ReactOS  0.4.15-dev-1068-g467feb9
ntdllp.h File Reference
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  _LDRP_TLS_DATA
 

Macros

#define LDR_HASH_TABLE_ENTRIES   32
 
#define LDR_GET_HASH_ENTRY(x)   (RtlUpcaseUnicodeChar((x)) & (LDR_HASH_TABLE_ENTRIES - 1))
 
#define LDRP_UPDATE_REFCOUNT   0x01
 
#define LDRP_UPDATE_DEREFCOUNT   0x02
 
#define LDRP_UPDATE_PIN   0x03
 
#define IMAGE_LOADER_FLAGS_COMPLUS   0x00000001
 
#define IMAGE_LOADER_FLAGS_SYSTEM_GLOBAL   0x01000000
 
#define DPH_FLAG_DLL_NOTIFY   0x40
 

Typedefs

typedef struct _LDRP_TLS_DATA LDRP_TLS_DATA
 
typedef struct _LDRP_TLS_DATAPLDRP_TLS_DATA
 
typedef NTSTATUS(NTAPIPLDR_APP_COMPAT_DLL_REDIRECTION_CALLBACK_FUNCTION) (_In_ ULONG Flags, _In_ PCWSTR DllName, _In_ PCWSTR DllPath OPTIONAL, _Inout_opt_ PULONG DllCharacteristics, _In_ PVOID CallbackData, _Outptr_ PWSTR *EffectiveDllPath)
 
typedef NTSTATUS(NTAPIPEPFUNC) (PPEB)
 

Functions

NTSTATUS NTAPI LdrpRunInitializeRoutines (IN PCONTEXT Context OPTIONAL)
 
VOID NTAPI LdrpInitializeThread (IN PCONTEXT Context)
 
NTSTATUS NTAPI LdrpInitializeTls (VOID)
 
NTSTATUS NTAPI LdrpAllocateTls (VOID)
 
VOID NTAPI LdrpFreeTls (VOID)
 
VOID NTAPI LdrpCallTlsInitializers (IN PLDR_DATA_TABLE_ENTRY LdrEntry, IN ULONG Reason)
 
BOOLEAN NTAPI LdrpCallInitRoutine (IN PDLL_INIT_ROUTINE EntryPoint, IN PVOID BaseAddress, IN ULONG Reason, IN PVOID Context)
 
NTSTATUS NTAPI LdrpInitializeProcess (IN PCONTEXT Context, IN PVOID SystemArgument1)
 
VOID NTAPI LdrpInitFailure (NTSTATUS Status)
 
VOID NTAPI LdrpValidateImageForMp (IN PLDR_DATA_TABLE_ENTRY LdrDataTableEntry)
 
VOID NTAPI LdrpEnsureLoaderLockIsHeld (VOID)
 
NTSTATUS NTAPI LdrpSnapThunk (IN PVOID ExportBase, IN PVOID ImportBase, IN PIMAGE_THUNK_DATA OriginalThunk, IN OUT PIMAGE_THUNK_DATA Thunk, IN PIMAGE_EXPORT_DIRECTORY ExportEntry, IN ULONG ExportSize, IN BOOLEAN Static, IN LPSTR DllName)
 
NTSTATUS NTAPI LdrpWalkImportDescriptor (IN LPWSTR DllPath OPTIONAL, IN PLDR_DATA_TABLE_ENTRY LdrEntry)
 
NTSTATUS NTAPI LdrpGetProcedureAddress (IN PVOID BaseAddress, IN PANSI_STRING Name, IN ULONG Ordinal, OUT PVOID *ProcedureAddress, IN BOOLEAN ExecuteInit)
 
PLDR_DATA_TABLE_ENTRY NTAPI LdrpAllocateDataTableEntry (IN PVOID BaseAddress)
 
VOID NTAPI LdrpInsertMemoryTableEntry (IN PLDR_DATA_TABLE_ENTRY LdrEntry)
 
NTSTATUS NTAPI LdrpLoadDll (IN BOOLEAN Redirected, IN PWSTR DllPath OPTIONAL, IN PULONG DllCharacteristics OPTIONAL, IN PUNICODE_STRING DllName, OUT PVOID *BaseAddress, IN BOOLEAN CallInit)
 
VOID NTAPI LdrpUpdateLoadCount2 (IN PLDR_DATA_TABLE_ENTRY LdrEntry, IN ULONG Flags)
 
ULONG NTAPI LdrpClearLoadInProgress (VOID)
 
NTSTATUS NTAPI LdrpSetProtection (PVOID ViewBase, BOOLEAN Restore)
 
BOOLEAN NTAPI LdrpCheckForLoadedDllHandle (IN PVOID Base, OUT PLDR_DATA_TABLE_ENTRY *LdrEntry)
 
BOOLEAN NTAPI LdrpCheckForLoadedDll (IN PWSTR DllPath, IN PUNICODE_STRING DllName, IN BOOLEAN Flag, IN BOOLEAN RedirectedDll, OUT PLDR_DATA_TABLE_ENTRY *LdrEntry)
 
NTSTATUS NTAPI LdrpMapDll (IN PWSTR SearchPath OPTIONAL, IN PWSTR DllPath2, IN PWSTR DllName OPTIONAL, IN PULONG DllCharacteristics, IN BOOLEAN Static, IN BOOLEAN Redirect, OUT PLDR_DATA_TABLE_ENTRY *DataTableEntry)
 
PVOID NTAPI LdrpFetchAddressOfEntryPoint (PVOID ImageBase)
 
VOID NTAPI LdrpFreeUnicodeString (PUNICODE_STRING String)
 
VOID NTAPI LdrpRecordUnloadEvent (_In_ PLDR_DATA_TABLE_ENTRY LdrEntry)
 
VOID NTAPI LdrpGetShimEngineInterface (VOID)
 
VOID NTAPI LdrpLoadShimEngine (IN PWSTR ImageName, IN PUNICODE_STRING ProcessImage, IN PVOID pShimData)
 
VOID NTAPI LdrpUnloadShimEngine (VOID)
 
NTSTATUS NTAPI LdrpInitializeApplicationVerifierPackage (IN HANDLE KeyHandle, IN PPEB Peb, IN BOOLEAN SystemWide, IN BOOLEAN ReadAdvancedOptions)
 
NTSTATUS NTAPI AVrfInitializeVerifier (VOID)
 
VOID NTAPI AVrfDllLoadNotification (IN PLDR_DATA_TABLE_ENTRY LdrEntry)
 
VOID NTAPI AVrfDllUnloadNotification (IN PLDR_DATA_TABLE_ENTRY LdrEntry)
 
VOID NTAPI AVrfPageHeapDllNotification (IN PLDR_DATA_TABLE_ENTRY LdrEntry)
 
NTSTATUS LdrMapSections (HANDLE ProcessHandle, PVOID ImageBase, HANDLE SectionHandle, PIMAGE_NT_HEADERS NTHeaders)
 
NTSTATUS LdrMapNTDllForProcess (HANDLE ProcessHandle, PHANDLE NTDllSectionHandle)
 
ULONG LdrpGetResidentSize (PIMAGE_NT_HEADERS NTHeaders)
 
NTSTATUS NTAPI LdrpLoadImportModule (IN PWSTR DllPath OPTIONAL, IN LPSTR ImportName, OUT PLDR_DATA_TABLE_ENTRY *DataTableEntry, OUT PBOOLEAN Existing)
 
VOID NTAPI LdrpFinalizeAndDeallocateDataTableEntry (IN PLDR_DATA_TABLE_ENTRY Entry)
 
BOOLEAN NTAPI RtlDoesFileExists_UStr (IN PUNICODE_STRING FileName)
 

Variables

RTL_CRITICAL_SECTION LdrpLoaderLock
 
BOOLEAN LdrpInLdrInit
 
PVOID LdrpHeap
 
LIST_ENTRY LdrpHashTable [LDR_HASH_TABLE_ENTRIES]
 
BOOLEAN ShowSnaps
 
UNICODE_STRING LdrpDefaultPath
 
HANDLE LdrpKnownDllObjectDirectory
 
ULONG LdrpNumberOfProcessors
 
ULONG LdrpFatalHardErrorCount
 
PUNICODE_STRING LdrpTopLevelDllBeingLoaded
 
PLDR_DATA_TABLE_ENTRY LdrpCurrentDllInitializer
 
UNICODE_STRING LdrApiDefaultExtension
 
BOOLEAN LdrpLdrDatabaseIsSetup
 
ULONG LdrpActiveUnloadCount
 
BOOLEAN LdrpShutdownInProgress
 
UNICODE_STRING LdrpKnownDllPath
 
PLDR_DATA_TABLE_ENTRY LdrpGetModuleHandleCache
 
PLDR_DATA_TABLE_ENTRY LdrpLoadedDllHandleCache
 
BOOLEAN RtlpPageHeapEnabled
 
ULONG RtlpDphGlobalFlags
 
BOOLEAN g_ShimsEnabled
 
PVOID g_pShimEngineModule
 
PVOID g_pfnSE_DllLoaded
 
PVOID g_pfnSE_DllUnloaded
 
PVOID g_pfnSE_InstallBeforeInit
 
PVOID g_pfnSE_InstallAfterInit
 
PVOID g_pfnSE_ProcessDying
 

Macro Definition Documentation

◆ DPH_FLAG_DLL_NOTIFY

#define DPH_FLAG_DLL_NOTIFY   0x40

Definition at line 24 of file ntdllp.h.

◆ IMAGE_LOADER_FLAGS_COMPLUS

#define IMAGE_LOADER_FLAGS_COMPLUS   0x00000001

Definition at line 20 of file ntdllp.h.

◆ IMAGE_LOADER_FLAGS_SYSTEM_GLOBAL

#define IMAGE_LOADER_FLAGS_SYSTEM_GLOBAL   0x01000000

Definition at line 21 of file ntdllp.h.

◆ LDR_GET_HASH_ENTRY

#define LDR_GET_HASH_ENTRY (   x)    (RtlUpcaseUnicodeChar((x)) & (LDR_HASH_TABLE_ENTRIES - 1))

Definition at line 12 of file ntdllp.h.

◆ LDR_HASH_TABLE_ENTRIES

#define LDR_HASH_TABLE_ENTRIES   32

Definition at line 11 of file ntdllp.h.

◆ LDRP_UPDATE_DEREFCOUNT

#define LDRP_UPDATE_DEREFCOUNT   0x02

Definition at line 16 of file ntdllp.h.

◆ LDRP_UPDATE_PIN

#define LDRP_UPDATE_PIN   0x03

Definition at line 17 of file ntdllp.h.

◆ LDRP_UPDATE_REFCOUNT

#define LDRP_UPDATE_REFCOUNT   0x01

Definition at line 15 of file ntdllp.h.

Typedef Documentation

◆ LDRP_TLS_DATA

◆ PEPFUNC

typedef NTSTATUS(NTAPI * PEPFUNC) (PPEB)

Definition at line 198 of file ntdllp.h.

◆ PLDR_APP_COMPAT_DLL_REDIRECTION_CALLBACK_FUNCTION

typedef NTSTATUS(NTAPI* PLDR_APP_COMPAT_DLL_REDIRECTION_CALLBACK_FUNCTION) (_In_ ULONG Flags, _In_ PCWSTR DllName, _In_ PCWSTR DllPath OPTIONAL, _Inout_opt_ PULONG DllCharacteristics, _In_ PVOID CallbackData, _Outptr_ PWSTR *EffectiveDllPath)

Definition at line 34 of file ntdllp.h.

◆ PLDRP_TLS_DATA

Function Documentation

◆ AVrfDllLoadNotification()

VOID NTAPI AVrfDllLoadNotification ( IN PLDR_DATA_TABLE_ENTRY  LdrEntry)

Definition at line 294 of file verifier.c.

295 {
297 
299  return;
300 
302  if (!AVrfpIsVerifierProviderDll(LdrEntry->DllBase))
303  {
304  AvrfpResolveThunks(LdrEntry);
305 
307  {
309  RTL_VERIFIER_DLL_LOAD_CALLBACK ProviderDllLoadCallback;
310 
312 
313  ProviderDllLoadCallback = Provider->ProviderDllLoadCallback;
314  if (ProviderDllLoadCallback)
315  {
316  ProviderDllLoadCallback(LdrEntry->BaseDllName.Buffer,
317  LdrEntry->DllBase,
318  LdrEntry->SizeOfImage,
319  LdrEntry);
320  }
321  }
322  }
324 }
RTL_CRITICAL_SECTION AVrfpVerifierLock
Definition: verifier.c:21
struct _Entry Entry
Definition: kefuncs.h:627
VOID(NTAPI * RTL_VERIFIER_DLL_LOAD_CALLBACK)(PWSTR DllName, PVOID DllBase, SIZE_T DllSize, PVOID Reserved)
Definition: verifier.h:6
BOOLEAN AVrfpIsVerifierProviderDll(PVOID BaseAddress)
Definition: verifier.c:103
NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
LIST_ENTRY AVrfpVerifierProvidersList
Definition: verifier.c:22
NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
#define FLG_APPLICATION_VERIFIER
Definition: pstypes.h:64
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
VOID AvrfpResolveThunks(IN PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: verifier.c:235
Definition: typedefs.h:119
#define NtCurrentPeb()
Definition: FLS.c:20
ULONG NtGlobalFlag
Definition: init.c:52
base of all file and directory entries
Definition: entries.h:82

Referenced by LdrpWalkImportDescriptor().

◆ AVrfDllUnloadNotification()

VOID NTAPI AVrfDllUnloadNotification ( IN PLDR_DATA_TABLE_ENTRY  LdrEntry)

Definition at line 328 of file verifier.c.

329 {
331 
333  return;
334 
336  if (!AVrfpIsVerifierProviderDll(LdrEntry->DllBase))
337  {
339  {
341  RTL_VERIFIER_DLL_UNLOAD_CALLBACK ProviderDllUnloadCallback;
342 
344 
345  ProviderDllUnloadCallback = Provider->ProviderDllUnloadCallback;
346  if (ProviderDllUnloadCallback)
347  {
348  ProviderDllUnloadCallback(LdrEntry->BaseDllName.Buffer,
349  LdrEntry->DllBase,
350  LdrEntry->SizeOfImage,
351  LdrEntry);
352  }
353  }
354  }
356 }
RTL_CRITICAL_SECTION AVrfpVerifierLock
Definition: verifier.c:21
struct _Entry Entry
Definition: kefuncs.h:627
BOOLEAN AVrfpIsVerifierProviderDll(PVOID BaseAddress)
Definition: verifier.c:103
NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
VOID(NTAPI * RTL_VERIFIER_DLL_UNLOAD_CALLBACK)(PWSTR DllName, PVOID DllBase, SIZE_T DllSize, PVOID Reserved)
Definition: verifier.h:7
LIST_ENTRY AVrfpVerifierProvidersList
Definition: verifier.c:22
NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
#define FLG_APPLICATION_VERIFIER
Definition: pstypes.h:64
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
Definition: typedefs.h:119
#define NtCurrentPeb()
Definition: FLS.c:20
ULONG NtGlobalFlag
Definition: init.c:52
base of all file and directory entries
Definition: entries.h:82

Referenced by LdrUnloadDll().

◆ AVrfInitializeVerifier()

NTSTATUS NTAPI AVrfInitializeVerifier ( VOID  )

Definition at line 612 of file verifier.c.

613 {
617  WCHAR* Ptr, *Next;
618 
621 
622  if (!NT_SUCCESS(Status))
623  return Status;
624 
625  DbgPrint("AVRF: %wZ: pid 0x%X: flags 0x%X: application verifier enabled\n",
627 
628  Provider = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(VERIFIER_PROVIDER));
629  if (!Provider)
630  return STATUS_NO_MEMORY;
631 
632  RtlInitUnicodeString(&Provider->DllName, L"verifier.dll");
634 
636 
637  do
638  {
639  while (*Next == L' ' || *Next == L'\t')
640  Next++;
641 
642  Ptr = Next;
643 
644  while (*Next != ' ' && *Next != '\t' && *Next)
645  Next++;
646 
647  if (*Next)
648  *(Next++) = '\0';
649  else
650  Next = NULL;
651 
652  if (*Ptr)
653  {
654  Provider = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(VERIFIER_PROVIDER));
655  if (!Provider)
656  return STATUS_NO_MEMORY;
657  RtlInitUnicodeString(&Provider->DllName, Ptr);
659  }
660  } while (Next);
661 
664  {
666  Entry = Entry->Flink;
667 
669  if (!NT_SUCCESS(Status))
670  {
671  RemoveEntryList(&Provider->ListEntry);
672  RtlFreeHeap(RtlGetProcessHeap(), 0, Provider);
673  }
674  }
675 
676  if (!NT_SUCCESS(Status))
677  {
678  DbgPrint("AVRF: %wZ: pid 0x%X: application verifier will be disabled due to an initialization error.\n",
680  NtCurrentPeb()->NtGlobalFlag &= ~FLG_APPLICATION_VERIFIER;
681  }
682 
683  return Status;
684 }
RTL_CRITICAL_SECTION AVrfpVerifierLock
Definition: verifier.c:21
struct _Entry Entry
Definition: kefuncs.h:627
#define DbgPrint
Definition: loader.c:25
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
#define InsertTailList(ListHead, Entry)
HANDLE UniqueProcess
Definition: compat.h:573
FORCEINLINE BOOLEAN RemoveEntryList(_In_ PLIST_ENTRY Entry)
Definition: rtlfuncs.h:105
LIST_ENTRY AVrfpVerifierProvidersList
Definition: verifier.c:22
smooth NULL
Definition: ftsmooth.c:416
#define FLG_APPLICATION_VERIFIER
Definition: pstypes.h:64
ULONG AVrfpVerifierFlags
Definition: verifier.c:17
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
_Out_ PCLIENT_ID ClientId
Definition: kefuncs.h:1163
__wchar_t WCHAR
Definition: xmlstorage.h:180
NTSYSAPI NTSTATUS NTAPI RtlInitializeCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
Status
Definition: gdiplustypes.h:24
static const WCHAR L[]
Definition: oid.c:1250
Definition: typedefs.h:119
WCHAR AVrfpVerifierDllsString[256]
Definition: verifier.c:18
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
Definition: psfuncs.h:420
#define NtCurrentPeb()
Definition: FLS.c:20
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
NTSTATUS NTAPI AVrfpLoadAndInitializeProvider(PVERIFIER_PROVIDER Provider)
Definition: verifier.c:485
UNICODE_STRING BaseDllName
Definition: ldrtypes.h:145
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
PLDR_DATA_TABLE_ENTRY LdrpImageEntry
Definition: ldrinit.c:39
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
base of all file and directory entries
Definition: entries.h:82

Referenced by LdrpInitializeProcess().

◆ AVrfPageHeapDllNotification()

VOID NTAPI AVrfPageHeapDllNotification ( IN PLDR_DATA_TABLE_ENTRY  LdrEntry)

Definition at line 361 of file verifier.c.

362 {
363  /* Check if page heap dll notification is turned on */
365  return;
366 
367  /* We don't support this flag currently */
369 }
ULONG RtlpDphGlobalFlags
Definition: heappage.c:107
#define DPH_FLAG_DLL_NOTIFY
Definition: ntdllp.h:24
#define UNIMPLEMENTED
Definition: debug.h:115

Referenced by LdrpWalkImportDescriptor().

◆ LdrMapNTDllForProcess()

NTSTATUS LdrMapNTDllForProcess ( HANDLE  ProcessHandle,
PHANDLE  NTDllSectionHandle 
)

◆ LdrMapSections()

NTSTATUS LdrMapSections ( HANDLE  ProcessHandle,
PVOID  ImageBase,
HANDLE  SectionHandle,
PIMAGE_NT_HEADERS  NTHeaders 
)

◆ LdrpAllocateDataTableEntry()

PLDR_DATA_TABLE_ENTRY NTAPI LdrpAllocateDataTableEntry ( IN PVOID  BaseAddress)

Definition at line 1546 of file ldrutils.c.

1547 {
1548  PLDR_DATA_TABLE_ENTRY LdrEntry = NULL;
1549  PIMAGE_NT_HEADERS NtHeader;
1550 
1551  /* Make sure the header is valid */
1552  NtHeader = RtlImageNtHeader(BaseAddress);
1553  DPRINT("LdrpAllocateDataTableEntry(%p), NtHeader %p\n", BaseAddress, NtHeader);
1554 
1555  if (NtHeader)
1556  {
1557  /* Allocate an entry */
1558  LdrEntry = RtlAllocateHeap(LdrpHeap,
1560  sizeof(LDR_DATA_TABLE_ENTRY));
1561 
1562  /* Make sure we got one */
1563  if (LdrEntry)
1564  {
1565  /* Set it up */
1566  LdrEntry->DllBase = BaseAddress;
1567  LdrEntry->SizeOfImage = NtHeader->OptionalHeader.SizeOfImage;
1568  LdrEntry->TimeDateStamp = NtHeader->FileHeader.TimeDateStamp;
1569  LdrEntry->PatchInformation = NULL;
1570  }
1571  }
1572 
1573  /* Return the entry */
1574  return LdrEntry;
1575 }
ULONG SizeOfImage
Definition: ldrtypes.h:143
PVOID DllBase
Definition: btrfs_drv.h:1926
smooth NULL
Definition: ftsmooth.c:416
void DPRINT(...)
Definition: polytest.cpp:61
IMAGE_FILE_HEADER FileHeader
Definition: ntddk_ex.h:183
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
PVOID PatchInformation
Definition: ldrtypes.h:164
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404
Definition: btrfs_drv.h:1922
IMAGE_OPTIONAL_HEADER32 OptionalHeader
Definition: ntddk_ex.h:184
ULONG TimeDateStamp
Definition: btrfs_drv.h:1935
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
#define RtlImageNtHeader
Definition: compat.h:554
PVOID LdrpHeap
Definition: ldrinit.c:59

Referenced by LdrpInitializeProcess(), and LdrpMapDll().

