dd/da7/aux__klib_8c_source.html

 /*
  * PROJECT:     ReactOS SDK: Auxiliary Kernel-Mode Library
  * LICENSE:     BSD-2-Clause-Views (https://spdx.org/licenses/BSD-2-Clause-Views)
  * PURPOSE:     Main source file
  * COPYRIGHT:   Copyright 2019-2020 Max Korostil <mrmks04@yandex.ru>
  *              Copyright 2021 Victor Perevertkin <victor.perevertkin@reactos.org>
  */

 #include <ntifs.h>
 #include <ntintsafe.h>
 #include <ndk/ntndk.h>
 #include <pseh/pseh2.h>
 #include <aux_klib.h>

 #define TAG_AUXK 'AuxK'

 typedef NTSTATUS (NTAPI *PFN_RTLQUERYMODULEINFORMATION)(PULONG, ULONG, PVOID);

 PFN_RTLQUERYMODULEINFORMATION pfnRtlQueryModuleInformation;
 LONG gKlibInitialized = 0;


 CODE_SEG("PAGE")
 NTSTATUS
 NTAPI
 AuxKlibInitialize(VOID)
 {
     RTL_OSVERSIONINFOW osVersion;
     UNICODE_STRING strRtlQueryModuleInformation = RTL_CONSTANT_STRING(L"RtlQueryModuleInformation");

     PAGED_CODE();

     if (!gKlibInitialized)
     {
         RtlGetVersion(&osVersion);
         if (osVersion.dwMajorVersion >= 5)
         {
             pfnRtlQueryModuleInformation = MmGetSystemRoutineAddress(&strRtlQueryModuleInformation);
             InterlockedExchange(&gKlibInitialized, 1);
         }
         else
         {
             return STATUS_NOT_SUPPORTED;
         }
     }

     return STATUS_SUCCESS;
 }

 CODE_SEG("PAGE")
 NTSTATUS
 NTAPI
 AuxKlibQueryModuleInformation(
     _In_ PULONG InformationLength,
     _In_ ULONG SizePerModule,
     _Inout_ PAUX_MODULE_EXTENDED_INFO ModuleInfo)
 {
     NTSTATUS status;

     PAGED_CODE();

     if (gKlibInitialized != 1)
     {
         return STATUS_UNSUCCESSFUL;
     }

     // if we have the function exported from the kernel, use it
     if (pfnRtlQueryModuleInformation != NULL)
     {
         return pfnRtlQueryModuleInformation(InformationLength, SizePerModule, ModuleInfo);
     }

     if (SizePerModule != sizeof(AUX_MODULE_BASIC_INFO) &&
         SizePerModule != sizeof(AUX_MODULE_EXTENDED_INFO))
     {
         return STATUS_INVALID_PARAMETER_2;
     }

     if ((ULONG_PTR)ModuleInfo & (TYPE_ALIGNMENT(AUX_MODULE_EXTENDED_INFO) - 1))
     {
         return STATUS_INVALID_PARAMETER_3;
     }

     // first call the function with a place for only 1 module
     RTL_PROCESS_MODULES processModulesMinimal;
     PRTL_PROCESS_MODULES processModules = &processModulesMinimal;
     ULONG sysInfoLength = sizeof(processModulesMinimal);
     ULONG resultLength;

     // loop until we have a large-enough buffer for all modules
     do
     {
         status = ZwQuerySystemInformation(SystemModuleInformation,
                                           processModules,
                                           sysInfoLength,
                                           &resultLength);

         if (status == STATUS_INFO_LENGTH_MISMATCH)
         {
             // free the old buffer if it's not the first one
             if (processModules != &processModulesMinimal)
             {
                 ExFreePoolWithTag(processModules, TAG_AUXK);
             }

             _SEH2_TRY
             {
                 // allocate the new one
                 processModules = ExAllocatePoolWithQuotaTag(PagedPool, resultLength, TAG_AUXK);
             }
             _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
             {
                 _SEH2_YIELD(return _SEH2_GetExceptionCode());
             }
             _SEH2_END;

             if (!processModules)
             {
                 return STATUS_INSUFFICIENT_RESOURCES;
             }
             sysInfoLength = resultLength;
         }

