Event ); """ - ctx = ctx or {} return @apihook("KeInitializeTimer", argc=1) @@ -1300,7 +1246,6 @@ def KeInitializeTimer(self, emu, argv, ctx: api.ApiContext = None): PKTIMER Timer ); """ - ctx = ctx or {} return @apihook("KeSetTimer", argc=3) @@ -1312,7 +1257,6 @@ def KeSetTimer(self, emu, argv, ctx: api.ApiContext = None): PKDPC Dpc ); """ - ctx = ctx or {} return True @apihook("PsLookupProcessByProcessId", argc=2) @@ -1323,7 +1267,6 @@ def PsLookupProcessByProcessId(self, emu, argv, ctx: api.ApiContext = None): PEPROCESS *Process ); """ - ctx = ctx or {} ProcessId, Process = argv rv = ddk.STATUS_SUCCESS @@ -1355,7 +1298,6 @@ def ObOpenObjectByPointer(self, emu, argv, ctx: api.ApiContext = None): PHANDLE Handle ); """ - ctx = ctx or {} Object, HandleAttributes, pAccess, dAccess, ObjectType, AccessMode, Handle = argv rv = ddk.STATUS_SUCCESS @@ -1374,7 +1316,6 @@ def PsGetProcessPeb(self, emu, argv, ctx: api.ApiContext = None): PEPROCESS Object, ); """ - ctx = ctx or {} Object = argv[0] proc = self.get_object_from_addr(Object) @@ -1389,7 +1330,6 @@ def KeStackAttachProcess(self, emu, argv, ctx: api.ApiContext = None): PRKAPC_STATE ApcState ); """ - ctx = ctx or {} Process, ApcState = argv @@ -1403,7 +1343,6 @@ def KeUnstackDetachProcess(self, emu, argv, ctx: api.ApiContext = None): PRKAPC_STATE ApcState ); """ - ctx = ctx or {} # ApcState = argv[0] return @@ -1418,7 +1357,6 @@ def ZwProtectVirtualMemory(self, emu, argv, ctx: api.ApiContext = None): OUT PULONG OldAccessProtection ) """ - ctx = ctx or {} hnd, base, byte_len, new_prot, old_prot = argv if base: @@ -1442,7 +1380,6 @@ def ZwWriteVirtualMemory(self, emu, argv, ctx: api.ApiContext = None): ULONG NumberOfBytesToWrite, PULONG NumberOfBytesWritten); """ - ctx = ctx or {} rv = ddk.STATUS_SUCCESS hProcess, lpBaseAddress, lpBuffer, nSize, lpNumberOfBytesWritten = argv rv = False @@ -1481,7 +1418,6 @@ def ZwAllocateVirtualMemory(self, emu, argv, ctx: api.ApiContext = None): ULONG Protect ); """ - ctx = ctx or {} ProcessHandle, BaseAddress, ZeroBits, RegionSize, Type, Protect = argv rv = ddk.STATUS_SUCCESS @@ -1510,7 +1446,6 @@ def PsLookupThreadByThreadId(self, emu, argv, ctx: api.ApiContext = None): PETHREAD *Thread ); """ - ctx = ctx or {} ThreadId, pThread = argv rv = ddk.STATUS_INVALID_PARAMETER @@ -1532,7 +1467,6 @@ def RtlGetVersion(self, emu, argv, ctx: api.ApiContext = None): PRTL_OSVERSIONINFOW lpVersionInformation ); """ - ctx = ctx or {} lpVersionInformation = argv[0] rv = ddk.STATUS_SUCCESS @@ -1565,7 +1499,6 @@ def KeWaitForSingleObject(self, emu, argv, ctx: api.ApiContext = None): PLARGE_INTEGER Timeout ); """ - ctx = ctx or {} Object, WaitReason, WaitMode, Alertable, Timeout = argv rv = ddk.STATUS_SUCCESS @@ -1612,7 +1545,6 @@ def MmMapLockedPagesSpecifyCache(self, emu, argv, ctx: api.ApiContext = None): ULONG Priority ); """ - ctx = ctx or {} p_mdl, am, ctype, addr, bugcheck, priority = argv rv = 0 @@ -1631,7 +1563,6 @@ def KeInsertQueueApc(self, emu, argv, ctx: api.ApiContext = None): PVOID SystemArgument2, KPRIORITY PriorityBoost) """ - ctx = ctx or {} Apc, SystemArgument1, SystemArgument2, PriorityBoost = argv rv = True @@ -1646,7 +1577,6 @@ def KeInitializeDpc(self, emu, argv, ctx: api.ApiContext = None): __drv_aliasesMem PVOID DeferredContext ); """ - ctx = ctx or {} Dpc, DeferredRoutine, DeferredContext = argv return @@ -1667,7 +1597,6 @@ def ObReferenceObjectByName(self, emu, argv, ctx: api.ApiContext = None): PVOID* ObjectPtr ); """ - ctx = ctx or {} ObjectName, Attributes, Passed, DesiredAccess, objtype, Access, ParseContext, objptr = argv rv = ddk.STATUS_INVALID_PARAMETER obj = None @@ -1702,7 +1631,6 @@ def IoGetDeviceObjectPointer(self, emu, argv, ctx: api.ApiContext = None): PDEVICE_OBJECT *DeviceObject ); """ - ctx = ctx or {} ObjectName, DesiredAccess, pFileObject, pDeviceObject = argv rv = ddk.STATUS_INVALID_PARAMETER @@ -1725,7 +1653,6 @@ def PsTerminateSystemThread(self, emu, argv, ctx: api.ApiContext = None): NTSTATUS ExitStatus ); """ - ctx = ctx or {} # ExitStatus = argv[0] rv = ddk.STATUS_SUCCESS @@ -1740,7 +1667,6 @@ def IoRegisterBootDriverReinitialization(self, emu, argv, ctx: api.ApiContext = PVOID Context ); """ - ctx = ctx or {} DriverObject, routine, context = argv @@ -1751,7 +1677,6 @@ def IoRegisterBootDriverReinitialization(self, emu, argv, ctx: api.ApiContext = @apihook("KdDisableDebugger", argc=0) def KdDisableDebugger(self, emu, argv, ctx: api.ApiContext = None): """NTKERNELAPI NTSTATUS KdDisableDebugger();""" - ctx = ctx or {} rv = ddk.STATUS_DEBUGGER_INACTIVE return rv @@ -1768,7 +1693,6 @@ def KdChangeOption(self, emu, argv, ctx: api.ApiContext = None): PULONG OutBufferNeeded ); """ - ctx = ctx or {} rv = ddk.STATUS_DEBUGGER_INACTIVE return rv @@ -1780,7 +1704,6 @@ def MmGetSystemRoutineAddress(self, emu, argv, ctx: api.ApiContext = None): PUNICODE_STRING SystemRoutineName ); """ - ctx = ctx or {} (SystemRoutineName,) = argv fn = self.read_unicode_string(SystemRoutineName) @@ -1795,7 +1718,6 @@ def KeQuerySystemTime(self, emu, argv, ctx: api.ApiContext = None): PLARGE_INTEGER CurrentTime ); """ - ctx = ctx or {} (CurrentTime,) = argv data = emu.get_system_time() data = data.to_bytes(8, "little") @@ -1809,7 +1731,6 @@ def RtlTimeToTimeFields(self, emu, argv, ctx: api.ApiContext = None): PTIME_FIELDS TimeFields ); """ - ctx = ctx or {} Time, TimeFields = argv sys_time = self.mem_read(Time, 8) @@ -1823,7 +1744,6 @@ def ExSystemTimeToLocalTime(self, emu, argv, ctx: api.ApiContext = None): PLARGE_INTEGER LocalTime ); """ - ctx = ctx or {} SystemTime, LocalTime = argv sys_time = self.mem_read(SystemTime, 8) @@ -1842,7 +1762,6 @@ def CmRegisterCallbackEx(self, emu, argv, ctx: api.ApiContext = None): PVOID Reserved ); """ - ctx = ctx or {} # TODO: Emulate the callback routine rv = ddk.STATUS_SUCCESS @@ -1857,7 +1776,6 @@ def CmRegisterCallback(self, emu, argv, ctx: api.ApiContext = None): PLARGE_INTEGER Cookie ); """ - ctx = ctx or {} # TODO: Emulate the callback routine Function, Context, Cookie = argv @@ -1872,7 +1790,6 @@ def CmUnRegisterCallback(self, emu, argv, ctx: api.ApiContext = None): LARGE_INTEGER Cookie ); """ - ctx = ctx or {} (Cookie,) = argv rv = ddk.STATUS_SUCCESS @@ -1888,7 +1805,6 @@ def EtwRegister(self, emu, argv, ctx: api.ApiContext = None): PREGHANDLE RegHandle ); """ - ctx = ctx or {} ProviderId, EnableCallback, CallbackContext, RegHandle = argv rv = ddk.STATUS_SUCCESS @@ -1909,7 +1825,6 @@ def RtlImageDirectoryEntryToData(self, emu, argv, ctx: api.ApiContext = None): PULONG Size ); """ - ctx = ctx or {} Base, MappedAsImage, DirectoryEntry, Size = argv MappedAsImage &= 0xFF @@ -1930,7 +1845,6 @@ def ZwOpenEvent(self, emu, argv, ctx: api.ApiContext = None): POBJECT_ATTRIBUTES ObjectAttributes ); """ - ctx = ctx or {} EventHandle, DesiredAccess, ObjectAttributes = argv oa = self.win.OBJECT_ATTRIBUTES(emu.get_ptr_size()) @@ -1959,7 +1873,6 @@ def ZwCreateEvent(self, emu, argv, ctx: api.ApiContext = None): BOOLEAN InitialState ); """ - ctx = ctx or {} EventHandle, access, objattr, evttype, state = argv @@ -1984,7 +1897,6 @@ def ExInitializeResourceLite(self, emu, argv, ctx: api.ApiContext = None): PERESOURCE Resource ); """ - ctx = ctx or {} (Resource,) = argv return ddk.STATUS_SUCCESS @@ -1992,7 +1904,6 @@ def ExInitializeResourceLite(self, emu, argv, ctx: api.ApiContext = None): @apihook("KeEnterCriticalRegion", argc=0) def KeEnterCriticalRegion(self, emu, argv, ctx: api.ApiContext = None): """NTKERNELAPI VOID KeEnterCriticalRegion();""" - ctx = ctx or {} return @@ -2004,7 +1915,6 @@ def ExAcquireResourceExclusiveLite(self, emu, argv, ctx: api.ApiContext = None): BOOLEAN Wait ); """ - ctx = ctx or {} rv = True return rv @@ -2016,7 +1926,6 @@ def ExAcquireResourceSharedLite(self, emu, argv, ctx: api.ApiContext = None): _In_ BOOLEAN Wait ); """ - ctx = ctx or {} rv = True return rv @@ -2027,7 +1936,6 @@ def ExReleaseResourceLite(self, emu, argv, ctx: api.ApiContext = None): _Inout_ PERESOURCE Resource ); """ - ctx = ctx or {} return @apihook("ExAcquireFastMutex", argc=1) @@ -2037,7 +1945,6 @@ def ExAcquireFastMutex(self, emu, argv, ctx: api.ApiContext = None): _Inout_ PFAST_MUTEX FastMutex ); """ - ctx = ctx or {} (FastMutex,) = argv return @@ -2049,7 +1956,6 @@ def ExReleaseFastMutex(self, emu, argv, ctx: api.ApiContext = None): _Inout_ PFAST_MUTEX FastMutex ); """ - ctx = ctx or {} (FastMutex,) = argv return @@ -2061,7 +1967,6 @@ def ObfReferenceObject(self, emu, argv, ctx: api.ApiContext = None): PVOID Object ); """ - ctx = ctx or {} return 0 @apihook("RtlLengthRequiredSid", argc=1) @@ -2071,7 +1976,6 @@ def RtlLengthRequiredSid(self, emu, argv, ctx: api.ApiContext = None): ULONG SubAuthorityCount ); """ - ctx = ctx or {} (count,) = argv rv = count * 16 @@ -2086,7 +1990,6 @@ def RtlInitializeSid(self, emu, argv, ctx: api.ApiContext = None): UCHAR SubAuthorityCount ); """ - ctx = ctx or {} # TODO, unimplemented rv = ddk.STATUS_SUCCESS @@ -2100,7 +2003,6 @@ def RtlSubAuthoritySid(self, emu, argv, ctx: api.ApiContext = None): ULONG SubAuthority ); """ - ctx = ctx or {} # TODO, unimplemented sid, sub_auth = argv @@ -2115,7 +2017,6 @@ def RtlCreateAcl(self, emu, argv, ctx: api.ApiContext = None): ULONG AclRevision ); """ - ctx = ctx or {} # TODO, unimplemented acl, acl_len, acl_rev = argv rv = ddk.STATUS_SUCCESS @@ -2132,7 +2033,6 @@ def RtlSetDaclSecurityDescriptor(self, emu, argv, ctx: api.ApiContext = None): BOOLEAN DaclDefaulted ); """ - ctx = ctx or {} # TODO, unimplemented sec_desc, dacl_present, dacl, dacl_default = argv rv = ddk.STATUS_SUCCESS @@ -2147,7 +2047,6 @@ def ObSetSecurityObjectByPointer(self, emu, argv, ctx: api.ApiContext = None): IN PSECURITY_DESCRIPTOR SecurityDescriptor) ); """ - ctx = ctx or {} # TODO, unimplemented Object, SecurityInformation, SecurityDescriptor = argv rv = ddk.STATUS_SUCCESS @@ -2162,7 +2061,6 @@ def RtlCreateSecurityDescriptor(self, emu, argv, ctx: api.ApiContext = None): ULONG Revision ); """ - ctx = ctx or {} # TODO, unimplemented sec_desc, rev = argv rv = ddk.STATUS_SUCCESS @@ -2179,7 +2077,6 @@ def RtlAddAccessAllowedAce(self, emu, argv, ctx: api.ApiContext = None): PSID Sid ); """ - ctx = ctx or {} # TODO, unimplemented acl, acl_rev, access, sid = argv rv = ddk.STATUS_SUCCESS @@ -2193,7 +2090,6 @@ def PoDeletePowerRequest(self, emu, argv, ctx: api.ApiContext = None): PVOID PowerRequest ); """ - ctx = ctx or {} return @apihook("IoWMIRegistrationControl", argc=2) @@ -2204,7 +2100,6 @@ def IoWMIRegistrationControl(self, emu, argv, ctx: api.ApiContext = None): ULONG Action ); """ - ctx = ctx or {} rv = ddk.STATUS_INVALID_PARAMETER dev, action = argv @@ -2220,7 +2115,6 @@ def ObMakeTemporaryObject(self, emu, argv, ctx: api.ApiContext = None): PVOID Object ); """ - ctx = ctx or {} return None @apihook("RtlGetCompressionWorkSpaceSize", argc=3) @@ -2232,7 +2126,6 @@ def RtlGetCompressionWorkSpaceSize(self, emu, argv, ctx: api.ApiContext = None): PULONG CompressFragmentWorkSpaceSize ); """ - ctx = ctx or {} engine, buffer_workspace, frag_workspace = argv if buffer_workspace: self.mem_write(buffer_workspace, 0x1000.to_bytes(4, "little")) @@ -2252,7 +2145,6 @@ def RtlDecompressBuffer(self, emu, argv, ctx: api.ApiContext = None): PULONG FinalUncompressedSize ); """ - ctx = ctx or {} fmt, uncomp_buf, uncomp_buf_size, comp_buf, comp_buf_size, final_size = argv @@ -2285,7 +2177,6 @@ def FsRtlAllocatePool(self, emu, argv, ctx: api.ApiContext = None): PoolType, NumberOfBytes); """ - ctx = ctx or {} PoolType, NumberOfBytes = argv chunk = self.pool_alloc(PoolType, NumberOfBytes, "None") @@ -2299,7 +2190,6 @@ def IofCallDriver(self, emu, argv, ctx: api.ApiContext = None): __drv_aliasesMem PIRP Irp ); """ - ctx = ctx or {} DeviceObject, pIrp = argv rv = ddk.STATUS_SUCCESS @@ -2324,7 +2214,6 @@ def IoSetCompletionRoutineEx(self, emu, argv, ctx: api.ApiContext = None): BOOLEAN InvokeOnCancel ); """ - ctx = ctx or {} DeviceObject, Irp, CompletionRoutine, Context, on_success, on_error, on_cancel = argv rv = ddk.STATUS_SUCCESS @@ -2338,7 +2227,6 @@ def ExQueueWorkItem(self, emu, argv, ctx: api.ApiContext = None): WORK_QUEUE_TYPE QueueType ); """ - ctx = ctx or {} WorkItem, QueueType = argv return @@ -2359,7 +2247,6 @@ def ZwDeviceIoControlFile(self, emu, argv, ctx: api.ApiContext = None): ULONG OutputBufferLength ); """ - ctx = ctx or {} hnd, evt, apc_func, apc_ctx, isb, ioctl, InputBuffer, in_len, out_buf, out_len = argv # noqa nts = ddk.STATUS_SUCCESS @@ -2390,7 +2277,6 @@ def _snwprintf(self, emu, argv, ctx: api.ApiContext = None): argument] ... ); """ - ctx = ctx or {} buf, cnt, fmt = emu.get_func_argv(_arch.CALL_CONV_CDECL, 3) # the internal printf implementation requires uppercase S for wide string formatting, # otherwise the function replaces a latin1 string into an utf-16 string @@ -2422,7 +2308,6 @@ def ObReferenceObjectByHandle(self, emu, argv, ctx: api.ApiContext = None): POBJECT_HANDLE_INFORMATION HandleInformation ); """ - ctx = ctx or {} hnd, access, obtype, mode, Object, ohi = argv nts = ddk.STATUS_SUCCESS @@ -2445,7 +2330,6 @@ def ObGetFilterVersion(self, emu, argv, ctx: api.ApiContext = None): VOID ); """ - ctx = ctx or {} return 256 @apihook("ObRegisterCallbacks", argc=2) @@ -2458,7 +2342,6 @@ def ObRegisterCallbacks(self, emu, argv, ctx: api.ApiContext = None): _Outptr_ PVOID *RegistrationHandle ); """ - ctx = ctx or {} CallbackRegistration, RegistrationHandle = argv nts = ddk.STATUS_SUCCESS @@ -2471,7 +2354,6 @@ def ZwDeleteKey(self, emu, argv, ctx: api.ApiContext = None): HANDLE KeyHandle ); """ - ctx = ctx or {} (KeyHandle,) = argv nts = ddk.STATUS_SUCCESS @@ -2488,7 +2370,6 @@ def ZwQueryInformationProcess(self, emu, argv, ctx: api.ApiContext = None): OUT PULONG ReturnLength OPTIONAL ); """ - ctx = ctx or {} hnd, info_class, proc_info, proc_info_len, retlen = argv nts = ddk.STATUS_OBJECT_TYPE_MISMATCH @@ -2522,7 +2403,6 @@ def ZwQueryInformationProcess(self, emu, argv, ctx: api.ApiContext = None): @apihook("IoGetCurrentProcess", argc=0) def IoGetCurrentProcess(self, emu, argv, ctx: api.ApiContext = None): """NTKERNELAPI PEPROCESS IoGetCurrentProcess();""" - ctx = ctx or {} p = emu.get_current_process() return p.address @@ -2537,7 +2417,6 @@ def NtSetInformationThread(self, emu, argv, ctx: api.ApiContext = None): ULONG ThreadInformationLength ); """ - ctx = ctx or {} nts = ddk.STATUS_SUCCESS return nts @@ -2550,7 +2429,6 @@ def wcsnlen(self, emu, argv, ctx: api.ApiContext = None): size_t numberOfElements ); """ - ctx = ctx or {} src, num_elements = argv ws = self.read_wide_string(src) @@ -2566,7 +2444,6 @@ def IoRegisterShutdownNotification(self, emu, argv, ctx: api.ApiContext = None): PDEVICE_OBJECT DeviceObject ); """ - ctx = ctx or {} (DeviceObject,) = argv rv = ddk.STATUS_SUCCESS @@ -2579,7 +2456,6 @@ def