1.5.3

Small update.

Source/WinObjEx64/kldbg.c

@@ -4,9 +4,9 @@
 *
 *  TITLE:       KLDBG.C, based on KDSubmarine by Evilcry
 *
-*  VERSION:     1.52
+*  VERSION:     1.53
 *
-*  DATE:        08 Jan 2018
+*  DATE:        01 Apr 2018
 *
 *  MINIMUM SUPPORTED OS WINDOWS 7
 *
@@ -963,7 +963,7 @@ BOOL ObWalkPrivateNamespaceTable(
     _In_ ULONG_PTR TableAddress
 )
 {
-    BOOL          EntryFound;
+    BOOL          EntryFound, bCond = FALSE;
     INT           c, d;
     SIZE_T        retSize = 0;
     ULONG_PTR     ObjectHeaderAddress, item0, item1, InfoHeaderAddress, NameSpaceIdMax = 0L;
@@ -999,6 +999,9 @@ BOOL ObWalkPrivateNamespaceTable(
         Head = LookupTable.HashBuckets[c].Blink;
         Current = LookupTable.HashBuckets[c].Flink;
 
+        if ((Head == NULL) || (Current == NULL))
+            continue;
+
         do {
             RtlSecureZeroMemory(&LookupEntry, sizeof(OBJECT_NAMESPACE_ENTRY));
             if (!kdReadSystemMemory((ULONG_PTR)Current, &LookupEntry, sizeof(OBJECT_NAMESPACE_ENTRY))) {
@@ -1093,7 +1096,7 @@ BOOL ObWalkPrivateNamespaceTable(
                     } while (item1 != 0);
                 }
             }
-        } while ((Current != NULL) && (Current != Head));
+        } while (bCond);
     }
 
     return (!IsListEmpty(ListHead));

Source/WinObjEx64/objects.h

@@ -4,9 +4,9 @@
 *
 *  TITLE:       OBJECTS.H
 *
-*  VERSION:     1.52
+*  VERSION:     1.53
 *
-*  DATE:        08 Jan 2018
+*  DATE:        08 May 2018
 *
 *  Header file for internal Windows objects handling.
 *
@@ -50,7 +50,7 @@
 #define TYPE_TIMER                      16
 #define TYPE_SESSION                    17
 #define TYPE_CONTROLLER                 18
-#define TYPE_PROFILE				    19
+#define TYPE_PROFILE                    19
 #define TYPE_EVENTPAIR                  20
 #define TYPE_DESKTOP                    21
 #define TYPE_FILE                       22

Source/WinObjEx64/tests/testunit.c

@@ -268,13 +268,15 @@ VOID TestWinsta(
     HWINSTA hWinsta;
     PROP_OBJECT_INFO Context;
 
-    Context.lpCurrentObjectPath = L"\\Windows\\WindowStations";
-    //Context.lpCurrentObjectPath = L"\\Sessions\\1\\Windows\\WindowStations";
+    //Context.lpCurrentObjectPath = L"\\Windows\\WindowStations";
+    Context.lpCurrentObjectPath = L"\\Sessions\\1\\Windows\\WindowStations";
     Context.lpObjectName = L"Winsta0";
 
-    hWinsta = supOpenWindowStationFromContext(&Context, FALSE, READ_CONTROL);
-    if (hWinsta) {
+    hWinsta = OpenWindowStation(L"WinSta0", FALSE, WINSTA_ALL_ACCESS);
 
+    //hWinsta = supOpenWindowStationFromContext(&Context, FALSE, READ_CONTROL);
+    if (hWinsta) {
+        CloseHandle(hWinsta);
         CloseWindowStation(hWinsta);
         Status = RtlGetLastNtStatus();
         if (NT_SUCCESS(Status))

