Skip to content

Commit 7d8da22

Browse files
committed
1.6.1
1 parent bea6a7e commit 7d8da22

17 files changed

Lines changed: 266 additions & 60 deletions

CHANGELOG.md

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,9 +4,20 @@ This project adheres to [Semantic Versioning](http://semver.org/).
44

55

66

7+
8+
## [1.6.1] - 2025-02-??
9+
10+
711
### Changed
812
- updated code to be qt6 comaptible
913
- greately improved dark mode
14+
- improved driver statis information on startup
15+
16+
### Fixed
17+
- fixed Closing System Info closes also the TaskExplorer [#34](https://github.com/DavidXanatos/TaskExplorer/issues/34)
18+
- fixed handle leak in thread stack panel
19+
- fixed bad performance on windows 10
20+
- fixed issue where two instances were started when "Skip UAC" was enabled
1021

1122

1223

TaskExplorer/API/Windows/ProcessHacker.cpp

Lines changed: 76 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1007,6 +1007,82 @@ bool KphGetSystemMon()
10071007
return false;
10081008
}
10091009

1010+
static PPH_STRING KsiKernelFileName = NULL;
1011+
static PPH_STRING KsiKernelVersion = NULL;
1012+
1013+
PPH_STRING KsiGetKernelFileNameInternal(VOID)
1014+
{
1015+
NTSTATUS status;
1016+
UCHAR buffer[FIELD_OFFSET(RTL_PROCESS_MODULES, Modules) + sizeof(RTL_PROCESS_MODULE_INFORMATION)] = { 0 };
1017+
PRTL_PROCESS_MODULES modules;
1018+
ULONG modulesLength;
1019+
1020+
modules = (PRTL_PROCESS_MODULES)buffer;
1021+
modulesLength = sizeof(buffer);
1022+
1023+
status = NtQuerySystemInformation(
1024+
SystemModuleInformation,
1025+
modules,
1026+
modulesLength,
1027+
&modulesLength
1028+
);
1029+
1030+
if (status != STATUS_SUCCESS && status != STATUS_INFO_LENGTH_MISMATCH)
1031+
return NULL;
1032+
if (status == STATUS_SUCCESS || modules->NumberOfModules < 1)
1033+
return NULL;
1034+
1035+
return PhConvertUtf8ToUtf16((PCSTR)modules->Modules[0].FullPathName);
1036+
}
1037+
1038+
PPH_STRING KsiGetKernelFileName(VOID)
1039+
{
1040+
static PH_INITONCE initOnce = PH_INITONCE_INIT;
1041+
1042+
if (PhBeginInitOnce(&initOnce))
1043+
{
1044+
KsiKernelFileName = KsiGetKernelFileNameInternal();
1045+
1046+
PhEndInitOnce(&initOnce);
1047+
}
1048+
1049+
if (KsiKernelFileName)
1050+
return (PPH_STRING)PhReferenceObject(KsiKernelFileName);
1051+
1052+
return NULL;
1053+
}
1054+
1055+
PPH_STRING KsiGetKernelVersionString(VOID)
1056+
{
1057+
static PH_INITONCE initOnce = PH_INITONCE_INIT;
1058+
1059+
if (PhBeginInitOnce(&initOnce))
1060+
{
1061+
PPH_STRING fileName;
1062+
PH_IMAGE_VERSION_INFO versionInfo;
1063+
1064+
if (fileName = KsiGetKernelFileName())
1065+
{
1066+
if (PhInitializeImageVersionInfoEx(&versionInfo, &fileName->sr, FALSE))
1067+
{
1068+
KsiKernelVersion = versionInfo.FileVersion;
1069+
1070+
versionInfo.FileVersion = NULL;
1071+
PhDeleteImageVersionInfo(&versionInfo);
1072+
}
1073+
1074+
PhDereferenceObject(fileName);
1075+
}
1076+
1077+
PhEndInitOnce(&initOnce);
1078+
}
1079+
1080+
if (KsiKernelVersion)
1081+
return (PPH_STRING)PhReferenceObject(KsiKernelVersion);
1082+
1083+
return NULL;
1084+
}
1085+
10101086
void PhShowAbout(QWidget* parent)
10111087
{
10121088
QString AboutCaption = QString(

