Include dependency graph for proc.c:
Go to the source code of this file.
Macros | |
| #define | NDEBUG |
| #define | CMD_STRING L"cmd /c " |
| #define | AddToHandle(x, y) ((x) = (HANDLE)((ULONG_PTR)(x) | (y))) |
| #define | RemoveFromHandle(x, y) ((x) = (HANDLE)((ULONG_PTR)(x) & ~(y))) |
Macro Definition Documentation
◆ AddToHandle
◆ CMD_STRING
◆ NDEBUG
◆ RemoveFromHandle
Function Documentation
◆ BasepCheckWebBladeHashes()
Definition at line 149 of file proc.c.
150{
153
154 /* Get all the MD5 hashes */
157
158 /* Depending on which suite this is, run a bsearch and block the appropriate ones */
160 {
161 DPRINT1("Egad! This is a ReactOS Compute Server and we should prevent you from using certain APIs...but we won't.");
162 }
164 {
165 DPRINT1("Gasp! This is a ReactOS Storage Server and we should prevent you from using certain APIs...but we won't.");
166 }
168 {
169 DPRINT1("Golly! This is a ReactOS Web Blade Server and we should prevent you from using certain APIs...but we won't.");
170 }
171
172 /* Actually, fuck it, don't block anything, we're open source */
174}
NTSYSAPI NTSTATUS NTAPI RtlComputeImportTableHash(IN HANDLE FileHandle, OUT PCHAR Hash, IN ULONG ImportTableHashSize)
Definition: libsupp.c:1191
_Must_inspect_result_ _In_opt_ PFLT_INSTANCE _Out_ PHANDLE FileHandle
Definition: fltkernel.h:1231
#define VER_SUITE_STORAGE_SERVER
#define VER_SUITE_COMPUTE_SERVER
#define VER_SUITE_BLADE
#define SharedUserData
Referenced by CreateProcessInternalW().
◆ BasepConfigureAppCertDlls()
| NTSTATUS NTAPI BasepConfigureAppCertDlls | ( | IN PWSTR | ValueName, |
| IN ULONG | ValueType, | ||
| IN PVOID | ValueData, | ||
| IN ULONG | ValueLength, | ||
| IN PVOID | Context, | ||
| IN PVOID | EntryContext | ||
| ) |
Definition at line 189 of file proc.c.
195{
196 /* Add this to the certification list */
198}
NTSTATUS NTAPI BasepSaveAppCertRegistryValue(IN PLIST_ENTRY List, IN PWCHAR ComponentName, IN PWCHAR DllName)
Definition: proc.c:178
Definition: compobj.c:4795
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING ValueName
Definition: wdfregistry.h:243
◆ BasepIsImageVersionOk()
Definition at line 123 of file proc.c.
125{
126 /* Accept images for NT 3.1 or higher */
127 if (ImageMajorVersion > 3 ||
128 (ImageMajorVersion == 3 && ImageMinorVersion >= 10))
129 {
130 /* ReactOS-specific: Accept images even if they are newer than our internal NT version. */
132 (ImageMajorVersion == SharedUserData->NtMajorVersion && ImageMinorVersion > SharedUserData->NtMinorVersion))
133 {
135 ImageMajorVersion,
136 ImageMinorVersion,
137 SharedUserData->NtMajorVersion,
138 SharedUserData->NtMinorVersion);
139 }
140
142 }
143
145}
Referenced by CreateProcessInternalW().
◆ BasepIsProcessAllowed()
Definition at line 202 of file proc.c.
203{
207 HMODULE TrustLibrary;
209 ULONG CertFlag;
210 PLIST_ENTRY NextEntry;
212 UNICODE_STRING CertKey = RTL_CONSTANT_STRING(L"\\Registry\\MACHINE\\System\\CurrentControlSet\\Control\\Session Manager\\AppCertDlls");
213 OBJECT_ATTRIBUTES KeyAttributes = RTL_CONSTANT_OBJECT_ATTRIBUTES(&CertKey, OBJ_CASE_INSENSITIVE);
214
215 /* Try to initialize the certification subsystem */
217 {
218 /* Defaults */
221
222 /* Acquire the lock while initializing and see if we lost a race */
225
226 /* On embedded, there is a special DLL */
228 {
229 /* Allocate a buffer for the name */
231 0,
235 {
236 /* Fail if no memory */
238 }
239 else
240 {
241 /* Now get the system32 directory in our buffer, make sure it fits */
244 {
245 /* Add a slash if needed, and add the embedded cert DLL name */
250
251 /* Try to load it */
253 if (TrustLibrary)
254 {
255 /* And extract the special function out of it */
257 "ImageOkToRunOnEmbeddedNT");
258 }
259 }
260
261 /* If we didn't get this far, set a failure code */
263 }
264 }
265 else
266 {
267 /* Other systems have a registry entry for this */
270 {
271 /* Close it, we'll query it through Rtl */
273
274 /* Do the query, which will call a special callback */
277 BasepAppCertTable,
278 NULL,
279 NULL);
281 {
283 }
284 }
285 }
286
287 /* Free any buffer if we had one */
289
290 /* Check for errors, or a missing embedded/custom certification DLL */
293 {
294 /* The subsystem is not active on this machine, so give up */
297 }
298 else
299 {
300 /* We have certification DLLs active, remember this */
302 }
303
304 /* We are done the initialization phase, release the lock */
307 }
308
309 /* If there's no certification DLLs present, return the failure code */
311
312 /* Otherwise, assume success and make sure we have *something* */
315
316 /* If the something is an embedded certification DLL, call it and return */
318
319 /* Otherwise we have custom certification DLLs, parse them */
321 CertFlag = 2;
323 {
324 /* Make sure the entry has a callback */
327
328 /* Call it and check if it failed */
331
332 /* Move on */
333 NextEntry = NextEntry->Flink;
334 }
335
336 /* Now loop them again */
339 {
340 /* Make sure the entry has a callback */
343
344 /* Call it, this time with the flag from the loop above */
346 }
347
348 /* All done, return the status */
350}
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:590
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:608
Definition: bufpool.h:45
UINT WINAPI GetSystemDirectoryW(OUT LPWSTR lpBuffer, IN UINT uSize)
Definition: path.c:2313
NTSYSAPI NTSTATUS WINAPI RtlQueryRegistryValues(ULONG, PCWSTR, PRTL_QUERY_REGISTRY_TABLE, PVOID, PVOID)
Definition: nsiface.idl:2307
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
Definition: ndis.h:4715
NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
NTSYSAPI NTSTATUS NTAPI NtOpenKey(OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
Definition: ntapi.c:336
#define UNICODE_NULL
#define VER_SUITE_EMBEDDEDNT
#define RTL_CONSTANT_OBJECT_ATTRIBUTES(n, a)
Definition: ntdef.template.h:305
Definition: kernel32.h:389
Definition: typedefs.h:120
Definition: umtypes.h:182
Definition: env_spec_w32.h:368
_Must_inspect_result_ _In_ WDFDEVICE _In_ ULONG _In_ ACCESS_MASK _In_opt_ PWDF_OBJECT_ATTRIBUTES KeyAttributes
Definition: wdfdevice.h:2660
Referenced by CreateProcessInternalW().
◆ BasepReplaceProcessThreadTokens()
| NTSTATUS WINAPI BasepReplaceProcessThreadTokens | ( | IN HANDLE | TokenHandle, |
| IN HANDLE | ProcessHandle, | ||
| IN HANDLE | ThreadHandle | ||
| ) |
Definition at line 354 of file proc.c.
357{
359 ANSI_STRING SaferiReplaceProcessThreadTokens = RTL_CONSTANT_STRING("SaferiReplaceProcessThreadTokens");
360
361 /* Enter the application certification lock */
363
364 /* Check if we already know the function */
366 {
367 /* Call it */
369 ProcessHandle,
370 ThreadHandle) ?
371 STATUS_SUCCESS :
372 STATUS_UNSUCCESSFUL;
373 }
374 else
375 {
376 /* Check if the app certification DLL isn't loaded */
380 {
381 /* Then we can't call the function */
383 }
384 else
385 {
386 /* We have the DLL, find the address of the Safer function */
388 &SaferiReplaceProcessThreadTokens,
389 0,
392 {
393 /* Found it, now call it */
395 ProcessHandle,
396 ThreadHandle) ?
397 STATUS_SUCCESS :
398 STATUS_UNSUCCESSFUL;
399 }
400 else
401 {
402 /* We couldn't find it, so this must be an unsupported DLL */
406 }
407 }
408 }
409
410 /* Release the lock and return the result */
413}
PSAFER_REPLACE_PROCESS_THREAD_TOKENS g_SaferReplaceProcessThreadTokens
Definition: proc.c:45
NTSTATUS NTAPI LdrGetProcedureAddress(_In_ PVOID BaseAddress, _In_opt_ _When_(Ordinal==0, _Notnull_) PANSI_STRING Name, _In_opt_ _When_(Name==NULL, _In_range_(>, 0)) ULONG Ordinal, _Out_ PVOID *ProcedureAddress)
Definition: ldrapi.c:789
Definition: env_spec_w32.h:375
Referenced by CreateProcessInternalW().
◆ BaseProcessStartup()
| DECLSPEC_NORETURN VOID WINAPI BaseProcessStartup | ( | _In_ PPROCESS_START_ROUTINE | lpStartAddress | ) |
Definition at line 451 of file proc.c.
453{
454 _SEH2_TRY
455 {
456 /* Set our Start Address */
459 &lpStartAddress,
461
462 /* Call the Start Routine */
463 ExitThread(lpStartAddress());
464 }
466 {
467 /* Get the Exit code from the SEH Handler */
469 {
470 /* Kill the whole process, usually */
472 }
473 else
474 {
475 /* If running inside CSRSS, kill just this thread */
477 }
478 }
479 _SEH2_END;
480}
LONG WINAPI UnhandledExceptionFilter(IN PEXCEPTION_POINTERS ExceptionInfo)
Definition: except.c:269
NTSTATUS NTAPI NtSetInformationThread(IN HANDLE ThreadHandle, IN THREADINFOCLASS ThreadInformationClass, IN PVOID ThreadInformation, IN ULONG ThreadInformationLength)
Definition: query.c:2018
#define NtCurrentThread()
Referenced by BaseInitializeContext().
◆ BasepSaveAppCertRegistryValue()
| NTSTATUS NTAPI BasepSaveAppCertRegistryValue | ( | IN PLIST_ENTRY | List, |
| IN PWCHAR | ComponentName, | ||
| IN PWCHAR | DllName | ||
| ) |
Definition at line 178 of file proc.c.
Referenced by BasepConfigureAppCertDlls().
◆ BasepSxsCloseHandles()
| VOID WINAPI BasepSxsCloseHandles | ( | IN PBASE_MSG_SXS_HANDLES | Handles | ) |
Definition at line 417 of file proc.c.
418{
420
421 /* Sanity checks */
424
425 /* Close the file handle */
426 if (Handles->File)
427 {
430 }
431
432 /* Close the section handle */
433 if (Handles->Section)
434 {
437 }
438
439 /* Unmap the section view */
440 if (Handles->ViewBase.QuadPart)
441 {
445 }
446}
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3481
Referenced by CreateProcessInternalW().
◆ BasePushProcessParameters()
| BOOLEAN WINAPI BasePushProcessParameters | ( | IN ULONG | ParameterFlags, |
| IN HANDLE | ProcessHandle, | ||
| IN PPEB | RemotePeb, | ||
| IN LPCWSTR | ApplicationPathName, | ||
| IN LPWSTR | lpCurrentDirectory, | ||
| IN LPWSTR | lpCommandLine, | ||
| IN LPVOID | lpEnvironment, | ||
| IN LPSTARTUPINFOW | StartupInfo, | ||
| IN DWORD | CreationFlags, | ||
| IN BOOL | InheritHandles, | ||
| IN ULONG | ImageSubsystem, | ||
| IN PVOID | AppCompatData, | ||
| IN ULONG | AppCompatDataSize | ||
| ) |
Definition at line 484 of file proc.c.
497{
499 PWCHAR Remaining, DllPathString, ScanChar;
500 PRTL_USER_PROCESS_PARAMETERS ProcessParameters, RemoteParameters;
501 PVOID RemoteAppCompatData;
505 ULONG EnviroSize;
509
510 /* Get the full path name */
512 MAX_PATH + 4,
513 FullPath,
514 &Remaining);
516 {
517 /* Get the DLL Path */
518 DllPathString = BaseComputeProcessDllPath(FullPath, lpEnvironment);
519 if (!DllPathString)
520 {
521 /* Fail */
524 }
525
526 /* Initialize Strings */
529 }
530 else
531 {
532 /* Couldn't get the path name. Just take the original path */
534 lpEnvironment);
535 if (!DllPathString)
536 {
537 /* Fail */
540 }
541
542 /* Initialize Strings */
545 }
546
547 /* Initialize Strings */
548 RtlInitUnicodeString(&CommandLine, lpCommandLine);
550
551 /* Initialize more Strings from the Startup Info */
552 if (StartupInfo->lpDesktop)
553 {
555 }
556 else
557 {
559 }
560 if (StartupInfo->lpReserved)
561 {
563 }
564 else
565 {
567 }
568 if (StartupInfo->lpTitle)
569 {
571 }
572 else
573 {
575 }
576
577 /* This one is special because the length can differ */
580
581 /* Enforce no app compat data if the pointer was NULL */
582 if (!AppCompatData) AppCompatDataSize = 0;
583
584 /* Create the Parameter Block */
585 ProcessParameters = NULL;
595 &ImageName,
596 &DllPath,
597 lpCurrentDirectory ?
599 &CommandLine,
600 lpEnvironment,
601 &Title,
602 &Desktop,
603 &Shell,
604 &Runtime);
606
607 /* Clear the current directory handle if not inheriting */
609
610 /* Check if the user passed in an environment */
611 if (lpEnvironment)
612 {
613 /* We should've made it part of the parameters block, enforce this */
615 lpEnvironment = ProcessParameters->Environment;
616 }
617 else
618 {
619 /* The user did not, so use the one from the current PEB */
620 HavePebLock = TRUE;
621 RtlAcquirePebLock();
623 }
624
625 /* Save pointer and start lookup */
626 ScanChar = lpEnvironment;
627 if (lpEnvironment)
628 {
629 /* Find the environment size */
630 while (*ScanChar++) while (*ScanChar++);
632
633 /* Allocate and Initialize new Environment Block */
634 Size = EnviroSize;
638 0,
639 &Size,
640 MEM_COMMIT,
641 PAGE_READWRITE);
643
644 /* Write the Environment Block */
646 ProcessParameters->Environment,
647 lpEnvironment,
648 EnviroSize,
649 NULL);
650
651 /* No longer need the PEB lock anymore */
652 if (HavePebLock)
653 {
654 /* Release it */
655 RtlReleasePebLock();
656 HavePebLock = FALSE;
657 }
658
659 /* Check if the write failed */
661 }
662
663 /* Write new parameters */
664 ProcessParameters->StartingX = StartupInfo->dwX;
665 ProcessParameters->StartingY = StartupInfo->dwY;
666 ProcessParameters->CountX = StartupInfo->dwXSize;
667 ProcessParameters->CountY = StartupInfo->dwYSize;
668 ProcessParameters->CountCharsX = StartupInfo->dwXCountChars;
669 ProcessParameters->CountCharsY = StartupInfo->dwYCountChars;
670 ProcessParameters->FillAttribute = StartupInfo->dwFillAttribute;
671 ProcessParameters->WindowFlags = StartupInfo->dwFlags;
672 ProcessParameters->ShowWindowFlags = StartupInfo->wShowWindow;
673
674 /* Write the handles only if we have to */
675 if (StartupInfo->dwFlags &
677 {
678 ProcessParameters->StandardInput = StartupInfo->hStdInput;
679 ProcessParameters->StandardOutput = StartupInfo->hStdOutput;
680 ProcessParameters->StandardError = StartupInfo->hStdError;
681 }
682
683 /* Use Special Flags for ConDllInitialize in Kernel32 */
685 {
687 }
689 {
691 }
693 {
695 }
696 else
697 {
698 /* Inherit our Console Handle */
700
701 /* Make sure that the shell isn't trampling on our handles first */
702 if (!(StartupInfo->dwFlags &
704 {
705 /* Copy the handle if we are inheriting or if it's a console handle */
706 if ((InheritHandles) ||
708 {
710 }
711 if ((InheritHandles) ||
713 {
715 }
716 if ((InheritHandles) ||
718 {
720 }
721 }
722 }
723
724 /* Also set the Console Flag */
726 (!(CreationFlags & CREATE_NEW_CONSOLE)))
727 {
728 ProcessParameters->ConsoleFlags = 1;
729 }
730
731 /* Check if there's a .local file present */
732 if (ParameterFlags & 1)
733 {
735 }
736
737 /* Check if we failed to open the IFEO key */
738 if (ParameterFlags & 2)
739 {
741 }
742
743 /* Allocate memory for the parameter block */
745 RemoteParameters = NULL;
747 (PVOID*)&RemoteParameters,
748 0,
749 &Size,
750 MEM_COMMIT,
751 PAGE_READWRITE);
753
754 /* Set the allocated size */
756
757 /* Handle some Parameter Flags */
766
767 /* Write the Parameter Block */
769 RemoteParameters,
770 ProcessParameters,
771 ProcessParameters->Length,
772 NULL);
774
775 /* Write the PEB Pointer */
777 &RemotePeb->ProcessParameters,
778 &RemoteParameters,
780 NULL);
782
783 /* Check if there's any app compat data to write */
784 RemoteAppCompatData = NULL;
785 if (AppCompatData)
786 {
787 /* Allocate some space for the application compatibility data */
788 Size = AppCompatDataSize;
790 &RemoteAppCompatData,
791 0,
792 &Size,
793 MEM_COMMIT,
794 PAGE_READWRITE);
796
797 /* Write the application compatibility data */
799 RemoteAppCompatData,
800 AppCompatData,
801 AppCompatDataSize,
802 NULL);
804 }
805
806 /* Write the PEB Pointer to the app compat data (might be NULL) */
808 &RemotePeb->pShimData,
809 &RemoteAppCompatData,
811 NULL);
813
814 /* Now write Peb->ImageSubSystem */
815 if (ImageSubsystem)
816 {
818 &RemotePeb->ImageSubsystem,
819 &ImageSubsystem,
820 sizeof(ImageSubsystem),
821 NULL);
822 }
823
824 /* Success path */
826
827Quickie:
828 /* Cleanup */
833FailPath:
837 goto Quickie;
838}
LPWSTR WINAPI BaseComputeProcessDllPath(IN LPWSTR FullPath, IN PVOID Environment)
Definition: path.c:420
DWORD WINAPI GetFullPathNameW(IN LPCWSTR lpFileName, IN DWORD nBufferLength, OUT LPWSTR lpBuffer, OUT LPWSTR *lpFilePart)
Definition: path.c:1106
NTSYSAPI NTSTATUS NTAPI RtlDestroyProcessParameters(_In_ PRTL_USER_PROCESS_PARAMETERS ProcessParameters)
NTSYSAPI NTSTATUS NTAPI RtlCreateProcessParameters(_Out_ PRTL_USER_PROCESS_PARAMETERS *ProcessParameters, _In_ PUNICODE_STRING ImagePathName, _In_opt_ PUNICODE_STRING DllPath, _In_opt_ PUNICODE_STRING CurrentDirectory, _In_opt_ PUNICODE_STRING CommandLine, _In_opt_ PWSTR Environment, _In_opt_ PUNICODE_STRING WindowTitle, _In_opt_ PUNICODE_STRING DesktopInfo, _In_opt_ PUNICODE_STRING ShellInfo, _In_opt_ PUNICODE_STRING RuntimeInfo)
#define RTL_USER_PROCESS_PARAMETERS_IMAGE_KEY_MISSING
Definition: rtltypes.h:54
#define RTL_USER_PROCESS_PARAMETERS_PROFILE_KERNEL
Definition: rtltypes.h:43
#define RTL_USER_PROCESS_PARAMETERS_PROFILE_SERVER
Definition: rtltypes.h:44
#define RTL_USER_PROCESS_PARAMETERS_LOCAL_DLL_PATH
Definition: rtltypes.h:53
#define RTL_USER_PROCESS_PARAMETERS_PROFILE_USER
Definition: rtltypes.h:42
#define RTL_USER_PROCESS_PARAMETERS_DISABLE_HEAP_CHECKS
Definition: rtltypes.h:49
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NTSTATUS NTAPI NtWriteVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, IN PVOID Buffer, IN SIZE_T NumberOfBytesToWrite, OUT PSIZE_T NumberOfBytesWritten OPTIONAL)
Definition: virtual.c:2930
NTSTATUS NTAPI NtAllocateVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UBaseAddress, IN ULONG_PTR ZeroBits, IN OUT PSIZE_T URegionSize, IN ULONG AllocationType, IN ULONG Protect)
Definition: virtual.c:4492
Definition: globals.h:228
Definition: btrfs_drv.h:1907
Definition: btrfs_drv.h:1898
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
Definition: wdfdevice.h:4533
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
Definition: wsk.h:409
Referenced by CreateProcessInternalW().