◆ LdrpAllocateTls()

NTSTATUS NTAPI LdrpAllocateTls ( VOID  )

Definition at line 1317 of file ldrinit.c.

1318 {
1319  PTEB Teb = NtCurrentTeb();
1320  PLIST_ENTRY NextEntry, ListHead;
1321  PLDRP_TLS_DATA TlsData;
1322  SIZE_T TlsDataSize;
1323  PVOID *TlsVector;
1324 
1325  /* Check if we have any entries */
1327  return STATUS_SUCCESS;
1328 
1329  /* Allocate the vector array */
1330  TlsVector = RtlAllocateHeap(RtlGetProcessHeap(),
1331  0,
1332  LdrpNumberOfTlsEntries * sizeof(PVOID));
1333  if (!TlsVector) return STATUS_NO_MEMORY;
1334  Teb->ThreadLocalStoragePointer = TlsVector;
1335 
1336  /* Loop the TLS Array */
1337  ListHead = &LdrpTlsList;
1338  NextEntry = ListHead->Flink;
1339  while (NextEntry != ListHead)
1340  {
1341  /* Get the entry */
1342  TlsData = CONTAINING_RECORD(NextEntry, LDRP_TLS_DATA, TlsLinks);
1343  NextEntry = NextEntry->Flink;
1344 
1345  /* Allocate this vector */
1346  TlsDataSize = TlsData->TlsDirectory.EndAddressOfRawData -
1348  TlsVector[TlsData->TlsDirectory.Characteristics] = RtlAllocateHeap(RtlGetProcessHeap(),
1349  0,
1350  TlsDataSize);
1351  if (!TlsVector[TlsData->TlsDirectory.Characteristics])
1352  {
1353  /* Out of memory */
1354  return STATUS_NO_MEMORY;
1355  }
1356 
1357  /* Show debug message */
1358  if (ShowSnaps)
1359  {
1360  DPRINT1("LDR: TlsVector %p Index %lu = %p copied from %x to %p\n",
1361  TlsVector,
1362  TlsData->TlsDirectory.Characteristics,
1363  &TlsVector[TlsData->TlsDirectory.Characteristics],
1365  TlsVector[TlsData->TlsDirectory.Characteristics]);
1366  }
1367 
1368  /* Copy the data */
1369  RtlCopyMemory(TlsVector[TlsData->TlsDirectory.Characteristics],
1371  TlsDataSize);
1372  }
1373 
1374  /* Done */
1375  return STATUS_SUCCESS;
1376 }
IMAGE_TLS_DIRECTORY TlsDirectory
Definition: ntdllp.h:29
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
LIST_ENTRY LdrpTlsList
Definition: ldrinit.c:53
PVOID ThreadLocalStoragePointer
Definition: compat.h:589
BOOLEAN ShowSnaps
Definition: ldrinit.c:81
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
ULONG LdrpNumberOfTlsEntries
Definition: ldrinit.c:54
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
Definition: typedefs.h:119
ULONG_PTR SIZE_T
Definition: typedefs.h:80
Definition: compat.h:583
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
Definition: psfuncs.h:420
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
#define DPRINT1
Definition: precomp.h:8
return STATUS_SUCCESS
Definition: btrfs.c:3014
ULONG StartAddressOfRawData
Definition: ntimage.h:546

Referenced by LdrpInitializeThread(), and LdrpInitializeTls().

◆ LdrpCallInitRoutine()

BOOLEAN NTAPI LdrpCallInitRoutine ( IN PDLL_INIT_ROUTINE  EntryPoint,
IN PVOID  BaseAddress,
IN ULONG  Reason,
IN PVOID  Context 
)

Definition at line 100 of file ldrutils.c.

104 {
105  /* Call the entry */
106  return EntryPoint(BaseAddress, Reason, Context);
107 }
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404
PVOID PVOID PWCHAR PVOID USHORT PULONG Reason
Definition: env.c:45

Referenced by AVrfpLoadAndInitializeProvider(), LdrpCallTlsInitializers(), LdrpInitializeThread(), LdrpRunInitializeRoutines(), LdrpRunShimEngineInitRoutine(), LdrShutdownProcess(), LdrShutdownThread(), and LdrUnloadDll().

◆ LdrpCallTlsInitializers()

VOID NTAPI LdrpCallTlsInitializers ( IN PLDR_DATA_TABLE_ENTRY  LdrEntry,
IN ULONG  Reason 
)

Definition at line 473 of file ldrutils.c.

475 {
476  PIMAGE_TLS_DIRECTORY TlsDirectory;
478  ULONG Size;
479 
480  /* Get the TLS Directory */
481  TlsDirectory = RtlImageDirectoryEntryToData(LdrEntry->DllBase,
482  TRUE,
484  &Size);
485 
486  /* Protect against invalid pointers */
487  _SEH2_TRY
488  {
489  /* Make sure it's valid */
490  if (TlsDirectory)
491  {
492  /* Get the array */
493  Array = (PIMAGE_TLS_CALLBACK *)TlsDirectory->AddressOfCallBacks;
494  if (Array)
495  {
496  /* Display debug */
497  if (ShowSnaps)
498  {
499  DPRINT1("LDR: Tls Callbacks Found. Imagebase %p Tls %p CallBacks %p\n",
500  LdrEntry->DllBase, TlsDirectory, Array);
501  }
502 
503  /* Loop the array */
504  while (*Array)
505  {
506  /* Get the TLS Entrypoint */
507  Callback = *Array++;
508 
509  /* Display debug */
510  if (ShowSnaps)
511  {
512  DPRINT1("LDR: Calling Tls Callback Imagebase %p Function %p\n",
513  LdrEntry->DllBase, Callback);
514  }
515 
516  /* Call it */
518  LdrEntry->DllBase,
519  Reason,
520  NULL);
521  }
522  }
523  }
524  }
526  {
527  DPRINT1("LDR: Exception 0x%x during Tls Callback(%u) for %wZ\n",
528  _SEH2_GetExceptionCode(), Reason, &LdrEntry->BaseDllName);
529  }
530  _SEH2_END;
531 }
#define TRUE
Definition: types.h:120
BOOLEAN ShowSnaps
Definition: ldrinit.c:81
_SEH2_TRY
Definition: create.c:4226
#define IMAGE_DIRECTORY_ENTRY_TLS
Definition: pedump.c:268
VOID(NTAPI * PIMAGE_TLS_CALLBACK)(PVOID DllHandle, ULONG Reason, PVOID Reserved)
Definition: ntimage.h:531
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
BOOLEAN(NTAPI * PDLL_INIT_ROUTINE)(_In_ PVOID DllHandle, _In_ ULONG Reason, _In_opt_ PCONTEXT Context)
Definition: ldrtypes.h:254
smooth NULL
Definition: ftsmooth.c:416
if(!(yy_init))
Definition: macro.lex.yy.c:714
#define RtlImageDirectoryEntryToData
Definition: compat.h:557
IN PVOID IN PVOID IN USHORT IN USHORT Size
Definition: pci.h:361
_SEH2_END
Definition: create.c:4400
#define DPRINT1
Definition: precomp.h:8
unsigned int ULONG
Definition: retypes.h:1
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:12
BOOLEAN NTAPI LdrpCallInitRoutine(IN PDLL_INIT_ROUTINE EntryPoint, IN PVOID BaseAddress, IN ULONG Reason, IN PVOID Context)
Definition: ldrutils.c:100
PVOID PVOID PWCHAR PVOID USHORT PULONG Reason
Definition: env.c:45
LPFNPSPCALLBACK Callback
Definition: desk.c:112

Referenced by LdrpInitializeThread(), LdrpRunInitializeRoutines(), LdrShutdownProcess(), and LdrShutdownThread().

◆ LdrpCheckForLoadedDll()

BOOLEAN NTAPI LdrpCheckForLoadedDll ( IN PWSTR  DllPath,
IN PUNICODE_STRING  DllName,
IN BOOLEAN  Flag,
IN BOOLEAN  RedirectedDll,
OUT PLDR_DATA_TABLE_ENTRY LdrEntry 
)

Definition at line 1976 of file ldrutils.c.

1981 {
1982  ULONG HashIndex;
1983  PLIST_ENTRY ListHead, ListEntry;
1984  PLDR_DATA_TABLE_ENTRY CurEntry;
1985  BOOLEAN FullPath = FALSE;
1986  PWCHAR wc;
1987  WCHAR NameBuf[266];
1988  UNICODE_STRING FullDllName, NtPathName;
1989  ULONG Length;
1991  NTSTATUS Status;
1992  HANDLE FileHandle, SectionHandle;
1994  PVOID ViewBase = NULL;
1995  SIZE_T ViewSize = 0;
1996  PIMAGE_NT_HEADERS NtHeader, NtHeader2;
1997  DPRINT("LdrpCheckForLoadedDll('%S' '%wZ' %u %u %p)\n", DllPath ? ((ULONG_PTR)DllPath == 1 ? L"" : DllPath) : L"", DllName, Flag, RedirectedDll, LdrEntry);
1998 
1999  /* Check if a dll name was provided */
2000  if (!(DllName->Buffer) || !(DllName->Buffer[0])) return FALSE;
2001 
2002  /* FIXME: Warning, "Flag" is used as magic instead of "Static" */
2003  /* FIXME: Warning, code does not support redirection at all */
2004 
2005  /* Look in the hash table if flag was set */
2006 lookinhash:
2007  if (Flag /* the second check is a hack */ && !RedirectedDll)
2008  {
2009  /* FIXME: if we get redirected dll it means that we also get a full path so we need to find its filename for the hash lookup */
2010 
2011  /* Get hash index */
2012  HashIndex = LDR_GET_HASH_ENTRY(DllName->Buffer[0]);
2013 
2014  /* Traverse that list */
2015  ListHead = &LdrpHashTable[HashIndex];
2016  ListEntry = ListHead->Flink;
2017  while (ListEntry != ListHead)
2018  {
2019  /* Get the current entry */
2020  CurEntry = CONTAINING_RECORD(ListEntry, LDR_DATA_TABLE_ENTRY, HashLinks);
2021 
2022  /* Check base name of that module */
2023  if (RtlEqualUnicodeString(DllName, &CurEntry->BaseDllName, TRUE))
2024  {
2025  /* It matches, return it */
2026  *LdrEntry = CurEntry;
2027  return TRUE;
2028  }
2029 
2030  /* Advance to the next entry */
2031  ListEntry = ListEntry->Flink;
2032  }
2033 
2034  /* Module was not found, return failure */
2035  return FALSE;
2036  }
2037 
2038  /* Check if this is a redirected DLL */
2039  if (RedirectedDll)
2040  {
2041  /* Redirected dlls already have a full path */
2042  FullPath = TRUE;
2043  FullDllName = *DllName;
2044  }
2045  else
2046  {
2047  /* Check if there is a full path in this DLL */
2048  wc = DllName->Buffer;
2049  while (*wc)
2050  {
2051  /* Check for a slash in the current position*/
2052  if ((*wc == L'\\') || (*wc == L'/'))
2053  {
2054  /* Found the slash, so dll name contains path */
2055  FullPath = TRUE;
2056 
2057  /* Setup full dll name string */
2058  FullDllName.Buffer = NameBuf;
2059 
2060  /* FIXME: This is from the Windows 2000 loader, not XP/2003, we should call LdrpSearchPath */
2062  DllName->Buffer,
2063  NULL,
2064  sizeof(NameBuf) - sizeof(UNICODE_NULL),
2065  FullDllName.Buffer,
2066  NULL);
2067 
2068  /* Check if that was successful */
2069  if (!(Length) || (Length > (sizeof(NameBuf) - sizeof(UNICODE_NULL))))
2070  {
2071  if (ShowSnaps)
2072  {
2073  DPRINT1("LDR: LdrpCheckForLoadedDll - Unable To Locate %wZ: 0x%08x\n",
2074  &DllName, Length);
2075  }
2076  }
2077 
2078  /* Full dll name is found */
2079  FullDllName.Length = Length;
2080  FullDllName.MaximumLength = FullDllName.Length + sizeof(UNICODE_NULL);
2081  break;
2082  }
2083 
2084  wc++;
2085  }
2086  }
2087 
2088  /* Go check the hash table */
2089  if (!FullPath)
2090  {
2091  Flag = TRUE;
2092  goto lookinhash;
2093  }
2094 
2095  /* FIXME: Warning, activation context missing */
2096  DPRINT("Warning, activation context missing\n");
2097 
2098  /* NOTE: From here on down, everything looks good */
2099 
2100  /* Loop the module list */
2101  ListHead = &NtCurrentPeb()->Ldr->InLoadOrderModuleList;
2102  ListEntry = ListHead->Flink;
2103  while (ListEntry != ListHead)
2104  {
2105  /* Get the current entry and advance to the next one */
2106  CurEntry = CONTAINING_RECORD(ListEntry,
2108  InLoadOrderLinks);
2109  ListEntry = ListEntry->Flink;
2110 
2111  /* Check if it's being unloaded */
2112  if (!CurEntry->InMemoryOrderLinks.Flink) continue;
2113 
2114  /* Check if name matches */
2116  &CurEntry->FullDllName,
2117  TRUE))
2118  {
2119  /* Found it */
2120  *LdrEntry = CurEntry;
2121  return TRUE;
2122  }
2123  }
2124 
2125  /* Convert given path to NT path */
2127  &NtPathName,
2128  NULL,
2129  NULL))
2130  {
2131  /* Fail if conversion failed */
2132  return FALSE;
2133  }
2134 
2135  /* Initialize object attributes and open it */
2137  &NtPathName,
2139  NULL,
2140  NULL);
2144  &Iosb,
2147 
2148  /* Free NT path name */
2149  RtlFreeHeap(RtlGetProcessHeap(), 0, NtPathName.Buffer);
2150 
2151  /* If opening the file failed - return failure */
2152  if (!NT_SUCCESS(Status)) return FALSE;
2153 
2154  /* Create a section for this file */
2155  Status = NtCreateSection(&SectionHandle,
2159  NULL,
2160  NULL,
2161  PAGE_EXECUTE,
2162  SEC_COMMIT,
2163  FileHandle);
2164 
2165  /* Close file handle */
2167 
2168  /* If creating section failed - return failure */
2169  if (!NT_SUCCESS(Status)) return FALSE;
2170 
2171  /* Map view of this section */
2172  Status = ZwMapViewOfSection(SectionHandle,
2173  NtCurrentProcess(),
2174  &ViewBase,
2175  0,
2176  0,
2177  NULL,
2178  &ViewSize,
2179  ViewShare,
2180  0,
2181  PAGE_EXECUTE);
2182 
2183  /* Close section handle */
2184  NtClose(SectionHandle);
2185 
2186  /* If section mapping failed - return failure */
2187  if (!NT_SUCCESS(Status)) return FALSE;
2188 
2189  /* Get pointer to the NT header of this section */
2190  Status = RtlImageNtHeaderEx(0, ViewBase, ViewSize, &NtHeader);
2191  if (!(NT_SUCCESS(Status)) || !(NtHeader))
2192  {
2193  /* Unmap the section and fail */
2195  return FALSE;
2196  }
2197 
2198  /* Go through the list of modules again */
2199  ListHead = &NtCurrentPeb()->Ldr->InLoadOrderModuleList;
2200  ListEntry = ListHead->Flink;
2201  while (ListEntry != ListHead)
2202  {
2203  /* Get the current entry and advance to the next one */
2204  CurEntry = CONTAINING_RECORD(ListEntry,
2206  InLoadOrderLinks);
2207  ListEntry = ListEntry->Flink;
2208 
2209  /* Check if it's in the process of being unloaded */
2210  if (!CurEntry->InMemoryOrderLinks.Flink) continue;
2211 
2212  /* The header is untrusted, use SEH */
2213  _SEH2_TRY
2214  {
2215  /* Check if timedate stamp and sizes match */
2216  if ((CurEntry->TimeDateStamp == NtHeader->FileHeader.TimeDateStamp) &&
2217  (CurEntry->SizeOfImage == NtHeader->OptionalHeader.SizeOfImage))
2218  {
2219  /* Time, date and size match. Let's compare their headers */
2220  NtHeader2 = RtlImageNtHeader(CurEntry->DllBase);
2221  if (RtlCompareMemory(NtHeader2, NtHeader, sizeof(IMAGE_NT_HEADERS)))
2222  {
2223  /* Headers match too! Finally ask the kernel to compare mapped files */
2224  Status = ZwAreMappedFilesTheSame(CurEntry->DllBase, ViewBase);
2225  if (NT_SUCCESS(Status))
2226  {
2227  /* This is our entry!, unmap and return success */
2228  *LdrEntry = CurEntry;
2230  _SEH2_YIELD(return TRUE;)
2231  }
2232  }
2233  }
2234  }
2236  {
2237  _SEH2_YIELD(break;)
2238  }
2239  _SEH2_END;
2240  }
2241 
2242  /* Unmap the section and fail */
2244  return FALSE;
2245 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3782
NTSTATUS NTAPI NtCreateSection(OUT PHANDLE SectionHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN PLARGE_INTEGER MaximumSize OPTIONAL, IN ULONG SectionPageProtection OPTIONAL, IN ULONG AllocationAttributes, IN HANDLE FileHandle OPTIONAL)
Definition: section.c:3373
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
#define TRUE
Definition: types.h:120
UNICODE_STRING LdrpDefaultPath
Definition: ldrinit.c:65
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN ShowSnaps
Definition: ldrinit.c:81
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
#define LDR_GET_HASH_ENTRY(x)
Definition: ntdllp.h:12
ULONG SizeOfImage
Definition: ldrtypes.h:143
uint16_t * PWCHAR
Definition: typedefs.h:56
#define FILE_SHARE_READ
Definition: compat.h:136
_SEH2_TRY
Definition: create.c:4226
uint32_t ULONG_PTR
Definition: typedefs.h:65
PVOID DllBase
Definition: btrfs_drv.h:1926
HANDLE FileHandle
Definition: stats.c:38
NTSYSAPI ULONG NTAPI RtlDosSearchPath_U(_In_ PCWSTR Path, _In_ PCWSTR FileName, _In_ PCWSTR Extension, _In_ ULONG BufferSize, _Out_ PWSTR Buffer, _Out_ PWSTR *PartName)
#define SEC_COMMIT
Definition: mmtypes.h:99
#define FALSE
Definition: types.h:117
#define UNICODE_NULL
LIST_ENTRY LdrpHashTable[LDR_HASH_TABLE_ENTRIES]
Definition: ldrinit.c:60
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
unsigned char BOOLEAN
smooth NULL
Definition: ftsmooth.c:416
#define PAGE_EXECUTE
Definition: nt_native.h:1306
void DPRINT(...)
Definition: polytest.cpp:61
NTSTATUS NTAPI RtlImageNtHeaderEx(_In_ ULONG Flags, _In_ PVOID Base, _In_ ULONG64 Size, _Out_ PIMAGE_NT_HEADERS *OutHeaders)
Definition: libsupp.c:32
_In_ PCWSTR FullDllName
Definition: ldrtypes.h:247
IMAGE_FILE_HEADER FileHeader
Definition: ntddk_ex.h:183
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
#define SECTION_MAP_WRITE
Definition: nt_native.h:1288
#define NtCurrentProcess()
Definition: nt_native.h:1657
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
NTSYSAPI NTSTATUS NTAPI NtOpenFile(OUT PHANDLE phFile, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, OUT PIO_STATUS_BLOCK pIoStatusBlock, IN ULONG ShareMode, IN ULONG OpenMode)
Definition: file.c:3951
#define _SEH2_YIELD(STMT_)
Definition: pseh2_64.h:8
__wchar_t WCHAR
Definition: xmlstorage.h:180
return Iosb
Definition: create.c:4402
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
Definition: xml2sdb.h:79
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
Status
Definition: gdiplustypes.h:24
#define FILE_SHARE_DELETE
Definition: nt_native.h:682
static const WCHAR L[]
Definition: oid.c:1250
#define SECTION_MAP_READ
Definition: compat.h:139
#define FILE_EXECUTE
Definition: nt_native.h:642
#define FILE_NON_DIRECTORY_FILE
Definition: constants.h:492
Definition: btrfs_drv.h:1922
Definition: typedefs.h:119
#define SYNCHRONIZE
Definition: nt_native.h:61
IMAGE_OPTIONAL_HEADER32 OptionalHeader
Definition: ntddk_ex.h:184
ULONG TimeDateStamp
Definition: btrfs_drv.h:1935
ULONG_PTR SIZE_T
Definition: typedefs.h:80
_SEH2_END
Definition: create.c:4400
#define NtCurrentPeb()
Definition: FLS.c:20
LIST_ENTRY InMemoryOrderLinks
Definition: btrfs_drv.h:1924
static const char const char * DllPath
Definition: image.c:34
UNICODE_STRING FullDllName
Definition: btrfs_drv.h:1928
UNICODE_STRING BaseDllName
Definition: ldrtypes.h:145
NTSYSAPI NTSTATUS NTAPI ZwAreMappedFilesTheSame(_In_ PVOID File1MappedAsAnImage, _In_ PVOID File2MappedAsFile)
#define DPRINT1
Definition: precomp.h:8
#define RtlImageNtHeader
Definition: compat.h:554
#define FILE_SYNCHRONOUS_IO_NONALERT
Definition: from_kernel.h:31
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T ViewSize
Definition: mmfuncs.h:404
unsigned int ULONG
Definition: retypes.h:1
#define SECTION_MAP_EXECUTE
Definition: nt_native.h:1290
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
NTSYSAPI BOOLEAN NTAPI RtlEqualUnicodeString(PUNICODE_STRING String1, PUNICODE_STRING String2, BOOLEAN CaseInSensitive)
NTSYSAPI BOOLEAN NTAPI RtlDosPathNameToNtPathName_U(_In_opt_z_ PCWSTR DosPathName, _Out_ PUNICODE_STRING NtPathName, _Out_opt_ PCWSTR *NtFileNamePart, _Out_opt_ PRTL_RELATIVE_NAME_U DirectoryInfo)
#define RtlCompareMemory(s1, s2, l)
Definition: env_spec_w32.h:465

Referenced by LdrGetDllHandleEx(), LdrpLoadDll(), LdrpLoadImportModule(), and LdrpUpdateLoadCount3().