TaskExplorer/API/Windows/ProcessHacker.h

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -108,6 +108,8 @@ bool KphSetDebugLog(bool Enable);
108108
bool KphSetSystemMon(bool Enable);
109109
bool KphGetSystemMon();
110110

111+
PPH_STRING KsiGetKernelVersionString(VOID);
112+
111113
void PhShowAbout(QWidget* parent);
112114

113115
#endif

TaskExplorer/API/Windows/SandboxieAPI.cpp

Lines changed: 35 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -352,7 +352,7 @@ struct SSandboxieAPI
352352
return status;
353353
}
354354

355-
NTSTATUS SbieIniGet(const std::wstring& section, const std::wstring& setting, quint32 index, std::wstring& value)
355+
NTSTATUS SbieIniGet(const std::wstring& section, const std::wstring& setting, quint32 index, std::wstring& value, ULONG* pType = NULL)
356356
{
357357
WCHAR out_buffer[SBIE_CONF_LINE_LEN] = { 0 };
358358

@@ -365,6 +365,7 @@ struct SSandboxieAPI
365365
parms[2] = (ULONG64)setting.c_str();
366366
parms[3] = (ULONG64)&index;
367367
parms[4] = (ULONG64)&Output;
368+
parms[5] = (ULONG64)pType;
368369
NTSTATUS status = IoControl(parms);
369370

370371
value = std::wstring(out_buffer);
@@ -563,19 +564,34 @@ void CSandboxieAPI::QueryPathList(quint64 ProcessId, quint32 path_code, QStringL
563564
}
564565
}
565566

566-
#define CONF_GET_NO_GLOBAL 0x40000000L
567-
#define CONF_GET_NO_EXPAND 0x20000000L
568-
#define CONF_GET_NO_TEMPLS 0x10000000L
569-
570-
QList<QPair<QString, QString>> CSandboxieAPI::GetIniSection(const QString& BoxName, qint32* pStatus, bool withTemplates) const
567+
QList<CSandboxieAPI::SbieIniValue> CSandboxieAPI::GetIniSection(const QString& BoxName, qint32* pStatus, bool withTemplates, bool withGlobals) const
571568
{
572569
qint32 status = STATUS_SUCCESS;
573570

574571
int flags = CONF_GET_NO_EXPAND;
575572
if (!withTemplates)
576-
flags |= CONF_GET_NO_TEMPLS | CONF_GET_NO_GLOBAL;
573+
flags |= CONF_GET_NO_TEMPLS;
574+
if (!withGlobals)
575+
flags |= CONF_GET_NO_GLOBAL;
576+
577+
std::set<std::wstring> names;
578+
579+
if (withGlobals) {
580+
for (int setting_index = 0; ; setting_index++)
581+
{
582+
std::wstring setting_name;
583+
status = m->SbieIniGet(L"GlobalSettings", L"", setting_index | flags, setting_name);
584+
if (status == STATUS_RESOURCE_NAME_NOT_FOUND) {
585+
status = STATUS_SUCCESS;
586+
break;
587+
}
588+
if (status != STATUS_SUCCESS)
589+
break;
590+
591+
names.insert(setting_name);
592+
}
593+
}
577594

578-
QList<QPair<QString, QString>> Settings;
579595
for (int setting_index = 0; ; setting_index++)
580596
{
581597
std::wstring setting_name;
@@ -587,18 +603,27 @@ QList<QPair<QString, QString>> CSandboxieAPI::GetIniSection(const QString& BoxNa
587603
if (status != STATUS_SUCCESS)
588604
break;
589605

606+
names.insert(setting_name);
607+
}
608+
609+
610+
QList<SbieIniValue> Settings;
611+
612+
for (const std::wstring& setting_name : names)
613+
{
590614
for (int value_index = 0; ; value_index++)
591615
{
592616
std::wstring setting_value;
593-
status = m->SbieIniGet(BoxName.toStdWString(), setting_name, value_index | flags, setting_value);
617+
ULONG uType = 0;
618+
status = m->SbieIniGet(BoxName.toStdWString(), setting_name, value_index | flags, setting_value, &uType);
594619
if (status == STATUS_RESOURCE_NAME_NOT_FOUND) {
595620
status = STATUS_SUCCESS;
596621
break;
597622
}
598623
if (status != STATUS_SUCCESS)
599624
break;
600625

