ReactOS  0.4.15-dev-4863-gba0d16f
Functions
probe.h File Reference
#include <reactos/probe.h>
Include dependency graph for probe.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

static __inline NTSTATUS DefaultSetInfoBufferCheck (_In_ ULONG Class, _In_ const INFORMATION_CLASS_INFO *ClassList, _In_ ULONG ClassListEntries, _In_ PVOID Buffer, _In_ ULONG BufferLength, _In_ KPROCESSOR_MODE PreviousMode)
 Probe helper that validates the provided parameters whenever a NtSet*** system call is invoked from user or kernel mode. More...
 
static __inline NTSTATUS DefaultQueryInfoBufferCheck (_In_ ULONG Class, _In_ const INFORMATION_CLASS_INFO *ClassList, _In_ ULONG ClassListEntries, _In_ ULONG Flags, _In_opt_ PVOID Buffer, _In_ ULONG BufferLength, _In_opt_ PULONG ReturnLength, _In_opt_ PULONG_PTR ReturnLengthPtr, _In_ KPROCESSOR_MODE PreviousMode)
 Probe helper that validates the provided parameters whenever a NtQuery*** system call is invoked from user or kernel mode. More...
 

Function Documentation

◆ DefaultQueryInfoBufferCheck()

static __inline NTSTATUS DefaultQueryInfoBufferCheck ( _In_ ULONG  Class,
_In_ const INFORMATION_CLASS_INFO ClassList,
_In_ ULONG  ClassListEntries,
_In_ ULONG  Flags,
_In_opt_ PVOID  Buffer,
_In_ ULONG  BufferLength,
_In_opt_ PULONG  ReturnLength,
_In_opt_ PULONG_PTR  ReturnLengthPtr,
_In_ KPROCESSOR_MODE  PreviousMode 
)
static

Probe helper that validates the provided parameters whenever a NtQuery*** system call is invoked from user or kernel mode.

Parameters
[in]ClassThe specific class information that the caller explicitly requested information to be queried from an object.
[in]ClassListAn internal INFORMATION_CLASS_INFO consisting of a list array of information classes checked against the requested information classes given in Class parameter.
[in]ClassListEntriesSpecifies the number of class entries in an array, provided by the ClassList parameter.
[in]FlagsSpecifies a bit mask flag that influences how the query probe validation must be performed against Buffer and ReturnLength parameters. For further information in regard of this parameter, see remarks.
[in]BufferA pointer to an arbitrary data content in memory to be validated. Such parameter must be an initialized variable where the queried information is going to be received into this pointer. If the calling processor mode is UM (aka user mode) this parameter is validated. This parameter can be NULL (see remarks for more details).
[in]BufferLengthThe length of the buffer pointed by the Buffer parameter, whose size is in bytes. If the Buffer parameter is NULL, this parameter can be 0.
[in]ReturnLengthThe returned length of the buffer whose size is in bytes. If Buffer is NULL as well as BufferLength is 0, this parameter receives the actual return length needed to store the buffer in memory space. If the processor level calling mode is UM, this parameter is validated. If ICIF_FORCE_RETURN_LENGTH_PROBE is specified in Flags parameter, ReturnLength mustn't be NULL (see remarks). Otherwise it can be NULL.
[in]ReturnLengthPtrThis parameter is of the same nature as the ReturnLength one, with the difference being that the type parameter can be a ULONG on x86 systems or a ULONGLONG on AMD64 systems. If the processor level calling mode is UM, this parameter is validated. This parameter is currently unused.
[in]PreviousModeThe processor calling level mode. This level mode determines the procedure of probing validation in action. If the level calling mode is KM (aka kernel mode) this function will only validate the properties of the information class itself such as the required information length size. If the calling mode is UM, the pointer buffer provided by Buffer parameter is also validated as well as the return length parameter.
Returns
The outcome of the probe validation is based upon the returned NTSTATUS code. STATUS_SUCCESS is returned if the validation succeeded. Otherwise, one of the following failure status codes is returned:

STATUS_INVALID_INFO_CLASS – Indicates the given information class is not a valid QUERY class (ICIF_QUERY flag is not set to the corresponding information class) or the actual class is not present in the class list array.

STATUS_INFO_LENGTH_MISMATCH – Indicates the information length doesn't match with the one that the information class itself expects. This is the case with classes where ICIF_QUERY_SIZE_VARIABLE is not set, which means that the class requires a fixed length size.

STATUS_ACCESS_VIOLATION – Indicates the buffer is not within the user mode probe address range or the buffer variable is not writable (see remarks). The function will raise an exception.

