archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/base/ntos/rtl/lookup.c

771 lines
22 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 2001 Microsoft Corporation
  5. Module Name:
  7. lookup.c
  9. Abstract:
  11. This module implements function table lookup for platforms with table
  12. base exception handling.
  14. Author:
  16. David N. Cutler (davec) 30-May-2001
  18. Revision History:
  20. --*/
  22. #include "ntrtlp.h"
  24. //
  25. // Define external data.
  26. //
  27. #if defined(NTOS_KERNEL_RUNTIME)
  28. #if !defined(_X86_)
  29. #pragma alloc_text(INIT, RtlInitializeHistoryTable)
  30. #endif
  31. #else
  33. #include "..\ntdll\ldrp.h"
  35. extern PVOID NtDllBase;
  37. #endif
  40. #if !defined(_X86_)
  41. //
  42. // Define global unwind history table to hold the constant unwind entries
  43. // for exception dispatch followed by unwind.
  44. //
  46. UNWIND_HISTORY_TABLE RtlpUnwindHistoryTable = {
  47. 0, UNWIND_HISTORY_TABLE_NONE, - 1, 0};
  49. VOID
  50. RtlInitializeHistoryTable (
  51. VOID
  52. )
  54. /*++
  56. Routine Description:
  58. This function initializes the global unwind history table.
  60. Arguments:
  62. None.
  64. Return Value:
  66. None.
  68. --*/
  70. {
  72. ULONG64 BeginAddress;
  73. ULONG64 ControlPc;
  74. ULONG64 EndAddress;
  75. PVOID *FunctionAddressTable;
  76. PRUNTIME_FUNCTION FunctionEntry;
  77. ULONG64 Gp;
  78. ULONG64 ImageBase;
  79. ULONG Index;
  81. //
  82. // Lookup function entries from the function address table until a NULL
  83. // entry is encountered or the unwind history table is full.
  84. //
  86. FunctionAddressTable = &RtlpFunctionAddressTable[0];
  87. Index = 0;
  88. while ((Index < UNWIND_HISTORY_TABLE_SIZE) &&
  89. (*FunctionAddressTable != NULL)) {
  91. #if defined(_IA64_)
  93. ControlPc = ((PPLABEL_DESCRIPTOR)(*FunctionAddressTable++))->EntryPoint;
  95. #else
  97. ControlPc = (ULONG64)*FunctionAddressTable++;
  99. #endif
  101. FunctionEntry = RtlLookupFunctionEntry(ControlPc,
  102. &ImageBase,
  104. #if defined(_IA64_)
  105. &Gp
  106. #else
  107. NULL
  108. #endif
  110. );
  112. ASSERT(FunctionEntry != NULL);
  114. BeginAddress = FunctionEntry->BeginAddress + ImageBase;
  115. EndAddress = FunctionEntry->EndAddress + ImageBase;
  116. RtlpUnwindHistoryTable.Entry[Index].ImageBase = ImageBase;
  118. #if defined(_IA64_)
  120. RtlpUnwindHistoryTable.Entry[Index].Gp = Gp;
  122. #endif
  124. RtlpUnwindHistoryTable.Entry[Index].FunctionEntry = FunctionEntry;
  125. if (BeginAddress < RtlpUnwindHistoryTable.LowAddress) {
  126. RtlpUnwindHistoryTable.LowAddress = BeginAddress;
  127. }
  129. if (EndAddress > RtlpUnwindHistoryTable.HighAddress) {
  130. RtlpUnwindHistoryTable.HighAddress = EndAddress;
  131. }
  133. Index += 1;
  134. }
  136. RtlpUnwindHistoryTable.Count = Index;
  137. return;
  138. }
  141. PRUNTIME_FUNCTION
  142. RtlpSearchInvertedFunctionTable (
  143. PINVERTED_FUNCTION_TABLE InvertedTable,
  144. PVOID ControlPc,
  145. OUT PVOID *ImageBase,
  147. #if defined(_IA64_)
  149. OUT PULONG64 Gp,
  150. #endif
  152. OUT PULONG SizeOfTable
  153. )
  155. /*++
  157. Routine Description:
  159. This function searches for a matching entry in an inverted function
  160. table using the specified control PC value.
  162. N.B. It is assumed that appropriate locks are held when this routine
  163. is called.
