jumper

For the brave, here is a COMDLG32.DLL with PrintDlgExA: <attachment removed> Extract COMDLG32.DLL and ComDlgEx.dll into <system>, or put them in a test app's local folder and remove COMDLG32.DLL from KnownDLLs. COMDLG32.DLL was extended with fwd.02 (now working, not posted yet). The PrintDlgExA sources (.c + .def) for ComDlgEx.dll are included. I have high confidence in the validity of the export forwarding in this COMDLG32.DLL (Dependency Walker and PEinfo both like it). The structure translation in PrintDlgExA should be good enough to yield positive results. There were seven downloads before I decided to remove the attachment--if anyone has any results at all, please give us all a report!

Manually repackaging drivers is not easy. Any tools to aid that process would be very useful. Perhaps a repository could contain original drivers along with repackaging instructions or a config file(s) for any tool(s) used. For now, anyone who has managed to get a non-9x hardware driver to work on their 9x system, please create a topic thread containing the details (including where to download the original driver).

For years, I've been using John Lajoie's RamDisk98 v0.5, the forerunner to Cenatek Win9xMe 1.5. When programming, I redirect all project intermediate files to ramdisk, greatly speeding the build process. From the readme.txt file: RamDisk98 is a Windows port driver that emulates as fully as possible the low-level functionality of a hard disk (up to 2GB!) or a 1.44MB or 2.88MB floppy drive. The boot sector of the disk is complete enough to permit the disk to be made bootable with the sys command. RamDisk98 is the only RAM disk driver for Windows that allows you to create a bootable disk image in RAM (that I know of anyway). RamDisk98 also supports much larger disks than Microsoft's ramdrive.sys (which is limited to 32MB). The RamDisk98 drive can also be compressed using Windows DriveSpace. For RAM disks configured as hard disks, RamDisk98 can be configured to allow the user to select the drive letter. In addition, RamDisk98 can be configured to automatically load a disk image at startup and save the image to disk at shutdown. This allows the RAM disk to function almost exactly like a hard disk - no data is lost when the power is turned off! In addition, it makes RamDisk98 an ideal tool for creating disk images for bootable CD- ROMs. ... The RAM disk driver core in RamDisk98 is based upon the source code provided with Walter Oney's excellent book Systems Programming for Windows 95 from Microsoft Press. What I did was to pick up where he left off by trying to improve the boot sector initialization of the disk (and fix a few of Walter's bugs) to properly emulate a hard disk or a 1.44MB or 2.88MB floppy drive.

SYS drivers are PE files and can be updated with fwd.01: WDMAUD.SYS imports from KS.SYS; just now I was able to use fwd.01 to add two new functions to KS.SYS. VXD drivers are LE files. I don't know how their imports work, but if they import from any PE files (others drivers or DLLs) they are also supported. Or vice versa, perhaps. Actually, it looks like the two methods will be complementary. (BTW, fwd does not patch drivers, it is a DLL extender.) Dependency Walker seems to think so for KS.SYS exports (imported by WDMAUD.SYS). Or maybe those are only standard exports. Where might I find documentation for "WDM Exports" so I can add support?

MSDOS.SYS Complete Reference Table MSDOS.SYS [Options] BootWarn=0

The number of export functions in a DLL is usually the same as the number of export names. Fwd.01 adjusts all the pointers correctly if this is true. Comdlg32.dll has one more function address pointer than name address and name address ordinal pointers, thus the current issue. Fwd.01 is also limited by the amount of slack space in the logical section following the existing export table. These two issues will be addressed in the next version. In addition to providing an API expansion solution that is complementary to KernelEx for applications, it should also be complementary to WDMSTUB for drivers.

