archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/base/ntos/config/cmchek.c

1471 lines
52 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1991 Microsoft Corporation
  5. Module Name:
  7. cmchek.c
  9. Abstract:
  11. This module implements consistency checking for the registry.
  12. This module can be linked standalone, cmchek2.c cannot.
  14. Author:
  16. Bryan M. Willman (bryanwi) 27-Jan-92
  18. Environment:
  21. Revision History:
  23. --*/
  25. #include "cmp.h"
  27. #define REG_MAX_PLAUSIBLE_KEY_SIZE \
  28. ((FIELD_OFFSET(CM_KEY_NODE, Name)) + \
  29. (sizeof(WCHAR) * REG_MAX_KEY_NAME_LENGTH) + 16)
  31. extern PCMHIVE CmpMasterHive;
  33. //
  34. // Private prototypes
  35. //
  37. ULONG
  38. CmpCheckRegistry2(
  39. PHHIVE HiveToCheck,
  40. ULONG CheckFlags,
  41. HCELL_INDEX Cell,
  42. HCELL_INDEX ParentCell,
  43. BOOLEAN ResetSD
  44. );
  46. ULONG
  47. CmpCheckKey(
  48. PHHIVE HiveToCheck,
  49. ULONG CheckFlags,
  50. HCELL_INDEX Cell,
  51. HCELL_INDEX ParentCell,
  52. BOOLEAN ResetSD
  53. );
  55. ULONG
  56. CmpCheckValueList(
  57. PHHIVE Hive,
  58. PCELL_DATA List,
  59. ULONG Count,
  60. HCELL_INDEX KeyCell
  61. );
  63. BOOLEAN
  64. CmpCheckLexicographicalOrder ( IN PHHIVE HiveToCheck,
  65. IN HCELL_INDEX PriorSibling,
  66. IN HCELL_INDEX Current
  67. );
  69. #ifdef ALLOC_PRAGMA
  70. #pragma alloc_text(PAGE,CmCheckRegistry)
  71. #pragma alloc_text(PAGE,CmpCheckRegistry2)
  72. #pragma alloc_text(PAGE,CmpCheckKey)
  73. #pragma alloc_text(PAGE,CmpCheckValueList)
  74. #pragma alloc_text(PAGE,CmpCheckLexicographicalOrder)
  76. #ifdef CHECK_REGISTRY_USECOUNT
  77. #pragma alloc_text(PAGE,CmpCheckRegistryUseCount)
  78. #endif
  80. #endif
  82. //
  83. // debug structures
  84. //
  86. extern struct {
  87. PHHIVE Hive;
  88. ULONG Status;
  89. } CmCheckRegistryDebug;
  91. extern struct {
  92. PHHIVE Hive;
  93. ULONG Status;
  94. } CmpCheckRegistry2Debug;
  96. extern struct {
  97. PHHIVE Hive;
  98. ULONG Status;
  99. HCELL_INDEX Cell;
  100. PCELL_DATA CellPoint;
  101. PVOID RootPoint;
  102. ULONG Index;
  103. } CmpCheckKeyDebug;
  105. extern struct {
  106. PHHIVE Hive;
  107. ULONG Status;
  108. PCELL_DATA List;
  109. ULONG Index;
  110. HCELL_INDEX Cell;
  111. PCELL_DATA CellPoint;
  112. } CmpCheckValueListDebug;
  115. ULONG
  116. CmCheckRegistry(
  117. PCMHIVE CmHive,
  118. ULONG Flags
  119. )
  120. /*++
  122. Routine Description:
  124. Check consistency of the registry within a given hive. Start from
  125. root, and check that:
  126. . Each child key points back to its parent.
  127. . All allocated cells are refered to exactly once
  128. (requires looking inside the hive structure...)
  129. [This also detects space leaks.]
  130. . All allocated cells are reachable from the root.
  132. NOTE: Exactly 1 ref rule may change with security.
  134. Arguments:
  136. CmHive - supplies a pointer to the CM hive control structure for the
  137. hive of interest.
  139. Clean - if TRUE, references to volatile cells will be zapped
  140. (done at startup only to avoid groveling hives twice.)
  141. if FALSE, nothing will be changed.
  143. HiveCheck - If TRUE, performs hive consistency check too (i.e. checks
  144. the bins)
  146. Return Value:
  148. 0 if Hive is OK. Error return indicator if not.
  150. RANGE: 3000 - 3999
  152. --*/
  153. {
  154. PHHIVE Hive;
  155. ULONG rc = 0;
  156. ULONG Storage;
  157. PRELEASE_CELL_ROUTINE ReleaseCellRoutine;
  158. BOOLEAN ResetSD = FALSE;
  160. if (CmHive == CmpMasterHive) {
  161. return(0);
  162. }
  164. CmCheckRegistryDebug.Hive = (PHHIVE)CmHive;
  165. CmCheckRegistryDebug.Status = 0;
  168. //
  169. // check the underlying hive and get storage use
  170. //
  171. Hive = &CmHive->Hive;
  173. if( Flags & CM_CHECK_REGISTRY_HIVE_CHECK ) {
  174. rc = HvCheckHive(Hive, &Storage);
  175. if (rc != 0) {
  176. CmCheckRegistryDebug.Status = rc;
  177. return rc;
  178. }
  179. }
  181. //
  182. // Store the release cell procedure so we can restore at the end;
  183. // Set it to NULL so we don't count : this saves us some pain during the check
  184. //
  185. ReleaseCellRoutine = Hive->ReleaseCellRoutine;
  186. Hive->ReleaseCellRoutine = NULL;
  188. //
  189. // Validate all the security descriptors in the hive
  190. //
  191. if (!CmpValidateHiveSecurityDescriptors(Hive,&ResetSD)) {
  192. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmCheckRegistry:"));
  193. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL," CmpValidateHiveSecurityDescriptors failed\n"));
  194. rc = 3040;
  195. CmCheckRegistryDebug.Status = rc;
  196. Hive->ReleaseCellRoutine = ReleaseCellRoutine;
  197. return rc;
  198. }
  200. rc = CmpCheckRegistry2((PHHIVE)CmHive,Flags,Hive->BaseBlock->RootCell, HCELL_NIL,ResetSD);
  202. //
  203. // Print a bit of a summary (make sure this data avail in all error cases)
  204. //
  205. if (rc > 0) {
  206. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmCheckRegistry Failed (%d): CmHive:%p\n", rc, CmHive));
  207. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL," Hive:%p Root:%08lx\n", Hive, Hive->BaseBlock->RootCell));
  208. }
  210. //
  211. // restore the release cell routine
  212. // this saves us some pain during the check
  213. //
  214. Hive->ReleaseCellRoutine = ReleaseCellRoutine;
  216. return rc;
  217. }
  219. #ifndef _CM_LDR_
  221. ULONG
  222. CmpCheckRegistry2(
  223. PHHIVE HiveToCheck,
  224. ULONG CheckFlags,
  225. HCELL_INDEX Cell,
  226. HCELL_INDEX ParentCell,
  227. BOOLEAN ResetSD
  228. )
  229. /*++
  231. Routine Description:
  233. Check consistency of the registry, from a particular cell on down.
  235. . Check that the cell's value list, child key list, class,
  236. security are OK.
