ReactOS 0.4.15-dev-7788-g1ad9096
proc.c File Reference
#include <k32.h>
#include <debug.h>
Include dependency graph for proc.c:

Go to the source code of this file.

Macros

#define NDEBUG
 
#define CMD_STRING   L"cmd /c "
 
#define AddToHandle(x, y)   ((x) = (HANDLE)((ULONG_PTR)(x) | (y)))
 
#define RemoveFromHandle(x, y)   ((x) = (HANDLE)((ULONG_PTR)(x) & ~(y)))
 

Functions

VOID WINAPI RegisterWaitForInputIdle (WaitForInputIdleType lpfnRegisterWaitForInputIdle)
 
VOID WINAPI StuffStdHandle (IN HANDLE ProcessHandle, IN HANDLE StandardHandle, IN PHANDLE Address)
 
BOOLEAN WINAPI BuildSubSysCommandLine (IN LPCWSTR SubsystemName, IN LPCWSTR ApplicationName, IN LPCWSTR CommandLine, OUT PUNICODE_STRING SubsysCommandLine)
 
BOOLEAN WINAPI BasepIsImageVersionOk (IN ULONG ImageMajorVersion, IN ULONG ImageMinorVersion)
 
NTSTATUS WINAPI BasepCheckWebBladeHashes (IN HANDLE FileHandle)
 
NTSTATUS NTAPI BasepSaveAppCertRegistryValue (IN PLIST_ENTRY List, IN PWCHAR ComponentName, IN PWCHAR DllName)
 
NTSTATUS NTAPI BasepConfigureAppCertDlls (IN PWSTR ValueName, IN ULONG ValueType, IN PVOID ValueData, IN ULONG ValueLength, IN PVOID Context, IN PVOID EntryContext)
 
NTSTATUS WINAPI BasepIsProcessAllowed (IN LPWSTR ApplicationName)
 
NTSTATUS WINAPI BasepReplaceProcessThreadTokens (IN HANDLE TokenHandle, IN HANDLE ProcessHandle, IN HANDLE ThreadHandle)
 
VOID WINAPI BasepSxsCloseHandles (IN PBASE_MSG_SXS_HANDLES Handles)
 
DECLSPEC_NORETURN VOID WINAPI BaseProcessStartup (_In_ PPROCESS_START_ROUTINE lpStartAddress)
 
BOOLEAN WINAPI BasePushProcessParameters (IN ULONG ParameterFlags, IN HANDLE ProcessHandle, IN PPEB RemotePeb, IN LPCWSTR ApplicationPathName, IN LPWSTR lpCurrentDirectory, IN LPWSTR lpCommandLine, IN LPVOID lpEnvironment, IN LPSTARTUPINFOW StartupInfo, IN DWORD CreationFlags, IN BOOL InheritHandles, IN ULONG ImageSubsystem, IN PVOID AppCompatData, IN ULONG AppCompatDataSize)
 
VOID WINAPI InitCommandLines (VOID)
 
BOOL WINAPI GetProcessAffinityMask (IN HANDLE hProcess, OUT PDWORD_PTR lpProcessAffinityMask, OUT PDWORD_PTR lpSystemAffinityMask)
 
BOOL WINAPI SetProcessAffinityMask (IN HANDLE hProcess, IN DWORD_PTR dwProcessAffinityMask)
 
BOOL WINAPI GetProcessShutdownParameters (OUT LPDWORD lpdwLevel, OUT LPDWORD lpdwFlags)
 
BOOL WINAPI SetProcessShutdownParameters (IN DWORD dwLevel, IN DWORD dwFlags)
 
BOOL WINAPI GetProcessWorkingSetSizeEx (IN HANDLE hProcess, OUT PSIZE_T lpMinimumWorkingSetSize, OUT PSIZE_T lpMaximumWorkingSetSize, OUT PDWORD Flags)
 
BOOL WINAPI GetProcessWorkingSetSize (IN HANDLE hProcess, OUT PSIZE_T lpMinimumWorkingSetSize, OUT PSIZE_T lpMaximumWorkingSetSize)
 
BOOL WINAPI SetProcessWorkingSetSizeEx (IN HANDLE hProcess, IN SIZE_T dwMinimumWorkingSetSize, IN SIZE_T dwMaximumWorkingSetSize, IN DWORD Flags)
 
BOOL WINAPI SetProcessWorkingSetSize (IN HANDLE hProcess, IN SIZE_T dwMinimumWorkingSetSize, IN SIZE_T dwMaximumWorkingSetSize)
 
BOOL WINAPI GetProcessTimes (IN HANDLE hProcess, IN LPFILETIME lpCreationTime, IN LPFILETIME lpExitTime, IN LPFILETIME lpKernelTime, IN LPFILETIME lpUserTime)
 
HANDLE WINAPI GetCurrentProcess (VOID)
 
HANDLE WINAPI GetCurrentThread (VOID)
 
DWORD WINAPI GetCurrentProcessId (VOID)
 
BOOL WINAPI GetExitCodeProcess (IN HANDLE hProcess, IN LPDWORD lpExitCode)
 
DWORD WINAPI GetProcessId (IN HANDLE Process)
 
HANDLE WINAPI OpenProcess (IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN DWORD dwProcessId)
 
VOID WINAPI RegisterWaitForInputIdle (IN WaitForInputIdleType lpfnRegisterWaitForInputIdle)
 
VOID WINAPI GetStartupInfoW (IN LPSTARTUPINFOW lpStartupInfo)
 
VOID WINAPI GetStartupInfoA (IN LPSTARTUPINFOA lpStartupInfo)
 
BOOL WINAPI FlushInstructionCache (IN HANDLE hProcess, IN LPCVOID lpBaseAddress, IN SIZE_T nSize)
 
VOID WINAPI ExitProcess (IN UINT uExitCode)
 
BOOL WINAPI TerminateProcess (IN HANDLE hProcess, IN UINT uExitCode)
 
VOID WINAPI FatalAppExitA (UINT uAction, LPCSTR lpMessageText)
 
VOID WINAPI FatalAppExitW (IN UINT uAction, IN LPCWSTR lpMessageText)
 
VOID WINAPI FatalExit (IN int ExitCode)
 
DWORD WINAPI GetPriorityClass (IN HANDLE hProcess)
 
BOOL WINAPI SetPriorityClass (IN HANDLE hProcess, IN DWORD dwPriorityClass)
 
DWORD WINAPI GetProcessVersion (IN DWORD ProcessId)
 
BOOL WINAPI GetProcessIoCounters (IN HANDLE hProcess, OUT PIO_COUNTERS lpIoCounters)
 
BOOL WINAPI GetProcessPriorityBoost (IN HANDLE hProcess, OUT PBOOL pDisablePriorityBoost)
 
BOOL WINAPI SetProcessPriorityBoost (IN HANDLE hProcess, IN BOOL bDisablePriorityBoost)
 
BOOL WINAPI GetProcessHandleCount (IN HANDLE hProcess, OUT PDWORD pdwHandleCount)
 
BOOL WINAPI IsWow64Process (IN HANDLE hProcess, OUT PBOOL Wow64Process)
 
LPSTR WINAPI GetCommandLineA (VOID)
 
LPWSTR WINAPI GetCommandLineW (VOID)
 
BOOL NTAPI ReadProcessMemory (IN HANDLE hProcess, IN LPCVOID lpBaseAddress, IN LPVOID lpBuffer, IN SIZE_T nSize, OUT SIZE_T *lpNumberOfBytesRead)
 
BOOL NTAPI WriteProcessMemory (IN HANDLE hProcess, IN LPVOID lpBaseAddress, IN LPCVOID lpBuffer, IN SIZE_T nSize, OUT SIZE_T *lpNumberOfBytesWritten)
 
BOOL WINAPI ProcessIdToSessionId (IN DWORD dwProcessId, OUT PDWORD pSessionId)
 
 C_ASSERT (PROCESS_PRIORITY_CLASS_REALTIME==(PROCESS_PRIORITY_CLASS_HIGH+1))
 
BOOL WINAPI CreateProcessInternalW (IN HANDLE hUserToken, IN LPCWSTR lpApplicationName, IN LPWSTR lpCommandLine, IN LPSECURITY_ATTRIBUTES lpProcessAttributes, IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN BOOL bInheritHandles, IN DWORD dwCreationFlags, IN LPVOID lpEnvironment, IN LPCWSTR lpCurrentDirectory, IN LPSTARTUPINFOW lpStartupInfo, IN LPPROCESS_INFORMATION lpProcessInformation, OUT PHANDLE hNewToken)
 
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessW (LPCWSTR lpApplicationName, LPWSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
 
BOOL WINAPI CreateProcessInternalA (HANDLE hToken, LPCSTR lpApplicationName, LPSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCSTR lpCurrentDirectory, LPSTARTUPINFOA lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation, PHANDLE hNewToken)
 
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessA (LPCSTR lpApplicationName, LPSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCSTR lpCurrentDirectory, LPSTARTUPINFOA lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
 
UINT WINAPI DECLSPEC_HOTPATCH WinExec (LPCSTR lpCmdLine, UINT uCmdShow)
 

Variables

WaitForInputIdleType UserWaitForInputIdleRoutine
 
UNICODE_STRING BaseUnicodeCommandLine
 
ANSI_STRING BaseAnsiCommandLine
 
UNICODE_STRING BasePathVariableName = RTL_CONSTANT_STRING(L"PATH")
 
LPSTARTUPINFOA BaseAnsiStartupInfo = NULL
 
PLDR_DATA_TABLE_ENTRY BasepExeLdrEntry
 
BOOLEAN g_AppCertInitialized
 
BOOLEAN g_HaveAppCerts
 
LIST_ENTRY BasepAppCertDllsList
 
RTL_CRITICAL_SECTION gcsAppCert
 
PBASEP_APPCERT_EMBEDDED_FUNC fEmbeddedCertFunc
 
NTSTATUS g_AppCertStatus
 
RTL_QUERY_REGISTRY_TABLE BasepAppCertTable [2]
 
PSAFER_REPLACE_PROCESS_THREAD_TOKENS g_SaferReplaceProcessThreadTokens
 
HMODULE gSaferHandle = (HMODULE)-1
 

Macro Definition Documentation

◆ AddToHandle

#define AddToHandle (   x,
  y 
)    ((x) = (HANDLE)((ULONG_PTR)(x) | (y)))

Definition at line 2225 of file proc.c.

◆ CMD_STRING

#define CMD_STRING   L"cmd /c "

Definition at line 51 of file proc.c.

◆ NDEBUG

#define NDEBUG

Definition at line 15 of file proc.c.

◆ RemoveFromHandle

#define RemoveFromHandle (   x,
  y 
)    ((x) = (HANDLE)((ULONG_PTR)(x) & ~(y)))

Definition at line 2226 of file proc.c.

Function Documentation

◆ BasepCheckWebBladeHashes()

NTSTATUS WINAPI BasepCheckWebBladeHashes ( IN HANDLE  FileHandle)

Definition at line 149 of file proc.c.

150{
152 CHAR Hash[16];
153
154 /* Get all the MD5 hashes */
156 if (!NT_SUCCESS(Status)) return Status;
157
158 /* Depending on which suite this is, run a bsearch and block the appropriate ones */
160 {
161 DPRINT1("Egad! This is a ReactOS Compute Server and we should prevent you from using certain APIs...but we won't.");
162 }
163 else if (SharedUserData->SuiteMask & VER_SUITE_STORAGE_SERVER)
164 {
165 DPRINT1("Gasp! This is a ReactOS Storage Server and we should prevent you from using certain APIs...but we won't.");
166 }
167 else if (SharedUserData->SuiteMask & VER_SUITE_BLADE)
168 {
169 DPRINT1("Golly! This is a ReactOS Web Blade Server and we should prevent you from using certain APIs...but we won't.");
170 }
171
172 /* Actually, fuck it, don't block anything, we're open source */
173 return STATUS_SUCCESS;
174}
LONG NTSTATUS
Definition: precomp.h:26
#define DPRINT1
Definition: precomp.h:8
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NTSYSAPI NTSTATUS NTAPI RtlComputeImportTableHash(IN HANDLE FileHandle, OUT PCHAR Hash, IN ULONG ImportTableHashSize)
Definition: libsupp.c:1024
static int Hash(const char *)
Definition: reader.c:2257
_Must_inspect_result_ _In_opt_ PFLT_INSTANCE _Out_ PHANDLE FileHandle
Definition: fltkernel.h:1231
Status
Definition: gdiplustypes.h:25
#define VER_SUITE_STORAGE_SERVER
#define VER_SUITE_COMPUTE_SERVER
#define VER_SUITE_BLADE
#define SharedUserData
#define STATUS_SUCCESS
Definition: shellext.h:65
char CHAR
Definition: xmlstorage.h:175

Referenced by CreateProcessInternalW().

◆ BasepConfigureAppCertDlls()

NTSTATUS NTAPI BasepConfigureAppCertDlls ( IN PWSTR  ValueName,
IN ULONG  ValueType,
IN PVOID  ValueData,
IN ULONG  ValueLength,
IN PVOID  Context,
IN PVOID  EntryContext 
)

Definition at line 189 of file proc.c.

195{
196 /* Add this to the certification list */
198}
NTSTATUS NTAPI BasepSaveAppCertRegistryValue(IN PLIST_ENTRY List, IN PWCHAR ComponentName, IN PWCHAR DllName)
Definition: proc.c:178
_In_ GUID _In_ PVOID ValueData
Definition: hubbusif.h:312
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING ValueName
Definition: wdfregistry.h:243

◆ BasepIsImageVersionOk()

BOOLEAN WINAPI BasepIsImageVersionOk ( IN ULONG  ImageMajorVersion,
IN ULONG  ImageMinorVersion 
)

Definition at line 123 of file proc.c.

125{
126 /* Accept images for NT 3.1 or higher */
127 if (ImageMajorVersion > 3 ||
128 (ImageMajorVersion == 3 && ImageMinorVersion >= 10))
129 {
130 /* ReactOS-specific: Accept images even if they are newer than our internal NT version. */
131 if (ImageMajorVersion > SharedUserData->NtMajorVersion ||
132 (ImageMajorVersion == SharedUserData->NtMajorVersion && ImageMinorVersion > SharedUserData->NtMinorVersion))
133 {
134 DPRINT1("Accepting image version %lu.%lu, although ReactOS is an NT %hu.%hu OS!\n",
135 ImageMajorVersion,
136 ImageMinorVersion,
137 SharedUserData->NtMajorVersion,
138 SharedUserData->NtMinorVersion);
139 }
140
141 return TRUE;
142 }
143
144 return FALSE;
145}
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117

Referenced by CreateProcessInternalW().

◆ BasepIsProcessAllowed()

NTSTATUS WINAPI BasepIsProcessAllowed ( IN LPWSTR  ApplicationName)

Definition at line 202 of file proc.c.

203{
204 NTSTATUS Status, Status1;
206 UINT Length;
207 HMODULE TrustLibrary;
209 ULONG CertFlag;
210 PLIST_ENTRY NextEntry;
212 UNICODE_STRING CertKey = RTL_CONSTANT_STRING(L"\\Registry\\MACHINE\\System\\CurrentControlSet\\Control\\Session Manager\\AppCertDlls");
214
215 /* Try to initialize the certification subsystem */
216 while (!g_AppCertInitialized)
217 {
218 /* Defaults */
220 Buffer = NULL;
221
222 /* Acquire the lock while initializing and see if we lost a race */
224 if (g_AppCertInitialized) break;
225
226 /* On embedded, there is a special DLL */
227 if (SharedUserData->SuiteMask & VER_SUITE_EMBEDDEDNT)
228 {
229 /* Allocate a buffer for the name */
230 Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
231 0,
232 MAX_PATH * sizeof(WCHAR) +
233 sizeof(UNICODE_NULL));
234 if (!Buffer)
235 {
236 /* Fail if no memory */
238 }
239 else
240 {
241 /* Now get the system32 directory in our buffer, make sure it fits */
242 Length = GetSystemDirectoryW(Buffer, MAX_PATH - sizeof("EmbdTrst.DLL"));
243 if ((Length) && (Length <= MAX_PATH - sizeof("EmbdTrst.DLL")))
244 {
245 /* Add a slash if needed, and add the embedded cert DLL name */
246 if (Buffer[Length - 1] != '\\') Buffer[Length++] = '\\';
248 L"EmbdTrst.DLL",
249 sizeof(L"EmbdTrst.DLL"));
250
251 /* Try to load it */
252 TrustLibrary = LoadLibraryW(Buffer);
253 if (TrustLibrary)
254 {
255 /* And extract the special function out of it */
256 fEmbeddedCertFunc = (PVOID)GetProcAddress(TrustLibrary,
257 "ImageOkToRunOnEmbeddedNT");
258 }
259 }
260
261 /* If we didn't get this far, set a failure code */
263 }
264 }
265 else
266 {
267 /* Other systems have a registry entry for this */
269 if (NT_SUCCESS(Status1))
270 {
271 /* Close it, we'll query it through Rtl */
273
274 /* Do the query, which will call a special callback */
276 L"Session Manager",
278 NULL,
279 NULL);
281 {
283 }
284 }
285 }
286
287 /* Free any buffer if we had one */
288 if (Buffer) RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer);
289
290 /* Check for errors, or a missing embedded/custom certification DLL */
291 if (!NT_SUCCESS(Status) ||
293 {
294 /* The subsystem is not active on this machine, so give up */
297 }
298 else
299 {
300 /* We have certification DLLs active, remember this */
302 }
303
304 /* We are done the initialization phase, release the lock */
307 }
308
309 /* If there's no certification DLLs present, return the failure code */
310 if (!g_HaveAppCerts) return g_AppCertStatus;
311
312 /* Otherwise, assume success and make sure we have *something* */
315
316 /* If the something is an embedded certification DLL, call it and return */
318
319 /* Otherwise we have custom certification DLLs, parse them */
320 NextEntry = BasepAppCertDllsList.Flink;
321 CertFlag = 2;
322 while (NextEntry != &BasepAppCertDllsList)
323 {
324 /* Make sure the entry has a callback */
326 ASSERT(Entry->fPluginCertFunc != NULL);
327
328 /* Call it and check if it failed */
329 Status = Entry->fPluginCertFunc(ApplicationName, 1);
330 if (!NT_SUCCESS(Status)) CertFlag = 3;
331
332 /* Move on */
333 NextEntry = NextEntry->Flink;
334 }
335
336 /* Now loop them again */
337 NextEntry = BasepAppCertDllsList.Flink;
338 while (NextEntry != &BasepAppCertDllsList)
339 {
340 /* Make sure the entry has a callback */
342 ASSERT(Entry->fPluginCertFunc != NULL);
343
344 /* Call it, this time with the flag from the loop above */
345 Status = Entry->fPluginCertFunc(ApplicationName, CertFlag);
346 }
347
348 /* All done, return the status */
349 return Status;
350}
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:590
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:608
Definition: bufpool.h:45
#define NULL
Definition: types.h:112
#define GetProcAddress(x, y)
Definition: compat.h:753
#define MAX_PATH
Definition: compat.h:34
#define LoadLibraryW(x)
Definition: compat.h:747
UINT WINAPI GetSystemDirectoryW(OUT LPWSTR lpBuffer, IN UINT uSize)
Definition: path.c:2313
PBASEP_APPCERT_EMBEDDED_FUNC fEmbeddedCertFunc
Definition: proc.c:30
RTL_QUERY_REGISTRY_TABLE BasepAppCertTable[2]
Definition: proc.c:32
RTL_CRITICAL_SECTION gcsAppCert
Definition: proc.c:29
LIST_ENTRY BasepAppCertDllsList
Definition: proc.c:28
BOOLEAN g_AppCertInitialized
Definition: proc.c:26
BOOLEAN g_HaveAppCerts
Definition: proc.c:27
NTSTATUS g_AppCertStatus
Definition: proc.c:31
#define IsListEmpty(ListHead)
Definition: env_spec_w32.h:954
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
NTSYSAPI NTSTATUS WINAPI RtlQueryRegistryValues(ULONG, PCWSTR, PRTL_QUERY_REGISTRY_TABLE, PVOID, PVOID)
#define ASSERT(a)
Definition: mode.c:44
PVOID PVOID PWCHAR ApplicationName
Definition: env.c:47
unsigned int UINT
Definition: ndis.h:50
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4715
NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
#define RTL_REGISTRY_CONTROL
Definition: nt_native.h:163
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
#define KEY_READ
Definition: nt_native.h:1023
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3402
#define UNICODE_NULL
#define VER_SUITE_EMBEDDEDNT
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
#define RTL_CONSTANT_OBJECT_ATTRIBUTES(n, a)
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
#define L(x)
Definition: ntvdm.h:50
base of all file and directory entries
Definition: entries.h:83
Definition: kernel32.h:389
Definition: typedefs.h:120
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
#define RTL_CONSTANT_STRING(s)
Definition: tunneltest.c:14
void * PVOID
Definition: typedefs.h:50
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
uint16_t * PWCHAR
Definition: typedefs.h:56
#define CONTAINING_RECORD(address, type, field)
Definition: typedefs.h:260
uint32_t ULONG
Definition: typedefs.h:59
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132
#define STATUS_OBJECT_NAME_NOT_FOUND
Definition: udferr_usr.h:149
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK _In_opt_ PWDF_OBJECT_ATTRIBUTES KeyAttributes
Definition: wdfdevice.h:2660
__wchar_t WCHAR
Definition: xmlstorage.h:180

Referenced by CreateProcessInternalW().

◆ BasepReplaceProcessThreadTokens()

NTSTATUS WINAPI BasepReplaceProcessThreadTokens ( IN HANDLE  TokenHandle,
IN HANDLE  ProcessHandle,
IN HANDLE  ThreadHandle 
)

Definition at line 354 of file proc.c.

357{
359 ANSI_STRING SaferiReplaceProcessThreadTokens = RTL_CONSTANT_STRING("SaferiReplaceProcessThreadTokens");
360
361 /* Enter the application certification lock */
363
364 /* Check if we already know the function */
366 {
367 /* Call it */
370 ThreadHandle) ?
373 }
374 else
375 {
376 /* Check if the app certification DLL isn't loaded */
377 if (!(gSaferHandle) ||
378 (gSaferHandle == (HMODULE)-1) ||
379 (gSaferHandle == (HMODULE)-2))
380 {
381 /* Then we can't call the function */
383 }
384 else
385 {
386 /* We have the DLL, find the address of the Safer function */
388 &SaferiReplaceProcessThreadTokens,
389 0,
391 if (NT_SUCCESS(Status))
392 {
393 /* Found it, now call it */
396 ThreadHandle) ?
399 }
400 else
401 {
402 /* We couldn't find it, so this must be an unsupported DLL */
406 }
407 }
408 }
409
410 /* Release the lock and return the result */
412 return Status;
413}
HMODULE gSaferHandle
Definition: proc.c:46
PSAFER_REPLACE_PROCESS_THREAD_TOKENS g_SaferReplaceProcessThreadTokens
Definition: proc.c:45
NTSTATUS NTAPI LdrUnloadDll(_In_ PVOID BaseAddress)
Definition: ldrapi.c:1331
NTSTATUS NTAPI LdrGetProcedureAddress(_In_ PVOID BaseAddress, _In_opt_ _When_(Ordinal==0, _Notnull_) PANSI_STRING Name, _In_opt_ _When_(Name==NULL, _In_range_(>, 0)) ULONG Ordinal, _Out_ PVOID *ProcedureAddress)
Definition: ldrapi.c:829
_In_ HANDLE ProcessHandle
Definition: mmfuncs.h:403
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
Definition: psfuncs.h:726
#define STATUS_ENTRYPOINT_NOT_FOUND
Definition: ntstatus.h:549

Referenced by CreateProcessInternalW().

◆ BaseProcessStartup()

DECLSPEC_NORETURN VOID WINAPI BaseProcessStartup ( _In_ PPROCESS_START_ROUTINE  lpStartAddress)

Definition at line 451 of file proc.c.

453{
455 {
456 /* Set our Start Address */
459 &lpStartAddress,
460 sizeof(PPROCESS_START_ROUTINE));
461
462 /* Call the Start Routine */
463 ExitThread(lpStartAddress());
464 }
466 {
467 /* Get the Exit code from the SEH Handler */
469 {
470 /* Kill the whole process, usually */
472 }
473 else
474 {
475 /* If running inside CSRSS, kill just this thread */
477 }
478 }
479 _SEH2_END;
480}
@ ThreadQuerySetWin32StartAddress
Definition: compat.h:944
BOOLEAN BaseRunningInServerProcess
Definition: dllmain.c:20
LONG WINAPI UnhandledExceptionFilter(IN PEXCEPTION_POINTERS ExceptionInfo)
Definition: except.c:269
VOID WINAPI ExitProcess(IN UINT uExitCode)
Definition: proc.c:1487
VOID WINAPI ExitThread(IN DWORD uExitCode)
Definition: thread.c:365
#define _SEH2_END
Definition: filesup.c:22
#define _SEH2_TRY
Definition: filesup.c:19
DWORD(WINAPI * PPROCESS_START_ROUTINE)(VOID)
Definition: kernel32.h:249
NTSTATUS NTAPI NtSetInformationThread(IN HANDLE ThreadHandle, IN THREADINFOCLASS ThreadInformationClass, IN PVOID ThreadInformation, IN ULONG ThreadInformationLength)
Definition: query.c:2018
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:159
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:34
#define _SEH2_GetExceptionInformation()
Definition: pseh2_64.h:158
#define NtCurrentThread()

Referenced by BaseInitializeContext().

◆ BasepSaveAppCertRegistryValue()

NTSTATUS NTAPI BasepSaveAppCertRegistryValue ( IN PLIST_ENTRY  List,
IN PWCHAR  ComponentName,
IN PWCHAR  DllName 
)

Definition at line 178 of file proc.c.

181{
182 /* Pretty much the only thing this key is used for, is malware */
185}
#define UNIMPLEMENTED
Definition: debug.h:115
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:239

Referenced by BasepConfigureAppCertDlls().

◆ BasepSxsCloseHandles()

VOID WINAPI BasepSxsCloseHandles ( IN PBASE_MSG_SXS_HANDLES  Handles)

Definition at line 417 of file proc.c.

418{
420
421 /* Sanity checks */
422 ASSERT(Handles != NULL);
423 ASSERT(Handles->Process == NULL || Handles->Process == NtCurrentProcess());
424
425 /* Close the file handle */
426 if (Handles->File)
427 {
428 Status = NtClose(Handles->File);
430 }
431
432 /* Close the section handle */
433 if (Handles->Section)
434 {
435 Status = NtClose(Handles->Section);
437 }
438
439 /* Unmap the section view */
440 if (Handles->ViewBase.QuadPart)
441 {
443 (PVOID)(ULONG_PTR)Handles->ViewBase.QuadPart);
445 }
446}
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3848
#define NtCurrentProcess()
Definition: nt_native.h:1657
uint32_t ULONG_PTR
Definition: typedefs.h:65

Referenced by CreateProcessInternalW().

◆ BasePushProcessParameters()

BOOLEAN WINAPI BasePushProcessParameters ( IN ULONG  ParameterFlags,
IN HANDLE  ProcessHandle,
IN PPEB  RemotePeb,
IN LPCWSTR  ApplicationPathName,
IN LPWSTR  lpCurrentDirectory,
IN LPWSTR  lpCommandLine,
IN LPVOID  lpEnvironment,
IN LPSTARTUPINFOW  StartupInfo,
IN DWORD  CreationFlags,
IN BOOL  InheritHandles,
IN ULONG  ImageSubsystem,
IN PVOID  AppCompatData,
IN ULONG  AppCompatDataSize 
)

Definition at line 484 of file proc.c.

