archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/base/subsys/sm/sfc/dll/registry.c

1575 lines
39 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1998 Microsoft Corporation
  5. Module Name:
  7. registry.c
  9. Abstract:
  11. Implementation of registry code.
  13. Author:
  15. Wesley Witt (wesw) 18-Dec-1998
  17. Revision History:
  19. Andrew Ritz (andrewr) 7-Jul-1999 : added comments
  20. --*/
  22. #include "sfcp.h"
  23. #pragma hdrstop
  26. //
  27. // this is a list of all of the files that we protect on the system. note that
  28. // there is no such thing as a tier 1 file anymore, only tier 2 files.
  29. //
  30. PPROTECT_FILE_ENTRY Tier2Files;
  32. //
  33. // this is the total number of files we're protecting
  34. //
  35. ULONG CountTier2Files;
  37. //
  38. // used to signal the watcher that the next change
  39. // type is expected to the this type and if so the
  40. // change should be ignored
  41. //
  42. ULONG* IgnoreNextChange = NULL;
  43. ULARGE_INTEGER LastExemptionTime;
  46. NTSTATUS
  47. InitializeUnicodeString(
  48. IN PWSTR StrVal,
  49. IN ULONG StrLen, OPTIONAL
  50. OUT PUNICODE_STRING String
  51. )
  52. /*++
  54. Routine Description:
  56. Initialize a unicode_string given a unicode string pointer. this function
  57. handles NULL strings and initializes the unicode string buffer to NULL in
  58. this case
  60. Arguments:
  62. StrVal - pointer to null terminated unicode string
  63. StrLen - length in characters of unicode string. if not specified,
  64. we use the length of the string.
  65. String - pointer to a UNICODE_STRING structure that is filled in by
  66. this function.
  67. Return Value:
  69. NTSTATUS code indicating outcome.
  71. --*/
  72. {
  74. ASSERT(String != NULL);
  76. if (StrVal == NULL) {
  77. String->Length = 0;
  78. String->MaximumLength = 0;
  79. String->Buffer = NULL;
  80. return STATUS_SUCCESS;
  81. }
  83. //
  84. // if the length was specified by the user, use that, otherwise use the
  85. // string length
  86. //
  87. String->Length = StrLen ? (USHORT)StrLen : (USHORT)UnicodeLen(StrVal);
  88. //
  89. // just say that the length is twice what we calculated as the current
  90. // length.
  91. //
  92. String->MaximumLength = String->Length + (sizeof(WCHAR)*2);
  93. String->Buffer = (PWSTR) MemAlloc( String->MaximumLength );
  94. if (String->Buffer == NULL) {
  95. return STATUS_NO_MEMORY;
  96. }
  98. RtlMoveMemory( String->Buffer, StrVal, String->Length );
  100. return STATUS_SUCCESS;
  101. }
  104. ULONG
  105. SfcQueryRegDword(
  106. PCWSTR KeyNameStr,
  107. PCWSTR ValueNameStr,
  108. ULONG DefaultValue
  109. )
  110. /*++
  112. Routine Description:
  114. retrieve a DWORD from the registry. if the value is not present or cannot
  115. be retrieved, we use a default value. calls registry api's using NT apis
  116. instead of win32 apis.
  119. Arguments:
  121. KeyNameStr - contains registry keyname to look for value under.
  122. ValueNameStr - contains registry value to retreive.
  123. DefaultValue - if we have problems retreiving the registry key or it is
  124. not set, use this default value.
  125. Return Value:
  127. registry DWORD value or default value if registry cannot be retreived.
  129. --*/
  131. {
  133. NTSTATUS Status;
  134. UNICODE_STRING KeyName;
  135. UNICODE_STRING ValueName;
  136. OBJECT_ATTRIBUTES ObjectAttributes;
  137. HANDLE Key;
  138. WCHAR ValueBuffer[VALUE_BUFFER_SIZE];
  139. PKEY_VALUE_PARTIAL_INFORMATION KeyValueInfo;
  140. ULONG ValueLength;
  142. //
  143. // Open the registry key.
  144. //
  146. ASSERT((KeyNameStr != NULL) && (ValueNameStr != NULL));
  148. KeyValueInfo = (PKEY_VALUE_PARTIAL_INFORMATION)ValueBuffer;
  149. RtlInitUnicodeString( &KeyName, KeyNameStr );
  151. InitializeObjectAttributes(
  152. &ObjectAttributes,
  153. &KeyName,
  154. OBJ_CASE_INSENSITIVE,
  155. NULL,
  156. NULL
  157. );
  159. Status = NtOpenKey(&Key, KEY_READ, &ObjectAttributes);
  160. if (!NT_SUCCESS(Status)) {
  161. DebugPrint2( LVL_VERBOSE, L"can't open %ws key: 0x%x", KeyNameStr, Status );
  162. return DefaultValue;
  163. }
  165. //
  166. // Query the key value.
  167. //
  169. RtlInitUnicodeString( &ValueName, ValueNameStr );
  170. Status = NtQueryValueKey(
  171. Key,
  172. &ValueName,
  173. KeyValuePartialInformation,
  174. (PVOID)KeyValueInfo,
  175. VALUE_BUFFER_SIZE,
  176. &ValueLength
  177. );
  179. //
  180. // cleanup
  181. //
  182. NtClose(Key);
  183. if (!NT_SUCCESS(Status)) {
  184. DebugPrint2( LVL_VERBOSE, L"can't query value key (%ws): 0x%x", ValueNameStr, Status );
  185. return DefaultValue;
  186. }
  188. ASSERT(KeyValueInfo->Type == REG_DWORD && KeyValueInfo->DataLength == sizeof(DWORD));
  190. if(KeyValueInfo->Type != REG_DWORD || KeyValueInfo->DataLength != sizeof(DWORD)) {
  191. return DefaultValue;
  192. }
  194. //
  195. // return value
  196. //
  197. return *((PULONG)&KeyValueInfo->Data);
  198. }
  201. ULONG
  202. SfcQueryRegDwordWithAlternate(
  203. IN PCWSTR FirstKey,
  204. IN PCWSTR SecondKey,
  205. IN PCWSTR ValueNameStr,
  206. IN ULONG DefaultValue
  207. )
  208. /*++
  210. Routine Description:
  212. retrieve a DWORD from the registry. if the value is not present in the
  213. first key location, we look in the second key location. If the key cannot
  214. be retrieved, we use a default value. calls registry api's using NT apis
  215. instead of win32 apis.