fwd: DLL forwarder For inserting new exports into a primary DLL that forward to a secondary DLL Also: Correct the Link Checksum of any PE file fwd.03.zip Features: Displays Export Table and corrects Link Checksum of primary DLL or PE file. Adds forwarders to the primary DLL for all functions exported by name from the secondary DLL. Original primary file is backed up if changed. TimeDateStamp and MinorVersion fields of IMAGE_EXPORT_DIRECTORY are bumped by one per function added. Usage: fwd primary.dll [secondary.dll] Outputs:primary.dll, fwd.log, primary.<nnn> Notes: For drag-and-drop launching, select one or two DLLs and then drag the primary onto fwd.exe. For SendTo launching, select one or two DLLs and then right-click on the primary DLL. To do: Expand size of physical section containing export table when needed. Append ".DLL" to filenames when needed for easier command-line launching. Dialog box for interactive selection of functions by name or ordinal, with renaming option. Older versions:fwd.01.exe fwd.02.zip

I've been working hard on this problem and should have a major announcement by tonight (bigger than just PrintDlgEx). <edit>Today didn't go as planned and I've been away from my computer all day. So here's a sneak preview: fwd. </edit>

Perhaps we should consider a bi-level development effort that include a heavy-duty build environment for the maintainer(s) (or anyone wishing to do a full build), and a light-weight development system for contributors. Has anyone used LCC, Lcc-win32, or Pelles C? Actually, any language could be used for contributed modules. Any compiler/linker that can produce a PE32 DLL would do. The core would just need to be modified to scan all DLLs in the KernelEx folder for a function before using an internal stub or failing.

MSDN - Using Common Dialog Boxes Displaying the Print Dialog Box Using the Print Property Sheet HRESULT WINAPI PrintDlgExA (PRINTDLGEX *pPdex) { PRINTDLG pd; pd.lStructSize = sizeof(PRINTDLG); pd.hwndOwner = pPdex->hwndOwner; pd.hDevMode = pPdex->hDevMode; pd.hDevNames = pPdex->hDevNames; pd.hDC = pPdex->hDC; pd.Flags = PD_USEDEVMODECOPIESANDCOLLATE | PD_RETURNDC; // pPdex->Flags; pd.nCopies = 1; pd.nFromPage = 0xFFFF; pd.nToPage = 0xFFFF; pd.nMinPage = pPdex->nMinPage; pd.nMaxPage = pPdex->nMaxPage; pd.nCopies = pPdex->nCopies; pd.hInstance = pPdex->hInstance; pd.lCustData = 0; pd.lpfnPrintHook = NULL; pd.lpfnSetupHook = NULL; pd.lpPrintTemplateName = pPdex->lpPrintTemplateName; pd.lpSetupTemplateName = NULL; pd.hPrintTemplate = NULL; pd.hSetupTemplate = NULL; if (PrintDlgA (&pd)) { pPdex->dwResultAction = 1; // Print //pPdex->lStructSize; //pPdex->hwndOwner; pPdex->hDevMode = pd.hDevMode; pPdex->hDevNames = pd.hDevNames; pPdex->hDC = pd.hDC; //pPdex->Flags; //pPdex->Flags2; //pPdex->ExclusionFlags; pPdex->nPageRanges = 0; pPdex->nMaxPageRanges = 0; pPdex->lpPageRanges = NULL; pPdex->nMinPage = pd.nMinPage; pPdex->nMaxPage = pd.nMaxPage; pPdex->nCopies = pd.nCopies; //pPdex->hInstance; //pPdex->lpPrintTemplateName; //pPdex->lpCallback; //pPdex->nPropertyPages; //pPdex->*lphPropertyPages; //pPdex->nStartPage; } else { pPdex->dwResultAction = 0; // Cancel } return 0; // S_OK; } I haven't researched and doubled checked every field yet--some are guesses. What am I missing before I try to compile it? Does anyone know if PRINTDLG is packed? If so, all DWORDs after the five WORDs are misaligned!

As previously mentioned in the SP3 thread, six files in SP3 contain references to PrintDlgEx: - tweakui.cpl, hypertrm.dll, mfc70.dll, mfc70u.dll, mfc71.dll, mfc71u.dll Dependency Walker reports "Warning: At least one module has an unresolved import due to a missing export function in a delay-load dependent module." in all but hypertrm.dll. I've searched all my local exe and dll files and can't find any meaningful references to PrintDlgEx other than in mfc7*. I'm searching now for references to mfc7--if I don't find much, it might not be much of an issue for apps that don't otherwise need Kex. mfc7 references found in: - video2smv.exe / smv.dll - SUPERsetup.exe - vdm_free.exe - avformat-52.dll (ffmpeg) I'm on my way out the door right now--I'll post translation code for review tonight.