497{
498 WCHAR FullPath[MAX_PATH + 5];
499 PWCHAR Remaining, DllPathString, ScanChar;
500 PRTL_USER_PROCESS_PARAMETERS ProcessParameters, RemoteParameters;
501 PVOID RemoteAppCompatData;
505 ULONG EnviroSize;
506 SIZE_T Size;
507 BOOLEAN HavePebLock = FALSE, Result;
509
510 /* Get the full path name */
511 Size = GetFullPathNameW(ApplicationPathName,
512 MAX_PATH + 4,
513 FullPath,
514 &Remaining);
515 if ((Size) && (Size <= (MAX_PATH + 4)))
516 {
517 /* Get the DLL Path */
518 DllPathString = BaseComputeProcessDllPath(FullPath, lpEnvironment);
519 if (!DllPathString)
520 {
521 /* Fail */
523 return FALSE;
524 }
525
526 /* Initialize Strings */
527 RtlInitUnicodeString(&DllPath, DllPathString);
529 }
530 else
531 {
532 /* Couldn't get the path name. Just take the original path */
533 DllPathString = BaseComputeProcessDllPath((LPWSTR)ApplicationPathName,
534 lpEnvironment);
535 if (!DllPathString)
536 {
537 /* Fail */
539 return FALSE;
540 }
541
542 /* Initialize Strings */
543 RtlInitUnicodeString(&DllPath, DllPathString);
544 RtlInitUnicodeString(&ImageName, ApplicationPathName);
545 }
546
547 /* Initialize Strings */
548 RtlInitUnicodeString(&CommandLine, lpCommandLine);
549 RtlInitUnicodeString(&CurrentDirectory, lpCurrentDirectory);
550
551 /* Initialize more Strings from the Startup Info */
552 if (StartupInfo->lpDesktop)
553 {
554 RtlInitUnicodeString(&Desktop, StartupInfo->lpDesktop);
555 }
556 else
557 {
559 }
560 if (StartupInfo->lpReserved)
561 {
562 RtlInitUnicodeString(&Shell, StartupInfo->lpReserved);
563 }
564 else
565 {
567 }
568 if (StartupInfo->lpTitle)
569 {
570 RtlInitUnicodeString(&Title, StartupInfo->lpTitle);
571 }
572 else
573 {
574 RtlInitUnicodeString(&Title, ApplicationPathName);
575 }
576
577 /* This one is special because the length can differ */
578 Runtime.Buffer = (LPWSTR)StartupInfo->lpReserved2;
579 Runtime.MaximumLength = Runtime.Length = StartupInfo->cbReserved2;
580
581 /* Enforce no app compat data if the pointer was NULL */
582 if (!AppCompatData) AppCompatDataSize = 0;
583
584 /* Create the Parameter Block */
585 ProcessParameters = NULL;
586 DPRINT("ImageName: '%wZ'\n", &ImageName);
587 DPRINT("DllPath : '%wZ'\n", &DllPath);
588 DPRINT("CurDir : '%wZ'\n", &CurrentDirectory);
589 DPRINT("CmdLine : '%wZ'\n", &CommandLine);
590 DPRINT("Title : '%wZ'\n", &Title);
591 DPRINT("Desktop : '%wZ'\n", &Desktop);
592 DPRINT("Shell : '%wZ'\n", &Shell);
593 DPRINT("Runtime : '%wZ'\n", &Runtime);
594 Status = RtlCreateProcessParameters(&ProcessParameters,
595 &ImageName,
596 &DllPath,
597 lpCurrentDirectory ?
599 &CommandLine,
600 lpEnvironment,
601 &Title,
602 &Desktop,
603 &Shell,
604 &Runtime);
605 if (!NT_SUCCESS(Status)) goto FailPath;
606
607 /* Clear the current directory handle if not inheriting */
608 if (!InheritHandles) ProcessParameters->CurrentDirectory.Handle = NULL;
609
610 /* Check if the user passed in an environment */
611 if (lpEnvironment)
612 {
613 /* We should've made it part of the parameters block, enforce this */
614 ASSERT(ProcessParameters->Environment == lpEnvironment);
615 lpEnvironment = ProcessParameters->Environment;
616 }
617 else
618 {
619 /* The user did not, so use the one from the current PEB */
620 HavePebLock = TRUE;
622 lpEnvironment = Peb->ProcessParameters->Environment;
623 }
624
625 /* Save pointer and start lookup */
626 ScanChar = lpEnvironment;
627 if (lpEnvironment)
628 {
629 /* Find the environment size */
630 while (*ScanChar++) while (*ScanChar++);
631 EnviroSize = (ULONG)((ULONG_PTR)ScanChar - (ULONG_PTR)lpEnvironment);
632
633 /* Allocate and Initialize new Environment Block */
634 Size = EnviroSize;
635 ProcessParameters->Environment = NULL;
637 (PVOID*)&ProcessParameters->Environment,
638 0,
639 &Size,
642 if (!NT_SUCCESS(Status)) goto FailPath;
643
644 /* Write the Environment Block */
646 ProcessParameters->Environment,
647 lpEnvironment,
648 EnviroSize,
649 NULL);
650
651 /* No longer need the PEB lock anymore */
652 if (HavePebLock)
653 {
654 /* Release it */
656 HavePebLock = FALSE;
657 }
658
659 /* Check if the write failed */
660 if (!NT_SUCCESS(Status)) goto FailPath;
661 }
662
663 /* Write new parameters */
664 ProcessParameters->StartingX = StartupInfo->dwX;
665 ProcessParameters->StartingY = StartupInfo->dwY;
666 ProcessParameters->CountX = StartupInfo->dwXSize;
667 ProcessParameters->CountY = StartupInfo->dwYSize;
668 ProcessParameters->CountCharsX = StartupInfo->dwXCountChars;
669 ProcessParameters->CountCharsY = StartupInfo->dwYCountChars;
670 ProcessParameters->FillAttribute = StartupInfo->dwFillAttribute;
671 ProcessParameters->WindowFlags = StartupInfo->dwFlags;
672 ProcessParameters->ShowWindowFlags = StartupInfo->wShowWindow;
673
674 /* Write the handles only if we have to */
675 if (StartupInfo->dwFlags &
676 (STARTF_USESTDHANDLES | STARTF_USEHOTKEY | STARTF_SHELLPRIVATE))
677 {
678 ProcessParameters->StandardInput = StartupInfo->hStdInput;
679 ProcessParameters->StandardOutput = StartupInfo->hStdOutput;
680 ProcessParameters->StandardError = StartupInfo->hStdError;
681 }
682
683 /* Use Special Flags for ConDllInitialize in Kernel32 */
684 if (CreationFlags & DETACHED_PROCESS)
685 {
686 ProcessParameters->ConsoleHandle = HANDLE_DETACHED_PROCESS;
687 }
688 else if (CreationFlags & CREATE_NEW_CONSOLE)
689 {
690 ProcessParameters->ConsoleHandle = HANDLE_CREATE_NEW_CONSOLE;
691 }
692 else if (CreationFlags & CREATE_NO_WINDOW)
693 {
694 ProcessParameters->ConsoleHandle = HANDLE_CREATE_NO_WINDOW;
695 }
696 else
697 {
698 /* Inherit our Console Handle */
699 ProcessParameters->ConsoleHandle = Peb->ProcessParameters->ConsoleHandle;
700
701 /* Make sure that the shell isn't trampling on our handles first */
702 if (!(StartupInfo->dwFlags &
703 (STARTF_USESTDHANDLES | STARTF_USEHOTKEY | STARTF_SHELLPRIVATE)))
704 {
705 /* Copy the handle if we are inheriting or if it's a console handle */
706 if ((InheritHandles) ||
708 {
709 ProcessParameters->StandardInput = Peb->ProcessParameters->StandardInput;
710 }
711 if ((InheritHandles) ||
713 {
714 ProcessParameters->StandardOutput = Peb->ProcessParameters->StandardOutput;
715 }
716 if ((InheritHandles) ||
718 {
719 ProcessParameters->StandardError = Peb->ProcessParameters->StandardError;
720 }
721 }
722 }
723
724 /* Also set the Console Flag */
725 if ((CreationFlags & CREATE_NEW_PROCESS_GROUP) &&
726 (!(CreationFlags & CREATE_NEW_CONSOLE)))
727 {
728 ProcessParameters->ConsoleFlags = 1;
729 }
730
731 /* Check if there's a .local file present */
732 if (ParameterFlags & 1)
733 {
735 }
736
737 /* Check if we failed to open the IFEO key */
738 if (ParameterFlags & 2)
739 {
741 }
742
743 /* Allocate memory for the parameter block */
744 Size = ProcessParameters->Length;
745 RemoteParameters = NULL;
747 (PVOID*)&RemoteParameters,
748 0,
749 &Size,
752 if (!NT_SUCCESS(Status)) goto FailPath;
753
754 /* Set the allocated size */
755 ProcessParameters->MaximumLength = Size;
756
757 /* Handle some Parameter Flags */
758 ProcessParameters->Flags |= (CreationFlags & PROFILE_USER) ?
760 ProcessParameters->Flags |= (CreationFlags & PROFILE_KERNEL) ?
762 ProcessParameters->Flags |= (CreationFlags & PROFILE_SERVER) ?
764 ProcessParameters->Flags |= (Peb->ProcessParameters->Flags &
766
767 /* Write the Parameter Block */
769 RemoteParameters,
770 ProcessParameters,
771 ProcessParameters->Length,
772 NULL);
773 if (!NT_SUCCESS(Status)) goto FailPath;
774
775 /* Write the PEB Pointer */
777 &RemotePeb->ProcessParameters,
778 &RemoteParameters,
779 sizeof(PVOID),
780 NULL);
781 if (!NT_SUCCESS(Status)) goto FailPath;
782
783 /* Check if there's any app compat data to write */
784 RemoteAppCompatData = NULL;
785 if (AppCompatData)
786 {
787 /* Allocate some space for the application compatibility data */
788 Size = AppCompatDataSize;
790 &RemoteAppCompatData,
791 0,
792 &Size,
795 if (!NT_SUCCESS(Status)) goto FailPath;
796
797 /* Write the application compatibility data */
799 RemoteAppCompatData,
800 AppCompatData,
801 AppCompatDataSize,
802 NULL);
803 if (!NT_SUCCESS(Status)) goto FailPath;
804 }
805
806 /* Write the PEB Pointer to the app compat data (might be NULL) */
808 &RemotePeb->pShimData,
809 &RemoteAppCompatData,
810 sizeof(PVOID),
811 NULL);
812 if (!NT_SUCCESS(Status)) goto FailPath;
813
814 /* Now write Peb->ImageSubSystem */
815 if (ImageSubsystem)
816 {
818 &RemotePeb->ImageSubsystem,
819 &ImageSubsystem,
820 sizeof(ImageSubsystem),
821 NULL);
822 }
823
824 /* Success path */
825 Result = TRUE;
826
827Quickie:
828 /* Cleanup */
829 if (HavePebLock) RtlReleasePebLock();
830 RtlFreeHeap(RtlGetProcessHeap(), 0, DllPath.Buffer);
831 if (ProcessParameters) RtlDestroyProcessParameters(ProcessParameters);
832 return Result;
833FailPath:
834 DPRINT1("Failure to create process parameters: %lx\n", Status);
836 Result = FALSE;
837 goto Quickie;
838}
#define NtCurrentPeb()
Definition: FLS.c:22
unsigned char BOOLEAN
WCHAR CurrentDirectory[1024]
Definition: chkdsk.c:74
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
static const WCHAR Title[]
Definition: oid.c:1259
#define SetLastError(x)
Definition: compat.h:752
PPEB Peb
Definition: dllmain.c:27
LPWSTR WINAPI BaseComputeProcessDllPath(IN LPWSTR FullPath, IN PVOID Environment)
Definition: path.c:420
DWORD WINAPI GetFullPathNameW(IN LPCWSTR lpFileName, IN DWORD nBufferLength, OUT LPWSTR lpBuffer, OUT LPWSTR *lpFilePart)
Definition: path.c:1106
#define HANDLE_CREATE_NEW_CONSOLE
Definition: console.h:14
#define HANDLE_CREATE_NO_WINDOW
Definition: console.h:15
#define HANDLE_DETACHED_PROCESS
Definition: console.h:13
#define ULONG_PTR
Definition: config.h:101
NTSYSAPI void WINAPI RtlReleasePebLock(void)
Definition: libsupp.c:82
NTSYSAPI void WINAPI RtlAcquirePebLock(void)
Definition: libsupp.c:72
#define STARTF_SHELLPRIVATE
Definition: kernel32.h:60
if(dx< 0)
Definition: linetemp.h:194
static const char const char * DllPath
Definition: image.c:34
static const char * ImageName
Definition: image.c:34
NTSYSAPI NTSTATUS NTAPI RtlDestroyProcessParameters(_In_ PRTL_USER_PROCESS_PARAMETERS ProcessParameters)
NTSYSAPI NTSTATUS NTAPI RtlCreateProcessParameters(_Out_ PRTL_USER_PROCESS_PARAMETERS *ProcessParameters, _In_ PUNICODE_STRING ImagePathName, _In_opt_ PUNICODE_STRING DllPath, _In_opt_ PUNICODE_STRING CurrentDirectory, _In_opt_ PUNICODE_STRING CommandLine, _In_opt_ PWSTR Environment, _In_opt_ PUNICODE_STRING WindowTitle, _In_opt_ PUNICODE_STRING DesktopInfo, _In_opt_ PUNICODE_STRING ShellInfo, _In_opt_ PUNICODE_STRING RuntimeInfo)
#define RTL_USER_PROCESS_PARAMETERS_IMAGE_KEY_MISSING
Definition: rtltypes.h:54
#define RTL_USER_PROCESS_PARAMETERS_PROFILE_KERNEL
Definition: rtltypes.h:43
#define RTL_USER_PROCESS_PARAMETERS_PROFILE_SERVER
Definition: rtltypes.h:44
#define RTL_USER_PROCESS_PARAMETERS_LOCAL_DLL_PATH
Definition: rtltypes.h:53
#define RTL_USER_PROCESS_PARAMETERS_PROFILE_USER
Definition: rtltypes.h:42
#define RTL_USER_PROCESS_PARAMETERS_DISABLE_HEAP_CHECKS
Definition: rtltypes.h:49
#define PAGE_READWRITE
Definition: nt_native.h:1304
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define MEM_COMMIT
Definition: nt_native.h:1313
NTSTATUS NTAPI NtWriteVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, IN PVOID Buffer, IN SIZE_T NumberOfBytesToWrite, OUT PSIZE_T NumberOfBytesWritten OPTIONAL)
Definition: virtual.c:2928
NTSTATUS NTAPI NtAllocateVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UBaseAddress, IN ULONG_PTR ZeroBits, IN OUT PSIZE_T URegionSize, IN ULONG AllocationType, IN ULONG Protect)
Definition: virtual.c:4490
DWORD BaseSetLastNTError(IN NTSTATUS Status)
Definition: reactos.cpp:166
#define IsConsoleHandle(h)
Definition: console.h:14
#define DPRINT
Definition: sndvol32.h:71
HANDLE Handle
Definition: rtltypes.h:1369
PRTL_USER_PROCESS_PARAMETERS ProcessParameters
Definition: btrfs_drv.h:1913
USHORT MaximumLength
Definition: env_spec_w32.h:370
ULONG_PTR SIZE_T
Definition: typedefs.h:80
static int Shell(const char **args)
Definition: vfdcmd.c:1020
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
Definition: wdfdevice.h:4533
#define PROFILE_SERVER
Definition: winbase.h:198
#define CREATE_NO_WINDOW
Definition: winbase.h:195
#define CREATE_NEW_PROCESS_GROUP
Definition: winbase.h:185
#define PROFILE_KERNEL
Definition: winbase.h:197
#define PROFILE_USER
Definition: winbase.h:196
#define STARTF_USESTDHANDLES
Definition: winbase.h:499
#define DETACHED_PROCESS
Definition: winbase.h:179
#define CREATE_NEW_CONSOLE
Definition: winbase.h:180
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:409
WCHAR * LPWSTR
Definition: xmlstorage.h:184

Referenced by CreateProcessInternalW().

◆ BuildSubSysCommandLine()

BOOLEAN WINAPI BuildSubSysCommandLine ( IN LPCWSTR  SubsystemName,
IN LPCWSTR  ApplicationName,
IN LPCWSTR  CommandLine,
OUT PUNICODE_STRING  SubsysCommandLine 
)

Definition at line 89 of file proc.c.

93{
94 UNICODE_STRING CommandLineString, ApplicationNameString;
97
98 /* Convert to unicode strings */
99 RtlInitUnicodeString(&CommandLineString, ApplicationName);
100 RtlInitUnicodeString(&ApplicationNameString, CommandLine);
101
102 /* Allocate buffer for the output string */
103 Length = CommandLineString.MaximumLength + ApplicationNameString.MaximumLength + 32;
104 Buffer = RtlAllocateHeap(RtlGetProcessHeap(), 0, Length);
105 RtlInitEmptyUnicodeString(SubsysCommandLine, Buffer, (USHORT)Length);
106 if (!Buffer)
107 {
108 /* Fail, no memory */
110 return FALSE;
111 }
112
113 /* Build the final subsystem command line */
114 RtlAppendUnicodeToString(SubsysCommandLine, SubsystemName);
115 RtlAppendUnicodeStringToString(SubsysCommandLine, &CommandLineString);
116 RtlAppendUnicodeToString(SubsysCommandLine, L" /C ");
117 RtlAppendUnicodeStringToString(SubsysCommandLine, &ApplicationNameString);
118 return TRUE;
119}
NTSTATUS RtlAppendUnicodeToString(IN PUNICODE_STRING Str1, IN PWSTR Str2)
Definition: string_lib.cpp:62
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
unsigned short USHORT
Definition: pedump.c:61

Referenced by CreateProcessInternalW().

◆ C_ASSERT()

◆ CreateProcessA()

BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessA ( LPCSTR  lpApplicationName,
LPSTR  lpCommandLine,
LPSECURITY_ATTRIBUTES  lpProcessAttributes,
LPSECURITY_ATTRIBUTES  lpThreadAttributes,
BOOL  bInheritHandles,
DWORD  dwCreationFlags,
LPVOID  lpEnvironment,
LPCSTR  lpCurrentDirectory,
LPSTARTUPINFOA  lpStartupInfo,
LPPROCESS_INFORMATION  lpProcessInformation 
)

Definition at line 4741 of file proc.c.

4751{
4752 /* Call the internal (but exported) version */
4754 lpApplicationName,
4755 lpCommandLine,
4756 lpProcessAttributes,
4757 lpThreadAttributes,
4758 bInheritHandles,
4759 dwCreationFlags,
4760 lpEnvironment,
4761 lpCurrentDirectory,
4762 lpStartupInfo,
4763 lpProcessInformation,
4764 NULL);
4765}
BOOL WINAPI CreateProcessInternalA(HANDLE hToken, LPCSTR lpApplicationName, LPSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCSTR lpCurrentDirectory, LPSTARTUPINFOA lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation, PHANDLE hNewToken)
Definition: proc.c:4623

Referenced by _create_process(), cmd_available(), CommandThreadProc(), crash_and_debug(), crash_and_winedbg(), create_proc(), create_process(), create_server_process(), create_target_process(), create_writepipe_process(), CreateProcessAsUserA(), do_parent(), doChildren(), DosCreateProcess(), DoTestEntry(), fork_helper(), IDirectPlayLobby3AImpl_RunApplication(), LoadModule(), read_reg_output_(), run_child_process(), run_client(), run_cmd(), run_ex(), run_process(), run_reg_exe_(), run_regedit_exe_(), run_script_file(), runcmd(), start_server(), START_TEST(), system(), test___getmainargs_parent(), test_alloc_shared(), test_apc_deadlock(), test_BreakawayOk(), test_comctl32_classes(), test_CommandLine(), test_Console(), test_CreateProcessWithDesktop(), test_debug_children(), test_debug_heap(), test_debug_loop(), test_DebuggingFlag(), test_DetachConsoleHandles(), test_DetachStdHandles(), test_Directory(), test_EnumProcessModules(), test_Environment(), test_ExitCode(), test_ExitProcess(), test_GetProcessVersion(), test_internet_features(), test_invalid_stdin(), test_IsWow64Process(), test_jobInheritance(), test_LresultFromObject(), test_NonExistentPath(), test_NtSuspendProcess(), test_process_access(), test_process_security(), test_query_process_debug_flags(), test_query_process_debug_object_handle(), test_query_process_debug_port(), test_section_access(), test_shared_memory(), test_shared_memory_ro(), test_Startup(), test_StartupNoConsole(), test_stdout_handle(), test_SuspendFlag(), test_TerminateProcess(), test_token_security_descriptor(), test_Toolhelp(), test_WaitForInputIdle(), test_window_from_point(), test_winproc_handles(), and WinExec().

◆ CreateProcessInternalA()

BOOL WINAPI CreateProcessInternalA ( HANDLE  hToken,
LPCSTR  lpApplicationName,
LPSTR  lpCommandLine,
LPSECURITY_ATTRIBUTES  lpProcessAttributes,
LPSECURITY_ATTRIBUTES  lpThreadAttributes,
BOOL  bInheritHandles,
DWORD  dwCreationFlags,
LPVOID  lpEnvironment,
LPCSTR  lpCurrentDirectory,
LPSTARTUPINFOA  lpStartupInfo,
LPPROCESS_INFORMATION  lpProcessInformation,
PHANDLE  hNewToken 
)

Definition at line 4623 of file proc.c.

4635{
4636 UNICODE_STRING CommandLine;
4639 BOOL bRetVal;
4640 STARTUPINFOW StartupInfo;
4641
4642 DPRINT("dwCreationFlags %x, lpEnvironment %p, lpCurrentDirectory %p, "
4643 "lpStartupInfo %p, lpProcessInformation %p\n",
4644 dwCreationFlags, lpEnvironment, lpCurrentDirectory,
4645 lpStartupInfo, lpProcessInformation);
4646
4647 /* Copy Startup Info */
4648 RtlMoveMemory(&StartupInfo, lpStartupInfo, sizeof(*lpStartupInfo));
4649
4650 /* Initialize all strings to nothing */
4651 CommandLine.Buffer = NULL;
4652 ApplicationName.Buffer = NULL;
4653 CurrentDirectory.Buffer = NULL;
4654 StartupInfo.lpDesktop = NULL;
4655 StartupInfo.lpReserved = NULL;
4656 StartupInfo.lpTitle = NULL;
4657
4658 /* Convert the Command line */
4659 if (lpCommandLine)
4660 {
4662 lpCommandLine);
4663 }
4664
4665 /* Convert the Name and Directory */
4666 if (lpApplicationName)
4667 {
4669 lpApplicationName);
4670 }
4671 if (lpCurrentDirectory)
4672 {
4674 lpCurrentDirectory);
4675 }
4676
4677 /* Now convert Startup Strings */
4678 if (lpStartupInfo->lpReserved)
4679 {
4681 &StartupInfo.lpReserved);
4682 }
4683 if (lpStartupInfo->lpDesktop)
4684 {
4686 &StartupInfo.lpDesktop);
4687 }
4688 if (lpStartupInfo->lpTitle)
4689 {
4691 &StartupInfo.lpTitle);
4692 }
4693
4694 /* Call the Unicode function */
4695 bRetVal = CreateProcessInternalW(hToken,
4696 ApplicationName.Buffer,
4697 CommandLine.Buffer,
4698 lpProcessAttributes,
4699 lpThreadAttributes,
4700 bInheritHandles,
4701 dwCreationFlags,
4702 lpEnvironment,
4703 CurrentDirectory.Buffer,
4704 &StartupInfo,
4705 lpProcessInformation,
4706 hNewToken);
4707
4708 /* Clean up */
4710 RtlFreeUnicodeString(&CommandLine);
4712 RtlFreeHeap(RtlGetProcessHeap(), 0, StartupInfo.lpDesktop);
4713 RtlFreeHeap(RtlGetProcessHeap(), 0, StartupInfo.lpReserved);
4714 RtlFreeHeap(RtlGetProcessHeap(), 0, StartupInfo.lpTitle);
4715
4716 /* Return what Unicode did */
4717 return bRetVal;
4718}
BOOL WINAPI CreateProcessInternalW(IN HANDLE hUserToken, IN LPCWSTR lpApplicationName, IN LPWSTR lpCommandLine, IN LPSECURITY_ATTRIBUTES lpProcessAttributes, IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN BOOL bInheritHandles, IN DWORD dwCreationFlags, IN LPVOID lpEnvironment, IN LPCWSTR lpCurrentDirectory, IN LPSTARTUPINFOW lpStartupInfo, IN LPPROCESS_INFORMATION lpProcessInformation, OUT PHANDLE hNewToken)
Definition: proc.c:2234
BOOLEAN WINAPI Basep8BitStringToDynamicUnicodeString(OUT PUNICODE_STRING UnicodeString, IN LPCSTR String)
Definition: utils.c:225
VOID WINAPI BasepAnsiStringToHeapUnicodeString(IN LPCSTR AnsiString, OUT LPWSTR *UnicodeString)
Definition: utils.c:263
unsigned int BOOL
Definition: ntddk_ex.h:94
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
LPSTR lpTitle
Definition: winbase.h:834
LPSTR lpReserved
Definition: winbase.h:832
LPSTR lpDesktop
Definition: winbase.h:833
LPWSTR lpDesktop
Definition: winbase.h:854
LPWSTR lpTitle
Definition: winbase.h:855
LPWSTR lpReserved
Definition: winbase.h:853
#define RtlMoveMemory(Destination, Source, Length)
Definition: typedefs.h:264

Referenced by CreateProcessA().

◆ CreateProcessInternalW()

BOOL WINAPI CreateProcessInternalW ( IN HANDLE  hUserToken,
IN LPCWSTR  lpApplicationName,
IN LPWSTR  lpCommandLine,
IN LPSECURITY_ATTRIBUTES  lpProcessAttributes,
IN LPSECURITY_ATTRIBUTES  lpThreadAttributes,
IN BOOL  bInheritHandles,
IN DWORD  dwCreationFlags,
IN LPVOID  lpEnvironment,
IN LPCWSTR  lpCurrentDirectory,
IN LPSTARTUPINFOW  lpStartupInfo,
IN LPPROCESS_INFORMATION  lpProcessInformation,
OUT PHANDLE  hNewToken 
)

Definition at line 2234 of file proc.c.

