#define NUMBER_HASH_BUCKETS 37
#define OBJECT_TO_OBJECT_HEADER(o) ((POBJECT_HEADER)CONTAINING_RECORD((o), OBJECT_HEADER, Body))
typedef struct _OBJECT_DIRECTORY_ENTRY {
struct _OBJECT_DIRECTORY_ENTRY *ChainLink;
PVOID Object;
} OBJECT_DIRECTORY_ENTRY, *POBJECT_DIRECTORY_ENTRY;
typedef struct _OBJECT_DIRECTORY {
struct _OBJECT_DIRECTORY_ENTRY *HashBuckets[ NUMBER_HASH_BUCKETS ];
struct _OBJECT_DIRECTORY_ENTRY **LookupBucket;
BOOLEAN LookupFound;
USHORT SymbolicLinkUsageCount;
struct _DEVICE_MAP *DeviceMap;
} OBJECT_DIRECTORY, *POBJECT_DIRECTORY;
static UNICODE_STRING DirectoryUnicode = RTL_CONSTANT_STRING(L"Directory"
;
VOID WalkDirectory(POBJECT_DIRECTORY Directory, POBJECT_TYPE Type)
{
ULONG Bucket;
POBJECT_DIRECTORY_ENTRY DirectoryEntry;
POBJECT_DIRECTORY_ENTRY DirectoryEntryNext;
PVOID Object;
POBJECT_HEADER ObjectHeader;
POBJECT_TYPE ObjectType;
POBJECT_NAME_INFORMATION ObjectName;
ULONG dwRetLength;
for(Bucket = 0; Bucket < NUMBER_HASH_BUCKETS; Bucket++)
{
DirectoryEntry = DirectoryEntryNext = Directory->HashBuckets[Bucket];
while (MmIsAddressValid(DirectoryEntryNext))
{
Object = DirectoryEntryNext->Object;
ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
ObjectType = ObjectHeader->ObjectType;
ObQueryNameString(Object, NULL, 0, &dwRetLength);
ObjectName = (POBJECT_NAME_INFORMATION)ExAllocatePool(NonPagedPool, dwRetLength);
ObQueryNameString(Object, ObjectName, dwRetLength, &dwRetLength);
if (ObjectType == Type)
{
DbgPrint("%wZ: %wZ -> %p", &Type->ObjectTypeName, ObjectName, Object);
}
else
{
if (RtlCompareUnicodeString(&ObjectType->ObjectTypeName, &DirectoryUnicode, FALSE) == 0)
{
WalkDirectory((POBJECT_DIRECTORY)Object, Type);
}
}
ExFreePool(ObjectName);
DirectoryEntryNext = DirectoryEntryNext->ChainLink;
}
}
}
VOID ScanDirectory(PWCHAR DirName, POBJECT_TYPE DirType)
{
UNICODE_STRING DirectoryName = RTL_CONSTANT_STRING(DirName);
OBJECT_ATTRIBUTES ObjectAttributes = RTL_INIT_OBJECT_ATTRIBUTES(&DirectoryName, OBJ_CASE_INSENSITIVE);
NTSTATUS Status;
HANDLE Handle = NULL;
POBJECT_DIRECTORY Directory = NULL;
PDRIVER_OBJECT *Objects = NULL;
Status = ZwOpenDirectoryObject(&Handle, DIRECTORY_QUERY, &ObjectAttributes);
if (NT_SUCCESS (Status))
{
Status = ObReferenceObjectByHandle(Handle, FILE_READ_ACCESS, NULL, KernelMode, (PVOID *)&Directory, NULL);
if (NT_SUCCESS (Status))
{
WalkDirectory(Directory, DirType);
ObDereferenceObject(Directory);
}
ZwClose(Handle);
}
}
NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath)
{
ScanDirectory(L"\\Driver", *IoDriverObjectType);
ScanDirectory(L"\\Device", *IoDeviceObjectType);
return STATUS_UNSUCCESSFUL;
}