IoUnregisterShutdownNotification(self, emu, argv, ctx: api.ApiContext = None PDEVICE_OBJECT DeviceObject ); """ - ctx = ctx or {} (DeviceObject,) = argv return ddk.STATUS_SUCCESS @@ -2590,7 +2466,6 @@ def KeAcquireSpinLockRaiseToDpc(self, emu, argv, ctx: api.ApiContext = None): _Inout_ PKSPIN_LOCK SpinLock ); """ - ctx = ctx or {} (spinlock,) = argv irql = self.get_current_irql() self.set_current_irql(ddk.DISPATCH_LEVEL) @@ -2603,7 +2478,6 @@ def MmUnlockPages(self, emu, argv, ctx: api.ApiContext = None): PMDL MemoryDescriptorList ); """ - ctx = ctx or {} (mdl,) = argv return @@ -2614,7 +2488,6 @@ def IoFreeMdl(self, emu, argv, ctx: api.ApiContext = None): PMDL Mdl ); """ - ctx = ctx or {} (mdl,) = argv return @@ -2625,7 +2498,6 @@ def KeCancelTimer(self, emu, argv, ctx: api.ApiContext = None): PKTIMER Arg1 ); """ - ctx = ctx or {} rv = 1 return rv @@ -2639,7 +2511,6 @@ def PsGetVersion(self, emu, argv, ctx: api.ApiContext = None): PUNICODE_STRING CSDVersion ); """ - ctx = ctx or {} pmaj, pmin, bn, csdv = argv ver = self.emu.config.os_ver @@ -2666,7 +2537,6 @@ def PsSetCreateProcessNotifyRoutineEx(self, emu, argv, ctx: api.ApiContext = Non _In_ BOOLEAN Remove ); """ - ctx = ctx or {} NotifyRoutine, Remove = argv rv = ddk.STATUS_SUCCESS @@ -2681,7 +2551,6 @@ def PsSetLoadImageNotifyRoutine(self, emu, argv, ctx: api.ApiContext = None): _In_ PLOAD_IMAGE_NOTIFY_ROUTINE NotifyRoutine ); """ - ctx = ctx or {} NotifyRoutine = argv # noqa rv = ddk.STATUS_SUCCESS @@ -2696,7 +2565,6 @@ def PsRemoveLoadImageNotifyRoutine(self, emu, argv, ctx: api.ApiContext = None): _In_ PLOAD_IMAGE_NOTIFY_ROUTINE NotifyRoutine ); """ - ctx = ctx or {} NotifyRoutine = argv # noqa rv = ddk.STATUS_SUCCESS @@ -2711,7 +2579,6 @@ def PsSetCreateThreadNotifyRoutine(self, emu, argv, ctx: api.ApiContext = None): _In_ PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine ); """ - ctx = ctx or {} NotifyRoutine = argv # noqa rv = ddk.STATUS_SUCCESS @@ -2726,7 +2593,6 @@ def PsRemoveCreateThreadNotifyRoutine(self, emu, argv, ctx: api.ApiContext = Non _In_ PCREATE_THREAD_NOTIFY_ROUTINE NotifyRoutine ); """ - ctx = ctx or {} NotifyRoutine = argv # noqa rv = ddk.STATUS_SUCCESS @@ -2741,7 +2607,6 @@ def mbstowcs(self, emu, argv, ctx: api.ApiContext = None): size_t count ); """ - ctx = ctx or {} wcstr, mbstr, count = argv rv = 0 @@ -2766,7 +2631,6 @@ def ZwOpenKey(self, emu, argv, ctx: api.ApiContext = None): POBJECT_ATTRIBUTES ObjectAttributes ); """ - ctx = ctx or {} phnd, access, objattr = argv rv = ddk.STATUS_SUCCESS @@ -2797,7 +2661,6 @@ def ZwQueryValueKey(self, emu, argv, ctx: api.ApiContext = None): PULONG ResultLength ); """ - ctx = ctx or {} hnd, val, info_class, val_info, length, ret_len = argv rv = ddk.STATUS_INVALID_HANDLE @@ -2854,7 +2717,6 @@ def ZwCreateFile(self, emu, argv, ctx: api.ApiContext = None): ULONG EaLength ); """ - ctx = ctx or {} pHndl, access, objattr, statblock, alloc_size, file_attrs, share, create_disp, create_opts, ea_buf, ea_len = ( argv ) @@ -2934,7 +2796,6 @@ def ZwOpenFile(self, emu, argv, ctx: api.ApiContext = None): ULONG OpenOptions ); """ - ctx = ctx or {} pHndl, access, objattr, statblock, share, open_opts = argv nts = ddk.STATUS_OBJECT_NAME_NOT_FOUND @@ -2981,7 +2842,6 @@ def ZwQueryInformationFile(self, emu, argv, ctx: api.ApiContext = None): FILE_INFORMATION_CLASS FileInformationClass ); """ - ctx = ctx or {} FileHandle, IoStatusBlock, FileInformation, Length, FileInformationClass = argv nts = ddk.STATUS_INVALID_PARAMETER @@ -3010,7 +2870,6 @@ def RtlCompareMemory(self, emu, argv, ctx: api.ApiContext = None): SIZE_T Length ); """ - ctx = ctx or {} s1, s2, Length = argv @@ -3035,7 +2894,6 @@ def RtlQueryRegistryValuesEx(self, emu, argv, ctx: api.ApiContext = None): PVOID Environment ); """ - ctx = ctx or {} rv = ddk.STATUS_SUCCESS # TODO: complete this api handler @@ -3069,7 +2927,6 @@ def ZwWriteFile(self, emu, argv, ctx: api.ApiContext = None): PULONG Key ); """ - ctx = ctx or {} FileHandle, evt, apc, apc_ctx, ios, buf, length, offset, key = argv length = length & 0xFFFFFFFF @@ -3111,7 +2968,6 @@ def ZwReadFile(self, emu, argv, ctx: api.ApiContext = None): PULONG Key ); """ - ctx = ctx or {} FileHandle, evt, apc, apc_ctx, ios, buf, length, offset, key = argv nts = ddk.STATUS_INVALID_PARAMETER @@ -3140,7 +2996,6 @@ def MmIsDriverVerifying(self, emu, argv, ctx: api.ApiContext = None): _DRIVER_OBJECT *DriverObject ); """ - ctx = ctx or {} (DriverObject,) = argv rv = False @@ -3160,7 +3015,6 @@ def ZwCreateSection(self, emu, argv, ctx: api.ApiContext = None): HANDLE FileHandle ); """ - ctx = ctx or {} ( SectionHandle, @@ -3203,7 +3057,6 @@ def ZwUnmapViewOfSection(self, emu, argv, ctx: api.ApiContext = None): PVOID BaseAddress ); """ - ctx = ctx or {} ProcessHandle, BaseAddress = argv return 0 @@ -3223,7 +3076,6 @@ def ZwMapViewOfSection(self, emu, argv, ctx: api.ApiContext = None): ULONG Win32Protect ); """ - ctx = ctx or {} ( SectionHandle, @@ -3317,7 +3169,6 @@ def RtlAllocateHeap(self, emu, argv, ctx: api.ApiContext = None): SIZE_T Size ); """ - ctx = ctx or {} heap, flags, size = argv block = self.heap_alloc(size, heap="RtlAllocateHeap") @@ -3332,7 +3183,6 @@ def ZwGetContextThread(self, emu, argv, ctx: api.ApiContext = None): LPCONTEXT lpContext ); """ - ctx = ctx or {} hThread, lpContext = argv obj = self.get_object_from_handle(hThread) @@ -3353,7 +3203,6 @@ def ZwSetContextThread(self, emu, argv, ctx: api.ApiContext = None): LPCONTEXT lpContext ); """ - ctx = ctx or {} hThread, lpContext = argv obj = self.get_object_from_handle(hThread) @@ -3376,7 +3225,6 @@ def RtlFreeHeap(self, emu, argv, ctx: api.ApiContext = None): PVOID BaseAddress ); """ - ctx = ctx or {} rv = 1 hHeap, dwFlags, lpMem = argv diff --git a/speakeasy/winenv/api/kernelmode/usbd.py b/speakeasy/winenv/api/kernelmode/usbd.py index d605289a..95d0600b 100644 --- a/speakeasy/winenv/api/kernelmode/usbd.py +++ b/speakeasy/winenv/api/kernelmode/usbd.py @@ -36,7 +36,6 @@ def USBD_ValidateConfigurationDescriptor(self, emu, argv, ctx: api.ApiContext = ULONG Tag ); """ - ctx = ctx or {} rv = ddk.STATUS_SUCCESS ConfigDesc, BufferLength, Level, Offset, Tag = argv diff --git a/speakeasy/winenv/api/kernelmode/wdfldr.py b/speakeasy/winenv/api/kernelmode/wdfldr.py index 2d60c8eb..74415417 100644 --- a/speakeasy/winenv/api/kernelmode/wdfldr.py +++ b/speakeasy/winenv/api/kernelmode/wdfldr.py @@ -205,7 +205,6 @@ def WdfVersionBind(self, emu, argv, ctx: api.ApiContext = None): __out PWDF_COMPONENT_GLOBALS* ComponentGlobals ); """ - ctx = ctx or {} rv = ddk.STATUS_SUCCESS drv, reg_path, BindInfo, comp_globals = argv @@ -240,7 +239,6 @@ def WdfDriverCreate(self, emu, argv, ctx: api.ApiContext = None): WDFDRIVER *Driver ); """ - ctx = ctx or {} DriverGlobals, DriverObject, RegistryPath, DriverAttributes, DriverConfig, Driver = argv driver = WdfDriver() @@ -267,7 +265,6 @@ def WdfDeviceInitSetPnpPowerEventCallbacks(self, emu, argv, ctx: api.ApiContext PWDF_PNPPOWER_EVENT_CALLBACKS PnpPowerEventCallbacks ); """ - ctx = ctx or {} DriverGlobals, DeviceInit, PnpPowerEventCallbacks = argv return @@ -280,7 +277,6 @@ def WdfDeviceInitSetRequestAttributes(self, emu, argv, ctx: api.ApiContext = Non PWDF_OBJECT_ATTRIBUTES RequestAttributes ); """ - ctx = ctx or {} DriverGlobals, DeviceInit, RequestAttributes = argv return @@ -294,7 +290,6 @@ def WdfDeviceInitSetFileObjectConfig(self, emu, argv, ctx: api.ApiContext = None PWDF_OBJECT_ATTRIBUTES FileObjectAttributes ); """ - ctx = ctx or {} DriverGlobals, DeviceInit, FileObjectConfig, FileObjectAttributes = argv return @@ -307,7 +302,6 @@ def WdfDeviceInitSetIoType(self, emu, argv, ctx: api.ApiContext = None): WDF_DEVICE_IO_TYPE IoType ); """ - ctx = ctx or {} DriverGlobals, DeviceInit, IoType = argv return @@ -321,7 +315,6 @@ def WdfDeviceCreate(self, emu, argv, ctx: api.ApiContext = None): WDFDEVICE *Device ); """ - ctx = ctx or {} DriverGlobals, DeviceInit, DeviceAttributes, Device = argv rv = ddk.STATUS_SUCCESS @@ -350,7 +343,6 @@ def WdfObjectGetTypedContextWorker(self, emu, argv, ctx: api.ApiContext = None): PCWDF_OBJECT_CONTEXT_TYPE_INFO TypeInfo ); """ - ctx = ctx or {} DriverGlobals, Handle, TypeInfo = argv driver = self.wdf_drivers.get(DriverGlobals) @@ -372,7 +364,6 @@ def WdfDriverOpenParametersRegistryKey(self, emu, argv, ctx: api.ApiContext = No WDFKEY *Key ); """ - ctx = ctx or {} DriverGlobals, Driver, DesiredAccess, KeyAttributes, pKey = argv rv = ddk.STATUS_OBJECT_NAME_NOT_FOUND @@ -396,7 +387,6 @@ def WdfRegistryQueryULong(self, emu, argv, ctx: api.ApiContext = None): PULONG Value ); """ - ctx = ctx or {} DriverGlobals, Key, ValueName, Value = argv rv = ddk.STATUS_OBJECT_NAME_NOT_FOUND @@ -419,7 +409,6 @@ def WdfRegistryClose(self, emu, argv, ctx: api.ApiContext = None): WDFKEY Key ); """ - ctx = ctx or {} DriverGlobals, Key = argv return @@ -431,7 +420,6 @@ def WdfDeviceSetPnpCapabilities(self, emu, argv, ctx: api.ApiContext = None): PWDF_DEVICE_PNP_CAPABILITIES PnpCapabilities ); """ - ctx = ctx or {} DriverGlobals, Device, PnpCapabilities = argv return @@ -444,7 +432,6 @@ def WdfIoQueueReadyNotify(self, emu, argv, ctx: api.ApiContext = None): WDFCONTEXT Context ); """ - ctx = ctx or {} DriverGlobals, Queue, QueueReady, Context = argv rv = ddk.STATUS_SUCCESS @@ -459,7 +446,6 @@ def WdfDeviceCreateDeviceInterface(self, emu, argv, ctx: api.ApiContext = None): PCUNICODE_STRING ReferenceString ); """ - ctx = ctx or {} DriverGlobals, Device, InterfaceClassGUID, ReferenceString = argv rv = ddk.STATUS_SUCCESS @@ -484,7 +470,6 @@ def WdfIoQueueCreate(self, emu, argv, ctx: api.ApiContext = None): WDFQUEUE *Queue ); """ - ctx = ctx or {} DriverGlobals, Device, Config, QueueAttributes, Queue = argv rv = ddk.STATUS_SUCCESS @@ -507,7 +492,6 @@ def WdfDeviceWdmGetAttachedDevice(self, emu, argv, ctx: api.ApiContext = None): WDFDEVICE Device ); """ - ctx = ctx or {} DriverGlobals, Device = argv if not self.pnp_device: @@ -527,7 +511,6 @@ def WdfUsbTargetDeviceCreateWithParameters(self, emu, argv, ctx: api.ApiContext WDFUSBDEVICE *UsbDevice ); """ - ctx = ctx or {} DriverGlobals, Device, Config, Attributes, UsbDevice = argv rv = ddk.STATUS_SUCCESS @@ -546,7 +529,6 @@ def WdfDeviceWdmGetDeviceObject(self, emu, argv, ctx: api.ApiContext = None): WDFDEVICE Device ); """ - ctx = ctx or {} DriverGlobals, Device = argv rv = 0 @@ -563,7 +545,6 @@ def WdfUsbTargetDeviceGetDeviceDescriptor(self, emu, argv, ctx: api.ApiContext = PUSB_DEVICE_DESCRIPTOR UsbDeviceDescriptor ); """ - ctx = ctx or {} DriverGlobals, UsbDevice, UsbDeviceDescriptor = argv dev = self.usb_devices.get(UsbDevice) @@ -584,7 +565,6 @@ def WdfMemoryCreate(self, emu, argv, ctx: api.ApiContext = None): PVOID *Buffer ); """ - ctx = ctx or {} DriverGlobals, Attributes, PoolType, PoolTag, BufferSize, Mem, Buf = argv rv = ddk.STATUS_SUCCESS @@ -607,7 +587,6 @@ def WdfUsbTargetDeviceSelectConfig(self, emu, argv, ctx: api.ApiContext = None): PWDF_USB_DEVICE_SELECT_CONFIG_PARAMS Params ); """ - ctx = ctx or {} DriverGlobals, UsbDevice, PipeAttributes, Params = argv rv = ddk.STATUS_SUCCESS @@ -643,7 +622,6 @@ def WdfUsbTargetDeviceRetrieveConfigDescriptor(self, emu, argv, ctx: api.ApiCont PUSHORT ConfigDescriptorLength ); """ - ctx = ctx or {} DriverGlobals, UsbDevice, ConfigDescriptor, ConfigDescriptorLength = argv rv = ddk.STATUS_BUFFER_TOO_SMALL @@ -677,7 +655,6 @@ def WdfUsbInterfaceSelectSetting(self, emu, argv, ctx: api.ApiContext = None): PWDF_USB_INTERFACE_SELECT_SETTING_PARAMS Params ); """ - ctx = ctx or {} DriverGlobals, UsbInterface, PipesAttributes, Params = argv rv = ddk.STATUS_INVALID_HANDLE @@ -700,7 +677,6 @@ def WdfUsbTargetDeviceGetNumInterfaces(self, emu, argv, ctx: api.ApiContext = No WDFUSBDEVICE UsbDevice ); """ - ctx = ctx or {} DriverGlobals, UsbDevice = argv rv = 0 @@ -717,7 +693,6 @@ def WdfUsbInterfaceGetNumConfiguredPipes(self, emu, argv, ctx: api.ApiContext = WDFUSBINTERFACE UsbInterface ); """ - ctx = ctx or {} DriverGlobals, UsbInterface = argv rv = 0 @@ -739,7 +714,6 @@ def WdfUsbInterfaceGetNumSettings(self, emu, argv, ctx: api.ApiContext = None): WDFUSBINTERFACE UsbInterface ); """ - ctx = ctx or {} DriverGlobals, UsbInterface = argv rv = 0 @@ -761,7 +735,6 @@ def WdfUsbTargetDeviceRetrieveInformation(self, emu, argv, ctx: api.ApiContext = PWDF_USB_DEVICE_INFORMATION Information ); """ - ctx = ctx or {} DriverGlobals, UsbDevice, Information = argv rv = ddk.STATUS_INVALID_HANDLE @@ -785,7 +758,6 @@ def WdfUsbInterfaceGetConfiguredPipe(self, emu, argv, ctx: api.ApiContext = None PWDF_USB_PIPE_INFORMATION PipeInfo ); """ - ctx = ctx or {} DriverGlobals, UsbInterface, PipeIndex, PipeInfo = argv rv = 0 @@ -831,7 +803,6 @@ def WdfUsbTargetPipeGetInformation(self, emu, argv, ctx: api.ApiContext = None): PWDF_USB_PIPE_INFORMATION PipeInformation ); """ - ctx = ctx or {} DriverGlobals, Pipe, PipeInfo = argv _pipe = self.usb_pipes.get(Pipe) @@ -870,7 +841,6 @@ def WdfUsbInterfaceGetInterfaceNumber(self, emu, argv, ctx: api.ApiContext = Non WDFUSBINTERFACE UsbInterface ); """ - ctx = ctx or {} DriverGlobals, UsbInterface = argv rv = 0 diff --git a/speakeasy/winenv/api/usermode/advapi32.py b/speakeasy/winenv/api/usermode/advapi32.py index eec9b824..c8e84668 100644 --- a/speakeasy/winenv/api/usermode/advapi32.py +++ b/speakeasy/winenv/api/usermode/advapi32.py @@ -283,7 +283,6 @@ def RegCloseKey(self, emu, argv, ctx: api.ApiContext = None): HKEY hKey ); """ - ctx = ctx or {} (hKey,) = argv rv = windefs.ERROR_SUCCESS @@ -470,7 +469,6 @@ def RegDeleteValue(self, emu, argv, ctx: api.ApiContext = None): @apihook("RegQueryInfoKey", argc=12, conv=_arch.CALL_CONV_STDCALL) def RegQueryInfoKey(self, emu, argv, ctx: api.ApiContext = None): - ctx = ctx or {} # TODO: stub """ LSTATUS RegQueryInfoKeyA( @@ -525,7 +523,6 @@ def OpenProcessToken(self, emu, argv, ctx: api.ApiContext = None): PHANDLE pTokenHandle ); """ - ctx = ctx or {} hProcess, DesiredAccess, pTokenHandle = argv rv = 0 @@ -559,7 +556,6 @@ def OpenThreadToken(self, emu, argv, ctx: api.ApiContext = None): PHANDLE TokenHandle ); """ - ctx = ctx or {} ThreadHandle, DesiredAccess, OpenAsSelf, pTokenHandle = argv rv = 0 @@ -595,7 +591,6 @@ def DuplicateTokenEx(self, emu, argv, ctx: api.ApiContext = None): PHANDLE phNewToken ); """ - ctx = ctx or {} (hExistingToken, access, token_attrs, imp_level, toktype, phNewToken) = argv rv = 0 @@ -626,7 +621,6 @@ def SetTokenInformation(self, emu, argv, ctx: api.ApiContext = None): DWORD TokenInformationLength ); """ - ctx = ctx or {} handle, info_class, info, info_len = argv @@ -689,7 +683,6 @@ def RegisterServiceCtrlHandler(self, emu, argv, ctx: api.ApiContext = None): LPHANDLER_FUNCTION lpHandlerProc ); """ - ctx = ctx or {} lpServiceName, lpHandlerProc = argv @@ -722,7 +715,6 @@ def SetServiceStatus(self, emu, argv, ctx: api.ApiContext = None): LPSERVICE_STATUS lpServiceStatus ); """ - ctx = ctx or {} hServiceStatus, lpServiceStatus = argv @@ -735,7 +727,6 @@ def RevertToSelf(self, emu, argv, ctx: api.ApiContext = None): """ BOOL RevertToSelf(); """ - ctx = ctx or {} return 1 @apihook("ImpersonateLoggedOnUser", argc=1) @@ -745,7 +736,6 @@ def ImpersonateLoggedOnUser(self, emu, argv, ctx: api.ApiContext = None): HANDLE hToken ); """ - ctx = ctx or {} return 1 @apihook("OpenSCManager", argc=3) @@ -757,7 +747,6 @@ def OpenSCManager(self, emu, argv, ctx: api.ApiContext = None): DWORD dwDesiredAccess ); """ - ctx = ctx or {} lpMachineName, lpDatabaseName, dwDesiredAccess = argv hScm = self.mem_alloc(size=8) @@ -827,7 +816,6 @@ def StartService(self, emu, argv, ctx: api.ApiContext = None): LPCSTR *lpServiceArgVectors ); """ - ctx = ctx or {} hService, dwNumServiceArgs, lpServiceArgVectors = argv rv = 1 @@ -850,7 +838,6 @@ def ControlService(self, emu, argv, ctx: api.ApiContext = None): [out] LPSERVICE_STATUS lpServiceStatus ); """ - ctx = ctx or {} hService, dwControl, lpServiceStatus = argv rv = 1 @@ -867,7 +854,6 @@ def QueryServiceStatus(self, emu, argv, ctx: api.ApiContext = None): LPSERVICE_STATUS lpServiceStatus ); """ - ctx = ctx or {} hService, lpServiceStatus = argv if not hService: @@ -901,7 +887,6 @@ def QueryServiceConfig(self, emu, argv, ctx: api.ApiContext = None): LPDWORD pcbBytesNeeded ); """ - ctx = ctx or {} hService, lpServiceConfig, cbBufSize, pcbBytesNeeded = argv if not hService: @@ -940,7 +925,6 @@ def CloseServiceHandle(self, emu, argv, ctx: api.ApiContext = None): SC_HANDLE hSCObject ); """ - ctx = ctx or {} (CloseServiceHandle,) = argv self.mem_free(CloseServiceHandle) @@ -1010,7 +994,6 @@ def ChangeServiceConfig2(self, emu, argv, ctx: api.ApiContext = None): LPVOID lpInfo ); """ - ctx = ctx or {} hService, dwInfoLevel, lpInfo = argv rv = 1 @@ -1027,7 +1010,6 @@ def RtlGenRandom(self, emu, argv, ctx: api.ApiContext = None): ULONG RandomBufferLength ); """ - ctx = ctx or {} RandomBuffer, RandomBufferLength = argv rv = False @@ -1081,7 +1063,6 @@ def CryptGenRandom(self, emu, argv, ctx: api.ApiContext = None): BYTE *pbBuffer ); """ - ctx = ctx or {} hProv, dwLen, pbBuffer = argv rv = False @@ -1109,7 +1090,6 @@ def AllocateAndInitializeSid(self, emu, argv, ctx: api.ApiContext = None): PSID *pSid ); """ - ctx = ctx or {} auth, count, sa0, sa1, sa2, sa3, sa4, sa5, sa6, sa7, pSid = argv rv = False @@ -1129,7 +1109,6 @@ def CheckTokenMembership(self, emu, argv, ctx: api.ApiContext = None): PBOOL IsMember ); """ - ctx = ctx or {} TokenHandle, SidToCheck, IsMember = argv rv = False @@ -1145,7 +1124,6 @@ def FreeSid(self, emu, argv, ctx: api.ApiContext = None): PSID pSid ); """ - ctx = ctx or {} (pSid,) = argv rv = pSid @@ -1162,7 +1140,6 @@ def CryptReleaseContext(self, emu, argv, ctx: api.ApiContext = None): DWORD dwFlags ); """ - ctx = ctx or {} hProv, dwFlags = argv rv = True @@ -1269,7 +1246,6 @@ def AdjustTokenPrivileges(self, emu, argv, ctx: api.ApiContext = None): PDWORD ReturnLength ); """ - ctx = ctx or {} rv = True return rv @@ -1285,7 +1261,6 @@ def GetTokenInformation(self, emu, argv, ctx: api.ApiContext = None): PDWORD ReturnLength ); """ - ctx = ctx or {} hnd, info_class, info, info_len, ret_len = argv rv = True @@ -1308,7 +1283,6 @@ def EqualSid(self, emu, argv, ctx: api.ApiContext = None): PSID pSid2 ); """ - ctx = ctx or {} sid1, sid2 = argv rv = False @@ -1327,7 +1301,6 @@ def GetSidIdentifierAuthority(self, emu, argv, ctx: api.ApiContext = None): [in] PSID pSid ); """ - ctx = ctx or {} (sid,) = argv # IdentifierAuthority is at offset 0x02 in the SID structure @@ -1340,7 +1313,6 @@ def GetSidSubAuthorityCount(self, emu, argv, ctx: api.ApiContext = None): PSID pSid ); """ - ctx = ctx or {} (sid,) = argv rv = 0 @@ -1357,7 +1329,6 @@ def GetSidSubAuthority(self, emu, argv, ctx: api.ApiContext = None): [in] DWORD nSubAuthority ); """ - ctx = ctx or {} sid, nsub = argv # SubAuthorities begin at offset 0x8 @@ -1539,7 +1510,6 @@ def CryptCreateHash(self, emu, argv, ctx: api.ApiContext = None): HCRYPTHASH *phHash ); """ - ctx = ctx or {} hash_algs = { 0x00008004: ("CALG_SHA1", hashlib.sha1), @@ -1574,7 +1544,6 @@ def CryptHashData(self, emu, argv, ctx: api.ApiContext = None): DWORD dwFlags ); """ - ctx = ctx or {} hHash, pbData, dwDataLen, dwFlags = argv hnd = self.hash_objects.get(hHash, None) @@ -1600,7 +1569,6 @@ def CryptGetHashParam(self, emu, argv, ctx: api.ApiContext = None): DWORD dwFlags ); """ - ctx = ctx or {} hHash, dwParam, pbData, pdwDataLen, dwFlags = argv param_enums = {1: "HP_ALGID", 2: "HP_HASHVAL", 4: "HP_HASHSIZE", 5: "HP_HMAC_INFO"} @@ -1617,7 +1585,6 @@ def CryptDestroyHash(self, emu, argv, ctx: api.ApiContext = None): HCRYPTHASH hHash ); """ - ctx = ctx or {} return 1 @apihook("CryptDeriveKey", argc=5) @@ -1631,7 +1598,6 @@ def CryptDeriveKey(self, emu, argv, ctx: api.ApiContext = None): HCRYPTKEY *phKey ); """ - ctx = ctx or {} hProv, Algid, hBaseData, dwFlags, phKey = argv @@ -1678,7 +1644,6 @@ def CryptDecrypt(self, emu, argv, ctx: api.ApiContext = None): DWORD *pdwDataLen ); """ - ctx = ctx or {} hKey, hHash, Final, dwFlags, pbData, pdwDataLen = argv @@ -1797,7 +1762,6 @@ def EnumServicesStatus(self, emu, argv, ctx: api.ApiContext = None): LPDWORD lpResumeHandle ); """ - ctx = ctx or {} ( hSCManager, dwServiceType, @@ -1843,5 +1807,4 @@ def DeleteService(self, emu, argv, ctx: api.ApiContext = None): SC_HANDLE hService ); """ - ctx = ctx or {} return 1 diff --git a/speakeasy/winenv/api/usermode/advpack.py b/speakeasy/winenv/api/usermode/advpack.py index 693c7cbf..990a3c99 100644 --- a/speakeasy/winenv/api/usermode/advpack.py +++ b/speakeasy/winenv/api/usermode/advpack.py @@ -26,5 +26,4 @@ def IsNTAdmin(self, emu, argv, ctx: api.ApiContext = None): """ bool IsNTAdmin(); """ - ctx = ctx or {} return emu.config.user.is_admin diff --git a/speakeasy/winenv/api/usermode/bcrypt.py b/speakeasy/winenv/api/usermode/bcrypt.py index 46efc0fa..5d14570b 100644 --- a/speakeasy/winenv/api/usermode/bcrypt.py +++ b/speakeasy/winenv/api/usermode/bcrypt.py @@ -35,7 +35,6 @@ def BCryptOpenAlgorithmProvider(self, emu, argv, ctx: api.ApiContext = None): ULONG dwFlags ); """ - ctx = ctx or {} phAlgorithm, pszAlgId, pszImplementation, dwFlags = argv algid = self.read_wide_string(pszAlgId) @@ -97,7 +96,6 @@ def BCryptCloseAlgorithmProvider(self, emu, argv, ctx: api.ApiContext = None): ULONG dwFlags ); """ - ctx = ctx or {} hAlgorithm, dwFlags = argv cm = emu.get_crypt_manager() @@ -118,7 +116,6 @@ def BCryptGetProperty(self, emu, argv, ctx: api.ApiContext = None): ULONG dwFlags ); """ - ctx = ctx or {} hObject, pszProperty, pbOutput, cbOutput, pcbResult, dwFlags = argv property = self.read_wide_string(pszProperty) diff --git a/speakeasy/winenv/api/usermode/com_api.py b/speakeasy/winenv/api/usermode/com_api.py index 423db4f8..2c474bfb 100644 --- a/speakeasy/winenv/api/usermode/com_api.py +++ b/speakeasy/winenv/api/usermode/com_api.py @@ -32,7 +32,6 @@ def IUnknown_QueryInterface(self, emu, argv, ctx: api.ApiContext = None): void **ppvObject ); """ - ctx = ctx or {} # not implemented return comdefs.S_OK @@ -41,7 +40,6 @@ def IUnknown_AddRef(self, emu, argv, ctx: api.ApiContext = None): """ ULONG AddRef(); """ - ctx = ctx or {} # not implemented return 1 @@ -50,7 +48,6 @@ def IUnknown_Release(self, emu, argv, ctx: api.ApiContext = None): """ ULONG Release(); """ - ctx = ctx or {} # not implemented return 0 @@ -68,7 +65,6 @@ def IWbemLocator_ConnectServer(self, emu, argv, ctx: api.ApiContext = None): IWbemServices **ppNamespace ); """ - ctx = ctx or {} ptr, strNetworkResource, strUser, strPassword, strLocale, lSecurityFlags, strAuthority, pCtx, ppNamespace = argv argv[1] = self.read_wide_string(strNetworkResource) @@ -91,7 +87,6 @@ def IWbemServices_ExecQuery(self, emu, argv, ctx: api.ApiContext = None): IEnumWbemClassObject **ppEnum ); """ - ctx = ctx or {} ptr, strQueryLanguage, strQuery, lFlags, pCtx, ppEnum = argv argv[1] = self.read_wide_string(strQueryLanguage) argv[2] = self.read_wide_string(strQuery) diff --git a/speakeasy/winenv/api/usermode/comctl32.py b/speakeasy/winenv/api/usermode/comctl32.py index 564c4208..431e3f2d 100644 --- a/speakeasy/winenv/api/usermode/comctl32.py +++ b/speakeasy/winenv/api/usermode/comctl32.py @@ -25,7 +25,6 @@ def InitCommonControlsEx(self, emu, argv, ctx: api.ApiContext = None): const INITCOMMONCONTROLSEX *picce ); """ - ctx = ctx or {} (picce,) = argv rv = True @@ -39,5 +38,4 @@ def InitCommonControls(self, emu, argv, ctx: api.ApiContext = None): Under Comctl32.dll version 6.0 and later, InitCommonControls does nothing. Applications must explicitly register all common controls through InitCommonControlsEx. """ - ctx = ctx or {} return diff --git a/speakeasy/winenv/api/usermode/gdi32.py b/speakeasy/winenv/api/usermode/gdi32.py index 790c050b..38e49e93 100644 --- a/speakeasy/winenv/api/usermode/gdi32.py +++ b/speakeasy/winenv/api/usermode/gdi32.py @@ -38,7 +38,6 @@ def CreateBitmap(self, emu, argv, ctx: api.ApiContext = None): const VOID *lpBits ); """ - ctx = ctx or {} return self.get_handle() @apihook("MoveToEx", argc=1) @@ -51,7 +50,6 @@ def MoveToEx(self, emu, argv, ctx: api.ApiContext = None): LPPOINT lppt ); """ - ctx = ctx or {} return 1 @apihook("LineTo", argc=1) @@ -63,7 +61,6 @@ def LineTo(self, emu, argv, ctx: api.ApiContext = None): int y ) """ - ctx = ctx or {} return 1 @apihook("GetStockObject", argc=1) @@ -73,7 +70,6 @@ def GetStockObject(self, emu, argv, ctx: api.ApiContext = None): int i ); """ - ctx = ctx or {} return 0 @apihook("GetMapMode", argc=1) @@ -83,7 +79,6 @@ def GetMapMode(self, emu, argv, ctx: api.ApiContext = None): HDC hdc ); """ - ctx = ctx or {} return 1 @apihook("GetDeviceCaps", argc=2) @@ -94,7 +89,6 @@ def GetDeviceCaps(self, emu, argv, ctx: api.ApiContext = None): int index ); """ - ctx = ctx or {} return 16 @apihook("GdiSetBatchLimit", argc=1) @@ -104,7 +98,6 @@ def GdiSetBatchLimit(self, emu, argv, ctx: api.ApiContext = None): DWORD dw ); """ - ctx = ctx or {} return 0 @apihook("MaskBlt", argc=12) @@ -125,7 +118,6 @@ def MaskBlt(self, emu, argv, ctx: api.ApiContext = None): DWORD rop ); """ - ctx = ctx or {} return 1 @apihook("BitBlt", argc=9) @@ -142,7 +134,6 @@ def BitBlt(self, emu, argv, ctx: api.ApiContext = None): int y1, DWORD rop """ - ctx = ctx or {} return 1 @apihook("DeleteDC", argc=1) @@ -152,7 +143,6 @@ def DeleteDC(self, emu, argv, ctx: api.ApiContext = None): HDC hdc ); """ - ctx = ctx or {} return 1 @apihook("SelectObject", argc=2) @@ -163,7 +153,6 @@ def SelectObject(self, emu, argv, ctx: api.ApiContext = None): HGDIOBJ h ); """ - ctx = ctx or {} return 0 @apihook("DeleteObject", argc=1) @@ -173,7 +162,6 @@ def DeleteObject(self, emu, argv, ctx: api.ApiContext = None): HGDIOBJ ho ); """ - ctx = ctx or {} return 1 @apihook("CreateCompatibleBitmap", argc=3) @@ -185,7 +173,6 @@ def CreateCompatibleBitmap(self, emu, argv, ctx: api.ApiContext = None): int cy ); """ - ctx = ctx or {} return 0 @apihook("CreateCompatibleDC", argc=1) @@ -195,7 +182,6 @@ def CreateCompatibleDC(self, emu, argv, ctx: api.ApiContext = None): HDC hdc ); """ - ctx = ctx or {} return 0 @apihook("GetDIBits", argc=7) @@ -211,7 +197,6 @@ def GetDIBits(self, emu, argv, ctx: api.ApiContext = None): UINT usage ); """ - ctx = ctx or {} return 0 @apihook("CreateDIBSection", argc=6) @@ -226,7 +211,6 @@ def CreateDIBSection(self, emu, argv, ctx: api.ApiContext = None): [in] DWORD offset ); """ - ctx = ctx or {} return 0 @apihook("CreateDCA", argc=4) @@ -239,7 +223,6 @@ def CreateDCA(self, emu, argv, ctx: api.ApiContext = None): const DEVMODEA *pdm ); """ - ctx = ctx or {} return 0 @apihook("GetTextCharacterExtra", argc=1) @@ -249,7 +232,6 @@ def GetTextCharacterExtra(self, emu, argv, ctx: api.ApiContext = None): HDC hdc ); """ - ctx = ctx or {} return 0x8000000 @apihook("StretchBlt", argc=11) @@ -269,7 +251,6 @@ def StretchBlt(self, emu, argv, ctx: api.ApiContext = None): DWORD rop ); """ - ctx = ctx or {} return 0 @apihook("CreateFontIndirectA", argc=1) @@ -279,7 +260,6 @@ def CreateFontIndirectA(self, emu, argv, ctx: api.ApiContext = None): const LOGFONTA *lplf ); """ - ctx = ctx or {} # Return a fake HFONT handle. # Any non-zero value is treated as success. return 0x6000 @@ -293,7 +273,6 @@ def GetObjectA(self, emu, argv, ctx: api.ApiContext = None): LPVOID pv ); """ - ctx = ctx or {} h, c, pv = argv # If caller provided a buffer, fill it with zeros. @@ -319,6 +298,5 @@ def WidenPath(self, emu, argv, ctx: api.ApiContext = None): HDC hdc ); """ - ctx = ctx or {} # We don't emulate actual path widening; just report success. return 1 diff --git a/speakeasy/winenv/api/usermode/iphlpapi.py b/speakeasy/winenv/api/usermode/iphlpapi.py index 9bde5bf1..797876c1 100644 --- a/speakeasy/winenv/api/usermode/iphlpapi.py +++ b/speakeasy/winenv/api/usermode/iphlpapi.py @@ -25,7 +25,6 @@ def __init__(self, emu): @apihook("GetAdaptersInfo", argc=2) def GetAdaptersInfo(self, emu, argv, ctx: api.ApiContext = None): - ctx = ctx or {} ptr_adapter_info, size_ptr = argv rv = 0 diff --git a/speakeasy/winenv/api/usermode/kernel32.py b/speakeasy/winenv/api/usermode/kernel32.py index cc6ee70a..f8b4d179 100644 --- a/speakeasy/winenv/api/usermode/kernel32.py +++ b/speakeasy/winenv/api/usermode/kernel32.py @@ -245,7 +245,6 @@ def GetThreadLocale(self, emu, argv, ctx: api.ApiContext = None): """ LCID GetThreadLocale(); """ - ctx = ctx or {} return 0xC000 @apihook("SetThreadLocale", argc=1) @@ -255,7 +254,6 @@ def SetThreadLocale(self, emu, argv, ctx: api.ApiContext = None): LCID Locale ); """ - ctx = ctx or {} (lcid,) = argv return lcid @@ -268,7 +266,6 @@ def IsValidLocale(self, emu, argv, ctx: api.ApiContext = None): DWORD dwFlags ); """ - ctx = ctx or {} lcid, flags = argv return True @@ -296,7 +293,6 @@ def GetThreadTimes(self, emu, argv, ctx: api.ApiContext = None): LPFILETIME lpUserTime ); """ - ctx = ctx or {} hnd, lpCreationTime, lpExitTime, lpKernelTime, lpUserTime = argv if lpCreationTime: @@ -308,7 +304,6 @@ def GetProcessHeap(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE GetProcessHeap(); """ - ctx = ctx or {} if not self.heaps: heap = self.create_heap(emu) @@ -323,7 +318,6 @@ def GetProcessVersion(self, emu, argv, ctx: api.ApiContext = None): DWORD ProcessId ); """ - ctx = ctx or {} ver = self.emu.config.os_ver major = ver.major @@ -340,7 +334,6 @@ def DisableThreadLibraryCalls(self, emu, argv, ctx: api.ApiContext = None): HMODULE hLibModule ); """ - ctx = ctx or {} (hLibModule,) = argv @@ -435,7 +428,6 @@ def CreateToolhelp32Snapshot(self, emu, argv, ctx: api.ApiContext = None): DWORD th32ProcessID ); """ - ctx = ctx or {} ( dwFlags, @@ -598,7 +590,6 @@ def Thread32First(self, emu, argv, ctx: api.ApiContext = None): LPTHREADENTRY32 