◆ LdrpCheckForLoadedDllHandle()

BOOLEAN NTAPI LdrpCheckForLoadedDllHandle ( IN PVOID  Base,
OUT PLDR_DATA_TABLE_ENTRY LdrEntry 
)

Definition at line 1618 of file ldrutils.c.

1620 {
1621  PLDR_DATA_TABLE_ENTRY Current;
1622  PLIST_ENTRY ListHead, Next;
1623 
1624  /* Check the cache first */
1625  if ((LdrpLoadedDllHandleCache) &&
1627  {
1628  /* We got lucky, return the cached entry */
1629  *LdrEntry = LdrpLoadedDllHandleCache;
1630  return TRUE;
1631  }
1632 
1633  /* Time for a lookup */
1634  ListHead = &NtCurrentPeb()->Ldr->InLoadOrderModuleList;
1635  Next = ListHead->Flink;
1636  while (Next != ListHead)
1637  {
1638  /* Get the current entry */
1639  Current = CONTAINING_RECORD(Next,
1641  InLoadOrderLinks);
1642 
1643  /* Make sure it's not unloading and check for a match */
1644  if ((Current->InMemoryOrderLinks.Flink) && (Base == Current->DllBase))
1645  {
1646  /* Save in cache */
1647  LdrpLoadedDllHandleCache = Current;
1648 
1649  /* Return it */
1650  *LdrEntry = Current;
1651  return TRUE;
1652  }
1653 
1654  /* Move to the next one */
1655  Next = Next->Flink;
1656  }
1657 
1658  /* Nothing found */
1659  return FALSE;
1660 }
PLDR_DATA_TABLE_ENTRY LdrpLoadedDllHandleCache
Definition: ldrutils.c:19
#define TRUE
Definition: types.h:120
_In_opt_ ULONG Base
Definition: rtlfuncs.h:2373
PVOID DllBase
Definition: btrfs_drv.h:1926
#define FALSE
Definition: types.h:117
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
Definition: btrfs_drv.h:1922
Definition: typedefs.h:119
#define NtCurrentPeb()
Definition: FLS.c:20
LIST_ENTRY InMemoryOrderLinks
Definition: btrfs_drv.h:1924

Referenced by LdrAddRefDll(), LdrDisableThreadCalloutsForDll(), LdrpGetProcedureAddress(), LdrpSnapThunk(), and LdrUnloadDll().

◆ LdrpClearLoadInProgress()

ULONG NTAPI LdrpClearLoadInProgress ( VOID  )

Definition at line 2660 of file ldrutils.c.

2661 {
2662  PLIST_ENTRY ListHead, Entry;
2663  PLDR_DATA_TABLE_ENTRY LdrEntry;
2664  ULONG ModulesCount = 0;
2665 
2666  /* Traverse the init list */
2667  ListHead = &NtCurrentPeb()->Ldr->InInitializationOrderModuleList;
2668  Entry = ListHead->Flink;
2669  while (Entry != ListHead)
2670  {
2671  /* Get the loader entry */
2672  LdrEntry = CONTAINING_RECORD(Entry,
2674  InInitializationOrderLinks);
2675 
2676  /* Clear load in progress flag */
2677  LdrEntry->Flags &= ~LDRP_LOAD_IN_PROGRESS;
2678 
2679  /* Check for modules with entry point count but not processed yet */
2680  if ((LdrEntry->EntryPoint) &&
2681  !(LdrEntry->Flags & LDRP_ENTRY_PROCESSED))
2682  {
2683  /* Increase counter */
2684  ModulesCount++;
2685  }
2686 
2687  /* Advance to the next entry */
2688  Entry = Entry->Flink;
2689  }
2690 
2691  /* Return final count */
2692  return ModulesCount;
2693 }
#define LDRP_LOAD_IN_PROGRESS
Definition: ldrtypes.h:42
#define LDRP_ENTRY_PROCESSED
Definition: ldrtypes.h:44
struct _Entry Entry
Definition: kefuncs.h:627
PVOID EntryPoint
Definition: ntddk_ex.h:203
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
Definition: btrfs_drv.h:1922
Definition: typedefs.h:119
#define NtCurrentPeb()
Definition: FLS.c:20
ULONG Flags
Definition: ntddk_ex.h:207
unsigned int ULONG
Definition: retypes.h:1
base of all file and directory entries
Definition: entries.h:82

Referenced by LdrAddRefDll(), LdrGetDllHandleEx(), LdrpLoadDll(), and LdrpRunInitializeRoutines().

◆ LdrpEnsureLoaderLockIsHeld()

VOID NTAPI LdrpEnsureLoaderLockIsHeld ( VOID  )

Definition at line 405 of file ldrinit.c.

406 {
407  // Ignored atm
408 }

Referenced by LdrpCheckForKnownDll(), and LdrpRunInitializeRoutines().

◆ LdrpFetchAddressOfEntryPoint()

PVOID NTAPI LdrpFetchAddressOfEntryPoint ( PVOID  ImageBase)

◆ LdrpFinalizeAndDeallocateDataTableEntry()

VOID NTAPI LdrpFinalizeAndDeallocateDataTableEntry ( IN PLDR_DATA_TABLE_ENTRY  Entry)

Definition at line 1595 of file ldrutils.c.

1596 {
1597  /* Sanity check */
1598  ASSERT(Entry != NULL);
1599 
1600  /* Release the activation context if it exists and wasn't already released */
1601  if ((Entry->EntryPointActivationContext) &&
1602  (Entry->EntryPointActivationContext != INVALID_HANDLE_VALUE))
1603  {
1604  /* Mark it as invalid */
1605  RtlReleaseActivationContext(Entry->EntryPointActivationContext);
1606  Entry->EntryPointActivationContext = INVALID_HANDLE_VALUE;
1607  }
1608 
1609  /* Release the full dll name string */
1610  if (Entry->FullDllName.Buffer) LdrpFreeUnicodeString(&Entry->FullDllName);
1611 
1612  /* Finally free the entry's memory */
1613  RtlFreeHeap(LdrpHeap, 0, Entry);
1614 }
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
#define INVALID_HANDLE_VALUE
Definition: compat.h:479
smooth NULL
Definition: ftsmooth.c:416
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
NTSYSAPI void WINAPI RtlReleaseActivationContext(HANDLE)
Definition: actctx.c:5242
VOID NTAPI LdrpFreeUnicodeString(IN PUNICODE_STRING StringIn)
Definition: ldrutils.c:84
PVOID LdrpHeap
Definition: ldrinit.c:59
base of all file and directory entries
Definition: entries.h:82

Referenced by LdrUnloadDll().

◆ LdrpFreeTls()

VOID NTAPI LdrpFreeTls ( VOID  )

Definition at line 1380 of file ldrinit.c.

1381 {
1382  PLIST_ENTRY ListHead, NextEntry;
1383  PLDRP_TLS_DATA TlsData;
1384  PVOID *TlsVector;
1385  PTEB Teb = NtCurrentTeb();
1386 
1387  /* Get a pointer to the vector array */
1388  TlsVector = Teb->ThreadLocalStoragePointer;
1389  if (!TlsVector) return;
1390 
1391  /* Loop through it */
1392  ListHead = &LdrpTlsList;
1393  NextEntry = ListHead->Flink;
1394  while (NextEntry != ListHead)
1395  {
1396  TlsData = CONTAINING_RECORD(NextEntry, LDRP_TLS_DATA, TlsLinks);
1397  NextEntry = NextEntry->Flink;
1398 
1399  /* Free each entry */
1400  if (TlsVector[TlsData->TlsDirectory.Characteristics])
1401  {
1402  RtlFreeHeap(RtlGetProcessHeap(),
1403  0,
1404  TlsVector[TlsData->TlsDirectory.Characteristics]);
1405  }
1406  }
1407 
1408  /* Free the array itself */
1409  RtlFreeHeap(RtlGetProcessHeap(),
1410  0,
1411  TlsVector);
1412 }
IMAGE_TLS_DIRECTORY TlsDirectory
Definition: ntdllp.h:29
LIST_ENTRY LdrpTlsList
Definition: ldrinit.c:53
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
PVOID ThreadLocalStoragePointer
Definition: compat.h:589
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
Definition: typedefs.h:119
Definition: compat.h:583
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
Definition: psfuncs.h:420

Referenced by LdrShutdownThread().

◆ LdrpFreeUnicodeString()

VOID NTAPI LdrpFreeUnicodeString ( PUNICODE_STRING  String)

◆ LdrpGetProcedureAddress()

NTSTATUS NTAPI LdrpGetProcedureAddress ( IN PVOID  BaseAddress,
IN PANSI_STRING  Name,
IN ULONG  Ordinal,
OUT PVOID ProcedureAddress,
IN BOOLEAN  ExecuteInit 
)

Definition at line 2249 of file ldrutils.c.

2254 {
2256  UCHAR ImportBuffer[64];
2257  PLDR_DATA_TABLE_ENTRY LdrEntry;
2258  IMAGE_THUNK_DATA Thunk;
2259  PVOID ImageBase;
2260  PIMAGE_IMPORT_BY_NAME ImportName = NULL;
2261  PIMAGE_EXPORT_DIRECTORY ExportDir;
2262  ULONG ExportDirSize, Length;
2264 
2265  /* Show debug message */
2266  if (ShowSnaps) DPRINT1("LDR: LdrGetProcedureAddress by ");
2267 
2268  /* Check if we got a name */
2269  if (Name)
2270  {
2271  /* Show debug message */
2272  if (ShowSnaps) DbgPrint("NAME - %s\n", Name->Buffer);
2273 
2274  /* Make sure it's not too long */
2275  Length = Name->Length +
2276  sizeof(CHAR) +
2279  {
2280  /* Won't have enough space to add the hint */
2281  return STATUS_NAME_TOO_LONG;
2282  }
2283 
2284  /* Check if our buffer is large enough */
2285  if (Length > sizeof(ImportBuffer))
2286  {
2287  /* Allocate from heap, plus 2 bytes for the Hint */
2288  ImportName = RtlAllocateHeap(RtlGetProcessHeap(),
2289  0,
2290  Length);
2291  }
2292  else
2293  {
2294  /* Use our internal buffer */
2295  ImportName = (PIMAGE_IMPORT_BY_NAME)ImportBuffer;
2296  }
2297 
2298  /* Clear the hint */
2299  ImportName->Hint = 0;
2300 
2301  /* Copy the name and null-terminate it */
2302  RtlCopyMemory(ImportName->Name, Name->Buffer, Name->Length);
2303  ImportName->Name[Name->Length] = ANSI_NULL;
2304 
2305  /* Clear the high bit */
2306  ImageBase = ImportName;
2307  Thunk.u1.AddressOfData = 0;
2308  }
2309  else
2310  {
2311  /* Do it by ordinal */
2312  ImageBase = NULL;
2313 
2314  /* Show debug message */
2315  if (ShowSnaps) DbgPrint("ORDINAL - %lx\n", Ordinal);
2316 
2317  /* Make sure an ordinal was given */
2318  if (!Ordinal)
2319  {
2320  /* No ordinal */
2321  DPRINT1("No ordinal and no name\n");
2322  return STATUS_INVALID_PARAMETER;
2323  }
2324 
2325  /* Set the original flag in the thunk */
2326  Thunk.u1.Ordinal = Ordinal | IMAGE_ORDINAL_FLAG;
2327  }
2328 
2329  /* Acquire lock unless we are initting */
2331 
2332  _SEH2_TRY
2333  {
2334  /* Try to find the loaded DLL */
2335  if (!LdrpCheckForLoadedDllHandle(BaseAddress, &LdrEntry))
2336  {
2337  /* Invalid base */
2338  DPRINT1("Invalid base address %p\n", BaseAddress);
2340  _SEH2_YIELD(goto Quickie;)
2341  }
2342 
2343  /* Get the pointer to the export directory */
2344  ExportDir = RtlImageDirectoryEntryToData(LdrEntry->DllBase,
2345  TRUE,
2347  &ExportDirSize);
2348 
2349  if (!ExportDir)
2350  {
2351  DPRINT1("Image %wZ has no exports, but were trying to get procedure %Z. BaseAddress asked 0x%p, got entry BA 0x%p\n",
2352  &LdrEntry->BaseDllName, Name, BaseAddress, LdrEntry->DllBase);
2354  _SEH2_YIELD(goto Quickie;)
2355  }
2356 
2357  /* Now get the thunk */
2358  Status = LdrpSnapThunk(LdrEntry->DllBase,
2359  ImageBase,
2360  &Thunk,
2361  &Thunk,
2362  ExportDir,
2363  ExportDirSize,
2364  FALSE,
2365  NULL);
2366 
2367  /* Finally, see if we're supposed to run the init routines */
2368  if ((NT_SUCCESS(Status)) && (ExecuteInit))
2369  {
2370  /*
2371  * It's possible a forwarded entry had us load the DLL. In that case,
2372  * then we will call its DllMain. Use the last loaded DLL for this.
2373  */
2374  Entry = NtCurrentPeb()->Ldr->InInitializationOrderModuleList.Blink;
2375  LdrEntry = CONTAINING_RECORD(Entry,
2377  InInitializationOrderLinks);
2378 
2379  /* Make sure we didn't process it yet*/
2380  if (!(LdrEntry->Flags & LDRP_ENTRY_PROCESSED))
2381  {
2382  /* Call the init routine */
2383  _SEH2_TRY
2384  {
2386  }
2388  {
2389  /* Get the exception code */
2391  }
2392  _SEH2_END;
2393  }
2394  }
2395 
2396  /* Make sure we're OK till here */
2397  if (NT_SUCCESS(Status))
2398  {
2399  /* Return the address */
2400  *ProcedureAddress = (PVOID)Thunk.u1.Function;
2401  }
2402  }
2404  {
2405  /* Just ignore exceptions */
2406  }
2407  _SEH2_END;
2408 
2409 Quickie:
2410  /* Cleanup */
2411  if (ImportName && (ImportName != (PIMAGE_IMPORT_BY_NAME)ImportBuffer))
2412  {
2413  /* We allocated from heap, free it */
2414  RtlFreeHeap(RtlGetProcessHeap(), 0, ImportName);
2415  }
2416 
2417  /* Release the CS if we entered it */
2419 
2420  /* We're done */
2421  return Status;
2422 }
#define LDRP_ENTRY_PROCESSED
Definition: ldrtypes.h:44
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
struct _Entry Entry
Definition: kefuncs.h:627
#define DbgPrint
Definition: loader.c:25
#define TRUE
Definition: types.h:120
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
BOOLEAN NTAPI LdrpCheckForLoadedDllHandle(IN PVOID Base, OUT PLDR_DATA_TABLE_ENTRY *LdrEntry)
Definition: ldrutils.c:1618
#define IMAGE_ORDINAL_FLAG
Definition: pedump.c:336
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN ShowSnaps
Definition: ldrinit.c:81
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
struct _IMAGE_IMPORT_BY_NAME * PIMAGE_IMPORT_BY_NAME
#define UNICODE_STRING_MAX_BYTES
_SEH2_TRY
Definition: create.c:4226
NTSTATUS NTAPI LdrpRunInitializeRoutines(IN PCONTEXT Context OPTIONAL)
Definition: ldrinit.c:637
PVOID DllBase
Definition: btrfs_drv.h:1926
#define FALSE
Definition: types.h:117
#define ANSI_NULL
NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
smooth NULL
Definition: ftsmooth.c:416
void * PVOID
Definition: retypes.h:9
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
#define STATUS_NAME_TOO_LONG
Definition: ntstatus.h:498
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404
#define _SEH2_YIELD(STMT_)
Definition: pseh2_64.h:8
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
unsigned char UCHAR
Definition: xmlstorage.h:181
Status
Definition: gdiplustypes.h:24
#define RtlImageDirectoryEntryToData
Definition: compat.h:557
Definition: btrfs_drv.h:1922
Definition: typedefs.h:119
#define IMAGE_DIRECTORY_ENTRY_EXPORT
Definition: compat.h:151
_SEH2_END
Definition: create.c:4400
#define NtCurrentPeb()
Definition: FLS.c:20
#define STATUS_DLL_NOT_FOUND
Definition: ntstatus.h:545
UNICODE_STRING BaseDllName
Definition: ldrtypes.h:145
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
#define STATUS_PROCEDURE_NOT_FOUND
Definition: ntstatus.h:358
#define DPRINT1
Definition: precomp.h:8
NTSTATUS NTAPI LdrpSnapThunk(IN PVOID ExportBase, IN PVOID ImportBase, IN PIMAGE_THUNK_DATA OriginalThunk, IN OUT PIMAGE_THUNK_DATA Thunk, IN PIMAGE_EXPORT_DIRECTORY ExportEntry, IN ULONG ExportSize, IN BOOLEAN Static, IN LPSTR DllName)
Definition: ldrpe.c:950
ULONG Flags
Definition: ntddk_ex.h:207
RTL_CRITICAL_SECTION LdrpLoaderLock
Definition: ldrinit.c:70
unsigned int ULONG
Definition: retypes.h:1
union _IMAGE_THUNK_DATA32::@2099 u1
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:12
BOOLEAN LdrpInLdrInit
Definition: ldrinit.c:30
return STATUS_SUCCESS
Definition: btrfs.c:3014
#define CHAR(Char)
base of all file and directory entries
Definition: entries.h:82

Referenced by AvrfpResolveThunks(), LdrGetProcedureAddress(), LdrpGetShimEngineFunction(), and LdrpSnapThunk().

◆ LdrpGetResidentSize()

ULONG LdrpGetResidentSize ( PIMAGE_NT_HEADERS  NTHeaders)

◆ LdrpGetShimEngineInterface()

VOID NTAPI LdrpGetShimEngineInterface ( VOID  )

◆ LdrpInitFailure()

VOID NTAPI LdrpInitFailure ( NTSTATUS  Status)

Definition at line 2532 of file ldrinit.c.

2533 {
2534  ULONG Response;
2535  PPEB Peb = NtCurrentPeb();
2536 
2537  /* Print a debug message */
2538  DPRINT1("LDR: Process initialization failure for %wZ; NTSTATUS = %08lx\n",
2540 
2541  /* Raise a hard error */
2543  {
2545  }
2546 }
NTSYSAPI NTSTATUS NTAPI ZwRaiseHardError(_In_ NTSTATUS ErrorStatus, _In_ ULONG NumberOfParameters, _In_ ULONG UnicodeStringParameterMask, _In_ PULONG_PTR Parameters, _In_ ULONG ValidResponseOptions, _Out_ PULONG Response)
PPEB Peb
Definition: dllmain.c:27
#define STATUS_APP_INIT_FAILURE
Definition: ntstatus.h:561
PRTL_USER_PROCESS_PARAMETERS ProcessParameters
Definition: btrfs_drv.h:1959
Definition: ncftp.h:89
Status
Definition: gdiplustypes.h:24
UNICODE_STRING ImagePathName
Definition: btrfs_drv.h:1947
ULONG LdrpFatalHardErrorCount
Definition: ldrinit.c:83
#define NtCurrentPeb()
Definition: FLS.c:20
#define DPRINT1
Definition: precomp.h:8
unsigned int ULONG
Definition: retypes.h:1
struct Response Response
uint32_t * PULONG_PTR
Definition: typedefs.h:65

Referenced by LdrpInit(), and LdrpInitializeProcess().

