ReactOS  0.4.15-dev-3299-gbe8e5fc
ntdllp.h File Reference
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  _LDRP_TLS_DATA
 

Macros

#define LDR_HASH_TABLE_ENTRIES   32
 
#define LDR_GET_HASH_ENTRY(x)   (RtlUpcaseUnicodeChar((x)) & (LDR_HASH_TABLE_ENTRIES - 1))
 
#define LDRP_UPDATE_REFCOUNT   0x01
 
#define LDRP_UPDATE_DEREFCOUNT   0x02
 
#define LDRP_UPDATE_PIN   0x03
 
#define IMAGE_LOADER_FLAGS_COMPLUS   0x00000001
 
#define IMAGE_LOADER_FLAGS_SYSTEM_GLOBAL   0x01000000
 
#define DPH_FLAG_DLL_NOTIFY   0x40
 

Typedefs

typedef struct _LDRP_TLS_DATA LDRP_TLS_DATA
 
typedef struct _LDRP_TLS_DATAPLDRP_TLS_DATA
 
typedef NTSTATUS(NTAPIPLDR_APP_COMPAT_DLL_REDIRECTION_CALLBACK_FUNCTION) (_In_ ULONG Flags, _In_ PCWSTR DllName, _In_ PCWSTR DllPath OPTIONAL, _Inout_opt_ PULONG DllCharacteristics, _In_ PVOID CallbackData, _Outptr_ PWSTR *EffectiveDllPath)
 
typedef NTSTATUS(NTAPIPEPFUNC) (PPEB)
 

Functions

NTSTATUS NTAPI LdrpRunInitializeRoutines (IN PCONTEXT Context OPTIONAL)
 
VOID NTAPI LdrpInitializeThread (IN PCONTEXT Context)
 
NTSTATUS NTAPI LdrpInitializeTls (VOID)
 
NTSTATUS NTAPI LdrpAllocateTls (VOID)
 
VOID NTAPI LdrpFreeTls (VOID)
 
VOID NTAPI LdrpCallTlsInitializers (IN PLDR_DATA_TABLE_ENTRY LdrEntry, IN ULONG Reason)
 
BOOLEAN NTAPI LdrpCallInitRoutine (IN PDLL_INIT_ROUTINE EntryPoint, IN PVOID BaseAddress, IN ULONG Reason, IN PVOID Context)
 
NTSTATUS NTAPI LdrpInitializeProcess (IN PCONTEXT Context, IN PVOID SystemArgument1)
 
VOID NTAPI LdrpInitFailure (NTSTATUS Status)
 
VOID NTAPI LdrpValidateImageForMp (IN PLDR_DATA_TABLE_ENTRY LdrDataTableEntry)
 
VOID NTAPI LdrpEnsureLoaderLockIsHeld (VOID)
 
NTSTATUS NTAPI LdrpSnapThunk (IN PVOID ExportBase, IN PVOID ImportBase, IN PIMAGE_THUNK_DATA OriginalThunk, IN OUT PIMAGE_THUNK_DATA Thunk, IN PIMAGE_EXPORT_DIRECTORY ExportEntry, IN ULONG ExportSize, IN BOOLEAN Static, IN LPSTR DllName)
 
NTSTATUS NTAPI LdrpWalkImportDescriptor (IN LPWSTR DllPath OPTIONAL, IN PLDR_DATA_TABLE_ENTRY LdrEntry)
 
NTSTATUS NTAPI LdrpGetProcedureAddress (IN PVOID BaseAddress, IN PANSI_STRING Name, IN ULONG Ordinal, OUT PVOID *ProcedureAddress, IN BOOLEAN ExecuteInit)
 
PLDR_DATA_TABLE_ENTRY NTAPI LdrpAllocateDataTableEntry (IN PVOID BaseAddress)
 
VOID NTAPI LdrpInsertMemoryTableEntry (IN PLDR_DATA_TABLE_ENTRY LdrEntry)
 
NTSTATUS NTAPI LdrpLoadDll (IN BOOLEAN Redirected, IN PWSTR DllPath OPTIONAL, IN PULONG DllCharacteristics OPTIONAL, IN PUNICODE_STRING DllName, OUT PVOID *BaseAddress, IN BOOLEAN CallInit)
 
VOID NTAPI LdrpUpdateLoadCount2 (IN PLDR_DATA_TABLE_ENTRY LdrEntry, IN ULONG Flags)
 
ULONG NTAPI LdrpClearLoadInProgress (VOID)
 
NTSTATUS NTAPI LdrpSetProtection (PVOID ViewBase, BOOLEAN Restore)
 
BOOLEAN NTAPI LdrpCheckForLoadedDllHandle (IN PVOID Base, OUT PLDR_DATA_TABLE_ENTRY *LdrEntry)
 
BOOLEAN NTAPI LdrpCheckForLoadedDll (IN PWSTR DllPath, IN PUNICODE_STRING DllName, IN BOOLEAN Flag, IN BOOLEAN RedirectedDll, OUT PLDR_DATA_TABLE_ENTRY *LdrEntry)
 
NTSTATUS NTAPI LdrpMapDll (IN PWSTR SearchPath OPTIONAL, IN PWSTR DllPath2, IN PWSTR DllName OPTIONAL, IN PULONG DllCharacteristics, IN BOOLEAN Static, IN BOOLEAN Redirect, OUT PLDR_DATA_TABLE_ENTRY *DataTableEntry)
 
PVOID NTAPI LdrpFetchAddressOfEntryPoint (PVOID ImageBase)
 
VOID NTAPI LdrpFreeUnicodeString (PUNICODE_STRING String)
 
VOID NTAPI LdrpRecordUnloadEvent (_In_ PLDR_DATA_TABLE_ENTRY LdrEntry)
 
VOID NTAPI LdrpGetShimEngineInterface (VOID)
 
VOID NTAPI LdrpLoadShimEngine (IN PWSTR ImageName, IN PUNICODE_STRING ProcessImage, IN PVOID pShimData)
 
VOID NTAPI LdrpUnloadShimEngine (VOID)
 
NTSTATUS NTAPI LdrpInitializeApplicationVerifierPackage (IN HANDLE KeyHandle, IN PPEB Peb, IN BOOLEAN SystemWide, IN BOOLEAN ReadAdvancedOptions)
 
NTSTATUS NTAPI AVrfInitializeVerifier (VOID)
 
VOID NTAPI AVrfDllLoadNotification (IN PLDR_DATA_TABLE_ENTRY LdrEntry)
 
VOID NTAPI AVrfDllUnloadNotification (IN PLDR_DATA_TABLE_ENTRY LdrEntry)
 
VOID NTAPI AVrfPageHeapDllNotification (IN PLDR_DATA_TABLE_ENTRY LdrEntry)
 
NTSTATUS LdrMapSections (HANDLE ProcessHandle, PVOID ImageBase, HANDLE SectionHandle, PIMAGE_NT_HEADERS NTHeaders)
 
NTSTATUS LdrMapNTDllForProcess (HANDLE ProcessHandle, PHANDLE NTDllSectionHandle)
 
ULONG LdrpGetResidentSize (PIMAGE_NT_HEADERS NTHeaders)
 
NTSTATUS NTAPI LdrpLoadImportModule (IN PWSTR DllPath OPTIONAL, IN LPSTR ImportName, OUT PLDR_DATA_TABLE_ENTRY *DataTableEntry, OUT PBOOLEAN Existing)
 
VOID NTAPI LdrpFinalizeAndDeallocateDataTableEntry (IN PLDR_DATA_TABLE_ENTRY Entry)
 
BOOLEAN NTAPI RtlDoesFileExists_UStr (IN PUNICODE_STRING FileName)
 

Variables

RTL_CRITICAL_SECTION LdrpLoaderLock
 
BOOLEAN LdrpInLdrInit
 
PVOID LdrpHeap
 
LIST_ENTRY LdrpHashTable [LDR_HASH_TABLE_ENTRIES]
 
BOOLEAN ShowSnaps
 
UNICODE_STRING LdrpDefaultPath
 
HANDLE LdrpKnownDllObjectDirectory
 
ULONG LdrpNumberOfProcessors
 
ULONG LdrpFatalHardErrorCount
 
PUNICODE_STRING LdrpTopLevelDllBeingLoaded
 
PLDR_DATA_TABLE_ENTRY LdrpCurrentDllInitializer
 
UNICODE_STRING LdrApiDefaultExtension
 
BOOLEAN LdrpLdrDatabaseIsSetup
 
ULONG LdrpActiveUnloadCount
 
BOOLEAN LdrpShutdownInProgress
 
UNICODE_STRING LdrpKnownDllPath
 
PLDR_DATA_TABLE_ENTRY LdrpGetModuleHandleCache
 
PLDR_DATA_TABLE_ENTRY LdrpLoadedDllHandleCache
 
BOOLEAN RtlpPageHeapEnabled
 
ULONG RtlpDphGlobalFlags
 
BOOLEAN g_ShimsEnabled
 
PVOID g_pShimEngineModule
 
PVOID g_pfnSE_DllLoaded
 
PVOID g_pfnSE_DllUnloaded
 
PVOID g_pfnSE_InstallBeforeInit
 
PVOID g_pfnSE_InstallAfterInit
 
PVOID g_pfnSE_ProcessDying
 

Macro Definition Documentation

◆ DPH_FLAG_DLL_NOTIFY

#define DPH_FLAG_DLL_NOTIFY   0x40

Definition at line 24 of file ntdllp.h.

◆ IMAGE_LOADER_FLAGS_COMPLUS

#define IMAGE_LOADER_FLAGS_COMPLUS   0x00000001

Definition at line 20 of file ntdllp.h.

◆ IMAGE_LOADER_FLAGS_SYSTEM_GLOBAL

#define IMAGE_LOADER_FLAGS_SYSTEM_GLOBAL   0x01000000

Definition at line 21 of file ntdllp.h.

◆ LDR_GET_HASH_ENTRY

#define LDR_GET_HASH_ENTRY (   x)    (RtlUpcaseUnicodeChar((x)) & (LDR_HASH_TABLE_ENTRIES - 1))

Definition at line 12 of file ntdllp.h.

◆ LDR_HASH_TABLE_ENTRIES

#define LDR_HASH_TABLE_ENTRIES   32

Definition at line 11 of file ntdllp.h.

◆ LDRP_UPDATE_DEREFCOUNT

#define LDRP_UPDATE_DEREFCOUNT   0x02

Definition at line 16 of file ntdllp.h.

◆ LDRP_UPDATE_PIN

#define LDRP_UPDATE_PIN   0x03

Definition at line 17 of file ntdllp.h.

◆ LDRP_UPDATE_REFCOUNT

#define LDRP_UPDATE_REFCOUNT   0x01

Definition at line 15 of file ntdllp.h.

Typedef Documentation

◆ LDRP_TLS_DATA

◆ PEPFUNC

typedef NTSTATUS(NTAPI * PEPFUNC) (PPEB)

Definition at line 198 of file ntdllp.h.

◆ PLDR_APP_COMPAT_DLL_REDIRECTION_CALLBACK_FUNCTION

typedef NTSTATUS(NTAPI* PLDR_APP_COMPAT_DLL_REDIRECTION_CALLBACK_FUNCTION) (_In_ ULONG Flags, _In_ PCWSTR DllName, _In_ PCWSTR DllPath OPTIONAL, _Inout_opt_ PULONG DllCharacteristics, _In_ PVOID CallbackData, _Outptr_ PWSTR *EffectiveDllPath)

Definition at line 34 of file ntdllp.h.

◆ PLDRP_TLS_DATA

Function Documentation

◆ AVrfDllLoadNotification()

VOID NTAPI AVrfDllLoadNotification ( IN PLDR_DATA_TABLE_ENTRY  LdrEntry)

Definition at line 294 of file verifier.c.

295 {
297 
299  return;
300 
302  if (!AVrfpIsVerifierProviderDll(LdrEntry->DllBase))
303  {
304  AvrfpResolveThunks(LdrEntry);
305 
307  {
309  RTL_VERIFIER_DLL_LOAD_CALLBACK ProviderDllLoadCallback;
310 
312 
313  ProviderDllLoadCallback = Provider->ProviderDllLoadCallback;
314  if (ProviderDllLoadCallback)
315  {
316  ProviderDllLoadCallback(LdrEntry->BaseDllName.Buffer,
317  LdrEntry->DllBase,
318  LdrEntry->SizeOfImage,
319  LdrEntry);
320  }
321  }
322  }
324 }
RTL_CRITICAL_SECTION AVrfpVerifierLock
Definition: verifier.c:21
struct _Entry Entry
Definition: kefuncs.h:627
VOID(NTAPI * RTL_VERIFIER_DLL_LOAD_CALLBACK)(PWSTR DllName, PVOID DllBase, SIZE_T DllSize, PVOID Reserved)
Definition: verifier.h:6
BOOLEAN AVrfpIsVerifierProviderDll(PVOID BaseAddress)
Definition: verifier.c:103
NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
LIST_ENTRY AVrfpVerifierProvidersList
Definition: verifier.c:22
NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
#define FLG_APPLICATION_VERIFIER
Definition: pstypes.h:64
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
VOID AvrfpResolveThunks(IN PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: verifier.c:235
Definition: typedefs.h:119
#define NtCurrentPeb()
Definition: FLS.c:22
ULONG NtGlobalFlag
Definition: init.c:52
base of all file and directory entries
Definition: entries.h:82

Referenced by LdrpWalkImportDescriptor().

◆ AVrfDllUnloadNotification()

VOID NTAPI AVrfDllUnloadNotification ( IN PLDR_DATA_TABLE_ENTRY  LdrEntry)

Definition at line 328 of file verifier.c.

329 {
331 
333  return;
334 
336  if (!AVrfpIsVerifierProviderDll(LdrEntry->DllBase))
337  {
339  {
341  RTL_VERIFIER_DLL_UNLOAD_CALLBACK ProviderDllUnloadCallback;
342 
344 
345  ProviderDllUnloadCallback = Provider->ProviderDllUnloadCallback;
346  if (ProviderDllUnloadCallback)
347  {
348  ProviderDllUnloadCallback(LdrEntry->BaseDllName.Buffer,
349  LdrEntry->DllBase,
350  LdrEntry->SizeOfImage,
351  LdrEntry);
352  }
353  }
354  }
356 }
RTL_CRITICAL_SECTION AVrfpVerifierLock
Definition: verifier.c:21
struct _Entry Entry
Definition: kefuncs.h:627
BOOLEAN AVrfpIsVerifierProviderDll(PVOID BaseAddress)
Definition: verifier.c:103
NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
VOID(NTAPI * RTL_VERIFIER_DLL_UNLOAD_CALLBACK)(PWSTR DllName, PVOID DllBase, SIZE_T DllSize, PVOID Reserved)
Definition: verifier.h:7
LIST_ENTRY AVrfpVerifierProvidersList
Definition: verifier.c:22
NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
#define FLG_APPLICATION_VERIFIER
Definition: pstypes.h:64
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
Definition: typedefs.h:119
#define NtCurrentPeb()
Definition: FLS.c:22
ULONG NtGlobalFlag
Definition: init.c:52
base of all file and directory entries
Definition: entries.h:82

Referenced by LdrUnloadDll().

◆ AVrfInitializeVerifier()

NTSTATUS NTAPI AVrfInitializeVerifier ( VOID  )

Definition at line 612 of file verifier.c.

613 {
617  WCHAR* Ptr, *Next;
618 
621 
622  if (!NT_SUCCESS(Status))
623  return Status;
624 
625  DbgPrint("AVRF: %wZ: pid 0x%X: flags 0x%X: application verifier enabled\n",
627 
628  Provider = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(VERIFIER_PROVIDER));
629  if (!Provider)
630  return STATUS_NO_MEMORY;
631 
632  RtlInitUnicodeString(&Provider->DllName, L"verifier.dll");
634 
636 
637  do
638  {
639  while (*Next == L' ' || *Next == L'\t')
640  Next++;
641 
642  Ptr = Next;
643 
644  while (*Next != ' ' && *Next != '\t' && *Next)
645  Next++;
646 
647  if (*Next)
648  *(Next++) = '\0';
649  else
650  Next = NULL;
651 
652  if (*Ptr)
653  {
654  Provider = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(VERIFIER_PROVIDER));
655  if (!Provider)
656  return STATUS_NO_MEMORY;
657  RtlInitUnicodeString(&Provider->DllName, Ptr);
659  }
660  } while (Next);
661 
664  {
666  Entry = Entry->Flink;
667 
669  if (!NT_SUCCESS(Status))
670  {
671  RemoveEntryList(&Provider->ListEntry);
672  RtlFreeHeap(RtlGetProcessHeap(), 0, Provider);
673  }
674  }
675 
676  if (!NT_SUCCESS(Status))
677  {
678  DbgPrint("AVRF: %wZ: pid 0x%X: application verifier will be disabled due to an initialization error.\n",
680  NtCurrentPeb()->NtGlobalFlag &= ~FLG_APPLICATION_VERIFIER;
681  }
682 
683  return Status;
684 }
RTL_CRITICAL_SECTION AVrfpVerifierLock
Definition: verifier.c:21
#define DbgPrint
Definition: hal.h:12
struct _Entry Entry
Definition: kefuncs.h:627
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
Definition: fsrtlfuncs.h:898
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
#define InsertTailList(ListHead, Entry)
HANDLE UniqueProcess
Definition: compat.h:684
FORCEINLINE BOOLEAN RemoveEntryList(_In_ PLIST_ENTRY Entry)
Definition: rtlfuncs.h:105
LIST_ENTRY AVrfpVerifierProvidersList
Definition: verifier.c:22
#define FLG_APPLICATION_VERIFIER
Definition: pstypes.h:64
ULONG AVrfpVerifierFlags
Definition: verifier.c:17
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
_Out_ PCLIENT_ID ClientId
Definition: kefuncs.h:1163
__wchar_t WCHAR
Definition: xmlstorage.h:180
NTSYSAPI NTSTATUS NTAPI RtlInitializeCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
static const WCHAR L[]
Definition: oid.c:1250
Definition: typedefs.h:119
WCHAR AVrfpVerifierDllsString[256]
Definition: verifier.c:18
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
Definition: psfuncs.h:420
#define NtCurrentPeb()
Definition: FLS.c:22
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
NTSTATUS NTAPI AVrfpLoadAndInitializeProvider(PVERIFIER_PROVIDER Provider)
Definition: verifier.c:485
UNICODE_STRING BaseDllName
Definition: ldrtypes.h:145
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
PLDR_DATA_TABLE_ENTRY LdrpImageEntry
Definition: ldrinit.c:39
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
base of all file and directory entries
Definition: entries.h:82

Referenced by LdrpInitializeProcess().

◆ AVrfPageHeapDllNotification()

VOID NTAPI AVrfPageHeapDllNotification ( IN PLDR_DATA_TABLE_ENTRY  LdrEntry)

Definition at line 361 of file verifier.c.

362 {
363  /* Check if page heap dll notification is turned on */
365  return;
366 
367  /* We don't support this flag currently */
369 }
ULONG RtlpDphGlobalFlags
Definition: heappage.c:107
#define DPH_FLAG_DLL_NOTIFY
Definition: ntdllp.h:24
#define UNIMPLEMENTED
Definition: debug.h:115

Referenced by LdrpWalkImportDescriptor().

◆ LdrMapNTDllForProcess()

NTSTATUS LdrMapNTDllForProcess ( HANDLE  ProcessHandle,
PHANDLE  NTDllSectionHandle 
)

◆ LdrMapSections()

NTSTATUS LdrMapSections ( HANDLE  ProcessHandle,
PVOID  ImageBase,
HANDLE  SectionHandle,
PIMAGE_NT_HEADERS  NTHeaders 
)

◆ LdrpAllocateDataTableEntry()

PLDR_DATA_TABLE_ENTRY NTAPI LdrpAllocateDataTableEntry ( IN PVOID  BaseAddress)

Definition at line 1549 of file ldrutils.c.

1550 {
1551  PLDR_DATA_TABLE_ENTRY LdrEntry = NULL;
1552  PIMAGE_NT_HEADERS NtHeader;
1553 
1554  /* Make sure the header is valid */
1555  NtHeader = RtlImageNtHeader(BaseAddress);
1556  DPRINT("LdrpAllocateDataTableEntry(%p), NtHeader %p\n", BaseAddress, NtHeader);
1557 
1558  if (NtHeader)
1559  {
1560  /* Allocate an entry */
1561  LdrEntry = RtlAllocateHeap(LdrpHeap,
1563  sizeof(LDR_DATA_TABLE_ENTRY));
1564 
1565  /* Make sure we got one */
1566  if (LdrEntry)
1567  {
1568  /* Set it up */
1569  LdrEntry->DllBase = BaseAddress;
1570  LdrEntry->SizeOfImage = NtHeader->OptionalHeader.SizeOfImage;
1571  LdrEntry->TimeDateStamp = NtHeader->FileHeader.TimeDateStamp;
1572  LdrEntry->PatchInformation = NULL;
1573  }
1574  }
1575 
1576  /* Return the entry */
1577  return LdrEntry;
1578 }
ULONG SizeOfImage
Definition: ldrtypes.h:143
PVOID DllBase
Definition: btrfs_drv.h:1926
IMAGE_FILE_HEADER FileHeader
Definition: ntddk_ex.h:183
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
PVOID PatchInformation
Definition: ldrtypes.h:164
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404
Definition: btrfs_drv.h:1922
IMAGE_OPTIONAL_HEADER32 OptionalHeader
Definition: ntddk_ex.h:184
ULONG TimeDateStamp
Definition: btrfs_drv.h:1935
#define NULL
Definition: types.h:112
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
#define RtlImageNtHeader
Definition: compat.h:665
#define DPRINT
Definition: sndvol32.h:71
PVOID LdrpHeap
Definition: ldrinit.c:59

Referenced by LdrpInitializeProcess(), and LdrpMapDll().

