Include dependency graph for ldrapi.c:
Go to the source code of this file.
Macros | |
| #define | NDEBUG |
| #define | STATUS_MUI_FILE_NOT_FOUND ((NTSTATUS)0xC00B0001L) |
Macro Definition Documentation
◆ NDEBUG
◆ STATUS_MUI_FILE_NOT_FOUND
Function Documentation
◆ LdrAccessOutOfProcessResource()
| NTSTATUS NTAPI LdrAccessOutOfProcessResource | ( | IN PVOID | Unknown, |
| IN PVOID | Image, | ||
| IN PVOID | Unknown1, | ||
| IN PVOID | Unknown2, | ||
| IN PVOID | Unknown3 | ||
| ) |
◆ LdrAddRefDll()
Definition at line 1245 of file ldrapi.c.
1248{
1249 PLDR_DATA_TABLE_ENTRY LdrEntry;
1253
1254 /* Check for invalid flags */
1256 {
1257 /* Fail with invalid parameter status if so */
1259 goto quickie;
1260 }
1261
1262 /* Acquire the loader lock if not in init phase */
1264 {
1265 /* Acquire the lock */
1269 }
1270
1271 /* Get this module's data table entry */
1273 {
1274 if (!LdrEntry)
1275 {
1276 /* Shouldn't happen */
1278 goto quickie;
1279 }
1280
1281 /* If this is not a pinned module */
1283 {
1284 /* Update its load count */
1286 {
1287 /* Pin it by setting load count to -1 */
1288 LdrEntry->LoadCount = 0xFFFF;
1290 }
1291 else
1292 {
1293 /* Increase its load count by one */
1294 LdrEntry->LoadCount++;
1296 }
1297
1298 /* Clear load in progress */
1299 LdrpClearLoadInProgress();
1300 }
1301 }
1302 else
1303 {
1304 /* There was an error getting this module's handle, return invalid param status */
1306 }
1307
1308quickie:
1309 /* Check for error case */
1311 {
1312 /* Print debug information */
1316 {
1318 }
1319 }
1320
1321 /* Release the lock if needed */
1324}
NTSTATUS NTAPI LdrUnlockLoaderLock(_In_ ULONG Flags, _In_opt_ ULONG_PTR Cookie)
Definition: ldrapi.c:101
NTSTATUS NTAPI LdrLockLoaderLock(_In_ ULONG Flags, _Out_opt_ PULONG Disposition, _Out_opt_ PULONG_PTR Cookie)
Definition: ldrapi.c:174
#define LDR_UNLOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS
Definition: ldrtypes.h:82
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404
BOOLEAN NTAPI LdrpCheckForLoadedDllHandle(IN PVOID Base, OUT PLDR_DATA_TABLE_ENTRY *LdrEntry)
Definition: ldrutils.c:1621
VOID NTAPI LdrpUpdateLoadCount2(IN PLDR_DATA_TABLE_ENTRY LdrEntry, IN ULONG Flags)
Definition: ldrutils.c:460
Definition: btrfs_drv.h:1876
Referenced by BasepGetModuleHandleExW().
◆ LdrAlternateResourcesEnabled()
Definition at line 81 of file ldrapi.c.
Referenced by LdrLoadAlternateResourceModule().
◆ LdrCreateOutOfProcessImage()
| NTSTATUS NTAPI LdrCreateOutOfProcessImage | ( | IN ULONG | Flags, |
| IN HANDLE | ProcessHandle, | ||
| IN HANDLE | DllHandle, | ||
| IN PVOID | Unknown3 | ||
| ) |
◆ LdrDestroyOutOfProcessImage()
◆ LdrDisableThreadCalloutsForDll()
Definition at line 1194 of file ldrapi.c.
1196{
1197 PLDR_DATA_TABLE_ENTRY LdrEntry;
1199 BOOLEAN LockHeld;
1202
1203 /* Don't do it during shutdown */
1205
1206 /* Check if we should grab the lock */
1207 LockHeld = FALSE;
1209 {
1210 /* Grab the lock */
1213 LockHeld = TRUE;
1214 }
1215
1216 /* Make sure the DLL is valid and get its entry */
1219 {
1220 /* Get if it has a TLS slot */
1222 {
1223 /* It doesn't, so you're allowed to call this */
1226 }
1227 }
1228
1229 /* Check if the lock was held */
1230 if (LockHeld)
1231 {
1232 /* Release it */
1234 }
1235
1236 /* Return the status */
1238}
Referenced by DisableThreadLibraryCalls(), and DllMain().
◆ LdrEnumerateLoadedModules()
| NTSTATUS NTAPI LdrEnumerateLoadedModules | ( | _Reserved_ ULONG | ReservedFlag, |
| _In_ PLDR_ENUM_CALLBACK | EnumProc, | ||
| _In_opt_ PVOID | Context | ||
| ) |
Definition at line 1130 of file ldrapi.c.
1134{
1135 PLIST_ENTRY ListHead, ListEntry;
1136 PLDR_DATA_TABLE_ENTRY LdrEntry;
1140
1141 /* Check parameters */
1143
1144 /* Acquire the loader lock */
1147
1148 /* Loop all the modules and call enum proc */
1149 ListHead = &NtCurrentPeb()->Ldr->InLoadOrderModuleList;
1150 ListEntry = ListHead->Flink;
1151 while (ListHead != ListEntry)
1152 {
1153 /* Get the entry */
1155
1156 /* Call the enumeration proc inside SEH */
1157 _SEH2_TRY
1158 {
1160 }
1162 {
1163 /* Ignoring the exception */
1164 } _SEH2_END;
1165
1166 /* Break if we were asked to stop enumeration */
1168 {
1169 break;
1170 }
1171
1172 /* Advance to the next module */
1173 ListEntry = ListEntry->Flink;
1174 }
1175
1176 /* Release loader lock */
1179
1180 /* Reset any successful status to STATUS_SUCCESS,
1181 * but leave failure to the caller */
1184
1185 /* Return any possible failure status */
1187}
Definition: compobj.c:4795
Definition: typedefs.h:120
Referenced by BasepComputeProcessPath(), and LoadLibraryExW().