◆ LdrpInitializeApplicationVerifierPackage()

NTSTATUS NTAPI LdrpInitializeApplicationVerifierPackage ( IN HANDLE  KeyHandle,
IN PPEB  Peb,
IN BOOLEAN  SystemWide,
IN BOOLEAN  ReadAdvancedOptions 
)

◆ LdrpInitializeProcess()

NTSTATUS NTAPI LdrpInitializeProcess ( IN PCONTEXT  Context,
IN PVOID  SystemArgument1 
)

Definition at line 1753 of file ldrinit.c.

1755 {
1756  RTL_HEAP_PARAMETERS HeapParameters;
1757  ULONG ComSectionSize;
1758  ANSI_STRING BaseProcessInitPostImportName = RTL_CONSTANT_STRING("BaseProcessInitPostImport");
1759  ANSI_STRING BaseQueryModuleDataName = RTL_CONSTANT_STRING("BaseQueryModuleData");
1760  PVOID OldShimData;
1762  //UNICODE_STRING LocalFileName, FullImageName;
1763  HANDLE SymLinkHandle;
1764  //ULONG DebugHeapOnly;
1765  UNICODE_STRING CommandLine, NtSystemRoot, ImagePathName, FullPath, ImageFileName, KnownDllString;
1766  PPEB Peb = NtCurrentPeb();
1767  BOOLEAN IsDotNetImage = FALSE;
1768  BOOLEAN FreeCurDir = FALSE;
1769  //HANDLE CompatKey;
1770  PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
1771  //LPWSTR ImagePathBuffer;
1772  ULONG ConfigSize;
1774  HANDLE OptionsKey;
1775  ULONG HeapFlags;
1776  PIMAGE_NT_HEADERS NtHeader;
1777  LPWSTR NtDllName = NULL;
1778  NTSTATUS Status, ImportStatus;
1779  NLSTABLEINFO NlsTable;
1781  PTEB Teb = NtCurrentTeb();
1782  PLIST_ENTRY ListHead;
1783  PLIST_ENTRY NextEntry;
1784  ULONG i;
1785  PWSTR ImagePath;
1786  ULONG DebugProcessHeapOnly = 0;
1787  PLDR_DATA_TABLE_ENTRY NtLdrEntry;
1788  PWCHAR Current;
1789  ULONG ExecuteOptions = 0;
1790  PVOID ViewBase;
1791 
1792  /* Set a NULL SEH Filter */
1794 
1795  /* Get the image path */
1796  ImagePath = Peb->ProcessParameters->ImagePathName.Buffer;
1797 
1798  /* Check if it's not normalized */
1800  {
1801  /* Normalize it*/
1802  ImagePath = (PWSTR)((ULONG_PTR)ImagePath + (ULONG_PTR)Peb->ProcessParameters);
1803  }
1804 
1805  /* Create a unicode string for the Image Path */
1806  ImagePathName.Length = Peb->ProcessParameters->ImagePathName.Length;
1807  ImagePathName.MaximumLength = ImagePathName.Length + sizeof(WCHAR);
1808  ImagePathName.Buffer = ImagePath;
1809 
1810  /* Get the NT Headers */
1811  NtHeader = RtlImageNtHeader(Peb->ImageBaseAddress);
1812 
1813  /* Get the execution options */
1814  Status = LdrpInitializeExecutionOptions(&ImagePathName, Peb, &OptionsKey);
1815 
1816  /* Check if this is a .NET executable */
1818  TRUE,
1820  &ComSectionSize))
1821  {
1822  /* Remember this for later */
1823  IsDotNetImage = TRUE;
1824  }
1825 
1826  /* Save the NTDLL Base address */
1828 
1829  /* If this is a Native Image */
1831  {
1832  /* Then do DLL Validation */
1834  }
1835 
1836  /* Save the old Shim Data */
1837  OldShimData = Peb->pShimData;
1838 
1839  /* ReactOS specific: do not clear it. (Windows starts doing the same in later versions) */
1840  //Peb->pShimData = NULL;
1841 
1842  /* Save the number of processors and CS Timeout */
1845 
1846  /* Normalize the parameters */
1847  ProcessParameters = RtlNormalizeProcessParams(Peb->ProcessParameters);
1848  if (ProcessParameters)
1849  {
1850  /* Save the Image and Command Line Names */
1851  ImageFileName = ProcessParameters->ImagePathName;
1852  CommandLine = ProcessParameters->CommandLine;
1853  }
1854  else
1855  {
1856  /* It failed, initialize empty strings */
1857  RtlInitUnicodeString(&ImageFileName, NULL);
1858  RtlInitUnicodeString(&CommandLine, NULL);
1859  }
1860 
1861  /* Initialize NLS data */
1865  &NlsTable);
1866 
1867  /* Reset NLS Translations */
1868  RtlResetRtlTranslations(&NlsTable);
1869 
1870  /* Get the Image Config Directory */
1872  TRUE,
1874  &ConfigSize);
1875 
1876  /* Setup the Heap Parameters */
1877  RtlZeroMemory(&HeapParameters, sizeof(HeapParameters));
1878  HeapFlags = HEAP_GROWABLE;
1879  HeapParameters.Length = sizeof(HeapParameters);
1880 
1881  /* Check if we have Configuration Data */
1882 #define VALID_CONFIG_FIELD(Name) (ConfigSize >= (FIELD_OFFSET(IMAGE_LOAD_CONFIG_DIRECTORY, Name) + sizeof(LoadConfig->Name)))
1883  /* The 'original' load config ends after SecurityCookie */
1884  if ((LoadConfig) && ConfigSize && (VALID_CONFIG_FIELD(SecurityCookie) || ConfigSize == LoadConfig->Size))
1885  {
1886  if (ConfigSize != sizeof(IMAGE_LOAD_CONFIG_DIRECTORY))
1887  DPRINT1("WARN: Accepting different LOAD_CONFIG size!\n");
1888  else
1889  DPRINT1("Applying LOAD_CONFIG\n");
1890 
1891  if (VALID_CONFIG_FIELD(GlobalFlagsSet) && LoadConfig->GlobalFlagsSet)
1892  Peb->NtGlobalFlag |= LoadConfig->GlobalFlagsSet;
1893 
1894  if (VALID_CONFIG_FIELD(GlobalFlagsClear) && LoadConfig->GlobalFlagsClear)
1895  Peb->NtGlobalFlag &= ~LoadConfig->GlobalFlagsClear;
1896 
1897  if (VALID_CONFIG_FIELD(CriticalSectionDefaultTimeout) && LoadConfig->CriticalSectionDefaultTimeout)
1898  RtlpTimeout.QuadPart = Int32x32To64(LoadConfig->CriticalSectionDefaultTimeout, -10000000);
1899 
1900  if (VALID_CONFIG_FIELD(DeCommitFreeBlockThreshold) && LoadConfig->DeCommitFreeBlockThreshold)
1901  HeapParameters.DeCommitFreeBlockThreshold = LoadConfig->DeCommitFreeBlockThreshold;
1902 
1903  if (VALID_CONFIG_FIELD(DeCommitTotalFreeThreshold) && LoadConfig->DeCommitTotalFreeThreshold)
1904  HeapParameters.DeCommitTotalFreeThreshold = LoadConfig->DeCommitTotalFreeThreshold;
1905 
1906  if (VALID_CONFIG_FIELD(MaximumAllocationSize) && LoadConfig->MaximumAllocationSize)
1907  HeapParameters.MaximumAllocationSize = LoadConfig->MaximumAllocationSize;
1908 
1909  if (VALID_CONFIG_FIELD(VirtualMemoryThreshold) && LoadConfig->VirtualMemoryThreshold)
1910  HeapParameters.VirtualMemoryThreshold = LoadConfig->VirtualMemoryThreshold;
1911 
1912  if (VALID_CONFIG_FIELD(ProcessHeapFlags) && LoadConfig->ProcessHeapFlags)
1913  HeapFlags = LoadConfig->ProcessHeapFlags;
1914  }
1915 #undef VALID_CONFIG_FIELD
1916 
1917  /* Check for custom affinity mask */
1919  {
1920  /* Set it */
1924  sizeof(Peb->ImageProcessAffinityMask));
1925  }
1926 
1927  /* Check if verbose debugging (ShowSnaps) was requested */
1929 
1930  /* Start verbose debugging messages right now if they were requested */
1931  if (ShowSnaps)
1932  {
1933  DPRINT1("LDR: PID: 0x%p started - '%wZ'\n",
1934  Teb->ClientId.UniqueProcess,
1935  &CommandLine);
1936  }
1937 
1938  /* If the timeout is too long */
1939  if (RtlpTimeout.QuadPart < Int32x32To64(3600, -10000000))
1940  {
1941  /* Then disable CS Timeout */
1943  }
1944 
1945  /* Initialize Critical Section Data */
1947 
1948  /* Initialize VEH Call lists */
1950 
1951  /* Set TLS/FLS Bitmap data */
1952  Peb->FlsBitmap = &FlsBitMap;
1953  Peb->TlsBitmap = &TlsBitMap;
1955 
1956  /* Initialize FLS Bitmap */
1958  Peb->FlsBitmapBits,
1960  RtlSetBit(&FlsBitMap, 0);
1962 
1963  /* Initialize TLS Bitmap */
1965  Peb->TlsBitmapBits,
1967  RtlSetBit(&TlsBitMap, 0);
1972 
1973  /* Initialize the Hash Table */
1974  for (i = 0; i < LDR_HASH_TABLE_ENTRIES; i++)
1975  {
1977  }
1978 
1979  /* Initialize the Loader Lock */
1980  // FIXME: What's the point of initing it manually, if two lines lower
1981  // a call to RtlInitializeCriticalSection() is being made anyway?
1982  //InsertTailList(&RtlCriticalSectionList, &LdrpLoaderLock.DebugInfo->ProcessLocksList);
1983  //LdrpLoaderLock.DebugInfo->CriticalSection = &LdrpLoaderLock;
1986 
1987  /* Check if User Stack Trace Database support was requested */
1989  {
1990  DPRINT1("We don't support user stack trace databases yet\n");
1991  }
1992 
1993  /* Setup Fast PEB Lock */
1996  //Peb->FastPebLockRoutine = (PPEBLOCKROUTINE)RtlEnterCriticalSection;
1997  //Peb->FastPebUnlockRoutine = (PPEBLOCKROUTINE)RtlLeaveCriticalSection;
1998 
1999  /* Setup Callout Lock and Notification list */
2000  //RtlInitializeCriticalSection(&RtlpCalloutEntryLock);
2002 
2003  /* For old executables, use 16-byte aligned heap */
2004  if ((NtHeader->OptionalHeader.MajorSubsystemVersion <= 3) &&
2005  (NtHeader->OptionalHeader.MinorSubsystemVersion < 51))
2006  {
2007  HeapFlags |= HEAP_CREATE_ALIGN_16;
2008  }
2009 
2010  /* Setup the Heap */
2012  Peb->ProcessHeap = RtlCreateHeap(HeapFlags,
2013  NULL,
2015  NtHeader->OptionalHeader.SizeOfHeapCommit,
2016  NULL,
2017  &HeapParameters);
2018 
2019  if (!Peb->ProcessHeap)
2020  {
2021  DPRINT1("Failed to create process heap\n");
2022  return STATUS_NO_MEMORY;
2023  }
2024 
2025  /* Allocate an Activation Context Stack */
2027  if (!NT_SUCCESS(Status)) return Status;
2028 
2029  RtlZeroMemory(&HeapParameters, sizeof(HeapParameters));
2030  HeapFlags = HEAP_GROWABLE | HEAP_CLASS_1;
2031  HeapParameters.Length = sizeof(HeapParameters);
2032  LdrpHeap = RtlCreateHeap(HeapFlags, 0, 0x10000, 0x6000, 0, &HeapParameters);
2033  if (!LdrpHeap)
2034  {
2035  DPRINT1("Failed to create loader private heap\n");
2036  return STATUS_NO_MEMORY;
2037  }
2038 
2039  /* Check for Debug Heap */
2040  if (OptionsKey)
2041  {
2042  /* Query the setting */
2043  Status = LdrQueryImageFileKeyOption(OptionsKey,
2044  L"DebugProcessHeapOnly",
2045  REG_DWORD,
2046  &DebugProcessHeapOnly,
2047  sizeof(ULONG),
2048  NULL);
2049 
2050  if (NT_SUCCESS(Status))
2051  {
2052  /* Reset DPH if requested */
2053  if (RtlpPageHeapEnabled && DebugProcessHeapOnly)
2054  {
2057  }
2058  }
2059  }
2060 
2061  /* Build the NTDLL Path */
2062  FullPath.Buffer = StringBuffer;
2063  FullPath.Length = 0;
2064  FullPath.MaximumLength = sizeof(StringBuffer);
2067  RtlAppendUnicodeToString(&FullPath, L"\\System32\\");
2068 
2069  /* Open the Known DLLs directory */
2070  RtlInitUnicodeString(&KnownDllString, L"\\KnownDlls");
2072  &KnownDllString,
2074  NULL,
2075  NULL);
2078  &ObjectAttributes);
2079 
2080  /* Check if it exists */
2081  if (NT_SUCCESS(Status))
2082  {
2083  /* Open the Known DLLs Path */
2084  RtlInitUnicodeString(&KnownDllString, L"KnownDllPath");
2086  &KnownDllString,
2089  NULL);
2090  Status = NtOpenSymbolicLinkObject(&SymLinkHandle,
2092  &ObjectAttributes);
2093  if (NT_SUCCESS(Status))
2094  {
2095  /* Query the path */
2099  Status = ZwQuerySymbolicLinkObject(SymLinkHandle, &LdrpKnownDllPath, NULL);
2100  NtClose(SymLinkHandle);
2101  if (!NT_SUCCESS(Status))
2102  {
2103  DPRINT1("LDR: %s - failed call to ZwQuerySymbolicLinkObject with status %x\n", "", Status);
2104  return Status;
2105  }
2106  }
2107  }
2108 
2109  /* Check if we failed */
2110  if (!NT_SUCCESS(Status))
2111  {
2112  /* Assume System32 */
2115  LdrpKnownDllPath.Length -= sizeof(WCHAR);
2116  }
2117 
2118  /* If we have process parameters, get the default path and current path */
2119  if (ProcessParameters)
2120  {
2121  /* Check if we have a Dll Path */
2122  if (ProcessParameters->DllPath.Length)
2123  {
2124  /* Get the path */
2125  LdrpDefaultPath = *(PUNICODE_STRING)&ProcessParameters->DllPath;
2126  }
2127  else
2128  {
2129  /* We need a valid path */
2130  DPRINT1("No valid DllPath was given!\n");
2132  }
2133 
2134  /* Set the current directory */
2135  CurrentDirectory = ProcessParameters->CurrentDirectory.DosPath;
2136 
2137  /* Check if it's empty or invalid */
2138  if ((!CurrentDirectory.Buffer) ||
2139  (CurrentDirectory.Buffer[0] == UNICODE_NULL) ||
2140  (!CurrentDirectory.Length))
2141  {
2142  /* Allocate space for the buffer */
2144  0,
2145  3 * sizeof(WCHAR) +
2146  sizeof(UNICODE_NULL));
2147  if (!CurrentDirectory.Buffer)
2148  {
2149  DPRINT1("LDR: LdrpInitializeProcess - unable to allocate current working directory buffer\n");
2150  // FIXME: And what?
2151  }
2152 
2153  /* Copy the drive of the system root */
2155  SharedUserData->NtSystemRoot,
2156  3 * sizeof(WCHAR));
2157  CurrentDirectory.Buffer[3] = UNICODE_NULL;
2158  CurrentDirectory.Length = 3 * sizeof(WCHAR);
2159  CurrentDirectory.MaximumLength = CurrentDirectory.Length + sizeof(WCHAR);
2160 
2161  FreeCurDir = TRUE;
2162  DPRINT("Using dynamically allocd curdir\n");
2163  }
2164  else
2165  {
2166  /* Use the local buffer */
2167  DPRINT("Using local system root\n");
2168  }
2169  }
2170 
2171  /* Setup Loader Data */
2172  Peb->Ldr = &PebLdr;
2176  PebLdr.Length = sizeof(PEB_LDR_DATA);
2178 
2179  /* Allocate a data entry for the Image */
2181 
2182  /* Set it up */
2184  LdrpImageEntry->LoadCount = -1;
2186  LdrpImageEntry->FullDllName = ImageFileName;
2187 
2188  if (IsDotNetImage)
2190  else
2191  LdrpImageEntry->Flags = 0;
2192 
2193  /* Check if the name is empty */
2194  if (!ImageFileName.Buffer[0])
2195  {
2196  /* Use the same Base name */
2198  }
2199  else
2200  {
2201  /* Find the last slash */
2202  Current = ImageFileName.Buffer;
2203  while (*Current)
2204  {
2205  if (*Current++ == '\\')
2206  {
2207  /* Set this path */
2208  NtDllName = Current;
2209  }
2210  }
2211 
2212  /* Did we find anything? */
2213  if (!NtDllName)
2214  {
2215  /* Use the same Base name */
2217  }
2218  else
2219  {
2220  /* Setup the name */
2221  LdrpImageEntry->BaseDllName.Length = (USHORT)((ULONG_PTR)ImageFileName.Buffer + ImageFileName.Length - (ULONG_PTR)NtDllName);
2223  LdrpImageEntry->BaseDllName.Buffer = (PWSTR)((ULONG_PTR)ImageFileName.Buffer +
2224  (ImageFileName.Length - LdrpImageEntry->BaseDllName.Length));
2225  }
2226  }
2227 
2228  /* Processing done, insert it */
2231 
2232  /* Now add an entry for NTDLL */
2234  NtLdrEntry->Flags = LDRP_IMAGE_DLL;
2235  NtLdrEntry->EntryPoint = LdrpFetchAddressOfEntryPoint(NtLdrEntry->DllBase);
2236  NtLdrEntry->LoadCount = -1;
2237  NtLdrEntry->EntryPointActivationContext = 0;
2238 
2239  NtLdrEntry->FullDllName.Length = FullPath.Length;
2240  NtLdrEntry->FullDllName.MaximumLength = FullPath.MaximumLength;
2241  NtLdrEntry->FullDllName.Buffer = StringBuffer;
2243 
2244  NtLdrEntry->BaseDllName.Length = NtDllString.Length;
2246  NtLdrEntry->BaseDllName.Buffer = NtDllString.Buffer;
2247 
2248  /* Processing done, insert it */
2249  LdrpNtDllDataTableEntry = NtLdrEntry;
2250  LdrpInsertMemoryTableEntry(NtLdrEntry);
2251 
2252  /* Let the world know */
2253  if (ShowSnaps)
2254  {
2255  DPRINT1("LDR: NEW PROCESS\n");
2256  DPRINT1(" Image Path: %wZ (%wZ)\n", &LdrpImageEntry->FullDllName, &LdrpImageEntry->BaseDllName);
2257  DPRINT1(" Current Directory: %wZ\n", &CurrentDirectory);
2258  DPRINT1(" Search Path: %wZ\n", &LdrpDefaultPath);
2259  }
2260 
2261  /* Link the Init Order List */
2264 
2265  /* Initialize Wine's active context implementation for the current process */
2266  actctx_init(&OldShimData);
2267 
2268  /* Set the current directory */
2270  if (!NT_SUCCESS(Status))
2271  {
2272  /* We failed, check if we should free it */
2273  if (FreeCurDir) RtlFreeUnicodeString(&CurrentDirectory);
2274 
2275  /* Set it to the NT Root */
2278  }
2279  else
2280  {
2281  /* We're done with it, free it */
2282  if (FreeCurDir) RtlFreeUnicodeString(&CurrentDirectory);
2283  }
2284 
2285  /* Check if we should look for a .local file */
2286  if (ProcessParameters && !(ProcessParameters->Flags & RTL_USER_PROCESS_PARAMETERS_LOCAL_DLL_PATH))
2287  {
2288  LdrpInitializeDotLocalSupport(ProcessParameters);
2289  }
2290 
2291  /* Check if the Application Verifier was enabled */
2293  {
2295  if (!NT_SUCCESS(Status))
2296  {
2297  DPRINT1("LDR: AVrfInitializeVerifier failed (ntstatus 0x%x)\n", Status);
2298  return Status;
2299  }
2300 
2301  }
2302 
2303  if (IsDotNetImage)
2304  {
2305  /* FIXME */
2306  DPRINT1("We don't support .NET applications yet\n");
2307  }
2308 
2311  {
2312  PVOID Kernel32BaseAddress;
2313  PVOID FunctionAddress;
2314 
2315  Status = LdrLoadDll(NULL, NULL, &Kernel32String, &Kernel32BaseAddress);
2316 
2317  if (!NT_SUCCESS(Status))
2318  {
2319  if (ShowSnaps)
2320  DPRINT1("LDR: Unable to load %wZ, Status=0x%08lx\n", &Kernel32String, Status);
2321  return Status;
2322  }
2323 
2324  Status = LdrGetProcedureAddress(Kernel32BaseAddress,
2325  &BaseProcessInitPostImportName,
2326  0,
2327  &FunctionAddress);
2328 
2329  if (!NT_SUCCESS(Status))
2330  {
2331  if (ShowSnaps)
2332  DPRINT1("LDR: Unable to find post-import process init function, Status=0x%08lx\n", &Kernel32String, Status);
2333  return Status;
2334  }
2335  Kernel32ProcessInitPostImportFunction = FunctionAddress;
2336 
2337  Status = LdrGetProcedureAddress(Kernel32BaseAddress,
2338  &BaseQueryModuleDataName,
2339  0,
2340  &FunctionAddress);
2341 
2342  if (!NT_SUCCESS(Status))
2343  {
2344  if (ShowSnaps)
2345  DPRINT1("LDR: Unable to find BaseQueryModuleData, Status=0x%08lx\n", &Kernel32String, Status);
2346  return Status;
2347  }
2348  Kernel32BaseQueryModuleData = FunctionAddress;
2349  }
2350 
2351  /* Walk the IAT and load all the DLLs */
2353 
2354  /* Check if relocation is needed */
2355  if (Peb->ImageBaseAddress != (PVOID)NtHeader->OptionalHeader.ImageBase)
2356  {
2357  DPRINT1("LDR: Performing EXE relocation\n");
2358 
2359  /* Change the protection to prepare for relocation */
2360  ViewBase = Peb->ImageBaseAddress;
2361  Status = LdrpSetProtection(ViewBase, FALSE);
2362  if (!NT_SUCCESS(Status)) return Status;
2363 
