Include dependency graph for proc.c:
Go to the source code of this file.
Macros | |
| #define | NDEBUG |
| #define | CMD_STRING L"cmd /c " |
| #define | AddToHandle(x, y) ((x) = (HANDLE)((ULONG_PTR)(x) | (y))) |
| #define | RemoveFromHandle(x, y) ((x) = (HANDLE)((ULONG_PTR)(x) & ~(y))) |
Macro Definition Documentation
◆ AddToHandle
◆ CMD_STRING
◆ NDEBUG
◆ RemoveFromHandle
Function Documentation
◆ BasepCheckWebBladeHashes()
Definition at line 147 of file proc.c.
148{
151
152 /* Get all the MD5 hashes */
155
156 /* Depending on which suite this is, run a bsearch and block the appropriate ones */
158 {
159 DPRINT1("Egad! This is a ReactOS Compute Server and we should prevent you from using certain APIs...but we won't.");
160 }
162 {
163 DPRINT1("Gasp! This is a ReactOS Storage Server and we should prevent you from using certain APIs...but we won't.");
164 }
166 {
167 DPRINT1("Golly! This is a ReactOS Web Blade Server and we should prevent you from using certain APIs...but we won't.");
168 }
169
170 /* Actually, fuck it, don't block anything, we're open source */
172}
NTSYSAPI NTSTATUS NTAPI RtlComputeImportTableHash(IN HANDLE FileHandle, OUT PCHAR Hash, IN ULONG ImportTableHashSize)
Definition: libsupp.c:1191
_Must_inspect_result_ _In_opt_ PFLT_INSTANCE _Out_ PHANDLE FileHandle
Definition: fltkernel.h:1231
#define VER_SUITE_STORAGE_SERVER
#define VER_SUITE_COMPUTE_SERVER
#define VER_SUITE_BLADE
#define SharedUserData
Referenced by CreateProcessInternalW().
◆ BasepConfigureAppCertDlls()
| NTSTATUS NTAPI BasepConfigureAppCertDlls | ( | IN PWSTR | ValueName, |
| IN ULONG | ValueType, | ||
| IN PVOID | ValueData, | ||
| IN ULONG | ValueLength, | ||
| IN PVOID | Context, | ||
| IN PVOID | EntryContext | ||
| ) |
Definition at line 187 of file proc.c.
193{
194 /* Add this to the certification list */
196}
NTSTATUS NTAPI BasepSaveAppCertRegistryValue(IN PLIST_ENTRY List, IN PWCHAR ComponentName, IN PWCHAR DllName)
Definition: proc.c:176
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING ValueName
Definition: wdfregistry.h:243
◆ BasepIsImageVersionOk()
Definition at line 121 of file proc.c.
123{
124 /* Accept images for NT 3.1 or higher */
125 if (ImageMajorVersion > 3 ||
126 (ImageMajorVersion == 3 && ImageMinorVersion >= 10))
127 {
128 /* ReactOS-specific: Accept images even if they are newer than our internal NT version. */
130 (ImageMajorVersion == SharedUserData->NtMajorVersion && ImageMinorVersion > SharedUserData->NtMinorVersion))
131 {
133 ImageMajorVersion,
134 ImageMinorVersion,
135 SharedUserData->NtMajorVersion,
136 SharedUserData->NtMinorVersion);
137 }
138
140 }
141
143}
Referenced by CreateProcessInternalW().
◆ BasepIsProcessAllowed()
Definition at line 200 of file proc.c.
201{
205 HMODULE TrustLibrary;
207 ULONG CertFlag;
208 PLIST_ENTRY NextEntry;
210 UNICODE_STRING CertKey = RTL_CONSTANT_STRING(L"\\Registry\\MACHINE\\System\\CurrentControlSet\\Control\\Session Manager\\AppCertDlls");
211 OBJECT_ATTRIBUTES KeyAttributes = RTL_CONSTANT_OBJECT_ATTRIBUTES(&CertKey, OBJ_CASE_INSENSITIVE);
212
213 /* Try to initialize the certification subsystem */
215 {
216 /* Defaults */
219
220 /* Acquire the lock while initializing and see if we lost a race */
223
224 /* On embedded, there is a special DLL */
226 {
227 /* Allocate a buffer for the name */
229 0,
233 {
234 /* Fail if no memory */
236 }
237 else
238 {
239 /* Now get the system32 directory in our buffer, make sure it fits */
242 {
243 /* Add a slash if needed, and add the embedded cert DLL name */
248
249 /* Try to load it */
251 if (TrustLibrary)
252 {
253 /* And extract the special function out of it */
255 "ImageOkToRunOnEmbeddedNT");
256 }
257 }
258
259 /* If we didn't get this far, set a failure code */
261 }
262 }
263 else
264 {
265 /* Other systems have a registry entry for this */
268 {
269 /* Close it, we'll query it through Rtl */
271
272 /* Do the query, which will call a special callback */
275 BasepAppCertTable,
276 NULL,
277 NULL);
279 {
281 }
282 }
283 }
284
285 /* Free any buffer if we had one */
287
288 /* Check for errors, or a missing embedded/custom certification DLL */
291 {
292 /* The subsystem is not active on this machine, so give up */
295 }
296 else
297 {
298 /* We have certification DLLs active, remember this */
300 }
301
302 /* We are done the initialization phase, release the lock */
305 }
306
307 /* If there's no certification DLLs present, return the failure code */
309
310 /* Otherwise, assume success and make sure we have *something* */
313
314 /* If the something is an embedded certification DLL, call it and return */
316
317 /* Otherwise we have custom certification DLLs, parse them */
319 CertFlag = 2;
321 {
322 /* Make sure the entry has a callback */
325
326 /* Call it and check if it failed */
329
330 /* Move on */
331 NextEntry = NextEntry->Flink;
332 }
333
334 /* Now loop them again */
337 {
338 /* Make sure the entry has a callback */
341
342 /* Call it, this time with the flag from the loop above */
344 }
345
346 /* All done, return the status */
348}
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:616
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:634
Definition: bufpool.h:45
UINT WINAPI GetSystemDirectoryW(OUT LPWSTR lpBuffer, IN UINT uSize)
Definition: path.c:2232
Definition: nsiface.idl:2307
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4715
NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
#define UNICODE_NULL
#define VER_SUITE_EMBEDDEDNT
#define RTL_CONSTANT_OBJECT_ATTRIBUTES(n, a)
Definition: ntdef.template.h:314
Definition: kernel32.h:386
Definition: typedefs.h:120
Definition: umtypes.h:184
Definition: env_spec_w32.h:368
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK _In_opt_ PWDF_OBJECT_ATTRIBUTES KeyAttributes
Definition: wdfdevice.h:2666
NTSYSAPI NTSTATUS WINAPI RtlQueryRegistryValues(ULONG, PCWSTR, PRTL_QUERY_REGISTRY_TABLE, PVOID, PVOID)
Referenced by CreateProcessInternalW().
◆ BasepReplaceProcessThreadTokens()
| NTSTATUS WINAPI BasepReplaceProcessThreadTokens | ( | IN HANDLE | TokenHandle, |
| IN HANDLE | ProcessHandle, | ||
| IN HANDLE | ThreadHandle | ||
| ) |
Definition at line 352 of file proc.c.
355{
357 ANSI_STRING SaferiReplaceProcessThreadTokens = RTL_CONSTANT_STRING("SaferiReplaceProcessThreadTokens");
358
359 /* Enter the application certification lock */
361
362 /* Check if we already know the function */
364 {
365 /* Call it */
367 ProcessHandle,
368 ThreadHandle) ?
369 STATUS_SUCCESS :
370 STATUS_UNSUCCESSFUL;
371 }
372 else
373 {
374 /* Check if the app certification DLL isn't loaded */
378 {
379 /* Then we can't call the function */
381 }
382 else
383 {
384 /* We have the DLL, find the address of the Safer function */
386 &SaferiReplaceProcessThreadTokens,
387 0,
390 {
391 /* Found it, now call it */
393 ProcessHandle,
394 ThreadHandle) ?
395 STATUS_SUCCESS :
396 STATUS_UNSUCCESSFUL;
397 }
398 else
399 {
400 /* We couldn't find it, so this must be an unsupported DLL */
404 }
405 }
406 }
407
408 /* Release the lock and return the result */
411}
PSAFER_REPLACE_PROCESS_THREAD_TOKENS g_SaferReplaceProcessThreadTokens
Definition: proc.c:43
NTSTATUS NTAPI LdrGetProcedureAddress(_In_ PVOID BaseAddress, _In_opt_ _When_(Ordinal==0, _Notnull_) PANSI_STRING Name, _In_opt_ _When_(Name==NULL, _In_range_(>, 0)) ULONG Ordinal, _Out_ PVOID *ProcedureAddress)
Definition: ldrapi.c:789
Definition: env_spec_w32.h:375
Referenced by CreateProcessInternalW().
◆ BaseProcessStartup()
| DECLSPEC_NORETURN VOID WINAPI BaseProcessStartup | ( | _In_ PPROCESS_START_ROUTINE | lpStartAddress | ) |
Definition at line 449 of file proc.c.
451{
452 _SEH2_TRY
453 {
454 /* Set our Start Address */
457 &lpStartAddress,
459
460 /* Call the Start Routine */
461 ExitThread(lpStartAddress());
462 }
464 {
465 /* Get the Exit code from the SEH Handler */
467 {
468 /* Kill the whole process, usually */
470 }
471 else
472 {
473 /* If running inside CSRSS, kill just this thread */
475 }
476 }
477 _SEH2_END;
478}
LONG WINAPI UnhandledExceptionFilter(IN PEXCEPTION_POINTERS ExceptionInfo)
Definition: except.c:269
NTSTATUS NTAPI NtSetInformationThread(_In_ HANDLE ThreadHandle, _In_ THREADINFOCLASS ThreadInformationClass, _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation, _In_ ULONG ThreadInformationLength)
Definition: query.c:2269
Referenced by BaseInitializeContext().
◆ BasepSaveAppCertRegistryValue()
| NTSTATUS NTAPI BasepSaveAppCertRegistryValue | ( | IN PLIST_ENTRY | List, |
| IN PWCHAR | ComponentName, | ||
| IN PWCHAR | DllName | ||
| ) |
Definition at line 176 of file proc.c.
Referenced by BasepConfigureAppCertDlls().
◆ BasepSxsCloseHandles()
| VOID WINAPI BasepSxsCloseHandles | ( | IN PBASE_MSG_SXS_HANDLES | Handles | ) |
Definition at line 415 of file proc.c.
416{
418
419 /* Sanity checks */
422
423 /* Close the file handle */
424 if (Handles->File)
425 {
428 }
429
430 /* Close the section handle */
431 if (Handles->Section)
432 {
435 }
436
437 /* Unmap the section view */
438 if (Handles->ViewBase.QuadPart)
439 {
443 }
444}
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3491
Referenced by CreateProcessInternalW().
◆ BasePushProcessParameters()
| BOOLEAN WINAPI BasePushProcessParameters | ( | IN ULONG | ParameterFlags, |
| IN HANDLE | ProcessHandle, | ||
| IN PPEB | RemotePeb, | ||
| IN LPCWSTR | ApplicationPathName, | ||
| IN LPWSTR | lpCurrentDirectory, | ||
| IN LPWSTR | lpCommandLine, | ||
| IN LPVOID | lpEnvironment, | ||
| IN LPSTARTUPINFOW | StartupInfo, | ||
| IN DWORD | CreationFlags, | ||
| IN BOOL | InheritHandles, | ||
| IN ULONG | ImageSubsystem, | ||
| IN PVOID | AppCompatData, | ||
| IN ULONG | AppCompatDataSize | ||
| ) |
Definition at line 482 of file proc.c.
495{
497 PWCHAR Remaining, DllPathString, ScanChar;
498 PRTL_USER_PROCESS_PARAMETERS ProcessParameters, RemoteParameters;
499 PVOID RemoteAppCompatData;
503 ULONG EnviroSize;
507
508 /* Get the full path name */
510 MAX_PATH + 4,
511 FullPath,
512 &Remaining);
514 {
515 /* Get the DLL Path */
516 DllPathString = BaseComputeProcessDllPath(FullPath, lpEnvironment);
517 if (!DllPathString)
518 {
519 /* Fail */
522 }
523
524 /* Initialize Strings */
527 }
528 else
529 {
530 /* Couldn't get the path name. Just take the original path */
532 lpEnvironment);
533 if (!DllPathString)
534 {
535 /* Fail */
538 }
539
540 /* Initialize Strings */
543 }
544
545 /* Initialize Strings */
546 RtlInitUnicodeString(&CommandLine, lpCommandLine);
548
549 /* Initialize more Strings from the Startup Info */
550 if (StartupInfo->lpDesktop)
551 {
553 }
554 else
555 {
557 }
558 if (StartupInfo->lpReserved)
559 {
561 }
562 else
563 {
565 }
566 if (StartupInfo->lpTitle)
567 {
569 }
570 else
571 {
573 }
574
575 /* This one is special because the length can differ */
578
579 /* Enforce no app compat data if the pointer was NULL */
580 if (!AppCompatData) AppCompatDataSize = 0;
581
582 /* Create the Parameter Block */
583 ProcessParameters = NULL;
593 &ImageName,
594 &DllPath,
595 lpCurrentDirectory ?
597 &CommandLine,
598 lpEnvironment,
599 &Title,
600 &Desktop,
601 &Shell,
602 &Runtime);
604
605 /* Clear the current directory handle if not inheriting */
607
608 /* Check if the user passed in an environment */
609 if (lpEnvironment)
610 {
611 /* We should've made it part of the parameters block, enforce this */
612 lpEnvironment = ProcessParameters->Environment;
613 }
614 else
615 {
616 /* The user did not, so use the one from the current PEB */
617 HavePebLock = TRUE;
618 RtlAcquirePebLock();
620 }
621
622 /* Save pointer and start lookup */
623 ScanChar = lpEnvironment;
624 if (lpEnvironment)
625 {
626 /* Find the environment size */
627 while (*ScanChar++) while (*ScanChar++);
629
630 /* Allocate and Initialize new Environment Block */
631 Size = EnviroSize;
635 0,
636 &Size,
637 MEM_COMMIT,
638 PAGE_READWRITE);
640
641 /* Write the Environment Block */
643 ProcessParameters->Environment,
644 lpEnvironment,
645 EnviroSize,
646 NULL);
647
648 /* No longer need the PEB lock anymore */
649 if (HavePebLock)
650 {
651 /* Release it */
652 RtlReleasePebLock();
653 HavePebLock = FALSE;
654 }
655
656 /* Check if the write failed */
658 }
659
660 /* Write new parameters */
661 ProcessParameters->StartingX = StartupInfo->dwX;
662 ProcessParameters->StartingY = StartupInfo->dwY;
663 ProcessParameters->CountX = StartupInfo->dwXSize;
664 ProcessParameters->CountY = StartupInfo->dwYSize;
665 ProcessParameters->CountCharsX = StartupInfo->dwXCountChars;
666 ProcessParameters->CountCharsY = StartupInfo->dwYCountChars;
667 ProcessParameters->FillAttribute = StartupInfo->dwFillAttribute;
668 ProcessParameters->WindowFlags = StartupInfo->dwFlags;
669 ProcessParameters->ShowWindowFlags = StartupInfo->wShowWindow;
670
671 /* Write the handles only if we have to */
672 if (StartupInfo->dwFlags &
674 {
675 ProcessParameters->StandardInput = StartupInfo->hStdInput;
676 ProcessParameters->StandardOutput = StartupInfo->hStdOutput;
677 ProcessParameters->StandardError = StartupInfo->hStdError;
678 }
679
680 /* Use Special Flags for ConDllInitialize in Kernel32 */
682 {
684 }
686 {
688 }
690 {
692 }
693 else
694 {
695 /* Inherit our Console Handle */
697
698 /* Make sure that the shell isn't trampling on our handles first */
699 if (!(StartupInfo->dwFlags &
701 {
702 /* Copy the handle if we are inheriting or if it's a console handle */
703 if ((InheritHandles) ||
705 {
707 }
708 if ((InheritHandles) ||
710 {
712 }
713 if ((InheritHandles) ||
715 {
717 }
718 }
719 }
720
721 /* Also set the Console Flag */
723 (!(CreationFlags & CREATE_NEW_CONSOLE)))
724 {
725 ProcessParameters->ConsoleFlags = 1;
726 }
727
728 /* Check if there's a .local file present */
729 if (ParameterFlags & 1)
730 {
732 }
733
734 /* Check if we failed to open the IFEO key */
735 if (ParameterFlags & 2)
736 {
738 }
739
740 /* Allocate memory for the parameter block */
742 RemoteParameters = NULL;
744 (PVOID*)&RemoteParameters,
745 0,
746 &Size,
747 MEM_COMMIT,
748 PAGE_READWRITE);
750
751 /* Set the allocated size */
753
754 /* Handle some Parameter Flags */
763
764 /* Write the Parameter Block */
766 RemoteParameters,
767 ProcessParameters,
768 ProcessParameters->Length,
769 NULL);
771
772 /* Write the PEB Pointer */
774 &RemotePeb->ProcessParameters,
775 &RemoteParameters,
777 NULL);
779
780 /* Check if there's any app compat data to write */
781 RemoteAppCompatData = NULL;
782 if (AppCompatData)
783 {
784 /* Allocate some space for the application compatibility data */
785 Size = AppCompatDataSize;
787 &RemoteAppCompatData,
788 0,
789 &Size,
790 MEM_COMMIT,
791 PAGE_READWRITE);
793
794 /* Write the application compatibility data */
796 RemoteAppCompatData,
797 AppCompatData,
798 AppCompatDataSize,
799 NULL);
801 }
802
803 /* Write the PEB Pointer to the app compat data (might be NULL) */
805 &RemotePeb->pShimData,
806 &RemoteAppCompatData,
808 NULL);
810
811 /* Now write Peb->ImageSubSystem */
812 if (ImageSubsystem)
813 {
815 &RemotePeb->ImageSubsystem,
816 &ImageSubsystem,
817 sizeof(ImageSubsystem),
818 NULL);
819 }
820
821 /* Success path */
823
824Quickie:
825 /* Cleanup */
830FailPath:
834 goto Quickie;
835}
LPWSTR WINAPI BaseComputeProcessDllPath(IN LPWSTR FullPath, IN PVOID Environment)
Definition: path.c:420
DWORD WINAPI GetFullPathNameW(IN LPCWSTR lpFileName, IN DWORD nBufferLength, OUT LPWSTR lpBuffer, OUT LPWSTR *lpFilePart)
Definition: path.c:1106
NTSYSAPI NTSTATUS NTAPI RtlDestroyProcessParameters(_In_ PRTL_USER_PROCESS_PARAMETERS ProcessParameters)
NTSYSAPI NTSTATUS NTAPI RtlCreateProcessParameters(_Out_ PRTL_USER_PROCESS_PARAMETERS *ProcessParameters, _In_ PUNICODE_STRING ImagePathName, _In_opt_ PUNICODE_STRING DllPath, _In_opt_ PUNICODE_STRING CurrentDirectory, _In_opt_ PUNICODE_STRING CommandLine, _In_opt_ PWSTR Environment, _In_opt_ PUNICODE_STRING WindowTitle, _In_opt_ PUNICODE_STRING DesktopInfo, _In_opt_ PUNICODE_STRING ShellInfo, _In_opt_ PUNICODE_STRING RuntimeInfo)
#define RTL_USER_PROCESS_PARAMETERS_IMAGE_KEY_MISSING
Definition: rtltypes.h:54
#define RTL_USER_PROCESS_PARAMETERS_PROFILE_KERNEL
Definition: rtltypes.h:43
#define RTL_USER_PROCESS_PARAMETERS_PROFILE_SERVER
Definition: rtltypes.h:44
#define RTL_USER_PROCESS_PARAMETERS_LOCAL_DLL_PATH
Definition: rtltypes.h:53
#define RTL_USER_PROCESS_PARAMETERS_PROFILE_USER
Definition: rtltypes.h:42
#define RTL_USER_PROCESS_PARAMETERS_DISABLE_HEAP_CHECKS
Definition: rtltypes.h:49
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NTSTATUS NTAPI NtWriteVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, IN PVOID Buffer, IN SIZE_T NumberOfBytesToWrite, OUT PSIZE_T NumberOfBytesWritten OPTIONAL)
Definition: virtual.c:2895
NTSTATUS NTAPI NtAllocateVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UBaseAddress, IN ULONG_PTR ZeroBits, IN OUT PSIZE_T URegionSize, IN ULONG AllocationType, IN ULONG Protect)
Definition: virtual.c:4457
Definition: btrfs_drv.h:1907
Definition: btrfs_drv.h:1898
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
Definition: wdfdevice.h:4539
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:409
Referenced by CreateProcessInternalW().