     } while (status == STATUS_INFO_LENGTH_MISMATCH);

     if (!NT_SUCCESS(status))
     {
         goto Cleanup;
     }

     ULONG modulesSize;
     status = RtlULongMult(SizePerModule, processModules->NumberOfModules, &modulesSize);
     if (!NT_SUCCESS(status))
     {
         goto Cleanup;
     }

     if (ModuleInfo == NULL)
     {
         ASSERT(status == STATUS_SUCCESS);
         *InformationLength = modulesSize;
         goto Cleanup;
     }

     if (*InformationLength < modulesSize)
     {
         status = STATUS_BUFFER_TOO_SMALL;
         *InformationLength = modulesSize;
         goto Cleanup;
     }

     // copy the information to the input array
     for (UINT32 i = 0; i < processModules->NumberOfModules; i++)
     {
         ModuleInfo[i].BasicInfo.ImageBase = processModules->Modules[i].ImageBase;

         if (SizePerModule == sizeof(AUX_MODULE_EXTENDED_INFO))
         {
             ModuleInfo[i].ImageSize = processModules->Modules[i].ImageSize;
             ModuleInfo[i].FileNameOffset = processModules->Modules[i].OffsetToFileName;
             RtlCopyMemory(&ModuleInfo[i].FullPathName,
                           processModules->Modules[i].FullPathName,
                           sizeof(processModules->Modules[i].FullPathName));
         }
     }

 Cleanup:
     // don't accidentally free the stack buffer
     if (processModules != NULL && processModules != &processModulesMinimal)
     {
         ExFreePoolWithTag(processModules, TAG_AUXK);
     }

     return status;
 }

 NTSTATUS
 AuxKlibGetBugCheckData(
     _Inout_ PKBUGCHECK_DATA BugCheckData)
 {
     if (BugCheckData->BugCheckDataSize != sizeof(*BugCheckData))
     {
         return STATUS_INFO_LENGTH_MISMATCH;
     }

     BugCheckData->BugCheckCode = KiBugCheckData[0];
     BugCheckData->Parameter1 = KiBugCheckData[1];
     BugCheckData->Parameter2 = KiBugCheckData[2];
     BugCheckData->Parameter3 = KiBugCheckData[3];
     BugCheckData->Parameter4 = KiBugCheckData[4];

     return STATUS_SUCCESS;
 }

 PIMAGE_EXPORT_DIRECTORY
 AuxKlibGetImageExportDirectory(
     _In_ PVOID ImageBase)
 {
     ULONG size;
     return RtlImageDirectoryEntryToData(ImageBase, TRUE, IMAGE_DIRECTORY_ENTRY_EXPORT, &size);
 }

 _IRQL_requires_max_(PASSIVE_LEVEL)
 CODE_SEG("PAGE")
 NTSTATUS
 NTAPI
 AuxKlibEnumerateSystemFirmwareTables (
     _In_ ULONG FirmwareTableProviderSignature,
     _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PVOID FirmwareTableBuffer,
     _In_ ULONG BufferLength,
     _Out_opt_ PULONG ReturnLength)
 {
     return STATUS_NOT_IMPLEMENTED;
 }

 _IRQL_requires_max_(PASSIVE_LEVEL)
 CODE_SEG("PAGE")
 NTSTATUS
 NTAPI
 AuxKlibGetSystemFirmwareTable (
     _In_ ULONG FirmwareTableProviderSignature,
     _In_ ULONG FirmwareTableID,
     _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PVOID FirmwareTableBuffer,
     _In_ ULONG BufferLength,
     _Out_opt_ PULONG ReturnLength)
 {
     return STATUS_NOT_IMPLEMENTED;
 }
_RTL_PROCESS_MODULE_INFORMATION::ImageSize
ULONG ImageSize
Definition: rtltypes.h:1006

ntndk.h

ReturnLength
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:39

gKlibInitialized
LONG gKlibInitialized
Definition: aux_klib.c:20

BufferLength
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3767

STATUS_NOT_SUPPORTED
return STATUS_NOT_SUPPORTED
Definition: fxdriverapi.cpp:376

ntintsafe.h

_OSVERSIONINFOW
Definition: rtltypes.h:245

TYPE_ALIGNMENT
#define TYPE_ALIGNMENT(t)
Definition: ntbasedef.h:117

STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158

AuxKlibInitialize
NTSTATUS NTAPI AuxKlibInitialize(VOID)
Definition: aux_klib.c:26

