Загадка.


??? ??? ????????? ???????? ????? ?????? ?????????? ????????????? ??????, ??????? ??? ????? ?? ???? “FileVersion” ??????? VS_VERSION_INFO ????? ??????. ??? ?????? ?????????? ??? ?????? ???????? ????????? ??????. ??? ?????? ? VS_VERSION_INFO ???????????? ??????????? ?????????? version.dll.

(????? ???? ????? ????)

#define _WIN32_WINNT 0x0501

#include <windows.h>
#include <stdio.h>

void printFileVersion(
    const char* module
    )
{
    DWORD handle;
    
    // Query size of the buffer we will need
    DWORD size = GetFileVersionInfoSize(module, &handle);
    
    if (size)
    {
        char* buffer = new char[size];
        
        // Get own version information
        BOOL res = GetFileVersionInfo(module, handle, size, buffer);
        
        if (res)
        {
            void* ptr;
            UINT length;
            
            // Get FileVersion from English section of version information
            res = VerQueryValue(buffer, "\\StringFileInfo\\040904B0\\FileVersion", &ptr, &length);
            
            if (res)
            {
                // Print FileVersion
                printf("File Version: '%s'\n", ptr);
            }
        }
        
        delete[] buffer;
    }
}

int __cdecl main(
    int argc,
    const char* argv[]
    )
{
    if (argc < 1 || argc > 2)
    {
        printf("Usage: fileversion.exe <module-name>\n");
        exit(0);
    }
    
    char buffer[MAX_PATH];
    DWORD size = ExpandEnvironmentStrings(argv[1], buffer, MAX_PATH);
    
    if (size > 0 && size <= MAX_PATH)
    {
        printFileVersion(buffer);
    }
    
    return 0;
}

????????, ??? “%windir%\system32\notepad.exe” ?? ???? ?????? ?????????:

> fileversion.exe %windir%\system32\notepad.exe
File Version: '6.0.6000.16386 (vista_rtm.061101-2205)'

?????, ???????????, ??? ?? ?????????? 32-? ?????? ??????? fileversion.exe ? ?? ????? ???????? ?????? 64-? ?????????? ??????, ?????????????? ? %windir%\system32. Wow64 ?????????????? ??? ???????? ???????? ?? %windir%\system32 ? %windir%\syswow64. ??????????????, ??? ????? ????????? ??????????????? ?? ????? ?????? ???????? ?? ?????:

#if !defined(_WIN64)
BOOL isWow64()
{
    BOOL retval = FALSE;
    if (!IsWow64Process(GetCurrentProcess(), &retval))
    {
        retval = FALSE;
    }
    
    return retval;
}
#endif

int __cdecl main(
    int argc,
    const char* argv[]
    )
{
    if (argc < 1 || argc > 3)
    {
        printf("Usage: fileversion.exe <module-name> [native]\n");
        exit(0);
    }
    
#if !defined(_WIN64)
    PVOID FsRedirection;

    if (argc > 2 && isWow64())
    {
        // Disable Wow64 redirection if asked by a user
        Wow64DisableWow64FsRedirection(&FsRedirection);
    }
#endif
    
    char buffer[MAX_PATH];
    DWORD size = ExpandEnvironmentStrings(argv[1], buffer, MAX_PATH);
    
    if (size > 0 && size <= MAX_PATH)
    {
        printFileVersion(buffer);
    }
    
#if !defined(_WIN64)
    if (argc > 2 && isWow64())
    {
        // Restore Wow64 redirection
        Wow64RevertWow64FsRedirection(FsRedirection);
    }
#endif
    
    return 0;
}

??????: ?????? ??????? ???????? ?????? ?????? ????? ??????? ??? ????? ?????????? ??? ???????, ??? ??????????????? ???????? ??????? ??????????

(115c.574): Unknown exception - code c06d007e (!!! second chance !!!)
KERNEL32!RaiseException+0x58:
00000000`7532f35f c9              leave
0:000:x86> k
ChildEBP          RetAddr           
0017fd60 00402080 KERNEL32!RaiseException+0x58
0017fdc8 0040119e rabbit!__delayLoadHelper2+0x13b [f:\sp\vctools\delayimp\delayhlp.cpp @ 331]
0017fe0c 0040115b rabbit!_tailMerge_VERSION_dll+0xd
0017ff30 004014a6 rabbit!main+0x8b [d:\projects\notepad2a\trunk\boost\rabbit\main.cpp @ 82]
0017ff80 004012fd rabbit!__tmainCRTStartup+0x1a6 [f:\sp\vctools\crt_bld\self_x86\crt\src\crtexe.c @ 597]
0017ff88 7538e3f3 rabbit!mainCRTStartup+0xd [f:\sp\vctools\crt_bld\self_x86\crt\src\crtexe.c @ 414]
0017ff94 76fccfed KERNEL32!BaseThreadInitThunk+0xe
0017ffd4 76fcd1ff ntdll_76f50000!__RtlUserThreadStart+0x23
0017ffec 00000000 ntdll_76f50000!_RtlUserThreadStart+0x1b

Cross-posted from blog.not-a-kernel-guy.com.

Skip to main content