CDefView::_GetPIDL函數分析之ListView_GetItem函數的參數item的item.mask 為LVIF_PARAM
第一部分:
1: kd> t
SHELL32!CDefView::_GetPIDL:
001b:77308013 55????????????? push??? ebp
1: kd> dv
?????????? this = 0x00000015
????????????? i = 0n21
?????????? pidl = 0x00040056
// This function checks to see if we are in virtual mode or not.? If we are in
// virtual mode, we always need to ask our folder we are viewing for the item and
// not the listview.
LPCITEMIDLIST CDefView::_GetPIDL(int i)
{
??? if (_IsOwnerData())
??? {
??????? LPCITEMIDLIST pidl = NULL;
??????? CallCB(SFVM_GETITEMIDLIST, i, (LPARAM)&pidl);
??????? return pidl;
??? }
??? return (LPCITEMIDLIST)LVUtil_GetLParam(_hwndListview, i);
}
第二部分:
1: kd> t
SHELL32!LVUtil_GetLParam:
001b:772c7714 55????????????? push??? ebp
1: kd> kc 12
?#
00 SHELL32!LVUtil_GetLParam
01 SHELL32!CDefView::_GetPIDL
02 SHELL32!CDefView::_GetItemArray
03 SHELL32!CDefView::_GetItemObjects
04 SHELL32!CDefView::_CreateSelectionShellItemArray
//
// Note that it returns NULL, if iItem is -1.
//
LPARAM LVUtil_GetLParam(HWND hwndLV, int i)
{
??? LV_ITEM item;
??? item.mask = LVIF_PARAM;
??? item.iItem = i;
??? item.iSubItem = 0;
??? item.lParam = 0;
??? if (i != -1)
??? {
??????? ListView_GetItem(hwndLV, &item);
??? }
??? return item.lParam;
}
// ListView Item structure
#define LVIF_TEXT?????????? 0x0001? // LV_ITEM.mask flags (indicate valid fields in LV_ITEM)
#define LVIF_IMAGE????????? 0x0002
#define LVIF_PARAM????????? 0x0004
#define LVIF_STATE????????? 0x0008
#define ListView_GetItem(hwnd, pitem) \
??? (BOOL)SNDMSG((hwnd), LVM_GETITEM, 0, (LPARAM)(LV_ITEM *)(pitem))
#define LVM_GETITEMA??????????? (LVM_FIRST + 5)
#define LVM_GETITEMW??????????? (LVM_FIRST + 75)?? ??? ??? ?push??? 104Bh
#ifdef UNICODE
#define LVM_GETITEM???????????? LVM_GETITEMW
#else
#define LVM_GETITEM???????????? LVM_GETITEMA
#endif
#define LVM_FIRST?????? 0x1000????? // ListView messages
第三部分:
1: kd> dv
??????????? plv = 0x00108d88
?????????? plvi = 0x013bf8a4
???????????? nm = struct tagLVDISPINFOW
1: kd> dx -id 0,0,896d1020 -r1 ((comctl32!tagLVITEMW *)0x13bf8a4)
((comctl32!tagLVITEMW *)0x13bf8a4)???????????????? : 0x13bf8a4 [Type: tagLVITEMW *]
??? [+0x000] mask???????????? : 0x4 [Type: unsigned int]
??? [+0x004] iItem??????????? : 21 [Type: int]
??? [+0x008] iSubItem???????? : 0 [Type: int]
??? [+0x00c] state??????????? : 0x100c [Type: unsigned int]
??? [+0x010] stateMask??????? : 0xffffffff [Type: unsigned int]
??? [+0x014] pszText????????? : 0x772c74e9 : 0x10c2 [Type: unsigned short *]
??? [+0x018] cchTextMax?????? : 4108 [Type: int]
??? [+0x01c] iImage?????????? : 1083208 [Type: int]
??? [+0x020] lParam?????????? : 0 [Type: long]?? ??? ??? ?lParam?????????? : 0
??? [+0x024] iIndent????????? : 20707516 [Type: int]
??? [+0x028] iGroupId???????? : 524288 [Type: int]
??? [+0x02c] cColumns???????? : 0x13bfb20 [Type: unsigned int]
??? [+0x030] puColumns??????? : 0x77456e76 : 0x209c25ff [Type: unsigned int *]
BOOL ListView_OnGetItem(LV* plv, LV_ITEM* plvi)
{
??????? pitem = ListView_FastGetItemPtr(plv, plvi->iItem);
??????? if (mask & LVIF_PARAM)
??????? {
??????????? plvi->lParam = pitem->lParam;
??????? }
1: kd> dt LISTITEM 0010fe68
