ReactOS 0.4.15-dev-7670-g69b08be
peloader.h File Reference
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Typedefs

typedef VOID(NTAPIPELDR_IMPORTDLL_LOAD_CALLBACK) (_In_ PCSTR FileName)
 

Functions

BOOLEAN PeLdrLoadImage (_In_ PCSTR FilePath, _In_ TYPE_OF_MEMORY MemoryType, _Out_ PVOID *ImageBasePA)
 Loads the specified image from the file.
 
BOOLEAN PeLdrAllocateDataTableEntry (IN OUT PLIST_ENTRY ModuleListHead, IN PCCH BaseDllName, IN PCCH FullDllName, IN PVOID BasePA, OUT PLDR_DATA_TABLE_ENTRY *NewEntry)
 
VOID PeLdrFreeDataTableEntry (_In_ PLDR_DATA_TABLE_ENTRY Entry)
 
BOOLEAN PeLdrScanImportDescriptorTable (IN OUT PLIST_ENTRY ModuleListHead, IN PCCH DirectoryPath, IN PLDR_DATA_TABLE_ENTRY ScanDTE)
 
BOOLEAN PeLdrCheckForLoadedDll (IN OUT PLIST_ENTRY ModuleListHead, IN PCH DllName, OUT PLDR_DATA_TABLE_ENTRY *LoadedEntry)
 

Variables

PELDR_IMPORTDLL_LOAD_CALLBACK PeLdrImportDllLoadCallback
 

Typedef Documentation

◆ PELDR_IMPORTDLL_LOAD_CALLBACK

typedef VOID(NTAPI * PELDR_IMPORTDLL_LOAD_CALLBACK) (_In_ PCSTR FileName)

Definition at line 23 of file peloader.h.

Function Documentation

◆ PeLdrAllocateDataTableEntry()

BOOLEAN PeLdrAllocateDataTableEntry ( IN OUT PLIST_ENTRY  ModuleListHead,
IN PCCH  BaseDllName,
IN PCCH  FullDllName,
IN PVOID  BasePA,
OUT PLDR_DATA_TABLE_ENTRY NewEntry 
)

Definition at line 598 of file peloader.c.