◆ LdrpAllocateTls()

NTSTATUS NTAPI LdrpAllocateTls ( VOID  )

Definition at line 1317 of file ldrinit.c.

1318 {
1319  PTEB Teb = NtCurrentTeb();
1320  PLIST_ENTRY NextEntry, ListHead;
1321  PLDRP_TLS_DATA TlsData;
1322  SIZE_T TlsDataSize;
1323  PVOID *TlsVector;
1324 
1325  /* Check if we have any entries */
1327  return STATUS_SUCCESS;
1328 
1329  /* Allocate the vector array */
1330  TlsVector = RtlAllocateHeap(RtlGetProcessHeap(),
1331  0,
1332  LdrpNumberOfTlsEntries * sizeof(PVOID));
1333  if (!TlsVector) return STATUS_NO_MEMORY;
1334  Teb->ThreadLocalStoragePointer = TlsVector;
1335 
1336  /* Loop the TLS Array */
1337  ListHead = &LdrpTlsList;
1338  NextEntry = ListHead->Flink;
1339  while (NextEntry != ListHead)
1340  {
1341  /* Get the entry */
1342  TlsData = CONTAINING_RECORD(NextEntry, LDRP_TLS_DATA, TlsLinks);
1343  NextEntry = NextEntry->Flink;
1344 
1345  /* Allocate this vector */
1346  TlsDataSize = TlsData->TlsDirectory.EndAddressOfRawData -
1348  TlsVector[TlsData->TlsDirectory.Characteristics] = RtlAllocateHeap(RtlGetProcessHeap(),
1349  0,
1350  TlsDataSize);
1351  if (!TlsVector[TlsData->TlsDirectory.Characteristics])
1352  {
1353  /* Out of memory */
1354  return STATUS_NO_MEMORY;
1355  }
1356 
1357  /* Show debug message */
1358  if (ShowSnaps)
1359  {
1360  DPRINT1("LDR: TlsVector %p Index %lu = %p copied from %x to %p\n",
1361  TlsVector,
1362  TlsData->TlsDirectory.Characteristics,
1363  &TlsVector[TlsData->TlsDirectory.Characteristics],
1365  TlsVector[TlsData->TlsDirectory.Characteristics]);
1366  }
1367 
1368  /* Copy the data */
1369  RtlCopyMemory(TlsVector[TlsData->TlsDirectory.Characteristics],
1371  TlsDataSize);
1372  }
1373 
1374  /* Done */
1375  return STATUS_SUCCESS;
1376 }
IMAGE_TLS_DIRECTORY TlsDirectory
Definition: ntdllp.h:29
LIST_ENTRY LdrpTlsList
Definition: ldrinit.c:53
PVOID ThreadLocalStoragePointer
Definition: compat.h:700
BOOLEAN ShowSnaps
Definition: ldrinit.c:81
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
ULONG LdrpNumberOfTlsEntries
Definition: ldrinit.c:54
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
Definition: typedefs.h:119
ULONG_PTR SIZE_T
Definition: typedefs.h:80
Definition: compat.h:694
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
Definition: psfuncs.h:420
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
#define DPRINT1
Definition: precomp.h:8
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
#define STATUS_SUCCESS
Definition: shellext.h:65
ULONG StartAddressOfRawData
Definition: ntimage.h:546

Referenced by LdrpInitializeThread(), and LdrpInitializeTls().

◆ LdrpCallInitRoutine()

BOOLEAN NTAPI LdrpCallInitRoutine ( IN PDLL_INIT_ROUTINE  EntryPoint,
IN PVOID  BaseAddress,
IN ULONG  Reason,
IN PVOID  Context 
)

Definition at line 100 of file ldrutils.c.

104 {
105  /* Call the entry */
106  return EntryPoint(BaseAddress, Reason, Context);
107 }
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404
PVOID PVOID PWCHAR PVOID USHORT PULONG Reason
Definition: env.c:47

Referenced by AVrfpLoadAndInitializeProvider(), LdrpCallTlsInitializers(), LdrpInitializeThread(), LdrpRunInitializeRoutines(), LdrpRunShimEngineInitRoutine(), LdrShutdownProcess(), LdrShutdownThread(), and LdrUnloadDll().

◆ LdrpCallTlsInitializers()

VOID NTAPI LdrpCallTlsInitializers ( IN PLDR_DATA_TABLE_ENTRY  LdrEntry,
IN ULONG  Reason 
)

Definition at line 473 of file ldrutils.c.

475 {
476  PIMAGE_TLS_DIRECTORY TlsDirectory;
478  ULONG Size;
479 
480  /* Get the TLS Directory */
481  TlsDirectory = RtlImageDirectoryEntryToData(LdrEntry->DllBase,
482  TRUE,
484  &Size);
485 
486  /* Protect against invalid pointers */
487  _SEH2_TRY
488  {
489  /* Make sure it's valid */
490  if (TlsDirectory)
491  {
492  /* Get the array */
493  Array = (PIMAGE_TLS_CALLBACK *)TlsDirectory->AddressOfCallBacks;
494  if (Array)
495  {
496  /* Display debug */
497  if (ShowSnaps)
498  {
499  DPRINT1("LDR: Tls Callbacks Found. Imagebase %p Tls %p CallBacks %p\n",
500  LdrEntry->DllBase, TlsDirectory, Array);
501  }
502 
503  /* Loop the array */
504  while (*Array)
505  {
506  /* Get the TLS Entrypoint */
507  Callback = *Array++;
508 
509  /* Display debug */
510  if (ShowSnaps)
511  {
512  DPRINT1("LDR: Calling Tls Callback Imagebase %p Function %p\n",
513  LdrEntry->DllBase, Callback);
514  }
515 
516  /* Call it */
518  LdrEntry->DllBase,
519  Reason,
520  NULL);
521  }
522  }
523  }
524  }
526  {
527  DPRINT1("LDR: Exception 0x%x during Tls Callback(%u) for %wZ\n",
528  _SEH2_GetExceptionCode(), Reason, &LdrEntry->BaseDllName);
529  }
530  _SEH2_END;
531 }
#define TRUE
Definition: types.h:120
BOOLEAN ShowSnaps
Definition: ldrinit.c:81
IN PVOID IN PVOID IN USHORT IN USHORT Size
Definition: pci.h:361
if(dx==0 &&dy==0)
Definition: linetemp.h:174
_SEH2_TRY
Definition: create.c:4226
#define IMAGE_DIRECTORY_ENTRY_TLS
Definition: pedump.c:268
VOID(NTAPI * PIMAGE_TLS_CALLBACK)(PVOID DllHandle, ULONG Reason, PVOID Reserved)
Definition: ntimage.h:531
BOOLEAN(NTAPI * PDLL_INIT_ROUTINE)(_In_ PVOID DllHandle, _In_ ULONG Reason, _In_opt_ PCONTEXT Context)
Definition: ldrtypes.h:254
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
#define RtlImageDirectoryEntryToData
Definition: compat.h:668
_In_ WDFINTERRUPT _In_ PFN_WDF_INTERRUPT_SYNCHRONIZE Callback
Definition: wdfinterrupt.h:456
_SEH2_END
Definition: create.c:4400
#define NULL
Definition: types.h:112
#define DPRINT1
Definition: precomp.h:8
unsigned int ULONG
Definition: retypes.h:1
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
BOOLEAN NTAPI LdrpCallInitRoutine(IN PDLL_INIT_ROUTINE EntryPoint, IN PVOID BaseAddress, IN ULONG Reason, IN PVOID Context)
Definition: ldrutils.c:100
PVOID PVOID PWCHAR PVOID USHORT PULONG Reason
Definition: env.c:47

Referenced by LdrpInitializeThread(), LdrpRunInitializeRoutines(), LdrShutdownProcess(), and LdrShutdownThread().

◆ LdrpCheckForLoadedDll()

BOOLEAN NTAPI LdrpCheckForLoadedDll ( IN PWSTR  DllPath,
IN PUNICODE_STRING  DllName,
IN BOOLEAN  Flag,
IN BOOLEAN  RedirectedDll,
OUT PLDR_DATA_TABLE_ENTRY LdrEntry 
)

Definition at line 1979 of file ldrutils.c.

1984 {
1985  ULONG HashIndex;
1986  PLIST_ENTRY ListHead, ListEntry;
1987  PLDR_DATA_TABLE_ENTRY CurEntry;
1988  BOOLEAN FullPath = FALSE;
1989  PWCHAR wc;
1990  WCHAR NameBuf[266];
1991  UNICODE_STRING FullDllName, NtPathName;
1992  ULONG Length;
1994  NTSTATUS Status;
1995  HANDLE FileHandle, SectionHandle;
1997  PVOID ViewBase = NULL;
1998  SIZE_T ViewSize = 0;
1999  PIMAGE_NT_HEADERS NtHeader, NtHeader2;
2000  DPRINT("LdrpCheckForLoadedDll('%S' '%wZ' %u %u %p)\n", DllPath ? ((ULONG_PTR)DllPath == 1 ? L"" : DllPath) : L"", DllName, Flag, RedirectedDll, LdrEntry);
2001 
2002  /* Check if a dll name was provided */
2003  if (!(DllName->Buffer) || !(DllName->Buffer[0])) return FALSE;
2004 
2005  /* FIXME: Warning, "Flag" is used as magic instead of "Static" */
2006  /* FIXME: Warning, code does not support redirection at all */
2007 
2008  /* Look in the hash table if flag was set */
2009 lookinhash:
2010  if (Flag /* the second check is a hack */ && !RedirectedDll)
2011  {
2012  /* FIXME: if we get redirected dll it means that we also get a full path so we need to find its filename for the hash lookup */
2013 
2014  /* Get hash index */
2015  HashIndex = LDR_GET_HASH_ENTRY(DllName->Buffer[0]);
2016 
2017  /* Traverse that list */
2018  ListHead = &LdrpHashTable[HashIndex];
2019  ListEntry = ListHead->Flink;
2020  while (ListEntry != ListHead)
2021  {
2022  /* Get the current entry */
2023  CurEntry = CONTAINING_RECORD(ListEntry, LDR_DATA_TABLE_ENTRY, HashLinks);
2024 
2025  /* Check base name of that module */
2026  if (RtlEqualUnicodeString(DllName, &CurEntry->BaseDllName, TRUE))
2027  {
2028  /* It matches, return it */
2029  *LdrEntry = CurEntry;
2030  return TRUE;
2031  }
2032 
2033  /* Advance to the next entry */
2034  ListEntry = ListEntry->Flink;
2035  }
2036 
2037  /* Module was not found, return failure */
2038  return FALSE;
2039  }
2040 
2041  /* Check if this is a redirected DLL */
2042  if (RedirectedDll)
2043  {
2044  /* Redirected dlls already have a full path */
2045  FullPath = TRUE;
2046  FullDllName = *DllName;
2047  }
2048  else
2049  {
2050  /* Check if there is a full path in this DLL */
2051  wc = DllName->Buffer;
2052  while (*wc)
2053  {
2054  /* Check for a slash in the current position*/
2055  if ((*wc == L'\\') || (*wc == L'/'))
2056  {
2057  /* Found the slash, so dll name contains path */
2058  FullPath = TRUE;
2059 
2060  /* Setup full dll name string */
2061  FullDllName.Buffer = NameBuf;
2062 
2063  /* FIXME: This is from the Windows 2000 loader, not XP/2003, we should call LdrpSearchPath */
2065  DllName->Buffer,
2066  NULL,
2067  sizeof(NameBuf) - sizeof(UNICODE_NULL),
2068  FullDllName.Buffer,
2069  NULL);
2070 
2071  /* Check if that was successful */
2072  if (!(Length) || (Length > (sizeof(NameBuf) - sizeof(UNICODE_NULL))))
2073  {
2074  if (ShowSnaps)
2075  {
2076  DPRINT1("LDR: LdrpCheckForLoadedDll - Unable To Locate %wZ: 0x%08x\n",
2077  &DllName, Length);
2078  }
2079  }
2080 
2081  /* Full dll name is found */
2082  FullDllName.Length = Length;
2083  FullDllName.MaximumLength = FullDllName.Length + sizeof(UNICODE_NULL);
2084  break;
2085  }
2086 
2087  wc++;
2088  }
2089  }
2090 
2091  /* Go check the hash table */
2092  if (!FullPath)
2093  {
2094  Flag = TRUE;
2095  goto lookinhash;
2096  }
2097 
2098  /* FIXME: Warning, activation context missing */
2099  DPRINT("Warning, activation context missing\n");
2100 
2101  /* NOTE: From here on down, everything looks good */
2102 
2103  /* Loop the module list */
2104  ListHead = &NtCurrentPeb()->Ldr->InLoadOrderModuleList;
2105  ListEntry = ListHead->Flink;
2106  while (ListEntry != ListHead)
2107  {
2108  /* Get the current entry and advance to the next one */
2109  CurEntry = CONTAINING_RECORD(ListEntry,
2111  InLoadOrderLinks);
2112  ListEntry = ListEntry->Flink;
2113 
2114  /* Check if it's being unloaded */
2115  if (!CurEntry->InMemoryOrderLinks.Flink) continue;
2116 
2117  /* Check if name matches */
2119  &CurEntry->FullDllName,
2120  TRUE))
2121  {
2122  /* Found it */
2123  *LdrEntry = CurEntry;
2124  return TRUE;
2125  }
2126  }
2127 
2128  /* Convert given path to NT path */
2130  &NtPathName,
2131  NULL,
2132  NULL))
2133  {
2134  /* Fail if conversion failed */
2135  return FALSE;
2136  }
2137 
2138  /* Initialize object attributes and open it */
2140  &NtPathName,
2142  NULL,
2143  NULL);
2147  &Iosb,
2150 
2151  /* Free NT path name */
2152  RtlFreeHeap(RtlGetProcessHeap(), 0, NtPathName.Buffer);
2153 
2154  /* If opening the file failed - return failure */
2155  if (!NT_SUCCESS(Status)) return FALSE;
2156 
2157  /* Create a section for this file */
2158  Status = NtCreateSection(&SectionHandle,
2162  NULL,
2163  NULL,
2164  PAGE_EXECUTE,
2165  SEC_COMMIT,
2166  FileHandle);
2167 
2168  /* Close file handle */
2170 
2171  /* If creating section failed - return failure */
2172  if (!NT_SUCCESS(Status)) return FALSE;
2173 
2174  /* Map view of this section */
2175  Status = ZwMapViewOfSection(SectionHandle,
2176  NtCurrentProcess(),
2177  &ViewBase,
2178  0,
2179  0,
2180  NULL,
2181  &ViewSize,
2182  ViewShare,
2183  0,
2184  PAGE_EXECUTE);
2185 
2186  /* Close section handle */
2187  NtClose(SectionHandle);
2188 
2189  /* If section mapping failed - return failure */
2190  if (!NT_SUCCESS(Status)) return FALSE;
2191 
2192  /* Get pointer to the NT header of this section */
2193  Status = RtlImageNtHeaderEx(0, ViewBase, ViewSize, &NtHeader);
2194  if (!(NT_SUCCESS(Status)) || !(NtHeader))
2195  {
2196  /* Unmap the section and fail */
2198  return FALSE;
2199  }
2200 
2201  /* Go through the list of modules again */
2202  ListHead = &NtCurrentPeb()->Ldr->InLoadOrderModuleList;
2203  ListEntry = ListHead->Flink;
2204  while (ListEntry != ListHead)
2205  {
2206  /* Get the current entry and advance to the next one */
2207  CurEntry = CONTAINING_RECORD(ListEntry,
2209  InLoadOrderLinks);
2210  ListEntry = ListEntry->Flink;
2211 
2212  /* Check if it's in the process of being unloaded */
2213  if (!CurEntry->InMemoryOrderLinks.Flink) continue;
2214 
2215  /* The header is untrusted, use SEH */
2216  _SEH2_TRY
2217  {
2218  /* Check if timedate stamp and sizes match */
2219  if ((CurEntry->TimeDateStamp == NtHeader->FileHeader.TimeDateStamp) &&
2220  (CurEntry->SizeOfImage == NtHeader->OptionalHeader.SizeOfImage))
2221  {
2222  /* Time, date and size match. Let's compare their headers */
2223  NtHeader2 = RtlImageNtHeader(CurEntry->DllBase);
2224  if (RtlCompareMemory(NtHeader2, NtHeader, sizeof(IMAGE_NT_HEADERS)))
2225  {
2226  /* Headers match too! Finally ask the kernel to compare mapped files */
2227  Status = ZwAreMappedFilesTheSame(CurEntry->DllBase, ViewBase);
2228  if (NT_SUCCESS(Status))
2229  {
2230  /* This is our entry!, unmap and return success */
2231  *LdrEntry = CurEntry;
2233  _SEH2_YIELD(return TRUE;)
2234  }
2235  }
2236  }
2237  }
2239  {
2240  _SEH2_YIELD(break;)
2241  }
2242  _SEH2_END;
2243  }
2244 
2245  /* Unmap the section and fail */
2247  return FALSE;
2248 }
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3840
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
NTSTATUS NTAPI NtCreateSection(OUT PHANDLE SectionHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN PLARGE_INTEGER MaximumSize OPTIONAL, IN ULONG SectionPageProtection OPTIONAL, IN ULONG AllocationAttributes, IN HANDLE FileHandle OPTIONAL)
Definition: section.c:3433
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
#define TRUE
Definition: types.h:120
UNICODE_STRING LdrpDefaultPath
Definition: ldrinit.c:65
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN ShowSnaps
Definition: ldrinit.c:81
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
#define LDR_GET_HASH_ENTRY(x)
Definition: ntdllp.h:12
ULONG SizeOfImage
Definition: ldrtypes.h:143
uint16_t * PWCHAR
Definition: typedefs.h:56
#define FILE_SHARE_READ
Definition: compat.h:136
_SEH2_TRY
Definition: create.c:4226
uint32_t ULONG_PTR
Definition: typedefs.h:65
PVOID DllBase
Definition: btrfs_drv.h:1926
HANDLE FileHandle
Definition: stats.c:38
NTSYSAPI ULONG NTAPI RtlDosSearchPath_U(_In_ PCWSTR Path, _In_ PCWSTR FileName, _In_ PCWSTR Extension, _In_ ULONG BufferSize, _Out_ PWSTR Buffer, _Out_ PWSTR *PartName)
#define SEC_COMMIT
Definition: mmtypes.h:99
#define FALSE
Definition: types.h:117
#define UNICODE_NULL
LIST_ENTRY LdrpHashTable[LDR_HASH_TABLE_ENTRIES]
Definition: ldrinit.c:60
unsigned char BOOLEAN
#define PAGE_EXECUTE
Definition: nt_native.h:1306
NTSTATUS NTAPI RtlImageNtHeaderEx(_In_ ULONG Flags, _In_ PVOID Base, _In_ ULONG64 Size, _Out_ PIMAGE_NT_HEADERS *OutHeaders)
Definition: libsupp.c:32
_In_ PCWSTR FullDllName
Definition: ldrtypes.h:247
IMAGE_FILE_HEADER FileHeader
Definition: ntddk_ex.h:183
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
#define SECTION_MAP_WRITE
Definition: nt_native.h:1288
#define NtCurrentProcess()
Definition: nt_native.h:1657
Status
Definition: gdiplustypes.h:24
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
NTSYSAPI NTSTATUS NTAPI NtOpenFile(OUT PHANDLE phFile, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, OUT PIO_STATUS_BLOCK pIoStatusBlock, IN ULONG ShareMode, IN ULONG OpenMode)
Definition: file.c:3951
__wchar_t WCHAR
Definition: xmlstorage.h:180
return Iosb
Definition: create.c:4402
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
Definition: xml2sdb.h:79
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
#define FILE_SHARE_DELETE
Definition: nt_native.h:682
static const WCHAR L[]
Definition: oid.c:1250
#define SECTION_MAP_READ
Definition: compat.h:139
#define FILE_EXECUTE
Definition: nt_native.h:642
#define FILE_NON_DIRECTORY_FILE
Definition: constants.h:492
Definition: btrfs_drv.h:1922
Definition: typedefs.h:119
#define SYNCHRONIZE
Definition: nt_native.h:61
IMAGE_OPTIONAL_HEADER32 OptionalHeader
Definition: ntddk_ex.h:184
ULONG TimeDateStamp
Definition: btrfs_drv.h:1935
ULONG_PTR SIZE_T
Definition: typedefs.h:80
_SEH2_END
Definition: create.c:4400
#define NtCurrentPeb()
Definition: FLS.c:22
LIST_ENTRY InMemoryOrderLinks
Definition: btrfs_drv.h:1924
static const char const char * DllPath
Definition: image.c:34
UNICODE_STRING FullDllName
Definition: btrfs_drv.h:1928
UNICODE_STRING BaseDllName
Definition: ldrtypes.h:145
#define NULL
Definition: types.h:112
NTSYSAPI NTSTATUS NTAPI ZwAreMappedFilesTheSame(_In_ PVOID File1MappedAsAnImage, _In_ PVOID File2MappedAsFile)
#define DPRINT1
Definition: precomp.h:8
#define RtlImageNtHeader
Definition: compat.h:665
#define FILE_SYNCHRONOUS_IO_NONALERT
Definition: from_kernel.h:31
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T ViewSize
Definition: mmfuncs.h:404
unsigned int ULONG
Definition: retypes.h:1
#define SECTION_MAP_EXECUTE
Definition: nt_native.h:1290
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168
#define DPRINT
Definition: sndvol32.h:71
NTSYSAPI BOOLEAN NTAPI RtlEqualUnicodeString(PUNICODE_STRING String1, PUNICODE_STRING String2, BOOLEAN CaseInSensitive)
NTSYSAPI BOOLEAN NTAPI RtlDosPathNameToNtPathName_U(_In_opt_z_ PCWSTR DosPathName, _Out_ PUNICODE_STRING NtPathName, _Out_opt_ PCWSTR *NtFileNamePart, _Out_opt_ PRTL_RELATIVE_NAME_U DirectoryInfo)
#define RtlCompareMemory(s1, s2, l)
Definition: env_spec_w32.h:465

Referenced by LdrGetDllHandleEx(), LdrpLoadDll(), LdrpLoadImportModule(), and LdrpUpdateLoadCount3().

