Include dependency graph for proc.c:
Go to the source code of this file.
Macros | |
| #define | NDEBUG |
| #define | CMD_STRING L"cmd /c " |
| #define | AddToHandle(x, y) ((x) = (HANDLE)((ULONG_PTR)(x) | (y))) |
| #define | RemoveFromHandle(x, y) ((x) = (HANDLE)((ULONG_PTR)(x) & ~(y))) |
Macro Definition Documentation
◆ AddToHandle
◆ CMD_STRING
◆ NDEBUG
◆ RemoveFromHandle
Function Documentation
◆ BasepCheckWebBladeHashes()
Definition at line 147 of file proc.c.
148{
151
152 /* Get all the MD5 hashes */
155
156 /* Depending on which suite this is, run a bsearch and block the appropriate ones */
158 {
159 DPRINT1("Egad! This is a ReactOS Compute Server and we should prevent you from using certain APIs...but we won't.");
160 }
162 {
163 DPRINT1("Gasp! This is a ReactOS Storage Server and we should prevent you from using certain APIs...but we won't.");
164 }
166 {
167 DPRINT1("Golly! This is a ReactOS Web Blade Server and we should prevent you from using certain APIs...but we won't.");
168 }
169
170 /* Actually, fuck it, don't block anything, we're open source */
172}
NTSYSAPI NTSTATUS NTAPI RtlComputeImportTableHash(IN HANDLE FileHandle, OUT PCHAR Hash, IN ULONG ImportTableHashSize)
Definition: libsupp.c:1191
_Must_inspect_result_ _In_opt_ PFLT_INSTANCE _Out_ PHANDLE FileHandle
Definition: fltkernel.h:1231
#define VER_SUITE_STORAGE_SERVER
#define VER_SUITE_COMPUTE_SERVER
#define VER_SUITE_BLADE
#define SharedUserData
Referenced by CreateProcessInternalW().
◆ BasepConfigureAppCertDlls()
| NTSTATUS NTAPI BasepConfigureAppCertDlls | ( | IN PWSTR | ValueName, |
| IN ULONG | ValueType, | ||
| IN PVOID | ValueData, | ||
| IN ULONG | ValueLength, | ||
| IN PVOID | Context, | ||
| IN PVOID | EntryContext | ||
| ) |
Definition at line 187 of file proc.c.
193{
194 /* Add this to the certification list */
196}
NTSTATUS NTAPI BasepSaveAppCertRegistryValue(IN PLIST_ENTRY List, IN PWCHAR ComponentName, IN PWCHAR DllName)
Definition: proc.c:176
Definition: compobj.c:4795
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING ValueName
Definition: wdfregistry.h:243
◆ BasepIsImageVersionOk()
Definition at line 121 of file proc.c.
123{
124 /* Accept images for NT 3.1 or higher */
125 if (ImageMajorVersion > 3 ||
126 (ImageMajorVersion == 3 && ImageMinorVersion >= 10))
127 {
128 /* ReactOS-specific: Accept images even if they are newer than our internal NT version. */
130 (ImageMajorVersion == SharedUserData->NtMajorVersion && ImageMinorVersion > SharedUserData->NtMinorVersion))
131 {
133 ImageMajorVersion,
134 ImageMinorVersion,
135 SharedUserData->NtMajorVersion,
136 SharedUserData->NtMinorVersion);
137 }
138
140 }
141
143}
Referenced by CreateProcessInternalW().
◆ BasepIsProcessAllowed()
Definition at line 200 of file proc.c.
201{
205 HMODULE TrustLibrary;
207 ULONG CertFlag;
208 PLIST_ENTRY NextEntry;
210 UNICODE_STRING CertKey = RTL_CONSTANT_STRING(L"\\Registry\\MACHINE\\System\\CurrentControlSet\\Control\\Session Manager\\AppCertDlls");
211 OBJECT_ATTRIBUTES KeyAttributes = RTL_CONSTANT_OBJECT_ATTRIBUTES(&CertKey, OBJ_CASE_INSENSITIVE);
212
213 /* Try to initialize the certification subsystem */
215 {
216 /* Defaults */
219
220 /* Acquire the lock while initializing and see if we lost a race */
223
224 /* On embedded, there is a special DLL */
226 {
227 /* Allocate a buffer for the name */
229 0,
233 {
234 /* Fail if no memory */
236 }
237 else
238 {
239 /* Now get the system32 directory in our buffer, make sure it fits */
242 {
243 /* Add a slash if needed, and add the embedded cert DLL name */
248
249 /* Try to load it */
251 if (TrustLibrary)
252 {
253 /* And extract the special function out of it */
255 "ImageOkToRunOnEmbeddedNT");
256 }
257 }
258
259 /* If we didn't get this far, set a failure code */
261 }
262 }
263 else
264 {
265 /* Other systems have a registry entry for this */
268 {
269 /* Close it, we'll query it through Rtl */
271
272 /* Do the query, which will call a special callback */
275 BasepAppCertTable,
276 NULL,
277 NULL);
279 {
281 }
282 }
283 }
284
285 /* Free any buffer if we had one */
287
288 /* Check for errors, or a missing embedded/custom certification DLL */
291 {
292 /* The subsystem is not active on this machine, so give up */
295 }
296 else
297 {
298 /* We have certification DLLs active, remember this */
300 }
301
302 /* We are done the initialization phase, release the lock */
305 }
306
307 /* If there's no certification DLLs present, return the failure code */
309
310 /* Otherwise, assume success and make sure we have *something* */
313
314 /* If the something is an embedded certification DLL, call it and return */
316
317 /* Otherwise we have custom certification DLLs, parse them */
319 CertFlag = 2;
321 {
322 /* Make sure the entry has a callback */
325
326 /* Call it and check if it failed */
329
330 /* Move on */
331 NextEntry = NextEntry->Flink;
332 }
333
334 /* Now loop them again */
337 {
338 /* Make sure the entry has a callback */
341
342 /* Call it, this time with the flag from the loop above */
344 }
345
346 /* All done, return the status */
348}
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:616
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:634
Definition: bufpool.h:45
UINT WINAPI GetSystemDirectoryW(OUT LPWSTR lpBuffer, IN UINT uSize)
Definition: path.c:2232
NTSYSAPI NTSTATUS WINAPI RtlQueryRegistryValues(ULONG, PCWSTR, PRTL_QUERY_REGISTRY_TABLE, PVOID, PVOID)
Definition: nsiface.idl:2307
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4715
NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
#define UNICODE_NULL
#define VER_SUITE_EMBEDDEDNT
#define RTL_CONSTANT_OBJECT_ATTRIBUTES(n, a)
Definition: ntdef.template.h:314
Definition: kernel32.h:386
Definition: typedefs.h:120
Definition: umtypes.h:184
Definition: env_spec_w32.h:368
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK _In_opt_ PWDF_OBJECT_ATTRIBUTES KeyAttributes
Definition: wdfdevice.h:2666
Referenced by CreateProcessInternalW().
◆ BasepReplaceProcessThreadTokens()
| NTSTATUS WINAPI BasepReplaceProcessThreadTokens | ( | IN HANDLE | TokenHandle, |
| IN HANDLE | ProcessHandle, | ||
| IN HANDLE | ThreadHandle | ||
| ) |
Definition at line 352 of file proc.c.
355{
357 ANSI_STRING SaferiReplaceProcessThreadTokens = RTL_CONSTANT_STRING("SaferiReplaceProcessThreadTokens");
358
359 /* Enter the application certification lock */
361
362 /* Check if we already know the function */
364 {
365 /* Call it */
367 ProcessHandle,
368 ThreadHandle) ?
369 STATUS_SUCCESS :
370 STATUS_UNSUCCESSFUL;
371 }
372 else
373 {
374 /* Check if the app certification DLL isn't loaded */
378 {
379 /* Then we can't call the function */
381 }
382 else
383 {
384 /* We have the DLL, find the address of the Safer function */
386 &SaferiReplaceProcessThreadTokens,
387 0,
390 {
391 /* Found it, now call it */
393 ProcessHandle,
394 ThreadHandle) ?
395 STATUS_SUCCESS :
396 STATUS_UNSUCCESSFUL;
397 }
398 else
399 {
400 /* We couldn't find it, so this must be an unsupported DLL */
404 }
405 }
406 }
407
408 /* Release the lock and return the result */
411}
PSAFER_REPLACE_PROCESS_THREAD_TOKENS g_SaferReplaceProcessThreadTokens
Definition: proc.c:43
NTSTATUS NTAPI LdrGetProcedureAddress(_In_ PVOID BaseAddress, _In_opt_ _When_(Ordinal==0, _Notnull_) PANSI_STRING Name, _In_opt_ _When_(Name==NULL, _In_range_(>, 0)) ULONG Ordinal, _Out_ PVOID *ProcedureAddress)
Definition: ldrapi.c:789
Definition: env_spec_w32.h:375
Referenced by CreateProcessInternalW().
◆ BaseProcessStartup()
| DECLSPEC_NORETURN VOID WINAPI BaseProcessStartup | ( | _In_ PPROCESS_START_ROUTINE | lpStartAddress | ) |
Definition at line 449 of file proc.c.
451{
452 _SEH2_TRY
453 {
454 /* Set our Start Address */
457 &lpStartAddress,
459
460 /* Call the Start Routine */
461 ExitThread(lpStartAddress());
462 }
464 {
465 /* Get the Exit code from the SEH Handler */
467 {
468 /* Kill the whole process, usually */
470 }
471 else
472 {
473 /* If running inside CSRSS, kill just this thread */
475 }
476 }
477 _SEH2_END;
478}
LONG WINAPI UnhandledExceptionFilter(IN PEXCEPTION_POINTERS ExceptionInfo)
Definition: except.c:269
NTSTATUS NTAPI NtSetInformationThread(_In_ HANDLE ThreadHandle, _In_ THREADINFOCLASS ThreadInformationClass, _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation, _In_ ULONG ThreadInformationLength)
Definition: query.c:2268
Referenced by BaseInitializeContext().
◆ BasepSaveAppCertRegistryValue()
| NTSTATUS NTAPI BasepSaveAppCertRegistryValue | ( | IN PLIST_ENTRY | List, |
| IN PWCHAR | ComponentName, | ||
| IN PWCHAR | DllName | ||
| ) |
Definition at line 176 of file proc.c.
Referenced by BasepConfigureAppCertDlls().
◆ BasepSxsCloseHandles()
| VOID WINAPI BasepSxsCloseHandles | ( | IN PBASE_MSG_SXS_HANDLES | Handles | ) |
Definition at line 415 of file proc.c.
416{
418
419 /* Sanity checks */
422
423 /* Close the file handle */
424 if (Handles->File)
425 {
428 }
429
430 /* Close the section handle */
431 if (Handles->Section)
432 {
435 }
436
437 /* Unmap the section view */
438 if (Handles->ViewBase.QuadPart)
439 {
443 }
444}
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3483
Referenced by CreateProcessInternalW().
◆ BasePushProcessParameters()
| BOOLEAN WINAPI BasePushProcessParameters | ( | IN ULONG | ParameterFlags, |
| IN HANDLE | ProcessHandle, | ||
| IN PPEB | RemotePeb, | ||
| IN LPCWSTR | ApplicationPathName, | ||
| IN LPWSTR | lpCurrentDirectory, | ||
| IN LPWSTR | lpCommandLine, | ||
| IN LPVOID | lpEnvironment, | ||
| IN LPSTARTUPINFOW | StartupInfo, | ||
| IN DWORD | CreationFlags, | ||
| IN BOOL | InheritHandles, | ||
| IN ULONG | ImageSubsystem, | ||
| IN PVOID | AppCompatData, | ||
| IN ULONG | AppCompatDataSize | ||
| ) |
Definition at line 482 of file proc.c.
495{
497 PWCHAR Remaining, DllPathString, ScanChar;
498 PRTL_USER_PROCESS_PARAMETERS ProcessParameters, RemoteParameters;
499 PVOID RemoteAppCompatData;
503 ULONG EnviroSize;
507
508 /* Get the full path name */
510 MAX_PATH + 4,
511 FullPath,
512 &Remaining);
514 {
515 /* Get the DLL Path */
516 DllPathString = BaseComputeProcessDllPath(FullPath, lpEnvironment);
517 if (!DllPathString)
518 {
519 /* Fail */
522 }
523
524 /* Initialize Strings */
527 }
528 else
529 {
530 /* Couldn't get the path name. Just take the original path */
532 lpEnvironment);
533 if (!DllPathString)
534 {
535 /* Fail */
538 }
539
540 /* Initialize Strings */
543 }
544
545 /* Initialize Strings */
546 RtlInitUnicodeString(&CommandLine, lpCommandLine);
548
549 /* Initialize more Strings from the Startup Info */
550 if (StartupInfo->lpDesktop)
551 {
553 }
554 else
555 {
557 }
558 if (StartupInfo->lpReserved)
559 {
561 }
562 else
563 {
565 }
566 if (StartupInfo->lpTitle)
567 {
569 }
570 else
571 {
573 }
574
575 /* This one is special because the length can differ */
578
579 /* Enforce no app compat data if the pointer was NULL */
580 if (!AppCompatData) AppCompatDataSize = 0;
581
582 /* Create the Parameter Block */
583 ProcessParameters = NULL;
593 &ImageName,
594 &DllPath,
595 lpCurrentDirectory ?
597 &CommandLine,
598 lpEnvironment,
599 &Title,
600 &Desktop,
601 &Shell,
602 &Runtime);
604
605 /* Clear the current directory handle if not inheriting */
607
608 /* Check if the user passed in an environment */
609 if (lpEnvironment)
610 {
611 /* We should've made it part of the parameters block, enforce this */
613 lpEnvironment = ProcessParameters->Environment;
614 }
615 else
616 {
617 /* The user did not, so use the one from the current PEB */
618 HavePebLock = TRUE;
619 RtlAcquirePebLock();
621 }
622
623 /* Save pointer and start lookup */
624 ScanChar = lpEnvironment;
625 if (lpEnvironment)
626 {
627 /* Find the environment size */
628 while (*ScanChar++) while (*ScanChar++);
630
631 /* Allocate and Initialize new Environment Block */
632 Size = EnviroSize;
636 0,
637 &Size,
638 MEM_COMMIT,
639 PAGE_READWRITE);
641
642 /* Write the Environment Block */
644 ProcessParameters->Environment,
645 lpEnvironment,
646 EnviroSize,
647 NULL);
648
649 /* No longer need the PEB lock anymore */
650 if (HavePebLock)
651 {
652 /* Release it */
653 RtlReleasePebLock();
654 HavePebLock = FALSE;
655 }
656
657 /* Check if the write failed */
659 }
660
661 /* Write new parameters */
662 ProcessParameters->StartingX = StartupInfo->dwX;
663 ProcessParameters->StartingY = StartupInfo->dwY;
664 ProcessParameters->CountX = StartupInfo->dwXSize;
665 ProcessParameters->CountY = StartupInfo->dwYSize;
666 ProcessParameters->CountCharsX = StartupInfo->dwXCountChars;
667 ProcessParameters->CountCharsY = StartupInfo->dwYCountChars;
668 ProcessParameters->FillAttribute = StartupInfo->dwFillAttribute;
669 ProcessParameters->WindowFlags = StartupInfo->dwFlags;
670 ProcessParameters->ShowWindowFlags = StartupInfo->wShowWindow;
671
672 /* Write the handles only if we have to */
673 if (StartupInfo->dwFlags &
675 {
676 ProcessParameters->StandardInput = StartupInfo->hStdInput;
677 ProcessParameters->StandardOutput = StartupInfo->hStdOutput;
678 ProcessParameters->StandardError = StartupInfo->hStdError;
679 }
680
681 /* Use Special Flags for ConDllInitialize in Kernel32 */
683 {
685 }
687 {
689 }
691 {
693 }
694 else
695 {
696 /* Inherit our Console Handle */
698
699 /* Make sure that the shell isn't trampling on our handles first */
700 if (!(StartupInfo->dwFlags &
702 {
703 /* Copy the handle if we are inheriting or if it's a console handle */
704 if ((InheritHandles) ||
706 {
708 }
709 if ((InheritHandles) ||
711 {
713 }
714 if ((InheritHandles) ||
716 {
718 }
719 }
720 }
721
722 /* Also set the Console Flag */
724 (!(CreationFlags & CREATE_NEW_CONSOLE)))
725 {
726 ProcessParameters->ConsoleFlags = 1;
727 }
728
729 /* Check if there's a .local file present */
730 if (ParameterFlags & 1)
731 {
733 }
734
735 /* Check if we failed to open the IFEO key */
736 if (ParameterFlags & 2)
737 {
739 }
740
741 /* Allocate memory for the parameter block */
743 RemoteParameters = NULL;
745 (PVOID*)&RemoteParameters,
746 0,
747 &Size,
748 MEM_COMMIT,
749 PAGE_READWRITE);
751
752 /* Set the allocated size */
754
755 /* Handle some Parameter Flags */
764
765 /* Write the Parameter Block */
767 RemoteParameters,
768 ProcessParameters,
769 ProcessParameters->Length,
770 NULL);
772
773 /* Write the PEB Pointer */
775 &RemotePeb->ProcessParameters,
776 &RemoteParameters,
778 NULL);
780
781 /* Check if there's any app compat data to write */
782 RemoteAppCompatData = NULL;
783 if (AppCompatData)
784 {
785 /* Allocate some space for the application compatibility data */
786 Size = AppCompatDataSize;
788 &RemoteAppCompatData,
789 0,
790 &Size,
791 MEM_COMMIT,
792 PAGE_READWRITE);
794
795 /* Write the application compatibility data */
797 RemoteAppCompatData,
798 AppCompatData,
799 AppCompatDataSize,
800 NULL);
802 }
803
804 /* Write the PEB Pointer to the app compat data (might be NULL) */
806 &RemotePeb->pShimData,
807 &RemoteAppCompatData,
809 NULL);
811
812 /* Now write Peb->ImageSubSystem */
813 if (ImageSubsystem)
814 {
816 &RemotePeb->ImageSubsystem,
817 &ImageSubsystem,
818 sizeof(ImageSubsystem),
819 NULL);
820 }
821
822 /* Success path */
824
825Quickie:
826 /* Cleanup */
831FailPath:
835 goto Quickie;
836}
LPWSTR WINAPI BaseComputeProcessDllPath(IN LPWSTR FullPath, IN PVOID Environment)
Definition: path.c:420
DWORD WINAPI GetFullPathNameW(IN LPCWSTR lpFileName, IN DWORD nBufferLength, OUT LPWSTR lpBuffer, OUT LPWSTR *lpFilePart)
Definition: path.c:1106
NTSYSAPI NTSTATUS NTAPI RtlDestroyProcessParameters(_In_ PRTL_USER_PROCESS_PARAMETERS ProcessParameters)
NTSYSAPI NTSTATUS NTAPI RtlCreateProcessParameters(_Out_ PRTL_USER_PROCESS_PARAMETERS *ProcessParameters, _In_ PUNICODE_STRING ImagePathName, _In_opt_ PUNICODE_STRING DllPath, _In_opt_ PUNICODE_STRING CurrentDirectory, _In_opt_ PUNICODE_STRING CommandLine, _In_opt_ PWSTR Environment, _In_opt_ PUNICODE_STRING WindowTitle, _In_opt_ PUNICODE_STRING DesktopInfo, _In_opt_ PUNICODE_STRING ShellInfo, _In_opt_ PUNICODE_STRING RuntimeInfo)
#define RTL_USER_PROCESS_PARAMETERS_IMAGE_KEY_MISSING
Definition: rtltypes.h:54
#define RTL_USER_PROCESS_PARAMETERS_PROFILE_KERNEL
Definition: rtltypes.h:43
#define RTL_USER_PROCESS_PARAMETERS_PROFILE_SERVER
Definition: rtltypes.h:44
#define RTL_USER_PROCESS_PARAMETERS_LOCAL_DLL_PATH
Definition: rtltypes.h:53
#define RTL_USER_PROCESS_PARAMETERS_PROFILE_USER
Definition: rtltypes.h:42
#define RTL_USER_PROCESS_PARAMETERS_DISABLE_HEAP_CHECKS
Definition: rtltypes.h:49
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NTSTATUS NTAPI NtWriteVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, IN PVOID Buffer, IN SIZE_T NumberOfBytesToWrite, OUT PSIZE_T NumberOfBytesWritten OPTIONAL)
Definition: virtual.c:2895
NTSTATUS NTAPI NtAllocateVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UBaseAddress, IN ULONG_PTR ZeroBits, IN OUT PSIZE_T URegionSize, IN ULONG AllocationType, IN ULONG Protect)
Definition: virtual.c:4457
Definition: globals.h:228
Definition: btrfs_drv.h:1907
Definition: btrfs_drv.h:1898
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
Definition: wdfdevice.h:4539
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:409
Referenced by CreateProcessInternalW().