604{
605 PVOID BaseVA = PaToVa(BasePA);
606 PWSTR BaseDllNameBuffer, Buffer;
607 PLDR_DATA_TABLE_ENTRY DataTableEntry;
608 PIMAGE_NT_HEADERS NtHeaders;
610
611 TRACE("PeLdrAllocateDataTableEntry('%s', '%s', %p)\n",
612 BaseDllName, FullDllName, BasePA);
613
614 /* Allocate memory for a data table entry, zero-initialize it */
617 if (DataTableEntry == NULL)
618 return FALSE;
619
620 /* Get NT headers from the image */
621 NtHeaders = RtlImageNtHeader(BasePA);
622
623 /* Initialize corresponding fields of DTE based on NT headers value */
624 RtlZeroMemory(DataTableEntry, sizeof(LDR_DATA_TABLE_ENTRY));
625 DataTableEntry->DllBase = BaseVA;
626 DataTableEntry->SizeOfImage = NtHeaders->OptionalHeader.SizeOfImage;
627 DataTableEntry->EntryPoint = RVA(BaseVA, NtHeaders->OptionalHeader.AddressOfEntryPoint);
628 DataTableEntry->SectionPointer = 0;
629 DataTableEntry->CheckSum = NtHeaders->OptionalHeader.CheckSum;
630
631 /* Initialize BaseDllName field (UNICODE_STRING) from the Ansi BaseDllName
632 by simple conversion - copying each character */
633 Length = (USHORT)(strlen(BaseDllName) * sizeof(WCHAR));
635 if (Buffer == NULL)
636 {
637 FrLdrHeapFree(DataTableEntry, TAG_WLDR_DTE);
638 return FALSE;
639 }
640
641 /* Save Buffer, in case of later failure */
642 BaseDllNameBuffer = Buffer;
643
644 DataTableEntry->BaseDllName.Length = Length;
645 DataTableEntry->BaseDllName.MaximumLength = Length;
646 DataTableEntry->BaseDllName.Buffer = PaToVa(Buffer);
647
649 Length /= sizeof(WCHAR);
650 while (Length--)
651 {
652 *Buffer++ = *BaseDllName++;
653 }
654
655 /* Initialize FullDllName field (UNICODE_STRING) from the Ansi FullDllName
656 using the same method */
657 Length = (USHORT)(strlen(FullDllName) * sizeof(WCHAR));
659 if (Buffer == NULL)
660 {
661 FrLdrHeapFree(BaseDllNameBuffer, TAG_WLDR_NAME);
662 FrLdrHeapFree(DataTableEntry, TAG_WLDR_DTE);
663 return FALSE;
664 }
665
666 DataTableEntry->FullDllName.Length = Length;
667 DataTableEntry->FullDllName.MaximumLength = Length;
668 DataTableEntry->FullDllName.Buffer = PaToVa(Buffer);
669
671 Length /= sizeof(WCHAR);
672 while (Length--)
673 {
674 *Buffer++ = *FullDllName++;
675 }
676
677 /* Initialize what's left - LoadCount which is 1, and set Flags so that
678 we know this entry is processed */
679 DataTableEntry->Flags = LDRP_ENTRY_PROCESSED;
680 DataTableEntry->LoadCount = 1;
681
682 /* Honour the FORCE_INTEGRITY flag */
684 {
685 /*
686 * On Vista and above, the LDRP_IMAGE_INTEGRITY_FORCED flag must be set
687 * if IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY is set in the image header.
688 * This is done after the image has been loaded and the digital signature
689 * check has passed successfully. (We do not do it yet!)
690 *