comctl32!LISTITEM
?? +0x000 pszText????????? : 0x00111770? -> 0x4e
?? +0x004 pt?????????????? : tagPOINT
?? +0x00c iImage?????????? : 0n115
?? +0x00e cxSingleLabel??? : 0n119
?? +0x010 cxMultiLabel???? : 0n70
?? +0x012 cyFoldedLabel??? : 0n28
?? +0x014 cyUnfoldedLabel? : 0n28
?? +0x016 iWorkArea??????? : 0n0
?? +0x018 state??????????? : 3
?? +0x01a iIndent????????? : 0n0
?? +0x01c lParam?????????? : 0n1168016?? ??? ??? ??? ?+0x01c lParam?????????? : 0n1168016
?? +0x020 hrgnIcon???????? : (null)
?? +0x024 ptRgn??????????? : tagPOINT
?? +0x02c rcTextRgn??????? : tagRECT
?? +0x03c pGroup?????????? : 0xffffffff tagLISTGROUP
?? +0x040 cColumns???????? : 0xffffffff
?? +0x044 puColumns??????? : (null)
?? +0x048 dwId???????????? : 0x1d
第四部分:
1: kd> g
Breakpoint 34 hit
SHELL32!LVUtil_GetLParam+0x32:
001b:772c7746 8b45ec????????? mov???? eax,dword ptr [ebp-14h]
1: kd> r
eax=00000001 ebx=00000015 ecx=772c74e9 edx=00000004 esi=00108748 edi=0000100c
eip=772c7746 esp=013bf8a4 ebp=013bf8d8 iopl=0???????? nv up ei pl zr na pe nc
cs=001b? ss=0023? ds=0023? es=0023? fs=003b? gs=0000???????????? efl=00000246
SHELL32!LVUtil_GetLParam+0x32:
001b:772c7746 8b45ec????????? mov???? eax,dword ptr [ebp-14h] ss:0023:013bf8c4=0011d290
1: kd> dv
???????? hwndLV = 0x00040056
????????????? i = 0n21
?????????? item = struct tagLVITEMW
1: kd> dx -id 0,0,896d1020 -r1 (*((SHELL32!tagLVITEMW *)0x13bf8a4))
(*((SHELL32!tagLVITEMW *)0x13bf8a4))???????????????? [Type: tagLVITEMW]
??? [+0x000] mask???????????? : 0x4 [Type: unsigned int]
??? [+0x004] iItem??????????? : 21 [Type: int]
??? [+0x008] iSubItem???????? : 0 [Type: int]
??? [+0x00c] state??????????? : 0x100c [Type: unsigned int]
??? [+0x010] stateMask??????? : 0xffffffff [Type: unsigned int]
??? [+0x014] pszText????????? : 0x772c74e9 : 0x10c2 [Type: unsigned short *]
??? [+0x018] cchTextMax?????? : 4108 [Type: int]
??? [+0x01c] iImage?????????? : 1083208 [Type: int]
??? [+0x020] lParam?????????? : 1168016 [Type: long]?? ??? ??? ??? ?lParam?????????? : 1168016
??? [+0x024] iIndent????????? : 20707516 [Type: int]
??? [+0x028] iGroupId???????? : 524288 [Type: int]
??? [+0x02c] cColumns???????? : 0x13bfb20 [Type: unsigned int]
??? [+0x030] puColumns??????? : 0x77456e76 : 0x209c25ff [Type: unsigned int *]
第五部分:
1: kd> dt _ITEMIDLIST 0011d290
Explorer!_ITEMIDLIST
?? +0x000 mkid???????????? : _SHITEMID
1: kd> dx -id 0,0,896d1020 -r1 (*((Explorer!_SHITEMID *)0x11d290))
(*((Explorer!_SHITEMID *)0x11d290))???????????????? [Type: _SHITEMID]
??? [+0x000] cb?????????????? : 0x5e [Type: unsigned short]
??? [+0x002] abID???????????? [Type: unsigned char [1]]
1: kd> db 0x11d290
0011d290? 5e 00 32 00 00 00 00 00-66 5a c8 78 20 00 4e 45? ^.2.....fZ.x .NE
0011d2a0? 57 54 45 58 7e 31 2e 54-58 54 00 00 42 00 03 00? WTEX~1.TXT..B...
0011d2b0? 04 00 ef be 66 5a c8 78-66 5a c8 78 14 00 00 00? ....fZ.xfZ.x....
0011d2c0? 4e 00 65 00 77 00 20 00-54 00 65 00 78 00 74 00? N.e.w. .T.e.x.t.
0011d2d0? 20 00 44 00 6f 00 63 00-75 00 6d 00 65 00 6e 00?? .D.o.c.u.m.e.n.
0011d2e0? 74 00 2e 00 74 00 78 00-74 00 00 00 1c 00 00 00? t...t.x.t.......
與DeepSeek(一種強大的語言模型或AI能力)結合使用任務自動化和智能決策)
詳解)
)
)
)
——Less26-28)
)