ExAllocatePoolWithQuotaTag
PVOID NTAPI ExAllocatePoolWithQuotaTag(IN POOL_TYPE PoolType, IN SIZE_T NumberOfBytes, IN ULONG Tag)
Definition: expool.c:2984

STATUS_INFO_LENGTH_MISMATCH
#define STATUS_INFO_LENGTH_MISMATCH
Definition: udferr_usr.h:133

_RTL_PROCESS_MODULES::NumberOfModules
ULONG NumberOfModules
Definition: rtltypes.h:1017

RtlGetVersion
NTSTATUS NTAPI RtlGetVersion(IN OUT PRTL_OSVERSIONINFOW lpVersionInformation)
Definition: version.c:158

_Inout_
#define _Inout_
Definition: ms_sal.h:378

TRUE
#define TRUE
Definition: types.h:120

AuxKlibQueryModuleInformation
NTSTATUS NTAPI AuxKlibQueryModuleInformation(_In_ PULONG InformationLength, _In_ ULONG SizePerModule, _Inout_ PAUX_MODULE_EXTENDED_INFO ModuleInfo)
Definition: aux_klib.c:53

_RTL_PROCESS_MODULE_INFORMATION::OffsetToFileName
USHORT OffsetToFileName
Definition: rtltypes.h:1011

NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26

KiBugCheckData
ULONG_PTR KiBugCheckData[5]
Definition: bug.c:27

_AUX_MODULE_EXTENDED_INFO::FileNameOffset
USHORT FileNameOffset
Definition: aux_klib.h:40

_AUX_MODULE_EXTENDED_INFO::ImageSize
ULONG ImageSize
Definition: aux_klib.h:39

pfnRtlQueryModuleInformation
PFN_RTLQUERYMODULEINFORMATION pfnRtlQueryModuleInformation
Definition: aux_klib.c:19

pseh2.h

aux_klib.h

STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69

_SEH2_TRY
_SEH2_TRY
Definition: create.c:4226

_RTL_PROCESS_MODULE_INFORMATION::ImageBase
PVOID ImageBase
Definition: rtltypes.h:1005

ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65

PFN_RTLQUERYMODULEINFORMATION
NTSTATUS(NTAPI * PFN_RTLQUERYMODULEINFORMATION)(PULONG, ULONG, PVOID)
Definition: aux_klib.c:17

STATUS_NOT_IMPLEMENTED
return STATUS_NOT_IMPLEMENTED
Definition: fxdriverapium.cpp:241

L
#define L(x)
Definition: ntvdm.h:50

STATUS_INVALID_PARAMETER_3
#define STATUS_INVALID_PARAMETER_3
Definition: ntstatus.h:477

NTAPI
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117

UINT32
unsigned int UINT32
Definition: ProcessorBind.h:163

MmGetSystemRoutineAddress
PVOID NTAPI MmGetSystemRoutineAddress(IN PUNICODE_STRING SystemRoutineName)
Definition: sysldr.c:3514

LONG
long LONG
Definition: pedump.c:60

ZwQuerySystemInformation
NTSYSAPI NTSTATUS NTAPI ZwQuerySystemInformation(IN SYSTEM_INFORMATION_CLASS SystemInfoClass, OUT PVOID SystemInfoBuffer, IN ULONG SystemInfoBufferSize, OUT PULONG BytesReturned OPTIONAL)

ModuleInfo
_In_ ULONG _Out_writes_bytes_opt_ InformationLength PAUX_MODULE_EXTENDED_INFO ModuleInfo
Definition: aux_klib.h:65

STATUS_INVALID_PARAMETER_2
#define STATUS_INVALID_PARAMETER_2
Definition: ntstatus.h:476

