From 64d75969160016765e0072335233429c22b4ef9b Mon Sep 17 00:00:00 2001
From: 4d61726b <55967456+4d61726b@users.noreply.github.com>
Date: Sat, 22 Jun 2024 20:00:43 -0400
Subject: [PATCH] Avoid using RtlImageNtHeader from the context of kdcom. This
 should fix ReactOS support

---
 VirtualKD-Redux/Lib/kdvmguestlib/kdvm.cpp | 47 +++++++++++++++++++++--
 VirtualKD-Redux/createbundles.bat         |  8 ++--
 2 files changed, 47 insertions(+), 8 deletions(-)

diff --git a/VirtualKD-Redux/Lib/kdvmguestlib/kdvm.cpp b/VirtualKD-Redux/Lib/kdvmguestlib/kdvm.cpp
index 83a5d25..8b0c286 100644
--- a/VirtualKD-Redux/Lib/kdvmguestlib/kdvm.cpp
+++ b/VirtualKD-Redux/Lib/kdvmguestlib/kdvm.cpp
@@ -56,8 +56,47 @@ ULONG KdVMGetActiveCallCount()
     return KdVmActiveCallCount;
 }
 
-extern "C" NTSYSAPI PIMAGE_NT_HEADERS NTAPI RtlImageNtHeader(IN PVOID ModuleAddress);
-#include <ntimage.h>
+static PIMAGE_NT_HEADERS ImageNtHeader(PVOID pModuleAddress)
+{
+    PIMAGE_NT_HEADERS pNtHeaders = NULL;
+    PIMAGE_DOS_HEADER pDosHeader = (PIMAGE_DOS_HEADER)pModuleAddress;
+
+    __try
+    {
+        if (pDosHeader->e_magic != IMAGE_DOS_SIGNATURE)
+        {
+            __leave;
+        }
+
+        PIMAGE_NT_HEADERS pNtHeadersTmp = (PIMAGE_NT_HEADERS)((PUCHAR)pModuleAddress + pDosHeader->e_lfanew);
+        if (pNtHeadersTmp->Signature != IMAGE_NT_SIGNATURE ||
+            pNtHeadersTmp->OptionalHeader.Magic !=
+#ifdef _WIN64
+            IMAGE_NT_OPTIONAL_HDR64_MAGIC
+#else
+            IMAGE_NT_OPTIONAL_HDR32_MAGIC
+#endif
+            ||
+            pNtHeadersTmp->FileHeader.Machine !=
+#ifdef _WIN64
+            IMAGE_FILE_MACHINE_AMD64
+#else
+            IMAGE_FILE_MACHINE_I386
+#endif
+            )
+        {
+            __leave;
+        }
+
+        pNtHeaders = pNtHeadersTmp;
+    }
+    __except (EXCEPTION_EXECUTE_HANDLER)
+    {
+    }
+
+    return pNtHeaders;
+}
+
 static PVOID GetModuleBaseAddress(PVOID pAddr)
 {
     CHAR* pBase = (char*)(((ULONG_PTR)(void*)pAddr / PAGE_SIZE) * PAGE_SIZE);
@@ -72,7 +111,7 @@ static PVOID GetModuleBaseAddress(PVOID pAddr)
                 continue;
             }
 
-            PIMAGE_NT_HEADERS pHeaders = RtlImageNtHeader(pCurAddr);
+            PIMAGE_NT_HEADERS pHeaders = ImageNtHeader(pCurAddr);
             if (pHeaders)
             {
                 return pCurAddr;
@@ -470,7 +509,7 @@ NTSTATUS __stdcall KdDebuggerInitialize0(PVOID lpLoaderParameterBlock)
     NTSTATUS st;
 
     PVOID pAddr = GetModuleBaseAddress(KdDebuggerInitialize0);
-    PIMAGE_NT_HEADERS pHeaders = RtlImageNtHeader(pAddr);
+    PIMAGE_NT_HEADERS pHeaders = ImageNtHeader(pAddr);
     if (pHeaders)
     {
         //Prevent the current module from being relocated to a different address and breaking the physical/virtual address mapping
diff --git a/VirtualKD-Redux/createbundles.bat b/VirtualKD-Redux/createbundles.bat
index cdac535..0131d7e 100644
--- a/VirtualKD-Redux/createbundles.bat
+++ b/VirtualKD-Redux/createbundles.bat
@@ -14,8 +14,8 @@ REM copy Build\Win32\Release\kdpatch.reg Bundles\ReleaseBundle\target32
 REM copy Build\x64\Release\kdpatch.reg Bundles\ReleaseBundle\target64
 copy Build\Win32\Release\vminstall.exe Bundles\ReleaseBundle\target32
 copy Build\x64\Release\vminstall.exe Bundles\ReleaseBundle\target64
-copy Build\Win32\Release\kdbazis.dll Bundles\ReleaseBundle\target32
-copy Build\x64\Release\kdbazis.dll Bundles\ReleaseBundle\target64
+copy Build\Win32\Release\kdbazis.dll Bundles\ReleaseBundle\target32\kdcom.dll
+copy Build\x64\Release\kdbazis.dll Bundles\ReleaseBundle\target64\kdcom.dll
 REM copy Build\Win32\Release\kdpatch.sys Bundles\ReleaseBundle\target32
 REM copy Build\x64\Release\kdpatch.sys Bundles\ReleaseBundle\target64
 copy Certs\VKD-Redux_CA.cer Bundles\ReleaseBundle\
@@ -34,8 +34,8 @@ REM copy Build\Win32\Debug\kdpatch.reg Bundles\DebugBundle\target32
 REM copy Build\x64\Debug\kdpatch.reg Bundles\DebugBundle\target64
 copy Build\Win32\Debug\vminstall.exe Bundles\DebugBundle\target32
 copy Build\x64\Debug\vminstall.exe Bundles\DebugBundle\target64
-copy Build\Win32\Debug\kdbazis.dll Bundles\DebugBundle\target32
-copy Build\x64\Debug\kdbazis.dll Bundles\DebugBundle\target64
+copy Build\Win32\Debug\kdbazis.dll Bundles\DebugBundle\target32\kdcom.dll
+copy Build\x64\Debug\kdbazis.dll Bundles\DebugBundle\target64\kdcom.dll
 REM copy Build\Win32\Debug\kdpatch.sys Bundles\DebugBundle\target32
 REM copy Build\x64\Debug\kdpatch.sys Bundles\DebugBundle\target64
 copy Certs\VKD-Redux_CA.cer Bundles\DebugBundle\