◆ LdrpCheckForLoadedDllHandle()

BOOLEAN NTAPI LdrpCheckForLoadedDllHandle ( IN PVOID  Base,
OUT PLDR_DATA_TABLE_ENTRY LdrEntry 
)

Definition at line 1621 of file ldrutils.c.

1623 {
1624  PLDR_DATA_TABLE_ENTRY Current;
1625  PLIST_ENTRY ListHead, Next;
1626 
1627  /* Check the cache first */
1628  if ((LdrpLoadedDllHandleCache) &&
1630  {
1631  /* We got lucky, return the cached entry */
1632  *LdrEntry = LdrpLoadedDllHandleCache;
1633  return TRUE;
1634  }
1635 
1636  /* Time for a lookup */
1637  ListHead = &NtCurrentPeb()->Ldr->InLoadOrderModuleList;
1638  Next = ListHead->Flink;
1639  while (Next != ListHead)
1640  {
1641  /* Get the current entry */
1642  Current = CONTAINING_RECORD(Next,
1644  InLoadOrderLinks);
1645 
1646  /* Make sure it's not unloading and check for a match */
1647  if ((Current->InMemoryOrderLinks.Flink) && (Base == Current->DllBase))
1648  {
1649  /* Save in cache */
1650  LdrpLoadedDllHandleCache = Current;
1651 
1652  /* Return it */
1653  *LdrEntry = Current;
1654  return TRUE;
1655  }
1656 
1657  /* Move to the next one */
1658  Next = Next->Flink;
1659  }
1660 
1661  /* Nothing found */
1662  return FALSE;
1663 }
PLDR_DATA_TABLE_ENTRY LdrpLoadedDllHandleCache
Definition: ldrutils.c:19
#define TRUE
Definition: types.h:120
_In_opt_ ULONG Base
Definition: rtlfuncs.h:2386
PVOID DllBase
Definition: btrfs_drv.h:1926
#define FALSE
Definition: types.h:117
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
Definition: btrfs_drv.h:1922
Definition: typedefs.h:119
#define NtCurrentPeb()
Definition: FLS.c:22
LIST_ENTRY InMemoryOrderLinks
Definition: btrfs_drv.h:1924

Referenced by LdrAddRefDll(), LdrDisableThreadCalloutsForDll(), LdrpGetProcedureAddress(), LdrpSnapThunk(), and LdrUnloadDll().

◆ LdrpClearLoadInProgress()

ULONG NTAPI LdrpClearLoadInProgress ( VOID  )

Definition at line 2663 of file ldrutils.c.

2664 {
2665  PLIST_ENTRY ListHead, Entry;
2666  PLDR_DATA_TABLE_ENTRY LdrEntry;
2667  ULONG ModulesCount = 0;
2668 
2669  /* Traverse the init list */
2670  ListHead = &NtCurrentPeb()->Ldr->InInitializationOrderModuleList;
2671  Entry = ListHead->Flink;
2672  while (Entry != ListHead)
2673  {
2674  /* Get the loader entry */
2675  LdrEntry = CONTAINING_RECORD(Entry,
2677  InInitializationOrderLinks);
2678 
2679  /* Clear load in progress flag */
2680  LdrEntry->Flags &= ~LDRP_LOAD_IN_PROGRESS;
2681 
2682  /* Check for modules with entry point count but not processed yet */
2683  if ((LdrEntry->EntryPoint) &&
2684  !(LdrEntry->Flags & LDRP_ENTRY_PROCESSED))
2685  {
2686  /* Increase counter */
2687  ModulesCount++;
2688  }
2689 
2690  /* Advance to the next entry */
2691  Entry = Entry->Flink;
2692  }
2693 
2694  /* Return final count */
2695  return ModulesCount;
2696 }
#define LDRP_LOAD_IN_PROGRESS
Definition: ldrtypes.h:42
#define LDRP_ENTRY_PROCESSED
Definition: ldrtypes.h:44
struct _Entry Entry
Definition: kefuncs.h:627
PVOID EntryPoint
Definition: ntddk_ex.h:203
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
Definition: btrfs_drv.h:1922
Definition: typedefs.h:119
#define NtCurrentPeb()
Definition: FLS.c:22
ULONG Flags
Definition: ntddk_ex.h:207
unsigned int ULONG
Definition: retypes.h:1
base of all file and directory entries
Definition: entries.h:82

Referenced by LdrAddRefDll(), LdrGetDllHandleEx(), LdrpLoadDll(), and LdrpRunInitializeRoutines().

◆ LdrpEnsureLoaderLockIsHeld()

VOID NTAPI LdrpEnsureLoaderLockIsHeld ( VOID  )

Definition at line 405 of file ldrinit.c.

406 {
407  // Ignored atm
408 }

Referenced by LdrpCheckForKnownDll(), and LdrpRunInitializeRoutines().

◆ LdrpFetchAddressOfEntryPoint()

PVOID NTAPI LdrpFetchAddressOfEntryPoint ( PVOID  ImageBase)

◆ LdrpFinalizeAndDeallocateDataTableEntry()

VOID NTAPI LdrpFinalizeAndDeallocateDataTableEntry ( IN PLDR_DATA_TABLE_ENTRY  Entry)

Definition at line 1598 of file ldrutils.c.

1599 {
1600  /* Sanity check */
1601  ASSERT(Entry != NULL);
1602 
1603  /* Release the activation context if it exists and wasn't already released */
1604  if ((Entry->EntryPointActivationContext) &&
1605  (Entry->EntryPointActivationContext != INVALID_HANDLE_VALUE))
1606  {
1607  /* Mark it as invalid */
1608  RtlReleaseActivationContext(Entry->EntryPointActivationContext);
1609  Entry->EntryPointActivationContext = INVALID_HANDLE_VALUE;
1610  }
1611 
1612  /* Release the full dll name string */
1613  if (Entry->FullDllName.Buffer) LdrpFreeUnicodeString(&Entry->FullDllName);
1614 
1615  /* Finally free the entry's memory */
1616  RtlFreeHeap(LdrpHeap, 0, Entry);
1617 }
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
#define INVALID_HANDLE_VALUE
Definition: compat.h:590
#define ASSERT(a)
Definition: mode.c:44
NTSYSAPI void WINAPI RtlReleaseActivationContext(HANDLE)
Definition: actctx.c:5344
#define NULL
Definition: types.h:112
VOID NTAPI LdrpFreeUnicodeString(IN PUNICODE_STRING StringIn)
Definition: ldrutils.c:84
PVOID LdrpHeap
Definition: ldrinit.c:59
base of all file and directory entries
Definition: entries.h:82

Referenced by LdrUnloadDll().

◆ LdrpFreeTls()

VOID NTAPI LdrpFreeTls ( VOID  )

Definition at line 1380 of file ldrinit.c.

1381 {
1382  PLIST_ENTRY ListHead, NextEntry;
1383  PLDRP_TLS_DATA TlsData;
1384  PVOID *TlsVector;
1385  PTEB Teb = NtCurrentTeb();
1386 
1387  /* Get a pointer to the vector array */
1388  TlsVector = Teb->ThreadLocalStoragePointer;
1389  if (!TlsVector) return;
1390 
1391  /* Loop through it */
1392  ListHead = &LdrpTlsList;
1393  NextEntry = ListHead->Flink;
1394  while (NextEntry != ListHead)
1395  {
1396  TlsData = CONTAINING_RECORD(NextEntry, LDRP_TLS_DATA, TlsLinks);
1397  NextEntry = NextEntry->Flink;
1398 
1399  /* Free each entry */
1400  if (TlsVector[TlsData->TlsDirectory.Characteristics])
1401  {
1402  RtlFreeHeap(RtlGetProcessHeap(),
1403  0,
1404  TlsVector[TlsData->TlsDirectory.Characteristics]);
1405  }
1406  }
1407 
1408  /* Free the array itself */
1409  RtlFreeHeap(RtlGetProcessHeap(),
1410  0,
1411  TlsVector);
1412 }
IMAGE_TLS_DIRECTORY TlsDirectory
Definition: ntdllp.h:29
LIST_ENTRY LdrpTlsList
Definition: ldrinit.c:53
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
PVOID ThreadLocalStoragePointer
Definition: compat.h:700
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
Definition: typedefs.h:119
Definition: compat.h:694
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
Definition: psfuncs.h:420

Referenced by LdrShutdownThread().

◆ LdrpFreeUnicodeString()

VOID NTAPI LdrpFreeUnicodeString ( PUNICODE_STRING  String)

◆ LdrpGetProcedureAddress()

NTSTATUS NTAPI LdrpGetProcedureAddress ( IN PVOID  BaseAddress,
IN PANSI_STRING  Name,
IN ULONG  Ordinal,
OUT PVOID ProcedureAddress,
IN BOOLEAN  ExecuteInit 
)

Definition at line 2252 of file ldrutils.c.

2257 {
2259  UCHAR ImportBuffer[64];
2260  PLDR_DATA_TABLE_ENTRY LdrEntry;
2261  IMAGE_THUNK_DATA Thunk;
2262  PVOID ImageBase;
2263  PIMAGE_IMPORT_BY_NAME ImportName = NULL;
2264  PIMAGE_EXPORT_DIRECTORY ExportDir;
2265  ULONG ExportDirSize, Length;
2267 
2268  /* Show debug message */
2269  if (ShowSnaps) DPRINT1("LDR: LdrGetProcedureAddress by ");
2270 
2271  /* Check if we got a name */
2272  if (Name)
2273  {
2274  /* Show debug message */
2275  if (ShowSnaps) DbgPrint("NAME - %s\n", Name->Buffer);
2276 
2277  /* Make sure it's not too long */
2278  Length = Name->Length +
2279  sizeof(CHAR) +
2282  {
2283  /* Won't have enough space to add the hint */
2284  return STATUS_NAME_TOO_LONG;
2285  }
2286 
2287  /* Check if our buffer is large enough */
2288  if (Length > sizeof(ImportBuffer))
2289  {
2290  /* Allocate from heap, plus 2 bytes for the Hint */
2291  ImportName = RtlAllocateHeap(RtlGetProcessHeap(),
2292  0,
2293  Length);
2294  }
2295  else
2296  {
2297  /* Use our internal buffer */
2298  ImportName = (PIMAGE_IMPORT_BY_NAME)ImportBuffer;
2299  }
2300 
2301  /* Clear the hint */
2302  ImportName->Hint = 0;
2303 
2304  /* Copy the name and null-terminate it */
2305  RtlCopyMemory(ImportName->Name, Name->Buffer, Name->Length);
2306  ImportName->Name[Name->Length] = ANSI_NULL;
2307 
2308  /* Clear the high bit */
2309  ImageBase = ImportName;
2310  Thunk.u1.AddressOfData = 0;
2311  }
2312  else
2313  {
2314  /* Do it by ordinal */
2315  ImageBase = NULL;
2316 
2317  /* Show debug message */
2318  if (ShowSnaps) DbgPrint("ORDINAL - %lx\n", Ordinal);
2319 
2320  /* Make sure an ordinal was given */
2321  if (!Ordinal)
2322  {
2323  /* No ordinal */
2324  DPRINT1("No ordinal and no name\n");
2325  return STATUS_INVALID_PARAMETER;
2326  }
2327 
2328  /* Set the original flag in the thunk */
2329  Thunk.u1.Ordinal = Ordinal | IMAGE_ORDINAL_FLAG;
2330  }
2331 
2332  /* Acquire lock unless we are initting */
2334 
2335  _SEH2_TRY
2336  {
2337  /* Try to find the loaded DLL */
2338  if (!LdrpCheckForLoadedDllHandle(BaseAddress, &LdrEntry))
2339  {
2340  /* Invalid base */
2341  DPRINT1("Invalid base address %p\n", BaseAddress);
2343  _SEH2_YIELD(goto Quickie;)
2344  }
2345 
2346  /* Get the pointer to the export directory */
2347  ExportDir = RtlImageDirectoryEntryToData(LdrEntry->DllBase,
2348  TRUE,
2350  &ExportDirSize);
2351 
2352  if (!ExportDir)
2353  {
2354  DPRINT1("Image %wZ has no exports, but were trying to get procedure %Z. BaseAddress asked 0x%p, got entry BA 0x%p\n",
2355  &LdrEntry->BaseDllName, Name, BaseAddress, LdrEntry->DllBase);
2357  _SEH2_YIELD(goto Quickie;)
2358  }
2359 
2360  /* Now get the thunk */
2361  Status = LdrpSnapThunk(LdrEntry->DllBase,
2362  ImageBase,
2363  &Thunk,
2364  &Thunk,
2365  ExportDir,
2366  ExportDirSize,
2367  FALSE,
2368  NULL);
2369 
2370  /* Finally, see if we're supposed to run the init routines */
2371  if ((NT_SUCCESS(Status)) && (ExecuteInit))
2372  {
2373  /*
2374  * It's possible a forwarded entry had us load the DLL. In that case,
2375  * then we will call its DllMain. Use the last loaded DLL for this.
2376  */
2377  Entry = NtCurrentPeb()->Ldr->InInitializationOrderModuleList.Blink;
2378  LdrEntry = CONTAINING_RECORD(Entry,
2380  InInitializationOrderLinks);
2381 
2382  /* Make sure we didn't process it yet*/
2383  if (!(LdrEntry->Flags & LDRP_ENTRY_PROCESSED))
2384  {
2385  /* Call the init routine */
2386  _SEH2_TRY
2387  {
2389  }
2391  {
2392  /* Get the exception code */
2394  }
2395  _SEH2_END;
2396  }
2397  }
2398 
2399  /* Make sure we're OK till here */
2400  if (NT_SUCCESS(Status))
2401  {
2402  /* Return the address */
2403  *ProcedureAddress = (PVOID)Thunk.u1.Function;
2404  }
2405  }
2407  {
2408  /* Just ignore exceptions */
2409  }
2410  _SEH2_END;
2411 
2412 Quickie:
2413  /* Cleanup */
2414  if (ImportName && (ImportName != (PIMAGE_IMPORT_BY_NAME)ImportBuffer))
2415  {
2416  /* We allocated from heap, free it */
2417  RtlFreeHeap(RtlGetProcessHeap(), 0, ImportName);
2418  }
2419 
2420  /* Release the CS if we entered it */
2422 
2423  /* We're done */
2424  return Status;
2425 }
#define LDRP_ENTRY_PROCESSED
Definition: ldrtypes.h:44
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
#define DbgPrint
Definition: hal.h:12
struct _Entry Entry
Definition: kefuncs.h:627
#define TRUE
Definition: types.h:120
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
BOOLEAN NTAPI LdrpCheckForLoadedDllHandle(IN PVOID Base, OUT PLDR_DATA_TABLE_ENTRY *LdrEntry)
Definition: ldrutils.c:1621
#define IMAGE_ORDINAL_FLAG
Definition: pedump.c:336
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN ShowSnaps
Definition: ldrinit.c:81
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
union _IMAGE_THUNK_DATA32::@2079 u1
NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
struct _IMAGE_IMPORT_BY_NAME * PIMAGE_IMPORT_BY_NAME
#define UNICODE_STRING_MAX_BYTES
_SEH2_TRY
Definition: create.c:4226
NTSTATUS NTAPI LdrpRunInitializeRoutines(IN PCONTEXT Context OPTIONAL)
Definition: ldrinit.c:637
PVOID DllBase
Definition: btrfs_drv.h:1926
#define FALSE
Definition: types.h:117
#define ANSI_NULL
NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
void * PVOID
Definition: retypes.h:9
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
#define STATUS_NAME_TOO_LONG
Definition: ntstatus.h:498
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
Status
Definition: gdiplustypes.h:24
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
unsigned char UCHAR
Definition: xmlstorage.h:181
#define RtlImageDirectoryEntryToData
Definition: compat.h:668
Definition: btrfs_drv.h:1922
Definition: typedefs.h:119
#define IMAGE_DIRECTORY_ENTRY_EXPORT
Definition: compat.h:151
_SEH2_END
Definition: create.c:4400
#define NtCurrentPeb()
Definition: FLS.c:22
#define STATUS_DLL_NOT_FOUND
Definition: ntstatus.h:545
UNICODE_STRING BaseDllName
Definition: ldrtypes.h:145
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255
#define NULL
Definition: types.h:112
#define STATUS_PROCEDURE_NOT_FOUND
Definition: ntstatus.h:358
#define DPRINT1
Definition: precomp.h:8
NTSTATUS NTAPI LdrpSnapThunk(IN PVOID ExportBase, IN PVOID ImportBase, IN PIMAGE_THUNK_DATA OriginalThunk, IN OUT PIMAGE_THUNK_DATA Thunk, IN PIMAGE_EXPORT_DIRECTORY ExportEntry, IN ULONG ExportSize, IN BOOLEAN Static, IN LPSTR DllName)
Definition: ldrpe.c:950
ULONG Flags
Definition: ntddk_ex.h:207
RTL_CRITICAL_SECTION LdrpLoaderLock
Definition: ldrinit.c:70
unsigned int ULONG
Definition: retypes.h:1
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
#define STATUS_SUCCESS
Definition: shellext.h:65
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
BOOLEAN LdrpInLdrInit
Definition: ldrinit.c:30
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168
#define CHAR(Char)
base of all file and directory entries
Definition: entries.h:82

Referenced by AvrfpResolveThunks(), LdrGetProcedureAddress(), LdrpGetShimEngineFunction(), and LdrpSnapThunk().

◆ LdrpGetResidentSize()

ULONG LdrpGetResidentSize ( PIMAGE_NT_HEADERS  NTHeaders)

◆ LdrpGetShimEngineInterface()

VOID NTAPI LdrpGetShimEngineInterface ( VOID  )

◆ LdrpInitFailure()

VOID NTAPI LdrpInitFailure ( NTSTATUS  Status)

Definition at line 2532 of file ldrinit.c.

2533 {
2534  ULONG Response;
2535  PPEB Peb = NtCurrentPeb();
2536 
2537  /* Print a debug message */
2538  DPRINT1("LDR: Process initialization failure for %wZ; NTSTATUS = %08lx\n",
2540 
2541  /* Raise a hard error */
2543  {
2545  }
2546 }
NTSYSAPI NTSTATUS NTAPI ZwRaiseHardError(_In_ NTSTATUS ErrorStatus, _In_ ULONG NumberOfParameters, _In_ ULONG UnicodeStringParameterMask, _In_ PULONG_PTR Parameters, _In_ ULONG ValidResponseOptions, _Out_ PULONG Response)
PPEB Peb
Definition: dllmain.c:27
#define STATUS_APP_INIT_FAILURE
Definition: ntstatus.h:561
PRTL_USER_PROCESS_PARAMETERS ProcessParameters
Definition: btrfs_drv.h:1959
Status
Definition: gdiplustypes.h:24
Definition: ncftp.h:89
UNICODE_STRING ImagePathName
Definition: btrfs_drv.h:1947
ULONG LdrpFatalHardErrorCount
Definition: ldrinit.c:83
#define NtCurrentPeb()
Definition: FLS.c:22
#define DPRINT1
Definition: precomp.h:8
unsigned int ULONG
Definition: retypes.h:1
struct Response Response
uint32_t * PULONG_PTR
Definition: typedefs.h:65

Referenced by LdrpInit(), and LdrpInitializeProcess().