◆ LdrFindCreateProcessManifest()
| NTSTATUS NTAPI LdrFindCreateProcessManifest | ( | IN ULONG | Flags, |
| IN PVOID | Image, | ||
| IN PVOID | IdPath, | ||
| IN ULONG | IdPathLength, | ||
| IN PVOID | OutDataEntry | ||
| ) |
◆ LdrFindEntryForAddress()
Definition at line 446 of file ldrapi.c.
449{
450 PLIST_ENTRY ListHead, NextEntry;
451 PLDR_DATA_TABLE_ENTRY LdrEntry;
452 PIMAGE_NT_HEADERS NtHeader;
454 ULONG_PTR DllBase, DllEnd;
455
457
458 /* Nothing to do */
460
461 /* Get the current entry */
462 LdrEntry = Ldr->EntryInProgress;
463 if (LdrEntry)
464 {
465 /* Get the NT Headers */
467 if (NtHeader)
468 {
469 /* Get the Image Base */
472
473 /* Check if they match */
476 {
477 /* Return it */
478 *Module = LdrEntry;
480 }
481 }
482 }
483
484 /* Loop the module list */
485 ListHead = &Ldr->InMemoryOrderModuleList;
486 NextEntry = ListHead->Flink;
487 while (NextEntry != ListHead)
488 {
489 /* Get the entry and NT Headers */
492 if (NtHeader)
493 {
494 /* Get the Image Base */
497
498 /* Check if they match */
501 {
502 /* Return it */
503 *Module = LdrEntry;
505 }
506
507 /* Next Entry */
508 NextEntry = NextEntry->Flink;
509 }
510 }
511
512 /* Nothing found */
514 DPFLTR_WARNING_LEVEL,
515 "LDR: %s() exiting 0x%08lx\n",
516 __FUNCTION__,
517 STATUS_NO_MORE_ENTRIES);
519}
NTSYSAPI ULONG __cdecl DbgPrintEx(_In_ ULONG ComponentId, _In_ ULONG Level, _In_z_ _Printf_format_string_ PCSTR Format,...)
Definition: ntddk_ex.h:181
Definition: btrfs_drv.h:1892
LIST_ENTRY InMemoryOrderModuleList
Definition: btrfs_drv.h:1895
Referenced by find_query_actctx(), and get_module_filename().
◆ LdrFlushAlternateResourceModules()
◆ LdrGetDllHandle()
| NTSTATUS NTAPI LdrGetDllHandle | ( | _In_opt_ PWSTR | DllPath, |
| _In_opt_ PULONG | DllCharacteristics, | ||
| _In_ PUNICODE_STRING | DllName, | ||
| _Out_ PVOID * | DllHandle | ||
| ) |
Definition at line 810 of file ldrapi.c.
815{
816 /* Call the newer API */
818 DllPath,
819 DllCharacteristics,
820 DllName,
821 DllHandle);
822}
NTSTATUS NTAPI LdrGetDllHandleEx(_In_ ULONG Flags, _In_opt_ PWSTR DllPath, _In_opt_ PULONG DllCharacteristics, _In_ PUNICODE_STRING DllName, _Out_opt_ PVOID *DllHandle)
Definition: ldrapi.c:526
#define LDR_GET_DLL_HANDLE_EX_UNCHANGED_REFCOUNT
Definition: ldrtypes.h:87
Referenced by BroadcastDriveLetterChange(), CsrClientConnectToServer(), CsrConnectToUser(), FirstSoundSentry(), GetModuleHandleForUnicodeString(), SeiAddHooks(), SeiFindHookModuleInfoForImportDescriptor(), and SeiInit().
◆ LdrGetDllHandleEx()
| NTSTATUS NTAPI LdrGetDllHandleEx | ( | _In_ ULONG | Flags, |
| _In_opt_ PWSTR | DllPath, | ||
| _In_opt_ PULONG | DllCharacteristics, | ||
| _In_ PUNICODE_STRING | DllName, | ||
| _Out_opt_ PVOID * | DllHandle | ||
| ) |
Definition at line 526 of file ldrapi.c.