  165. Arguments:
  167. InvertedTable - Supplies a pointer to an inverted function table.
  169. ControlPc - Supplies a PC value to to use in searching the inverted
  170. function table.
  172. ImageBase - Supplies a pointer to a variable that receives the base
  173. address of the corresponding module.
  175. SizeOfTable - Supplies a pointer to a variable that recevies the size
  176. of the function table in bytes.
  178. Return Value:
  180. If a matching entry is located in the specified function table, then
  181. the function table address is returned as the function value. Otherwise,
  182. a value of NULL is returned.
  184. --*/
  186. {
  188. PVOID Bound;
  189. LONG High;
  190. ULONG Index;
  191. PINVERTED_FUNCTION_TABLE_ENTRY InvertedEntry;
  192. LONG Low;
  193. LONG Middle;
  195. //
  196. // If there are any entries in the specified inverted function table,
  197. // then search the table for a matching entry.
  198. //
  200. if (InvertedTable->CurrentSize != 0) {
  201. Low = 0;
  202. High = InvertedTable->CurrentSize - 1;
  203. while (High >= Low) {
  205. //
  206. // Compute next probe index and test entry. If the specified
  207. // control PC is greater than of equal to the beginning address
  208. // and less than the ending address of the inverted function
  209. // table entry, then return the address of the function table.
  210. // Otherwise, continue the search.
  211. //
  213. Middle = (Low + High) >> 1;
  214. InvertedEntry = &InvertedTable->TableEntry[Middle];
  215. Bound = (PVOID)((ULONG_PTR)InvertedEntry->ImageBase + InvertedEntry->SizeOfImage);
  216. if (ControlPc < InvertedEntry->ImageBase) {
  217. High = Middle - 1;
  219. } else if (ControlPc >= Bound) {
  220. Low = Middle + 1;
  222. } else {
  223. *ImageBase = InvertedEntry->ImageBase;
  225. #if defined(_IA64_)
  227. *Gp = InvertedEntry->Gp;
  229. #endif
  231. *SizeOfTable = InvertedEntry->SizeOfTable;
  232. return InvertedEntry->FunctionTable;
  233. }
  234. }
  235. }
  237. return NULL;
  238. }
  239. #endif
  241. VOID
  242. RtlCaptureImageExceptionValues(
  243. IN PVOID Base,
  244. OUT PVOID *FunctionTable,
  245. #if defined(_IA64_)
  246. OUT PULONG64 Gp,
  247. #endif
  248. OUT PULONG TableSize
  249. )
  250. {
  251. #if defined(_X86_)
  252. PIMAGE_NT_HEADERS NtHeaders;
  253. PIMAGE_LOAD_CONFIG_DIRECTORY32 LoadConfig;
  254. ULONG LoadConfigSize;
  256. NtHeaders = RtlImageNtHeader(Base);
  257. if (NtHeaders->OptionalHeader.DllCharacteristics & IMAGE_DLLCHARACTERISTICS_NO_SEH) {
  258. // No SEH possible.
  259. *FunctionTable = (PCHAR)LongToPtr(-1);
  260. *TableSize = (ULONG)-1;
  261. } else {
  262. LoadConfig = (PIMAGE_LOAD_CONFIG_DIRECTORY32)
  263. RtlImageDirectoryEntryToData(Base,
  264. TRUE,
  265. IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG,
  266. &LoadConfigSize);
  267. if (LoadConfig &&
  268. LoadConfigSize &&
  269. LoadConfig->Size >= RTL_SIZEOF_THROUGH_FIELD(IMAGE_LOAD_CONFIG_DIRECTORY32, SEHandlerCount) &&
  270. LoadConfig->SEHandlerTable &&
  271. LoadConfig->SEHandlerCount
  272. )
  273. {
  274. *FunctionTable = (PVOID)LoadConfig->SEHandlerTable;
  275. *TableSize = LoadConfig->SEHandlerCount;
  276. } else {
  277. // See if it's an ILONLY COR image.
  278. PIMAGE_COR20_HEADER Cor20Header;
  279. ULONG Cor20HeaderSize;
  280. Cor20Header = RtlImageDirectoryEntryToData(Base,
  281. TRUE,
  282. IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR,
  283. &Cor20HeaderSize);
  284. if (Cor20Header && ((Cor20Header->Flags & COMIMAGE_FLAGS_ILONLY) == COMIMAGE_FLAGS_ILONLY)) {
  285. // No SEH possible.