◆ BuildSubSysCommandLine()
| BOOLEAN WINAPI BuildSubSysCommandLine | ( | IN LPCWSTR | SubsystemName, |
| IN LPCWSTR | ApplicationName, | ||
| IN LPCWSTR | CommandLine, | ||
| OUT PUNICODE_STRING | SubsysCommandLine | ||
| ) |
Definition at line 89 of file proc.c.
93{
94 UNICODE_STRING CommandLineString, ApplicationNameString;
97
98 /* Convert to unicode strings */
100 RtlInitUnicodeString(&ApplicationNameString, CommandLine);
101
102 /* Allocate buffer for the output string */
107 {
108 /* Fail, no memory */
111 }
112
113 /* Build the final subsystem command line */
114 RtlAppendUnicodeToString(SubsysCommandLine, SubsystemName);
115 RtlAppendUnicodeStringToString(SubsysCommandLine, &CommandLineString);
117 RtlAppendUnicodeStringToString(SubsysCommandLine, &ApplicationNameString);
119}
NTSTATUS RtlAppendUnicodeToString(IN PUNICODE_STRING Str1, IN PWSTR Str2)
Definition: string_lib.cpp:62
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
Referenced by CreateProcessInternalW().
◆ C_ASSERT()
| C_ASSERT | ( | PROCESS_PRIORITY_CLASS_REALTIME | = =(PROCESS_PRIORITY_CLASS_HIGH+1) | ) |
◆ CreateProcessA()
| BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessA | ( | LPCSTR | lpApplicationName, |
| LPSTR | lpCommandLine, | ||
| LPSECURITY_ATTRIBUTES | lpProcessAttributes, | ||
| LPSECURITY_ATTRIBUTES | lpThreadAttributes, | ||
| BOOL | bInheritHandles, | ||
| DWORD | dwCreationFlags, | ||
| LPVOID | lpEnvironment, | ||
| LPCSTR | lpCurrentDirectory, | ||
| LPSTARTUPINFOA | lpStartupInfo, | ||
| LPPROCESS_INFORMATION | lpProcessInformation | ||
| ) |
Definition at line 4747 of file proc.c.
4757{
4758 /* Call the internal (but exported) version */
4760 lpApplicationName,
4761 lpCommandLine,
4762 lpProcessAttributes,
4763 lpThreadAttributes,
4764 bInheritHandles,
4765 dwCreationFlags,
4766 lpEnvironment,
4767 lpCurrentDirectory,
4768 lpStartupInfo,
4769 lpProcessInformation,
4770 NULL);
4771}
BOOL WINAPI CreateProcessInternalA(HANDLE hToken, LPCSTR lpApplicationName, LPSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCSTR lpCurrentDirectory, LPSTARTUPINFOA lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation, PHANDLE hNewToken)
Definition: proc.c:4629
Referenced by _create_process(), cmd_available(), CommandThreadProc(), crash_and_debug(), crash_and_winedbg(), create_proc(), create_process(), create_server_process(), create_target_process(), create_writepipe_process(), CreateProcessAsUserA(), do_parent(), doChildren(), DosCreateProcess(), DoTestEntry(), fork_helper(), IDirectPlayLobby3AImpl_RunApplication(), LoadModule(), read_reg_output_(), run_child_process(), run_client(), run_cmd(), run_ex(), run_process(), run_reg_exe_(), run_regedit_exe_(), run_script_file(), runcmd(), start_server(), START_TEST(), system(), test___getmainargs_parent(), test_alloc_shared(), test_apc_deadlock(), test_BreakawayOk(), test_comctl32_classes(), test_CommandLine(), test_Console(), test_CreateProcessWithDesktop(), test_debug_children(), test_debug_heap(), test_debug_loop(), test_DebuggingFlag(), test_DetachConsoleHandles(), test_DetachStdHandles(), test_Directory(), test_EnumProcessModules(), test_Environment(), test_ExitCode(), test_ExitProcess(), test_GetProcessVersion(), test_internet_features(), test_invalid_stdin(), test_IsWow64Process(), test_jobInheritance(), test_LresultFromObject(), test_NonExistentPath(), test_NtSuspendProcess(), test_process_access(), test_process_security(), test_query_process_debug_flags(), test_query_process_debug_object_handle(), test_query_process_debug_port(), test_section_access(), test_shared_memory(), test_shared_memory_ro(), test_Startup(), test_StartupNoConsole(), test_stdout_handle(), test_SuspendFlag(), test_TerminateProcess(), test_token_security_descriptor(), test_Toolhelp(), test_WaitForInputIdle(), test_window_from_point(), test_winproc_handles(), and WinExec().
◆ CreateProcessInternalA()
| BOOL WINAPI CreateProcessInternalA | ( | HANDLE | hToken, |
| LPCSTR | lpApplicationName, | ||
| LPSTR | lpCommandLine, | ||
| LPSECURITY_ATTRIBUTES | lpProcessAttributes, | ||
| LPSECURITY_ATTRIBUTES | lpThreadAttributes, | ||
| BOOL | bInheritHandles, | ||
| DWORD | dwCreationFlags, | ||
| LPVOID | lpEnvironment, | ||
| LPCSTR | lpCurrentDirectory, | ||
| LPSTARTUPINFOA | lpStartupInfo, | ||
| LPPROCESS_INFORMATION | lpProcessInformation, | ||
| PHANDLE | hNewToken | ||
| ) |
Definition at line 4629 of file proc.c.
4641{
4642 UNICODE_STRING CommandLine;
4645 BOOL bRetVal;
4646 STARTUPINFOW StartupInfo;
4647
4649 "lpStartupInfo %p, lpProcessInformation %p\n",
4650 dwCreationFlags, lpEnvironment, lpCurrentDirectory,
4651 lpStartupInfo, lpProcessInformation);
4652
4653 /* Copy Startup Info */
4655
4656 /* Initialize all strings to nothing */
4663
4664 /* Convert the Command line */
4665 if (lpCommandLine)
4666 {
4667 Basep8BitStringToDynamicUnicodeString(&CommandLine,
4668 lpCommandLine);
4669 }
4670
4671 /* Convert the Name and Directory */
4672 if (lpApplicationName)
4673 {
4675 lpApplicationName);
4676 }
4677 if (lpCurrentDirectory)
4678 {
4680 lpCurrentDirectory);
4681 }
4682
4683 /* Now convert Startup Strings */
4685 {
4687 &StartupInfo.lpReserved);
4688 }
4690 {
4692 &StartupInfo.lpDesktop);
4693 }
4695 {
4697 &StartupInfo.lpTitle);
4698 }
4699
4700 /* Call the Unicode function */
4701 bRetVal = CreateProcessInternalW(hToken,
4702 ApplicationName.Buffer,
4703 CommandLine.Buffer,
4704 lpProcessAttributes,
4705 lpThreadAttributes,
4706 bInheritHandles,
4707 dwCreationFlags,
4708 lpEnvironment,
4709 CurrentDirectory.Buffer,
4710 &StartupInfo,
4711 lpProcessInformation,
4712 hNewToken);
4713
4714 /* Clean up */
4716 RtlFreeUnicodeString(&CommandLine);
4721
4722 /* Return what Unicode did */
4723 return bRetVal;
4724}
BOOL WINAPI CreateProcessInternalW(IN HANDLE hUserToken, IN LPCWSTR lpApplicationName, IN LPWSTR lpCommandLine, IN LPSECURITY_ATTRIBUTES lpProcessAttributes, IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN BOOL bInheritHandles, IN DWORD dwCreationFlags, IN LPVOID lpEnvironment, IN LPCWSTR lpCurrentDirectory, IN LPSTARTUPINFOW lpStartupInfo, IN LPPROCESS_INFORMATION lpProcessInformation, OUT PHANDLE hNewToken)
Definition: proc.c:2240
BOOLEAN WINAPI Basep8BitStringToDynamicUnicodeString(OUT PUNICODE_STRING UnicodeString, IN LPCSTR String)
Definition: utils.c:225
VOID WINAPI BasepAnsiStringToHeapUnicodeString(IN LPCSTR AnsiString, OUT LPWSTR *UnicodeString)
Definition: utils.c:263
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
Definition: winbase.h:851
Referenced by CreateProcessA().
◆ CreateProcessInternalW()
| BOOL WINAPI CreateProcessInternalW | ( | IN HANDLE | hUserToken, |
| IN LPCWSTR | lpApplicationName, | ||
| IN LPWSTR | lpCommandLine, | ||
| IN LPSECURITY_ATTRIBUTES | lpProcessAttributes, | ||
| IN LPSECURITY_ATTRIBUTES | lpThreadAttributes, | ||
| IN BOOL | bInheritHandles, | ||
| IN DWORD | dwCreationFlags, | ||
| IN LPVOID | lpEnvironment, | ||
| IN LPCWSTR | lpCurrentDirectory, | ||
| IN LPSTARTUPINFOW | lpStartupInfo, | ||
| IN LPPROCESS_INFORMATION | lpProcessInformation, | ||
| OUT PHANDLE | hNewToken | ||
| ) |
Definition at line 2240 of file proc.c.
2252{
2253 //
2254 // Core variables used for creating the initial process and thread
2255 //
2256 SECURITY_ATTRIBUTES LocalThreadAttributes, LocalProcessAttributes;
2257 OBJECT_ATTRIBUTES LocalObjectAttributes;
2259 SECTION_IMAGE_INFORMATION ImageInformation;
2264 USHORT ImageMachine;
2265 ULONG ParameterFlags, PrivilegeValue, HardErrorMode, ErrorResponse;
2266 ULONG_PTR ErrorParameters[2];
2267 BOOLEAN InJob, SaferNeeded, UseLargePages, HavePrivilege;
2268 BOOLEAN QuerySection, SkipSaferAndAppCompat;
2270 BASE_API_MESSAGE CsrMsg[2];
2271 PBASE_CREATE_PROCESS CreateProcessMsg;
2272 PCSR_CAPTURE_BUFFER CaptureBuffer;
2277 PROCESS_PRIORITY_CLASS PriorityClass;
2280 PTEB Teb;
2281 INITIAL_TEB InitialTeb;
2282 PVOID TibValue;
2283 PIMAGE_NT_HEADERS NtHeaders;
2284 STARTUPINFOW StartupInfo;
2285 PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
2286 UNICODE_STRING DebuggerString;
2288 //
2289 // Variables used for command-line and argument parsing
2290 //
2291 PCHAR pcScan;
2293 WCHAR SaveChar;
2295 ULONG ResultSize;
2296 SIZE_T EnvironmentLength, CmdLineLength;
2299 ANSI_STRING AnsiEnv;
2300 UNICODE_STRING UnicodeEnv, PathName;
2301 BOOLEAN SearchRetry, QuotesNeeded, CmdLineIsAppName, HasQuotes;
2302
2303 //
2304 // Variables used for Fusion/SxS (Side-by-Side Assemblies)
2305 //
2307#if _SXS_SUPPORT_ENABLED_
2308 PRTL_BUFFER ByteBuffer;
2310 PRTL_UNICODE_STRING_BUFFER* BufferHead, SxsStringBuffer;
2311 RTL_UNICODE_STRING_BUFFER SxsWin32ManifestPath, SxsNtManifestPath;
2312 RTL_UNICODE_STRING_BUFFER SxsWin32PolicyPath, SxsNtPolicyPath;
2313 RTL_UNICODE_STRING_BUFFER SxsWin32AssemblyDirectory;
2314 BASE_MSG_SXS_HANDLES MappedHandles, Handles, FileHandles;
2315 PVOID CapturedStrings[3];
2316 SXS_WIN32_NT_PATH_PAIR ExePathPair, ManifestPathPair, PolicyPathPair;
2317 SXS_OVERRIDE_MANIFEST OverrideManifest;
2318 UNICODE_STRING FreeString, SxsNtExePath;
2319 PWCHAR SxsConglomeratedBuffer, StaticBuffer;
2321#endif
2323
2324 //
2325 // Variables used for path conversion (and partially Fusion/SxS)
2326 //
2327 PWCHAR FilePart, PathBuffer, FreeBuffer;
2328 BOOLEAN TranslationStatus;
2329 RTL_RELATIVE_NAME_U SxsWin32RelativePath;
2330 UNICODE_STRING PathBufferString, SxsWin32ExePath;
2331
2332 //
2333 // Variables used by Application Compatibility (and partially Fusion/SxS)
2334 //
2335 PVOID AppCompatSxsData, AppCompatData;
2336 ULONG AppCompatSxsDataSize, AppCompatDataSize;
2337 //
2338 // Variables used by VDM (Virtual Dos Machine) and WOW32 (16-bit Support)
2339 //
2340 ULONG BinarySubType, VdmBinaryType, VdmTask, VdmReserve;
2341 ULONG VdmUndoLevel;
2342 BOOLEAN UseVdmReserve;
2343 HANDLE VdmWaitObject;
2344 ANSI_STRING VdmAnsiEnv;
2345 UNICODE_STRING VdmString, VdmUnicodeEnv;
2346 BOOLEAN IsWowApp;
2347 PBASE_CHECK_VDM CheckVdmMsg;
2348
2349 /* Zero out the initial core variables and handles */
2350 QuerySection = FALSE;
2351 InJob = FALSE;
2352 SkipSaferAndAppCompat = FALSE;
2353 ParameterFlags = 0;
2354 Flags = 0;
2355 DebugHandle = NULL;
2356 JobHandle = NULL;
2359 SectionHandle = NULL;
2361 ThreadHandle = NULL;
2364
2365 /* Zero out initial SxS and Application Compatibility state */
2366 AppCompatData = NULL;
2367 AppCompatDataSize = 0;
2368 AppCompatSxsData = NULL;
2369 AppCompatSxsDataSize = 0;
2370 CaptureBuffer = NULL;
2371#if _SXS_SUPPORT_ENABLED_
2372 SxsConglomeratedBuffer = NULL;
2373#endif
2374 FusionFlags = 0;
2375
2376 /* Zero out initial parsing variables -- others are initialized later */
2377 DebuggerCmdLine = NULL;
2378 PathBuffer = NULL;
2380 NullBuffer = NULL;
2381 FreeBuffer = NULL;
2382 NameBuffer = NULL;
2384 FilePart = NULL;
2386 HasQuotes = FALSE;
2387 QuotedCmdLine = NULL;
2388
2389 /* Zero out initial VDM state */
2393 VdmTask = 0;
2394 VdmUndoLevel = 0;
2395 VdmBinaryType = 0;
2396 VdmReserve = 0;
2397 VdmWaitObject = NULL;
2398 UseVdmReserve = FALSE;
2399 IsWowApp = FALSE;
2400
2401 /* Set message structures */
2404
2405 /* Clear the more complex structures by zeroing out their entire memory */
2407#if _SXS_SUPPORT_ENABLED_
2411#endif
2415
2416 /* Zero out output arguments as well */
2419
2420 /* Capture the special window flag */
2421 NoWindow = dwCreationFlags & CREATE_NO_WINDOW;
2422 dwCreationFlags &= ~CREATE_NO_WINDOW;
2423
2424#if _SXS_SUPPORT_ENABLED_
2425 /* Setup the SxS static string arrays and buffers */
2426 SxsStaticBuffers[0] = &SxsWin32ManifestPath;
2427 SxsStaticBuffers[1] = &SxsWin32PolicyPath;
2428 SxsStaticBuffers[2] = &SxsWin32AssemblyDirectory;
2429 SxsStaticBuffers[3] = &SxsNtManifestPath;
2430 SxsStaticBuffers[4] = &SxsNtPolicyPath;
2431 ExePathPair.Win32 = &SxsWin32ExePath;
2432 ExePathPair.Nt = &SxsNtExePath;
2437#endif
2438
2439 DPRINT("CreateProcessInternalW: '%S' '%S' %lx\n", lpApplicationName, lpCommandLine, dwCreationFlags);
2440
2441 /* Finally, set our TEB and PEB */
2442 Teb = NtCurrentTeb();
2444
2445 /* This combination is illegal (see MSDN) */
2448 {
2452 }
2453
2454 /* Convert the priority class */
2456 {
2458 }
2460 {
2462 }
2464 {
2466 }
2468 {
2470 }
2472 {
2474 }
2476 {
2479 }
2480 else
2481 {
2483 }
2484
2485 /* Done with the priority masks, so get rid of them */
2487 dwCreationFlags &= ~(NORMAL_PRIORITY_CLASS |
2488 IDLE_PRIORITY_CLASS |
2489 HIGH_PRIORITY_CLASS |
2490 REALTIME_PRIORITY_CLASS |
2491 BELOW_NORMAL_PRIORITY_CLASS |
2492 ABOVE_NORMAL_PRIORITY_CLASS);
2493
2494 /* You cannot request both a shared and a separate WoW VDM */
2496 (dwCreationFlags & CREATE_SHARED_WOW_VDM))
2497 {
2498 /* Fail such nonsensical attempts */
2502 }
2505 {
2506 /* A shared WoW VDM was not requested but system enforces separation */
2507 dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
2508 }
2509
2510 /* If a shared WoW VDM is used, make sure the process isn't in a job */
2513 {
2514 /* Remove the shared flag and add the separate flag */
2515 dwCreationFlags = (dwCreationFlags &~ CREATE_SHARED_WOW_VDM) |
2516 CREATE_SEPARATE_WOW_VDM;
2517 }
2518
2519 /* Convert the environment */
2521 {
2522 /* Scan the environment to calculate its Unicode size */
2524 while ((*pcScan) || (*(pcScan + 1))) ++pcScan;
2525
2526 /* Make sure the environment is not too large */
2529 {
2530 /* Fail */
2533 }
2534
2535 /* Create our ANSI String */
2538
2539 /* Allocate memory for the Unicode Environment */
2544 0,
2545 &RegionSize,
2546 MEM_COMMIT,
2547 PAGE_READWRITE);
2549 {
2550 /* Fail */
2553 }
2554
2555 /* Use the allocated size and convert */
2559 {
2560 /* Fail */
2563 &RegionSize,
2564 MEM_RELEASE);
2567 }
2568
2569 /* Now set the Unicode environment as the environment string pointer */
2570 lpEnvironment = UnicodeEnv.Buffer;
2571 }
2572
2573 /* Make a copy of the caller's startup info since we'll modify it */
2574 StartupInfo = *lpStartupInfo;
2575
2576 /* Check if private data is being sent on the same channel as std handles */
2579 {
2580 /* Cannot use the std handles since we have monitor/hotkey values */
2581 StartupInfo.dwFlags &= ~STARTF_USESTDHANDLES;
2582 }
2583
2584 /* If there's a debugger, or we have to launch cmd.exe, we go back here */
2585AppNameRetry:
2586 /* New iteration -- free any existing name buffer */
2587 if (NameBuffer)
2588 {
2589 RtlFreeHeap(RtlGetProcessHeap(), 0, NameBuffer);
