53 if (CallerLuid ==
NULL)
78 sizeof(TokenInformation),
105 if (LinkHandle == 0 || IsGlobal ==
NULL)
124 if (PNameInfo ==
NULL)
151 if (PNameInfo !=
NULL)
168 HANDLE SymbolicLinkHandle;
246 if (PBROADCASTSYSTEMMESSAGEEXW ==
NULL)
253 RtlInitString(&ProcedureName,
"CsrBroadcastSystemMessageExW");
257 (
PVOID *)&PBROADCASTSYSTEMMESSAGEEXW);
260 PBROADCASTSYSTEMMESSAGEEXW =
NULL;
265 if (PBROADCASTSYSTEMMESSAGEEXW ==
NULL)
272 Info.cbSize =
sizeof(BSMINFO);
304 if (!(
Flags & BSF_LUID))
533 DPRINT(
"BaseSrvDefineDosDevice entered, Flags:%d, DeviceName:%wZ (%d), TargetPath:%wZ (%d)\n",
534 DefineDosDeviceRequest->
Flags,
555 DPRINT1(
"RtlEnterCriticalSection() failed (Status %lx)\n",
577 if (AbsLetter < 26 && AbsLetter >= 0)
601 CchLengthLeft = 0x1000 - 1 - CchLength;
672 if (RemoveDefinition)
688 HandleTarget =
FALSE;
720 CchLengthLeft = 0x1000 - 1 - CchLength;
739 if (TargetLength + 1 >= CchLengthLeft)
750 CchLengthLeft -= (TargetLength + 1);
804 else if (RemoveDefinition)
837 if (RemoveDefinition)
846 OrigPtr = CurrentPtr;
850 CurrentChar = *CurrentPtr;
870 TargetLength != CchLength ||
_wcsicmp(OrigPtr, TargetBuffer) != 0) &&
872 (TargetLength != 0 &&
_wcsnicmp(OrigPtr, TargetBuffer, TargetLength) != 0))))
874 if (InterPtr != OrigPtr)
879 InterPtr += (CchLength + 1);
906 if (TargetLength == 0)
916 else if (HandleTarget)
921 TargetLength *=
sizeof(
WCHAR);
930 if (TargetLength == 0)
1055 if (RemoveDefinition && !RemoveFound)
1067 if (LinkHandle != 0)
1093 if (RemoveDefinition && !
RtlEqualLuid(&CallerLuid, &SystemLuid))
static ACPI_BUFFER CurrentBuffer
ULONG NTAPI BaseSrvBSMThread(PVOID StartupContext)
UNICODE_STRING TargetPath
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
NTSTATUS BroadcastDriveLetterChange(LONG DriveLetter, BOOLEAN RemoveDefinition, PLUID BroadcastLuid)
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
#define STATUS_BAD_IMPERSONATION_LEVEL
NTSTATUS NTAPI LdrGetDllHandle(IN PWSTR DllPath OPTIONAL, IN PULONG DllCharacteristics OPTIONAL, IN PUNICODE_STRING DllName, OUT PVOID *DllHandle)
_In_ ULONG _In_ ULONG _In_ ULONG Length
#define STATUS_INFO_LENGTH_MISMATCH
NTSTATUS NTAPI NtCreateSymbolicLinkObject(OUT PHANDLE LinkHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PUNICODE_STRING LinkTarget)
#define OBJ_CASE_INSENSITIVE
PBASE_STATIC_SERVER_DATA BaseStaticServerData
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
#define STATUS_INVALID_PARAMETER
#define DDD_REMOVE_DEFINITION
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
#define DDD_NO_BROADCAST_SYSTEM
static SID_IDENTIFIER_AUTHORITY WorldAuthority
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
BOOLEAN NTAPI CsrValidateMessageBuffer(IN PCSR_API_MESSAGE ApiMessage, IN PVOID *Buffer, IN ULONG ElementCount, IN ULONG ElementSize)
#define NtCurrentThread()
#define BSF_NOTIMEOUTIFNOTHUNG
_Check_return_ _CRTIMP int __cdecl _wcsnicmp(_In_reads_or_z_(_MaxCount) const wchar_t *_Str1, _In_reads_or_z_(_MaxCount) const wchar_t *_Str2, _In_ size_t _MaxCount)
BOOLEAN NTAPI CsrRevertToSelf(VOID)
NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
NTSTATUS AddBSMRequest(LONG DriveLetter, BOOLEAN RemoveDefinition, PLUID BroadcastLuid)
NTSTATUS NTAPI NtQuerySymbolicLinkObject(IN HANDLE LinkHandle, OUT PUNICODE_STRING LinkTarget, OUT PULONG ResultLength OPTIONAL)
NTSTATUS NTAPI NtMakeTemporaryObject(IN HANDLE ObjectHandle)
NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor(_Out_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ULONG Revision)
NTSTATUS NTAPI NtOpenProcessToken(IN HANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, OUT PHANDLE TokenHandle)
NTSYSAPI NTSTATUS WINAPI RtlAddAccessAllowedAce(PACL, DWORD, DWORD, PSID)
NTSYSAPI NTSTATUS WINAPI RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR, BOOLEAN, PACL, BOOLEAN)
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
struct _BSM_REQUEST * Next
#define SYMBOLIC_LINK_ALL_ACCESS
VOID BaseCleanupDefineDosDevice(VOID)
NTSTATUS NTAPI NtMakePermanentObject(IN HANDLE ObjectHandle)
#define RtlMoveMemory(Destination, Source, Length)
NTSYSAPI NTSTATUS NTAPI RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision)
_Must_inspect_result_ _In_ WDFCHILDLIST _In_ PWDF_CHILD_LIST_ITERATOR _Out_ WDFDEVICE _Inout_opt_ PWDF_CHILD_RETRIEVE_INFO Info
#define SECURITY_DESCRIPTOR_REVISION
static RTL_CRITICAL_SECTION BaseDefineDosDeviceCritSec
_Inout_ PUNICODE_STRING LinkTarget
return STATUS_NOT_IMPLEMENTED
_Must_inspect_result_ _In_ PWDFDEVICE_INIT _In_opt_ PCUNICODE_STRING DeviceName
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
#define RtlEqualLuid(Luid1, Luid2)
NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
struct _BSM_REQUEST * PBSM_REQUEST
static TAGREF LPCWSTR LPDWORD LPVOID lpBuffer
#define DBT_DEVICEREMOVECOMPLETE
UNICODE_STRING DeviceName
struct _BASE_API_MESSAGE * PBASE_API_MESSAGE
NTSTATUS NTAPI LdrGetProcedureAddress(IN PVOID BaseAddress, IN PANSI_STRING Name, IN ULONG Ordinal, OUT PVOID *ProcedureAddress)
BOOLEAN LUIDDeviceMapsEnabled
int _snwprintf(wchar_t *buffer, size_t count, const wchar_t *format,...)