691 * Several OS functionality depend on the presence of this flag.
692 * For example, when using Object-Manager callbacks the latter will call
693 * MmVerifyCallbackFunction() to verify whether the flag is present.
694 * If not callbacks will not work.
695 * (See Windows Internals Part 1, 6th edition, p. 176.)
696 */
697 DataTableEntry->Flags |= LDRP_IMAGE_INTEGRITY_FORCED;
698 }
699
700 /* Insert this DTE to a list in the LPB */
702 TRACE("Inserting DTE %p, name='%.*S' DllBase=%p\n", DataTableEntry,
703 DataTableEntry->BaseDllName.Length / sizeof(WCHAR),
704 VaToPa(DataTableEntry->BaseDllName.Buffer),
705 DataTableEntry->DllBase);
706
707 /* Save pointer to a newly allocated and initialized entry */
708 *NewEntry = DataTableEntry;
709
710 /* Return success */
711 return TRUE;
712}
ACPI_SIZE strlen(const char *String)
Definition: utclib.c:269
FORCEINLINE VOID FrLdrHeapFree(PVOID MemoryPointer, ULONG Tag)
Definition: mm.h:181
FORCEINLINE PVOID FrLdrHeapAlloc(SIZE_T MemorySize, ULONG Tag)
Definition: mm.h:174
struct _LDR_DATA_TABLE_ENTRY * PLDR_DATA_TABLE_ENTRY
Definition: bufpool.h:45
FORCEINLINE PVOID VaToPa(PVOID Va)
Definition: conversion.h:15
FORCEINLINE PVOID PaToVa(PVOID Pa)
Definition: conversion.h:22
#define NULL
Definition: types.h:112
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
#define RtlImageNtHeader
Definition: compat.h:806
#define InsertTailList(ListHead, Entry)
#define RVA(m, b)
Definition: freeldr.h:24
#define TAG_WLDR_DTE
Definition: winldr.h:13
#define TAG_WLDR_NAME
Definition: winldr.h:15
LIST_ENTRY * ModuleListHead
Definition: kdpacket.c:23
#define LDRP_IMAGE_INTEGRITY_FORCED
Definition: ldrtypes.h:41
#define LDRP_ENTRY_PROCESSED
Definition: ldrtypes.h:44
_In_ PCWSTR FullDllName
Definition: ldrtypes.h:247
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
#define IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
Definition: ntimage.h:456
unsigned short USHORT
Definition: pedump.c:61
#define TRACE(s)
Definition: solgame.cpp:4
IMAGE_OPTIONAL_HEADER32 OptionalHeader
Definition: ntddk_ex.h:184
Definition: btrfs_drv.h:1876
USHORT LoadCount
Definition: ntddk_ex.h:208
PVOID EntryPoint
Definition: ntddk_ex.h:203
UNICODE_STRING FullDllName
Definition: btrfs_drv.h:1882
ULONG SizeOfImage
Definition: ldrtypes.h:143
LIST_ENTRY InLoadOrderLinks
Definition: ldrtypes.h:138
PVOID DllBase
Definition: btrfs_drv.h:1880
ULONG Flags
Definition: ntddk_ex.h:207
PVOID SectionPointer
Definition: ntddk_ex.h:213
UNICODE_STRING BaseDllName
Definition: ldrtypes.h:145
ULONG CheckSum
Definition: btrfs_drv.h:1886
USHORT MaximumLength
Definition: env_spec_w32.h:370
uint16_t * PWSTR
Definition: typedefs.h:56
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
__wchar_t WCHAR
Definition: xmlstorage.h:180