532{
534 PLDR_DATA_TABLE_ENTRY LdrEntry;
535 UNICODE_STRING RedirectName, DllString1, RawDllName;
537 PWCHAR p1, p2, p3;
541
542 /* Initialize the strings */
543 RtlInitEmptyUnicodeString(&DllString1, NULL, 0);
544 RtlInitEmptyUnicodeString(&RawDllName, NULL, 0);
545 RedirectName = *DllName;
546 pRedirectName = &RedirectName;
547
548 /* Initialize state */
550 LdrEntry = NULL;
551 Cookie = 0;
552
553 /* Clear the handle */
555
556 /* Check for a valid flag combination */
559 {
562 goto Quickie;
563 }
564
565 /* If not initializing */
567 {
568 /* Acquire the lock */
571
572 /* Remember we own it */
574 }
575
576 /* Check if the SxS Assemblies specify another file */
578 pRedirectName,
579 &LdrApiDefaultExtension,
580 NULL,
581 &DllString1,
582 &pRedirectName,
583 NULL,
584 NULL,
585 NULL);
586
587 /* Check success */
589 {
590 /* Let Ldrp know */
591 RedirectedDll = TRUE;
592 }
594 {
595 /* Unrecoverable SxS failure */
596 goto Quickie;
597 }
598 else
599 {
600 ASSERT(pRedirectName == &RedirectName);
601 }
602
603 /* Set default failure code */
605
606 /* Use the cache if we can */
608 {
609 /* Check if we were redirected */
610 if (RedirectedDll)
611 {
612 /* Check the flag */
614 {
615 goto DontCompare;
616 }
617
618 /* Use the right name */
620 }
621 else
622 {
623 /* Check the flag */
625 {
626 goto DontCompare;
627 }
628
629 /* Use the right name */
631 }
632
633 /* Check if the name matches */
635 CompareName,
636 TRUE))
637 {
638 /* Skip the rest */
639 LdrEntry = LdrpGetModuleHandleCache;
640
641 /* Return success */
643 goto Quickie;
644 }
645 }
646
647DontCompare:
648 /* Find the name without the extension */
649 p1 = pRedirectName->Buffer;
650 p2 = NULL;
652 while (p1 != p3)
653 {
655 {
656 p2 = p1;
657 }
659 {
660 p2 = NULL;
661 }
662 }
663
664 /* Check if no extension was found or if we got a slash */
666 {
667 /* Check that we have space to add one */
671 {
672 /* No space to add the extension */
674 goto Quickie;
675 }
676
677 /* Setup the string */
681 0,
682 RawDllName.MaximumLength);
684 {
686 goto Quickie;
687 }
688
689 /* Copy the string and add extension */
690 RtlCopyUnicodeString(&RawDllName, pRedirectName);
692 }
693 else
694 {
695 /* Check if there's something in the name */
698 {
699 /* Check and remove trailing period */
701 {
702 /* Decrease the size */
704 }
705 }
706
707 /* Setup the string */
710 0,
711 RawDllName.MaximumLength);
713 {
715 goto Quickie;
716 }
717
718 /* Copy the string */
719 RtlCopyUnicodeString(&RawDllName, pRedirectName);
720 }
721
722 /* Display debug string */
724 {
726 &RawDllName,
728 }
729
730 /* Do the lookup */
732 &RawDllName,
734 RedirectedDll,
735 &LdrEntry))
736 {
737 /* Update cached entry */
738 LdrpGetModuleHandleCache = LdrEntry;
739
740 /* Return success */
742 }
743 else
744 {
745 /* Make sure to NULL this */
746 LdrEntry = NULL;
747 }
748Quickie:
749 /* The success path must have a valid loader entry */
751
752 /* Check if we got an entry and success */
755 {
756 /* Check if the DLL is locked */
759 {
760 /* Check what to do with the load count */
762 {
763 /* Pin it */
764 LdrEntry->LoadCount = 0xFFFF;
765 LoadFlag = LDRP_UPDATE_PIN;
766 }
767 else
768 {
769 /* Increase the load count */
770 LdrEntry->LoadCount++;
771 LoadFlag = LDRP_UPDATE_REFCOUNT;
772 }
773
774 /* Update the load count now */
775 LdrpUpdateLoadCount2(LdrEntry, LoadFlag);
776 LdrpClearLoadInProgress();
777 }
778
779 /* Check if the caller is requesting the handle */
781 }
782
783 /* Free string if needed */
785
786 /* Free the raw DLL Name if needed */
788 {
789 /* Free the heap-allocated buffer */
792 }
793
794 /* Release lock */
796 {
798 Cookie);
799 }
800
801 /* Return */
803}
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:590
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:608
NTSYSAPI NTSTATUS NTAPI RtlDosApplyFileIsolationRedirection_Ustr(IN ULONG Flags, IN PUNICODE_STRING OriginalName, IN PUNICODE_STRING Extension, IN OUT PUNICODE_STRING StaticString, IN OUT PUNICODE_STRING DynamicString, IN OUT PUNICODE_STRING *NewName, IN PULONG NewFlags, IN PSIZE_T FileNameSize, IN PSIZE_T RequiredLength)
Definition: libsupp.c:818
NTSYSAPI VOID NTAPI RtlCopyUnicodeString(PUNICODE_STRING DestinationString, PUNICODE_STRING SourceString)
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
NTSYSAPI BOOLEAN NTAPI RtlEqualUnicodeString(PUNICODE_STRING String1, PUNICODE_STRING String2, BOOLEAN CaseInSensitive)
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
#define UNICODE_NULL
#define UNICODE_STRING_MAX_BYTES
#define ANSI_NULL
BOOLEAN NTAPI LdrpCheckForLoadedDll(IN PWSTR DllPath, IN PUNICODE_STRING DllName, IN BOOLEAN Flag, IN BOOLEAN RedirectedDll, OUT PLDR_DATA_TABLE_ENTRY *LdrEntry)
Definition: ldrutils.c:1979
Definition: env_spec_w32.h:368
Referenced by LdrGetDllHandle(), and LoadLibraryExW().
◆ LdrGetProcedureAddress()
| NTSTATUS NTAPI LdrGetProcedureAddress | ( | _In_ PVOID | BaseAddress, |
| _In_opt_ _When_(Ordinal==0, _Notnull_) PANSI_STRING | Name, | ||
| _In_opt_ _When_(Name==NULL, _In_range_(>, 0)) ULONG | Ordinal, | ||
| _Out_ PVOID * | ProcedureAddress | ||
| ) |
Definition at line 829 of file ldrapi.c.
834{
835 /* Call the internal routine and tell it to execute DllInit */
837}
NTSTATUS NTAPI LdrpGetProcedureAddress(_In_ PVOID BaseAddress, _In_opt_ _When_(Ordinal==0, _Notnull_) PANSI_STRING Name, _In_opt_ _When_(Name==NULL, _In_range_(>, 0)) ULONG Ordinal, _Out_ PVOID *ProcedureAddress, _In_ BOOLEAN ExecuteInit)
Definition: ldrutils.c:2252
Definition: apinames.c:49
Referenced by BaseInitApphelp(), BasepReplaceProcessThreadTokens(), BaseSrvDelayLoadKernel32(), BroadcastDriveLetterChange(), CsrClientConnectToServer(), CsrConnectToUser(), CsrLoadServerDll(), FirstSoundSentry(), GetProcAddress(), InitApphelp(), LdrpInitializeProcess(), LoadOle32Export(), LsapAddAuthPackage(), SeiCreateShimModuleInfo(), and SeiResolveAPI().