_In_ ACCESS_MASK _In_ ULONG _Out_ PHANDLE TokenHandle
#define SECURITY_NT_AUTHORITY
#define NtCurrentProcess()
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
WCHAR NTAPI RtlUpcaseUnicodeChar(_In_ WCHAR Source)
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
NTSTATUS SendWinStationBSM(DWORD Flags, LPDWORD Recipients, UINT Message, WPARAM wParam, LPARAM lParam)
NTSTATUS NtTerminateThread(IN HANDLE ThreadHandle OPTIONAL, IN NTSTATUS ExitStatus)
_Must_inspect_result_ _In_ ULONG Flags
NTSTATUS NTAPI NtOpenThreadToken(_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _Out_ PHANDLE TokenHandle)
Opens a token that is tied to a thread handle.
NTSYSAPI NTSTATUS NTAPI RtlInitializeCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
#define NT_SUCCESS(StatCode)
#define SECURITY_WORLD_SID_AUTHORITY
NTSTATUS NtQueryObject(IN HANDLE Handle, IN OBJECT_INFO_CLASS ObjectInformationClass, OUT PVOID ObjectInformation, IN ULONG ObjectInformationLength, OUT PULONG ReturnLength)
_In_ ACCESS_MASK AccessMask
#define STATUS_ACCESS_DENIED
#define DBT_DEVTYP_VOLUME
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
#define SECURITY_NULL_RID
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
NTSTATUS IsGlobalSymbolicLink(HANDLE LinkHandle, PBOOLEAN IsGlobal)
PBSM_REQUEST BSM_Request_Queue
LONG(WINAPI *PBROADCASTSYSTEMMESSAGEEXW)(DWORD
NTSYSAPI NTSTATUS NTAPI RtlCreateUserThread(_In_ PVOID ThreadContext, _Out_ HANDLE *OutThreadHandle, _Reserved_ PVOID Reserved1, _Reserved_ PVOID Reserved2, _Reserved_ PVOID Reserved3, _Reserved_ PVOID Reserved4, _Reserved_ PVOID Reserved5, _Reserved_ PVOID Reserved6, _Reserved_ PVOID Reserved7, _Reserved_ PVOID Reserved8)
NTSYSAPI VOID NTAPI RtlInitString(PSTRING DestinationString, PCSZ SourceString)
CSR_API(BaseSrvDefineDosDevice)
struct _BSM_REQUEST BSM_REQUEST
PRTL_UNICODE_STRING_BUFFER Path
#define STATUS_OBJECT_NAME_NOT_FOUND
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
_CRTIMP wchar_t *__cdecl wcsncpy(wchar_t *_Dest, const wchar_t *_Source, size_t _Count)
#define STATUS_BUFFER_OVERFLOW
PBSM_REQUEST BSM_Request_Queue_End
#define DBT_DEVICEARRIVAL
#define DDD_LUID_BROADCAST_DRIVE
NTSTATUS CreateBSMThread(VOID)
#define SECURITY_RESTRICTED_CODE_RID
NTSYSAPI BOOLEAN NTAPI RtlPrefixUnicodeString(IN PUNICODE_STRING String1, IN PUNICODE_STRING String2, IN BOOLEAN CaseInSensitive)
struct _DEV_BROADCAST_VOLUME DEV_BROADCAST_VOLUME
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
ULONG BaseSrvpBSMThreadCount
NTSYSAPI void WINAPI RtlCopyLuid(PLUID, const LUID *)
#define SYMBOLIC_LINK_QUERY
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
BOOLEAN NTAPI CsrImpersonateClient(IN PCSR_THREAD CsrThread)
#define InitializeObjectAttributes(p, n, a, r, s)
NTSTATUS NTAPI NtOpenSymbolicLinkObject(OUT PHANDLE LinkHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
NTSYSAPI NTSTATUS NTAPI RtlDeleteCriticalSection(_In_ PRTL_CRITICAL_SECTION CriticalSection)
BOOLEAN CheckForGlobalDriveLetter(SHORT DriveLetter)
RTL_CRITICAL_SECTION BaseSrvDDDBSMCritSec
NTSTATUS GetCallerLuid(PLUID CallerLuid)
_Check_return_ _CRTIMP int __cdecl _wcsicmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)
#define DDD_EXACT_MATCH_ON_REMOVE
static SID_IDENTIFIER_AUTHORITY SystemAuthority
VOID BaseInitDefineDosDevice(VOID)