I've removed NT Services from the wish list. If anyone wants it back on, they'll need to be very specific about what feature they want to see and very persuasive as to why it can only be implemented as a service.

Patching the KernelEx stub does nothing for those who don't use KernelEx. Having the KernelEx stub source is only useful if I do recompile it. The safest and most efficient strategy would be to recompile rather than patch KernelEx. Since I'm still working on getting KernelEx to compile, I should probably finish that step first.

Several weeks ago I was investigating this exact problem. PrintDlgEx uses a new PRINTDLGEX parameter structure that is incompatible with PrintDlg's new PRINTDLG. If we can implement an even semi-functional PrintDlgEx, it would probably go a long way towards solving printing issues in many new apps. KernelEx currently has a stub for PrintDlgEx that just returns an error. That stub could be rewritten to call PrintDlg, translating between parameter structures. I think I can patch comdlg32.dll to export PrintDlgEx instead of PrintDlg and inject the needed translation code into the existing function. This patched version would no longer export PrintDlg, so would have to be stored local to the app (not in <system>); or it could be renamed comdlgex.dll and apps would need to have their imports patched to access it. I have also been considering ways to inject the needed translation code directly into the calling app. Another possibility is to redirect the call, not to PrintDlg, but to the custom print dialog of another (MS?) app. If we can find one that uses the new PRINTDLGEX structure, that would be ideal. Research in this area would be very helpful MSDN: PRINTDLG typedef struct tagPD { DWORD lStructSize; HWND hwndOwner; HGLOBAL hDevMode; HGLOBAL hDevNames; HDC hDC; DWORD Flags; WORD nFromPage; WORD nToPage; WORD nMinPage; WORD nMaxPage; WORD nCopies; HINSTANCE hInstance; LPARAM lCustData; LPPRINTHOOKPROC lpfnPrintHook; LPSETUPHOOKPROC lpfnSetupHook; LPCTSTR lpPrintTemplateName; LPCTSTR lpSetupTemplateName; HGLOBAL hPrintTemplate; HGLOBAL hSetupTemplate; } PRINTDLG, *LPPRINTDLG; MSDN: PRINTDLGEX typedef struct tagPDEX { DWORD lStructSize; HWND hwndOwner; HGLOBAL hDevMode; HGLOBAL hDevNames; HDC hDC; DWORD Flags; DWORD Flags2; DWORD ExclusionFlags; DWORD nPageRanges; DWORD nMaxPageRanges; LPPRINTPAGERANGE lpPageRanges; DWORD nMinPage; DWORD nMaxPage; DWORD nCopies; HINSTANCE hInstance; LPCTSTR lpPrintTemplateName; LPUNKNOWN lpCallback; DWORD nPropertyPages; HPROPSHEETPAGE *lphPropertyPages; DWORD nStartPage; DWORD dwResultAction; } PRINTDLGEX, *LPPRINTDLGEX;

VidEdit (search for videdit.zip)

MS intended NtQueryInformationProcess to be an internal function for OS use only. Their tools don't let us static link to it, but they do. NtQueryInformationProcess provides process and thread details that cannot all be obtained through other APIs. As NtQueryInformationProcess is not available on 9x (and can't be simulated) any DLLs (or apps) that call it should be avoided! In your case it appears to be the version of ntdll.dll you are using that is the one to be avoided. If you really must use this version for a given app, unregister it from "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SessionManager\KnownDLLs" and put a copy of the dangerous version directly into the folder of any app that really needs it. The version in <system> should be a 9x-safe version! Also, KernelEx comes with a version of USERENV.dll; try copying it from <windir>\KernelEx to <system> to resolve that missing dependency issue.