◆ LdrInitShimEngineDynamic()
Definition at line 1690 of file ldrapi.c.
Referenced by SE_DynamicShim().
◆ LdrLoadAlternateResourceModule()
◆ LdrLoadDll()
| NTSTATUS NTAPI DECLSPEC_HOTPATCH LdrLoadDll | ( | _In_opt_ PWSTR | SearchPath, |
| _In_opt_ PULONG | DllCharacteristics, | ||
| _In_ PUNICODE_STRING | DllName, | ||
| _Out_ PVOID * | BaseAddress | ||
| ) |
Definition at line 312 of file ldrapi.c.
317{
319 UNICODE_STRING DllString1, DllString2;
323 PUNICODE_STRING OldTldDll;
325
326 /* Initialize the strings */
328 RtlInitEmptyUnicodeString(&DllString2, NULL, 0);
329
330 /* Check if the SxS Assemblies specify another file */
332 DllName,
333 &LdrApiDefaultExtension,
334 &DllString1,
335 &DllString2,
336 &DllName,
337 NULL,
338 NULL,
339 NULL);
340
341 /* Check success */
343 {
344 /* Let Ldrp know */
345 RedirectedDll = TRUE;
346 }
348 {
349 /* Unrecoverable SxS failure; did we get a string? */
352 }
353
354 /* Lock the loader lock */
356
357 /* Check if there's a TLD DLL being loaded */
358 OldTldDll = LdrpTopLevelDllBeingLoaded;
359 _SEH2_TRY
360 {
361
362 if (OldTldDll)
363 {
364 /* This is a recursive load, do something about it? */
366 {
367 /* Print out debug messages */
374 OldTldDll);
378 DllName);
379
380 /* Was it initializing too? */
382 {
386 }
387 else
388 {
393 }
394 }
395 }
396
397 /* Set this one as the TLD DLL being loaded*/
398 LdrpTopLevelDllBeingLoaded = DllName;
399
400 /* Load the DLL */
402 SearchPath,
403 DllCharacteristics,
404 DllName,
405 BaseAddress,
406 TRUE);
408 {
410 }
415 {
417 DPFLTR_WARNING_LEVEL,
418 "LDR: %s - failing because LdrpLoadDll(%wZ) returned status %x\n",
419 __FUNCTION__,
420 DllName,
421 Status);
422 }
423 }
424 _SEH2_FINALLY
425 {
426 /* Restore the old TLD DLL */
427 LdrpTopLevelDllBeingLoaded = OldTldDll;
428
429 /* Release the lock */
431 }
432 _SEH2_END;
433
434 /* Do we have a redirect string? */
436
437 /* Return */
439}
#define LDR_LOCK_LOADER_LOCK_FLAG_RAISE_ON_ERRORS
Definition: ldrtypes.h:76
NTSTATUS NTAPI LdrpLoadDll(IN BOOLEAN Redirected, IN PWSTR DllPath OPTIONAL, IN PULONG DllCharacteristics OPTIONAL, IN PUNICODE_STRING DllName, OUT PVOID *BaseAddress, IN BOOLEAN CallInit)
Definition: ldrutils.c:2435
Definition: compat.h:836
Referenced by AVrfpLoadAndInitializeProvider(), BaseInitApphelp(), BaseSrvDelayLoadKernel32(), CsrLoadServerDll(), InitApphelp(), LdrpInitializeProcess(), LoadLibraryExW(), LoadOle32Export(), LsapAddAuthPackage(), SeiInit(), and START_TEST().
◆ LdrLockLoaderLock()
| NTSTATUS NTAPI LdrLockLoaderLock | ( | _In_ ULONG | Flags, |
| _Out_opt_ PULONG | Disposition, | ||
| _Out_opt_ PULONG_PTR | Cookie | ||
| ) |
Definition at line 174 of file ldrapi.c.