  237. . Check that each value entry IN the list is OK.
  238. . Apply self to each child key list.
  241. This version uses a stack in order to parse the tree "in-depth",
  242. but not to touch any key_node.
  244. Arguments:
  246. Cell - HCELL_INDEX of subkey to work on.
  248. ParentCell - expected value of parent cell for Cell, unless
  249. HCELL_NIL, in which case ignore.
  251. Return Value:
  253. 0 if Hive is OK. Error return indicator if not.
  255. RANGE: 4000 - 4999
  257. --*/
  258. {
  259. PCMP_CHECK_REGISTRY_STACK_ENTRY CheckStack;
  260. LONG StackIndex;
  261. PCM_KEY_NODE Node;
  262. ULONG rc = 0;
  263. HCELL_INDEX SubKey;
  266. CmpCheckRegistry2Debug.Hive = HiveToCheck;
  267. CmpCheckRegistry2Debug.Status = 0;
  269. ASSERT( HiveToCheck->ReleaseCellRoutine == NULL );
  271. //
  272. // Initialize the stack to simulate recursion here
  273. //
  275. CmRetryExAllocatePoolWithTag(PagedPool,sizeof(CMP_CHECK_REGISTRY_STACK_ENTRY)*CMP_MAX_REGISTRY_DEPTH,CM_POOL_TAG|PROTECTED_POOL,CheckStack);
  276. if (CheckStack == NULL) {
  277. CmpCheckRegistry2Debug.Status = 4099;
  278. return 4099;
  279. }
  281. Restart:
  283. CheckStack[0].Cell = Cell;
  284. CheckStack[0].ParentCell = ParentCell;
  285. CheckStack[0].PriorSibling = HCELL_NIL;
  286. CheckStack[0].ChildIndex = 0;
  287. CheckStack[0].CellChecked = FALSE;
  288. StackIndex = 0;
  291. while(StackIndex >=0) {
  292. //
  293. // first check the current cell
  294. //
  295. if( CheckStack[StackIndex].CellChecked == FALSE ) {
  296. CheckStack[StackIndex].CellChecked = TRUE;
  298. rc = CmpCheckKey(HiveToCheck,CheckFlags,CheckStack[StackIndex].Cell, CheckStack[StackIndex].ParentCell,ResetSD);
  299. if (rc != 0) {
  300. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tChild is list entry #%08lx\n", CheckStack[StackIndex].ChildIndex));
  301. CmpCheckRegistry2Debug.Status = rc;
  302. YankKey:
  303. if( CmDoSelfHeal() && StackIndex ) { // root cell damage is fatal.
  304. //
  305. // delete this key from the parent's list and restart the whole iteration (not best performance, but safest).
  306. //
  307. if( !CmpRemoveSubKeyCellNoCellRef(HiveToCheck,CheckStack[StackIndex].ParentCell,CheckStack[StackIndex].Cell) ) {
  308. //
  309. // unable to delete subkey; punt.
  310. //
  311. break;
  312. }
  313. CmMarkSelfHeal(HiveToCheck);
  314. rc = 0;
  315. goto Restart;
  316. } else {
  317. // bail out
  318. break;
  319. }
  320. } else if( StackIndex > 0 ) {
  321. //
  322. // key is OK, check lexicographical order with PriorSibling
  323. //
  324. if( CheckStack[StackIndex-1].PriorSibling != HCELL_NIL ) {
  326. ASSERT( CheckStack[StackIndex-1].Cell == CheckStack[StackIndex].ParentCell );
  328. if( !CmpCheckLexicographicalOrder(HiveToCheck,CheckStack[StackIndex-1].PriorSibling,CheckStack[StackIndex].Cell) ) {
  329. //
  330. // invalid order
  331. //
  332. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\t Invalid subkey ordering key #%08lx\n", CheckStack[StackIndex].Cell));
  333. CmpCheckRegistry2Debug.Status = 4091;
  334. rc = 4091;
  335. // attempt to yank the key
  336. goto YankKey;
  337. }
  338. }
  339. CheckStack[StackIndex-1].PriorSibling = CheckStack[StackIndex].Cell;
  340. }
  341. }
  343. Node = (PCM_KEY_NODE)HvGetCell(HiveToCheck, CheckStack[StackIndex].Cell);
  344. if( Node == NULL ) {
  345. //
  346. // we couldn't map a view for the bin containing this cell
  347. //
  348. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCould not map cell #%08lx\n", CheckStack[StackIndex].Cell));
  349. CmpCheckRegistry2Debug.Status = 4098;
  350. rc = 4098;
  351. // bail out
  352. break;
  353. }
  355. if( CheckStack[StackIndex].ChildIndex < Node->SubKeyCounts[Stable] ) {
  356. //
  357. // we still have childs to check; add another entry for them and advance the
  358. // StackIndex
  359. //
  360. SubKey = CmpFindSubKeyByNumber(HiveToCheck,
  361. Node,
  362. CheckStack[StackIndex].ChildIndex);
  363. if( SubKey == HCELL_NIL ) {
  364. //
  365. // we couldn't map cell;bail out
  366. //
  367. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCould not map cell #%08lx\n", CheckStack[StackIndex].Cell));
  368. CmpCheckRegistry2Debug.Status = 4097;
  369. rc = 4097;
  370. break;
  371. }
  372. //
  373. // next iteration will check the next child
  374. //
  375. CheckStack[StackIndex].ChildIndex++;
  377. StackIndex++;
  378. if( StackIndex == CMP_MAX_REGISTRY_DEPTH ) {
  379. //
  380. // we've run out of stack; registry tree has too many levels
  381. //
  382. CmpCheckRegistry2Debug.Status = 4096;
  383. rc = 4096;
  384. // bail out
  385. break;
  386. }
  387. CheckStack[StackIndex].Cell = SubKey;
  388. CheckStack[StackIndex].ParentCell = CheckStack[StackIndex-1].Cell;
  389. CheckStack[StackIndex].PriorSibling = HCELL_NIL;
  390. CheckStack[StackIndex].ChildIndex = 0;
  391. CheckStack[StackIndex].CellChecked = FALSE;
  393. } else {
  394. //
  395. // we have checked all childs for this node; go back
  396. //
  397. StackIndex--;
  399. }
  401. }
  403. ExFreePoolWithTag(CheckStack, CM_POOL_TAG|PROTECTED_POOL);
  404. return rc;
  405. }
  407. #else
  409. ULONG
  410. CmpCheckRegistry2(
  411. PHHIVE HiveToCheck,
  412. ULONG CheckFlags,
  413. HCELL_INDEX Cell,
  414. HCELL_INDEX ParentCell,
  415. BOOLEAN ResetSD
  416. )
  417. /*++
  419. Routine Description:
  421. Check consistency of the registry, from a particular cell on down.
  423. . Check that the cell's value list, child key list, class,
  424. security are OK.
  425. . Check that each value entry IN the list is OK.
  426. . Apply self to each child key list.