◆ BuildSubSysCommandLine()
| BOOLEAN WINAPI BuildSubSysCommandLine | ( | IN LPCWSTR | SubsystemName, |
| IN LPCWSTR | ApplicationName, | ||
| IN LPCWSTR | CommandLine, | ||
| OUT PUNICODE_STRING | SubsysCommandLine | ||
| ) |
Definition at line 87 of file proc.c.
91{
92 UNICODE_STRING CommandLineString, ApplicationNameString;
95
96 /* Convert to unicode strings */
98 RtlInitUnicodeString(&ApplicationNameString, CommandLine);
99
100 /* Allocate buffer for the output string */
105 {
106 /* Fail, no memory */
109 }
110
111 /* Build the final subsystem command line */
112 RtlAppendUnicodeToString(SubsysCommandLine, SubsystemName);
113 RtlAppendUnicodeStringToString(SubsysCommandLine, &CommandLineString);
115 RtlAppendUnicodeStringToString(SubsysCommandLine, &ApplicationNameString);
117}
NTSTATUS RtlAppendUnicodeToString(IN PUNICODE_STRING Str1, IN PWSTR Str2)
Definition: string_lib.cpp:62
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
Referenced by CreateProcessInternalW().
◆ C_ASSERT()
| C_ASSERT | ( | PROCESS_PRIORITY_CLASS_REALTIME | = =(PROCESS_PRIORITY_CLASS_HIGH+1) | ) |
◆ CreateProcessInternalW()
| BOOL WINAPI CreateProcessInternalW | ( | IN HANDLE | hUserToken, |
| IN LPCWSTR | lpApplicationName, | ||
| IN LPWSTR | lpCommandLine, | ||
| IN LPSECURITY_ATTRIBUTES | lpProcessAttributes, | ||
| IN LPSECURITY_ATTRIBUTES | lpThreadAttributes, | ||
| IN BOOL | bInheritHandles, | ||
| IN DWORD | dwCreationFlags, | ||
| IN LPVOID | lpEnvironment, | ||
| IN LPCWSTR | lpCurrentDirectory, | ||
| IN LPSTARTUPINFOW | lpStartupInfo, | ||
| IN LPPROCESS_INFORMATION | lpProcessInformation, | ||
| OUT PHANDLE | hNewToken | ||
| ) |
Definition at line 2083 of file proc.c.
2095{
2096 //
2097 // Core variables used for creating the initial process and thread
2098 //
2099 SECURITY_ATTRIBUTES LocalThreadAttributes, LocalProcessAttributes;
2100 OBJECT_ATTRIBUTES LocalObjectAttributes;
2102 SECTION_IMAGE_INFORMATION ImageInformation;
2107 USHORT ImageMachine;
2108 ULONG ParameterFlags, PrivilegeValue, HardErrorMode, ErrorResponse;
2109 ULONG_PTR ErrorParameters[2];
2110 BOOLEAN InJob, SaferNeeded, UseLargePages, HavePrivilege;
2111 BOOLEAN QuerySection, SkipSaferAndAppCompat;
2113 BASE_API_MESSAGE CsrMsg[2];
2114 PBASE_CREATE_PROCESS CreateProcessMsg;
2115 PCSR_CAPTURE_BUFFER CaptureBuffer;
2120 PROCESS_PRIORITY_CLASS PriorityClass;
2123 PTEB Teb;
2124 INITIAL_TEB InitialTeb;
2125 PVOID TibValue;
2126 PIMAGE_NT_HEADERS NtHeaders;
2127 STARTUPINFOW StartupInfo;
2128 PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
2129 UNICODE_STRING DebuggerString;
2131 //
2132 // Variables used for command-line and argument parsing
2133 //
2134 PCHAR pcScan;
2136 WCHAR SaveChar;
2138 ULONG ResultSize;
2139 SIZE_T EnvironmentLength, CmdLineLength;
2142 ANSI_STRING AnsiEnv;
2143 UNICODE_STRING UnicodeEnv, PathName;
2144 BOOLEAN SearchRetry, QuotesNeeded, CmdLineIsAppName, HasQuotes;
2145
2146 //
2147 // Variables used for Fusion/SxS (Side-by-Side Assemblies)
2148 //
2150#if _SXS_SUPPORT_ENABLED_
2151 PRTL_BUFFER ByteBuffer;
2153 PRTL_UNICODE_STRING_BUFFER* BufferHead, SxsStringBuffer;
2154 RTL_UNICODE_STRING_BUFFER SxsWin32ManifestPath, SxsNtManifestPath;
2155 RTL_UNICODE_STRING_BUFFER SxsWin32PolicyPath, SxsNtPolicyPath;
2156 RTL_UNICODE_STRING_BUFFER SxsWin32AssemblyDirectory;
2157 BASE_MSG_SXS_HANDLES MappedHandles, Handles, FileHandles;
2158 PVOID CapturedStrings[3];
2159 SXS_WIN32_NT_PATH_PAIR ExePathPair, ManifestPathPair, PolicyPathPair;
2160 SXS_OVERRIDE_MANIFEST OverrideManifest;
2162 PWCHAR SxsConglomeratedBuffer, StaticBuffer;
2164#endif
2166
2167 //
2168 // Variables used for path conversion (and partially Fusion/SxS)
2169 //
2170 PWCHAR FilePart, PathBuffer, FreeBuffer;
2171 BOOLEAN TranslationStatus;
2172 RTL_RELATIVE_NAME_U SxsWin32RelativePath;
2173 UNICODE_STRING PathBufferString, SxsWin32ExePath;
2174
2175 //
2176 // Variables used by Application Compatibility (and partially Fusion/SxS)
2177 //
2178 PVOID AppCompatSxsData, AppCompatData;
2179 ULONG AppCompatSxsDataSize, AppCompatDataSize;
2180 //
2181 // Variables used by VDM (Virtual Dos Machine) and WOW32 (16-bit Support)
2182 //
2183 ULONG BinarySubType, VdmBinaryType, VdmTask, VdmReserve;
2184 ULONG VdmUndoLevel;
2185 BOOLEAN UseVdmReserve;
2186 HANDLE VdmWaitObject;
2187 ANSI_STRING VdmAnsiEnv;
2188 UNICODE_STRING VdmString, VdmUnicodeEnv;
2189 BOOLEAN IsWowApp;
2190 PBASE_CHECK_VDM CheckVdmMsg;
2191
2192 /* Zero out the initial core variables and handles */
2193 QuerySection = FALSE;
2194 InJob = FALSE;
2195 SkipSaferAndAppCompat = FALSE;
2196 ParameterFlags = 0;
2197 Flags = 0;
2198 DebugHandle = NULL;
2199 JobHandle = NULL;
2202 SectionHandle = NULL;
2204 ThreadHandle = NULL;
2207
2208 /* Zero out initial SxS and Application Compatibility state */
2209 AppCompatData = NULL;
2210 AppCompatDataSize = 0;
2211 AppCompatSxsData = NULL;
2212 AppCompatSxsDataSize = 0;
2213 CaptureBuffer = NULL;
2214#if _SXS_SUPPORT_ENABLED_
2215 SxsConglomeratedBuffer = NULL;
2216#endif
2217 FusionFlags = 0;
2218
2219 /* Zero out initial parsing variables -- others are initialized later */
2220 DebuggerCmdLine = NULL;
2221 PathBuffer = NULL;
2223 NullBuffer = NULL;
2224 FreeBuffer = NULL;
2225 NameBuffer = NULL;
2227 FilePart = NULL;
2229 HasQuotes = FALSE;
2230 QuotedCmdLine = NULL;
2231
2232 /* Zero out initial VDM state */
2236 VdmTask = 0;
2237 VdmUndoLevel = 0;
2238 VdmBinaryType = 0;
2239 VdmReserve = 0;
2240 VdmWaitObject = NULL;
2241 UseVdmReserve = FALSE;
2242 IsWowApp = FALSE;
2243
2244 /* Set message structures */
2247
2248 /* Clear the more complex structures by zeroing out their entire memory */
2250#if _SXS_SUPPORT_ENABLED_
2254#endif
2258
2259 /* Zero out output arguments as well */
2262
2263 /* Capture the special window flag */
2264 NoWindow = dwCreationFlags & CREATE_NO_WINDOW;
2265 dwCreationFlags &= ~CREATE_NO_WINDOW;
2266
2267#if _SXS_SUPPORT_ENABLED_
2268 /* Setup the SxS static string arrays and buffers */
2269 SxsStaticBuffers[0] = &SxsWin32ManifestPath;
2270 SxsStaticBuffers[1] = &SxsWin32PolicyPath;
2271 SxsStaticBuffers[2] = &SxsWin32AssemblyDirectory;
2272 SxsStaticBuffers[3] = &SxsNtManifestPath;
2273 SxsStaticBuffers[4] = &SxsNtPolicyPath;
2274 ExePathPair.Win32 = &SxsWin32ExePath;
2275 ExePathPair.Nt = &SxsNtExePath;
2280#endif
2281
2282 DPRINT("CreateProcessInternalW: '%S' '%S' %lx\n", lpApplicationName, lpCommandLine, dwCreationFlags);
2283
2284 /* Finally, set our TEB and PEB */
2285 Teb = NtCurrentTeb();
2287
2288 /* This combination is illegal (see MSDN) */
2291 {
2295 }
2296
2297 /* Convert the priority class */
2299 {
2301 }
2303 {
2305 }
2307 {
2309 }
2311 {
2313 }
2315 {
2317 }
2319 {
2322 }
2323 else
2324 {
2326 }
2327
2328 /* Done with the priority masks, so get rid of them */
2330 dwCreationFlags &= ~(NORMAL_PRIORITY_CLASS |
2331 IDLE_PRIORITY_CLASS |
2332 HIGH_PRIORITY_CLASS |
2333 REALTIME_PRIORITY_CLASS |
2334 BELOW_NORMAL_PRIORITY_CLASS |
2335 ABOVE_NORMAL_PRIORITY_CLASS);
2336
2337 /* You cannot request both a shared and a separate WoW VDM */
2339 (dwCreationFlags & CREATE_SHARED_WOW_VDM))
2340 {
2341 /* Fail such nonsensical attempts */
2345 }
2348 {
2349 /* A shared WoW VDM was not requested but system enforces separation */
2350 dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
2351 }
2352
2353 /* If a shared WoW VDM is used, make sure the process isn't in a job */
2356 {
2357 /* Remove the shared flag and add the separate flag */
2358 dwCreationFlags = (dwCreationFlags &~ CREATE_SHARED_WOW_VDM) |
2359 CREATE_SEPARATE_WOW_VDM;
2360 }
2361
2362 /* Convert the environment */
2364 {
2365 /* Scan the environment to calculate its Unicode size */
2367 while ((*pcScan) || (*(pcScan + 1))) ++pcScan;
2368
2369 /* Make sure the environment is not too large */
2372 {
2373 /* Fail */
2376 }
2377
2378 /* Create our ANSI String */
2381
2382 /* Allocate memory for the Unicode Environment */
2387 0,
2388 &RegionSize,
2389 MEM_COMMIT,
2390 PAGE_READWRITE);
2392 {
2393 /* Fail */
2396 }
2397
2398 /* Use the allocated size and convert */
2402 {
2403 /* Fail */
2406 &RegionSize,
2407 MEM_RELEASE);
2410 }
2411
2412 /* Now set the Unicode environment as the environment string pointer */
2413 lpEnvironment = UnicodeEnv.Buffer;
2414 }
2415
2416 /* Make a copy of the caller's startup info since we'll modify it */
2417 StartupInfo = *lpStartupInfo;
2418
2419 /* Check if private data is being sent on the same channel as std handles */
2422 {
2423 /* Cannot use the std handles since we have monitor/hotkey values */
2424 StartupInfo.dwFlags &= ~STARTF_USESTDHANDLES;
2425 }
2426
2427 /* If there's a debugger, or we have to launch cmd.exe, we go back here */
2428AppNameRetry:
2429 /* New iteration -- free any existing name buffer */
2430 if (NameBuffer)
2431 {
2432 RtlFreeHeap(RtlGetProcessHeap(), 0, NameBuffer);
2433 NameBuffer = NULL;
2434 }
2435
2436 /* New iteration -- free any existing free buffer */
2437 if (FreeBuffer)
2438 {
2439 RtlFreeHeap(RtlGetProcessHeap(), 0, FreeBuffer);
2440 FreeBuffer = NULL;
2441 }
2442
2443 /* New iteration -- close any existing file handle */
2445 {
2448 }
2449
2450 /* Set the initial parsing state. This code can loop -- don't move this! */
2451 ErrorCode = 0;
2452 SearchRetry = TRUE;
2453 QuotesNeeded = FALSE;
2454 CmdLineIsAppName = FALSE;
2455
2456 /* First check if we don't have an application name */
2457 if (!lpApplicationName)
2458 {
2459 /* This should be the first time we attempt creating one */
2461
2462 /* Allocate a buffer to hold it */
2463 NameBuffer = RtlAllocateHeap(RtlGetProcessHeap(),
2464 0,
2466 if (!NameBuffer)
2467 {
2470 goto Quickie;
2471 }
2472
2473 /* Initialize the application name and our parsing parameters */
2474 lpApplicationName = NullBuffer = ScanString = lpCommandLine;
2475
2476 /* Check for an initial quote*/
2478 {
2479 /* We found a quote, keep searching for another one */
2480 SearchRetry = FALSE;
2481 ScanString++;
2482 lpApplicationName = ScanString;
2483 while (*ScanString)
2484 {
2485 /* Have we found the terminating quote? */
2487 {
2488 /* We're done, get out of here */
2489 NullBuffer = ScanString;
2490 HasQuotes = TRUE;
2491 break;
2492 }
2493
2494 /* Keep searching for the quote */
2495 ScanString++;
2496 NullBuffer = ScanString;
2497 }
2498 }
2499 else
2500 {
2501StartScan:
2502 /* We simply make the application name be the command line*/
2503 lpApplicationName = lpCommandLine;
2504 while (*ScanString)
2505 {
2506 /* Check if it starts with a space or tab */
2508 {
2509 /* Break out of the search loop */
2510 NullBuffer = ScanString;
2511 break;
2512 }
2513
2514 /* Keep searching for a space or tab */
2515 ScanString++;
2516 NullBuffer = ScanString;
2517 }
2518 }
2519
2520 /* We have found the end of the application name, terminate it */
2521 SaveChar = *NullBuffer;
2522 *NullBuffer = UNICODE_NULL;
2523
2524 /* New iteration -- free any existing saved path */
2526 {
2529 }
2530
2531 /* Now compute the final EXE path based on the name */
2535 {
2538 goto Quickie;
2539 }
2540
2541 /* And search for the executable in the search path */
2543 lpApplicationName,
2545 MAX_PATH,
2546 NameBuffer,
2547 NULL);
2548
2549 /* Did we find it? */
2551 {
2552 /* Get file attributes */
2553 FileAttribs = GetFileAttributesW(NameBuffer);
2555 (FileAttribs & FILE_ATTRIBUTE_DIRECTORY))
2556 {
2557 /* This was a directory, fail later on */
2558 Length = 0;
2559 }
2560 else
2561 {
2562 /* It's a file! */
2563 Length++;
2564 }
2565 }
2566
2568
2569 /* Check if there was a failure in SearchPathW */
2571 {
2572 /* Everything looks good, restore the name */