2364  /* Do the relocation */
2365  Status = LdrRelocateImageWithBias(ViewBase,
2366  0LL,
2367  NULL,
2371  if (!NT_SUCCESS(Status))
2372  {
2373  DPRINT1("LdrRelocateImageWithBias() failed\n");
2374  return Status;
2375  }
2376 
2377  /* Check if a start context was provided */
2378  if (Context)
2379  {
2380  DPRINT1("WARNING: Relocated EXE Context");
2381  UNIMPLEMENTED; // We should support this
2383  }
2384 
2385  /* Restore the protection */
2386  Status = LdrpSetProtection(ViewBase, TRUE);
2387  if (!NT_SUCCESS(Status)) return Status;
2388  }
2389 
2390  /* Lock the DLLs */
2391  ListHead = &Peb->Ldr->InLoadOrderModuleList;
2392  NextEntry = ListHead->Flink;
2393  while (ListHead != NextEntry)
2394  {
2395  NtLdrEntry = CONTAINING_RECORD(NextEntry, LDR_DATA_TABLE_ENTRY, InLoadOrderLinks);
2396  NtLdrEntry->LoadCount = -1;
2397  NextEntry = NextEntry->Flink;
2398  }
2399 
2400  /* Phase 0 is done */
2402 
2403  /* Check whether all static imports were properly loaded and return here */
2404  if (!NT_SUCCESS(ImportStatus)) return ImportStatus;
2405 
2406  /* Initialize TLS */
2408  if (!NT_SUCCESS(Status))
2409  {
2410  DPRINT1("LDR: LdrpProcessInitialization failed to initialize TLS slots; status %x\n",
2411  Status);
2412  return Status;
2413  }
2414 
2415  /* FIXME Mark the DLL Ranges for Stack Traces later */
2416 
2417  /* Notify the debugger now */
2418  if (Peb->BeingDebugged)
2419  {
2420  /* Break */
2421  DbgBreakPoint();
2422 
2423  /* Update show snaps again */
2425  }
2426 
2427  /* Validate the Image for MP Usage */
2429 
2430  /* Check NX Options */
2431  if (SharedUserData->NXSupportPolicy == 1)
2432  {
2433  ExecuteOptions = 0xD;
2434  }
2435  else if (!SharedUserData->NXSupportPolicy)
2436  {
2437  ExecuteOptions = 0xA;
2438  }
2439 
2440  /* Let Mm know */
2443  &ExecuteOptions,
2444  sizeof(ULONG));
2445 
2446  // FIXME: Should be done by Application Compatibility features,
2447  // by reading the registry, etc...
2448  // For now, this is the old code from ntdll!RtlGetVersion().
2449  RtlInitEmptyUnicodeString(&Peb->CSDVersion, NULL, 0);
2450  if (((Peb->OSCSDVersion >> 8) & 0xFF) != 0)
2451  {
2452  WCHAR szCSDVersion[128];
2453  LONG i;
2454  USHORT Length = (USHORT)ARRAYSIZE(szCSDVersion) - 1;
2455  i = _snwprintf(szCSDVersion, Length,
2456  L"Service Pack %d",
2457  ((Peb->OSCSDVersion >> 8) & 0xFF));
2458  if (i < 0)
2459  {
2460  /* Null-terminate if it was overflowed */
2461  szCSDVersion[Length] = UNICODE_NULL;
2462  }
2463 
2464  Length *= sizeof(WCHAR);
2465  Peb->CSDVersion.Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
2466  0,
2467  Length + sizeof(UNICODE_NULL));
2468  if (Peb->CSDVersion.Buffer)
2469  {
2472 
2474  szCSDVersion,
2477  }
2478  }
2479 
2480  /* Check if we had Shim Data */
2481  if (OldShimData)
2482  {
2483  /* Load the Shim Engine */
2484  Peb->AppCompatInfo = NULL;
2485  LdrpLoadShimEngine(OldShimData, &ImagePathName, OldShimData);
2486  }
2487  else
2488  {
2489  /* Check for Application Compatibility Goo */
2490  //LdrQueryApplicationCompatibilityGoo(hKey);
2491  DPRINT("Querying app compat hacks is missing!\n");
2492  }
2493 
2494  /*
2495  * FIXME: Check for special images, SecuROM, SafeDisc and other NX-
2496  * incompatible images.
2497  */
2498 
2499  /* Now call the Init Routines */
2501  if (!NT_SUCCESS(Status))
2502  {
2503  DPRINT1("LDR: LdrpProcessInitialization failed running initialization routines; status %x\n",
2504  Status);
2505  return Status;
2506  }
2507 
2508  /* Notify Shim Engine */
2509  if (g_ShimsEnabled)
2510  {
2513  SE_InstallAfterInit(&ImagePathName, OldShimData);
2514  }
2515 
2516  /* Check if we have a user-defined Post Process Routine */
2518  {
2519  /* Call it */
2521  }
2522 
2523  /* Close the key if we have one opened */
2524  if (OptionsKey) NtClose(OptionsKey);
2525 
2526  /* Return status */
2527  return Status;
2528 }
PRTL_BITMAP TlsExpansionBitmap
Definition: winternl.h:346
BOOLEAN Initialized
Definition: ntddk_ex.h:222
#define LDRP_ENTRY_PROCESSED
Definition: ldrtypes.h:44
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
BOOLEAN LdrpDllValidation
Definition: ldrinit.c:37
#define HEAP_CLASS_1
Definition: nt_native.h:1711
NTSTATUS NTAPI LdrQueryImageFileKeyOption(IN HANDLE KeyHandle, IN PCWSTR ValueName, IN ULONG Type, OUT PVOID Buffer, IN ULONG BufferSize, OUT PULONG ReturnedLength OPTIONAL)
Definition: ldrinit.c:184
NTSYSAPI VOID NTAPI RtlResetRtlTranslations(_In_ PNLSTABLEINFO NlsTable)
BOOLEAN g_ShimsEnabled
Definition: ldrutils.c:21
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
#define HEAP_CREATE_ALIGN_16
Definition: nt_native.h:1701
#define LL
Definition: tui.h:84
PPEB Peb
Definition: dllmain.c:27
NTSTATUS NTAPI LdrpWalkImportDescriptor(IN LPWSTR DllPath OPTIONAL, IN PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: ldrpe.c:670
UNICODE_STRING Kernel32String
Definition: ldrinit.c:27
RTL_BITMAP FlsBitMap
Definition: ldrinit.c:51
LIST_ENTRY InInitializationOrderModuleList
Definition: ldrtypes.h:122
UNICODE_STRING LdrpKnownDllPath
Definition: ldrinit.c:63
LARGE_INTEGER RtlpTimeout
Definition: critical.c:24
UNICODE_STRING NtSystemRoot
Definition: init.c:73
RTL_BITMAP TlsExpansionBitMap
Definition: ldrinit.c:50
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
ULONG ImageProcessAffinityMask
Definition: ntddk_ex.h:307
USHORT MaximumLength
Definition: env_spec_w32.h:370
WCHAR CurrentDirectory[1024]
Definition: chkdsk.c:74
LIST_ENTRY InLoadOrderModuleList
Definition: ldrtypes.h:120
#define TRUE
Definition: types.h:120
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
#define TLS_EXPANSION_SLOTS
Definition: pstypes.h:302
uint16_t * PWSTR
Definition: typedefs.h:56
FORCEINLINE VOID InsertHeadList(_Inout_ PLIST_ENTRY ListHead, _Inout_ __drv_aliasesMem PLIST_ENTRY Entry)
Definition: rtlfuncs.h:201
#define IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
Definition: ntimage.h:489
PLDR_DATA_TABLE_ENTRY LdrpNtDllDataTableEntry
Definition: ldrinit.c:44
NTSYSAPI void WINAPI RtlInitializeBitMap(PRTL_BITMAP, PULONG, ULONG)
LONG NTSTATUS
Definition: precomp.h:26
LIST_ENTRY InMemoryOrderModuleList
Definition: btrfs_drv.h:1941
NTSYSAPI VOID NTAPI RtlSetBit(_In_ PRTL_BITMAP BitMapHeader, _In_range_(<, BitMapHeader->SizeOfBitMap) ULONG BitNumber)
Definition: bitmap.c:304
VOID NTAPI SE_InstallAfterInit(PUNICODE_STRING ProcessImage, PVOID pShimData)
Definition: shimeng.c:1422
NTSYSAPI NTSTATUS NTAPI ZwOpenDirectoryObject(_Out_ PHANDLE FileHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
PVOID ImageBaseAddress
Definition: ntddk_ex.h:245
BYTE BeingDebugged
Definition: btrfs_drv.h:1955
void actctx_init(PVOID *pOldShimData)
Definition: actctx.c:4973
uint16_t * PWCHAR
Definition: typedefs.h:56
PRTL_USER_PROCESS_PARAMETERS ProcessParameters
Definition: btrfs_drv.h:1959
HANDLE LdrpKnownDllObjectDirectory
Definition: ldrinit.c:62
ULONG DeCommitFreeBlockThreshold
Definition: nt_native.h:1670
HANDLE UniqueProcess
Definition: compat.h:573
void DbgBreakPoint()
Definition: mach.c:553
BOOLEAN RtlpPageHeapEnabled
Definition: heappage.c:106
#define RtlMoveMemory(Destination, Source, Length)
Definition: typedefs.h:264
ULONG FlsBitmapBits[4]
Definition: winternl.h:362
uint32_t ULONG_PTR
Definition: typedefs.h:65
NTSYSAPI PRTL_USER_PROCESS_PARAMETERS NTAPI RtlNormalizeProcessParams(_In_ PRTL_USER_PROCESS_PARAMETERS ProcessParameters)
VOID NTAPI LdrpInitializeDotLocalSupport(PRTL_USER_PROCESS_PARAMETERS ProcessParameters)
Definition: ldrinit.c:1692
CLIENT_ID ClientId
Definition: compat.h:587
PVOID DllBase
Definition: btrfs_drv.h:1926
PVOID NtDllBase
Definition: ldrinit.c:56
ULONG NtGlobalFlag
Definition: ntddk_ex.h:270
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Definition: compat.h:153
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
#define FALSE
Definition: types.h:117
#define UNICODE_NULL
NTSTATUS NTAPI LdrpInitializeTls(VOID)
Definition: ldrinit.c:1254
BOOLEAN LdrpLoaderLockInit
Definition: ldrinit.c:32
BOOLEAN ShowSnaps
Definition: ldrinit.c:81
long LONG
Definition: pedump.c:60
VOID NTAPI RtlpInitDeferedCriticalSection(VOID)
Definition: critical.c:267
PVOID EntryPoint
Definition: ntddk_ex.h:203
LIST_ENTRY LdrpHashTable[LDR_HASH_TABLE_ENTRIES]
Definition: ldrinit.c:60
NTSTATUS NTAPI LdrGetProcedureAddress(IN PVOID BaseAddress, IN PANSI_STRING Name, IN ULONG Ordinal, OUT PVOID *ProcedureAddress)
Definition: ldrapi.c:823
WCHAR LdrpKnownDllPathBuffer[128]
Definition: ldrinit.c:64
#define IMAGE_SUBSYSTEM_WINDOWS_CUI
Definition: ntimage.h:438
unsigned char BOOLEAN
ULONG RtlpDphGlobalFlags
Definition: heappage.c:107
PVOID NTAPI LdrpFetchAddressOfEntryPoint(PVOID ImageBase)
int _snwprintf(wchar_t *buffer, size_t count, const wchar_t *format,...)
smooth NULL
Definition: ftsmooth.c:416
#define IMAGE_SUBSYSTEM_NATIVE
Definition: ntimage.h:436
#define FLG_APPLICATION_VERIFIER
Definition: pstypes.h:64
PVOID NTAPI RtlDecodeSystemPointer(IN PVOID Pointer)
Definition: process.c:439
void DPRINT(...)
Definition: polytest.cpp:61
void * PVOID
Definition: retypes.h:9
RTL_BITMAP TlsBitMap
Definition: ldrinit.c:49
ULONG Length
Definition: ntddk_ex.h:221
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
PVOID LdrpHeap
Definition: ldrinit.c:59
ULONG TlsExpansionBitmapBits[32]
Definition: winternl.h:347
#define NtCurrentProcess()
Definition: nt_native.h:1657
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
LIST_ENTRY FlsListHead
Definition: winternl.h:360
#define DIRECTORY_TRAVERSE
Definition: nt_native.h:1255
VOID NTAPI LdrpInitFailure(NTSTATUS Status)
Definition: ldrinit.c:2532
RTL_CRITICAL_SECTION LdrpLoaderLock
Definition: ldrinit.c:70
_In_opt_ PVOID _In_opt_ PVOID SystemArgument1
Definition: ketypes.h:675
NTSTATUS RtlAppendUnicodeToString(IN PUNICODE_STRING Str1, IN PWSTR Str2)
Definition: string_lib.cpp:62
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
NTSYSAPI VOID NTAPI RtlInitNlsTables(_In_ PUSHORT AnsiTableBase, _In_ PUSHORT OemTableBase, _In_ PUSHORT CaseTableBase, _Out_ PNLSTABLEINFO NlsTable)
UNICODE_STRING NtDllString
Definition: ldrinit.c:26
ULONG VirtualMemoryThreshold
Definition: nt_native.h:1673
BOOLEAN RtlpTimeoutDisable
Definition: ldrinit.c:58
#define STATUS_INVALID_IMAGE_FORMAT
Definition: ntstatus.h:359
VOID NTAPI LdrpLoadShimEngine(IN PWSTR ImageName, IN PUNICODE_STRING ProcessImage, IN PVOID pShimData)
Definition: ldrutils.c:2768
__wchar_t WCHAR
Definition: xmlstorage.h:180
NTSYSAPI NTSTATUS NTAPI RtlInitializeCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PEB_LDR_DATA PebLdr
Definition: ldrinit.c:67
PPS_POST_PROCESS_INIT_ROUTINE PostProcessInitRoutine
Definition: btrfs_drv.h:1962
#define HEAP_GROWABLE
Definition: nt_native.h:1693
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
static VOID LoadConfig(HWND hwndDlg, PPOWER_SCHEMES_PAGE_DATA pPageData, PPOWER_SCHEME pScheme)
Definition: powershemes.c:237
LARGE_INTEGER CriticalSectionTimeout
Definition: ntddk_ex.h:274
PLDR_DATA_TABLE_ENTRY LdrpImageEntry
Definition: ldrinit.c:39
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
BOOLEAN LdrpLdrDatabaseIsSetup
Definition: ldrinit.c:33
PVOID g_pfnSE_InstallAfterInit
Definition: ldrutils.c:26
#define SharedUserData
Status
Definition: gdiplustypes.h:24
UNICODE_STRING ImagePathName
Definition: btrfs_drv.h:1947
static const WCHAR L[]
Definition: oid.c:1250
#define RtlImageDirectoryEntryToData
Definition: compat.h:557
PVOID TlsBitmap
Definition: ntddk_ex.h:259
#define VOID
Definition: acefi.h:82
Definition: btrfs_drv.h:1922
NTSTATUS NTAPI DECLSPEC_HOTPATCH LdrLoadDll(IN PWSTR SearchPath OPTIONAL, IN PULONG DllCharacteristics OPTIONAL, IN PUNICODE_STRING DllName, OUT PVOID *BaseAddress)
Definition: ldrapi.c:310
NTSYSAPI PVOID NTAPI RtlCreateHeap(IN ULONG Flags, IN PVOID HeapBase OPTIONAL, IN ULONG ReserveSize OPTIONAL, IN ULONG CommitSize OPTIONAL, IN PVOID Lock OPTIONAL, IN PRTL_HEAP_PARAMETERS Parameters OPTIONAL)
Definition: typedefs.h:119
UNICODE_STRING CommandLine
Definition: btrfs_drv.h:1948
PVOID UnicodeCaseTableData
Definition: ntddk_ex.h:266
VOID NTAPI LdrpValidateImageForMp(IN PLDR_DATA_TABLE_ENTRY LdrDataTableEntry)
Definition: ldrinit.c:1535
IMAGE_OPTIONAL_HEADER32 OptionalHeader
Definition: ntddk_ex.h:184
#define VALID_CONFIG_FIELD(Name)
#define LDR_HASH_TABLE_ENTRIES
Definition: ntdllp.h:11
PVOID AppCompatInfo
Definition: winternl.h:352
VOID NTAPI LdrpInsertMemoryTableEntry(IN PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: ldrutils.c:1579
ULONG LdrpNumberOfProcessors
Definition: ldrinit.c:55
NTSTATUS NTAPI AVrfInitializeVerifier(VOID)
Definition: verifier.c:612
VOID NTAPI RtlInitializeHeapManager(VOID)
Definition: libsupp.c:243
LIST_ENTRY LdrpDllNotificationList
Definition: ldrinit.c:61
Definition: compat.h:583
#define LDRP_COR_IMAGE
Definition: ldrtypes.h:52
VOID NTAPI RtlpInitializeVectoredExceptionHandling(VOID)
Definition: vectoreh.c:30
NTSYSAPI ULONG NTAPI LdrRelocateImageWithBias(_In_ PVOID NewAddress, _In_ LONGLONG AdditionalBias, _In_ PCCH LoaderName, _In_ ULONG Success, _In_ ULONG Conflict, _In_ ULONG Invalid)
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
Definition: psfuncs.h:420
NTSTATUS NTAPI NtSetInformationProcess(IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, IN PVOID ProcessInformation, IN ULONG ProcessInformationLength)
Definition: query.c:1107
NTSTATUS NTAPI LdrpSetProtection(PVOID ViewBase, BOOLEAN Restore)
Definition: ldrutils.c:944
#define FLS_MAXIMUM_AVAILABLE
Definition: winnt_old.h:1103
UNICODE_STRING LdrpDefaultPath
Definition: ldrinit.c:65
#define NtCurrentPeb()
Definition: FLS.c:20
PVOID ProcessHeap
Definition: ntddk_ex.h:249
unsigned short USHORT
Definition: pedump.c:61
RTL_CRITICAL_SECTION FastPebLock
Definition: ldrinit.c:79
#define FLG_SHOW_LDR_SNAPS
Definition: pstypes.h:57
PLDR_DATA_TABLE_ENTRY NTAPI LdrpAllocateDataTableEntry(IN PVOID BaseAddress)
Definition: ldrutils.c:1546
PPEB_LDR_DATA Ldr
Definition: btrfs_drv.h:1958
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
UNICODE_STRING FullDllName
Definition: btrfs_drv.h:1928
UNICODE_STRING BaseDllName
Definition: ldrtypes.h:145
NTSTATUS NTAPI LdrpInitializeExecutionOptions(PUNICODE_STRING ImagePathName, PPEB Peb, PHANDLE OptionsKey)
Definition: ldrinit.c:1416
ULONG NumberOfProcessors
Definition: ntddk_ex.h:269
PACTIVATION_CONTEXT EntryPointActivationContext
Definition: ldrtypes.h:163
ULONG TlsBitmapBits[2]
Definition: ntddk_ex.h:260
UNICODE_STRING * PUNICODE_STRING
Definition: env_spec_w32.h:373
#define DPH_FLAG_DLL_NOTIFY
Definition: ntdllp.h:24
NTSTATUS NTAPI LdrpRunInitializeRoutines(IN PCONTEXT Context OPTIONAL)
Definition: ldrinit.c:637
#define DPRINT1
Definition: precomp.h:8
#define RtlImageNtHeader
Definition: compat.h:554
UNICODE_STRING DosPath
Definition: rtltypes.h:1366
PVOID OemCodePageData
Definition: ntddk_ex.h:265
NTSYSAPI NTSTATUS NTAPI RtlSetCurrentDirectory_U(_In_ PUNICODE_STRING name)
#define LDRP_IMAGE_DLL
Definition: ldrtypes.h:39
NTSTATUS NTAPI RtlAllocateActivationContextStack(IN PACTIVATION_CONTEXT_STACK *Stack)
Definition: actctx.c:5804
PRTL_BITMAP FlsBitmap
Definition: winternl.h:361
ULONG Flags
Definition: ntddk_ex.h:207
unsigned int ULONG
Definition: retypes.h:1
#define SYMBOLIC_LINK_QUERY
Definition: nt_native.h:1265
#define DIRECTORY_QUERY
Definition: nt_native.h:1254
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define UNIMPLEMENTED
Definition: debug.h:115
struct _PEB_LDR_DATA PEB_LDR_DATA
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
#define ULONG_PTR
Definition: config.h:101
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
PVOID FastPebLock
Definition: ntddk_ex.h:250
UNICODE_STRING CSDVersion
Definition: winternl.h:353
#define FLG_USER_STACK_TRACE_DB
Definition: pstypes.h:67
#define RTL_USER_PROCESS_PARAMETERS_NORMALIZED
Definition: rtltypes.h:41
PVOID ActivationContextStackPointer
Definition: compat.h:602
WCHAR * LPWSTR
Definition: xmlstorage.h:184
#define RTL_USER_PROCESS_PARAMETERS_LOCAL_DLL_PATH
Definition: rtltypes.h:53
#define STATUS_CONFLICTING_ADDRESSES
Definition: ntstatus.h:261
return STATUS_SUCCESS
Definition: btrfs.c:3014
#define REG_DWORD
Definition: sdbapi.c:596
WCHAR StringBuffer[156]
Definition: ldrinit.c:41
ULONG DeCommitTotalFreeThreshold
Definition: nt_native.h:1671
PVOID AnsiCodePageData
Definition: ntddk_ex.h:264
VOID NTAPI RtlSetUnhandledExceptionFilter(IN PRTLP_UNHANDLED_EXCEPTION_FILTER TopLevelExceptionFilter)
Definition: exception.c:334
LIST_ENTRY InInitializationOrderLinks
Definition: ldrtypes.h:140
#define Int32x32To64(a, b)
USHORT LoadCount
Definition: ntddk_ex.h:208
LONGLONG QuadPart
Definition: typedefs.h:114
#define TLS_MINIMUM_AVAILABLE
Definition: ntddk_ex.h:236
#define IMAGE_SUBSYSTEM_WINDOWS_GUI
Definition: ntimage.h:437
#define RTL_CONSTANT_STRING(s)
Definition: tunneltest.c:14
NTSYSAPI NTSTATUS NTAPI ZwSetInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _In_ PVOID ProcessInformation, _In_ ULONG ProcessInformationLength)