  217. Arguments:
  219. FirstKey - contains first registry keyname to look for value under.
  220. SecondKey - contains registry keyname to look for value under.
  221. ValueNameStr - contains registry value to retreive.
  222. DefaultValue - if we have problems retreiving the registry key or it is
  223. not set, use this default value.
  224. Return Value:
  226. registry DWORD value or default value if registry cannot be retreived.
  228. --*/
  230. {
  232. NTSTATUS Status;
  233. UNICODE_STRING KeyName;
  234. UNICODE_STRING ValueName;
  235. OBJECT_ATTRIBUTES ObjectAttributes;
  236. HANDLE Key;
  237. WCHAR ValueBuffer[VALUE_BUFFER_SIZE];
  238. PKEY_VALUE_PARTIAL_INFORMATION KeyValueInfo;
  239. ULONG ValueLength;
  240. BOOL FirstTime;
  241. PCWSTR p;
  244. //
  245. // Open the registry key.
  246. //
  247. FirstTime = TRUE;
  248. ASSERT((FirstKey != NULL) && (ValueNameStr != NULL) && (SecondKey != NULL));
  250. TryAgain:
  251. p = FirstTime ? FirstKey : SecondKey;
  253. KeyValueInfo = (PKEY_VALUE_PARTIAL_INFORMATION)ValueBuffer;
  254. RtlInitUnicodeString( &KeyName, p );
  256. InitializeObjectAttributes(
  257. &ObjectAttributes,
  258. &KeyName,
  259. OBJ_CASE_INSENSITIVE,
  260. NULL,
  261. NULL
  262. );
  264. Status = NtOpenKey(&Key, KEY_READ, &ObjectAttributes);
  265. if (!NT_SUCCESS(Status) && !FirstTime) {
  266. DebugPrint2( LVL_VERBOSE, L"can't open %ws key: 0x%x", p, Status );
  267. return DefaultValue;
  268. }
  270. if (!NT_SUCCESS(Status)) {
  271. ASSERT( FirstTime == TRUE );
  272. FirstTime = FALSE;
  273. goto TryAgain;
  274. }
  276. //
  277. // Query the key value.
  278. //
  280. RtlInitUnicodeString( &ValueName, ValueNameStr );
  281. Status = NtQueryValueKey(
  282. Key,
  283. &ValueName,
  284. KeyValuePartialInformation,
  285. (PVOID)KeyValueInfo,
  286. VALUE_BUFFER_SIZE,
  287. &ValueLength
  288. );
  290. //
  291. // cleanup
  292. //
  293. NtClose(Key);
  294. if (!NT_SUCCESS(Status) && !FirstTime) {
  295. DebugPrint2( LVL_VERBOSE, L"can't query value key (%ws): 0x%x", ValueNameStr, Status );
  296. return DefaultValue;
  297. }
  299. if (!NT_SUCCESS(Status)) {
  300. ASSERT( FirstTime == TRUE );
  301. FirstTime = FALSE;
  302. goto TryAgain;
  303. }
  305. ASSERT(KeyValueInfo->Type == REG_DWORD && KeyValueInfo->DataLength == sizeof(DWORD));
  307. if(KeyValueInfo->Type != REG_DWORD || KeyValueInfo->DataLength != sizeof(DWORD)) {
  308. return DefaultValue;
  309. }
  311. //
  312. // return value
  313. //
  314. return *((PULONG)&KeyValueInfo->Data);
  315. }
  318. PWSTR
  319. SfcQueryRegString(
  320. PCWSTR KeyNameStr,
  321. PCWSTR ValueNameStr
  322. )
  323. /*++
  325. Routine Description:
  327. retrieve a string from the registry. if the value is not present or cannot
  328. be retrieved, we return NULL. calls registry api's using NT apis
  329. instead of win32 apis.
  331. Arguments:
  333. KeyNameStr - contains registry keyname to look for value under.
  334. ValueNameStr - contains registry value to retreive.
  336. Return Value:
  338. unicode string pointer or NULL if registry cannot be retreived.
  340. --*/
  341. {
  342. NTSTATUS Status;
  343. UNICODE_STRING KeyName;
  344. UNICODE_STRING ValueName;
  345. OBJECT_ATTRIBUTES ObjectAttributes;
  346. HANDLE Key;
  347. WCHAR ValueBuffer[VALUE_BUFFER_SIZE];
  348. PKEY_VALUE_PARTIAL_INFORMATION KeyValueInfo;
  349. ULONG ValueLength;
  350. PWSTR s;
  352. ASSERT((KeyNameStr != NULL) && (ValueNameStr != NULL));
  354. //
  355. // Open the registry key.
  356. //
  358. RtlZeroMemory( (PVOID)ValueBuffer, VALUE_BUFFER_SIZE );
  359. KeyValueInfo = (PKEY_VALUE_PARTIAL_INFORMATION)ValueBuffer;
  360. RtlInitUnicodeString( &KeyName, KeyNameStr );
  362. InitializeObjectAttributes(
  363. &ObjectAttributes,
  364. &KeyName,
  365. OBJ_CASE_INSENSITIVE,
  366. NULL,
  367. NULL
  368. );
  370. Status = NtOpenKey(&Key, KEY_READ, &ObjectAttributes);
  371. if (!NT_SUCCESS(Status)) {
  372. DebugPrint2( LVL_VERBOSE, L"can't open %ws key: 0x%x", KeyNameStr, Status );
  373. return NULL;
  374. }
  376. //
  377. // Query the key value.
