ReactOS 0.4.16-dev-334-g4d9f67c
libsupp.c File Reference
#include "bl.h"
Include dependency graph for libsupp.c:

Go to the source code of this file.

Functions

NTSTATUS NTAPI RtlpImageNtHeaderEx (_In_ ULONG Flags, _In_ PVOID Base, _In_ ULONG64 Size, _Out_ PIMAGE_NT_HEADERS *OutHeaders)
 
NTSTATUS NTAPI RtlImageNtHeaderEx (_In_ ULONG Flags, _In_ PVOID Base, _In_ ULONG64 Size, _Out_ PIMAGE_NT_HEADERS *OutHeaders)
 

Function Documentation

◆ RtlImageNtHeaderEx()

NTSTATUS NTAPI RtlImageNtHeaderEx ( _In_ ULONG  Flags,
_In_ PVOID  Base,
_In_ ULONG64  Size,
_Out_ PIMAGE_NT_HEADERS OutHeaders 
)

Definition at line 32 of file libsupp.c.

37{
38 return RtlpImageNtHeaderEx(Flags, Base, Size, OutHeaders);
39}
NTSTATUS NTAPI RtlpImageNtHeaderEx(_In_ ULONG Flags, _In_ PVOID Base, _In_ ULONG64 Size, _Out_ PIMAGE_NT_HEADERS *OutHeaders)
Definition: image.c:140
_In_opt_ ULONG Base
Definition: rtlfuncs.h:2451
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
Definition: wdfdevice.h:4533
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170

Referenced by BlImgFindSection(), ImgArchEfiStartBootApplication(), ImgpInitializeBootApplicationParameters(), ImgpLoadPEImage(), LdrpCheckForLoadedDll(), and RtlImageNtHeader().

◆ RtlpImageNtHeaderEx()

NTSTATUS NTAPI RtlpImageNtHeaderEx ( _In_ ULONG  Flags,
_In_ PVOID  Base,
_In_ ULONG64  Size,
_Out_ PIMAGE_NT_HEADERS OutHeaders 
)

Definition at line 140 of file image.c.

145{
146 PIMAGE_NT_HEADERS NtHeaders;
147 PIMAGE_DOS_HEADER DosHeader;
148 BOOLEAN WantsRangeCheck;
149 ULONG NtHeaderOffset;
150
151 /* You must want NT Headers, no? */
152 if (OutHeaders == NULL)
153 {
154 DPRINT1("OutHeaders is NULL\n");
156 }
157
158 /* Assume failure */
159 *OutHeaders = NULL;
160
161 /* Validate Flags */
163 {
164 DPRINT1("Invalid flags: 0x%lx\n", Flags);
166 }
167
168 /* Validate base */
169 if ((Base == NULL) || (Base == (PVOID)-1))
170 {
171 DPRINT1("Invalid base address: %p\n", Base);
173 }
174
175 /* Check if the caller wants range checks */
177 if (WantsRangeCheck)
178 {
179 /* Make sure the image size is at least big enough for the DOS header */
180 if (Size < sizeof(IMAGE_DOS_HEADER))
181 {
182 DPRINT1("Size too small\n");
184 }
185 }
186
187 /* Check if the DOS Signature matches */
188 DosHeader = Base;
189 if (DosHeader->e_magic != IMAGE_DOS_SIGNATURE)
190 {
191 /* Not a valid COFF */
192 DPRINT1("Invalid image DOS signature!\n");
194 }
195
196 /* Get the offset to the NT headers (and copy from LONG to ULONG) */
197 NtHeaderOffset = DosHeader->e_lfanew;
198
199 /* The offset must not be larger than 256MB, as a hard-coded check.
200 In Windows this check is only done in user mode, not in kernel mode,
201 but it shouldn't harm to have it anyway. Note that without this check,
202 other overflow checks would become necessary! */
203 if (NtHeaderOffset >= (256 * 1024 * 1024))
204 {
205 /* Fail */
206 DPRINT1("NT headers offset is larger than 256MB!\n");
208 }
209
210 /* Check if the caller wants validation */
211 if (WantsRangeCheck)
212 {
213 /* Make sure the file header fits into the size */
214 if ((NtHeaderOffset +
216 {
217 /* Fail */
218 DPRINT1("NT headers beyond image size!\n");
220 }
221 }
222
223 /* Now get a pointer to the NT Headers */
224 NtHeaders = (PIMAGE_NT_HEADERS)((ULONG_PTR)Base + NtHeaderOffset);
225
226 /* Check if the mapping is in user space */
228 {
229 /* Make sure we don't overflow into kernel space */
230 if ((PVOID)(NtHeaders + 1) > MmHighestUserAddress)
231 {
232 DPRINT1("Image overflows from user space into kernel space!\n");
234 }
235 }
236
237 /* Verify the PE Signature */
238 if (NtHeaders->Signature != IMAGE_NT_SIGNATURE)
239 {
240 /* Fail */
241 DPRINT1("Invalid image NT signature!\n");
243 }
244
245 /* Now return success and the NT header */
246 *OutHeaders = NtHeaders;
247 return STATUS_SUCCESS;
248}
unsigned char BOOLEAN
#define DPRINT1
Definition: precomp.h:8
#define NULL
Definition: types.h:112
PIMAGE_NT_HEADERS32 PIMAGE_NT_HEADERS
Definition: ntddk_ex.h:187
#define RTL_IMAGE_NT_HEADER_EX_FLAG_NO_RANGE_CHECK
Definition: rtltypes.h:358
#define RTL_SIZEOF_THROUGH_FIELD(type, field)
Definition: ntbasedef.h:680
#define STATUS_INVALID_IMAGE_FORMAT
Definition: ntstatus.h:359
#define IMAGE_NT_SIGNATURE
Definition: pedump.c:93
#define IMAGE_DOS_SIGNATURE
Definition: pedump.c:89
PVOID MmHighestUserAddress
Definition: rtlcompat.c:29
#define STATUS_SUCCESS
Definition: shellext.h:65
uint32_t ULONG_PTR
Definition: typedefs.h:65
uint32_t ULONG
Definition: typedefs.h:59
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135

Referenced by RtlImageNtHeaderEx().