  428. Arguments:
  430. Cell - HCELL_INDEX of subkey to work on.
  432. ParentCell - expected value of parent cell for Cell, unless
  433. HCELL_NIL, in which case ignore.
  435. Return Value:
  437. 0 if Hive is OK. Error return indicator if not.
  439. RANGE: 4000 - 4999
  441. --*/
  442. {
  443. ULONG Index;
  444. HCELL_INDEX StartCell;
  445. HCELL_INDEX SubKey;
  446. ULONG rc = 0;
  447. PCELL_DATA pcell;
  448. PCM_KEY_NODE Node;
  449. HCELL_INDEX EnterParent = ParentCell;
  450. HCELL_INDEX EnterCell = Cell;
  453. CmpCheckRegistry2Debug.Hive = HiveToCheck;
  454. CmpCheckRegistry2Debug.Status = 0;
  456. ASSERT( HiveToCheck->ReleaseCellRoutine == NULL );
  458. Restart:
  459. Cell = EnterCell;
  460. ParentCell = EnterParent;
  461. StartCell = EnterCell;
  462. Index = 0;
  463. //
  464. // A jump to NewKey amounts to a virtual call to check the
  465. // next child cell. (a descent into the tree)
  466. //
  467. // Cell, ParentCell, Index, and globals are defined
  468. //
  469. NewKey:
  470. rc = CmpCheckKey(HiveToCheck,CheckFlags,Cell, ParentCell,ResetSD);
  471. if (rc != 0) {
  472. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tChild is list entry #%08lx\n", Index));
  473. CmpCheckRegistry2Debug.Status = rc;
  474. if( CmDoSelfHeal() && (Cell != EnterCell)) { // root cell damage is fatal.
  475. //
  476. // delete this key from the parent's list and restart the whole iteration (not best performance, but safest).
  477. //
  478. if( !CmpRemoveSubKeyCellNoCellRef(HiveToCheck,ParentCell,Cell) ) {
  479. //
  480. // unable to delete subkey; punt.
  481. //
  482. return rc;
  483. }
  484. CmMarkSelfHeal(HiveToCheck);
  485. rc = 0;
  486. goto Restart;
  487. } else {
  488. // bail out
  489. return rc;
  490. }
  491. }
  493. //
  494. // save Index and check out children
  495. //
  496. pcell = HvGetCell(HiveToCheck, Cell);
  497. if( pcell == NULL ) {
  498. //
  499. // we couldn't map a view for the bin containing this cell
  500. //
  501. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCould not map cell #%08lx\n", Cell));
  502. CmpCheckRegistry2Debug.Status = 4099;
  503. return 4099;
  504. }
  505. pcell->u.KeyNode.WorkVar = Index;
  507. for (Index = 0; Index<pcell->u.KeyNode.SubKeyCounts[Stable]; Index++) {
  509. Node = (PCM_KEY_NODE)HvGetCell(HiveToCheck,Cell);
  510. if( Node == NULL ) {
  511. //
  512. // we couldn't map a view for the bin containing this cell
  513. //
  514. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCould not map cell #%08lx\n", Cell));
  515. CmpCheckRegistry2Debug.Status = 4098;
  516. return 4098;
  517. }
  518. SubKey = CmpFindSubKeyByNumber(HiveToCheck,
  519. Node,
  520. Index);
  521. if( SubKey == HCELL_NIL ) {
  522. //
  523. // we couldn't map cell;bail out
  524. //
  525. return 0;
  526. }
  528. //
  529. // "recurse" onto child
  530. //
  531. ParentCell = Cell;
  532. Cell = SubKey;
  533. goto NewKey;
  535. ResumeKey:; // A jump here is a virtual return
  536. // Cell, ParentCell and Index
  537. // must be defined
  538. }
  540. //
  541. // since we're here, we've checked out all the children
  542. // of the current cell.
  543. //
  544. if (Cell == StartCell) {
  546. //
  547. // we are done
  548. //
  549. return 0;
  550. }
  552. //
  553. // "return" to "parent instance"
  554. //
  555. pcell = HvGetCell(HiveToCheck, Cell);
  556. if( pcell == NULL ) {
  557. //
  558. // we couldn't map a view for the bin containing this cell
  559. //
  560. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCould not map cell #%08lx\n", Cell));
  561. CmpCheckRegistry2Debug.Status = 4097;
  562. return 4097;
  563. }
  565. Index = pcell->u.KeyNode.WorkVar;
  567. Cell = ParentCell;
  569. pcell = HvGetCell(HiveToCheck, Cell);
  570. if( pcell == NULL ) {
  571. //
  572. // we couldn't map a view for the bin containing this cell
  573. //
  574. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCould not map cell #%08lx\n", Cell));
  575. CmpCheckRegistry2Debug.Status = 4096;
  576. return 4096;
  577. }
  578. ParentCell = pcell->u.KeyNode.Parent;
  580. goto ResumeKey;
  581. }
  583. #endif //_CM_LDR_
  585. #if DBG
  587. #define VOLATILE_KEY_NAME_LENGTH PAGE_SIZE
  589. HCELL_INDEX CmpKeyCellDebug = 0;
  590. WCHAR CmpVolatileKeyNameBuffer[VOLATILE_KEY_NAME_LENGTH/2];
  591. #endif //DBG
  593. ULONG
  594. CmpCheckKey(
  595. PHHIVE HiveToCheck,
  596. ULONG CheckFlags,
  597. HCELL_INDEX Cell,
  598. HCELL_INDEX ParentCell,
  599. BOOLEAN ResetSD
  600. )
  601. /*++
  603. Routine Description:
  605. Check consistency of the registry, for a particular cell
  607. . Check that the cell's value list, child key list, class,
  608. security are OK.
  609. . Check that each value entry IN the list is OK.
  611. Arguments:
  613. Cell - HCELL_INDEX of subkey to work on.
  615. ParentCell - expected value of parent cell for Cell, unless
  616. HCELL_NIL, in which case ignore.
  618. Return Value:
  620. 0 if Hive is OK. Error return indicator if not.