◆ BuildSubSysCommandLine()
| BOOLEAN WINAPI BuildSubSysCommandLine | ( | IN LPCWSTR | SubsystemName, |
| IN LPCWSTR | ApplicationName, | ||
| IN LPCWSTR | CommandLine, | ||
| OUT PUNICODE_STRING | SubsysCommandLine | ||
| ) |
Definition at line 87 of file proc.c.
91{
92 UNICODE_STRING CommandLineString, ApplicationNameString;
95
96 /* Convert to unicode strings */
98 RtlInitUnicodeString(&ApplicationNameString, CommandLine);
99
100 /* Allocate buffer for the output string */
105 {
106 /* Fail, no memory */
109 }
110
111 /* Build the final subsystem command line */
112 RtlAppendUnicodeToString(SubsysCommandLine, SubsystemName);
113 RtlAppendUnicodeStringToString(SubsysCommandLine, &CommandLineString);
115 RtlAppendUnicodeStringToString(SubsysCommandLine, &ApplicationNameString);
117}
NTSTATUS RtlAppendUnicodeToString(IN PUNICODE_STRING Str1, IN PWSTR Str2)
Definition: string_lib.cpp:62
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
Referenced by CreateProcessInternalW().
◆ C_ASSERT()
| C_ASSERT | ( | PROCESS_PRIORITY_CLASS_REALTIME | = =(PROCESS_PRIORITY_CLASS_HIGH+1) | ) |
◆ CreateProcessInternalW()
| BOOL WINAPI CreateProcessInternalW | ( | IN HANDLE | hUserToken, |
| IN LPCWSTR | lpApplicationName, | ||
| IN LPWSTR | lpCommandLine, | ||
| IN LPSECURITY_ATTRIBUTES | lpProcessAttributes, | ||
| IN LPSECURITY_ATTRIBUTES | lpThreadAttributes, | ||
| IN BOOL | bInheritHandles, | ||
| IN DWORD | dwCreationFlags, | ||
| IN LPVOID | lpEnvironment, | ||
| IN LPCWSTR | lpCurrentDirectory, | ||
| IN LPSTARTUPINFOW | lpStartupInfo, | ||
| IN LPPROCESS_INFORMATION | lpProcessInformation, | ||
| OUT PHANDLE | hNewToken | ||
| ) |
Definition at line 2084 of file proc.c.
2096{
2097 //
2098 // Core variables used for creating the initial process and thread
2099 //
2100 SECURITY_ATTRIBUTES LocalThreadAttributes, LocalProcessAttributes;
2101 OBJECT_ATTRIBUTES LocalObjectAttributes;
2103 SECTION_IMAGE_INFORMATION ImageInformation;
2108 USHORT ImageMachine;
2109 ULONG ParameterFlags, PrivilegeValue, HardErrorMode, ErrorResponse;
2110 ULONG_PTR ErrorParameters[2];
2111 BOOLEAN InJob, SaferNeeded, UseLargePages, HavePrivilege;
2112 BOOLEAN QuerySection, SkipSaferAndAppCompat;
2114 BASE_API_MESSAGE CsrMsg[2];
2115 PBASE_CREATE_PROCESS CreateProcessMsg;
2116 PCSR_CAPTURE_BUFFER CaptureBuffer;
2121 PROCESS_PRIORITY_CLASS PriorityClass;
2124 PTEB Teb;
2125 INITIAL_TEB InitialTeb;
2126 PVOID TibValue;
2127 PIMAGE_NT_HEADERS NtHeaders;
2128 STARTUPINFOW StartupInfo;
2129 PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
2130 UNICODE_STRING DebuggerString;
2132 //
2133 // Variables used for command-line and argument parsing
2134 //
2135 PCHAR pcScan;
2137 WCHAR SaveChar;
2139 ULONG ResultSize;
2140 SIZE_T EnvironmentLength, CmdLineLength;
2143 ANSI_STRING AnsiEnv;
2144 UNICODE_STRING UnicodeEnv, PathName;
2145 BOOLEAN SearchRetry, QuotesNeeded, CmdLineIsAppName, HasQuotes;
2146
2147 //
2148 // Variables used for Fusion/SxS (Side-by-Side Assemblies)
2149 //
2151#if _SXS_SUPPORT_ENABLED_
2152 PRTL_BUFFER ByteBuffer;
2154 PRTL_UNICODE_STRING_BUFFER* BufferHead, SxsStringBuffer;
2155 RTL_UNICODE_STRING_BUFFER SxsWin32ManifestPath, SxsNtManifestPath;
2156 RTL_UNICODE_STRING_BUFFER SxsWin32PolicyPath, SxsNtPolicyPath;
2157 RTL_UNICODE_STRING_BUFFER SxsWin32AssemblyDirectory;
2158 BASE_MSG_SXS_HANDLES MappedHandles, Handles, FileHandles;
2159 PVOID CapturedStrings[3];
2160 SXS_WIN32_NT_PATH_PAIR ExePathPair, ManifestPathPair, PolicyPathPair;
2161 SXS_OVERRIDE_MANIFEST OverrideManifest;
2163 PWCHAR SxsConglomeratedBuffer, StaticBuffer;
2165#endif
2167
2168 //
2169 // Variables used for path conversion (and partially Fusion/SxS)
2170 //
2171 PWCHAR FilePart, PathBuffer, FreeBuffer;
2172 BOOLEAN TranslationStatus;
2173 RTL_RELATIVE_NAME_U SxsWin32RelativePath;
2174 UNICODE_STRING PathBufferString, SxsWin32ExePath;
2175
2176 //
2177 // Variables used by Application Compatibility (and partially Fusion/SxS)
2178 //
2179 PVOID AppCompatSxsData, AppCompatData;
2180 ULONG AppCompatSxsDataSize, AppCompatDataSize;
2181 //
2182 // Variables used by VDM (Virtual Dos Machine) and WOW32 (16-bit Support)
2183 //
2184 ULONG BinarySubType, VdmBinaryType, VdmTask, VdmReserve;
2185 ULONG VdmUndoLevel;
2186 BOOLEAN UseVdmReserve;
2187 HANDLE VdmWaitObject;
2188 ANSI_STRING VdmAnsiEnv;
2189 UNICODE_STRING VdmString, VdmUnicodeEnv;
2190 BOOLEAN IsWowApp;
2191 PBASE_CHECK_VDM CheckVdmMsg;
2192
2193 /* Zero out the initial core variables and handles */
2194 QuerySection = FALSE;
2195 InJob = FALSE;
2196 SkipSaferAndAppCompat = FALSE;
2197 ParameterFlags = 0;
2198 Flags = 0;
2199 DebugHandle = NULL;
2200 JobHandle = NULL;
2203 SectionHandle = NULL;
2205 ThreadHandle = NULL;
2208
2209 /* Zero out initial SxS and Application Compatibility state */
2210 AppCompatData = NULL;
2211 AppCompatDataSize = 0;
2212 AppCompatSxsData = NULL;
2213 AppCompatSxsDataSize = 0;
2214 CaptureBuffer = NULL;
2215#if _SXS_SUPPORT_ENABLED_
2216 SxsConglomeratedBuffer = NULL;
2217#endif
2218 FusionFlags = 0;
2219
2220 /* Zero out initial parsing variables -- others are initialized later */
2221 DebuggerCmdLine = NULL;
2222 PathBuffer = NULL;
2224 NullBuffer = NULL;
2225 FreeBuffer = NULL;
2226 NameBuffer = NULL;
2228 FilePart = NULL;
2230 HasQuotes = FALSE;
2231 QuotedCmdLine = NULL;
2232
2233 /* Zero out initial VDM state */
2237 VdmTask = 0;
2238 VdmUndoLevel = 0;
2239 VdmBinaryType = 0;
2240 VdmReserve = 0;
2241 VdmWaitObject = NULL;
2242 UseVdmReserve = FALSE;
2243 IsWowApp = FALSE;
2244
2245 /* Set message structures */
2248
2249 /* Clear the more complex structures by zeroing out their entire memory */
2251#if _SXS_SUPPORT_ENABLED_
2255#endif
2259
2260 /* Zero out output arguments as well */
2263
2264 /* Capture the special window flag */
2265 NoWindow = dwCreationFlags & CREATE_NO_WINDOW;
2266 dwCreationFlags &= ~CREATE_NO_WINDOW;
2267
2268#if _SXS_SUPPORT_ENABLED_
2269 /* Setup the SxS static string arrays and buffers */
2270 SxsStaticBuffers[0] = &SxsWin32ManifestPath;
2271 SxsStaticBuffers[1] = &SxsWin32PolicyPath;
2272 SxsStaticBuffers[2] = &SxsWin32AssemblyDirectory;
2273 SxsStaticBuffers[3] = &SxsNtManifestPath;
2274 SxsStaticBuffers[4] = &SxsNtPolicyPath;
2275 ExePathPair.Win32 = &SxsWin32ExePath;
2276 ExePathPair.Nt = &SxsNtExePath;
2281#endif
2282
2283 DPRINT("CreateProcessInternalW: '%S' '%S' %lx\n", lpApplicationName, lpCommandLine, dwCreationFlags);
2284
2285 /* Finally, set our TEB and PEB */
2286 Teb = NtCurrentTeb();
2288
2289 /* This combination is illegal (see MSDN) */
2292 {
2296 }
2297
2298 /* Convert the priority class */
2300 {
2302 }
2304 {
2306 }
2308 {
2310 }
2312 {
2314 }
2316 {
2318 }
2320 {
2323 }
2324 else
2325 {
2327 }
2328
2329 /* Done with the priority masks, so get rid of them */
2331 dwCreationFlags &= ~(NORMAL_PRIORITY_CLASS |
2332 IDLE_PRIORITY_CLASS |
2333 HIGH_PRIORITY_CLASS |
2334 REALTIME_PRIORITY_CLASS |
2335 BELOW_NORMAL_PRIORITY_CLASS |
2336 ABOVE_NORMAL_PRIORITY_CLASS);
2337
2338 /* You cannot request both a shared and a separate WoW VDM */
2340 (dwCreationFlags & CREATE_SHARED_WOW_VDM))
2341 {
2342 /* Fail such nonsensical attempts */
2346 }
2349 {
2350 /* A shared WoW VDM was not requested but system enforces separation */
2351 dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
2352 }
2353
2354 /* If a shared WoW VDM is used, make sure the process isn't in a job */
2357 {
2358 /* Remove the shared flag and add the separate flag */
2359 dwCreationFlags = (dwCreationFlags &~ CREATE_SHARED_WOW_VDM) |
2360 CREATE_SEPARATE_WOW_VDM;
2361 }
2362
2363 /* Convert the environment */
2365 {
2366 /* Scan the environment to calculate its Unicode size */
2368 while ((*pcScan) || (*(pcScan + 1))) ++pcScan;
2369
2370 /* Make sure the environment is not too large */
2373 {
2374 /* Fail */
2377 }
2378
2379 /* Create our ANSI String */
2382
2383 /* Allocate memory for the Unicode Environment */
2388 0,
2389 &RegionSize,
2390 MEM_COMMIT,
2391 PAGE_READWRITE);
2393 {
2394 /* Fail */
2397 }
2398
2399 /* Use the allocated size and convert */
2403 {
2404 /* Fail */
2407 &RegionSize,
2408 MEM_RELEASE);
2411 }
2412
2413 /* Now set the Unicode environment as the environment string pointer */
2414 lpEnvironment = UnicodeEnv.Buffer;
2415 }
2416
2417 /* Make a copy of the caller's startup info since we'll modify it */
2418 StartupInfo = *lpStartupInfo;
2419
2420 /* Check if private data is being sent on the same channel as std handles */
2423 {
2424 /* Cannot use the std handles since we have monitor/hotkey values */
2425 StartupInfo.dwFlags &= ~STARTF_USESTDHANDLES;
2426 }
2427
2428 /* If there's a debugger, or we have to launch cmd.exe, we go back here */
2429AppNameRetry:
2430 /* New iteration -- free any existing name buffer */
2431 if (NameBuffer)
2432 {
2433 RtlFreeHeap(RtlGetProcessHeap(), 0, NameBuffer);
2434 NameBuffer = NULL;
2435 }
2436
2437 /* New iteration -- free any existing free buffer */
2438 if (FreeBuffer)
2439 {
2440 RtlFreeHeap(RtlGetProcessHeap(), 0, FreeBuffer);
2441 FreeBuffer = NULL;
2442 }
2443
2444 /* New iteration -- close any existing file handle */
2446 {
2449 }
2450
2451 /* Set the initial parsing state. This code can loop -- don't move this! */
2452 ErrorCode = 0;
2453 SearchRetry = TRUE;
2454 QuotesNeeded = FALSE;
2455 CmdLineIsAppName = FALSE;
2456
2457 /* First check if we don't have an application name */
2458 if (!lpApplicationName)
2459 {
2460 /* This should be the first time we attempt creating one */
2462
2463 /* Allocate a buffer to hold it */
2464 NameBuffer = RtlAllocateHeap(RtlGetProcessHeap(),
2465 0,
2467 if (!NameBuffer)
2468 {
2471 goto Quickie;
2472 }
2473
2474 /* Initialize the application name and our parsing parameters */
2475 lpApplicationName = NullBuffer = ScanString = lpCommandLine;
2476
2477 /* Check for an initial quote*/
2479 {
2480 /* We found a quote, keep searching for another one */
2481 SearchRetry = FALSE;
2482 ScanString++;
2483 lpApplicationName = ScanString;
2484 while (*ScanString)
2485 {
2486 /* Have we found the terminating quote? */
2488 {
2489 /* We're done, get out of here */
2490 NullBuffer = ScanString;
2491 HasQuotes = TRUE;
2492 break;
2493 }
2494
2495 /* Keep searching for the quote */
2496 ScanString++;
2497 NullBuffer = ScanString;
2498 }
2499 }
2500 else
2501 {
2502StartScan:
2503 /* We simply make the application name be the command line*/
2504 lpApplicationName = lpCommandLine;
2505 while (*ScanString)
2506 {
2507 /* Check if it starts with a space or tab */
2509 {
2510 /* Break out of the search loop */
2511 NullBuffer = ScanString;
2512 break;
2513 }
2514
2515 /* Keep searching for a space or tab */
2516 ScanString++;
2517 NullBuffer = ScanString;
2518 }
2519 }
2520
2521 /* We have found the end of the application name, terminate it */
2522 SaveChar = *NullBuffer;
2523 *NullBuffer = UNICODE_NULL;
2524
2525 /* New iteration -- free any existing saved path */
2527 {
2530 }
2531
2532 /* Now compute the final EXE path based on the name */
2536 {
2539 goto Quickie;
2540 }
2541
2542 /* And search for the executable in the search path */
2544 lpApplicationName,
2546 MAX_PATH,
2547 NameBuffer,
2548 NULL);
2549
2550 /* Did we find it? */
2552 {
2553 /* Get file attributes */
2554 FileAttribs = GetFileAttributesW(NameBuffer);
2556 (FileAttribs & FILE_ATTRIBUTE_DIRECTORY))
2557 {
2558 /* This was a directory, fail later on */
2559 Length = 0;
2560 }
2561 else
2562 {
2563 /* It's a file! */
2564 Length++;
2565 }
2566 }
2567
2569
2570 /* Check if there was a failure in SearchPathW */
2572 {
2573 /* Everything looks good, restore the name */