2590 NameBuffer = NULL;
2591 }
2592
2593 /* New iteration -- free any existing free buffer */
2594 if (FreeBuffer)
2595 {
2596 RtlFreeHeap(RtlGetProcessHeap(), 0, FreeBuffer);
2597 FreeBuffer = NULL;
2598 }
2599
2600 /* New iteration -- close any existing file handle */
2602 {
2605 }
2606
2607 /* Set the initial parsing state. This code can loop -- don't move this! */
2608 ErrorCode = 0;
2609 SearchRetry = TRUE;
2610 QuotesNeeded = FALSE;
2611 CmdLineIsAppName = FALSE;
2612
2613 /* First check if we don't have an application name */
2614 if (!lpApplicationName)
2615 {
2616 /* This should be the first time we attempt creating one */
2618
2619 /* Allocate a buffer to hold it */
2620 NameBuffer = RtlAllocateHeap(RtlGetProcessHeap(),
2621 0,
2623 if (!NameBuffer)
2624 {
2627 goto Quickie;
2628 }
2629
2630 /* Initialize the application name and our parsing parameters */
2631 lpApplicationName = NullBuffer = ScanString = lpCommandLine;
2632
2633 /* Check for an initial quote*/
2635 {
2636 /* We found a quote, keep searching for another one */
2637 SearchRetry = FALSE;
2638 ScanString++;
2639 lpApplicationName = ScanString;
2640 while (*ScanString)
2641 {
2642 /* Have we found the terminating quote? */
2644 {
2645 /* We're done, get out of here */
2646 NullBuffer = ScanString;
2647 HasQuotes = TRUE;
2648 break;
2649 }
2650
2651 /* Keep searching for the quote */
2652 ScanString++;
2653 NullBuffer = ScanString;
2654 }
2655 }
2656 else
2657 {
2658StartScan:
2659 /* We simply make the application name be the command line*/
2660 lpApplicationName = lpCommandLine;
2661 while (*ScanString)
2662 {
2663 /* Check if it starts with a space or tab */
2665 {
2666 /* Break out of the search loop */
2667 NullBuffer = ScanString;
2668 break;
2669 }
2670
2671 /* Keep searching for a space or tab */
2672 ScanString++;
2673 NullBuffer = ScanString;
2674 }
2675 }
2676
2677 /* We have found the end of the application name, terminate it */
2678 SaveChar = *NullBuffer;
2679 *NullBuffer = UNICODE_NULL;
2680
2681 /* New iteration -- free any existing saved path */
2683 {
2686 }
2687
2688 /* Now compute the final EXE path based on the name */
2692 {
2695 goto Quickie;
2696 }
2697
2698 /* And search for the executable in the search path */
2700 lpApplicationName,
2702 MAX_PATH,
2703 NameBuffer,
2704 NULL);
2705
2706 /* Did we find it? */
2708 {
2709 /* Get file attributes */
2710 FileAttribs = GetFileAttributesW(NameBuffer);
2712 (FileAttribs & FILE_ATTRIBUTE_DIRECTORY))
2713 {
2714 /* This was a directory, fail later on */
2715 Length = 0;
2716 }
2717 else
2718 {
2719 /* It's a file! */
2720 Length++;
2721 }
2722 }
2723
2725
2726 /* Check if there was a failure in SearchPathW */
2728 {
2729 /* Everything looks good, restore the name */
2730 *NullBuffer = SaveChar;
2731 lpApplicationName = NameBuffer;
2732 }
2733 else
2734 {
2735 /* Check if this was a relative path, which would explain it */
2738 {
2739 /* This should fail, and give us a detailed LastError */
2741 GENERIC_READ,
2742 FILE_SHARE_READ |
2743 FILE_SHARE_WRITE,
2744 NULL,
2745 OPEN_EXISTING,
2746 FILE_ATTRIBUTE_NORMAL,
2747 NULL);
2749 {
2750 /* It worked? Return a generic error */
2754 }
2755 }
2756 else
2757 {
2758 /* Path was absolute, which means it doesn't exist */
2760 }
2761
2762 /* Did we already fail once? */
2764 {
2765 /* Set the error code */
2767 }
2768 else
2769 {
2770 /* Not yet, cache it */
2772 }
2773
2774 /* Put back the command line */
2775 *NullBuffer = SaveChar;
2776 lpApplicationName = NameBuffer;
2777
2778 /* It's possible there's whitespace in the directory name */
2779 if (!(*ScanString) || !(SearchRetry))
2780 {
2781 /* Not the case, give up completely */
2783 goto Quickie;
2784 }
2785
2786 /* There are spaces, so keep trying the next possibility */
2787 ScanString++;
2788 NullBuffer = ScanString;
2789
2790 /* We will have to add a quote, since there is a space */
2791 QuotesNeeded = TRUE;
2792 HasQuotes = TRUE;
2793 goto StartScan;
2794 }
2795 }
2796 else if (!(lpCommandLine) || !(*lpCommandLine))
2797 {
2798 /* We don't have a command line, so just use the application name */
2799 CmdLineIsAppName = TRUE;
2800 lpCommandLine = (LPWSTR)lpApplicationName;
2801 }
2802
2803 /* Convert the application name to its NT path */
2804 TranslationStatus = RtlDosPathNameToRelativeNtPathName_U(lpApplicationName,
2805 &PathName,
2806 NULL,
2807 &SxsWin32RelativePath);
2808 if (!TranslationStatus)
2809 {
2810 /* Path must be invalid somehow, bail out */
2814 goto Quickie;
2815 }
2816
2817 /* Setup the buffer that needs to be freed at the end */
2819 FreeBuffer = PathName.Buffer;
2820
2821 /* Check what kind of path the application is, for SxS (Fusion) purposes */
2822 RtlInitUnicodeString(&SxsWin32ExePath, lpApplicationName);
2823 SxsPathType = RtlDetermineDosPathNameType_U(lpApplicationName);
2825 (SxsPathType != RtlPathTypeLocalDevice) &&
2826 (SxsPathType != RtlPathTypeRootLocalDevice) &&
2827 (SxsPathType != RtlPathTypeUncAbsolute))
2828 {
2829 /* Relative-type path, get the full path */
2830 RtlInitEmptyUnicodeString(&PathBufferString, NULL, 0);
2832 NULL,
2833 &PathBufferString,
2834 NULL,
2835 NULL,
2836 NULL,
2837 &SxsPathType,
2838 NULL);
2840 {
2841 /* Fail the rest of the create */
2842 RtlReleaseRelativeName(&SxsWin32RelativePath);
2845 goto Quickie;
2846 }
2847
2848 /* Use this full path as the SxS path */
2849 SxsWin32ExePath = PathBufferString;
2850 PathBuffer = PathBufferString.Buffer;
2853 }
2854
2855 /* Also set the .EXE path based on the path name */
2856#if _SXS_SUPPORT_ENABLED_
2857 SxsNtExePath = PathName;
2858#endif
2860 {
2861 /* If it's relative, capture the relative name */
2862 PathName = SxsWin32RelativePath.RelativeName;
2863 }
2864 else
2865 {
2866 /* Otherwise, it's absolute, make sure no relative dir is used */
2868 }
2869
2870 /* Now use the path name, and the root path, to try opening the app */
2872 InitializeObjectAttributes(&LocalObjectAttributes,
2873 &PathName,
2874 OBJ_CASE_INSENSITIVE,
2875 SxsWin32RelativePath.ContainingDirectory,
2876 NULL);
2878 SYNCHRONIZE |
2879 FILE_READ_ATTRIBUTES |
2880 FILE_READ_DATA |
2881 FILE_EXECUTE,
2882 &LocalObjectAttributes,
2883 &IoStatusBlock,
2885 FILE_SYNCHRONOUS_IO_NONALERT |
2886 FILE_NON_DIRECTORY_FILE);
2888 {
2889 /* Try to open the app just for execute purposes instead */
2892 &LocalObjectAttributes,
2893 &IoStatusBlock,
2895 FILE_SYNCHRONOUS_IO_NONALERT |
2896 FILE_NON_DIRECTORY_FILE);
2897 }
2898
2899 /* Failure path, display which file failed to open */
2902
2903 /* Cleanup in preparation for failure or success */
2904 RtlReleaseRelativeName(&SxsWin32RelativePath);
2905
2907 {
2908 /* Failure path, try to understand why */
2910 {
2911 /* If a device is being executed, return this special error code */
2914 goto Quickie;
2915 }
2916 else
2917 {
2918 /* Otherwise return the converted NT error code */
2921 goto Quickie;
2922 }
2923 }
2924
2925 /* Did the caller specify a desktop? */
2927 {
2928 /* Use the one from the current process */
2930 }
2931
2932 /* Create a section for this file */
2934 SECTION_ALL_ACCESS,
2935 NULL,
2936 NULL,
2937 PAGE_EXECUTE,
2938 SEC_IMAGE,
2939 FileHandle);
2942 {
2943 /* Are we running on Windows Embedded, Datacenter, Blade or Starter? */
2945 VER_SUITE_DATACENTER |
2946 VER_SUITE_PERSONAL |
2947 VER_SUITE_BLADE))
2948 {
2949 /* These SKUs do not allow running certain applications */
2952 {
2953 /* And this is one of them! */
2957 goto Quickie;
2958 }
2959
2960 /* Did we get some other failure? */
2962 {
2963 /* If we couldn't check the hashes, assume nefariousness */
2967 goto Quickie;
2968 }
2969 }
2970
2971 /* Now do Winsafer, etc, checks */
2974 {
2975 /* Fail if we're not allowed to launch the process */
2978 if (SectionHandle)
2979 {
2980 NtClose(SectionHandle);
2981 SectionHandle = NULL;
2982 }
2984 goto Quickie;
2985 }
2986
2987 /* Is a DOS VDM being forced, but we already have a WOW32 instance ready? */
2990 {
2991 /* This request can't be satisfied, instead, a separate VDM is needed */
2993 dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
2994
2995 /* Set a failure code, ask for VDM reservation */
2997 UseVdmReserve = TRUE;
2998
2999 /* Close the current handle */
3000 NtClose(SectionHandle);
3001 SectionHandle = NULL;
3002
3003 /* Don't query the section later */
3004 QuerySection = FALSE;
3005 }
3006 }
3007
3008 /* Did we already do these checks? */
3009 if (!SkipSaferAndAppCompat)
3010 {
3011 /* Is everything OK so far, OR do we have an non-MZ, non-DOS app? */
3015 {
3016 /* Clear the machine type in case of failure */
3017 ImageMachine = 0;
3018
3019 /* Clean any app compat data that may have accumulated */
3020 BasepFreeAppCompatData(AppCompatData, AppCompatSxsData);
3021 AppCompatData = NULL;
3022 AppCompatSxsData = NULL;
3023
3024 /* Do we have a section? */
3025 if (SectionHandle)
3026 {
3027 /* Have we already queried it? */
3028 if (QuerySection)
3029 {
3030 /* Nothing to do */
3031 AppCompatStatus = STATUS_SUCCESS;
3032 }
3033 else
3034 {
3035 /* Get some information about the executable */
3036 AppCompatStatus = NtQuerySection(SectionHandle,
3037 SectionImageInformation,
3038 &ImageInformation,
3039 sizeof(ImageInformation),
3040 NULL);
3041 }
3042
3043 /* Do we have section information now? */
3045 {
3046 /* Don't ask for it again, save the machine type */
3047 QuerySection = TRUE;
3048 ImageMachine = ImageInformation.Machine;
3049 }
3050 }
3051
3052 /* Is there a reason/Shim we shouldn't run this application? */
3054 FreeBuffer,
3055 lpEnvironment,
3056 ImageMachine,
3057 &AppCompatData,
3058 &AppCompatDataSize,
3059 &AppCompatSxsData,
3060 &AppCompatSxsDataSize,
3061 &FusionFlags);
3063 {
3064 /* This is usually the status we get back */
3067 {
3068 /* Convert it to something more Win32-specific */
3070 }
3071 else
3072 {
3073 /* Some other error */
3074 BaseSetLastNTError(AppCompatStatus);
3075 }
3076
3077 /* Did we have a section? */
3078 if (SectionHandle)
3079 {
3080 /* Clean it up */
3081 NtClose(SectionHandle);
3082 SectionHandle = NULL;
3083 }
3084
3085 /* Fail the call */
3087 goto Quickie;
3088 }
3089 }
3090 }
3091
3092 //ASSERT((dwFusionFlags & ~SXS_APPCOMPACT_FLAG_APP_RUNNING_SAFEMODE) == 0);
3093
3094 /* Have we already done, and do we need to do, SRP (WinSafer) checks? */
3095 if (!(SkipSaferAndAppCompat) &&
3096 ~(dwCreationFlags & CREATE_PRESERVE_CODE_AUTHZ_LEVEL))
3097 {
3098 /* Assume yes */
3099 SaferNeeded = TRUE;
3101 {
3106 /* For all DOS, 16-bit, OS/2 images, we do*/
3107 break;
3108
3110 /* For invalid files, we don't, unless it's a .BAT file */
3112
3113 default:
3114 /* Any other error codes we also don't */
3116 {
3117 SaferNeeded = FALSE;
3118 }
3119
3120 /* But for success, we do */
3121 break;
3122 }
3123
3124 /* Okay, so what did the checks above result in? */
3125 if (SaferNeeded)
3126 {
3127 /* We have to call into the WinSafer library and actually check */
3129 (LPWSTR)lpApplicationName,
3130 FileHandle,
3131 &InJob,
3132 &TokenHandle,
3133 &JobHandle);
3134 if (SaferStatus == 0xFFFFFFFF)
3135 {
3136 /* Back in 2003, they didn't have an NTSTATUS for this... */
3140 goto Quickie;
3141 }
3142
3143 /* Other status codes are not-Safer related, just convert them */
3145 {
3147 BaseSetLastNTError(SaferStatus);
3149 goto Quickie;
3150 }
3151 }
3152 }
3153
3154 /* The last step is to figure out why the section object was not created */
3156 {
3158 {
3159 /* 16-bit binary. Should we use WOW or does the caller force VDM? */
3161 {
3162 /* Remember that we're launching WOW */
3163 IsWowApp = TRUE;
3164
3165 /* Create the VDM environment, it's valid for WOW too */
3167 &VdmAnsiEnv,
3168 &VdmUnicodeEnv);
3170 {
3172 goto Quickie;
3173 }
3174
3175 /* We're going to try this twice, so do a loop */
3177 {
3178 /* Pick which kind of WOW mode we want to run in */
3179 VdmBinaryType = (dwCreationFlags &
3180 CREATE_SEPARATE_WOW_VDM) ?
3182
3183 /* Get all the VDM settings and current status */
3185 lpApplicationName,
3186 lpCommandLine,
3187 lpCurrentDirectory,
3188 &VdmAnsiEnv,
3189 &CsrMsg[1],
3190 &VdmTask,
3191 dwCreationFlags,
3192 &StartupInfo,
3193 hUserToken);
3194
3195 /* If it worked, no need to try again */
3197
3198 /* Check if it's disallowed or if it's our second time */
3201 (VdmBinaryType == BINARY_TYPE_SEPARATE_WOW) ||
3203 {
3204 /* Fail the call -- we won't try again */
3207 goto Quickie;
3208 }
3209
3210 /* Try one more time, but with a separate WOW instance */
3211 dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
3212 }
3213
3214 /* Check which VDM state we're currently in */
3216 VDM_NOT_READY |
3217 VDM_READY))
3218 {
3220 /* VDM is not fully loaded, so not that much to undo */
3221 VdmUndoLevel = VDM_UNDO_PARTIAL;
3222
3223 /* Reset VDM reserve if needed */
3224 if (UseVdmReserve) VdmReserve = 1;
3225
3226 /* Get the required parameters and names for launch */
3228 VdmTask,
3229 VdmBinaryType,
3230 &VdmString,
3231 &VdmReserve);
3233 {
3236 goto Quickie;
3237 }
3238
3239 /* Update the command-line with the VDM one instead */
3240 lpCommandLine = VdmString.Buffer;
3241 lpApplicationName = NULL;
3242
3243 /* We don't want a console, detachment, nor a window */
3244 dwCreationFlags |= CREATE_NO_WINDOW;
3246
3247 /* Force feedback on */
3249 break;
3250
3251
3253 /* VDM is ready, so we have to undo everything */
3254 VdmUndoLevel = VDM_UNDO_REUSE;
3255
3256 /* Check if CSRSS wants us to wait on VDM */
3257 VdmWaitObject = CheckVdmMsg->WaitObjectForParent;
3258 break;
3259
3261 /* Something is wrong with VDM, we'll fail the call */
3265 goto Quickie;
3266
3267 default:
3268 break;
3269 }
3270
3271 /* Since to get NULL, we allocate from 0x1, account for this */
3272 VdmReserve--;
3273
3274 /* This implies VDM is ready, so skip everything else */
3275 if (VdmWaitObject) goto VdmShortCircuit;
3276
3277 /* Don't inherit handles since we're doing VDM now */
3278 bInheritHandles = FALSE;
3279
3280 /* Had the user passed in environment? If so, destroy it */
3281 if ((lpEnvironment) &&
3282 !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT))
3283 {
3284 RtlDestroyEnvironment(lpEnvironment);
3285 }
3286
3287 /* We've already done all these checks, don't do them again */
3288 SkipSaferAndAppCompat = TRUE;
3289 goto AppNameRetry;
3290 }
3291
3292 // There is no break here on purpose, so FORCEDOS drops down!