Referenced by LdrpInit().

◆ LdrpInitializeThread()

VOID NTAPI LdrpInitializeThread ( IN PCONTEXT  Context)

Definition at line 502 of file ldrinit.c.

503 {
504  PPEB Peb = NtCurrentPeb();
505  PLDR_DATA_TABLE_ENTRY LdrEntry;
506  PLIST_ENTRY NextEntry, ListHead;
507  RTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_EXTENDED ActCtx;
509  PVOID EntryPoint;
510 
511  DPRINT("LdrpInitializeThread() called for %wZ (%p/%p)\n",
513  NtCurrentTeb()->RealClientId.UniqueProcess,
514  NtCurrentTeb()->RealClientId.UniqueThread);
515 
516  /* Allocate an Activation Context Stack */
517  DPRINT("ActivationContextStack %p\n", NtCurrentTeb()->ActivationContextStackPointer);
518  Status = RtlAllocateActivationContextStack(&NtCurrentTeb()->ActivationContextStackPointer);
519  if (!NT_SUCCESS(Status))
520  {
521  DPRINT1("Warning: Unable to allocate ActivationContextStack\n");
522  }
523 
524  /* Make sure we are not shutting down */
525  if (LdrpShutdownInProgress) return;
526 
527  /* Allocate TLS */
528  LdrpAllocateTls();
529 
530  /* Start at the beginning */
531  ListHead = &Peb->Ldr->InMemoryOrderModuleList;
532  NextEntry = ListHead->Flink;
533  while (NextEntry != ListHead)
534  {
535  /* Get the current entry */
536  LdrEntry = CONTAINING_RECORD(NextEntry, LDR_DATA_TABLE_ENTRY, InMemoryOrderLinks);
537 
538  /* Make sure it's not ourselves */
539  if (Peb->ImageBaseAddress != LdrEntry->DllBase)
540  {
541  /* Check if we should call */
542  if (!(LdrEntry->Flags & LDRP_DONT_CALL_FOR_THREADS))
543  {
544  /* Get the entrypoint */
545  EntryPoint = LdrEntry->EntryPoint;
546 
547  /* Check if we are ready to call it */
548  if ((EntryPoint) &&
549  (LdrEntry->Flags & LDRP_PROCESS_ATTACH_CALLED) &&
550  (LdrEntry->Flags & LDRP_IMAGE_DLL))
551  {
552  /* Set up the Act Ctx */
553  ActCtx.Size = sizeof(ActCtx);
554  ActCtx.Format = 1;
556 
557  /* Activate the ActCtx */
559  LdrEntry->EntryPointActivationContext);
560 
561  _SEH2_TRY
562  {
563  /* Check if it has TLS */
564  if (LdrEntry->TlsIndex)
565  {
566  /* Make sure we're not shutting down */
568  {
569  /* Call TLS */
571  }
572  }
573 
574  /* Make sure we're not shutting down */
576  {
577  /* Call the Entrypoint */
578  DPRINT("%wZ - Calling entry point at %p for thread attaching, %p/%p\n",
579  &LdrEntry->BaseDllName, LdrEntry->EntryPoint,
580  NtCurrentTeb()->RealClientId.UniqueProcess,
581  NtCurrentTeb()->RealClientId.UniqueThread);
583  LdrEntry->DllBase,
585  NULL);
586  }
587  }
589  {
590  DPRINT1("WARNING: Exception 0x%x during LdrpCallInitRoutine(DLL_THREAD_ATTACH) for %wZ\n",
591  _SEH2_GetExceptionCode(), &LdrEntry->BaseDllName);
592  }
593  _SEH2_END;
594 
595  /* Deactivate the ActCtx */
597  }
598  }
599  }
600 
601  /* Next entry */
602  NextEntry = NextEntry->Flink;
603  }
604 
605  /* Check for TLS */
607  {
608  /* Set up the Act Ctx */
609  ActCtx.Size = sizeof(ActCtx);
610  ActCtx.Format = 1;
612 
613  /* Activate the ActCtx */
616 
617  _SEH2_TRY
618  {
619  /* Do TLS callbacks */
621  }
623  {
624  /* Do nothing */
625  }
626  _SEH2_END;
627 
628  /* Deactivate the ActCtx */
630  }
631 
632  DPRINT("LdrpInitializeThread() done\n");
633 }
VOID NTAPI LdrpCallTlsInitializers(IN PLDR_DATA_TABLE_ENTRY LdrEntry, IN ULONG Reason)
Definition: ldrutils.c:473
BOOLEAN LdrpShutdownInProgress
Definition: ldrinit.c:34
PPEB Peb
Definition: dllmain.c:27
#define LDRP_DONT_CALL_FOR_THREADS
Definition: ldrtypes.h:48
#define DLL_THREAD_ATTACH
Definition: compat.h:132
LONG NTSTATUS
Definition: precomp.h:26
LIST_ENTRY InMemoryOrderModuleList
Definition: btrfs_drv.h:1941
PVOID ImageBaseAddress
Definition: ntddk_ex.h:245
_SEH2_TRY
Definition: create.c:4226
PVOID DllBase
Definition: btrfs_drv.h:1926
USHORT TlsIndex
Definition: ntddk_ex.h:209
PVOID EntryPoint
Definition: ntddk_ex.h:203
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
smooth NULL
Definition: ftsmooth.c:416
void DPRINT(...)
Definition: polytest.cpp:61
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PRTL_ACTIVATION_CONTEXT_STACK_FRAME FASTCALL RtlDeactivateActivationContextUnsafeFast(IN PRTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_EXTENDED Frame)
Definition: actctx.c:5909
PLDR_DATA_TABLE_ENTRY LdrpImageEntry
Definition: ldrinit.c:39
_In_ PCWSTR _Out_ PVOID * ActCtx
Definition: ldrtypes.h:247
Status
Definition: gdiplustypes.h:24
Definition: btrfs_drv.h:1922
Definition: typedefs.h:119
_SEH2_END
Definition: create.c:4400
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
Definition: psfuncs.h:420
#define NtCurrentPeb()
Definition: FLS.c:20
PPEB_LDR_DATA Ldr
Definition: btrfs_drv.h:1958
UNICODE_STRING BaseDllName
Definition: ldrtypes.h:145
PACTIVATION_CONTEXT EntryPointActivationContext
Definition: ldrtypes.h:163
#define DPRINT1
Definition: precomp.h:8
PRTL_ACTIVATION_CONTEXT_STACK_FRAME FASTCALL RtlActivateActivationContextUnsafeFast(IN PRTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_EXTENDED Frame, IN PVOID Context)
Definition: actctx.c:5832
#define LDRP_IMAGE_DLL
Definition: ldrtypes.h:39
NTSTATUS NTAPI LdrpAllocateTls(VOID)
Definition: ldrinit.c:1317
NTSTATUS NTAPI RtlAllocateActivationContextStack(IN PACTIVATION_CONTEXT_STACK *Stack)
Definition: actctx.c:5804
ULONG Flags
Definition: ntddk_ex.h:207
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:6
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:12
#define LDRP_PROCESS_ATTACH_CALLED
Definition: ldrtypes.h:49
BOOLEAN LdrpImageHasTls
Definition: ldrinit.c:52
BOOLEAN NTAPI LdrpCallInitRoutine(IN PDLL_INIT_ROUTINE EntryPoint, IN PVOID BaseAddress, IN ULONG Reason, IN PVOID Context)
Definition: ldrutils.c:100

Referenced by LdrpInit().

◆ LdrpInitializeTls()

NTSTATUS NTAPI LdrpInitializeTls ( VOID  )

Definition at line 1254 of file ldrinit.c.

1255 {
1256  PLIST_ENTRY NextEntry, ListHead;
1257  PLDR_DATA_TABLE_ENTRY LdrEntry;
1258  PIMAGE_TLS_DIRECTORY TlsDirectory;
1259  PLDRP_TLS_DATA TlsData;
1260  ULONG Size;
1261 
1262  /* Initialize the TLS List */
1264 
1265  /* Loop all the modules */
1266  ListHead = &NtCurrentPeb()->Ldr->InLoadOrderModuleList;
1267  NextEntry = ListHead->Flink;
1268  while (ListHead != NextEntry)
1269  {
1270  /* Get the entry */
1271  LdrEntry = CONTAINING_RECORD(NextEntry, LDR_DATA_TABLE_ENTRY, InLoadOrderLinks);
1272  NextEntry = NextEntry->Flink;
1273 
1274  /* Get the TLS directory */
1275  TlsDirectory = RtlImageDirectoryEntryToData(LdrEntry->DllBase,
1276  TRUE,
1278  &Size);
1279 
1280  /* Check if we have a directory */
1281  if (!TlsDirectory) continue;
1282 
1283  /* Check if the image has TLS */
1285 
1286  /* Show debug message */
1287  if (ShowSnaps)
1288  {
1289  DPRINT1("LDR: Tls Found in %wZ at %p\n",
1290  &LdrEntry->BaseDllName,
1291  TlsDirectory);
1292  }
1293 
1294  /* Allocate an entry */
1295  TlsData = RtlAllocateHeap(RtlGetProcessHeap(), 0, sizeof(LDRP_TLS_DATA));
1296  if (!TlsData) return STATUS_NO_MEMORY;
1297 
1298  /* Lock the DLL and mark it for TLS Usage */
1299  LdrEntry->LoadCount = -1;
1300  LdrEntry->TlsIndex = -1;
1301 
1302  /* Save the cached TLS data */
1303  TlsData->TlsDirectory = *TlsDirectory;
1304  InsertTailList(&LdrpTlsList, &TlsData->TlsLinks);
1305 
1306  /* Update the index */
1309  }
1310 
1311  /* Done setting up TLS, allocate entries */
1312  return LdrpAllocateTls();
1313 }
IMAGE_TLS_DIRECTORY TlsDirectory
Definition: ntdllp.h:29
#define TRUE
Definition: types.h:120
LIST_ENTRY LdrpTlsList
Definition: ldrinit.c:53
#define InsertTailList(ListHead, Entry)
PVOID DllBase
Definition: btrfs_drv.h:1926
#define IMAGE_DIRECTORY_ENTRY_TLS
Definition: pedump.c:268
USHORT TlsIndex
Definition: ntddk_ex.h:209
BOOLEAN ShowSnaps
Definition: ldrinit.c:81
LIST_ENTRY TlsLinks
Definition: ntdllp.h:28
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
ULONG LdrpNumberOfTlsEntries
Definition: ldrinit.c:54
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
#define RtlImageDirectoryEntryToData
Definition: compat.h:557
Definition: btrfs_drv.h:1922
Definition: typedefs.h:119
IN PVOID IN PVOID IN USHORT IN USHORT Size
Definition: pci.h:361
#define NtCurrentPeb()
Definition: FLS.c:20
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
UNICODE_STRING BaseDllName
Definition: ldrtypes.h:145
#define DPRINT1
Definition: precomp.h:8
NTSTATUS NTAPI LdrpAllocateTls(VOID)
Definition: ldrinit.c:1317
unsigned int ULONG
Definition: retypes.h:1
signed int * PLONG
Definition: retypes.h:5
BOOLEAN LdrpImageHasTls
Definition: ldrinit.c:52
USHORT LoadCount
Definition: ntddk_ex.h:208

Referenced by LdrpInitializeProcess().

◆ LdrpInsertMemoryTableEntry()

VOID NTAPI LdrpInsertMemoryTableEntry ( IN PLDR_DATA_TABLE_ENTRY  LdrEntry)

Definition at line 1579 of file ldrutils.c.

1580 {
1581  PPEB_LDR_DATA PebData = NtCurrentPeb()->Ldr;
1582  ULONG i;
1583 
1584  /* Insert into hash table */
1585  i = LDR_GET_HASH_ENTRY(LdrEntry->BaseDllName.Buffer[0]);
1586  InsertTailList(&LdrpHashTable[i], &LdrEntry->HashLinks);
1587 
1588  /* Insert into other lists */
1589  InsertTailList(&PebData->InLoadOrderModuleList, &LdrEntry->InLoadOrderLinks);
1590  InsertTailList(&PebData->InMemoryOrderModuleList, &LdrEntry->InMemoryOrderLinks);
1591 }
LIST_ENTRY InLoadOrderModuleList
Definition: ldrtypes.h:120
LIST_ENTRY InMemoryOrderModuleList
Definition: btrfs_drv.h:1941
#define LDR_GET_HASH_ENTRY(x)
Definition: ntdllp.h:12
#define InsertTailList(ListHead, Entry)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
LIST_ENTRY LdrpHashTable[LDR_HASH_TABLE_ENTRIES]
Definition: ldrinit.c:60
#define NtCurrentPeb()
Definition: FLS.c:20
unsigned int ULONG
Definition: retypes.h:1

Referenced by LdrpInitializeProcess(), and LdrpMapDll().

◆ LdrpLoadDll()

NTSTATUS NTAPI LdrpLoadDll ( IN BOOLEAN  Redirected,
IN PWSTR DllPath  OPTIONAL,
IN PULONG DllCharacteristics  OPTIONAL,
IN PUNICODE_STRING  DllName,
OUT PVOID BaseAddress,
IN BOOLEAN  CallInit 
)

Definition at line 2426 of file ldrutils.c.