2574 *NullBuffer = SaveChar;
2575 lpApplicationName = NameBuffer;
2576 }
2577 else
2578 {
2579 /* Check if this was a relative path, which would explain it */
2582 {
2583 /* This should fail, and give us a detailed LastError */
2585 GENERIC_READ,
2586 FILE_SHARE_READ |
2587 FILE_SHARE_WRITE,
2588 NULL,
2589 OPEN_EXISTING,
2590 FILE_ATTRIBUTE_NORMAL,
2591 NULL);
2593 {
2594 /* It worked? Return a generic error */
2598 }
2599 }
2600 else
2601 {
2602 /* Path was absolute, which means it doesn't exist */
2604 }
2605
2606 /* Did we already fail once? */
2608 {
2609 /* Set the error code */
2611 }
2612 else
2613 {
2614 /* Not yet, cache it */
2616 }
2617
2618 /* Put back the command line */
2619 *NullBuffer = SaveChar;
2620 lpApplicationName = NameBuffer;
2621
2622 /* It's possible there's whitespace in the directory name */
2623 if (!(*ScanString) || !(SearchRetry))
2624 {
2625 /* Not the case, give up completely */
2627 goto Quickie;
2628 }
2629
2630 /* There are spaces, so keep trying the next possibility */
2631 ScanString++;
2632 NullBuffer = ScanString;
2633
2634 /* We will have to add a quote, since there is a space */
2635 QuotesNeeded = TRUE;
2636 HasQuotes = TRUE;
2637 goto StartScan;
2638 }
2639 }
2640 else if (!(lpCommandLine) || !(*lpCommandLine))
2641 {
2642 /* We don't have a command line, so just use the application name */
2643 CmdLineIsAppName = TRUE;
2644 lpCommandLine = (LPWSTR)lpApplicationName;
2645 }
2646
2647 /* Convert the application name to its NT path */
2648 TranslationStatus = RtlDosPathNameToRelativeNtPathName_U(lpApplicationName,
2649 &PathName,
2650 NULL,
2651 &SxsWin32RelativePath);
2652 if (!TranslationStatus)
2653 {
2654 /* Path must be invalid somehow, bail out */
2658 goto Quickie;
2659 }
2660
2661 /* Setup the buffer that needs to be freed at the end */
2663 FreeBuffer = PathName.Buffer;
2664
2665 /* Check what kind of path the application is, for SxS (Fusion) purposes */
2666 RtlInitUnicodeString(&SxsWin32ExePath, lpApplicationName);
2667 SxsPathType = RtlDetermineDosPathNameType_U(lpApplicationName);
2669 (SxsPathType != RtlPathTypeLocalDevice) &&
2670 (SxsPathType != RtlPathTypeRootLocalDevice) &&
2671 (SxsPathType != RtlPathTypeUncAbsolute))
2672 {
2673 /* Relative-type path, get the full path */
2674 RtlInitEmptyUnicodeString(&PathBufferString, NULL, 0);
2676 NULL,
2677 &PathBufferString,
2678 NULL,
2679 NULL,
2680 NULL,
2681 &SxsPathType,
2682 NULL);
2684 {
2685 /* Fail the rest of the create */
2686 RtlReleaseRelativeName(&SxsWin32RelativePath);
2689 goto Quickie;
2690 }
2691
2692 /* Use this full path as the SxS path */
2693 SxsWin32ExePath = PathBufferString;
2694 PathBuffer = PathBufferString.Buffer;
2697 }
2698
2699 /* Also set the .EXE path based on the path name */
2700#if _SXS_SUPPORT_ENABLED_
2701 SxsNtExePath = PathName;
2702#endif
2704 {
2705 /* If it's relative, capture the relative name */
2706 PathName = SxsWin32RelativePath.RelativeName;
2707 }
2708 else
2709 {
2710 /* Otherwise, it's absolute, make sure no relative dir is used */
2712 }
2713
2714 /* Now use the path name, and the root path, to try opening the app */
2716 InitializeObjectAttributes(&LocalObjectAttributes,
2717 &PathName,
2718 OBJ_CASE_INSENSITIVE,
2719 SxsWin32RelativePath.ContainingDirectory,
2720 NULL);
2722 SYNCHRONIZE |
2723 FILE_READ_ATTRIBUTES |
2724 FILE_READ_DATA |
2725 FILE_EXECUTE,
2726 &LocalObjectAttributes,
2727 &IoStatusBlock,
2729 FILE_SYNCHRONOUS_IO_NONALERT |
2730 FILE_NON_DIRECTORY_FILE);
2732 {
2733 /* Try to open the app just for execute purposes instead */
2736 &LocalObjectAttributes,
2737 &IoStatusBlock,
2739 FILE_SYNCHRONOUS_IO_NONALERT |
2740 FILE_NON_DIRECTORY_FILE);
2741 }
2742
2743 /* Failure path, display which file failed to open */
2746
2747 /* Cleanup in preparation for failure or success */
2748 RtlReleaseRelativeName(&SxsWin32RelativePath);
2749
2751 {
2752 /* Failure path, try to understand why */
2754 {
2755 /* If a device is being executed, return this special error code */
2758 goto Quickie;
2759 }
2760 else
2761 {
2762 /* Otherwise return the converted NT error code */
2765 goto Quickie;
2766 }
2767 }
2768
2769 /* Did the caller specify a desktop? */
2771 {
2772 /* Use the one from the current process */
2774 }
2775
2776 /* Create a section for this file */
2778 SECTION_ALL_ACCESS,
2779 NULL,
2780 NULL,
2781 PAGE_EXECUTE,
2782 SEC_IMAGE,
2783 FileHandle);
2786 {
2787 /* Are we running on Windows Embedded, Datacenter, Blade or Starter? */
2789 VER_SUITE_DATACENTER |
2790 VER_SUITE_PERSONAL |
2791 VER_SUITE_BLADE))
2792 {
2793 /* These SKUs do not allow running certain applications */
2796 {
2797 /* And this is one of them! */
2801 goto Quickie;
2802 }
2803
2804 /* Did we get some other failure? */
2806 {
2807 /* If we couldn't check the hashes, assume nefariousness */
2811 goto Quickie;
2812 }
2813 }
2814
2815 /* Now do Winsafer, etc, checks */
2818 {
2819 /* Fail if we're not allowed to launch the process */
2822 if (SectionHandle)
2823 {
2824 NtClose(SectionHandle);
2825 SectionHandle = NULL;
2826 }
2828 goto Quickie;
2829 }
2830
2831 /* Is a DOS VDM being forced, but we already have a WOW32 instance ready? */
2834 {
2835 /* This request can't be satisfied, instead, a separate VDM is needed */
2837 dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
2838
2839 /* Set a failure code, ask for VDM reservation */
2841 UseVdmReserve = TRUE;
2842
2843 /* Close the current handle */
2844 NtClose(SectionHandle);
2845 SectionHandle = NULL;
2846
2847 /* Don't query the section later */
2848 QuerySection = FALSE;
2849 }
2850 }
2851
2852 /* Did we already do these checks? */
2853 if (!SkipSaferAndAppCompat)
2854 {
2855 /* Is everything OK so far, OR do we have an non-MZ, non-DOS app? */
2859 {
2860 /* Clear the machine type in case of failure */
2861 ImageMachine = 0;
2862
2863 /* Clean any app compat data that may have accumulated */
2864 BasepFreeAppCompatData(AppCompatData, AppCompatSxsData);
2865 AppCompatData = NULL;
2866 AppCompatSxsData = NULL;
2867
2868 /* Do we have a section? */
2869 if (SectionHandle)
2870 {
2871 /* Have we already queried it? */
2872 if (QuerySection)
2873 {
2874 /* Nothing to do */
2875 AppCompatStatus = STATUS_SUCCESS;
2876 }
2877 else
2878 {
2879 /* Get some information about the executable */
2880 AppCompatStatus = NtQuerySection(SectionHandle,
2881 SectionImageInformation,
2882 &ImageInformation,
2883 sizeof(ImageInformation),
2884 NULL);
2885 }
2886
2887 /* Do we have section information now? */
2889 {
2890 /* Don't ask for it again, save the machine type */
2891 QuerySection = TRUE;
2892 ImageMachine = ImageInformation.Machine;
2893 }
2894 }
2895
2896 /* Is there a reason/Shim we shouldn't run this application? */
2898 FreeBuffer,
2899 lpEnvironment,
2900 ImageMachine,
2901 &AppCompatData,
2902 &AppCompatDataSize,
2903 &AppCompatSxsData,
2904 &AppCompatSxsDataSize,
2905 &FusionFlags);
2907 {
2908 /* This is usually the status we get back */
2911 {
2912 /* Convert it to something more Win32-specific */
2914 }
2915 else
2916 {
2917 /* Some other error */
2918 BaseSetLastNTError(AppCompatStatus);
2919 }
2920
2921 /* Did we have a section? */
2922 if (SectionHandle)
2923 {
2924 /* Clean it up */
2925 NtClose(SectionHandle);
2926 SectionHandle = NULL;
2927 }
2928
2929 /* Fail the call */
2931 goto Quickie;
2932 }
2933 }
2934 }
2935
2936 //ASSERT((dwFusionFlags & ~SXS_APPCOMPACT_FLAG_APP_RUNNING_SAFEMODE) == 0);
2937
2938 /* Have we already done, and do we need to do, SRP (WinSafer) checks? */
2939 if (!(SkipSaferAndAppCompat) &&
2940 ~(dwCreationFlags & CREATE_PRESERVE_CODE_AUTHZ_LEVEL))
2941 {
2942 /* Assume yes */
2943 SaferNeeded = TRUE;
2945 {
2950 /* For all DOS, 16-bit, OS/2 images, we do*/
2951 break;
2952
2954 /* For invalid files, we don't, unless it's a .BAT file */
2956
2957 default:
2958 /* Any other error codes we also don't */
2960 {
2961 SaferNeeded = FALSE;
2962 }
2963
2964 /* But for success, we do */
2965 break;
2966 }
2967
2968 /* Okay, so what did the checks above result in? */
2969 if (SaferNeeded)
2970 {
2971 /* We have to call into the WinSafer library and actually check */
2973 (LPWSTR)lpApplicationName,
2974 FileHandle,
2975 &InJob,
2976 &TokenHandle,
2977 &JobHandle);
2978 if (SaferStatus == 0xFFFFFFFF)
2979 {
2980 /* Back in 2003, they didn't have an NTSTATUS for this... */
2984 goto Quickie;
2985 }
2986
2987 /* Other status codes are not-Safer related, just convert them */
2989 {
2991 BaseSetLastNTError(SaferStatus);
2993 goto Quickie;
2994 }
2995 }
2996 }
2997
2998 /* The last step is to figure out why the section object was not created */
3000 {
3002 {
3003 /* 16-bit binary. Should we use WOW or does the caller force VDM? */
3005 {
3006 /* Remember that we're launching WOW */
3007 IsWowApp = TRUE;
3008
3009 /* Create the VDM environment, it's valid for WOW too */
3011 &VdmAnsiEnv,
3012 &VdmUnicodeEnv);
3014 {
3016 goto Quickie;
3017 }
3018
3019 /* We're going to try this twice, so do a loop */
3021 {
3022 /* Pick which kind of WOW mode we want to run in */
3023 VdmBinaryType = (dwCreationFlags &
3024 CREATE_SEPARATE_WOW_VDM) ?
3026
3027 /* Get all the VDM settings and current status */
3029 lpApplicationName,
3030 lpCommandLine,
3031 lpCurrentDirectory,
3032 &VdmAnsiEnv,
3033 &CsrMsg[1],
3034 &VdmTask,
3035 dwCreationFlags,
3036 &StartupInfo,
3037 hUserToken);
3038
3039 /* If it worked, no need to try again */
3041
3042 /* Check if it's disallowed or if it's our second time */
3045 (VdmBinaryType == BINARY_TYPE_SEPARATE_WOW) ||
3047 {
3048 /* Fail the call -- we won't try again */
3051 goto Quickie;
3052 }
3053
3054 /* Try one more time, but with a separate WOW instance */
3055 dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
3056 }
3057
3058 /* Check which VDM state we're currently in */
3060 VDM_NOT_READY |
3061 VDM_READY))
3062 {
3064 /* VDM is not fully loaded, so not that much to undo */
3065 VdmUndoLevel = VDM_UNDO_PARTIAL;
3066
3067 /* Reset VDM reserve if needed */
3068 if (UseVdmReserve) VdmReserve = 1;
3069
3070 /* Get the required parameters and names for launch */
3072 VdmTask,
3073 VdmBinaryType,
3074 &VdmString,
3075 &VdmReserve);
3077 {
3080 goto Quickie;
3081 }
3082
3083 /* Update the command-line with the VDM one instead */
3084 lpCommandLine = VdmString.Buffer;
3085 lpApplicationName = NULL;
3086
3087 /* We don't want a console, detachment, nor a window */
3088 dwCreationFlags |= CREATE_NO_WINDOW;
3090
3091 /* Force feedback on */
3093 break;
3094
3095
3097 /* VDM is ready, so we have to undo everything */
3098 VdmUndoLevel = VDM_UNDO_REUSE;
3099
3100 /* Check if CSRSS wants us to wait on VDM */
3101 VdmWaitObject = CheckVdmMsg->WaitObjectForParent;
3102 break;
3103
3105 /* Something is wrong with VDM, we'll fail the call */
3109 goto Quickie;
3110
3111 default:
3112 break;
3113 }
3114
3115 /* Since to get NULL, we allocate from 0x1, account for this */
3116 VdmReserve--;
3117
3118 /* This implies VDM is ready, so skip everything else */
3119 if (VdmWaitObject) goto VdmShortCircuit;
3120
3121 /* Don't inherit handles since we're doing VDM now */
3122 bInheritHandles = FALSE;
3123
3124 /* Had the user passed in environment? If so, destroy it */
3125 if ((lpEnvironment) &&
3126 !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT))
3127 {
3128 RtlDestroyEnvironment(lpEnvironment);
3129 }
3130
3131 /* We've already done all these checks, don't do them again */
3132 SkipSaferAndAppCompat = TRUE;
3133 goto AppNameRetry;
3134 }
3135
3136 // There is no break here on purpose, so FORCEDOS drops down!