3293 }
3294
3298 {
3299 /* We're launching an executable application */
3300 BinarySubType = BINARY_TYPE_EXE;
3301
3302 /* We can drop here from other "cases" above too, so check */
3306 {
3307 /* We're launching a DOS application */
3308 VdmBinaryType = BINARY_TYPE_DOS;
3309
3310 /* Based on the caller environment, create a VDM one */
3312 &VdmAnsiEnv,
3313 &VdmUnicodeEnv);
3315 {
3317 goto Quickie;
3318 }
3319
3320 /* Check the current state of the VDM subsystem */
3322 lpApplicationName,
3323 lpCommandLine,
3324 lpCurrentDirectory,
3325 &VdmAnsiEnv,
3326 &CsrMsg[1],
3327 &VdmTask,
3328 dwCreationFlags,
3329 &StartupInfo,
3330 NULL);
3332 {
3333 /* Failed to inquire about VDM, fail the call */
3337 goto Quickie;
3338 };
3339
3340 /* Handle possible VDM states */
3342 VDM_NOT_READY |
3343 VDM_READY))
3344 {
3346 /* If VDM is not loaded, we'll do a partial undo */
3347 VdmUndoLevel = VDM_UNDO_PARTIAL;
3348
3349 /* A VDM process can't also be detached, so fail */
3351 {
3355 }
3356
3357 /* Get the required parameters and names for launch */
3359 VdmTask,
3360 VdmBinaryType,
3361 &VdmString,
3362 &VdmReserve);
3364 {
3367 goto Quickie;
3368 }
3369
3370 /* Update the command-line to launch VDM instead */
3371 lpCommandLine = VdmString.Buffer;
3372 lpApplicationName = NULL;
3373 break;
3374
3376 /* VDM is ready, so we have to undo everything */
3377 VdmUndoLevel = VDM_UNDO_REUSE;
3378
3379 /* Check if CSRSS wants us to wait on VDM */
3380 VdmWaitObject = CheckVdmMsg->WaitObjectForParent;
3381 break;
3382
3384 /* Something is wrong with VDM, we'll fail the call */
3388 goto Quickie;
3389
3390 default:
3391 break;
3392 }
3393
3394 /* Since to get NULL, we allocate from 0x1, account for this */
3395 VdmReserve--;
3396
3397 /* This implies VDM is ready, so skip everything else */
3398 if (VdmWaitObject) goto VdmShortCircuit;
3399
3400 /* Don't inherit handles since we're doing VDM now */
3401 bInheritHandles = FALSE;
3402
3403 /* Had the user passed in environment? If so, destroy it */
3404 if ((lpEnvironment) &&
3405 !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT))
3406 {
3407 RtlDestroyEnvironment(lpEnvironment);
3408 }
3409
3410 /* Use our VDM Unicode environment instead */
3411 lpEnvironment = VdmUnicodeEnv.Buffer;
3412 }
3413 else
3414 {
3415 /* It's a batch file, get the extension */
3417
3418 /* Make sure the extensions are correct */
3422 {
3426 goto Quickie;
3427 }
3428
3429 /* Check if we need to account for quotes around the path */
3430 CmdQuoteLength = CmdLineIsAppName || HasQuotes;
3431 if (!CmdLineIsAppName)
3432 {
3433 if (HasQuotes) CmdQuoteLength++;
3434 }
3435 else
3436 {
3437 CmdQuoteLength++;
3438 }
3439
3440 /* Calculate the length of the command line */
3441 CmdLineLength = wcslen(lpCommandLine);
3445
3446 /* Allocate space for the new command line */
3447 AnsiCmdCommand = RtlAllocateHeap(RtlGetProcessHeap(),
3448 0,
3449 CmdLineLength);
3450 if (!AnsiCmdCommand)
3451 {
3454 goto Quickie;
3455 }
3456
3457 /* Build it */
3459 if ((CmdLineIsAppName) || (HasQuotes))
3460 {
3462 }
3463 wcscat(AnsiCmdCommand, lpCommandLine);
3464 if ((CmdLineIsAppName) || (HasQuotes))
3465 {
3467 }
3468
3469 /* Create it as a Unicode String */
3470 RtlInitUnicodeString(&DebuggerString, AnsiCmdCommand);
3471
3472 /* Set the command line to this */
3473 lpCommandLine = DebuggerString.Buffer;
3474 lpApplicationName = NULL;
3476 }
3477
3478 /* We've already done all these checks, don't do them again */
3479 SkipSaferAndAppCompat = TRUE;
3480 goto AppNameRetry;
3481 }
3482
3484 {
3485 /* 64-bit binaries are not allowed to run on 32-bit ReactOS */
3489 goto Quickie;
3490 }
3491
3493 {
3494 /* Set the correct last error for this */
3497 break;
3498 }
3499
3500 default:
3501 {
3502 /* Any other error, convert it to a generic Win32 error */
3504 {
3508 goto Quickie;
3509 }
3510
3511 /* Otherwise, this must be success */
3513 break;
3514 }
3515 }
3516
3517 /* Is this not a WOW application, but a WOW32 VDM was requested for it? */
3519 {
3520 /* Ignore the nonsensical request */
3521 dwCreationFlags &= ~CREATE_SEPARATE_WOW_VDM;
3522 }
3523
3524 /* Did we already check information for the section? */
3525 if (!QuerySection)
3526 {
3527 /* Get some information about the executable */
3529 SectionImageInformation,
3530 &ImageInformation,
3531 sizeof(ImageInformation),
3532 NULL);
3534 {
3535 /* We failed, bail out */
3539 goto Quickie;
3540 }
3541
3542 /* Don't check this later */
3543 QuerySection = TRUE;
3544 }
3545
3546 /* Check if this was linked as a DLL */
3548 {
3549 /* These aren't valid images to try to execute! */
3553 goto Quickie;
3554 }
3555
3556 /* Don't let callers pass in this flag -- we'll only get it from IFEO */
3557 Flags &= ~PROCESS_CREATE_FLAGS_LARGE_PAGES;
3558
3559 /* Clear the IFEO-missing flag, before we know for sure... */
3560 ParameterFlags &= ~2;
3561
3562 /* If the process is being debugged, only read IFEO if the PEB says so */
3565 {
3566 /* Let's do this! Attempt to open IFEO */
3569 {
3570 /* We failed, set the flag so we store this in the parameters */
3572 }
3573 else
3574 {
3575 /* Was this our first time going through this path? */
3576 if (!DebuggerCmdLine)
3577 {
3578 /* Allocate a buffer for the debugger path */
3579 DebuggerCmdLine = RtlAllocateHeap(RtlGetProcessHeap(),
3580 0,
3582 if (!DebuggerCmdLine)
3583 {
3584 /* Close IFEO on failure */
3587
3588 /* Fail the call */
3591 goto Quickie;
3592 }
3593 }
3594
3595 /* Now query for the debugger */
3598 REG_SZ,
3599 DebuggerCmdLine,
3601 &ResultSize);
3604 (DebuggerCmdLine[0] == UNICODE_NULL))
3605 {
3606 /* If it's not there, or too small, or invalid, ignore it */
3607 RtlFreeHeap(RtlGetProcessHeap(), 0, DebuggerCmdLine);
3608 DebuggerCmdLine = NULL;
3609 }
3610
3611 /* Also query if we should map with large pages */
3614 REG_DWORD,
3615 &UseLargePages,
3616 sizeof(UseLargePages),
3617 NULL);
3619 {
3620 /* Do it! This is the only way this flag can be set */
3622 }
3623
3624 /* We're done with IFEO, can close it now */
3627 }
3628 }
3629
3630 /* Make sure the image was compiled for this processor */
3633 {
3634 /* It was not -- raise a hard error */
3635 ErrorResponse = ResponseOk;
3636 ErrorParameters[0] = (ULONG_PTR)&PathName;
3638 1,
3639 1,
3640 ErrorParameters,
3641 OptionOk,
3642 &ErrorResponse);
3644 {
3645 /* If it's really old, return this error */
3647 }
3648 else
3649 {
3650 /* Otherwise, return a more modern error */
3652 }
3653
3654 /* Go to the failure path */
3657 goto Quickie;
3658 }
3659
3660 /* Check if this isn't a Windows image */
3663 {
3664 /* Get rid of section-related information since we'll retry */
3665 NtClose(SectionHandle);
3666 SectionHandle = NULL;
3667 QuerySection = FALSE;
3668
3669 /* The only other non-Windows image type we support here is POSIX */
3671 {
3672 /* Bail out if it's something else */
3675 goto Quickie;
3676 }
3677
3678 /* Now build the command-line to have posix launch this image */
3680 lpApplicationName,
3681 lpCommandLine,
3682 &DebuggerString);
3684 {
3685 /* Bail out if that failed */
3687 goto Quickie;
3688 }
3689
3690 /* And re-try launching the process, with the new command-line now */
3691 lpCommandLine = DebuggerString.Buffer;
3692 lpApplicationName = NULL;
3693
3694 /* We've already done all these checks, don't do them again */
3695 SkipSaferAndAppCompat = TRUE;
3697 goto AppNameRetry;
3698 }
3699
3700 /* Was this image built for a version of Windows whose images we can run? */
3702 ImageInformation.SubSystemMinorVersion);
3704 {
3705 /* It was not, bail out */
3707 ImageInformation.SubSystemMajorVersion,
3708 ImageInformation.SubSystemMinorVersion);
3710 goto Quickie;
3711 }
3712
3713 /* Check if there is a debugger associated with the application */
3714 if (DebuggerCmdLine)
3715 {
3716 /* Get the length of the command line */
3719 {
3720 /* There's no command line, use the application name instead */
3721 lpCommandLine = (LPWSTR)lpApplicationName;
3723 }
3724
3725 /* Protect against overflow */
3727 {
3730 goto Quickie;
3731 }
3732
3733 /* Now add the length of the debugger command-line */
3735
3736 /* Again make sure we don't overflow */
3738 {
3741 goto Quickie;
3742 }
3743
3744 /* Account for the quotes and space between the two */
3746
3747 /* Convert to bytes, and make sure we don't overflow */
3750 {
3753 goto Quickie;
3754 }
3755
3756 /* Allocate space for the string */
3759 {
3762 goto Quickie;
3763 }
3764
3765 /* Set the length */
3766 RtlInitEmptyUnicodeString(&DebuggerString,
3767 DebuggerString.Buffer,
3769
3770 /* Now perform the command line creation */
3771 ImageDbgStatus = RtlAppendUnicodeToString(&DebuggerString,
3772 DebuggerCmdLine);
3776 ImageDbgStatus = RtlAppendUnicodeToString(&DebuggerString, lpCommandLine);
3778
3779 /* Make sure it all looks nice */
3781
3782 /* Update the command line and application name */
3783 lpCommandLine = DebuggerString.Buffer;
3784 lpApplicationName = NULL;
3785
3786 /* Close all temporary state */
3787 NtClose(SectionHandle);
3788 SectionHandle = NULL;
3789 QuerySection = FALSE;
3790
3791 /* Free all temporary memory */
3792 RtlFreeHeap(RtlGetProcessHeap(), 0, NameBuffer);
3793 NameBuffer = NULL;
3794 RtlFreeHeap(RtlGetProcessHeap(), 0, FreeBuffer);
3795 FreeBuffer = NULL;
3796 RtlFreeHeap(RtlGetProcessHeap(), 0, DebuggerCmdLine);
3797 DebuggerCmdLine = NULL;
3799 goto AppNameRetry;
3800 }
3801
3802 /* Initialize the process object attributes */
3804 lpProcessAttributes,
3805 NULL);
3807 {
3808 /* Augment them with information from the user */
3809
3810 LocalProcessAttributes = *lpProcessAttributes;
3813 &LocalProcessAttributes,
3814 NULL);
3815 }
3816
3817 /* Check if we're going to be debugged */
3819 {
3820 /* Set process flag */
3822 }
3823
3824 /* Check if we're going to be debugged */
3826 {
3827 /* Connect to DbgUi */
3830 {
3834 goto Quickie;
3835 }
3836
3837 /* Get the debug object */
3838 DebugHandle = DbgUiGetThreadDebugObject();
3839
3840 /* Check if only this process will be debugged */
3842 {
3843 /* Set process flag */
3845 }
3846 }
3847
3848 /* Set inherit flag */
3850
3851 /* Check if the process should be created with large pages */
3852 HavePrivilege = FALSE;
3853 PrivilegeState = NULL;
3855 {
3856 /* Acquire the required privilege so that the kernel won't fail the call */
3857 PrivilegeValue = SE_LOCK_MEMORY_PRIVILEGE;
3860 {
3861 /* Remember to release it later */
3862 HavePrivilege = TRUE;
3863 }
3864 }
3865
3866 /* Save the current TIB value since kernel overwrites it to store PEB */
3868
3869 /* Tell the kernel to create the process */
3871 PROCESS_ALL_ACCESS,
3872 ObjectAttributes,
3873 NtCurrentProcess(),
3874 Flags,
3875 SectionHandle,
3876 DebugHandle,
3877 NULL,
3878 InJob);
3879
3880 /* Load the PEB address from the hacky location where the kernel stores it */
3882
3883 /* And restore the old TIB value */
3885
3886 /* Release the large page privilege if we had acquired it */
3888
3889 /* And now check if the kernel failed to create the process */
3891 {
3892 /* Go to failure path */
3896 goto Quickie;
3897 }
3898
3899 /* Check if there is a priority class to set */
3901 {
3902 /* Reset current privilege state */
3903 RealTimePrivilegeState = NULL;
3904
3905 /* Is realtime priority being requested? */
3907 {
3908 /* Check if the caller has real-time access, and enable it if so */
3910 }
3911
3912 /* Set the new priority class and release the privilege */
3914 ProcessPriorityClass,
3915 &PriorityClass,
3918
3919 /* Check if we failed to set the priority class */
3921 {
3922 /* Bail out on failure */
3926 goto Quickie;
3927 }
3928 }
3929
3930 /* Check if the caller wants the default error mode */
3932 {
3933 /* Set Error Mode to only fail on critical errors */
3934 HardErrorMode = SEM_FAILCRITICALERRORS;
3937 &HardErrorMode,
3939 }
3940
3941 /* Check if this was a VDM binary */
3942 if (VdmBinaryType)
3943 {
3944 /* Update VDM by telling it the process has now been created */
3945 VdmWaitObject = ProcessHandle;
3947 &VdmWaitObject,
3948 VdmTask,
3949 VdmBinaryType);
3950
3952 {
3953 /* Bail out on failure */
3955 VdmWaitObject = NULL;
3956 goto Quickie;
3957 }
3958
3959 /* At this point, a failure means VDM has to undo all the state */
3960 VdmUndoLevel |= VDM_UNDO_FULL;
3961 }
3962
3963 /* Check if VDM needed reserved low-memory */
3964 if (VdmReserve)
3965 {
3966 /* Reserve the requested allocation */
3967 RegionSize = VdmReserve;
3969 &BaseAddress,
3970 0,
3971 &RegionSize,
3972 MEM_RESERVE,
3973 PAGE_EXECUTE_READWRITE);
3975 {
3976 /* Bail out on failure */
3980 goto Quickie;
3981 }
3982
3984 }
3985
3986 /* Check if we've already queried information on the section */
3987 if (!QuerySection)
3988 {
3989 /* We haven't, so get some information about the executable */
3991 SectionImageInformation,
3992 &ImageInformation,
3993 sizeof(ImageInformation),
3994 NULL);
3996 {
3997 /* Bail out on failure */
4001 goto Quickie;
4002 }
4003
4004 /* If we encounter a restart, don't re-query this information again */
4005 QuerySection = TRUE;
4006 }
4007
4008 /* Do we need to apply SxS to this image? (On x86 this flag is set by PeFmtCreateSection) */
4010 {
4011 /* Too bad, we don't support this yet */
4013 }
4014
4015 /* There's some SxS flag that we need to set if fusion flags have 1 set */
4017
4018 /* Check if we have a current directory */
4019 if (lpCurrentDirectory)
4020 {
4021 /* Allocate a buffer so we can keep a Unicode copy */
4024 0,
4028 {
4029 /* Bail out if this failed */
4032 goto Quickie;
4033 }
4034
4035 /* Get the length in Unicode */
4037 MAX_PATH,
4038 CurrentDirectory,
4039 &FilePart);
4041 {
4042 /* The directory is too long, so bail out */
4045 goto Quickie;
4046 }
4047
4048 /* Make sure the directory is actually valid */
4051 !(FileAttribs & FILE_ATTRIBUTE_DIRECTORY))
4052 {
4053 /* It isn't, so bail out */
4057 goto Quickie;
4058 }
4059 }
4060
4061 /* Insert quotes if needed */
4062 if ((QuotesNeeded) || (CmdLineIsAppName))
4063 {
4064 /* Allocate our buffer, plus enough space for quotes and a NULL */
4065 QuotedCmdLine = RtlAllocateHeap(RtlGetProcessHeap(),
4066 0,
4069 if (QuotedCmdLine)
4070 {
4071 /* Copy the first quote */
4073
4074 /* Save the current null-character */
4075 if (QuotesNeeded)
4076 {
4077 SaveChar = *NullBuffer;
4078 *NullBuffer = UNICODE_NULL;
4079 }
4080
4081 /* Copy the command line and the final quote */
4082 wcscat(QuotedCmdLine, lpCommandLine);
4084
4085 /* Copy the null-char back */
4086 if (QuotesNeeded)
4087 {
4088 *NullBuffer = SaveChar;
4089 wcscat(QuotedCmdLine, NullBuffer);
4090 }
4091 }
4092 else
4093 {
4094 /* We can't put quotes around the thing, so try it anyway */
4097 }
4098 }
4099
4100 /* Use isolation if needed */
4102
4103 /* Set the new command-line if needed */
4104 if ((QuotesNeeded) || (CmdLineIsAppName)) lpCommandLine = QuotedCmdLine;
4105
4106 /* Call the helper function in charge of RTL_USER_PROCESS_PARAMETERS */
4108 ProcessHandle,
4109 RemotePeb,
4110 lpApplicationName,
4111 CurrentDirectory,
4112 lpCommandLine,
4113 lpEnvironment,
4114 &StartupInfo,
4115 dwCreationFlags | NoWindow,
4116 bInheritHandles,
4117 IsWowApp ? IMAGE_SUBSYSTEM_WINDOWS_GUI: 0,
4118 AppCompatData,
4119 AppCompatDataSize);
4121 {
4122 /* The remote process would have an undefined state, so fail the call */
4124 goto Quickie;
4125 }
4126
4127 /* Free the VDM command line string as it's no longer needed */
4128 RtlFreeUnicodeString(&VdmString);
4130
4131 /* Non-VDM console applications usually inherit handles unless specified */
4132 if (!(VdmBinaryType) &&
4133 !(bInheritHandles) &&
4135 !(dwCreationFlags & (CREATE_NO_WINDOW |
4136 CREATE_NEW_CONSOLE |
4137 DETACHED_PROCESS)) &&
4139 {
4140 /* Get the remote parameters */
4142 &RemotePeb->ProcessParameters,
4143 &ProcessParameters,
4145 NULL);
4147 {
4148 /* Duplicate standard input unless it's a console handle */
4150 {
4153 &ProcessParameters->StandardInput);
4154 }
4155
4156 /* Duplicate standard output unless it's a console handle */
4158 {
4161 &ProcessParameters->StandardOutput);
4162 }
4163
4164 /* Duplicate standard error unless it's a console handle */
4166 {
4169 &ProcessParameters->StandardError);
4170 }
4171 }
4172 }
4173
4174 /* Create the Thread's Stack */
4177 ImageInformation.CommittedStackSize,
4178 StackSize,
4179 &InitialTeb);
4181 {
4185 goto Quickie;
4186 }
4187
4188 /* Create the Thread's Context */
4190 RemotePeb,
4191 ImageInformation.TransferAddress,
4192 InitialTeb.StackBase,
4193 0);
4194
4195 /* Convert the thread attributes */
4197 lpThreadAttributes,
4198 NULL);
4200 {
4201 /* If the caller specified a user token, zero the security descriptor */
4202 LocalThreadAttributes = *lpThreadAttributes;
4205 &LocalThreadAttributes,
4206 NULL);
4207 }
4208
4209 /* Create the Kernel Thread Object */
4211 THREAD_ALL_ACCESS,
4212 ObjectAttributes,
4213 ProcessHandle,
4214 &ClientId,
4215 &Context,
4216 &InitialTeb,
4217 TRUE);
4219 {
4220 /* A process is not allowed to exist without a main thread, so fail */
4224 goto Quickie;
4225 }
4226
4227 /* Begin filling out the CSRSS message, first with our IDs and handles */
4229 CreateProcessMsg->ThreadHandle = ThreadHandle;
4231
4232 /* Write the remote PEB address and clear it locally, we no longer use it */
4233 CreateProcessMsg->PebAddressNative = RemotePeb;
4234#ifdef _WIN64
4236 CreateProcessMsg->PebAddressWow64 = 0;
4237#else
4239#endif
4240 RemotePeb = NULL;
4241
4242 /* Now check what kind of architecture this image was made for */
4244 {
4245 /* IA32, IA64 and AMD64 are supported in Server 2003 */
4248 break;
4251 break;
4254 break;
4255
4256 /* Anything else results in image unknown -- but no failure */
4257 default:
4259 ImageInformation.Machine);
4261 break;
4262 }
4263
4264 /* Write the input creation flags except any debugger-related flags */
4265 CreateProcessMsg->CreationFlags = dwCreationFlags &
4267
4268 /* CSRSS needs to know if this is a GUI app or not */
4270 (IsWowApp))
4271 {
4272 /*
4273 * For GUI apps we turn on the 2nd bit. This allow CSRSS server dlls
4274 * (basesrv in particular) to know whether or not this is a GUI or a
4275 * TUI application.