2246{
2247 //
2248 // Core variables used for creating the initial process and thread
2249 //
2250 SECURITY_ATTRIBUTES LocalThreadAttributes, LocalProcessAttributes;
2251 OBJECT_ATTRIBUTES LocalObjectAttributes;
2253 SECTION_IMAGE_INFORMATION ImageInformation;
2256 ULONG NoWindow, StackSize, ErrorCode, Flags;
2258 USHORT ImageMachine;
2259 ULONG ParameterFlags, PrivilegeValue, HardErrorMode, ErrorResponse;
2260 ULONG_PTR ErrorParameters[2];
2261 BOOLEAN InJob, SaferNeeded, UseLargePages, HavePrivilege;
2262 BOOLEAN QuerySection, SkipSaferAndAppCompat;
2264 BASE_API_MESSAGE CsrMsg[2];
2265 PBASE_CREATE_PROCESS CreateProcessMsg;
2266 PCSR_CAPTURE_BUFFER CaptureBuffer;
2267 PVOID BaseAddress, PrivilegeState, RealTimePrivilegeState;
2268 HANDLE DebugHandle, TokenHandle, JobHandle, KeyHandle, ThreadHandle;
2269 HANDLE FileHandle, SectionHandle, ProcessHandle;
2271 PROCESS_PRIORITY_CLASS PriorityClass;
2272 NTSTATUS Status, AppCompatStatus, SaferStatus, IFEOStatus, ImageDbgStatus;
2273 PPEB Peb, RemotePeb;
2274 PTEB Teb;
2275 INITIAL_TEB InitialTeb;
2276 PVOID TibValue;
2277 PIMAGE_NT_HEADERS NtHeaders;
2278 STARTUPINFOW StartupInfo;
2279 PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
2280 UNICODE_STRING DebuggerString;
2281 BOOL Result;
2282 //
2283 // Variables used for command-line and argument parsing
2284 //
2285 PCHAR pcScan;
2286 SIZE_T n;
2287 WCHAR SaveChar;
2288 ULONG Length, FileAttribs, CmdQuoteLength;
2289 ULONG ResultSize;
2290 SIZE_T EnvironmentLength, CmdLineLength;
2291 PWCHAR QuotedCmdLine, AnsiCmdCommand, ExtBuffer, CurrentDirectory;
2292 PWCHAR NullBuffer, ScanString, NameBuffer, SearchPath, DebuggerCmdLine;
2293 ANSI_STRING AnsiEnv;
2294 UNICODE_STRING UnicodeEnv, PathName;
2295 BOOLEAN SearchRetry, QuotesNeeded, CmdLineIsAppName, HasQuotes;
2296
2297 //
2298 // Variables used for Fusion/SxS (Side-by-Side Assemblies)
2299 //
2300 RTL_PATH_TYPE SxsPathType, PathType;
2301#if _SXS_SUPPORT_ENABLED_
2302 PRTL_BUFFER ByteBuffer;
2303 PRTL_UNICODE_STRING_BUFFER ThisBuffer, Buffer, SxsStaticBuffers[5];
2304 PRTL_UNICODE_STRING_BUFFER* BufferHead, SxsStringBuffer;
2305 RTL_UNICODE_STRING_BUFFER SxsWin32ManifestPath, SxsNtManifestPath;
2306 RTL_UNICODE_STRING_BUFFER SxsWin32PolicyPath, SxsNtPolicyPath;
2307 RTL_UNICODE_STRING_BUFFER SxsWin32AssemblyDirectory;
2308 BASE_MSG_SXS_HANDLES MappedHandles, Handles, FileHandles;
2309 PVOID CapturedStrings[3];
2310 SXS_WIN32_NT_PATH_PAIR ExePathPair, ManifestPathPair, PolicyPathPair;
2311 SXS_OVERRIDE_MANIFEST OverrideManifest;
2312 UNICODE_STRING FreeString, SxsNtExePath;
2313 PWCHAR SxsConglomeratedBuffer, StaticBuffer;
2314 ULONG ConglomeratedBufferSizeBytes, StaticBufferSize, i;
2315#endif
2317
2318 //
2319 // Variables used for path conversion (and partially Fusion/SxS)
2320 //
2321 PWCHAR FilePart, PathBuffer, FreeBuffer;
2322 BOOLEAN TranslationStatus;
2323 RTL_RELATIVE_NAME_U SxsWin32RelativePath;
2324 UNICODE_STRING PathBufferString, SxsWin32ExePath;
2325
2326 //
2327 // Variables used by Application Compatibility (and partially Fusion/SxS)
2328 //
2329 PVOID AppCompatSxsData, AppCompatData;
2330 ULONG AppCompatSxsDataSize, AppCompatDataSize;
2331 //
2332 // Variables used by VDM (Virtual Dos Machine) and WOW32 (16-bit Support)
2333 //
2334 ULONG BinarySubType, VdmBinaryType, VdmTask, VdmReserve;
2335 ULONG VdmUndoLevel;
2336 BOOLEAN UseVdmReserve;
2337 HANDLE VdmWaitObject;
2338 ANSI_STRING VdmAnsiEnv;
2339 UNICODE_STRING VdmString, VdmUnicodeEnv;
2340 BOOLEAN IsWowApp;
2341 PBASE_CHECK_VDM CheckVdmMsg;
2342
2343 /* Zero out the initial core variables and handles */
2344 QuerySection = FALSE;
2345 InJob = FALSE;
2346 SkipSaferAndAppCompat = FALSE;
2347 ParameterFlags = 0;
2348 Flags = 0;
2349 DebugHandle = NULL;
2350 JobHandle = NULL;
2351 TokenHandle = NULL;
2352 FileHandle = NULL;
2353 SectionHandle = NULL;
2355 ThreadHandle = NULL;
2357 BaseAddress = (PVOID)1;
2358
2359 /* Zero out initial SxS and Application Compatibility state */
2360 AppCompatData = NULL;
2361 AppCompatDataSize = 0;
2362 AppCompatSxsData = NULL;
2363 AppCompatSxsDataSize = 0;
2364 CaptureBuffer = NULL;
2365#if _SXS_SUPPORT_ENABLED_
2366 SxsConglomeratedBuffer = NULL;
2367#endif
2368 FusionFlags = 0;
2369
2370 /* Zero out initial parsing variables -- others are initialized later */
2371 DebuggerCmdLine = NULL;
2372 PathBuffer = NULL;
2373 SearchPath = NULL;
2374 NullBuffer = NULL;
2375 FreeBuffer = NULL;
2376 NameBuffer = NULL;
2378 FilePart = NULL;
2379 DebuggerString.Buffer = NULL;
2380 HasQuotes = FALSE;
2381 QuotedCmdLine = NULL;
2382
2383 /* Zero out initial VDM state */
2384 VdmAnsiEnv.Buffer = NULL;
2385 VdmUnicodeEnv.Buffer = NULL;
2386 VdmString.Buffer = NULL;
2387 VdmTask = 0;
2388 VdmUndoLevel = 0;
2389 VdmBinaryType = 0;
2390 VdmReserve = 0;
2391 VdmWaitObject = NULL;
2392 UseVdmReserve = FALSE;
2393 IsWowApp = FALSE;
2394
2395 /* Set message structures */
2396 CreateProcessMsg = &CsrMsg[0].Data.CreateProcessRequest;
2397 CheckVdmMsg = &CsrMsg[1].Data.CheckVDMRequest;
2398
2399 /* Clear the more complex structures by zeroing out their entire memory */
2400 RtlZeroMemory(&Context, sizeof(Context));
2401#if _SXS_SUPPORT_ENABLED_
2402 RtlZeroMemory(&FileHandles, sizeof(FileHandles));
2403 RtlZeroMemory(&MappedHandles, sizeof(MappedHandles));
2404 RtlZeroMemory(&Handles, sizeof(Handles));
2405#endif
2406 RtlZeroMemory(&CreateProcessMsg->Sxs, sizeof(CreateProcessMsg->Sxs));
2407 RtlZeroMemory(&LocalProcessAttributes, sizeof(LocalProcessAttributes));
2408 RtlZeroMemory(&LocalThreadAttributes, sizeof(LocalThreadAttributes));
2409
2410 /* Zero out output arguments as well */
2411 RtlZeroMemory(lpProcessInformation, sizeof(*lpProcessInformation));
2412 if (hNewToken) *hNewToken = NULL;
2413
2414 /* Capture the special window flag */
2415 NoWindow = dwCreationFlags & CREATE_NO_WINDOW;
2416 dwCreationFlags &= ~CREATE_NO_WINDOW;
2417
2418#if _SXS_SUPPORT_ENABLED_
2419 /* Setup the SxS static string arrays and buffers */
2420 SxsStaticBuffers[0] = &SxsWin32ManifestPath;
2421 SxsStaticBuffers[1] = &SxsWin32PolicyPath;
2422 SxsStaticBuffers[2] = &SxsWin32AssemblyDirectory;
2423 SxsStaticBuffers[3] = &SxsNtManifestPath;
2424 SxsStaticBuffers[4] = &SxsNtPolicyPath;
2425 ExePathPair.Win32 = &SxsWin32ExePath;
2426 ExePathPair.Nt = &SxsNtExePath;
2427 ManifestPathPair.Win32 = &SxsWin32ManifestPath.String;
2428 ManifestPathPair.Nt = &SxsNtManifestPath.String;
2429 PolicyPathPair.Win32 = &SxsWin32PolicyPath.String;
2430 PolicyPathPair.Nt = &SxsNtPolicyPath.String;
2431#endif
2432
2433 DPRINT("CreateProcessInternalW: '%S' '%S' %lx\n", lpApplicationName, lpCommandLine, dwCreationFlags);
2434
2435 /* Finally, set our TEB and PEB */
2436 Teb = NtCurrentTeb();
2437 Peb = NtCurrentPeb();
2438
2439 /* This combination is illegal (see MSDN) */
2440 if ((dwCreationFlags & (DETACHED_PROCESS | CREATE_NEW_CONSOLE)) ==
2442 {
2443 DPRINT1("Invalid flag combo used\n");
2445 return FALSE;
2446 }
2447
2448 /* Convert the priority class */
2449 if (dwCreationFlags & IDLE_PRIORITY_CLASS)
2450 {
2452 }
2453 else if (dwCreationFlags & BELOW_NORMAL_PRIORITY_CLASS)
2454 {
2456 }
2457 else if (dwCreationFlags & NORMAL_PRIORITY_CLASS)
2458 {
2460 }
2461 else if (dwCreationFlags & ABOVE_NORMAL_PRIORITY_CLASS)
2462 {
2464 }
2465 else if (dwCreationFlags & HIGH_PRIORITY_CLASS)
2466 {
2468 }
2469 else if (dwCreationFlags & REALTIME_PRIORITY_CLASS)
2470 {
2472 PriorityClass.PriorityClass += (BasepIsRealtimeAllowed(FALSE) != NULL);
2473 }
2474 else
2475 {
2477 }
2478
2479 /* Done with the priority masks, so get rid of them */
2480 PriorityClass.Foreground = FALSE;
2481 dwCreationFlags &= ~(NORMAL_PRIORITY_CLASS |
2487
2488 /* You cannot request both a shared and a separate WoW VDM */
2489 if ((dwCreationFlags & CREATE_SEPARATE_WOW_VDM) &&
2490 (dwCreationFlags & CREATE_SHARED_WOW_VDM))
2491 {
2492 /* Fail such nonsensical attempts */
2493 DPRINT1("Invalid WOW flags\n");
2495 return FALSE;
2496 }
2497 else if (!(dwCreationFlags & CREATE_SHARED_WOW_VDM) &&
2499 {
2500 /* A shared WoW VDM was not requested but system enforces separation */
2501 dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
2502 }
2503
2504 /* If a shared WoW VDM is used, make sure the process isn't in a job */
2505 if (!(dwCreationFlags & CREATE_SEPARATE_WOW_VDM) &&
2507 {
2508 /* Remove the shared flag and add the separate flag */
2509 dwCreationFlags = (dwCreationFlags &~ CREATE_SHARED_WOW_VDM) |
2511 }
2512
2513 /* Convert the environment */
2514 if ((lpEnvironment) && !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT))
2515 {
2516 /* Scan the environment to calculate its Unicode size */
2517 AnsiEnv.Buffer = pcScan = (PCHAR)lpEnvironment;
2518 while ((*pcScan) || (*(pcScan + 1))) ++pcScan;
2519
2520 /* Make sure the environment is not too large */
2521 EnvironmentLength = (pcScan + sizeof(ANSI_NULL) - (PCHAR)lpEnvironment);
2522 if (EnvironmentLength > MAXUSHORT)
2523 {
2524 /* Fail */
2526 return FALSE;
2527 }
2528
2529 /* Create our ANSI String */
2530 AnsiEnv.Length = (USHORT)EnvironmentLength;
2531 AnsiEnv.MaximumLength = AnsiEnv.Length + sizeof(ANSI_NULL);
2532
2533 /* Allocate memory for the Unicode Environment */
2534 UnicodeEnv.Buffer = NULL;
2535 RegionSize = AnsiEnv.MaximumLength * sizeof(WCHAR);
2537 (PVOID)&UnicodeEnv.Buffer,
2538 0,
2539 &RegionSize,
2540 MEM_COMMIT,
2542 if (!NT_SUCCESS(Status))
2543 {
2544 /* Fail */
2546 return FALSE;
2547 }
2548
2549 /* Use the allocated size and convert */
2550 UnicodeEnv.MaximumLength = (USHORT)RegionSize;
2551 Status = RtlAnsiStringToUnicodeString(&UnicodeEnv, &AnsiEnv, FALSE);
2552 if (!NT_SUCCESS(Status))
2553 {
2554 /* Fail */
2556 (PVOID)&UnicodeEnv.Buffer,
2557 &RegionSize,
2558 MEM_RELEASE);
2560 return FALSE;
2561 }
2562
2563 /* Now set the Unicode environment as the environment string pointer */
2564 lpEnvironment = UnicodeEnv.Buffer;
2565 }
2566
2567 /* Make a copy of the caller's startup info since we'll modify it */
2568 StartupInfo = *lpStartupInfo;
2569
2570 /* Check if private data is being sent on the same channel as std handles */
2571 if ((StartupInfo.dwFlags & STARTF_USESTDHANDLES) &&
2572 (StartupInfo.dwFlags & (STARTF_USEHOTKEY | STARTF_SHELLPRIVATE)))
2573 {
2574 /* Cannot use the std handles since we have monitor/hotkey values */
2575 StartupInfo.dwFlags &= ~STARTF_USESTDHANDLES;
2576 }
2577
2578 /* If there's a debugger, or we have to launch cmd.exe, we go back here */
2579AppNameRetry:
2580 /* New iteration -- free any existing name buffer */
2581 if (NameBuffer)
2582 {
2583 RtlFreeHeap(RtlGetProcessHeap(), 0, NameBuffer);
2584 NameBuffer = NULL;
2585 }
2586
2587 /* New iteration -- free any existing free buffer */
2588 if (FreeBuffer)
2589 {
2590 RtlFreeHeap(RtlGetProcessHeap(), 0, FreeBuffer);
2591 FreeBuffer = NULL;
2592 }
2593
2594 /* New iteration -- close any existing file handle */
2595 if (FileHandle)
2596 {
2598 FileHandle = NULL;
2599 }
2600
2601 /* Set the initial parsing state. This code can loop -- don't move this! */
2602 ErrorCode = 0;
2603 SearchRetry = TRUE;
2604 QuotesNeeded = FALSE;
2605 CmdLineIsAppName = FALSE;
2606
2607 /* First check if we don't have an application name */
2608 if (!lpApplicationName)
2609 {
2610 /* This should be the first time we attempt creating one */
2611 ASSERT(NameBuffer == NULL);
2612
2613 /* Allocate a buffer to hold it */
2614 NameBuffer = RtlAllocateHeap(RtlGetProcessHeap(),
2615 0,
2616 MAX_PATH * sizeof(WCHAR));
2617 if (!NameBuffer)
2618 {
2620 Result = FALSE;
2621 goto Quickie;
2622 }
2623
2624 /* Initialize the application name and our parsing parameters */
2625 lpApplicationName = NullBuffer = ScanString = lpCommandLine;
2626
2627 /* Check for an initial quote*/
2628 if (*lpCommandLine == L'\"')
2629 {
2630 /* We found a quote, keep searching for another one */
2631 SearchRetry = FALSE;
2632 ScanString++;
2633 lpApplicationName = ScanString;
2634 while (*ScanString)
2635 {
2636 /* Have we found the terminating quote? */
2637 if (*ScanString == L'\"')
2638 {
2639 /* We're done, get out of here */
2640 NullBuffer = ScanString;
2641 HasQuotes = TRUE;
2642 break;
2643 }
2644
2645 /* Keep searching for the quote */
2646 ScanString++;
2647 NullBuffer = ScanString;
2648 }
2649 }
2650 else
2651 {
2652StartScan:
2653 /* We simply make the application name be the command line*/
2654 lpApplicationName = lpCommandLine;
2655 while (*ScanString)
2656 {
2657 /* Check if it starts with a space or tab */
2658 if ((*ScanString == L' ') || (*ScanString == L'\t'))
2659 {
2660 /* Break out of the search loop */
2661 NullBuffer = ScanString;
2662 break;
2663 }
2664
2665 /* Keep searching for a space or tab */
2666 ScanString++;
2667 NullBuffer = ScanString;
2668 }
2669 }
2670
2671 /* We have found the end of the application name, terminate it */
2672 SaveChar = *NullBuffer;
2673 *NullBuffer = UNICODE_NULL;
2674
2675 /* New iteration -- free any existing saved path */
2676 if (SearchPath)
2677 {
2678 RtlFreeHeap(RtlGetProcessHeap(), 0, SearchPath);
2679 SearchPath = NULL;
2680 }
2681
2682 /* Now compute the final EXE path based on the name */
2683 SearchPath = BaseComputeProcessExePath((LPWSTR)lpApplicationName);
2684 DPRINT("Search Path: %S\n", SearchPath);
2685 if (!SearchPath)
2686 {
2688 Result = FALSE;
2689 goto Quickie;
2690 }
2691
2692 /* And search for the executable in the search path */
2694 lpApplicationName,
2695 L".exe",
2696 MAX_PATH,
2697 NameBuffer,
2698 NULL);
2699
2700 /* Did we find it? */
2701 if ((Length) && (Length < MAX_PATH))
2702 {
2703 /* Get file attributes */
2704 FileAttribs = GetFileAttributesW(NameBuffer);
2705 if ((FileAttribs != INVALID_FILE_ATTRIBUTES) &&
2706 (FileAttribs & FILE_ATTRIBUTE_DIRECTORY))
2707 {
2708 /* This was a directory, fail later on */
2709 Length = 0;
2710 }
2711 else
2712 {
2713 /* It's a file! */
2714 Length++;
2715 }
2716 }
2717
2718 DPRINT("Length: %lu Buffer: %S\n", Length, NameBuffer);
2719
2720 /* Check if there was a failure in SearchPathW */
2721 if ((Length) && (Length < MAX_PATH))
2722 {
2723 /* Everything looks good, restore the name */
2724 *NullBuffer = SaveChar;
2725 lpApplicationName = NameBuffer;
2726 }
2727 else
2728 {
2729 /* Check if this was a relative path, which would explain it */
2730 PathType = RtlDetermineDosPathNameType_U(lpApplicationName);
2732 {
2733 /* This should fail, and give us a detailed LastError */
2734 FileHandle = CreateFileW(lpApplicationName,
2738 NULL,
2741 NULL);
2743 {
2744 /* It worked? Return a generic error */
2746 FileHandle = NULL;
2748 }
2749 }
2750 else
2751 {
2752 /* Path was absolute, which means it doesn't exist */
2754 }
2755
2756 /* Did we already fail once? */
2757 if (ErrorCode)
2758 {
2759 /* Set the error code */
2761 }
2762 else
2763 {
2764 /* Not yet, cache it */
2766 }
2767
2768 /* Put back the command line */
2769 *NullBuffer = SaveChar;
2770 lpApplicationName = NameBuffer;
2771
2772 /* It's possible there's whitespace in the directory name */
2773 if (!(*ScanString) || !(SearchRetry))
2774 {
2775 /* Not the case, give up completely */
2776 Result = FALSE;
2777 goto Quickie;
2778 }
2779
2780 /* There are spaces, so keep trying the next possibility */
2781 ScanString++;
2782 NullBuffer = ScanString;
2783
2784 /* We will have to add a quote, since there is a space */
2785 QuotesNeeded = TRUE;
2786 HasQuotes = TRUE;
2787 goto StartScan;
2788 }
2789 }
2790 else if (!(lpCommandLine) || !(*lpCommandLine))
2791 {
2792 /* We don't have a command line, so just use the application name */
2793 CmdLineIsAppName = TRUE;
2794 lpCommandLine = (LPWSTR)lpApplicationName;
2795 }
2796
2797 /* Convert the application name to its NT path */
2798 TranslationStatus = RtlDosPathNameToRelativeNtPathName_U(lpApplicationName,
2799 &PathName,
2800 NULL,
2801 &SxsWin32RelativePath);
2802 if (!TranslationStatus)
2803 {
2804 /* Path must be invalid somehow, bail out */
2805 DPRINT1("Path translation for SxS failed\n");
2807 Result = FALSE;
2808 goto Quickie;
2809 }
2810
2811 /* Setup the buffer that needs to be freed at the end */
2812 ASSERT(FreeBuffer == NULL);
2813 FreeBuffer = PathName.Buffer;
2814
2815 /* Check what kind of path the application is, for SxS (Fusion) purposes */
2816 RtlInitUnicodeString(&SxsWin32ExePath, lpApplicationName);
2817 SxsPathType = RtlDetermineDosPathNameType_U(lpApplicationName);
2818 if ((SxsPathType != RtlPathTypeDriveAbsolute) &&
2819 (SxsPathType != RtlPathTypeLocalDevice) &&
2820 (SxsPathType != RtlPathTypeRootLocalDevice) &&
2821 (SxsPathType != RtlPathTypeUncAbsolute))
2822 {
2823 /* Relative-type path, get the full path */
2824 RtlInitEmptyUnicodeString(&PathBufferString, NULL, 0);
2825 Status = RtlGetFullPathName_UstrEx(&SxsWin32ExePath,
2826 NULL,
2827 &PathBufferString,
2828 NULL,
2829 NULL,
2830 NULL,
2831 &SxsPathType,
2832 NULL);
2833 if (!NT_SUCCESS(Status))
2834 {
2835 /* Fail the rest of the create */
2836 RtlReleaseRelativeName(&SxsWin32RelativePath);
2838 Result = FALSE;
2839 goto Quickie;
2840 }
2841
2842 /* Use this full path as the SxS path */
2843 SxsWin32ExePath = PathBufferString;
2844 PathBuffer = PathBufferString.Buffer;
2845 PathBufferString.Buffer = NULL;
2846 DPRINT("SxS Path: %S\n", PathBuffer);
2847 }
2848
2849 /* Also set the .EXE path based on the path name */
2850#if _SXS_SUPPORT_ENABLED_
2851 SxsNtExePath = PathName;
2852#endif
2853 if (SxsWin32RelativePath.RelativeName.Length)
2854 {
2855 /* If it's relative, capture the relative name */
2856 PathName = SxsWin32RelativePath.RelativeName;
2857 }
2858 else
2859 {
2860 /* Otherwise, it's absolute, make sure no relative dir is used */
2861 SxsWin32RelativePath.ContainingDirectory = NULL;
2862 }
2863
2864 /* Now use the path name, and the root path, to try opening the app */
2865 DPRINT("Path: %wZ. Dir: %p\n", &PathName, SxsWin32RelativePath.ContainingDirectory);
2866 InitializeObjectAttributes(&LocalObjectAttributes,
2867 &PathName,
2869 SxsWin32RelativePath.ContainingDirectory,
2870 NULL);
2872 SYNCHRONIZE |
2876 &LocalObjectAttributes,
2881 if (!NT_SUCCESS(Status))
2882 {
2883 /* Try to open the app just for execute purposes instead */
2886 &LocalObjectAttributes,
2891 }
2892
2893 /* Failure path, display which file failed to open */
2894 if (!NT_SUCCESS(Status))
2895 DPRINT1("Open file failed: %lx (%wZ)\n", Status, &PathName);
2896
2897 /* Cleanup in preparation for failure or success */
2898 RtlReleaseRelativeName(&SxsWin32RelativePath);
2899
2900 if (!NT_SUCCESS(Status))
2901 {
2902 /* Failure path, try to understand why */
2903 if (RtlIsDosDeviceName_U(lpApplicationName))
2904 {
2905 /* If a device is being executed, return this special error code */
2907 Result = FALSE;
2908 goto Quickie;
2909 }
2910 else
2911 {
2912 /* Otherwise return the converted NT error code */
2914 Result = FALSE;
2915 goto Quickie;
2916 }
2917 }
2918
2919 /* Did the caller specify a desktop? */
2920 if (!StartupInfo.lpDesktop)
2921 {
2922 /* Use the one from the current process */
2924 }
2925
2926 /* Create a section for this file */
2927 Status = NtCreateSection(&SectionHandle,
2929 NULL,
2930 NULL,
2932 SEC_IMAGE,
2933 FileHandle);
2934 DPRINT("Section status: %lx\n", Status);
2935 if (NT_SUCCESS(Status))
2936 {
2937 /* Are we running on Windows Embedded, Datacenter, Blade or Starter? */
2938 if (SharedUserData->SuiteMask & (VER_SUITE_EMBEDDEDNT |
2942 {
2943 /* These SKUs do not allow running certain applications */
2946 {
2947 /* And this is one of them! */
2948 DPRINT1("Invalid Blade hashes!\n");
2950 Result = FALSE;
2951 goto Quickie;
2952 }
2953
2954 /* Did we get some other failure? */
2955 if (!NT_SUCCESS(Status))
2956 {
2957 /* If we couldn't check the hashes, assume nefariousness */
2958 DPRINT1("Tampered Blade hashes!\n");
2960 Result = FALSE;
2961 goto Quickie;
2962 }
2963 }
2964
2965 /* Now do Winsafer, etc, checks */
2966 Status = BasepIsProcessAllowed((LPWSTR)lpApplicationName);
2967 if (!NT_SUCCESS(Status))
2968 {
2969 /* Fail if we're not allowed to launch the process */
2970 DPRINT1("Process not allowed to launch: %lx\n", Status);
2972 if (SectionHandle)
2973 {
2974 NtClose(SectionHandle);
2975 SectionHandle = NULL;
2976 }
2977 Result = FALSE;
2978 goto Quickie;
2979 }
2980
2981 /* Is a DOS VDM being forced, but we already have a WOW32 instance ready? */
2982 if ((dwCreationFlags & CREATE_FORCEDOS) &&
2984 {
2985 /* This request can't be satisfied, instead, a separate VDM is needed */
2986 dwCreationFlags &= ~(CREATE_FORCEDOS | CREATE_SHARED_WOW_VDM);
2987 dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
2988
2989 /* Set a failure code, ask for VDM reservation */
2991 UseVdmReserve = TRUE;
2992
2993 /* Close the current handle */
2994 NtClose(SectionHandle);
2995 SectionHandle = NULL;
2996
2997 /* Don't query the section later */
2998 QuerySection = FALSE;
2999 }
3000 }
3001
3002 /* Did we already do these checks? */
3003 if (!SkipSaferAndAppCompat)
3004 {
3005 /* Is everything OK so far, OR do we have an non-MZ, non-DOS app? */
3006 if ((NT_SUCCESS(Status)) ||
3008 !(BaseIsDosApplication(&PathName, Status))))
3009 {
3010 /* Clear the machine type in case of failure */
3011 ImageMachine = 0;
3012
3013 /* Clean any app compat data that may have accumulated */
3014 BasepFreeAppCompatData(AppCompatData, AppCompatSxsData);
3015 AppCompatData = NULL;
3016 AppCompatSxsData = NULL;
3017
3018 /* Do we have a section? */
3019 if (SectionHandle)
3020 {
3021 /* Have we already queried it? */
3022 if (QuerySection)
3023 {
3024 /* Nothing to do */
3025 AppCompatStatus = STATUS_SUCCESS;
3026 }
3027 else
3028 {
3029 /* Get some information about the executable */
3030 AppCompatStatus = NtQuerySection(SectionHandle,
3032 &ImageInformation,
3033 sizeof(ImageInformation),
3034 NULL);
3035 }
3036
3037 /* Do we have section information now? */
3038 if (NT_SUCCESS(AppCompatStatus))
3039 {
3040 /* Don't ask for it again, save the machine type */
3041 QuerySection = TRUE;
3042 ImageMachine = ImageInformation.Machine;
3043 }
3044 }
3045
3046 /* Is there a reason/Shim we shouldn't run this application? */
3047 AppCompatStatus = BasepCheckBadapp(FileHandle,
3048 FreeBuffer,
3049 lpEnvironment,
3050 ImageMachine,
3051 &AppCompatData,
3052 &AppCompatDataSize,
3053 &AppCompatSxsData,
3054 &AppCompatSxsDataSize,
3055 &FusionFlags);
3056 if (!NT_SUCCESS(AppCompatStatus))
3057 {
3058 /* This is usually the status we get back */
3059 DPRINT1("App compat launch failure: %lx\n", AppCompatStatus);
3060 if (AppCompatStatus == STATUS_ACCESS_DENIED)
3061 {
3062 /* Convert it to something more Win32-specific */
3064 }
3065 else
3066 {
3067 /* Some other error */
3068 BaseSetLastNTError(AppCompatStatus);
3069 }
3070
3071 /* Did we have a section? */
3072 if (SectionHandle)
3073 {
3074 /* Clean it up */
3075 NtClose(SectionHandle);
3076 SectionHandle = NULL;
3077 }
3078
3079 /* Fail the call */
3080 Result = FALSE;
3081 goto Quickie;
3082 }
3083 }
3084 }
3085
3086 //ASSERT((dwFusionFlags & ~SXS_APPCOMPACT_FLAG_APP_RUNNING_SAFEMODE) == 0);
3087
3088 /* Have we already done, and do we need to do, SRP (WinSafer) checks? */
3089 if (!(SkipSaferAndAppCompat) &&
3090 ~(dwCreationFlags & CREATE_PRESERVE_CODE_AUTHZ_LEVEL))
3091 {
3092 /* Assume yes */
3093 SaferNeeded = TRUE;
3094 switch (Status)
3095 {
3100 /* For all DOS, 16-bit, OS/2 images, we do*/
3101 break;
3102
3104 /* For invalid files, we don't, unless it's a .BAT file */
3105 if (BaseIsDosApplication(&PathName, Status)) break;
3106
3107 default:
3108 /* Any other error codes we also don't */
3109 if (!NT_SUCCESS(Status))
3110 {
3111 SaferNeeded = FALSE;
3112 }
3113
3114 /* But for success, we do */
3115 break;
3116 }
3117
3118 /* Okay, so what did the checks above result in? */
3119 if (SaferNeeded)
3120 {
3121 /* We have to call into the WinSafer library and actually check */
3123 (LPWSTR)lpApplicationName,
3124 FileHandle,
3125 &InJob,
3126 &TokenHandle,
3127 &JobHandle);
3128 if (SaferStatus == 0xFFFFFFFF)
3129 {
3130 /* Back in 2003, they didn't have an NTSTATUS for this... */
3131 DPRINT1("WinSafer blocking process launch\n");
3133 Result = FALSE;
3134 goto Quickie;
3135 }
3136
3137 /* Other status codes are not-Safer related, just convert them */
3138 if (!NT_SUCCESS(SaferStatus))
3139 {
3140 DPRINT1("Error checking WinSafer: %lx\n", SaferStatus);
3141 BaseSetLastNTError(SaferStatus);
3142 Result = FALSE;
3143 goto Quickie;
3144 }
3145 }
3146 }
3147
3148 /* The last step is to figure out why the section object was not created */
3149 switch (Status)
3150 {
3152 {
3153 /* 16-bit binary. Should we use WOW or does the caller force VDM? */
3154 if (!(dwCreationFlags & CREATE_FORCEDOS))
3155 {
3156 /* Remember that we're launching WOW */
3157 IsWowApp = TRUE;
3158
3159 /* Create the VDM environment, it's valid for WOW too */
3160 Result = BaseCreateVDMEnvironment(lpEnvironment,
3161 &VdmAnsiEnv,
3162 &VdmUnicodeEnv);
3163 if (!Result)
3164 {
3165 DPRINT1("VDM environment for WOW app failed\n");
3166 goto Quickie;
3167 }
3168
3169 /* We're going to try this twice, so do a loop */
3170 while (TRUE)
3171 {
3172 /* Pick which kind of WOW mode we want to run in */
3173 VdmBinaryType = (dwCreationFlags &
3176
3177 /* Get all the VDM settings and current status */
3178 Status = BaseCheckVDM(VdmBinaryType,
3179 lpApplicationName,
3180 lpCommandLine,
3181 lpCurrentDirectory,
3182 &VdmAnsiEnv,
3183 &CsrMsg[1],
3184 &VdmTask,
3185 dwCreationFlags,
3186 &StartupInfo,
3187 hUserToken);
3188
3189 /* If it worked, no need to try again */
3190 if (NT_SUCCESS(Status)) break;
3191
3192 /* Check if it's disallowed or if it's our second time */
3194 if ((Status == STATUS_VDM_DISALLOWED) ||
3195 (VdmBinaryType == BINARY_TYPE_SEPARATE_WOW) ||
3197 {
3198 /* Fail the call -- we won't try again */
3199 DPRINT1("VDM message failure for WOW: %lx\n", Status);
3200 Result = FALSE;
3201 goto Quickie;
3202 }
3203
3204 /* Try one more time, but with a separate WOW instance */
3205 dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
3206 }
3207
3208 /* Check which VDM state we're currently in */
3209 switch (CheckVdmMsg->VDMState & (VDM_NOT_LOADED |
3211 VDM_READY))
3212 {
3213 case VDM_NOT_LOADED:
3214 /* VDM is not fully loaded, so not that much to undo */
3215 VdmUndoLevel = VDM_UNDO_PARTIAL;
3216
3217 /* Reset VDM reserve if needed */
3218 if (UseVdmReserve) VdmReserve = 1;
3219
3220 /* Get the required parameters and names for launch */
3221 Result = BaseGetVdmConfigInfo(lpCommandLine,
3222 VdmTask,
3223 VdmBinaryType,
3224 &VdmString,
3225 &VdmReserve);
3226 if (!Result)
3227 {
3228 DPRINT1("VDM Configuration failed for WOW\n");
3230 goto Quickie;
3231 }
3232
3233 /* Update the command-line with the VDM one instead */
3234 lpCommandLine = VdmString.Buffer;
3235 lpApplicationName = NULL;
3236
3237 /* We don't want a console, detachment, nor a window */
3238 dwCreationFlags |= CREATE_NO_WINDOW;
3239 dwCreationFlags &= ~(CREATE_NEW_CONSOLE | DETACHED_PROCESS);
3240
3241 /* Force feedback on */
3242 StartupInfo.dwFlags |= STARTF_FORCEONFEEDBACK;
3243 break;
3244
3245
3246 case VDM_READY:
3247 /* VDM is ready, so we have to undo everything */
3248 VdmUndoLevel = VDM_UNDO_REUSE;
3249
3250 /* Check if CSRSS wants us to wait on VDM */
3251 VdmWaitObject = CheckVdmMsg->WaitObjectForParent;
3252 break;
3253
3254 case VDM_NOT_READY:
3255 /* Something is wrong with VDM, we'll fail the call */
3256 DPRINT1("VDM is not ready for WOW\n");
3258 Result = FALSE;
3259 goto Quickie;
3260
3261 default:
3262 break;
3263 }