601-
Settings.append(qMakePair(QString::fromStdWString(setting_name), QString::fromStdWString(setting_value)));
626+
Settings.append(SbieIniValue { QString::fromStdWString(setting_name), uType, QString::fromStdWString(setting_value) });
602627
}
603628

604629
if (status != STATUS_SUCCESS)

TaskExplorer/API/Windows/SandboxieAPI.h

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,10 @@
22

33
#include <QObject>
44

5+
#define CONF_GET_NO_GLOBAL 0x40000000L
6+
#define CONF_GET_NO_EXPAND 0x20000000L
7+
#define CONF_GET_NO_TEMPLS 0x10000000L
8+
59
class CSandboxieAPI : public QObject
610
{
711
Q_OBJECT
@@ -25,7 +29,13 @@ class CSandboxieAPI : public QObject
2529

2630
void QueryPathList(quint64 ProcessId, quint32 path_code, QStringList& Paths) const;
2731

28-
QList<QPair<QString, QString>> GetIniSection(const QString& BoxName, qint32* pStatus = NULL, bool withTemplates = true) const;
32+
struct SbieIniValue
33+
{
34+
QString Name;
35+
quint32 Type = 0;
36+
QString Value;
37+
};
38+
virtual QList<SbieIniValue> GetIniSection(const QString& BoxName, qint32* pStatus = NULL, bool withTemplates = true, bool withGlobals = true) const;
2939

3040
quint32 QueryProcessInfoEx(quint64 ProcessId, quint32* pil = NULL, quint32* pit = NULL);
3141

TaskExplorer/API/Windows/SymbolProvider.cpp

Lines changed: 22 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,10 @@ struct SSymbolProvider
4848
PhDereferenceObject(SymbolProvider);
4949
SymbolProvider = NULL;
5050
}
51+
if (ThreadHandle) {
52+
NtClose(ThreadHandle);
53+
ThreadHandle = NULL;
54+
}
5155
}
5256

5357
HANDLE ProcessId;
@@ -438,33 +442,36 @@ void CStackProviderJob::Run(struct SSymbolProvider* m)
438442

439443
m_StackTrace = CStackTracePtr(new CStackTrace(m_ProcessId, m_ThreadId));
440444

441-
NTSTATUS status;
445+
NTSTATUS status = STATUS_SUCCESS;
442446
CLIENT_ID clientId;
443447

444448
clientId.UniqueProcess = (HANDLE)m_ProcessId;
445449
clientId.UniqueThread = (HANDLE)m_ThreadId;
446450

451+
if (!m->ThreadHandle)
452+
{
447453
// case PluginThreadStackInitializing:
448454
#ifdef WIN64
449-
HANDLE processHandle;
455+
HANDLE processHandle;
450456

451-
if (NT_SUCCESS(PhOpenProcess(&processHandle, PROCESS_QUERY_LIMITED_INFORMATION, clientId.UniqueProcess)))
452-
{
453-
PhGetProcessIsWow64(processHandle, &m->IsWow64);
454-
NtClose(processHandle);
455-
}
457+
if (NT_SUCCESS(PhOpenProcess(&processHandle, PROCESS_QUERY_LIMITED_INFORMATION, clientId.UniqueProcess)))
458+
{
459+
PhGetProcessIsWow64(processHandle, &m->IsWow64);
460+
NtClose(processHandle);
461+
}
456462
#endif
457463
//
458464

459-
PhLoadSymbolsThreadProvider(m);
465+
PhLoadSymbolsThreadProvider(m);
460466

461-
if (!NT_SUCCESS(status = PhOpenThread(&m->ThreadHandle, THREAD_QUERY_INFORMATION | THREAD_GET_CONTEXT | THREAD_SUSPEND_RESUME, (HANDLE)m_ThreadId)))
462-
{
463-
if (KphCommsIsConnected())
464-
{
465-
status = PhOpenThread(&m->ThreadHandle, THREAD_QUERY_LIMITED_INFORMATION, (HANDLE)m_ThreadId);
466-
}
467-
}
467+
if (!NT_SUCCESS(status = PhOpenThread(&m->ThreadHandle, THREAD_QUERY_INFORMATION | THREAD_GET_CONTEXT | THREAD_SUSPEND_RESUME, (HANDLE)m_ThreadId)))
468+
{
469+
if (KphCommsIsConnected())
470+
{
471+
status = PhOpenThread(&m->ThreadHandle, THREAD_QUERY_LIMITED_INFORMATION, (HANDLE)m_ThreadId);
472+
}
473+
}
474+
}
468475