4276 */
4278
4279 /* Also check if the parent is also a GUI process */
4281 if ((NtHeaders) &&
4283 {
4284 /* Let it know that it should display the hourglass mouse cursor */
4286 }
4287 }
4288
4289 /* For all apps, if this flag is on, the hourglass mouse cursor is shown.
4290 * Likewise, the opposite holds as well, and no-feedback has precedence. */
4292 {
4294 }
4296 {
4298 }
4299
4300 /* Also store which kind of VDM app (if any) this is */
4301 CreateProcessMsg->VdmBinaryType = VdmBinaryType;
4302
4303 /* And if it really is a VDM app... */
4304 if (VdmBinaryType)
4305 {
4306 /* Store the VDM console handle (none if inherited or WOW app) and the task ID */
4308 CreateProcessMsg->VdmTask = VdmTask;
4309 }
4310 else if (VdmReserve)
4311 {
4312 /* Extended VDM, set a flag */
4314 }
4315
4316 /* Check if there's side-by-side assembly data associated with the process */
4318 {
4319 /* This should not happen in ReactOS yet */
4324 goto Quickie;
4325 }
4326
4327 /* We are finally ready to call CSRSS to tell it about our new process! */
4329 CaptureBuffer,
4331 BasepCreateProcess),
4332 sizeof(*CreateProcessMsg));
4333
4334 /* CSRSS has returned, free the capture buffer now if we had one */
4335 if (CaptureBuffer)
4336 {
4337 CsrFreeCaptureBuffer(CaptureBuffer);
4338 CaptureBuffer = NULL;
4339 }
4340
4341 /* Check if CSRSS failed to accept ownership of the new Windows process */
4343 {
4344 /* Terminate the process and enter failure path with the CSRSS status */
4349 goto Quickie;
4350 }
4351
4352 /* Check if we have a token due to Authz/Safer, not passed by the user */
4354 {
4355 /* Replace the process and/or thread token with the one from Safer */
4357 ProcessHandle,
4358 ThreadHandle);
4360 {
4361 /* If this failed, kill the process and enter the failure path */
4366 goto Quickie;
4367 }
4368 }
4369
4370 /* Check if a job was associated with this process */
4371 if (JobHandle)
4372 {
4373 /* Bind the process and job together now */
4376 {
4377 /* Kill the process and enter the failure path if binding failed */
4382 goto Quickie;
4383 }
4384 }
4385
4386 /* Finally, resume the thread to actually get the process started */
4388 {
4390 }
4391
4392VdmShortCircuit:
4393 /* We made it this far, meaning we have a fully created process and thread */
4395
4396 /* Anyone doing a VDM undo should now undo everything, since we are done */
4398
4399 /* Having a VDM wait object implies this must be a VDM process */
4400 if (VdmWaitObject)
4401 {
4402 /* Check if it's a 16-bit separate WOW process */
4404 {
4405 /* OR-in the special flag to indicate this, and return to caller */
4406 AddToHandle(VdmWaitObject, 2);
4407 lpProcessInformation->hProcess = VdmWaitObject;
4408
4409 /* Check if this was a re-used VDM */
4411 {
4412 /* No Client ID should be returned in this case */
4415 }
4416 }
4417 else
4418 {
4419 /* OR-in the special flag to indicate this is not a separate VDM,
4420 * and return the handle to the caller */
4421 AddToHandle(VdmWaitObject, 1);
4422 lpProcessInformation->hProcess = VdmWaitObject;
4423 }
4424
4425 /* Close the original process handle, since it's not needed for VDM */
4427 }
4428 else
4429 {
4430 /* This is a regular process, so return the real process handle */
4431 lpProcessInformation->hProcess = ProcessHandle;
4432 }
4433
4434 /* Return the rest of the process information based on what we have so far */
4435 lpProcessInformation->hThread = ThreadHandle;
4438
4439 /* NULL these out here so we know to treat this as a success scenario */
4441 ThreadHandle = NULL;
4442
4443Quickie:
4444 /* Free the debugger command line if one was allocated */
4446
4447 /* Check if an SxS full path as queried */
4448 if (PathBuffer)
4449 {
4450 /* Reinitialize the executable path */
4451 RtlInitEmptyUnicodeString(&SxsWin32ExePath, NULL, 0);
4452 SxsWin32ExePath.Length = 0;
4453
4454 /* Free the path buffer */
4455 RtlFreeHeap(RtlGetProcessHeap(), 0, PathBuffer);
4456 }
4457
4458#if _SXS_SUPPORT_ENABLED_
4459 /* Check if this was a non-VDM process */
4460 if (!VdmBinaryType)
4461 {
4462 /* Then it must've had SxS data, so close the handles used for it */
4463 BasepSxsCloseHandles(&Handles);
4464 BasepSxsCloseHandles(&FileHandles);
4465
4466 /* Check if we built SxS byte buffers for this create process request */
4467 if (SxsConglomeratedBuffer)
4468 {
4469 /* Loop all of them */
4471 {
4472 /* Check if this one was allocated */
4473 ThisBuffer = SxsStaticBuffers[i];
4474 if (ThisBuffer)
4475 {
4476 /* Get the underlying RTL_BUFFER structure */
4477 ByteBuffer = &ThisBuffer->ByteBuffer;
4479 {
4480 /* Check if it was dynamic */
4482 {
4483 /* Free it from the heap */
4485 RtlFreeUnicodeString(&FreeString);
4486 }
4487
4488 /* Reset the buffer to its static data */
4491 }
4492
4493 /* Reset the string to the static buffer */
4494 RtlInitEmptyUnicodeString(&ThisBuffer->String,
4496 ByteBuffer->StaticSize);
4498 {
4499 /* Also NULL-terminate it */
4501 }
4502 }
4503 }
4504 }
4505 }
4506#endif
4507 /* Check if an environment was passed in */
4509 {
4510 /* Destroy it */
4511 RtlDestroyEnvironment(lpEnvironment);
4512
4513 /* If this was the VDM environment too, clear that as well */
4515 lpEnvironment = NULL;
4516 }
4517
4518 /* Unconditionally free all the name parsing buffers we always allocate */
4519 RtlFreeHeap(RtlGetProcessHeap(), 0, QuotedCmdLine);
4520 RtlFreeHeap(RtlGetProcessHeap(), 0, NameBuffer);
4522 RtlFreeHeap(RtlGetProcessHeap(), 0, FreeBuffer);
4523
4524 /* Close open file/section handles */
4527
4528 /* If we have a thread handle, this was a failure path */
4529 if (ThreadHandle)
4530 {
4531 /* So kill the process and close the thread handle */
4533 NtClose(ThreadHandle);
4534 }
4535
4536 /* If we have a process handle, this was a failure path, so close it */
4538
4539 /* Thread/process handles, if any, are now processed. Now close this one. */
4541
4542 /* Check if we had created a token */
4544 {
4545 /* And if the user asked for one */
4547 {
4548 /* Then return it */
4549 *hNewToken = TokenHandle;
4550 }
4551 else
4552 {
4553 /* User didn't want it, so we used it temporarily -- close it */
4555 }
4556 }
4557
4558 /* Free any temporary app compatibility data, it's no longer needed */
4559 BasepFreeAppCompatData(AppCompatData, AppCompatSxsData);
4560
4561 /* Free a few strings. The API takes care of these possibly being NULL */
4562 RtlFreeUnicodeString(&VdmString);
4563 RtlFreeUnicodeString(&DebuggerString);
4564
4565 /* Check if we had built any sort of VDM environment */
4567 {
4568 /* Free it */
4569 BaseDestroyVDMEnvironment(&VdmAnsiEnv, &VdmUnicodeEnv);
4570 }
4571
4572 /* Check if this was any kind of VDM application that we ended up creating */
4574 {
4575 /* Send an undo */
4577 (PHANDLE)&VdmTask,
4578 VdmUndoLevel,
4579 VdmBinaryType);
4580
4581 /* And close whatever VDM handle we were using for notifications */
4583 }
4584
4585 /* Check if we ended up here with an allocated search path, and free it */
4587
4588 /* Finally, return the API's result */
4590}
NTSTATUS NTAPI NtCreateSection(OUT PHANDLE SectionHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN PLARGE_INTEGER MaximumSize OPTIONAL, IN ULONG SectionPageProtection OPTIONAL, IN ULONG AllocationAttributes, IN HANDLE FileHandle OPTIONAL)
Definition: section.c:3074
static IN ULONG IN PWSTR OUT PCWSTR OUT PBOOLEAN OUT PATH_TYPE_AND_UNKNOWN * PathType
Definition: RtlGetFullPathName_Ustr.c:44
NTSTATUS WINAPI BasepCheckBadapp(IN HANDLE FileHandle, IN PWCHAR ApplicationName, IN PWCHAR Environment, IN USHORT ExeType, IN PVOID *SdbQueryAppCompatData, IN PULONG SdbQueryAppCompatDataSize, IN PVOID *SxsData, IN PULONG SxsDataSize, OUT PULONG FusionFlags)
Definition: appcache.c:374
VOID WINAPI BasepFreeAppCompatData(IN PVOID AppCompatData, IN PVOID AppCompatSxsData)
Definition: appcache.c:444
LPWSTR WINAPI BaseComputeProcessExePath(IN LPWSTR FullPath)
Definition: path.c:405
DWORD WINAPI SearchPathW(IN LPCWSTR lpPath OPTIONAL, IN LPCWSTR lpFileName, IN LPCWSTR lpExtension OPTIONAL, IN DWORD nBufferLength, OUT LPWSTR lpBuffer, OUT LPWSTR *lpFilePart OPTIONAL)
Definition: path.c:1298
BOOLEAN WINAPI BasePushProcessParameters(IN ULONG ParameterFlags, IN HANDLE ProcessHandle, IN PPEB RemotePeb, IN LPCWSTR ApplicationPathName, IN LPWSTR lpCurrentDirectory, IN LPWSTR lpCommandLine, IN LPVOID lpEnvironment, IN LPSTARTUPINFOW StartupInfo, IN DWORD CreationFlags, IN BOOL InheritHandles, IN ULONG ImageSubsystem, IN PVOID AppCompatData, IN ULONG AppCompatDataSize)
Definition: proc.c:484
NTSTATUS WINAPI BasepCheckWebBladeHashes(IN HANDLE FileHandle)
Definition: proc.c:149
VOID WINAPI StuffStdHandle(IN HANDLE ProcessHandle, IN HANDLE StandardHandle, IN PHANDLE Address)
Definition: proc.c:57
BOOLEAN WINAPI BuildSubSysCommandLine(IN LPCWSTR SubsystemName, IN LPCWSTR ApplicationName, IN LPCWSTR CommandLine, OUT PUNICODE_STRING SubsysCommandLine)
Definition: proc.c:89
NTSTATUS WINAPI BasepIsProcessAllowed(IN LPWSTR ApplicationName)
Definition: proc.c:202
NTSTATUS WINAPI BasepReplaceProcessThreadTokens(IN HANDLE TokenHandle, IN HANDLE ProcessHandle, IN HANDLE ThreadHandle)
Definition: proc.c:354
VOID WINAPI BasepSxsCloseHandles(IN PBASE_MSG_SXS_HANDLES Handles)
Definition: proc.c:417
BOOLEAN WINAPI BasepIsImageVersionOk(IN ULONG ImageMajorVersion, IN ULONG ImageMinorVersion)
Definition: proc.c:123
NTSTATUS WINAPI BaseCreateStack(_In_ HANDLE hProcess, _In_opt_ SIZE_T StackCommit, _In_opt_ SIZE_T StackReserve, _Out_ PINITIAL_TEB InitialTeb)
Definition: utils.c:354
VOID WINAPI BaseInitializeContext(IN PCONTEXT Context, IN PVOID Parameter, IN PVOID StartAddress, IN PVOID StackAddress, IN ULONG ContextType)
Definition: utils.c:513
POBJECT_ATTRIBUTES WINAPI BaseFormatObjectAttributes(OUT POBJECT_ATTRIBUTES ObjectAttributes, IN PSECURITY_ATTRIBUTES SecurityAttributes OPTIONAL, IN PUNICODE_STRING ObjectName)
Definition: utils.c:304
NTSTATUS WINAPI BasepCheckWinSaferRestrictions(IN HANDLE UserToken, IN LPWSTR ApplicationName, IN HANDLE FileHandle, OUT PBOOLEAN InJob, OUT PHANDLE NewToken, OUT PHANDLE JobHandle)
Definition: utils.c:921
ULONG WINAPI BaseIsDosApplication(IN PUNICODE_STRING PathName, IN NTSTATUS Status)
Definition: vdm.c:66
BOOL NTAPI BaseDestroyVDMEnvironment(IN PANSI_STRING AnsiEnv, IN PUNICODE_STRING UnicodeEnv)
Definition: vdm.c:1034
BOOL WINAPI BaseGetVdmConfigInfo(IN LPCWSTR CommandLineReserved, IN ULONG DosSeqId, IN ULONG BinaryType, IN PUNICODE_STRING CmdLineString, OUT PULONG VdmSize)
Definition: vdm.c:652
BOOL WINAPI BaseUpdateVDMEntry(IN ULONG UpdateIndex, IN OUT PHANDLE WaitHandle, IN ULONG IndexInfo, IN ULONG BinaryType)
Definition: vdm.c:542
BOOL NTAPI BaseCreateVDMEnvironment(IN PWCHAR lpEnvironment, OUT PANSI_STRING AnsiEnv, OUT PUNICODE_STRING UnicodeEnv)
Definition: vdm.c:744
NTSTATUS WINAPI BaseCheckVDM(IN ULONG BinaryType, IN PCWCH ApplicationName, IN PCWCH CommandLine, IN PCWCH CurrentDirectory, IN PANSI_STRING AnsiEnvironment, IN PBASE_API_MESSAGE ApiMessage, IN OUT PULONG iTask, IN DWORD CreationFlags, IN LPSTARTUPINFOW StartupInfo, IN HANDLE hUserToken OPTIONAL)
Definition: vdm.c:91
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
NTSTATUS NTAPI NtRaiseHardError(IN NTSTATUS ErrorStatus, IN ULONG NumberOfParameters, IN ULONG UnicodeStringParameterMask, IN PULONG_PTR Parameters, IN ULONG ValidResponseOptions, OUT PULONG Response)
Definition: harderr.c:551
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
#define PROCESS_CREATE_FLAGS_INHERIT_HANDLES
Definition: pstypes.h:94
#define PROCESS_PRIORITY_CLASS_ABOVE_NORMAL
Definition: pstypes.h:113
#define PROCESS_PRIORITY_CLASS_BELOW_NORMAL
Definition: pstypes.h:112
#define PROCESS_CREATE_FLAGS_NO_DEBUG_INHERIT
Definition: pstypes.h:93
NTSTATUS NTAPI LdrQueryImageFileKeyOption(_In_ HANDLE KeyHandle, _In_ PCWSTR ValueName, _In_ ULONG Type, _Out_ PVOID Buffer, _In_ ULONG BufferSize, _Out_opt_ PULONG ReturnedLength)
Definition: ldrinit.c:185
NTSTATUS NTAPI LdrOpenImageFileOptionsKey(_In_ PUNICODE_STRING SubKey, _In_ BOOLEAN Wow64, _Out_ PHANDLE NewKeyHandle)
Definition: ldrinit.c:112
PVOID PVOID PWCHAR PVOID USHORT PULONG PVOID PULONG PVOID PULONG PULONG FusionFlags
Definition: env.c:49
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404
NTSYSAPI ULONG NTAPI RtlIsDosDeviceName_U(_In_ PCWSTR Name)
NTSYSAPI NTSTATUS NTAPI RtlAcquirePrivilege(_In_ PULONG Privilege, _In_ ULONG NumPriv, _In_ ULONG Flags, _Out_ PVOID *ReturnedState)
NTSTATUS NTAPI RtlGetFullPathName_UstrEx(_In_ PUNICODE_STRING FileName, _In_opt_ PUNICODE_STRING StaticString, _In_opt_ PUNICODE_STRING DynamicString, _Out_opt_ PUNICODE_STRING *StringUsed, _Out_opt_ PSIZE_T FilePartSize, _Out_opt_ PBOOLEAN NameInvalid, _Out_ RTL_PATH_TYPE *PathType, _Out_opt_ PSIZE_T LengthNeeded)
VOID NTAPI RtlReleaseRelativeName(_In_ PRTL_RELATIVE_NAME_U RelativeName)
NTSYSAPI VOID NTAPI RtlDestroyEnvironment(_In_ PWSTR Environment)
NTSYSAPI RTL_PATH_TYPE NTAPI RtlDetermineDosPathNameType_U(_In_ PCWSTR Path)