◆ LdrpInitializeApplicationVerifierPackage()

NTSTATUS NTAPI LdrpInitializeApplicationVerifierPackage ( IN HANDLE  KeyHandle,
IN PPEB  Peb,
IN BOOLEAN  SystemWide,
IN BOOLEAN  ReadAdvancedOptions 
)

◆ LdrpInitializeProcess()

NTSTATUS NTAPI LdrpInitializeProcess ( IN PCONTEXT  Context,
IN PVOID  SystemArgument1 
)

Definition at line 1753 of file ldrinit.c.

1755 {
1756  RTL_HEAP_PARAMETERS HeapParameters;
1757  ULONG ComSectionSize;
1758  ANSI_STRING BaseProcessInitPostImportName = RTL_CONSTANT_STRING("BaseProcessInitPostImport");
1759  ANSI_STRING BaseQueryModuleDataName = RTL_CONSTANT_STRING("BaseQueryModuleData");
1760  PVOID OldShimData;
1762  //UNICODE_STRING LocalFileName, FullImageName;
1763  HANDLE SymLinkHandle;
1764  //ULONG DebugHeapOnly;
1765  UNICODE_STRING CommandLine, NtSystemRoot, ImagePathName, FullPath, ImageFileName, KnownDllString;
1766  PPEB Peb = NtCurrentPeb();
1767  BOOLEAN IsDotNetImage = FALSE;
1768  BOOLEAN FreeCurDir = FALSE;
1769  //HANDLE CompatKey;
1770  PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
1771  //LPWSTR ImagePathBuffer;
1772  ULONG ConfigSize;
1774  HANDLE OptionsKey;
1775  ULONG HeapFlags;
1776  PIMAGE_NT_HEADERS NtHeader;
1777  LPWSTR NtDllName = NULL;
1778  NTSTATUS Status, ImportStatus;
1779  NLSTABLEINFO NlsTable;
1781  PTEB Teb = NtCurrentTeb();
1782  PLIST_ENTRY ListHead;
1783  PLIST_ENTRY NextEntry;
1784  ULONG i;
1785  PWSTR ImagePath;
1786  ULONG DebugProcessHeapOnly = 0;
1787  PLDR_DATA_TABLE_ENTRY NtLdrEntry;
1788  PWCHAR Current;
1789  ULONG ExecuteOptions = 0;
1790  PVOID ViewBase;
1791 
1792  /* Set a NULL SEH Filter */
1794 
1795  /* Get the image path */
1796  ImagePath = Peb->ProcessParameters->ImagePathName.Buffer;
1797 
1798  /* Check if it's not normalized */
1800  {
1801  /* Normalize it*/
1802  ImagePath = (PWSTR)((ULONG_PTR)ImagePath + (ULONG_PTR)Peb->ProcessParameters);
1803  }
1804 
1805  /* Create a unicode string for the Image Path */
1806  ImagePathName.Length = Peb->ProcessParameters->ImagePathName.Length;
1807  ImagePathName.MaximumLength = ImagePathName.Length + sizeof(WCHAR);
1808  ImagePathName.Buffer = ImagePath;
1809 
1810  /* Get the NT Headers */
1811  NtHeader = RtlImageNtHeader(Peb->ImageBaseAddress);
1812 
1813  /* Get the execution options */
1814  Status = LdrpInitializeExecutionOptions(&ImagePathName, Peb, &OptionsKey);
1815 
1816  /* Check if this is a .NET executable */
1818  TRUE,
1820  &ComSectionSize))
1821  {
1822  /* Remember this for later */
1823  IsDotNetImage = TRUE;
1824  }
1825 
1826  /* Save the NTDLL Base address */
1828 
1829  /* If this is a Native Image */
1831  {
1832  /* Then do DLL Validation */
1834  }
1835 
1836  /* Save the old Shim Data */
1837  OldShimData = Peb->pShimData;
1838 
1839  /* ReactOS specific: do not clear it. (Windows starts doing the same in later versions) */
1840  //Peb->pShimData = NULL;
1841 
1842  /* Save the number of processors and CS Timeout */
1845 
1846  /* Normalize the parameters */
1847  ProcessParameters = RtlNormalizeProcessParams(Peb->ProcessParameters);
1848  if (ProcessParameters)
1849  {
1850  /* Save the Image and Command Line Names */
1851  ImageFileName = ProcessParameters->ImagePathName;
1852  CommandLine = ProcessParameters->CommandLine;
1853  }
1854  else
1855  {
1856  /* It failed, initialize empty strings */
1857  RtlInitUnicodeString(&ImageFileName, NULL);
1858  RtlInitUnicodeString(&CommandLine, NULL);
1859  }
1860 
1861  /* Initialize NLS data */
1865  &NlsTable);
1866 
1867  /* Reset NLS Translations */
1868  RtlResetRtlTranslations(&NlsTable);
1869 
1870  /* Get the Image Config Directory */
1872  TRUE,
1874  &ConfigSize);
1875 
1876  /* Setup the Heap Parameters */
1877  RtlZeroMemory(&HeapParameters, sizeof(HeapParameters));
1878  HeapFlags = HEAP_GROWABLE;
1879  HeapParameters.Length = sizeof(HeapParameters);
1880 
1881  /* Check if we have Configuration Data */
1882 #define VALID_CONFIG_FIELD(Name) (ConfigSize >= (FIELD_OFFSET(IMAGE_LOAD_CONFIG_DIRECTORY, Name) + sizeof(LoadConfig->Name)))
1883  /* The 'original' load config ends after SecurityCookie */
1884  if ((LoadConfig) && ConfigSize && (VALID_CONFIG_FIELD(SecurityCookie) || ConfigSize == LoadConfig->Size))
1885  {
1886  if (ConfigSize != sizeof(IMAGE_LOAD_CONFIG_DIRECTORY))
1887  DPRINT1("WARN: Accepting different LOAD_CONFIG size!\n");
1888  else
1889  DPRINT1("Applying LOAD_CONFIG\n");
1890 
1891  if (VALID_CONFIG_FIELD(GlobalFlagsSet) && LoadConfig->GlobalFlagsSet)
1892  Peb->NtGlobalFlag |= LoadConfig->GlobalFlagsSet;
1893 
1894  if (VALID_CONFIG_FIELD(GlobalFlagsClear) && LoadConfig->GlobalFlagsClear)
1895  Peb->NtGlobalFlag &= ~LoadConfig->GlobalFlagsClear;
1896 
1897  if (VALID_CONFIG_FIELD(CriticalSectionDefaultTimeout) && LoadConfig->CriticalSectionDefaultTimeout)
1898  RtlpTimeout.QuadPart = Int32x32To64(LoadConfig->CriticalSectionDefaultTimeout, -10000000);
1899 
1900  if (VALID_CONFIG_FIELD(DeCommitFreeBlockThreshold) && LoadConfig->DeCommitFreeBlockThreshold)
1901  HeapParameters.DeCommitFreeBlockThreshold = LoadConfig->DeCommitFreeBlockThreshold;
1902 
1903  if (VALID_CONFIG_FIELD(DeCommitTotalFreeThreshold) && LoadConfig->DeCommitTotalFreeThreshold)
1904  HeapParameters.DeCommitTotalFreeThreshold = LoadConfig->DeCommitTotalFreeThreshold;
1905 
1906  if (VALID_CONFIG_FIELD(MaximumAllocationSize) && LoadConfig->MaximumAllocationSize)
1907  HeapParameters.MaximumAllocationSize = LoadConfig->MaximumAllocationSize;
1908 
1909  if (VALID_CONFIG_FIELD(VirtualMemoryThreshold) && LoadConfig->VirtualMemoryThreshold)
1910  HeapParameters.VirtualMemoryThreshold = LoadConfig->VirtualMemoryThreshold;
1911 
1912  if (VALID_CONFIG_FIELD(ProcessHeapFlags) && LoadConfig->ProcessHeapFlags)
1913  HeapFlags = LoadConfig->ProcessHeapFlags;
1914  }
1915 #undef VALID_CONFIG_FIELD
1916 
1917  /* Check for custom affinity mask */
1919  {
1920  /* Set it */
1924  sizeof(Peb->ImageProcessAffinityMask));
1925  }
1926 
1927  /* Check if verbose debugging (ShowSnaps) was requested */
1929 
1930  /* Start verbose debugging messages right now if they were requested */
1931  if (ShowSnaps)
1932  {
1933  DPRINT1("LDR: PID: 0x%p started - '%wZ'\n",
1934  Teb->ClientId.UniqueProcess,
1935  &CommandLine);
1936  }
1937 
1938  /* If the timeout is too long */
1939  if (RtlpTimeout.QuadPart < Int32x32To64(3600, -10000000))
1940  {
1941  /* Then disable CS Timeout */
1943  }
1944 
1945  /* Initialize Critical Section Data */
1947 
1948  /* Initialize VEH Call lists */
1950 
1951  /* Set TLS/FLS Bitmap data */
1952  Peb->FlsBitmap = &FlsBitMap;
1953  Peb->TlsBitmap = &TlsBitMap;
1955 
1956  /* Initialize FLS Bitmap */
1958  Peb->FlsBitmapBits,
1960  RtlSetBit(&FlsBitMap, 0);
1962 
1963  /* Initialize TLS Bitmap */
1965  Peb->TlsBitmapBits,
1967  RtlSetBit(&TlsBitMap, 0);
1972 
1973  /* Initialize the Hash Table */
1974  for (i = 0; i < LDR_HASH_TABLE_ENTRIES; i++)
1975  {
1977  }
1978 
1979  /* Initialize the Loader Lock */
1980  // FIXME: What's the point of initing it manually, if two lines lower
1981  // a call to RtlInitializeCriticalSection() is being made anyway?
1982  //InsertTailList(&RtlCriticalSectionList, &LdrpLoaderLock.DebugInfo->ProcessLocksList);
1983  //LdrpLoaderLock.DebugInfo->CriticalSection = &LdrpLoaderLock;
1986 
1987  /* Check if User Stack Trace Database support was requested */
1989  {
1990  DPRINT1("We don't support user stack trace databases yet\n");
1991  }
1992 
1993  /* Setup Fast PEB Lock */
1996  //Peb->FastPebLockRoutine = (PPEBLOCKROUTINE)RtlEnterCriticalSection;
1997  //Peb->FastPebUnlockRoutine = (PPEBLOCKROUTINE)RtlLeaveCriticalSection;
1998 
1999  /* Setup Callout Lock and Notification list */
2000  //RtlInitializeCriticalSection(&RtlpCalloutEntryLock);
2002 
2003  /* For old executables, use 16-byte aligned heap */
2004  if ((NtHeader->OptionalHeader.MajorSubsystemVersion <= 3) &&
2005  (NtHeader->OptionalHeader.MinorSubsystemVersion < 51))
2006  {
2007  HeapFlags |= HEAP_CREATE_ALIGN_16;
2008  }
2009 
2010  /* Setup the Heap */
2012  Peb->ProcessHeap = RtlCreateHeap(HeapFlags,
2013  NULL,
2015  NtHeader->OptionalHeader.SizeOfHeapCommit,
2016  NULL,
2017  &HeapParameters);
2018 
2019  if (!Peb->ProcessHeap)
2020  {
2021  DPRINT1("Failed to create process heap\n");
2022  return STATUS_NO_MEMORY;
2023  }
2024 
2025  /* Allocate an Activation Context Stack */
2027  if (!NT_SUCCESS(Status)) return Status;
2028 
2029  RtlZeroMemory(&HeapParameters, sizeof(HeapParameters));
2030  HeapFlags = HEAP_GROWABLE | HEAP_CLASS_1;
2031  HeapParameters.Length = sizeof(HeapParameters);
2032  LdrpHeap = RtlCreateHeap(HeapFlags, 0, 0x10000, 0x6000, 0, &HeapParameters);
2033  if (!LdrpHeap)
2034  {
2035  DPRINT1("Failed to create loader private heap\n");
2036  return STATUS_NO_MEMORY;
2037  }
2038 
2039  /* Check for Debug Heap */
2040  if (OptionsKey)
2041  {
2042  /* Query the setting */
2043  Status = LdrQueryImageFileKeyOption(OptionsKey,
2044  L"DebugProcessHeapOnly",
2045  REG_DWORD,
2046  &DebugProcessHeapOnly,
2047  sizeof(ULONG),
2048  NULL);
2049 
2050  if (NT_SUCCESS(Status))
2051  {
2052  /* Reset DPH if requested */
2053  if (RtlpPageHeapEnabled && DebugProcessHeapOnly)
2054  {
2057  }
2058  }
2059  }
2060 
2061  /* Build the NTDLL Path */
2062  FullPath.Buffer = StringBuffer;
2063  FullPath.Length = 0;
2064  FullPath.MaximumLength = sizeof(StringBuffer);
2067  RtlAppendUnicodeToString(&FullPath, L"\\System32\\");
2068 
2069  /* Open the Known DLLs directory */
2070  RtlInitUnicodeString(&KnownDllString, L"\\KnownDlls");
2072  &KnownDllString,
2074  NULL,
2075  NULL);
2078  &ObjectAttributes);
2079 
2080  /* Check if it exists */
2081  if (NT_SUCCESS(Status))
2082  {
2083  /* Open the Known DLLs Path */
2084  RtlInitUnicodeString(&KnownDllString, L"KnownDllPath");
2086  &KnownDllString,
2089  NULL);
2090  Status = NtOpenSymbolicLinkObject(&SymLinkHandle,
2092  &ObjectAttributes);
2093  if (NT_SUCCESS(Status))
2094  {
2095  /* Query the path */
2099  Status = ZwQuerySymbolicLinkObject(SymLinkHandle, &LdrpKnownDllPath, NULL);
2100  NtClose(SymLinkHandle);
2101  if (!NT_SUCCESS(Status))
2102  {
2103  DPRINT1("LDR: %s - failed call to ZwQuerySymbolicLinkObject with status %x\n", "", Status);
2104  return Status;
2105  }
2106  }
2107  }
2108 
2109  /* Check if we failed */
2110  if (!NT_SUCCESS(Status))
2111  {
2112  /* Assume System32 */
2115  LdrpKnownDllPath.Length -= sizeof(WCHAR);
2116  }
2117 
2118  /* If we have process parameters, get the default path and current path */
2119  if (ProcessParameters)
2120  {
2121  /* Check if we have a Dll Path */
2122  if (ProcessParameters->DllPath.Length)
2123  {
2124  /* Get the path */
2125  LdrpDefaultPath = *(PUNICODE_STRING)&ProcessParameters->DllPath;
2126  }
2127  else
2128  {
2129  /* We need a valid path */
2130  DPRINT1("No valid DllPath was given!\n");
2132  }
2133 
2134  /* Set the current directory */
2135  CurrentDirectory = ProcessParameters->CurrentDirectory.DosPath;
2136 
2137  /* Check if it's empty or invalid */
2138  if ((!CurrentDirectory.Buffer) ||
2139  (CurrentDirectory.Buffer[0] == UNICODE_NULL) ||
2140  (!CurrentDirectory.Length))
2141  {
2142  /* Allocate space for the buffer */
2144  0,
2145  3 * sizeof(WCHAR) +
2146  sizeof(UNICODE_NULL));
2147  if (!CurrentDirectory.Buffer)
2148  {
2149  DPRINT1("LDR: LdrpInitializeProcess - unable to allocate current working directory buffer\n");
2150  // FIXME: And what?
2151  }
2152 
2153  /* Copy the drive of the system root */
2155  SharedUserData->NtSystemRoot,
2156  3 * sizeof(WCHAR));
2157  CurrentDirectory.Buffer[3] = UNICODE_NULL;
2158  CurrentDirectory.Length = 3 * sizeof(WCHAR);
2159  CurrentDirectory.MaximumLength = CurrentDirectory.Length + sizeof(WCHAR);
2160 
2161  FreeCurDir = TRUE;
2162  DPRINT("Using dynamically allocd curdir\n");
2163  }
2164  else
2165  {
2166  /* Use the local buffer */
2167  DPRINT("Using local system root\n");
2168  }
2169  }
2170 
2171  /* Setup Loader Data */
2172  Peb->Ldr = &PebLdr;
2176  PebLdr.Length = sizeof(PEB_LDR_DATA);
2178 
2179  /* Allocate a data entry for the Image */
2181 
2182  /* Set it up */
2184  LdrpImageEntry->LoadCount = -1;
2186  LdrpImageEntry->FullDllName = ImageFileName;
2187 
2188  if (IsDotNetImage)
2190  else
2191  LdrpImageEntry->Flags = 0;
2192 
2193  /* Check if the name is empty */
2194  if (!ImageFileName.Buffer[0])
2195  {
2196  /* Use the same Base name */
2198  }
2199  else
2200  {
2201  /* Find the last slash */
2202  Current = ImageFileName.Buffer;
2203  while (*Current)
2204  {
2205  if (*Current++ == '\\')
2206  {
2207  /* Set this path */
2208  NtDllName = Current;
2209  }
2210  }
2211 
2212  /* Did we find anything? */
2213  if (!NtDllName)
2214  {
2215  /* Use the same Base name */
2217  }
2218  else
2219  {
2220  /* Setup the name */
2221  LdrpImageEntry->BaseDllName.Length = (USHORT)((ULONG_PTR)ImageFileName.Buffer + ImageFileName.Length - (ULONG_PTR)NtDllName);
2223  LdrpImageEntry->BaseDllName.Buffer = (PWSTR)((ULONG_PTR)ImageFileName.Buffer +
2224  (ImageFileName.Length - LdrpImageEntry->BaseDllName.Length));
2225  }
2226  }
2227 
2228  /* Processing done, insert it */
2231 
2232  /* Now add an entry for NTDLL */
2234  NtLdrEntry->Flags = LDRP_IMAGE_DLL;
2235  NtLdrEntry->EntryPoint = LdrpFetchAddressOfEntryPoint(NtLdrEntry->DllBase);
2236  NtLdrEntry->LoadCount = -1;
2237  NtLdrEntry->EntryPointActivationContext = 0;
2238 
2239  NtLdrEntry->FullDllName.Length = FullPath.Length;
2240  NtLdrEntry->FullDllName.MaximumLength = FullPath.MaximumLength;
2241  NtLdrEntry->FullDllName.Buffer = StringBuffer;
2243 
2244  NtLdrEntry->BaseDllName.Length = NtDllString.Length;
2246  NtLdrEntry->BaseDllName.Buffer = NtDllString.Buffer;
2247 
2248  /* Processing done, insert it */
2249  LdrpNtDllDataTableEntry = NtLdrEntry;
2250  LdrpInsertMemoryTableEntry(NtLdrEntry);
2251 
2252  /* Let the world know */
2253  if (ShowSnaps)
2254  {
2255  DPRINT1("LDR: NEW PROCESS\n");
2256  DPRINT1(" Image Path: %wZ (%wZ)\n", &LdrpImageEntry->FullDllName, &LdrpImageEntry->BaseDllName);
2257  DPRINT1(" Current Directory: %wZ\n", &CurrentDirectory);
2258  DPRINT1(" Search Path: %wZ\n", &LdrpDefaultPath);
2259  }
2260 
2261  /* Link the Init Order List */
2264 
2265  /* Initialize Wine's active context implementation for the current process */
2266  actctx_init(&OldShimData);
2267 
2268  /* Set the current directory */
2270  if (!NT_SUCCESS(Status))
2271  {
2272  /* We failed, check if we should free it */
2273  if (FreeCurDir) RtlFreeUnicodeString(&CurrentDirectory);
2274 
2275  /* Set it to the NT Root */
2278  }
2279  else
2280  {
2281  /* We're done with it, free it */
2282  if (FreeCurDir) RtlFreeUnicodeString(&CurrentDirectory);
2283  }
2284 
2285  /* Check if we should look for a .local file */
2286  if (ProcessParameters && !(ProcessParameters->Flags & RTL_USER_PROCESS_PARAMETERS_LOCAL_DLL_PATH))
2287  {
2288  LdrpInitializeDotLocalSupport(ProcessParameters);
2289  }
2290 
2291  /* Check if the Application Verifier was enabled */
2293  {
2295  if (!NT_SUCCESS(Status))
2296  {
2297  DPRINT1("LDR: AVrfInitializeVerifier failed (ntstatus 0x%x)\n", Status);
2298  return Status;
2299  }
2300 
2301  }
2302 
2303  if (IsDotNetImage)
2304  {
2305  /* FIXME */
2306  DPRINT1("We don't support .NET applications yet\n");
2307  }
2308 
2311  {
2312  PVOID Kernel32BaseAddress;
2313  PVOID FunctionAddress;
2314 
2315  Status = LdrLoadDll(NULL, NULL, &Kernel32String, &Kernel32BaseAddress);
2316 
2317  if (!NT_SUCCESS(Status))
2318  {
2319  if (ShowSnaps)
2320  DPRINT1("LDR: Unable to load %wZ, Status=0x%08lx\n", &Kernel32String, Status);
2321  return Status;
2322  }
2323 
2324  Status = LdrGetProcedureAddress(Kernel32BaseAddress,
2325  &BaseProcessInitPostImportName,
2326  0,
2327  &FunctionAddress);
2328 
2329  if (!NT_SUCCESS(Status))
2330  {
2331  if (ShowSnaps)
2332  DPRINT1("LDR: Unable to find post-import process init function, Status=0x%08lx\n", &Kernel32String, Status);
2333  return Status;
2334  }
2335  Kernel32ProcessInitPostImportFunction = FunctionAddress;
2336 
2337  Status = LdrGetProcedureAddress(Kernel32BaseAddress,
2338  &BaseQueryModuleDataName,
2339  0,
2340  &FunctionAddress);
2341 
2342  if (!NT_SUCCESS(Status))
2343  {
2344  if (ShowSnaps)
2345  DPRINT1("LDR: Unable to find BaseQueryModuleData, Status=0x%08lx\n", &Kernel32String, Status);
2346  return Status;
2347  }
2348  Kernel32BaseQueryModuleData = FunctionAddress;
2349  }
2350 
2351  /* Walk the IAT and load all the DLLs */
2353 
2354  /* Check if relocation is needed */
2355  if (Peb->ImageBaseAddress != (PVOID)NtHeader->OptionalHeader.ImageBase)
2356  {
2357  DPRINT1("LDR: Performing EXE relocation\n");
2358 
2359  /* Change the protection to prepare for relocation */
2360  ViewBase = Peb->ImageBaseAddress;
2361  Status = LdrpSetProtection(ViewBase, FALSE);
2362  if (!NT_SUCCESS(Status)) return Status;
2363 
2364  /* Do the relocation */
2365  Status = LdrRelocateImageWithBias(ViewBase,