STATUS_DATATYPE_MISALIGNMENT – Indicates the address of the buffer in memory is not aligned to the required alignment set.

Remarks
The probing of Buffer and ReturnLength are influenced based on the probe flags pointed by Flags parameter. The following flags are:

ICIF_PROBE_READ_WRITE – This flag explicitly tells the function to do a read and write probe against Buffer parameter. ProbeForWrite is invoked in this case. This is the default mechanism.

ICIF_PROBE_READ – This flag explicitly tells the function to do a read probe against Buffer parameter only, that is, the function does not probe if the parameter is actually writable. ProbeForRead is invoked in this case.

ICIF_FORCE_RETURN_LENGTH_PROBE – If this flag is set, the function will force probe the ReturnLength parameter. In this scenario if ReturnLength is NULL a STATUS_ACCESS_VIOLATION exception is raised. NtQueryInformationToken is the only NT system call where ReturnLength has to be properly initialized and not NULL.

Buffer parameter can be NULL if the caller does not want to actually query a certain information from an object. This is typically with query NT syscalls where a caller has to query the actual buffer length needed to store the queried information before doing a "real" query in the first place.

Definition at line 219 of file probe.h.

229 {
230  NTSTATUS Status = STATUS_SUCCESS;
231 
232  if (Class < ClassListEntries)
233  {
234  if (!(ClassList[Class].Flags & ICIF_QUERY))
235  {
236  Status = STATUS_INVALID_INFO_CLASS;
237  }
238  else if (ClassList[Class].RequiredSizeQUERY > 0 &&
239  BufferLength != ClassList[Class].RequiredSizeQUERY)
240  {
241  if (!(ClassList[Class].Flags & ICIF_QUERY_SIZE_VARIABLE))
242  {
243  Status = STATUS_INFO_LENGTH_MISMATCH;
244  }
245  }
246 
247  if (NT_SUCCESS(Status))
248  {
249  if (PreviousMode != KernelMode)
250  {
251  _SEH2_TRY
252  {
253  if (Buffer != NULL)
254  {
255  if (Flags & ICIF_PROBE_READ)
256  {
257  ProbeForRead(Buffer,
258  BufferLength,
259  ClassList[Class].AlignmentQUERY);
260  }
261  else
262  {
263  ProbeForWrite(Buffer,
264  BufferLength,
265  ClassList[Class].AlignmentQUERY);
266  }
267  }
268 
269  if ((Flags & ICIF_FORCE_RETURN_LENGTH_PROBE) || (ReturnLength != NULL))
270  {
271  ProbeForWriteUlong(ReturnLength);
272  }
273 
274  if (ReturnLengthPtr != NULL)
275  {
276  ProbeForWrite(ReturnLengthPtr, sizeof(ULONG_PTR), sizeof(ULONG_PTR));
277  }
278  }
279  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
280  {
281  Status = _SEH2_GetExceptionCode();
282  }
283  _SEH2_END;
284  }
285  }
286  }
287  else
288  Status = STATUS_INVALID_INFO_CLASS;
289 
290  return Status;
291 }
ProbeForWriteUlong
#define ProbeForWriteUlong(Ptr)
Definition: probe.h:36
ReturnLength
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:39
BufferLength
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3767
STATUS_INFO_LENGTH_MISMATCH
#define STATUS_INFO_LENGTH_MISMATCH
Definition: udferr_usr.h:133
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ProbeForWrite
VOID NTAPI ProbeForWrite(IN PVOID Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:143
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4226
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
Buffer
Definition: bufpool.h:45
Status
Status
Definition: gdiplustypes.h:24
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
Flags
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
STATUS_INVALID_INFO_CLASS
#define STATUS_INVALID_INFO_CLASS
Definition: ntstatus.h:240
ICIF_QUERY_SIZE_VARIABLE
#define ICIF_QUERY_SIZE_VARIABLE
Definition: icif.h:20
_SEH2_END
_SEH2_END
Definition: create.c:4400
ICIF_FORCE_RETURN_LENGTH_PROBE
#define ICIF_FORCE_RETURN_LENGTH_PROBE
Definition: icif.h:26
NULL
#define NULL
Definition: types.h:112
ICIF_QUERY
#define ICIF_QUERY
Definition: icif.h:18
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
ICIF_PROBE_READ
#define ICIF_PROBE_READ
Definition: icif.h:25

Referenced by NtQueryEvent(), NtQueryInformationProcess(), NtQueryInformationThread(), NtQueryInformationToken(), NtQueryIoCompletion(), NtQueryMutant(), NtQuerySemaphore(), and NtQueryTimer().