3264
3265 /* Since to get NULL, we allocate from 0x1, account for this */
3266 VdmReserve--;
3267
3268 /* This implies VDM is ready, so skip everything else */
3269 if (VdmWaitObject) goto VdmShortCircuit;
3270
3271 /* Don't inherit handles since we're doing VDM now */
3272 bInheritHandles = FALSE;
3273
3274 /* Had the user passed in environment? If so, destroy it */
3275 if ((lpEnvironment) &&
3276 !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT))
3277 {
3278 RtlDestroyEnvironment(lpEnvironment);
3279 }
3280
3281 /* We've already done all these checks, don't do them again */
3282 SkipSaferAndAppCompat = TRUE;
3283 goto AppNameRetry;
3284 }
3285
3286 // There is no break here on purpose, so FORCEDOS drops down!
3287 }
3288
3292 {
3293 /* We're launching an executable application */
3294 BinarySubType = BINARY_TYPE_EXE;
3295
3296 /* We can drop here from other "cases" above too, so check */
3299 (BinarySubType = BaseIsDosApplication(&PathName, Status)))
3300 {
3301 /* We're launching a DOS application */
3302 VdmBinaryType = BINARY_TYPE_DOS;
3303
3304 /* Based on the caller environment, create a VDM one */
3305 Result = BaseCreateVDMEnvironment(lpEnvironment,
3306 &VdmAnsiEnv,
3307 &VdmUnicodeEnv);
3308 if (!Result)
3309 {
3310 DPRINT1("VDM environment for DOS failed\n");
3311 goto Quickie;
3312 }
3313
3314 /* Check the current state of the VDM subsystem */
3315 Status = BaseCheckVDM(VdmBinaryType | BinarySubType,
3316 lpApplicationName,
3317 lpCommandLine,
3318 lpCurrentDirectory,
3319 &VdmAnsiEnv,
3320 &CsrMsg[1],
3321 &VdmTask,
3322 dwCreationFlags,
3323 &StartupInfo,
3324 NULL);
3325 if (!NT_SUCCESS(Status))
3326 {
3327 /* Failed to inquire about VDM, fail the call */
3328 DPRINT1("VDM message failure for DOS: %lx\n", Status);
3330 Result = FALSE;
3331 goto Quickie;
3332 };
3333
3334 /* Handle possible VDM states */
3335 switch (CheckVdmMsg->VDMState & (VDM_NOT_LOADED |
3337 VDM_READY))
3338 {
3339 case VDM_NOT_LOADED:
3340 /* If VDM is not loaded, we'll do a partial undo */
3341 VdmUndoLevel = VDM_UNDO_PARTIAL;
3342
3343 /* A VDM process can't also be detached, so fail */
3344 if (dwCreationFlags & DETACHED_PROCESS)
3345 {
3346 DPRINT1("Detached process but no VDM, not allowed\n");
3348 return FALSE;
3349 }
3350
3351 /* Get the required parameters and names for launch */
3352 Result = BaseGetVdmConfigInfo(lpCommandLine,
3353 VdmTask,
3354 VdmBinaryType,
3355 &VdmString,
3356 &VdmReserve);
3357 if (!Result)
3358 {
3359 DPRINT1("VDM Configuration failed for DOS\n");
3361 goto Quickie;
3362 }
3363
3364 /* Update the command-line to launch VDM instead */
3365 lpCommandLine = VdmString.Buffer;
3366 lpApplicationName = NULL;
3367 break;
3368
3369 case VDM_READY:
3370 /* VDM is ready, so we have to undo everything */
3371 VdmUndoLevel = VDM_UNDO_REUSE;
3372
3373 /* Check if CSRSS wants us to wait on VDM */
3374 VdmWaitObject = CheckVdmMsg->WaitObjectForParent;
3375 break;
3376
3377 case VDM_NOT_READY:
3378 /* Something is wrong with VDM, we'll fail the call */
3379 DPRINT1("VDM is not ready for DOS\n");
3381 Result = FALSE;
3382 goto Quickie;
3383
3384 default:
3385 break;
3386 }
3387
3388 /* Since to get NULL, we allocate from 0x1, account for this */
3389 VdmReserve--;
3390
3391 /* This implies VDM is ready, so skip everything else */
3392 if (VdmWaitObject) goto VdmShortCircuit;
3393
3394 /* Don't inherit handles since we're doing VDM now */
3395 bInheritHandles = FALSE;
3396
3397 /* Had the user passed in environment? If so, destroy it */
3398 if ((lpEnvironment) &&
3399 !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT))
3400 {
3401 RtlDestroyEnvironment(lpEnvironment);
3402 }
3403
3404 /* Use our VDM Unicode environment instead */
3405 lpEnvironment = VdmUnicodeEnv.Buffer;
3406 }
3407 else
3408 {
3409 /* It's a batch file, get the extension */
3410 ExtBuffer = &PathName.Buffer[PathName.Length / sizeof(WCHAR) - 4];
3411
3412 /* Make sure the extensions are correct */
3413 if ((PathName.Length < (4 * sizeof(WCHAR))) ||
3414 ((_wcsnicmp(ExtBuffer, L".bat", 4)) &&
3415 (_wcsnicmp(ExtBuffer, L".cmd", 4))))
3416 {
3417 DPRINT1("'%wZ': Invalid EXE, and not a batch or script file\n", &PathName);
3419 Result = FALSE;
3420 goto Quickie;
3421 }
3422
3423 /* Check if we need to account for quotes around the path */
3424 CmdQuoteLength = CmdLineIsAppName || HasQuotes;
3425 if (!CmdLineIsAppName)
3426 {
3427 if (HasQuotes) CmdQuoteLength++;
3428 }
3429 else
3430 {
3431 CmdQuoteLength++;
3432 }
3433
3434 /* Calculate the length of the command line */
3435 CmdLineLength = wcslen(lpCommandLine);
3436 CmdLineLength += wcslen(CMD_STRING);
3437 CmdLineLength += CmdQuoteLength + sizeof(ANSI_NULL);
3438 CmdLineLength *= sizeof(WCHAR);
3439
3440 /* Allocate space for the new command line */
3441 AnsiCmdCommand = RtlAllocateHeap(RtlGetProcessHeap(),
3442 0,
3443 CmdLineLength);
3444 if (!AnsiCmdCommand)
3445 {
3447 Result = FALSE;
3448 goto Quickie;
3449 }
3450
3451 /* Build it */
3452 wcscpy(AnsiCmdCommand, CMD_STRING);
3453 if ((CmdLineIsAppName) || (HasQuotes))
3454 {
3455 wcscat(AnsiCmdCommand, L"\"");
3456 }
3457 wcscat(AnsiCmdCommand, lpCommandLine);
3458 if ((CmdLineIsAppName) || (HasQuotes))
3459 {
3460 wcscat(AnsiCmdCommand, L"\"");
3461 }
3462
3463 /* Create it as a Unicode String */
3464 RtlInitUnicodeString(&DebuggerString, AnsiCmdCommand);
3465
3466 /* Set the command line to this */
3467 lpCommandLine = DebuggerString.Buffer;
3468 lpApplicationName = NULL;
3469 DPRINT1("Retrying with: %S\n", lpCommandLine);
3470 }
3471
3472 /* We've already done all these checks, don't do them again */
3473 SkipSaferAndAppCompat = TRUE;
3474 goto AppNameRetry;
3475 }
3476
3478 {
3479 /* 64-bit binaries are not allowed to run on 32-bit ReactOS */
3480 DPRINT1("64-bit binary, failing\n");
3482 Result = FALSE;
3483 goto Quickie;
3484 }
3485
3487 {
3488 /* Set the correct last error for this */
3489 DPRINT1("File is offline, failing\n");
3491 break;
3492 }
3493
3494 default:
3495 {
3496 /* Any other error, convert it to a generic Win32 error */
3497 if (!NT_SUCCESS(Status))
3498 {
3499 DPRINT1("Failed to create section: %lx\n", Status);
3501 Result = FALSE;
3502 goto Quickie;
3503 }
3504
3505 /* Otherwise, this must be success */
3507 break;
3508 }
3509 }
3510
3511 /* Is this not a WOW application, but a WOW32 VDM was requested for it? */
3512 if (!(IsWowApp) && (dwCreationFlags & CREATE_SEPARATE_WOW_VDM))
3513 {
3514 /* Ignore the nonsensical request */
3515 dwCreationFlags &= ~CREATE_SEPARATE_WOW_VDM;
3516 }
3517
3518 /* Did we already check information for the section? */
3519 if (!QuerySection)
3520 {
3521 /* Get some information about the executable */
3522 Status = NtQuerySection(SectionHandle,
3524 &ImageInformation,
3525 sizeof(ImageInformation),
3526 NULL);
3527 if (!NT_SUCCESS(Status))
3528 {
3529 /* We failed, bail out */
3530 DPRINT1("Section query failed\n");
3532 Result = FALSE;
3533 goto Quickie;
3534 }
3535
3536 /* Don't check this later */
3537 QuerySection = TRUE;
3538 }
3539
3540 /* Check if this was linked as a DLL */
3541 if (ImageInformation.ImageCharacteristics & IMAGE_FILE_DLL)
3542 {
3543 /* These aren't valid images to try to execute! */
3544 DPRINT1("Trying to launch a DLL, failing\n");
3546 Result = FALSE;
3547 goto Quickie;
3548 }
3549
3550 /* Don't let callers pass in this flag -- we'll only get it from IFEO */
3551 Flags &= ~PROCESS_CREATE_FLAGS_LARGE_PAGES;
3552
3553 /* Clear the IFEO-missing flag, before we know for sure... */
3554 ParameterFlags &= ~2;
3555
3556 /* If the process is being debugged, only read IFEO if the PEB says so */
3557 if (!(dwCreationFlags & (DEBUG_PROCESS | DEBUG_ONLY_THIS_PROCESS)) ||
3559 {
3560 /* Let's do this! Attempt to open IFEO */
3561 IFEOStatus = LdrOpenImageFileOptionsKey(&PathName, 0, &KeyHandle);
3562 if (!NT_SUCCESS(IFEOStatus))
3563 {
3564 /* We failed, set the flag so we store this in the parameters */
3565 if (IFEOStatus == STATUS_OBJECT_NAME_NOT_FOUND) ParameterFlags |= 2;
3566 }
3567 else
3568 {
3569 /* Was this our first time going through this path? */
3570 if (!DebuggerCmdLine)
3571 {
3572 /* Allocate a buffer for the debugger path */
3573 DebuggerCmdLine = RtlAllocateHeap(RtlGetProcessHeap(),
3574 0,
3575 MAX_PATH * sizeof(WCHAR));
3576 if (!DebuggerCmdLine)
3577 {
3578 /* Close IFEO on failure */
3579 IFEOStatus = NtClose(KeyHandle);
3580 ASSERT(NT_SUCCESS(IFEOStatus));
3581
3582 /* Fail the call */
3584 Result = FALSE;
3585 goto Quickie;
3586 }
3587 }
3588
3589 /* Now query for the debugger */
3591 L"Debugger",
3592 REG_SZ,
3593 DebuggerCmdLine,
3594 MAX_PATH * sizeof(WCHAR),
3595 &ResultSize);
3596 if (!(NT_SUCCESS(IFEOStatus)) ||
3597 (ResultSize < sizeof(WCHAR)) ||
3598 (DebuggerCmdLine[0] == UNICODE_NULL))
3599 {
3600 /* If it's not there, or too small, or invalid, ignore it */
3601 RtlFreeHeap(RtlGetProcessHeap(), 0, DebuggerCmdLine);
3602 DebuggerCmdLine = NULL;
3603 }
3604
3605 /* Also query if we should map with large pages */
3607 L"UseLargePages",
3608 REG_DWORD,
3609 &UseLargePages,
3610 sizeof(UseLargePages),
3611 NULL);
3612 if ((NT_SUCCESS(IFEOStatus)) && (UseLargePages))
3613 {
3614 /* Do it! This is the only way this flag can be set */
3616 }
3617
3618 /* We're done with IFEO, can close it now */
3619 IFEOStatus = NtClose(KeyHandle);
3620 ASSERT(NT_SUCCESS(IFEOStatus));
3621 }
3622 }
3623
3624 /* Make sure the image was compiled for this processor */
3625 if ((ImageInformation.Machine < SharedUserData->ImageNumberLow) ||
3626 (ImageInformation.Machine > SharedUserData->ImageNumberHigh))
3627 {
3628 /* It was not -- raise a hard error */
3629 ErrorResponse = ResponseOk;
3630 ErrorParameters[0] = (ULONG_PTR)&PathName;
3632 1,
3633 1,
3634 ErrorParameters,
3635 OptionOk,
3636 &ErrorResponse);
3638 {
3639 /* If it's really old, return this error */
3641 }
3642 else
3643 {
3644 /* Otherwise, return a more modern error */
3646 }
3647
3648 /* Go to the failure path */
3649 DPRINT1("Invalid image architecture: %lx\n", ImageInformation.Machine);
3650 Result = FALSE;
3651 goto Quickie;
3652 }
3653
3654 /* Check if this isn't a Windows image */
3655 if ((ImageInformation.SubSystemType != IMAGE_SUBSYSTEM_WINDOWS_GUI) &&
3656 (ImageInformation.SubSystemType != IMAGE_SUBSYSTEM_WINDOWS_CUI))
3657 {
3658 /* Get rid of section-related information since we'll retry */
3659 NtClose(SectionHandle);
3660 SectionHandle = NULL;
3661 QuerySection = FALSE;
3662
3663 /* The only other non-Windows image type we support here is POSIX */
3664 if (ImageInformation.SubSystemType != IMAGE_SUBSYSTEM_POSIX_CUI)
3665 {
3666 /* Bail out if it's something else */
3668 Result = FALSE;
3669 goto Quickie;
3670 }
3671
3672 /* Now build the command-line to have posix launch this image */
3673 Result = BuildSubSysCommandLine(L"POSIX /P ",
3674 lpApplicationName,
3675 lpCommandLine,
3676 &DebuggerString);
3677 if (!Result)
3678 {
3679 /* Bail out if that failed */
3680 DPRINT1("Subsystem command line failed\n");
3681 goto Quickie;
3682 }
3683
3684 /* And re-try launching the process, with the new command-line now */
3685 lpCommandLine = DebuggerString.Buffer;
3686 lpApplicationName = NULL;
3687
3688 /* We've already done all these checks, don't do them again */
3689 SkipSaferAndAppCompat = TRUE;
3690 DPRINT1("Retrying with: %S\n", lpCommandLine);
3691 goto AppNameRetry;
3692 }
3693
3694 /* Was this image built for a version of Windows whose images we can run? */
3696 ImageInformation.SubSystemMinorVersion);
3697 if (!Result)
3698 {
3699 /* It was not, bail out */
3700 DPRINT1("Invalid subsystem version: %hu.%hu\n",
3701 ImageInformation.SubSystemMajorVersion,
3702 ImageInformation.SubSystemMinorVersion);
3704 goto Quickie;
3705 }
3706
3707 /* Check if there is a debugger associated with the application */
3708 if (DebuggerCmdLine)
3709 {
3710 /* Get the length of the command line */
3711 n = wcslen(lpCommandLine);
3712 if (!n)
3713 {
3714 /* There's no command line, use the application name instead */
3715 lpCommandLine = (LPWSTR)lpApplicationName;
3716 n = wcslen(lpCommandLine);
3717 }
3718
3719 /* Protect against overflow */
3721 {
3723 Result = FALSE;
3724 goto Quickie;
3725 }
3726
3727 /* Now add the length of the debugger command-line */
3728 n += wcslen(DebuggerCmdLine);
3729
3730 /* Again make sure we don't overflow */
3732 {
3734 Result = FALSE;
3735 goto Quickie;
3736 }
3737
3738 /* Account for the quotes and space between the two */
3739 n += sizeof("\" \"") - sizeof(ANSI_NULL);
3740
3741 /* Convert to bytes, and make sure we don't overflow */
3742 n *= sizeof(WCHAR);
3744 {
3746 Result = FALSE;
3747 goto Quickie;
3748 }
3749
3750 /* Allocate space for the string */
3751 DebuggerString.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), 0, n);
3752 if (!DebuggerString.Buffer)
3753 {
3755 Result = FALSE;
3756 goto Quickie;
3757 }
3758
3759 /* Set the length */
3760 RtlInitEmptyUnicodeString(&DebuggerString,
3761 DebuggerString.Buffer,
3762 (USHORT)n);
3763
3764 /* Now perform the command line creation */
3765 ImageDbgStatus = RtlAppendUnicodeToString(&DebuggerString,
3766 DebuggerCmdLine);
3767 ASSERT(NT_SUCCESS(ImageDbgStatus));
3768 ImageDbgStatus = RtlAppendUnicodeToString(&DebuggerString, L" ");
3769 ASSERT(NT_SUCCESS(ImageDbgStatus));
3770 ImageDbgStatus = RtlAppendUnicodeToString(&DebuggerString, lpCommandLine);
3771 ASSERT(NT_SUCCESS(ImageDbgStatus));
3772
3773 /* Make sure it all looks nice */
3774 DbgPrint("BASE: Calling debugger with '%wZ'\n", &DebuggerString);
3775
3776 /* Update the command line and application name */
3777 lpCommandLine = DebuggerString.Buffer;
3778 lpApplicationName = NULL;
3779
3780 /* Close all temporary state */
3781 NtClose(SectionHandle);
3782 SectionHandle = NULL;
3783 QuerySection = FALSE;
3784
3785 /* Free all temporary memory */
3786 RtlFreeHeap(RtlGetProcessHeap(), 0, NameBuffer);
3787 NameBuffer = NULL;
3788 RtlFreeHeap(RtlGetProcessHeap(), 0, FreeBuffer);
3789 FreeBuffer = NULL;
3790 RtlFreeHeap(RtlGetProcessHeap(), 0, DebuggerCmdLine);
3791 DebuggerCmdLine = NULL;
3792 DPRINT1("Retrying with: %S\n", lpCommandLine);
3793 goto AppNameRetry;
3794 }
3795
3796 /* Initialize the process object attributes */
3797 ObjectAttributes = BaseFormatObjectAttributes(&LocalObjectAttributes,
3798 lpProcessAttributes,
3799 NULL);
3800 if ((hUserToken) && (lpProcessAttributes))
3801 {
3802 /* Augment them with information from the user */
3803
3804 LocalProcessAttributes = *lpProcessAttributes;
3805 LocalProcessAttributes.lpSecurityDescriptor = NULL;
3806 ObjectAttributes = BaseFormatObjectAttributes(&LocalObjectAttributes,
3807 &LocalProcessAttributes,
3808 NULL);
3809 }
3810
3811 /* Check if we're going to be debugged */
3812 if (dwCreationFlags & DEBUG_PROCESS)
3813 {
3814 /* Set process flag */
3816 }
3817
3818 /* Check if we're going to be debugged */
3819 if (dwCreationFlags & (DEBUG_PROCESS | DEBUG_ONLY_THIS_PROCESS))
3820 {
3821 /* Connect to DbgUi */
3823 if (!NT_SUCCESS(Status))
3824 {
3825 DPRINT1("Failed to connect to DbgUI!\n");
3827 Result = FALSE;
3828 goto Quickie;
3829 }
3830
3831 /* Get the debug object */
3832 DebugHandle = DbgUiGetThreadDebugObject();
3833
3834 /* Check if only this process will be debugged */
3835 if (dwCreationFlags & DEBUG_ONLY_THIS_PROCESS)
3836 {
3837 /* Set process flag */
3839 }
3840 }
3841
3842 /* Set inherit flag */
3843 if (bInheritHandles) Flags |= PROCESS_CREATE_FLAGS_INHERIT_HANDLES;
3844
3845 /* Check if the process should be created with large pages */
3846 HavePrivilege = FALSE;
3847 PrivilegeState = NULL;
3849 {
3850 /* Acquire the required privilege so that the kernel won't fail the call */
3851 PrivilegeValue = SE_LOCK_MEMORY_PRIVILEGE;
3852 Status = RtlAcquirePrivilege(&PrivilegeValue, 1, 0, &PrivilegeState);
3853 if (NT_SUCCESS(Status))
3854 {
3855 /* Remember to release it later */
3856 HavePrivilege = TRUE;
3857 }
3858 }
3859
3860 /* Save the current TIB value since kernel overwrites it to store PEB */
3861 TibValue = Teb->NtTib.ArbitraryUserPointer;
3862
3863 /* Tell the kernel to create the process */
3868 Flags,
3869 SectionHandle,
3870 DebugHandle,
3871 NULL,
3872 InJob);
3873
3874 /* Load the PEB address from the hacky location where the kernel stores it */
3875 RemotePeb = Teb->NtTib.ArbitraryUserPointer;
3876
3877 /* And restore the old TIB value */
3878 Teb->NtTib.ArbitraryUserPointer = TibValue;
3879
3880 /* Release the large page privilege if we had acquired it */
3881 if (HavePrivilege) RtlReleasePrivilege(PrivilegeState);
3882
3883 /* And now check if the kernel failed to create the process */
3884 if (!NT_SUCCESS(Status))
3885 {
3886 /* Go to failure path */
3887 DPRINT1("Failed to create process: %lx\n", Status);
3889 Result = FALSE;
3890 goto Quickie;
3891 }
3892
3893 /* Check if there is a priority class to set */
3894 if (PriorityClass.PriorityClass)
3895 {
3896 /* Reset current privilege state */
3897 RealTimePrivilegeState = NULL;
3898
3899 /* Is realtime priority being requested? */
3901 {
3902 /* Check if the caller has real-time access, and enable it if so */
3903 RealTimePrivilegeState = BasepIsRealtimeAllowed(TRUE);
3904 }
3905
3906 /* Set the new priority class and release the privilege */
3909 &PriorityClass,
3910 sizeof(PROCESS_PRIORITY_CLASS));
3911 if (RealTimePrivilegeState) RtlReleasePrivilege(RealTimePrivilegeState);
3912
3913 /* Check if we failed to set the priority class */
3914 if (!NT_SUCCESS(Status))
3915 {
3916 /* Bail out on failure */
3917 DPRINT1("Failed to set priority class: %lx\n", Status);
3919 Result = FALSE;
3920 goto Quickie;
3921 }
3922 }
3923
3924 /* Check if the caller wants the default error mode */
3925 if (dwCreationFlags & CREATE_DEFAULT_ERROR_MODE)
3926 {
3927 /* Set Error Mode to only fail on critical errors */
3928 HardErrorMode = SEM_FAILCRITICALERRORS;
3931 &HardErrorMode,
3932 sizeof(ULONG));
3933 }
3934
3935 /* Check if this was a VDM binary */
3936 if (VdmBinaryType)
3937 {
3938 /* Update VDM by telling it the process has now been created */
3939 VdmWaitObject = ProcessHandle;
3941 &VdmWaitObject,
3942 VdmTask,
3943 VdmBinaryType);
3944
3945 if (!Result)
3946 {
3947 /* Bail out on failure */
3948 DPRINT1("Failed to update VDM with wait object\n");
3949 VdmWaitObject = NULL;
3950 goto Quickie;
3951 }
3952
3953 /* At this point, a failure means VDM has to undo all the state */
3954 VdmUndoLevel |= VDM_UNDO_FULL;
3955 }
3956
3957 /* Check if VDM needed reserved low-memory */
3958 if (VdmReserve)
3959 {
3960 /* Reserve the requested allocation */
3961 RegionSize = VdmReserve;
3963 &BaseAddress,
3964 0,
3965 &RegionSize,
3968 if (!NT_SUCCESS(Status))
3969 {
3970 /* Bail out on failure */
3971 DPRINT1("Failed to reserve memory for VDM: %lx\n", Status);
3973 Result = FALSE;
3974 goto Quickie;
3975 }
3976
3977 VdmReserve = (ULONG)RegionSize;
3978 }
3979
3980 /* Check if we've already queried information on the section */
3981 if (!QuerySection)
3982 {
3983 /* We haven't, so get some information about the executable */
3984 Status = NtQuerySection(SectionHandle,
3986 &ImageInformation,
3987 sizeof(ImageInformation),
3988 NULL);
3989 if (!NT_SUCCESS(Status))
3990 {
3991 /* Bail out on failure */
3992 DPRINT1("Failed to query section: %lx\n", Status);
3994 Result = FALSE;
3995 goto Quickie;
3996 }
3997
3998 /* If we encounter a restart, don't re-query this information again */
3999 QuerySection = TRUE;
4000 }
4001
4002 /* Do we need to apply SxS to this image? (On x86 this flag is set by PeFmtCreateSection) */
4004 {
4005 /* Too bad, we don't support this yet */
4006 DPRINT("Image should receive SxS Fusion Isolation\n");
4007 }
4008
4009 /* There's some SxS flag that we need to set if fusion flags have 1 set */
4010 if (FusionFlags & 1) CreateProcessMsg->Sxs.Flags |= 0x10;
4011
4012 /* Check if we have a current directory */
4013 if (lpCurrentDirectory)
4014 {
4015 /* Allocate a buffer so we can keep a Unicode copy */
4016 DPRINT("Current directory: %S\n", lpCurrentDirectory);
4017 CurrentDirectory = RtlAllocateHeap(RtlGetProcessHeap(),
4018 0,
4019 (MAX_PATH * sizeof(WCHAR)) +
4020 sizeof(UNICODE_NULL));
4021 if (!CurrentDirectory)
4022 {
4023 /* Bail out if this failed */
4025 Result = FALSE;
4026 goto Quickie;
4027 }
4028
4029 /* Get the length in Unicode */
4030 Length = GetFullPathNameW(lpCurrentDirectory,
4031 MAX_PATH,
4033 &FilePart);
4034 if (Length > MAX_PATH)
4035 {
4036 /* The directory is too long, so bail out */
4038 Result = FALSE;
4039 goto Quickie;
4040 }
4041
4042 /* Make sure the directory is actually valid */
4043 FileAttribs = GetFileAttributesW(CurrentDirectory);
4044 if ((FileAttribs == INVALID_FILE_ATTRIBUTES) ||
4045 !(FileAttribs & FILE_ATTRIBUTE_DIRECTORY))
4046 {
4047 /* It isn't, so bail out */
4048 DPRINT1("Current directory is invalid\n");
4050 Result = FALSE;
4051 goto Quickie;
4052 }
4053 }
4054
4055 /* Insert quotes if needed */
4056 if ((QuotesNeeded) || (CmdLineIsAppName))
4057 {
4058 /* Allocate our buffer, plus enough space for quotes and a NULL */
4059 QuotedCmdLine = RtlAllocateHeap(RtlGetProcessHeap(),
4060 0,
4061 (wcslen(lpCommandLine) * sizeof(WCHAR)) +
4062 (2 * sizeof(L'\"') + sizeof(UNICODE_NULL)));
4063 if (QuotedCmdLine)
4064 {
4065 /* Copy the first quote */
4066 wcscpy(QuotedCmdLine, L"\"");
4067
4068 /* Save the current null-character */
4069 if (QuotesNeeded)
4070 {
4071 SaveChar = *NullBuffer;
4072 *NullBuffer = UNICODE_NULL;
4073 }
4074
4075 /* Copy the command line and the final quote */
4076 wcscat(QuotedCmdLine, lpCommandLine);
4077 wcscat(QuotedCmdLine, L"\"");
4078
4079 /* Copy the null-char back */
4080 if (QuotesNeeded)
4081 {
4082 *NullBuffer = SaveChar;
4083 wcscat(QuotedCmdLine, NullBuffer);
4084 }
4085 }
4086 else
4087 {
4088 /* We can't put quotes around the thing, so try it anyway */
4089 if (QuotesNeeded) QuotesNeeded = FALSE;
4090 if (CmdLineIsAppName) CmdLineIsAppName = FALSE;
4091 }
4092 }
4093
4094 /* Use isolation if needed */
4095 if (CreateProcessMsg->Sxs.Flags & 1) ParameterFlags |= 1;
4096
4097 /* Set the new command-line if needed */
4098 if ((QuotesNeeded) || (CmdLineIsAppName)) lpCommandLine = QuotedCmdLine;
4099
4100 /* Call the helper function in charge of RTL_USER_PROCESS_PARAMETERS */
4101 Result = BasePushProcessParameters(ParameterFlags,
4103 RemotePeb,
4104 lpApplicationName,
4106 lpCommandLine,
4107 lpEnvironment,
4108 &StartupInfo,
4109 dwCreationFlags | NoWindow,
4110 bInheritHandles,
4111 IsWowApp ? IMAGE_SUBSYSTEM_WINDOWS_GUI: 0,
4112 AppCompatData,
4113 AppCompatDataSize);
4114 if (!Result)
4115 {
4116 /* The remote process would have an undefined state, so fail the call */
4117 DPRINT1("BasePushProcessParameters failed\n");
4118 goto Quickie;
4119 }
4120
4121 /* Free the VDM command line string as it's no longer needed */
4122 RtlFreeUnicodeString(&VdmString);
4123 VdmString.Buffer = NULL;
4124
4125 /* Non-VDM console applications usually inherit handles unless specified */
4126 if (!(VdmBinaryType) &&
4127 !(bInheritHandles) &&
4128 !(StartupInfo.dwFlags & STARTF_USESTDHANDLES) &&
4129 !(dwCreationFlags & (CREATE_NO_WINDOW |
4131 DETACHED_PROCESS)) &&
4132 (ImageInformation.SubSystemType == IMAGE_SUBSYSTEM_WINDOWS_CUI))
4133 {
4134 /* Get the remote parameters */
4136 &RemotePeb->ProcessParameters,
4137 &ProcessParameters,
4139 NULL);
4140 if (NT_SUCCESS(Status))
4141 {
4142 /* Duplicate standard input unless it's a console handle */
4144 {
4147 &ProcessParameters->StandardInput);
4148 }
4149
4150 /* Duplicate standard output unless it's a console handle */
4152 {
4155 &ProcessParameters->StandardOutput);
4156 }
4157
4158 /* Duplicate standard error unless it's a console handle */
4160 {
4163 &ProcessParameters->StandardError);
4164 }
4165 }
4166 }
4167
4168 /* Create the Thread's Stack */
4169 StackSize = max(256 * 1024, ImageInformation.MaximumStackSize);
4171 ImageInformation.CommittedStackSize,
4172 StackSize,
4173 &InitialTeb);
4174 if (!NT_SUCCESS(Status))
4175 {
4176 DPRINT1("Creating the thread stack failed: %lx\n", Status);
4178 Result = FALSE;
4179 goto Quickie;
4180 }
4181
4182 /* Create the Thread's Context */
4184 RemotePeb,
4185 ImageInformation.TransferAddress,
4186 InitialTeb.StackBase,
4187 0);
4188
4189 /* Convert the thread attributes */
4190 ObjectAttributes = BaseFormatObjectAttributes(&LocalObjectAttributes,
4191 lpThreadAttributes,
4192 NULL);
4193 if ((hUserToken) && (lpThreadAttributes))
4194 {
4195 /* If the caller specified a user token, zero the security descriptor */
4196 LocalThreadAttributes = *lpThreadAttributes;
4197 LocalThreadAttributes.lpSecurityDescriptor = NULL;
4198 ObjectAttributes = BaseFormatObjectAttributes(&LocalObjectAttributes,
4199 &LocalThreadAttributes,
4200 NULL);
4201 }
4202
4203 /* Create the Kernel Thread Object */
4204 Status = NtCreateThread(&ThreadHandle,
4208 &ClientId,
4209 &Context,
4210 &InitialTeb,
4211 TRUE);
4212 if (!NT_SUCCESS(Status))
4213 {
4214 /* A process is not allowed to exist without a main thread, so fail */
4215 DPRINT1("Creating the main thread failed: %lx\n", Status);
4217 Result = FALSE;
4218 goto Quickie;
4219 }
4220
4221 /* Begin filling out the CSRSS message, first with our IDs and handles */
4222 CreateProcessMsg->ProcessHandle = ProcessHandle;
4223 CreateProcessMsg->ThreadHandle = ThreadHandle;
4224 CreateProcessMsg->ClientId = ClientId;
4225
4226 /* Write the remote PEB address and clear it locally, we no longer use it */
4227 CreateProcessMsg->PebAddressNative = RemotePeb;
4228#ifdef _WIN64
4229 DPRINT("TODO: WOW64 is not supported yet\n");
4230 CreateProcessMsg->PebAddressWow64 = 0;
4231#else
4232 CreateProcessMsg->PebAddressWow64 = (ULONG)RemotePeb;
4233#endif
4234 RemotePeb = NULL;
4235
4236 /* Now check what kind of architecture this image was made for */
4237 switch (ImageInformation.Machine)
4238 {
4239 /* IA32, IA64 and AMD64 are supported in Server 2003 */
4242 break;
4245 break;
4248 break;
4249
4250 /* Anything else results in image unknown -- but no failure */
4251 default:
4252 DbgPrint("kernel32: No mapping for ImageInformation.Machine == %04x\n",
4253 ImageInformation.Machine);
4255 break;
4256 }
4257
4258 /* Write the input creation flags except any debugger-related flags */
4259 CreateProcessMsg->CreationFlags = dwCreationFlags &
4261
4262 /* CSRSS needs to know if this is a GUI app or not */
4263 if ((ImageInformation.SubSystemType == IMAGE_SUBSYSTEM_WINDOWS_GUI) ||
4264 (IsWowApp))
4265 {
4266 /*
4267 * For GUI apps we turn on the 2nd bit. This allow CSRSS server dlls
4268 * (basesrv in particular) to know whether or not this is a GUI or a
4269 * TUI application.
4270 */
4271 AddToHandle(CreateProcessMsg->ProcessHandle, 2);
4272
4273 /* Also check if the parent is also a GUI process */
4275 if ((NtHeaders) &&
4277 {
4278 /* Let it know that it should display the hourglass mouse cursor */
4279 AddToHandle(CreateProcessMsg->ProcessHandle, 1);
4280 }
4281 }
4282
4283 /* For all apps, if this flag is on, the hourglass mouse cursor is shown.
4284 * Likewise, the opposite holds as well, and no-feedback has precedence. */
4285 if (StartupInfo.dwFlags & STARTF_FORCEONFEEDBACK)
4286 {
4287 AddToHandle(CreateProcessMsg->ProcessHandle, 1);
4288 }
4289 if (StartupInfo.dwFlags & STARTF_FORCEOFFFEEDBACK)
4290 {
4291 RemoveFromHandle(CreateProcessMsg->ProcessHandle, 1);
4292 }
4293
4294 /* Also store which kind of VDM app (if any) this is */
4295 CreateProcessMsg->VdmBinaryType = VdmBinaryType;
4296