Referenced by LoadBootDeviceDriver(), LoadModule(), PeLdrpLoadAndScanReferencedDll(), and WinLdrLoadDeviceDriver().

◆ PeLdrCheckForLoadedDll()

BOOLEAN PeLdrCheckForLoadedDll ( IN OUT PLIST_ENTRY  ModuleListHead,
IN PCH  DllName,
OUT PLDR_DATA_TABLE_ENTRY LoadedEntry 
)

Definition at line 478 of file peloader.c.

482{
483 PLDR_DATA_TABLE_ENTRY DataTableEntry;
484 LIST_ENTRY *ModuleEntry;
485
486 TRACE("PeLdrCheckForLoadedDll: DllName %s\n", DllName);
487
488 /* Just go through each entry in the LoadOrderList and compare loaded module's
489 name with a given name */
490 ModuleEntry = ModuleListHead->Flink;
491 while (ModuleEntry != ModuleListHead)
492 {
493 /* Get pointer to the current DTE */
494 DataTableEntry = CONTAINING_RECORD(ModuleEntry,
496 InLoadOrderLinks);
497
498 TRACE("PeLdrCheckForLoadedDll: DTE %p, EP %p, base %p name '%.*ws'\n",
499 DataTableEntry, DataTableEntry->EntryPoint, DataTableEntry->DllBase,
500 DataTableEntry->BaseDllName.Length / 2, VaToPa(DataTableEntry->BaseDllName.Buffer));
501
502 /* Compare names */
503 if (PeLdrpCompareDllName(DllName, &DataTableEntry->BaseDllName))
504 {
505 /* Yes, found it, report pointer to the loaded module's DTE
506 to the caller and increase load count for it */
507 *LoadedEntry = DataTableEntry;
508 DataTableEntry->LoadCount++;
509 TRACE("PeLdrCheckForLoadedDll: LoadedEntry %X\n", DataTableEntry);
510 return TRUE;
511 }
512
513 /* Go to the next entry */
514 ModuleEntry = ModuleEntry->Flink;
515 }
516
517 /* Nothing found */
518 return FALSE;
519}
static BOOLEAN PeLdrpCompareDllName(IN PCH DllName, IN PUNICODE_STRING UnicodeName)
Definition: peloader.c:35
Definition: typedefs.h:120
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
#define CONTAINING_RECORD(address, type, field)
Definition: typedefs.h:260

Referenced by PeLdrpBindImportName(), PeLdrScanImportDescriptorTable(), and WinLdrLoadDeviceDriver().

◆ PeLdrFreeDataTableEntry()

VOID PeLdrFreeDataTableEntry ( _In_ PLDR_DATA_TABLE_ENTRY  Entry)

Definition at line 715 of file peloader.c.

718{
719 // ASSERT(ModuleListHead);
720 ASSERT(Entry);
721
722 RemoveEntryList(&Entry->InLoadOrderLinks);
723 FrLdrHeapFree(VaToPa(Entry->FullDllName.Buffer), TAG_WLDR_NAME);
724 FrLdrHeapFree(VaToPa(Entry->BaseDllName.Buffer), TAG_WLDR_NAME);
726}
#define RemoveEntryList(Entry)
Definition: env_spec_w32.h:986
#define ASSERT(a)
Definition: mode.c:44
base of all file and directory entries
Definition: entries.h:83

Referenced by LoadBootDeviceDriver(), LoadWindowsCore(), PeLdrpLoadAndScanReferencedDll(), and WinLdrLoadDeviceDriver().