NTSYSAPI VOID NTAPI RtlReleasePrivilege(_In_ PVOID ReturnedState)
NTSYSAPI BOOLEAN NTAPI RtlDosPathNameToRelativeNtPathName_U(_In_ PCWSTR DosName, _Out_ PUNICODE_STRING NtName, _Out_ PCWSTR *PartName, _Out_ PRTL_RELATIVE_NAME_U RelativeName)
enum _RTL_PATH_TYPE RTL_PATH_TYPE
NTSYSAPI NTSTATUS NTAPI NtOpenFile(OUT PHANDLE phFile, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, OUT PIO_STATUS_BLOCK pIoStatusBlock, IN ULONG ShareMode, IN ULONG OpenMode)
Definition: file.c:3952
NTSYSAPI NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, PANSI_STRING SourceString, BOOLEAN AllocateDestinationString)
NTSTATUS NTAPI NtTerminateProcess(HANDLE ProcessHandle, LONG ExitStatus)
NTSYSAPI NTSTATUS NTAPI NtCreateThread(OUT PHANDLE phThread, IN ACCESS_MASK AccessMask, IN POBJECT_ATTRIBUTES ObjectAttributes, IN HANDLE hProcess, OUT PCLIENT_ID pClientId, IN PCONTEXT pContext, OUT PSTACKINFO pStackInfo, IN BOOLEAN bSuspended)
#define UNICODE_STRING_MAX_CHARS
#define UNICODE_STRING_MAX_BYTES
#define VER_SUITE_DATACENTER
#define VER_SUITE_PERSONAL
#define ANSI_NULL
#define IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
Definition: ntimage.h:458
NTSTATUS NTAPI NtFreeVirtualMemory(IN HANDLE ProcessHandle, IN PVOID *UBaseAddress, IN PSIZE_T URegionSize, IN ULONG FreeType)
Definition: virtual.c:5230
NTSTATUS NTAPI NtReadVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN SIZE_T NumberOfBytesToRead, OUT PSIZE_T NumberOfBytesRead OPTIONAL)
Definition: virtual.c:2816
NTSTATUS NTAPI NtIsProcessInJob(IN HANDLE ProcessHandle, IN HANDLE JobHandle OPTIONAL)
Definition: job.c:361
NTSTATUS NTAPI NtAssignProcessToJobObject(HANDLE JobHandle, HANDLE ProcessHandle)
Definition: job.c:157
NTSTATUS NTAPI NtCreateProcessEx(OUT PHANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN HANDLE ParentProcess, IN ULONG Flags, IN HANDLE SectionHandle OPTIONAL, IN HANDLE DebugPort OPTIONAL, IN HANDLE ExceptionPort OPTIONAL, IN BOOLEAN InJob)
Definition: process.c:1344
NTSTATUS NTAPI NtSetInformationProcess(IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, IN PVOID ProcessInformation, IN ULONG ProcessInformationLength)
Definition: query.c:1105
NTSTATUS NTAPI NtResumeThread(IN HANDLE ThreadHandle, OUT PULONG SuspendCount OPTIONAL)
Definition: state.c:290
#define STATUS_IMAGE_MACHINE_TYPE_MISMATCH_EXE
Definition: ntstatus.h:149
_CRTIMP wchar_t *__cdecl wcscpy(_Out_writes_z_(_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
_CRTIMP wchar_t *__cdecl wcscat(_Inout_updates_z_(_String_length_(_Dest)+_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
_Check_return_ _CRTIMP int __cdecl _wcsnicmp(_In_reads_or_z_(_MaxCount) const wchar_t *_Str1, _In_reads_or_z_(_MaxCount) const wchar_t *_Str2, _In_ size_t _MaxCount)
VOID NTAPI CsrFreeCaptureBuffer(_In_ _Frees_ptr_ PCSR_CAPTURE_BUFFER CaptureBuffer)
Definition: capture.c:210
NTSTATUS NTAPI CsrClientCallServer(_Inout_ PCSR_API_MESSAGE ApiMessage, _Inout_opt_ PCSR_CAPTURE_BUFFER CaptureBuffer, _In_ CSR_API_NUMBER ApiNumber, _In_ ULONG DataLength)
Definition: connect.c:366
NTSTATUS NTAPI NtQuerySection(_In_ HANDLE SectionHandle, _In_ SECTION_INFORMATION_CLASS SectionInformationClass, _Out_ PVOID SectionInformation, _In_ SIZE_T SectionInformationLength, _Out_opt_ PSIZE_T ResultLength)
Definition: section.c:3773
Definition: basemsg.h:274
BASE_CREATE_PROCESS CreateProcessRequest
Definition: basemsg.h:283
union _BASE_API_MESSAGE::@3534 Data
Definition: basemsg.h:119
Definition: basemsg.h:85
Definition: kernel32.h:396
Definition: compat.h:824
Definition: nt_native.h:1406
Definition: csrmsg.h:101
Definition: csrmsg.h:91
Definition: ntddk_ex.h:181
Definition: pstypes.h:692
Definition: env_spec_w32.h:870
Definition: pstypes.h:956
Definition: rtltypes.h:1874
Definition: rtltypes.h:1379
Definition: rtltypes.h:1884
Definition: mmtypes.h:340
USHORT ImageCharacteristics
Definition: mmtypes.h:356
USHORT SubSystemMinorVersion
Definition: mmtypes.h:350
USHORT SubSystemMajorVersion
Definition: mmtypes.h:351
Definition: compat.h:191
Definition: kernel32.h:410
Definition: kernel32.h:404
Definition: compat.h:836
#define ERROR_ACCESS_DISABLED_WEBBLADE_TAMPER
Definition: winerror.h:775
Referenced by CreateProcessInternalA(), and CreateProcessW().
◆ CreateProcessW()
| BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessW | ( | LPCWSTR | lpApplicationName, |
| LPWSTR | lpCommandLine, | ||
| LPSECURITY_ATTRIBUTES | lpProcessAttributes, | ||
| LPSECURITY_ATTRIBUTES | lpThreadAttributes, | ||
| BOOL | bInheritHandles, | ||
| DWORD | dwCreationFlags, | ||
| LPVOID | lpEnvironment, | ||
| LPCWSTR | lpCurrentDirectory, | ||
| LPSTARTUPINFOW | lpStartupInfo, | ||
| LPPROCESS_INFORMATION | lpProcessInformation | ||
| ) |
Definition at line 4598 of file proc.c.
4608{
4609 /* Call the internal (but exported) version */
4611 lpApplicationName,
4612 lpCommandLine,
4613 lpProcessAttributes,
4614 lpThreadAttributes,
4615 bInheritHandles,
4616 dwCreationFlags,
4617 lpEnvironment,
4618 lpCurrentDirectory,
4619 lpStartupInfo,
4620 lpProcessInformation,
4621 NULL);
4622}
Referenced by _wsystem(), AudioDlgProc(), CorDebug_CreateProcess(), CProcess::CProcess(), create_server(), CreateClientProcess(), CreateProcessAsUserW(), CreateProcessWithTokenW(), do_register_dll(), execute_command(), HotkeyThread(), IDirectInputAImpl_RunControlPanel(), install_wine_gecko(), InstallDevice(), InstallLiveCD(), ITERATE_RemoveExistingProducts(), CNetConnectionPropertyUi::LANPropertiesUIDlg(), launch_exe(), CNewMenu::NewItemByCommand(), ProcessPage_OnDebug(), register_dll(), run_child(), run_rapps(), run_winemenubuilder(), runCmd(), RunControlPanelApplet(), RunCurrentJobs(), runscriptfile(), RunSetupThreadProc(), ScmStartUserModeService(), SHELL_ExecuteW(), START_TEST(), StartChild(), StartLsass(), StartProcess(), StartServicesManager(), Test_CommandLine(), TestStaticDestruct(), UnhandledExceptionFilter(), WshExec_create(), and wWinMain().
◆ ExitProcess()
Definition at line 1487 of file proc.c.
1488{
1489 BASE_API_MESSAGE ApiMessage;
1491
1493
1494 _SEH2_TRY
1495 {
1496 /* Acquire the PEB lock */
1497 RtlAcquirePebLock();
1498
1499 /* Kill all the threads */
1501
1502 /* Unload all DLLs */
1503 LdrShutdownProcess();
1504
1505 /* Notify Base Server of process termination */
1506 ExitProcessRequest->uExitCode = uExitCode;
1508 NULL,
1510 sizeof(*ExitProcessRequest));
1511
1512 /* Now do it again */
1514 }
1515 _SEH2_FINALLY
1516 {
1517 /* Release the PEB lock */
1518 RtlReleasePebLock();
1519 }
1520 _SEH2_END;
1521
1522 /* should never get here */
1523 ASSERT(0);
1524 while(1);
1525}
Definition: basemsg.h:114
Referenced by _exit(), _font_assert(), _RunRemoteTest(), alarmThreadMain(), BaseProcessStartup(), BaseThreadStartup(), child_process(), CLRMetaHost_ExitProcess(), ConsoleControlDispatcher(), CorExitProcess(), CtrlCIntercept(), DbgkExitProcess(), DECLARE_INTERFACE_(), DefaultConsoleCtrlHandler(), DevInstallW(), DisplayError(), dll_entry_point(), doChild(), doDebugger(), ErrorExit(), exit(), ExitThread(), FatalAppExitA(), FatalAppExitW(), FatalExit(), Host_Quit(), IEWinMain(), init(), LoadProc(), local_server_proc(), LogToFile(), main(), MyErrExit(), performUninstall(), restart_as_admin_elevated(), RpcRaiseException(), ShowUsage(), START_TEST(), StringListAppend(), test__popen_child(), thread_1(), VdmShutdown(), WatchDirectory(), WinMain(), wmainCRTStartup(), and wWinMain().
◆ FatalAppExitA()
Definition at line 1562 of file proc.c.
1564{
1565 PUNICODE_STRING MessageTextU;
1566 ANSI_STRING MessageText;
1568
1569 /* Initialize the string using the static TEB pointer */
1570 MessageTextU = &NtCurrentTeb()->StaticUnicodeString;
1572
1573 /* Convert to unicode, or just exit normally if this failed */
1576
1577 /* Call the Wide function */
1579}
VOID WINAPI FatalAppExitW(IN UINT uAction, IN LPCWSTR lpMessageText)
Definition: proc.c:1586
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
◆ FatalAppExitW()
Definition at line 1586 of file proc.c.
1588{
1592
1593 /* Setup the string to print out */
1595
1596 /* Display the hard error no matter what */
1598 1,
1599 1,
1602 /* On Checked builds, Windows allows the user to cancel the operation */
1603 OptionOkCancel,
1604#else
1605 OptionOk,
1606#endif
1607 &Response);
1608
1609 /* Give the user a chance to abort */
1611 {
1612 return;
1613 }
1614
1615 /* Otherwise kill the process */
1616 ExitProcess(0);
1617}
Definition: ncftp.h:89
Definition: ntobjfs.cpp:135
Referenced by FatalAppExitA().
◆ FatalExit()
Definition at line 1624 of file proc.c.
1625{
1626#if DBG
1627 /* On Checked builds, Windows gives the user a nice little debugger UI */
1630
1631 /* Check for reactos specific flag (set by rosautotest) */
1633 {
1635 }
1636
1638 {
1641 {
1642 case 'B': case 'b':
1643 DbgBreakPoint();
1644 break;
1645
1646 case 'A': case 'a':
1647 ExitProcess(ExitCode);
1648
1649 case 'I': case 'i':
1650 return;
1651 }
1652 }
1653#endif
1654 /* On other builds, just kill the process */
1655 ExitProcess(ExitCode);
1656}
NTSYSAPI void WINAPI DbgBreakPoint(void)
DECLSPEC_NORETURN NTSYSAPI VOID NTAPI RtlRaiseStatus(_In_ NTSTATUS Status)
NTSYSAPI ULONG NTAPI DbgPrompt(_In_z_ PCCH Prompt, _Out_writes_bytes_(MaximumResponseLength) PCH Response, _In_ ULONG MaximumResponseLength)
_In_ WDFIOTARGET _In_ _Strict_type_match_ WDF_IO_TARGET_SENT_IO_ACTION Action
Definition: wdfiotarget.h:510
◆ FlushInstructionCache()
Definition at line 1463 of file proc.c.
1466{
1468
1469 /* Call the native function */
1472 {
1473 /* Handle failure case */
1476 }
1477
1478 /* All good */
1480}
NTSTATUS NTAPI NtFlushInstructionCache(_In_ HANDLE ProcessHandle, _In_opt_ PVOID BaseAddress, _In_ SIZE_T FlushSize)
Definition: virtual.c:3044
◆ GetCommandLineA()
Definition at line 2009 of file proc.c.
2010{
2012}
Referenced by crt_process_init(), DllMain(), doChild(), main(), START_TEST(), and wmain().
◆ GetCommandLineW()
Definition at line 2019 of file proc.c.
2020{
2022}
Referenced by _tmain(), CmdDebugService(), crt_process_init(), DisplayApplet(), DllMain(), doChild(), get_cmdline(), get_utf8_args(), main(), OpenSetupInf(), ProcessCommandLine(), restart_as_admin_elevated(), SHExplorerParseCmdLine(), START_TEST(), WinMain(), wmain(), wmainCRTStartup(), wWinMain(), and XCOPY_ParseCommandLine().
◆ GetCurrentProcess()
◆ GetCurrentProcessId()
Definition at line 1158 of file proc.c.
Referenced by __security_init_cookie(), _getpid(), _mktemp(), _wmktemp(), _wtmpnam(), AddPortW(), adns_getpid(), apartment_construct(), child_process(), ClientLoadLibrary(), CloseProcess(), CMP_RegisterNotification(), CoGetCurrentProcess(), CommitSpoolData(), ConfigurePortW(), CreateNotificationParamAndSend(), CreateProcessWithLogonW(), CreateToolhelp32Snapshot(), CURSORICON_CopyImage(), custom_start_server(), DirectDrawClipper_Initialize(), dll_entry_point(), do_msidbCustomActionTypeDll(), doChild(), doCrash(), DPLAYX_CreateLobbyApplication(), DPLAYX_IsAppIdLobbied(), EnumWindowsProc(), ExtractAndInstallThread(), FreeChangeNotifications(), generate_ipid(), get_cmdline(), GetProcessVersion(), GetSpoolFileHandle(), handle_msi_break(), IDirectPlayLobby3AImpl_SetConnectionSettings(), IDirectPlayLobby3Impl_SetConnectionSettings(), ImmGetImeMenuItemsAW(), Internal_CreatePalette(), Internal_CreateSurface(), IsBlockFromHeap(), LresultFromObject(), main(), NotifyInfo::modify(), new_stub_manager(), NotifyLogon(), ole_server(), openlog(), OutputDebugStringA(), ParseSharedPacket(), RegisterDragDrop(), RPC_ExecuteCall(), rpcrt4_protseq_ncacn_np_open_endpoint(), rpcrt4_protseq_ncalrpc_open_endpoint(), ScConnectControlPipe(), send_close_messages(), CNotifyToolbar::SendNotifyCallback(), ServerThread(), service_main(), SHAllocShared(), SHAppBarMessage(), SHFreeShared(), SHLockShared(), SHMapHandle(), START_TEST(), StartDirectDraw(), TelnetGetConsoleWindow(), terminate_processes(), test_AddSelfToJob(), test_alloc_shared(), test_alloc_shared_remote(), test_BreakawayOk(), Test_CloseDuplicatedSocket(), Test_CloseWhileSelectDuplicatedSocket(), test_debug_loop(), test_GetConsoleProcessList(), test_GetProcessVersion(), test_handles(), test_jobInheritance(), test_MessageBox(), test_OpenProcess(), test_process_info(), test_process_security_child(), Test_ProcessModules(), test_query_handle(), test_query_handle_ex(), test_query_object_types(), test_query_process_vm(), test_QueryFullProcessImageNameW(), test_readvirtualmemory(), test_session_info(), test_set_hook(), test_SHCreateSessionKey(), test_tcp(), test_Toolhelp(), test_udp(), test_Win32_Process(), test_winevents(), test_WithWSAStartup(), test_ws_functions(), TestChannelHook_ClientFillBuffer(), TestChannelHook_ClientGetSize(), TestChannelHook_ClientNotify(), TestChannelHook_ServerGetSize(), TestChannelHook_ServerNotify(), ThemeDestroyWndData(), tmpnam(), WDML_AddServer(), WinMain(), NotifyArea::WndProc(), FlatButton::WndProc(), and wWinMain().
◆ GetCurrentThread()
Definition at line 1148 of file proc.c.