  378. //
  380. RtlInitUnicodeString( &ValueName, ValueNameStr );
  381. Status = NtQueryValueKey(
  382. Key,
  383. &ValueName,
  384. KeyValuePartialInformation,
  385. (PVOID)KeyValueInfo,
  386. VALUE_BUFFER_SIZE,
  387. &ValueLength
  388. );
  390. //
  391. // cleanup
  392. //
  393. NtClose(Key);
  394. if (!NT_SUCCESS(Status)) {
  395. DebugPrint2( LVL_VERBOSE, L"can't query value key (%ws): 0x%x", ValueNameStr, Status );
  396. return 0;
  397. }
  399. if (KeyValueInfo->Type == REG_MULTI_SZ) {
  400. DebugPrint1( LVL_VERBOSE,
  401. L"Warning: value key %ws is REG_MULTI_SZ, we will only return first string in list",
  402. ValueNameStr );
  403. } else {
  404. ASSERT(KeyValueInfo->Type == REG_SZ || KeyValueInfo->Type == REG_EXPAND_SZ);
  406. if(KeyValueInfo->Type != REG_SZ && KeyValueInfo->Type != REG_EXPAND_SZ) {
  407. return NULL;
  408. }
  409. }
  411. //
  412. // string length + 16 for slop
  413. //
  414. s = (PWSTR) MemAlloc( KeyValueInfo->DataLength + 16 );
  415. if (s == NULL) {
  416. return NULL;
  417. }
  419. CopyMemory( s, KeyValueInfo->Data, KeyValueInfo->DataLength );
  421. return s;
  422. }
  424. ULONG
  425. SfcQueryRegPath(
  426. IN PCWSTR KeyNameStr,
  427. IN PCWSTR ValueNameStr,
  428. IN PCWSTR DefaultValue OPTIONAL,
  429. OUT PWSTR Buffer OPTIONAL,
  430. IN ULONG BufferSize OPTIONAL
  431. )
  432. /*++
  434. Routine Description:
  436. retrieves a path from the registry. if the value is not present or cannot be retrieved,
  437. it returns the passed-in default string. The function writes up to BufferSize - 1 characters and appends
  438. a null. calls registry api's using NT apis instead of win32 apis.
  440. Arguments:
  442. KeyNameStr - contains registry keyname to look for value under.
  443. ValueNameStr - contains registry value to retreive.
  444. DefaultValue - the value returned in case of an error
  445. Buffer - the buffer that receives the string
  446. BufferSize - the size of Buffer in chars
  448. Return Value:
  450. the length of the value data in chars, including the null
  452. --*/
  453. {
  454. NTSTATUS Status;
  455. UNICODE_STRING KeyName;
  456. UNICODE_STRING ValueName;
  457. OBJECT_ATTRIBUTES ObjectAttributes;
  458. HANDLE Key;
  459. WCHAR ValueBuffer[VALUE_BUFFER_SIZE];
  460. PKEY_VALUE_PARTIAL_INFORMATION KeyValueInfo = (PKEY_VALUE_PARTIAL_INFORMATION) ValueBuffer;
  461. ULONG ValueLength;
  462. ULONG RequiredSize = 1; // for null
  463. PCWSTR retval = NULL;
  465. ASSERT(KeyNameStr != NULL && ValueNameStr != NULL);
  466. ASSERT(0 == BufferSize || Buffer != NULL);
  468. if(BufferSize != 0)
  469. Buffer[0] = 0;
  471. //
  472. // Open the registry key.
  473. //
  474. RtlInitUnicodeString( &KeyName, KeyNameStr );
  476. InitializeObjectAttributes(
  477. &ObjectAttributes,
  478. &KeyName,
  479. OBJ_CASE_INSENSITIVE,
  480. NULL,
  481. NULL
  482. );
  484. Status = NtOpenKey(&Key, KEY_READ, &ObjectAttributes);
  486. if(NT_SUCCESS(Status))
  487. {
  488. //
  489. // Query the key value.
  490. //
  491. RtlInitUnicodeString( &ValueName, ValueNameStr );
  493. Status = NtQueryValueKey(
  494. Key,
  495. &ValueName,
  496. KeyValuePartialInformation,
  497. (PVOID) KeyValueInfo,
  498. VALUE_BUFFER_SIZE,
  499. &ValueLength
  500. );
  502. NtClose(Key);
  504. if(NT_SUCCESS(Status))
  505. {
  506. ASSERT(KeyValueInfo->Type == REG_SZ || KeyValueInfo->Type == REG_EXPAND_SZ);
  508. if(KeyValueInfo->Type == REG_SZ || KeyValueInfo->Type == REG_EXPAND_SZ) {
  509. retval = (PCWSTR) KeyValueInfo->Data;
  510. }
  511. }
  512. }
  514. if(NULL == retval || 0 == retval[0])
  515. retval = DefaultValue;
  517. if(retval != NULL)
  518. {
  519. RequiredSize = ExpandEnvironmentStrings(retval, Buffer, BufferSize);
  521. if(BufferSize != 0 && BufferSize < RequiredSize)
  522. Buffer[BufferSize - 1] = 0;
  523. }
  525. return RequiredSize;
  526. }
  528. PWSTR
  529. SfcQueryRegStringWithAlternate(
  530. IN PCWSTR FirstKey,
  531. IN PCWSTR SecondKey,
  532. IN PCWSTR ValueNameStr
  533. )
  534. /*++
  536. Routine Description:
  538. retrieve a string from the registry. if the value is not present or cannot
  539. be retrieved, we try the second key, then we return NULL.
  541. This calls registry api's using NT apis instead of win32 apis.
  544. Arguments:
  546. FirstKey - contains registry keyname to look for value under.
  547. SecondKey - 2nd key to look for value under
  548. ValueNameStr - contains registry value to retreive.
  550. Return Value:
  552. unicode string pointer or NULL if registry cannot be retreived.
  554. --*/
  555. {
  556. NTSTATUS Status;
  557. UNICODE_STRING KeyName;
  558. UNICODE_STRING ValueName;
  559. OBJECT_ATTRIBUTES ObjectAttributes;
  560. HANDLE Key;
  561. WCHAR ValueBuffer[VALUE_BUFFER_SIZE];
  562. PKEY_VALUE_PARTIAL_INFORMATION KeyValueInfo;
  563. ULONG ValueLength;
  564. PWSTR s;
  565. BOOL FirstTime;
  566. PCWSTR p;
  568. ASSERT((FirstKey != NULL) && (ValueNameStr != NULL) && (SecondKey != NULL));
  569. FirstTime = TRUE;
  571. TryAgain:
  572. p = FirstTime ? FirstKey : SecondKey;
  575. //
  576. // Open the registry key.