178{
181
183
184 /* Zero out the outputs */
187
188 /* Validate the flags */
191 {
192 /* Flags are invalid, check how to fail */
194 {
195 /* The caller wants us to raise status */
197 }
198
199 /* A normal failure */
201 }
202
203 /* Make sure we got a cookie */
205 {
206 /* No cookie check how to fail */
208 {
209 /* The caller wants us to raise status */
211 }
212
213 /* A normal failure */
215 }
216
217 /* If the flag is set, make sure we have a valid pointer to use */
219 {
220 /* No pointer to return the data to */
222 {
223 /* The caller wants us to raise status */
225 }
226
227 /* Fail */
229 }
230
231 /* Return now if we are in the init phase */
233
234 /* Check what locking semantic to use */
236 {
237 /* Check if we should enter or simply try */
239 {
240 /* Do a try */
242 {
243 /* It's locked */
245 }
246 else
247 {
248 /* It worked */
251 }
252 }
253 else
254 {
255 /* Do a enter */
257
258 /* See if result was requested */
261 }
262 }
263 else
264 {
265 /* Wrap this in SEH, since we're not supposed to raise */
266 _SEH2_TRY
267 {
268 /* Check if we should enter or simply try */
270 {
271 /* Do a try */
273 {
274 /* It's locked */
276 }
277 else
278 {
279 /* It worked */
282 }
283 }
284 else
285 {
286 /* Do an enter */
288
289 /* See if result was requested */
292 }
293 }
295 {
296 /* We should use the LDR Filter instead */
298 }
299 _SEH2_END;
300 }
301
302 /* Return status */
304}
#define LDR_LOCK_LOADER_LOCK_DISPOSITION_LOCK_NOT_ACQUIRED
Definition: ldrtypes.h:93
#define LDR_LOCK_LOADER_LOCK_FLAG_TRY_ONLY
Definition: ldrtypes.h:77
#define LDR_LOCK_LOADER_LOCK_DISPOSITION_INVALID
Definition: ldrtypes.h:91
#define LDR_LOCK_LOADER_LOCK_DISPOSITION_LOCK_ACQUIRED
Definition: ldrtypes.h:92
_In_ ACCESS_MASK _In_ POBJECT_ATTRIBUTES _Reserved_ ULONG _In_opt_ PUNICODE_STRING _In_ ULONG _Out_opt_ PULONG Disposition
Definition: cmfuncs.h:56
NTSYSAPI BOOLEAN NTAPI RtlTryEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
DECLSPEC_NORETURN NTSYSAPI VOID NTAPI RtlRaiseStatus(_In_ NTSTATUS Status)
Referenced by BasepGetModuleHandleExW(), find_query_actctx(), get_module_filename(), GetModuleFileNameW(), LdrAddRefDll(), LdrDisableThreadCalloutsForDll(), LdrEnumerateLoadedModules(), LdrGetDllHandleEx(), LdrInitShimEngineDynamic(), LdrLoadDll(), and LdrUnloadAlternateResourceModule().
◆ LdrpMakeCookie()
| FORCEINLINE ULONG_PTR LdrpMakeCookie | ( | VOID | ) |
Definition at line 89 of file ldrapi.c.
90{
91 /* Generate a cookie */
94}
long __cdecl _InterlockedIncrement(_Interlocked_operand_ long volatile *_Addend)
Referenced by LdrLockLoaderLock().
◆ LdrProcessRelocationBlock()
| PIMAGE_BASE_RELOCATION NTAPI LdrProcessRelocationBlock | ( | _In_ ULONG_PTR | Address, |
| _In_ ULONG | Count, | ||
| _In_ PUSHORT | TypeOffset, | ||
| _In_ LONG_PTR | Delta | ||
| ) |
◆ LdrQueryProcessModuleInformation()
| NTSTATUS NTAPI LdrQueryProcessModuleInformation | ( | _Out_writes_bytes_to_(Size, *ReturnedSize) PRTL_PROCESS_MODULES | ModuleInformation, |
| _In_ ULONG | Size, | ||
| _Out_opt_ PULONG | ReturnedSize | ||
| ) |
Definition at line 1116 of file ldrapi.c.
1120{
1121 /* Call Ex version of the API */
1123}
NTSTATUS NTAPI LdrQueryProcessModuleInformationEx(_In_opt_ ULONG ProcessId, _Reserved_ ULONG Reserved, _Out_writes_bytes_to_(Size, *ReturnedSize) PRTL_PROCESS_MODULES ModuleInformation, _In_ ULONG Size, _Out_opt_ PULONG ReturnedSize)
Definition: ldrapi.c:987
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
Definition: wdfdevice.h:4533
Referenced by RtlQueryProcessDebugInformation(), and Test_ProcessModules().
◆ LdrQueryProcessModuleInformationEx()
| NTSTATUS NTAPI LdrQueryProcessModuleInformationEx | ( | _In_opt_ ULONG | ProcessId, |
| _Reserved_ ULONG | Reserved, | ||
| _Out_writes_bytes_to_(Size, *ReturnedSize) PRTL_PROCESS_MODULES | ModuleInformation, | ||
| _In_ ULONG | Size, | ||
| _Out_opt_ PULONG | ReturnedSize | ||
| ) |
Definition at line 987 of file ldrapi.c.
993{
996 PLDR_DATA_TABLE_ENTRY Module, InitModule;
1002
1004
1005 /* Acquire loader lock */
1007
1008 _SEH2_TRY
1009 {
1010 /* Check if we were given enough space */
1012 {
1014 }
1015 else
1016 {
1017 ModuleInformation->NumberOfModules = 0;
1018 ModulePtr = &ModuleInformation->Modules[0];
1020 }
1021
1022 /* Traverse the list of modules */
1025
1027 {
1029
1031
1032 /* Increase the used size */
1034
1036 {
1038 }
1039 else
1040 {
1046 ModulePtr->InitOrderIndex = 0;
1047 ModulePtr->LoadOrderIndex = ModuleInformation->NumberOfModules;
1048
1049 /* Now get init order index by traversing init list */
1050 InitListHead = &NtCurrentPeb()->Ldr->InInitializationOrderModuleList;
1051 InitEntry = InitListHead->Flink;
1052
1053 while (InitEntry != InitListHead)
1054 {
1056
1057 /* Increase the index */
1058 ModulePtr->InitOrderIndex++;
1059
1060 /* Quit the loop if our module is found */
1061 if (InitModule == Module) break;
1062
1063 /* Advance to the next entry */
1064 InitEntry = InitEntry->Flink;
1065 }
1066
1067 /* Prepare ANSI string with the module's name */
1068 AnsiString.Length = 0;
1072 &Module->FullDllName,
1073 FALSE);
1074
1075 /* Calculate OffsetToFileName field */
1079 else
1080 ModulePtr->OffsetToFileName = 0;
1081
1082 /* Advance to the next module in the output list */
1083 ModulePtr++;
1084
1085 /* Increase number of modules */
1086 if (ModuleInformation)
1087 ModuleInformation->NumberOfModules++;
1088 }
1089
1090 /* Go to the next entry in the modules list */
1092 }
1093
1094 /* Set returned size if it was provided */
1096 *ReturnedSize = UsedSize;
1097 }
1099 {
1100 /* Ignoring the exception */
1101 } _SEH2_END;
1102
1103 /* Release the lock */
1105
1107
1109}
NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
struct _RTL_PROCESS_MODULE_INFORMATION RTL_PROCESS_MODULE_INFORMATION
NTSYSAPI NTSTATUS NTAPI RtlUnicodeStringToAnsiString(PANSI_STRING DestinationString, PUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)
_Check_return_ _CRTIMP _CONST_RETURN char *__cdecl strrchr(_In_z_ const char *_Str, _In_ int _Ch)
Definition: env_spec_w32.h:375
Definition: rtltypes.h:1016
Definition: rtltypes.h:1002
Referenced by LdrQueryProcessModuleInformation().