2573 *NullBuffer = SaveChar;
2574 lpApplicationName = NameBuffer;
2575 }
2576 else
2577 {
2578 /* Check if this was a relative path, which would explain it */
2581 {
2582 /* This should fail, and give us a detailed LastError */
2584 GENERIC_READ,
2585 FILE_SHARE_READ |
2586 FILE_SHARE_WRITE,
2587 NULL,
2588 OPEN_EXISTING,
2589 FILE_ATTRIBUTE_NORMAL,
2590 NULL);
2592 {
2593 /* It worked? Return a generic error */
2597 }
2598 }
2599 else
2600 {
2601 /* Path was absolute, which means it doesn't exist */
2603 }
2604
2605 /* Did we already fail once? */
2607 {
2608 /* Set the error code */
2610 }
2611 else
2612 {
2613 /* Not yet, cache it */
2615 }
2616
2617 /* Put back the command line */
2618 *NullBuffer = SaveChar;
2619 lpApplicationName = NameBuffer;
2620
2621 /* It's possible there's whitespace in the directory name */
2622 if (!(*ScanString) || !(SearchRetry))
2623 {
2624 /* Not the case, give up completely */
2626 goto Quickie;
2627 }
2628
2629 /* There are spaces, so keep trying the next possibility */
2630 ScanString++;
2631 NullBuffer = ScanString;
2632
2633 /* We will have to add a quote, since there is a space */
2634 QuotesNeeded = TRUE;
2635 HasQuotes = TRUE;
2636 goto StartScan;
2637 }
2638 }
2639 else if (!(lpCommandLine) || !(*lpCommandLine))
2640 {
2641 /* We don't have a command line, so just use the application name */
2642 CmdLineIsAppName = TRUE;
2643 lpCommandLine = (LPWSTR)lpApplicationName;
2644 }
2645
2646 /* Convert the application name to its NT path */
2647 TranslationStatus = RtlDosPathNameToRelativeNtPathName_U(lpApplicationName,
2648 &PathName,
2649 NULL,
2650 &SxsWin32RelativePath);
2651 if (!TranslationStatus)
2652 {
2653 /* Path must be invalid somehow, bail out */
2657 goto Quickie;
2658 }
2659
2660 /* Setup the buffer that needs to be freed at the end */
2662 FreeBuffer = PathName.Buffer;
2663
2664 /* Check what kind of path the application is, for SxS (Fusion) purposes */
2665 RtlInitUnicodeString(&SxsWin32ExePath, lpApplicationName);
2666 SxsPathType = RtlDetermineDosPathNameType_U(lpApplicationName);
2668 (SxsPathType != RtlPathTypeLocalDevice) &&
2669 (SxsPathType != RtlPathTypeRootLocalDevice) &&
2670 (SxsPathType != RtlPathTypeUncAbsolute))
2671 {
2672 /* Relative-type path, get the full path */
2673 RtlInitEmptyUnicodeString(&PathBufferString, NULL, 0);
2675 NULL,
2676 &PathBufferString,
2677 NULL,
2678 NULL,
2679 NULL,
2680 &SxsPathType,
2681 NULL);
2683 {
2684 /* Fail the rest of the create */
2685 RtlReleaseRelativeName(&SxsWin32RelativePath);
2688 goto Quickie;
2689 }
2690
2691 /* Use this full path as the SxS path */
2692 SxsWin32ExePath = PathBufferString;
2693 PathBuffer = PathBufferString.Buffer;
2696 }
2697
2698 /* Also set the .EXE path based on the path name */
2699#if _SXS_SUPPORT_ENABLED_
2700 SxsNtExePath = PathName;
2701#endif
2703 {
2704 /* If it's relative, capture the relative name */
2705 PathName = SxsWin32RelativePath.RelativeName;
2706 }
2707 else
2708 {
2709 /* Otherwise, it's absolute, make sure no relative dir is used */
2711 }
2712
2713 /* Now use the path name, and the root path, to try opening the app */
2715 InitializeObjectAttributes(&LocalObjectAttributes,
2716 &PathName,
2717 OBJ_CASE_INSENSITIVE,
2718 SxsWin32RelativePath.ContainingDirectory,
2719 NULL);
2721 SYNCHRONIZE |
2722 FILE_READ_ATTRIBUTES |
2723 FILE_READ_DATA |
2724 FILE_EXECUTE,
2725 &LocalObjectAttributes,
2726 &IoStatusBlock,
2728 FILE_SYNCHRONOUS_IO_NONALERT |
2729 FILE_NON_DIRECTORY_FILE);
2731 {
2732 /* Try to open the app just for execute purposes instead */
2735 &LocalObjectAttributes,
2736 &IoStatusBlock,
2738 FILE_SYNCHRONOUS_IO_NONALERT |
2739 FILE_NON_DIRECTORY_FILE);
2740 }
2741
2742 /* Failure path, display which file failed to open */
2745
2746 /* Cleanup in preparation for failure or success */
2747 RtlReleaseRelativeName(&SxsWin32RelativePath);
2748
2750 {
2751 /* Failure path, try to understand why */
2753 {
2754 /* If a device is being executed, return this special error code */
2757 goto Quickie;
2758 }
2759 else
2760 {
2761 /* Otherwise return the converted NT error code */
2764 goto Quickie;
2765 }
2766 }
2767
2768 /* Did the caller specify a desktop? */
2770 {
2771 /* Use the one from the current process */
2773 }
2774
2775 /* Create a section for this file */
2777 SECTION_ALL_ACCESS,
2778 NULL,
2779 NULL,
2780 PAGE_EXECUTE,
2781 SEC_IMAGE,
2782 FileHandle);
2785 {
2786 /* Are we running on Windows Embedded, Datacenter, Blade or Starter? */
2788 VER_SUITE_DATACENTER |
2789 VER_SUITE_PERSONAL |
2790 VER_SUITE_BLADE))
2791 {
2792 /* These SKUs do not allow running certain applications */
2795 {
2796 /* And this is one of them! */
2800 goto Quickie;
2801 }
2802
2803 /* Did we get some other failure? */
2805 {
2806 /* If we couldn't check the hashes, assume nefariousness */
2810 goto Quickie;
2811 }
2812 }
2813
2814 /* Now do Winsafer, etc, checks */
2817 {
2818 /* Fail if we're not allowed to launch the process */
2821 if (SectionHandle)
2822 {
2823 NtClose(SectionHandle);
2824 SectionHandle = NULL;
2825 }
2827 goto Quickie;
2828 }
2829
2830 /* Is a DOS VDM being forced, but we already have a WOW32 instance ready? */
2833 {
2834 /* This request can't be satisfied, instead, a separate VDM is needed */
2836 dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
2837
2838 /* Set a failure code, ask for VDM reservation */
2840 UseVdmReserve = TRUE;
2841
2842 /* Close the current handle */
2843 NtClose(SectionHandle);
2844 SectionHandle = NULL;
2845
2846 /* Don't query the section later */
2847 QuerySection = FALSE;
2848 }
2849 }
2850
2851 /* Did we already do these checks? */
2852 if (!SkipSaferAndAppCompat)
2853 {
2854 /* Is everything OK so far, OR do we have an non-MZ, non-DOS app? */
2858 {
2859 /* Clear the machine type in case of failure */
2860 ImageMachine = 0;
2861
2862 /* Clean any app compat data that may have accumulated */
2863 BasepFreeAppCompatData(AppCompatData, AppCompatSxsData);
2864 AppCompatData = NULL;
2865 AppCompatSxsData = NULL;
2866
2867 /* Do we have a section? */
2868 if (SectionHandle)
2869 {
2870 /* Have we already queried it? */
2871 if (QuerySection)
2872 {
2873 /* Nothing to do */
2874 AppCompatStatus = STATUS_SUCCESS;
2875 }
2876 else
2877 {
2878 /* Get some information about the executable */
2879 AppCompatStatus = NtQuerySection(SectionHandle,
2880 SectionImageInformation,
2881 &ImageInformation,
2882 sizeof(ImageInformation),
2883 NULL);
2884 }
2885
2886 /* Do we have section information now? */
2888 {
2889 /* Don't ask for it again, save the machine type */
2890 QuerySection = TRUE;
2891 ImageMachine = ImageInformation.Machine;
2892 }
2893 }
2894
2895 /* Is there a reason/Shim we shouldn't run this application? */
2897 FreeBuffer,
2898 lpEnvironment,
2899 ImageMachine,
2900 &AppCompatData,
2901 &AppCompatDataSize,
2902 &AppCompatSxsData,
2903 &AppCompatSxsDataSize,
2904 &FusionFlags);
2906 {
2907 /* This is usually the status we get back */
2910 {
2911 /* Convert it to something more Win32-specific */
2913 }
2914 else
2915 {
2916 /* Some other error */
2917 BaseSetLastNTError(AppCompatStatus);
2918 }
2919
2920 /* Did we have a section? */
2921 if (SectionHandle)
2922 {
2923 /* Clean it up */
2924 NtClose(SectionHandle);
2925 SectionHandle = NULL;
2926 }
2927
2928 /* Fail the call */
2930 goto Quickie;
2931 }
2932 }
2933 }
2934
2935 //ASSERT((dwFusionFlags & ~SXS_APPCOMPACT_FLAG_APP_RUNNING_SAFEMODE) == 0);
2936
2937 /* Have we already done, and do we need to do, SRP (WinSafer) checks? */
2938 if (!(SkipSaferAndAppCompat) &&
2939 ~(dwCreationFlags & CREATE_PRESERVE_CODE_AUTHZ_LEVEL))
2940 {
2941 /* Assume yes */
2942 SaferNeeded = TRUE;
2944 {
2949 /* For all DOS, 16-bit, OS/2 images, we do*/
2950 break;
2951
2953 /* For invalid files, we don't, unless it's a .BAT file */
2955
2956 default:
2957 /* Any other error codes we also don't */
2959 {
2960 SaferNeeded = FALSE;
2961 }
2962
2963 /* But for success, we do */
2964 break;
2965 }
2966
2967 /* Okay, so what did the checks above result in? */
2968 if (SaferNeeded)
2969 {
2970 /* We have to call into the WinSafer library and actually check */
2972 (LPWSTR)lpApplicationName,
2973 FileHandle,
2974 &InJob,
2975 &TokenHandle,
2976 &JobHandle);
2977 if (SaferStatus == 0xFFFFFFFF)
2978 {
2979 /* Back in 2003, they didn't have an NTSTATUS for this... */
2983 goto Quickie;
2984 }
2985
2986 /* Other status codes are not-Safer related, just convert them */
2988 {
2990 BaseSetLastNTError(SaferStatus);
2992 goto Quickie;
2993 }
2994 }
2995 }
2996
2997 /* The last step is to figure out why the section object was not created */
2999 {
3001 {
3002 /* 16-bit binary. Should we use WOW or does the caller force VDM? */
3004 {
3005 /* Remember that we're launching WOW */
3006 IsWowApp = TRUE;
3007
3008 /* Create the VDM environment, it's valid for WOW too */
3010 &VdmAnsiEnv,
3011 &VdmUnicodeEnv);
3013 {
3015 goto Quickie;
3016 }
3017
3018 /* We're going to try this twice, so do a loop */
3020 {
3021 /* Pick which kind of WOW mode we want to run in */
3022 VdmBinaryType = (dwCreationFlags &
3023 CREATE_SEPARATE_WOW_VDM) ?
3025
3026 /* Get all the VDM settings and current status */
3028 lpApplicationName,
3029 lpCommandLine,
3030 lpCurrentDirectory,
3031 &VdmAnsiEnv,
3032 &CsrMsg[1],
3033 &VdmTask,
3034 dwCreationFlags,
3035 &StartupInfo,
3036 hUserToken);
3037
3038 /* If it worked, no need to try again */
3040
3041 /* Check if it's disallowed or if it's our second time */
3044 (VdmBinaryType == BINARY_TYPE_SEPARATE_WOW) ||
3046 {
3047 /* Fail the call -- we won't try again */
3050 goto Quickie;
3051 }
3052
3053 /* Try one more time, but with a separate WOW instance */
3054 dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
3055 }
3056
3057 /* Check which VDM state we're currently in */
3059 VDM_NOT_READY |
3060 VDM_READY))
3061 {
3063 /* VDM is not fully loaded, so not that much to undo */
3064 VdmUndoLevel = VDM_UNDO_PARTIAL;
3065
3066 /* Reset VDM reserve if needed */
3067 if (UseVdmReserve) VdmReserve = 1;
3068
3069 /* Get the required parameters and names for launch */
3071 VdmTask,
3072 VdmBinaryType,
3073 &VdmString,
3074 &VdmReserve);
3076 {
3079 goto Quickie;
3080 }
3081
3082 /* Update the command-line with the VDM one instead */
3083 lpCommandLine = VdmString.Buffer;
3084 lpApplicationName = NULL;
3085
3086 /* We don't want a console, detachment, nor a window */
3087 dwCreationFlags |= CREATE_NO_WINDOW;
3089
3090 /* Force feedback on */
3092 break;
3093
3094
3096 /* VDM is ready, so we have to undo everything */
3097 VdmUndoLevel = VDM_UNDO_REUSE;
3098
3099 /* Check if CSRSS wants us to wait on VDM */
3100 VdmWaitObject = CheckVdmMsg->WaitObjectForParent;
3101 break;
3102
3104 /* Something is wrong with VDM, we'll fail the call */
3108 goto Quickie;
3109
3110 default:
3111 break;
3112 }
3113
3114 /* Since to get NULL, we allocate from 0x1, account for this */
3115 VdmReserve--;
3116
3117 /* This implies VDM is ready, so skip everything else */
3118 if (VdmWaitObject) goto VdmShortCircuit;
3119
3120 /* Don't inherit handles since we're doing VDM now */
3121 bInheritHandles = FALSE;
3122
3123 /* Had the user passed in environment? If so, destroy it */
3124 if ((lpEnvironment) &&
3125 !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT))
3126 {
3127 RtlDestroyEnvironment(lpEnvironment);
3128 }
3129
3130 /* We've already done all these checks, don't do them again */
3131 SkipSaferAndAppCompat = TRUE;
3132 goto AppNameRetry;
3133 }
3134
3135 // There is no break here on purpose, so FORCEDOS drops down!
