Taskbar10: Made the Control Center and Toast Center positioning patch work with build 25951 (Canary)

Author: Amrsatrio

ExplorerPatcher/ImmersiveFlyouts.c

@@ -56,7 +56,7 @@ void InvokeActionCenter()
     }
 }
 
-void InvokeFlyout(BOOL bAction, DWORD dwWhich)
+HRESULT InvokeFlyoutRect(BOOL bAction, DWORD dwWhich, __x_ABI_CWindows_CFoundation_CRect* pRc)
 {
     HRESULT hr = S_OK;
     IUnknown* pImmersiveShell = NULL;
@@ -70,13 +70,13 @@ void InvokeFlyout(BOOL bAction, DWORD dwWhich)
     if (SUCCEEDED(hr))
     {
         IShellExperienceManagerFactory* pShellExperienceManagerFactory = NULL;
-        IUnknown_QueryService(
+        hr = IUnknown_QueryService(
             pImmersiveShell,
             &CLSID_ShellExperienceManagerFactory,
             &CLSID_ShellExperienceManagerFactory,
             &pShellExperienceManagerFactory
         );
-        if (pShellExperienceManagerFactory)
+        if (SUCCEEDED(hr))
         {
             HSTRING_HEADER hstringHeader;
             HSTRING hstring = NULL;
@@ -102,36 +102,34 @@ void InvokeFlyout(BOOL bAction, DWORD dwWhich)
                 &hstringHeader,
                 &hstring
             );
-            if (hstring)
+            if (SUCCEEDED(hr))
             {
                 IUnknown* pIntf = NULL;
-                pShellExperienceManagerFactory->lpVtbl->GetExperienceManager(
+                hr = pShellExperienceManagerFactory->lpVtbl->GetExperienceManager(
                     pShellExperienceManagerFactory,
                     hstring,
                     &pIntf
                 );
-                if (pIntf)
+                if (SUCCEEDED(hr))
                 {
                     IExperienceManager* pExperienceManager = NULL;
-                    pIntf->lpVtbl->QueryInterface(
+                    hr = pIntf->lpVtbl->QueryInterface(
                         pIntf,
                         dwWhich == INVOKE_FLYOUT_NETWORK ? &IID_NetworkFlyoutExperienceManager :
                         (dwWhich == INVOKE_FLYOUT_CLOCK ? &IID_TrayClockFlyoutExperienceManager :
                             (dwWhich == INVOKE_FLYOUT_BATTERY ? &IID_TrayBatteryFlyoutExperienceManager :
                                 (dwWhich == INVOKE_FLYOUT_SOUND ? &IID_TrayMtcUvcFlyoutExperienceManager : &IID_IUnknown))),
                         &pExperienceManager
                     );
-                    if (pExperienceManager)
+                    if (SUCCEEDED(hr))
                     {
-                        RECT rc;
-                        SetRect(&rc, 0, 0, 0, 0);
                         if (bAction == INVOKE_FLYOUT_SHOW)
                         {
-                            pExperienceManager->lpVtbl->ShowFlyout(pExperienceManager, &rc, NULL);
+                            hr = pExperienceManager->lpVtbl->ShowFlyout(pExperienceManager, pRc);
                         }
                         else if (bAction == INVOKE_FLYOUT_HIDE)
                         {
-                            pExperienceManager->lpVtbl->HideFlyout(pExperienceManager);
+                            hr = pExperienceManager->lpVtbl->HideFlyout(pExperienceManager);
                         }
                         pExperienceManager->lpVtbl->Release(pExperienceManager);
                     }
@@ -143,4 +141,5 @@ void InvokeFlyout(BOOL bAction, DWORD dwWhich)
         }
         pImmersiveShell->lpVtbl->Release(pImmersiveShell);
     }
+    return hr;
 }

ExplorerPatcher/ImmersiveFlyouts.h

@@ -57,8 +57,7 @@ typedef struct IExperienceManagerVtbl // : IInspectable
 
     HRESULT(STDMETHODCALLTYPE* ShowFlyout)(
         IExperienceManager* This,
-        /* [in] */ RECT* rect,
-        /* [in] */ HWND hWnd);
+        /* [in] */ __x_ABI_CWindows_CFoundation_CRect* rect);
 
     HRESULT(STDMETHODCALLTYPE* HideFlyout)(
         IExperienceManager* This);
@@ -192,5 +191,14 @@ void InvokeActionCenter();
 #define INVOKE_FLYOUT_CLOCK 2
 #define INVOKE_FLYOUT_BATTERY 3
 #define INVOKE_FLYOUT_SOUND 4
-void InvokeFlyout(BOOL bAction, DWORD dwWhich);
+
+HRESULT InvokeFlyoutRect(BOOL bAction, DWORD dwWhich, __x_ABI_CWindows_CFoundation_CRect* pRc);
+
+inline HRESULT InvokeFlyout(BOOL bAction, DWORD dwWhich)
+{
+    __x_ABI_CWindows_CFoundation_CRect rc;
+    ZeroMemory(&rc, sizeof(rc));
+    return InvokeFlyoutRect(bAction, dwWhich, &rc);
+}
+
 #endif