4297 /* And if it really is a VDM app... */
4298 if (VdmBinaryType)
4299 {
4300 /* Store the VDM console handle (none if inherited or WOW app) and the task ID */
4301 CreateProcessMsg->hVDM = VdmTask ? NULL : Peb->ProcessParameters->ConsoleHandle;
4302 CreateProcessMsg->VdmTask = VdmTask;
4303 }
4304 else if (VdmReserve)
4305 {
4306 /* Extended VDM, set a flag */
4307 CreateProcessMsg->VdmBinaryType |= BINARY_TYPE_WOW_EX;
4308 }
4309
4310 /* Check if there's side-by-side assembly data associated with the process */
4311 if (CreateProcessMsg->Sxs.Flags)
4312 {
4313 /* This should not happen in ReactOS yet */
4314 DPRINT1("This is an SxS Message -- should not happen yet\n");
4317 Result = FALSE;
4318 goto Quickie;
4319 }
4320
4321 /* We are finally ready to call CSRSS to tell it about our new process! */
4323 CaptureBuffer,
4326 sizeof(*CreateProcessMsg));
4327
4328 /* CSRSS has returned, free the capture buffer now if we had one */
4329 if (CaptureBuffer)
4330 {
4331 CsrFreeCaptureBuffer(CaptureBuffer);
4332 CaptureBuffer = NULL;
4333 }
4334
4335 /* Check if CSRSS failed to accept ownership of the new Windows process */
4336 if (!NT_SUCCESS(CsrMsg[0].Status))
4337 {
4338 /* Terminate the process and enter failure path with the CSRSS status */
4339 DPRINT1("Failed to tell csrss about new process\n");
4340 BaseSetLastNTError(CsrMsg[0].Status);
4342 Result = FALSE;
4343 goto Quickie;
4344 }
4345
4346 /* Check if we have a token due to Authz/Safer, not passed by the user */
4347 if ((TokenHandle) && !(hUserToken))
4348 {
4349 /* Replace the process and/or thread token with the one from Safer */
4352 ThreadHandle);
4353 if (!NT_SUCCESS(Status))
4354 {
4355 /* If this failed, kill the process and enter the failure path */
4356 DPRINT1("Failed to update process token: %lx\n", Status);
4359 Result = FALSE;
4360 goto Quickie;
4361 }
4362 }
4363
4364 /* Check if a job was associated with this process */
4365 if (JobHandle)
4366 {
4367 /* Bind the process and job together now */
4369 if (!NT_SUCCESS(Status))
4370 {
4371 /* Kill the process and enter the failure path if binding failed */
4372 DPRINT1("Failed to assign process to job: %lx\n", Status);
4375 Result = FALSE;
4376 goto Quickie;
4377 }
4378 }
4379
4380 /* Finally, resume the thread to actually get the process started */
4381 if (!(dwCreationFlags & CREATE_SUSPENDED))
4382 {
4383 NtResumeThread(ThreadHandle, &ResumeCount);
4384 }
4385
4386VdmShortCircuit:
4387 /* We made it this far, meaning we have a fully created process and thread */
4388 Result = TRUE;
4389
4390 /* Anyone doing a VDM undo should now undo everything, since we are done */
4391 if (VdmUndoLevel) VdmUndoLevel |= VDM_UNDO_COMPLETED;
4392
4393 /* Having a VDM wait object implies this must be a VDM process */
4394 if (VdmWaitObject)
4395 {
4396 /* Check if it's a 16-bit separate WOW process */
4397 if (VdmBinaryType == BINARY_TYPE_SEPARATE_WOW)
4398 {
4399 /* OR-in the special flag to indicate this, and return to caller */
4400 AddToHandle(VdmWaitObject, 2);
4401 lpProcessInformation->hProcess = VdmWaitObject;
4402
4403 /* Check if this was a re-used VDM */
4404 if (VdmUndoLevel & VDM_UNDO_REUSE)
4405 {
4406 /* No Client ID should be returned in this case */
4409 }
4410 }
4411 else
4412 {
4413 /* OR-in the special flag to indicate this is not a separate VDM,
4414 * and return the handle to the caller */
4415 AddToHandle(VdmWaitObject, 1);
4416 lpProcessInformation->hProcess = VdmWaitObject;
4417 }
4418
4419 /* Close the original process handle, since it's not needed for VDM */
4421 }
4422 else
4423 {
4424 /* This is a regular process, so return the real process handle */
4425 lpProcessInformation->hProcess = ProcessHandle;
4426 }
4427
4428 /* Return the rest of the process information based on what we have so far */
4429 lpProcessInformation->hThread = ThreadHandle;
4430 lpProcessInformation->dwProcessId = HandleToUlong(ClientId.UniqueProcess);
4431 lpProcessInformation->dwThreadId = HandleToUlong(ClientId.UniqueThread);
4432
4433 /* NULL these out here so we know to treat this as a success scenario */
4435 ThreadHandle = NULL;
4436
4437Quickie:
4438 /* Free the debugger command line if one was allocated */
4439 if (DebuggerCmdLine) RtlFreeHeap(RtlGetProcessHeap(), 0, DebuggerCmdLine);
4440
4441 /* Check if an SxS full path as queried */
4442 if (PathBuffer)
4443 {
4444 /* Reinitialize the executable path */
4445 RtlInitEmptyUnicodeString(&SxsWin32ExePath, NULL, 0);
4446 SxsWin32ExePath.Length = 0;
4447
4448 /* Free the path buffer */
4449 RtlFreeHeap(RtlGetProcessHeap(), 0, PathBuffer);
4450 }
4451
4452#if _SXS_SUPPORT_ENABLED_
4453 /* Check if this was a non-VDM process */
4454 if (!VdmBinaryType)
4455 {
4456 /* Then it must've had SxS data, so close the handles used for it */
4457 BasepSxsCloseHandles(&Handles);
4458 BasepSxsCloseHandles(&FileHandles);
4459
4460 /* Check if we built SxS byte buffers for this create process request */
4461 if (SxsConglomeratedBuffer)
4462 {
4463 /* Loop all of them */
4464 for (i = 0; i < 5; i++)
4465 {
4466 /* Check if this one was allocated */
4467 ThisBuffer = SxsStaticBuffers[i];
4468 if (ThisBuffer)
4469 {
4470 /* Get the underlying RTL_BUFFER structure */
4471 ByteBuffer = &ThisBuffer->ByteBuffer;
4472 if ((ThisBuffer != (PVOID)-8) && (ByteBuffer->Buffer))
4473 {
4474 /* Check if it was dynamic */
4475 if (ByteBuffer->Buffer != ByteBuffer->StaticBuffer)
4476 {
4477 /* Free it from the heap */
4478 FreeString.Buffer = (PWCHAR)ByteBuffer->Buffer;
4479 RtlFreeUnicodeString(&FreeString);
4480 }
4481
4482 /* Reset the buffer to its static data */
4483 ByteBuffer->Buffer = ByteBuffer->StaticBuffer;
4484 ByteBuffer->Size = ByteBuffer->StaticSize;
4485 }
4486
4487 /* Reset the string to the static buffer */
4488 RtlInitEmptyUnicodeString(&ThisBuffer->String,
4489 (PWCHAR)ByteBuffer->StaticBuffer,
4490 ByteBuffer->StaticSize);
4491 if (ThisBuffer->String.Buffer)
4492 {
4493 /* Also NULL-terminate it */
4494 *ThisBuffer->String.Buffer = UNICODE_NULL;
4495 }
4496 }
4497 }
4498 }
4499 }
4500#endif
4501 /* Check if an environment was passed in */
4502 if ((lpEnvironment) && !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT))
4503 {
4504 /* Destroy it */
4505 RtlDestroyEnvironment(lpEnvironment);
4506
4507 /* If this was the VDM environment too, clear that as well */
4508 if (VdmUnicodeEnv.Buffer == lpEnvironment) VdmUnicodeEnv.Buffer = NULL;
4509 lpEnvironment = NULL;
4510 }
4511
4512 /* Unconditionally free all the name parsing buffers we always allocate */
4513 RtlFreeHeap(RtlGetProcessHeap(), 0, QuotedCmdLine);
4514 RtlFreeHeap(RtlGetProcessHeap(), 0, NameBuffer);
4515 RtlFreeHeap(RtlGetProcessHeap(), 0, CurrentDirectory);
4516 RtlFreeHeap(RtlGetProcessHeap(), 0, FreeBuffer);
4517
4518 /* Close open file/section handles */
4520 if (SectionHandle) NtClose(SectionHandle);
4521
4522 /* If we have a thread handle, this was a failure path */
4523 if (ThreadHandle)
4524 {
4525 /* So kill the process and close the thread handle */
4527 NtClose(ThreadHandle);
4528 }
4529
4530 /* If we have a process handle, this was a failure path, so close it */
4532
4533 /* Thread/process handles, if any, are now processed. Now close this one. */
4534 if (JobHandle) NtClose(JobHandle);
4535
4536 /* Check if we had created a token */
4537 if (TokenHandle)
4538 {
4539 /* And if the user asked for one */
4540 if (hUserToken)
4541 {
4542 /* Then return it */
4543 *hNewToken = TokenHandle;
4544 }
4545 else
4546 {
4547 /* User didn't want it, so we used it temporarily -- close it */
4549 }
4550 }
4551
4552 /* Free any temporary app compatibility data, it's no longer needed */
4553 BasepFreeAppCompatData(AppCompatData, AppCompatSxsData);
4554
4555 /* Free a few strings. The API takes care of these possibly being NULL */
4556 RtlFreeUnicodeString(&VdmString);
4557 RtlFreeUnicodeString(&DebuggerString);
4558
4559 /* Check if we had built any sort of VDM environment */
4560 if ((VdmAnsiEnv.Buffer) || (VdmUnicodeEnv.Buffer))
4561 {
4562 /* Free it */
4563 BaseDestroyVDMEnvironment(&VdmAnsiEnv, &VdmUnicodeEnv);
4564 }
4565
4566 /* Check if this was any kind of VDM application that we ended up creating */
4567 if ((VdmUndoLevel) && (!(VdmUndoLevel & VDM_UNDO_COMPLETED)))
4568 {
4569 /* Send an undo */
4571 (PHANDLE)&VdmTask,
4572 VdmUndoLevel,
4573 VdmBinaryType);
4574
4575 /* And close whatever VDM handle we were using for notifications */
4576 if (VdmWaitObject) NtClose(VdmWaitObject);
4577 }
4578
4579 /* Check if we ended up here with an allocated search path, and free it */
4580 if (SearchPath) RtlFreeHeap(RtlGetProcessHeap(), 0, SearchPath);
4581
4582 /* Finally, return the API's result */
4583 return Result;
4584}
NTSTATUS NTAPI NtCreateSection(OUT PHANDLE SectionHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN PLARGE_INTEGER MaximumSize OPTIONAL, IN ULONG SectionPageProtection OPTIONAL, IN ULONG AllocationAttributes, IN HANDLE FileHandle OPTIONAL)
Definition: section.c:3441
static IN ULONG IN PWSTR OUT PCWSTR OUT PBOOLEAN OUT PATH_TYPE_AND_UNKNOWN * PathType
static ULONG StackSize
Definition: StackOverflow.c:19
NTSTATUS WINAPI BasepCheckBadapp(IN HANDLE FileHandle, IN PWCHAR ApplicationName, IN PWCHAR Environment, IN USHORT ExeType, IN PVOID *SdbQueryAppCompatData, IN PULONG SdbQueryAppCompatDataSize, IN PVOID *SxsData, IN PULONG SxsDataSize, OUT PULONG FusionFlags)
Definition: appcache.c:374
VOID WINAPI BasepFreeAppCompatData(IN PVOID AppCompatData, IN PVOID AppCompatSxsData)
Definition: appcache.c:444
#define FILE_NON_DIRECTORY_FILE
Definition: constants.h:492
HANDLE hUserToken
Definition: install.c:39
static DWORD ResumeCount
Definition: database.c:32
@ BasepCreateProcess
Definition: basemsg.h:21
#define BASESRV_SERVERDLL_INDEX
Definition: basemsg.h:15
#define HandleToUlong(h)
Definition: basetsd.h:79
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
#define CSR_CREATE_API_NUMBER(ServerId, ApiId)
Definition: csrmsg.h:37
NTSTATUS NTAPI DbgUiConnectToDbg(VOID)
Definition: dbgui.c:25
HANDLE NTAPI DbgUiGetThreadDebugObject(VOID)
Definition: dbgui.c:333
#define CloseHandle
Definition: compat.h:739
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
#define OPEN_EXISTING
Definition: compat.h:775
#define INVALID_HANDLE_VALUE
Definition: compat.h:731
#define GENERIC_READ
Definition: compat.h:135
#define RtlImageNtHeader
Definition: compat.h:806
#define CreateFileW
Definition: compat.h:741
#define FILE_ATTRIBUTE_NORMAL
Definition: compat.h:137
#define ERROR_ACCESS_DENIED
Definition: compat.h:97
#define FILE_SHARE_READ
Definition: compat.h:136
PBASE_STATIC_SERVER_DATA BaseStaticServerData
Definition: dllmain.c:19
DWORD WINAPI GetFileAttributesW(LPCWSTR lpFileName)
Definition: fileinfo.c:652
LPWSTR WINAPI BaseComputeProcessExePath(IN LPWSTR FullPath)
Definition: path.c:405
DWORD WINAPI SearchPathW(IN LPCWSTR lpPath OPTIONAL, IN LPCWSTR lpFileName, IN LPCWSTR lpExtension OPTIONAL, IN DWORD nBufferLength, OUT LPWSTR lpBuffer, OUT LPWSTR *lpFilePart OPTIONAL)
Definition: path.c:1298
BOOLEAN WINAPI BasePushProcessParameters(IN ULONG ParameterFlags, IN HANDLE ProcessHandle, IN PPEB RemotePeb, IN LPCWSTR ApplicationPathName, IN LPWSTR lpCurrentDirectory, IN LPWSTR lpCommandLine, IN LPVOID lpEnvironment, IN LPSTARTUPINFOW StartupInfo, IN DWORD CreationFlags, IN BOOL InheritHandles, IN ULONG ImageSubsystem, IN PVOID AppCompatData, IN ULONG AppCompatDataSize)
Definition: proc.c:484
NTSTATUS WINAPI BasepCheckWebBladeHashes(IN HANDLE FileHandle)
Definition: proc.c:149
VOID WINAPI StuffStdHandle(IN HANDLE ProcessHandle, IN HANDLE StandardHandle, IN PHANDLE Address)
Definition: proc.c:57
BOOLEAN WINAPI BuildSubSysCommandLine(IN LPCWSTR SubsystemName, IN LPCWSTR ApplicationName, IN LPCWSTR CommandLine, OUT PUNICODE_STRING SubsysCommandLine)
Definition: proc.c:89
NTSTATUS WINAPI BasepIsProcessAllowed(IN LPWSTR ApplicationName)
Definition: proc.c:202
#define AddToHandle(x, y)
Definition: proc.c:2225
NTSTATUS WINAPI BasepReplaceProcessThreadTokens(IN HANDLE TokenHandle, IN HANDLE ProcessHandle, IN HANDLE ThreadHandle)
Definition: proc.c:354
VOID WINAPI BasepSxsCloseHandles(IN PBASE_MSG_SXS_HANDLES Handles)
Definition: proc.c:417
#define CMD_STRING
Definition: proc.c:51
#define RemoveFromHandle(x, y)
Definition: proc.c:2226
BOOLEAN WINAPI BasepIsImageVersionOk(IN ULONG ImageMajorVersion, IN ULONG ImageMinorVersion)
Definition: proc.c:123
NTSTATUS WINAPI BaseCreateStack(_In_ HANDLE hProcess, _In_opt_ SIZE_T StackCommit, _In_opt_ SIZE_T StackReserve, _Out_ PINITIAL_TEB InitialTeb)
Definition: utils.c:354
VOID WINAPI BaseInitializeContext(IN PCONTEXT Context, IN PVOID Parameter, IN PVOID StartAddress, IN PVOID StackAddress, IN ULONG ContextType)
Definition: utils.c:513
POBJECT_ATTRIBUTES WINAPI BaseFormatObjectAttributes(OUT POBJECT_ATTRIBUTES ObjectAttributes, IN PSECURITY_ATTRIBUTES SecurityAttributes OPTIONAL, IN PUNICODE_STRING ObjectName)
Definition: utils.c:304
NTSTATUS WINAPI BasepCheckWinSaferRestrictions(IN HANDLE UserToken, IN LPWSTR ApplicationName, IN HANDLE FileHandle, OUT PBOOLEAN InJob, OUT PHANDLE NewToken, OUT PHANDLE JobHandle)
Definition: utils.c:921
PVOID WINAPI BasepIsRealtimeAllowed(IN BOOLEAN Keep)
Definition: utils.c:665
ULONG WINAPI BaseIsDosApplication(IN PUNICODE_STRING PathName, IN NTSTATUS Status)
Definition: vdm.c:66
BOOL NTAPI BaseDestroyVDMEnvironment(IN PANSI_STRING AnsiEnv, IN PUNICODE_STRING UnicodeEnv)
Definition: vdm.c:1034
BOOL WINAPI BaseGetVdmConfigInfo(IN LPCWSTR CommandLineReserved, IN ULONG DosSeqId, IN ULONG BinaryType, IN PUNICODE_STRING CmdLineString, OUT PULONG VdmSize)
Definition: vdm.c:652
BOOL WINAPI BaseUpdateVDMEntry(IN ULONG UpdateIndex, IN OUT PHANDLE WaitHandle, IN ULONG IndexInfo, IN ULONG BinaryType)
Definition: vdm.c:542
BOOL NTAPI BaseCreateVDMEnvironment(IN PWCHAR lpEnvironment, OUT PANSI_STRING AnsiEnv, OUT PUNICODE_STRING UnicodeEnv)
Definition: vdm.c:744
NTSTATUS WINAPI BaseCheckVDM(IN ULONG BinaryType, IN PCWCH ApplicationName, IN PCWCH CommandLine, IN PCWCH CurrentDirectory, IN PANSI_STRING AnsiEnvironment, IN PBASE_API_MESSAGE ApiMessage, IN OUT PULONG iTask, IN DWORD CreationFlags, IN LPSTARTUPINFOW StartupInfo, IN HANDLE hUserToken OPTIONAL)
Definition: vdm.c:91
#define FILE_SYNCHRONOUS_IO_NONALERT
Definition: from_kernel.h:31
GLdouble n
Definition: glext.h:7729
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define DbgPrint
Definition: hal.h:12
NTSTATUS NTAPI NtRaiseHardError(IN NTSTATUS ErrorStatus, IN ULONG NumberOfParameters, IN ULONG UnicodeStringParameterMask, IN PULONG_PTR Parameters, IN ULONG ValidResponseOptions, OUT PULONG Response)
Definition: harderr.c:551
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
#define PROCESS_CREATE_FLAGS_BREAKAWAY
Definition: pstypes.h:91
#define PROCESS_PRIORITY_CLASS_IDLE
Definition: pstypes.h:107
#define PROCESS_CREATE_FLAGS_INHERIT_HANDLES
Definition: pstypes.h:93
#define PROCESS_PRIORITY_CLASS_INVALID
Definition: pstypes.h:106
#define PROCESS_PRIORITY_CLASS_NORMAL
Definition: pstypes.h:108
#define PROCESS_PRIORITY_CLASS_HIGH
Definition: pstypes.h:109
#define PROCESS_PRIORITY_CLASS_ABOVE_NORMAL
Definition: pstypes.h:112
#define PROCESS_CREATE_FLAGS_LARGE_PAGES
Definition: pstypes.h:95
#define PROCESS_PRIORITY_CLASS_BELOW_NORMAL
Definition: pstypes.h:111
#define PROCESS_PRIORITY_CLASS_REALTIME
Definition: pstypes.h:110
#define PROCESS_CREATE_FLAGS_NO_DEBUG_INHERIT
Definition: pstypes.h:92
@ ProcessPriorityClass
Definition: winternl.h:874
@ ProcessDefaultHardErrorMode
Definition: winternl.h:868
#define NtCurrentTeb
#define REG_SZ
Definition: layer.c:22
NTSTATUS NTAPI LdrQueryImageFileKeyOption(_In_ HANDLE KeyHandle, _In_ PCWSTR ValueName, _In_ ULONG Type, _Out_ PVOID Buffer, _In_ ULONG BufferSize, _Out_opt_ PULONG ReturnedLength)
Definition: ldrinit.c:185
NTSTATUS NTAPI LdrOpenImageFileOptionsKey(_In_ PUNICODE_STRING SubKey, _In_ BOOLEAN Wow64, _Out_ PHANDLE NewKeyHandle)
Definition: ldrinit.c:112
#define PCHAR
Definition: match.c:90
PVOID PVOID PWCHAR PVOID USHORT PULONG PVOID PULONG PVOID PULONG PULONG FusionFlags
Definition: env.c:49
#define SE_LOCK_MEMORY_PRIVILEGE
Definition: security.c:658
static OUT PIO_STATUS_BLOCK IoStatusBlock
Definition: pipe.c:75
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
_In_ NDIS_ERROR_CODE ErrorCode
Definition: ndis.h:4436
@ OptionOk
Definition: extypes.h:187
@ ResponseOk
Definition: extypes.h:205
#define PROCESSOR_ARCHITECTURE_IA64
Definition: ketypes.h:111
#define PROCESSOR_ARCHITECTURE_UNKNOWN
Definition: ketypes.h:115
#define PROCESSOR_ARCHITECTURE_AMD64
Definition: ketypes.h:114
#define PROCESSOR_ARCHITECTURE_INTEL
Definition: ketypes.h:105
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404
__kernel_entry _Inout_ _Inout_ PSIZE_T RegionSize
Definition: mmfuncs.h:172
#define SEC_IMAGE
Definition: mmtypes.h:97
@ SectionImageInformation
Definition: mmtypes.h:196
NTSYSAPI ULONG NTAPI RtlIsDosDeviceName_U(_In_ PCWSTR Name)
NTSYSAPI NTSTATUS NTAPI RtlAcquirePrivilege(_In_ PULONG Privilege, _In_ ULONG NumPriv, _In_ ULONG Flags, _Out_ PVOID *ReturnedState)
NTSTATUS NTAPI RtlGetFullPathName_UstrEx(_In_ PUNICODE_STRING FileName, _In_opt_ PUNICODE_STRING StaticString, _In_opt_ PUNICODE_STRING DynamicString, _Out_opt_ PUNICODE_STRING *StringUsed, _Out_opt_ PSIZE_T FilePartSize, _Out_opt_ PBOOLEAN NameInvalid, _Out_ RTL_PATH_TYPE *PathType, _Out_opt_ PSIZE_T LengthNeeded)
VOID NTAPI RtlReleaseRelativeName(_In_ PRTL_RELATIVE_NAME_U RelativeName)
NTSYSAPI VOID NTAPI RtlDestroyEnvironment(_In_ PWSTR Environment)
NTSYSAPI RTL_PATH_TYPE NTAPI RtlDetermineDosPathNameType_U(_In_ PCWSTR Path)
NTSYSAPI VOID NTAPI RtlReleasePrivilege(_In_ PVOID ReturnedState)
NTSYSAPI BOOLEAN NTAPI RtlDosPathNameToRelativeNtPathName_U(_In_ PCWSTR DosName, _Out_ PUNICODE_STRING NtName, _Out_ PCWSTR *PartName, _Out_ PRTL_RELATIVE_NAME_U RelativeName)
#define SEM_FAILCRITICALERRORS
Definition: rtltypes.h:69
@ RtlPathTypeRootLocalDevice
Definition: rtltypes.h:478
@ RtlPathTypeRelative
Definition: rtltypes.h:476
@ RtlPathTypeUncAbsolute
Definition: rtltypes.h:472
@ RtlPathTypeLocalDevice
Definition: rtltypes.h:477
@ RtlPathTypeDriveAbsolute
Definition: rtltypes.h:473
enum _RTL_PATH_TYPE RTL_PATH_TYPE
#define THREAD_ALL_ACCESS
Definition: nt_native.h:1339
NTSYSAPI NTSTATUS NTAPI NtOpenFile(OUT PHANDLE phFile, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, OUT PIO_STATUS_BLOCK pIoStatusBlock, IN ULONG ShareMode, IN ULONG OpenMode)
Definition: file.c:3952
#define FILE_SHARE_WRITE
Definition: nt_native.h:681
#define SYNCHRONIZE
Definition: nt_native.h:61
#define FILE_READ_DATA
Definition: nt_native.h:628
#define SECTION_ALL_ACCESS
Definition: nt_native.h:1293
#define FILE_READ_ATTRIBUTES
Definition: nt_native.h:647
#define PROCESS_ALL_ACCESS
Definition: nt_native.h:1324
NTSYSAPI NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, PANSI_STRING SourceString, BOOLEAN AllocateDestinationString)
#define PAGE_EXECUTE
Definition: nt_native.h:1306
NTSTATUS NTAPI NtTerminateProcess(HANDLE ProcessHandle, LONG ExitStatus)
#define FILE_SHARE_DELETE
Definition: nt_native.h:682
#define FILE_EXECUTE
Definition: nt_native.h:642
#define FILE_ATTRIBUTE_DIRECTORY
Definition: nt_native.h:705
#define MEM_RESERVE
Definition: nt_native.h:1314
#define MEM_RELEASE
Definition: nt_native.h:1316
NTSYSAPI NTSTATUS NTAPI NtCreateThread(OUT PHANDLE phThread, IN ACCESS_MASK AccessMask, IN POBJECT_ATTRIBUTES ObjectAttributes, IN HANDLE hProcess, OUT PCLIENT_ID pClientId, IN PCONTEXT pContext, OUT PSTACKINFO pStackInfo, IN BOOLEAN bSuspended)
#define PAGE_EXECUTE_READWRITE
Definition: nt_native.h:1308
#define UNICODE_STRING_MAX_CHARS
#define UNICODE_STRING_MAX_BYTES
#define VER_SUITE_DATACENTER
#define VER_SUITE_PERSONAL
#define ANSI_NULL
#define IMAGE_SUBSYSTEM_POSIX_CUI
Definition: ntimage.h:440
#define IMAGE_SUBSYSTEM_WINDOWS_CUI
Definition: ntimage.h:438
#define IMAGE_SUBSYSTEM_WINDOWS_GUI
Definition: ntimage.h:437
#define IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
Definition: ntimage.h:458
#define IMAGE_FILE_MACHINE_AMD64
Definition: ntimage.h:17
#define IMAGE_FILE_MACHINE_IA64
Definition: ntimage.h:22
NTSTATUS NTAPI NtFreeVirtualMemory(IN HANDLE ProcessHandle, IN PVOID *UBaseAddress, IN PSIZE_T URegionSize, IN ULONG FreeType)
Definition: virtual.c:5228
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2814
NTSTATUS NTAPI NtIsProcessInJob(IN HANDLE ProcessHandle, IN HANDLE JobHandle OPTIONAL)
Definition: job.c:361
NTSTATUS NTAPI NtAssignProcessToJobObject(HANDLE JobHandle, HANDLE ProcessHandle)
Definition: job.c:157
NTSTATUS NTAPI NtCreateProcessEx(OUT PHANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN HANDLE ParentProcess, IN ULONG Flags, IN HANDLE SectionHandle OPTIONAL, IN HANDLE DebugPort OPTIONAL, IN HANDLE ExceptionPort OPTIONAL, IN BOOLEAN InJob)
Definition: process.c:1344
NTSTATUS NTAPI NtSetInformationProcess(IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, IN PVOID ProcessInformation, IN ULONG ProcessInformationLength)
Definition: query.c:1105
NTSTATUS NTAPI NtResumeThread(IN HANDLE ThreadHandle, OUT PULONG SuspendCount OPTIONAL)
Definition: state.c:290
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:455
#define STATUS_INVALID_IMAGE_WIN_64
Definition: ntstatus.h:901
#define STATUS_INVALID_IMAGE_WIN_16
Definition: ntstatus.h:541
#define STATUS_INVALID_IMAGE_NE_FORMAT
Definition: ntstatus.h:519
#define STATUS_IMAGE_MACHINE_TYPE_MISMATCH_EXE
Definition: ntstatus.h:149
#define STATUS_INVALID_IMAGE_NOT_MZ
Definition: ntstatus.h:539
#define STATUS_INVALID_IMAGE_PROTECT
Definition: ntstatus.h:540
#define STATUS_VDM_DISALLOWED
Definition: ntstatus.h:957
#define STATUS_FILE_IS_OFFLINE
Definition: ntstatus.h:740
#define STATUS_NAME_TOO_LONG
Definition: ntstatus.h:498
#define IMAGE_FILE_MACHINE_I386
Definition: pedump.c:174
#define IMAGE_FILE_DLL
Definition: pedump.c:169
#define REG_DWORD
Definition: sdbapi.c:596
_CRTIMP wchar_t *__cdecl wcscpy(_Out_writes_z_(_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
_CRTIMP wchar_t *__cdecl wcscat(_Inout_updates_z_(_String_length_(_Dest)+_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
_Check_return_ _CRTIMP int __cdecl _wcsnicmp(_In_reads_or_z_(_MaxCount) const wchar_t *_Str1, _In_reads_or_z_(_MaxCount) const wchar_t *_Str2, _In_ size_t _MaxCount)
VOID NTAPI CsrFreeCaptureBuffer(_In_ _Frees_ptr_ PCSR_CAPTURE_BUFFER CaptureBuffer)
Definition: capture.c:210
NTSTATUS NTAPI CsrClientCallServer(_Inout_ PCSR_API_MESSAGE ApiMessage, _Inout_opt_ PCSR_CAPTURE_BUFFER CaptureBuffer, _In_ CSR_API_NUMBER ApiNumber, _In_ ULONG DataLength)
Definition: connect.c:366
#define BINARY_TYPE_WOW
Definition: vdm.h:40
#define VDM_UNDO_PARTIAL
Definition: vdm.h:27
#define VDM_UNDO_COMPLETED
Definition: vdm.h:30
#define BINARY_TYPE_WOW_EX
Definition: vdm.h:41
#define VDM_NOT_READY
Definition: vdm.h:47
#define BINARY_TYPE_SEPARATE_WOW
Definition: vdm.h:39
#define VDM_UNDO_REUSE
Definition: vdm.h:29
@ VdmEntryUndo
Definition: vdm.h:19
@ VdmEntryUpdateProcess
Definition: vdm.h:20
#define VDM_UNDO_FULL
Definition: vdm.h:28
#define BINARY_TYPE_DOS
Definition: vdm.h:38
#define VDM_READY
Definition: vdm.h:48
#define VDM_NOT_LOADED
Definition: vdm.h:46
#define BINARY_TYPE_EXE
Definition: vdm.h:35
NTSTATUS NTAPI NtQuerySection(_In_ HANDLE SectionHandle, _In_ SECTION_INFORMATION_CLASS SectionInformationClass, _Out_ PVOID SectionInformation, _In_ SIZE_T SectionInformationLength, _Out_opt_ PSIZE_T ResultLength)
Definition: section.c:3768
USHORT MaximumLength
Definition: env_spec_w32.h:377
BASE_CREATE_PROCESS CreateProcessRequest
Definition: basemsg.h:283
union _BASE_API_MESSAGE::@3533 Data
BASE_CHECK_VDM CheckVDMRequest
Definition: basemsg.h:287
USHORT VDMState
Definition: basemsg.h:147
HANDLE WaitObjectForParent
Definition: basemsg.h:123
BASE_SXS_CREATEPROCESS_MSG Sxs
Definition: basemsg.h:96
USHORT ProcessorArchitecture
Definition: basemsg.h:99
ULONG PebAddressWow64
Definition: basemsg.h:98
HANDLE ProcessHandle
Definition: basemsg.h:89
CLIENT_ID ClientId
Definition: basemsg.h:91
HANDLE ThreadHandle
Definition: basemsg.h:90
PVOID PebAddressNative
Definition: basemsg.h:97
BOOLEAN IsWowTaskReady
Definition: base.h:135
BOOLEAN DefaultSeparateVDM
Definition: base.h:134
HANDLE UniqueThread
Definition: compat.h:826
HANDLE UniqueProcess
Definition: compat.h:825
IMAGE_OPTIONAL_HEADER32 OptionalHeader
Definition: ntddk_ex.h:184
PVOID StackBase
Definition: pstypes.h:694
PVOID ArbitraryUserPointer
Definition: compat.h:719
BOOLEAN ReadImageFileExecOptions
Definition: ntddk_ex.h:240
ULONG ImageSubsystemMajorVersion
Definition: ntddk_ex.h:305
SIZE_T StaticSize
Definition: rtltypes.h:1878
PUCHAR StaticBuffer
Definition: rtltypes.h:1876
PUCHAR Buffer
Definition: rtltypes.h:1875
SIZE_T Size
Definition: rtltypes.h:1877
UNICODE_STRING RelativeName
Definition: rtltypes.h:1380
HANDLE ContainingDirectory
Definition: rtltypes.h:1381
UNICODE_STRING String
Definition: rtltypes.h:1885
UNICODE_STRING DesktopInfo
Definition: rtltypes.h:1555
LPVOID lpSecurityDescriptor
Definition: compat.h:193
DWORD dwFlags
Definition: winbase.h:863
PUNICODE_STRING Win32
Definition: kernel32.h:405
PUNICODE_STRING Nt
Definition: kernel32.h:406
Definition: compat.h:836
NT_TIB NtTib
Definition: ntddk_ex.h:332
#define max(a, b)
Definition: svc.c:63
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
#define MAXUSHORT
Definition: typedefs.h:83
char * PCHAR
Definition: typedefs.h:51
#define STATUS_ACCESS_DENIED
Definition: udferr_usr.h:145
#define INVALID_FILE_ATTRIBUTES
Definition: vfdcmd.c:23
#define NORMAL_PRIORITY_CLASS
Definition: winbase.h:181
#define STARTF_FORCEOFFFEEDBACK
Definition: winbase.h:498
DWORD WINAPI GetLastError(void)
Definition: except.c:1042
#define CREATE_FORCEDOS
Definition: winbase.h:189
#define REALTIME_PRIORITY_CLASS
Definition: winbase.h:184
#define BELOW_NORMAL_PRIORITY_CLASS
Definition: winbase.h:190
#define CREATE_UNICODE_ENVIRONMENT
Definition: winbase.h:186
#define HIGH_PRIORITY_CLASS
Definition: winbase.h:183
#define CREATE_SHARED_WOW_VDM
Definition: winbase.h:188
#define GetModuleHandle
Definition: winbase.h:3762
#define CREATE_DEFAULT_ERROR_MODE
Definition: winbase.h:194
#define CREATE_SEPARATE_WOW_VDM
Definition: winbase.h:187
#define CREATE_SUSPENDED
Definition: winbase.h:178
#define DEBUG_ONLY_THIS_PROCESS
Definition: winbase.h:177
#define SearchPath
Definition: winbase.h:3835
#define CREATE_PRESERVE_CODE_AUTHZ_LEVEL
Definition: winbase.h:193
#define IDLE_PRIORITY_CLASS
Definition: winbase.h:182
#define STARTF_FORCEONFEEDBACK
Definition: winbase.h:497
#define DEBUG_PROCESS
Definition: winbase.h:176
#define ABOVE_NORMAL_PRIORITY_CLASS
Definition: winbase.h:191
#define ERROR_PATH_NOT_FOUND
Definition: winerror.h:106
#define ERROR_DIRECTORY
Definition: winerror.h:295
#define ERROR_NOT_READY
Definition: winerror.h:124
#define ERROR_BAD_EXE_FORMAT
Definition: winerror.h:251
#define ERROR_CHILD_NOT_COMPLETE
Definition: winerror.h:201
#define ERROR_ACCESS_DISABLED_BY_POLICY
Definition: winerror.h:763
#define ERROR_CANCELLED
Definition: winerror.h:726
#define ERROR_EXE_MACHINE_TYPE_MISMATCH
Definition: winerror.h:271
#define ERROR_ACCESS_DISABLED_WEBBLADE_TAMPER
Definition: winerror.h:775
#define ERROR_ACCESS_DISABLED_WEBBLADE
Definition: winerror.h:774
#define ERROR_FILE_OFFLINE
Definition: winerror.h:1285
#define ERROR_BAD_DEVICE
Definition: winerror.h:703
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
_Out_ PCLIENT_ID ClientId
Definition: kefuncs.h:1151