3136 }
3137
3141 {
3142 /* We're launching an executable application */
3143 BinarySubType = BINARY_TYPE_EXE;
3144
3145 /* We can drop here from other "cases" above too, so check */
3149 {
3150 /* We're launching a DOS application */
3151 VdmBinaryType = BINARY_TYPE_DOS;
3152
3153 /* Based on the caller environment, create a VDM one */
3155 &VdmAnsiEnv,
3156 &VdmUnicodeEnv);
3158 {
3160 goto Quickie;
3161 }
3162
3163 /* Check the current state of the VDM subsystem */
3165 lpApplicationName,
3166 lpCommandLine,
3167 lpCurrentDirectory,
3168 &VdmAnsiEnv,
3169 &CsrMsg[1],
3170 &VdmTask,
3171 dwCreationFlags,
3172 &StartupInfo,
3173 NULL);
3175 {
3176 /* Failed to inquire about VDM, fail the call */
3180 goto Quickie;
3181 };
3182
3183 /* Handle possible VDM states */
3185 VDM_NOT_READY |
3186 VDM_READY))
3187 {
3189 /* If VDM is not loaded, we'll do a partial undo */
3190 VdmUndoLevel = VDM_UNDO_PARTIAL;
3191
3192 /* A VDM process can't also be detached, so fail */
3194 {
3198 }
3199
3200 /* Get the required parameters and names for launch */
3202 VdmTask,
3203 VdmBinaryType,
3204 &VdmString,
3205 &VdmReserve);
3207 {
3210 goto Quickie;
3211 }
3212
3213 /* Update the command-line to launch VDM instead */
3214 lpCommandLine = VdmString.Buffer;
3215 lpApplicationName = NULL;
3216 break;
3217
3219 /* VDM is ready, so we have to undo everything */
3220 VdmUndoLevel = VDM_UNDO_REUSE;
3221
3222 /* Check if CSRSS wants us to wait on VDM */
3223 VdmWaitObject = CheckVdmMsg->WaitObjectForParent;
3224 break;
3225
3227 /* Something is wrong with VDM, we'll fail the call */
3231 goto Quickie;
3232
3233 default:
3234 break;
3235 }
3236
3237 /* Since to get NULL, we allocate from 0x1, account for this */
3238 VdmReserve--;
3239
3240 /* This implies VDM is ready, so skip everything else */
3241 if (VdmWaitObject) goto VdmShortCircuit;
3242
3243 /* Don't inherit handles since we're doing VDM now */
3244 bInheritHandles = FALSE;
3245
3246 /* Had the user passed in environment? If so, destroy it */
3247 if ((lpEnvironment) &&
3248 !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT))
3249 {
3250 RtlDestroyEnvironment(lpEnvironment);
3251 }
3252
3253 /* Use our VDM Unicode environment instead */
3254 lpEnvironment = VdmUnicodeEnv.Buffer;
3255 }
3256 else
3257 {
3258 /* It's a batch file, get the extension */
3260
3261 /* Make sure the extensions are correct */
3265 {
3269 goto Quickie;
3270 }
3271
3272 /* Check if we need to account for quotes around the path */
3273 CmdQuoteLength = CmdLineIsAppName || HasQuotes;
3274 if (!CmdLineIsAppName)
3275 {
3276 if (HasQuotes) CmdQuoteLength++;
3277 }
3278 else
3279 {
3280 CmdQuoteLength++;
3281 }
3282
3283 /* Calculate the length of the command line */
3284 CmdLineLength = wcslen(lpCommandLine);
3288
3289 /* Allocate space for the new command line */
3290 AnsiCmdCommand = RtlAllocateHeap(RtlGetProcessHeap(),
3291 0,
3292 CmdLineLength);
3293 if (!AnsiCmdCommand)
3294 {
3297 goto Quickie;
3298 }
3299
3300 /* Build it */
3302 if ((CmdLineIsAppName) || (HasQuotes))
3303 {
3305 }
3306 wcscat(AnsiCmdCommand, lpCommandLine);
3307 if ((CmdLineIsAppName) || (HasQuotes))
3308 {
3310 }
3311
3312 /* Create it as a Unicode String */
3313 RtlInitUnicodeString(&DebuggerString, AnsiCmdCommand);
3314
3315 /* Set the command line to this */
3316 lpCommandLine = DebuggerString.Buffer;
3317 lpApplicationName = NULL;
3319 }
3320
3321 /* We've already done all these checks, don't do them again */
3322 SkipSaferAndAppCompat = TRUE;
3323 goto AppNameRetry;
3324 }
3325
3327 {
3328 /* 64-bit binaries are not allowed to run on 32-bit ReactOS */
3332 goto Quickie;
3333 }
3334
3336 {
3337 /* Set the correct last error for this */
3340 break;
3341 }
3342
3343 default:
3344 {
3345 /* Any other error, convert it to a generic Win32 error */
3347 {
3351 goto Quickie;
3352 }
3353
3354 /* Otherwise, this must be success */
3356 break;
3357 }
3358 }
3359
3360 /* Is this not a WOW application, but a WOW32 VDM was requested for it? */
3362 {
3363 /* Ignore the nonsensical request */
3364 dwCreationFlags &= ~CREATE_SEPARATE_WOW_VDM;
3365 }
3366
3367 /* Did we already check information for the section? */
3368 if (!QuerySection)
3369 {
3370 /* Get some information about the executable */
3372 SectionImageInformation,
3373 &ImageInformation,
3374 sizeof(ImageInformation),
3375 NULL);
3377 {
3378 /* We failed, bail out */
3382 goto Quickie;
3383 }
3384
3385 /* Don't check this later */
3386 QuerySection = TRUE;
3387 }
3388
3389 /* Check if this was linked as a DLL */
3391 {
3392 /* These aren't valid images to try to execute! */
3396 goto Quickie;
3397 }
3398
3399 /* Don't let callers pass in this flag -- we'll only get it from IFEO */
3400 Flags &= ~PROCESS_CREATE_FLAGS_LARGE_PAGES;
3401
3402 /* Clear the IFEO-missing flag, before we know for sure... */
3403 ParameterFlags &= ~2;
3404
3405 /* If the process is being debugged, only read IFEO if the PEB says so */
3408 {
3409 /* Let's do this! Attempt to open IFEO */
3412 {
3413 /* We failed, set the flag so we store this in the parameters */
3415 }
3416 else
3417 {
3418 /* Was this our first time going through this path? */
3419 if (!DebuggerCmdLine)
3420 {
3421 /* Allocate a buffer for the debugger path */
3422 DebuggerCmdLine = RtlAllocateHeap(RtlGetProcessHeap(),
3423 0,
3425 if (!DebuggerCmdLine)
3426 {
3427 /* Close IFEO on failure */
3430
3431 /* Fail the call */
3434 goto Quickie;
3435 }
3436 }
3437
3438 /* Now query for the debugger */
3441 REG_SZ,
3442 DebuggerCmdLine,
3444 &ResultSize);
3447 (DebuggerCmdLine[0] == UNICODE_NULL))
3448 {
3449 /* If it's not there, or too small, or invalid, ignore it */
3450 RtlFreeHeap(RtlGetProcessHeap(), 0, DebuggerCmdLine);
3451 DebuggerCmdLine = NULL;
3452 }
3453
3454 /* Also query if we should map with large pages */
3457 REG_DWORD,
3458 &UseLargePages,
3459 sizeof(UseLargePages),
3460 NULL);
3462 {
3463 /* Do it! This is the only way this flag can be set */
3465 }
3466
3467 /* We're done with IFEO, can close it now */
3470 }
3471 }
3472
3473 /* Make sure the image was compiled for this processor */
3476 {
3477 /* It was not -- raise a hard error */
3478 ErrorResponse = ResponseOk;
3479 ErrorParameters[0] = (ULONG_PTR)&PathName;
3481 1,
3482 1,
3483 ErrorParameters,
3484 OptionOk,
3485 &ErrorResponse);
3487 {
3488 /* If it's really old, return this error */
3490 }
3491 else
3492 {
3493 /* Otherwise, return a more modern error */
3495 }
3496
3497 /* Go to the failure path */
3500 goto Quickie;
3501 }
3502
3503 /* Check if this isn't a Windows image */
3506 {
3507 /* Get rid of section-related information since we'll retry */
3508 NtClose(SectionHandle);
3509 SectionHandle = NULL;
3510 QuerySection = FALSE;
3511
3512 /* The only other non-Windows image type we support here is POSIX */
3514 {
3515 /* Bail out if it's something else */
3518 goto Quickie;
3519 }
3520
3521 /* Now build the command-line to have posix launch this image */
3523 lpApplicationName,
3524 lpCommandLine,
3525 &DebuggerString);
3527 {
3528 /* Bail out if that failed */
3530 goto Quickie;
3531 }
3532
3533 /* And re-try launching the process, with the new command-line now */
3534 lpCommandLine = DebuggerString.Buffer;
3535 lpApplicationName = NULL;
3536
3537 /* We've already done all these checks, don't do them again */
3538 SkipSaferAndAppCompat = TRUE;
3540 goto AppNameRetry;
3541 }
3542
3543 /* Was this image built for a version of Windows whose images we can run? */
3545 ImageInformation.SubSystemMinorVersion);
3547 {
3548 /* It was not, bail out */
3550 ImageInformation.SubSystemMajorVersion,
3551 ImageInformation.SubSystemMinorVersion);
3553 goto Quickie;
3554 }
3555
3556 /* Check if there is a debugger associated with the application */
3557 if (DebuggerCmdLine)
3558 {
3559 /* Get the length of the command line */
3562 {
3563 /* There's no command line, use the application name instead */
3564 lpCommandLine = (LPWSTR)lpApplicationName;
3566 }
3567
3568 /* Protect against overflow */
3570 {
3573 goto Quickie;
3574 }
3575
3576 /* Now add the length of the debugger command-line */
3578
3579 /* Again make sure we don't overflow */
3581 {
3584 goto Quickie;
3585 }
3586
3587 /* Account for the quotes and space between the two */
3589
3590 /* Convert to bytes, and make sure we don't overflow */
3593 {
3596 goto Quickie;
3597 }
3598
3599 /* Allocate space for the string */
3602 {
3605 goto Quickie;
3606 }
3607
3608 /* Set the length */
3609 RtlInitEmptyUnicodeString(&DebuggerString,
3610 DebuggerString.Buffer,
3612
3613 /* Now perform the command line creation */
3614 ImageDbgStatus = RtlAppendUnicodeToString(&DebuggerString,
3615 DebuggerCmdLine);
3619 ImageDbgStatus = RtlAppendUnicodeToString(&DebuggerString, lpCommandLine);
3621
3622 /* Make sure it all looks nice */
3624
3625 /* Update the command line and application name */
3626 lpCommandLine = DebuggerString.Buffer;
3627 lpApplicationName = NULL;
3628
3629 /* Close all temporary state */
3630 NtClose(SectionHandle);
3631 SectionHandle = NULL;
3632 QuerySection = FALSE;
3633
3634 /* Free all temporary memory */
3635 RtlFreeHeap(RtlGetProcessHeap(), 0, NameBuffer);
3636 NameBuffer = NULL;
3637 RtlFreeHeap(RtlGetProcessHeap(), 0, FreeBuffer);
3638 FreeBuffer = NULL;
3639 RtlFreeHeap(RtlGetProcessHeap(), 0, DebuggerCmdLine);
3640 DebuggerCmdLine = NULL;
3642 goto AppNameRetry;
3643 }
3644
3645 /* Initialize the process object attributes */
3647 lpProcessAttributes,
3648 NULL);
3650 {
3651 /* Augment them with information from the user */
3652
3653 LocalProcessAttributes = *lpProcessAttributes;
3656 &LocalProcessAttributes,
3657 NULL);
3658 }
3659
3660 /* Check if we're going to be debugged */
3662 {
3663 /* Set process flag */
3665 }
3666
3667 /* Check if we're going to be debugged */
3669 {
3670 /* Connect to DbgUi */
3673 {
3677 goto Quickie;
3678 }
3679
3680 /* Get the debug object */
3681 DebugHandle = DbgUiGetThreadDebugObject();
3682
3683 /* Check if only this process will be debugged */
3685 {
3686 /* Set process flag */
3688 }
3689 }
3690
3691 /* Set inherit flag */
3693
3694 /* Check if the process should be created with large pages */
3695 HavePrivilege = FALSE;
3696 PrivilegeState = NULL;
3698 {
3699 /* Acquire the required privilege so that the kernel won't fail the call */
3700 PrivilegeValue = SE_LOCK_MEMORY_PRIVILEGE;
3703 {
3704 /* Remember to release it later */
3705 HavePrivilege = TRUE;
3706 }
3707 }
3708
3709 /* Save the current TIB value since kernel overwrites it to store PEB */
3711
3712 /* Tell the kernel to create the process */
3714 PROCESS_ALL_ACCESS,
3715 ObjectAttributes,
3716 NtCurrentProcess(),
3717 Flags,
3718 SectionHandle,
3719 DebugHandle,
3720 NULL,
3721 InJob);
3722
3723 /* Load the PEB address from the hacky location where the kernel stores it */
3725
3726 /* And restore the old TIB value */
3728
3729 /* Release the large page privilege if we had acquired it */
3731
3732 /* And now check if the kernel failed to create the process */
3734 {
3735 /* Go to failure path */
3739 goto Quickie;
3740 }
3741
3742 /* Check if there is a priority class to set */
3744 {
3745 /* Reset current privilege state */
3746 RealTimePrivilegeState = NULL;
3747
3748 /* Is realtime priority being requested? */
3750 {
3751 /* Check if the caller has real-time access, and enable it if so */
3753 }
3754
3755 /* Set the new priority class and release the privilege */
3757 ProcessPriorityClass,
3758 &PriorityClass,
3761
3762 /* Check if we failed to set the priority class */
3764 {
3765 /* Bail out on failure */
3769 goto Quickie;
3770 }
3771 }
3772
3773 /* Check if the caller wants the default error mode */
3775 {
3776 /* Set Error Mode to only fail on critical errors */
3777 HardErrorMode = SEM_FAILCRITICALERRORS;
3780 &HardErrorMode,
3782 }
3783
3784 /* Check if this was a VDM binary */
3785 if (VdmBinaryType)
3786 {
3787 /* Update VDM by telling it the process has now been created */
3788 VdmWaitObject = ProcessHandle;
3790 &VdmWaitObject,
3791 VdmTask,
3792 VdmBinaryType);
3793
3795 {
3796 /* Bail out on failure */
3798 VdmWaitObject = NULL;
3799 goto Quickie;
3800 }
3801
3802 /* At this point, a failure means VDM has to undo all the state */
3803 VdmUndoLevel |= VDM_UNDO_FULL;
3804 }
3805
3806 /* Check if VDM needed reserved low-memory */
3807 if (VdmReserve)
3808 {
3809 /* Reserve the requested allocation */
3810 RegionSize = VdmReserve;
3812 &BaseAddress,
3813 0,
3814 &RegionSize,
3815 MEM_RESERVE,
3816 PAGE_EXECUTE_READWRITE);
3818 {
3819 /* Bail out on failure */
3823 goto Quickie;
3824 }
3825
3827 }
3828
3829 /* Check if we've already queried information on the section */
3830 if (!QuerySection)
3831 {
3832 /* We haven't, so get some information about the executable */
3834 SectionImageInformation,
3835 &ImageInformation,
3836 sizeof(ImageInformation),
3837 NULL);
3839 {
3840 /* Bail out on failure */
3844 goto Quickie;
3845 }
3846
3847 /* If we encounter a restart, don't re-query this information again */
3848 QuerySection = TRUE;
3849 }
3850
3851 /* Do we need to apply SxS to this image? (On x86 this flag is set by PeFmtCreateSection) */
3853 {
3854 /* Too bad, we don't support this yet */
3856 }
3857
3858 /* There's some SxS flag that we need to set if fusion flags have 1 set */
3860
3861 /* Check if we have a current directory */
3862 if (lpCurrentDirectory)
3863 {
3864 /* Allocate a buffer so we can keep a Unicode copy */
3867 0,
3871 {
3872 /* Bail out if this failed */
3875 goto Quickie;
3876 }
3877
3878 /* Get the length in Unicode */
3880 MAX_PATH,
3881 CurrentDirectory,
3882 &FilePart);
3884 {
3885 /* The directory is too long, so bail out */
3888 goto Quickie;
3889 }
3890
3891 /* Make sure the directory is actually valid */
3894 !(FileAttribs & FILE_ATTRIBUTE_DIRECTORY))
3895 {
3896 /* It isn't, so bail out */
3900 goto Quickie;
3901 }
3902 }
3903
3904 /* Insert quotes if needed */
3905 if ((QuotesNeeded) || (CmdLineIsAppName))
3906 {
3907 /* Allocate our buffer, plus enough space for quotes and a NULL */
3908 QuotedCmdLine = RtlAllocateHeap(RtlGetProcessHeap(),
3909 0,
3912 if (QuotedCmdLine)
3913 {
3914 /* Copy the first quote */
3916
3917 /* Save the current null-character */
3918 if (QuotesNeeded)
3919 {
3920 SaveChar = *NullBuffer;
3921 *NullBuffer = UNICODE_NULL;
3922 }
3923
3924 /* Copy the command line and the final quote */
3925 wcscat(QuotedCmdLine, lpCommandLine);
3927
3928 /* Copy the null-char back */
3929 if (QuotesNeeded)
3930 {
3931 *NullBuffer = SaveChar;
3932 wcscat(QuotedCmdLine, NullBuffer);
3933 }
3934 }
3935 else
3936 {
3937 /* We can't put quotes around the thing, so try it anyway */
3940 }
3941 }
3942
3943 /* Use isolation if needed */
3945
3946 /* Set the new command-line if needed */
3947 if ((QuotesNeeded) || (CmdLineIsAppName)) lpCommandLine = QuotedCmdLine;
3948
3949 /* Call the helper function in charge of RTL_USER_PROCESS_PARAMETERS */
3951 ProcessHandle,
3952 RemotePeb,
3953 lpApplicationName,
3954 CurrentDirectory,
3955 lpCommandLine,
3956 lpEnvironment,
3957 &StartupInfo,
3958 dwCreationFlags | NoWindow,
3959 bInheritHandles,
3960 IsWowApp ? IMAGE_SUBSYSTEM_WINDOWS_GUI: 0,
3961 AppCompatData,
3962 AppCompatDataSize);
3964 {
3965 /* The remote process would have an undefined state, so fail the call */
3967 goto Quickie;
3968 }
3969
3970 /* Free the VDM command line string as it's no longer needed */
3971 RtlFreeUnicodeString(&VdmString);
3973
3974 /* Non-VDM console applications usually inherit handles unless specified */
3975 if (!(VdmBinaryType) &&
3976 !(bInheritHandles) &&
3978 !(dwCreationFlags & (CREATE_NO_WINDOW |
3979 CREATE_NEW_CONSOLE |
3980 DETACHED_PROCESS)) &&
3982 {
3983 /* Get the remote parameters */
3985 &RemotePeb->ProcessParameters,
3986 &ProcessParameters,
3988 NULL);
3990 {
3991 /* Duplicate standard input unless it's a console handle */
3993 {
3996 &ProcessParameters->StandardInput);
3997 }
3998
3999 /* Duplicate standard output unless it's a console handle */
4001 {
4004 &ProcessParameters->StandardOutput);
4005 }
4006
4007 /* Duplicate standard error unless it's a console handle */
4009 {
4012 &ProcessParameters->StandardError);
4013 }
4014 }
4015 }
4016
4017 /* Create the Thread's Stack */
4020 ImageInformation.CommittedStackSize,
4021 StackSize,
4022 &InitialTeb);
4024 {
4028 goto Quickie;
4029 }
4030
4031 /* Create the Thread's Context */
4033 RemotePeb,
4034 ImageInformation.TransferAddress,
4035 InitialTeb.StackBase,
4036 0);
4037
4038 /* Convert the thread attributes */
4040 lpThreadAttributes,
4041 NULL);
4043 {
4044 /* If the caller specified a user token, zero the security descriptor */
4045 LocalThreadAttributes = *lpThreadAttributes;
4048 &LocalThreadAttributes,
4049 NULL);
4050 }
4051
4052 /* Create the Kernel Thread Object */
4054 THREAD_ALL_ACCESS,
4055 ObjectAttributes,
4056 ProcessHandle,
4057 &ClientId,
4058 &Context,
4059 &InitialTeb,
4060 TRUE);
4062 {
4063 /* A process is not allowed to exist without a main thread, so fail */
4067 goto Quickie;
4068 }
4069
4070 /* Begin filling out the CSRSS message, first with our IDs and handles */
4072 CreateProcessMsg->ThreadHandle = ThreadHandle;
4074
4075 /* Write the remote PEB address and clear it locally, we no longer use it */
4076 CreateProcessMsg->PebAddressNative = RemotePeb;
4077#ifdef _WIN64
4079 CreateProcessMsg->PebAddressWow64 = 0;
4080#else
4082#endif
4083 RemotePeb = NULL;
4084
4085 /* Now check what kind of architecture this image was made for */
4087 {
4088 /* IA32, IA64 and AMD64 are supported in Server 2003 */
4091 break;
4094 break;
4097 break;
4098
4099 /* Anything else results in image unknown -- but no failure */
4100 default:
4102 ImageInformation.Machine);
4104 break;
4105 }
4106
4107 /* Write the input creation flags except any debugger-related flags */
4108 CreateProcessMsg->CreationFlags = dwCreationFlags &
4110
4111 /* CSRSS needs to know if this is a GUI app or not */
4113 (IsWowApp))
4114 {
4115 /*
4116 * For GUI apps we turn on the 2nd bit. This allow CSRSS server dlls
4117 * (basesrv in particular) to know whether or not this is a GUI or a
4118 * TUI application.