◆ LdrSetAppCompatDllRedirectionCallback()
| NTSTATUS NTAPI LdrSetAppCompatDllRedirectionCallback | ( | _In_ ULONG | Flags, |
| _In_ PLDR_APP_COMPAT_DLL_REDIRECTION_CALLBACK_FUNCTION | CallbackFunction, | ||
| _In_opt_ PVOID | CallbackData | ||
| ) |
◆ LdrSetDllManifestProber()
| VOID NTAPI LdrSetDllManifestProber | ( | _In_ PLDR_MANIFEST_PROBER_ROUTINE | Routine | ) |
Definition at line 73 of file ldrapi.c.
75{
76 LdrpManifestProberRoutine = Routine;
77}
PLDR_MANIFEST_PROBER_ROUTINE LdrpManifestProberRoutine
Definition: ldrpe.c:18
Referenced by DllMain().
◆ LdrUnloadAlternateResourceModule()
Definition at line 1641 of file ldrapi.c.
1643{
1645
1646 /* Acquire the loader lock */
1648
1649 /* Check if there's any alternate resources loaded */
1651 {
1652 UNIMPLEMENTED;
1653 }
1654
1655 /* Release the loader lock */
1657
1658 /* All done */
1660}
Referenced by FreeLibrary(), FreeLibraryAndExitThread(), and LdrUnloadDll().
◆ LdrUnloadDll()
Definition at line 1331 of file ldrapi.c.
1333{
1336 PLDR_DATA_TABLE_ENTRY LdrEntry, CurrentEntry;
1337 PVOID EntryPoint;
1338 PLIST_ENTRY NextEntry;
1339 LIST_ENTRY UnloadList;
1340 RTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_EXTENDED ActCtx;
1341 PVOID CorImageData;
1342 ULONG ComSectionSize;
1343
1344 /* Get the LDR Lock */
1346
1347 /* Increase the unload count */
1348 LdrpActiveUnloadCount++;
1349
1350 /* Skip unload */
1352
1353 /* Make sure the DLL is valid and get its entry */
1355 {
1357 goto Quickie;
1358 }
1359
1360 /* Check the current Load Count */
1362 {
1363 /* Decrease it */
1364 LdrEntry->LoadCount--;
1365
1366 /* If it's a dll */
1368 {
1369 /* Set up the Act Ctx */
1373
1374 /* Activate the ActCtx */
1376 LdrEntry->EntryPointActivationContext);
1377
1378 /* Update the load count */
1380
1381 /* Release the context */
1383 }
1384 }
1385 else
1386 {
1387 /* The DLL is locked */
1388 goto Quickie;
1389 }
1390
1391 /* Show debug message */
1393
1394 /* Check if this is our only unload and initialize the list if so */
1396
1397 /* Loop the modules to build the list */
1400 {
1401 /* Get the entry */
1402 LdrEntry = CONTAINING_RECORD(NextEntry,
1403 LDR_DATA_TABLE_ENTRY,
1404 InInitializationOrderLinks);
1405 NextEntry = NextEntry->Blink;
1406
1407 /* Remove flag */
1408 LdrEntry->Flags &= ~LDRP_UNLOAD_IN_PROGRESS;
1409
1410 /* If the load count is now 0 */
1412 {
1413 /* Show message */
1415 {
1417 LdrpActiveUnloadCount,
1421 LdrEntry->EntryPoint);
1422 }
1423
1424 /* Call Shim Engine and notify */
1426 {
1428 SE_DllUnloaded(LdrEntry);
1429 }
1430
1431 /* Unlink it */
1432 CurrentEntry = LdrEntry;
1436
1437 /* If there's more then one active unload */
1439 {
1440 /* Flush the cached DLL handle and clear the list */
1443 }
1444
1445 /* Add the entry on the unload list */
1447 }
1448 }
1449
1450 /* Only call the entrypoints once */
1452
1453 /* Now loop the unload list and create our own */
1454 InitializeListHead(&UnloadList);
1455 CurrentEntry = NULL;
1458 {
1459 /* Get the current entry */
1461
1462 LdrpRecordUnloadEvent(LdrEntry);
1463
1464 /* Set the entry and clear it from the list */
1465 CurrentEntry = LdrEntry;
1468
1469 /* Move it from the global to the local list */
1472
1473 /* Get the entrypoint */
1474 EntryPoint = LdrEntry->EntryPoint;
1475
1476 /* Check if we should call it */
1478 {
1479 /* Show message */
1481 {
1483 }
1484
1485 /* Set up the Act Ctx */
1489
1490 /* Activate the ActCtx */
1492 LdrEntry->EntryPointActivationContext);
1493
1494 /* Call the entrypoint */
1495 _SEH2_TRY
1496 {
1498 LdrEntry->DllBase,
1499 DLL_PROCESS_DETACH,
1500 NULL);
1501 }
1503 {
1506 }
1507 _SEH2_END;
1508
1509 /* Release the context */
1511 }
1512
1513 /* Remove it from the list */
1515 CurrentEntry = NULL;
1517 }
1518
1519 /* Now loop our local list */
1520 NextEntry = UnloadList.Flink;
1521 while (NextEntry != &UnloadList)
1522 {
1523 /* Get the entry */
1525 NextEntry = NextEntry->Flink;
1526 CurrentEntry = LdrEntry;
1527
1528 /* Notify Application Verifier */
1530 {
1531 AVrfDllUnloadNotification(LdrEntry);