3137 }
3138
3142 {
3143 /* We're launching an executable application */
3144 BinarySubType = BINARY_TYPE_EXE;
3145
3146 /* We can drop here from other "cases" above too, so check */
3150 {
3151 /* We're launching a DOS application */
3152 VdmBinaryType = BINARY_TYPE_DOS;
3153
3154 /* Based on the caller environment, create a VDM one */
3156 &VdmAnsiEnv,
3157 &VdmUnicodeEnv);
3159 {
3161 goto Quickie;
3162 }
3163
3164 /* Check the current state of the VDM subsystem */
3166 lpApplicationName,
3167 lpCommandLine,
3168 lpCurrentDirectory,
3169 &VdmAnsiEnv,
3170 &CsrMsg[1],
3171 &VdmTask,
3172 dwCreationFlags,
3173 &StartupInfo,
3174 NULL);
3176 {
3177 /* Failed to inquire about VDM, fail the call */
3181 goto Quickie;
3182 };
3183
3184 /* Handle possible VDM states */
3186 VDM_NOT_READY |
3187 VDM_READY))
3188 {
3190 /* If VDM is not loaded, we'll do a partial undo */
3191 VdmUndoLevel = VDM_UNDO_PARTIAL;
3192
3193 /* A VDM process can't also be detached, so fail */
3195 {
3199 }
3200
3201 /* Get the required parameters and names for launch */
3203 VdmTask,
3204 VdmBinaryType,
3205 &VdmString,
3206 &VdmReserve);
3208 {
3211 goto Quickie;
3212 }
3213
3214 /* Update the command-line to launch VDM instead */
3215 lpCommandLine = VdmString.Buffer;
3216 lpApplicationName = NULL;
3217 break;
3218
3220 /* VDM is ready, so we have to undo everything */
3221 VdmUndoLevel = VDM_UNDO_REUSE;
3222
3223 /* Check if CSRSS wants us to wait on VDM */
3224 VdmWaitObject = CheckVdmMsg->WaitObjectForParent;
3225 break;
3226
3228 /* Something is wrong with VDM, we'll fail the call */
3232 goto Quickie;
3233
3234 default:
3235 break;
3236 }
3237
3238 /* Since to get NULL, we allocate from 0x1, account for this */
3239 VdmReserve--;
3240
3241 /* This implies VDM is ready, so skip everything else */
3242 if (VdmWaitObject) goto VdmShortCircuit;
3243
3244 /* Don't inherit handles since we're doing VDM now */
3245 bInheritHandles = FALSE;
3246
3247 /* Had the user passed in environment? If so, destroy it */
3248 if ((lpEnvironment) &&
3249 !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT))
3250 {
3251 RtlDestroyEnvironment(lpEnvironment);
3252 }
3253
3254 /* Use our VDM Unicode environment instead */
3255 lpEnvironment = VdmUnicodeEnv.Buffer;
3256 }
3257 else
3258 {
3259 /* It's a batch file, get the extension */
3261
3262 /* Make sure the extensions are correct */
3266 {
3270 goto Quickie;
3271 }
3272
3273 /* Check if we need to account for quotes around the path */
3274 CmdQuoteLength = CmdLineIsAppName || HasQuotes;
3275 if (!CmdLineIsAppName)
3276 {
3277 if (HasQuotes) CmdQuoteLength++;
3278 }
3279 else
3280 {
3281 CmdQuoteLength++;
3282 }
3283
3284 /* Calculate the length of the command line */
3285 CmdLineLength = wcslen(lpCommandLine);
3289
3290 /* Allocate space for the new command line */
3291 AnsiCmdCommand = RtlAllocateHeap(RtlGetProcessHeap(),
3292 0,
3293 CmdLineLength);
3294 if (!AnsiCmdCommand)
3295 {
3298 goto Quickie;
3299 }
3300
3301 /* Build it */
3303 if ((CmdLineIsAppName) || (HasQuotes))
3304 {
3306 }
3307 wcscat(AnsiCmdCommand, lpCommandLine);
3308 if ((CmdLineIsAppName) || (HasQuotes))
3309 {
3311 }
3312
3313 /* Create it as a Unicode String */
3314 RtlInitUnicodeString(&DebuggerString, AnsiCmdCommand);
3315
3316 /* Set the command line to this */
3317 lpCommandLine = DebuggerString.Buffer;
3318 lpApplicationName = NULL;
3320 }
3321
3322 /* We've already done all these checks, don't do them again */
3323 SkipSaferAndAppCompat = TRUE;
3324 goto AppNameRetry;
3325 }
3326
3328 {
3329 /* 64-bit binaries are not allowed to run on 32-bit ReactOS */
3333 goto Quickie;
3334 }
3335
3337 {
3338 /* Set the correct last error for this */
3341 break;
3342 }
3343
3344 default:
3345 {
3346 /* Any other error, convert it to a generic Win32 error */
3348 {
3352 goto Quickie;
3353 }
3354
3355 /* Otherwise, this must be success */
3357 break;
3358 }
3359 }
3360
3361 /* Is this not a WOW application, but a WOW32 VDM was requested for it? */
3363 {
3364 /* Ignore the nonsensical request */
3365 dwCreationFlags &= ~CREATE_SEPARATE_WOW_VDM;
3366 }
3367
3368 /* Did we already check information for the section? */
3369 if (!QuerySection)
3370 {
3371 /* Get some information about the executable */
3373 SectionImageInformation,
3374 &ImageInformation,
3375 sizeof(ImageInformation),
3376 NULL);
3378 {
3379 /* We failed, bail out */
3383 goto Quickie;
3384 }
3385
3386 /* Don't check this later */
3387 QuerySection = TRUE;
3388 }
3389
3390 /* Check if this was linked as a DLL */
3392 {
3393 /* These aren't valid images to try to execute! */
3397 goto Quickie;
3398 }
3399
3400 /* Don't let callers pass in this flag -- we'll only get it from IFEO */
3401 Flags &= ~PROCESS_CREATE_FLAGS_LARGE_PAGES;
3402
3403 /* Clear the IFEO-missing flag, before we know for sure... */
3404 ParameterFlags &= ~2;
3405
3406 /* If the process is being debugged, only read IFEO if the PEB says so */
3409 {
3410 /* Let's do this! Attempt to open IFEO */
3413 {
3414 /* We failed, set the flag so we store this in the parameters */
3416 }
3417 else
3418 {
3419 /* Was this our first time going through this path? */
3420 if (!DebuggerCmdLine)
3421 {
3422 /* Allocate a buffer for the debugger path */
3423 DebuggerCmdLine = RtlAllocateHeap(RtlGetProcessHeap(),
3424 0,
3426 if (!DebuggerCmdLine)
3427 {
3428 /* Close IFEO on failure */
3431
3432 /* Fail the call */
3435 goto Quickie;
3436 }
3437 }
3438
3439 /* Now query for the debugger */
3442 REG_SZ,
3443 DebuggerCmdLine,
3445 &ResultSize);
3448 (DebuggerCmdLine[0] == UNICODE_NULL))
3449 {
3450 /* If it's not there, or too small, or invalid, ignore it */
3451 RtlFreeHeap(RtlGetProcessHeap(), 0, DebuggerCmdLine);
3452 DebuggerCmdLine = NULL;
3453 }
3454
3455 /* Also query if we should map with large pages */
3458 REG_DWORD,
3459 &UseLargePages,
3460 sizeof(UseLargePages),
3461 NULL);
3463 {
3464 /* Do it! This is the only way this flag can be set */
3466 }
3467
3468 /* We're done with IFEO, can close it now */
3471 }
3472 }
3473
3474 /* Make sure the image was compiled for this processor */
3477 {
3478 /* It was not -- raise a hard error */
3479 ErrorResponse = ResponseOk;
3480 ErrorParameters[0] = (ULONG_PTR)&PathName;
3482 1,
3483 1,
3484 ErrorParameters,
3485 OptionOk,
3486 &ErrorResponse);
3488 {
3489 /* If it's really old, return this error */
3491 }
3492 else
3493 {
3494 /* Otherwise, return a more modern error */
3496 }
3497
3498 /* Go to the failure path */
3501 goto Quickie;
3502 }
3503
3504 /* Check if this isn't a Windows image */
3507 {
3508 /* Get rid of section-related information since we'll retry */
3509 NtClose(SectionHandle);
3510 SectionHandle = NULL;
3511 QuerySection = FALSE;
3512
3513 /* The only other non-Windows image type we support here is POSIX */
3515 {
3516 /* Bail out if it's something else */
3519 goto Quickie;
3520 }
3521
3522 /* Now build the command-line to have posix launch this image */
3524 lpApplicationName,
3525 lpCommandLine,
3526 &DebuggerString);
3528 {
3529 /* Bail out if that failed */
3531 goto Quickie;
3532 }
3533
3534 /* And re-try launching the process, with the new command-line now */
3535 lpCommandLine = DebuggerString.Buffer;
3536 lpApplicationName = NULL;
3537
3538 /* We've already done all these checks, don't do them again */
3539 SkipSaferAndAppCompat = TRUE;
3541 goto AppNameRetry;
3542 }
3543
3544 /* Was this image built for a version of Windows whose images we can run? */
3546 ImageInformation.SubSystemMinorVersion);
3548 {
3549 /* It was not, bail out */
3551 ImageInformation.SubSystemMajorVersion,
3552 ImageInformation.SubSystemMinorVersion);
3554 goto Quickie;
3555 }
3556
3557 /* Check if there is a debugger associated with the application */
3558 if (DebuggerCmdLine)
3559 {
3560 /* Get the length of the command line */
3563 {
3564 /* There's no command line, use the application name instead */
3565 lpCommandLine = (LPWSTR)lpApplicationName;
3567 }
3568
3569 /* Protect against overflow */
3571 {
3574 goto Quickie;
3575 }
3576
3577 /* Now add the length of the debugger command-line */
3579
3580 /* Again make sure we don't overflow */
3582 {
3585 goto Quickie;
3586 }
3587
3588 /* Account for the quotes and space between the two */
3590
3591 /* Convert to bytes, and make sure we don't overflow */
3594 {
3597 goto Quickie;
3598 }
3599
3600 /* Allocate space for the string */
3603 {
3606 goto Quickie;
3607 }
3608
3609 /* Set the length */
3610 RtlInitEmptyUnicodeString(&DebuggerString,
3611 DebuggerString.Buffer,
3613
3614 /* Now perform the command line creation */
3615 ImageDbgStatus = RtlAppendUnicodeToString(&DebuggerString,
3616 DebuggerCmdLine);
3620 ImageDbgStatus = RtlAppendUnicodeToString(&DebuggerString, lpCommandLine);
3622
3623 /* Make sure it all looks nice */
3625
3626 /* Update the command line and application name */
3627 lpCommandLine = DebuggerString.Buffer;
3628 lpApplicationName = NULL;
3629
3630 /* Close all temporary state */
3631 NtClose(SectionHandle);
3632 SectionHandle = NULL;
3633 QuerySection = FALSE;
3634
3635 /* Free all temporary memory */
3636 RtlFreeHeap(RtlGetProcessHeap(), 0, NameBuffer);
3637 NameBuffer = NULL;
3638 RtlFreeHeap(RtlGetProcessHeap(), 0, FreeBuffer);
3639 FreeBuffer = NULL;
3640 RtlFreeHeap(RtlGetProcessHeap(), 0, DebuggerCmdLine);
3641 DebuggerCmdLine = NULL;
3643 goto AppNameRetry;
3644 }
3645
3646 /* Initialize the process object attributes */
3648 lpProcessAttributes,
3649 NULL);
3651 {
3652 /* Augment them with information from the user */
3653
3654 LocalProcessAttributes = *lpProcessAttributes;
3657 &LocalProcessAttributes,
3658 NULL);
3659 }
3660
3661 /* Check if we're going to be debugged */
3663 {
3664 /* Set process flag */
3666 }
3667
3668 /* Check if we're going to be debugged */
3670 {
3671 /* Connect to DbgUi */
3674 {
3678 goto Quickie;
3679 }
3680
3681 /* Get the debug object */
3682 DebugHandle = DbgUiGetThreadDebugObject();
3683
3684 /* Check if only this process will be debugged */
3686 {
3687 /* Set process flag */
3689 }
3690 }
3691
3692 /* Set inherit flag */
3694
3695 /* Check if the process should be created with large pages */
3696 HavePrivilege = FALSE;
3697 PrivilegeState = NULL;
3699 {
3700 /* Acquire the required privilege so that the kernel won't fail the call */
3701 PrivilegeValue = SE_LOCK_MEMORY_PRIVILEGE;
3704 {
3705 /* Remember to release it later */
3706 HavePrivilege = TRUE;
3707 }
3708 }
3709
3710 /* Save the current TIB value since kernel overwrites it to store PEB */
3712
3713 /* Tell the kernel to create the process */
3715 PROCESS_ALL_ACCESS,
3716 ObjectAttributes,
3717 NtCurrentProcess(),
3718 Flags,
3719 SectionHandle,
3720 DebugHandle,
3721 NULL,
3722 InJob);
3723
3724 /* Load the PEB address from the hacky location where the kernel stores it */
3726
3727 /* And restore the old TIB value */
3729
3730 /* Release the large page privilege if we had acquired it */
3732
3733 /* And now check if the kernel failed to create the process */
3735 {
3736 /* Go to failure path */
3740 goto Quickie;
3741 }
3742
3743 /* Check if there is a priority class to set */
3745 {
3746 /* Reset current privilege state */
3747 RealTimePrivilegeState = NULL;
3748
3749 /* Is realtime priority being requested? */
3751 {
3752 /* Check if the caller has real-time access, and enable it if so */
3754 }
3755
3756 /* Set the new priority class and release the privilege */
3758 ProcessPriorityClass,
3759 &PriorityClass,
3762
3763 /* Check if we failed to set the priority class */
3765 {
3766 /* Bail out on failure */
3770 goto Quickie;
3771 }
3772 }
3773
3774 /* Check if the caller wants the default error mode */
3776 {
3777 /* Set Error Mode to only fail on critical errors */
3778 HardErrorMode = SEM_FAILCRITICALERRORS;
3781 &HardErrorMode,
3783 }
3784
3785 /* Check if this was a VDM binary */
3786 if (VdmBinaryType)
3787 {
3788 /* Update VDM by telling it the process has now been created */
3789 VdmWaitObject = ProcessHandle;
3791 &VdmWaitObject,
3792 VdmTask,
3793 VdmBinaryType);
3794
3796 {
3797 /* Bail out on failure */
3799 VdmWaitObject = NULL;
3800 goto Quickie;
3801 }
3802
3803 /* At this point, a failure means VDM has to undo all the state */
3804 VdmUndoLevel |= VDM_UNDO_FULL;
3805 }
3806
3807 /* Check if VDM needed reserved low-memory */
3808 if (VdmReserve)
3809 {
3810 /* Reserve the requested allocation */
3811 RegionSize = VdmReserve;
3813 &BaseAddress,
3814 0,
3815 &RegionSize,
3816 MEM_RESERVE,
3817 PAGE_EXECUTE_READWRITE);
3819 {
3820 /* Bail out on failure */
3824 goto Quickie;
3825 }
3826
3828 }
3829
3830 /* Check if we've already queried information on the section */
3831 if (!QuerySection)
3832 {
3833 /* We haven't, so get some information about the executable */
3835 SectionImageInformation,
3836 &ImageInformation,
3837 sizeof(ImageInformation),
3838 NULL);
3840 {
3841 /* Bail out on failure */
3845 goto Quickie;
3846 }
3847
3848 /* If we encounter a restart, don't re-query this information again */
3849 QuerySection = TRUE;
3850 }
3851
3852 /* Do we need to apply SxS to this image? (On x86 this flag is set by PeFmtCreateSection) */
3854 {
3855 /* Too bad, we don't support this yet */
3857 }
3858
3859 /* There's some SxS flag that we need to set if fusion flags have 1 set */
3861
3862 /* Check if we have a current directory */
3863 if (lpCurrentDirectory)
3864 {
3865 /* Allocate a buffer so we can keep a Unicode copy */
3868 0,
3872 {
3873 /* Bail out if this failed */
3876 goto Quickie;
3877 }
3878
3879 /* Get the length in Unicode */
3881 MAX_PATH,
3882 CurrentDirectory,
3883 &FilePart);
3885 {
3886 /* The directory is too long, so bail out */
3889 goto Quickie;
3890 }
3891
3892 /* Make sure the directory is actually valid */
3895 !(FileAttribs & FILE_ATTRIBUTE_DIRECTORY))
3896 {
3897 /* It isn't, so bail out */
3901 goto Quickie;
3902 }
3903 }
3904
3905 /* Insert quotes if needed */
3906 if ((QuotesNeeded) || (CmdLineIsAppName))
3907 {
3908 /* Allocate our buffer, plus enough space for quotes and a NULL */
3909 QuotedCmdLine = RtlAllocateHeap(RtlGetProcessHeap(),
3910 0,
3913 if (QuotedCmdLine)
3914 {
3915 /* Copy the first quote */
3917
3918 /* Save the current null-character */
3919 if (QuotesNeeded)
3920 {
3921 SaveChar = *NullBuffer;
3922 *NullBuffer = UNICODE_NULL;
3923 }
3924
3925 /* Copy the command line and the final quote */
3926 wcscat(QuotedCmdLine, lpCommandLine);
3928
3929 /* Copy the null-char back */
3930 if (QuotesNeeded)
3931 {
3932 *NullBuffer = SaveChar;
3933 wcscat(QuotedCmdLine, NullBuffer);
3934 }
3935 }
3936 else
3937 {
3938 /* We can't put quotes around the thing, so try it anyway */
3941 }
3942 }
3943
3944 /* Use isolation if needed */
3946
3947 /* Set the new command-line if needed */
3948 if ((QuotesNeeded) || (CmdLineIsAppName)) lpCommandLine = QuotedCmdLine;
3949
3950 /* Call the helper function in charge of RTL_USER_PROCESS_PARAMETERS */
3952 ProcessHandle,
3953 RemotePeb,
3954 lpApplicationName,
3955 CurrentDirectory,
3956 lpCommandLine,
3957 lpEnvironment,
3958 &StartupInfo,
3959 dwCreationFlags | NoWindow,
3960 bInheritHandles,
3961 IsWowApp ? IMAGE_SUBSYSTEM_WINDOWS_GUI: 0,
3962 AppCompatData,
3963 AppCompatDataSize);
3965 {
3966 /* The remote process would have an undefined state, so fail the call */
3968 goto Quickie;
3969 }
3970
3971 /* Free the VDM command line string as it's no longer needed */
3972 RtlFreeUnicodeString(&VdmString);
3974
3975 /* Non-VDM console applications usually inherit handles unless specified */
3976 if (!(VdmBinaryType) &&
3977 !(bInheritHandles) &&
3979 !(dwCreationFlags & (CREATE_NO_WINDOW |
3980 CREATE_NEW_CONSOLE |
3981 DETACHED_PROCESS)) &&
3983 {
3984 /* Get the remote parameters */
3986 &RemotePeb->ProcessParameters,
3987 &ProcessParameters,
3989 NULL);
3991 {
3992 /* Duplicate standard input unless it's a console handle */
3994 {
3997 &ProcessParameters->StandardInput);
3998 }
3999
4000 /* Duplicate standard output unless it's a console handle */
4002 {
4005 &ProcessParameters->StandardOutput);
4006 }
4007
4008 /* Duplicate standard error unless it's a console handle */
4010 {
4013 &ProcessParameters->StandardError);
4014 }
4015 }
4016 }
4017
4018 /* Create the Thread's Stack */
4021 ImageInformation.CommittedStackSize,
4022 StackSize,
4023 &InitialTeb);
4025 {
4029 goto Quickie;
4030 }
4031
4032 /* Create the Thread's Context */
4034 RemotePeb,
4035 ImageInformation.TransferAddress,
4036 InitialTeb.StackBase,
4037 0);
4038
4039 /* Convert the thread attributes */
4041 lpThreadAttributes,
4042 NULL);
4044 {
4045 /* If the caller specified a user token, zero the security descriptor */
4046 LocalThreadAttributes = *lpThreadAttributes;
4049 &LocalThreadAttributes,
4050 NULL);
4051 }
4052
4053 /* Create the Kernel Thread Object */
4055 THREAD_ALL_ACCESS,
4056 ObjectAttributes,
4057 ProcessHandle,
4058 &ClientId,
4059 &Context,
4060 &InitialTeb,
4061 TRUE);
4063 {
4064 /* A process is not allowed to exist without a main thread, so fail */
4068 goto Quickie;
4069 }
4070
4071 /* Begin filling out the CSRSS message, first with our IDs and handles */
4073 CreateProcessMsg->ThreadHandle = ThreadHandle;
4075
4076 /* Write the remote PEB address and clear it locally, we no longer use it */
4077 CreateProcessMsg->PebAddressNative = RemotePeb;
4078#ifdef _WIN64
4080 CreateProcessMsg->PebAddressWow64 = 0;
4081#else
4083#endif
4084 RemotePeb = NULL;
4085
4086 /* Now check what kind of architecture this image was made for */
4088 {
4089 /* IA32, IA64 and AMD64 are supported in Server 2003 */
4092 break;
4095 break;
4098 break;
4099
4100 /* Anything else results in image unknown -- but no failure */
4101 default:
4103 ImageInformation.Machine);
4105 break;
4106 }
4107
4108 /* Write the input creation flags except any debugger-related flags */
4109 CreateProcessMsg->CreationFlags = dwCreationFlags &
4111
4112 /* CSRSS needs to know if this is a GUI app or not */
4114 (IsWowApp))
4115 {
4116 /*
4117 * For GUI apps we turn on the 2nd bit. This allow CSRSS server dlls
4118 * (basesrv in particular) to know whether or not this is a GUI or a
4119 * TUI application.