4119 */
4121
4122 /* Also check if the parent is also a GUI process */
4124 if ((NtHeaders) &&
4126 {
4127 /* Let it know that it should display the hourglass mouse cursor */
4129 }
4130 }
4131
4132 /* For all apps, if this flag is on, the hourglass mouse cursor is shown.
4133 * Likewise, the opposite holds as well, and no-feedback has precedence. */
4135 {
4137 }
4139 {
4141 }
4142
4143 /* Also store which kind of VDM app (if any) this is */
4144 CreateProcessMsg->VdmBinaryType = VdmBinaryType;
4145
4146 /* And if it really is a VDM app... */
4147 if (VdmBinaryType)
4148 {
4149 /* Store the VDM console handle (none if inherited or WOW app) and the task ID */
4151 CreateProcessMsg->VdmTask = VdmTask;
4152 }
4153 else if (VdmReserve)
4154 {
4155 /* Extended VDM, set a flag */
4157 }
4158
4159 /* Check if there's side-by-side assembly data associated with the process */
4161 {
4162 /* This should not happen in ReactOS yet */
4167 goto Quickie;
4168 }
4169
4170 /* We are finally ready to call CSRSS to tell it about our new process! */
4172 CaptureBuffer,
4174 BasepCreateProcess),
4175 sizeof(*CreateProcessMsg));
4176
4177 /* CSRSS has returned, free the capture buffer now if we had one */
4178 if (CaptureBuffer)
4179 {
4180 CsrFreeCaptureBuffer(CaptureBuffer);
4181 CaptureBuffer = NULL;
4182 }
4183
4184 /* Check if CSRSS failed to accept ownership of the new Windows process */
4186 {
4187 /* Terminate the process and enter failure path with the CSRSS status */
4192 goto Quickie;
4193 }
4194
4195 /* Check if we have a token due to Authz/Safer, not passed by the user */
4197 {
4198 /* Replace the process and/or thread token with the one from Safer */
4200 ProcessHandle,
4201 ThreadHandle);
4203 {
4204 /* If this failed, kill the process and enter the failure path */
4209 goto Quickie;
4210 }
4211 }
4212
4213 /* Check if a job was associated with this process */
4214 if (JobHandle)
4215 {
4216 /* Bind the process and job together now */
4219 {
4220 /* Kill the process and enter the failure path if binding failed */
4225 goto Quickie;
4226 }
4227 }
4228
4229 /* Finally, resume the thread to actually get the process started */
4231 {
4233 }
4234
4235VdmShortCircuit:
4236 /* We made it this far, meaning we have a fully created process and thread */
4238
4239 /* Anyone doing a VDM undo should now undo everything, since we are done */
4241
4242 /* Having a VDM wait object implies this must be a VDM process */
4243 if (VdmWaitObject)
4244 {
4245 /* Check if it's a 16-bit separate WOW process */
4247 {
4248 /* OR-in the special flag to indicate this, and return to caller */
4249 AddToHandle(VdmWaitObject, 2);
4250 lpProcessInformation->hProcess = VdmWaitObject;
4251
4252 /* Check if this was a re-used VDM */
4254 {
4255 /* No Client ID should be returned in this case */
4258 }
4259 }
4260 else
4261 {
4262 /* OR-in the special flag to indicate this is not a separate VDM,
4263 * and return the handle to the caller */
4264 AddToHandle(VdmWaitObject, 1);
4265 lpProcessInformation->hProcess = VdmWaitObject;
4266 }
4267
4268 /* Close the original process handle, since it's not needed for VDM */
4270 }
4271 else
4272 {
4273 /* This is a regular process, so return the real process handle */
4274 lpProcessInformation->hProcess = ProcessHandle;
4275 }
4276
4277 /* Return the rest of the process information based on what we have so far */
4278 lpProcessInformation->hThread = ThreadHandle;
4281
4282 /* NULL these out here so we know to treat this as a success scenario */
4284 ThreadHandle = NULL;
4285
4286Quickie:
4287 /* Free the debugger command line if one was allocated */
4289
4290 /* Check if an SxS full path as queried */
4291 if (PathBuffer)
4292 {
4293 /* Reinitialize the executable path */
4294 RtlInitEmptyUnicodeString(&SxsWin32ExePath, NULL, 0);
4295 SxsWin32ExePath.Length = 0;
4296
4297 /* Free the path buffer */
4298 RtlFreeHeap(RtlGetProcessHeap(), 0, PathBuffer);
4299 }
4300
4301#if _SXS_SUPPORT_ENABLED_
4302 /* Check if this was a non-VDM process */
4303 if (!VdmBinaryType)
4304 {
4305 /* Then it must've had SxS data, so close the handles used for it */
4306 BasepSxsCloseHandles(&Handles);
4307 BasepSxsCloseHandles(&FileHandles);
4308
4309 /* Check if we built SxS byte buffers for this create process request */
4310 if (SxsConglomeratedBuffer)
4311 {
4312 /* Loop all of them */
4314 {
4315 /* Check if this one was allocated */
4316 ThisBuffer = SxsStaticBuffers[i];
4317 if (ThisBuffer)
4318 {
4319 /* Get the underlying RTL_BUFFER structure */
4320 ByteBuffer = &ThisBuffer->ByteBuffer;
4322 {
4323 /* Check if it was dynamic */
4325 {
4326 /* Free it from the heap */
4329 }
4330
4331 /* Reset the buffer to its static data */
4334 }
4335
4336 /* Reset the string to the static buffer */
4337 RtlInitEmptyUnicodeString(&ThisBuffer->String,
4339 ByteBuffer->StaticSize);
4341 {
4342 /* Also NULL-terminate it */
4344 }
4345 }
4346 }
4347 }
4348 }
4349#endif
4350 /* Check if an environment was passed in */
4352 {
4353 /* Destroy it */
4354 RtlDestroyEnvironment(lpEnvironment);
4355
4356 /* If this was the VDM environment too, clear that as well */
4358 lpEnvironment = NULL;
4359 }
4360
4361 /* Unconditionally free all the name parsing buffers we always allocate */
4362 RtlFreeHeap(RtlGetProcessHeap(), 0, QuotedCmdLine);
4363 RtlFreeHeap(RtlGetProcessHeap(), 0, NameBuffer);
4365 RtlFreeHeap(RtlGetProcessHeap(), 0, FreeBuffer);
4366
4367 /* Close open file/section handles */
4370
4371 /* If we have a thread handle, this was a failure path */
4372 if (ThreadHandle)
4373 {
4374 /* So kill the process and close the thread handle */
4376 NtClose(ThreadHandle);
4377 }
4378
4379 /* If we have a process handle, this was a failure path, so close it */
4381
4382 /* Thread/process handles, if any, are now processed. Now close this one. */
4384
4385 /* Check if we had created a token */
4387 {
4388 /* And if the user asked for one */
4390 {
4391 /* Then return it */
4392 *hNewToken = TokenHandle;
4393 }
4394 else
4395 {
4396 /* User didn't want it, so we used it temporarily -- close it */
4398 }
4399 }
4400
4401 /* Free any temporary app compatibility data, it's no longer needed */
4402 BasepFreeAppCompatData(AppCompatData, AppCompatSxsData);
4403
4404 /* Free a few strings. The API takes care of these possibly being NULL */
4405 RtlFreeUnicodeString(&VdmString);
4406 RtlFreeUnicodeString(&DebuggerString);
4407
4408 /* Check if we had built any sort of VDM environment */
4410 {
4411 /* Free it */
4412 BaseDestroyVDMEnvironment(&VdmAnsiEnv, &VdmUnicodeEnv);
4413 }
4414
4415 /* Check if this was any kind of VDM application that we ended up creating */
4417 {
4418 /* Send an undo */
4420 (PHANDLE)&VdmTask,
4421 VdmUndoLevel,
4422 VdmBinaryType);
4423
4424 /* And close whatever VDM handle we were using for notifications */
4426 }
4427
4428 /* Check if we ended up here with an allocated search path, and free it */
4430
4431 /* Finally, return the API's result */
4433}
NTSTATUS NTAPI NtCreateSection(OUT PHANDLE SectionHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN PLARGE_INTEGER MaximumSize OPTIONAL, IN ULONG SectionPageProtection OPTIONAL, IN ULONG AllocationAttributes, IN HANDLE FileHandle OPTIONAL)
Definition: section.c:3083
static IN ULONG IN PWSTR OUT PCWSTR OUT PBOOLEAN OUT PATH_TYPE_AND_UNKNOWN * PathType
Definition: RtlGetFullPathName_Ustr.c:44
NTSTATUS WINAPI BasepCheckBadapp(IN HANDLE FileHandle, IN PWCHAR ApplicationName, IN PWCHAR Environment, IN USHORT ExeType, IN PVOID *SdbQueryAppCompatData, IN PULONG SdbQueryAppCompatDataSize, IN PVOID *SxsData, IN PULONG SxsDataSize, OUT PULONG FusionFlags)
Definition: appcache.c:374
VOID WINAPI BasepFreeAppCompatData(IN PVOID AppCompatData, IN PVOID AppCompatSxsData)
Definition: appcache.c:444
LPWSTR WINAPI BaseComputeProcessExePath(IN LPWSTR FullPath)
Definition: path.c:405
DWORD WINAPI SearchPathW(IN LPCWSTR lpPath OPTIONAL, IN LPCWSTR lpFileName, IN LPCWSTR lpExtension OPTIONAL, IN DWORD nBufferLength, OUT LPWSTR lpBuffer, OUT LPWSTR *lpFilePart OPTIONAL)
Definition: path.c:1298
BOOLEAN WINAPI BasePushProcessParameters(IN ULONG ParameterFlags, IN HANDLE ProcessHandle, IN PPEB RemotePeb, IN LPCWSTR ApplicationPathName, IN LPWSTR lpCurrentDirectory, IN LPWSTR lpCommandLine, IN LPVOID lpEnvironment, IN LPSTARTUPINFOW StartupInfo, IN DWORD CreationFlags, IN BOOL InheritHandles, IN ULONG ImageSubsystem, IN PVOID AppCompatData, IN ULONG AppCompatDataSize)
Definition: proc.c:482
NTSTATUS WINAPI BasepCheckWebBladeHashes(IN HANDLE FileHandle)
Definition: proc.c:147
VOID WINAPI StuffStdHandle(IN HANDLE ProcessHandle, IN HANDLE StandardHandle, IN PHANDLE Address)
Definition: proc.c:55
BOOLEAN WINAPI BuildSubSysCommandLine(IN LPCWSTR SubsystemName, IN LPCWSTR ApplicationName, IN LPCWSTR CommandLine, OUT PUNICODE_STRING SubsysCommandLine)
Definition: proc.c:87
NTSTATUS WINAPI BasepIsProcessAllowed(IN LPWSTR ApplicationName)
Definition: proc.c:200
NTSTATUS WINAPI BasepReplaceProcessThreadTokens(IN HANDLE TokenHandle, IN HANDLE ProcessHandle, IN HANDLE ThreadHandle)
Definition: proc.c:352
VOID WINAPI BasepSxsCloseHandles(IN PBASE_MSG_SXS_HANDLES Handles)
Definition: proc.c:415
BOOLEAN WINAPI BasepIsImageVersionOk(IN ULONG ImageMajorVersion, IN ULONG ImageMinorVersion)
Definition: proc.c:121
NTSTATUS WINAPI BaseCreateStack(_In_ HANDLE hProcess, _In_opt_ SIZE_T StackCommit, _In_opt_ SIZE_T StackReserve, _Out_ PINITIAL_TEB InitialTeb)
Definition: utils.c:355
VOID WINAPI BaseInitializeContext(IN PCONTEXT Context, IN PVOID Parameter, IN PVOID StartAddress, IN PVOID StackAddress, IN ULONG ContextType)
Definition: utils.c:514
POBJECT_ATTRIBUTES WINAPI BaseFormatObjectAttributes(OUT POBJECT_ATTRIBUTES ObjectAttributes, IN PSECURITY_ATTRIBUTES SecurityAttributes OPTIONAL, IN PUNICODE_STRING ObjectName)
Definition: utils.c:305
NTSTATUS WINAPI BasepCheckWinSaferRestrictions(IN HANDLE UserToken, IN LPWSTR ApplicationName, IN HANDLE FileHandle, OUT PBOOLEAN InJob, OUT PHANDLE NewToken, OUT PHANDLE JobHandle)
Definition: utils.c:922
ULONG WINAPI BaseIsDosApplication(IN PUNICODE_STRING PathName, IN NTSTATUS Status)
Definition: vdm.c:66
BOOL NTAPI BaseDestroyVDMEnvironment(IN PANSI_STRING AnsiEnv, IN PUNICODE_STRING UnicodeEnv)
Definition: vdm.c:1034
BOOL WINAPI BaseGetVdmConfigInfo(IN LPCWSTR CommandLineReserved, IN ULONG DosSeqId, IN ULONG BinaryType, IN PUNICODE_STRING CmdLineString, OUT PULONG VdmSize)
Definition: vdm.c:652
BOOL WINAPI BaseUpdateVDMEntry(IN ULONG UpdateIndex, IN OUT PHANDLE WaitHandle, IN ULONG IndexInfo, IN ULONG BinaryType)
Definition: vdm.c:542
BOOL NTAPI BaseCreateVDMEnvironment(IN PWCHAR lpEnvironment, OUT PANSI_STRING AnsiEnv, OUT PUNICODE_STRING UnicodeEnv)
Definition: vdm.c:744
NTSTATUS WINAPI BaseCheckVDM(IN ULONG BinaryType, IN PCWCH ApplicationName, IN PCWCH CommandLine, IN PCWCH CurrentDirectory, IN PANSI_STRING AnsiEnvironment, IN PBASE_API_MESSAGE ApiMessage, IN OUT PULONG iTask, IN DWORD CreationFlags, IN LPSTARTUPINFOW StartupInfo, IN HANDLE hUserToken OPTIONAL)
Definition: vdm.c:91
_ACRTIMP int __cdecl _wcsnicmp(const wchar_t *, const wchar_t *, size_t)
Definition: wcs.c:195
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
NTSTATUS NTAPI NtRaiseHardError(IN NTSTATUS ErrorStatus, IN ULONG NumberOfParameters, IN ULONG UnicodeStringParameterMask, IN PULONG_PTR Parameters, IN ULONG ValidResponseOptions, OUT PULONG Response)
Definition: harderr.c:551
#define PROCESS_CREATE_FLAGS_INHERIT_HANDLES
Definition: pstypes.h:89
#define PROCESS_PRIORITY_CLASS_ABOVE_NORMAL
Definition: pstypes.h:108
#define PROCESS_PRIORITY_CLASS_BELOW_NORMAL
Definition: pstypes.h:107
#define PROCESS_CREATE_FLAGS_NO_DEBUG_INHERIT
Definition: pstypes.h:88
NTSTATUS NTAPI LdrQueryImageFileKeyOption(_In_ HANDLE KeyHandle, _In_ PCWSTR ValueName, _In_ ULONG Type, _Out_ PVOID Buffer, _In_ ULONG BufferSize, _Out_opt_ PULONG ReturnedLength)
Definition: ldrinit.c:188
NTSTATUS NTAPI LdrOpenImageFileOptionsKey(_In_ PUNICODE_STRING SubKey, _In_ BOOLEAN Wow64, _Out_ PHANDLE NewKeyHandle)
Definition: ldrinit.c:115
PVOID PVOID PWCHAR PVOID USHORT PULONG PVOID PULONG PVOID PULONG PULONG FusionFlags
Definition: env.c:49
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize _Pre_valid_ PVOID * BaseAddress
Definition: mmfuncs.h:404
NTSYSAPI ULONG NTAPI RtlIsDosDeviceName_U(_In_ PCWSTR Name)
NTSYSAPI NTSTATUS NTAPI RtlAcquirePrivilege(_In_ PULONG Privilege, _In_ ULONG NumPriv, _In_ ULONG Flags, _Out_ PVOID *ReturnedState)
NTSTATUS NTAPI RtlGetFullPathName_UstrEx(_In_ PUNICODE_STRING FileName, _In_opt_ PUNICODE_STRING StaticString, _In_opt_ PUNICODE_STRING DynamicString, _Out_opt_ PUNICODE_STRING *StringUsed, _Out_opt_ PSIZE_T FilePartSize, _Out_opt_ PBOOLEAN NameInvalid, _Out_ RTL_PATH_TYPE *PathType, _Out_opt_ PSIZE_T LengthNeeded)
VOID NTAPI RtlReleaseRelativeName(_In_ PRTL_RELATIVE_NAME_U RelativeName)
NTSYSAPI VOID NTAPI RtlDestroyEnvironment(_In_ PWSTR Environment)
Definition: env.c:116
NTSYSAPI RTL_PATH_TYPE NTAPI RtlDetermineDosPathNameType_U(_In_ PCWSTR Path)
NTSYSAPI VOID NTAPI RtlReleasePrivilege(_In_ PVOID ReturnedState)
NTSYSAPI BOOLEAN NTAPI RtlDosPathNameToRelativeNtPathName_U(_In_ PCWSTR DosName, _Out_ PUNICODE_STRING NtName, _Out_ PCWSTR *PartName, _Out_ PRTL_RELATIVE_NAME_U RelativeName)
enum _RTL_PATH_TYPE RTL_PATH_TYPE
NTSYSAPI NTSTATUS NTAPI NtOpenFile(OUT PHANDLE phFile, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, OUT PIO_STATUS_BLOCK pIoStatusBlock, IN ULONG ShareMode, IN ULONG OpenMode)
Definition: file.c:3950
NTSYSAPI NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, PANSI_STRING SourceString, BOOLEAN AllocateDestinationString)
NTSTATUS NTAPI NtTerminateProcess(HANDLE ProcessHandle, LONG ExitStatus)
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