  577. //
  579. RtlZeroMemory( (PVOID)ValueBuffer, VALUE_BUFFER_SIZE );
  580. KeyValueInfo = (PKEY_VALUE_PARTIAL_INFORMATION)ValueBuffer;
  581. RtlInitUnicodeString( &KeyName, p );
  583. InitializeObjectAttributes(
  584. &ObjectAttributes,
  585. &KeyName,
  586. OBJ_CASE_INSENSITIVE,
  587. NULL,
  588. NULL
  589. );
  591. Status = NtOpenKey(&Key, KEY_READ, &ObjectAttributes);
  592. if (!NT_SUCCESS(Status) && !FirstTime) {
  593. DebugPrint2( LVL_VERBOSE, L"can't open %ws key: 0x%x", p, Status );
  594. return NULL;
  595. }
  597. if (!NT_SUCCESS(Status)) {
  598. ASSERT( FirstTime == TRUE );
  599. FirstTime = FALSE;
  600. goto TryAgain;
  601. }
  603. //
  604. // Query the key value.
  605. //
  607. RtlInitUnicodeString( &ValueName, ValueNameStr );
  608. Status = NtQueryValueKey(
  609. Key,
  610. &ValueName,
  611. KeyValuePartialInformation,
  612. (PVOID)KeyValueInfo,
  613. VALUE_BUFFER_SIZE,
  614. &ValueLength
  615. );
  617. //
  618. // cleanup
  619. //
  620. NtClose(Key);
  621. if (!NT_SUCCESS(Status) && !FirstTime) {
  622. DebugPrint2( LVL_VERBOSE, L"can't query value key (%ws): 0x%x", ValueNameStr, Status );
  623. return 0;
  624. }
  626. if (!NT_SUCCESS(Status)) {
  627. ASSERT( FirstTime == TRUE );
  628. FirstTime = FALSE;
  629. goto TryAgain;
  630. }
  632. if (KeyValueInfo->Type == REG_MULTI_SZ) {
  633. DebugPrint1( LVL_VERBOSE,
  634. L"Warning: value key %ws is REG_MULTI_SZ, we will only return first string in list",
  635. ValueNameStr );
  636. } else {
  637. ASSERT(KeyValueInfo->Type == REG_SZ || KeyValueInfo->Type == REG_EXPAND_SZ);
  639. if(KeyValueInfo->Type != REG_SZ && KeyValueInfo->Type != REG_EXPAND_SZ) {
  640. return NULL;
  641. }
  642. }
  644. //
  645. // string length + 16 for slop
  646. //
  647. s = (PWSTR) MemAlloc( KeyValueInfo->DataLength + 16 );
  648. if (s == NULL) {
  649. return NULL;
  650. }
  652. CopyMemory( s, KeyValueInfo->Data, KeyValueInfo->DataLength );
  654. return s;
  655. }
  658. ULONG
  659. SfcWriteRegDword(
  660. PCWSTR KeyNameStr,
  661. PCWSTR ValueNameStr,
  662. ULONG Value
  663. )
  664. /*++
  666. Routine Description:
  668. set a REG_DWORD value in the registry. Calls registry api's using NT apis
  669. instead of win32 apis.
  671. Arguments:
  673. KeyNameStr - contains registry keyname to look for value under.
  674. ValueNameStr - contains registry value to set.
  675. Value - actual value to be set
  677. Return Value:
  679. win32 error code indicating outcome.
  681. --*/
  682. {
  683. NTSTATUS Status;
  684. UNICODE_STRING KeyName;
  685. UNICODE_STRING ValueName;
  686. OBJECT_ATTRIBUTES ObjectAttributes;
  687. HANDLE Key;
  689. ASSERT((KeyNameStr != NULL) && (ValueNameStr != NULL));
  691. //
  692. // Open the registry key.
  693. //
  695. RtlInitUnicodeString( &KeyName, KeyNameStr );
  697. InitializeObjectAttributes(
  698. &ObjectAttributes,
  699. &KeyName,
  700. OBJ_CASE_INSENSITIVE,
  701. NULL,
  702. NULL
  703. );
  705. Status = NtOpenKey(&Key, KEY_SET_VALUE, &ObjectAttributes);
  706. if (Status == STATUS_OBJECT_NAME_NOT_FOUND) {
  707. //
  708. // key doesn't exist, let's try to create one
  709. //
  710. Status = NtCreateKey( &Key,
  711. KEY_SET_VALUE,
  712. &ObjectAttributes,
  713. 0,
  714. NULL,
  715. 0,
  716. NULL
  717. );
  719. }
  720. if (!NT_SUCCESS(Status)) {
  721. DebugPrint2( LVL_VERBOSE, L"can't open %ws key: 0x%x", KeyNameStr, Status );
  722. return(RtlNtStatusToDosError(Status));
  723. }
  725. //
  726. // set the key value.
  727. //
  729. RtlInitUnicodeString( &ValueName, ValueNameStr );
  732. Status = NtSetValueKey(
  733. Key,
  734. &ValueName,
  735. 0,
  736. REG_DWORD,
  737. &Value,
  738. sizeof(ULONG)
  739. );
  741. //
  742. // cleanup and leave
  743. //
  744. NtClose(Key);
  745. if (!NT_SUCCESS(Status)) {
  746. DebugPrint2( LVL_VERBOSE, L"can't set value key (%ws): 0x%x", ValueNameStr, Status );
  748. }
  750. return(RtlNtStatusToDosError(Status));
  751. }
  754. DWORD
  755. SfcWriteRegString(
  756. PCWSTR KeyNameStr,
  757. PCWSTR ValueNameStr,
  758. PCWSTR Value
  759. )
  760. /*++
  762. Routine Description:
  764. set a REG_SZ value in the registry. Calls registry api's using NT apis
  765. instead of win32 apis.
  768. Arguments:
  770. KeyNameStr - contains registry keyname to look for value under.
  771. ValueNameStr - contains registry value to set.
  772. Value - actual value to be set
  774. Return Value:
  776. Win32 error code indicating outcome.
  778. --*/
  779. {
  780. NTSTATUS Status;
  781. UNICODE_STRING KeyName;
  782. UNICODE_STRING ValueName;
  783. OBJECT_ATTRIBUTES ObjectAttributes;
  784. HANDLE Key;
  786. ASSERT((KeyNameStr != NULL) && (ValueNameStr != NULL));
  788. //
  789. // Open the registry key.