ExplorerPatcher/dllmain.c

@@ -10009,10 +10009,10 @@ BOOL Moment2PatchControlCenter(LPMODULEINFO mi)
 {
     // Step 1:
     // Scan within the DLL for `rcMonitor = mi.rcMonitor`.
-    // ```0F 10 44 24 ?? F3 0F 7F 44 24 ?? 80 BF // movups - movdqu - cmp```
+    // ```0F 10 44 24 ?? F3 0F 7F 44 24 ?? 80 // movups - movdqu - cmp```
     // 22621.1992: 4B35B
     // 22621.2283: 65C5C
-    PBYTE rcMonitorAssignment = FindPattern(mi->lpBaseOfDll, mi->SizeOfImage, "\x0F\x10\x44\x24\x00\xF3\x0F\x7F\x44\x24\x00\x80\xBF", "xxxx?xxxxx?xx");
+    PBYTE rcMonitorAssignment = FindPattern(mi->lpBaseOfDll, mi->SizeOfImage, "\x0F\x10\x44\x24\x00\xF3\x0F\x7F\x44\x24\x00\x80", "xxxx?xxxxx?x");
     if (!rcMonitorAssignment) return FALSE;
     printf("[CC] rcMonitorAssignment = %llX\n", rcMonitorAssignment - (PBYTE)mi->lpBaseOfDll);
 
@@ -10066,11 +10066,23 @@ BOOL Moment2PatchToastCenter(LPMODULEINFO mi)
 {
     // Step 1:
     // Scan within the DLL for `rcMonitor = mi.rcMonitor`.
-    // ```0F 10 45 84 ?? 0F 7F 44 24 ?? 48 8B CF // movups - movdqu - mov```
+    //
+    // Pattern 1:
+    // Will have a match if CToastCenterExperienceManager::ShouldShowWithinWorkArea() is present.
+    // ```0F 10 45 ?? ?? 0F 7F 44 24 ?? 48 8B CF // movups - movdqu - mov```
     // 22621.1992: 40CE8
     // 22621.2283: 501DB
-    PBYTE rcMonitorAssignment = FindPattern(mi->lpBaseOfDll, mi->SizeOfImage, "\x0F\x10\x45\x84\x00\x0F\x7F\x44\x24\x00\x48\x8B\xCF", "xxxx?xxxx?xxx");
-    if (!rcMonitorAssignment) return FALSE;
+    //
+    // Pattern 2:
+    // Will have a match if CToastCenterExperienceManager::ShouldShowWithinWorkArea() is inlined.
+    // ```0F 10 45 ?? ?? 0F 7F 44 24 ?? 44 // movups - movdqu - cmp```
+    // 25951.1000: 36B2C4
+    PBYTE rcMonitorAssignment = FindPattern(mi->lpBaseOfDll, mi->SizeOfImage, "\x0F\x10\x45\x00\x00\x0F\x7F\x44\x24\x00\x48\x8B\xCF", "xxx??xxxx?xxx");
+    if (!rcMonitorAssignment)
+    {
+        rcMonitorAssignment = FindPattern(mi->lpBaseOfDll, mi->SizeOfImage, "\x0F\x10\x45\x00\x00\x0F\x7F\x44\x24\x00\x44", "xxx??xxxx?x");
+        if (!rcMonitorAssignment) return FALSE;
+    }
     printf("[TC] rcMonitorAssignment = %llX\n", rcMonitorAssignment - (PBYTE)mi->lpBaseOfDll);
 
     // Step 2:
@@ -10266,12 +10278,11 @@ void WINAPI HardwareConfirmatorShellcode(PBYTE pCoroInstance)
                     hr = pTheFunc(pEdgeUiManager, &rc);
                 }
 
-                typedef struct { float x, y, width, height; } Windows_Foundation_Rect;
-                Windows_Foundation_Rect* out = pCoroInstance + g_Moment2PatchOffsets.coroInstance_rcOut;
-                out->x = (float)rc.left;
-                out->y = (float)rc.top;
-                out->width = (float)(rc.right - rc.left);
-                out->height = (float)(rc.bottom - rc.top);
+                __x_ABI_CWindows_CFoundation_CRect* out = pCoroInstance + g_Moment2PatchOffsets.coroInstance_rcOut;
+                out->X = (float)rc.left;
+                out->Y = (float)rc.top;
+                out->Width = (float)(rc.right - rc.left);
+                out->Height = (float)(rc.bottom - rc.top);
 
                 pEdgeUiManager->lpVtbl->Release(pEdgeUiManager);
             }
@@ -11057,13 +11068,13 @@ DWORD Inject(BOOL bIsExplorer)
     {
         // Find a pointer to ITrayUIHost needed to have a working Windows 10 taskbar context menu on Windows 11 taskbar
         // Ref: CTray::Init()
-        // 4C 8D 05 ? ? ? ? 48 8D 0D ? ? ? ? E8 ? ? ? ? 48 8B 8D
+        // 4C 8D 05 ? ? ? ? 48 8D 0D ? ? ? ? E8 ? ? ? ? 48 8B
         //                           ^^^^^^^
         PBYTE match = FindPattern(
             hExplorer,
             miExplorer.SizeOfImage,
-            "\x4C\x8D\x05\x00\x00\x00\x00\x48\x8D\x0D\x00\x00\x00\x00\xE8\x00\x00\x00\x00\x48\x8B\x8D",
-            "xxx????xxx????x????xxx"
+            "\x4C\x8D\x05\x00\x00\x00\x00\x48\x8D\x0D\x00\x00\x00\x00\xE8\x00\x00\x00\x00\x48\x8B",
+            "xxx????xxx????x????xx"
         );
         if (match)
         {