Referenced by CreateProcessInternalA(), and CreateProcessW().

◆ CreateProcessW()

BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessW ( LPCWSTR  lpApplicationName,
LPWSTR  lpCommandLine,
LPSECURITY_ATTRIBUTES  lpProcessAttributes,
LPSECURITY_ATTRIBUTES  lpThreadAttributes,
BOOL  bInheritHandles,
DWORD  dwCreationFlags,
LPVOID  lpEnvironment,
LPCWSTR  lpCurrentDirectory,
LPSTARTUPINFOW  lpStartupInfo,
LPPROCESS_INFORMATION  lpProcessInformation 
)

◆ ExitProcess()

VOID WINAPI ExitProcess ( IN UINT  uExitCode)

Definition at line 1487 of file proc.c.

1488{
1489 BASE_API_MESSAGE ApiMessage;
1490 PBASE_EXIT_PROCESS ExitProcessRequest = &ApiMessage.Data.ExitProcessRequest;
1491
1493
1494 _SEH2_TRY
1495 {
1496 /* Acquire the PEB lock */
1498
1499 /* Kill all the threads */
1500 NtTerminateProcess(NULL, uExitCode);
1501
1502 /* Unload all DLLs */
1504
1505 /* Notify Base Server of process termination */
1506 ExitProcessRequest->uExitCode = uExitCode;
1508 NULL,
1510 sizeof(*ExitProcessRequest));
1511
1512 /* Now do it again */
1514 }
1516 {
1517 /* Release the PEB lock */
1519 }
1520 _SEH2_END;
1521
1522 /* should never get here */
1523 ASSERT(0);
1524 while(1);
1525}
@ BasepExitProcess
Definition: basemsg.h:24
#define _SEH2_FINALLY
Definition: filesup.c:21
NTSYSAPI void WINAPI LdrShutdownProcess(void)
Definition: ldrinit.c:943
BASE_EXIT_PROCESS ExitProcessRequest
Definition: basemsg.h:286

Referenced by _exit(), _font_assert(), _RunRemoteTest(), alarmThreadMain(), BaseProcessStartup(), BaseThreadStartup(), child_process(), CLRMetaHost_ExitProcess(), ConsoleControlDispatcher(), CorExitProcess(), CtrlCIntercept(), DbgkExitProcess(), DECLARE_INTERFACE_(), DefaultConsoleCtrlHandler(), DevInstallW(), DisplayError(), dll_entry_point(), doChild(), doDebugger(), ErrorExit(), exit(), ExitThread(), FatalAppExitA(), FatalAppExitW(), FatalExit(), Host_Quit(), IEWinMain(), init(), LoadProc(), local_server_proc(), LogToFile(), main(), MyErrExit(), performUninstall(), RpcRaiseException(), ShowUsage(), START_TEST(), StringListAppend(), test__popen_child(), thread_1(), VdmShutdown(), WatchDirectory(), WinMain(), wmainCRTStartup(), and wWinMain().

◆ FatalAppExitA()

VOID WINAPI FatalAppExitA ( UINT  uAction,
LPCSTR  lpMessageText 
)

Definition at line 1562 of file proc.c.

1564{
1565 PUNICODE_STRING MessageTextU;
1566 ANSI_STRING MessageText;
1568
1569 /* Initialize the string using the static TEB pointer */
1570 MessageTextU = &NtCurrentTeb()->StaticUnicodeString;
1571 RtlInitAnsiString(&MessageText, (LPSTR)lpMessageText);
1572
1573 /* Convert to unicode, or just exit normally if this failed */
1574 Status = RtlAnsiStringToUnicodeString(MessageTextU, &MessageText, FALSE);
1575 if (!NT_SUCCESS(Status)) ExitProcess(0);
1576
1577 /* Call the Wide function */
1578 FatalAppExitW(uAction, MessageTextU->Buffer);
1579}
VOID WINAPI FatalAppExitW(IN UINT uAction, IN LPCWSTR lpMessageText)
Definition: proc.c:1586
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
char * LPSTR
Definition: xmlstorage.h:182

◆ FatalAppExitW()

VOID WINAPI FatalAppExitW ( IN UINT  uAction,
IN LPCWSTR  lpMessageText 
)

Definition at line 1586 of file proc.c.

1588{
1592
1593 /* Setup the string to print out */
1594 RtlInitUnicodeString(&UnicodeString, lpMessageText);
1595
1596 /* Display the hard error no matter what */
1598 1,
1599 1,
1601#if DBG
1602 /* On Checked builds, Windows allows the user to cancel the operation */
1604#else
1605 OptionOk,
1606#endif
1607 &Response);
1608
1609 /* Give the user a chance to abort */
1611 {
1612 return;
1613 }
1614
1615 /* Otherwise kill the process */
1616 ExitProcess(0);
1617}
#define DBG(x)
Definition: moztest.c:12
#define HARDERROR_OVERRIDE_ERRORMODE
Definition: extypes.h:146
@ OptionOkCancel
Definition: extypes.h:188
@ ResponseCancel
Definition: extypes.h:202
#define STATUS_FATAL_APP_EXIT
Definition: ntstatus.h:135
Definition: ncftp.h:89
uint32_t * PULONG_PTR
Definition: typedefs.h:65

Referenced by FatalAppExitA().

◆ FatalExit()

VOID WINAPI FatalExit ( IN int  ExitCode)

Definition at line 1624 of file proc.c.

1625{
1626#if DBG
1627 /* On Checked builds, Windows gives the user a nice little debugger UI */
1628 CHAR Action[2];
1629 DbgPrint("FatalExit...\n\n");
1630
1631 while (TRUE)
1632 {
1633 DbgPrompt("A (Abort), B (Break), I (Ignore)? ", Action, sizeof(Action));
1634 switch (Action[0])
1635 {
1636 case 'B': case 'b':
1637 DbgBreakPoint();
1638 break;
1639
1640 case 'A': case 'a':
1641 ExitProcess(ExitCode);
1642
1643 case 'I': case 'i':
1644 return;
1645 }
1646 }
1647#endif
1648 /* On other builds, just kill the process */
1649 ExitProcess(ExitCode);
1650}
NTSYSAPI void WINAPI DbgBreakPoint(void)
NTSYSAPI ULONG NTAPI DbgPrompt(_In_z_ PCCH Prompt, _Out_writes_bytes_(MaximumResponseLength) PCH Response, _In_ ULONG MaximumResponseLength)
_In_ WDFIOTARGET _In_ _Strict_type_match_ WDF_IO_TARGET_SENT_IO_ACTION Action
Definition: wdfiotarget.h:510

◆ FlushInstructionCache()

BOOL WINAPI FlushInstructionCache ( IN HANDLE  hProcess,
IN LPCVOID  lpBaseAddress,
IN SIZE_T  nSize 
)

Definition at line 1463 of file proc.c.

1466{
1468
1469 /* Call the native function */
1471 if (!NT_SUCCESS(Status))
1472 {
1473 /* Handle failure case */
1475 return FALSE;
1476 }
1477
1478 /* All good */
1479 return TRUE;
1480}
_In_ BOOL _In_ HANDLE hProcess
Definition: mapping.h:71
NTSTATUS NTAPI NtFlushInstructionCache(_In_ HANDLE ProcessHandle, _In_opt_ PVOID BaseAddress, _In_ SIZE_T FlushSize)
Definition: virtual.c:3042
*nSize LPSTR _Inout_ LPDWORD nSize
Definition: winbase.h:2084

◆ GetCommandLineA()

LPSTR WINAPI GetCommandLineA ( VOID  )

Definition at line 2003 of file proc.c.