NTSYSAPI NTSTATUS NTAPI NtCreateThread(OUT PHANDLE phThread, IN ACCESS_MASK AccessMask, IN POBJECT_ATTRIBUTES ObjectAttributes, IN HANDLE hProcess, OUT PCLIENT_ID pClientId, IN PCONTEXT pContext, OUT PSTACKINFO pStackInfo, IN BOOLEAN bSuspended)
#define UNICODE_STRING_MAX_CHARS
#define UNICODE_STRING_MAX_BYTES
#define VER_SUITE_DATACENTER
#define VER_SUITE_PERSONAL
#define ANSI_NULL
#define IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
Definition: ntimage.h:458
NTSTATUS NTAPI NtFreeVirtualMemory(IN HANDLE ProcessHandle, IN PVOID *UBaseAddress, IN PSIZE_T URegionSize, IN ULONG FreeType)
Definition: virtual.c:5192
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2781
NTSTATUS NTAPI NtIsProcessInJob(IN HANDLE ProcessHandle, IN HANDLE JobHandle OPTIONAL)
Definition: job.c:361
NTSTATUS NTAPI NtAssignProcessToJobObject(HANDLE JobHandle, HANDLE ProcessHandle)
Definition: job.c:157
NTSTATUS NTAPI NtCreateProcessEx(OUT PHANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN HANDLE ParentProcess, IN ULONG Flags, IN HANDLE SectionHandle OPTIONAL, IN HANDLE DebugPort OPTIONAL, IN HANDLE ExceptionPort OPTIONAL, IN BOOLEAN InJob)
Definition: process.c:1344
NTSTATUS NTAPI NtSetInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _In_reads_bytes_(ProcessInformationLength) PVOID ProcessInformation, _In_ ULONG ProcessInformationLength)
Definition: query.c:1390
NTSTATUS NTAPI NtResumeThread(IN HANDLE ThreadHandle, OUT PULONG SuspendCount OPTIONAL)
Definition: state.c:290
#define STATUS_IMAGE_MACHINE_TYPE_MISMATCH_EXE
Definition: ntstatus.h:224
VOID NTAPI CsrFreeCaptureBuffer(_In_ _Frees_ptr_ PCSR_CAPTURE_BUFFER CaptureBuffer)
Definition: capture.c:210
NTSTATUS NTAPI CsrClientCallServer(_Inout_ PCSR_API_MESSAGE ApiMessage, _Inout_opt_ PCSR_CAPTURE_BUFFER CaptureBuffer, _In_ CSR_API_NUMBER ApiNumber, _In_ ULONG DataLength)
Definition: connect.c:366
NTSTATUS NTAPI NtQuerySection(_In_ HANDLE SectionHandle, _In_ SECTION_INFORMATION_CLASS SectionInformationClass, _Out_ PVOID SectionInformation, _In_ SIZE_T SectionInformationLength, _Out_opt_ PSIZE_T ResultLength)
Definition: section.c:3812
Definition: basemsg.h:274
BASE_CREATE_PROCESS CreateProcessRequest
Definition: basemsg.h:283
union _BASE_API_MESSAGE::@3833 Data
Definition: basemsg.h:119
Definition: basemsg.h:85
Definition: kernel32.h:393
Definition: compat.h:824
Definition: nt_native.h:1409
Definition: csrmsg.h:101
Definition: csrmsg.h:91
Definition: ntddk_ex.h:181
Definition: pstypes.h:725
Definition: env_spec_w32.h:870
Definition: pstypes.h:1034
Definition: rtltypes.h:1891
Definition: rtltypes.h:1373
Definition: rtltypes.h:1901
Definition: mmtypes.h:340
USHORT ImageCharacteristics
Definition: mmtypes.h:356
USHORT SubSystemMinorVersion
Definition: mmtypes.h:350
USHORT SubSystemMajorVersion
Definition: mmtypes.h:351
Definition: compat.h:191
Definition: processthreadsapi.h:37
Definition: kernel32.h:407
Definition: kernel32.h:401
Definition: compat.h:836
NTSYSAPI HANDLE WINAPI DbgUiGetThreadDebugObject(void)
Definition: dbgui.c:333
#define ERROR_ACCESS_DISABLED_WEBBLADE_TAMPER
Definition: winerror.h:1105
Referenced by CreateProcessW().
◆ CreateProcessW()
| BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessW | ( | LPCWSTR | lpApplicationName, |
| LPWSTR | lpCommandLine, | ||
| LPSECURITY_ATTRIBUTES | lpProcessAttributes, | ||
| LPSECURITY_ATTRIBUTES | lpThreadAttributes, | ||
| BOOL | bInheritHandles, | ||
| DWORD | dwCreationFlags, | ||
| LPVOID | lpEnvironment, | ||
| LPCWSTR | lpCurrentDirectory, | ||
| LPSTARTUPINFOW | lpStartupInfo, | ||
| LPPROCESS_INFORMATION | lpProcessInformation | ||
| ) |
Definition at line 4441 of file proc.c.
4451{
4452 /* Call the internal (but exported) version */
4454 lpApplicationName,
4455 lpCommandLine,
4456 lpProcessAttributes,
4457 lpThreadAttributes,
4458 bInheritHandles,
4459 dwCreationFlags,
4460 lpEnvironment,
4461 lpCurrentDirectory,
4462 lpStartupInfo,
4463 lpProcessInformation,
4464 NULL);
4465}
BOOL WINAPI CreateProcessInternalW(IN HANDLE hUserToken, IN LPCWSTR lpApplicationName, IN LPWSTR lpCommandLine, IN LPSECURITY_ATTRIBUTES lpProcessAttributes, IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN BOOL bInheritHandles, IN DWORD dwCreationFlags, IN LPVOID lpEnvironment, IN LPCWSTR lpCurrentDirectory, IN LPSTARTUPINFOW lpStartupInfo, IN LPPROCESS_INFORMATION lpProcessInformation, OUT PHANDLE hNewToken)
Definition: proc.c:2083
Referenced by alloc_console(), AudioDlgProc(), compile_cs(), ConsoleIMERoutine(), CorDebug_CreateProcess(), CProcess::CProcess(), create_pseudo_console(), create_server(), create_surrogate_server(), CreateClientProcess(), CreateProcessAsUserW(), CreateProcessWithTokenW(), do_register_dll(), execute_command(), HotkeyThread(), IDirectInputAImpl_RunControlPanel(), install_wine_gecko(), InstallDevice(), InstallLiveCD(), invoke_appwiz(), ITERATE_RemoveExistingProducts(), CNetConnectionPropertyUi::LANPropertiesUIDlg(), launch_exe(), CNewMenu::NewItemByCommand(), ProcessPage_OnDebug(), PromptAndRunProcessAs(), register_dll(), run_child(), run_rapps(), run_winemenubuilder(), runCmd(), RunControlPanelApplet(), RunCurrentJobs(), runscriptfile(), RunSetupThreadProc(), ScmStartUserModeService(), SHELL_ExecuteW(), start_debugger(), START_TEST(), StartChild(), StartLsass(), StartProcess(), StartServicesManager(), TaskManager_OnFileNew(), Test_CommandLine(), test_debug_loop_wow64(), test_loadpaths_execute(), TestStaticDestruct(), UnhandledExceptionFilter(), WshExec_create(), and wWinMain().
◆ ExitProcess()
Definition at line 1330 of file proc.c.
1331{
1332 BASE_API_MESSAGE ApiMessage;
1334
1336
1337 _SEH2_TRY
1338 {
1339 /* Acquire the PEB lock */
1340 RtlAcquirePebLock();
1341
1342 /* Kill all the threads */
1344
1345 /* Unload all DLLs */
1346 LdrShutdownProcess();
1347
1348 /* Notify Base Server of process termination */
1349 ExitProcessRequest->uExitCode = uExitCode;
1351 NULL,
1353 sizeof(*ExitProcessRequest));
1354
1355 /* Now do it again */
1357 }
1358 _SEH2_FINALLY
1359 {
1360 /* Release the PEB lock */
1361 RtlReleasePebLock();
1362 }
1363 _SEH2_END;
1364
1365 /* should never get here */
1366 ASSERT(0);
1367 while(1);
1368}
Definition: basemsg.h:114
Referenced by _CorExeMain(), _exit(), _font_assert(), _RunRemoteTest(), alarmThreadMain(), BaseProcessStartup(), BaseThreadStartup(), child_process(), CLRMetaHost_ExitProcess(), ConsoleControlDispatcher(), CtrlCIntercept(), DbgkExitProcess(), DECLARE_INTERFACE_(), DefaultConsoleCtrlHandler(), DevInstallW(), DisplayError(), dll_entry_point(), doChild(), doDebugger(), ErrorExit(), exit(), exit_or_terminate_process(), ExitThread(), FatalAppExitA(), FatalAppExitW(), FatalExit(), fls_exit_deadlock_child(), Host_Quit(), IEWinMain(), init(), LoadProc(), local_server_proc(), LogToFile(), main(), MyErrExit(), performUninstall(), restart_as_admin_elevated(), RpcRaiseException(), setupDelayHook(), ShellExec_RunDLL_Helper(), ShowUsage(), START_TEST(), StringListAppend(), test__popen_child(), test__popen_read_child(), thread_1(), VdmShutdown(), wait_debugger(), WatchDirectory(), WinMain(), wmainCRTStartup(), and wWinMain().
◆ FatalAppExitA()
Definition at line 1405 of file proc.c.
1407{
1408 PUNICODE_STRING MessageTextU;
1409 ANSI_STRING MessageText;
1411
1412 /* Initialize the string using the static TEB pointer */
1413 MessageTextU = &NtCurrentTeb()->StaticUnicodeString;
1415
1416 /* Convert to unicode, or just exit normally if this failed */
1419
1420 /* Call the Wide function */
1422}
VOID WINAPI FatalAppExitW(IN UINT uAction, IN LPCWSTR lpMessageText)
Definition: proc.c:1429
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
◆ FatalAppExitW()
Definition at line 1429 of file proc.c.
1431{
1435
1436 /* Setup the string to print out */
1438
1439 /* Display the hard error no matter what */
1441 1,
1442 1,
1445 /* On Checked builds, Windows allows the user to cancel the operation */
1446 OptionOkCancel,
1447#else
1448 OptionOk,
1449#endif
1450 &Response);
1451
1452 /* Give the user a chance to abort */
1454 {
1455 return;
1456 }
1457
1458 /* Otherwise kill the process */
1459 ExitProcess(0);
1460}
Definition: ncftp.h:89
WDF_EXTERN_C_START typedef _Must_inspect_result_ _In_opt_ PCUNICODE_STRING UnicodeString
Definition: wdfstring.h:64
Referenced by FatalAppExitA().
◆ FatalExit()
Definition at line 1467 of file proc.c.
1468{
1469#if DBG
1470 /* On Checked builds, Windows gives the user a nice little debugger UI */
1473
1474 /* Check for reactos specific flag (set by rosautotest) */
1476 {
1478 }
1479
1481 {
1484 {
1485 case 'B': case 'b':
1486 DbgBreakPoint();
1487 break;
1488
1489 case 'A': case 'a':
1490 ExitProcess(ExitCode);
1491
1492 case 'I': case 'i':
1493 return;
1494 }
1495 }
1496#endif
1497 /* On other builds, just kill the process */
1498 ExitProcess(ExitCode);
1499}
DECLSPEC_NORETURN NTSYSAPI VOID NTAPI RtlRaiseStatus(_In_ NTSTATUS Status)
NTSYSAPI ULONG NTAPI DbgPrompt(_In_z_ PCCH Prompt, _Out_writes_bytes_(MaximumResponseLength) PCH Response, _In_ ULONG MaximumResponseLength)
_In_ WDFIOTARGET _In_ _Strict_type_match_ WDF_IO_TARGET_SENT_IO_ACTION Action
Definition: wdfiotarget.h:510
NTSYSAPI void WINAPI DbgBreakPoint(void)
◆ FlushInstructionCache()
Definition at line 1306 of file proc.c.
1309{
1311
1312 /* Call the native function */
1315 {
1316 /* Handle failure case */
1319 }
1320
1321 /* All good */
1323}
NTSTATUS NTAPI NtFlushInstructionCache(_In_ HANDLE ProcessHandle, _In_opt_ PVOID BaseAddress, _In_ SIZE_T FlushSize)
Definition: virtual.c:3009
Referenced by test_cross_process_notifications().
◆ GetCommandLineA()
◆ GetCommandLineW()
◆ GetCurrentProcess()
◆ GetCurrentProcessId()
Definition at line 1155 of file proc.c.
Referenced by __security_init_cookie(), _getpid(), _mktemp(), _mktemp_s(), _Success_(), _wmktemp(), _wmktemp_s(), AddPortW(), adns_getpid(), apartment_construct(), child_process(), ClientLoadLibrary(), CloseProcess(), CMP_RegisterNotification(), CommitSpoolData(), ConfigurePortW(), create_test_element_from_hwnd(), CreateNotificationParamAndSend(), CreatePipe(), CreateProcessWithLogonW(), CreateToolhelp32Snapshot(), CURSORICON_CopyImage(), custom_start_server(), default_ctrl_handler(), DirectDrawClipper_Initialize(), dll_entry_point(), DllMain(), do_msidbCustomActionTypeDll(), doChild(), DPLAYX_CreateLobbyApplication(), DPLAYX_IsAppIdLobbied(), DumpNotificationState(), enum_modules64(), EnumWindowsProc(), ExtractAndInstallThread(), ExtractArchiveForExecution(), FreeChangeNotifications(), generate_ipid(), get_cmdline(), get_node_provider_description_string(), get_proc_address64(), GetProcessVersion(), GetSpoolFileHandle(), handle_msi_break(), IDirectPlayLobby3AImpl_SetConnectionSettings(), IDirectPlayLobby3Impl_SetConnectionSettings(), ImmGetImeMenuItemsAW(), Internal_CreatePalette(), Internal_CreateSurface(), ipid_to_ifstub(), IsBlockFromHeap(), LresultFromObject(), main(), mark_task_process(), new_stub_manager(), NotifyLogon(), ole_server(), openlog(), OutputDebugStringA(), ParseSharedPacket(), ProcessIdToSessionId(), RegisterDragDrop(), rpc_execute_call(), rpcrt4_protseq_ncacn_np_open_endpoint(), rpcrt4_protseq_ncalrpc_open_endpoint(), run_in_temp_desktop_thread_func(), ScConnectControlPipe(), CNotifyToolbar::SendNotifyCallback(), ServerThread(), service_main(), SHAllocShared(), SHAppBarMessage(), SHFreeShared(), SHGetAppCompatFlags(), SHHandleUpdateImage(), SHLockShared(), SHMapHandle(), SHUpdateImageW(), start_debugger(), START_TEST(), StartDirectDraw(), TelnetGetConsoleWindow(), test_AddSelfToJob(), test_alloc_shared(), test_alloc_shared_remote(), test_AttachConsole(), test_AttachConsole_child(), test_BreakawayOk(), Test_CloseDuplicatedSocket(), Test_CloseWhileSelectDuplicatedSocket(), test_CoGetCurrentProcess(), test_D3DKMTQueryVideoMemoryInfo(), test_debug_loop(), test_default_clientside_providers(), test_duplicate_handle_access(), test_Element_Find(), test_exception_dispatcher(), test_exit_process_async(), test_GetConsoleProcessList(), test_GetExtendedTcpTable_owner(), test_GetExtendedUdpTable_owner(), test_GetFocusedElement(), test_GetProcessVersion(), test_GetRootElement(), test_handles(), test_hook_cleanup_thread_proc(), test_init_block(), test_IUIAutomationEventHandler(), test_IUIAutomationFocusChangedEventHandler(), test_jobInheritance(), test_nested_jobs_child(), test_nt_wow64(), test_OpenProcess(), test_parent_process_attribute(), test_peb_teb(), test_process(), test_process_id(), test_process_security_child(), Test_ProcessModules(), test_query_handle(), test_query_handle_ex(), test_query_process(), test_query_process_vm(), test_QueryFullProcessImageNameW(), test_QueryInformationJobObject(), test_readvirtualmemory(), test_RtlQueryProcessDebugInformation(), test_session_info(), test_set_hook(), test_shared_handle_table(), test_SHCreateSessionKey(), test_syscalls(), test_tcp(), test_thread_lookup(), test_Toolhelp(), test_udp(), test_uia_com_focus_change_event_handler_win_event_handling(), test_UiaAddEvent(), test_UiaAddEvent_client_proc(), test_UiaFind(), test_UiaGetRootNode(), test_UiaGetRuntimeId(), test_UiaGetUpdatedCache(), test_UiaNavigate(), test_UiaNodeFromFocus(), test_UiaNodeFromHandle(), test_UiaNodeFromHandle_client_proc(), test_UiaNodeFromProvider(), test_UiaRegisterProviderCallback(), test_WaitForJobObject(), test_Win32_Process(), test_winevents(), test_WithWSAStartup(), test_ws_functions(), test_zero_access(), TestChannelHook_ClientFillBuffer(), TestChannelHook_ClientGetSize(), TestChannelHook_ClientNotify(), TestChannelHook_ServerGetSize(), TestChannelHook_ServerNotify(), ThemeDestroyWndData(), tmpnam_helper(), uia_com_event_handler_test_thread(), uia_nested_node_provider_attach_event(), uia_node_from_handle_test_thread(), uia_proxy_provider_win_event_handler_test_thread(), WDML_AddServer(), WinMain(), wmain(), wtmpnam_helper(), and wWinMain().