Referenced by __threadhandle(), AccpLookupCurrentUser(), AuthzpInitUnderImpersonation(), ConsoleControlDispatcher(), DirectoryWatcherThreadFuncAPC(), dll_entry_point(), DwInitializeSdFromThreadToken(), CShellCommandSACL::Execute(), GetProfileType(), GetUserNameW(), IsCallerInteractive(), main(), OpenEffectiveToken(), priorityTimeProc(), Privilege(), RevertToPrinterSelf(), serverThreadMain2(), SlideWindow(), SockAsyncThread(), start_address_thread(), START_TEST(), test_affinity(), test_alertable(), test_CoWaitForMultipleHandles(), test_CreateDirectoryA(), test_CreatePipe(), test_FileSecurity(), test_GetNamedSecurityInfoA(), test_GetSecurityInfo(), test_GetWindowsAccountDomainSid(), test_ImpersonateNamedPipeClient(), test_impersonation_level(), test_MsgWaitForMultipleObjects(), test_nonalertable(), test_NtGetCurrentProcessorNumber(), test_pseudo_tokens(), test_read_write(), Test_SyscallPerformance(), test_thread_info(), test_thread_priority(), test_thread_processor(), test_thread_start_address(), Test_ThreadBasicInformationClass(), Test_ThreadPriorityClass(), test_WaitForMultipleObjects(), test_WaitForSingleObject(), ThreadFunc2(), threadFunc3(), WahOpenCurrentThread(), WaveThread(), wmain(), wWinMain(), and xmlGetGlobalState().
◆ GetExitCodeProcess()
Definition at line 1168 of file proc.c.
1170{
1171 PROCESS_BASIC_INFORMATION ProcessBasic;
1173
1174 /* Ask the kernel */
1176 ProcessBasicInformation,
1177 &ProcessBasic,
1178 sizeof(ProcessBasic),
1179 NULL);
1181 {
1182 /* We failed, was this because this is a VDM process? */
1184
1185 /* Not a VDM process, fail the call */
1188 }
1189
1190 /* Succes case, return the exit code */
1193}
BOOL WINAPI BaseCheckForVDM(IN HANDLE ProcessHandle, OUT LPDWORD ExitCode)
Definition: vdm.c:618
NTSTATUS NTAPI NtQueryInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _Out_ PVOID ProcessInformation, _In_ ULONG ProcessInformationLength, _Out_opt_ PULONG ReturnLength)
Definition: query.c:59
Definition: winternl.h:402
Referenced by _cwait(), _pclose(), CloseProcessAndVerify_(), cmd_start(), CommandThreadProc(), crash_and_debug(), crash_and_winedbg(), custom_get_process_return(), do_spawnT(), DoTestEntry(), Execute(), ExecutePipeline(), LauncherRoutine2(), MonitorChildThread(), ProcessRunning(), read_reg_output_(), restart_as_admin_elevated(), run_ex(), run_rapps(), run_reg_exe_(), run_script_file(), runcmd(), runCmd(), runscriptfile(), RunSetupThreadProc(), shell_execute_ex_(), TerminateShell(), test_CreateProcessWithDesktop(), test_ddeml_server(), test_DoInvalidDir(), test_end_to_end_server(), test_ExitCode(), test_ExitProcess(), test_Handles(), test_msg_server(), test_TerminateJobObject(), WshExec_get_Status(), and WshShell3_Run().
◆ GetPriorityClass()
Definition at line 1663 of file proc.c.
1664{
1667
1668 /* Query the kernel */
1670 ProcessPriorityClass,
1671 &PriorityClass,
1672 sizeof(PriorityClass),
1673 NULL);
1675 {
1676 /* Handle the conversion from NT to Win32 classes */
1677 switch (PriorityClass.PriorityClass)
1678 {
1685 }
1686 }
1687
1688 /* Failure path */
1690 return 0;
1691}
ActualNumberDriverObjects * sizeof(PDRIVER_OBJECT)) PDRIVER_OBJECT *DriverObjectList
Referenced by ProcessPageShowContextMenu(), and test_query_process_priority().
◆ GetProcessAffinityMask()
| BOOL WINAPI GetProcessAffinityMask | ( | IN HANDLE | hProcess, |
| OUT PDWORD_PTR | lpProcessAffinityMask, | ||
| OUT PDWORD_PTR | lpSystemAffinityMask | ||
| ) |
Definition at line 863 of file proc.c.
866{
867 PROCESS_BASIC_INFORMATION ProcessInfo;
869
870 /* Query information on the process from the kernel */
873 &ProcessInfo,
874 sizeof(ProcessInfo),
875 NULL);
877 {
878 /* Fail */
881 }
882
883 /* Copy the affinity mask, and get the system one from our shared data */
887}
KAFFINITY ActiveProcessorsAffinityMask
Definition: ntddk_ex.h:167
Referenced by AffinityDialogWndProc(), and test_thread_processor().
◆ GetProcessHandleCount()
Definition at line 1951 of file proc.c.
1953{
1954 ULONG phc;
1956
1957 /* Query the kernel */
1959 ProcessHandleCount,
1960 &phc,
1961 sizeof(phc),
1962 NULL);
1964 {
1965 /* Copy the count and return success */
1966 *pdwHandleCount = phc;
1968 }
1969
1970 /* Handle error path */
1973}
◆ GetProcessId()
Definition at line 1200 of file proc.c.
1201{
1202 PROCESS_BASIC_INFORMATION ProcessBasic;
1204
1205 /* Query the kernel */
1207 ProcessBasicInformation,
1208 &ProcessBasic,
1209 sizeof(ProcessBasic),
1210 NULL);
1212 {
1213 /* Handle failure */
1215 return 0;
1216 }
1217
1218 /* Return the PID */
1220}
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
◆ GetProcessIoCounters()
Definition at line 1867 of file proc.c.
1869{
1871
1872 /* Query the kernel. Structures are identical, so let it do the copy too. */
1874 ProcessIoCounters,
1875 lpIoCounters,
1877 NULL);
1879 {
1880 /* Handle error path */
1883 }
1884
1885 /* All done */
1887}
Definition: pstypes.h:82
Referenced by PerfDataRefresh().
◆ GetProcessPriorityBoost()
Definition at line 1894 of file proc.c.
1896{
1899
1900 /* Query the kernel */
1902 ProcessPriorityBoost,
1903 &PriorityBoost,
1905 NULL);
1907 {
1908 /* Convert from ULONG to a BOOL */
1911 }
1912
1913 /* Handle error path */
1916}
◆ GetProcessShutdownParameters()
Definition at line 920 of file proc.c.
922{
923 BASE_API_MESSAGE ApiMessage;
924 PBASE_GETSET_PROCESS_SHUTDOWN_PARAMS ShutdownParametersRequest = &ApiMessage.Data.ShutdownParametersRequest;
925
926 /* Ask CSRSS for shutdown information */
928 NULL,
930 sizeof(*ShutdownParametersRequest));
932 {
933 /* Return the failure from CSRSS */
936 }
937
938 /* Get the data back */
939 *lpdwLevel = ShutdownParametersRequest->ShutdownLevel;
940 *lpdwFlags = ShutdownParametersRequest->ShutdownFlags;
942}
BASE_GETSET_PROCESS_SHUTDOWN_PARAMS ShutdownParametersRequest
Definition: basemsg.h:294
◆ GetProcessTimes()
| BOOL WINAPI GetProcessTimes | ( | IN HANDLE | hProcess, |
| IN LPFILETIME | lpCreationTime, | ||
| IN LPFILETIME | lpExitTime, | ||
| IN LPFILETIME | lpKernelTime, | ||
| IN LPFILETIME | lpUserTime | ||
| ) |
Definition at line 1099 of file proc.c.
1104{
1105 KERNEL_USER_TIMES Kut;
1107
1108 /* Query the times */
1110 ProcessTimes,
1111 &Kut,
1112 sizeof(Kut),
1113 NULL);
1115 {
1116 /* Handle failure */
1119 }
1120
1121 /* Copy all the times and return success */
1131}
Definition: winternl.h:1059
struct _LARGE_INTEGER::@2299 u
◆ GetProcessVersion()
Definition at line 1766 of file proc.c.
1767{
1769 PIMAGE_NT_HEADERS NtHeader;
1770 PIMAGE_DOS_HEADER DosHeader;
1772 PROCESS_BASIC_INFORMATION ProcessBasicInfo;
1777 USHORT VersionData[2];
1779
1780 /* We'll be accessing stuff that can fault, so protect everything with SEH */
1781 _SEH2_TRY
1782 {
1783 /* It this an in-process or out-of-process request? */
1785 {
1786 /* It's in-process, so just read our own header */
1788 if (!NtHeader)
1789 {
1790 /* Unable to read the NT header, something is wrong here... */
1793 }
1794
1795 /* Get the version straight out of the NT header */
1798 }
1799 else
1800 {
1801 /* Out-of-process, so open it */
1803 FALSE,
1804 ProcessId);
1806
1807 /* Try to find out where its PEB lives */
1809 ProcessBasicInformation,
1810 &ProcessBasicInfo,
1811 sizeof(ProcessBasicInfo),
1812 NULL);
1813
1816
1817 /* Now that we have the PEB, read the image base address out of it */
1820 &BaseAddress,
1822 NULL);
1824
1825 /* Now read the e_lfanew (offset to NT header) from the base */
1826 DosHeader = BaseAddress;
1828 &DosHeader->e_lfanew,
1829 &e_lfanew,
1831 NULL);
1833
1834 /* And finally, read the NT header itself by adding the offset */
1838 &VersionData,
1839 sizeof(VersionData),
1840 NULL);
1842
1843 /* Get the version straight out of the NT header */
1845
1846Error:
1847 /* If there was an error anywhere, set the last error */
1849 }
1850 }
1851 _SEH2_FINALLY
1852 {
1853 /* Close the process handle */
1855 }
1856 _SEH2_END;
1857
1858 /* And return the version data */
1860}
HANDLE WINAPI OpenProcess(IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN DWORD dwProcessId)
Definition: proc.c:1227
Definition: ntddk_ex.h:99
_Must_inspect_result_ _In_ WDFDEVICE _In_ LPCGUID _Out_ PINTERFACE _In_ USHORT _In_ USHORT Version
Definition: wdffdo.h:469
Referenced by get_app_version(), GetSystemInfoInternal(), and test_GetProcessVersion().
◆ GetProcessWorkingSetSize()
| BOOL WINAPI GetProcessWorkingSetSize | ( | IN HANDLE | hProcess, |
| OUT PSIZE_T | lpMinimumWorkingSetSize, | ||
| OUT PSIZE_T | lpMaximumWorkingSetSize | ||
| ) |
Definition at line 1011 of file proc.c.
1014{
1015 DWORD Dummy;
1017 lpMinimumWorkingSetSize,
1018 lpMaximumWorkingSetSize,
1019 &Dummy);
1020}
BOOL WINAPI GetProcessWorkingSetSizeEx(IN HANDLE hProcess, OUT PSIZE_T lpMinimumWorkingSetSize, OUT PSIZE_T lpMaximumWorkingSetSize, OUT PDWORD Flags)
Definition: proc.c:978
◆ GetProcessWorkingSetSizeEx()
| BOOL WINAPI GetProcessWorkingSetSizeEx | ( | IN HANDLE | hProcess, |
| OUT PSIZE_T | lpMinimumWorkingSetSize, | ||
| OUT PSIZE_T | lpMaximumWorkingSetSize, | ||
| OUT PDWORD | Flags | ||
| ) |
Definition at line 978 of file proc.c.
982{
983 QUOTA_LIMITS_EX QuotaLimits;
985
986 /* Query the kernel about this */
988 ProcessQuotaLimits,
989 &QuotaLimits,
990 sizeof(QuotaLimits),
991 NULL);
993 {
994 /* Return error */
997 }
998
999 /* Copy the quota information out */
1000 *lpMinimumWorkingSetSize = QuotaLimits.MinimumWorkingSetSize;
1001 *lpMaximumWorkingSetSize = QuotaLimits.MaximumWorkingSetSize;
1004}
Definition: pstypes.h:67
Referenced by GetProcessWorkingSetSize().
◆ GetStartupInfoA()
| VOID WINAPI GetStartupInfoA | ( | IN LPSTARTUPINFOA | lpStartupInfo | ) |
Definition at line 1320 of file proc.c.
1321{
1323 ANSI_STRING TitleString, ShellString, DesktopString;
1324 LPSTARTUPINFOA StartupInfo;
1326
1327 /* Get the cached information as well as the PEB parameters */
1328 StartupInfo = BaseAnsiStartupInfo;
1330
1331 /* Check if this is the first time we have to get the cached version */
1332 while (!StartupInfo)
1333 {
1334 /* Create new ANSI startup info */
1335 StartupInfo = RtlAllocateHeap(RtlGetProcessHeap(),
1336 0,
1337 sizeof(*StartupInfo));
1338 if (StartupInfo)
1339 {
1340 /* Zero out string pointers in case we fail to create them */
1344
1345 /* Set the size */
1347
1348 /* Copy what's already stored in the PEB */
1363
1364 /* Copy shell info string */
1366 &Params->ShellInfo,
1367 TRUE);
1369 {
1370 /* Save it */
1372
1373 /* Copy desktop info string */
1375 &Params->DesktopInfo,
1376 TRUE);
1378 {
1379 /* Save it */
1381
1382 /* Copy window title string */
1384 &Params->WindowTitle,
1385 TRUE);
1387 {
1388 /* Save it */
1390
1391 /* We finished with the ANSI version, try to cache it */
1393 StartupInfo,
1394 NULL))
1395 {
1396 /* We were the first thread through, use the data */
1397 break;
1398 }
1399
1400 /* Someone beat us to it, use their data instead */
1401 StartupInfo = BaseAnsiStartupInfo;
1403
1404 /* We're going to free our own stuff, but not raise */
1405 RtlFreeAnsiString(&TitleString);
1406 }
1407 RtlFreeAnsiString(&DesktopString);
1408 }
1409 RtlFreeAnsiString(&ShellString);
1410 }
1411 RtlFreeHeap(RtlGetProcessHeap(), 0, StartupInfo);
1412 }
1413 else
1414 {
1415 /* No memory, fail */
1417 }
1418
1419 /* Raise an error unless we got here due to the race condition */
1421 }
1422
1423 /* Now copy from the cached ANSI version */
1424 lpStartupInfo->cb = StartupInfo->cb;
1425 lpStartupInfo->lpReserved = StartupInfo->lpReserved;
1426 lpStartupInfo->lpDesktop = StartupInfo->lpDesktop;
1427 lpStartupInfo->lpTitle = StartupInfo->lpTitle;
1428 lpStartupInfo->dwX = StartupInfo->dwX;
1429 lpStartupInfo->dwY = StartupInfo->dwY;
1430 lpStartupInfo->dwXSize = StartupInfo->dwXSize;
1431 lpStartupInfo->dwYSize = StartupInfo->dwYSize;
1432 lpStartupInfo->dwXCountChars = StartupInfo->dwXCountChars;
1433 lpStartupInfo->dwYCountChars = StartupInfo->dwYCountChars;
1434 lpStartupInfo->dwFillAttribute = StartupInfo->dwFillAttribute;
1435 lpStartupInfo->dwFlags = StartupInfo->dwFlags;
1436 lpStartupInfo->wShowWindow = StartupInfo->wShowWindow;
1437 lpStartupInfo->cbReserved2 = StartupInfo->cbReserved2;
1438 lpStartupInfo->lpReserved2 = StartupInfo->lpReserved2;
1439
1440 /* Check if the shell is hijacking the handles for other features */
1441 if (lpStartupInfo->dwFlags &
1443 {
1444 /* It isn't, so we can return the raw values */
1445 lpStartupInfo->hStdInput = StartupInfo->hStdInput;
1446 lpStartupInfo->hStdOutput = StartupInfo->hStdOutput;
1447 lpStartupInfo->hStdError = StartupInfo->hStdError;
1448 }
1449 else
1450 {
1451 /* It is, so make sure nobody uses these as console handles */
1452 lpStartupInfo->hStdInput = INVALID_HANDLE_VALUE;
1453 lpStartupInfo->hStdOutput = INVALID_HANDLE_VALUE;
1454 lpStartupInfo->hStdError = INVALID_HANDLE_VALUE;
1455 }
1456}
#define InterlockedCompareExchangePointer
Definition: interlocked.h:129
NTSYSAPI NTSTATUS NTAPI RtlUnicodeStringToAnsiString(PANSI_STRING DestinationString, PUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString)
NTSYSAPI VOID NTAPI RtlFreeAnsiString(PANSI_STRING AnsiString)
Definition: winbase.h:830
Referenced by doChild(), msvcrt_init_io(), test_Console(), test_DebuggingFlag(), test_Startup(), and test_SuspendFlag().
◆ GetStartupInfoW()
| VOID WINAPI GetStartupInfoW | ( | IN LPSTARTUPINFOW | lpStartupInfo | ) |
Definition at line 1279 of file proc.c.
1280{
1282
1283 /* Get the process parameters */
1285
1286 /* Copy the data out of there */
1288 lpStartupInfo->lpReserved = Params->ShellInfo.Buffer;
1289 lpStartupInfo->lpDesktop = Params->DesktopInfo.Buffer;
1290 lpStartupInfo->lpTitle = Params->WindowTitle.Buffer;
1291 lpStartupInfo->dwX = Params->StartingX;
1292 lpStartupInfo->dwY = Params->StartingY;
1293 lpStartupInfo->dwXSize = Params->CountX;
1294 lpStartupInfo->dwYSize = Params->CountY;
1295 lpStartupInfo->dwXCountChars = Params->CountCharsX;
1296 lpStartupInfo->dwYCountChars = Params->CountCharsY;
1297 lpStartupInfo->dwFillAttribute = Params->FillAttribute;
1298 lpStartupInfo->dwFlags = Params->WindowFlags;
1300 lpStartupInfo->cbReserved2 = Params->RuntimeData.Length;
1302
1303 /* Check if the standard handles are being used for other features */
1305 STARTF_USEHOTKEY |
1306 STARTF_SHELLPRIVATE))
1307 {
1308 /* These are, so copy the standard handles too */
1309 lpStartupInfo->hStdInput = Params->StandardInput;
1310 lpStartupInfo->hStdOutput = Params->StandardOutput;
1311 lpStartupInfo->hStdError = Params->StandardError;
1312 }
1313}
struct _STARTUPINFOW STARTUPINFOW
Referenced by doChild(), and wWinMain().
◆ InitCommandLines()
Definition at line 842 of file proc.c.
843{
845
846 /* Read the UNICODE_STRING from the PEB */
848
849 /* Convert to ANSI_STRING for the *A callers */
851 &BaseUnicodeCommandLine,
852 TRUE);
854}
Referenced by DllMain().
◆ IsWow64Process()
◆ OpenProcess()
| HANDLE WINAPI OpenProcess | ( | IN DWORD | dwDesiredAccess, |
| IN BOOL | bInheritHandle, | ||
| IN DWORD | dwProcessId | ||
| ) |
Definition at line 1227 of file proc.c.