◆ PeLdrLoadImage()

BOOLEAN PeLdrLoadImage ( _In_ PCSTR  FilePath,
_In_ TYPE_OF_MEMORY  MemoryType,
_Out_ PVOID ImageBasePA 
)

Loads the specified image from the file.

PeLdrLoadImage doesn't perform any additional operations on the file path, it just directly calls the file I/O routines. It then relocates the image so that it's ready to be used when paging is enabled.

Note
Addressing mode: physical.

Definition at line 740 of file peloader.c.

744{
745 ULONG FileId;
746 PVOID PhysicalBase;
747 PVOID VirtualBase = NULL;
748 UCHAR HeadersBuffer[SECTOR_SIZE * 2];
749 PIMAGE_NT_HEADERS NtHeaders;
750 PIMAGE_SECTION_HEADER SectionHeader;
751 ULONG VirtualSize, SizeOfRawData, NumberOfSections;
755
756 TRACE("PeLdrLoadImage('%s', %ld)\n", FilePath, MemoryType);
757
758 /* Open the image file */
760 if (Status != ESUCCESS)
761 {
762 WARN("ArcOpen('%s') failed. Status: %u\n", FilePath, Status);
763 return FALSE;
764 }
765
766 /* Load the first 2 sectors of the image so we can read the PE header */
767 Status = ArcRead(FileId, HeadersBuffer, SECTOR_SIZE * 2, &BytesRead);
768 if (Status != ESUCCESS)
769 {
770 ERR("ArcRead('%s') failed. Status: %u\n", FilePath, Status);
771 ArcClose(FileId);
772 return FALSE;
773 }
774
775 /* Now read the MZ header to get the offset to the PE Header */
776 NtHeaders = RtlImageNtHeader(HeadersBuffer);
777 if (!NtHeaders)
778 {
779 ERR("No NT header found in \"%s\"\n", FilePath);
780 ArcClose(FileId);
781 return FALSE;
782 }
783
784 /* Ensure this is executable image */
786 {
787 ERR("Not an executable image \"%s\"\n", FilePath);
788 ArcClose(FileId);
789 return FALSE;
790 }
791
792 /* Store number of sections to read and a pointer to the first section */
793 NumberOfSections = NtHeaders->FileHeader.NumberOfSections;
794 SectionHeader = IMAGE_FIRST_SECTION(NtHeaders);
795
796 /* Try to allocate this memory; if it fails, allocate somewhere else */
797 PhysicalBase = MmAllocateMemoryAtAddress(NtHeaders->OptionalHeader.SizeOfImage,
798 (PVOID)((ULONG)NtHeaders->OptionalHeader.ImageBase & (KSEG0_BASE - 1)),
799 MemoryType);
800
801 if (PhysicalBase == NULL)
802 {
803 /* Don't fail, allocate again at any other "low" place */
804 PhysicalBase = MmAllocateMemoryWithType(NtHeaders->OptionalHeader.SizeOfImage, MemoryType);
805
806 if (PhysicalBase == NULL)
807 {
808 ERR("Failed to alloc %lu bytes for image %s\n", NtHeaders->OptionalHeader.SizeOfImage, FilePath);
809 ArcClose(FileId);
810 return FALSE;
811 }
812 }
813
814 /* This is the real image base, in form of a virtual address */
815 VirtualBase = PaToVa(PhysicalBase);
816
817 TRACE("Base PA: 0x%X, VA: 0x%X\n", PhysicalBase, VirtualBase);
818
819 /* Copy headers from already read data */
820 RtlCopyMemory(PhysicalBase, HeadersBuffer, min(NtHeaders->OptionalHeader.SizeOfHeaders, sizeof(HeadersBuffer)));
821 /* If headers are quite big, request next bytes from file */
822 if (NtHeaders->OptionalHeader.SizeOfHeaders > sizeof(HeadersBuffer))
823 {
824 Status = ArcRead(FileId, (PUCHAR)PhysicalBase + sizeof(HeadersBuffer), NtHeaders->OptionalHeader.SizeOfHeaders - sizeof(HeadersBuffer), &BytesRead);
825 if (Status != ESUCCESS)
826 {
827 ERR("ArcRead('%s') failed. Status: %u\n", FilePath, Status);
828 // UiMessageBox("Error reading headers.");
829 ArcClose(FileId);
830 goto Failure;
831 }
832 }
833
834 /*
835 * On Vista and above, a digital signature check is performed when the image
836 * has the IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY flag set in its header.
837 * (We of course do not perform this check yet!)
838 */
839
840 /* Reload the NT Header */
841 NtHeaders = RtlImageNtHeader(PhysicalBase);
842
843 /* Load the first section */
844 SectionHeader = IMAGE_FIRST_SECTION(NtHeaders);
845
846 /* Walk through each section and read it (check/fix any possible
847 bad situations, if they arise) */
848 for (i = 0; i < NumberOfSections; i++)
849 {
850 VirtualSize = SectionHeader->Misc.VirtualSize;
851 SizeOfRawData = SectionHeader->SizeOfRawData;
852
853 /* Handle a case when VirtualSize equals 0 */
854 if (VirtualSize == 0)
855 VirtualSize = SizeOfRawData;
856
857 /* If PointerToRawData is 0, then force its size to be also 0 */
858 if (SectionHeader->PointerToRawData == 0)