◆ GetCurrentThread()
Definition at line 1145 of file proc.c.
Referenced by __threadhandle(), AccpLookupCurrentUser(), AdjustAffinity(), AuthzpInitUnderImpersonation(), CheckTokenMembership(), ConsoleControlDispatcher(), DirectoryWatcherThreadFuncAPC(), dll_entry_point(), DwInitializeSdFromThreadToken(), exec_write_handler(), CShellCommandSACL::Execute(), GetProfileType(), GetSystemUserInfo(), GetUserNameW(), ImageView_Main(), IsCallerInteractive(), main(), OpenEffectiveToken(), PlaySound_ExpandEnvironmentStrings(), priorityTimeProc(), Privilege(), process_work_items(), RegOpenCurrentUser(), RevertToPrinterSelf(), rpcrt4_http_timer_thread(), RPCRT4_io_thread(), RPCRT4_server_thread(), CFindFolder::SearchThreadProc(), serverThreadMain2(), set_thread_name(), SetThreadToken(), SlideWindow(), SockAsyncThread(), start_address_thread(), start_fiber(), START_TEST(), test_affinity(), test_alertable(), test_CancelSynchronousIo(), test_cancelsynchronousio(), test_CoWaitForMultipleHandles(), test_CreateDirectoryA(), test_CreatePipe(), test_exec_memory_writes(), test_FileSecurity(), test_GetFileType(), test_GetNamedSecurityInfoA(), test_GetOverlappedResultEx(), test_GetSecurityInfo(), test_GetWindowsAccountDomainSid(), test_HideFromDebugger(), test_ImpersonateNamedPipeClient(), test_impersonation_level(), test_MsgWaitForMultipleObjects(), test_nonalertable(), test_NtGetCurrentProcessorNumber(), test_object_identity(), test_object_permanence(), test_post_completion(), test_pseudo_handle_security(), test_pseudo_tokens(), test_query_architectures(), test_query_object(), test_QueueUserAPC(), test_read_write(), test_selectors(), test_set_io_completion(), Test_SyscallPerformance(), test_thread_description(), test_thread_ideal_processor(), test_thread_info(), test_thread_priority(), test_thread_processor(), test_thread_start_address(), Test_ThreadBasicInformationClass(), test_ThreadEnableAlignmentFaultFixup(), Test_ThreadPriorityClass(), test_token(), test_user_apc(), test_WaitForMultipleObjects(), test_WaitForSingleObject(), TestTokenPrivilege(), ThreadFunc2(), threadFunc3(), TlsFree(), WahOpenCurrentThread(), WaveThread(), wmain(), and wWinMain().
◆ GetExitCodeProcess()
Definition at line 1165 of file proc.c.
1167{
1168 PROCESS_BASIC_INFORMATION ProcessBasic;
1170
1171 /* Ask the kernel */
1173 ProcessBasicInformation,
1174 &ProcessBasic,
1175 sizeof(ProcessBasic),
1176 NULL);
1178 {
1179 /* We failed, was this because this is a VDM process? */
1181
1182 /* Not a VDM process, fail the call */
1185 }
1186
1187 /* Succes case, return the exit code */
1190}
BOOL WINAPI BaseCheckForVDM(IN HANDLE ProcessHandle, OUT LPDWORD ExitCode)
Definition: vdm.c:618
NTSTATUS NTAPI NtQueryInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _Out_writes_bytes_to_opt_(ProcessInformationLength, *ReturnLength) PVOID ProcessInformation, _In_ ULONG ProcessInformationLength, _Out_opt_ PULONG ReturnLength)
Definition: query.c:211
Definition: winternl.h:404
Referenced by _cwait(), check_child_console_bits(), CloseProcessAndVerify_(), cmd_start(), CommandThreadProc(), crash_and_debug(), crash_and_winedbg(), custom_get_process_return(), DoTestEntry(), Execute(), execute_command(), ExecutePipeline(), LauncherRoutine2(), MonitorChildThread(), ProcessRunning(), read_reg_output_(), restart_as_admin_elevated(), run_child_wait(), run_ex(), run_rapps(), run_reg_exe_(), run_script_file(), runcmd(), runCmd(), runscriptfile(), RunSetupThreadProc(), runtime_is_usable(), shell_execute_ex_(), TerminateShell(), test_arm64ec(), test_CreateProcessWithDesktop(), test_CtrlHandlerSubsystem(), test_ddeml_server(), test_debug_loop_wow64(), test_DoInvalidDir(), test_end_to_end_server(), test_exit(), test_ExitProcess(), test_kill_on_exit(), test_loadpaths_execute(), test_msg_server(), test_pe_os_version(), test_quick_exit(), test_UiaAddEvent(), test_UiaNodeFromHandle(), WshExec_get_Status(), and WshShell3_Run().
◆ GetPriorityClass()
Definition at line 1506 of file proc.c.
1507{
1510
1511 /* Query the kernel */
1513 ProcessPriorityClass,
1514 &PriorityClass,
1515 sizeof(PriorityClass),
1516 NULL);
1518 {
1519 /* Handle the conversion from NT to Win32 classes */
1520 switch (PriorityClass.PriorityClass)
1521 {
1528 }
1529 }
1530
1531 /* Failure path */
1533 return 0;
1534}
ActualNumberDriverObjects * sizeof(PDRIVER_OBJECT)) PDRIVER_OBJECT *DriverObjectList
Referenced by ProcessPageShowContextMenu(), and test_query_process_priority().
◆ GetProcessAffinityMask()
| BOOL WINAPI GetProcessAffinityMask | ( | IN HANDLE | hProcess, |
| OUT PDWORD_PTR | lpProcessAffinityMask, | ||
| OUT PDWORD_PTR | lpSystemAffinityMask | ||
| ) |
Definition at line 860 of file proc.c.
863{
864 PROCESS_BASIC_INFORMATION ProcessInfo;
866
867 /* Query information on the process from the kernel */
870 &ProcessInfo,
871 sizeof(ProcessInfo),
872 NULL);
874 {
875 /* Fail */
878 }
879
880 /* Copy the affinity mask, and get the system one from our shared data */
884}
KAFFINITY ActiveProcessorsAffinityMask
Definition: ntddk_ex.h:167
Referenced by AffinityDialogWndProc(), START_TEST(), and test_thread_processor().
◆ GetProcessHandleCount()
Definition at line 1794 of file proc.c.
1796{
1797 ULONG phc;
1799
1800 /* Query the kernel */
1802 ProcessHandleCount,
1803 &phc,
1804 sizeof(phc),
1805 NULL);
1807 {
1808 /* Copy the count and return success */
1809 *pdwHandleCount = phc;
1811 }
1812
1813 /* Handle error path */
1816}
◆ GetProcessId()
Definition at line 1197 of file proc.c.
1198{
1199 PROCESS_BASIC_INFORMATION ProcessBasic;
1201
1202 /* Query the kernel */
1204 ProcessBasicInformation,
1205 &ProcessBasic,
1206 sizeof(ProcessBasic),
1207 NULL);
1209 {
1210 /* Handle failure */
1212 return 0;
1213 }
1214
1215 /* Return the PID */
1217}
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
◆ GetProcessIoCounters()
Definition at line 1710 of file proc.c.
1712{
1714
1715 /* Query the kernel. Structures are identical, so let it do the copy too. */
1717 ProcessIoCounters,
1718 lpIoCounters,
1720 NULL);
1722 {
1723 /* Handle error path */
1726 }
1727
1728 /* All done */
1730}
Definition: pstypes.h:82
Referenced by PerfDataRefresh().
◆ GetProcessPriorityBoost()
Definition at line 1737 of file proc.c.
1739{
1742
1743 /* Query the kernel */
1745 ProcessPriorityBoost,
1746 &PriorityBoost,
1748 NULL);
1750 {
1751 /* Convert from ULONG to a BOOL */
1754 }
1755
1756 /* Handle error path */
1759}
◆ GetProcessShutdownParameters()
Definition at line 917 of file proc.c.
919{
920 BASE_API_MESSAGE ApiMessage;
921 PBASE_GETSET_PROCESS_SHUTDOWN_PARAMS ShutdownParametersRequest = &ApiMessage.Data.ShutdownParametersRequest;
922
923 /* Ask CSRSS for shutdown information */
925 NULL,
927 sizeof(*ShutdownParametersRequest));
929 {
930 /* Return the failure from CSRSS */
933 }
934
935 /* Get the data back */
936 *lpdwLevel = ShutdownParametersRequest->ShutdownLevel;
937 *lpdwFlags = ShutdownParametersRequest->ShutdownFlags;
939}
BASE_GETSET_PROCESS_SHUTDOWN_PARAMS ShutdownParametersRequest
Definition: basemsg.h:294
◆ GetProcessTimes()
| BOOL WINAPI GetProcessTimes | ( | IN HANDLE | hProcess, |
| IN LPFILETIME | lpCreationTime, | ||
| IN LPFILETIME | lpExitTime, | ||
| IN LPFILETIME | lpKernelTime, | ||
| IN LPFILETIME | lpUserTime | ||
| ) |
Definition at line 1096 of file proc.c.
1101{
1102 KERNEL_USER_TIMES Kut;
1104
1105 /* Query the times */
1107 ProcessTimes,
1108 &Kut,
1109 sizeof(Kut),
1110 NULL);
1112 {
1113 /* Handle failure */
1116 }
1117
1118 /* Copy all the times and return success */
1128}
Definition: winternl.h:2373
struct _LARGE_INTEGER::@2505 u
◆ GetProcessVersion()
Definition at line 1609 of file proc.c.
1610{
1612 PIMAGE_NT_HEADERS NtHeader;
1613 PIMAGE_DOS_HEADER DosHeader;
1615 PROCESS_BASIC_INFORMATION ProcessBasicInfo;
1620 USHORT VersionData[2];
1622
1623 /* We'll be accessing stuff that can fault, so protect everything with SEH */
1624 _SEH2_TRY
1625 {
1626 /* It this an in-process or out-of-process request? */
1628 {
1629 /* It's in-process, so just read our own header */
1631 if (!NtHeader)
1632 {
1633 /* Unable to read the NT header, something is wrong here... */
1636 }
1637
1638 /* Get the version straight out of the NT header */
1641 }
1642 else
1643 {
1644 /* Out-of-process, so open it */
1646 FALSE,
1647 ProcessId);
1649
1650 /* Try to find out where its PEB lives */
1652 ProcessBasicInformation,
1653 &ProcessBasicInfo,
1654 sizeof(ProcessBasicInfo),
1655 NULL);
1656
1659
1660 /* Now that we have the PEB, read the image base address out of it */
1663 &BaseAddress,
1665 NULL);
1667
1668 /* Now read the e_lfanew (offset to NT header) from the base */
1669 DosHeader = BaseAddress;
1671 &DosHeader->e_lfanew,
1672 &e_lfanew,
1674 NULL);
1676
1677 /* And finally, read the NT header itself by adding the offset */
1681 &VersionData,
1682 sizeof(VersionData),
1683 NULL);
1685
1686 /* Get the version straight out of the NT header */
1688
1689Error:
1690 /* If there was an error anywhere, set the last error */
1692 }
1693 }
1694 _SEH2_FINALLY
1695 {
1696 /* Close the process handle */
1698 }
1699 _SEH2_END;
1700
1701 /* And return the version data */
1703}
HANDLE WINAPI OpenProcess(IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN DWORD dwProcessId)
Definition: proc.c:1224
Definition: ntddk_ex.h:99
_Must_inspect_result_ _In_ WDFDEVICE _In_ LPCGUID _Out_ PINTERFACE _In_ USHORT _In_ USHORT Version
Definition: wdffdo.h:469
Referenced by get_app_version(), GetSystemInfoInternal(), and SHLWAPI_InitAppCompat().
◆ GetProcessWorkingSetSize()
| BOOL WINAPI GetProcessWorkingSetSize | ( | IN HANDLE | hProcess, |
| OUT PSIZE_T | lpMinimumWorkingSetSize, | ||
| OUT PSIZE_T | lpMaximumWorkingSetSize | ||
| ) |
Definition at line 1008 of file proc.c.
1011{
1012 DWORD Dummy;
1014 lpMinimumWorkingSetSize,
1015 lpMaximumWorkingSetSize,
1016 &Dummy);
1017}
BOOL WINAPI GetProcessWorkingSetSizeEx(IN HANDLE hProcess, OUT PSIZE_T lpMinimumWorkingSetSize, OUT PSIZE_T lpMaximumWorkingSetSize, OUT PDWORD Flags)
Definition: proc.c:975
◆ GetProcessWorkingSetSizeEx()
| BOOL WINAPI GetProcessWorkingSetSizeEx | ( | IN HANDLE | hProcess, |
| OUT PSIZE_T | lpMinimumWorkingSetSize, | ||
| OUT PSIZE_T | lpMaximumWorkingSetSize, | ||
| OUT PDWORD | Flags | ||
| ) |
Definition at line 975 of file proc.c.
979{
980 QUOTA_LIMITS_EX QuotaLimits;
982
983 /* Query the kernel about this */
985 ProcessQuotaLimits,
986 &QuotaLimits,
987 sizeof(QuotaLimits),
988 NULL);
990 {
991 /* Return error */
994 }
995
996 /* Copy the quota information out */
997 *lpMinimumWorkingSetSize = QuotaLimits.MinimumWorkingSetSize;
998 *lpMaximumWorkingSetSize = QuotaLimits.MaximumWorkingSetSize;
1001}
Definition: pstypes.h:67
Referenced by GetProcessWorkingSetSize().
◆ GetStartupInfoW()
| VOID WINAPI GetStartupInfoW | ( | IN LPSTARTUPINFOW | lpStartupInfo | ) |
Definition at line 1265 of file proc.c.
1266{
1268
1269 /* Get the process parameters */
1271
1272 /* Copy the data out of there */
1274 lpStartupInfo->lpReserved = Params->ShellInfo.Buffer;
1275 lpStartupInfo->lpDesktop = Params->DesktopInfo.Buffer;
1276 lpStartupInfo->lpTitle = Params->WindowTitle.Buffer;
1277 lpStartupInfo->dwX = Params->StartingX;
1278 lpStartupInfo->dwY = Params->StartingY;
1279 lpStartupInfo->dwXSize = Params->CountX;
1280 lpStartupInfo->dwYSize = Params->CountY;
1281 lpStartupInfo->dwXCountChars = Params->CountCharsX;
1282 lpStartupInfo->dwYCountChars = Params->CountCharsY;
1283 lpStartupInfo->dwFillAttribute = Params->FillAttribute;
1284 lpStartupInfo->dwFlags = Params->WindowFlags;
1286 lpStartupInfo->cbReserved2 = Params->RuntimeData.Length;
1288
1289 /* Check if the standard handles are being used for other features */
1291 STARTF_USEHOTKEY |
1292 STARTF_SHELLPRIVATE))
1293 {
1294 /* These are, so copy the standard handles too */
1295 lpStartupInfo->hStdInput = Params->StandardInput;
1296 lpStartupInfo->hStdOutput = Params->StandardOutput;
1297 lpStartupInfo->hStdError = Params->StandardError;
1298 }
1299}
struct _STARTUPINFOW STARTUPINFOW
Referenced by alloc_console(), AttachConsole(), initialize_inherited_file_handles_nolock(), test_AllocConsole_child(), wmain(), and wWinMain().
◆ InitCommandLines()
Definition at line 839 of file proc.c.
840{
842
843 /* Read the UNICODE_STRING from the PEB */
845
846 /* Convert to ANSI_STRING for the *A callers */
848 &BaseUnicodeCommandLine,
849 TRUE);
851}
NTSYSAPI NTSTATUS NTAPI RtlUnicodeStringToAnsiString(PANSI_STRING DestinationString, PUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)
Referenced by DllMain().
◆ IsWow64Process()
◆ OpenProcess()
| HANDLE WINAPI OpenProcess | ( | IN DWORD | dwDesiredAccess, |
| IN BOOL | bInheritHandle, | ||
| IN DWORD | dwProcessId | ||
| ) |
Definition at line 1224 of file proc.c.