1230{
1235
1236 /* Setup the input client ID structure */
1239
1240 /* This is needed just to define the inheritance flags */
1242 NULL,
1244 NULL,
1245 NULL);
1246
1247 /* Now try to open the process */
1249 dwDesiredAccess,
1250 &ObjectAttributes,
1251 &ClientId);
1253 {
1254 /* Handle failure */
1257 }
1258
1259 /* Otherwise return a handle to the process */
1261}
NTSTATUS NTAPI NtOpenProcess(OUT PHANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PCLIENT_ID ClientId)
Definition: process.c:1440
Referenced by _DoDLLInjection(), _RpcCommitSpoolData2(), _RpcGetSpoolFileInfo2(), _tWinMain(), CIconWatcher::AddIconToWatcher(), appbar_message(), child_process(), CloseProcess(), CloseProcessAndVerify_(), debugcontrol_WaitForEvent(), dll_entry_point(), doChild(), DoSetPriority(), ExecuteKill(), get_droptarget_local_handle(), get_process_name_from_pid(), GetOwnerModuleFromPidEntry(), GetProcessExecutablePathById(), GetProcessHandleFromHwnd(), GetProcessVersion(), GetThemeServiceProcessHandle(), Ghost_DestroyTarget(), IsProcessRunning(), ObjectFromLresult(), PerfDataGetCommandLine(), PerfDataRefresh(), PNP_ReportLogOn(), ProcessKeys(), ProcessList_Update(), ProcessPage_OnEndProcess(), ProcessPage_OnEndProcessTree(), ProcessPage_OnSetAffinity(), ProcessPageShowContextMenu(), ProcessRunning(), SeclCreateProcessWithLogonW(), SHMapHandle(), ShutdownProcessTreeHelper(), START_TEST(), terminate_processes(), test_ExitProcess(), test_OpenProcess(), test_process_info(), test_process_security_child(), test_query_process_handlecount(), test_query_process_times(), test_query_process_vm(), test_QueryFullProcessImageNameW(), test_readvirtualmemory(), test_RtlQueryPackageIdentity(), test_shell_window(), test_token_security_descriptor(), test_Toolhelp(), test_ws_functions(), Toolhelp32ReadProcessMemory(), WSPDuplicateSocket(), and wWinMain().
◆ ProcessIdToSessionId()
Definition at line 2181 of file proc.c.
2183{
2184 PROCESS_SESSION_INFORMATION SessionInformation;
2189
2190 /* Do a quick check if the pointer is not writable */
2192 {
2193 /* Fail fast */
2196 }
2197
2198 /* Open the process passed in by ID */
2204 &ObjectAttributes,
2205 &ClientId);
2207 {
2208 /* Query the session ID from the kernel */
2211 &SessionInformation,
2212 sizeof(SessionInformation),
2213 NULL);
2214
2215 /* Close the handle and check if we succeeded */
2218 {
2219 /* Return the session ID */
2220 *pSessionId = SessionInformation.SessionId;
2222 }
2223 }
2224
2225 /* Set error code and fail */
2228}
Definition: pstypes.h:383
Referenced by AddPortW(), ConfigurePortW(), and test_SHCreateSessionKey().
◆ ReadProcessMemory()
| BOOL NTAPI ReadProcessMemory | ( | IN HANDLE | hProcess, |
| IN LPCVOID | lpBaseAddress, | ||
| IN LPVOID | lpBuffer, | ||
| IN SIZE_T | nSize, | ||
| OUT SIZE_T * | lpNumberOfBytesRead | ||
| ) |
◆ RegisterWaitForInputIdle() [1/2]
| VOID WINAPI RegisterWaitForInputIdle | ( | IN WaitForInputIdleType | lpfnRegisterWaitForInputIdle | ) |
Definition at line 1268 of file proc.c.
1269{
1270 /* Write the global function pointer */
1271 UserWaitForInputIdleRoutine = lpfnRegisterWaitForInputIdle;
1272}
◆ RegisterWaitForInputIdle() [2/2]
| VOID WINAPI RegisterWaitForInputIdle | ( | WaitForInputIdleType | lpfnRegisterWaitForInputIdle | ) |
◆ SetPriorityClass()
Definition at line 1698 of file proc.c.
1700{
1703 PROCESS_PRIORITY_CLASS PriorityClass;
1704
1705 /* Handle conversion from Win32 to NT priority classes */
1706 switch (dwPriorityClass)
1707 {
1710 break;
1711
1714 break;
1715
1718 break;
1719
1722 break;
1723
1726 break;
1727
1729 /* Try to acquire the privilege. If it fails, just use HIGH */
1733 break;
1734
1735 default:
1736 /* Unrecognized priority classes don't make it to the kernel */
1739 }
1740
1741 /* Send the request to the kernel, and don't touch the foreground flag */
1744 ProcessPriorityClass,
1745 &PriorityClass,
1747
1748 /* Release the privilege if we had it */
1751 {
1752 /* Handle error path */
1755 }
1756
1757 /* All done */
1759}
Definition: stack_allocator.h:18
Referenced by CsrSetPriorityClass(), DoSetPriority(), main(), test_query_process_priority(), UpdatePriority(), and wWinMain().
◆ SetProcessAffinityMask()
Definition at line 894 of file proc.c.
896{
898
899 /* Directly set the affinity mask */
901 ProcessAffinityMask,
902 (PVOID)&dwProcessAffinityMask,
903 sizeof(dwProcessAffinityMask));
905 {
906 /* Handle failure */
909 }
910
911 /* Everything was ok */
913}
Referenced by AffinityDialogWndProc(), and cmd_start().
◆ SetProcessPriorityBoost()
Definition at line 1923 of file proc.c.
1925{
1928
1929 /* Enforce that this is a BOOL, and send it to the kernel as a ULONG */
1932 ProcessPriorityBoost,
1933 &PriorityBoost,
1936 {
1937 /* Handle error path */
1940 }
1941
1942 /* All done */
1944}
◆ SetProcessShutdownParameters()
Definition at line 949 of file proc.c.
951{
952 BASE_API_MESSAGE ApiMessage;
953 PBASE_GETSET_PROCESS_SHUTDOWN_PARAMS ShutdownParametersRequest = &ApiMessage.Data.ShutdownParametersRequest;
954
955 /* Write the data into the CSRSS request and send it */
956 ShutdownParametersRequest->ShutdownLevel = dwLevel;
959 NULL,
961 sizeof(*ShutdownParametersRequest));
963 {
964 /* Return the failure from CSRSS */
967 }
968
969 /* All went well */
971}
Referenced by _tWinMain(), and wWinMain().
◆ SetProcessWorkingSetSize()
| BOOL WINAPI SetProcessWorkingSetSize | ( | IN HANDLE | hProcess, |
| IN SIZE_T | dwMinimumWorkingSetSize, | ||
| IN SIZE_T | dwMaximumWorkingSetSize | ||
| ) |
Definition at line 1083 of file proc.c.
1086{
1087 /* Call the newer API */
1089 dwMinimumWorkingSetSize,
1090 dwMaximumWorkingSetSize,
1091 0);
1092}
BOOL WINAPI SetProcessWorkingSetSizeEx(IN HANDLE hProcess, IN SIZE_T dwMinimumWorkingSetSize, IN SIZE_T dwMaximumWorkingSetSize, IN DWORD Flags)
Definition: proc.c:1027
◆ SetProcessWorkingSetSizeEx()
| BOOL WINAPI SetProcessWorkingSetSizeEx | ( | IN HANDLE | hProcess, |
| IN SIZE_T | dwMinimumWorkingSetSize, | ||
| IN SIZE_T | dwMaximumWorkingSetSize, | ||
| IN DWORD | Flags | ||
| ) |
Definition at line 1027 of file proc.c.
1031{
1032 QUOTA_LIMITS_EX QuotaLimits;
1037
1038 /* Zero out the input structure */
1040
1041 /* Check if the caller sent any limits */
1042 if ((dwMinimumWorkingSetSize) && (dwMaximumWorkingSetSize))
1043 {
1044 /* Write the quota information */
1045 QuotaLimits.MinimumWorkingSetSize = dwMinimumWorkingSetSize;
1046 QuotaLimits.MaximumWorkingSetSize = dwMaximumWorkingSetSize;
1048
1049 /* Acquire the required privilege */
1051
1052 /* Request the new quotas */
1054 ProcessQuotaLimits,
1055 &QuotaLimits,
1056 sizeof(QuotaLimits));
1059 {
1060 /* Release the privilege and set succes code */
1064 }
1065 }
1066 else
1067 {
1068 /* No limits, fail the call */
1069 ReturnStatus = STATUS_INVALID_PARAMETER;
1071 }
1072
1073 /* Return result code, set error code if this was a failure */
1076}
Referenced by SetProcessWorkingSetSize().
◆ StuffStdHandle()
| VOID WINAPI StuffStdHandle | ( | IN HANDLE | ProcessHandle, |
| IN HANDLE | StandardHandle, | ||
| IN PHANDLE | Address | ||
| ) |
Definition at line 57 of file proc.c.
60{
62 HANDLE DuplicatedHandle;
63 SIZE_T NumberOfBytesWritten;
64
65 /* If there is no handle to duplicate, return immediately */
66 if (!StandardHandle) return;
67
68 /* Duplicate the handle */
70 StandardHandle,
71 ProcessHandle,
72 &DuplicatedHandle,
73 0,
74 0,
78
79 /* Write it */
81 Address,
82 &DuplicatedHandle,
84 &NumberOfBytesWritten);
85}
NTSTATUS NTAPI NtDuplicateObject(IN HANDLE SourceProcessHandle, IN HANDLE SourceHandle, IN HANDLE TargetProcessHandle OPTIONAL, OUT PHANDLE TargetHandle OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG HandleAttributes, IN ULONG Options)
Definition: obhandle.c:3410
#define DUPLICATE_SAME_ACCESS
Referenced by CreateProcessInternalW().
◆ TerminateProcess()
Definition at line 1532 of file proc.c.
1534{
1536
1537 /* Check if no handle was passed in */
1539 {
1540 /* Set error code */
1542 }
1543 else
1544 {
1545 /* Otherwise, try to terminate the process */
1548
1549 /* It failed, convert error code */
1551 }
1552
1553 /* This is the failure path */
1555}
Referenced by _tWinMain(), child_process(), Telnet::Close(), CloseProcess(), CorDebug_CreateProcess(), cordebugprocess_Terminate(), CPlApplet(), crash_and_debug(), CreateProcessAsUserCommon(), do_register_dll(), DoTestEntry(), ExecuteKill(), ExecutePipeline(), Ghost_DestroyTarget(), ProcessKeys(), ProcessPage_OnEndProcess(), read_reg_output_(), run_ex(), run_reg_exe_(), run_regedit_exe_(), runcmd(), ScreenSaverConfig(), ScreenSaverPageProc(), ScreenSaverPreview(), SetScreenSaverPreviewBox(), ShutdownProcessTreeHelper(), START_TEST(), StartScreenSaver(), terminate_processes(), TerminateShell(), test_apc_deadlock(), test_BreakawayOk(), test_CompletionPort(), test_CreateRemoteThread(), test_Directory(), TEST_DoTestEntryStruct(), test_EnumProcessModules(), test_ExitProcess(), test_GetProcessVersion(), test_IsProcessInJob(), test_IsWow64Process(), test_KillOnJobClose(), Test_layers(), test_NtMapViewOfSection(), test_NtSuspendProcess(), test_overlapped_transport(), test_process_access(), test_QueryInformationJobObject(), Test_repeatlayer(), test_RtlQueryPackageIdentity(), test_RunSetupCommand(), test_section_access(), test_shell_window(), test_TerminateJobObject(), test_TerminateProcess(), test_VirtualAllocEx(), test_WaitForInputIdle(), test_WaitForJobObject(), TestTerminateProcess(), WshExec_Terminate(), wWinMain(), and CProcess::~CProcess().
◆ WinExec()
| UINT WINAPI DECLSPEC_HOTPATCH WinExec | ( | LPCSTR | lpCmdLine, |
| UINT | uCmdShow | ||
| ) |
Definition at line 4779 of file proc.c.
4781{
4782 STARTUPINFOA StartupInfo;
4783 PROCESS_INFORMATION ProcessInformation;
4784 DWORD dosErr;
4785
4789 StartupInfo.dwFlags = 0;
4790
4792 (PVOID)lpCmdLine,
4793 NULL,
4794 NULL,
4795 FALSE,
4796 0,
4797 NULL,
4798 NULL,
4799 &StartupInfo,
4800 &ProcessInformation))
4801 {
4802 dosErr = GetLastError();
4804 }
4805
4807 {
4809 10000);
4810 }
4811
4814
4815 return 33; /* Something bigger than 31 means success. */
4816}
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessA(LPCSTR lpApplicationName, LPSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCSTR lpCurrentDirectory, LPSTARTUPINFOA lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
Definition: proc.c:4747
Definition: winbase.h:872
struct _STARTUPINFOA STARTUPINFOA
Referenced by DefWndHandleSysCommand(), RunBatch(), RunBookmarkEditor(), ScreenSaverPageProc(), ShowFolderOptionsDialog(), and WinHelpA().
◆ WriteProcessMemory()
| BOOL NTAPI WriteProcessMemory | ( | IN HANDLE | hProcess, |
| IN LPVOID | lpBaseAddress, | ||
| IN LPCVOID | lpBuffer, | ||
| IN SIZE_T | nSize, | ||
| OUT SIZE_T * | lpNumberOfBytesWritten | ||
| ) |
Definition at line 2062 of file proc.c.
2067{
2069 ULONG OldValue;
2073
2074 /* Set parameters for protect call */
2076 Base = lpBaseAddress;
2077
2078 /* Check the current status */
2080 &Base,
2081 &RegionSize,
2082 PAGE_EXECUTE_READWRITE,
2083 &OldValue);
2085 {
2086 /* Check if we are unprotecting */
2088 PAGE_WRITECOPY |
2089 PAGE_EXECUTE_READWRITE |
2092 {
2093 /* Set the new protection */
2095 &Base,
2096 &RegionSize,
2097 OldValue,
2098 &OldValue);
2099
2100 /* Write the memory */
2102 lpBaseAddress,
2104 nSize,
2105 &nSize);
2106
2107 /* In Win32, the parameter is optional, so handle this case */
2109
2111 {
2112 /* We failed */
2115 }
2116
2117 /* Flush the ITLB */
2120 }
2121 else
2122 {
2123 /* Check if we were read only */
2125 {
2126 /* Restore protection and fail */
2128 &Base,
2129 &RegionSize,
2130 OldValue,
2131 &OldValue);
2133
2134 /* Note: This is what Windows returns and code depends on it */
2136 }
2137
2138 /* Otherwise, do the write */
2140 lpBaseAddress,
2142 nSize,
2143 &nSize);
2144
2145 /* In Win32, the parameter is optional, so handle this case */
2147
2148 /* And restore the protection */
2150 &Base,
2151 &RegionSize,
2152 OldValue,
2153 &OldValue);
2155 {
2156 /* We failed */
2158
2159 /* Note: This is what Windows returns and code depends on it */
2161 }
2162
2163 /* Flush the ITLB */
2166 }
2167 }
2168 else
2169 {
2170 /* We failed */
2173 }
2174}
NTSTATUS NTAPI NtProtectVirtualMemory(IN HANDLE ProcessHandle, IN OUT PVOID *UnsafeBaseAddress, IN OUT SIZE_T *UnsafeNumberOfBytesToProtect, IN ULONG NewAccessProtection, OUT PULONG UnsafeOldAccessProtection)
Definition: virtual.c:3111
Definition: delayimp.cpp:64
Referenced by _DoDLLInjection(), and test_VirtualAllocEx().
Variable Documentation
◆ BaseAnsiCommandLine
| ANSI_STRING BaseAnsiCommandLine |
Definition at line 22 of file proc.c.
Referenced by GetCommandLineA(), and InitCommandLines().
◆ BaseAnsiStartupInfo
| LPSTARTUPINFOA BaseAnsiStartupInfo = NULL |
Definition at line 24 of file proc.c.
Referenced by GetStartupInfoA().
◆ BasepAppCertDllsList
| LIST_ENTRY BasepAppCertDllsList |
Definition at line 28 of file proc.c.
Referenced by BasepIsProcessAllowed(), and DllMain().
◆ BasepAppCertTable
| RTL_QUERY_REGISTRY_TABLE BasepAppCertTable[2] |
Initial value:
=
{
{
1,
L"AppCertDlls",
0,
NULL,
0
}
}
NTSTATUS NTAPI BasepConfigureAppCertDlls(IN PWSTR ValueName, IN ULONG ValueType, IN PVOID ValueData, IN ULONG ValueLength, IN PVOID Context, IN PVOID EntryContext)
Definition: proc.c:189
Definition at line 32 of file proc.c.
Referenced by BasepIsProcessAllowed().
◆ BasePathVariableName
| UNICODE_STRING BasePathVariableName = RTL_CONSTANT_STRING(L"PATH") |
Definition at line 23 of file proc.c.
Referenced by BasepComputeProcessPath().
◆ BasepExeLdrEntry
| PLDR_DATA_TABLE_ENTRY BasepExeLdrEntry |
Definition at line 25 of file proc.c.
Referenced by BasepComputeProcessPath(), BasepLocateExeLdrEntry(), and LoadLibraryExW().
◆ BaseUnicodeCommandLine
| UNICODE_STRING BaseUnicodeCommandLine |
Definition at line 21 of file proc.c.
Referenced by GetCommandLineW(), and InitCommandLines().
◆ fEmbeddedCertFunc
| PBASEP_APPCERT_EMBEDDED_FUNC fEmbeddedCertFunc |
Definition at line 30 of file proc.c.
Referenced by BasepIsProcessAllowed().
◆ g_AppCertInitialized
| BOOLEAN g_AppCertInitialized |
Definition at line 26 of file proc.c.
Referenced by BasepIsProcessAllowed().
◆ g_AppCertStatus
| NTSTATUS g_AppCertStatus |
Definition at line 31 of file proc.c.
Referenced by BasepIsProcessAllowed().
◆ g_HaveAppCerts
| BOOLEAN g_HaveAppCerts |
Definition at line 27 of file proc.c.
Referenced by BasepIsProcessAllowed().
◆ g_SaferReplaceProcessThreadTokens
| PSAFER_REPLACE_PROCESS_THREAD_TOKENS g_SaferReplaceProcessThreadTokens |
Definition at line 45 of file proc.c.
Referenced by BasepReplaceProcessThreadTokens().
◆ gcsAppCert
| RTL_CRITICAL_SECTION gcsAppCert |
Definition at line 29 of file proc.c.
Referenced by BasepIsProcessAllowed(), BasepReplaceProcessThreadTokens(), and DllMain().
◆ gSaferHandle
Definition at line 46 of file proc.c.
Referenced by BasepReplaceProcessThreadTokens().
◆ UserWaitForInputIdleRoutine
| WaitForInputIdleType UserWaitForInputIdleRoutine |
Definition at line 20 of file proc.c.
Referenced by LoadModule(), RegisterWaitForInputIdle(), and WinExec().