WinObjEx64.sha256

@@ -1,5 +1,5 @@
-0a821bc39180e43dc27e9aa0683c7a1dc1a648c5d0a055261af022f50aae32fe *Compiled\WinObjEx64.chm
-ae0347a42d8b440a8a3b444da8bbe20a4bbbb7feac9698b4bf87315ecedff343 *Compiled\WinObjEx64.exe
+f0eb8b15e4593c5082c66b9987e542c18eab7c0136eaeaedcdcd9119e05b7b56 *Compiled\WinObjEx64.chm
+fc101b477b9ef14b817b8340557d70bb5eda5da867474610541a9ca53744e0d1 *Compiled\WinObjEx64.exe
 5f27bf4571a21ec61ed93cfaa968cec04b622315984b789b3b64cee04f7870fe *Screenshots\FindObjectDialog.png
 b09d9668d6937de044b496a2d91cb74fb3e63a2d30aa15fcf75e322d95d4b0f3 *Screenshots\MainWindow.png
 f1d14d5f6e61317e7b9390dbbfb36c3b1e1c19a886a8f69b264a205d1945a447 *Screenshots\PropertiesDialog.png
@@ -25,15 +25,15 @@ ba272b1faf6cd3a8d8e554dd7dfff35abd1a8ffebb0280e8459112e855db9f83 *Source\WinObjE
 0d4c71c20abc65cea36408ccadea20299cfa67d63992b01d504767583bfb8191 *Source\WinObjEx64\global.h
 530b49b87a69ae214ebbb6ba5ca8d3f922b9772ee20e3907bcb48b1ac1c8084e *Source\WinObjEx64\instdrv.c
 5ab4e6a630152e02897f0ff346dcf0ae22fdbf2092f1243b9a0ce4e10fadaddd *Source\WinObjEx64\instdrv.h
-2f7f513b63693aff8164349983b843afe612bcd1c3299f894527fb0a3728c278 *Source\WinObjEx64\kldbg.c
+72498cfe373688d96055b901c411d8a11a8e2ac9904660b0a06a63539a6ee9e1 *Source\WinObjEx64\kldbg.c
 f351015b6497ca4ae9b348a34a64ff4cbcc3b759c2e637d99e643c04b0a2ccae *Source\WinObjEx64\kldbg.h
 13f06cdd6ee7b2e6ce203329f81f96588ead571e287edf844ecbbeeaa0bc8da9 *Source\WinObjEx64\list.c
 b311dfa9882435a609a965066b7e4e607c3723b6be3e134cf0d120913dc1b225 *Source\WinObjEx64\list.h
 14113bc6bd500a38fe4b4a54de13437c22ea7fb8e38adff71ca2ffaa691ecb92 *Source\WinObjEx64\main.c
 f0ff77342a614f4ef0f39d67451014761643bed9cd904177d8ca09b0f8b7f994 *Source\WinObjEx64\objects.c
-01a948f28d76e693f93c03ab64a06d572c3b547374a522ce65d95a8105c434c4 *Source\WinObjEx64\objects.h
+694eaed4eb2e5256c184d03e44b1d9478978a96ed3341afde237e322f52b9b57 *Source\WinObjEx64\objects.h
 c241d7e25de6446fd6d51f1b37c9dcb614ed286fef926b853ff60da5dc2f67ae *Source\WinObjEx64\resource.h
-134cc220e29ae9755c07a768660085ea73e0f0ec7f5ea5e321fdaa14af76a81e *Source\WinObjEx64\Resource.rc
+d5c66af2be6c5dacdc2e60e4981a6452f80573e182f95e0d9860dff1358d53c4 *Source\WinObjEx64\Resource.rc
 02195602da2abfe73f31f351f6d299d17c10ebb4c86c01472235d26ea74460bf *Source\WinObjEx64\sup.c
 18f1a416b73216b9bd51f417ca50165fb20a5c9415ebc4df4ee91ac385f53ac5 *Source\WinObjEx64\sup.h
 43234dad977900114521a5e28b2228bb5967f877bceb9b0d461ed64135d7789f *Source\WinObjEx64\supConsts.h
@@ -163,5 +163,5 @@ bf3105d704464eb6fdb0f722e0d9baec7f7951337826c9e774330ad8070a971b *Source\WinObjE
 d4876437f5ea4c307b3894ff6a4ccd10922a366167104bb78b1103ebadd4f483 *Source\WinObjEx64\rsrc\mailslot.ico
 4af9d3481fbe6423bb5b0187a3d5ea165b962aa0f53ce32502a85788c2575f94 *Source\WinObjEx64\rsrc\obex.manifest
 9c908e205f42861f5ce840cf07886009fe7fad09352820508757ae8d8f6a34ae *Source\WinObjEx64\rsrc\pipe.ico
-51381e5aa9858d311aedc1019624c7aa95c5601142bce3f94f078ac8db1c198e *Source\WinObjEx64\tests\testunit.c
+5e7b2e34173218b228f085f83c3a2c45dd6de3f799799de2e58a3e62462f4fb7 *Source\WinObjEx64\tests\testunit.c
 c9157421ca564c6676a1f70557fa909b16dbb3f6a4d799ce850f331177043f4b *Source\WinObjEx64\tests\testunit.h