1532 }
1533
1534 /* Show message */
1536 {
1538 }
1539
1540 /* Check if this is a .NET executable */
1542 TRUE,
1544 &ComSectionSize);
1545 if (CorImageData)
1546 {
1547 /* FIXME */
1549 }
1550
1551 /* Check if we should unmap*/
1553 {
1554 /* Unmap the DLL */
1556 CurrentEntry->DllBase);
1558 }
1559
1560 /* Unload the alternate resource module, if any */
1562
1563 /* FIXME: Send shutdown notification */
1564 //LdrpSendDllNotifications(CurrentEntry, 2, LdrpShutdownInProgress);
1565
1566 /* Check if a Hotpatch is active */
1568 {
1569 /* FIXME */
1571 }
1572
1573 /* Deallocate the Entry */
1574 LdrpFinalizeAndDeallocateDataTableEntry(CurrentEntry);
1575
1576 /* If this is the cached entry, invalidate it */
1578 {
1580 }
1581 }
1582
1583Quickie:
1584 /* Decrease unload count */
1585 LdrpActiveUnloadCount--;
1587
1588 /* Return to caller */
1590}
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3848
Definition: nsiface.idl:2307
BOOLEAN NTAPI LdrUnloadAlternateResourceModule(_In_ PVOID BaseAddress)
Definition: ldrapi.c:1641
#define RTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_FORMAT_WHISTLER
Definition: rtltypes.h:101
VOID NTAPI LdrpFinalizeAndDeallocateDataTableEntry(IN PLDR_DATA_TABLE_ENTRY Entry)
Definition: ldrutils.c:1598
BOOLEAN NTAPI LdrpCallInitRoutine(IN PDLL_INIT_ROUTINE EntryPoint, IN PVOID BaseAddress, IN ULONG Reason, IN PVOID Context)
Definition: ldrutils.c:100
VOID NTAPI AVrfDllUnloadNotification(IN PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: verifier.c:328
VOID NTAPI LdrpRecordUnloadEvent(_In_ PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: trace.c:28
#define IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
Definition: ntimage.h:489
PRTL_ACTIVATION_CONTEXT_STACK_FRAME FASTCALL RtlActivateActivationContextUnsafeFast(IN PRTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_EXTENDED Frame, IN PVOID Context)
Definition: actctx.c:5934
PRTL_ACTIVATION_CONTEXT_STACK_FRAME FASTCALL RtlDeactivateActivationContextUnsafeFast(IN PRTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_EXTENDED Frame)
Definition: actctx.c:6011
PACTIVATION_CONTEXT EntryPointActivationContext
Definition: ldrtypes.h:163
LIST_ENTRY InInitializationOrderLinks
Definition: ldrtypes.h:140
LIST_ENTRY InInitializationOrderModuleList
Definition: ldrtypes.h:122
Definition: btrfs_drv.h:1907
Referenced by BasepReplaceProcessThreadTokens(), CsrLoadServerDll(), FreeLibrary(), FreeLibraryAndExitThread(), InitApphelp(), LdrpLoadDll(), LdrpUnloadShimEngine(), LsapAddAuthPackage(), PropertyLengthAsVariant(), RtlConvertPropertyToVariant(), RtlConvertVariantToProperty(), and START_TEST().
◆ LdrUnlockLoaderLock()
Definition at line 101 of file ldrapi.c.
104{
106
108
109 /* Check for valid flags */
111 {
112 /* Flags are invalid, check how to fail */
114 {
115 /* The caller wants us to raise status */
117 }
118
119 /* A normal failure */
121 }
122
123 /* If we don't have a cookie, just return */
125
126 /* Validate the cookie */
129 {
131
132 /* Invalid cookie, check how to fail */
134 {
135 /* The caller wants us to raise status */
137 }
138
139 /* A normal failure */
141 }
142
143 /* Ready to release the lock */
145 {
146 /* Do a direct leave */
148 }
149 else
150 {
151 /* Wrap this in SEH, since we're not supposed to raise */
152 _SEH2_TRY
153 {
154 /* Leave the lock */
156 }
158 {
159 /* We should use the LDR Filter instead */
161 }
162 _SEH2_END;
163 }
164
165 /* All done */
167}
Referenced by BasepGetModuleHandleExW(), find_query_actctx(), get_module_filename(), GetModuleFileNameW(), LdrAddRefDll(), LdrDisableThreadCalloutsForDll(), LdrEnumerateLoadedModules(), LdrGetDllHandleEx(), LdrInitShimEngineDynamic(), LdrLoadDll(), and LdrUnloadAlternateResourceModule().
◆ LdrVerifyImageMatchesChecksum()
| NTSTATUS NTAPI LdrVerifyImageMatchesChecksum | ( | _In_ HANDLE | FileHandle, |
| _In_ PLDR_CALLBACK | Callback, | ||
| _In_ PVOID | CallbackContext, | ||
| _Out_ PUSHORT | ImageCharacteristics | ||
| ) |
Definition at line 844 of file ldrapi.c.
