If the console window has a full eight-digit handle my custom printf
would get stuck in a loop, causing CMD to seemingly freeze. Do what I
really should have done in the first place and make it more robust.
Windows 10's MSVCRT will only work if the Win32 version in the header is
0 or 10. Some PE's use it for something else, so when the DLL is
injected the process fails. Provide custom routines for the C functions
used, so the DLL only depends on KERNEL32.
With the DLL independent of the CRT that would mean the exe would either
also need to be independent, or the source files would need to be built
twice (or just remove a linker warning). Another option is to export
the functions from the DLL and have the exe import them, which turned
out to simplify things quite nicely.
A process that has a really long command line would not log properly, so
double the heap to accommodate it.
If ANSICON_DEF could not be parsed the default attribute would be zero
(black on black). Use 7 or -7 instead.
Windows 8 and later require the IDT to be within a section when there's
no IAT. This prevents relocated imports from working, so we cannot add
ourself to the import table. Use `LdrLoadDll` via `CreateRemoteThread`
for such a situation.
Prevent loading more libraries than necessary, so load WINMM the first
time the bell is used and use the CRT printf functions to avoid loading
USER32 at all.
I was also going to remove MSVCRT, but that turned out to be more
trouble than it's worth. However, a side-effect that I kept is
replacing bsearch with a dedicated search routine.
Just copying the history from the source:
recognize the standard handle defines in WriteFile;
minor speed improvement by caching GetConsoleMode;
keep track of three handles (ostensibly stdout, stderr and a file);
test a DOS header exists before writing to e_oemid;
more flexible/robust handling of data directories;
files writing to the console will always succeed;
log: use API file functions and a custom printf;
add a blank line between processes;
set function name for MyWriteConsoleA;
scan imports from "kernel32" (without extension);
added dynamic environment variable CLICOLOR;
removed _hwrite (it's the same address as _lwrite);
join multibyte characters split across separate writes;
remove wcstok, avoiding potential interference with the host;
similarly, use a private heap instead of malloc.
-p uses CreateRemoteThread, determining kernel32.dll & LLW dynamically.
Loading via LoadLibrary will remember the current attributes, restoring them on
unload.
Tweaked log output (remove quotes around CreateProcess command line; add an
underscore to 64-bit addresses).
ansicon.exe will really output (to the console) strings as Unicode.
Fixed ansicon.exe, if installed, restoring the default attributes, not current.
ansicon.exe will start with ANSICON_DEF (if defined and -m not used).
for ANSI-LLW.exe.
Set the code page so ansicon.exe can display some strings properly.
Expand wildcards for -t.
VC6 can now compile the 32-bit version; use it for the release binaries.
Improvements to the VC makefile.
Describe the sequences in a bit more detail.
Added environment variable ANSICON_EXC to specify modules that should not be
hooked. This should work around the nvd3d9wrap.dll issue. Since it helps to
know what the modules are, logging is now always available, controlled by -l
or ANSICON_LOG. A side-effect caused debugstr.c to move to util.c.
GUI programs are once again not hooked, unless run by "ansicon" directly or in
the ANSICON_GUI environment variable. Since not hooking still leaves ANSICON in
the environment, created ANSICON_VER as a dynamic-only variable, which can also
serve as a version check.
Due to an email requesting a reverse video option, realised I always take the
current attributes as default. This means if you turned on reverse and ran a
program, it would take the reverse as its default. Created ANSICON_DEF variable
to explicitly set the default attribute, using the current if it doesn't exist.
The reverse video option is done via a "negative" attribute (e.g. "-m-f0" is
reversed black on white, meaning you'll get white on black, with foreground
sequences changing the background). (The difference from "\e[7m" is that it
won't be reset on "\e[m".)
A child program will inherit the parent's modes (but not shift); the parent will
read the child's modes on exit (but not unload). The exception is "ansicon",
which will always start with the default modes and leave the parent unchanged.
Improved the AutoRun entry, only running "ansicon" if ANSICON_VER doesn't exist.
The "ansicon" command is always first.
Stopped -u implying -p; return the program's exit code; don't restore the
original color when just using -p; output error messages to stderr.