  790. //
  792. RtlInitUnicodeString( &KeyName, KeyNameStr );
  794. InitializeObjectAttributes(
  795. &ObjectAttributes,
  796. &KeyName,
  797. OBJ_CASE_INSENSITIVE,
  798. NULL,
  799. NULL
  800. );
  802. Status = NtOpenKey(&Key, KEY_SET_VALUE, &ObjectAttributes);
  803. if (Status == STATUS_OBJECT_NAME_NOT_FOUND) {
  804. //
  805. // key doesn't exist, let's try to create one
  806. //
  807. Status = NtCreateKey( &Key,
  808. KEY_SET_VALUE,
  809. &ObjectAttributes,
  810. 0,
  811. NULL,
  812. 0,
  813. NULL
  814. );
  816. }
  818. if (!NT_SUCCESS(Status)) {
  819. DebugPrint2( LVL_VERBOSE, L"can't open %ws key: 0x%x", KeyNameStr, Status );
  820. return(RtlNtStatusToDosError(Status));
  821. }
  823. //
  824. // set the key value.
  825. //
  827. RtlInitUnicodeString( &ValueName, ValueNameStr );
  829. Status = NtSetValueKey(
  830. Key,
  831. &ValueName,
  832. 0,
  833. REG_SZ,
  834. (PWSTR)Value,
  835. UnicodeLen(Value)
  836. );
  838. //
  839. // cleanup
  840. //
  841. NtClose(Key);
  842. if (!NT_SUCCESS(Status)) {
  843. DebugPrint2( LVL_VERBOSE, L"can't set value key (%ws): 0x%x", ValueNameStr, Status );
  844. return(RtlNtStatusToDosError(Status)) ;
  845. }
  847. return ERROR_SUCCESS;
  848. }
  851. #if 0
  852. DWORD
  853. WsInAWorkgroup(
  854. VOID
  855. )
  856. /*++
  858. Routine Description:
  860. This function determines whether we are a member of a domain, or of
  861. a workgroup. First it checks to make sure we're running on a Windows NT
  862. system (otherwise we're obviously in a domain) and if so, queries LSA
  863. to get the Primary domain SID, if this is NULL, we're in a workgroup.
  865. If we fail for some random unexpected reason, we'll pretend we're in a
  866. domain (it's more restrictive).
  868. Arguments:
  869. None
  871. Return Value:
  873. TRUE - We're in a workgroup
  874. FALSE - We're in a domain
  876. --*/
  877. {
  878. NT_PRODUCT_TYPE ProductType;
  879. OBJECT_ATTRIBUTES ObjectAttributes;
  880. LSA_HANDLE Handle;
  881. NTSTATUS Status;
  882. PPOLICY_PRIMARY_DOMAIN_INFO PolicyPrimaryDomainInfo = NULL;
  883. DWORD Result = FALSE;
  886. Status = RtlGetNtProductType( &ProductType );
  888. if (!NT_SUCCESS( Status )) {
  889. DebugPrint( LVL_MINIMAL, L"Could not get Product type" );
  890. return FALSE;
  891. }
  893. if (ProductType == NtProductLanManNt) {
  894. return FALSE;
  895. }
  897. InitializeObjectAttributes( &ObjectAttributes, NULL, 0, 0, NULL );
  899. Status = LsaOpenPolicy( NULL, &ObjectAttributes, POLICY_VIEW_LOCAL_INFORMATION, &Handle );
  900. if (!NT_SUCCESS(Status)) {
  901. DebugPrint( LVL_MINIMAL, L"Could not open LSA Policy Database" );
  902. return FALSE;
  903. }
  905. Status = LsaQueryInformationPolicy( Handle, PolicyPrimaryDomainInformation, (LPVOID)&PolicyPrimaryDomainInfo );
  906. if (NT_SUCCESS(Status)) {
  907. if (PolicyPrimaryDomainInfo->Sid == NULL) {
  908. Result = TRUE;
  909. } else {
  910. Result = FALSE;
  911. }
  912. }
  914. if (PolicyPrimaryDomainInfo) {
  915. LsaFreeMemory( (PVOID)PolicyPrimaryDomainInfo );
  916. }
  918. LsaClose( Handle );
  920. return Result;
  921. }
  924. BOOL
  925. WaitForMUP(
  926. DWORD dwMaxWait
  927. )
  928. /*++
  930. Routine Description:
  932. Waits for MUP to initialize by looking for the event that is signalled
  933. when MUP is ready
  936. Arguments:
  937. dwMaxWait - amount of time we'll wait for MUP to initialize
  939. Return Value:
  941. TRUE - MUP is initialized
  942. FALSE - could not confirm MUP is initialized
  944. --*/
  946. {
  947. HANDLE hEvent;
  948. BOOL bResult;
  949. INT i = 0;
  952. if (WsInAWorkgroup()) {
  953. return TRUE;
  954. }
  956. DebugPrint(LVL_MINIMAL, L"waiting for mup...");
  957. //
  958. // Try to open the event
  959. //
  961. do {
  962. hEvent = OpenEvent(
  963. SYNCHRONIZE,
  964. FALSE,
  965. L"wkssvc: MUP finished initializing event"
  966. );
  967. if (hEvent) {
  968. DebugPrint(LVL_MINIMAL, L"opened the mup event");
  969. break;
  970. }
  972. if (GetLastError() != ERROR_FILE_NOT_FOUND) {
  973. break;
  974. }
  976. DebugPrint(LVL_MINIMAL, L"mup event does not yet exist, waiting...");
  977. Sleep(2000);
  979. i++;
  981. } while (i < 30);
  984. if (!hEvent) {
  985. DebugPrint1(LVL_MINIMAL, L"Failed to open MUP event, ec=%d\n", GetLastError());
  986. return FALSE;
  987. }
  990. //
  991. // Wait for the event to be signalled
  992. //
  994. bResult = (WaitForSingleObject (hEvent, dwMaxWait) == WAIT_OBJECT_0);
  997. //
  998. // Clean up
  999. //
  1001. CloseHandle (hEvent);
  1003. return bResult;
  1004. }
  1006. #endif
  1009. NTSTATUS
  1010. ExpandPathString(
  1011. IN PWSTR PathString,
  1012. IN ULONG PathStringLength,
  1013. OUT PUNICODE_STRING FileName, OPTIONAL
  1014. OUT PUNICODE_STRING PathName,
  1015. OUT PUNICODE_STRING FullPathName OPTIONAL
  1016. )
  1017. /*++
  1019. Routine Description:
  1021. Routine takes a source string containing environment variables, expand this
  1022. into the full path. Then it either copies this into a path, file, and full
  1023. path, as requested.