4120 */
4122
4123 /* Also check if the parent is also a GUI process */
4125 if ((NtHeaders) &&
4127 {
4128 /* Let it know that it should display the hourglass mouse cursor */
4130 }
4131 }
4132
4133 /* For all apps, if this flag is on, the hourglass mouse cursor is shown.
4134 * Likewise, the opposite holds as well, and no-feedback has precedence. */
4136 {
4138 }
4140 {
4142 }
4143
4144 /* Also store which kind of VDM app (if any) this is */
4145 CreateProcessMsg->VdmBinaryType = VdmBinaryType;
4146
4147 /* And if it really is a VDM app... */
4148 if (VdmBinaryType)
4149 {
4150 /* Store the VDM console handle (none if inherited or WOW app) and the task ID */
4152 CreateProcessMsg->VdmTask = VdmTask;
4153 }
4154 else if (VdmReserve)
4155 {
4156 /* Extended VDM, set a flag */
4158 }
4159
4160 /* Check if there's side-by-side assembly data associated with the process */
4162 {
4163 /* This should not happen in ReactOS yet */
4168 goto Quickie;
4169 }
4170
4171 /* We are finally ready to call CSRSS to tell it about our new process! */
4173 CaptureBuffer,
4175 BasepCreateProcess),
4176 sizeof(*CreateProcessMsg));
4177
4178 /* CSRSS has returned, free the capture buffer now if we had one */
4179 if (CaptureBuffer)
4180 {
4181 CsrFreeCaptureBuffer(CaptureBuffer);
4182 CaptureBuffer = NULL;
4183 }
4184
4185 /* Check if CSRSS failed to accept ownership of the new Windows process */
4187 {
4188 /* Terminate the process and enter failure path with the CSRSS status */
4193 goto Quickie;
4194 }
4195
4196 /* Check if we have a token due to Authz/Safer, not passed by the user */
4198 {
4199 /* Replace the process and/or thread token with the one from Safer */
4201 ProcessHandle,
4202 ThreadHandle);
4204 {
4205 /* If this failed, kill the process and enter the failure path */
4210 goto Quickie;
4211 }
4212 }
4213
4214 /* Check if a job was associated with this process */
4215 if (JobHandle)
4216 {
4217 /* Bind the process and job together now */
4220 {
4221 /* Kill the process and enter the failure path if binding failed */
4226 goto Quickie;
4227 }
4228 }
4229
4230 /* Finally, resume the thread to actually get the process started */
4232 {
4234 }
4235
4236VdmShortCircuit:
4237 /* We made it this far, meaning we have a fully created process and thread */
4239
4240 /* Anyone doing a VDM undo should now undo everything, since we are done */
4242
4243 /* Having a VDM wait object implies this must be a VDM process */
4244 if (VdmWaitObject)
4245 {
4246 /* Check if it's a 16-bit separate WOW process */
4248 {
4249 /* OR-in the special flag to indicate this, and return to caller */
4250 AddToHandle(VdmWaitObject, 2);
4251 lpProcessInformation->hProcess = VdmWaitObject;
4252
4253 /* Check if this was a re-used VDM */
4255 {
4256 /* No Client ID should be returned in this case */
4259 }
4260 }
4261 else
4262 {
4263 /* OR-in the special flag to indicate this is not a separate VDM,
4264 * and return the handle to the caller */
4265 AddToHandle(VdmWaitObject, 1);
4266 lpProcessInformation->hProcess = VdmWaitObject;
4267 }
4268
4269 /* Close the original process handle, since it's not needed for VDM */
4271 }
4272 else
4273 {
4274 /* This is a regular process, so return the real process handle */
4275 lpProcessInformation->hProcess = ProcessHandle;
4276 }
4277
4278 /* Return the rest of the process information based on what we have so far */
4279 lpProcessInformation->hThread = ThreadHandle;
4282
4283 /* NULL these out here so we know to treat this as a success scenario */
4285 ThreadHandle = NULL;
4286
4287Quickie:
4288 /* Free the debugger command line if one was allocated */
4290
4291 /* Check if an SxS full path as queried */
4292 if (PathBuffer)
4293 {
4294 /* Reinitialize the executable path */
4295 RtlInitEmptyUnicodeString(&SxsWin32ExePath, NULL, 0);
4296 SxsWin32ExePath.Length = 0;
4297
4298 /* Free the path buffer */
4299 RtlFreeHeap(RtlGetProcessHeap(), 0, PathBuffer);
4300 }
4301
4302#if _SXS_SUPPORT_ENABLED_
4303 /* Check if this was a non-VDM process */
4304 if (!VdmBinaryType)
4305 {
4306 /* Then it must've had SxS data, so close the handles used for it */
4307 BasepSxsCloseHandles(&Handles);
4308 BasepSxsCloseHandles(&FileHandles);
4309
4310 /* Check if we built SxS byte buffers for this create process request */
4311 if (SxsConglomeratedBuffer)
4312 {
4313 /* Loop all of them */
4315 {
4316 /* Check if this one was allocated */
4317 ThisBuffer = SxsStaticBuffers[i];
4318 if (ThisBuffer)
4319 {
4320 /* Get the underlying RTL_BUFFER structure */
4321 ByteBuffer = &ThisBuffer->ByteBuffer;
4323 {
4324 /* Check if it was dynamic */
4326 {
4327 /* Free it from the heap */
4330 }
4331
4332 /* Reset the buffer to its static data */
4335 }
4336
4337 /* Reset the string to the static buffer */
4338 RtlInitEmptyUnicodeString(&ThisBuffer->String,
4340 ByteBuffer->StaticSize);
4342 {
4343 /* Also NULL-terminate it */
4345 }
4346 }
4347 }
4348 }
4349 }
4350#endif
4351 /* Check if an environment was passed in */
4353 {
4354 /* Destroy it */
4355 RtlDestroyEnvironment(lpEnvironment);
4356
4357 /* If this was the VDM environment too, clear that as well */
4359 lpEnvironment = NULL;
4360 }
4361
4362 /* Unconditionally free all the name parsing buffers we always allocate */
4363 RtlFreeHeap(RtlGetProcessHeap(), 0, QuotedCmdLine);
4364 RtlFreeHeap(RtlGetProcessHeap(), 0, NameBuffer);
4366 RtlFreeHeap(RtlGetProcessHeap(), 0, FreeBuffer);
4367
4368 /* Close open file/section handles */
4371
4372 /* If we have a thread handle, this was a failure path */
4373 if (ThreadHandle)
4374 {
4375 /* So kill the process and close the thread handle */
4377 NtClose(ThreadHandle);
4378 }
4379
4380 /* If we have a process handle, this was a failure path, so close it */
4382
4383 /* Thread/process handles, if any, are now processed. Now close this one. */
4385
4386 /* Check if we had created a token */
4388 {
4389 /* And if the user asked for one */
4391 {
4392 /* Then return it */
4393 *hNewToken = TokenHandle;
4394 }
4395 else
4396 {
4397 /* User didn't want it, so we used it temporarily -- close it */
4399 }
4400 }
4401
4402 /* Free any temporary app compatibility data, it's no longer needed */
4403 BasepFreeAppCompatData(AppCompatData, AppCompatSxsData);
4404
4405 /* Free a few strings. The API takes care of these possibly being NULL */
4406 RtlFreeUnicodeString(&VdmString);
4407 RtlFreeUnicodeString(&DebuggerString);
4408
4409 /* Check if we had built any sort of VDM environment */
4411 {
4412 /* Free it */
4413 BaseDestroyVDMEnvironment(&VdmAnsiEnv, &VdmUnicodeEnv);
4414 }
4415
4416 /* Check if this was any kind of VDM application that we ended up creating */
4418 {
4419 /* Send an undo */
4421 (PHANDLE)&VdmTask,
4422 VdmUndoLevel,
4423 VdmBinaryType);
4424
4425 /* And close whatever VDM handle we were using for notifications */
4427 }
4428
4429 /* Check if we ended up here with an allocated search path, and free it */
4431
4432 /* Finally, return the API's result */
4434}
NTSTATUS NTAPI NtCreateSection(OUT PHANDLE SectionHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN PLARGE_INTEGER MaximumSize OPTIONAL, IN ULONG SectionPageProtection OPTIONAL, IN ULONG AllocationAttributes, IN HANDLE FileHandle OPTIONAL)
Definition: section.c:3076
static IN ULONG IN PWSTR OUT PCWSTR OUT PBOOLEAN OUT PATH_TYPE_AND_UNKNOWN * PathType
Definition: RtlGetFullPathName_Ustr.c:44
NTSTATUS WINAPI BasepCheckBadapp(IN HANDLE FileHandle, IN PWCHAR ApplicationName, IN PWCHAR Environment, IN USHORT ExeType, IN PVOID *SdbQueryAppCompatData, IN PULONG SdbQueryAppCompatDataSize, IN PVOID *SxsData, IN PULONG SxsDataSize, OUT PULONG FusionFlags)
Definition: appcache.c:374
VOID WINAPI BasepFreeAppCompatData(IN PVOID AppCompatData, IN PVOID AppCompatSxsData)
Definition: appcache.c:444
LPWSTR WINAPI BaseComputeProcessExePath(IN LPWSTR FullPath)
Definition: path.c:405
DWORD WINAPI SearchPathW(IN LPCWSTR lpPath OPTIONAL, IN LPCWSTR lpFileName, IN LPCWSTR lpExtension OPTIONAL, IN DWORD nBufferLength, OUT LPWSTR lpBuffer, OUT LPWSTR *lpFilePart OPTIONAL)
Definition: path.c:1298
BOOLEAN WINAPI BasePushProcessParameters(IN ULONG ParameterFlags, IN HANDLE ProcessHandle, IN PPEB RemotePeb, IN LPCWSTR ApplicationPathName, IN LPWSTR lpCurrentDirectory, IN LPWSTR lpCommandLine, IN LPVOID lpEnvironment, IN LPSTARTUPINFOW StartupInfo, IN DWORD CreationFlags, IN BOOL InheritHandles, IN ULONG ImageSubsystem, IN PVOID AppCompatData, IN ULONG AppCompatDataSize)
Definition: proc.c:482
NTSTATUS WINAPI BasepCheckWebBladeHashes(IN HANDLE FileHandle)
Definition: proc.c:147
VOID WINAPI StuffStdHandle(IN HANDLE ProcessHandle, IN HANDLE StandardHandle, IN PHANDLE Address)
Definition: proc.c:55
BOOLEAN WINAPI BuildSubSysCommandLine(IN LPCWSTR SubsystemName, IN LPCWSTR ApplicationName, IN LPCWSTR CommandLine, OUT PUNICODE_STRING SubsysCommandLine)
Definition: proc.c:87
NTSTATUS WINAPI BasepIsProcessAllowed(IN LPWSTR ApplicationName)
Definition: proc.c:200
NTSTATUS WINAPI BasepReplaceProcessThreadTokens(IN HANDLE TokenHandle, IN HANDLE ProcessHandle, IN HANDLE ThreadHandle)
Definition: proc.c:352
VOID WINAPI BasepSxsCloseHandles(IN PBASE_MSG_SXS_HANDLES Handles)
Definition: proc.c:415
BOOLEAN WINAPI BasepIsImageVersionOk(IN ULONG ImageMajorVersion, IN ULONG ImageMinorVersion)
Definition: proc.c:121
NTSTATUS WINAPI BaseCreateStack(_In_ HANDLE hProcess, _In_opt_ SIZE_T StackCommit, _In_opt_ SIZE_T StackReserve, _Out_ PINITIAL_TEB InitialTeb)
Definition: utils.c:355
VOID WINAPI BaseInitializeContext(IN PCONTEXT Context, IN PVOID Parameter, IN PVOID StartAddress, IN PVOID StackAddress, IN ULONG ContextType)
Definition: utils.c:514
POBJECT_ATTRIBUTES WINAPI BaseFormatObjectAttributes(OUT POBJECT_ATTRIBUTES ObjectAttributes, IN PSECURITY_ATTRIBUTES SecurityAttributes OPTIONAL, IN PUNICODE_STRING ObjectName)
Definition: utils.c:305
NTSTATUS WINAPI BasepCheckWinSaferRestrictions(IN HANDLE UserToken, IN LPWSTR ApplicationName, IN HANDLE FileHandle, OUT PBOOLEAN InJob, OUT PHANDLE NewToken, OUT PHANDLE JobHandle)
Definition: utils.c:922
ULONG WINAPI BaseIsDosApplication(IN PUNICODE_STRING PathName, IN NTSTATUS Status)
Definition: vdm.c:66
BOOL NTAPI BaseDestroyVDMEnvironment(IN PANSI_STRING AnsiEnv, IN PUNICODE_STRING UnicodeEnv)
Definition: vdm.c:1034
BOOL WINAPI BaseGetVdmConfigInfo(IN LPCWSTR CommandLineReserved, IN ULONG DosSeqId, IN ULONG BinaryType, IN PUNICODE_STRING CmdLineString, OUT PULONG VdmSize)
Definition: vdm.c:652
BOOL WINAPI BaseUpdateVDMEntry(IN ULONG UpdateIndex, IN OUT PHANDLE WaitHandle, IN ULONG IndexInfo, IN ULONG BinaryType)
Definition: vdm.c:542
BOOL NTAPI BaseCreateVDMEnvironment(IN PWCHAR lpEnvironment, OUT PANSI_STRING AnsiEnv, OUT PUNICODE_STRING UnicodeEnv)
Definition: vdm.c:744
NTSTATUS WINAPI BaseCheckVDM(IN ULONG BinaryType, IN PCWCH ApplicationName, IN PCWCH CommandLine, IN PCWCH CurrentDirectory, IN PANSI_STRING AnsiEnvironment, IN PBASE_API_MESSAGE ApiMessage, IN OUT PULONG iTask, IN DWORD CreationFlags, IN LPSTARTUPINFOW StartupInfo, IN HANDLE hUserToken OPTIONAL)
Definition: vdm.c:91
_ACRTIMP int __cdecl _wcsnicmp(const wchar_t *, const wchar_t *, size_t)
Definition: wcs.c:195
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
NTSTATUS NTAPI NtRaiseHardError(IN NTSTATUS ErrorStatus, IN ULONG NumberOfParameters, IN ULONG UnicodeStringParameterMask, IN PULONG_PTR Parameters, IN ULONG ValidResponseOptions, OUT PULONG Response)
Definition: harderr.c:551
#define PROCESS_CREATE_FLAGS_INHERIT_HANDLES
Definition: pstypes.h:94
#define PROCESS_PRIORITY_CLASS_ABOVE_NORMAL
Definition: pstypes.h:113
#define PROCESS_PRIORITY_CLASS_BELOW_NORMAL
Definition: pstypes.h:112
#define PROCESS_CREATE_FLAGS_NO_DEBUG_INHERIT
Definition: pstypes.h:93
NTSYSAPI HANDLE WINAPI DbgUiGetThreadDebugObject(void)
Definition: dbgui.c:333
NTSTATUS NTAPI LdrQueryImageFileKeyOption(_In_ HANDLE KeyHandle, _In_ PCWSTR ValueName, _In_ ULONG Type, _Out_ PVOID Buffer, _In_ ULONG BufferSize, _Out_opt_ PULONG ReturnedLength)
Definition: ldrinit.c:188
NTSTATUS NTAPI LdrOpenImageFileOptionsKey(_In_ PUNICODE_STRING SubKey, _In_ BOOLEAN Wow64, _Out_ PHANDLE NewKeyHandle)
Definition: ldrinit.c:115
PVOID PVOID PWCHAR PVOID USHORT PULONG PVOID PULONG PVOID PULONG PULONG FusionFlags
Definition: env.c:49
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404
NTSYSAPI ULONG NTAPI RtlIsDosDeviceName_U(_In_ PCWSTR Name)
NTSYSAPI NTSTATUS NTAPI RtlAcquirePrivilege(_In_ PULONG Privilege, _In_ ULONG NumPriv, _In_ ULONG Flags, _Out_ PVOID *ReturnedState)
NTSTATUS NTAPI RtlGetFullPathName_UstrEx(_In_ PUNICODE_STRING FileName, _In_opt_ PUNICODE_STRING StaticString, _In_opt_ PUNICODE_STRING DynamicString, _Out_opt_ PUNICODE_STRING *StringUsed, _Out_opt_ PSIZE_T FilePartSize, _Out_opt_ PBOOLEAN NameInvalid, _Out_ RTL_PATH_TYPE *PathType, _Out_opt_ PSIZE_T LengthNeeded)
VOID NTAPI RtlReleaseRelativeName(_In_ PRTL_RELATIVE_NAME_U RelativeName)
NTSYSAPI VOID NTAPI RtlDestroyEnvironment(_In_ PWSTR Environment)
NTSYSAPI RTL_PATH_TYPE NTAPI RtlDetermineDosPathNameType_U(_In_ PCWSTR Path)
NTSYSAPI VOID NTAPI RtlReleasePrivilege(_In_ PVOID ReturnedState)