  622. RANGE: 4000 - 4999
  624. --*/
  625. {
  626. PCELL_DATA pcell;
  627. ULONG size;
  628. ULONG usedlen;
  629. ULONG ClassLength;
  630. HCELL_INDEX Class;
  631. ULONG ValueCount;
  632. HCELL_INDEX ValueList;
  633. HCELL_INDEX Security;
  634. ULONG rc = 0;
  635. ULONG nrc = 0;
  636. ULONG i;
  637. PCM_KEY_INDEX Root;
  638. PCM_KEY_INDEX Leaf;
  639. ULONG SubCount;
  641. CmpCheckKeyDebug.Hive = HiveToCheck;
  642. CmpCheckKeyDebug.Status = 0;
  643. CmpCheckKeyDebug.Cell = Cell;
  644. CmpCheckKeyDebug.CellPoint = NULL;
  645. CmpCheckKeyDebug.RootPoint = NULL;
  646. CmpCheckKeyDebug.Index = (ULONG)-1;
  648. #if DBG
  649. if(CmpKeyCellDebug == Cell) {
  650. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_TRACE_LEVEL,"Hive = %p :: Cell to debug = %lx\n",HiveToCheck,(ULONG)Cell));
  651. DbgBreakPoint();
  652. }
  653. #endif //DBG
  655. //
  656. // Check key itself
  657. //
  658. if (! HvIsCellAllocated(HiveToCheck, Cell)) {
  659. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: HiveToCheck:%p Cell:%08lx\n", HiveToCheck, Cell));
  660. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tNot allocated\n"));
  661. rc = 4010;
  662. CmpCheckKeyDebug.Status = rc;
  663. return rc;
  664. }
  665. pcell = HvGetCell(HiveToCheck, Cell);
  666. if( pcell == NULL ) {
  667. //
  668. // we couldn't map a view for the bin containing this cell
  669. //
  670. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCould not map cell #%08lx\n", Cell));
  671. CmpCheckKeyDebug.Status = 4095;
  672. return 4095;
  673. }
  675. CmpCheckKeyDebug.CellPoint = pcell;
  677. size = HvGetCellSize(HiveToCheck, pcell);
  678. if (size > REG_MAX_PLAUSIBLE_KEY_SIZE) {
  679. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: HiveToCheck:%p Cell:%08lx\n", HiveToCheck, Cell));
  680. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tImplausible size %lx\n", size));
  681. rc = 4020;
  682. CmpCheckKeyDebug.Status = rc;
  683. return rc;
  684. }
  685. usedlen = FIELD_OFFSET(CM_KEY_NODE, Name) + pcell->u.KeyNode.NameLength;
  686. if( (!pcell->u.KeyNode.NameLength) || (usedlen > size)) {
  687. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: HiveToCheck:%p Cell:%08lx\n", HiveToCheck, Cell));
  688. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tKey is bigger than containing cell.\n"));
  689. rc = 4030;
  690. CmpCheckKeyDebug.Status = rc;
  691. return rc;
  692. }
  693. if (pcell->u.KeyNode.Signature != CM_KEY_NODE_SIGNATURE) {
  694. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: HiveToCheck:%p Cell:%08lx\n", HiveToCheck, Cell));
  695. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tNo key signature\n"));
  696. rc = 4040;
  697. CmpCheckKeyDebug.Status = rc;
  698. if( CmDoSelfHeal() ) {
  699. //
  700. // this could be only signature corruption; fix it;
  701. //
  702. if( HvMarkCellDirty(HiveToCheck, Cell) ) {
  703. pcell->u.KeyNode.Signature = CM_KEY_NODE_SIGNATURE;
  704. rc = 0;
  705. CmMarkSelfHeal(HiveToCheck);
  706. } else {
  707. return rc;
  708. }
  709. } else {
  710. return rc;
  711. }
  712. }
  713. if (ParentCell != HCELL_NIL) {
  714. if (pcell->u.KeyNode.Parent != ParentCell) {
  715. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: HiveToCheck:%p Cell:%08lx\n", HiveToCheck, Cell));
  716. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tWrong parent value.\n"));
  717. rc = 4045;
  718. CmpCheckKeyDebug.Status = rc;
  719. if( CmDoSelfHeal() ) {
  720. //
  721. // this could isolated corruption; fix it;
  722. //
  723. if( HvMarkCellDirty(HiveToCheck, Cell) ) {
  724. pcell->u.KeyNode.Parent = ParentCell;
  725. CmMarkSelfHeal(HiveToCheck);
  726. rc = 0;
  727. } else {
  728. return rc;
  729. }
  730. } else {
  731. return rc;
  732. }
  733. }
  734. }
  735. ClassLength = pcell->u.KeyNode.ClassLength;
  736. Class = pcell->u.KeyNode.Class;
  737. ValueCount = pcell->u.KeyNode.ValueList.Count;
  738. ValueList = pcell->u.KeyNode.ValueList.List;
  739. Security = pcell->u.KeyNode.Security;
  741. //
  742. // Check simple non-empty cases
  743. //
  744. if (ClassLength > 0) {
  745. if( Class == HCELL_NIL ) {
  746. pcell->u.KeyNode.ClassLength = 0;
  747. HvMarkCellDirty(HiveToCheck, Cell);
  748. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: HiveToCheck:%p Cell:%08lx has ClassLength = %lu and Class == HCELL_NIL\n", HiveToCheck, Cell,ClassLength));
  749. } else {
  750. if (HvIsCellAllocated(HiveToCheck, Class) == FALSE) {
  751. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: HiveToCheck:%p Cell:%08lx\n", HiveToCheck, Cell));
  752. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tClass:%08lx - unallocated class\n", Class));
  753. rc = 4080;
  754. CmpCheckKeyDebug.Status = rc;
  755. if( CmDoSelfHeal() ) {
  756. //
  757. // yank the class
  758. //
  759. if( HvMarkCellDirty(HiveToCheck, Cell) ) {
  760. pcell->u.KeyNode.Class = HCELL_NIL;
  761. pcell->u.KeyNode.ClassLength = 0;
  762. CmMarkSelfHeal(HiveToCheck);
  763. rc = 0;
  764. } else {
  765. return rc;
  766. }
  767. } else {
  768. return rc;
  769. }
  770. }
  771. }
  772. }
  774. if (Security != HCELL_NIL) {
  775. if ((HvIsCellAllocated(HiveToCheck, Security) == FALSE) ||
  776. ((ParentCell != HCELL_NIL) && CmDoSelfHeal() && ResetSD) ) {
  777. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: HiveToCheck:%p Cell:%08lx\n", HiveToCheck, Cell));
  778. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tSecurity:%08lx - unallocated security\n", Security));
  779. rc = 4090;
  780. CmpCheckKeyDebug.Status = rc;
  781. goto SetParentSecurity;
  782. }
  783. //
  784. // Else CmpValidateHiveSecurityDescriptors must do computation
  785. //
  786. } else {
  787. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"SecurityCell is HCELL_NIL for (%p,%08lx) !!!\n", HiveToCheck, Cell));
  788. rc = 4130;
  789. CmpCheckKeyDebug.Status = rc;
  790. SetParentSecurity:
  791. if( CmDoSelfHeal() ) {
  792. //
  793. // attempt to set the same security as it's parent
  794. //
  795. PCM_KEY_NODE ParentNode = NULL;
  796. PCM_KEY_SECURITY SecurityNode = NULL;
  798. if( ParentCell != HCELL_NIL ) {
  799. ParentNode = (PCM_KEY_NODE )HvGetCell(HiveToCheck, ParentCell);
  800. SecurityNode = (PCM_KEY_SECURITY)HvGetCell(HiveToCheck, ParentNode->Security);
  801. }
  803. if( ParentNode == NULL || SecurityNode == NULL ) {
  804. //
  805. // we couldn't map a view for the bin containing this cell
  806. //
  807. return rc;
  808. }
  810. if( HvMarkCellDirty(HiveToCheck, Cell) && HvMarkCellDirty(HiveToCheck, ParentNode->Security) ) {
  811. pcell->u.KeyNode.Security = ParentNode->Security;
  812. SecurityNode->ReferenceCount++;
  813. rc = 0;
  814. CmMarkSelfHeal(HiveToCheck);
  815. } else {
  816. return rc;
  817. }
  818. } else {
  819. return rc;
  820. }
  822. }
  824. //
  825. // Check value list case
  826. //
  827. if (ValueCount > 0) {
  828. if (HvIsCellAllocated(HiveToCheck, ValueList) == FALSE) {
  829. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: HiveToCheck:%p Cell:%08lx\n", HiveToCheck, Cell));
  830. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tValueList:%08lx - unallocated valuelist\n", ValueList));
  831. rc = 4100;
  832. CmpCheckKeyDebug.Status = rc;
  833. goto YankValueList;
  834. } else {
  835. pcell = HvGetCell(HiveToCheck, ValueList);
  836. if( pcell == NULL ) {
  837. //
  838. // we couldn't map a view for the bin containing this cell
  839. //
  840. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCould not map cell #%08lx\n", ValueList));
  841. CmpCheckKeyDebug.Status = 4094;
  842. return 4094;
  843. }
  844. if( ValueCount * sizeof(HCELL_INDEX) > (ULONG)HvGetCellSize(HiveToCheck,pcell) ) {
  845. //
  846. // implausible value count.