  286. *FunctionTable = (PCHAR)LongToPtr(-1);
  287. *TableSize = (ULONG)-1;
  288. } else {
  289. *FunctionTable = 0;
  290. *TableSize = 0;
  291. }
  292. }
  293. }
  294. #else
  295. #if defined(_IA64_)
  296. *Gp = (ULONG64)(RtlImageDirectoryEntryToData(Base,
  297. TRUE,
  298. IMAGE_DIRECTORY_ENTRY_GLOBALPTR,
  299. TableSize));
  300. #endif
  302. *FunctionTable = RtlImageDirectoryEntryToData(Base,
  303. TRUE,
  304. IMAGE_DIRECTORY_ENTRY_EXCEPTION,
  305. TableSize);
  306. #endif
  307. }
  310. #if defined(_X86_)
  311. PVOID
  312. #else
  313. PRUNTIME_FUNCTION
  314. #endif
  315. RtlLookupFunctionTable (
  316. IN PVOID ControlPc,
  317. OUT PVOID *ImageBase,
  319. #if defined(_IA64_)
  321. OUT PULONG64 Gp,
  323. #endif
  325. OUT PULONG SizeOfTable
  326. )
  328. /*++
  330. Routine Description:
  332. This function looks up the control PC in the loaded module list, and
  333. returns the image base, the size of the function table, and the address
  334. of the function table.
  336. Arguments:
  338. ControlPc - Supplies an address in the module to be looked up.
  340. ImageBase - Supplies a pointer to a variable that receives the base
  341. address of the corresponding module.
  343. SizeOfTable - Supplies a pointer to a variable that recevies the size
  344. of the function table in bytes.
  346. Return Value:
  348. If a module is found that contains the specified control PC value and
  349. that module contains a function table, then the address of the function
  350. table is returned as the function value. Otherwise, NULL is returned.
  352. --*/
  354. {
  355. PVOID Base;
  356. ULONG_PTR Bound;
  357. #if defined(NTOS_KERNEL_RUNTIME)
  358. PKLDR_DATA_TABLE_ENTRY Entry;
  359. #else
  360. PLDR_DATA_TABLE_ENTRY Entry;
  361. #endif
  362. PLIST_ENTRY Next;
  363. #if defined(_X86_)
  364. PVOID FunctionTable;
  365. #else
  366. PRUNTIME_FUNCTION FunctionTable;
  367. #endif
  369. #if defined(NTOS_KERNEL_RUNTIME)
  371. KIRQL OldIrql;
  373. //
  374. // Acquire the loaded module list spinlock and scan the list for the
  375. // specified PC value if the list has been initialized.
  376. //
  378. OldIrql = KeGetCurrentIrql();
  379. if (OldIrql < DISPATCH_LEVEL) {
  380. KeRaiseIrqlToDpcLevel();
  381. }
  383. ExAcquireSpinLockAtDpcLevel(&PsLoadedModuleSpinLock);
  384. #ifndef _X86_
  385. FunctionTable = RtlpSearchInvertedFunctionTable(&PsInvertedFunctionTable,
  386. ControlPc,
  387. &Base,
  388. #if defined(_IA64_)
  389. Gp,
  390. #endif
  391. SizeOfTable);
  393. if ((FunctionTable == NULL) &&
  394. (PsInvertedFunctionTable.Overflow != FALSE))
  395. #endif
  396. {
  397. Next = PsLoadedModuleList.Flink;
  398. if (Next != NULL) {
  399. while (Next != &PsLoadedModuleList) {
  400. Entry = CONTAINING_RECORD(Next,
  401. KLDR_DATA_TABLE_ENTRY,
  402. InLoadOrderLinks);
  404. Base = Entry->DllBase;
  405. Bound = (ULONG_PTR)Base + Entry->SizeOfImage;
  406. if (((ULONG_PTR)ControlPc >= (ULONG_PTR)Base) &&
  407. ((ULONG_PTR)ControlPc < Bound)) {
  408. #if defined(_IA64_)
  409. *Gp = (ULONG64)Entry->GpValue;
  410. #endif
  411. FunctionTable = Entry->ExceptionTable;
  412. *SizeOfTable = Entry->ExceptionTableSize;
  413. break;
  414. }
  415. Next = Next->Flink;
  416. }
  417. }
  418. }
  420. //
  421. // Release the loaded module list spin lock.