  1025. Arguments:
  1027. PathString - source path string
  1028. PathStringLength - source path string length
  1029. FileName - receives filename part of the path if specified. If not
  1030. specified, we only want the path part
  1031. PathName - receives the path part of the expanded source. If
  1032. FileName is not specified, we fill in pathname with the
  1033. entire expanded path
  1034. FullPathName - if FileName is specified, then this is filled in with
  1035. the complete path.
  1037. Return Value:
  1039. NTSTATUS code indicating outcome.
  1041. --*/
  1042. {
  1043. NTSTATUS Status;
  1044. UNICODE_STRING NewPath;
  1045. UNICODE_STRING SrcPath;
  1046. PWSTR FilePart;
  1049. ASSERT((PathString != NULL));
  1050. ASSERT((FileName == NULL)
  1051. ? (PathName != NULL)
  1052. : ((FullPathName != NULL) && (PathName != NULL)));
  1054. //
  1055. // turn the pathstring and length into a UNICODE_STRING
  1056. //
  1057. SrcPath.Length = (USHORT)PathStringLength;
  1058. SrcPath.MaximumLength = SrcPath.Length;
  1059. SrcPath.Buffer = PathString;
  1061. //
  1062. // create a new scratch UNICODE_STRING
  1063. //
  1064. NewPath.Length = 0;
  1065. NewPath.MaximumLength = (MAX_PATH*2) * sizeof(WCHAR);
  1066. NewPath.Buffer = (PWSTR) MemAlloc( NewPath.MaximumLength );
  1067. if (NewPath.Buffer == NULL) {
  1068. return STATUS_NO_MEMORY;
  1069. }
  1071. //
  1072. // expand source environment string into scratch string
  1073. //
  1074. Status = RtlExpandEnvironmentStrings_U(
  1075. NULL,
  1076. &SrcPath,
  1077. &NewPath,
  1078. NULL
  1079. );
  1080. if (!NT_SUCCESS(Status)) {
  1081. DebugPrint2( LVL_MINIMAL, L"ExpandEnvironmentStrings failed for [%ws], ec=%08x", PathString, Status );
  1082. goto exit;
  1083. }
  1085. //
  1086. // convert scratch string to lowercase
  1087. //
  1088. MyLowerString( NewPath.Buffer, NewPath.Length/sizeof(WCHAR) );
  1090. //
  1091. // if filename isn't specified, then just copy the string into the pathname
  1092. // and exit
  1093. //
  1094. if (FileName == NULL) {
  1096. PathName->Length = NewPath.Length;
  1097. PathName->MaximumLength = NewPath.MaximumLength;
  1098. PathName->Buffer = NewPath.Buffer;
  1099. return(STATUS_SUCCESS);
  1101. } else {
  1103. //
  1104. // copy the full string into the fullpathname
  1105. //
  1106. Status = InitializeUnicodeString( NewPath.Buffer, NewPath.Length, FullPathName );
  1107. if (!NT_SUCCESS(Status)) {
  1108. DebugPrint2( LVL_MINIMAL, L"InitializeUnicodeString failed for [%ws], ec=%08x", NewPath.Buffer, Status );
  1109. goto exit;
  1110. }
  1112. //
  1113. // separate the path part from the file part
  1114. //
  1115. FilePart = wcsrchr( NewPath.Buffer, L'\\' );
  1116. if (FilePart == NULL) {
  1117. Status = STATUS_NO_MEMORY;
  1118. goto exit;
  1119. }
  1121. *FilePart = 0;
  1122. FilePart += 1;
  1124. Status = InitializeUnicodeString( NewPath.Buffer, 0, PathName );
  1125. if (!NT_SUCCESS(Status)) {
  1126. DebugPrint2( LVL_MINIMAL, L"InitializeUnicodeString failed for [%ws], ec=%08x", NewPath.Buffer, Status );
  1127. goto exit;
  1128. }
  1129. Status = InitializeUnicodeString( FilePart, 0, FileName );
  1131. if (!NT_SUCCESS(Status)) {
  1132. DebugPrint2( LVL_MINIMAL, L"InitializeUnicodeString failed for [%ws], ec=%08x", FilePart, Status );
  1133. }
  1135. }
  1138. FilePart -= 1;
  1139. *FilePart = L'\\';
  1140. exit:
  1141. MemFree( NewPath.Buffer );
  1143. return Status;
  1144. }
  1147. BOOL
  1148. SfcDisableDllCache(
  1149. BOOL LogMessage
  1150. )
  1151. /*++
  1153. Routine Description:
  1155. Routine disables the dllcache functionality.
  1157. Specifically, we set the dll cache directory to the default and sets the
  1158. cache size to zero. So we will never add files in the cache.
  1160. We also log an error message if requested.
  1162. Arguments:
  1164. LogMessage - if TRUE, we log a message indicating the cache is disabled
  1166. Return Value:
  1168. NTSTATUS code indicating outcome.
  1170. --*/
  1171. {
  1172. PWSTR CacheDefault = DLLCACHE_DIR_DEFAULT;
  1173. NTSTATUS Status;
  1175. Status = ExpandPathString(
  1176. CacheDefault,
  1177. UnicodeLen(CacheDefault),
  1178. NULL,
  1179. &SfcProtectedDllPath,
  1180. NULL
  1181. );
  1182. if (NT_SUCCESS(Status)) {
  1183. DebugPrint1(LVL_MINIMAL,
  1184. L"default cache dir name=[%ws]",
  1185. SfcProtectedDllPath.Buffer);
  1187. SfcProtectedDllFileDirectory = SfcOpenDir(
  1188. TRUE,
  1189. TRUE,
  1190. SfcProtectedDllPath.Buffer );
  1191. if (SfcProtectedDllFileDirectory == NULL) {
  1192. DebugPrint(LVL_MINIMAL,
  1193. L"could not open the cache dir, need to create");
  1194. SfcProtectedDllFileDirectory = SfcCreateDir(
  1195. SfcProtectedDllPath.Buffer,
  1196. TRUE );
  1197. if (SfcProtectedDllFileDirectory == NULL) {
  1198. DebugPrint( LVL_MINIMAL, L"Cannot create ProtectedDllPath" );
  1199. }
  1200. }
  1201. } else {
  1202. //
  1203. // not enough memory...we're toast
  1204. //
  1205. DebugPrint( LVL_MINIMAL, L"Cannot open ProtectedDllPath" );
  1206. return(FALSE);
  1207. }
  1209. //
  1210. // set the quota to zero
  1211. //
  1212. SFCQuota = 0;
  1214. if (LogMessage) {
  1215. SfcReportEvent( MSG_DLLCACHE_INVALID, NULL, NULL, 0 );
  1216. }
  1218. return(TRUE);
  1219. }
  1223. NTSTATUS
  1224. SfcInitializeDllList(
  1225. IN PPROTECT_FILE_ENTRY Files,
  1226. IN ULONG NumFiles,
  1227. OUT PULONG Count
  1228. )