_In_
#define _In_
Definition: ms_sal.h:308

PVOID
void * PVOID
Definition: retypes.h:9

_RTL_PROCESS_MODULES
Definition: rtltypes.h:1015

_AUX_MODULE_EXTENDED_INFO
Definition: aux_klib.h:37

size
GLsizeiptr size
Definition: glext.h:5919

_OSVERSIONINFOW::dwMajorVersion
ULONG dwMajorVersion
Definition: rtltypes.h:247

ASSERT
#define ASSERT(a)
Definition: mode.c:44

NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32

TAG_AUXK
#define TAG_AUXK
Definition: aux_klib.c:15

EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85

BugCheckData
static tBugCheckData BugCheckData
Definition: ParaNdis-Debug.c:274

FirmwareTableID
_In_ ULONG FirmwareTableID
Definition: aux_klib.h:91

_KBUGCHECK_DATA
Definition: aux_klib.h:44

STATUS_UNSUCCESSFUL
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132

_IMAGE_EXPORT_DIRECTORY
Definition: compat.h:156

RtlImageDirectoryEntryToData
#define RtlImageDirectoryEntryToData
Definition: compat.h:668

NTSTATUS
#define NTSTATUS
Definition: precomp.h:20

Cleanup
static const WCHAR Cleanup[]
Definition: register.c:80

PASSIVE_LEVEL
#define PASSIVE_LEVEL
Definition: env_spec_w32.h:693

_Out_writes_bytes_to_opt_
#define _Out_writes_bytes_to_opt_(size, count)
Definition: ms_sal.h:361

SizePerModule
_In_ ULONG SizePerModule
Definition: aux_klib.h:64

IMAGE_DIRECTORY_ENTRY_EXPORT
#define IMAGE_DIRECTORY_ENTRY_EXPORT
Definition: compat.h:151

InterlockedExchange
#define InterlockedExchange
Definition: armddk.h:54

PagedPool
Definition: ketypes.h:867

_UNICODE_STRING
Definition: env_spec_w32.h:368

_SEH2_END
_SEH2_END
Definition: create.c:4400

_AUX_MODULE_BASIC_INFO::ImageBase
PVOID ImageBase
Definition: aux_klib.h:34

i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248

SystemModuleInformation
Definition: ntddk_ex.h:22

_Out_opt_
#define _Out_opt_
Definition: ms_sal.h:346

PULONG
unsigned int * PULONG
Definition: retypes.h:1

NULL
#define NULL
Definition: types.h:112

AuxKlibGetImageExportDirectory
PIMAGE_EXPORT_DIRECTORY AuxKlibGetImageExportDirectory(_In_ PVOID ImageBase)
Definition: aux_klib.c:196

_AUX_MODULE_EXTENDED_INFO::BasicInfo
AUX_MODULE_BASIC_INFO BasicInfo
Definition: aux_klib.h:38

ULONG
unsigned int ULONG
Definition: retypes.h:1

_RTL_PROCESS_MODULES::Modules
RTL_PROCESS_MODULE_INFORMATION Modules[1]
Definition: rtltypes.h:1018

RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263

_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:40

_RTL_PROCESS_MODULE_INFORMATION::FullPathName
CHAR FullPathName[256]
Definition: rtltypes.h:1012

STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65

_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:165

_SEH2_YIELD
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:168

void
Definition: nsiface.idl:2306

ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1099

status
static SERVICE_STATUS status
Definition: service.c:31

CODE_SEG
static CODE_SEG("PAGE")
Definition: isapnp.c:1482

AuxKlibGetBugCheckData
NTSTATUS AuxKlibGetBugCheckData(_Inout_ PKBUGCHECK_DATA BugCheckData)
Definition: aux_klib.c:178

_IRQL_requires_max_
_IRQL_requires_max_(PASSIVE_LEVEL)
Queries information details about a security descriptor.
Definition: aux_klib.c:203

PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89

RTL_CONSTANT_STRING
#define RTL_CONSTANT_STRING(s)
Definition: tunneltest.c:14

_AUX_MODULE_BASIC_INFO
Definition: aux_klib.h:33

status
Definition: ps.c:97