2004{
2006}
ANSI_STRING BaseAnsiCommandLine
Definition: proc.c:22

Referenced by crt_process_init(), DllMain(), doChild(), main(), START_TEST(), and wmain().

◆ GetCommandLineW()

◆ GetCurrentProcess()

HANDLE WINAPI GetCurrentProcess ( VOID  )

Definition at line 1138 of file proc.c.

1139{
1140 return (HANDLE)NtCurrentProcess();
1141}

◆ GetCurrentProcessId()

DWORD WINAPI GetCurrentProcessId ( VOID  )

Definition at line 1158 of file proc.c.

1159{
1161}

Referenced by __security_init_cookie(), _getpid(), _mktemp(), _wmktemp(), _wtmpnam(), AddPortW(), adns_getpid(), apartment_construct(), child_process(), ClientLoadLibrary(), CloseProcess(), CMP_RegisterNotification(), CoGetCurrentProcess(), CommitSpoolData(), ConfigurePortW(), CreateNotificationParamAndSend(), CreateProcessWithLogonW(), CreateToolhelp32Snapshot(), CURSORICON_CopyImage(), custom_start_server(), DirectDrawClipper_Initialize(), dll_entry_point(), do_msidbCustomActionTypeDll(), doChild(), doCrash(), DPLAYX_CreateLobbyApplication(), DPLAYX_IsAppIdLobbied(), EnumWindowsProc(), FreeChangeNotifications(), generate_ipid(), get_cmdline(), GetProcessVersion(), GetSpoolFileHandle(), handle_msi_break(), IDirectPlayLobby3AImpl_SetConnectionSettings(), IDirectPlayLobby3Impl_SetConnectionSettings(), ImmGetImeMenuItemsAW(), Internal_CreatePalette(), Internal_CreateSurface(), IsBlockFromHeap(), LresultFromObject(), main(), NotifyInfo::modify(), new_stub_manager(), NotifyLogon(), ole_server(), openlog(), OutputDebugStringA(), ParseSharedPacket(), RegisterDragDrop(), RPC_ExecuteCall(), rpcrt4_protseq_ncacn_np_open_endpoint(), rpcrt4_protseq_ncalrpc_open_endpoint(), ScConnectControlPipe(), send_close_messages(), CNotifyToolbar::SendNotifyCallback(), ServerThread(), service_main(), SHAllocShared(), SHAppBarMessage(), SHFreeShared(), SHLockShared(), SHMapHandle(), START_TEST(), StartDirectDraw(), TelnetGetConsoleWindow(), terminate_processes(), test_AddSelfToJob(), test_alloc_shared(), test_alloc_shared_remote(), test_BreakawayOk(), Test_CloseDuplicatedSocket(), Test_CloseWhileSelectDuplicatedSocket(), test_debug_loop(), test_GetConsoleProcessList(), test_GetProcessVersion(), test_handles(), test_jobInheritance(), test_MessageBox(), test_OpenProcess(), test_process_info(), test_process_security_child(), Test_ProcessModules(), test_query_handle(), test_query_handle_ex(), test_query_object_types(), test_query_process_vm(), test_QueryFullProcessImageNameW(), test_readvirtualmemory(), test_session_info(), test_set_hook(), test_SHCreateSessionKey(), test_tcp(), test_Toolhelp(), test_udp(), test_Win32_Process(), test_winevents(), test_WithWSAStartup(), test_ws_functions(), TestChannelHook_ClientFillBuffer(), TestChannelHook_ClientGetSize(), TestChannelHook_ClientNotify(), TestChannelHook_ServerGetSize(), TestChannelHook_ServerNotify(), ThemeDestroyWndData(), tmpnam(), WDML_AddServer(), WinMain(), NotifyArea::WndProc(), FlatButton::WndProc(), and wWinMain().

◆ GetCurrentThread()

◆ GetExitCodeProcess()

BOOL WINAPI GetExitCodeProcess ( IN HANDLE  hProcess,
IN LPDWORD  lpExitCode 
)

Definition at line 1168 of file proc.c.

1170{
1171 PROCESS_BASIC_INFORMATION ProcessBasic;
1173
1174 /* Ask the kernel */
1177 &ProcessBasic,
1178 sizeof(ProcessBasic),
1179 NULL);
1180 if (!NT_SUCCESS(Status))
1181 {
1182 /* We failed, was this because this is a VDM process? */
1183 if (BaseCheckForVDM(hProcess, lpExitCode) != FALSE) return TRUE;
1184
1185 /* Not a VDM process, fail the call */
1187 return FALSE;
1188 }
1189
1190 /* Succes case, return the exit code */
1191 *lpExitCode = (DWORD)ProcessBasic.ExitStatus;
1192 return TRUE;
1193}
BOOL WINAPI BaseCheckForVDM(IN HANDLE ProcessHandle, OUT LPDWORD ExitCode)
Definition: vdm.c:618
@ ProcessBasicInformation
Definition: winternl.h:394
#define DWORD
Definition: nt_native.h:44
NTSTATUS NTAPI NtQueryInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _Out_ PVOID ProcessInformation, _In_ ULONG ProcessInformationLength, _Out_opt_ PULONG ReturnLength)
Definition: query.c:59

Referenced by _cwait(), _pclose(), CloseProcessAndVerify_(), cmd_start(), CommandThreadProc(), crash_and_debug(), crash_and_winedbg(), custom_get_process_return(), do_spawnT(), DoTestEntry(), Execute(), ExecutePipeline(), LauncherRoutine2(), MonitorChildThread(), ProcessRunning(), read_reg_output_(), run_ex(), run_rapps(), run_reg_exe_(), run_script_file(), runcmd(), runCmd(), RunSetupThreadProc(), shell_execute_ex_(), TerminateShell(), test_CreateProcessWithDesktop(), test_ddeml_server(), test_end_to_end_server(), test_ExitCode(), test_ExitProcess(), test_Handles(), test_msg_server(), test_TerminateJobObject(), WshExec_get_Status(), and WshShell3_Run().

◆ GetPriorityClass()

DWORD WINAPI GetPriorityClass ( IN HANDLE  hProcess)

Definition at line 1657 of file proc.c.

1658{
1660 PROCESS_PRIORITY_CLASS DECLSPEC_ALIGN(4) PriorityClass;
1661
1662 /* Query the kernel */
1665 &PriorityClass,
1666 sizeof(PriorityClass),
1667 NULL);
1669 {
1670 /* Handle the conversion from NT to Win32 classes */
1671 switch (PriorityClass.PriorityClass)
1672 {
1679 }
1680 }
1681
1682 /* Failure path */
1684 return 0;
1685}
#define DECLSPEC_ALIGN(x)
Definition: ntbasedef.h:251
ActualNumberDriverObjects * sizeof(PDRIVER_OBJECT)) PDRIVER_OBJECT *DriverObjectList

Referenced by ProcessPageShowContextMenu(), and test_query_process_priority().

◆ GetProcessAffinityMask()

BOOL WINAPI GetProcessAffinityMask ( IN HANDLE  hProcess,
OUT PDWORD_PTR  lpProcessAffinityMask,
OUT PDWORD_PTR  lpSystemAffinityMask 
)

Definition at line 863 of file proc.c.

866{
867 PROCESS_BASIC_INFORMATION ProcessInfo;
869
870 /* Query information on the process from the kernel */
873 &ProcessInfo,
874 sizeof(ProcessInfo),
875 NULL);
876 if (!NT_SUCCESS(Status))
877 {
878 /* Fail */
880 return FALSE;
881 }
882
883 /* Copy the affinity mask, and get the system one from our shared data */
884 *lpProcessAffinityMask = (DWORD)ProcessInfo.AffinityMask;
886 return TRUE;
887}
unsigned long DWORD
Definition: ntddk_ex.h:95
SYSTEM_BASIC_INFORMATION SysInfo
Definition: base.h:130
KAFFINITY ActiveProcessorsAffinityMask
Definition: ntddk_ex.h:167

Referenced by AffinityDialogWndProc(), and test_thread_processor().

◆ GetProcessHandleCount()

BOOL WINAPI GetProcessHandleCount ( IN HANDLE  hProcess,
OUT PDWORD  pdwHandleCount 
)

Definition at line 1945 of file proc.c.

1947{
1948 ULONG phc;
1950
1951 /* Query the kernel */
1954 &phc,
1955 sizeof(phc),
1956 NULL);
1957 if (NT_SUCCESS(Status))
1958 {
1959 /* Copy the count and return success */
1960 *pdwHandleCount = phc;
1961 return TRUE;
1962 }
1963
1964 /* Handle error path */
1966 return FALSE;
1967}
@ ProcessHandleCount
Definition: winternl.h:876

◆ GetProcessId()

DWORD WINAPI GetProcessId ( IN HANDLE  Process)

Definition at line 1200 of file proc.c.

1201{
1202 PROCESS_BASIC_INFORMATION ProcessBasic;
1204
1205 /* Query the kernel */
1208 &ProcessBasic,
1209 sizeof(ProcessBasic),
1210 NULL);
1211 if (!NT_SUCCESS(Status))
1212 {
1213 /* Handle failure */
1215 return 0;
1216 }
1217
1218 /* Return the PID */
1219 return (DWORD)ProcessBasic.UniqueProcessId;
1220}
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223

◆ GetProcessIoCounters()

BOOL WINAPI GetProcessIoCounters ( IN HANDLE  hProcess,
OUT PIO_COUNTERS  lpIoCounters 
)

Definition at line 1861 of file proc.c.

1863{
1865
1866 /* Query the kernel. Structures are identical, so let it do the copy too. */
1869 lpIoCounters,
1870 sizeof(IO_COUNTERS),
1871 NULL);
1872 if (!NT_SUCCESS(Status))
1873 {
1874 /* Handle error path */
1876 return FALSE;
1877 }
1878
1879 /* All done */
1880 return TRUE;
1881}
@ ProcessIoCounters
Definition: winternl.h:858

Referenced by PerfDataRefresh().

◆ GetProcessPriorityBoost()

BOOL WINAPI GetProcessPriorityBoost ( IN HANDLE  hProcess,
OUT PBOOL  pDisablePriorityBoost 
)

Definition at line 1888 of file proc.c.

1890{
1893
1894 /* Query the kernel */
1898 sizeof(PriorityBoost),
1899 NULL);
1900 if (NT_SUCCESS(Status))
1901 {
1902 /* Convert from ULONG to a BOOL */
1903 *pDisablePriorityBoost = PriorityBoost ? TRUE : FALSE;
1904 return TRUE;
1905 }
1906
1907 /* Handle error path */
1909 return FALSE;
1910}
@ ProcessPriorityBoost
Definition: winternl.h:878
_In_ WDFREQUEST _In_ NTSTATUS _In_ CCHAR PriorityBoost
Definition: wdfrequest.h:1016

◆ GetProcessShutdownParameters()

BOOL WINAPI GetProcessShutdownParameters ( OUT LPDWORD  lpdwLevel,
OUT LPDWORD  lpdwFlags 
)

Definition at line 920 of file proc.c.

922{
923 BASE_API_MESSAGE ApiMessage;
924 PBASE_GETSET_PROCESS_SHUTDOWN_PARAMS ShutdownParametersRequest = &ApiMessage.Data.ShutdownParametersRequest;
925
926 /* Ask CSRSS for shutdown information */
928 NULL,
930 sizeof(*ShutdownParametersRequest));
931 if (!NT_SUCCESS(ApiMessage.Status))
932 {
933 /* Return the failure from CSRSS */
934 BaseSetLastNTError(ApiMessage.Status);
935 return FALSE;
936 }
937
938 /* Get the data back */
939 *lpdwLevel = ShutdownParametersRequest->ShutdownLevel;
940 *lpdwFlags = ShutdownParametersRequest->ShutdownFlags;
941 return TRUE;
942}
@ BasepGetProcessShutdownParam
Definition: basemsg.h:34
BASE_GETSET_PROCESS_SHUTDOWN_PARAMS ShutdownParametersRequest
Definition: basemsg.h:294
NTSTATUS Status
Definition: csrmsg.h:110

◆ GetProcessTimes()

BOOL WINAPI GetProcessTimes ( IN HANDLE  hProcess,
IN LPFILETIME  lpCreationTime,
IN LPFILETIME  lpExitTime,
IN LPFILETIME  lpKernelTime,
IN LPFILETIME  lpUserTime 
)

Definition at line 1099 of file proc.c.

1104{
1107
1108 /* Query the times */
1111 &Kut,
1112 sizeof(Kut),
1113 NULL);
1114 if (!NT_SUCCESS(Status))
1115 {
1116 /* Handle failure */
1118 return FALSE;
1119 }
1120
1121 /* Copy all the times and return success */
1122 lpCreationTime->dwLowDateTime = Kut.CreateTime.u.LowPart;
1123 lpCreationTime->dwHighDateTime = Kut.CreateTime.u.HighPart;
1124 lpExitTime->dwLowDateTime = Kut.ExitTime.u.LowPart;
1125 lpExitTime->dwHighDateTime = Kut.ExitTime.u.HighPart;
1126 lpKernelTime->dwLowDateTime = Kut.KernelTime.u.LowPart;
1127 lpKernelTime->dwHighDateTime = Kut.KernelTime.u.HighPart;
1128 lpUserTime->dwLowDateTime = Kut.UserTime.u.LowPart;
1129 lpUserTime->dwHighDateTime = Kut.UserTime.u.HighPart;
1130 return TRUE;
1131}
@ ProcessTimes
Definition: winternl.h:860
LARGE_INTEGER UserTime
Definition: winternl.h:1063
LARGE_INTEGER CreateTime
Definition: winternl.h:1060
LARGE_INTEGER KernelTime
Definition: winternl.h:1062
LARGE_INTEGER ExitTime
Definition: winternl.h:1061
struct _LARGE_INTEGER::@2290 u

◆ GetProcessVersion()

DWORD WINAPI GetProcessVersion ( IN DWORD  ProcessId)

Definition at line 1760 of file proc.c.

1761{
1762 DWORD Version = 0;
1763 PIMAGE_NT_HEADERS NtHeader;
1764 PIMAGE_DOS_HEADER DosHeader;
1765 PPEB Peb;
1766 PROCESS_BASIC_INFORMATION ProcessBasicInfo;
1771 USHORT VersionData[2];
1773
1774 /* We'll be accessing stuff that can fault, so protect everything with SEH */
1775 _SEH2_TRY
1776 {
1777 /* It this an in-process or out-of-process request? */
1778 if (!(ProcessId) || (GetCurrentProcessId() == ProcessId))
1779 {
1780 /* It's in-process, so just read our own header */
1781 NtHeader = RtlImageNtHeader(NtCurrentPeb()->ImageBaseAddress);
1782 if (!NtHeader)
1783 {
1784 /* Unable to read the NT header, something is wrong here... */
1786 goto Error;
1787 }
1788
1789 /* Get the version straight out of the NT header */
1792 }
1793 else
1794 {
1795 /* Out-of-process, so open it */
1797 FALSE,
1798 ProcessId);
1799 if (!ProcessHandle) _SEH2_YIELD(return 0);
1800
1801 /* Try to find out where its PEB lives */
1804 &ProcessBasicInfo,
1805 sizeof(ProcessBasicInfo),
1806 NULL);
1807
1808 if (!NT_SUCCESS(Status)) goto Error;
1809 Peb = ProcessBasicInfo.PebBaseAddress;
1810
1811 /* Now that we have the PEB, read the image base address out of it */
1814 &BaseAddress,
1815 sizeof(BaseAddress),
1816 NULL);
1817 if (!Result) goto Error;
1818
1819 /* Now read the e_lfanew (offset to NT header) from the base */
1820 DosHeader = BaseAddress;
1822 &DosHeader->e_lfanew,
1823 &e_lfanew,
1824 sizeof(e_lfanew),
1825 NULL);
1826 if (!Result) goto Error;
1827
1828 /* And finally, read the NT header itself by adding the offset */
1829 NtHeader = (PVOID)((ULONG_PTR)BaseAddress + e_lfanew);
1832 &VersionData,
1833 sizeof(VersionData),
1834 NULL);
1835 if (!Result) goto Error;
1836
1837 /* Get the version straight out of the NT header */
1838 Version = MAKELONG(VersionData[0], VersionData[1]);
1839
1840Error:
1841 /* If there was an error anywhere, set the last error */
1843 }
1844 }
1846 {
1847 /* Close the process handle */
1849 }
1850 _SEH2_END;
1851
1852 /* And return the version data */
1853 return Version;
1854}
BOOL Error
Definition: chkdsk.c:66
#define ReadProcessMemory(a, b, c, d, e)
Definition: compat.h:758
HANDLE WINAPI OpenProcess(IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN DWORD dwProcessId)
Definition: proc.c:1227
IN PLARGE_INTEGER IN PLARGE_INTEGER PEPROCESS ProcessId
Definition: fatprocs.h:2711
#define PROCESS_VM_READ
Definition: pstypes.h:161
#define PROCESS_QUERY_INFORMATION
Definition: pstypes.h:166
DWORD e_lfanew
Definition: crypt.c:1156
#define STATUS_INVALID_IMAGE_FORMAT
Definition: ntstatus.h:359
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:162
PVOID ImageBaseAddress
Definition: ntddk_ex.h:245
#define MAKELONG(a, b)
Definition: typedefs.h:249
_Must_inspect_result_ _In_ WDFDEVICE _In_ LPCGUID _Out_ PINTERFACE _In_ USHORT _In_ USHORT Version
Definition: wdffdo.h:469
DWORD WINAPI GetCurrentProcessId(void)
Definition: proc.c:1158

Referenced by get_app_version(), GetSystemInfoInternal(), and test_GetProcessVersion().

◆ GetProcessWorkingSetSize()

BOOL WINAPI GetProcessWorkingSetSize ( IN HANDLE  hProcess,
OUT PSIZE_T  lpMinimumWorkingSetSize,
OUT PSIZE_T  lpMaximumWorkingSetSize 
)

Definition at line 1011 of file proc.c.

1014{
1015 DWORD Dummy;
1017 lpMinimumWorkingSetSize,
1018 lpMaximumWorkingSetSize,
1019 &Dummy);
1020}
BOOL WINAPI GetProcessWorkingSetSizeEx(IN HANDLE hProcess, OUT PSIZE_T lpMinimumWorkingSetSize, OUT PSIZE_T lpMaximumWorkingSetSize, OUT PDWORD Flags)
Definition: proc.c:978

◆ GetProcessWorkingSetSizeEx()

BOOL WINAPI GetProcessWorkingSetSizeEx ( IN HANDLE  hProcess,
OUT PSIZE_T  lpMinimumWorkingSetSize,
OUT PSIZE_T  lpMaximumWorkingSetSize,
OUT PDWORD  Flags 
)

Definition at line 978 of file proc.c.

982{
983 QUOTA_LIMITS_EX QuotaLimits;
985
986 /* Query the kernel about this */
989 &QuotaLimits,
990 sizeof(QuotaLimits),
991 NULL);
992 if (!NT_SUCCESS(Status))
993 {
994 /* Return error */
996 return FALSE;
997 }
998
999 /* Copy the quota information out */
1000 *lpMinimumWorkingSetSize = QuotaLimits.MinimumWorkingSetSize;
1001 *lpMaximumWorkingSetSize = QuotaLimits.MaximumWorkingSetSize;
1002 *Flags = QuotaLimits.Flags;
1003 return TRUE;
1004}
@ ProcessQuotaLimits
Definition: winternl.h:857
SIZE_T MaximumWorkingSetSize
Definition: pstypes.h:71
SIZE_T MinimumWorkingSetSize
Definition: pstypes.h:70

Referenced by GetProcessWorkingSetSize().

◆ GetStartupInfoA()

VOID WINAPI GetStartupInfoA ( IN LPSTARTUPINFOA  lpStartupInfo)

Definition at line 1320 of file proc.c.

1321{
1323 ANSI_STRING TitleString, ShellString, DesktopString;
1324 LPSTARTUPINFOA StartupInfo;
1326
1327 /* Get the cached information as well as the PEB parameters */
1328 StartupInfo = BaseAnsiStartupInfo;
1329 Params = NtCurrentPeb()->ProcessParameters;
1330
1331 /* Check if this is the first time we have to get the cached version */
1332 while (!StartupInfo)
1333 {
1334 /* Create new ANSI startup info */
1335 StartupInfo = RtlAllocateHeap(RtlGetProcessHeap(),
1336 0,
1337 sizeof(*StartupInfo));
1338 if (StartupInfo)
1339 {
1340 /* Zero out string pointers in case we fail to create them */
1341 StartupInfo->lpReserved = NULL;
1342 StartupInfo->lpDesktop = NULL;
1343 StartupInfo->lpTitle = NULL;
1344
1345 /* Set the size */
1346 StartupInfo->cb = sizeof(*StartupInfo);
1347
1348 /* Copy what's already stored in the PEB */
1349 StartupInfo->dwX = Params->StartingX;
1350 StartupInfo->dwY = Params->StartingY;
1351 StartupInfo->dwXSize = Params->CountX;
1352 StartupInfo->dwYSize = Params->CountY;
1353 StartupInfo->dwXCountChars = Params->CountCharsX;
1354 StartupInfo->dwYCountChars = Params->CountCharsY;
1355 StartupInfo->dwFillAttribute = Params->FillAttribute;
1356 StartupInfo->dwFlags = Params->WindowFlags;
1357 StartupInfo->wShowWindow = (WORD)Params->ShowWindowFlags;
1358 StartupInfo->cbReserved2 = Params->RuntimeData.Length;
1359 StartupInfo->lpReserved2 = (LPBYTE)Params->RuntimeData.Buffer;
1360 StartupInfo->hStdInput = Params->StandardInput;
1361 StartupInfo->hStdOutput = Params->StandardOutput;
1362 StartupInfo->hStdError = Params->StandardError;
1363
1364 /* Copy shell info string */
1365 Status = RtlUnicodeStringToAnsiString(&ShellString,
1366 &Params->ShellInfo,
1367 TRUE);
1368 if (NT_SUCCESS(Status))
1369 {
1370 /* Save it */
1371 StartupInfo->lpReserved = ShellString.Buffer;
1372
1373 /* Copy desktop info string */
1374 Status = RtlUnicodeStringToAnsiString(&DesktopString,
1375 &Params->DesktopInfo,
1376 TRUE);
1377 if (NT_SUCCESS(Status))
1378 {
1379 /* Save it */
1380 StartupInfo->lpDesktop = DesktopString.Buffer;
1381
1382 /* Copy window title string */
1383 Status = RtlUnicodeStringToAnsiString(&TitleString,
1384 &Params->WindowTitle,
1385 TRUE);
1386 if (NT_SUCCESS(Status))
1387 {
1388 /* Save it */
1389 StartupInfo->lpTitle = TitleString.Buffer;
1390
1391 /* We finished with the ANSI version, try to cache it */
1393 StartupInfo,
1394 NULL))
1395 {
1396 /* We were the first thread through, use the data */
1397 break;
1398 }
1399
1400 /* Someone beat us to it, use their data instead */
1401 StartupInfo = BaseAnsiStartupInfo;
1403
1404 /* We're going to free our own stuff, but not raise */
1405 RtlFreeAnsiString(&TitleString);
1406 }
1407 RtlFreeAnsiString(&DesktopString);
1408 }
1409 RtlFreeAnsiString(&ShellString);
1410 }
1411 RtlFreeHeap(RtlGetProcessHeap(), 0, StartupInfo);
1412 }
1413 else
1414 {
1415 /* No memory, fail */
1417 }
1418
1419 /* Raise an error unless we got here due to the race condition */
1421 }
1422
1423 /* Now copy from the cached ANSI version */
1424 lpStartupInfo->cb = StartupInfo->cb;
1425 lpStartupInfo->lpReserved = StartupInfo->lpReserved;
1426 lpStartupInfo->lpDesktop = StartupInfo->lpDesktop;
1427 lpStartupInfo->lpTitle = StartupInfo->lpTitle;
1428 lpStartupInfo->dwX = StartupInfo->dwX;
1429 lpStartupInfo->dwY = StartupInfo->dwY;
1430 lpStartupInfo->dwXSize = StartupInfo->dwXSize;
1431 lpStartupInfo->dwYSize = StartupInfo->dwYSize;
1432 lpStartupInfo->dwXCountChars = StartupInfo->dwXCountChars;
1433 lpStartupInfo->dwYCountChars = StartupInfo->dwYCountChars;
1434 lpStartupInfo->dwFillAttribute = StartupInfo->dwFillAttribute;
1435 lpStartupInfo->dwFlags = StartupInfo->dwFlags;
1436 lpStartupInfo->wShowWindow = StartupInfo->wShowWindow;
1437 lpStartupInfo->cbReserved2 = StartupInfo->cbReserved2;
1438 lpStartupInfo->lpReserved2 = StartupInfo->lpReserved2;
1439
1440 /* Check if the shell is hijacking the handles for other features */
1441 if (lpStartupInfo->dwFlags &
1442 (STARTF_USESTDHANDLES | STARTF_USEHOTKEY | STARTF_SHELLPRIVATE))
1443 {
1444 /* It isn't, so we can return the raw values */
1445 lpStartupInfo->hStdInput = StartupInfo->hStdInput;
1446 lpStartupInfo->hStdOutput = StartupInfo->hStdOutput;
1447 lpStartupInfo->hStdError = StartupInfo->hStdError;
1448 }
1449 else
1450 {
1451 /* It is, so make sure nobody uses these as console handles */
1452 lpStartupInfo->hStdInput = INVALID_HANDLE_VALUE;
1453 lpStartupInfo->hStdOutput = INVALID_HANDLE_VALUE;
1454 lpStartupInfo->hStdError = INVALID_HANDLE_VALUE;
1455 }
1456}
LPSTARTUPINFOA BaseAnsiStartupInfo
Definition: proc.c:24
unsigned short WORD
Definition: ntddk_ex.h:93
#define InterlockedCompareExchangePointer
Definition: interlocked.h:129
DECLSPEC_NORETURN NTSYSAPI VOID NTAPI RtlRaiseStatus(_In_ NTSTATUS Status)
NTSYSAPI NTSTATUS NTAPI RtlUnicodeStringToAnsiString(PANSI_STRING DestinationString, PUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)
NTSYSAPI VOID NTAPI RtlFreeAnsiString(PANSI_STRING AnsiString)
DWORD dwX
Definition: winbase.h:835
HANDLE hStdOutput
Definition: winbase.h:847
DWORD dwXSize
Definition: winbase.h:837
DWORD dwXCountChars
Definition: winbase.h:839
HANDLE hStdError
Definition: winbase.h:848
DWORD dwFlags
Definition: winbase.h:842
DWORD cb
Definition: winbase.h:831
HANDLE hStdInput
Definition: winbase.h:846
DWORD dwYSize
Definition: winbase.h:838
WORD wShowWindow
Definition: winbase.h:843
DWORD dwYCountChars
Definition: winbase.h:840
WORD cbReserved2
Definition: winbase.h:844
PBYTE lpReserved2
Definition: winbase.h:845
DWORD dwY
Definition: winbase.h:836
DWORD dwFillAttribute
Definition: winbase.h:841
unsigned char * LPBYTE
Definition: typedefs.h:53
_In_ WDFIOTARGET _In_ PWDF_REQUEST_COMPLETION_PARAMS Params
Definition: wdfrequest.h:308

Referenced by doChild(), msvcrt_init_io(), test_Console(), test_DebuggingFlag(), test_Startup(), and test_SuspendFlag().

◆ GetStartupInfoW()

VOID WINAPI GetStartupInfoW ( IN LPSTARTUPINFOW  lpStartupInfo)

Definition at line 1279 of file proc.c.

1280{
1282
1283 /* Get the process parameters */
1284 Params = NtCurrentPeb()->ProcessParameters;
1285
1286 /* Copy the data out of there */
1287 lpStartupInfo->cb = sizeof(STARTUPINFOW);
1288 lpStartupInfo->lpReserved = Params->ShellInfo.Buffer;
1289 lpStartupInfo->lpDesktop = Params->DesktopInfo.Buffer;
1290 lpStartupInfo->lpTitle = Params->WindowTitle.Buffer;
1291 lpStartupInfo->dwX = Params->StartingX;
1292 lpStartupInfo->dwY = Params->StartingY;
1293 lpStartupInfo->dwXSize = Params->CountX;
1294 lpStartupInfo->dwYSize = Params->CountY;
1295 lpStartupInfo->dwXCountChars = Params->CountCharsX;
1296 lpStartupInfo->dwYCountChars = Params->CountCharsY;
1297 lpStartupInfo->dwFillAttribute = Params->FillAttribute;
1298 lpStartupInfo->dwFlags = Params->WindowFlags;
1299 lpStartupInfo->wShowWindow = (WORD)Params->ShowWindowFlags;
1300 lpStartupInfo->cbReserved2 = Params->RuntimeData.Length;
1301 lpStartupInfo->lpReserved2 = (LPBYTE)Params->RuntimeData.Buffer;
1302
1303 /* Check if the standard handles are being used for other features */
1304 if (lpStartupInfo->dwFlags & (STARTF_USESTDHANDLES |
1305 STARTF_USEHOTKEY |
1307 {
1308 /* These are, so copy the standard handles too */
1309 lpStartupInfo->hStdInput = Params->StandardInput;
1310 lpStartupInfo->hStdOutput = Params->StandardOutput;
1311 lpStartupInfo->hStdError = Params->StandardError;
1312 }
1313}
struct _STARTUPINFOW STARTUPINFOW

Referenced by doChild(), and wWinMain().

◆ InitCommandLines()

VOID WINAPI InitCommandLines ( VOID  )

Definition at line 842 of file proc.c.

843{
845
846 /* Read the UNICODE_STRING from the PEB */
847 BaseUnicodeCommandLine = NtCurrentPeb()->ProcessParameters->CommandLine;
848
849 /* Convert to ANSI_STRING for the *A callers */
852 TRUE);
853 if (!NT_SUCCESS(Status)) RtlInitEmptyAnsiString(&BaseAnsiCommandLine, 0, 0);
854}

Referenced by DllMain().

◆ IsWow64Process()

BOOL WINAPI IsWow64Process ( IN HANDLE  hProcess,
OUT PBOOL  Wow64Process 
)

Definition at line 1974 of file proc.c.

1976{
1977 ULONG_PTR pbi;
1979
1980 /* Query the kernel */
1983 &pbi,
1984 sizeof(pbi),
1985 NULL);
1986 if (!NT_SUCCESS(Status))
1987 {
1988 /* Handle error path */
1990 return FALSE;
1991 }
1992
1993 /* Enforce this is a BOOL, and return success */
1994 *Wow64Process = (pbi != 0);
1995 return TRUE;
1996}
@ ProcessWow64Information
Definition: winternl.h:396
_Inout_ PERBANDINFO * pbi
Definition: winddi.h:3917

◆ OpenProcess()

HANDLE WINAPI OpenProcess ( IN DWORD  dwDesiredAccess,
IN BOOL  bInheritHandle,
IN DWORD  dwProcessId 
)

Definition at line 1227 of file proc.c.

1230{
1235
1236 /* Setup the input client ID structure */
1237 ClientId.UniqueProcess = UlongToHandle(dwProcessId);
1239
1240 /* This is needed just to define the inheritance flags */
1242 NULL,
1244 NULL,
1245 NULL);
1246
1247 /* Now try to open the process */
1249 dwDesiredAccess,
1251 &ClientId);
1252 if (!NT_SUCCESS(Status))
1253 {
1254 /* Handle failure */
1256 return NULL;
1257 }
1258
1259 /* Otherwise return a handle to the process */
1260 return ProcessHandle;
1261}
#define UlongToHandle(ul)
Definition: basetsd.h:97
#define OBJ_INHERIT
Definition: winternl.h:225
static BOOL bInheritHandle
Definition: pipe.c:82
NTSTATUS NTAPI NtOpenProcess(OUT PHANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PCLIENT_ID ClientId)
Definition: process.c:1440

Referenced by _DoDLLInjection(), _RpcCommitSpoolData2(), _RpcGetSpoolFileInfo2(), _tWinMain(), CIconWatcher::AddIconToWatcher(), appbar_message(), child_process(), CloseProcess(), CloseProcessAndVerify_(), debugcontrol_WaitForEvent(), dll_entry_point(), doChild(), DoSetPriority(), ExecuteKill(), get_droptarget_local_handle(), get_process_name_from_pid(), GetOwnerModuleFromPidEntry(), GetProcessExecutablePathById(), GetProcessHandleFromHwnd(), GetProcessVersion(), GetThemeServiceProcessHandle(), Ghost_DestroyTarget(), IsProcessRunning(), ObjectFromLresult(), PerfDataGetCommandLine(), PerfDataRefresh(), PNP_ReportLogOn(), ProcessKeys(), ProcessList_Update(), ProcessPage_OnEndProcess(), ProcessPage_OnEndProcessTree(), ProcessPage_OnSetAffinity(), ProcessPageShowContextMenu(), ProcessRunning(), SeclCreateProcessWithLogonW(), SHMapHandle(), ShutdownProcessTreeHelper(), START_TEST(), terminate_processes(), test_ExitProcess(), test_OpenProcess(), test_process_info(), test_process_security_child(), test_query_process_handlecount(), test_query_process_times(), test_query_process_vm(), test_QueryFullProcessImageNameW(), test_readvirtualmemory(), test_RtlQueryPackageIdentity(), test_shell_window(), test_token_security_descriptor(), test_Toolhelp(), test_ws_functions(), Toolhelp32ReadProcessMemory(), WSPDuplicateSocket(), and wWinMain().

◆ ProcessIdToSessionId()

BOOL WINAPI ProcessIdToSessionId ( IN DWORD  dwProcessId,
OUT PDWORD  pSessionId 
)

Definition at line 2175 of file proc.c.

2177{
2178 PROCESS_SESSION_INFORMATION SessionInformation;
2183
2184 /* Do a quick check if the pointer is not writable */
2185 if (IsBadWritePtr(pSessionId, sizeof(DWORD)))
2186 {
2187 /* Fail fast */
2189 return FALSE;
2190 }
2191
2192 /* Open the process passed in by ID */
2193 ClientId.UniqueProcess = UlongToHandle(dwProcessId);
2199 &ClientId);
2200 if (NT_SUCCESS(Status))
2201 {
2202 /* Query the session ID from the kernel */
2205 &SessionInformation,
2206 sizeof(SessionInformation),
2207 NULL);
2208
2209 /* Close the handle and check if we succeeded */
2211 if (NT_SUCCESS(Status))
2212 {
2213 /* Return the session ID */
2214 *pSessionId = SessionInformation.SessionId;
2215 return TRUE;
2216 }
2217 }
2218
2219 /* Set error code and fail */
2221 return FALSE;
2222}
BOOL NTAPI IsBadWritePtr(IN LPVOID lp, IN UINT_PTR ucb)
Definition: except.c:883
@ ProcessSessionInformation
Definition: winternl.h:880

Referenced by AddPortW(), ConfigurePortW(), and test_SHCreateSessionKey().

◆ ReadProcessMemory()

BOOL NTAPI ReadProcessMemory ( IN HANDLE  hProcess,
IN LPCVOID  lpBaseAddress,
IN LPVOID  lpBuffer,
IN SIZE_T  nSize,
OUT SIZE_T lpNumberOfBytesRead 
)

Definition at line 2023 of file proc.c.

2028{
2030
2031 /* Do the read */
2033 (PVOID)lpBaseAddress,
2034 lpBuffer,
2035 nSize,
2036 &nSize);
2037
2038 /* In user-mode, this parameter is optional */
2039 if (lpNumberOfBytesRead) *lpNumberOfBytesRead = nSize;
2040 if (!NT_SUCCESS(Status))
2041 {
2042 /* We failed */
2044 return FALSE;
2045 }
2046
2047 /* Return success */
2048 return TRUE;
2049}
static TAGREF LPCWSTR LPDWORD LPVOID lpBuffer
Definition: db.cpp:175

◆ RegisterWaitForInputIdle() [1/2]

VOID WINAPI RegisterWaitForInputIdle ( IN WaitForInputIdleType  lpfnRegisterWaitForInputIdle)

Definition at line 1268 of file proc.c.

1269{
1270 /* Write the global function pointer */
1271 UserWaitForInputIdleRoutine = lpfnRegisterWaitForInputIdle;
1272}
WaitForInputIdleType UserWaitForInputIdleRoutine
Definition: proc.c:20

◆ RegisterWaitForInputIdle() [2/2]

VOID WINAPI RegisterWaitForInputIdle ( WaitForInputIdleType  lpfnRegisterWaitForInputIdle)

◆ SetPriorityClass()

BOOL WINAPI SetPriorityClass ( IN HANDLE  hProcess,
IN DWORD  dwPriorityClass 
)

Definition at line 1692 of file proc.c.

1694{
1696 PVOID State = NULL;
1697 PROCESS_PRIORITY_CLASS PriorityClass;
1698
1699 /* Handle conversion from Win32 to NT priority classes */
1700 switch (dwPriorityClass)
1701 {
1704 break;
1705
1708 break;
1709
1712 break;
1713
1716 break;
1717
1720 break;
1721
1723 /* Try to acquire the privilege. If it fails, just use HIGH */
1726 PriorityClass.PriorityClass += (State != NULL);
1727 break;
1728
1729 default:
1730 /* Unrecognized priority classes don't make it to the kernel */
1732 return FALSE;
1733 }
1734
1735 /* Send the request to the kernel, and don't touch the foreground flag */
1736 PriorityClass.Foreground = FALSE;
1739 &PriorityClass,
1740 sizeof(PROCESS_PRIORITY_CLASS));
1741
1742 /* Release the privilege if we had it */
1744 if (!NT_SUCCESS(Status))
1745 {
1746 /* Handle error path */
1748 return FALSE;
1749 }
1750
1751 /* All done */
1752 return TRUE;
1753}

Referenced by CsrSetPriorityClass(), DoSetPriority(), main(), test_query_process_priority(), UpdatePriority(), and wWinMain().

◆ SetProcessAffinityMask()

BOOL WINAPI SetProcessAffinityMask ( IN HANDLE  hProcess,
IN DWORD_PTR  dwProcessAffinityMask 
)

Definition at line 894 of file proc.c.

896{
898
899 /* Directly set the affinity mask */
902 (PVOID)&dwProcessAffinityMask,
903 sizeof(dwProcessAffinityMask));
904 if (!NT_SUCCESS(Status))
905 {
906 /* Handle failure */
908 return FALSE;
909 }
910
911 /* Everything was ok */
912 return TRUE;
913}
@ ProcessAffinityMask
Definition: winternl.h:877

Referenced by AffinityDialogWndProc(), and cmd_start().

◆ SetProcessPriorityBoost()

BOOL WINAPI SetProcessPriorityBoost ( IN HANDLE  hProcess,
IN BOOL  bDisablePriorityBoost 
)

Definition at line 1917 of file proc.c.

1919{
1922
1923 /* Enforce that this is a BOOL, and send it to the kernel as a ULONG */
1924 PriorityBoost = (bDisablePriorityBoost ? TRUE : FALSE);
1928 sizeof(ULONG));
1929 if (!NT_SUCCESS(Status))
1930 {
1931 /* Handle error path */
1933 return FALSE;
1934 }
1935
1936 /* All done */
1937 return TRUE;
1938}

◆ SetProcessShutdownParameters()

BOOL WINAPI SetProcessShutdownParameters ( IN DWORD  dwLevel,
IN DWORD  dwFlags 
)

Definition at line 949 of file proc.c.

951{
952 BASE_API_MESSAGE ApiMessage;
953 PBASE_GETSET_PROCESS_SHUTDOWN_PARAMS ShutdownParametersRequest = &ApiMessage.Data.ShutdownParametersRequest;
954
955 /* Write the data into the CSRSS request and send it */
956 ShutdownParametersRequest->ShutdownLevel = dwLevel;
957 ShutdownParametersRequest->ShutdownFlags = dwFlags;
959 NULL,
961 sizeof(*ShutdownParametersRequest));
962 if (!NT_SUCCESS(ApiMessage.Status))
963 {
964 /* Return the failure from CSRSS */
965 BaseSetLastNTError(ApiMessage.Status);
966 return FALSE;
967 }
968
969 /* All went well */
970 return TRUE;
971}
@ BasepSetProcessShutdownParam
Definition: basemsg.h:33
_In_ PCCERT_CONTEXT _In_ DWORD dwFlags
Definition: wincrypt.h:1176

Referenced by _tWinMain(), and wWinMain().

◆ SetProcessWorkingSetSize()

BOOL WINAPI SetProcessWorkingSetSize ( IN HANDLE  hProcess,
IN SIZE_T  dwMinimumWorkingSetSize,
IN SIZE_T  dwMaximumWorkingSetSize 
)

Definition at line 1083 of file proc.c.

1086{
1087 /* Call the newer API */
1089 dwMinimumWorkingSetSize,
1090 dwMaximumWorkingSetSize,
1091 0);
1092}
BOOL WINAPI SetProcessWorkingSetSizeEx(IN HANDLE hProcess, IN SIZE_T dwMinimumWorkingSetSize, IN SIZE_T dwMaximumWorkingSetSize, IN DWORD Flags)
Definition: proc.c:1027

◆ SetProcessWorkingSetSizeEx()

BOOL WINAPI SetProcessWorkingSetSizeEx ( IN HANDLE  hProcess,
IN SIZE_T  dwMinimumWorkingSetSize,
IN SIZE_T  dwMaximumWorkingSetSize,
IN DWORD  Flags 
)

Definition at line 1027 of file proc.c.

1031{
1032 QUOTA_LIMITS_EX QuotaLimits;
1033 NTSTATUS Status, ReturnStatus;
1034 BOOL Result;
1035 PVOID State;
1037
1038 /* Zero out the input structure */
1039 RtlZeroMemory(&QuotaLimits, sizeof(QuotaLimits));
1040
1041 /* Check if the caller sent any limits */
1042 if ((dwMinimumWorkingSetSize) && (dwMaximumWorkingSetSize))
1043 {
1044 /* Write the quota information */
1045 QuotaLimits.MinimumWorkingSetSize = dwMinimumWorkingSetSize;
1046 QuotaLimits.MaximumWorkingSetSize = dwMaximumWorkingSetSize;
1047 QuotaLimits.Flags = Flags;
1048
1049 /* Acquire the required privilege */
1051
1052 /* Request the new quotas */
1053 ReturnStatus = NtSetInformationProcess(hProcess,
1055 &QuotaLimits,
1056 sizeof(QuotaLimits));
1057 Result = NT_SUCCESS(ReturnStatus);
1058 if (NT_SUCCESS(Status))
1059 {
1060 /* Release the privilege and set succes code */
1061 ASSERT(State != NULL);
1063 State = NULL;
1064 }
1065 }
1066 else
1067 {
1068 /* No limits, fail the call */
1069 ReturnStatus = STATUS_INVALID_PARAMETER;
1070 Result = FALSE;
1071 }
1072
1073 /* Return result code, set error code if this was a failure */
1074 if (!Result) BaseSetLastNTError(ReturnStatus);
1075 return Result;
1076}
#define SE_INC_BASE_PRIORITY_PRIVILEGE
Definition: security.c:668
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable)
Definition: user_lib.cpp:531

Referenced by SetProcessWorkingSetSize().

◆ StuffStdHandle()

VOID WINAPI StuffStdHandle ( IN HANDLE  ProcessHandle,
IN HANDLE  StandardHandle,
IN PHANDLE  Address 
)

Definition at line 57 of file proc.c.

60{
62 HANDLE DuplicatedHandle;
63 SIZE_T NumberOfBytesWritten;
64
65 /* If there is no handle to duplicate, return immediately */
66 if (!StandardHandle) return;
67
68 /* Duplicate the handle */
70 StandardHandle,
72 &DuplicatedHandle,
73 0,
74 0,
77 if (!NT_SUCCESS(Status)) return;
78
79 /* Write it */
81 Address,
82 &DuplicatedHandle,
83 sizeof(HANDLE),
84 &NumberOfBytesWritten);
85}
#define DUPLICATE_SAME_ATTRIBUTES
Definition: obtypes.h:153
NTSTATUS NTAPI NtDuplicateObject(IN HANDLE SourceProcessHandle, IN HANDLE SourceHandle, IN HANDLE TargetProcessHandle OPTIONAL, OUT PHANDLE TargetHandle OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG HandleAttributes, IN ULONG Options)
Definition: obhandle.c:3410
static WCHAR Address[46]
Definition: ping.c:68
#define DUPLICATE_SAME_ACCESS

Referenced by CreateProcessInternalW().

◆ TerminateProcess()

BOOL WINAPI TerminateProcess ( IN HANDLE  hProcess,
IN UINT  uExitCode 
)

Definition at line 1532 of file proc.c.

1534{
1536
1537 /* Check if no handle was passed in */
1538 if (!hProcess)
1539 {
1540 /* Set error code */
1542 }
1543 else
1544 {
1545 /* Otherwise, try to terminate the process */
1546 Status = NtTerminateProcess(hProcess, uExitCode);
1547 if (NT_SUCCESS(Status)) return TRUE;
1548
1549 /* It failed, convert error code */
1551 }
1552
1553 /* This is the failure path */
1554 return FALSE;
1555}
#define ERROR_INVALID_HANDLE
Definition: compat.h:98

Referenced by _tWinMain(), child_process(), Telnet::Close(), CloseProcess(), CorDebug_CreateProcess(), cordebugprocess_Terminate(), CPlApplet(), crash_and_debug(), CreateProcessAsUserCommon(), do_register_dll(), DoTestEntry(), ExecuteKill(), ExecutePipeline(), Ghost_DestroyTarget(), ProcessKeys(), ProcessPage_OnEndProcess(), read_reg_output_(), run_ex(), run_reg_exe_(), run_regedit_exe_(), runcmd(), ScreenSaverConfig(), ScreenSaverPageProc(), ScreenSaverPreview(), SetScreenSaverPreviewBox(), ShutdownProcessTreeHelper(), START_TEST(), StartScreenSaver(), terminate_processes(), TerminateShell(), test_apc_deadlock(), test_BreakawayOk(), test_CompletionPort(), test_CreateRemoteThread(), test_Directory(), TEST_DoTestEntryStruct(), test_EnumProcessModules(), test_ExitProcess(), test_GetProcessVersion(), test_IsProcessInJob(), test_IsWow64Process(), test_KillOnJobClose(), Test_layers(), test_NtMapViewOfSection(), test_NtSuspendProcess(), test_overlapped_transport(), test_process_access(), test_QueryInformationJobObject(), Test_repeatlayer(), test_RtlQueryPackageIdentity(), test_RunSetupCommand(), test_section_access(), test_shell_window(), test_TerminateJobObject(), test_TerminateProcess(), test_VirtualAllocEx(), test_WaitForInputIdle(), test_WaitForJobObject(), TestTerminateProcess(), WshExec_Terminate(), wWinMain(), and CProcess::~CProcess().

◆ WinExec()

UINT WINAPI DECLSPEC_HOTPATCH WinExec ( LPCSTR  lpCmdLine,
UINT  uCmdShow 
)

Definition at line 4773 of file proc.c.

4775{
4776 STARTUPINFOA StartupInfo;
4777 PROCESS_INFORMATION ProcessInformation;
4778 DWORD dosErr;
4779
4780 RtlZeroMemory(&StartupInfo, sizeof(StartupInfo));
4781 StartupInfo.cb = sizeof(STARTUPINFOA);
4782 StartupInfo.wShowWindow = (WORD)uCmdShow;
4783 StartupInfo.dwFlags = 0;
4784
4785 if (!CreateProcessA(NULL,
4786 (PVOID)lpCmdLine,
4787 NULL,
4788 NULL,
4789 FALSE,
4790 0,
4791 NULL,
4792 NULL,
4793 &StartupInfo,
4794 &ProcessInformation))
4795 {
4796 dosErr = GetLastError();
4797 return dosErr < 32 ? dosErr : ERROR_BAD_FORMAT;
4798 }
4799
4801 {
4802 UserWaitForInputIdleRoutine(ProcessInformation.hProcess,
4803 10000);
4804 }
4805
4806 NtClose(ProcessInformation.hProcess);
4807 NtClose(ProcessInformation.hThread);
4808
4809 return 33; /* Something bigger than 31 means success. */
4810}
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessA(LPCSTR lpApplicationName, LPSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCSTR lpCurrentDirectory, LPSTARTUPINFOA lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
Definition: proc.c:4741
struct _STARTUPINFOA STARTUPINFOA
#define ERROR_BAD_FORMAT
Definition: winerror.h:114

Referenced by DefWndHandleSysCommand(), RunBatch(), RunBookmarkEditor(), ScreenSaverPageProc(), and WinHelpA().

◆ WriteProcessMemory()

BOOL NTAPI WriteProcessMemory ( IN HANDLE  hProcess,
IN LPVOID  lpBaseAddress,
IN LPCVOID  lpBuffer,
IN SIZE_T  nSize,
OUT SIZE_T lpNumberOfBytesWritten 
)

Definition at line 2056 of file proc.c.

2061{
2063 ULONG OldValue;
2065 PVOID Base;
2067
2068 /* Set parameters for protect call */
2069 RegionSize = nSize;
2070 Base = lpBaseAddress;
2071
2072 /* Check the current status */
2074 &Base,
2075 &RegionSize,
2077 &OldValue);
2078 if (NT_SUCCESS(Status))
2079 {
2080 /* Check if we are unprotecting */
2081 UnProtect = OldValue & (PAGE_READWRITE |
2085 if (!UnProtect)
2086 {
2087 /* Set the new protection */
2089 &Base,
2090 &RegionSize,
2091 OldValue,
2092 &OldValue);
2093
2094 /* Write the memory */
2096 lpBaseAddress,
2098 nSize,
2099 &nSize);
2100
2101 /* In Win32, the parameter is optional, so handle this case */
2102 if (lpNumberOfBytesWritten) *lpNumberOfBytesWritten = nSize;
2103
2104 if (!NT_SUCCESS(Status))
2105 {
2106 /* We failed */
2108 return FALSE;
2109 }
2110
2111 /* Flush the ITLB */
2112 NtFlushInstructionCache(hProcess, lpBaseAddress, nSize);
2113 return TRUE;
2114 }
2115 else
2116 {
2117 /* Check if we were read only */
2118 if (OldValue & (PAGE_NOACCESS | PAGE_READONLY))
2119 {
2120 /* Restore protection and fail */
2122 &Base,
2123 &RegionSize,
2124 OldValue,
2125 &OldValue);
2127
2128 /* Note: This is what Windows returns and code depends on it */
2130 }
2131
2132 /* Otherwise, do the write */
2134 lpBaseAddress,
2136 nSize,
2137 &nSize);
2138
2139 /* In Win32, the parameter is optional, so handle this case */
2140 if (lpNumberOfBytesWritten) *lpNumberOfBytesWritten = nSize;
2141
2142 /* And restore the protection */
2144 &Base,
2145 &RegionSize,
2146 OldValue,
2147 &OldValue);
2148 if (!NT_SUCCESS(Status))
2149 {
2150 /* We failed */
2152
2153 /* Note: This is what Windows returns and code depends on it */
2155 }
2156
2157 /* Flush the ITLB */
2158 NtFlushInstructionCache(hProcess, lpBaseAddress, nSize);
2159 return TRUE;
2160 }
2161 }
2162 else
2163 {
2164 /* We failed */
2166 return FALSE;
2167 }
2168}
#define PAGE_READONLY
Definition: compat.h:138
_In_opt_ ULONG Base
Definition: rtlfuncs.h:2439
#define PAGE_WRITECOPY
Definition: nt_native.h:1305
#define PAGE_EXECUTE_WRITECOPY
Definition: nt_native.h:1309
#define PAGE_NOACCESS
Definition: nt_native.h:1302
NTSTATUS NTAPI NtProtectVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UnsafeBaseAddress, IN OUT SIZE_T *UnsafeNumberOfBytesToProtect, IN ULONG NewAccessProtection, OUT PULONG UnsafeOldAccessProtection)
Definition: virtual.c:3109
#define STATUS_ACCESS_VIOLATION
Definition: ntstatus.h:242

Referenced by _DoDLLInjection(), and test_VirtualAllocEx().

Variable Documentation

◆ BaseAnsiCommandLine

ANSI_STRING BaseAnsiCommandLine

Definition at line 22 of file proc.c.

Referenced by GetCommandLineA(), and InitCommandLines().

◆ BaseAnsiStartupInfo

LPSTARTUPINFOA BaseAnsiStartupInfo = NULL

Definition at line 24 of file proc.c.

Referenced by GetStartupInfoA().

◆ BasepAppCertDllsList

LIST_ENTRY BasepAppCertDllsList

Definition at line 28 of file proc.c.

Referenced by BasepIsProcessAllowed(), and DllMain().

◆ BasepAppCertTable

RTL_QUERY_REGISTRY_TABLE BasepAppCertTable[2]
Initial value:
=
{
{
1,
L"AppCertDlls",
0,
0
}
}
NTSTATUS NTAPI BasepConfigureAppCertDlls(IN PWSTR ValueName, IN ULONG ValueType, IN PVOID ValueData, IN ULONG ValueLength, IN PVOID Context, IN PVOID EntryContext)
Definition: proc.c:189

Definition at line 32 of file proc.c.

Referenced by BasepIsProcessAllowed().

◆ BasePathVariableName

UNICODE_STRING BasePathVariableName = RTL_CONSTANT_STRING(L"PATH")

Definition at line 23 of file proc.c.

Referenced by BasepComputeProcessPath().

◆ BasepExeLdrEntry

PLDR_DATA_TABLE_ENTRY BasepExeLdrEntry

Definition at line 25 of file proc.c.

Referenced by BasepComputeProcessPath(), BasepLocateExeLdrEntry(), and LoadLibraryExW().

◆ BaseUnicodeCommandLine

UNICODE_STRING BaseUnicodeCommandLine

Definition at line 21 of file proc.c.

Referenced by GetCommandLineW(), and InitCommandLines().

◆ fEmbeddedCertFunc

PBASEP_APPCERT_EMBEDDED_FUNC fEmbeddedCertFunc

Definition at line 30 of file proc.c.

Referenced by BasepIsProcessAllowed().

◆ g_AppCertInitialized

BOOLEAN g_AppCertInitialized

Definition at line 26 of file proc.c.

Referenced by BasepIsProcessAllowed().

◆ g_AppCertStatus

NTSTATUS g_AppCertStatus

Definition at line 31 of file proc.c.

Referenced by BasepIsProcessAllowed().

◆ g_HaveAppCerts

BOOLEAN g_HaveAppCerts

Definition at line 27 of file proc.c.

Referenced by BasepIsProcessAllowed().

◆ g_SaferReplaceProcessThreadTokens

PSAFER_REPLACE_PROCESS_THREAD_TOKENS g_SaferReplaceProcessThreadTokens

Definition at line 45 of file proc.c.

Referenced by BasepReplaceProcessThreadTokens().

◆ gcsAppCert

Definition at line 29 of file proc.c.

Referenced by BasepIsProcessAllowed(), BasepReplaceProcessThreadTokens(), and DllMain().

◆ gSaferHandle

HMODULE gSaferHandle = (HMODULE)-1

Definition at line 46 of file proc.c.

Referenced by BasepReplaceProcessThreadTokens().

◆ UserWaitForInputIdleRoutine

WaitForInputIdleType UserWaitForInputIdleRoutine

Definition at line 20 of file proc.c.

Referenced by LoadModule(), RegisterWaitForInputIdle(), and WinExec().