CNewMenu::QueryContextMenu函数分析之新建菜单项的创建
第一部分:
HRESULT CNewMenu::QueryContextMenu(HMENU hmenu, UINT indexMenu, UINT idCmdFirst, UINT idCmdLast, UINT uFlags)
{
// if they want the default menu only (CMF_DEFAULTONLY) OR
// this is being called for a shortcut (CMF_VERBSONLY)
// we don't want to be on the context menu
MENUITEMINFO mfi = {0};
if (uFlags & (CMF_DEFAULTONLY | CMF_VERBSONLY))
return S_OK;
ConsolidateMenuItems(FALSE);
_idCmdFirst = idCmdFirst+2;
TCHAR szNewMenu[80];
LoadString(g_hinst, IDS_NEWMENU, szNewMenu, ARRAYSIZE(szNewMenu));
// HACK: I assume that they are querying during a WM_INITMENUPOPUP or equivalent
GetCursorPos(&_ptNewItem);
_hmenu = CreatePopupMenu(); //创建一个菜单,菜单hwnd=0x15008b
mfi.cbSize = sizeof(MENUITEMINFO);
mfi.fMask = MIIM_ID | MIIM_TYPE;
mfi.wID = idCmdFirst+1;
mfi.fType = MFT_STRING;
mfi.dwTypeData = szNewMenu;
InsertMenuItem(_hmenu, 0, TRUE, &mfi); //空菜单里插入一项
ZeroMemory(&mfi, sizeof (mfi));
mfi.cbSize = sizeof(MENUITEMINFO);
mfi.fMask = MIIM_ID | MIIM_SUBMENU | MIIM_TYPE | MIIM_DATA;
mfi.fType = MFT_STRING;
mfi.wID = idCmdFirst;
mfi.hSubMenu = _hmenu;
mfi.dwTypeData = szNewMenu;
mfi.dwItemData = 0;
InsertMenuItem(hmenu, indexMenu, TRUE, &mfi); //插入原来的菜单
_hmenu = NULL;
return ResultFromShort(_idCmdFirst - idCmdFirst + 1);
}
第二部分:
0: kd> dt win32k!menu 0xbc694c1c
+0x000 head : _PROCDESKHEAD
+0x014 fFlags : 1
+0x018 iItem : 0n0
+0x01c cAlloced : 0
+0x020 cItems : 0 cItems : 0空菜单
+0x024 cxMenu : 0
+0x028 cyMenu : 0
+0x02c cxTextAlign : 0
+0x030 spwndNotify : (null)
+0x034 rgItems : (null)
+0x038 pParentMenus : (null)
+0x03c dwContextHelpId : 0
+0x040 cyMax : 0
+0x044 dwMenuData : 0
+0x048 hbrBack : (null)
+0x04c iTop : 0n0
+0x050 iMaxTop : 0n0
+0x054 dwArrowsOn : 0y00
第三部分:
InsertMenuItem(_hmenu, 0, TRUE, &mfi);之后
0: kd> dt win32k!menu 0xbc694c1c
+0x000 head : _PROCDESKHEAD
+0x014 fFlags : 1
+0x018 iItem : 0n0
+0x01c cAlloced : 8
+0x020 cItems : 1
+0x024 cxMenu : 0
+0x028 cyMenu : 0
+0x02c cxTextAlign : 0
+0x030 spwndNotify : (null)
+0x034 rgItems : 0xbc696d24 tagITEM
+0x038 pParentMenus : (null)
+0x03c dwContextHelpId : 0
+0x040 cyMax : 0
+0x044 dwMenuData : 0
+0x048 hbrBack : (null)
+0x04c iTop : 0n0
+0x050 iMaxTop : 0n0
+0x054 dwArrowsOn : 0y00
0: kd> dx -id 0,0,89589d88 -r1 ((win32k!tagITEM *)0xbc696d24)
((win32k!tagITEM *)0xbc696d24) : 0xbc696d24 [Type: tagITEM *]
[+0x000] fType : 0x0 [Type: unsigned int]
[+0x004] fState : 0x0 [Type: unsigned int]
[+0x008] wID : 0x7918 [Type: unsigned int]
[+0x00c] spSubMenu : 0x0 [Type: tagMENU *]
[+0x010] hbmpChecked : 0x0 [Type: void *]
[+0x014] hbmpUnchecked : 0x0 [Type: void *]
[+0x018] lpstr : 0xbc692cb4 : 0x4e [Type: unsigned short *]
[+0x01c] cch : 0x4 [Type: unsigned long]
[+0x020] dwItemData : 0x0 [Type: unsigned long]
[+0x024] xItem : 0x0 [Type: unsigned long]
[+0x028] yItem : 0x0 [Type: unsigned long]
[+0x02c] cxItem : 0x0 [Type: unsigned long]
[+0x030] cyItem : 0x0 [Type: unsigned long]
[+0x034] dxTab : 0x0 [Type: unsigned long]
[+0x038] ulX : 0x7fffffff [Type: unsigned long]
[+0x03c] ulWidth : 0x0 [Type: unsigned long]
[+0x040] hbmp : 0x0 [Type: HBITMAP__ *]
[+0x044] cxBmp : -1 [Type: int]
[+0x048] cyBmp : 0 [Type: int]
第四部分:
InsertMenuItem(hmenu, indexMenu, TRUE, &mfi);之后
0: kd> dt win32k!menu 0xbc6929a4
+0x000 head : _PROCDESKHEAD
+0x014 fFlags : 1
+0x018 iItem : 0n0
+0x01c cAlloced : 0x18
+0x020 cItems : 0x15
+0x024 cxMenu : 0
+0x028 cyMenu : 0
+0x02c cxTextAlign : 0
+0x030 spwndNotify : (null)
+0x034 rgItems : 0xbc697244 tagITEM
+0x038 pParentMenus : (null)
+0x03c dwContextHelpId : 0
+0x040 cyMax : 0
+0x044 dwMenuData : 0
+0x048 hbrBack : (null)
+0x04c iTop : 0n0
+0x050 iMaxTop : 0n0
+0x054 dwArrowsOn : 0y00
0: kd> dx -id 0,0,89589d88 -r1 ((win32k!tagITEM *)0xbc697244)
((win32k!tagITEM *)0xbc697244) : 0xbc697244 [Type: tagITEM *]
[+0x000] fType : 0x0 [Type: unsigned int]
[+0x004] fState : 0x0 [Type: unsigned int]
[+0x008] wID : 0x0 [Type: unsigned int]
[+0x00c] spSubMenu : 0xbc693c94 [Type: tagMENU *]
[+0x010] hbmpChecked : 0x0 [Type: void *]
[+0x014] hbmpUnchecked : 0x0 [Type: void *]
[+0x018] lpstr : 0xbc694ad4 : 0x26 [Type: unsigned short *]
[+0x01c] cch : 0x5 [Type: unsigned long]
[+0x020] dwItemData : 0x0 [Type: unsigned long]
[+0x024] xItem : 0x0 [Type: unsigned long]
[+0x028] yItem : 0x0 [Type: unsigned long]
[+0x02c] cxItem : 0x0 [Type: unsigned long]
[+0x030] cyItem : 0x0 [Type: unsigned long]
[+0x034] dxTab : 0x0 [Type: unsigned long]
[+0x038] ulX : 0x7fffffff [Type: unsigned long]
[+0x03c] ulWidth : 0x0 [Type: unsigned long]
[+0x040] hbmp : 0x0 [Type: HBITMAP__ *]
[+0x044] cxBmp : -1 [Type: int]
[+0x048] cyBmp : 0 [Type: int]
0: kd> dt win32k!tagITEM 0xbc697244+0x4c*d
+0x000 fType : 0
+0x004 fState : 0
+0x008 wID : 0x7917
+0x00c spSubMenu : 0xbc694c1c tagMENU +0x00c spSubMenu : 0xbc694c1c tagMENU
+0x010 hbmpChecked : (null)
+0x014 hbmpUnchecked : (null)
+0x018 lpstr : 0xbc696fe4 -> 0x4e
+0x01c cch : 4
+0x020 dwItemData : 0
+0x024 xItem : 0
+0x028 yItem : 0
+0x02c cxItem : 0
+0x030 cyItem : 0
+0x034 dxTab : 0
+0x038 ulX : 0x7fffffff
+0x03c ulWidth : 0
+0x040 hbmp : (null)
+0x044 cxBmp : 0n-1
+0x048 cyBmp : 0n0
0: kd> db 0xbc696fe4
bc696fe4 4e 00 65 00 26 00 77 00-00 00 55 48 5f 54 41 49 N.e.&.w...UH_TAI
bc696ff4 4c 00 ab ab ab ab ab ab-ab ab ca ca 00 00 00 00 L...............
bc697004 00 00 00 00 0d 00 0d 00-00 07 1c 00 55 48 5f 48 ............UH_H
bc697014 45 41 44 00 da da da da-07 00 00 00 dc 28 a7 bf EAD..........(..
bc697024 08 00 00 00 e4 00 00 00-00 00 00 00 b0 6f 69 bc .............oi.
bc697034 45 f1 8a bf 43 6a 8d bf-71 6e 8d bf a9 a8 89 bf E...Cj..qn......
bc697044 b2 bc af 80 00 00 00 00-00 00 00 00 a4 29 69 bc .............)i.
bc697054 55 48 5f 54 41 49 4c 00-ab ab ab ab ab ab ab ab UH_TAIL.........
0: kd> dx -id 0,0,89589d88 -r1 ((win32k!tagMENU *)0xbc694c1c) +0x00c spSubMenu : 0xbc694c1c tagMENU
((win32k!tagMENU *)0xbc694c1c) : 0xbc694c1c [Type: tagMENU *]
[+0x000] head [Type: _PROCDESKHEAD]
[+0x014] fFlags : 0x1 [Type: unsigned long]
[+0x018] iItem : 0 [Type: int]
[+0x01c] cAlloced : 0x8 [Type: unsigned int]
[+0x020] cItems : 0x1 [Type: unsigned int]
[+0x024] cxMenu : 0x0 [Type: unsigned long]
[+0x028] cyMenu : 0x0 [Type: unsigned long]
[+0x02c] cxTextAlign : 0x0 [Type: unsigned long]
[+0x030] spwndNotify : 0x0 [Type: tagWND *]
[+0x034] rgItems : 0xbc696d24 [Type: tagITEM *]
[+0x038] pParentMenus : 0xbc69704c [Type: tagMENULIST *]
[+0x03c] dwContextHelpId : 0x0 [Type: unsigned long]
[+0x040] cyMax : 0x0 [Type: unsigned long]
[+0x044] dwMenuData : 0x0 [Type: unsigned long]
[+0x048] hbrBack : 0x0 [Type: HBRUSH__ *]
[+0x04c] iTop : 0 [Type: int]
[+0x050] iMaxTop : 0 [Type: int]
[+0x054 ( 1: 0)] dwArrowsOn : 0x0 [Type: unsigned long]
0: kd> dx -id 0,0,89589d88 -r1 ((win32k!tagITEM *)0xbc696d24)
((win32k!tagITEM *)0xbc696d24) : 0xbc696d24 [Type: tagITEM *]
[+0x000] fType : 0x0 [Type: unsigned int]
[+0x004] fState : 0x0 [Type: unsigned int]
[+0x008] wID : 0x7918 [Type: unsigned int]
[+0x00c] spSubMenu : 0x0 [Type: tagMENU *]
[+0x010] hbmpChecked : 0x0 [Type: void *]
[+0x014] hbmpUnchecked : 0x0 [Type: void *]
[+0x018] lpstr : 0xbc692cb4 : 0x4e [Type: unsigned short *]
[+0x01c] cch : 0x4 [Type: unsigned long]
[+0x020] dwItemData : 0x0 [Type: unsigned long]
[+0x024] xItem : 0x0 [Type: unsigned long]
[+0x028] yItem : 0x0 [Type: unsigned long]
[+0x02c] cxItem : 0x0 [Type: unsigned long]
[+0x030] cyItem : 0x0 [Type: unsigned long]
[+0x034] dxTab : 0x0 [Type: unsigned long]
[+0x038] ulX : 0x7fffffff [Type: unsigned long]
[+0x03c] ulWidth : 0x0 [Type: unsigned long]
[+0x040] hbmp : 0x0 [Type: HBITMAP__ *]
[+0x044] cxBmp : -1 [Type: int]
[+0x048] cyBmp : 0 [Type: int]
0: kd> db 0xbc692cb4
bc692cb4 4e 00 65 00 26 00 77 00-00 00 55 48 5f 54 41 49 N.e.&.w...UH_TAI