2432 {
2433  PPEB Peb = NtCurrentPeb();
2435  const WCHAR *p;
2436  BOOLEAN GotExtension;
2437  WCHAR c;
2438  WCHAR NameBuffer[MAX_PATH + 6];
2439  UNICODE_STRING RawDllName;
2440  PLDR_DATA_TABLE_ENTRY LdrEntry;
2441  BOOLEAN InInit = LdrpInLdrInit;
2442 
2443  /* Save the Raw DLL Name */
2444  if (DllName->Length >= sizeof(NameBuffer)) return STATUS_NAME_TOO_LONG;
2445  RtlInitEmptyUnicodeString(&RawDllName, NameBuffer, sizeof(NameBuffer));
2446  RtlCopyUnicodeString(&RawDllName, DllName);
2447 
2448  /* Find the extension, if present */
2449  p = DllName->Buffer + DllName->Length / sizeof(WCHAR) - 1;
2450  GotExtension = FALSE;
2451  while (p >= DllName->Buffer)
2452  {
2453  c = *p--;
2454  if (c == L'.')
2455  {
2456  GotExtension = TRUE;
2457  break;
2458  }
2459  else if (c == L'\\')
2460  {
2461  break;
2462  }
2463  }
2464 
2465  /* If no extension was found, add the default extension */
2466  if (!GotExtension)
2467  {
2468  /* Check that we have space to add one */
2469  if ((DllName->Length + LdrApiDefaultExtension.Length + sizeof(UNICODE_NULL)) >=
2470  sizeof(NameBuffer))
2471  {
2472  /* No space to add the extension */
2475  "LDR: %s - Dll name missing extension; with extension "
2476  "added the name is too long\n"
2477  " DllName: (@ %p) \"%wZ\"\n"
2478  " DllName->Length: %u\n",
2479  __FUNCTION__,
2480  DllName,
2481  DllName,
2482  DllName->Length);
2483  return STATUS_NAME_TOO_LONG;
2484  }
2485 
2486  /* Add it. Needs to be null terminated, thus the length check above */
2487  (VOID)RtlAppendUnicodeStringToString(&RawDllName,
2489  }
2490 
2491  /* Check for init flag and acquire lock */
2492  if (!InInit) RtlEnterCriticalSection(&LdrpLoaderLock);
2493 
2494  _SEH2_TRY
2495  {
2496  /* Show debug message */
2497  if (ShowSnaps)
2498  {
2499  DPRINT1("LDR: LdrLoadDll, loading %wZ from %ws\n",
2500  &RawDllName,
2501  DllPath ? DllPath : L"");
2502  }
2503 
2504  /* Check if the DLL is already loaded */
2506  &RawDllName,
2507  FALSE,
2508  Redirected,
2509  &LdrEntry))
2510  {
2511  /* Map it */
2513  DllPath,
2514  NameBuffer,
2515  DllCharacteristics,
2516  FALSE,
2517  Redirected,
2518  &LdrEntry);
2519  if (!NT_SUCCESS(Status))
2520  _SEH2_LEAVE;
2521 
2522  /* FIXME: Need to mark the DLL range for the stack DB */
2523  //RtlpStkMarkDllRange(LdrEntry);
2524 
2525  /* Check if IMAGE_FILE_EXECUTABLE_IMAGE was provided */
2526  if ((DllCharacteristics) &&
2527  (*DllCharacteristics & IMAGE_FILE_EXECUTABLE_IMAGE))
2528  {
2529  /* This is not a DLL, so remove such data */
2530  LdrEntry->EntryPoint = NULL;
2531  LdrEntry->Flags &= ~LDRP_IMAGE_DLL;
2532  }
2533 
2534  /* Make sure it's a DLL */
2535  if (LdrEntry->Flags & LDRP_IMAGE_DLL)
2536  {
2537  /* Check if this is a .NET Image */
2538  if (!(LdrEntry->Flags & LDRP_COR_IMAGE))
2539  {
2540  /* Walk the Import Descriptor */
2542  }
2543 
2544  /* Update load count, unless it's locked */
2545  if (LdrEntry->LoadCount != 0xFFFF) LdrEntry->LoadCount++;
2547 
2548  /* Check if we failed */
2549  if (!NT_SUCCESS(Status))
2550  {
2551  /* Clear entrypoint, and insert into list */
2552  LdrEntry->EntryPoint = NULL;
2554  &LdrEntry->InInitializationOrderLinks);
2555 
2556  /* Cancel the load */
2558 
2559  /* Unload the DLL */
2560  if (ShowSnaps)
2561  {
2562  DbgPrint("LDR: Unloading %wZ due to error %x walking "
2563  "import descriptors\n",
2564  DllName,
2565  Status);
2566  }
2567  LdrUnloadDll(LdrEntry->DllBase);
2568 
2569  /* Return the error */
2570  _SEH2_LEAVE;
2571  }
2572  }
2573  else if (LdrEntry->LoadCount != 0xFFFF)
2574  {
2575  /* Increase load count */
2576  LdrEntry->LoadCount++;
2577  }
2578 
2579  /* Insert it into the list */
2581  &LdrEntry->InInitializationOrderLinks);
2582 
2583  /* If we have to run the entrypoint, make sure the DB is ready */
2584  if (CallInit && LdrpLdrDatabaseIsSetup)
2585  {
2586  /* Notify Shim Engine */
2587  if (g_ShimsEnabled)
2588  {
2590  SE_DllLoaded(LdrEntry);
2591  }
2592 
2593  /* Run the init routine */
2595  if (!NT_SUCCESS(Status))
2596  {
2597  /* Failed, unload the DLL */
2598  if (ShowSnaps)
2599  {
2600  DbgPrint("LDR: Unloading %wZ because either its init "
2601  "routine or one of its static imports failed; "
2602  "status = 0x%08lx\n",
2603  DllName,
2604  Status);
2605  }
2606  LdrUnloadDll(LdrEntry->DllBase);
2607  }
2608  }
2609  else
2610  {
2611  /* The DB isn't ready, which means we were loaded because of a forwarder */
2613  }
2614  }
2615  else
2616  {
2617  /* We were already loaded. Are we a DLL? */
2618  if ((LdrEntry->Flags & LDRP_IMAGE_DLL) && (LdrEntry->LoadCount != 0xFFFF))
2619  {
2620  /* Increase load count */
2621  LdrEntry->LoadCount++;
2623 
2624  /* Clear the load in progress */
2626  }
2627  else
2628  {
2629  /* Not a DLL, just increase the load count */
2630  if (LdrEntry->LoadCount != 0xFFFF) LdrEntry->LoadCount++;
2631  }
2632  }
2633 
2634  }
2636  {
2637  /* Release the lock */
2638  if (!InInit) RtlLeaveCriticalSection(&LdrpLoaderLock);
2639  }
2640  _SEH2_END;
2641 
2642  /* Check for success */
2643  if (NT_SUCCESS(Status))
2644  {
2645  /* Return the base address */
2646  *BaseAddress = LdrEntry->DllBase;
2647  }
2648  else
2649  {
2650  /* Nothing found */
2651  *BaseAddress = NULL;
2652  }
2653 
2654  /* Return status */
2655  return Status;
2656 }
PPEB Peb
Definition: dllmain.c:27
NTSTATUS NTAPI LdrpWalkImportDescriptor(IN LPWSTR DllPath OPTIONAL, IN PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: ldrpe.c:670
LIST_ENTRY InInitializationOrderModuleList
Definition: ldrtypes.h:122
#define DbgPrint
Definition: loader.c:25
BOOLEAN LdrpLdrDatabaseIsSetup
Definition: ldrinit.c:33
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN ShowSnaps
Definition: ldrinit.c:81
VOID WINAPI SE_DllLoaded(PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: shimeng.c:1433
NTSYSAPI ULONG __cdecl DbgPrintEx(_In_ ULONG ComponentId, _In_ ULONG Level, _In_z_ _Printf_format_string_ PCSTR Format,...)
NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
#define InsertTailList(ListHead, Entry)
NTSTATUS NTAPI LdrpMapDll(IN PWSTR SearchPath OPTIONAL, IN PWSTR DllPath2, IN PWSTR DllName OPTIONAL, IN PULONG DllCharacteristics, IN BOOLEAN Static, IN BOOLEAN Redirect, OUT PLDR_DATA_TABLE_ENTRY *DataTableEntry)
Definition: ldrutils.c:1020
NTSYSAPI VOID NTAPI RtlCopyUnicodeString(PUNICODE_STRING DestinationString, PUNICODE_STRING SourceString)
_SEH2_TRY
Definition: create.c:4226
NTSTATUS NTAPI LdrpRunInitializeRoutines(IN PCONTEXT Context OPTIONAL)
Definition: ldrinit.c:637
PVOID DllBase
Definition: btrfs_drv.h:1926
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
#define FALSE
Definition: types.h:117
#define UNICODE_NULL
NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
PVOID EntryPoint
Definition: ntddk_ex.h:203
unsigned char BOOLEAN
smooth NULL
Definition: ftsmooth.c:416
PVOID NTAPI RtlDecodeSystemPointer(IN PVOID Pointer)
Definition: process.c:439
#define STATUS_NAME_TOO_LONG
Definition: ntstatus.h:498
BOOLEAN NTAPI LdrpCheckForLoadedDll(IN PWSTR DllPath, IN PUNICODE_STRING DllName, IN BOOLEAN Flag, IN BOOLEAN RedirectedDll, OUT PLDR_DATA_TABLE_ENTRY *LdrEntry)
Definition: ldrutils.c:1976
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define MAX_PATH
Definition: compat.h:34
const GLubyte * c
Definition: glext.h:8905
#define IMAGE_FILE_EXECUTABLE_IMAGE
Definition: pedump.c:160
VOID NTAPI LdrpUpdateLoadCount2(IN PLDR_DATA_TABLE_ENTRY LdrEntry, IN ULONG Flags)
Definition: ldrutils.c:460
BOOLEAN g_ShimsEnabled
Definition: ldrutils.c:21
PVOID g_pfnSE_DllLoaded
Definition: ldrutils.c:23
ULONG NTAPI LdrpClearLoadInProgress(VOID)
Definition: ldrutils.c:2660
struct _LDR_DATA_TABLE_ENTRY * PLDR_DATA_TABLE_ENTRY
Status
Definition: gdiplustypes.h:24
static const WCHAR L[]
Definition: oid.c:1250
#define VOID
Definition: acefi.h:82
Definition: btrfs_drv.h:1922
#define LDRP_COR_IMAGE
Definition: ldrtypes.h:52
NTSTATUS NTAPI LdrUnloadDll(IN PVOID BaseAddress)
Definition: ldrapi.c:1322
_SEH2_END
Definition: create.c:4400
#define NtCurrentPeb()
Definition: FLS.c:20
#define DPFLTR_ERROR_LEVEL
Definition: main.cpp:32
PPEB_LDR_DATA Ldr
Definition: btrfs_drv.h:1958
static const char const char * DllPath
Definition: image.c:34
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
_SEH2_FINALLY
Definition: create.c:4371
#define LDRP_UPDATE_REFCOUNT
Definition: ntdllp.h:15
#define DPRINT1
Definition: precomp.h:8
#define LDRP_IMAGE_DLL
Definition: ldrtypes.h:39
ULONG Flags
Definition: ntddk_ex.h:207
RTL_CRITICAL_SECTION LdrpLoaderLock
Definition: ldrinit.c:70
#define c
Definition: ke_i.h:80
BOOLEAN LdrpInLdrInit
Definition: ldrinit.c:30
#define _SEH2_LEAVE
Definition: filesup.c:20
UNICODE_STRING LdrApiDefaultExtension
Definition: ldrapi.c:22
GLfloat GLfloat p
Definition: glext.h:8902
return STATUS_SUCCESS
Definition: btrfs.c:3014
#define __FUNCTION__
Definition: types.h:112
LIST_ENTRY InInitializationOrderLinks
Definition: ldrtypes.h:140
USHORT LoadCount
Definition: ntddk_ex.h:208

Referenced by LdrLoadDll(), LdrpLoadShimEngine(), and LdrpSnapThunk().

◆ LdrpLoadImportModule()

NTSTATUS NTAPI LdrpLoadImportModule ( IN PWSTR DllPath  OPTIONAL,
IN LPSTR  ImportName,
OUT PLDR_DATA_TABLE_ENTRY DataTableEntry,
OUT PBOOLEAN  Existing 
)

Definition at line 808 of file ldrpe.c.

812 {
814  PUNICODE_STRING ImpDescName;
815  const WCHAR *p;
816  BOOLEAN GotExtension;
817  WCHAR c;
820  PTEB Teb = NtCurrentTeb();
821  UNICODE_STRING RedirectedImpDescName;
822  BOOLEAN RedirectedDll;
823 
824  DPRINT("LdrpLoadImportModule('%S' '%s' %p %p)\n", DllPath, ImportName, DataTableEntry, Existing);
825 
826  RedirectedDll = FALSE;
827  RtlInitEmptyUnicodeString(&RedirectedImpDescName, NULL, 0);
828 
829  /* Convert import descriptor name to unicode string */
830  ImpDescName = &Teb->StaticUnicodeString;
831  RtlInitAnsiString(&AnsiString, ImportName);
833  if (!NT_SUCCESS(Status)) return Status;
834 
835  /* Find the extension, if present */
836  p = ImpDescName->Buffer + ImpDescName->Length / sizeof(WCHAR) - 1;
837  GotExtension = FALSE;
838  while (p >= ImpDescName->Buffer)
839  {
840  c = *p--;
841  if (c == L'.')
842  {
843  GotExtension = TRUE;
844  break;
845  }
846  else if (c == L'\\')
847  {
848  break;
849  }
850  }
851 
852  /* If no extension was found, add the default extension */
853  if (!GotExtension)
854  {
855  /* Check that we have space to add one */
856  if ((ImpDescName->Length + LdrApiDefaultExtension.Length + sizeof(UNICODE_NULL)) >=
857  sizeof(Teb->StaticUnicodeBuffer))
858  {
859  /* No space to add the extension */
862  "LDR: %s - Dll name missing extension; with extension "
863  "added the name is too long\n"
864  " ImpDescName: (@ %p) \"%wZ\"\n"
865  " ImpDescName->Length: %u\n",
866  __FUNCTION__,
867  ImpDescName,
868  ImpDescName,
869  ImpDescName->Length);
870  return STATUS_NAME_TOO_LONG;
871  }
872 
873  /* Add it. Needs to be null terminated, thus the length check above */
876  }
877 
878  /* Check if the SxS Assemblies specify another file */
880  ImpDescName,
882  NULL,
883  &RedirectedImpDescName,
884  &ImpDescName,
885  NULL,
886  NULL,
887  NULL);
888 
889  /* Check success */
890  if (NT_SUCCESS(Status))
891  {
892  /* Let Ldrp know */
893  RedirectedDll = TRUE;
894  }
895  else if (Status != STATUS_SXS_KEY_NOT_FOUND)
896  {
897  /* Unrecoverable SxS failure */
898  DPRINT1("LDR: RtlDosApplyFileIsolationRedirection_Ustr failed with status %x for dll %wZ\n", Status, ImpDescName);
899  goto done;
900  }
901 
902  /* Check if it's loaded */
904  ImpDescName,
905  TRUE,
906  RedirectedDll,
907  DataTableEntry))
908  {
909  /* It's already existing in the list */
910  *Existing = TRUE;
912  goto done;
913  }
914 
915  /* We're loading it for the first time */
916  *Existing = FALSE;
917 
918  /* Map it */
920  NULL,
921  ImpDescName->Buffer,
922  NULL,
923  TRUE,
924  RedirectedDll,
925  DataTableEntry);
926  if (!NT_SUCCESS(Status))
927  {
928  DPRINT1("LDR: LdrpMapDll failed with status %x for dll %wZ\n", Status, ImpDescName);
929  goto done;
930  }
931 
932  /* Walk its import descriptor table */
934  *DataTableEntry);
935  if (!NT_SUCCESS(Status))
936  {
937  /* Add it to the in-init-order list in case of failure */
939  &(*DataTableEntry)->InInitializationOrderLinks);
940  }
941 
942 done:
943  RtlFreeUnicodeString(&RedirectedImpDescName);
944 
945  return Status;
946 }
WCHAR StaticUnicodeBuffer[261]
Definition: compat.h:625
PPEB Peb
Definition: dllmain.c:27
LIST_ENTRY InInitializationOrderModuleList
Definition: ldrtypes.h:122
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI ULONG __cdecl DbgPrintEx(_In_ ULONG ComponentId, _In_ ULONG Level, _In_z_ _Printf_format_string_ PCSTR Format,...)
#define STATUS_SXS_KEY_NOT_FOUND
Definition: ntstatus.h:1389
#define InsertTailList(ListHead, Entry)
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
UNICODE_STRING StaticUnicodeString
Definition: compat.h:624
BOOLEAN NTAPI LdrpCheckForLoadedDll(IN PWSTR DllPath, IN PUNICODE_STRING DllName, IN BOOLEAN Flag, IN BOOLEAN RedirectedDll, OUT PLDR_DATA_TABLE_ENTRY *LdrEntry)
Definition: ldrutils.c:1976
#define FALSE
Definition: types.h:117
#define UNICODE_NULL
NTSTATUS NTAPI LdrpWalkImportDescriptor(IN LPWSTR DllPath OPTIONAL, IN PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: ldrpe.c:670
unsigned char BOOLEAN
smooth NULL
Definition: ftsmooth.c:416
void DPRINT(...)
Definition: polytest.cpp:61
#define STATUS_NAME_TOO_LONG
Definition: ntstatus.h:498
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
const GLubyte * c
Definition: glext.h:8905
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
PPEB NTAPI RtlGetCurrentPeb(VOID)
Definition: libsupp.c:63
Status
Definition: gdiplustypes.h:24
static const WCHAR L[]
Definition: oid.c:1250
NTSTATUS NTAPI LdrpMapDll(IN PWSTR SearchPath OPTIONAL, IN PWSTR DllPath2, IN PWSTR DllName OPTIONAL, IN PULONG DllCharacteristics, IN BOOLEAN Static, IN BOOLEAN Redirect, OUT PLDR_DATA_TABLE_ENTRY *DataTableEntry)
Definition: ldrutils.c:1020
#define VOID
Definition: acefi.h:82
NTSYSAPI NTSTATUS NTAPI RtlDosApplyFileIsolationRedirection_Ustr(IN ULONG Flags, IN PUNICODE_STRING OriginalName, IN PUNICODE_STRING Extension, IN OUT PUNICODE_STRING StaticString, IN OUT PUNICODE_STRING DynamicString, IN OUT PUNICODE_STRING *NewName, IN PULONG NewFlags, IN PSIZE_T FileNameSize, IN PSIZE_T RequiredLength)
Definition: libsupp.c:821
Definition: compat.h:583
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
Definition: psfuncs.h:420
#define DPFLTR_ERROR_LEVEL
Definition: main.cpp:32
NTSYSAPI NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, PANSI_STRING SourceString, BOOLEAN AllocateDestinationString)
PPEB_LDR_DATA Ldr
Definition: btrfs_drv.h:1958
static const char const char * DllPath
Definition: image.c:34
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
#define DPRINT1
Definition: precomp.h:8
#define c
Definition: ke_i.h:80
UNICODE_STRING LdrApiDefaultExtension
Definition: ldrapi.c:22
GLfloat GLfloat p
Definition: glext.h:8902
return STATUS_SUCCESS
Definition: btrfs.c:3014
#define __FUNCTION__
Definition: types.h:112

Referenced by LdrpHandleOneNewFormatImportDescriptor(), and LdrpHandleOneOldFormatImportDescriptor().

◆ LdrpLoadShimEngine()

VOID NTAPI LdrpLoadShimEngine ( IN PWSTR  ImageName,
IN PUNICODE_STRING  ProcessImage,
IN PVOID  pShimData 
)

Definition at line 2768 of file ldrutils.c.

2769 {
2770  UNICODE_STRING ShimLibraryName;
2771  PVOID ShimLibrary;
2772  NTSTATUS Status;
2773  RtlInitUnicodeString(&ShimLibraryName, ImageName);
2774  /* We should NOT pass CallInit = TRUE!
2775  If we do this, other init routines will be called before we get a chance to shim stuff.. */
2776  Status = LdrpLoadDll(FALSE, NULL, NULL, &ShimLibraryName, &ShimLibrary, FALSE);
2777  if (NT_SUCCESS(Status))
2778  {
2779  g_pShimEngineModule = ShimLibrary;
2782  if (g_ShimsEnabled)
2783  {
2786  SE_InstallBeforeInit(ProcessImage, pShimData);
2787  }
2788  }
2789 }
VOID NTAPI LdrpGetShimEngineInterface()
Definition: ldrutils.c:2708
LONG NTSTATUS
Definition: precomp.h:26
VOID NTAPI LdrpRunShimEngineInitRoutine(IN ULONG Reason)
Definition: ldrutils.c:2733
#define DLL_PROCESS_ATTACH
Definition: compat.h:131
PVOID g_pfnSE_InstallBeforeInit
Definition: ldrutils.c:25
NTSTATUS NTAPI LdrpLoadDll(IN BOOLEAN Redirected, IN PWSTR DllPath OPTIONAL, IN PULONG DllCharacteristics OPTIONAL, IN PUNICODE_STRING DllName, OUT PVOID *BaseAddress, IN BOOLEAN CallInit)
Definition: ldrutils.c:2426
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
#define FALSE
Definition: types.h:117
VOID NTAPI SE_InstallBeforeInit(PUNICODE_STRING ProcessImage, PVOID pShimData)
Definition: shimeng.c:1403
smooth NULL
Definition: ftsmooth.c:416
PVOID NTAPI RtlDecodeSystemPointer(IN PVOID Pointer)
Definition: process.c:439
void * PVOID
Definition: retypes.h:9
PVOID g_pShimEngineModule
Definition: ldrutils.c:22
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
BOOLEAN g_ShimsEnabled
Definition: ldrutils.c:21
static const char * ImageName
Definition: image.c:34
Status
Definition: gdiplustypes.h:24
#define VOID
Definition: acefi.h:82
UNICODE_STRING * PUNICODE_STRING
Definition: env_spec_w32.h:373
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)

Referenced by LdrpInitializeProcess().

◆ LdrpMapDll()

NTSTATUS NTAPI LdrpMapDll ( IN PWSTR SearchPath  OPTIONAL,
IN PWSTR  DllPath2,
IN PWSTR DllName  OPTIONAL,
IN PULONG  DllCharacteristics,
IN BOOLEAN  Static,
IN BOOLEAN  Redirect,
OUT PLDR_DATA_TABLE_ENTRY DataTableEntry 
)

Definition at line 1020 of file ldrutils.c.