NTSYSAPI BOOLEAN NTAPI RtlDosPathNameToRelativeNtPathName_U(_In_ PCWSTR DosName, _Out_ PUNICODE_STRING NtName, _Out_ PCWSTR *PartName, _Out_ PRTL_RELATIVE_NAME_U RelativeName)
enum _RTL_PATH_TYPE RTL_PATH_TYPE
NTSYSAPI NTSTATUS NTAPI NtOpenFile(OUT PHANDLE phFile, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, OUT PIO_STATUS_BLOCK pIoStatusBlock, IN ULONG ShareMode, IN ULONG OpenMode)
Definition: file.c:3953
NTSYSAPI NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, PANSI_STRING SourceString, BOOLEAN AllocateDestinationString)
NTSTATUS NTAPI NtTerminateProcess(HANDLE ProcessHandle, LONG ExitStatus)
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
NTSYSAPI NTSTATUS NTAPI NtCreateThread(OUT PHANDLE phThread, IN ACCESS_MASK AccessMask, IN POBJECT_ATTRIBUTES ObjectAttributes, IN HANDLE hProcess, OUT PCLIENT_ID pClientId, IN PCONTEXT pContext, OUT PSTACKINFO pStackInfo, IN BOOLEAN bSuspended)
#define UNICODE_STRING_MAX_CHARS
#define UNICODE_STRING_MAX_BYTES
#define VER_SUITE_DATACENTER
#define VER_SUITE_PERSONAL
#define ANSI_NULL
#define IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
Definition: ntimage.h:458
NTSTATUS NTAPI NtFreeVirtualMemory(IN HANDLE ProcessHandle, IN PVOID *UBaseAddress, IN PSIZE_T URegionSize, IN ULONG FreeType)
Definition: virtual.c:5192
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2781
NTSTATUS NTAPI NtIsProcessInJob(IN HANDLE ProcessHandle, IN HANDLE JobHandle OPTIONAL)
Definition: job.c:361
NTSTATUS NTAPI NtAssignProcessToJobObject(HANDLE JobHandle, HANDLE ProcessHandle)
Definition: job.c:157
NTSTATUS NTAPI NtCreateProcessEx(OUT PHANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN HANDLE ParentProcess, IN ULONG Flags, IN HANDLE SectionHandle OPTIONAL, IN HANDLE DebugPort OPTIONAL, IN HANDLE ExceptionPort OPTIONAL, IN BOOLEAN InJob)
Definition: process.c:1344
NTSTATUS NTAPI NtSetInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _In_reads_bytes_(ProcessInformationLength) PVOID ProcessInformation, _In_ ULONG ProcessInformationLength)
Definition: query.c:1389
NTSTATUS NTAPI NtResumeThread(IN HANDLE ThreadHandle, OUT PULONG SuspendCount OPTIONAL)
Definition: state.c:290
#define STATUS_IMAGE_MACHINE_TYPE_MISMATCH_EXE
Definition: ntstatus.h:224
VOID NTAPI CsrFreeCaptureBuffer(_In_ _Frees_ptr_ PCSR_CAPTURE_BUFFER CaptureBuffer)
Definition: capture.c:210
NTSTATUS NTAPI CsrClientCallServer(_Inout_ PCSR_API_MESSAGE ApiMessage, _Inout_opt_ PCSR_CAPTURE_BUFFER CaptureBuffer, _In_ CSR_API_NUMBER ApiNumber, _In_ ULONG DataLength)
Definition: connect.c:366
NTSTATUS NTAPI NtQuerySection(_In_ HANDLE SectionHandle, _In_ SECTION_INFORMATION_CLASS SectionInformationClass, _Out_ PVOID SectionInformation, _In_ SIZE_T SectionInformationLength, _Out_opt_ PSIZE_T ResultLength)
Definition: section.c:3808
Definition: basemsg.h:274
BASE_CREATE_PROCESS CreateProcessRequest
Definition: basemsg.h:283
union _BASE_API_MESSAGE::@3712 Data
Definition: basemsg.h:119
Definition: basemsg.h:85
Definition: kernel32.h:393
Definition: compat.h:824
Definition: nt_native.h:1409
Definition: csrmsg.h:101
Definition: csrmsg.h:91
Definition: ntddk_ex.h:181
Definition: pstypes.h:730
Definition: env_spec_w32.h:870
Definition: pstypes.h:1039
Definition: rtltypes.h:1893
Definition: rtltypes.h:1373
Definition: rtltypes.h:1903
Definition: mmtypes.h:340
USHORT ImageCharacteristics
Definition: mmtypes.h:356
USHORT SubSystemMinorVersion
Definition: mmtypes.h:350
USHORT SubSystemMajorVersion
Definition: mmtypes.h:351
Definition: compat.h:191
Definition: processthreadsapi.h:37
Definition: kernel32.h:407
Definition: kernel32.h:401
Definition: compat.h:836
#define ERROR_ACCESS_DISABLED_WEBBLADE_TAMPER
Definition: winerror.h:1105
Referenced by CreateProcessW().
◆ CreateProcessW()
| BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessW | ( | LPCWSTR | lpApplicationName, |
| LPWSTR | lpCommandLine, | ||
| LPSECURITY_ATTRIBUTES | lpProcessAttributes, | ||
| LPSECURITY_ATTRIBUTES | lpThreadAttributes, | ||
| BOOL | bInheritHandles, | ||
| DWORD | dwCreationFlags, | ||
| LPVOID | lpEnvironment, | ||
| LPCWSTR | lpCurrentDirectory, | ||
| LPSTARTUPINFOW | lpStartupInfo, | ||
| LPPROCESS_INFORMATION | lpProcessInformation | ||
| ) |
Definition at line 4442 of file proc.c.
4452{
4453 /* Call the internal (but exported) version */
4455 lpApplicationName,
4456 lpCommandLine,
4457 lpProcessAttributes,
4458 lpThreadAttributes,
4459 bInheritHandles,
4460 dwCreationFlags,
4461 lpEnvironment,
4462 lpCurrentDirectory,
4463 lpStartupInfo,
4464 lpProcessInformation,
4465 NULL);
4466}
BOOL WINAPI CreateProcessInternalW(IN HANDLE hUserToken, IN LPCWSTR lpApplicationName, IN LPWSTR lpCommandLine, IN LPSECURITY_ATTRIBUTES lpProcessAttributes, IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN BOOL bInheritHandles, IN DWORD dwCreationFlags, IN LPVOID lpEnvironment, IN LPCWSTR lpCurrentDirectory, IN LPSTARTUPINFOW lpStartupInfo, IN LPPROCESS_INFORMATION lpProcessInformation, OUT PHANDLE hNewToken)
Definition: proc.c:2084
Referenced by _wsystem(), alloc_console(), AudioDlgProc(), CorDebug_CreateProcess(), CProcess::CProcess(), create_pseudo_console(), create_server(), CreateClientProcess(), CreateProcessAsUserW(), CreateProcessWithTokenW(), do_register_dll(), execute_command(), HotkeyThread(), IDirectInputAImpl_RunControlPanel(), install_wine_gecko(), InstallDevice(), InstallLiveCD(), ITERATE_RemoveExistingProducts(), CNetConnectionPropertyUi::LANPropertiesUIDlg(), launch_exe(), CNewMenu::NewItemByCommand(), ProcessPage_OnDebug(), PromptAndRunProcessAs(), register_dll(), run_child(), run_rapps(), run_winemenubuilder(), runCmd(), RunControlPanelApplet(), RunCurrentJobs(), runscriptfile(), RunSetupThreadProc(), ScmStartUserModeService(), SHELL_ExecuteW(), start_debugger(), START_TEST(), StartChild(), StartLsass(), StartProcess(), StartServicesManager(), TaskManager_OnFileNew(), Test_CommandLine(), test_debug_loop_wow64(), TestStaticDestruct(), UnhandledExceptionFilter(), WshExec_create(), and wWinMain().
◆ ExitProcess()
Definition at line 1331 of file proc.c.
1332{
1333 BASE_API_MESSAGE ApiMessage;
1335
1337
1338 _SEH2_TRY
1339 {
1340 /* Acquire the PEB lock */
1341 RtlAcquirePebLock();
1342
1343 /* Kill all the threads */
1345
1346 /* Unload all DLLs */
1347 LdrShutdownProcess();
1348
1349 /* Notify Base Server of process termination */
1350 ExitProcessRequest->uExitCode = uExitCode;
1352 NULL,
1354 sizeof(*ExitProcessRequest));
1355
1356 /* Now do it again */
1358 }
1359 _SEH2_FINALLY
1360 {
1361 /* Release the PEB lock */
1362 RtlReleasePebLock();
1363 }
1364 _SEH2_END;
1365
1366 /* should never get here */
1367 ASSERT(0);
1368 while(1);
1369}
Definition: basemsg.h:114
Referenced by _exit(), _font_assert(), _RunRemoteTest(), alarmThreadMain(), BaseProcessStartup(), BaseThreadStartup(), child_process(), CLRMetaHost_ExitProcess(), ConsoleControlDispatcher(), CorExitProcess(), CtrlCIntercept(), DbgkExitProcess(), DECLARE_INTERFACE_(), DefaultConsoleCtrlHandler(), DevInstallW(), DisplayError(), dll_entry_point(), doChild(), doDebugger(), ErrorExit(), exit(), exit_or_terminate_process(), ExitThread(), FatalAppExitA(), FatalAppExitW(), FatalExit(), fls_exit_deadlock_child(), Host_Quit(), IEWinMain(), init(), LoadProc(), local_server_proc(), LogToFile(), main(), MyErrExit(), performUninstall(), restart_as_admin_elevated(), RpcRaiseException(), setupDelayHook(), ShellExec_RunDLL_Helper(), ShowUsage(), START_TEST(), StringListAppend(), test__popen_child(), test__popen_read_child(), thread_1(), VdmShutdown(), wait_debugger(), WatchDirectory(), WinMain(), wmainCRTStartup(), and wWinMain().
◆ FatalAppExitA()
Definition at line 1406 of file proc.c.
1408{
1409 PUNICODE_STRING MessageTextU;
1410 ANSI_STRING MessageText;
1412
1413 /* Initialize the string using the static TEB pointer */
1414 MessageTextU = &NtCurrentTeb()->StaticUnicodeString;
1416
1417 /* Convert to unicode, or just exit normally if this failed */
1420
1421 /* Call the Wide function */
1423}
VOID WINAPI FatalAppExitW(IN UINT uAction, IN LPCWSTR lpMessageText)
Definition: proc.c:1430
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
◆ FatalAppExitW()
Definition at line 1430 of file proc.c.
1432{
1436
1437 /* Setup the string to print out */
1439
1440 /* Display the hard error no matter what */
1442 1,
1443 1,
1446 /* On Checked builds, Windows allows the user to cancel the operation */
1447 OptionOkCancel,
1448#else
1449 OptionOk,
1450#endif
1451 &Response);
1452
1453 /* Give the user a chance to abort */
1455 {
1456 return;
1457 }
1458
1459 /* Otherwise kill the process */
1460 ExitProcess(0);
1461}
Definition: ncftp.h:89
Definition: ntobjfs.cpp:135
Referenced by FatalAppExitA().
◆ FatalExit()
Definition at line 1468 of file proc.c.
1469{
1470#if DBG
1471 /* On Checked builds, Windows gives the user a nice little debugger UI */
1474
1475 /* Check for reactos specific flag (set by rosautotest) */
1477 {
1479 }
1480
1482 {
1485 {
1486 case 'B': case 'b':
1487 DbgBreakPoint();
1488 break;
1489
1490 case 'A': case 'a':
1491 ExitProcess(ExitCode);
1492
1493 case 'I': case 'i':
1494 return;
1495 }
1496 }
1497#endif
1498 /* On other builds, just kill the process */
1499 ExitProcess(ExitCode);
1500}
NTSYSAPI void WINAPI DbgBreakPoint(void)
DECLSPEC_NORETURN NTSYSAPI VOID NTAPI RtlRaiseStatus(_In_ NTSTATUS Status)
NTSYSAPI ULONG NTAPI DbgPrompt(_In_z_ PCCH Prompt, _Out_writes_bytes_(MaximumResponseLength) PCH Response, _In_ ULONG MaximumResponseLength)
_In_ WDFIOTARGET _In_ _Strict_type_match_ WDF_IO_TARGET_SENT_IO_ACTION Action
Definition: wdfiotarget.h:510
◆ FlushInstructionCache()
Definition at line 1307 of file proc.c.
1310{
1312
1313 /* Call the native function */
1316 {
1317 /* Handle failure case */
1320 }
1321
1322 /* All good */
1324}
NTSTATUS NTAPI NtFlushInstructionCache(_In_ HANDLE ProcessHandle, _In_opt_ PVOID BaseAddress, _In_ SIZE_T FlushSize)
Definition: virtual.c:3009
◆ GetCommandLineA()
◆ GetCommandLineW()
◆ GetCurrentProcess()
◆ GetCurrentProcessId()
Definition at line 1156 of file proc.c.
Referenced by __security_init_cookie(), _getpid(), _mktemp(), _mktemp_s(), _Success_(), _wmktemp(), _wmktemp_s(), _wtmpnam(), AddPortW(), adns_getpid(), apartment_construct(), child_process(), ClientLoadLibrary(), CloseProcess(), CMP_RegisterNotification(), CoGetCurrentProcess(), CommitSpoolData(), ConfigurePortW(), CreateNotificationParamAndSend(), CreatePipe(), CreateProcessWithLogonW(), CreateToolhelp32Snapshot(), CURSORICON_CopyImage(), custom_start_server(), default_ctrl_handler(), DirectDrawClipper_Initialize(), dll_entry_point(), DllMain(), do_msidbCustomActionTypeDll(), doChild(), DPLAYX_CreateLobbyApplication(), DPLAYX_IsAppIdLobbied(), DumpNotificationState(), EnumWindowsProc(), ExtractAndInstallThread(), ExtractArchiveForExecution(), FreeChangeNotifications(), generate_ipid(), get_cmdline(), GetProcessVersion(), GetSpoolFileHandle(), handle_msi_break(), IDirectPlayLobby3AImpl_SetConnectionSettings(), IDirectPlayLobby3Impl_SetConnectionSettings(), ImmGetImeMenuItemsAW(), Internal_CreatePalette(), Internal_CreateSurface(), IsBlockFromHeap(), LresultFromObject(), main(), mark_task_process(), NotifyInfo::modify(), new_stub_manager(), NotifyLogon(), ole_server(), openlog(), OutputDebugStringA(), ParseSharedPacket(), ProcessIdToSessionId(), RegisterDragDrop(), RPC_ExecuteCall(), rpcrt4_protseq_ncacn_np_open_endpoint(), rpcrt4_protseq_ncalrpc_open_endpoint(), ScConnectControlPipe(), CNotifyToolbar::SendNotifyCallback(), ServerThread(), service_main(), SHAllocShared(), SHAppBarMessage(), SHFreeShared(), SHGetAppCompatFlags(), SHLockShared(), SHMapHandle(), start_debugger(), START_TEST(), StartDirectDraw(), TelnetGetConsoleWindow(), test_AddSelfToJob(), test_alloc_shared(), test_alloc_shared_remote(), test_AttachConsole(), test_AttachConsole_child(), test_BreakawayOk(), Test_CloseDuplicatedSocket(), Test_CloseWhileSelectDuplicatedSocket(), test_debug_loop(), test_exit_process_async(), test_GetConsoleProcessList(), test_GetExtendedTcpTable_owner(), test_GetExtendedUdpTable_owner(), test_GetProcessVersion(), test_handles(), test_jobInheritance(), test_MessageBox(), test_nested_jobs_child(), test_OpenProcess(), test_parent_process_attribute(), test_process_security_child(), Test_ProcessModules(), test_query_handle(), test_query_handle_ex(), test_query_object_types(), test_query_process_vm(), test_QueryFullProcessImageNameW(), test_QueryInformationJobObject(), test_readvirtualmemory(), test_session_info(), test_set_hook(), test_SHCreateSessionKey(), test_tcp(), test_Toolhelp(), test_udp(), test_WaitForJobObject(), test_Win32_Process(), test_winevents(), test_WithWSAStartup(), test_ws_functions(), TestChannelHook_ClientFillBuffer(), TestChannelHook_ClientGetSize(), TestChannelHook_ClientNotify(), TestChannelHook_ServerGetSize(), TestChannelHook_ServerNotify(), ThemeDestroyWndData(), tmpnam(), tmpnam_helper(), WDML_AddServer(), WinMain(), wmain(), NotifyArea::WndProc(), FlatButton::WndProc(), wtmpnam_helper(), and wWinMain().