I would open the file and map it as an array of dwords (using an existing function). If the data was presorted, a simple binary search would quickly find the count. Otherwise you're right, 73KB would still be too big for the PrivateProflle functions: Each line in an INI file would need one byte for the '=', one byte for the count, and one byte for the EOL marker. That leaves less than one byte for the name/hash/crc string! We might be able to get to 24 bits if we can: get below 16k functions by removing those with the most common count (1 or 2 maybe?); that count would become the default for functions not found group functions into sections and reclaim the '=' and <count> bytes. Early versions of ImportPatcher could batch process multiple files. When I added INI support, I found SE wasn't letting me access multiple PrivateProfile INI files. Once I picked one, I had to stick with it. So I dropped batch processing. Unless I can figure out how to easily work around this issue, even a single INI (in addition to the main #.ini) might not be an option. I don't think NtQueryInformationProcess can be static linked to--no import library for it. Though for completeness, a good idea to add it. Thanks.

Here is the aforementioned INI file with 18301 API parameters counts: APIParameterCounts.zip Last week I did try accessing it from IP using GetPrivateProfileString and it worked great--the first 64KB that is. The other 406KB - 64KB can't be accessed that way. I converted it to a REG file, hoping to be able to access it from the transient portion of the registry with RegQueryValue, but REG files can only add to the on-disk keys and that also takes several minutes. The current plan is to do a quick 27-bit hash or crc on the function names to reduce the data size (27+5 for the [0..23] count = 32). Or I might just split the data over seven INI files.

The trailing spaces are an indentation for a missing log message. This only happens when wsprintf encounters an error (usually an access violation in one of the parameters) and emits no text. I was able to reproduce this condition in a way that resembled divad's log file by intentionally using an invalid pointer for the delay-import ILT address. I then modified my PEfinder test app to search my local drives for apps with invalid delay-import ILT addresses. I found five. All had been UPX'ed. UPX compression abbreviates the import tables and corrupts the delay-import table (if any). This works because the system loader doesn't check the delay-import table and the UPX decompressor restores it for normal use later. Tools like Dependency Walker can only report that the address is invalid. Other compressors may also corrupt the delay-import table, but I found no such examples on my local drives. PEfinder also uncovered one app that stored the parallel ILT and IAT tables in different sections. In this case it wasn't a problem, but theoretically it could be. So I rewrote the rva-to-pointer routine to lookup every address in the section tables without making any assuptions, no matter how reasonable they might seem to be! Well, PEfinder only opens one file at a time, while ImportPatcher opens two (or more if walking) at a time. So the new rva-to-pointer routine was difficult to port and required lots of extra support code and modifications. However, IP.35 now seems to be working and will be released as soon I finish regression testing it.

I don't follow. The hypertrm.dll is from Winxp. I don't use kernelex. I only install it when testing the service pack. On December 19, I extracted all files from all four cabinets of the 'final' version of U98SESP3. These six files were in there. If you haven't removed HYPERTRM.DLL (and *.EXE, *.CHM, *.HLP) from SP3.CAB, then they are still in there. BTW, how did U98SESP3 go from "final" last month to "beta" this month? Shouldn't this beta be 3.1?

Yes, it's a great wish. I've quoted the entire discussion and replied on the 2012 Project Wish List thread in post #39.

The following discussion has Wish List written all over it. Would it be possible to limit the resources available to an app in any way other than to hook the various allocation and creation APIs to fail if the calling process has reached its limit?

These files all make delay-load calls to PrintDlgExA in COMDLG32.DLL which requires KernelEx (or a 2K version, not in this pack): HYPERTRM.DLL MFC70.DLL MFC70U.DLL MFC71.DLL MFC71U.DLL TWEAKUI.CPL

Have you tried FineSSE?

I use TaskInfo2000 v2.1 by Igor Arsenin Amongst many other things, for each process it lists: Data KB (total, in memory, in use) Code KB (total, in memory, in use) Handles count Windows It uses low resources itself, updates every two second, and shows most of what VWin32 reports (and much more).