  1229. /*++
  1231. Routine Description:
  1233. Routine takes an empty array of SFC_REGISTRY_VALUE structures stored in the
  1234. global SfcProtectedDllsList global and assigns the data from an array of
  1235. PROTECT_FILE_ENTRY structures into these structures.
  1237. Arguments:
  1239. Files - pointer to first element in array of PROTECT_FILE_ENTRY
  1240. structures
  1241. NumFiles - number of elements in array of structures
  1242. Count - receives number of files we correctly setup
  1244. Return Value:
  1246. NTSTATUS code indicating outcome.
  1248. --*/
  1249. {
  1250. NTSTATUS Status,FinalStatus, LoopStatus;
  1251. ULONG Index;
  1252. PSFC_REGISTRY_VALUE RegVal;
  1254. ASSERT( (Files != NULL)
  1255. && (SfcProtectedDllsList != NULL)
  1256. && (Count != NULL) );
  1258. LoopStatus = FinalStatus = STATUS_SUCCESS;
  1260. for (Index=0; Index<NumFiles; Index++) {
  1262. RegVal = &SfcProtectedDllsList[*Count];
  1264. //
  1265. // set the directory name, filename and full path members
  1266. //
  1267. Status = ExpandPathString(
  1268. Files[Index].FileName,
  1269. UnicodeLen(Files[Index].FileName),
  1270. &RegVal->FileName,
  1271. &RegVal->DirName,
  1272. &RegVal->FullPathName
  1273. );
  1274. if (!NT_SUCCESS(Status)) {
  1275. //
  1276. // if we have a problem initializing one of the array elements
  1277. // keep going
  1278. //
  1279. DebugPrint1( LVL_MINIMAL,
  1280. L"ExpandPathString failed, ec=%08x",
  1281. Status );
  1282. FinalStatus = Status;
  1283. continue;
  1284. }
  1286. //
  1287. // set the layout inf name and the source file names if they are present
  1288. //
  1289. Status = InitializeUnicodeString( Files[Index].InfName,
  1290. 0,
  1291. &RegVal->InfName );
  1292. if (!NT_SUCCESS(Status)) {
  1293. DebugPrint1( LVL_MINIMAL,
  1294. L"InitializeUnicodeString failed, ec=%08x",
  1295. Status );
  1296. LoopStatus = FinalStatus = Status;
  1297. }
  1298. Status = InitializeUnicodeString( Files[Index].SourceFileName,
  1299. 0,
  1300. &RegVal->SourceFileName );
  1301. if (!NT_SUCCESS(Status)) {
  1302. DebugPrint1( LVL_MINIMAL,
  1303. L"InitializeUnicodeString failed, ec=%08x",
  1304. Status );
  1305. LoopStatus = FinalStatus = Status;
  1306. }
  1308. if (NT_SUCCESS(Status)) {
  1309. *Count += 1;
  1310. }
  1312. //
  1313. // WinSxs work (jonwis) This is NULL in all cases, unless this entry is
  1314. // added by WinSxs (see dirwatch.c)
  1315. //
  1316. RegVal->pvWinSxsCookie = NULL;
  1318. LoopStatus = STATUS_SUCCESS;
  1319. }
  1321. Status = FinalStatus;
  1322. if (NT_SUCCESS(Status)) {
  1323. ASSERT(*Count == NumFiles);
  1324. }
  1326. return(Status);
  1327. }
  1330. NTSTATUS
  1331. SfcInitializeDllLists(
  1332. PSFC_GET_FILES pfGetFiles
  1333. )
  1334. /*++
  1336. Routine Description:
  1338. Initialize the list of files we're going to protect.
  1340. Arguments:
  1342. None.
  1344. Return Value:
  1346. NTSTATUS code indicating outcome.
  1348. --*/
  1349. {
  1350. NTSTATUS Status;
  1351. PWSTR s;
  1352. BOOL FreeMem = TRUE;
  1355. //
  1356. // make sure we only call this guy once
  1357. //
  1358. if (SfcProtectedDllCount) {
  1359. return STATUS_SUCCESS;
  1360. }
  1362. DebugPrint(LVL_MINIMAL, L"entering SfcInitializeDllLists()");
  1364. //
  1365. // get the dllcache directory and store it into to SfcProtectedDllPath
  1366. // global
  1367. //
  1368. s = SfcQueryRegStringWithAlternate( REGKEY_POLICY, REGKEY_WINLOGON, REGVAL_SFCDLLCACHEDIR );
  1369. if (s == NULL) {
  1370. s = DLLCACHE_DIR_DEFAULT;
  1371. FreeMem = FALSE;
  1372. }
  1374. Status = ExpandPathString(
  1375. s,
  1376. UnicodeLen(s),
  1377. NULL,
  1378. &SfcProtectedDllPath,
  1379. NULL
  1380. );
  1381. if (NT_SUCCESS(Status)) {
  1382. WCHAR DontCare[MAX_PATH];
  1383. DWORD DriveType;
  1385. DebugPrint1(LVL_MINIMAL,
  1386. L"cache dir name=[%ws]",
  1387. SfcProtectedDllPath.Buffer);
  1389. DriveType = SfcGetPathType(
  1390. SfcProtectedDllPath.Buffer,
  1391. DontCare,
  1392. UnicodeChars(DontCare));
  1393. if (DriveType != PATH_LOCAL) {
  1394. DebugPrint2(LVL_MINIMAL,
  1395. L"cache dir %ws does not appear to be a local path (type %d), we are disabling cache functionality",
  1396. SfcProtectedDllPath.Buffer,
  1397. DriveType);
  1398. SfcDisableDllCache( SFCDisable != SFC_DISABLE_SETUP );
  1399. goto init;
  1400. }
  1403. //
  1404. // get a handle to the dll cache directory
  1405. //
  1406. SfcProtectedDllFileDirectory = SfcOpenDir(
  1407. TRUE,
  1408. TRUE,
  1409. SfcProtectedDllPath.Buffer );
  1410. if (SfcProtectedDllFileDirectory == NULL) {
  1411. DebugPrint(LVL_MINIMAL,
  1412. L"could not open the cache dir, need to create");
  1413. SfcProtectedDllFileDirectory = SfcCreateDir(
  1414. SfcProtectedDllPath.Buffer,
  1415. TRUE );
  1416. if (SfcProtectedDllFileDirectory == NULL) {
  1417. DebugPrint( LVL_MINIMAL, L"Cannot open ProtectedDllPath" );
  1418. SfcDisableDllCache( SFCDisable != SFC_DISABLE_SETUP );
  1419. } else {
  1420. //
  1421. // force a scan if we just created the dll cache
  1422. //
  1423. SFCScan = SFC_SCAN_ALWAYS;
  1424. }
  1425. }
  1426. } else {
  1427. //
  1428. // dll cache path in registry must be bogus...use default path and
  1429. // set the quota to zero so the cache is effectively disabled.