lpte ); """ - ctx = ctx or {} ( hSnapshot, @@ -631,7 +622,6 @@ def Thread32Next(self, emu, argv, ctx: api.ApiContext = None): LPTHREADENTRY32 lpte ); """ - ctx = ctx or {} ( hSnapshot, @@ -762,7 +752,6 @@ def OpenProcess(self, emu, argv, ctx: api.ApiContext = None): DWORD dwProcessId ); """ - ctx = ctx or {} access, inherit, pid = argv @@ -818,7 +807,6 @@ def TerminateProcess(self, emu, argv, ctx: api.ApiContext = None): UINT uExitCode ); """ - ctx = ctx or {} hProcess, uExitCode = argv rv = False @@ -838,7 +826,6 @@ def FreeLibraryAndExitThread(self, emu, argv, ctx: api.ApiContext = None): DWORD dwExitCode ); """ - ctx = ctx or {} emu.exit_process() return @@ -849,7 +836,6 @@ def ExitThread(self, emu, argv, ctx: api.ApiContext = None): DWORD dwExitCode ); """ - ctx = ctx or {} emu.exit_process() return @@ -861,7 +847,6 @@ def WinExec(self, emu, argv, ctx: api.ApiContext = None): UINT uCmdShow ); """ - ctx = ctx or {} lpCmdLine, uCmdShow = argv rv = 1 @@ -1008,7 +993,6 @@ def VirtualAlloc(self, emu, argv, ctx: api.ApiContext = None): _In_ DWORD flAllocationType, _In_ DWORD flProtect );""" - ctx = ctx or {} lpAddress, dwSize, flAllocationType, flProtect = argv buf = 0 @@ -1071,7 +1055,6 @@ def VirtualAllocEx(self, emu, argv, ctx: api.ApiContext = None): DWORD flProtect ); """ - ctx = ctx or {} hProcess, lpAddress, dwSize, flAllocationType, flProtect = argv buf = 0 @@ -1134,7 +1117,6 @@ def WriteProcessMemory(self, emu, argv, ctx: api.ApiContext = None): SIZE_T *lpNumberOfBytesWritten ); """ - ctx = ctx or {} hProcess, lpBaseAddress, lpBuffer, nSize, lpNumberOfBytesWritten = argv rv = False @@ -1173,7 +1155,6 @@ def ReadProcessMemory(self, emu, argv, ctx: api.ApiContext = None): SIZE_T *lpNumberOfBytesRead ); """ - ctx = ctx or {} hProcess, lpBaseAddress, lpBuffer, nSize, lpNumberOfBytesRead = argv rv = False @@ -1218,7 +1199,6 @@ def CreateRemoteThread(self, emu, argv, ctx: api.ApiContext = None): LPDWORD lpThreadId ); """ - ctx = ctx or {} (hProcess, lpThreadAttributes, dwStackSize, lpStartAddress, lpParameter, dwCreationFlags, lpThreadId) = argv is_remote = False @@ -1266,7 +1246,6 @@ def CreateThread(self, emu, argv, ctx: api.ApiContext = None): LPDWORD lpThreadId ); """ - ctx = ctx or {} (lpThreadAttributes, dwStackSize, lpStartAddress, lpParameter, dwCreationFlags, lpThreadId) = argv proc_obj = emu.get_current_process() @@ -1300,7 +1279,6 @@ def ResumeThread(self, emu, argv, ctx: api.ApiContext = None): HANDLE hThread ); """ - ctx = ctx or {} (hThread,) = argv rv = -1 obj = self.get_object_from_handle(hThread) @@ -1340,7 +1318,6 @@ def SuspendThread(self, emu, argv, ctx: api.ApiContext = None): HANDLE hThread ); """ - ctx = ctx or {} (hThread,) = argv rv = -1 obj = self.get_object_from_handle(hThread) @@ -1359,7 +1336,6 @@ def TerminateThread(self, emu, argv, ctx: api.ApiContext = None): [in] DWORD dwExitCode ); """ - ctx = ctx or {} hThread, dwExitCode = argv rv = 0 obj = self.get_object_from_handle(hThread) @@ -1378,7 +1354,6 @@ def GetThreadId(self, emu, argv, ctx: api.ApiContext = None): HANDLE Thread ); """ - ctx = ctx or {} (Thread,) = argv if not Thread: @@ -1400,7 +1375,6 @@ def VirtualQuery(self, emu, argv, ctx: api.ApiContext = None): SIZE_T dwLength ); """ - ctx = ctx or {} rv = 0 lpAddress, lpBuffer, dwLength = argv @@ -1436,7 +1410,6 @@ def VirtualProtect(self, emu, argv, ctx: api.ApiContext = None): _In_ DWORD flNewProtect, _Out_ PDWORD lpflOldProtect );""" - ctx = ctx or {} rv = 0 mm = None new = 0 @@ -1512,7 +1485,6 @@ def VirtualFree(self, emu, argv, ctx: api.ApiContext = None): DWORD dwFreeType ); """ - ctx = ctx or {} rv = 0 lpAddress, dwSize, dwFreeType = argv @@ -1532,7 +1504,6 @@ def GetCurrentProcess(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE GetCurrentProcess(); """ - ctx = ctx or {} rv = self.get_max_int() @@ -1541,7 +1512,6 @@ def GetCurrentProcess(self, emu, argv, ctx: api.ApiContext = None): @apihook("GetVersion", argc=0) def GetVersion(self, emu, argv, ctx: api.ApiContext = None): """NOT_BUILD_WINDOWS_DEPRECATE DWORD GetVersion();""" - ctx = ctx or {} ver = self.emu.config.os_ver build = ver.build @@ -1555,7 +1525,6 @@ def GetVersion(self, emu, argv, ctx: api.ApiContext = None): @apihook("GetLastError", argc=0) def GetLastError(self, emu, argv, ctx: api.ApiContext = None): """DWORD WINAPI GetLastError(void);""" - ctx = ctx or {} rv = emu.get_last_error() @@ -1571,7 +1540,6 @@ def SetLastError(self, emu, argv, ctx: api.ApiContext = None): DWORD dwErrCode ); """ - ctx = ctx or {} (dwErrCode,) = argv emu.set_last_error(dwErrCode) @@ -1587,7 +1555,6 @@ def SetHandleInformation(self, emu, argv, ctx: api.ApiContext = None): DWORD dwFlags ); """ - ctx = ctx or {} # Non-zero value for success. rv = 1 @@ -1602,7 +1569,6 @@ def GetHandleInformation(self, emu, argv, ctx: api.ApiContext = None): LPDWORD lpdwFlags ); """ - ctx = ctx or {} # Non-zero value for success. rv = 1 @@ -1614,7 +1580,6 @@ def ExitProcess(self, emu, argv, ctx: api.ApiContext = None): """void ExitProcess( UINT uExitCode );""" - ctx = ctx or {} self.exit_process() return 0 @@ -1628,7 +1593,6 @@ def SystemTimeToTzSpecificLocalTime(self, emu, argv, ctx: api.ApiContext = None) LPSYSTEMTIME lpLocalTime ); """ - ctx = ctx or {} return True @apihook("FileTimeToSystemTime", argc=2) @@ -1639,7 +1603,6 @@ def FileTimeToSystemTime(self, emu, argv, ctx: api.ApiContext = None): LPSYSTEMTIME lpSystemTime ); """ - ctx = ctx or {} lpFileTime, lpSystemTime = argv @@ -1671,7 +1634,6 @@ def GetSystemTimeAsFileTime(self, emu, argv, ctx: api.ApiContext = None): """void GetSystemTimeAsFileTime( LPFILETIME lpSystemTimeAsFileTime );""" - ctx = ctx or {} (lpSystemTimeAsFileTime,) = argv ft = self.k32types.FILETIME(emu.get_ptr_size()) @@ -1707,7 +1669,6 @@ def SetThreadErrorMode(self, emu, argv, ctx: api.ApiContext = None): LPDWORD lpOldMode ); """ - ctx = ctx or {} dwNewMode, lpOldMode = argv @@ -1720,7 +1681,6 @@ def SetDefaultDllDirectories(self, emu, argv, ctx: api.ApiContext = None): DWORD DirectoryFlags ); """ - ctx = ctx or {} return True @@ -1747,7 +1707,6 @@ def GetLocalTime(self, emu, argv, ctx: api.ApiContext = None): LPSYSTEMTIME lpSystemTime ); """ - ctx = ctx or {} return self.GetSystemTime(emu, argv) @apihook("GetSystemTime", argc=1) @@ -1756,7 +1715,6 @@ def GetSystemTime(self, emu, argv, ctx: api.ApiContext = None): void GetSystemTime( LPSYSTEMTIME lpSystemTime );""" - ctx = ctx or {} (lpSystemTime,) = argv st = self.k32types.SYSTEMTIME(emu.get_ptr_size()) @@ -1779,7 +1737,6 @@ def GetTimeZoneInformation(self, emu, argv, ctx: api.ApiContext = None): """DWORD GetTimeZoneInformation( LPTIME_ZONE_INFORMATION lpTimeZoneInformation );""" - ctx = ctx or {} (lpTimeZoneInformation,) = argv if lpTimeZoneInformation: @@ -1790,7 +1747,6 @@ def GetTimeZoneInformation(self, emu, argv, ctx: api.ApiContext = None): @apihook("GetCurrentThreadId", argc=0) def GetCurrentThreadId(self, emu, argv, ctx: api.ApiContext = None): """DWORD GetCurrentThreadId();""" - ctx = ctx or {} thread = emu.get_current_thread() rv = thread.id @@ -1800,7 +1756,6 @@ def GetCurrentThreadId(self, emu, argv, ctx: api.ApiContext = None): @apihook("GetCurrentProcessId", argc=0) def GetCurrentProcessId(self, emu, argv, ctx: api.ApiContext = None): """DWORD GetCurrentProcessId();""" - ctx = ctx or {} proc = emu.get_current_process() rv = proc.id @@ -1812,7 +1767,6 @@ def IsProcessorFeaturePresent(self, emu, argv, ctx: api.ApiContext = None): """BOOL IsProcessorFeaturePresent( DWORD ProcessorFeature );""" - ctx = ctx or {} rv = 1 """ @@ -1929,7 +1883,6 @@ def QueryPerformanceCounter(self, emu, argv, ctx: api.ApiContext = None): """BOOL WINAPI QueryPerformanceCounter( _Out_ LARGE_INTEGER *lpPerformanceCount );""" - ctx = ctx or {} (lpPerformanceCount,) = argv rv = 1 @@ -2010,7 +1963,6 @@ def GetProcAddress(self, emu, argv, ctx: api.ApiContext = None): HMODULE hModule, LPCSTR lpProcName );""" - ctx = ctx or {} hmod, proc_name = argv rv = 0 @@ -2043,7 +1995,6 @@ def GetProcAddress(self, emu, argv, ctx: api.ApiContext = None): @apihook("AllocConsole", argc=0) def AllocConsole(self, emu, argv, ctx: api.ApiContext = None): """BOOL WINAPI AllocConsole(void);""" - ctx = ctx or {} # On success, return != 0 return 1 @@ -2051,7 +2002,6 @@ def AllocConsole(self, emu, argv, ctx: api.ApiContext = None): @apihook("GetConsoleWindow", argc=0) def GetConsoleWindow(self, emu, argv, ctx: api.ApiContext = None): """HWND WINAPI GetConsoleWindow(void);""" - ctx = ctx or {} hwnd = 0 proc = emu.get_current_process() @@ -2065,7 +2015,6 @@ def GetConsoleWindow(self, emu, argv, ctx: api.ApiContext = None): @apihook("Sleep", argc=1) def Sleep(self, emu, argv, ctx: api.ApiContext = None): """void Sleep(DWORD dwMilliseconds);""" - ctx = ctx or {} (millisec,) = argv return @@ -2073,7 +2022,6 @@ def Sleep(self, emu, argv, ctx: api.ApiContext = None): @apihook("SleepEx", argc=2) def SleepEx(self, emu, argv, ctx: api.ApiContext = None): """DWORD SleepEx(DWORD dwMilliseconds, BOOL bAlertable);""" - ctx = ctx or {} millisec, bAlertable = argv return @@ -2086,7 +2034,6 @@ def GlobalAlloc(self, emu, argv, ctx: api.ApiContext = None): SIZE_T dwBytes ); """ - ctx = ctx or {} uFlags, dwBytes = argv @@ -2101,7 +2048,6 @@ def GlobalSize(self, emu, argv, ctx: api.ApiContext = None): [in] HGLOBAL hMem ); """ - ctx = ctx or {} (hMem,) = argv size = 0 @@ -2123,7 +2069,6 @@ def GlobalFlags(self, emu, argv, ctx: api.ApiContext = None): [in] HGLOBAL hMem ); """ - ctx = ctx or {} (hMem,) = argv flags = 0 for mmap in emu.get_mem_maps(): @@ -2145,7 +2090,6 @@ def LocalAlloc(self, emu, argv, ctx: api.ApiContext = None): SIZE_T uBytes ); """ - ctx = ctx or {} uFlags, dwBytes = argv @@ -2162,7 +2106,6 @@ def HeapAlloc(self, emu, argv, ctx: api.ApiContext = None): SIZE_T dwBytes ); """ - ctx = ctx or {} hHeap, dwFlags, dwBytes = argv @@ -2181,7 +2124,6 @@ def HeapSize(self, emu, argv, ctx: api.ApiContext = None): LPCVOID lpMem ); """ - ctx = ctx or {} hHeap, dwFlags, lpMem = argv @@ -2201,7 +2143,6 @@ def GetTickCount(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetTickCount(); """ - ctx = ctx or {} self.tick_counter += 20 @@ -2212,7 +2153,6 @@ def GetTickCount64(self, emu, argv, ctx: api.ApiContext = None): """ ULONGLONG GetTickCount64(); """ - ctx = ctx or {} self.tick_counter += 20 @@ -2295,7 +2235,6 @@ def IsBadReadPtr(self, emu, argv, ctx: api.ApiContext = None): UINT_PTR ucb ); """ - ctx = ctx or {} lp, ucb = argv @@ -2320,7 +2259,6 @@ def HeapReAlloc(self, emu, argv, ctx: api.ApiContext = None): SIZE_T dwBytes ); """ - ctx = ctx or {} hHeap, dwFlags, lpMem, dwBytes = argv @@ -2346,7 +2284,6 @@ def LocalReAlloc(self, emu, argv, ctx: api.ApiContext = None): UINT uFlags ); """ - ctx = ctx or {} hMem, uBytes, uFlags = argv @@ -2372,7 +2309,6 @@ def HeapCreate(self, emu, argv, ctx: api.ApiContext = None): SIZE_T dwMaximumSize ); """ - ctx = ctx or {} flOptions, dwInitialSize, dwMaximumSize = argv @@ -2385,7 +2321,6 @@ def GetCurrentThread(self, emu, argv, ctx: api.ApiContext = None): """ HANDLE GetCurrentThread(); """ - ctx = ctx or {} thread = emu.get_current_thread() obj = emu.om.get_object_from_addr(thread.address) return emu.get_object_handle(obj) @@ -2395,7 +2330,6 @@ def TlsAlloc(self, emu, argv, ctx: api.ApiContext = None): """ DWORD TlsAlloc(); """ - ctx = ctx or {} thread = emu.get_current_thread() tls = thread.tls @@ -2414,7 +2348,6 @@ def TlsSetValue(self, emu, argv, ctx: api.ApiContext = None): LPVOID lpTlsValue ); """ - ctx = ctx or {} dwTlsIndex, lpTlsValue = argv rv = 0 @@ -2439,7 +2372,6 @@ def TlsGetValue(self, emu, argv, ctx: api.ApiContext = None): DWORD dwTlsIndex ); """ - ctx = ctx or {} (dwTlsIndex,) = argv dwTlsIndex &= 0xFFFFFFFF rv = 0 @@ -2462,7 +2394,6 @@ def FlsAlloc(self, emu, argv, ctx: api.ApiContext = None): PFLS_CALLBACK_FUNCTION lpCallback ); """ - ctx = ctx or {} thread = emu.get_current_thread() fls = thread.fls @@ -2481,7 +2412,6 @@ def FlsSetValue(self, emu, argv, ctx: api.ApiContext = None): PVOID lpFlsData ); """ - ctx = ctx or {} dwFlsIndex, lpFlsData = argv rv = 0 @@ -2509,7 +2439,6 @@ def FlsGetValue(self, emu, argv, ctx: api.ApiContext = None): DWORD dwFlsIndex ); """ - ctx = ctx or {} (dwFlsIndex,) = argv rv = 0 @@ -2531,7 +2460,6 @@ def EncodePointer(self, emu, argv, ctx: api.ApiContext = None): _In_ PVOID Ptr ); """ - ctx = ctx or {} (Ptr,) = argv # Just increment the pointer for now @@ -2546,7 +2474,6 @@ def DecodePointer(self, emu, argv, ctx: api.ApiContext = None): PVOID Ptr ); """ - ctx = ctx or {} (Ptr,) = argv # Just decrement the pointer for now @@ -2562,7 +2489,6 @@ def InitializeCriticalSectionAndSpinCount(self, emu, argv, ctx: api.ApiContext = DWORD dwSpinCount ); """ - ctx = ctx or {} lpCriticalSection, dwSpinCount = argv rv = 1 @@ -2576,7 +2502,6 @@ def EnterCriticalSection(self, emu, argv, ctx: api.ApiContext = None): LPCRITICAL_SECTION lpCriticalSection ); """ - ctx = ctx or {} return @@ -2587,7 +2512,6 @@ def LeaveCriticalSection(self, emu, argv, ctx: api.ApiContext = None): LPCRITICAL_SECTION lpCriticalSection ); """ - ctx = ctx or {} return @@ -2598,7 +2522,6 @@ def InterlockedIncrement(self, emu, argv, ctx: api.ApiContext = None): LONG volatile *Addend ); """ - ctx = ctx or {} (Addend,) = argv @@ -2617,7 +2540,6 @@ def InterlockedDecrement(self, emu, argv, ctx: api.ApiContext = None): LONG volatile *Addend ); """ - ctx = ctx or {} (Addend,) = argv @@ -2721,7 +2643,6 @@ def FreeEnvironmentStrings(self, emu, argv, ctx: api.ApiContext = None): LPCH penv ); """ - ctx = ctx or {} (penv,) = argv @@ -2840,7 +2761,6 @@ def GetStdHandle(self, emu, argv, ctx: api.ApiContext = None): _In_ DWORD nStdHandle ); """ - ctx = ctx or {} (nStdHandle,) = argv @@ -2856,7 +2776,6 @@ def GetFileType(self, emu, argv, ctx: api.ApiContext = None): HANDLE hFile ); """ - ctx = ctx or {} FILE_TYPE_DISK = 1 (hFile,) = argv @@ -2870,7 +2789,6 @@ def SetHandleCount(self, emu, argv, ctx: api.ApiContext = None): UINT uNumber ); """ - ctx = ctx or {} (uNumber,) = argv emu.set_last_error(windefs.ERROR_INVALID_HANDLE) @@ -2882,7 +2800,6 @@ def GetACP(self, emu, argv, ctx: api.ApiContext = None): """ UINT GetACP(); """ - ctx = ctx or {} windows_1252 = 1252 @@ -2895,7 +2812,6 @@ def IsValidCodePage(self, emu, argv, ctx: api.ApiContext = None): UINT CodePage ); """ - ctx = ctx or {} (CodePage,) = argv @@ -2909,7 +2825,6 @@ def GetCPInfo(self, emu, argv, ctx: api.ApiContext = None): LPCPINFO lpCPInfo ); """ - ctx = ctx or {} CodePage, lpCPInfo = argv @@ -2933,7 +2848,6 @@ def WideCharToMultiByte(self, emu, argv, ctx: api.ApiContext = None): LPBOOL lpUsedDefaultChar ); """ - ctx = ctx or {} rv = 0 @@ -2995,7 +2909,6 @@ def MultiByteToWideChar(self, emu, argv, ctx: api.ApiContext = None): int cchWideChar ); """ - ctx = ctx or {} (CodePage, dwFlags, lpMultiByteStr, cbMultiByte, lpWideCharStr, cchWideChar) = argv @@ -3168,7 +3081,6 @@ def LCMapStringEx(self, emu, argv, ctx: api.ApiContext = None): LPARAM sortHandle ); """ - ctx = ctx or {} (lpLocaleName, dwMapFlags, lpSrcStr, cchSrc, lpDestStr, cchDest, ver_info, res, sort_handle) = argv @@ -3240,7 +3152,6 @@ def HeapFree(self, emu, argv, ctx: api.ApiContext = None): _Frees_ptr_opt_ LPVOID lpMem ); """ - ctx = ctx or {} rv = 1 hHeap, dwFlags, lpMem = argv @@ -3255,7 +3166,6 @@ def LocalFree(self, emu, argv, ctx: api.ApiContext = None): _Frees_ptr_opt_ HLOCAL hMem ); """ - ctx = ctx or {} rv = 0 (hMem,) = argv @@ -3273,7 +3183,6 @@ def GlobalHandle(self, emu, argv, ctx: api.ApiContext = None): LPCVOID pMem ); """ - ctx = ctx or {} (pMem,) = argv return pMem @@ -3284,7 +3193,6 @@ def GlobalUnlock(self, emu, argv, ctx: api.ApiContext = None): HGLOBAL hMem ); """ - ctx = ctx or {} return 0 @apihook("GlobalFree", argc=1) @@ -3294,7 +3202,6 @@ def GlobalFree(self, emu, argv, ctx: api.ApiContext = None): _Frees_ptr_opt_ HGLOBAL hMem ); """ - ctx = ctx or {} return 0 @apihook("GetSystemDirectory", argc=2) @@ -3339,7 +3246,6 @@ def IsDBCSLeadByte(self, emu, argv, ctx: api.ApiContext = None): BYTE TestChar ); """ - ctx = ctx or {} return True @apihook("SetEnvironmentVariable", argc=2) @@ -3428,7 +3334,6 @@ def MapViewOfFile(self, emu, argv, ctx: api.ApiContext = None): SIZE_T dwNumberOfBytesToMap ); """ - ctx = ctx or {} hmap, access, offset_high, offset_low, bytes_to_map = argv fman = emu.get_file_manager() @@ -3500,7 +3405,6 @@ def UnmapViewOfFile(self, emu, argv, ctx: api.ApiContext = None): LPCVOID lpBaseAddress ); """ - ctx = ctx or {} (lpBaseAddress,) = argv rv = False @@ -3521,7 +3425,6 @@ def GetSystemInfo(self, emu, argv, ctx: api.ApiContext = None): LPSYSTEM_INFO lpSystemInfo ); """ - ctx = ctx or {} (lpSystemInfo,) = argv ptr_size = emu.get_ptr_size() si = self.k32types.SYSTEM_INFO(ptr_size) @@ -3618,7 +3521,6 @@ def GetFileTime(self, emu, argv, ctx: api.ApiContext = None): LPFILETIME lpLastWriteTime ); """ - ctx = ctx or {} _hFile, lpCreationTime, lpLastAccessTime, lpLastWriteTime = argv ft = self.k32types.FILETIME(emu.get_ptr_size()) @@ -3647,7 +3549,6 @@ def SetFileTime(self, emu, argv, ctx: api.ApiContext = None): const FILETIME *lpLastWriteTime ); """ - ctx = ctx or {} emu.set_last_error(windefs.ERROR_SUCCESS) return True @@ -3912,7 +3813,6 @@ def ReadFile(self, emu, argv, ctx: api.ApiContext = None): LPOVERLAPPED lpOverlapped ); """ - ctx = ctx or {} def _write_output(emu, data, pBuffer, pBytesRead): self.mem_write(pBuffer, data) @@ -3961,7 +3861,6 @@ def WriteFile(self, emu, argv, ctx: api.ApiContext = None): LPOVERLAPPED lpOverlapped ); """ - ctx = ctx or {} hFile, lpBuffer, num_bytes, bytes_written, lpOverlapped = argv rv = 0 @@ -4028,7 +3927,6 @@ def SetFilePointer(self, emu, argv, ctx: api.ApiContext = None): DWORD dwMoveMethod ); """ - ctx = ctx or {} hFile, lDistanceToMove, lpDistanceToMoveHigh, dwMoveMethod = argv rv = 0 @@ -4051,7 +3949,6 @@ def SetFilePointerEx(self, emu, argv, ctx: api.ApiContext = None): [in] DWORD dwMoveMethod ); """ - ctx = ctx or {} hFile, lDistanceToMove, lpNewFilePointer, dwMoveMethod = argv f = self.file_get(hFile) if f: @@ -4070,7 +3967,6 @@ def GetFileSize(self, emu, argv, ctx: api.ApiContext = None): LPDWORD lpFileSizeHigh ); """ - ctx = ctx or {} hFile, lpFileSizeHigh = argv f = self.file_get(hFile) @@ -4099,7 +3995,6 @@ def GetFileSizeEx(self, emu, argv, ctx: api.ApiContext = None): PLARGE_INTEGER lpFileSize ); """ - ctx = ctx or {} hFile, lpFileSize = argv f = self.file_get(hFile) @@ -4120,7 +4015,6 @@ def CloseHandle(self, emu, argv, ctx: api.ApiContext = None): HANDLE hObject ); """ - ctx = ctx or {} (hObject,) = argv reg_key = emu.reg_get_key(handle=hObject) @@ -4144,7 +4038,6 @@ def SetEndOfFile(self, emu, argv, ctx: api.ApiContext = None): HANDLE hFile ); """ - ctx = ctx or {} return True @apihook("IsDebuggerPresent", argc=0) @@ -4152,7 +4045,6 @@ def IsDebuggerPresent(self, emu, argv, ctx: api.ApiContext = None): """ BOOL IsDebuggerPresent(); """ - ctx = ctx or {} return False @@ -4309,7 +4201,6 @@ def SetWaitableTimer(self, emu, argv, ctx: api.ApiContext = None): BOOL fResume ); """ - ctx = ctx or {} hTimer, _due_time, _period, _completion_routine, _completion_arg, _resume = argv obj = self.get_object_from_handle(hTimer) @@ -4327,7 +4218,6 @@ def CancelWaitableTimer(self, emu, argv, ctx: api.ApiContext = None): HANDLE hTimer ); """ - ctx = ctx or {} (hTimer,) = argv obj = self.get_object_from_handle(hTimer) @@ -4374,7 +4264,6 @@ def SetEvent(self, emu, argv, ctx: api.ApiContext = None): HANDLE hEvent ); """ - ctx = ctx or {} (hEvent,) = argv obj = self.get_object_from_handle(hEvent) @@ -4392,7 +4281,6 @@ def SetUnhandledExceptionFilter(self, emu, argv, ctx: api.ApiContext = None): LPTOP_LEVEL_EXCEPTION_FILTER lpTopLevelExceptionFilter ); """ - ctx = ctx or {} (lpTopLevelExceptionFilter,) = argv emu.set_unhandled_exception_handler(lpTopLevelExceptionFilter) @@ -4406,7 +4294,6 @@ def DeleteCriticalSection(self, emu, argv, ctx: api.ApiContext = None): LPCRITICAL_SECTION lpCriticalSection ); """ - ctx = ctx or {} return None @@ -4417,7 +4304,6 @@ def FlsFree(self, emu, argv, ctx: api.ApiContext = None): DWORD dwFlsIndex ); """ - ctx = ctx or {} return True @@ -4428,7 +4314,6 @@ def TlsFree(self, emu, argv, ctx: api.ApiContext = None): DWORD dwTlsIndex ); """ - ctx = ctx or {} return True @@ -4440,7 +4325,6 @@ def ProcessIdToSessionId(self, emu, argv, ctx: api.ApiContext = None): DWORD *pSessionId ); """ - ctx = ctx or {} dwProcessId, pSessionId = argv rv = False @@ -4465,7 +4349,6 @@ def InitializeCriticalSectionEx(self, emu, argv, ctx: api.ApiContext = None): DWORD Flags ); """ - ctx = ctx or {} emu.set_last_error(windefs.ERROR_SUCCESS) return True @@ -4477,7 +4360,6 @@ def InitializeCriticalSection(self, emu, argv, ctx: api.ApiContext = None): LPCRITICAL_SECTION lpCriticalSection ); """ - ctx = ctx or {} emu.set_last_error(windefs.ERROR_SUCCESS) return None @@ -4487,7 +4369,6 @@ def GetOEMCP(self, emu, argv, ctx: api.ApiContext = None): """ UINT GetOEMCP(); """ - ctx = ctx or {} return 1200 @apihook("GlobalLock", argc=1) @@ -4497,7 +4378,6 @@ def GlobalLock(self, emu, argv, ctx: api.ApiContext = None): HGLOBAL hMem ); """ - ctx = ctx or {} (hMem,) = argv emu.set_last_error(windefs.ERROR_SUCCESS) @@ -4510,7 +4390,6 @@ def LocalLock(self, emu, argv, ctx: api.ApiContext = None): HGLOBAL hMem ); """ - ctx = ctx or {} (hMem,) = argv emu.set_last_error(windefs.ERROR_SUCCESS) @@ -4523,7 +4402,6 @@ def HeapDestroy(self, emu, argv, ctx: api.ApiContext = None): HANDLE hHeap ); """ - ctx = ctx or {} return True @@ -4534,7 +4412,6 @@ def InitializeSListHead(self, emu, argv, ctx: api.ApiContext = None): PSLIST_HEADER ListHead ); """ - ctx = ctx or {} (ListHead,) = argv self.mem_write(ListHead, b"\x00" * 8) @@ -4548,7 +4425,6 @@ def FreeLibrary(self, emu, argv, ctx: api.ApiContext = None): HMODULE hLibModule ); """ - ctx = ctx or {} return True @@ -4560,7 +4436,6 @@ def WaitForSingleObject(self, emu, argv, ctx: api.ApiContext = None): DWORD dwMilliseconds ); """ - ctx = ctx or {} hHandle, dwMilliseconds = argv # TODO @@ -4579,7 +4454,6 @@ def GetConsoleMode(self, emu, argv, ctx: api.ApiContext = None): _Out_ LPDWORD lpMode ); """ - ctx = ctx or {} return True @@ -4593,7 +4467,6 @@ def HeapSetInformation(self, emu, argv, ctx: api.ApiContext = None): SIZE_T HeapInformationLength ); """ - ctx = ctx or {} return True @@ -4604,7 +4477,6 @@ def SetErrorMode(self, emu, argv, ctx: api.ApiContext = None): UINT uMode ); """ - ctx = ctx or {} return 0 @apihook("InterlockedCompareExchange", argc=3) @@ -4616,7 +4488,6 @@ def InterlockedCompareExchange(self, emu, argv, ctx: api.ApiContext = None): LONG Comperand ); """ - ctx = ctx or {} pDest, ExChange, Comperand = argv dest_bytes = self.mem_read(pDest, 4) @@ -4635,7 +4506,6 @@ def InterlockedExchange(self, emu, argv, ctx: api.ApiContext = None): LONG Value ); """ - ctx = ctx or {} Target, Value = argv tgt = self.mem_read(Target, 4) tgt = int.from_bytes(tgt, "little") @@ -4694,7 +4564,6 @@ def CreatePipe(self, emu, argv, ctx: api.ApiContext = None): DWORD nSize ); """ - ctx = ctx or {} hReadPipe, hWritePipe, lpPipeAttributes, nSize = argv if not hReadPipe or not hWritePipe: @@ -4723,7 +4592,6 @@ def PeekNamedPipe(self, emu, argv, ctx: api.ApiContext = None): LPDWORD lpBytesLeftThisMessage ); """ - ctx = ctx or {} (hNamedPipe, lpBuffer, nBufferSize, lpBytesRead, lpTotalBytesAvail, lpBytesLeftThisMessage) = argv pipe = emu.pipe_get(hNamedPipe) if not pipe: @@ -4748,7 +4616,6 @@ def ConnectNamedPipe(self, emu, argv, ctx: api.ApiContext = None): LPOVERLAPPED lpOverlapped ); """ - ctx = ctx or {} hNamedPipe, lpOverlapped = argv rv = False pipe = emu.pipe_get(hNamedPipe) @@ -4763,7 +4630,6 @@ def DisconnectNamedPipe(self, emu, argv, ctx: api.ApiContext = None): HANDLE hNamedPipe ); """ - ctx = ctx or {} (hNamedPipe,) = argv rv = False pipe = emu.pipe_get(hNamedPipe) @@ -4814,7 +4680,6 @@ def IsWow64Process(self, emu, argv, ctx: api.ApiContext = None): PBOOL Wow64Process ); """ - ctx = ctx or {} hProcess, Wow64Process = argv rv = False @@ -4832,7 +4697,6 @@ def CheckRemoteDebuggerPresent(self, emu, argv, ctx: api.ApiContext = None): PBOOL pbDebuggerPresent ); """ - ctx = ctx or {} hProcess, pbDebuggerPresent = argv rv = False @@ -4879,7 +4743,6 @@ def GetVersionEx(self, emu, argv, ctx: api.ApiContext = None): LPOSVERSIONINFO lpVersionInformation ); """ - ctx = ctx or {} (lpVersionInformation,) = argv osver = self.k32types.OSVERSIONINFO(emu.get_ptr_size()) @@ -4940,7 +4803,6 @@ def GetCurrentPackageId(self, emu, argv, ctx: api.ApiContext = None): BYTE *buffer ); """ - ctx = ctx or {} return windefs.ERROR_SUCCESS @apihook("AreFileApisANSI", argc=0) @@ -4948,7 +4810,6 @@ def AreFileApisANSI(self, emu, argv, ctx: api.ApiContext = None): """ BOOL AreFileApisANSI(); """ - ctx = ctx or {} return True @apihook("FindFirstFileEx", argc=6) @@ -5073,7 +4934,6 @@ def FindClose(self, emu, argv, ctx: api.ApiContext = None): HANDLE hFindFile ); """ - ctx = ctx or {} (hFindFile,) = argv @@ -5093,7 +4953,6 @@ def GetSystemTimes(self, emu, argv, ctx: api.ApiContext = None): PFILETIME lpUserTime ); """ - ctx = ctx or {} lpIdleTime, lpKernelTime, lpUserTime = argv @@ -5117,7 +4976,6 @@ def GetThreadContext(self, emu, argv, ctx: api.ApiContext = None): LPCONTEXT lpContext ); """ - ctx = ctx or {} hThread, lpContext = argv @@ -5139,7 +4997,6 @@ def SetThreadContext(self, emu, argv, ctx: api.ApiContext = None): const CONTEXT *lpContext ); """ - ctx = ctx or {} hThread, lpContext = argv @@ -5165,7 +5022,6 @@ def CompareFileTime(self, emu, argv, ctx: api.ApiContext = None): const FILETIME *lpFileTime2 ); """ - ctx = ctx or {} lpFileTime1, lpFileTime2 = argv rv = 0 @@ -5265,7 +5121,6 @@ def LoadResource(self, emu, argv, ctx: api.ApiContext = None): HRSRC hResInfo ); """ - ctx = ctx or {} hModule, hResInfo = argv @@ -5292,7 +5147,6 @@ def LockResource(self, emu, argv, ctx: api.ApiContext = None): HGLOBAL hResData ); """ - ctx = ctx or {} (hResData,) = argv @@ -5306,7 +5160,6 @@ def SizeofResource(self, emu, argv, ctx: api.ApiContext = None): HRSRC hResInfo ); """ - ctx = ctx or {} hModule, hResInfo = argv @@ -5327,7 +5180,6 @@ def FreeResource(self, emu, argv, ctx: api.ApiContext = None): [in] HGLOBAL hResData ); """ - ctx = ctx or {} return 0 @@ -5377,7 +5229,6 @@ def GetNativeSystemInfo(self, emu, argv, ctx: api.ApiContext = None): LPSYSTEM_INFO lpSystemInfo ); """ - ctx = ctx or {} (lpSystemInfo,) = argv return 0 @@ -5386,7 +5237,6 @@ def GetUserDefaultUILanguage(self, emu, argv, ctx: api.ApiContext = None): """ LANGID GetUserDefaultUILanguage(); """ - ctx = ctx or {} return 0xFFFF @apihook("SetCurrentDirectory", argc=1) @@ -5416,7 +5266,6 @@ def OpenThread(self, emu, argv, ctx: api.ApiContext = None): DWORD dwThreadId ); """ - ctx = ctx or {} access, bInheritHandle, dwThreadId = argv thread = emu.get_object_from_id(dwThreadId) hnd = emu.get_object_handle(thread) @@ -5434,7 +5283,6 @@ def RaiseException(self, emu, argv, ctx: api.ApiContext = None): const ULONG_PTR *lpArguments ); """ - ctx = ctx or {} # Stub dwExceptionCode, dwExceptionFlags, nNumberOfArguments, lpArguments = argv @@ -5449,7 +5297,6 @@ def VerSetConditionMask(self, emu, argv, ctx: api.ApiContext = None): BYTE Condition ); """ - ctx = ctx or {} # Stub con_mask, type_mask, cond = argv @@ -5464,7 +5311,6 @@ def VerifyVersionInfo(self, emu, argv, ctx: api.ApiContext = None): DWORDLONG dwlConditionMask ); """ - ctx = ctx or {} # Stub vinfo, type_mask, con_mask = argv @@ -5475,7 +5321,6 @@ def FreeConsole(self, emu, argv, ctx: api.ApiContext = None): """ BOOL WINAPI FreeConsole(void); """ - ctx = ctx or {} return True @apihook("IsBadWritePtr", argc=2) @@ -5486,7 +5331,6 @@ def IsBadWritePtr(self, emu, argv, ctx: api.ApiContext = None): UINT_PTR ucb ); """ - ctx = ctx or {} lp, ucb = argv rv = True @@ -5532,7 +5376,6 @@ def GetSystemFirmwareTable(self, emu, argv, ctx: api.ApiContext = None): DWORD BufferSize ); """ - ctx = ctx or {} # Stub sig, tid, firm_buf, buf_size = argv @@ -5575,7 +5418,6 @@ def SetPriorityClass(self, emu, argv, ctx: api.ApiContext = None): DWORD dwPriorityClass ); """ - ctx = ctx or {} return 1 @apihook("SetProcessPriorityBoost", argc=2) @@ -5586,7 +5428,6 @@ def SetProcessPriorityBoost(self, emu, argv, ctx: api.ApiContext = None): BOOL bDisablePriorityBoost ); """ - ctx = ctx or {} emu.set_last_error(windefs.ERROR_SUCCESS) return 1 @@ -5622,7 +5463,6 @@ def GetExitCodeProcess(self, emu, argv, ctx: api.ApiContext = None): LPDWORD lpExitCode ); """ - ctx = ctx or {} hProcess, lpExitCode = argv if lpExitCode: self.mem_write(lpExitCode, b"\x00" * 4) @@ -5636,7 +5476,6 @@ def SetThreadPriority(self, emu, argv, ctx: api.ApiContext = None): int nPriority ); """ - ctx = ctx or {} return 1 @apihook("ReleaseMutex", argc=1) @@ -5646,7 +5485,6 @@ def ReleaseMutex(self, emu, argv, ctx: api.ApiContext = None): HANDLE hMutex ); """ - ctx = ctx or {} return 1 @apihook("GetShortPathName", argc=3) @@ -5730,7 +5568,6 @@ def QueueUserAPC(self, emu, argv, ctx: api.ApiContext = None): ULONG_PTR dwData ); """ - ctx = ctx or {} pfnAPC, hThread, dwData = argv run_type = f"apc_thread_{hThread:x}" self.create_thread(pfnAPC, dwData, 0, thread_type=run_type) @@ -5748,7 +5585,6 @@ def DuplicateHandle(self, emu, argv, ctx: api.ApiContext = None): DWORD dwOptions ) """ - ctx = ctx or {} return 1 @apihook("GetBinaryType", argc=2) @@ -5759,7 +5595,6 @@ def GetBinaryType(self, emu, argv, ctx: api.ApiContext = None): LPDWORD lpBinaryType ); """ - ctx = ctx or {} return 0 @apihook("GetThreadUILanguage", argc=0) @@ -5767,7 +5602,6 @@ def GetThreadUILanguage(self, emu, argv, ctx: api.ApiContext = None): """ LANGID GetThreadUILanguage(); """ - ctx = ctx or {} return 0xFFFF @apihook("SetConsoleHistoryInfo", argc=1) @@ -5777,7 +5611,6 @@ def SetConsoleHistoryInfo(self, emu, argv, ctx: api.ApiContext = None): _In_ PCONSOLE_HISTORY_INFO lpConsoleHistoryInfo ); """ - ctx = ctx or {} return 1 @apihook("GetFileInformationByHandle", argc=2) @@ -5788,7 +5621,6 @@ def GetFileInformationByHandle(self, emu, argv, ctx: api.ApiContext = None): LPBY_HANDLE_FILE_INFORMATION lpFileInformation ); """ - ctx = ctx or {} return 0 @apihook("GetCommProperties", argc=2) @@ -5799,7 +5631,6 @@ def GetCommProperties(self, emu, argv, ctx: api.ApiContext = None): LPCOMMPROP lpCommProp ); """ - ctx = ctx or {} return 0 @apihook("GetCommTimeouts", argc=2) @@ -5810,7 +5641,6 @@ def GetCommTimeouts(self, emu, argv, ctx: api.ApiContext = None): LPCOMMTIMEOUTS lpCommTimeouts ); """ - ctx = ctx or {} return 0 @apihook("AddAtom", argc=1) @@ -5898,7 +5728,6 @@ def DeleteAtom(self, emu, argv, ctx: api.ApiContext = None): ATOM nAtom ); """ - ctx = ctx or {} ATOM_RESERVED = 0xC000 (nAtom,) = argv @@ -5919,7 +5748,6 @@ def GetProcessHandleCount(self, emu, argv, ctx: api.ApiContext = None): PDWORD pdwHandleCount ); """ - ctx = ctx or {} return 0 @apihook("GetMailslotInfo", argc=5) @@ -5933,7 +5761,6 @@ def GetMailslotInfo(self, emu, argv, ctx: api.ApiContext = None): LPDWORD lpReadTimeout ); """ - ctx = ctx or {} return 0 @apihook("RtlZeroMemory", argc=2) @@ -5944,7 +5771,6 @@ def RtlZeroMemory(self, emu, argv, ctx: api.ApiContext = None): size_t Length ); """ - ctx = ctx or {} dest, length = argv buf = b"\x00" * length self.mem_write(dest, buf) @@ -5954,7 +5780,6 @@ def RtlMoveMemory(self, emu, argv, ctx: api.ApiContext = None): """ void RtlMoveMemory(void* pvDest, const void *pSrc, size_t Length); """ - ctx = ctx or {} dest, source, length = argv buf = self.mem_read(source, length) self.mem_write(dest, buf) @@ -5966,7 +5791,6 @@ def QueryPerformanceFrequency(self, emu, argv, ctx: api.ApiContext = None): LARGE_INTEGER *lpFrequency ); """ - ctx = ctx or {} lpFrequency = argv[0] self.mem_write(lpFrequency, (10000000).to_bytes(8, "little")) return 1 @@ -6038,7 +5862,6 @@ def FindVolumeClose(self, emu, argv, ctx: api.ApiContext = None): HANDLE hFindVolume ); """ - ctx = ctx or {} (hFindVolume,) = argv try: @@ -6058,7 +5881,6 @@ def CreateIoCompletionPort(self, emu, argv, ctx: api.ApiContext = None): _In_ DWORD NumberOfConcurrentThreads ); """ - ctx = ctx or {} FileHandle, ExistingCompletionPort, CompletionKey, NumberOfConcurrentThreads = argv # TODO: Implement completion port creation @@ -6112,7 +5934,6 @@ def GetLogicalDrives(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetLogicalDrives(); """ - ctx = ctx or {} dm = emu.get_drive_manager() rv = 0 for i, dl in enumerate(string.ascii_uppercase): @@ -6128,7 +5949,6 @@ def GlobalMemoryStatus(self, emu, argv, ctx: api.ApiContext = None): LPMEMORYSTATUS lpBuffer ); """ - ctx = ctx or {} return @apihook("GlobalMemoryStatusEx", argc=1) @@ -6150,7 +5970,6 @@ def GlobalMemoryStatusEx(self, emu, argv, ctx: api.ApiContext = None): DWORDLONG ullAvailExtendedVirtual; } MEMORYSTATUSEX, *LPMEMORYSTATUSEX; """ - ctx = ctx or {} GB = 1024 * 1024 * 1024 buf = struct.pack( ">> ctypes.windll.user32.GetKBCodePage() # 437 # https://docs.microsoft.com/en-us/windows/win32/intl/code-page-identifiers @@ -1515,7 +1443,6 @@ def GetClipboardViewer(self, emu, argv, ctx: api.ApiContext = None): """ HWND GetClipboardViewer(); """ - ctx = ctx or {} hnd = 0 desk = self.sessman.get_current_desktop() @@ -1529,7 +1456,6 @@ def GetClipboardOwner(self, emu, argv, ctx: api.ApiContext = None): """ HWND GetClipboardOwner(); """ - ctx = ctx or {} hnd = 0 desk = self.sessman.get_current_desktop() @@ -1543,7 +1469,6 @@ def GetMenuCheckMarkDimensions(self, emu, argv, ctx: api.ApiContext = None): """ LONG GetMenuCheckMarkDimensions(); """ - ctx = ctx or {} # >>> ctypes.windll.user32.GetMenuCheckMarkDimensions() # 983055 return 983055 @@ -1553,7 +1478,6 @@ def GetOpenClipboardWindow(self, emu, argv, ctx: api.ApiContext = None): """ HWND GetOpenClipboardWindow(); """ - ctx = ctx or {} hnd = 0 desk = self.sessman.get_current_desktop() @@ -1567,7 +1491,6 @@ def GetFocus(self, emu, argv, ctx: api.ApiContext = None): """ HWND GetFocus(); """ - ctx = ctx or {} hnd = 0 desk = self.sessman.get_current_desktop() @@ -1581,7 +1504,6 @@ def GetCursor(self, emu, argv, ctx: api.ApiContext = None): """ HCURSOR GetCursor(); """ - ctx = ctx or {} hnd = 0 desk = self.sessman.get_current_desktop() @@ -1595,7 +1517,6 @@ def GetClipboardSequenceNumber(self, emu, argv, ctx: api.ApiContext = None): """ DWORD GetClipboardSequenceNumber(); """ - ctx = ctx or {} # >>> ctypes.windll.user32.GetClipboardSequenceNumber() # 295 return 295 @@ -1605,7 +1526,6 @@ def GetCaretBlinkTime(self, emu, argv, ctx: api.ApiContext = None): """ UINT GetCaretBlinkTime(); """ - ctx = ctx or {} # >>> ctypes.windll.user32.GetCaretBlinkTime() # 530 return 530 @@ -1615,7 +1535,6 @@ def GetDoubleClickTime(self, emu, argv, ctx: api.ApiContext = None): """ UINT GetDoubleClickTime(); """ - ctx = ctx or {} # >>> ctypes.windll.user32.GetDoubleClickTime() # 500 return 500 @@ -1627,7 +1546,6 @@ def RegisterClipboardFormatA(self, emu, argv, ctx: api.ApiContext = None): LPCSTR lpszFormat ); """ - ctx = ctx or {} # Return a fake clipboard format ID. # Clipboard format IDs start at 0xC000 for custom formats. return 0xC000 @@ -1642,7 +1560,6 @@ def SystemParametersInfoA(self, emu, argv, ctx: api.ApiContext = None): UINT fWinIni ); """ - ctx = ctx or {} uiAction, uiParam, pvParam, fWinIni = argv # Many callers expect pvParam to be filled with something. @@ -1656,7 +1573,6 @@ def GetKeyboardLayout(self, emu, argv, ctx: api.ApiContext = None): DWORD idThread ); """ - ctx = ctx or {} # Return a fake HKL (keyboard layout handle). # Real HKLs are typically like 0x04090409 (LANG + device id). return 0x04090409 @@ -1671,7 +1587,6 @@ def EnumDisplayMonitors(self, emu, argv, ctx: api.ApiContext = None): LPARAM dwData ); """ - ctx = ctx or {} hdc, lprcClip, lpfnEnum, dwData = argv # Most callers expect TRUE to indicate success. @@ -1686,7 +1601,6 @@ def OemToCharA(self, emu, argv, ctx: api.ApiContext = None): LPSTR lpszDst ); """ - ctx = ctx or {} src, dst = argv # If destination buffer exists, copy source bytes into it. @@ -1713,7 +1627,6 @@ def CharPrevW(self, emu, argv, ctx: api.ApiContext = None): LPCWSTR lpszCurrent ); """ - ctx = ctx or {} start, current = argv # If current > start, return current - 2 (one WCHAR back) diff --git a/speakeasy/winenv/api/usermode/winhttp.py b/speakeasy/winenv/api/usermode/winhttp.py index 124127b8..df28ddee 100644 --- a/speakeasy/winenv/api/usermode/winhttp.py +++ b/speakeasy/winenv/api/usermode/winhttp.py @@ -49,7 +49,6 @@ def WinHttpOpen(self, emu, argv, ctx: api.ApiContext = None): DWORD dwFlags ); """ - ctx = ctx or {} ua, access, proxy, bypass, flags = argv @@ -77,7 +76,6 @@ def WinHttpConnect(self, emu, argv, ctx: api.ApiContext = None): IN DWORD dwReserved ); """ - ctx = ctx or {} hnd, server, port, reserve = argv if server: @@ -106,7 +104,6 @@ def WinHttpOpenRequest(self, emu, argv, ctx: api.ApiContext = None): IN DWORD dwFlags ); """ - ctx = ctx or {} hnd, verb, objname, ver, ref, accepts, flags = argv if verb: @@ -141,7 +138,6 @@ def WinHttpGetIEProxyConfigForCurrentUser(self, emu, argv, ctx: api.ApiContext = IN OUT WINHTTP_CURRENT_USER_IE_PROXY_CONFIG *pProxyConfig ); """ - ctx = ctx or {} (proxy_config,) = argv @@ -160,7 +156,6 @@ def WinHttpGetProxyForUrl(self, emu, argv, ctx: api.ApiContext = None): OUT WINHTTP_PROXY_INFO *pProxyInfo ); """ - ctx = ctx or {} hnd, url, proxopts, proxinfo = argv @@ -183,7 +178,6 @@ def WinHttpSetOption(self, emu, argv, ctx: api.ApiContext = None): IN DWORD_PTR dwContext ); """ - ctx = ctx or {} hnd, option, buff, buflen = argv return True @@ -201,7 +195,6 @@ def WinHttpSendRequest(self, emu, argv, ctx: api.ApiContext = None): IN DWORD_PTR dwContext ); """ - ctx = ctx or {} hnd, headers, hdrlen, lpOptional, dwOptionalLength, totlen, context = argv body = b"" @@ -234,7 +227,6 @@ def WinHttpReceiveResponse(self, emu, argv, ctx: api.ApiContext = None): IN LPVOID lpReserved ); """ - ctx = ctx or {} hnd, lpReserved = argv return True @@ -249,7 +241,6 @@ def WinHttpReadData(self, emu, argv, ctx: api.ApiContext = None): OUT LPDWORD lpdwNumberOfBytesRead ); """ - ctx = ctx or {} hnd, buf, size, bytes_read = argv rv = 1 @@ -276,7 +267,6 @@ def WinHttpCrackUrl(self, emu, argv, ctx: api.ApiContext = None): LPURL_COMPONENTS lpUrlComponents ); """ - ctx = ctx or {} pwszUrl, dwUrlLength, dwFlags, lpUrlComponents = argv cw = 2 # Wide rv = False @@ -320,7 +310,6 @@ def WinHttpAddRequestHeaders(self, emu, argv, ctx: api.ApiContext = None): DWORD dwModifiers ); """ - ctx = ctx or {} hnd, headers, dwHeaderlen, dwModfier = argv headers = self.read_wide_string(headers, dwHeaderlen) @@ -343,7 +332,6 @@ def WinHttpQueryHeaders(self, emu, argv, ctx: api.ApiContext = None): LPDWORD lpdwIndex ); """ - ctx = ctx or {} hnd, dwInfoLevel, name, buffer, bufferLen, index = argv header_query = windefs.get_header_query(dwInfoLevel) @@ -372,7 +360,6 @@ def WinHttpCloseHandle(self, emu, argv, ctx: api.ApiContext = None): HINTERNET hInternet ); """ - ctx = ctx or {} rv = 1 return rv diff --git a/speakeasy/winenv/api/usermode/wininet.py b/speakeasy/winenv/api/usermode/wininet.py index 9ea095d7..1e74dd9d 100644 --- a/speakeasy/winenv/api/usermode/wininet.py +++ b/speakeasy/winenv/api/usermode/wininet.py @@ -197,7 +197,6 @@ def InternetSetOption(self, emu, argv, ctx: api.ApiContext = None): DWORD dwBufferLength ); """ - ctx = ctx or {} hnd, option, buf, length = argv rv = 1 @@ -212,7 +211,6 @@ def InternetGetConnectedState(self, emu, argv, ctx: api.ApiContext = None): DWORD dwReserved ); """ - ctx = ctx or {} lpdwFlags, dwReserved = argv rv = True @@ -272,7 +270,6 @@ def InternetErrorDlg(self, emu, argv, ctx: api.ApiContext = None): LPVOID *lppvData ); """ - ctx = ctx or {} hWnd, req, error, flags, data = argv return @@ -287,7 +284,6 @@ def InternetQueryOption(self, emu, argv, ctx: api.ApiContext = None): LPDWORD lpdwBufferLength ); """ - ctx = ctx or {} hInternet, dwOption, lpBuffer, lpdwBufferLength = argv rv = False opt = windefs.get_option_define(dwOption) @@ -312,7 +308,6 @@ def InternetReadFile(self, emu, argv, ctx: api.ApiContext = None): LPDWORD lpdwNumberOfBytesRead ); """ - ctx = ctx or {} hFile, buf, size, bytes_read = argv rv = 1 @@ -375,7 +370,6 @@ def InternetQueryDataAvailable(self, emu, argv, ctx: api.ApiContext = None): DWORD_PTR dwContext ); """ - ctx = ctx or {} hFile, lpdwNumberOfBytesAvailable, dwFlags, dwContext = argv rv = False @@ -395,7 +389,6 @@ def InternetCloseHandle(self, emu, argv, ctx: api.ApiContext = None): HINTERNET hInternet ); """ - ctx = ctx or {} (hInternet,) = argv rv = True diff --git a/speakeasy/winenv/api/usermode/winmm.py b/speakeasy/winenv/api/usermode/winmm.py index 998838f2..c77bd514 100644 --- a/speakeasy/winenv/api/usermode/winmm.py +++ b/speakeasy/winenv/api/usermode/winmm.py @@ -22,5 +22,4 @@ def timeGetTime(self, emu, argv, ctx: api.ApiContext = None): """ DWORD timeGetTime(); // return the system time, in milliseconds """ - ctx = ctx or {} return int(time.monotonic() * 1000) & 0xFFFFFFFF diff --git a/speakeasy/winenv/api/usermode/wkscli.py b/speakeasy/winenv/api/usermode/wkscli.py index ad0bc79e..9993cff5 100644 --- a/speakeasy/winenv/api/usermode/wkscli.py +++ b/speakeasy/winenv/api/usermode/wkscli.py @@ -27,7 +27,6 @@ def NetGetJoinInformation(self, emu, argv, ctx: api.ApiContext = None): PNETSETUP_JOIN_STATUS BufferType ); """ - ctx = ctx or {} lpServer, lpNameBuffer, BufferType = argv if lpServer: diff --git a/speakeasy/winenv/api/usermode/ws2_32.py b/speakeasy/winenv/api/usermode/ws2_32.py index c9478776..a8c7d3ae 100644 --- a/speakeasy/winenv/api/usermode/ws2_32.py +++ b/speakeasy/winenv/api/usermode/ws2_32.py @@ -47,7 +47,6 @@ def WSAStartup(self, emu, argv, ctx: api.ApiContext = None): LPWSADATA lpWSAData ); """ - ctx = ctx or {} ver, lpWSAData = argv wsa = self.wstypes.WSAData(emu.get_ptr_size()) @@ -68,7 +67,6 @@ def WSACleanup(self, emu, argv, ctx: api.ApiContext = None): """ int WSACleanup(); """ - ctx = ctx or {} return 0 @@ -84,7 +82,6 @@ def WSASocket(self, emu, argv, ctx: api.ApiContext = None): DWORD dwFlags ); """ - ctx = ctx or {} af, typ, protocol, lpProtocolInfo, g, dwFlags = argv fam_str = winsock.get_addr_family(af) @@ -114,7 +111,6 @@ def WSAIoctl(self, emu, argv, ctx: api.ApiContext = None): LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine ); """ - ctx = ctx or {} # TODO: Add actual function logic. However, for now, returning 0 (success) should cover most use cases. @@ -148,7 +144,6 @@ def socket(self, emu, argv, ctx: api.ApiContext = None): int protocol ); """ - ctx = ctx or {} af, typ, protocol = argv fam_str = winsock.get_addr_family(af) @@ -170,7 +165,6 @@ def inet_addr(self, emu, argv, ctx: api.ApiContext = None): _In_ const char *cp ); """ - ctx = ctx or {} (a,) = argv if a: @@ -191,7 +185,6 @@ def htons(self, emu, argv, ctx: api.ApiContext = None): u_short hostshort ); """ - ctx = ctx or {} (hostshort,) = argv netshort = htons(hostshort) @@ -205,7 +198,6 @@ def ntohs(self, emu, argv, ctx: api.ApiContext = None): u_short netshort ); """ - ctx = ctx or {} (netshort,) = argv return ntohs(netshort) @@ -217,7 +209,6 @@ def ntohl(self, emu, argv, ctx: api.ApiContext = None): u_long netlong ); """ - ctx = ctx or {} (netlong,) = argv return ntohl(netlong) @@ -233,7 +224,6 @@ def setsockopt(self, emu, argv, ctx: api.ApiContext = None): int optlen ); """ - ctx = ctx or {} s, level, optname, optval, optlen = argv rv = 0 @@ -258,7 +248,6 @@ def WSASetLastError(self, emu, argv, ctx: api.ApiContext = None): int iError ); """ - ctx = ctx or {} (iError,) = argv self.last_error = iError @@ -272,7 +261,6 @@ def gethostname(self, emu, argv, ctx: api.ApiContext = None): int namelen ); """ - ctx = ctx or {} ( name, namelen, @@ -293,7 +281,6 @@ def gethostbyname(self, emu, argv, ctx: api.ApiContext = None): """ struct hostent * gethostbyname(const char FAR * name); """ - ctx = ctx or {} (name,) = argv name = self.read_mem_string(name, 1) @@ -340,7 +327,6 @@ def connect(self, emu, argv, ctx: api.ApiContext = None): int namelen ); """ - ctx = ctx or {} s, pname, namelen = argv @@ -381,7 +367,6 @@ def bind(self, emu, argv, ctx: api.ApiContext = None): int namelen ); """ - ctx = ctx or {} s, pname, namelen = argv rv = windefs.ERROR_SUCCESS @@ -415,7 +400,6 @@ def listen(self, emu, argv, ctx: api.ApiContext = None): int backlog ); """ - ctx = ctx or {} s, backlog = argv rv = windefs.ERROR_SUCCESS @@ -432,7 +416,6 @@ def select(self, emu, argv, ctx: api.ApiContext = None): const timeval *timeout ); """ - ctx = ctx or {} nfds, readfds, writefds, exceptfds, timeout = argv fd_count = 0 @@ -462,7 +445,6 @@ def accept(self, emu, argv, ctx: api.ApiContext = None): int *addrlen ); """ - ctx = ctx or {} s, addr, addrlen = argv socket = self.netman.get_socket(s) @@ -502,7 +484,6 @@ def inet_ntoa(self, emu, argv, ctx: api.ApiContext = None): """ char FAR* inet_ntoa(struct in_addr in); """ - ctx = ctx or {} (in_addr,) = argv raddr = inet_ntoa(in_addr.to_bytes(4, "little")) @@ -523,7 +504,6 @@ def inet_ntop(self, emu, argv, ctx: api.ApiContext = None): [in] size_t StringBufSize ); """ - ctx = ctx or {} family, pAddr, pStringBuf, StringBufSize = argv fam_str = winsock.get_addr_family(family) @@ -552,7 +532,6 @@ def inet_pton(self, emu, argv, ctx: api.ApiContext = None): [out] PVOID pAddrBuf ); """ - ctx = ctx or {} family, pszAddrString, pAddrBuf = argv @@ -578,7 +557,6 @@ def htonl(self, emu, argv, ctx: api.ApiContext = None): """ uint32_t htonl(uint32_t hostlong); """ - ctx = ctx or {} (hostlong,) = argv return htonl(hostlong) @@ -590,7 +568,6 @@ def __WSAFDIsSet(self, emu, argv, ctx: api.ApiContext = None): fd_set * ); """ - ctx = ctx or {} sock, fd_set = argv return 1 @@ -602,7 +579,6 @@ def shutdown(self, emu, argv, ctx: api.ApiContext = None): int how ); """ - ctx = ctx or {} return 0 @apihook("recv", argc=4, ordinal=16) @@ -615,7 +591,6 @@ def recv(self, emu, argv, ctx: api.ApiContext = None): int flags ); """ - ctx = ctx or {} s, buf, blen, flags = argv rv = 0 @@ -652,7 +627,6 @@ def send(self, emu, argv, ctx: api.ApiContext = None): int flags ); """ - ctx = ctx or {} s, buf, blen, flags = argv data = b"" @@ -681,7 +655,6 @@ def closesocket(self, emu, argv, ctx: api.ApiContext = None): IN SOCKET s ); """ - ctx = ctx or {} (s,) = argv rv = 0 @@ -704,7 +677,6 @@ def ioctlsocket(self, emu, argv, ctx: api.ApiContext = None): u_long *argp ); """ - ctx = ctx or {} s, cmd, argp = argv rv = winsock.WSAENOTSOCK @@ -724,7 +696,6 @@ def getaddrinfo(self, emu, argv, ctx: api.ApiContext = None): PADDRINFOA *ppResult ); """ - ctx = ctx or {} pNodeName, pServiceName, pHints, ppResult = argv rv = 0 @@ -790,7 +761,6 @@ def freeaddrinfo(self, emu, argv, ctx: api.ApiContext = None): PADDRINFOA pAddrInfo ); """ - ctx = ctx or {} self.mem_free(argv[0]) return @@ -806,7 +776,6 @@ def getsockopt(self, emu, argv, ctx: api.ApiContext = None): int *optlen ); """ - ctx = ctx or {} s, level, optname, optval, optlen = argv rv = 0 diff --git a/speakeasy/winenv/api/usermode/wtsapi32.py b/speakeasy/winenv/api/usermode/wtsapi32.py index aaf0ce87..d99e0934 100644 --- a/speakeasy/winenv/api/usermode/wtsapi32.py +++ b/speakeasy/winenv/api/usermode/wtsapi32.py @@ -85,7 +85,6 @@ def WTSFreeMemory(self, emu, argv, ctx: api.ApiContext = None): IN PVOID pMemory ); """ - ctx = ctx or {} (pMemory,) = argv rv = 1 From a1fb393f16a4c48078bfec1d016fe4e27a45d8b3 Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Wed, 25 Mar 2026 09:37:36 +0100 Subject: [PATCH 6/6] hooks: remove unused ctx kwarg --- examples/emu_dll.py | 2 +- examples/upx_unpack.py | 2 +- speakeasy/binemu.py | 48 +++++++++++++-------------- speakeasy/common.py | 42 ++++++++++++------------ speakeasy/engines/unicorn_eng.py | 4 +-- speakeasy/memmgr.py | 3 +- speakeasy/profiler.py | 2 +- speakeasy/speakeasy.py | 51 ++++++++++++++--------------- speakeasy/windows/win32.py | 4 +-- speakeasy/windows/winemu.py | 56 ++++++++++++++++---------------- 10 files changed, 102 insertions(+), 112 deletions(-) diff --git a/examples/emu_dll.py b/examples/emu_dll.py index bf4f9f3e..6ae71ad3 100644 --- a/examples/emu_dll.py +++ b/examples/emu_dll.py @@ -29,7 +29,7 @@ def hook_messagebox(emu, api_name, func, params): return rv -def hook_mem_write(emu, access, address, size, value, ctx): +def hook_mem_write(emu, access, address, size, value): """ Hook that is called whenever memory is written to Args: diff --git a/examples/upx_unpack.py b/examples/upx_unpack.py index 3f8a6e90..675ee2a3 100644 --- a/examples/upx_unpack.py +++ b/examples/upx_unpack.py @@ -26,7 +26,7 @@ def save_unpacked_file(self): up.write(self.mem_read(mm.base, mm.size)) # TODO: Fixup the import table after dumping - def code_hook(self, emu, addr, size, ctx): + def code_hook(self, emu, addr, size): if self.end_addr >= addr >= self.start_addr: print("[*] Section hop signature hit, dumping module") self.save_unpacked_file() diff --git a/speakeasy/binemu.py b/speakeasy/binemu.py index da8d4362..91e77063 100644 --- a/speakeasy/binemu.py +++ b/speakeasy/binemu.py @@ -894,14 +894,14 @@ def add_api_hook(self, cb, module="", api_name="", argc=0, call_conv=None, emu=N self.hooks.update({common.HOOK_API: obj}) return hook - def add_code_hook(self, cb, begin=1, end=0, ctx={}, emu=None): + def add_code_hook(self, cb, begin=1, end=0, emu=None): """ Add a hook that will fire for every CPU instruction """ hl = self.hooks.get(common.HOOK_CODE, []) if not emu: emu = self - hook = common.CodeHook(self, self.emu_eng, cb, begin, end, ctx) + hook = common.CodeHook(self, self.emu_eng, cb, begin, end) if not hl: self.hooks.update( { @@ -918,11 +918,7 @@ def add_code_hook(self, cb, begin=1, end=0, ctx={}, emu=None): return hook - def _dynamic_code_cb(self, emu, addr, size, ctx={}): - """ - Call all subscribers that want callbacks dynamic code callbacks - """ - + def _fire_dyn_code_hooks(self, addr): profiler = self.get_profiler() mm = self.get_address_map(addr) if profiler: @@ -932,13 +928,7 @@ def _dynamic_code_cb(self, emu, addr, size, ctx={}): for h in self.hooks.get(common.HOOK_DYN_CODE, []): h.cb(mm) - # Delete the code hook that got us here - if ctx and isinstance(ctx, dict): - h = ctx.get("_delete_hook") - if h: - h.disable() - - def _set_dyn_code_hook(self, addr, size, ctx={}): + def _set_dyn_code_hook(self, addr, size): """ Set the top level dispatch hook for dynamic code execution """ @@ -946,10 +936,16 @@ def _set_dyn_code_hook(self, addr, size, ctx={}): if size > max_hook_size: size = max_hook_size - ch = self.add_code_hook(cb=self._dynamic_code_cb, begin=addr, end=addr + size, ctx=ctx) - ctx.update({"_delete_hook": ch}) + hook_ref = [None] + + def _dynamic_code_cb(emu, addr, size): + self._fire_dyn_code_hooks(addr) + if hook_ref[0]: + hook_ref[0].disable() + + hook_ref[0] = self.add_code_hook(cb=_dynamic_code_cb, begin=addr, end=addr + size) - def add_dyn_code_hook(self, cb, ctx=[], emu=None): + def add_dyn_code_hook(self, cb, emu=None): """ Add a hook that will fire when dynamically generated/copied code is executed """ @@ -957,7 +953,7 @@ def add_dyn_code_hook(self, cb, ctx=[], emu=None): emu = self hl = self.hooks.get(common.HOOK_DYN_CODE, []) - hook = common.DynCodeHook(emu, self.emu_eng, cb, ctx) + hook = common.DynCodeHook(emu, self.emu_eng, cb) if not hl: self.hooks.update( { @@ -1043,7 +1039,7 @@ def add_mem_map_hook(self, cb, begin=1, end=0, emu=None): return hook - def _hook_mem_invalid_dispatch(self, emu, access, address, size, value, ctx): + def _hook_mem_invalid_dispatch(self, emu, access, address, size, value): """ This handler will dispatch other invalid memory hooks """ @@ -1052,7 +1048,7 @@ def _hook_mem_invalid_dispatch(self, emu, access, address, size, value, ctx): rv = True for mem_access_hook in hl[1:]: if mem_access_hook.enabled: - rv = mem_access_hook.cb(emu, access, address, size, value, ctx) + rv = mem_access_hook.cb(emu, access, address, size, value) if rv is False: break return rv @@ -1079,13 +1075,13 @@ def add_mem_invalid_hook(self, cb, emu=None): return hook - def add_interrupt_hook(self, cb, ctx=[], emu=None): + def add_interrupt_hook(self, cb, emu=None): """ Add a hook that will fire for software interrupts """ if not emu: emu = self - hook = common.InterruptHook(emu, self.emu_eng, cb, ctx=[]) + hook = common.InterruptHook(emu, self.emu_eng, cb) hl = self.hooks.get(common.HOOK_INTERRUPT) if not hl: self.hooks.update( @@ -1103,13 +1099,13 @@ def add_interrupt_hook(self, cb, ctx=[], emu=None): return hook - def add_instruction_hook(self, cb, begin=1, end=0, ctx=[], emu=None, insn=None): + def add_instruction_hook(self, cb, begin=1, end=0, emu=None, insn=None): """ Add a hook that will fire for IN, SYSCALL, or SYSENTER instructions """ if not emu: emu = self - hook = common.InstructionHook(emu, self.emu_eng, cb, ctx=[], insn=insn) + hook = common.InstructionHook(emu, self.emu_eng, cb, insn=insn) hl = self.hooks.get(common.HOOK_INSN) if not hl: self.hooks.update( @@ -1127,11 +1123,11 @@ def add_instruction_hook(self, cb, begin=1, end=0, ctx=[], emu=None, insn=None): return hook - def add_invalid_instruction_hook(self, cb, ctx=[], emu=None): + def add_invalid_instruction_hook(self, cb, emu=None): if not emu: emu = self - hook = common.InvalidInstructionHook(emu, self.emu_eng, cb, ctx=[]) + hook = common.InvalidInstructionHook(emu, self.emu_eng, cb) hl = self.hooks.get(common.HOOK_INSN_INVALID) if not hl: diff --git a/speakeasy/common.py b/speakeasy/common.py index de360b55..2d68da31 100644 --- a/speakeasy/common.py +++ b/speakeasy/common.py @@ -55,13 +55,12 @@ class Hook: Base class for all emulator hooks """ - def __init__(self, se_obj, emu_eng, cb, ctx=None, native_hook=False): + def __init__(self, se_obj, emu_eng, cb, native_hook=False): """ Arguments: se_obj: speakeasy emulator object emu_eng: emulation engine object cb: Python callback function - ctx: Arbitrary context that be passed between hook callbacks native_hook: When set to True, a new, raw callback will be registered with with the underlying emulation engine that is called directly by the DLL. Otherwise, this hook will be dispatched via a wrapper hook @@ -74,7 +73,6 @@ def __init__(self, se_obj, emu_eng, cb, ctx=None, native_hook=False): self.native_hook = native_hook self.emu_eng = emu_eng self.se_obj = se_obj - self.ctx = ctx if ctx is not None else [] def enable(self): self.enabled = True @@ -84,48 +82,48 @@ def disable(self): self.enabled = False self.emu_eng.hook_disable(self.handle) - def _wrap_code_cb(self, emu, addr, size, ctx=[]): + def _wrap_code_cb(self, emu, addr, size, ctx=None): try: if self.enabled: if self.se_obj.exit_event and self.se_obj.exit_event.is_set(): self.se_obj.stop() return False - return self.cb(self.se_obj, addr, size, self.ctx) + return self.cb(self.se_obj, addr, size) return True except KeyboardInterrupt: self.se_obj.stop() return False - def _wrap_intr_cb(self, emu, num, ctx=[]): + def _wrap_intr_cb(self, emu, num, ctx=None): if self.enabled: - return self.cb(self.se_obj, num, self.ctx) + return self.cb(self.se_obj, num) return True - def _wrap_in_insn_cb(self, emu, port, size, ctx=[]): + def _wrap_in_insn_cb(self, emu, port, size, ctx=None): if self.enabled: return self.cb(self.se_obj, port, size) return True - def _wrap_syscall_insn_cb(self, emu, ctx=[]): + def _wrap_syscall_insn_cb(self, emu, ctx=None): if self.enabled: return self.cb(self.se_obj) return True - def _wrap_memory_access_cb(self, emu, access, addr, size, value, ctx): + def _wrap_memory_access_cb(self, emu, access, addr, size, value, ctx=None): try: if self.enabled: if self.se_obj.exit_event and self.se_obj.exit_event.is_set(): self.se_obj.stop() return False - return self.cb(self.se_obj, access, addr, size, value, ctx) + return self.cb(self.se_obj, access, addr, size, value) return True except KeyboardInterrupt: self.se_obj.stop() return False - def _wrap_invalid_insn_cb(self, emu, ctx=[]): + def _wrap_invalid_insn_cb(self, emu, ctx=None): if self.enabled: - return self.cb(self.se_obj, self.ctx) + return self.cb(self.se_obj) return True @@ -148,7 +146,7 @@ class DynCodeHook(Hook): Currently, this will only fire once per dynamic code mapping. Could be useful for unpacking. """ - def __init__(self, se_obj, emu_eng, cb, ctx=None): + def __init__(self, se_obj, emu_eng, cb): super().__init__(se_obj, emu_eng, cb) @@ -157,8 +155,8 @@ class CodeHook(Hook): This hook callback will fire for every CPU instruction """ - def __init__(self, se_obj, emu_eng, cb, begin=1, end=0, ctx=None, native_hook=True): - super().__init__(se_obj, emu_eng, cb, ctx=ctx, native_hook=native_hook) + def __init__(self, se_obj, emu_eng, cb, begin=1, end=0, native_hook=True): + super().__init__(se_obj, emu_eng, cb, native_hook=native_hook) self.begin = begin self.end = end @@ -242,8 +240,8 @@ class InterruptHook(Hook): This hook will fire each time a a software interrupt is triggered """ - def __init__(self, se_obj, emu_eng, cb, ctx=None, native_hook=True): - super().__init__(se_obj, emu_eng, cb, ctx=ctx, native_hook=native_hook) + def __init__(self, se_obj, emu_eng, cb, native_hook=True): + super().__init__(se_obj, emu_eng, cb, native_hook=native_hook) def add(self): if not self.added and self.native_hook: @@ -258,8 +256,8 @@ class InstructionHook(Hook): Only the instructions: IN, OUT, SYSCALL, and SYSENTER are supported by unicorn. """ - def __init__(self, se_obj, emu_eng, cb, ctx=None, native_hook=True, insn=None): - super().__init__(se_obj, emu_eng, cb, ctx=ctx, native_hook=native_hook) + def __init__(self, se_obj, emu_eng, cb, native_hook=True, insn=None): + super().__init__(se_obj, emu_eng, cb, native_hook=native_hook) self.insn = insn def add(self): @@ -275,8 +273,8 @@ class InvalidInstructionHook(Hook): to be executed """ - def __init__(self, se_obj, emu_eng, cb, ctx=None, native_hook=True): - super().__init__(se_obj, emu_eng, cb, ctx=ctx, native_hook=native_hook) + def __init__(self, se_obj, emu_eng, cb, native_hook=True): + super().