1227{
1232
1233 /* Setup the input client ID structure */
1236
1237 /* This is needed just to define the inheritance flags */
1239 NULL,
1241 NULL,
1242 NULL);
1243
1244 /* Now try to open the process */
1246 dwDesiredAccess,
1247 &ObjectAttributes,
1248 &ClientId);
1250 {
1251 /* Handle failure */
1254 }
1255
1256 /* Otherwise return a handle to the process */
1258}
NTSTATUS NTAPI NtOpenProcess(OUT PHANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PCLIENT_ID ClientId)
Definition: process.c:1440
Referenced by _DoDLLInjection(), _RpcCommitSpoolData2(), _RpcGetSpoolFileInfo2(), CIconWatcher::AddIconToWatcher(), child_process(), child_process_exit_process_async(), CloseProcess(), CloseProcessAndVerify_(), DebugActiveProcess(), DebugActiveProcessStop(), debugcontrol_WaitForEvent(), dll_entry_point(), doChild(), DoSetPriority(), enum_modules64(), ExecuteKill(), get_droptarget_local_handle(), get_proc_address64(), get_process_name_from_pid(), GetOwnerModuleFromPidEntry(), GetProcessExecutablePathById(), GetProcessHandleFromHwnd(), GetProcessVersion(), GetThemeServiceProcessHandle(), Ghost_DestroyTarget(), IsProcessRunning(), ObjectFromLresult(), PerfDataGetCommandLine(), PerfDataRefresh(), PNP_ReportLogOn(), ProcessIdToSessionId(), ProcessKeys(), ProcessList_Update(), ProcessPage_OnEndProcess(), ProcessPage_OnEndProcessTree(), ProcessPage_OnSetAffinity(), ProcessPageShowContextMenu(), ProcessRunning(), SeclCreateProcessWithLogonW(), SHMapHandle(), ShutdownProcessTreeHelper(), START_TEST(), terminate_processes(), test_D3DKMTQueryVideoMemoryInfo(), test_duplicate_handle_access_child(), test_exception_dispatcher(), test_ExitProcess(), test_init_block(), test_nt_wow64(), test_OpenProcess(), test_parent_process_attribute(), test_process_id(), test_process_security_child(), test_query_process_handlecount(), test_query_process_times(), test_query_process_vm(), test_QueryFullProcessImageNameW(), test_readvirtualmemory(), test_syscalls(), test_Toolhelp(), test_ws_functions(), Toolhelp32ReadProcessMemory(), WSPDuplicateSocket(), and wWinMain().
◆ ProcessIdToSessionId()
Definition at line 2024 of file proc.c.
2026{
2027 PROCESS_SESSION_INFORMATION SessionInformation;
2032
2033 /* Do a quick check if the pointer is not writable */
2035 {
2036 /* Fail fast */
2039 }
2040
2041 /* Open the process passed in by ID */
2047 &ObjectAttributes,
2048 &ClientId);
2050 {
2051 /* Query the session ID from the kernel */
2054 &SessionInformation,
2055 sizeof(SessionInformation),
2056 NULL);
2057
2058 /* Close the handle and check if we succeeded */
2061 {
2062 /* Return the session ID */
2063 *pSessionId = SessionInformation.SessionId;
2065 }
2066 }
2067
2068 /* Set error code and fail */
2071}
Definition: pstypes.h:405
Referenced by AddPortW(), child_process_check_session_id(), ConfigurePortW(), START_TEST(), test_namedpipe_session_id(), and test_SHCreateSessionKey().
◆ ReadProcessMemory()
| BOOL NTAPI ReadProcessMemory | ( | IN HANDLE | hProcess, |
| IN LPCVOID | lpBaseAddress, | ||
| IN LPVOID | lpBuffer, | ||
| IN SIZE_T | nSize, | ||
| OUT SIZE_T * | lpNumberOfBytesRead | ||
| ) |
◆ RegisterWaitForInputIdle()
| VOID WINAPI RegisterWaitForInputIdle | ( | WaitForInputIdleType | lpfnRegisterWaitForInputIdle | ) |
◆ SetPriorityClass()
Definition at line 1541 of file proc.c.
1543{
1546 PROCESS_PRIORITY_CLASS PriorityClass;
1547
1548 /* Handle conversion from Win32 to NT priority classes */
1549 switch (dwPriorityClass)
1550 {
1553 break;
1554
1557 break;
1558
1561 break;
1562
1565 break;
1566
1569 break;
1570
1572 /* Try to acquire the privilege. If it fails, just use HIGH */
1576 break;
1577
1578 default:
1579 /* Unrecognized priority classes don't make it to the kernel */
1582 }
1583
1584 /* Send the request to the kernel, and don't touch the foreground flag */
1587 ProcessPriorityClass,
1588 &PriorityClass,
1590
1591 /* Release the privilege if we had it */
1594 {
1595 /* Handle error path */
1598 }
1599
1600 /* All done */
1602}
Definition: stack_allocator.h:18
Referenced by CsrSetPriorityClass(), DoSetPriority(), main(), test_query_process_priority(), UpdatePriority(), and wWinMain().
◆ SetProcessAffinityMask()
Definition at line 891 of file proc.c.
893{
895
896 /* Directly set the affinity mask */
898 ProcessAffinityMask,
899 (PVOID)&dwProcessAffinityMask,
900 sizeof(dwProcessAffinityMask));
902 {
903 /* Handle failure */
906 }
907
908 /* Everything was ok */
910}
Referenced by AffinityDialogWndProc(), and cmd_start().
◆ SetProcessPriorityBoost()
Definition at line 1766 of file proc.c.
1768{
1771
1772 /* Enforce that this is a BOOL, and send it to the kernel as a ULONG */
1775 ProcessPriorityBoost,
1776 &PriorityBoost,
1779 {
1780 /* Handle error path */
1783 }
1784
1785 /* All done */
1787}
◆ SetProcessShutdownParameters()
Definition at line 946 of file proc.c.
948{
949 BASE_API_MESSAGE ApiMessage;
950 PBASE_GETSET_PROCESS_SHUTDOWN_PARAMS ShutdownParametersRequest = &ApiMessage.Data.ShutdownParametersRequest;
951
952 /* Write the data into the CSRSS request and send it */
953 ShutdownParametersRequest->ShutdownLevel = dwLevel;
956 NULL,
958 sizeof(*ShutdownParametersRequest));
960 {
961 /* Return the failure from CSRSS */
964 }
965
966 /* All went well */
968}
Referenced by _tWinMain(), and wWinMain().
◆ SetProcessWorkingSetSize()
| BOOL WINAPI SetProcessWorkingSetSize | ( | IN HANDLE | hProcess, |
| IN SIZE_T | dwMinimumWorkingSetSize, | ||
| IN SIZE_T | dwMaximumWorkingSetSize | ||
| ) |
Definition at line 1080 of file proc.c.
1083{
1084 /* Call the newer API */
1086 dwMinimumWorkingSetSize,
1087 dwMaximumWorkingSetSize,
1088 0);
1089}
BOOL WINAPI SetProcessWorkingSetSizeEx(IN HANDLE hProcess, IN SIZE_T dwMinimumWorkingSetSize, IN SIZE_T dwMaximumWorkingSetSize, IN DWORD Flags)
Definition: proc.c:1024
◆ SetProcessWorkingSetSizeEx()
| BOOL WINAPI SetProcessWorkingSetSizeEx | ( | IN HANDLE | hProcess, |
| IN SIZE_T | dwMinimumWorkingSetSize, | ||
| IN SIZE_T | dwMaximumWorkingSetSize, | ||
| IN DWORD | Flags | ||
| ) |
Definition at line 1024 of file proc.c.
1028{
1029 QUOTA_LIMITS_EX QuotaLimits;
1034
1035 /* Zero out the input structure */
1037
1038 /* Check if the caller sent any limits */
1039 if ((dwMinimumWorkingSetSize) && (dwMaximumWorkingSetSize))
1040 {
1041 /* Write the quota information */
1042 QuotaLimits.MinimumWorkingSetSize = dwMinimumWorkingSetSize;
1043 QuotaLimits.MaximumWorkingSetSize = dwMaximumWorkingSetSize;
1045
1046 /* Acquire the required privilege */
1048
1049 /* Request the new quotas */
1051 ProcessQuotaLimits,
1052 &QuotaLimits,
1053 sizeof(QuotaLimits));
1056 {
1057 /* Release the privilege and set succes code */
1061 }
1062 }
1063 else
1064 {
1065 /* No limits, fail the call */
1066 ReturnStatus = STATUS_INVALID_PARAMETER;
1068 }
1069
1070 /* Return result code, set error code if this was a failure */
1073}
Referenced by EmptyWorkingSet(), and SetProcessWorkingSetSize().
◆ StuffStdHandle()
| VOID WINAPI StuffStdHandle | ( | IN HANDLE | ProcessHandle, |
| IN HANDLE | StandardHandle, | ||
| IN PHANDLE | Address | ||
| ) |
Definition at line 55 of file proc.c.
58{
60 HANDLE DuplicatedHandle;
61 SIZE_T NumberOfBytesWritten;
62
63 /* If there is no handle to duplicate, return immediately */
64 if (!StandardHandle) return;
65
66 /* Duplicate the handle */
68 StandardHandle,
69 ProcessHandle,
70 &DuplicatedHandle,
71 0,
72 0,
76
77 /* Write it */
79 Address,
80 &DuplicatedHandle,
82 &NumberOfBytesWritten);
83}
NTSTATUS NTAPI NtDuplicateObject(IN HANDLE SourceProcessHandle, IN HANDLE SourceHandle, IN HANDLE TargetProcessHandle OPTIONAL, OUT PHANDLE TargetHandle OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG HandleAttributes, IN ULONG Options)
Definition: obhandle.c:3410
#define DUPLICATE_SAME_ACCESS
Referenced by CreateProcessInternalW().
◆ TerminateProcess()
Definition at line 1375 of file proc.c.
1377{
1379
1380 /* Check if no handle was passed in */
1382 {
1383 /* Set error code */
1385 }
1386 else
1387 {
1388 /* Otherwise, try to terminate the process */
1391
1392 /* It failed, convert error code */
1394 }
1395
1396 /* This is the failure path */
1398}
Referenced by child_process(), Telnet::Close(), CloseProcess(), common_message_window(), ConsoleIMERoutine(), CorDebug_CreateProcess(), cordebugprocess_Terminate(), CPlApplet(), crash_and_debug(), CreateProcessAsUserCommon(), do_register_dll(), DoTestEntry(), ExecuteKill(), ExecutePipeline(), exit_or_terminate_process(), Ghost_DestroyTarget(), ProcessKeys(), ProcessPage_OnEndProcess(), RaiseFailFastException(), read_reg_output_(), run_ex(), run_reg_exe_(), run_regedit_exe_(), runcmd(), ScreenSaverConfig(), ScreenSaverPageProc(), ScreenSaverPreview(), SetScreenSaverPreviewBox(), ShutdownProcessTreeHelper(), START_TEST(), StartScreenSaver(), terminate_processes(), TerminateShell(), test_apc_deadlock(), test_async_cancel_on_handle_close(), test_BreakawayOk(), test_CompletionPort(), test_CreateRemoteThread(), test_CtrlHandlerSubsystem(), test_debugger(), test_Directory(), TEST_DoTestEntryStruct(), test_EnumProcessModules(), test_ExitProcess(), test_GetProcessVersion(), test_IsProcessInJob(), test_IsWow64Process(), test_IsWow64Process2(), test_job_list_attribute(), test_kill_on_exit(), test_KillOnJobClose(), Test_layers(), test_loadpaths_execute(), test_nested_jobs(), test_nested_jobs_child(), test_NtMapViewOfSection(), test_NtMapViewOfSectionEx(), test_overlapped_transport(), test_peb_teb(), test_process_access(), test_query_architectures(), test_QueryInformationJobObject(), Test_repeatlayer(), test_RunSetupCommand(), test_section_access(), test_TerminateJobObject(), test_TerminateProcess(), test_VirtualAllocEx(), test_WaitForInputIdle(), TestTerminateProcess(), UnhandledExceptionFilter(), WshExec_Terminate(), wWinMain(), and CProcess::~CProcess().
◆ WriteProcessMemory()
| BOOL NTAPI WriteProcessMemory | ( | IN HANDLE | hProcess, |
| IN LPVOID | lpBaseAddress, | ||
| IN LPCVOID | lpBuffer, | ||
| IN SIZE_T | nSize, | ||
| OUT SIZE_T * | lpNumberOfBytesWritten | ||
| ) |
Definition at line 1905 of file proc.c.
1910{
1912 ULONG OldValue;
1916
1917 /* Set parameters for protect call */
1919 Base = lpBaseAddress;
1920
1921 /* Check the current status */
1923 &Base,
1924 &RegionSize,
1925 PAGE_EXECUTE_READWRITE,
1926 &OldValue);
1928 {
1929 /* Check if we are unprotecting */
1931 PAGE_WRITECOPY |
1932 PAGE_EXECUTE_READWRITE |
1935 {
1936 /* Set the new protection */
1938 &Base,
1939 &RegionSize,
1940 OldValue,
1941 &OldValue);
1942
1943 /* Write the memory */
1945 lpBaseAddress,
1947 nSize,
1948 &nSize);
1949
1950 /* In Win32, the parameter is optional, so handle this case */
1952
1954 {
1955 /* We failed */
1958 }
1959
1960 /* Flush the ITLB */
1963 }
1964 else
1965 {
1966 /* Check if we were read only */
1968 {
1969 /* Restore protection and fail */
1971 &Base,
1972 &RegionSize,
1973 OldValue,
1974 &OldValue);
1976
1977 /* Note: This is what Windows returns and code depends on it */
1979 }
1980
1981 /* Otherwise, do the write */
1983 lpBaseAddress,
1985 nSize,
1986 &nSize);
1987
1988 /* In Win32, the parameter is optional, so handle this case */
1990
1991 /* And restore the protection */
1993 &Base,
1994 &RegionSize,
1995 OldValue,
1996 &OldValue);
1998 {
1999 /* We failed */
2001
2002 /* Note: This is what Windows returns and code depends on it */
2004 }
2005
2006 /* Flush the ITLB */
2009 }
2010 }
2011 else
2012 {
2013 /* We failed */
2016 }
2017}
NTSTATUS NTAPI NtProtectVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UnsafeBaseAddress, IN OUT SIZE_T *UnsafeNumberOfBytesToProtect, IN ULONG NewAccessProtection, OUT PULONG UnsafeOldAccessProtection)
Definition: virtual.c:3076
Definition: delayimp.cpp:70
Referenced by _DoDLLInjection(), hook_notification_function(), test_cross_process_notifications(), test_debugger(), test_notifications(), and test_VirtualAllocEx().
Variable Documentation
◆ BaseAnsiCommandLine
| ANSI_STRING BaseAnsiCommandLine |
Definition at line 21 of file proc.c.
Referenced by GetCommandLineA(), and InitCommandLines().
◆ BasepAppCertDllsList
| LIST_ENTRY BasepAppCertDllsList |
Definition at line 26 of file proc.c.
Referenced by BasepIsProcessAllowed(), and DllMain().
◆ BasepAppCertTable
| RTL_QUERY_REGISTRY_TABLE BasepAppCertTable[2] |
Initial value:
=
{
{
1,
L"AppCertDlls",
0,
NULL,
0
}
}
NTSTATUS NTAPI BasepConfigureAppCertDlls(IN PWSTR ValueName, IN ULONG ValueType, IN PVOID ValueData, IN ULONG ValueLength, IN PVOID Context, IN PVOID EntryContext)
Definition: proc.c:187
Definition at line 30 of file proc.c.
Referenced by BasepIsProcessAllowed().
◆ BasePathVariableName
| UNICODE_STRING BasePathVariableName = RTL_CONSTANT_STRING(L"PATH") |
Definition at line 22 of file proc.c.
Referenced by BasepComputeProcessPath().
◆ BasepExeLdrEntry
| PLDR_DATA_TABLE_ENTRY BasepExeLdrEntry |
Definition at line 23 of file proc.c.
Referenced by BasepComputeProcessPath(), BasepLocateExeLdrEntry(), and LoadLibraryExW().
◆ BaseUnicodeCommandLine
| UNICODE_STRING BaseUnicodeCommandLine |
Definition at line 20 of file proc.c.
Referenced by GetCommandLineW(), and InitCommandLines().
◆ fEmbeddedCertFunc
| PBASEP_APPCERT_EMBEDDED_FUNC fEmbeddedCertFunc |
Definition at line 28 of file proc.c.
Referenced by BasepIsProcessAllowed().
◆ g_AppCertInitialized
| BOOLEAN g_AppCertInitialized |
Definition at line 24 of file proc.c.
Referenced by BasepIsProcessAllowed().
◆ g_AppCertStatus
| NTSTATUS g_AppCertStatus |
Definition at line 29 of file proc.c.
Referenced by BasepIsProcessAllowed().
◆ g_HaveAppCerts
| BOOLEAN g_HaveAppCerts |
Definition at line 25 of file proc.c.
Referenced by BasepIsProcessAllowed().
◆ g_SaferReplaceProcessThreadTokens
| PSAFER_REPLACE_PROCESS_THREAD_TOKENS g_SaferReplaceProcessThreadTokens |
Definition at line 43 of file proc.c.
Referenced by BasepReplaceProcessThreadTokens().
◆ gcsAppCert
| RTL_CRITICAL_SECTION gcsAppCert |
Definition at line 27 of file proc.c.
Referenced by BasepIsProcessAllowed(), BasepReplaceProcessThreadTokens(), and DllMain().
◆ gSaferHandle
Definition at line 44 of file proc.c.
Referenced by BasepReplaceProcessThreadTokens().