  422. //
  424. ExReleaseSpinLockFromDpcLevel(&PsLoadedModuleSpinLock);
  425. KeLowerIrql(OldIrql);
  427. #else // NTOS_KERNEL_RUNTIME
  429. BOOLEAN InLdrInit;
  430. MEMORY_BASIC_INFORMATION MemoryInformation;
  431. PLIST_ENTRY ModuleListHead;
  432. PIMAGE_NT_HEADERS NtHeaders;
  433. PPEB Peb;
  434. PTEB Teb;
  435. NTSTATUS Status;
  437. //
  438. // Acquire the Loader lock for the current process and scan the loaded
  439. // module list for the specified PC value if all the data structures
  440. // have been initialized.
  441. //
  443. FunctionTable = NULL;
  444. InLdrInit = LdrpInLdrInit;
  445. if ((InLdrInit == FALSE) &&
  446. (RtlTryEnterCriticalSection(&LdrpLoaderLock) == FALSE)) {
  448. //
  449. // The loader lock could not be acquired. Call the system to find the
  450. // image that contains the control PC.
  451. //
  453. Status = NtQueryVirtualMemory(NtCurrentProcess(),
  454. ControlPc,
  455. MemoryBasicInformation,
  456. &MemoryInformation,
  457. sizeof(MEMORY_BASIC_INFORMATION),
  458. NULL);
  460. if (NT_SUCCESS(Status) &&
  461. (MemoryInformation.Type == MEM_IMAGE)) {
  463. //
  464. // Lookup function table address and size.
  465. //
  467. Base = MemoryInformation.AllocationBase;
  469. RtlCaptureImageExceptionValues(Base,
  470. &FunctionTable,
  471. #if defined(_IA64_)
  472. Gp,
  473. #endif
  474. SizeOfTable);
  475. }
  477. } else {
  479. //
  480. // The loader lock was acquired or the loader is being initialized.
  481. // Search the loaded module list if it is currently defined. Otherwise,
  482. // set the values for ntdll.
  483. //
  485. Teb = NtCurrentTeb();
  486. if (Teb != NULL) {
  487. Peb = Teb->ProcessEnvironmentBlock;
  488. if (Peb->Ldr != NULL) {
  489. #if !defined(_X86_)
  490. FunctionTable = RtlpSearchInvertedFunctionTable(&LdrpInvertedFunctionTable,
  491. ControlPc,
  492. &Base,
  493. #if defined(_IA64_)
  494. Gp,
  495. #endif
  496. SizeOfTable);
  498. if ((FunctionTable == NULL) &&
  499. ((InLdrInit != FALSE) ||
  500. (LdrpInvertedFunctionTable.Overflow != FALSE)))
  501. #endif
  502. {
  503. ModuleListHead = &Peb->Ldr->InLoadOrderModuleList;
  504. Next = ModuleListHead->Flink;
  505. if (Next != NULL) {
  506. while (Next != ModuleListHead) {
  507. Entry = CONTAINING_RECORD(Next,
  508. LDR_DATA_TABLE_ENTRY,
  509. InLoadOrderLinks);
  511. Next = Next->Flink;
  512. Base = Entry->DllBase;
  513. Bound = (ULONG_PTR)Base + Entry->SizeOfImage;
  514. if (((ULONG_PTR)ControlPc >= (ULONG_PTR)Base) &&
  515. ((ULONG_PTR)ControlPc < Bound)) {
  516. RtlCaptureImageExceptionValues(Base,
  517. &FunctionTable,
  518. #if defined(_IA64_)
  519. Gp,
  520. #endif
  521. SizeOfTable);
  522. break;
  523. }
  524. }
  525. }
  526. }
  528. } else {
  530. //
  531. // The loaded module list has not been initialized. Therefore,
  532. // the current executing code must be in ntdll. If ntddl base
  533. // is not NULL and the control PC is within the ntdll range,
  534. // then return the information for ntdll.