__init__(se_obj, emu_eng, cb, native_hook=native_hook) def add(self): if not self.added and self.native_hook: diff --git a/speakeasy/engines/unicorn_eng.py b/speakeasy/engines/unicorn_eng.py index b2ae594b..60c1a82d 100644 --- a/speakeasy/engines/unicorn_eng.py +++ b/speakeasy/engines/unicorn_eng.py @@ -213,7 +213,7 @@ def start(self, addr, timeout=0, count=0): timeout = self._sec_to_usec(timeout) return self.emu.emu_start(addr, 0xFFFFFFFF, timeout=timeout, count=count) # type: ignore[union-attr] - def hook_add(self, addr=None, cb=None, htype=None, ctx=None, begin=1, end=0, arg1=0): + def hook_add(self, addr=None, cb=None, htype=None, begin=1, end=0, arg1=0): """ Add a callback function for a specific event type or address """ @@ -238,7 +238,7 @@ def hook_add(self, addr=None, cb=None, htype=None, ctx=None, begin=1, end=0, arg elif hook_type == uc.UC_HOOK_MEM_INVALID: cb = ct.cast(UC_HOOK_MEM_INVALID_CB(cb), UC_HOOK_MEM_INVALID_CB) else: - return self.emu.hook_add(htype=hook_type, callback=cb, user_data=ctx, begin=begin, end=end) # type: ignore[union-attr] + return self.emu.hook_add(htype=hook_type, callback=cb, begin=begin, end=end) # type: ignore[union-attr] ptr = ct.cast(cb, ct.c_void_p) # uc_hook_add requires an additional paramter for the hook type UC_HOOK_INSN if hook_type == uc.UC_HOOK_INSN: diff --git a/speakeasy/memmgr.py b/speakeasy/memmgr.py index 0461a190..b6e9cbd0 100644 --- a/speakeasy/memmgr.py +++ b/speakeasy/memmgr.py @@ -78,13 +78,12 @@ def __init__(self, *args, **kwargs): def _hook_mem_map_dispatch(self, mm): hl = self.hooks.get(common.HOOK_MEM_MAP, []) - ctx: dict[str, object] = {} for mem_map_hook in hl: if mem_map_hook.enabled: # the mapped memory region's base address falls within the hook's bounds if mem_map_hook.begin <= mm.base: if not mem_map_hook.end or mem_map_hook.end > mm.base: - mem_map_hook.cb(self, mm.base, mm.size, mm.tag, mm.prot, mm.flags, ctx) + mem_map_hook.cb(self, mm.base, mm.size, mm.tag, mm.prot, mm.flags) def mem_map(self, size, base=None, perms=common.PERM_MEM_RWX, tag=None, flags=0, shared=False, process=None): """ diff --git a/speakeasy/profiler.py b/speakeasy/profiler.py index 6d03f4fd..73979451 100644 --- a/speakeasy/profiler.py +++ b/speakeasy/profiler.py @@ -224,7 +224,7 @@ def record_dropped_files_event(self, run, files): entry = {"path": f.path, "size": len(data), "sha256": _hash, "data_ref": data_ref} run.dropped_files.append(entry) - def record_api_event(self, run, pos: TracePosition, name, ret, argv, ctx=[]): + def record_api_event(self, run, pos: TracePosition, name, ret, argv): """ Log a call to an OS API. This includes arguments, return address, and return value """ diff --git a/speakeasy/speakeasy.py b/speakeasy/speakeasy.py index 9ac28402..f4ec324f 100644 --- a/speakeasy/speakeasy.py +++ b/speakeasy/speakeasy.py @@ -51,9 +51,9 @@ def __init__(self, config=None, argv=None, debug=False, exit_event=None, gdb_por self._init_config(config) self.emu: Win32Emulator | WinKernelEmulator | None = None self.api_hooks: list[tuple[Callable, str, str, int, object | None]] = [] - self.code_hooks: list[tuple[Callable, int, int, dict]] = [] - self.dyn_code_hooks: list[tuple[Callable, dict]] = [] - self.invalid_insn_hooks: list[tuple[Callable, list]] = [] + self.code_hooks: list[tuple[Callable, int, int]] = [] + self.dyn_code_hooks: list[tuple[Callable]] = [] + self.invalid_insn_hooks: list[tuple[Callable]] = [] self.mem_read_hooks: list[tuple[Callable, int, int]] = [] self.argv = argv if argv is not None else [] self.exit_event = exit_event @@ -62,7 +62,7 @@ def __init__(self, config=None, argv=None, debug=False, exit_event=None, gdb_por self.loaded_bins: list[str | None] = [] self.mem_write_hooks: list[tuple[Callable, int, int]] = [] self.mem_invalid_hooks: list[tuple[Callable]] = [] - self.interrupt_hooks: list[tuple[Callable, dict]] = [] + self.interrupt_hooks: list[tuple[Callable]] = [] self.mem_map_hooks: list[tuple[Callable, int, int]] = [] def __enter__(self): @@ -142,16 +142,16 @@ def _init_hooks(self) -> None: self.add_api_hook(cb, mod, func, argc, cconv) while self.code_hooks: h = self.code_hooks.pop(0) - cb, begin, end, ctx = h - self.add_code_hook(cb, begin, end, ctx) + cb, begin, end = h + self.add_code_hook(cb, begin, end) while self.dyn_code_hooks: h = self.dyn_code_hooks.pop(0) - cb, ctx = h - self.add_dyn_code_hook(cb, ctx) + (cb,) = h + self.add_dyn_code_hook(cb) while self.invalid_insn_hooks: h = self.invalid_insn_hooks.pop(0) - cb, ctx = h - self.add_invalid_instruction_hook(cb, ctx) + (cb,) = h + self.add_invalid_instruction_hook(cb) while self.mem_read_hooks: h = self.mem_read_hooks.pop(0) cb, begin, end = h @@ -166,8 +166,8 @@ def _init_hooks(self) -> None: self.add_mem_invalid_hook(cb) while self.interrupt_hooks: h = self.interrupt_hooks.pop(0) - cb, ctx = h - self.add_interrupt_hook(cb, ctx) + (cb,) = h + self.add_interrupt_hook(cb) while self.mem_map_hooks: h = self.mem_map_hooks.pop(0) self.add_mem_map_hook(h) @@ -421,7 +421,7 @@ def call(self, addr: int, params=[]) -> None: output_active_config(self.config, logger) return self.emu.call(addr, params=params) # type: ignore[no-any-return, union-attr] - def add_code_hook(self, cb: Callable, begin=1, end=0, ctx={}): + def add_code_hook(self, cb: Callable, begin=1, end=0): """ Set a callback to fire for every CPU instruction that is emulated @@ -429,29 +429,27 @@ def add_code_hook(self, cb: Callable, begin=1, end=0, ctx={}): cb: Callable python function to execute begin: beginning of the address range to hook end: end of the address range to hook - ctx: Optional context to pass back and forth between the hook function return: Hook object for newly registered hooks """ if not self.emu: - self.code_hooks.append((cb, begin, end, ctx)) + self.code_hooks.append((cb, begin, end)) return - return self.emu.add_code_hook(cb, begin=begin, end=end, ctx=ctx, emu=self) + return self.emu.add_code_hook(cb, begin=begin, end=end, emu=self) - def add_dyn_code_hook(self, cb: Callable, ctx={}): + def add_dyn_code_hook(self, cb: Callable): """ Set a callback to fire when dynamically generated/copied code is executed args: cb: Callable python function to execute - ctx: Optional context to pass back and forth between the hook function return: Hook object for newly registered hooks """ if not self.emu: - self.dyn_code_hooks.append((cb, ctx)) + self.dyn_code_hooks.append((cb,)) return - return self.emu.add_dyn_code_hook(cb, ctx=ctx, emu=self) + return self.emu.add_dyn_code_hook(cb, emu=self) def add_mem_read_hook(self, cb: Callable, begin=1, end=0): """ @@ -517,7 +515,7 @@ def add_SYSCALL_instruction_hook(self, cb: Callable, begin=1, end=0): return return self.emu.add_instruction_hook(cb, begin=begin, end=end, emu=self, insn=700) - def add_invalid_instruction_hook(self, cb: Callable, ctx=[]): + def add_invalid_instruction_hook(self, cb: Callable): """ Set a callback to fire when an invalid instruction is attempted to be executed @@ -528,9 +526,9 @@ def add_invalid_instruction_hook(self, cb: Callable, ctx=[]): Hook object for newly registered hooks """ if not self.emu: - self.invalid_insn_hooks.append((cb, ctx)) + self.invalid_insn_hooks.append((cb,)) return - return self.emu.add_invalid_instruction_hook(cb, ctx) + return self.emu.add_invalid_instruction_hook(cb) def add_mem_invalid_hook(self, cb: Callable): """ @@ -546,20 +544,19 @@ def add_mem_invalid_hook(self, cb: Callable): return return self.emu.add_mem_invalid_hook(cb, emu=self) - def add_interrupt_hook(self, cb: Callable, ctx={}): + def add_interrupt_hook(self, cb: Callable): """ Get a callback for software interrupts args: cb: Callable python function to execute - ctx: Optional context to pass back and forth between the hook function return: Hook object for newly registered hooks """ if not self.emu: - self.interrupt_hooks.append((cb, ctx)) + self.interrupt_hooks.append((cb,)) return - return self.emu.add_interrupt_hook(cb, ctx=ctx, emu=self) + return self.emu.add_interrupt_hook(cb, emu=self) def get_registry_key(self, handle=0, path=""): """ diff --git a/speakeasy/windows/win32.py b/speakeasy/windows/win32.py index 1652b850..48afb66c 100644 --- a/speakeasy/windows/win32.py +++ b/speakeasy/windows/win32.py @@ -605,7 +605,7 @@ def exit_process(self): self.enable_code_hook() self.run_complete = True - def _hook_mem_unmapped(self, emu, access, address, size, value, ctx): + def _hook_mem_unmapped(self, emu, access, address, size, value): _access = self.emu_eng.mem_access.get(access) # type: ignore[union-attr] if _access == common.INVALID_MEM_READ: @@ -615,7 +615,7 @@ def _hook_mem_unmapped(self, emu, access, address, size, value, ctx): self.mem_map_reserve(pld.address) self.init_peb(self._ordered_peb_modules()) return True - return super()._hook_mem_unmapped(emu, access, address, size, value, ctx) + return super()._hook_mem_unmapped(emu, access, address, size, value) def set_hooks(self): """Set the emulator callbacks""" diff --git a/speakeasy/windows/winemu.py b/speakeasy/windows/winemu.py index afee8dd3..f8d365e0 100644 --- a/speakeasy/windows/winemu.py +++ b/speakeasy/windows/winemu.py @@ -207,7 +207,7 @@ def disable_code_hook(self): if self.tmp_code_hook: self.tmp_code_hook.disable() - def _module_access_hook(self, emu, addr, size, ctx): + def _module_access_hook(self, emu, addr, size): symbol = self.get_symbol_from_address(addr) if symbol: logger.debug("module_access: %s", symbol) @@ -1354,7 +1354,7 @@ def handle_import_data(self, mod_name, sym, data_ptr=0): data_addr = self.api.call_data_func(module, func, data_ptr) # type: ignore[union-attr] return data_addr - def _handle_invalid_fetch(self, emu, address, size, value, ctx): + def _handle_invalid_fetch(self, emu, address, size, value): """ Called when an attempt to emulate an instruction from an invalid address """ @@ -1653,7 +1653,7 @@ def handle_import_func(self, dll, name): # Is this function being called from a dynamcially allocated memory segment? if mm and "virtualalloc" in mm.tag.lower(): - self._dynamic_code_cb(self, ret, 0, {}) + self._fire_dyn_code_hooks(ret) # Log the API args and return value self.log_api(call_pc, imp_api, rv, argv) @@ -1717,7 +1717,7 @@ def handle_import_func(self, dll, name): ) self.on_run_complete() - def _hook_mem_unmapped(self, emu, access, address, size, value, ctx): + def _hook_mem_unmapped(self, emu, access, address, size, value): """ High level function used to catch all invalid memory accesses that occur during emulation @@ -1745,21 +1745,21 @@ def _hook_mem_unmapped(self, emu, access, address, size, value, ctx): self.do_call_return(len(args), pc) self._unset_emu_hooks() return True - return self._handle_invalid_fetch(emu, address, size, value, ctx) + return self._handle_invalid_fetch(emu, address, size, value) elif access == common.INVALID_MEM_READ: - return self._handle_invalid_read(emu, address, size, value, ctx) + return self._handle_invalid_read(emu, address, size, value) elif access == common.INVAL_PERM_MEM_EXEC: - return self._handle_prot_fetch(emu, address, size, value, ctx) + return self._handle_prot_fetch(emu, address, size, value) elif access == common.INVALID_MEM_WRITE: fakeout = address & 0xFFFFFFFFFFFFF000 self.mem_map(self.page_size, base=fakeout) self.tmp_maps.append((fakeout, self.page_size)) - return self._handle_invalid_write(emu, address, size, value, ctx) + return self._handle_invalid_write(emu, address, size, value) elif access == common.INVAL_PERM_MEM_WRITE: - return self._handle_prot_write(emu, address, size, value, ctx) + return self._handle_prot_write(emu, address, size, value) except Exception as e: logger.exception("Invalid memory exception") error = self.get_error_info(str(e), self.get_pc(), traceback=traceback.format_exc()) @@ -1767,7 +1767,7 @@ def _hook_mem_unmapped(self, emu, access, address, size, value, ctx): self.on_emu_complete() return False - def _handle_prot_write(self, emu, address, size, value, ctx): + def _handle_prot_write(self, emu, address, size, value): fakeout = address & 0xFFFFFFFFFFFFF000 self.mem_map(self.page_size, base=fakeout) @@ -1796,7 +1796,7 @@ def get_symbol_from_address(self, address): symbol = "{}.{}".format(*sym) return symbol - def _hook_mem_read(self, emu, access, address, size, value, ctx): + def _hook_mem_read(self, emu, access, address, size, value): """ Hook each memory read event that occurs. This hook is used to lookup symbols and modules that are read from during emulation. @@ -1872,7 +1872,7 @@ def _hook_mem_read(self, emu, access, address, size, value, ctx): self.on_emu_complete() return False - def _hook_mem_write(self, emu, access, address, size, value, ctx): + def _hook_mem_write(self, emu, access, address, size, value): """ Hook each memory write event that occurs. This hook is used to track memory modifications to interesting memory locations. @@ -1925,7 +1925,7 @@ def _hook_mem_write(self, emu, access, address, size, value, ctx): self.on_emu_complete() return False - def _handle_invalid_read(self, emu, address, size, value, ctx): + def _handle_invalid_read(self, emu, address, size, value): """ Hook each invalid memory read event that occurs. """ @@ -1953,7 +1953,7 @@ def _handle_invalid_read(self, emu, address, size, value, ctx): self.on_run_complete() return True - def _handle_prot_fetch(self, emu, address, size, value, ctx): + def _handle_prot_fetch(self, emu, address, size, value): """ Called when non-executable code is emulated """ @@ -1973,7 +1973,7 @@ def _handle_prot_fetch(self, emu, address, size, value, ctx): self.handle_import_func(mod_name, fn) return True - def _handle_invalid_write(self, emu, address, size, value, ctx): + def _handle_invalid_write(self, emu, address, size, value): """ Called when non-writable address is written to """ @@ -1996,7 +1996,7 @@ def _handle_invalid_write(self, emu, address, size, value, ctx): self.on_run_complete() return True - def _hook_code_core(self, emu, addr, size, ctx): + def _hook_code_core(self, emu, addr, size): """ Transient code hook for deferred work: SEH dispatch, run lifecycle, temp map cleanup, and import data queue processing. Enabled on demand @@ -2048,7 +2048,7 @@ def _hook_code_core(self, emu, addr, size, ctx): self.on_emu_complete() return False - def _hook_code_coverage(self, emu, addr, size, ctx): + def _hook_code_coverage(self, emu, addr, size): """ Persistent code hook that records every executed address for coverage. """ @@ -2062,7 +2062,7 @@ def _hook_code_coverage(self, emu, addr, size, ctx): self.on_emu_complete() return False - def _hook_code_tracing(self, emu, addr, size, ctx): + def _hook_code_tracing(self, emu, addr, size): """ Persistent code hook for memory tracing: instruction counting, symbol execution tracking, and per-region execution tracking. @@ -2131,7 +2131,7 @@ def _hook_code_tracing(self, emu, addr, size, ctx): self.on_emu_complete() return False - def _hook_code_debug(self, emu, addr, size, ctx): + def _hook_code_debug(self, emu, addr, size): """ Persistent code hook that prints disassembly and register state for every instruction when debug mode is enabled. @@ -2707,17 +2707,10 @@ def create_mutant(self, name=""): hnd = self.om.get_handle(mtx) # type: ignore[union-attr] return hnd, mtx - def _hook_interrupt(self, emu, intnum, ctx=[]): + def _hook_interrupt(self, emu, intnum): """ Called when software interrupts occur """ - - def _tmp_hook(emu, addr, size, ctx): - ret = self.pop_stack() - self.set_pc(ret) - hook_obj = ctx.pop(0) - hook_obj.disable() - exception_list = self._get_exception_list() if exception_list and self.config.exceptions.dispatch_handlers: # Catch software breakpoint interrupts @@ -2748,7 +2741,14 @@ def _tmp_hook(emu, addr, size, ctx): ecx = self.reg_read(_arch.X86_REG_ECX) # Cookie security init failed, just return since we are in __security_init_cookie if ecx == 6: - ctx.append(self.add_code_hook(cb=_tmp_hook, ctx=ctx)) + hook_ref = [None] + + def _tmp_hook(emu, addr, size): + ret = self.pop_stack() + self.set_pc(ret) + hook_ref[0].disable() + + hook_ref[0] = self.add_code_hook(cb=_tmp_hook) return True pc = self.get_pc()