◆ GetCurrentThread()
Definition at line 1146 of file proc.c.
Referenced by __threadhandle(), AccpLookupCurrentUser(), AdjustAffinity(), AuthzpInitUnderImpersonation(), CheckTokenMembership(), ConsoleControlDispatcher(), DirectoryWatcherThreadFuncAPC(), dll_entry_point(), DwInitializeSdFromThreadToken(), CShellCommandSACL::Execute(), GetProfileType(), GetSystemUserInfo(), GetUserNameW(), ImageView_Main(), IsCallerInteractive(), main(), OpenEffectiveToken(), PlaySound_ExpandEnvironmentStrings(), priorityTimeProc(), Privilege(), RegOpenCurrentUser(), RevertToPrinterSelf(), rpcrt4_http_timer_thread(), RPCRT4_io_thread(), RPCRT4_server_thread(), CFindFolder::SearchThreadProc(), serverThreadMain2(), set_thread_name(), SetThreadToken(), SlideWindow(), SockAsyncThread(), start_address_thread(), start_fiber(), START_TEST(), test_affinity(), test_alertable(), test_CancelSynchronousIo(), test_CoWaitForMultipleHandles(), test_CreateDirectoryA(), test_CreatePipe(), test_FileSecurity(), test_GetFileType(), test_GetNamedSecurityInfoA(), test_GetOverlappedResultEx(), test_GetSecurityInfo(), test_GetWindowsAccountDomainSid(), test_ImpersonateNamedPipeClient(), test_impersonation_level(), test_MsgWaitForMultipleObjects(), test_nonalertable(), test_NtGetCurrentProcessorNumber(), test_post_completion(), test_pseudo_tokens(), test_QueueUserAPC(), test_read_write(), Test_SyscallPerformance(), test_thread_description(), test_thread_info(), test_thread_priority(), test_thread_processor(), test_thread_start_address(), Test_ThreadBasicInformationClass(), Test_ThreadPriorityClass(), test_WaitForMultipleObjects(), test_WaitForSingleObject(), TestTokenPrivilege(), ThreadFunc2(), threadFunc3(), TlsFree(), WahOpenCurrentThread(), WaveThread(), wmain(), and wWinMain().
◆ GetExitCodeProcess()
Definition at line 1166 of file proc.c.
1168{
1169 PROCESS_BASIC_INFORMATION ProcessBasic;
1171
1172 /* Ask the kernel */
1174 ProcessBasicInformation,
1175 &ProcessBasic,
1176 sizeof(ProcessBasic),
1177 NULL);
1179 {
1180 /* We failed, was this because this is a VDM process? */
1182
1183 /* Not a VDM process, fail the call */
1186 }
1187
1188 /* Succes case, return the exit code */
1191}
BOOL WINAPI BaseCheckForVDM(IN HANDLE ProcessHandle, OUT LPDWORD ExitCode)
Definition: vdm.c:618
NTSTATUS NTAPI NtQueryInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _Out_writes_bytes_to_opt_(ProcessInformationLength, *ReturnLength) PVOID ProcessInformation, _In_ ULONG ProcessInformationLength, _Out_opt_ PULONG ReturnLength)
Definition: query.c:211
Definition: winternl.h:404
Referenced by _cwait(), _pclose(), check_child_console_bits(), CloseProcessAndVerify_(), cmd_start(), CommandThreadProc(), crash_and_debug(), crash_and_winedbg(), custom_get_process_return(), DoTestEntry(), Execute(), execute_command(), ExecutePipeline(), LauncherRoutine2(), MonitorChildThread(), ProcessRunning(), read_reg_output_(), restart_as_admin_elevated(), run_child_wait(), run_ex(), run_rapps(), run_reg_exe_(), run_script_file(), runcmd(), runCmd(), runscriptfile(), RunSetupThreadProc(), shell_execute_ex_(), TerminateShell(), test_CreateProcessWithDesktop(), test_CtrlHandlerSubsystem(), test_ddeml_server(), test_debug_loop_wow64(), test_DoInvalidDir(), test_end_to_end_server(), test_exit(), test_ExitProcess(), test_kill_on_exit(), test_msg_server(), test_pe_os_version(), test_quick_exit(), WshExec_get_Status(), and WshShell3_Run().
◆ GetPriorityClass()
Definition at line 1507 of file proc.c.
1508{
1511
1512 /* Query the kernel */
1514 ProcessPriorityClass,
1515 &PriorityClass,
1516 sizeof(PriorityClass),
1517 NULL);
1519 {
1520 /* Handle the conversion from NT to Win32 classes */
1521 switch (PriorityClass.PriorityClass)
1522 {
1529 }
1530 }
1531
1532 /* Failure path */
1534 return 0;
1535}
ActualNumberDriverObjects * sizeof(PDRIVER_OBJECT)) PDRIVER_OBJECT *DriverObjectList
Referenced by ProcessPageShowContextMenu(), and test_query_process_priority().
◆ GetProcessAffinityMask()
| BOOL WINAPI GetProcessAffinityMask | ( | IN HANDLE | hProcess, |
| OUT PDWORD_PTR | lpProcessAffinityMask, | ||
| OUT PDWORD_PTR | lpSystemAffinityMask | ||
| ) |
Definition at line 861 of file proc.c.
864{
865 PROCESS_BASIC_INFORMATION ProcessInfo;
867
868 /* Query information on the process from the kernel */
871 &ProcessInfo,
872 sizeof(ProcessInfo),
873 NULL);
875 {
876 /* Fail */
879 }
880
881 /* Copy the affinity mask, and get the system one from our shared data */
885}
KAFFINITY ActiveProcessorsAffinityMask
Definition: ntddk_ex.h:167
Referenced by AffinityDialogWndProc(), START_TEST(), and test_thread_processor().
◆ GetProcessHandleCount()
Definition at line 1795 of file proc.c.
1797{
1798 ULONG phc;
1800
1801 /* Query the kernel */
1803 ProcessHandleCount,
1804 &phc,
1805 sizeof(phc),
1806 NULL);
1808 {
1809 /* Copy the count and return success */
1810 *pdwHandleCount = phc;
1812 }
1813
1814 /* Handle error path */
1817}
◆ GetProcessId()
Definition at line 1198 of file proc.c.
1199{
1200 PROCESS_BASIC_INFORMATION ProcessBasic;
1202
1203 /* Query the kernel */
1205 ProcessBasicInformation,
1206 &ProcessBasic,
1207 sizeof(ProcessBasic),
1208 NULL);
1210 {
1211 /* Handle failure */
1213 return 0;
1214 }
1215
1216 /* Return the PID */
1218}
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
◆ GetProcessIoCounters()
Definition at line 1711 of file proc.c.
1713{
1715
1716 /* Query the kernel. Structures are identical, so let it do the copy too. */
1718 ProcessIoCounters,
1719 lpIoCounters,
1721 NULL);
1723 {
1724 /* Handle error path */
1727 }
1728
1729 /* All done */
1731}
Definition: pstypes.h:82
Referenced by PerfDataRefresh().
◆ GetProcessPriorityBoost()
Definition at line 1738 of file proc.c.
1740{
1743
1744 /* Query the kernel */
1746 ProcessPriorityBoost,
1747 &PriorityBoost,
1749 NULL);
1751 {
1752 /* Convert from ULONG to a BOOL */
1755 }
1756
1757 /* Handle error path */
1760}
◆ GetProcessShutdownParameters()
Definition at line 918 of file proc.c.
920{
921 BASE_API_MESSAGE ApiMessage;
922 PBASE_GETSET_PROCESS_SHUTDOWN_PARAMS ShutdownParametersRequest = &ApiMessage.Data.ShutdownParametersRequest;
923
924 /* Ask CSRSS for shutdown information */
926 NULL,
928 sizeof(*ShutdownParametersRequest));
930 {
931 /* Return the failure from CSRSS */
934 }
935
936 /* Get the data back */
937 *lpdwLevel = ShutdownParametersRequest->ShutdownLevel;
938 *lpdwFlags = ShutdownParametersRequest->ShutdownFlags;
940}
BASE_GETSET_PROCESS_SHUTDOWN_PARAMS ShutdownParametersRequest
Definition: basemsg.h:294
◆ GetProcessTimes()
| BOOL WINAPI GetProcessTimes | ( | IN HANDLE | hProcess, |
| IN LPFILETIME | lpCreationTime, | ||
| IN LPFILETIME | lpExitTime, | ||
| IN LPFILETIME | lpKernelTime, | ||
| IN LPFILETIME | lpUserTime | ||
| ) |
Definition at line 1097 of file proc.c.
1102{
1103 KERNEL_USER_TIMES Kut;
1105
1106 /* Query the times */
1108 ProcessTimes,
1109 &Kut,
1110 sizeof(Kut),
1111 NULL);
1113 {
1114 /* Handle failure */
1117 }
1118
1119 /* Copy all the times and return success */
1129}
Definition: winternl.h:2373
struct _LARGE_INTEGER::@2450 u
◆ GetProcessVersion()
Definition at line 1610 of file proc.c.
1611{
1613 PIMAGE_NT_HEADERS NtHeader;
1614 PIMAGE_DOS_HEADER DosHeader;
1616 PROCESS_BASIC_INFORMATION ProcessBasicInfo;
1621 USHORT VersionData[2];
1623
1624 /* We'll be accessing stuff that can fault, so protect everything with SEH */
1625 _SEH2_TRY
1626 {
1627 /* It this an in-process or out-of-process request? */
1629 {
1630 /* It's in-process, so just read our own header */
1632 if (!NtHeader)
1633 {
1634 /* Unable to read the NT header, something is wrong here... */
1637 }
1638
1639 /* Get the version straight out of the NT header */
1642 }
1643 else
1644 {
1645 /* Out-of-process, so open it */
1647 FALSE,
1648 ProcessId);
1650
1651 /* Try to find out where its PEB lives */
1653 ProcessBasicInformation,
1654 &ProcessBasicInfo,
1655 sizeof(ProcessBasicInfo),
1656 NULL);
1657
1660
1661 /* Now that we have the PEB, read the image base address out of it */
1664 &BaseAddress,
1666 NULL);
1668
1669 /* Now read the e_lfanew (offset to NT header) from the base */
1670 DosHeader = BaseAddress;
1672 &DosHeader->e_lfanew,
1673 &e_lfanew,
1675 NULL);
1677
1678 /* And finally, read the NT header itself by adding the offset */
1682 &VersionData,
1683 sizeof(VersionData),
1684 NULL);
1686
1687 /* Get the version straight out of the NT header */
1689
1690Error:
1691 /* If there was an error anywhere, set the last error */
1693 }
1694 }
1695 _SEH2_FINALLY
1696 {
1697 /* Close the process handle */
1699 }
1700 _SEH2_END;
1701
1702 /* And return the version data */
1704}
HANDLE WINAPI OpenProcess(IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN DWORD dwProcessId)
Definition: proc.c:1225
Definition: ntddk_ex.h:99
_Must_inspect_result_ _In_ WDFDEVICE _In_ LPCGUID _Out_ PINTERFACE _In_ USHORT _In_ USHORT Version
Definition: wdffdo.h:469
Referenced by get_app_version(), GetSystemInfoInternal(), and SHLWAPI_InitAppCompat().
◆ GetProcessWorkingSetSize()
| BOOL WINAPI GetProcessWorkingSetSize | ( | IN HANDLE | hProcess, |
| OUT PSIZE_T | lpMinimumWorkingSetSize, | ||
| OUT PSIZE_T | lpMaximumWorkingSetSize | ||
| ) |
Definition at line 1009 of file proc.c.
1012{
1013 DWORD Dummy;
1015 lpMinimumWorkingSetSize,
1016 lpMaximumWorkingSetSize,
1017 &Dummy);
1018}
BOOL WINAPI GetProcessWorkingSetSizeEx(IN HANDLE hProcess, OUT PSIZE_T lpMinimumWorkingSetSize, OUT PSIZE_T lpMaximumWorkingSetSize, OUT PDWORD Flags)
Definition: proc.c:976
◆ GetProcessWorkingSetSizeEx()
| BOOL WINAPI GetProcessWorkingSetSizeEx | ( | IN HANDLE | hProcess, |
| OUT PSIZE_T | lpMinimumWorkingSetSize, | ||
| OUT PSIZE_T | lpMaximumWorkingSetSize, | ||
| OUT PDWORD | Flags | ||
| ) |
Definition at line 976 of file proc.c.
980{
981 QUOTA_LIMITS_EX QuotaLimits;
983
984 /* Query the kernel about this */
986 ProcessQuotaLimits,
987 &QuotaLimits,
988 sizeof(QuotaLimits),
989 NULL);
991 {
992 /* Return error */
995 }
996
997 /* Copy the quota information out */
998 *lpMinimumWorkingSetSize = QuotaLimits.MinimumWorkingSetSize;
999 *lpMaximumWorkingSetSize = QuotaLimits.MaximumWorkingSetSize;
1002}
Definition: pstypes.h:67
Referenced by GetProcessWorkingSetSize().
◆ GetStartupInfoW()
| VOID WINAPI GetStartupInfoW | ( | IN LPSTARTUPINFOW | lpStartupInfo | ) |
Definition at line 1266 of file proc.c.
1267{
1269
1270 /* Get the process parameters */
1272
1273 /* Copy the data out of there */
1275 lpStartupInfo->lpReserved = Params->ShellInfo.Buffer;
1276 lpStartupInfo->lpDesktop = Params->DesktopInfo.Buffer;
1277 lpStartupInfo->lpTitle = Params->WindowTitle.Buffer;
1278 lpStartupInfo->dwX = Params->StartingX;
1279 lpStartupInfo->dwY = Params->StartingY;
1280 lpStartupInfo->dwXSize = Params->CountX;
1281 lpStartupInfo->dwYSize = Params->CountY;
1282 lpStartupInfo->dwXCountChars = Params->CountCharsX;
1283 lpStartupInfo->dwYCountChars = Params->CountCharsY;
1284 lpStartupInfo->dwFillAttribute = Params->FillAttribute;
1285 lpStartupInfo->dwFlags = Params->WindowFlags;
1287 lpStartupInfo->cbReserved2 = Params->RuntimeData.Length;
1289
1290 /* Check if the standard handles are being used for other features */
1292 STARTF_USEHOTKEY |
1293 STARTF_SHELLPRIVATE))
1294 {
1295 /* These are, so copy the standard handles too */
1296 lpStartupInfo->hStdInput = Params->StandardInput;
1297 lpStartupInfo->hStdOutput = Params->StandardOutput;
1298 lpStartupInfo->hStdError = Params->StandardError;
1299 }
1300}
struct _STARTUPINFOW STARTUPINFOW
Referenced by alloc_console(), AttachConsole(), initialize_inherited_file_handles_nolock(), test_AllocConsole_child(), wmain(), and wWinMain().
◆ InitCommandLines()
Definition at line 840 of file proc.c.
841{
843
844 /* Read the UNICODE_STRING from the PEB */
846
847 /* Convert to ANSI_STRING for the *A callers */
849 &BaseUnicodeCommandLine,
850 TRUE);
852}
NTSYSAPI NTSTATUS NTAPI RtlUnicodeStringToAnsiString(PANSI_STRING DestinationString, PUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)
Referenced by DllMain().
◆ IsWow64Process()
◆ OpenProcess()
| HANDLE WINAPI OpenProcess | ( | IN DWORD | dwDesiredAccess, |
| IN BOOL | bInheritHandle, | ||
| IN DWORD | dwProcessId | ||
| ) |
Definition at line 1225 of file proc.c.