2366  0LL,
2367  NULL,
2371  if (!NT_SUCCESS(Status))
2372  {
2373  DPRINT1("LdrRelocateImageWithBias() failed\n");
2374  return Status;
2375  }
2376 
2377  /* Check if a start context was provided */
2378  if (Context)
2379  {
2380  DPRINT1("WARNING: Relocated EXE Context");
2381  UNIMPLEMENTED; // We should support this
2383  }
2384 
2385  /* Restore the protection */
2386  Status = LdrpSetProtection(ViewBase, TRUE);
2387  if (!NT_SUCCESS(Status)) return Status;
2388  }
2389 
2390  /* Lock the DLLs */
2391  ListHead = &Peb->Ldr->InLoadOrderModuleList;
2392  NextEntry = ListHead->Flink;
2393  while (ListHead != NextEntry)
2394  {
2395  NtLdrEntry = CONTAINING_RECORD(NextEntry, LDR_DATA_TABLE_ENTRY, InLoadOrderLinks);
2396  NtLdrEntry->LoadCount = -1;
2397  NextEntry = NextEntry->Flink;
2398  }
2399 
2400  /* Phase 0 is done */
2402 
2403  /* Check whether all static imports were properly loaded and return here */
2404  if (!NT_SUCCESS(ImportStatus)) return ImportStatus;
2405 
2406  /* Initialize TLS */
2408  if (!NT_SUCCESS(Status))
2409  {
2410  DPRINT1("LDR: LdrpProcessInitialization failed to initialize TLS slots; status %x\n",
2411  Status);
2412  return Status;
2413  }
2414 
2415  /* FIXME Mark the DLL Ranges for Stack Traces later */
2416 
2417  /* Notify the debugger now */
2418  if (Peb->BeingDebugged)
2419  {
2420  /* Break */
2421  DbgBreakPoint();
2422 
2423  /* Update show snaps again */
2425  }
2426 
2427  /* Validate the Image for MP Usage */
2429 
2430  /* Check NX Options */
2431  if (SharedUserData->NXSupportPolicy == 1)
2432  {
2433  ExecuteOptions = 0xD;
2434  }
2435  else if (!SharedUserData->NXSupportPolicy)
2436  {
2437  ExecuteOptions = 0xA;
2438  }
2439 
2440  /* Let Mm know */
2443  &ExecuteOptions,
2444  sizeof(ULONG));
2445 
2446  // FIXME: Should be done by Application Compatibility features,
2447  // by reading the registry, etc...
2448  // For now, this is the old code from ntdll!RtlGetVersion().
2449  RtlInitEmptyUnicodeString(&Peb->CSDVersion, NULL, 0);
2450  if (((Peb->OSCSDVersion >> 8) & 0xFF) != 0)
2451  {
2452  WCHAR szCSDVersion[128];
2453  LONG i;
2454  USHORT Length = (USHORT)ARRAYSIZE(szCSDVersion) - 1;
2455  i = _snwprintf(szCSDVersion, Length,
2456  L"Service Pack %d",
2457  ((Peb->OSCSDVersion >> 8) & 0xFF));
2458  if (i < 0)
2459  {
2460  /* Null-terminate if it was overflowed */
2461  szCSDVersion[Length] = UNICODE_NULL;
2462  }
2463 
2464  Length *= sizeof(WCHAR);
2465  Peb->CSDVersion.Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
2466  0,
2467  Length + sizeof(UNICODE_NULL));
2468  if (Peb->CSDVersion.Buffer)
2469  {
2472 
2474  szCSDVersion,
2477  }
2478  }
2479 
2480  /* Check if we had Shim Data */
2481  if (OldShimData)
2482  {
2483  /* Load the Shim Engine */
2484  Peb->AppCompatInfo = NULL;
2485  LdrpLoadShimEngine(OldShimData, &ImagePathName, OldShimData);
2486  }
2487  else
2488  {
2489  /* Check for Application Compatibility Goo */
2490  //LdrQueryApplicationCompatibilityGoo(hKey);
2491  DPRINT("Querying app compat hacks is missing!\n");
2492  }
2493 
2494  /*
2495  * FIXME: Check for special images, SecuROM, SafeDisc and other NX-
2496  * incompatible images.
2497  */
2498 
2499  /* Now call the Init Routines */
2501  if (!NT_SUCCESS(Status))
2502  {
2503  DPRINT1("LDR: LdrpProcessInitialization failed running initialization routines; status %x\n",
2504  Status);
2505  return Status;
2506  }
2507 
2508  /* Notify Shim Engine */
2509  if (g_ShimsEnabled)
2510  {
2513  SE_InstallAfterInit(&ImagePathName, OldShimData);
2514  }
2515 
2516  /* Check if we have a user-defined Post Process Routine */
2518  {
2519  /* Call it */
2521  }
2522 
2523  /* Close the key if we have one opened */
2524  if (OptionsKey) NtClose(OptionsKey);
2525 
2526  /* Return status */
2527  return Status;
2528 }
PRTL_BITMAP TlsExpansionBitmap
Definition: winternl.h:346
BOOLEAN Initialized
Definition: ntddk_ex.h:222
#define LDRP_ENTRY_PROCESSED
Definition: ldrtypes.h:44
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:35
BOOLEAN LdrpDllValidation
Definition: ldrinit.c:37
#define HEAP_CLASS_1
Definition: nt_native.h:1711
NTSTATUS NTAPI LdrQueryImageFileKeyOption(IN HANDLE KeyHandle, IN PCWSTR ValueName, IN ULONG Type, OUT PVOID Buffer, IN ULONG BufferSize, OUT PULONG ReturnedLength OPTIONAL)
Definition: ldrinit.c:184
NTSYSAPI VOID NTAPI RtlResetRtlTranslations(_In_ PNLSTABLEINFO NlsTable)
BOOLEAN g_ShimsEnabled
Definition: ldrutils.c:21
#define HEAP_CREATE_ALIGN_16
Definition: nt_native.h:1701
#define LL
Definition: tui.h:84
PPEB Peb
Definition: dllmain.c:27
NTSTATUS NTAPI LdrpWalkImportDescriptor(IN LPWSTR DllPath OPTIONAL, IN PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: ldrpe.c:670
UNICODE_STRING Kernel32String
Definition: ldrinit.c:27
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
RTL_BITMAP FlsBitMap
Definition: ldrinit.c:51
LIST_ENTRY InInitializationOrderModuleList
Definition: ldrtypes.h:122
UNICODE_STRING LdrpKnownDllPath
Definition: ldrinit.c:63
LARGE_INTEGER RtlpTimeout
Definition: critical.c:24
UNICODE_STRING NtSystemRoot
Definition: init.c:73
RTL_BITMAP TlsExpansionBitMap
Definition: ldrinit.c:50
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
ULONG ImageProcessAffinityMask
Definition: ntddk_ex.h:307
USHORT MaximumLength
Definition: env_spec_w32.h:370
WCHAR CurrentDirectory[1024]
Definition: chkdsk.c:74
LIST_ENTRY InLoadOrderModuleList
Definition: ldrtypes.h:120
#define TRUE
Definition: types.h:120
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
#define TLS_EXPANSION_SLOTS
Definition: pstypes.h:310
uint16_t * PWSTR
Definition: typedefs.h:56
FORCEINLINE VOID InsertHeadList(_Inout_ PLIST_ENTRY ListHead, _Inout_ __drv_aliasesMem PLIST_ENTRY Entry)
Definition: rtlfuncs.h:201
#define IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
Definition: ntimage.h:489
PLDR_DATA_TABLE_ENTRY LdrpNtDllDataTableEntry
Definition: ldrinit.c:44
NTSYSAPI void WINAPI RtlInitializeBitMap(PRTL_BITMAP, PULONG, ULONG)
LONG NTSTATUS
Definition: precomp.h:26
LIST_ENTRY InMemoryOrderModuleList
Definition: btrfs_drv.h:1941
NTSYSAPI VOID NTAPI RtlSetBit(_In_ PRTL_BITMAP BitMapHeader, _In_range_(<, BitMapHeader->SizeOfBitMap) ULONG BitNumber)
Definition: bitmap.c:304
VOID NTAPI SE_InstallAfterInit(PUNICODE_STRING ProcessImage, PVOID pShimData)
Definition: shimeng.c:1422
NTSYSAPI NTSTATUS NTAPI ZwOpenDirectoryObject(_Out_ PHANDLE FileHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes)
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
PVOID ImageBaseAddress
Definition: ntddk_ex.h:245
BYTE BeingDebugged
Definition: btrfs_drv.h:1955
void actctx_init(PVOID *pOldShimData)
Definition: actctx.c:5075
uint16_t * PWCHAR
Definition: typedefs.h:56
PRTL_USER_PROCESS_PARAMETERS ProcessParameters
Definition: btrfs_drv.h:1959
HANDLE LdrpKnownDllObjectDirectory
Definition: ldrinit.c:62
ULONG DeCommitFreeBlockThreshold
Definition: nt_native.h:1670
HANDLE UniqueProcess
Definition: compat.h:684
BOOLEAN RtlpPageHeapEnabled
Definition: heappage.c:106
#define RtlMoveMemory(Destination, Source, Length)
Definition: typedefs.h:264
ULONG FlsBitmapBits[4]
Definition: winternl.h:362
uint32_t ULONG_PTR
Definition: typedefs.h:65
NTSYSAPI PRTL_USER_PROCESS_PARAMETERS NTAPI RtlNormalizeProcessParams(_In_ PRTL_USER_PROCESS_PARAMETERS ProcessParameters)
VOID NTAPI LdrpInitializeDotLocalSupport(PRTL_USER_PROCESS_PARAMETERS ProcessParameters)
Definition: ldrinit.c:1692
CLIENT_ID ClientId
Definition: compat.h:698
PVOID DllBase
Definition: btrfs_drv.h:1926
PVOID NtDllBase
Definition: ldrinit.c:56
ULONG NtGlobalFlag
Definition: ntddk_ex.h:270
#define IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Definition: compat.h:153
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
#define FALSE
Definition: types.h:117
#define UNICODE_NULL
VOID NTAPI DbgBreakPoint(VOID)
NTSTATUS NTAPI LdrpInitializeTls(VOID)
Definition: ldrinit.c:1254
BOOLEAN LdrpLoaderLockInit
Definition: ldrinit.c:32
BOOLEAN ShowSnaps
Definition: ldrinit.c:81
long LONG
Definition: pedump.c:60
VOID NTAPI RtlpInitDeferedCriticalSection(VOID)
Definition: critical.c:266
PVOID EntryPoint
Definition: ntddk_ex.h:203
LIST_ENTRY LdrpHashTable[LDR_HASH_TABLE_ENTRIES]
Definition: ldrinit.c:60
NTSTATUS NTAPI LdrGetProcedureAddress(IN PVOID BaseAddress, IN PANSI_STRING Name, IN ULONG Ordinal, OUT PVOID *ProcedureAddress)
Definition: ldrapi.c:823
WCHAR LdrpKnownDllPathBuffer[128]
Definition: ldrinit.c:64
#define IMAGE_SUBSYSTEM_WINDOWS_CUI
Definition: ntimage.h:438
unsigned char BOOLEAN
ULONG RtlpDphGlobalFlags
Definition: heappage.c:107
PVOID NTAPI LdrpFetchAddressOfEntryPoint(PVOID ImageBase)
int _snwprintf(wchar_t *buffer, size_t count, const wchar_t *format,...)
#define IMAGE_SUBSYSTEM_NATIVE
Definition: ntimage.h:436
#define FLG_APPLICATION_VERIFIER
Definition: pstypes.h:64
PVOID NTAPI RtlDecodeSystemPointer(IN PVOID Pointer)
Definition: process.c:439
void * PVOID
Definition: retypes.h:9
RTL_BITMAP TlsBitMap
Definition: ldrinit.c:49
ULONG Length
Definition: ntddk_ex.h:221
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
PVOID LdrpHeap
Definition: ldrinit.c:59
ULONG TlsExpansionBitmapBits[32]
Definition: winternl.h:347
#define NtCurrentProcess()
Definition: nt_native.h:1657
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
LIST_ENTRY FlsListHead
Definition: winternl.h:360
#define DIRECTORY_TRAVERSE
Definition: nt_native.h:1255
VOID NTAPI LdrpInitFailure(NTSTATUS Status)
Definition: ldrinit.c:2532
RTL_CRITICAL_SECTION LdrpLoaderLock
Definition: ldrinit.c:70
Status
Definition: gdiplustypes.h:24
_In_opt_ PVOID _In_opt_ PVOID SystemArgument1
Definition: ketypes.h:675
NTSTATUS RtlAppendUnicodeToString(IN PUNICODE_STRING Str1, IN PWSTR Str2)
Definition: string_lib.cpp:62
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
NTSYSAPI VOID NTAPI RtlInitNlsTables(_In_ PUSHORT AnsiTableBase, _In_ PUSHORT OemTableBase, _In_ PUSHORT CaseTableBase, _Out_ PNLSTABLEINFO NlsTable)
UNICODE_STRING NtDllString
Definition: ldrinit.c:26
ULONG VirtualMemoryThreshold
Definition: nt_native.h:1673
BOOLEAN RtlpTimeoutDisable
Definition: ldrinit.c:58
#define STATUS_INVALID_IMAGE_FORMAT
Definition: ntstatus.h:359
VOID NTAPI LdrpLoadShimEngine(IN PWSTR ImageName, IN PUNICODE_STRING ProcessImage, IN PVOID pShimData)
Definition: ldrutils.c:2771
__wchar_t WCHAR
Definition: xmlstorage.h:180
NTSYSAPI NTSTATUS NTAPI RtlInitializeCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
PEB_LDR_DATA PebLdr
Definition: ldrinit.c:67
PPS_POST_PROCESS_INIT_ROUTINE PostProcessInitRoutine
Definition: btrfs_drv.h:1962
#define HEAP_GROWABLE
Definition: nt_native.h:1693
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
static VOID LoadConfig(HWND hwndDlg, PPOWER_SCHEMES_PAGE_DATA pPageData, PPOWER_SCHEME pScheme)
Definition: powershemes.c:237
LARGE_INTEGER CriticalSectionTimeout
Definition: ntddk_ex.h:274
PLDR_DATA_TABLE_ENTRY LdrpImageEntry
Definition: ldrinit.c:39
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
BOOLEAN LdrpLdrDatabaseIsSetup
Definition: ldrinit.c:33
PVOID g_pfnSE_InstallAfterInit
Definition: ldrutils.c:26
#define SharedUserData
UNICODE_STRING ImagePathName
Definition: btrfs_drv.h:1947
static const WCHAR L[]
Definition: oid.c:1250
#define RtlImageDirectoryEntryToData
Definition: compat.h:668
PVOID TlsBitmap
Definition: ntddk_ex.h:259
#define VOID
Definition: acefi.h:82
Definition: btrfs_drv.h:1922
NTSTATUS NTAPI DECLSPEC_HOTPATCH LdrLoadDll(IN PWSTR SearchPath OPTIONAL, IN PULONG DllCharacteristics OPTIONAL, IN PUNICODE_STRING DllName, OUT PVOID *BaseAddress)
Definition: ldrapi.c:310
NTSYSAPI PVOID NTAPI RtlCreateHeap(IN ULONG Flags, IN PVOID HeapBase OPTIONAL, IN ULONG ReserveSize OPTIONAL, IN ULONG CommitSize OPTIONAL, IN PVOID Lock OPTIONAL, IN PRTL_HEAP_PARAMETERS Parameters OPTIONAL)
Definition: typedefs.h:119
UNICODE_STRING CommandLine
Definition: btrfs_drv.h:1948
PVOID UnicodeCaseTableData
Definition: ntddk_ex.h:266
VOID NTAPI LdrpValidateImageForMp(IN PLDR_DATA_TABLE_ENTRY LdrDataTableEntry)
Definition: ldrinit.c:1535
IMAGE_OPTIONAL_HEADER32 OptionalHeader
Definition: ntddk_ex.h:184
#define VALID_CONFIG_FIELD(Name)
#define LDR_HASH_TABLE_ENTRIES
Definition: ntdllp.h:11
PVOID AppCompatInfo
Definition: winternl.h:352
VOID NTAPI LdrpInsertMemoryTableEntry(IN PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: ldrutils.c:1582
ULONG LdrpNumberOfProcessors
Definition: ldrinit.c:55
NTSTATUS NTAPI AVrfInitializeVerifier(VOID)
Definition: verifier.c:612
VOID NTAPI RtlInitializeHeapManager(VOID)
Definition: libsupp.c:250
LIST_ENTRY LdrpDllNotificationList
Definition: ldrinit.c:61
Definition: compat.h:694
#define LDRP_COR_IMAGE
Definition: ldrtypes.h:52
VOID NTAPI RtlpInitializeVectoredExceptionHandling(VOID)
Definition: vectoreh.c:30
NTSYSAPI ULONG NTAPI LdrRelocateImageWithBias(_In_ PVOID NewAddress, _In_ LONGLONG AdditionalBias, _In_ PCCH LoaderName, _In_ ULONG Success, _In_ ULONG Conflict, _In_ ULONG Invalid)
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
Definition: psfuncs.h:420
NTSTATUS NTAPI NtSetInformationProcess(IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, IN PVOID ProcessInformation, IN ULONG ProcessInformationLength)
Definition: query.c:1105
NTSTATUS NTAPI LdrpSetProtection(PVOID ViewBase, BOOLEAN Restore)
Definition: ldrutils.c:947
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define FLS_MAXIMUM_AVAILABLE
Definition: winnt_old.h:1104
UNICODE_STRING LdrpDefaultPath
Definition: ldrinit.c:65
#define NtCurrentPeb()
Definition: FLS.c:22
PVOID ProcessHeap
Definition: ntddk_ex.h:249
unsigned short USHORT
Definition: pedump.c:61
RTL_CRITICAL_SECTION FastPebLock
Definition: ldrinit.c:79
#define FLG_SHOW_LDR_SNAPS
Definition: pstypes.h:57
PLDR_DATA_TABLE_ENTRY NTAPI LdrpAllocateDataTableEntry(IN PVOID BaseAddress)
Definition: ldrutils.c:1549
PPEB_LDR_DATA Ldr
Definition: btrfs_drv.h:1958
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
UNICODE_STRING FullDllName
Definition: btrfs_drv.h:1928
UNICODE_STRING BaseDllName
Definition: ldrtypes.h:145
NTSTATUS NTAPI LdrpInitializeExecutionOptions(PUNICODE_STRING ImagePathName, PPEB Peb, PHANDLE OptionsKey)
Definition: ldrinit.c:1416
ULONG NumberOfProcessors
Definition: ntddk_ex.h:269
PACTIVATION_CONTEXT EntryPointActivationContext
Definition: ldrtypes.h:163
#define NULL
Definition: types.h:112
ULONG TlsBitmapBits[2]
Definition: ntddk_ex.h:260
UNICODE_STRING * PUNICODE_STRING
Definition: env_spec_w32.h:373
#define DPH_FLAG_DLL_NOTIFY
Definition: ntdllp.h:24
NTSTATUS NTAPI LdrpRunInitializeRoutines(IN PCONTEXT Context OPTIONAL)
Definition: ldrinit.c:637
#define DPRINT1
Definition: precomp.h:8
#define RtlImageNtHeader
Definition: compat.h:665
UNICODE_STRING DosPath
Definition: rtltypes.h:1366
PVOID OemCodePageData
Definition: ntddk_ex.h:265
NTSYSAPI NTSTATUS NTAPI RtlSetCurrentDirectory_U(_In_ PUNICODE_STRING name)
#define LDRP_IMAGE_DLL
Definition: ldrtypes.h:39
NTSTATUS NTAPI RtlAllocateActivationContextStack(IN PACTIVATION_CONTEXT_STACK *Stack)
Definition: actctx.c:5906
PRTL_BITMAP FlsBitmap
Definition: winternl.h:361
ULONG Flags
Definition: ntddk_ex.h:207
unsigned int ULONG
Definition: retypes.h:1
#define SYMBOLIC_LINK_QUERY
Definition: nt_native.h:1265
#define DIRECTORY_QUERY
Definition: nt_native.h:1254
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define UNIMPLEMENTED
Definition: debug.h:115
struct _PEB_LDR_DATA PEB_LDR_DATA
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
#define ULONG_PTR
Definition: config.h:101
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
PVOID FastPebLock
Definition: ntddk_ex.h:250
UNICODE_STRING CSDVersion
Definition: winternl.h:353
#define FLG_USER_STACK_TRACE_DB
Definition: pstypes.h:67
#define RTL_USER_PROCESS_PARAMETERS_NORMALIZED
Definition: rtltypes.h:41
PVOID ActivationContextStackPointer
Definition: compat.h:713
#define STATUS_SUCCESS
Definition: shellext.h:65
#define DPRINT
Definition: sndvol32.h:71
WCHAR * LPWSTR
Definition: xmlstorage.h:184
#define RTL_USER_PROCESS_PARAMETERS_LOCAL_DLL_PATH
Definition: rtltypes.h:53
#define STATUS_CONFLICTING_ADDRESSES
Definition: ntstatus.h:261
#define REG_DWORD
Definition: sdbapi.c:596
WCHAR StringBuffer[156]
Definition: ldrinit.c:41
ULONG DeCommitTotalFreeThreshold
Definition: nt_native.h:1671
PVOID AnsiCodePageData
Definition: ntddk_ex.h:264
VOID NTAPI RtlSetUnhandledExceptionFilter(IN PRTLP_UNHANDLED_EXCEPTION_FILTER TopLevelExceptionFilter)
Definition: exception.c:341
LIST_ENTRY InInitializationOrderLinks
Definition: ldrtypes.h:140
#define Int32x32To64(a, b)
USHORT LoadCount
Definition: ntddk_ex.h:208
LONGLONG QuadPart
Definition: typedefs.h:114
#define TLS_MINIMUM_AVAILABLE
Definition: ntddk_ex.h:236
#define IMAGE_SUBSYSTEM_WINDOWS_GUI
Definition: ntimage.h:437
#define RTL_CONSTANT_STRING(s)
Definition: tunneltest.c:14
NTSYSAPI NTSTATUS NTAPI ZwSetInformationProcess(_In_ HANDLE ProcessHandle, _In_ PROCESSINFOCLASS ProcessInformationClass, _In_ PVOID ProcessInformation, _In_ ULONG ProcessInformationLength)