859 {
860 SizeOfRawData = 0;
861 }
862 else
863 {
864 /* Cut the loaded size to the VirtualSize extents */
865 if (SizeOfRawData > VirtualSize)
866 SizeOfRawData = VirtualSize;
867 }
868
869 /* Actually read the section (if its size is not 0) */
870 if (SizeOfRawData != 0)
871 {
872 /* Seek to the correct position */
873 Position.QuadPart = SectionHeader->PointerToRawData;
874 Status = ArcSeek(FileId, &Position, SeekAbsolute);
875
876 TRACE("SH->VA: 0x%X\n", SectionHeader->VirtualAddress);
877
878 /* Read this section from the file, size = SizeOfRawData */
879 Status = ArcRead(FileId, (PUCHAR)PhysicalBase + SectionHeader->VirtualAddress, SizeOfRawData, &BytesRead);
880 if (Status != ESUCCESS)
881 {
882 ERR("PeLdrLoadImage(): Error reading section from file!\n");
883 break;
884 }
885 }
886
887 /* Size of data is less than the virtual size: fill up the remainder with zeroes */
888 if (SizeOfRawData < VirtualSize)
889 {
890 TRACE("PeLdrLoadImage(): SORD %d < VS %d\n", SizeOfRawData, VirtualSize);
891 RtlZeroMemory((PVOID)(SectionHeader->VirtualAddress + (ULONG_PTR)PhysicalBase + SizeOfRawData), VirtualSize - SizeOfRawData);
892 }
893
894 SectionHeader++;
895 }
896
897 /* We are done with the file, close it */
898 ArcClose(FileId);
899
900 /* If loading failed, return right now */
901 if (Status != ESUCCESS)
902 goto Failure;
903
904 /* Relocate the image, if it needs it */
905 if (NtHeaders->OptionalHeader.ImageBase != (ULONG_PTR)VirtualBase)
906 {
907 WARN("Relocating %p -> %p\n", NtHeaders->OptionalHeader.ImageBase, VirtualBase);
908 Status = LdrRelocateImageWithBias(PhysicalBase,
909 (ULONG_PTR)VirtualBase - (ULONG_PTR)PhysicalBase,
910 "FreeLdr",
911 ESUCCESS,
912 ESUCCESS, /* In case of conflict still return success */
913 ENOEXEC);
914 if (Status != ESUCCESS)
915 goto Failure;
916 }
917
918 /* Fill output parameters */
919 *ImageBasePA = PhysicalBase;
920
921 TRACE("PeLdrLoadImage() done, PA = %p\n", *ImageBasePA);
922 return TRUE;
923
924Failure:
925 /* Cleanup and bail out */
926 MmFreeMemory(PhysicalBase);
927 return FALSE;
928}
PCWSTR FilePath
#define WARN(fmt,...)
Definition: debug.h:112
#define ERR(fmt,...)
Definition: debug.h:110
ARC_STATUS ArcClose(ULONG FileId)
Definition: fs.c:220
ARC_STATUS ArcSeek(ULONG FileId, LARGE_INTEGER *Position, SEEKMODE SeekMode)
Definition: fs.c:245
ARC_STATUS ArcOpen(CHAR *Path, OPENMODE OpenMode, ULONG *FileId)
Definition: fs.c:56
#define SECTOR_SIZE
Definition: fs.h:22
ARC_STATUS ArcRead(ULONG FileId, VOID *Buffer, ULONG N, ULONG *Count)
Definition: fs.c:238
PVOID MmAllocateMemoryAtAddress(SIZE_T MemorySize, PVOID DesiredAddress, TYPE_OF_MEMORY MemoryType)
Definition: mm.c:85
VOID MmFreeMemory(PVOID MemoryPointer)
Definition: mm.c:215
PVOID MmAllocateMemoryWithType(SIZE_T MemorySize, TYPE_OF_MEMORY MemoryType)
Definition: mm.c:31
#define ENOEXEC
Definition: errno.h:14
Status
Definition: gdiplustypes.h:25
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define min(a, b)
Definition: monoChain.cc:55
#define KSEG0_BASE
Definition: ketypes.h:339
ULONG NTAPI LdrRelocateImageWithBias(_In_ PVOID BaseAddress, _In_ LONGLONG AdditionalBias, _In_opt_ PCSTR LoaderName, _In_ ULONG Success, _In_ ULONG Conflict, _In_ ULONG Invalid)
Definition: image.c:474
#define IMAGE_FIRST_SECTION(NtHeader)
Definition: ntimage.h:427
#define IMAGE_FILE_EXECUTABLE_IMAGE
Definition: pedump.c:160
@ ESUCCESS
Definition: arc.h:32
ULONG ARC_STATUS
Definition: arc.h:4
@ SeekAbsolute
Definition: arc.h:59
@ OpenReadOnly
Definition: arc.h:65
IMAGE_FILE_HEADER FileHeader
Definition: ntddk_ex.h:183
DWORD PointerToRawData
Definition: pedump.c:290
union _IMAGE_SECTION_HEADER::@1556 Misc
static COORD Position
Definition: mouse.c:34
char * PSTR
Definition: typedefs.h:51
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
uint32_t ULONG_PTR
Definition: typedefs.h:65
unsigned char * PUCHAR
Definition: typedefs.h:53
uint32_t ULONG
Definition: typedefs.h:59
_Must_inspect_result_ _In_ WDFIOTARGET _In_opt_ WDFREQUEST _In_opt_ PWDF_MEMORY_DESCRIPTOR _In_opt_ PLONGLONG _In_opt_ PWDF_REQUEST_SEND_OPTIONS _Out_opt_ PULONG_PTR BytesRead
Definition: wdfiotarget.h:870
unsigned char UCHAR
Definition: xmlstorage.h:181