  1430. //
  1431. SfcDisableDllCache( SFCDisable != SFC_DISABLE_SETUP );
  1432. }
  1434. init:
  1436. if (FreeMem) {
  1437. MemFree( s );
  1438. }
  1440. DebugPrint1(LVL_MINIMAL,
  1441. L"cache dir name=[%ws]",
  1442. SfcProtectedDllPath.Buffer);
  1443. ASSERT( SfcProtectedDllFileDirectory != NULL );
  1445. //
  1446. // now that we have the dll cache initialized, now retrieve the list of
  1447. // files that we will protect. The list of files currently resides in
  1448. // sfcfiles.dll.
  1449. //
  1450. ASSERT(pfGetFiles != NULL);
  1451. Status = pfGetFiles( &Tier2Files, &CountTier2Files );
  1452. if (!NT_SUCCESS(Status)) {
  1453. return Status;
  1454. }
  1456. //
  1457. // Take the file list (we only have the tier2 list) and build an array of
  1458. // SFC_REGISTRY_VALUE structures and store into the SfcProtectedDllsList
  1459. // global
  1460. //
  1462. SfcProtectedDllsList = (PSFC_REGISTRY_VALUE) MemAlloc( sizeof(SFC_REGISTRY_VALUE)*CountTier2Files );
  1463. if (SfcProtectedDllsList == NULL) {
  1464. return(STATUS_NO_MEMORY);
  1465. }
  1467. ASSERT(SfcProtectedDllCount == 0);
  1469. //
  1470. // now associate the data in our tier2 list with each of these structures
  1471. // in the array
  1472. //
  1473. Status = SfcInitializeDllList( Tier2Files, CountTier2Files, &SfcProtectedDllCount );
  1475. if (CountTier2Files != SfcProtectedDllCount) {
  1476. DebugPrint2( LVL_MINIMAL,
  1477. L"incorrect number of files in list: required count: %d actual count %d",
  1478. CountTier2Files,
  1479. SfcProtectedDllCount );
  1480. ASSERT(!NT_SUCCESS(Status));
  1481. } else {
  1482. IgnoreNextChange = (ULONG*) MemAlloc(SfcProtectedDllCount * sizeof(ULONG));
  1484. if(NULL == IgnoreNextChange) {
  1485. Status = STATUS_NO_MEMORY;
  1486. }
  1487. }
  1489. DebugPrint(LVL_MINIMAL, L"leaving SfcInitializeDllLists()");
  1490. return(Status);
  1491. }
  1493. DWORD
  1494. SfcCopyRegValue(
  1495. IN LPCWSTR SourceKeyName,
  1496. IN LPCWSTR SourceValueName,
  1497. IN LPCWSTR DestinationKeyName,
  1498. IN LPCWSTR DestinationValueName
  1499. )
  1500. /*++
  1502. Routine Description:
  1504. Copies a registry value from one key to another.
  1506. Arguments:
  1508. SourceKeyName -path to the source key name
  1509. SourceValueName -path to the source value name
  1510. DestinationKeyName -path to the destination key name
  1511. DestinationValueName -path to the destination value name
  1513. Return Value:
  1515. Win32 error code.
  1517. --*/
  1518. {
  1519. LONG Error = ERROR_SUCCESS;
  1520. HKEY SourceKey = NULL;
  1521. HKEY DestKey = NULL;
  1522. LPBYTE DataPtr = NULL;
  1523. DWORD ValueType;
  1524. DWORD ValueSize;
  1526. Error = RegOpenKeyExW(HKEY_LOCAL_MACHINE, SourceKeyName, 0, KEY_QUERY_VALUE, &SourceKey);
  1528. if(Error != ERROR_SUCCESS) {
  1529. goto exit;
  1530. }
  1532. ValueSize = 0;
  1533. Error = RegQueryValueExW(SourceKey, SourceValueName, NULL, &ValueType, NULL, &ValueSize);
  1535. if(Error != ERROR_SUCCESS) {
  1536. goto exit;
  1537. }
  1539. DataPtr = (LPBYTE) MemAlloc(ValueSize);
  1541. if(NULL == DataPtr) {
  1542. Error = ERROR_NOT_ENOUGH_MEMORY;
  1543. goto exit;
  1544. }
  1546. Error = RegQueryValueExW(SourceKey, SourceValueName, NULL, &ValueType, DataPtr, &ValueSize);
  1548. if(Error != ERROR_SUCCESS) {
  1549. goto exit;
  1550. }
  1552. Error = RegOpenKeyExW(HKEY_LOCAL_MACHINE, DestinationKeyName, 0, KEY_SET_VALUE, &DestKey);
  1554. if(Error != ERROR_SUCCESS) {
  1555. goto exit;
  1556. }
  1558. Error = RegSetValueExW(DestKey, DestinationValueName, 0, ValueType, DataPtr, ValueSize);
  1560. if(Error != ERROR_SUCCESS) {
  1561. goto exit;
  1562. }
  1564. exit:
  1565. if(SourceKey != NULL) {
  1566. RegCloseKey(SourceKey);
  1567. }
  1569. if(DestKey != NULL) {
  1570. RegCloseKey(DestKey);
  1571. }
  1573. MemFree(DataPtr);
  1574. return (DWORD) Error;
  1575. }