Referenced by LdrpInit().

◆ LdrpInitializeThread()

VOID NTAPI LdrpInitializeThread ( IN PCONTEXT  Context)

Definition at line 502 of file ldrinit.c.

503 {
504  PPEB Peb = NtCurrentPeb();
505  PLDR_DATA_TABLE_ENTRY LdrEntry;
506  PLIST_ENTRY NextEntry, ListHead;
507  RTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_EXTENDED ActCtx;
509  PVOID EntryPoint;
510 
511  DPRINT("LdrpInitializeThread() called for %wZ (%p/%p)\n",
513  NtCurrentTeb()->RealClientId.UniqueProcess,
514  NtCurrentTeb()->RealClientId.UniqueThread);
515 
516  /* Allocate an Activation Context Stack */
517  DPRINT("ActivationContextStack %p\n", NtCurrentTeb()->ActivationContextStackPointer);
518  Status = RtlAllocateActivationContextStack(&NtCurrentTeb()->ActivationContextStackPointer);
519  if (!NT_SUCCESS(Status))
520  {
521  DPRINT1("Warning: Unable to allocate ActivationContextStack\n");
522  }
523 
524  /* Make sure we are not shutting down */
525  if (LdrpShutdownInProgress) return;
526 
527  /* Allocate TLS */
528  LdrpAllocateTls();
529 
530  /* Start at the beginning */
531  ListHead = &Peb->Ldr->InMemoryOrderModuleList;
532  NextEntry = ListHead->Flink;
533  while (NextEntry != ListHead)
534  {
535  /* Get the current entry */
536  LdrEntry = CONTAINING_RECORD(NextEntry, LDR_DATA_TABLE_ENTRY, InMemoryOrderLinks);
537 
538  /* Make sure it's not ourselves */
539  if (Peb->ImageBaseAddress != LdrEntry->DllBase)
540  {
541  /* Check if we should call */
542  if (!(LdrEntry->Flags & LDRP_DONT_CALL_FOR_THREADS))
543  {
544  /* Get the entrypoint */
545  EntryPoint = LdrEntry->EntryPoint;
546 
547  /* Check if we are ready to call it */
548  if ((EntryPoint) &&
549  (LdrEntry->Flags & LDRP_PROCESS_ATTACH_CALLED) &&
550  (LdrEntry->Flags & LDRP_IMAGE_DLL))
551  {
552  /* Set up the Act Ctx */
553  ActCtx.Size = sizeof(ActCtx);
554  ActCtx.Format = 1;
556 
557  /* Activate the ActCtx */
559  LdrEntry->EntryPointActivationContext);
560 
561  _SEH2_TRY
562  {
563  /* Check if it has TLS */
564  if (LdrEntry->TlsIndex)
565  {
566  /* Make sure we're not shutting down */
568  {
569  /* Call TLS */
571  }
572  }
573 
574  /* Make sure we're not shutting down */
576  {
577  /* Call the Entrypoint */
578  DPRINT("%wZ - Calling entry point at %p for thread attaching, %p/%p\n",
579  &LdrEntry->BaseDllName, LdrEntry->EntryPoint,
580  NtCurrentTeb()->RealClientId.UniqueProcess,
581  NtCurrentTeb()->RealClientId.UniqueThread);
583  LdrEntry->DllBase,
585  NULL);
586  }
587  }
589  {
590  DPRINT1("WARNING: Exception 0x%x during LdrpCallInitRoutine(DLL_THREAD_ATTACH) for %wZ\n",
591  _SEH2_GetExceptionCode(), &LdrEntry->BaseDllName);
592  }
593  _SEH2_END;
594 
595  /* Deactivate the ActCtx */
597  }
598  }
599  }
600 
601  /* Next entry */
602  NextEntry = NextEntry->Flink;
603  }
604 
605  /* Check for TLS */
607  {
608  /* Set up the Act Ctx */
609  ActCtx.Size = sizeof(ActCtx);
610  ActCtx.Format = 1;
612 
613  /* Activate the ActCtx */
616 
617  _SEH2_TRY
618  {
619  /* Do TLS callbacks */
621  }
623  {
624  /* Do nothing */
625  }
626  _SEH2_END;
627 
628  /* Deactivate the ActCtx */
630  }
631 
632  DPRINT("LdrpInitializeThread() done\n");
633 }
VOID NTAPI LdrpCallTlsInitializers(IN PLDR_DATA_TABLE_ENTRY LdrEntry, IN ULONG Reason)
Definition: ldrutils.c:473
BOOLEAN LdrpShutdownInProgress
Definition: ldrinit.c:34
PPEB Peb
Definition: dllmain.c:27
#define LDRP_DONT_CALL_FOR_THREADS
Definition: ldrtypes.h:48
#define DLL_THREAD_ATTACH
Definition: compat.h:132
LONG NTSTATUS
Definition: precomp.h:26
LIST_ENTRY InMemoryOrderModuleList
Definition: btrfs_drv.h:1941
PVOID ImageBaseAddress
Definition: ntddk_ex.h:245
_SEH2_TRY
Definition: create.c:4226
PVOID DllBase
Definition: btrfs_drv.h:1926
USHORT TlsIndex
Definition: ntddk_ex.h:209
PVOID EntryPoint
Definition: ntddk_ex.h:203
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
Status
Definition: gdiplustypes.h:24
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
PRTL_ACTIVATION_CONTEXT_STACK_FRAME FASTCALL RtlDeactivateActivationContextUnsafeFast(IN PRTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_EXTENDED Frame)
Definition: actctx.c:6011
PLDR_DATA_TABLE_ENTRY LdrpImageEntry
Definition: ldrinit.c:39
_In_ PCWSTR _Out_ PVOID * ActCtx
Definition: ldrtypes.h:247
Definition: btrfs_drv.h:1922
Definition: typedefs.h:119
_SEH2_END
Definition: create.c:4400
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
Definition: psfuncs.h:420
#define NtCurrentPeb()
Definition: FLS.c:22
PPEB_LDR_DATA Ldr
Definition: btrfs_drv.h:1958
UNICODE_STRING BaseDllName
Definition: ldrtypes.h:145
PACTIVATION_CONTEXT EntryPointActivationContext
Definition: ldrtypes.h:163
#define NULL
Definition: types.h:112
#define DPRINT1
Definition: precomp.h:8
PRTL_ACTIVATION_CONTEXT_STACK_FRAME FASTCALL RtlActivateActivationContextUnsafeFast(IN PRTL_CALLER_ALLOCATED_ACTIVATION_CONTEXT_STACK_FRAME_EXTENDED Frame, IN PVOID Context)
Definition: actctx.c:5934
#define LDRP_IMAGE_DLL
Definition: ldrtypes.h:39
NTSTATUS NTAPI LdrpAllocateTls(VOID)
Definition: ldrinit.c:1317
NTSTATUS NTAPI RtlAllocateActivationContextStack(IN PACTIVATION_CONTEXT_STACK *Stack)
Definition: actctx.c:5906
ULONG Flags
Definition: ntddk_ex.h:207
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165
#define DPRINT
Definition: sndvol32.h:71
#define LDRP_PROCESS_ATTACH_CALLED
Definition: ldrtypes.h:49
BOOLEAN LdrpImageHasTls
Definition: ldrinit.c:52
BOOLEAN NTAPI LdrpCallInitRoutine(IN PDLL_INIT_ROUTINE EntryPoint, IN PVOID BaseAddress, IN ULONG Reason, IN PVOID Context)
Definition: ldrutils.c:100

Referenced by LdrpInit().

◆ LdrpInitializeTls()

NTSTATUS NTAPI LdrpInitializeTls ( VOID  )

Definition at line 1254 of file ldrinit.c.

1255 {
1256  PLIST_ENTRY NextEntry, ListHead;
1257  PLDR_DATA_TABLE_ENTRY LdrEntry;
1258  PIMAGE_TLS_DIRECTORY TlsDirectory;
1259  PLDRP_TLS_DATA TlsData;
1260  ULONG Size;
1261 
1262  /* Initialize the TLS List */
1264 
1265  /* Loop all the modules */
1266  ListHead = &NtCurrentPeb()->Ldr->InLoadOrderModuleList;
1267  NextEntry = ListHead->Flink;
1268  while (ListHead != NextEntry)
1269  {
1270  /* Get the entry */
1271  LdrEntry = CONTAINING_RECORD(NextEntry, LDR_DATA_TABLE_ENTRY, InLoadOrderLinks);
1272  NextEntry = NextEntry->Flink;
1273 
1274  /* Get the TLS directory */
1275  TlsDirectory = RtlImageDirectoryEntryToData(LdrEntry->DllBase,
1276  TRUE,
1278  &Size);
1279 
1280  /* Check if we have a directory */
1281  if (!TlsDirectory) continue;
1282 
1283  /* Check if the image has TLS */
1285 
1286  /* Show debug message */
1287  if (ShowSnaps)
1288  {
1289  DPRINT1("LDR: Tls Found in %wZ at %p\n",
1290  &LdrEntry->BaseDllName,
1291  TlsDirectory);
1292  }
1293 
1294  /* Allocate an entry */
1295  TlsData = RtlAllocateHeap(RtlGetProcessHeap(), 0, sizeof(LDRP_TLS_DATA));
1296  if (!TlsData) return STATUS_NO_MEMORY;
1297 
1298  /* Lock the DLL and mark it for TLS Usage */
1299  LdrEntry->LoadCount = -1;
1300  LdrEntry->TlsIndex = -1;
1301 
1302  /* Save the cached TLS data */
1303  TlsData->TlsDirectory = *TlsDirectory;
1304  InsertTailList(&LdrpTlsList, &TlsData->TlsLinks);
1305 
1306  /* Update the index */
1309  }
1310 
1311  /* Done setting up TLS, allocate entries */
1312  return LdrpAllocateTls();
1313 }
IMAGE_TLS_DIRECTORY TlsDirectory
Definition: ntdllp.h:29
#define TRUE
Definition: types.h:120
LIST_ENTRY LdrpTlsList
Definition: ldrinit.c:53
IN PVOID IN PVOID IN USHORT IN USHORT Size
Definition: pci.h:361
#define InsertTailList(ListHead, Entry)
PVOID DllBase
Definition: btrfs_drv.h:1926
#define IMAGE_DIRECTORY_ENTRY_TLS
Definition: pedump.c:268
USHORT TlsIndex
Definition: ntddk_ex.h:209
BOOLEAN ShowSnaps
Definition: ldrinit.c:81
LIST_ENTRY TlsLinks
Definition: ntdllp.h:28
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
ULONG LdrpNumberOfTlsEntries
Definition: ldrinit.c:54
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
#define RtlImageDirectoryEntryToData
Definition: compat.h:668
Definition: btrfs_drv.h:1922
Definition: typedefs.h:119
#define NtCurrentPeb()
Definition: FLS.c:22
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
UNICODE_STRING BaseDllName
Definition: ldrtypes.h:145
#define DPRINT1
Definition: precomp.h:8
NTSTATUS NTAPI LdrpAllocateTls(VOID)
Definition: ldrinit.c:1317
unsigned int ULONG
Definition: retypes.h:1
signed int * PLONG
Definition: retypes.h:5
BOOLEAN LdrpImageHasTls
Definition: ldrinit.c:52
USHORT LoadCount
Definition: ntddk_ex.h:208

Referenced by LdrpInitializeProcess().

◆ LdrpInsertMemoryTableEntry()

VOID NTAPI LdrpInsertMemoryTableEntry ( IN PLDR_DATA_TABLE_ENTRY  LdrEntry)

Definition at line 1582 of file ldrutils.c.

1583 {
1584  PPEB_LDR_DATA PebData = NtCurrentPeb()->Ldr;
1585  ULONG i;
1586 
1587  /* Insert into hash table */
1588  i = LDR_GET_HASH_ENTRY(LdrEntry->BaseDllName.Buffer[0]);
1589  InsertTailList(&LdrpHashTable[i], &LdrEntry->HashLinks);
1590 
1591  /* Insert into other lists */
1592  InsertTailList(&PebData->InLoadOrderModuleList, &LdrEntry->InLoadOrderLinks);
1593  InsertTailList(&PebData->InMemoryOrderModuleList, &LdrEntry->InMemoryOrderLinks);
1594 }
LIST_ENTRY InLoadOrderModuleList
Definition: ldrtypes.h:120
LIST_ENTRY InMemoryOrderModuleList
Definition: btrfs_drv.h:1941
#define LDR_GET_HASH_ENTRY(x)
Definition: ntdllp.h:12
#define InsertTailList(ListHead, Entry)
LIST_ENTRY LdrpHashTable[LDR_HASH_TABLE_ENTRIES]
Definition: ldrinit.c:60
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define NtCurrentPeb()
Definition: FLS.c:22
unsigned int ULONG
Definition: retypes.h:1

Referenced by LdrpInitializeProcess(), and LdrpMapDll().

◆ LdrpLoadDll()

NTSTATUS NTAPI LdrpLoadDll ( IN BOOLEAN  Redirected,
IN PWSTR DllPath  OPTIONAL,
IN PULONG DllCharacteristics  OPTIONAL,
IN PUNICODE_STRING  DllName,
OUT PVOID BaseAddress,
IN BOOLEAN  CallInit 
)

Definition at line 2429 of file ldrutils.c.