Referenced by LoadBootDeviceDriver(), LoadModule(), PeLdrpLoadAndScanReferencedDll(), and WinLdrLoadDeviceDriver().

◆ PeLdrScanImportDescriptorTable()

BOOLEAN PeLdrScanImportDescriptorTable ( IN OUT PLIST_ENTRY  ModuleListHead,
IN PCCH  DirectoryPath,
IN PLDR_DATA_TABLE_ENTRY  ScanDTE 
)

Definition at line 522 of file peloader.c.

526{
527 PLDR_DATA_TABLE_ENTRY DataTableEntry;
528 PIMAGE_IMPORT_DESCRIPTOR ImportTable;
529 ULONG ImportTableSize;
530 PCH ImportName;
532
533 /* Get a pointer to the import table of this image */
534 ImportTable = (PIMAGE_IMPORT_DESCRIPTOR)RtlImageDirectoryEntryToData(VaToPa(ScanDTE->DllBase),
535 TRUE, IMAGE_DIRECTORY_ENTRY_IMPORT, &ImportTableSize);
536
537#if DBG
538 {
539 UNICODE_STRING BaseName;
540 BaseName.Buffer = VaToPa(ScanDTE->BaseDllName.Buffer);
541 BaseName.MaximumLength = ScanDTE->BaseDllName.MaximumLength;
542 BaseName.Length = ScanDTE->BaseDllName.Length;
543 TRACE("PeLdrScanImportDescriptorTable(): %wZ ImportTable = 0x%X\n",
544 &BaseName, ImportTable);
545 }
546#endif
547
548 /* If image doesn't have any import directory - just return success */
549 if (ImportTable == NULL)
550 return TRUE;
551
552 /* Loop through all entries */
553 for (;(ImportTable->Name != 0) && (ImportTable->FirstThunk != 0);ImportTable++)
554 {
555 /* Get pointer to the name */
556 ImportName = (PCH)VaToPa(RVA(ScanDTE->DllBase, ImportTable->Name));
557 TRACE("PeLdrScanImportDescriptorTable(): Looking at %s\n", ImportName);
558
559 /* In case we get a reference to ourselves - just skip it */
560 if (PeLdrpCompareDllName(ImportName, &ScanDTE->BaseDllName))
561 continue;
562
563 /* Load the DLL if it is not already loaded */
564 if (!PeLdrCheckForLoadedDll(ModuleListHead, ImportName, &DataTableEntry))
565 {
567 DirectoryPath,
568 ImportName,
569 &ScanDTE->InLoadOrderLinks,
570 &DataTableEntry);
571 if (!Success)
572 {
573 ERR("PeLdrpLoadAndScanReferencedDll() failed\n");
574 return Success;
575 }
576 }
577
578 /* Scan its import address table */
580 DataTableEntry->DllBase,
581 ScanDTE->DllBase,
582 (PIMAGE_THUNK_DATA)RVA(ScanDTE->DllBase, ImportTable->FirstThunk),
583 DirectoryPath,
584 &ScanDTE->InLoadOrderLinks);
585
586 if (!Success)
587 {
588 ERR("PeLdrpScanImportAddressTable() failed: ImportName = '%s', DirectoryPath = '%s'\n",
589 ImportName, DirectoryPath);
590 return Success;
591 }
592 }
593
594 return TRUE;
595}
unsigned char BOOLEAN
DWORD RVA
Definition: compat.h:1262
#define RtlImageDirectoryEntryToData
Definition: compat.h:809
@ Success
Definition: eventcreate.c:712
CHAR * PCH
Definition: ntbasedef.h:391
struct _IMAGE_IMPORT_DESCRIPTOR * PIMAGE_IMPORT_DESCRIPTOR
#define IMAGE_DIRECTORY_ENTRY_IMPORT
Definition: pedump.c:260
static BOOLEAN PeLdrpScanImportAddressTable(IN OUT PLIST_ENTRY ModuleListHead, IN PVOID DllBase, IN PVOID ImageBase, IN PIMAGE_THUNK_DATA ThunkData, IN PCSTR DirectoryPath, IN PLIST_ENTRY Parent)
Definition: peloader.c:408
BOOLEAN PeLdrCheckForLoadedDll(IN OUT PLIST_ENTRY ModuleListHead, IN PCH DllName, OUT PLDR_DATA_TABLE_ENTRY *LoadedEntry)
Definition: peloader.c:478
static BOOLEAN PeLdrpLoadAndScanReferencedDll(IN OUT PLIST_ENTRY ModuleListHead, IN PCCH DirectoryPath, IN PCH ImportName, IN PLIST_ENTRY Parent OPTIONAL, OUT PLDR_DATA_TABLE_ENTRY *DataTableEntry)
Definition: peloader.c:347

Referenced by LoadBootDeviceDriver(), LoadWindowsCore(), PeLdrpLoadAndScanReferencedDll(), and WinLdrLoadDeviceDriver().

Variable Documentation

◆ PeLdrImportDllLoadCallback

PELDR_IMPORTDLL_LOAD_CALLBACK PeLdrImportDllLoadCallback
extern

Definition at line 28 of file peloader.c.

Referenced by LoadAndBootWindowsCommon(), and PeLdrpLoadAndScanReferencedDll().