1228{
1233
1234 /* Setup the input client ID structure */
1237
1238 /* This is needed just to define the inheritance flags */
1240 NULL,
1242 NULL,
1243 NULL);
1244
1245 /* Now try to open the process */
1247 dwDesiredAccess,
1248 &ObjectAttributes,
1249 &ClientId);
1251 {
1252 /* Handle failure */
1255 }
1256
1257 /* Otherwise return a handle to the process */
1259}
NTSTATUS NTAPI NtOpenProcess(OUT PHANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PCLIENT_ID ClientId)
Definition: process.c:1440
Referenced by _DoDLLInjection(), _RpcCommitSpoolData2(), _RpcGetSpoolFileInfo2(), _tWinMain(), CIconWatcher::AddIconToWatcher(), child_process(), child_process_exit_process_async(), CloseProcess(), CloseProcessAndVerify_(), DebugActiveProcess(), DebugActiveProcessStop(), debugcontrol_WaitForEvent(), dll_entry_point(), doChild(), DoSetPriority(), ExecuteKill(), get_droptarget_local_handle(), get_process_name_from_pid(), GetOwnerModuleFromPidEntry(), GetProcessExecutablePathById(), GetProcessHandleFromHwnd(), GetProcessVersion(), GetThemeServiceProcessHandle(), Ghost_DestroyTarget(), IsProcessRunning(), ObjectFromLresult(), PerfDataGetCommandLine(), PerfDataRefresh(), PNP_ReportLogOn(), ProcessIdToSessionId(), ProcessKeys(), ProcessList_Update(), ProcessPage_OnEndProcess(), ProcessPage_OnEndProcessTree(), ProcessPage_OnSetAffinity(), ProcessPageShowContextMenu(), ProcessRunning(), SeclCreateProcessWithLogonW(), SHMapHandle(), ShutdownProcessTreeHelper(), START_TEST(), terminate_processes(), test_ExitProcess(), test_OpenProcess(), test_parent_process_attribute(), test_process_security_child(), test_query_process_handlecount(), test_query_process_times(), test_query_process_vm(), test_QueryFullProcessImageNameW(), test_readvirtualmemory(), test_RtlQueryPackageIdentity(), test_shell_window(), test_token_security_descriptor(), test_Toolhelp(), test_ws_functions(), Toolhelp32ReadProcessMemory(), WSPDuplicateSocket(), and wWinMain().
◆ ProcessIdToSessionId()
Definition at line 2025 of file proc.c.
2027{
2028 PROCESS_SESSION_INFORMATION SessionInformation;
2033
2034 /* Do a quick check if the pointer is not writable */
2036 {
2037 /* Fail fast */
2040 }
2041
2042 /* Open the process passed in by ID */
2048 &ObjectAttributes,
2049 &ClientId);
2051 {
2052 /* Query the session ID from the kernel */
2055 &SessionInformation,
2056 sizeof(SessionInformation),
2057 NULL);
2058
2059 /* Close the handle and check if we succeeded */
2062 {
2063 /* Return the session ID */
2064 *pSessionId = SessionInformation.SessionId;
2066 }
2067 }
2068
2069 /* Set error code and fail */
2072}
Definition: pstypes.h:405
Referenced by AddPortW(), child_process_check_session_id(), ConfigurePortW(), START_TEST(), test_namedpipe_session_id(), and test_SHCreateSessionKey().
◆ ReadProcessMemory()
| BOOL NTAPI ReadProcessMemory | ( | IN HANDLE | hProcess, |
| IN LPCVOID | lpBaseAddress, | ||
| IN LPVOID | lpBuffer, | ||
| IN SIZE_T | nSize, | ||
| OUT SIZE_T * | lpNumberOfBytesRead | ||
| ) |
◆ RegisterWaitForInputIdle()
| VOID WINAPI RegisterWaitForInputIdle | ( | WaitForInputIdleType | lpfnRegisterWaitForInputIdle | ) |
◆ SetPriorityClass()
Definition at line 1542 of file proc.c.
1544{
1547 PROCESS_PRIORITY_CLASS PriorityClass;
1548
1549 /* Handle conversion from Win32 to NT priority classes */
1550 switch (dwPriorityClass)
1551 {
1554 break;
1555
1558 break;
1559
1562 break;
1563
1566 break;
1567
1570 break;
1571
1573 /* Try to acquire the privilege. If it fails, just use HIGH */
1577 break;
1578
1579 default:
1580 /* Unrecognized priority classes don't make it to the kernel */
1583 }
1584
1585 /* Send the request to the kernel, and don't touch the foreground flag */
1588 ProcessPriorityClass,
1589 &PriorityClass,
1591
1592 /* Release the privilege if we had it */
1595 {
1596 /* Handle error path */
1599 }
1600
1601 /* All done */
1603}
Definition: stack_allocator.h:18
Referenced by CsrSetPriorityClass(), DoSetPriority(), main(), test_query_process_priority(), UpdatePriority(), and wWinMain().
◆ SetProcessAffinityMask()
Definition at line 892 of file proc.c.
894{
896
897 /* Directly set the affinity mask */
899 ProcessAffinityMask,
900 (PVOID)&dwProcessAffinityMask,
901 sizeof(dwProcessAffinityMask));
903 {
904 /* Handle failure */
907 }
908
909 /* Everything was ok */
911}
Referenced by AffinityDialogWndProc(), and cmd_start().
◆ SetProcessPriorityBoost()
Definition at line 1767 of file proc.c.
1769{
1772
1773 /* Enforce that this is a BOOL, and send it to the kernel as a ULONG */
1776 ProcessPriorityBoost,
1777 &PriorityBoost,
1780 {
1781 /* Handle error path */
1784 }
1785
1786 /* All done */
1788}
◆ SetProcessShutdownParameters()
Definition at line 947 of file proc.c.
949{
950 BASE_API_MESSAGE ApiMessage;
951 PBASE_GETSET_PROCESS_SHUTDOWN_PARAMS ShutdownParametersRequest = &ApiMessage.Data.ShutdownParametersRequest;
952
953 /* Write the data into the CSRSS request and send it */
954 ShutdownParametersRequest->ShutdownLevel = dwLevel;
957 NULL,
959 sizeof(*ShutdownParametersRequest));
961 {
962 /* Return the failure from CSRSS */
965 }
966
967 /* All went well */
969}
Referenced by _tWinMain(), and wWinMain().
◆ SetProcessWorkingSetSize()
| BOOL WINAPI SetProcessWorkingSetSize | ( | IN HANDLE | hProcess, |
| IN SIZE_T | dwMinimumWorkingSetSize, | ||
| IN SIZE_T | dwMaximumWorkingSetSize | ||
| ) |
Definition at line 1081 of file proc.c.
1084{
1085 /* Call the newer API */
1087 dwMinimumWorkingSetSize,
1088 dwMaximumWorkingSetSize,
1089 0);
1090}
BOOL WINAPI SetProcessWorkingSetSizeEx(IN HANDLE hProcess, IN SIZE_T dwMinimumWorkingSetSize, IN SIZE_T dwMaximumWorkingSetSize, IN DWORD Flags)
Definition: proc.c:1025
◆ SetProcessWorkingSetSizeEx()
| BOOL WINAPI SetProcessWorkingSetSizeEx | ( | IN HANDLE | hProcess, |
| IN SIZE_T | dwMinimumWorkingSetSize, | ||
| IN SIZE_T | dwMaximumWorkingSetSize, | ||
| IN DWORD | Flags | ||
| ) |
Definition at line 1025 of file proc.c.
1029{
1030 QUOTA_LIMITS_EX QuotaLimits;
1035
1036 /* Zero out the input structure */
1038
1039 /* Check if the caller sent any limits */
1040 if ((dwMinimumWorkingSetSize) && (dwMaximumWorkingSetSize))
1041 {
1042 /* Write the quota information */
1043 QuotaLimits.MinimumWorkingSetSize = dwMinimumWorkingSetSize;
1044 QuotaLimits.MaximumWorkingSetSize = dwMaximumWorkingSetSize;
1046
1047 /* Acquire the required privilege */
1049
1050 /* Request the new quotas */
1052 ProcessQuotaLimits,
1053 &QuotaLimits,
1054 sizeof(QuotaLimits));
1057 {
1058 /* Release the privilege and set succes code */
1062 }
1063 }
1064 else
1065 {
1066 /* No limits, fail the call */
1067 ReturnStatus = STATUS_INVALID_PARAMETER;
1069 }
1070
1071 /* Return result code, set error code if this was a failure */
1074}
Referenced by EmptyWorkingSet(), and SetProcessWorkingSetSize().
◆ StuffStdHandle()
| VOID WINAPI StuffStdHandle | ( | IN HANDLE | ProcessHandle, |
| IN HANDLE | StandardHandle, | ||
| IN PHANDLE | Address | ||
| ) |
Definition at line 55 of file proc.c.
58{
60 HANDLE DuplicatedHandle;
61 SIZE_T NumberOfBytesWritten;
62
63 /* If there is no handle to duplicate, return immediately */
64 if (!StandardHandle) return;
65
66 /* Duplicate the handle */
68 StandardHandle,
69 ProcessHandle,
70 &DuplicatedHandle,
71 0,
72 0,
76
77 /* Write it */
79 Address,
80 &DuplicatedHandle,
82 &NumberOfBytesWritten);
83}
NTSTATUS NTAPI NtDuplicateObject(IN HANDLE SourceProcessHandle, IN HANDLE SourceHandle, IN HANDLE TargetProcessHandle OPTIONAL, OUT PHANDLE TargetHandle OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG HandleAttributes, IN ULONG Options)
Definition: obhandle.c:3410
#define DUPLICATE_SAME_ACCESS
Referenced by CreateProcessInternalW().
◆ TerminateProcess()
Definition at line 1376 of file proc.c.
1378{
1380
1381 /* Check if no handle was passed in */
1383 {
1384 /* Set error code */
1386 }
1387 else
1388 {
1389 /* Otherwise, try to terminate the process */
1392
1393 /* It failed, convert error code */
1395 }
1396
1397 /* This is the failure path */
1399}
Referenced by _tWinMain(), child_process(), Telnet::Close(), CloseProcess(), common_message_window(), CorDebug_CreateProcess(), cordebugprocess_Terminate(), CPlApplet(), crash_and_debug(), CreateProcessAsUserCommon(), do_register_dll(), DoTestEntry(), ExecuteKill(), ExecutePipeline(), exit_or_terminate_process(), Ghost_DestroyTarget(), ProcessKeys(), ProcessPage_OnEndProcess(), RaiseFailFastException(), read_reg_output_(), run_ex(), run_reg_exe_(), run_regedit_exe_(), runcmd(), ScreenSaverConfig(), ScreenSaverPageProc(), ScreenSaverPreview(), SetScreenSaverPreviewBox(), ShutdownProcessTreeHelper(), START_TEST(), StartScreenSaver(), terminate_processes(), TerminateShell(), test_apc_deadlock(), test_BreakawayOk(), test_CompletionPort(), test_CreateRemoteThread(), test_CtrlHandlerSubsystem(), test_debugger(), test_Directory(), TEST_DoTestEntryStruct(), test_EnumProcessModules(), test_ExitProcess(), test_GetProcessVersion(), test_IsProcessInJob(), test_IsWow64Process(), test_IsWow64Process2(), test_job_list_attribute(), test_kill_on_exit(), test_KillOnJobClose(), Test_layers(), test_nested_jobs(), test_nested_jobs_child(), test_NtSuspendProcess(), test_overlapped_transport(), test_process_access(), test_QueryInformationJobObject(), Test_repeatlayer(), test_RtlQueryPackageIdentity(), test_RunSetupCommand(), test_section_access(), test_shell_window(), test_TerminateJobObject(), test_TerminateProcess(), test_VirtualAllocEx(), test_WaitForInputIdle(), TestTerminateProcess(), UnhandledExceptionFilter(), WshExec_Terminate(), wWinMain(), and CProcess::~CProcess().
◆ WriteProcessMemory()
| BOOL NTAPI WriteProcessMemory | ( | IN HANDLE | hProcess, |
| IN LPVOID | lpBaseAddress, | ||
| IN LPCVOID | lpBuffer, | ||
| IN SIZE_T | nSize, | ||
| OUT SIZE_T * | lpNumberOfBytesWritten | ||
| ) |
Definition at line 1906 of file proc.c.
1911{
1913 ULONG OldValue;
1917
1918 /* Set parameters for protect call */
1920 Base = lpBaseAddress;
1921
1922 /* Check the current status */
1924 &Base,
1925 &RegionSize,
1926 PAGE_EXECUTE_READWRITE,
1927 &OldValue);
1929 {
1930 /* Check if we are unprotecting */
1932 PAGE_WRITECOPY |
1933 PAGE_EXECUTE_READWRITE |
1936 {
1937 /* Set the new protection */
1939 &Base,
1940 &RegionSize,
1941 OldValue,
1942 &OldValue);
1943
1944 /* Write the memory */
1946 lpBaseAddress,
1948 nSize,
1949 &nSize);
1950
1951 /* In Win32, the parameter is optional, so handle this case */
1953
1955 {
1956 /* We failed */
1959 }
1960
1961 /* Flush the ITLB */
1964 }
1965 else
1966 {
1967 /* Check if we were read only */
1969 {
1970 /* Restore protection and fail */
1972 &Base,
1973 &RegionSize,
1974 OldValue,
1975 &OldValue);
1977
1978 /* Note: This is what Windows returns and code depends on it */
1980 }
1981
1982 /* Otherwise, do the write */
1984 lpBaseAddress,
1986 nSize,
1987 &nSize);
1988
1989 /* In Win32, the parameter is optional, so handle this case */
1991
1992 /* And restore the protection */
1994 &Base,
1995 &RegionSize,
1996 OldValue,
1997 &OldValue);
1999 {
2000 /* We failed */
2002
2003 /* Note: This is what Windows returns and code depends on it */
2005 }
2006
2007 /* Flush the ITLB */
2010 }
2011 }
2012 else
2013 {
2014 /* We failed */
2017 }
2018}
NTSTATUS NTAPI NtProtectVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UnsafeBaseAddress, IN OUT SIZE_T *UnsafeNumberOfBytesToProtect, IN ULONG NewAccessProtection, OUT PULONG UnsafeOldAccessProtection)
Definition: virtual.c:3076
Definition: delayimp.cpp:64
Referenced by _DoDLLInjection(), test_debugger(), and test_VirtualAllocEx().
Variable Documentation
◆ BaseAnsiCommandLine
| ANSI_STRING BaseAnsiCommandLine |
Definition at line 21 of file proc.c.
Referenced by GetCommandLineA(), and InitCommandLines().
◆ BasepAppCertDllsList
| LIST_ENTRY BasepAppCertDllsList |
Definition at line 26 of file proc.c.
Referenced by BasepIsProcessAllowed(), and DllMain().
◆ BasepAppCertTable
| RTL_QUERY_REGISTRY_TABLE BasepAppCertTable[2] |
Initial value:
=
{
{
1,
L"AppCertDlls",
0,
NULL,
0
}
}
NTSTATUS NTAPI BasepConfigureAppCertDlls(IN PWSTR ValueName, IN ULONG ValueType, IN PVOID ValueData, IN ULONG ValueLength, IN PVOID Context, IN PVOID EntryContext)
Definition: proc.c:187
Definition at line 30 of file proc.c.
Referenced by BasepIsProcessAllowed().
◆ BasePathVariableName
| UNICODE_STRING BasePathVariableName = RTL_CONSTANT_STRING(L"PATH") |
Definition at line 22 of file proc.c.
Referenced by BasepComputeProcessPath().
◆ BasepExeLdrEntry
| PLDR_DATA_TABLE_ENTRY BasepExeLdrEntry |
Definition at line 23 of file proc.c.
Referenced by BasepComputeProcessPath(), BasepLocateExeLdrEntry(), and LoadLibraryExW().
◆ BaseUnicodeCommandLine
| UNICODE_STRING BaseUnicodeCommandLine |
Definition at line 20 of file proc.c.
Referenced by GetCommandLineW(), and InitCommandLines().
◆ fEmbeddedCertFunc
| PBASEP_APPCERT_EMBEDDED_FUNC fEmbeddedCertFunc |
Definition at line 28 of file proc.c.
Referenced by BasepIsProcessAllowed().
◆ g_AppCertInitialized
| BOOLEAN g_AppCertInitialized |
Definition at line 24 of file proc.c.
Referenced by BasepIsProcessAllowed().
◆ g_AppCertStatus
| NTSTATUS g_AppCertStatus |
Definition at line 29 of file proc.c.
Referenced by BasepIsProcessAllowed().
◆ g_HaveAppCerts
| BOOLEAN g_HaveAppCerts |
Definition at line 25 of file proc.c.
Referenced by BasepIsProcessAllowed().
◆ g_SaferReplaceProcessThreadTokens
| PSAFER_REPLACE_PROCESS_THREAD_TOKENS g_SaferReplaceProcessThreadTokens |
Definition at line 43 of file proc.c.
Referenced by BasepReplaceProcessThreadTokens().
◆ gcsAppCert
| RTL_CRITICAL_SECTION gcsAppCert |
Definition at line 27 of file proc.c.
Referenced by BasepIsProcessAllowed(), BasepReplaceProcessThreadTokens(), and DllMain().
◆ gSaferHandle
Definition at line 44 of file proc.c.
Referenced by BasepReplaceProcessThreadTokens().