849{
850 FILE_STANDARD_INFORMATION FileStandardInfo;
851 PIMAGE_IMPORT_DESCRIPTOR ImportData;
854 PIMAGE_NT_HEADERS NtHeader;
855 HANDLE SectionHandle;
857 PVOID ViewBase;
860 PVOID ImportName;
863
864 /* If the handle has the magic KnownDll flag, skip actual checksums */
866
867 /* Create the section */
869 SECTION_MAP_EXECUTE,
870 NULL,
871 NULL,
872 PAGE_EXECUTE,
873 SEC_COMMIT,
874 FileHandle);
876 {
879 }
880
881 /* Map the section */
882 ViewSize = 0;
883 ViewBase = NULL;
885 NtCurrentProcess(),
886 &ViewBase,
887 0,
888 0,
889 NULL,
890 &ViewSize,
891 ViewShare,
892 0,
893 PAGE_EXECUTE);
895 {
897 NtClose(SectionHandle);
899 }
900
901 /* Get the file information */
903 &IoStatusBlock,
904 &FileStandardInfo,
906 FileStandardInformation);
908 {
911 NtClose(SectionHandle);
913 }
914
915 /* Protect with SEH */
916 _SEH2_TRY
917 {
918 /* Check if this is the KnownDll hack */
919 if (NoActualCheck)
920 {
921 /* Don't actually do it */
923 }
924 else
925 {
926 /* Verify the checksum */
930 }
931
932 /* Check if a callback was supplied */
934 {
935 /* Get the NT Header */
936 NtHeader = RtlImageNtHeader(ViewBase);
937
938 /* Check if caller requested this back */
939 if (ImageCharacteristics)
940 {
941 /* Return to caller */
943 }
944
945 /* Get the Import Directory Data */
946 ImportData = RtlImageDirectoryEntryToData(ViewBase,
947 FALSE,
949 &Size);
950
951 /* Make sure there is one */
952 if (ImportData)
953 {
954 /* Loop the imports */
956 {
957 /* Get the name */
958 ImportName = RtlImageRvaToVa(NtHeader,
959 ViewBase,
960 ImportData->Name,
961 &LastSection);
962
963 /* Notify the callback */
965 ImportData++;
966 }
967 }
968 }
969 }
971 {
972 /* Fail the request returning STATUS_IMAGE_CHECKSUM_MISMATCH */
974 }
975 _SEH2_END;
976
977 /* Unmap file and close handle */
979 NtClose(SectionHandle);
980
981 /* Return status */
983}
NTSTATUS NTAPI NtCreateSection(OUT PHANDLE SectionHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN PLARGE_INTEGER MaximumSize OPTIONAL, IN ULONG SectionPageProtection OPTIONAL, IN ULONG AllocationAttributes, IN HANDLE FileHandle OPTIONAL)
Definition: section.c:3441
NTSTATUS NTAPI NtMapViewOfSection(IN HANDLE SectionHandle, IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG_PTR ZeroBits, IN SIZE_T CommitSize, IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, IN OUT PSIZE_T ViewSize, IN SECTION_INHERIT InheritDisposition, IN ULONG AllocationType, IN ULONG Protect)
Definition: section.c:3622
_Must_inspect_result_ _In_opt_ PFLT_INSTANCE _Out_ PHANDLE FileHandle
Definition: fltkernel.h:1231
BOOLEAN NTAPI LdrVerifyMappedImageMatchesChecksum(_In_ PVOID BaseAddress, _In_ SIZE_T NumberOfBytes, _In_ ULONG FileLength)
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T ViewSize
Definition: mmfuncs.h:408
NTSYSAPI NTSTATUS NTAPI NtQueryInformationFile(IN HANDLE hFile, OUT PIO_STATUS_BLOCK pIoStatusBlock, OUT PVOID FileInformationBuffer, IN ULONG FileInformationBufferLength, IN FILE_INFORMATION_CLASS FileInfoClass)
Definition: propsheet.cpp:53
Definition: ntimage.h:572
Definition: pedump.c:280
Definition: env_spec_w32.h:870
_IRQL_requires_same_ typedef _In_ ULONG _In_ UCHAR _In_ ULONGLONG _In_ ULONGLONG _In_opt_ PEVENT_FILTER_DESCRIPTOR _Inout_opt_ PVOID CallbackContext
Definition: wmitypes.h:60
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:409
Referenced by SmpInitializeKnownDllsInternal().
◆ RtlDllShutdownInProgress()
Definition at line 1597 of file ldrapi.c.
Referenced by CtfImmDispatchDefImeMessage(), and ISPY_PreUninitialize().
Variable Documentation
◆ AlternateResourceModuleCount
| ULONG AlternateResourceModuleCount |
Definition at line 23 of file ldrapi.c.
Referenced by LdrUnloadAlternateResourceModule().
◆ LdrApiDefaultExtension
| UNICODE_STRING LdrApiDefaultExtension = RTL_CONSTANT_STRING(L".DLL") |
Definition at line 22 of file ldrapi.c.
Referenced by LdrGetDllHandleEx(), LdrLoadDll(), LdrpLoadDll(), LdrpLoadImportModule(), LdrpSnapThunk(), and LdrpUpdateLoadCount3().
◆ LdrpBreakOnRecursiveDllLoads
| BOOLEAN LdrpBreakOnRecursiveDllLoads |
Definition at line 21 of file ldrapi.c.
Referenced by LdrLoadDll().
◆ LdrpLoaderLockAcquisitionCount
| LONG LdrpLoaderLockAcquisitionCount |
Definition at line 20 of file ldrapi.c.
Referenced by LdrpMakeCookie().
◆ LdrpManifestProberRoutine
|
extern |
Definition at line 18 of file ldrpe.c.
Referenced by LdrpWalkImportDescriptor(), and LdrSetDllManifestProber().
◆ LdrpShowRecursiveLoads
| BOOLEAN LdrpShowRecursiveLoads |
Definition at line 21 of file ldrapi.c.
Referenced by LdrLoadDll().
◆ LdrpUnloadHead
| LIST_ENTRY LdrpUnloadHead |
Definition at line 19 of file ldrapi.c.
Referenced by LdrUnloadDll().