2435 {
2436  PPEB Peb = NtCurrentPeb();
2438  const WCHAR *p;
2439  BOOLEAN GotExtension;
2440  WCHAR c;
2441  WCHAR NameBuffer[MAX_PATH + 6];
2442  UNICODE_STRING RawDllName;
2443  PLDR_DATA_TABLE_ENTRY LdrEntry;
2444  BOOLEAN InInit = LdrpInLdrInit;
2445 
2446  /* Save the Raw DLL Name */
2447  if (DllName->Length >= sizeof(NameBuffer)) return STATUS_NAME_TOO_LONG;
2448  RtlInitEmptyUnicodeString(&RawDllName, NameBuffer, sizeof(NameBuffer));
2449  RtlCopyUnicodeString(&RawDllName, DllName);
2450 
2451  /* Find the extension, if present */
2452  p = DllName->Buffer + DllName->Length / sizeof(WCHAR) - 1;
2453  GotExtension = FALSE;
2454  while (p >= DllName->Buffer)
2455  {
2456  c = *p--;
2457  if (c == L'.')
2458  {
2459  GotExtension = TRUE;
2460  break;
2461  }
2462  else if (c == L'\\')
2463  {
2464  break;
2465  }
2466  }
2467 
2468  /* If no extension was found, add the default extension */
2469  if (!GotExtension)
2470  {
2471  /* Check that we have space to add one */
2472  if ((DllName->Length + LdrApiDefaultExtension.Length + sizeof(UNICODE_NULL)) >=
2473  sizeof(NameBuffer))
2474  {
2475  /* No space to add the extension */
2478  "LDR: %s - Dll name missing extension; with extension "
2479  "added the name is too long\n"
2480  " DllName: (@ %p) \"%wZ\"\n"
2481  " DllName->Length: %u\n",
2482  __FUNCTION__,
2483  DllName,
2484  DllName,
2485  DllName->Length);
2486  return STATUS_NAME_TOO_LONG;
2487  }
2488 
2489  /* Add it. Needs to be null terminated, thus the length check above */
2490  (VOID)RtlAppendUnicodeStringToString(&RawDllName,
2492  }
2493 
2494  /* Check for init flag and acquire lock */
2495  if (!InInit) RtlEnterCriticalSection(&LdrpLoaderLock);
2496 
2497  _SEH2_TRY
2498  {
2499  /* Show debug message */
2500  if (ShowSnaps)
2501  {
2502  DPRINT1("LDR: LdrLoadDll, loading %wZ from %ws\n",
2503  &RawDllName,
2504  DllPath ? DllPath : L"");
2505  }
2506 
2507  /* Check if the DLL is already loaded */
2509  &RawDllName,
2510  FALSE,
2511  Redirected,
2512  &LdrEntry))
2513  {
2514  /* Map it */
2516  DllPath,
2517  NameBuffer,
2518  DllCharacteristics,
2519  FALSE,
2520  Redirected,
2521  &LdrEntry);
2522  if (!NT_SUCCESS(Status))
2523  _SEH2_LEAVE;
2524 
2525  /* FIXME: Need to mark the DLL range for the stack DB */
2526  //RtlpStkMarkDllRange(LdrEntry);
2527 
2528  /* Check if IMAGE_FILE_EXECUTABLE_IMAGE was provided */
2529  if ((DllCharacteristics) &&
2530  (*DllCharacteristics & IMAGE_FILE_EXECUTABLE_IMAGE))
2531  {
2532  /* This is not a DLL, so remove such data */
2533  LdrEntry->EntryPoint = NULL;
2534  LdrEntry->Flags &= ~LDRP_IMAGE_DLL;
2535  }
2536 
2537  /* Make sure it's a DLL */
2538  if (LdrEntry->Flags & LDRP_IMAGE_DLL)
2539  {
2540  /* Check if this is a .NET Image */
2541  if (!(LdrEntry->Flags & LDRP_COR_IMAGE))
2542  {
2543  /* Walk the Import Descriptor */
2545  }
2546 
2547  /* Update load count, unless it's locked */
2548  if (LdrEntry->LoadCount != 0xFFFF) LdrEntry->LoadCount++;
2550 
2551  /* Check if we failed */
2552  if (!NT_SUCCESS(Status))
2553  {
2554  /* Clear entrypoint, and insert into list */
2555  LdrEntry->EntryPoint = NULL;
2557  &LdrEntry->InInitializationOrderLinks);
2558 
2559  /* Cancel the load */
2561 
2562  /* Unload the DLL */
2563  if (ShowSnaps)
2564  {
2565  DbgPrint("LDR: Unloading %wZ due to error %x walking "
2566  "import descriptors\n",
2567  DllName,
2568  Status);
2569  }
2570  LdrUnloadDll(LdrEntry->DllBase);
2571 
2572  /* Return the error */
2573  _SEH2_LEAVE;
2574  }
2575  }
2576  else if (LdrEntry->LoadCount != 0xFFFF)
2577  {
2578  /* Increase load count */
2579  LdrEntry->LoadCount++;
2580  }
2581 
2582  /* Insert it into the list */
2584  &LdrEntry->InInitializationOrderLinks);
2585 
2586  /* If we have to run the entrypoint, make sure the DB is ready */
2587  if (CallInit && LdrpLdrDatabaseIsSetup)
2588  {
2589  /* Notify Shim Engine */
2590  if (g_ShimsEnabled)
2591  {
2593  SE_DllLoaded(LdrEntry);
2594  }
2595 
2596  /* Run the init routine */
2598  if (!NT_SUCCESS(Status))
2599  {
2600  /* Failed, unload the DLL */
2601  if (ShowSnaps)
2602  {
2603  DbgPrint("LDR: Unloading %wZ because either its init "
2604  "routine or one of its static imports failed; "
2605  "status = 0x%08lx\n",
2606  DllName,
2607  Status);
2608  }
2609  LdrUnloadDll(LdrEntry->DllBase);
2610  }
2611  }
2612  else
2613  {
2614  /* The DB isn't ready, which means we were loaded because of a forwarder */
2616  }
2617  }
2618  else
2619  {
2620  /* We were already loaded. Are we a DLL? */
2621  if ((LdrEntry->Flags & LDRP_IMAGE_DLL) && (LdrEntry->LoadCount != 0xFFFF))
2622  {
2623  /* Increase load count */
2624  LdrEntry->LoadCount++;
2626 
2627  /* Clear the load in progress */
2629  }
2630  else
2631  {
2632  /* Not a DLL, just increase the load count */
2633  if (LdrEntry->LoadCount != 0xFFFF) LdrEntry->LoadCount++;
2634  }
2635  }
2636 
2637  }
2639  {
2640  /* Release the lock */
2641  if (!InInit) RtlLeaveCriticalSection(&LdrpLoaderLock);
2642  }
2643  _SEH2_END;
2644 
2645  /* Check for success */
2646  if (NT_SUCCESS(Status))
2647  {
2648  /* Return the base address */
2649  *BaseAddress = LdrEntry->DllBase;
2650  }
2651  else
2652  {
2653  /* Nothing found */
2654  *BaseAddress = NULL;
2655  }
2656 
2657  /* Return status */
2658  return Status;
2659 }
PPEB Peb
Definition: dllmain.c:27
NTSTATUS NTAPI LdrpWalkImportDescriptor(IN LPWSTR DllPath OPTIONAL, IN PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: ldrpe.c:670
LIST_ENTRY InInitializationOrderModuleList
Definition: ldrtypes.h:122
#define DbgPrint
Definition: hal.h:12
BOOLEAN LdrpLdrDatabaseIsSetup
Definition: ldrinit.c:33
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN ShowSnaps
Definition: ldrinit.c:81
VOID WINAPI SE_DllLoaded(PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: shimeng.c:1433
NTSYSAPI ULONG __cdecl DbgPrintEx(_In_ ULONG ComponentId, _In_ ULONG Level, _In_z_ _Printf_format_string_ PCSTR Format,...)
NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
#define InsertTailList(ListHead, Entry)
NTSTATUS NTAPI LdrpMapDll(IN PWSTR SearchPath OPTIONAL, IN PWSTR DllPath2, IN PWSTR DllName OPTIONAL, IN PULONG DllCharacteristics, IN BOOLEAN Static, IN BOOLEAN Redirect, OUT PLDR_DATA_TABLE_ENTRY *DataTableEntry)
Definition: ldrutils.c:1023
NTSYSAPI VOID NTAPI RtlCopyUnicodeString(PUNICODE_STRING DestinationString, PUNICODE_STRING SourceString)
_SEH2_TRY
Definition: create.c:4226
NTSTATUS NTAPI LdrpRunInitializeRoutines(IN PCONTEXT Context OPTIONAL)
Definition: ldrinit.c:637
PVOID DllBase
Definition: btrfs_drv.h:1926
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
#define FALSE
Definition: types.h:117
#define UNICODE_NULL
NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
PVOID EntryPoint
Definition: ntddk_ex.h:203
unsigned char BOOLEAN
PVOID NTAPI RtlDecodeSystemPointer(IN PVOID Pointer)
Definition: process.c:439
#define STATUS_NAME_TOO_LONG
Definition: ntstatus.h:498
BOOLEAN NTAPI LdrpCheckForLoadedDll(IN PWSTR DllPath, IN PUNICODE_STRING DllName, IN BOOLEAN Flag, IN BOOLEAN RedirectedDll, OUT PLDR_DATA_TABLE_ENTRY *LdrEntry)
Definition: ldrutils.c:1979
Status
Definition: gdiplustypes.h:24
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
#define MAX_PATH
Definition: compat.h:34
const GLubyte * c
Definition: glext.h:8905
#define IMAGE_FILE_EXECUTABLE_IMAGE
Definition: pedump.c:160
VOID NTAPI LdrpUpdateLoadCount2(IN PLDR_DATA_TABLE_ENTRY LdrEntry, IN ULONG Flags)
Definition: ldrutils.c:460
BOOLEAN g_ShimsEnabled
Definition: ldrutils.c:21
PVOID g_pfnSE_DllLoaded
Definition: ldrutils.c:23
ULONG NTAPI LdrpClearLoadInProgress(VOID)
Definition: ldrutils.c:2663
struct _LDR_DATA_TABLE_ENTRY * PLDR_DATA_TABLE_ENTRY
static const WCHAR L[]
Definition: oid.c:1250
#define VOID
Definition: acefi.h:82
Definition: btrfs_drv.h:1922
#define LDRP_COR_IMAGE
Definition: ldrtypes.h:52
NTSTATUS NTAPI LdrUnloadDll(IN PVOID BaseAddress)
Definition: ldrapi.c:1322
_SEH2_END
Definition: create.c:4400
#define NtCurrentPeb()
Definition: FLS.c:22
#define DPFLTR_ERROR_LEVEL
Definition: main.cpp:32
PPEB_LDR_DATA Ldr
Definition: btrfs_drv.h:1958
static const char const char * DllPath
Definition: image.c:34
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
_SEH2_FINALLY
Definition: create.c:4371
#define NULL
Definition: types.h:112
#define LDRP_UPDATE_REFCOUNT
Definition: ntdllp.h:15
#define DPRINT1
Definition: precomp.h:8
#define LDRP_IMAGE_DLL
Definition: ldrtypes.h:39
ULONG Flags
Definition: ntddk_ex.h:207
RTL_CRITICAL_SECTION LdrpLoaderLock
Definition: ldrinit.c:70
#define c
Definition: ke_i.h:80
#define STATUS_SUCCESS
Definition: shellext.h:65
BOOLEAN LdrpInLdrInit
Definition: ldrinit.c:30
#define _SEH2_LEAVE
Definition: filesup.c:20
UNICODE_STRING LdrApiDefaultExtension
Definition: ldrapi.c:22
GLfloat GLfloat p
Definition: glext.h:8902
#define __FUNCTION__
Definition: types.h:112
LIST_ENTRY InInitializationOrderLinks
Definition: ldrtypes.h:140
USHORT LoadCount
Definition: ntddk_ex.h:208

Referenced by LdrLoadDll(), LdrpLoadShimEngine(), and LdrpSnapThunk().

◆ LdrpLoadImportModule()

NTSTATUS NTAPI LdrpLoadImportModule ( IN PWSTR DllPath  OPTIONAL,
IN LPSTR  ImportName,
OUT PLDR_DATA_TABLE_ENTRY DataTableEntry,
OUT PBOOLEAN  Existing 
)

Definition at line 808 of file ldrpe.c.

812 {
814  PUNICODE_STRING ImpDescName;
815  const WCHAR *p;
816  BOOLEAN GotExtension;
817  WCHAR c;
820  PTEB Teb = NtCurrentTeb();
821  UNICODE_STRING RedirectedImpDescName;
822  BOOLEAN RedirectedDll;
823 
824  DPRINT("LdrpLoadImportModule('%S' '%s' %p %p)\n", DllPath, ImportName, DataTableEntry, Existing);
825 
826  RedirectedDll = FALSE;
827  RtlInitEmptyUnicodeString(&RedirectedImpDescName, NULL, 0);
828 
829  /* Convert import descriptor name to unicode string */
830  ImpDescName = &Teb->StaticUnicodeString;
831  RtlInitAnsiString(&AnsiString, ImportName);
833  if (!NT_SUCCESS(Status)) return Status;
834 
835  /* Find the extension, if present */
836  p = ImpDescName->Buffer + ImpDescName->Length / sizeof(WCHAR) - 1;
837  GotExtension = FALSE;
838  while (p >= ImpDescName->Buffer)
839  {
840  c = *p--;
841  if (c == L'.')
842  {
843  GotExtension = TRUE;
844  break;
845  }
846  else if (c == L'\\')
847  {
848  break;
849  }
850  }
851 
852  /* If no extension was found, add the default extension */
853  if (!GotExtension)
854  {
855  /* Check that we have space to add one */
856  if ((ImpDescName->Length + LdrApiDefaultExtension.Length + sizeof(UNICODE_NULL)) >=
857  sizeof(Teb->StaticUnicodeBuffer))
858  {
859  /* No space to add the extension */
862  "LDR: %s - Dll name missing extension; with extension "
863  "added the name is too long\n"
864  " ImpDescName: (@ %p) \"%wZ\"\n"
865  " ImpDescName->Length: %u\n",
866  __FUNCTION__,
867  ImpDescName,
868  ImpDescName,
869  ImpDescName->Length);
870  return STATUS_NAME_TOO_LONG;
871  }
872 
873  /* Add it. Needs to be null terminated, thus the length check above */
876  }
877 
878  /* Check if the SxS Assemblies specify another file */
880  ImpDescName,
882  NULL,
883  &RedirectedImpDescName,
884  &ImpDescName,
885  NULL,
886  NULL,
887  NULL);
888 
889  /* Check success */
890  if (NT_SUCCESS(Status))
891  {
892  /* Let Ldrp know */
893  RedirectedDll = TRUE;
894  }
895  else if (Status != STATUS_SXS_KEY_NOT_FOUND)
896  {
897  /* Unrecoverable SxS failure */
898  DPRINT1("LDR: RtlDosApplyFileIsolationRedirection_Ustr failed with status %x for dll %wZ\n", Status, ImpDescName);
899  goto done;
900  }
901 
902  /* Check if it's loaded */
904  ImpDescName,
905  TRUE,
906  RedirectedDll,
907  DataTableEntry))
908  {
909  /* It's already existing in the list */
910  *Existing = TRUE;
912  goto done;
913  }
914 
915  /* We're loading it for the first time */
916  *Existing = FALSE;
917 
918  /* Map it */
920  NULL,
921  ImpDescName->Buffer,
922  NULL,
923  TRUE,
924  RedirectedDll,
925  DataTableEntry);
926  if (!NT_SUCCESS(Status))
927  {
928  DPRINT1("LDR: LdrpMapDll failed with status %x for dll %wZ\n", Status, ImpDescName);
929  goto done;
930  }
931 
932  /* Walk its import descriptor table */
934  *DataTableEntry);
935  if (!NT_SUCCESS(Status))
936  {
937  /* Add it to the in-init-order list in case of failure */
939  &(*DataTableEntry)->InInitializationOrderLinks);
940  }
941 
942 done:
943  RtlFreeUnicodeString(&RedirectedImpDescName);
944 
945  return Status;
946 }
WCHAR StaticUnicodeBuffer[261]
Definition: compat.h:736
PPEB Peb
Definition: dllmain.c:27
LIST_ENTRY InInitializationOrderModuleList
Definition: ldrtypes.h:122
#define TRUE
Definition: types.h:120
LONG NTSTATUS
Definition: precomp.h:26
NTSYSAPI ULONG __cdecl DbgPrintEx(_In_ ULONG ComponentId, _In_ ULONG Level, _In_z_ _Printf_format_string_ PCSTR Format,...)
#define STATUS_SXS_KEY_NOT_FOUND
Definition: ntstatus.h:1389
#define InsertTailList(ListHead, Entry)
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
UNICODE_STRING StaticUnicodeString
Definition: compat.h:735
BOOLEAN NTAPI LdrpCheckForLoadedDll(IN PWSTR DllPath, IN PUNICODE_STRING DllName, IN BOOLEAN Flag, IN BOOLEAN RedirectedDll, OUT PLDR_DATA_TABLE_ENTRY *LdrEntry)
Definition: ldrutils.c:1979
#define FALSE
Definition: types.h:117
#define UNICODE_NULL
NTSTATUS NTAPI LdrpWalkImportDescriptor(IN LPWSTR DllPath OPTIONAL, IN PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: ldrpe.c:670
unsigned char BOOLEAN
#define STATUS_NAME_TOO_LONG
Definition: ntstatus.h:498
Status
Definition: gdiplustypes.h:24
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
const GLubyte * c
Definition: glext.h:8905
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
PPEB NTAPI RtlGetCurrentPeb(VOID)
Definition: libsupp.c:63
static const WCHAR L[]
Definition: oid.c:1250
NTSTATUS NTAPI LdrpMapDll(IN PWSTR SearchPath OPTIONAL, IN PWSTR DllPath2, IN PWSTR DllName OPTIONAL, IN PULONG DllCharacteristics, IN BOOLEAN Static, IN BOOLEAN Redirect, OUT PLDR_DATA_TABLE_ENTRY *DataTableEntry)
Definition: ldrutils.c:1023
#define VOID
Definition: acefi.h:82
NTSYSAPI NTSTATUS NTAPI RtlDosApplyFileIsolationRedirection_Ustr(IN ULONG Flags, IN PUNICODE_STRING OriginalName, IN PUNICODE_STRING Extension, IN OUT PUNICODE_STRING StaticString, IN OUT PUNICODE_STRING DynamicString, IN OUT PUNICODE_STRING *NewName, IN PULONG NewFlags, IN PSIZE_T FileNameSize, IN PSIZE_T RequiredLength)
Definition: libsupp.c:821
Definition: compat.h:694
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
Definition: psfuncs.h:420
#define DPFLTR_ERROR_LEVEL
Definition: main.cpp:32
NTSYSAPI NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, PANSI_STRING SourceString, BOOLEAN AllocateDestinationString)
PPEB_LDR_DATA Ldr
Definition: btrfs_drv.h:1958
static const char const char * DllPath
Definition: image.c:34
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
#define NULL
Definition: types.h:112
#define DPRINT1
Definition: precomp.h:8
#define c
Definition: ke_i.h:80
#define STATUS_SUCCESS
Definition: shellext.h:65
UNICODE_STRING LdrApiDefaultExtension
Definition: ldrapi.c:22
GLfloat GLfloat p
Definition: glext.h:8902
#define DPRINT
Definition: sndvol32.h:71
#define __FUNCTION__
Definition: types.h:112

Referenced by LdrpHandleOneNewFormatImportDescriptor(), and LdrpHandleOneOldFormatImportDescriptor().

◆ LdrpLoadShimEngine()

VOID NTAPI LdrpLoadShimEngine ( IN PWSTR  ImageName,
IN PUNICODE_STRING  ProcessImage,
IN PVOID  pShimData 
)

Definition at line 2771 of file ldrutils.c.

2772 {
2773  UNICODE_STRING ShimLibraryName;
2774  PVOID ShimLibrary;
2775  NTSTATUS Status;
2776  RtlInitUnicodeString(&ShimLibraryName, ImageName);
2777  /* We should NOT pass CallInit = TRUE!
2778  If we do this, other init routines will be called before we get a chance to shim stuff.. */
2779  Status = LdrpLoadDll(FALSE, NULL, NULL, &ShimLibraryName, &ShimLibrary, FALSE);
2780  if (NT_SUCCESS(Status))
2781  {
2782  g_pShimEngineModule = ShimLibrary;
2785  if (g_ShimsEnabled)
2786  {
2789  SE_InstallBeforeInit(ProcessImage, pShimData);
2790  }
2791  }
2792 }
VOID NTAPI LdrpGetShimEngineInterface()
Definition: ldrutils.c:2711
LONG NTSTATUS
Definition: precomp.h:26
VOID NTAPI LdrpRunShimEngineInitRoutine(IN ULONG Reason)
Definition: ldrutils.c:2736
#define DLL_PROCESS_ATTACH
Definition: compat.h:131
PVOID g_pfnSE_InstallBeforeInit
Definition: ldrutils.c:25
NTSTATUS NTAPI LdrpLoadDll(IN BOOLEAN Redirected, IN PWSTR DllPath OPTIONAL, IN PULONG DllCharacteristics OPTIONAL, IN PUNICODE_STRING DllName, OUT PVOID *BaseAddress, IN BOOLEAN CallInit)
Definition: ldrutils.c:2429
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
#define FALSE
Definition: types.h:117
VOID NTAPI SE_InstallBeforeInit(PUNICODE_STRING ProcessImage, PVOID pShimData)
Definition: shimeng.c:1403
PVOID NTAPI RtlDecodeSystemPointer(IN PVOID Pointer)
Definition: process.c:439
void * PVOID
Definition: retypes.h:9
Status
Definition: gdiplustypes.h:24
PVOID g_pShimEngineModule
Definition: ldrutils.c:22
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
BOOLEAN g_ShimsEnabled
Definition: ldrutils.c:21
static const char * ImageName
Definition: image.c:34
#define VOID
Definition: acefi.h:82
#define NULL
Definition: types.h:112
UNICODE_STRING * PUNICODE_STRING
Definition: env_spec_w32.h:373
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)

Referenced by LdrpInitializeProcess().

◆ LdrpMapDll()

NTSTATUS NTAPI LdrpMapDll ( IN PWSTR SearchPath  OPTIONAL,
IN PWSTR  DllPath2,
IN PWSTR DllName  OPTIONAL,
IN PULONG  DllCharacteristics,
IN BOOLEAN  Static,
IN BOOLEAN  Redirect,
OUT PLDR_DATA_TABLE_ENTRY DataTableEntry 
)

Definition at line 1023 of file ldrutils.c.