469476
//case PluginThreadStackBeginDefaultWalkStack:
470477
if (theConf->GetBool("Options/DbgTraceDotNet", true))

TaskExplorer/API/Windows/WinAdmin.cpp

Lines changed: 9 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -320,9 +320,9 @@ bool SkipUacEnable (bool is_enable)
320320
return result;
321321
}
322322

323-
bool SkipUacRun (bool test_only)
323+
int SkipUacRun(bool test_only)
324324
{
325-
bool result = false;
325+
int result = 0;
326326

327327
ITaskService* service = nullptr;
328328
ITaskFolder* folder = nullptr;
@@ -337,7 +337,7 @@ bool SkipUacRun (bool test_only)
337337

338338
wchar_t szPath[MAX_PATH];
339339
if (!GetModuleFileName(NULL, szPath, ARRAYSIZE(szPath)))
340-
return false;
340+
return result;
341341

342342
MBSTR root (L"\\");
343343
MBSTR name (SKIP_UAC_TASK_NAME);
@@ -375,7 +375,7 @@ bool SkipUacRun (bool test_only)
375375
{
376376
if (test_only)
377377
{
378-
result = true;
378+
result = 1;
379379
}
380380
else
381381
{
@@ -400,13 +400,12 @@ bool SkipUacRun (bool test_only)
400400
if (SUCCEEDED(registered_task->RunEx(params, TASK_RUN_NO_FLAGS, 0, nullptr, &running_task)))
401401
{
402402
UINT8 count = 3; // try count
403+
TASK_STATE state = TASK_STATE_UNKNOWN;
403404

404405
do
405406
{
406407
QThread::msleep(250);
407408

408-
TASK_STATE state = TASK_STATE_UNKNOWN;
409-
410409
running_task->Refresh();
411410
running_task->get_State(&state);
412411

@@ -421,13 +420,16 @@ bool SkipUacRun (bool test_only)
421420
state == TASK_STATE_READY
422421
)
423422
{
424-
result = true;
423+
result = 1;
425424
}
426425

427426
break;
428427
}
429428
} while (count--);
430429

430+
if(state == TASK_STATE_UNKNOWN)
431+
result = -1;
432+
431433
running_task->Release();
432434
}
433435
}

TaskExplorer/API/Windows/WinAdmin.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ int RestartElevated(int &argc, char **argv);
88
bool IsAutorunEnabled();
99
bool AutorunEnable(bool is_enable);
1010

11-
bool SkipUacRun(bool test_only);
11+
int SkipUacRun(bool test_only);
1212
bool SkipUacEnable(bool is_enable);
1313

1414
void create_process_as_trusted_installer(std::wstring command_line);

TaskExplorer/API/Windows/WinProcess.cpp

Lines changed: 10 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -604,6 +604,16 @@ bool CWinProcess::InitStaticData(bool bLoadFileName)
604604
}
605605
}
606606

607+
// codepage, very slow on win 10 !!!
608+
if (m->IsHandleVmRead)
609+
{
610+
USHORT codePage;
611+
if (NT_SUCCESS(PhGetProcessCodePage(m->QueryHandle, &codePage)))
612+
{
613+
m->CodePage = codePage;
614+
}
615+
}
616+
607617
// WSL
608618
if (WindowsVersion >= WINDOWS_10_22H2 && m->QueryHandle)
609619
{
@@ -1074,13 +1084,6 @@ bool CWinProcess::UpdateDynamicData(struct _SYSTEM_PROCESS_INFORMATION* Process,
10741084

10751085
if (m->IsHandleVmRead)
10761086
{
1077-
USHORT codePage;
1078-
if (NT_SUCCESS(PhGetProcessCodePage(m->QueryHandle, &codePage)))
1079-
{
1080-
m->CodePage = codePage;
1081-
}
1082-
1083-
10841087
ULONG bitmapCount;
10851088
ULONG bitmapExpansionCount;
10861089
if (NT_SUCCESS(PhGetProcessTlsBitMapCounters(m->QueryHandle, &bitmapCount, &bitmapExpansionCount)))

0 commit comments

Comments
 (0)