1027 {
1028  PTEB Teb = NtCurrentTeb();
1029  PPEB Peb = NtCurrentPeb();
1030  PWCHAR p1 = DllName;
1031  WCHAR TempChar;
1032  BOOLEAN KnownDll = FALSE;
1033  UNICODE_STRING FullDllName, BaseDllName;
1034  HANDLE SectionHandle = NULL, DllHandle = 0;
1035  UNICODE_STRING NtPathDllName;
1036  ULONG_PTR HardErrorParameters[2];
1037  UNICODE_STRING HardErrorDllName, HardErrorDllPath;
1038  ULONG Response;
1039  SIZE_T ViewSize = 0;
1040  PVOID ViewBase = NULL;
1041  PVOID ArbitraryUserPointer;
1042  PIMAGE_NT_HEADERS NtHeaders;
1043  NTSTATUS HardErrorStatus, Status;
1044  BOOLEAN OverlapDllFound = FALSE;
1045  ULONG_PTR ImageBase, ImageEnd;
1046  PLIST_ENTRY ListHead, NextEntry;
1047  PLDR_DATA_TABLE_ENTRY CandidateEntry, LdrEntry;
1048  ULONG_PTR CandidateBase, CandidateEnd;
1049  UNICODE_STRING OverlapDll;
1050  BOOLEAN RelocatableDll = TRUE;
1051  UNICODE_STRING IllegalDll;
1052  PVOID RelocData;
1053  ULONG RelocDataSize = 0;
1054 
1055  // FIXME: AppCompat stuff is missing
1056 
1057  if (ShowSnaps)
1058  {
1059  DPRINT1("LDR: LdrpMapDll: Image Name %ws, Search Path %ws\n",
1060  DllName,
1061  SearchPath ? SearchPath : L"");
1062  }
1063 
1064  /* Check if we have a known dll directory */
1065  if (LdrpKnownDllObjectDirectory && Redirect == FALSE)
1066  {
1067  /* Check if the path is full */
1068  while (*p1)
1069  {
1070  TempChar = *p1++;
1071  if (TempChar == '\\' || TempChar == '/' )
1072  {
1073  /* Complete path, don't do Known Dll lookup */
1074  goto SkipCheck;
1075  }
1076  }
1077 
1078  /* Try to find a Known DLL */
1079  Status = LdrpCheckForKnownDll(DllName,
1080  &FullDllName,
1081  &BaseDllName,
1082  &SectionHandle);
1083 
1085  {
1086  /* Failure */
1089  "LDR: %s - call to LdrpCheckForKnownDll(\"%ws\", ...) failed with status %x\n",
1090  __FUNCTION__,
1091  DllName,
1092  Status);
1093 
1094  return Status;
1095  }
1096  }
1097 
1098 SkipCheck:
1099 
1100  /* Check if the Known DLL Check returned something */
1101  if (!SectionHandle)
1102  {
1103  /* It didn't, so try to resolve the name now */
1105  DllName,
1106  &FullDllName,
1107  &BaseDllName))
1108  {
1109  /* Got a name, display a message */
1110  if (ShowSnaps)
1111  {
1112  DPRINT1("LDR: Loading (%s) %wZ\n",
1113  Static ? "STATIC" : "DYNAMIC",
1114  &FullDllName);
1115  }
1116 
1117  /* Convert to NT Name */
1119  &NtPathDllName,
1120  NULL,
1121  NULL))
1122  {
1123  /* Path was invalid */
1125  }
1126 
1127  /* Create a section for this dLL */
1128  Status = LdrpCreateDllSection(&NtPathDllName,
1129  DllHandle,
1130  DllCharacteristics,
1131  &SectionHandle);
1132 
1133  /* Free the NT Name */
1134  RtlFreeHeap(RtlGetProcessHeap(), 0, NtPathDllName.Buffer);
1135 
1136  /* If we failed */
1137  if (!NT_SUCCESS(Status))
1138  {
1139  /* Free the name strings and return */
1141  LdrpFreeUnicodeString(&BaseDllName);
1142  return Status;
1143  }
1144  }
1145  else
1146  {
1147  /* We couldn't resolve the name, is this a static load? */
1148  if (Static)
1149  {
1150  /*
1151  * This is BAD! Static loads are CRITICAL. Bugcheck!
1152  * Initialize the strings for the error
1153  */
1154  RtlInitUnicodeString(&HardErrorDllName, DllName);
1155  RtlInitUnicodeString(&HardErrorDllPath,
1156  DllPath2 ? DllPath2 : LdrpDefaultPath.Buffer);
1157 
1158  /* Set them as error parameters */
1159  HardErrorParameters[0] = (ULONG_PTR)&HardErrorDllName;
1160  HardErrorParameters[1] = (ULONG_PTR)&HardErrorDllPath;
1161 
1162  /* Raise the hard error */
1164  2,
1165  0x00000003,
1166  HardErrorParameters,
1167  OptionOk,
1168  &Response);
1169 
1170  /* We're back, where we initializing? */
1172  }
1173 
1174  /* Return failure */
1175  return STATUS_DLL_NOT_FOUND;
1176  }
1177  }
1178  else
1179  {
1180  /* We have a section handle, so this is a known dll */
1181  KnownDll = TRUE;
1182  }
1183 
1184  /* Stuff the image name in the TIB, for the debugger */
1185  ArbitraryUserPointer = Teb->NtTib.ArbitraryUserPointer;
1186  Teb->NtTib.ArbitraryUserPointer = FullDllName.Buffer;
1187 
1188  /* Map the DLL */
1189  ViewBase = NULL;
1190  ViewSize = 0;
1191  Status = NtMapViewOfSection(SectionHandle,
1192  NtCurrentProcess(),
1193  &ViewBase,
1194  0,
1195  0,
1196  NULL,
1197  &ViewSize,
1198  ViewShare,
1199  0,
1200  PAGE_READWRITE);
1201 
1202  /* Restore */
1203  Teb->NtTib.ArbitraryUserPointer = ArbitraryUserPointer;
1204 
1205  /* Fail if we couldn't map it */
1206  if (!NT_SUCCESS(Status))
1207  {
1208  /* Close and return */
1209  NtClose(SectionHandle);
1210  return Status;
1211  }
1212 
1213  /* Get the NT Header */
1214  if (!(NtHeaders = RtlImageNtHeader(ViewBase)))
1215  {
1216  /* Invalid image, unmap, close handle and fail */
1218  NtClose(SectionHandle);
1220  }
1221 
1222  // FIXME: .NET support is missing
1223 
1224  /* Allocate an entry */
1225  if (!(LdrEntry = LdrpAllocateDataTableEntry(ViewBase)))
1226  {
1227  /* Invalid image, unmap, close handle and fail */
1229  NtClose(SectionHandle);
1230  return STATUS_NO_MEMORY;
1231  }
1232 
1233  /* Setup the entry */
1234  LdrEntry->Flags = Static ? LDRP_STATIC_LINK : 0;
1235  if (Redirect) LdrEntry->Flags |= LDRP_REDIRECTED;
1236  LdrEntry->LoadCount = 0;
1237  LdrEntry->FullDllName = FullDllName;
1238  LdrEntry->BaseDllName = BaseDllName;
1239  LdrEntry->EntryPoint = LdrpFetchAddressOfEntryPoint(LdrEntry->DllBase);
1240 
1241  /* Show debug message */
1242  if (ShowSnaps)
1243  {
1244  DPRINT1("LDR: LdrpMapDll: Full Name %wZ, Base Name %wZ\n",
1245  &FullDllName,
1246  &BaseDllName);
1247  }
1248 
1249  /* Insert this entry */
1250  LdrpInsertMemoryTableEntry(LdrEntry);
1251 
1252  // LdrpSendDllNotifications(LdrEntry, TRUE, Status == STATUS_IMAGE_NOT_AT_BASE)
1253 
1254  /* Check for invalid CPU Image */
1256  {
1257  /* Load our header */
1259 
1260  /* Assume defaults if we don't have to run the Hard Error path */
1261  HardErrorStatus = STATUS_SUCCESS;
1263 
1264  /* Are we an NT 3.0 image? [Do these still exist? LOL -- IAI] */
1266  {
1267  /* Reset the entrypoint, save our Dll Name */
1268  LdrEntry->EntryPoint = 0;
1269  HardErrorParameters[0] = (ULONG_PTR)&FullDllName;
1270 
1271  /* Raise the error */
1273  1,
1274  1,
1275  HardErrorParameters,
1277  &Response);
1278  }
1279 
1280  /* Check if the user pressed cancel */
1281  if (NT_SUCCESS(HardErrorStatus) && Response == ResponseCancel)
1282  {
1283  /* Remove the DLL from the lists */
1284  RemoveEntryList(&LdrEntry->InLoadOrderLinks);
1285  RemoveEntryList(&LdrEntry->InMemoryOrderLinks);
1286  RemoveEntryList(&LdrEntry->HashLinks);
1287 
1288  /* Remove the LDR Entry */
1289  RtlFreeHeap(LdrpHeap, 0, LdrEntry );
1290 
1291  /* Unmap and close section */
1293  NtClose(SectionHandle);
1294 
1295  /* Did we do a hard error? */
1297  {
1298  /* Yup, so increase fatal error count if we are initializing */
1300  }
1301 
1302  /* Return failure */
1304  }
1305  }
1306  else
1307  {
1308  /* The image was valid. Is it a DLL? */
1309  if (NtHeaders->FileHeader.Characteristics & IMAGE_FILE_DLL)
1310  {
1311  /* Set the DLL Flag */
1312  LdrEntry->Flags |= LDRP_IMAGE_DLL;
1313  }
1314 
1315  /* If we're not a DLL, clear the entrypoint */
1316  if (!(LdrEntry->Flags & LDRP_IMAGE_DLL))
1317  {
1318  LdrEntry->EntryPoint = 0;
1319  }
1320  }
1321 
1322  /* Return it for the caller */
1323  *DataTableEntry = LdrEntry;
1324 
1325  /* Check if we loaded somewhere else */
1327  {
1328  /* Write the flag */
1329  LdrEntry->Flags |= LDRP_IMAGE_NOT_AT_BASE;
1330 
1331  /* Find our region */
1332  ImageBase = (ULONG_PTR)NtHeaders->OptionalHeader.ImageBase;
1333  ImageEnd = ImageBase + ViewSize;
1334 
1335  DPRINT("LDR: LdrpMapDll Relocating Image Name %ws (%p-%p -> %p)\n", DllName, (PVOID)ImageBase, (PVOID)ImageEnd, ViewBase);
1336 
1337  /* Scan all the modules */
1338  ListHead = &Peb->Ldr->InLoadOrderModuleList;
1339  NextEntry = ListHead->Flink;
1340  while (NextEntry != ListHead)
1341  {
1342  /* Get the entry */
1343  CandidateEntry = CONTAINING_RECORD(NextEntry,
1345  InLoadOrderLinks);
1346  NextEntry = NextEntry->Flink;
1347 
1348  /* Get the entry's bounds */
1349  CandidateBase = (ULONG_PTR)CandidateEntry->DllBase;
1350  CandidateEnd = CandidateBase + CandidateEntry->SizeOfImage;
1351 
1352  /* Make sure this entry isn't unloading */
1353  if (!CandidateEntry->InMemoryOrderLinks.Flink) continue;
1354 
1355  /* Check if our regions are colliding */
1356  if ((ImageBase >= CandidateBase && ImageBase <= CandidateEnd) ||
1357  (ImageEnd >= CandidateBase && ImageEnd <= CandidateEnd) ||
1358  (CandidateBase >= ImageBase && CandidateBase <= ImageEnd))
1359  {
1360  /* Found who is overlapping */
1361  OverlapDllFound = TRUE;
1362  OverlapDll = CandidateEntry->FullDllName;
1363  break;
1364  }
1365  }
1366 
1367  /* Check if we found the DLL overlapping with us */
1368  if (!OverlapDllFound)
1369  {
1370  /* It's not another DLL, it's memory already here */
1371  RtlInitUnicodeString(&OverlapDll, L"Dynamically Allocated Memory");
1372  }
1373 
1374  DPRINT("Overlapping DLL: %wZ\n", &OverlapDll);
1375 
1376  /* Are we dealing with a DLL? */
1377  if (LdrEntry->Flags & LDRP_IMAGE_DLL)
1378  {
1379  /* Check if relocs were stripped */
1381  {
1382  /* Get the relocation data */
1383  RelocData = RtlImageDirectoryEntryToData(ViewBase,
1384  TRUE,
1386  &RelocDataSize);
1387 
1388  /* Does the DLL not have any? */
1389  if (!RelocData && !RelocDataSize)
1390  {
1391  /* We'll allow this and simply continue */
1392  goto NoRelocNeeded;
1393  }
1394  }
1395 
1396  /* See if this is an Illegal DLL - IE: user32 and kernel32 */
1397  RtlInitUnicodeString(&IllegalDll,L"user32.dll");
1398  if (RtlEqualUnicodeString(&BaseDllName, &IllegalDll, TRUE))
1399  {
1400  /* Can't relocate user32 */
1401  RelocatableDll = FALSE;
1402  }
1403  else
1404  {
1405  RtlInitUnicodeString(&IllegalDll, L"kernel32.dll");
1406  if (RtlEqualUnicodeString(&BaseDllName, &IllegalDll, TRUE))
1407  {
1408  /* Can't relocate kernel32 */
1409  RelocatableDll = FALSE;
1410  }
1411  }
1412 
1413  /* Known DLLs are not allowed to be relocated */
1414  if (KnownDll && !RelocatableDll)
1415  {
1416  /* Setup for hard error */
1417  HardErrorParameters[0] = (ULONG_PTR)&IllegalDll;
1418  HardErrorParameters[1] = (ULONG_PTR)&OverlapDll;
1419 
1420  DPRINT1("Illegal DLL relocation! %wZ overlaps %wZ\n", &OverlapDll, &IllegalDll);
1421 
1422  /* Raise the error */
1424  2,
1425  3,
1426  HardErrorParameters,
1427  OptionOk,
1428  &Response);
1429 
1430  /* If initializing, increase the error count */
1432 
1433  /* Don't do relocation */
1435  goto FailRelocate;
1436  }
1437 
1438  /* Change the protection to prepare for relocation */
1439  Status = LdrpSetProtection(ViewBase, FALSE);
1440 
1441  /* Make sure we changed the protection */
1442  if (NT_SUCCESS(Status))
1443  {
1444  /* Do the relocation */
1447 
1448  if (NT_SUCCESS(Status))
1449  {
1450  /* Stuff the image name in the TIB, for the debugger */
1451  ArbitraryUserPointer = Teb->NtTib.ArbitraryUserPointer;
1452  Teb->NtTib.ArbitraryUserPointer = FullDllName.Buffer;
1453 #if 0
1454  /* Map the DLL */
1455  Status = NtMapViewOfSection(SectionHandle,
1456  NtCurrentProcess(),
1457  &ViewBase,
1458  0,
1459  0,
1460  NULL,
1461  &ViewSize,
1462  ViewShare,
1463  0,
1464  PAGE_READWRITE);
1465 #endif
1466  /* Restore */
1467  Teb->NtTib.ArbitraryUserPointer = ArbitraryUserPointer;
1468 
1469  /* Return the protection */
1470  Status = LdrpSetProtection(ViewBase, TRUE);
1471  }
1472  }
1473 FailRelocate:
1474  /* Handle any kind of failure */
1475  if (!NT_SUCCESS(Status))
1476  {
1477  /* Remove it from the lists */
1478  RemoveEntryList(&LdrEntry->InLoadOrderLinks);
1479  RemoveEntryList(&LdrEntry->InMemoryOrderLinks);
1480  RemoveEntryList(&LdrEntry->HashLinks);
1481 
1482  /* Unmap it, clear the entry */
1484  LdrEntry = NULL;
1485  }
1486 
1487  /* Show debug message */
1488  if (ShowSnaps)
1489  {
1490  DPRINT1("LDR: Fixups %successfully re-applied @ %p\n",
1491  NT_SUCCESS(Status) ? "s" : "uns", ViewBase);
1492  }
1493  }
1494  else
1495  {
1496 NoRelocNeeded:
1497  /* Not a DLL, or no relocation needed */
1499 
1500  /* Stuff the image name in the TIB, for the debugger */
1501  ArbitraryUserPointer = Teb->NtTib.ArbitraryUserPointer;
1502  Teb->NtTib.ArbitraryUserPointer = FullDllName.Buffer;
1503 #if 0
1504  /* Map the DLL */
1505  Status = NtMapViewOfSection(SectionHandle,
1506  NtCurrentProcess(),
1507  &ViewBase,
1508  0,
1509  0,
1510  NULL,
1511  &ViewSize,
1512  ViewShare,
1513  0,
1514  PAGE_READWRITE);
1515 #endif
1516  /* Restore */
1517  Teb->NtTib.ArbitraryUserPointer = ArbitraryUserPointer;
1518 
1519  /* Show debug message */
1520  if (ShowSnaps)
1521  {
1522  DPRINT1("LDR: Fixups won't be re-applied to non-Dll @ %p\n", ViewBase);
1523  }
1524  }
1525  }
1526 
1527  // FIXME: LdrpCheckCorImage() is missing
1528 
1529  /* Check if this is an SMP Machine and a DLL */
1530  if ((LdrpNumberOfProcessors > 1) &&
1531  (LdrEntry && (LdrEntry->Flags & LDRP_IMAGE_DLL)))
1532  {
1533  /* Validate the image for MP */
1534  LdrpValidateImageForMp(LdrEntry);
1535  }
1536 
1537  // FIXME: LdrpCorUnloadImage() is missing
1538 
1539  /* Close section and return status */
1540  NtClose(SectionHandle);
1541  return Status;
1542 }
Definition: window.h:584
NTSYSAPI NTSTATUS NTAPI ZwRaiseHardError(_In_ NTSTATUS ErrorStatus, _In_ ULONG NumberOfParameters, _In_ ULONG UnicodeStringParameterMask, _In_ PULONG_PTR Parameters, _In_ ULONG ValidResponseOptions, _Out_ PULONG Response)
ULONG LdrpFatalHardErrorCount
Definition: ldrinit.c:83
BOOLEAN NTAPI LdrpResolveDllName(PWSTR DllPath, PWSTR DllName, PUNICODE_STRING FullDllName, PUNICODE_STRING BaseDllName)
Definition: ldrutils.c:696
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3782
#define LL
Definition: tui.h:84
PPEB Peb
Definition: dllmain.c:27
NTSTATUS NTAPI NtRaiseHardError(IN NTSTATUS ErrorStatus, IN ULONG NumberOfParameters, IN ULONG UnicodeStringParameterMask, IN PULONG_PTR Parameters, IN ULONG ValidResponseOptions, OUT PULONG Response)
Definition: harderr.c:553
LIST_ENTRY InLoadOrderModuleList
Definition: ldrtypes.h:120
#define TRUE
Definition: types.h:120
#define LDRP_REDIRECTED
Definition: ldrtypes.h:58
NTSTATUS NTAPI LdrpCreateDllSection(IN PUNICODE_STRING FullName, IN HANDLE DllHandle, IN PULONG DllCharacteristics OPTIONAL, OUT PHANDLE SectionHandle)
Definition: ldrutils.c:544
UNICODE_STRING LdrpDefaultPath
Definition: ldrinit.c:65
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN ShowSnaps
Definition: ldrinit.c:81
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
VOID NTAPI LdrpInsertMemoryTableEntry(IN PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: ldrutils.c:1579
ULONG SizeOfImage
Definition: ldrtypes.h:143
NTSYSAPI ULONG __cdecl DbgPrintEx(_In_ ULONG ComponentId, _In_ ULONG Level, _In_z_ _Printf_format_string_ PCSTR Format,...)
PVOID ImageBaseAddress
Definition: ntddk_ex.h:245
uint16_t * PWCHAR
Definition: typedefs.h:56
PVOID ArbitraryUserPointer
Definition: compat.h:467
#define IMAGE_FILE_DLL
Definition: pedump.c:169
#define SearchPath
Definition: winbase.h:3740
uint32_t ULONG_PTR
Definition: typedefs.h:65
#define LDRP_STATIC_LINK
Definition: ldrtypes.h:38
FORCEINLINE BOOLEAN RemoveEntryList(_In_ PLIST_ENTRY Entry)
Definition: rtlfuncs.h:105
PVOID DllBase
Definition: btrfs_drv.h:1926
#define FALSE
Definition: types.h:117
#define STATUS_ILLEGAL_DLL_RELOCATION
Definition: ntstatus.h:742
PVOID EntryPoint
Definition: ntddk_ex.h:203
NTSTATUS NTAPI NtMapViewOfSection(IN HANDLE SectionHandle, IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG_PTR ZeroBits, IN SIZE_T CommitSize, IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, IN OUT PSIZE_T ViewSize, IN SECTION_INHERIT InheritDisposition, IN ULONG AllocationType, IN ULONG Protect)
Definition: section.c:3554
#define LDRP_IMAGE_NOT_AT_BASE
Definition: ldrtypes.h:51
unsigned char BOOLEAN
smooth NULL
Definition: ftsmooth.c:416
void DPRINT(...)
Definition: polytest.cpp:61
void * PVOID
Definition: retypes.h:9
_In_ PCWSTR FullDllName
Definition: ldrtypes.h:247
IMAGE_FILE_HEADER FileHeader
Definition: ntddk_ex.h:183
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
#define NtCurrentProcess()
Definition: nt_native.h:1657
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
PLDR_DATA_TABLE_ENTRY NTAPI LdrpAllocateDataTableEntry(IN PVOID BaseAddress)
Definition: ldrutils.c:1546
#define STATUS_INVALID_IMAGE_FORMAT
Definition: ntstatus.h:359
if(!(yy_init))
Definition: macro.lex.yy.c:714
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
HANDLE LdrpKnownDllObjectDirectory
Definition: ldrinit.c:62
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3399
Definition: ncftp.h:89
#define STATUS_IMAGE_MACHINE_TYPE_MISMATCH
Definition: ntstatus.h:128
Status
Definition: gdiplustypes.h:24
static const WCHAR L[]
Definition: oid.c:1250
#define RtlImageDirectoryEntryToData
Definition: compat.h:557
LIST_ENTRY HashLinks
Definition: ldrtypes.h:151
Definition: btrfs_drv.h:1922
ULONG LdrpNumberOfProcessors
Definition: ldrinit.c:55
Definition: typedefs.h:119
IMAGE_OPTIONAL_HEADER32 OptionalHeader
Definition: ntddk_ex.h:184
LIST_ENTRY InLoadOrderLinks
Definition: ldrtypes.h:138
NTSTATUS NTAPI LdrpCheckForKnownDll(PWSTR DllName, PUNICODE_STRING FullDllName, PUNICODE_STRING BaseDllName, HANDLE *SectionHandle)
Definition: ldrutils.c:811
ULONG_PTR SIZE_T
Definition: typedefs.h:80
#define STATUS_IMAGE_NOT_AT_BASE
Definition: ntstatus.h:117
Definition: compat.h:583
NTSYSAPI ULONG NTAPI LdrRelocateImageWithBias(_In_ PVOID NewAddress, _In_ LONGLONG AdditionalBias, _In_ PCCH LoaderName, _In_ ULONG Success, _In_ ULONG Conflict, _In_ ULONG Invalid)
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
Definition: psfuncs.h:420
#define NtCurrentPeb()
Definition: FLS.c:20
#define DPFLTR_ERROR_LEVEL
Definition: main.cpp:32
#define STATUS_DLL_NOT_FOUND
Definition: ntstatus.h:545
LIST_ENTRY InMemoryOrderLinks
Definition: btrfs_drv.h:1924
PPEB_LDR_DATA Ldr
Definition: btrfs_drv.h:1958
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
UNICODE_STRING FullDllName
Definition: btrfs_drv.h:1928
UNICODE_STRING BaseDllName
Definition: ldrtypes.h:145
VOID NTAPI LdrpFreeUnicodeString(IN PUNICODE_STRING StringIn)
Definition: ldrutils.c:84