  847. //
  848. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: HiveToCheck:%p Cell:%08lx\n", HiveToCheck, Cell));
  849. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tValueList:%08lx - Implausible ValueCount = %08lx\n", ValueList,ValueCount));
  850. rc = 4095;
  851. CmpCheckKeyDebug.Status = rc;
  852. goto YankValueList;
  853. }
  855. nrc = CmpCheckValueList(HiveToCheck, pcell, ValueCount,Cell);
  856. if (nrc != 0) {
  857. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"List was for HiveToCheck:%p Cell:%08lx\n", HiveToCheck, Cell));
  858. rc = nrc;
  859. CmpCheckKeyDebug.CellPoint = pcell;
  860. CmpCheckKeyDebug.Status = rc;
  861. YankValueList:
  862. if( CmDoSelfHeal() ) {
  863. PCM_KEY_NODE KeyNode;
  864. //
  865. // make the key valueless
  866. //
  867. if( HvMarkCellDirty(HiveToCheck, Cell) && (KeyNode = (PCM_KEY_NODE)HvGetCell(HiveToCheck, Cell) ) ) {
  868. KeyNode->ValueList.Count = 0;
  869. KeyNode->ValueList.List = HCELL_NIL;
  870. CmMarkSelfHeal(HiveToCheck);
  871. rc = 0;
  872. } else {
  873. return rc;
  874. }
  875. } else {
  876. return rc;
  877. }
  878. }
  879. }
  880. }
  883. //
  884. // Check subkey list case
  885. //
  887. pcell = HvGetCell(HiveToCheck, Cell);
  888. if( pcell == NULL ) {
  889. //
  890. // we couldn't map a view for the bin containing this cell
  891. //
  892. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCould not map cell #%08lx\n", Cell));
  893. CmpCheckKeyDebug.Status = 4093;
  894. return 4093;
  895. }
  896. CmpCheckKeyDebug.CellPoint = pcell;
  897. if ((HvGetCellType(Cell) == Volatile) &&
  898. (pcell->u.KeyNode.SubKeyCounts[Stable] != 0))
  899. {
  900. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: HiveToCheck:%p Cell:%08lx\n", HiveToCheck, Cell));
  901. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tVolatile Cell has Stable children\n"));
  902. rc = 4108;
  903. CmpCheckKeyDebug.Status = rc;
  904. return rc;
  905. } else if (pcell->u.KeyNode.SubKeyCounts[Stable] > 0) {
  906. if (! HvIsCellAllocated(HiveToCheck, pcell->u.KeyNode.SubKeyLists[Stable])) {
  907. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: HiveToCheck:%p Cell:%08lx\n", HiveToCheck, Cell));
  908. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tStableKeyList:%08lx - unallocated\n", pcell->u.KeyNode.SubKeyLists[Stable]));
  909. rc = 4110;
  910. CmpCheckKeyDebug.Status = rc;
  911. goto YankStableSubkeys;
  912. } else {
  913. //
  914. // Prove that the index is OK
  915. //
  916. Root = (PCM_KEY_INDEX)HvGetCell(
  917. HiveToCheck,
  918. pcell->u.KeyNode.SubKeyLists[Stable]
  919. );
  920. if( Root == NULL ) {
  921. //
  922. // we couldn't map a view for the bin containing this cell
  923. //
  924. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCould not map cell #%08lx\n", pcell->u.KeyNode.SubKeyLists[Stable]));
  925. CmpCheckKeyDebug.Status = 4093;
  926. return 4093;
  927. }
  928. CmpCheckKeyDebug.RootPoint = Root;
  929. if ((Root->Signature == CM_KEY_INDEX_LEAF) ||
  930. (Root->Signature == CM_KEY_FAST_LEAF) ||
  931. (Root->Signature == CM_KEY_HASH_LEAF) ) {
  932. if ((ULONG)Root->Count != pcell->u.KeyNode.SubKeyCounts[Stable]) {
  933. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: HiveToCheck:%p Cell:%08lx\n", HiveToCheck, Cell));
  934. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tBad Index count @%08lx\n", Root));
  935. rc = 4120;
  936. CmpCheckKeyDebug.Status = rc;
  937. if( CmDoSelfHeal() ) {
  938. //
  939. // fix the subkeycount
  940. //
  941. if( HvMarkCellDirty(HiveToCheck, Cell) ) {
  942. pcell->u.KeyNode.SubKeyCounts[Stable] = (ULONG)Root->Count;
  943. CmMarkSelfHeal(HiveToCheck);
  944. rc = 0;
  945. } else {
  946. return rc;
  947. }
  948. } else {
  949. return rc;
  950. }
  951. }
  952. } else if (Root->Signature == CM_KEY_INDEX_ROOT) {
  953. SubCount = 0;
  954. for (i = 0; i < Root->Count; i++) {
  955. CmpCheckKeyDebug.Index = i;
  956. if (! HvIsCellAllocated(HiveToCheck, Root->List[i])) {
  957. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: Hive:%p Cell:%08lx\n", HiveToCheck, Cell));
  958. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tBad Leaf Cell %08lx Root@%08lx\n", Root->List[i], Root));
  959. rc = 4130;
  960. CmpCheckKeyDebug.Status = rc;
  961. goto YankStableSubkeys;
  962. }
  963. Leaf = (PCM_KEY_INDEX)HvGetCell(HiveToCheck,
  964. Root->List[i]);
  965. if( Leaf == NULL ) {
  966. //
  967. // we couldn't map a view for the bin containing this cell
  968. //
  969. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCould not map cell #%08lx\n", Root->List[i]));
  970. CmpCheckKeyDebug.Status = 4092;
  971. return 4092;
  972. }
  974. if ((Leaf->Signature != CM_KEY_INDEX_LEAF) &&
  975. (Leaf->Signature != CM_KEY_FAST_LEAF) &&
  976. (Leaf->Signature != CM_KEY_HASH_LEAF) ) {
  977. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: HiveToCheck:%p Cell:%08lx\n", HiveToCheck, Cell));
  978. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tBad Leaf Index @%08lx Root@%08lx\n", Leaf, Root));
  979. rc = 4140;
  980. CmpCheckKeyDebug.Status = rc;
  981. goto YankStableSubkeys;
  982. }
  983. SubCount += Leaf->Count;
  984. }
  985. if (pcell->u.KeyNode.SubKeyCounts[Stable] != SubCount) {
  986. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: HiveToCheck:%p Cell:%08lx\n", HiveToCheck, Cell));
  987. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tBad count in index, SubCount=%08lx\n", SubCount));
  988. rc = 4150;
  989. CmpCheckKeyDebug.Status = rc;
  990. if( CmDoSelfHeal() ) {
  991. //
  992. // fix the subkeycount
  993. //
  994. if( HvMarkCellDirty(HiveToCheck, Cell) ) {
  995. pcell->u.KeyNode.SubKeyCounts[Stable] = SubCount;
  996. CmMarkSelfHeal(HiveToCheck);
  997. rc = 0;
  998. } else {
  999. return rc;
  1000. }
  1001. } else {
  1002. return rc;
  1003. }
  1004. }
  1005. } else {
  1006. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckKey: HiveToCheck:%p Cell:%08lx\n", HiveToCheck, Cell));
  1007. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tBad Root index signature @%08lx\n", Root));
  1008. rc = 4120;
  1009. CmpCheckKeyDebug.Status = rc;
  1010. goto YankStableSubkeys;
  1011. }
  1012. }
  1013. }
  1014. if( FALSE ) {
  1015. YankStableSubkeys:
  1016. if( CmDoSelfHeal() ) {
  1017. //
  1018. // mark the key as no subkeys
  1019. //
  1020. if( HvMarkCellDirty(HiveToCheck, Cell) ) {
  1021. pcell->u.KeyNode.SubKeyCounts[Stable] = 0;
  1022. pcell->u.KeyNode.SubKeyLists[Stable] = HCELL_NIL;
  1023. CmMarkSelfHeal(HiveToCheck);
  1024. rc = 0;
  1025. } else {
  1026. return rc;
  1027. }
  1028. } else {
  1029. return rc;
  1030. }
  1031. }
  1032. //
  1033. // force volatiles to be empty, if this is a load operation
  1034. //
  1035. if ( (CheckFlags & CM_CHECK_REGISTRY_FORCE_CLEAN) || // force clear out volatile info
  1036. (
  1037. ( CheckFlags & (CM_CHECK_REGISTRY_CHECK_CLEAN | CM_CHECK_REGISTRY_LOADER_CLEAN) ) && // if asked to clear volatile info
  1038. ( pcell->u.KeyNode.SubKeyCounts[Volatile] != 0 ) // there is some volatile info saved from a previous version
  1039. ) ||
  1040. (
  1041. ( CheckFlags & CM_CHECK_REGISTRY_SYSTEM_CLEAN ) && // system hive special case; the loader has cleaned only subkeycount
  1042. (( pcell->u.KeyNode.SubKeyLists[Volatile] != HCELL_NIL ) || // now it is our job to clear Subkeylist, too
  1043. (HiveToCheck->Version < HSYS_WHISTLER_BETA1) )
  1044. )
  1046. ) {
  1047. //
  1048. // go ahead and clear the volatile info for this key
  1049. //
  1050. if( CheckFlags & CM_CHECK_REGISTRY_SYSTEM_CLEAN ) {
  1051. //
  1052. // the loader must've left this on the previous value and cleared only the count
  1053. //
  1054. ASSERT( pcell->u.KeyNode.SubKeyLists[Volatile] == 0xBAADF00D || HiveToCheck->Version < HSYS_WHISTLER_BETA1 );
  1055. ASSERT( pcell->u.KeyNode.SubKeyCounts[Volatile] == 0 );
  1056. #if DBG
  1057. #ifndef _CM_LDR_
  1058. //
  1059. // see who those volatile keys are
  1060. //
  1061. {
  1062. ULONG TotalLength = 0;
  1063. HCELL_INDEX CurrCell = Cell;
  1064. PCM_KEY_NODE CurrNode;
  1065. PUCHAR Dest;
  1066. ULONG k;
  1068. Dest = ((PUCHAR)CmpVolatileKeyNameBuffer) + VOLATILE_KEY_NAME_LENGTH - 2;
  1069. while(TRUE) {
  1070. CurrNode = (PCM_KEY_NODE)HvGetCell(HiveToCheck,CurrCell);
  1071. Dest -= CurrNode->NameLength;
  1072. TotalLength += CurrNode->NameLength;
  1073. if (CurrNode->Flags & KEY_COMP_NAME) {
  1074. Dest -= CurrNode->NameLength;
  1075. for (k=0;k<CurrNode->NameLength;k++) {
  1076. ((PWCHAR)Dest)[k] = (WCHAR)(((PUCHAR)CurrNode->Name)[k]);
  1077. }
  1078. } else {
  1079. RtlCopyMemory(
  1080. Dest,
  1081. CurrNode->Name,
  1082. CurrNode->NameLength
  1083. );
  1084. }
  1085. Dest -= 2;
  1086. TotalLength += (CurrNode->NameLength +2);
  1087. ((PWCHAR)Dest)[0] = (WCHAR)'\\';
  1088. if( CurrCell == HiveToCheck->BaseBlock->RootCell ) {
  1089. break;
  1090. }
  1091. CurrCell = CurrNode->Parent;
  1092. }
  1093. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_TRACE_LEVEL,"%.*S\n",TotalLength/2,Dest));
  1095. }
  1096. #endif
  1097. #endif
  1099. }
  1101. HvMarkCellDirty(HiveToCheck, Cell);
  1102. //CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_TRACE_LEVEL,"Clear Volatile Info for Hive = %p Cell = %lx\n", HiveToCheck, Cell));
  1103. pcell->u.KeyNode.SubKeyCounts[Volatile] = 0;
  1104. if( (CheckFlags & CM_CHECK_REGISTRY_LOADER_CLEAN) &&
  1105. (HiveToCheck->Version >= HSYS_WHISTLER_BETA1)
  1106. ) {
  1107. //
  1108. // mark this as bad food
  1109. //
  1110. pcell->u.KeyNode.SubKeyLists[Volatile] = 0xBAADF00D;
  1111. } else {
  1112. //
  1113. // clean it up
  1114. //
  1115. pcell->u.KeyNode.SubKeyLists[Volatile] = HCELL_NIL;
  1116. }
  1117. }
  1119. return rc;
  1120. }
  1122. ULONG
  1123. CmpCheckValueList(
  1124. PHHIVE Hive,
  1125. PCELL_DATA List,
  1126. ULONG Count,
  1127. HCELL_INDEX KeyCell
  1128. )
  1129. /*++
  1131. Routine Description:
  1133. Check consistency of a value list.
  1134. . Each element allocated?
  1135. . Each element have valid signature?
  1136. . Data properly allocated?
  1138. Arguments:
  1140. Hive - containing Hive.
  1142. List - pointer to an array of HCELL_INDEX entries.
  1144. Count - number of entries in list.
  1146. Return Value:
  1148. 0 if Hive is OK. Error return indicator if not.
  1150. RANGE: 5000 - 5999
  1152. --*/
  1153. {
  1154. ULONG i = 0,j;
  1155. HCELL_INDEX Cell;
  1156. PCELL_DATA pcell;
  1157. ULONG size;
  1158. ULONG usedlen;
  1159. ULONG DataLength;
  1160. HCELL_INDEX Data;
  1161. ULONG rc = 0;
  1163. CmpCheckValueListDebug.Hive = Hive;
  1164. CmpCheckValueListDebug.Status = 0;
  1165. CmpCheckValueListDebug.List = List;
  1166. CmpCheckValueListDebug.Index = (ULONG)-1;
  1167. CmpCheckValueListDebug.Cell = 0; // NOT HCELL_NIL
  1168. CmpCheckValueListDebug.CellPoint = NULL;
  1170. if( FALSE ) {
  1171. RemoveThisValue:
  1172. if( CmDoSelfHeal() ) {
  1173. //
  1174. // remove value at index i
  1175. //
  1176. PCM_KEY_NODE Node;
  1177. Node = (PCM_KEY_NODE)HvGetCell(Hive,KeyCell);
  1178. if( Node == NULL ) {
  1179. return rc;
  1180. }
  1181. HvReleaseCell(Hive,KeyCell);
  1183. if( HvMarkCellDirty(Hive, KeyCell) &&
  1184. HvMarkCellDirty(Hive, Node->ValueList.List)) {
  1185. Node->ValueList.Count--;
  1186. Count--;
  1187. RtlMoveMemory(&(List->u.KeyList[i]),&(List->u.KeyList[i+1]),(Count - i)*sizeof(HCELL_INDEX));
  1188. rc = 0;
  1189. CmMarkSelfHeal(Hive);
  1190. } else {
  1191. return rc;
  1192. }
  1193. } else {
  1194. return rc;
  1195. }
  1196. }
  1198. for (; i < Count; i++) {
  1200. //
  1201. // Check out value entry's refs.
  1202. //
  1203. Cell = List->u.KeyList[i];
  1204. if (Cell == HCELL_NIL) {
  1205. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckValueList: List:%p i:%08lx\n", List, i));
  1206. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tEntry is null\n"));
  1207. rc = 5010;
  1208. CmpCheckValueListDebug.Status = rc;
  1209. CmpCheckValueListDebug.Index = i;
  1210. CmpCheckValueListDebug.Cell = Cell;
  1211. goto RemoveThisValue;
  1212. }
  1213. if (HvIsCellAllocated(Hive, Cell) == FALSE) {
  1214. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckValueList: List:%p i:%08lx\n", List, i));
  1215. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tEntry is not allocated\n"));
  1216. rc = 5020;
  1217. CmpCheckValueListDebug.Status = rc;
  1218. CmpCheckValueListDebug.Index = i;
  1219. CmpCheckValueListDebug.Cell = Cell;
  1220. goto RemoveThisValue;
  1221. }
  1223. //
  1224. // Check out the value entry itself
  1225. //
  1226. pcell = HvGetCell(Hive, Cell);
  1227. if( pcell == NULL ) {
  1228. //
  1229. // we couldn't map a view for the bin containing this cell
  1230. //
  1231. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCould not map cell #%08lx\n", Cell));
  1232. CmpCheckValueListDebug.Status = 5099;
  1233. CmpCheckValueListDebug.Index = i;
  1234. CmpCheckValueListDebug.Cell = Cell;
  1235. rc = 5099;
  1236. goto Exit;
  1237. }
  1238. size = HvGetCellSize(Hive, pcell);
  1239. if (pcell->u.KeyValue.Signature != CM_KEY_VALUE_SIGNATURE) {
  1240. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckValueList: List:%p i:%08lx\n", List, i));
  1241. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCell:%08lx - invalid value signature\n", Cell));
  1242. rc = 5030;
  1243. CmpCheckValueListDebug.Status = rc;
  1244. CmpCheckValueListDebug.Index = i;
  1245. CmpCheckValueListDebug.Cell = Cell;
  1246. CmpCheckValueListDebug.CellPoint = pcell;
  1247. goto RemoveThisValue;
  1248. }
  1249. usedlen = FIELD_OFFSET(CM_KEY_VALUE, Name) + pcell->u.KeyValue.NameLength;
  1250. if (usedlen > size) {
  1251. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckValueList: List:%p i:%08lx\n", List, i));
  1252. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCell:%08lx - value bigger than containing cell\n", Cell));
  1253. rc = 5040;
  1254. CmpCheckValueListDebug.Status = rc;
  1255. CmpCheckValueListDebug.Index = i;
  1256. CmpCheckValueListDebug.Cell = Cell;
  1257. CmpCheckValueListDebug.CellPoint = pcell;
  1258. goto RemoveThisValue;
  1259. }
  1261. //
  1262. // Check out value entry's data
  1263. //
  1264. DataLength = pcell->u.KeyValue.DataLength;
  1265. if (DataLength < CM_KEY_VALUE_SPECIAL_SIZE) {
  1266. Data = pcell->u.KeyValue.Data;
  1267. if ((DataLength == 0) && (Data != HCELL_NIL)) {
  1268. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckValueList: List:%p i:%08lx\n", List, i));
  1269. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCell:%08lx Data:%08lx - data not null\n", Cell, Data));
  1270. rc = 5050;
  1271. CmpCheckValueListDebug.Status = rc;
  1272. CmpCheckValueListDebug.Index = i;
  1273. CmpCheckValueListDebug.Cell = Cell;
  1274. CmpCheckValueListDebug.CellPoint = pcell;
  1275. goto RemoveThisValue;
  1276. }
  1277. if (DataLength > 0) {
  1278. if (HvIsCellAllocated(Hive, Data) == FALSE) {
  1279. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckValueList: List:%p i:%08lx\n", List, i));
  1280. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCell:%08lx Data:%08lx - unallocated\n", Cell, Data));
  1281. rc = 5060;
  1282. CmpCheckValueListDebug.Status = rc;
  1283. CmpCheckValueListDebug.Index = i;
  1284. CmpCheckValueListDebug.Cell = Cell;
  1285. CmpCheckValueListDebug.CellPoint = pcell;
  1286. goto RemoveThisValue;
  1287. }
  1288. }
  1289. if( CmpIsHKeyValueBig(Hive,DataLength) == TRUE ) {
  1290. PCM_BIG_DATA BigData;
  1291. PHCELL_INDEX Plist;
  1293. BigData = (PCM_BIG_DATA)HvGetCell(Hive, Data);
  1294. if( BigData == NULL ) {
  1295. //
  1296. // we couldn't map a view for the bin containing this cell
  1297. //
  1298. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCould not map cell #%08lx\n", Data));
  1299. CmpCheckValueListDebug.Status = 5098;
  1300. CmpCheckValueListDebug.Index = i;
  1301. CmpCheckValueListDebug.Cell = Data;
  1302. rc = 5098;
  1303. goto Exit;
  1304. }
  1306. if( (BigData->Signature != CM_BIG_DATA_SIGNATURE) ||
  1307. (BigData->Count == 0 ) ||
  1308. (BigData->List == HCELL_NIL)
  1309. ) {
  1310. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tinvalid big data cell #%08lx\n", Data));
  1311. CmpCheckValueListDebug.Status = 5097;
  1312. CmpCheckValueListDebug.Index = i;
  1313. CmpCheckValueListDebug.Cell = Data;
  1314. rc = 5097;
  1315. goto RemoveThisValue;
  1316. }
  1318. if (HvIsCellAllocated(Hive, BigData->List) == FALSE) {
  1319. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckValueList: List:%p i:%08lx\n", List, i));
  1320. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCell:%08lx DataList:%08lx - unallocated\n", Cell, BigData->List));
  1321. rc = 5096;
  1322. CmpCheckValueListDebug.Status = rc;
  1323. CmpCheckValueListDebug.Index = i;
  1324. CmpCheckValueListDebug.Cell = BigData->List;
  1325. CmpCheckValueListDebug.CellPoint = (PCELL_DATA)BigData;
  1326. goto RemoveThisValue;
  1327. }
  1329. Plist = (PHCELL_INDEX)HvGetCell(Hive,BigData->List);
  1330. if( Plist == NULL ) {
  1331. //
  1332. // we couldn't map a view for the bin containing this cell
  1333. //
  1334. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCould not map cell #%08lx\n", BigData->List));
  1335. CmpCheckValueListDebug.Status = 5098;
  1336. CmpCheckValueListDebug.Index = i;
  1337. CmpCheckValueListDebug.Cell = BigData->List;
  1338. rc = 5095;
  1339. goto Exit;
  1340. }
  1342. //
  1343. // check each and every big data cell to see if it is allocated.
  1344. //
  1345. for(j=0;j<BigData->Count;j++) {
  1346. if (HvIsCellAllocated(Hive, Plist[j]) == FALSE) {
  1347. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"CmpCheckValueList: List:%p j:%08lx\n", BigData->List, j));
  1348. CmKdPrintEx((DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"\tCell:%08lx BigData:%08lx - unallocated\n", Plist[j], BigData->List));
  1349. rc = 5094;
  1350. CmpCheckValueListDebug.Status = rc;
  1351. CmpCheckValueListDebug.Index = j;
  1352. CmpCheckValueListDebug.Cell = Plist[j];
  1353. CmpCheckValueListDebug.CellPoint = (PCELL_DATA)BigData;
  1354. goto RemoveThisValue;
  1355. }
  1356. }
  1357. }
  1359. }
  1360. }
  1362. Exit:
  1363. // cleanup
  1365. return rc;
  1366. }
  1368. #ifdef CHECK_REGISTRY_USECOUNT
  1370. extern LIST_ENTRY CmpHiveListHead;
  1372. VOID
  1373. CmpCheckRegistryUseCount( )
  1374. {
  1375. PLIST_ENTRY p;
  1376. PCMHIVE CmHive;
  1378. ASSERT_CM_LOCK_OWNED_EXCLUSIVE();
  1380. LOCK_HIVE_LIST();
  1381. p = CmpHiveListHead.Flink;
  1382. while(p != &CmpHiveListHead) {
  1383. CmHive = CONTAINING_RECORD(p, CMHIVE, HiveList);
  1385. if( CmHive->UseCount != 0 ){
  1386. DbgPrintEx(DPFLTR_CONFIG_ID,DPFLTR_ERROR_LEVEL,"Hive (%p) is supposed to have USECount == 0 at this point; instead UseCount = %lu\n",CmHive,CmHive->UseCount);
  1387. DbgBreakPoint();
  1388. }
  1390. p=p->Flink;
  1391. }
  1392. UNLOCK_HIVE_LIST();
  1394. }
  1395. #endif
  1397. BOOLEAN
  1398. CmpCheckLexicographicalOrder ( IN PHHIVE HiveToCheck,
  1399. IN HCELL_INDEX PriorSibling,
  1400. IN HCELL_INDEX Current
  1401. )
  1402. {
  1403. PCM_KEY_NODE CurrentNode;
  1404. PCM_KEY_NODE PriorNode;
  1405. UNICODE_STRING PriorKeyName;
  1406. UNICODE_STRING CurrentKeyName;
  1408. #ifndef _CM_LDR_
  1409. PAGED_CODE();
  1410. #endif //_CM_LDR_
  1413. CurrentNode = (PCM_KEY_NODE)HvGetCell(HiveToCheck, Current);
  1414. PriorNode = (PCM_KEY_NODE)HvGetCell(HiveToCheck, PriorSibling);
  1415. if( (CurrentNode == NULL) || (PriorNode == NULL ) ) {
  1416. return FALSE;
  1417. }
  1418. if(CurrentNode->Flags & KEY_COMP_NAME) {
  1419. if(PriorNode->Flags & KEY_COMP_NAME) {
  1420. //
  1421. // most usual case
  1422. //
  1423. if( CmpCompareTwoCompressedNames( PriorNode->Name,
  1424. PriorNode->NameLength,
  1425. CurrentNode->Name,
  1426. CurrentNode->NameLength ) >=0 ) {
  1427. return FALSE;
  1428. }
  1429. } else {
  1430. PriorKeyName.Buffer = &(PriorNode->Name[0]);
  1431. PriorKeyName.Length = PriorNode->NameLength;
  1432. PriorKeyName.MaximumLength = PriorKeyName.Length;
  1433. if( CmpCompareCompressedName(&PriorKeyName,
  1434. CurrentNode->Name,
  1435. CurrentNode->NameLength,
  1436. 0) >= 0 ) {
  1437. return FALSE;
  1438. }
  1440. }
  1441. } else {
  1442. if(PriorNode->Flags & KEY_COMP_NAME) {
  1443. CurrentKeyName.Buffer = &(CurrentNode->Name[0]);
  1444. CurrentKeyName.Length = CurrentNode->NameLength;
  1445. CurrentKeyName.MaximumLength = CurrentKeyName.Length;
  1446. if( CmpCompareCompressedName(&CurrentKeyName,
  1447. PriorNode->Name,
  1448. PriorNode->NameLength,
  1449. 0) <= 0 ) {
  1450. return FALSE;
  1451. }
  1452. } else {
  1453. //
  1454. // worst case: two unicode strings
  1455. //
  1456. PriorKeyName.Buffer = &(PriorNode->Name[0]);
  1457. PriorKeyName.Length = PriorNode->NameLength;
  1458. PriorKeyName.MaximumLength = PriorKeyName.Length;
  1459. CurrentKeyName.Buffer = &(CurrentNode->Name[0]);
  1460. CurrentKeyName.Length = CurrentNode->NameLength;
  1461. CurrentKeyName.MaximumLength = CurrentKeyName.Length;
  1462. if( RtlCompareUnicodeString(&PriorKeyName,
  1463. &CurrentKeyName,
  1464. TRUE) >= 0 ) {
  1465. return FALSE;
  1466. }
  1468. }
  1469. }
  1471. return TRUE;
  1472. }