◆ DefaultSetInfoBufferCheck()

static __inline NTSTATUS DefaultSetInfoBufferCheck ( _In_ ULONG  Class,
_In_ const INFORMATION_CLASS_INFO ClassList,
_In_ ULONG  ClassListEntries,
_In_ PVOID  Buffer,
_In_ ULONG  BufferLength,
_In_ KPROCESSOR_MODE  PreviousMode 
)
static

Probe helper that validates the provided parameters whenever a NtSet*** system call is invoked from user or kernel mode.

Parameters
[in]ClassThe specific class information that the caller explicitly requested information to be set into an object.
[in]ClassListAn internal INFORMATION_CLASS_INFO consisting of a list array of information classes checked against the requested information classes given in Class parameter.
[in]ClassListEntriesSpecifies the number of class entries in an array, provided by the ClassList parameter.
[in]BufferA pointer to an arbitrary data content in memory to be validated. Such pointer points to the actual arbitrary information class buffer to be set into the object. This buffer is validated only if the calling processor mode is UM (aka user mode).
[in]BufferLengthThe length of the buffer pointed by the Buffer parameter, whose size is in bytes.
[in]PreviousModeThe processor calling level mode. This level mode determines the procedure of probing validation in action. If the level calling mode is KM (aka kernel mode) this function will only validate the properties of the information class itself such as the required information length size. If the calling mode is UM, the pointer buffer provided by Buffer parameter is also validated.
Returns
The outcome of the probe validation is based upon the returned NTSTATUS code. STATUS_SUCCESS is returned if the validation succeeded. Otherwise, one of the following failure status codes is returned:

STATUS_INVALID_INFO_CLASS – Indicates the given information class is not a valid valid SET class (ICIF_SET flag is not set to the corresponding information class) or the actual class is not present in the class list array.

STATUS_INFO_LENGTH_MISMATCH – Indicates the information length doesn't match with the one that the information class itself expects. This is the case with classes ICIF_SET_SIZE_VARIABLE is not set, which means that the class requires a fixed length size.

STATUS_ACCESS_VIOLATION – Indicates the buffer is not within the user mode probe address range. The function will raise an exception.

STATUS_DATATYPE_MISALIGNMENT – Indicates the address of the buffer in memory is not aligned to the required alignment set.

Definition at line 70 of file probe.h.

77 {
78  NTSTATUS Status = STATUS_SUCCESS;
79 
80  if (Class < ClassListEntries)
81  {
82  if (!(ClassList[Class].Flags & ICIF_SET))
83  {
84  Status = STATUS_INVALID_INFO_CLASS;
85  }
86  else if (ClassList[Class].RequiredSizeSET > 0 &&
87  BufferLength != ClassList[Class].RequiredSizeSET)
88  {
89  if (!(ClassList[Class].Flags & ICIF_SET_SIZE_VARIABLE))
90  {
91  Status = STATUS_INFO_LENGTH_MISMATCH;
92  }
93  }
94 
95  if (NT_SUCCESS(Status))
96  {
97  if (PreviousMode != KernelMode)
98  {
99  _SEH2_TRY
100  {
101  ProbeForRead(Buffer,
102  BufferLength,
103  ClassList[Class].AlignmentSET);
104  }
105  _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
106  {
107  Status = _SEH2_GetExceptionCode();
108  }
109  _SEH2_END;
110  }
111  }
112  }
113  else
114  Status = STATUS_INVALID_INFO_CLASS;
115 
116  return Status;
117 }
BufferLength
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3767
STATUS_INFO_LENGTH_MISMATCH
#define STATUS_INFO_LENGTH_MISMATCH
Definition: udferr_usr.h:133
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ICIF_SET_SIZE_VARIABLE
#define ICIF_SET_SIZE_VARIABLE
Definition: icif.h:21
_SEH2_TRY
_SEH2_TRY
Definition: create.c:4226
ICIF_SET
#define ICIF_SET
Definition: icif.h:19
Buffer
Definition: bufpool.h:45
Status
Status
Definition: gdiplustypes.h:24
PreviousMode
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103
Flags
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
ProbeForRead
VOID NTAPI ProbeForRead(IN CONST VOID *Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:102
STATUS_INVALID_INFO_CLASS
#define STATUS_INVALID_INFO_CLASS
Definition: ntstatus.h:240
_SEH2_END
_SEH2_END
Definition: create.c:4400
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165

Referenced by NtSetInformationDebugObject(), NtSetInformationProcess(), NtSetInformationThread(), and NtSetInformationToken().