1030 {
1031  PTEB Teb = NtCurrentTeb();
1032  PPEB Peb = NtCurrentPeb();
1033  PWCHAR p1 = DllName;
1034  WCHAR TempChar;
1035  BOOLEAN KnownDll = FALSE;
1036  UNICODE_STRING FullDllName, BaseDllName;
1037  HANDLE SectionHandle = NULL, DllHandle = 0;
1038  UNICODE_STRING NtPathDllName;
1039  ULONG_PTR HardErrorParameters[2];
1040  UNICODE_STRING HardErrorDllName, HardErrorDllPath;
1041  ULONG Response;
1042  SIZE_T ViewSize = 0;
1043  PVOID ViewBase = NULL;
1044  PVOID ArbitraryUserPointer;
1045  PIMAGE_NT_HEADERS NtHeaders;
1046  NTSTATUS HardErrorStatus, Status;
1047  BOOLEAN OverlapDllFound = FALSE;
1048  ULONG_PTR ImageBase, ImageEnd;
1049  PLIST_ENTRY ListHead, NextEntry;
1050  PLDR_DATA_TABLE_ENTRY CandidateEntry, LdrEntry;
1051  ULONG_PTR CandidateBase, CandidateEnd;
1052  UNICODE_STRING OverlapDll;
1053  BOOLEAN RelocatableDll = TRUE;
1054  UNICODE_STRING IllegalDll;
1055  PVOID RelocData;
1056  ULONG RelocDataSize = 0;
1057 
1058  // FIXME: AppCompat stuff is missing
1059 
1060  if (ShowSnaps)
1061  {
1062  DPRINT1("LDR: LdrpMapDll: Image Name %ws, Search Path %ws\n",
1063  DllName,
1064  SearchPath ? SearchPath : L"");
1065  }
1066 
1067  /* Check if we have a known dll directory */
1068  if (LdrpKnownDllObjectDirectory && Redirect == FALSE)
1069  {
1070  /* Check if the path is full */
1071  while (*p1)
1072  {
1073  TempChar = *p1++;
1074  if (TempChar == '\\' || TempChar == '/' )
1075  {
1076  /* Complete path, don't do Known Dll lookup */
1077  goto SkipCheck;
1078  }
1079  }
1080 
1081  /* Try to find a Known DLL */
1082  Status = LdrpCheckForKnownDll(DllName,
1083  &FullDllName,
1084  &BaseDllName,
1085  &SectionHandle);
1086 
1088  {
1089  /* Failure */
1092  "LDR: %s - call to LdrpCheckForKnownDll(\"%ws\", ...) failed with status %x\n",
1093  __FUNCTION__,
1094  DllName,
1095  Status);
1096 
1097  return Status;
1098  }
1099  }
1100 
1101 SkipCheck:
1102 
1103  /* Check if the Known DLL Check returned something */
1104  if (!SectionHandle)
1105  {
1106  /* It didn't, so try to resolve the name now */
1108  DllName,
1109  &FullDllName,
1110  &BaseDllName))
1111  {
1112  /* Got a name, display a message */
1113  if (ShowSnaps)
1114  {
1115  DPRINT1("LDR: Loading (%s) %wZ\n",
1116  Static ? "STATIC" : "DYNAMIC",
1117  &FullDllName);
1118  }
1119 
1120  /* Convert to NT Name */
1122  &NtPathDllName,
1123  NULL,
1124  NULL))
1125  {
1126  /* Path was invalid */
1128  }
1129 
1130  /* Create a section for this dLL */
1131  Status = LdrpCreateDllSection(&NtPathDllName,
1132  DllHandle,
1133  DllCharacteristics,
1134  &SectionHandle);
1135 
1136  /* Free the NT Name */
1137  RtlFreeHeap(RtlGetProcessHeap(), 0, NtPathDllName.Buffer);
1138 
1139  /* If we failed */
1140  if (!NT_SUCCESS(Status))
1141  {
1142  /* Free the name strings and return */
1144  LdrpFreeUnicodeString(&BaseDllName);
1145  return Status;
1146  }
1147  }
1148  else
1149  {
1150  /* We couldn't resolve the name, is this a static load? */
1151  if (Static)
1152  {
1153  /*
1154  * This is BAD! Static loads are CRITICAL. Bugcheck!
1155  * Initialize the strings for the error
1156  */
1157  RtlInitUnicodeString(&HardErrorDllName, DllName);
1158  RtlInitUnicodeString(&HardErrorDllPath,
1159  DllPath2 ? DllPath2 : LdrpDefaultPath.Buffer);
1160 
1161  /* Set them as error parameters */
1162  HardErrorParameters[0] = (ULONG_PTR)&HardErrorDllName;
1163  HardErrorParameters[1] = (ULONG_PTR)&HardErrorDllPath;
1164 
1165  /* Raise the hard error */
1167  2,
1168  0x00000003,
1169  HardErrorParameters,
1170  OptionOk,
1171  &Response);
1172 
1173  /* We're back, where we initializing? */
1175  }
1176 
1177  /* Return failure */
1178  return STATUS_DLL_NOT_FOUND;
1179  }
1180  }
1181  else
1182  {
1183  /* We have a section handle, so this is a known dll */
1184  KnownDll = TRUE;
1185  }
1186 
1187  /* Stuff the image name in the TIB, for the debugger */
1188  ArbitraryUserPointer = Teb->NtTib.ArbitraryUserPointer;
1189  Teb->NtTib.ArbitraryUserPointer = FullDllName.Buffer;
1190 
1191  /* Map the DLL */
1192  ViewBase = NULL;
1193  ViewSize = 0;
1194  Status = NtMapViewOfSection(SectionHandle,
1195  NtCurrentProcess(),
1196  &ViewBase,
1197  0,
1198  0,
1199  NULL,
1200  &ViewSize,
1201  ViewShare,
1202  0,
1203  PAGE_READWRITE);
1204 
1205  /* Restore */
1206  Teb->NtTib.ArbitraryUserPointer = ArbitraryUserPointer;
1207 
1208  /* Fail if we couldn't map it */
1209  if (!NT_SUCCESS(Status))
1210  {
1211  /* Close and return */
1212  NtClose(SectionHandle);
1213  return Status;
1214  }
1215 
1216  /* Get the NT Header */
1217  if (!(NtHeaders = RtlImageNtHeader(ViewBase)))
1218  {
1219  /* Invalid image, unmap, close handle and fail */
1221  NtClose(SectionHandle);
1223  }
1224 
1225  // FIXME: .NET support is missing
1226 
1227  /* Allocate an entry */
1228  if (!(LdrEntry = LdrpAllocateDataTableEntry(ViewBase)))
1229  {
1230  /* Invalid image, unmap, close handle and fail */
1232  NtClose(SectionHandle);
1233  return STATUS_NO_MEMORY;
1234  }
1235 
1236  /* Setup the entry */
1237  LdrEntry->Flags = Static ? LDRP_STATIC_LINK : 0;
1238  if (Redirect) LdrEntry->Flags |= LDRP_REDIRECTED;
1239  LdrEntry->LoadCount = 0;
1240  LdrEntry->FullDllName = FullDllName;
1241  LdrEntry->BaseDllName = BaseDllName;
1242  LdrEntry->EntryPoint = LdrpFetchAddressOfEntryPoint(LdrEntry->DllBase);
1243 
1244  /* Show debug message */
1245  if (ShowSnaps)
1246  {
1247  DPRINT1("LDR: LdrpMapDll: Full Name %wZ, Base Name %wZ\n",
1248  &FullDllName,
1249  &BaseDllName);
1250  }
1251 
1252  /* Insert this entry */
1253  LdrpInsertMemoryTableEntry(LdrEntry);
1254 
1255  // LdrpSendDllNotifications(LdrEntry, TRUE, Status == STATUS_IMAGE_NOT_AT_BASE)
1256 
1257  /* Check for invalid CPU Image */
1259  {
1260  /* Load our header */
1262 
1263  /* Assume defaults if we don't have to run the Hard Error path */
1264  HardErrorStatus = STATUS_SUCCESS;
1266 
1267  /* Are we an NT 3.0 image? [Do these still exist? LOL -- IAI] */
1269  {
1270  /* Reset the entrypoint, save our Dll Name */
1271  LdrEntry->EntryPoint = 0;
1272  HardErrorParameters[0] = (ULONG_PTR)&FullDllName;
1273 
1274  /* Raise the error */
1276  1,
1277  1,
1278  HardErrorParameters,
1280  &Response);
1281  }
1282 
1283  /* Check if the user pressed cancel */
1284  if (NT_SUCCESS(HardErrorStatus) && Response == ResponseCancel)
1285  {
1286  /* Remove the DLL from the lists */
1287  RemoveEntryList(&LdrEntry->InLoadOrderLinks);
1288  RemoveEntryList(&LdrEntry->InMemoryOrderLinks);
1289  RemoveEntryList(&LdrEntry->HashLinks);
1290 
1291  /* Remove the LDR Entry */
1292  RtlFreeHeap(LdrpHeap, 0, LdrEntry );
1293 
1294  /* Unmap and close section */
1296  NtClose(SectionHandle);
1297 
1298  /* Did we do a hard error? */
1300  {
1301  /* Yup, so increase fatal error count if we are initializing */
1303  }
1304 
1305  /* Return failure */
1307  }
1308  }
1309  else
1310  {
1311  /* The image was valid. Is it a DLL? */
1312  if (NtHeaders->FileHeader.Characteristics & IMAGE_FILE_DLL)
1313  {
1314  /* Set the DLL Flag */
1315  LdrEntry->Flags |= LDRP_IMAGE_DLL;
1316  }
1317 
1318  /* If we're not a DLL, clear the entrypoint */
1319  if (!(LdrEntry->Flags & LDRP_IMAGE_DLL))
1320  {
1321  LdrEntry->EntryPoint = 0;
1322  }
1323  }
1324 
1325  /* Return it for the caller */
1326  *DataTableEntry = LdrEntry;
1327 
1328  /* Check if we loaded somewhere else */
1330  {
1331  /* Write the flag */
1332  LdrEntry->Flags |= LDRP_IMAGE_NOT_AT_BASE;
1333 
1334  /* Find our region */
1335  ImageBase = (ULONG_PTR)NtHeaders->OptionalHeader.ImageBase;
1336  ImageEnd = ImageBase + ViewSize;
1337 
1338  DPRINT("LDR: LdrpMapDll Relocating Image Name %ws (%p-%p -> %p)\n", DllName, (PVOID)ImageBase, (PVOID)ImageEnd, ViewBase);
1339 
1340  /* Scan all the modules */
1341  ListHead = &Peb->Ldr->InLoadOrderModuleList;
1342  NextEntry = ListHead->Flink;
1343  while (NextEntry != ListHead)
1344  {
1345  /* Get the entry */
1346  CandidateEntry = CONTAINING_RECORD(NextEntry,
1348  InLoadOrderLinks);
1349  NextEntry = NextEntry->Flink;
1350 
1351  /* Get the entry's bounds */
1352  CandidateBase = (ULONG_PTR)CandidateEntry->DllBase;
1353  CandidateEnd = CandidateBase + CandidateEntry->SizeOfImage;
1354 
1355  /* Make sure this entry isn't unloading */
1356  if (!CandidateEntry->InMemoryOrderLinks.Flink) continue;
1357 
1358  /* Check if our regions are colliding */
1359  if ((ImageBase >= CandidateBase && ImageBase <= CandidateEnd) ||
1360  (ImageEnd >= CandidateBase && ImageEnd <= CandidateEnd) ||
1361  (CandidateBase >= ImageBase && CandidateBase <= ImageEnd))
1362  {
1363  /* Found who is overlapping */
1364  OverlapDllFound = TRUE;
1365  OverlapDll = CandidateEntry->FullDllName;
1366  break;
1367  }
1368  }
1369 
1370  /* Check if we found the DLL overlapping with us */
1371  if (!OverlapDllFound)
1372  {
1373  /* It's not another DLL, it's memory already here */
1374  RtlInitUnicodeString(&OverlapDll, L"Dynamically Allocated Memory");
1375  }
1376 
1377  DPRINT("Overlapping DLL: %wZ\n", &OverlapDll);
1378 
1379  /* Are we dealing with a DLL? */
1380  if (LdrEntry->Flags & LDRP_IMAGE_DLL)
1381  {
1382  /* Check if relocs were stripped */
1384  {
1385  /* Get the relocation data */
1386  RelocData = RtlImageDirectoryEntryToData(ViewBase,
1387  TRUE,
1389  &RelocDataSize);
1390 
1391  /* Does the DLL not have any? */
1392  if (!RelocData && !RelocDataSize)
1393  {
1394  /* We'll allow this and simply continue */
1395  goto NoRelocNeeded;
1396  }
1397  }
1398 
1399  /* See if this is an Illegal DLL - IE: user32 and kernel32 */
1400  RtlInitUnicodeString(&IllegalDll,L"user32.dll");
1401  if (RtlEqualUnicodeString(&BaseDllName, &IllegalDll, TRUE))
1402  {
1403  /* Can't relocate user32 */
1404  RelocatableDll = FALSE;
1405  }
1406  else
1407  {
1408  RtlInitUnicodeString(&IllegalDll, L"kernel32.dll");
1409  if (RtlEqualUnicodeString(&BaseDllName, &IllegalDll, TRUE))
1410  {
1411  /* Can't relocate kernel32 */
1412  RelocatableDll = FALSE;
1413  }
1414  }
1415 
1416  /* Known DLLs are not allowed to be relocated */
1417  if (KnownDll && !RelocatableDll)
1418  {
1419  /* Setup for hard error */
1420  HardErrorParameters[0] = (ULONG_PTR)&IllegalDll;
1421  HardErrorParameters[1] = (ULONG_PTR)&OverlapDll;
1422 
1423  DPRINT1("Illegal DLL relocation! %wZ overlaps %wZ\n", &OverlapDll, &IllegalDll);
1424 
1425  /* Raise the error */
1427  2,
1428  3,
1429  HardErrorParameters,
1430  OptionOk,
1431  &Response);
1432 
1433  /* If initializing, increase the error count */
1435 
1436  /* Don't do relocation */
1438  goto FailRelocate;
1439  }
1440 
1441  /* Change the protection to prepare for relocation */
1442  Status = LdrpSetProtection(ViewBase, FALSE);
1443 
1444  /* Make sure we changed the protection */
1445  if (NT_SUCCESS(Status))
1446  {
1447  /* Do the relocation */
1450 
1451  if (NT_SUCCESS(Status))
1452  {
1453  /* Stuff the image name in the TIB, for the debugger */
1454  ArbitraryUserPointer = Teb->NtTib.ArbitraryUserPointer;
1455  Teb->NtTib.ArbitraryUserPointer = FullDllName.Buffer;
1456 #if 0
1457  /* Map the DLL */
1458  Status = NtMapViewOfSection(SectionHandle,
1459  NtCurrentProcess(),
1460  &ViewBase,
1461  0,
1462  0,
1463  NULL,
1464  &ViewSize,
1465  ViewShare,
1466  0,
1467  PAGE_READWRITE);
1468 #endif
1469  /* Restore */
1470  Teb->NtTib.ArbitraryUserPointer = ArbitraryUserPointer;
1471 
1472  /* Return the protection */
1473  Status = LdrpSetProtection(ViewBase, TRUE);
1474  }
1475  }
1476 FailRelocate:
1477  /* Handle any kind of failure */
1478  if (!NT_SUCCESS(Status))
1479  {
1480  /* Remove it from the lists */
1481  RemoveEntryList(&LdrEntry->InLoadOrderLinks);
1482  RemoveEntryList(&LdrEntry->InMemoryOrderLinks);
1483  RemoveEntryList(&LdrEntry->HashLinks);
1484 
1485  /* Unmap it, clear the entry */
1487  LdrEntry = NULL;
1488  }
1489 
1490  /* Show debug message */
1491  if (ShowSnaps)
1492  {
1493  DPRINT1("LDR: Fixups %successfully re-applied @ %p\n",
1494  NT_SUCCESS(Status) ? "s" : "uns", ViewBase);
1495  }
1496  }
1497  else
1498  {
1499 NoRelocNeeded:
1500  /* Not a DLL, or no relocation needed */
1502 
1503  /* Stuff the image name in the TIB, for the debugger */
1504  ArbitraryUserPointer = Teb->NtTib.ArbitraryUserPointer;
1505  Teb->NtTib.ArbitraryUserPointer = FullDllName.Buffer;
1506 #if 0
1507  /* Map the DLL */
1508  Status = NtMapViewOfSection(SectionHandle,
1509  NtCurrentProcess(),
1510  &ViewBase,
1511  0,
1512  0,
1513  NULL,
1514  &ViewSize,
1515  ViewShare,
1516  0,
1517  PAGE_READWRITE);
1518 #endif
1519  /* Restore */
1520  Teb->NtTib.ArbitraryUserPointer = ArbitraryUserPointer;
1521 
1522  /* Show debug message */
1523  if (ShowSnaps)
1524  {
1525  DPRINT1("LDR: Fixups won't be re-applied to non-Dll @ %p\n", ViewBase);
1526  }
1527  }
1528  }
1529 
1530  // FIXME: LdrpCheckCorImage() is missing
1531 
1532  /* Check if this is an SMP Machine and a DLL */
1533  if ((LdrpNumberOfProcessors > 1) &&
1534  (LdrEntry && (LdrEntry->Flags & LDRP_IMAGE_DLL)))
1535  {
1536  /* Validate the image for MP */
1537  LdrpValidateImageForMp(LdrEntry);
1538  }
1539 
1540  // FIXME: LdrpCorUnloadImage() is missing
1541 
1542  /* Close section and return status */
1543  NtClose(SectionHandle);
1544  return Status;
1545 }
Definition: window.h:584
NTSYSAPI NTSTATUS NTAPI ZwRaiseHardError(_In_ NTSTATUS ErrorStatus, _In_ ULONG NumberOfParameters, _In_ ULONG UnicodeStringParameterMask, _In_ PULONG_PTR Parameters, _In_ ULONG ValidResponseOptions, _Out_ PULONG Response)
ULONG LdrpFatalHardErrorCount
Definition: ldrinit.c:83
BOOLEAN NTAPI LdrpResolveDllName(PWSTR DllPath, PWSTR DllName, PUNICODE_STRING FullDllName, PUNICODE_STRING BaseDllName)
Definition: ldrutils.c:699
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3840
#define LL
Definition: tui.h:84
PPEB Peb
Definition: dllmain.c:27
NTSTATUS NTAPI NtRaiseHardError(IN NTSTATUS ErrorStatus, IN ULONG NumberOfParameters, IN ULONG UnicodeStringParameterMask, IN PULONG_PTR Parameters, IN ULONG ValidResponseOptions, OUT PULONG Response)
Definition: harderr.c:553
LIST_ENTRY InLoadOrderModuleList
Definition: ldrtypes.h:120
#define TRUE
Definition: types.h:120
#define LDRP_REDIRECTED
Definition: ldrtypes.h:58
NTSTATUS NTAPI LdrpCreateDllSection(IN PUNICODE_STRING FullName, IN HANDLE DllHandle, IN PULONG DllCharacteristics OPTIONAL, OUT PHANDLE SectionHandle)
Definition: ldrutils.c:544
UNICODE_STRING LdrpDefaultPath
Definition: ldrinit.c:65
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN ShowSnaps
Definition: ldrinit.c:81
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
VOID NTAPI LdrpInsertMemoryTableEntry(IN PLDR_DATA_TABLE_ENTRY LdrEntry)
Definition: ldrutils.c:1582
ULONG SizeOfImage
Definition: ldrtypes.h:143
NTSYSAPI ULONG __cdecl DbgPrintEx(_In_ ULONG ComponentId, _In_ ULONG Level, _In_z_ _Printf_format_string_ PCSTR Format,...)
PVOID ImageBaseAddress
Definition: ntddk_ex.h:245
uint16_t * PWCHAR
Definition: typedefs.h:56
if(dx==0 &&dy==0)
Definition: linetemp.h:174
PVOID ArbitraryUserPointer
Definition: compat.h:578
#define IMAGE_FILE_DLL
Definition: pedump.c:169
#define SearchPath
Definition: winbase.h:3756
uint32_t ULONG_PTR
Definition: typedefs.h:65
#define LDRP_STATIC_LINK
Definition: ldrtypes.h:38
FORCEINLINE BOOLEAN RemoveEntryList(_In_ PLIST_ENTRY Entry)
Definition: rtlfuncs.h:105
PVOID DllBase
Definition: btrfs_drv.h:1926
#define FALSE
Definition: types.h:117
#define STATUS_ILLEGAL_DLL_RELOCATION
Definition: ntstatus.h:742
PVOID EntryPoint
Definition: ntddk_ex.h:203
NTSTATUS NTAPI NtMapViewOfSection(IN HANDLE SectionHandle, IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG_PTR ZeroBits, IN SIZE_T CommitSize, IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, IN OUT PSIZE_T ViewSize, IN SECTION_INHERIT InheritDisposition, IN ULONG AllocationType, IN ULONG Protect)
Definition: section.c:3614
#define LDRP_IMAGE_NOT_AT_BASE
Definition: ldrtypes.h:51
unsigned char BOOLEAN
void * PVOID
Definition: retypes.h:9
_In_ PCWSTR FullDllName
Definition: ldrtypes.h:247
IMAGE_FILE_HEADER FileHeader
Definition: ntddk_ex.h:183
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
#define NtCurrentProcess()
Definition: nt_native.h:1657
Status
Definition: gdiplustypes.h:24
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
PLDR_DATA_TABLE_ENTRY NTAPI LdrpAllocateDataTableEntry(IN PVOID BaseAddress)
Definition: ldrutils.c:1549
#define STATUS_INVALID_IMAGE_FORMAT
Definition: ntstatus.h:359
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
HANDLE LdrpKnownDllObjectDirectory
Definition: ldrinit.c:62
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
Definition: obhandle.c:3398
Definition: ncftp.h:89
#define STATUS_IMAGE_MACHINE_TYPE_MISMATCH
Definition: ntstatus.h:128
static const WCHAR L[]
Definition: oid.c:1250
#define RtlImageDirectoryEntryToData
Definition: compat.h:668
LIST_ENTRY HashLinks
Definition: ldrtypes.h:151
Definition: btrfs_drv.h:1922
ULONG LdrpNumberOfProcessors
Definition: ldrinit.c:55
Definition: typedefs.h:119
IMAGE_OPTIONAL_HEADER32 OptionalHeader
Definition: ntddk_ex.h:184
LIST_ENTRY InLoadOrderLinks
Definition: ldrtypes.h:138
NTSTATUS NTAPI LdrpCheckForKnownDll(PWSTR DllName, PUNICODE_STRING FullDllName, PUNICODE_STRING BaseDllName, HANDLE *SectionHandle)
Definition: ldrutils.c:814
ULONG_PTR SIZE_T
Definition: typedefs.h:80
#define STATUS_IMAGE_NOT_AT_BASE
Definition: ntstatus.h:117
Definition: compat.h:694
NTSYSAPI ULONG NTAPI LdrRelocateImageWithBias(_In_ PVOID NewAddress, _In_ LONGLONG AdditionalBias, _In_ PCCH LoaderName, _In_ ULONG Success, _In_ ULONG Conflict, _In_ ULONG Invalid)
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
Definition: psfuncs.h:420
#define NtCurrentPeb()
Definition: FLS.c:22
#define DPFLTR_ERROR_LEVEL
Definition: main.cpp:32
#define STATUS_DLL_NOT_FOUND
Definition: ntstatus.h:545
LIST_ENTRY InMemoryOrderLinks
Definition: btrfs_drv.h:1924
PPEB_LDR_DATA Ldr
Definition: