Retro video games delivered to your door every month!
Click above to get retro games delivered to your door ever month!
X-Hacker.org- Ralf Brown's Interrupt List (Part 1,2) - share.exe hooks (dos 3.1-4.01): http://www.X-Hacker.org [<<Previous Entry] [^^Up^^] [Next Entry>>] [Menu] [About The Guide] 
SHARE.EXE hooks (DOS 3.1-4.01):
(offsets from first system file table--pointed at by ListOfLists+04h)
Offset  Size    Description
-3Ch    DWORD   pointer to FAR routine for ???
                Note: not called by MSDOS 3.3, set to 0000h:0000h by SHARE 3.3
-38h    DWORD   pointer to FAR routine called on opening file
                on call, internal DOS location points at filename(see AX=5D06h)
                Return: CF clear if successful
                        CF set on error
                            AX = DOS error code (24h) (see AH=59h)
                Note: SHARE assumes DS=SS=DOS CS, direct-accesses DOS internals
                        to get name of file just opened
-34h    DWORD   pointer to FAR routine called on closing file
                ES:DI -> system file table
                Note: SHARE assumes SS=DOS CS, directly accesses DOS internals
                        does something to every lock record for file
-30h    DWORD   pointer to FAR routine to close all files for given computer
                (called by AX=5D03h)
                Note: SHARE assumes SS=DOS CS, directly accesses DOS internals
-2Ch    DWORD   pointer to FAR routine to close all files for given process
                (called by AX=5D04h)
                Note: SHARE assumes SS=DOS CS, directly accesses DOS internals
-28h    DWORD   pointer to FAR routine to close file by name
                (called by AX=5D02h)
                DS:SI -> DOS parameter list (see AX=5D00h)
                   DPL's DS:DX -> name of file to close
                Return: CF clear if successful
                        CF set on error
                            AX = DOS error code (03h) (see AH=59h)
                Note: SHARE assumes SS=DOS CS, directly accesses DOS internals
-24h    DWORD   pointer to FAR routine to lock region of file
                call with BX = file handle
                          CX:DX = starting offset
                          SI:AX = size
                Return: CF set on error
                            AL = DOS error code (21h) (see AH=59h)
                Note: only called if file is marked as remote
                Note: SHARE assumes SS=DOS CS, directly accesses DOS internals
-20h    DWORD   pointer to FAR routine to unlock region of file
                call with BX = file handle
                          CX:DX = starting offset
                          SI:AX = size
                Return: CF set on error
                            AL = DOS error code (21h) (see AH=59h)
                Note: only called if file is marked as remote
                Note: SHARE assumes SS=DOS CS, directly accesses DOS internals
-1Ch    DWORD   pointer to FAR routine to check if file region is locked
                call with ES:DI -> system file table entry for file
                        CX = length of region from current position in file
                Return: CF set if any portion of region locked
                            AX = 0021h
                Note: SHARE assumes SS=DOS CS, directly accesses DOS internals
-18h    DWORD   pointer to FAR routine to get open file list entry
                (called by AX=5D05h)
                call with DS:SI -> DOS parameter list (see AX=5D00h)
                        DPL's BX = index of sharing record
                        DPL's CX = index of SFT in SFT chain of sharing rec
                Return: CF set on error or not loaded
                            AX = DOS error code (12h) (see AH=59h)
                        CF clear if successful
                            ES:DI -> filename
                            CX = number of locks owned by specified SFT
                            BX = network machine number
                            DX destroyed
                Note: SHARE assumes SS=DOS CS, directly accesses DOS internals
-14h    DWORD   pointer to FAR routine for updating FCB from SFT???
                call with DS:SI -> unopened FCB
                          ES:DI -> system file table entry
                Return: BL = C0h???
                Note: copies following fields from SFT to FCB:
                   starting cluster of file       0Bh    1Ah
                   sharing record offset          33h    1Ch
                   file attribute                 04h    1Eh
-10h    DWORD   pointer to FAR routine to get first cluster of FCB file ???
                call with ES:DI -> system file table entry
                          DS:SI -> FCB
                Return: CF set if SFT closed or sharing record offsets
                                mismatched
                        CF clear if successful
                            BX = starting cluster number from FCB
-0Ch    DWORD   pointer to FAR routine to close file if duplicate for process
                DS:SI -> system file table
                Return: AX = number of handle in JFT which already uses SFT
                Note: called during open/create of a file
                Note: SHARE assumes SS=DOS CS, directly accesses DOS internals
                Note: if SFT was opened with inheritance enabled and sharing
                        mode 111, does something to all other SFTs owned by
                        same process which have the same file open mode and
                        sharing record
-08h    DWORD   pointer to FAR routine for ???
                Note: SHARE assumes SS=DS=DOS CS, direct-accesses DOS internals
                Note: closes various handles referring to file most-recently
                        opened
-04h    DWORD   pointer to FAR routine to update directory info in related SFT
                  entries
                call with ES:DI -> system file table entry for file (see below)
                          AX = subfunction (apply to each related SFT)
                                00h: update time stamp (offset 0Dh) and date
                                     stamp (offset 0Fh)
                                01h: update file size (offset 11h) and starting
                                     cluster (offset 0Bh).  Sets last-accessed
                                     cluster fields to start of file if file
                                     never accessed
                                02h: as function 01h, but last-accessed fields
                                     always changed
                                03h: do both functions 00h and 02h
                Note: follows ptr at offset 2Bh in system file table entries
                Note: NOP if opened with no-inherit or via FCB
Online resources provided by: http://www.X-Hacker.org --- NG 2 HTML conversion by Dave Pearson