  535. //
  537. if (NtDllBase != NULL) {
  538. Base = NtDllBase;
  539. NtHeaders = RtlImageNtHeader(Base);
  540. if (NtHeaders != NULL) {
  541. Bound = (ULONG_PTR)Base + NtHeaders->OptionalHeader.SizeOfImage;
  542. if (((ULONG_PTR)ControlPc >= (ULONG_PTR)Base) &&
  543. ((ULONG_PTR)ControlPc < Bound)) {
  544. RtlCaptureImageExceptionValues(Base,
  545. &FunctionTable,
  546. #if defined(_IA64_)
  547. Gp,
  548. #endif
  549. SizeOfTable);
  550. }
  551. }
  552. }
  553. }
  554. }
  556. //
  557. // Release the loader lock if it was acquired.
  558. //
  560. if (InLdrInit == FALSE) {
  561. RtlLeaveCriticalSection(&LdrpLoaderLock);
  562. }
  563. }
  565. #endif
  567. //
  568. // Set the image base address and return the function table address.
  569. //
  571. *ImageBase = Base;
  572. return FunctionTable;
  573. }
  575. #if !defined(_X86_)
  577. VOID
  578. RtlInsertInvertedFunctionTable (
  579. PINVERTED_FUNCTION_TABLE InvertedTable,
  580. PVOID ImageBase,
  581. ULONG SizeOfImage
  582. )
  584. /*++
  586. Routine Description:
  588. This function inserts an entry in an inverted function table if there
  589. is room in the table. Otherwise, no operation is performed.
  591. N.B. It is assumed that appropriate locks are held when this routine
  592. is called.
  594. N.B. If the inverted function table overflows, then it is treated as
  595. a cache. This is unlikely to happen, however.
  597. Arguments:
  599. InvertedTable - Supplies a pointer to the inverted function table in
  600. which the specified entry is to be inserted.
  602. ImageBase - Supplies the base address of the containing image.
  604. SizeOfImage - Supplies the size of the image.
  606. Return Value:
  608. None.
  610. --*/
  612. {
  614. ULONG CurrentSize;
  615. PRUNTIME_FUNCTION FunctionTable;
  617. #if defined(_IA64_)
  619. ULONG64 Gp;
  621. #endif
  623. ULONG Index;
  624. ULONG SizeOfTable;
  626. //
  627. // If the inverted table is not full, then insert the entry in the
  628. // specified inverted table.
  629. //
  631. CurrentSize = InvertedTable->CurrentSize;
  632. if (CurrentSize != InvertedTable->MaximumSize) {
  634. //
  635. // If the inverted table has no entries, then insert the new entry as
  636. // the first entry. Otherwise, search the inverted table for the proper
  637. // insert position, shuffle the table, and insert the new entry.
  638. //
  640. Index = 0;
  641. if (CurrentSize != 0) {
  642. for (Index = 0; Index < CurrentSize; Index += 1) {
  643. if (ImageBase < InvertedTable->TableEntry[Index].ImageBase) {
  644. break;
  645. }
  646. }
  648. //
  649. // If the new entry does not go at the end of the specified table,
  650. // then shuffle the table down to make room for the new entry.
  651. //
  653. if (Index != CurrentSize) {
  654. RtlMoveMemory(&InvertedTable->TableEntry[Index + 1],
  655. &InvertedTable->TableEntry[Index],
  656. (CurrentSize - Index) * sizeof(INVERTED_FUNCTION_TABLE_ENTRY));
  657. }
  658. }
  660. //
  661. // Insert the specified entry in the specified inverted function table.
  662. //
  664. FunctionTable = RtlImageDirectoryEntryToData (ImageBase,
  665. TRUE,
  666. IMAGE_DIRECTORY_ENTRY_EXCEPTION,
  667. &SizeOfTable);
  669. InvertedTable->TableEntry[Index].FunctionTable = FunctionTable;
  670. InvertedTable->TableEntry[Index].ImageBase = ImageBase;
  671. InvertedTable->TableEntry[Index].SizeOfImage = SizeOfImage;
  672. InvertedTable->TableEntry[Index].SizeOfTable = SizeOfTable;
  674. #if defined(_IA64_)
  676. Gp = (ULONG64)RtlImageDirectoryEntryToData (ImageBase,
  677. TRUE,
  678. IMAGE_DIRECTORY_ENTRY_GLOBALPTR,
  679. &SizeOfTable);
  681. InvertedTable->TableEntry[Index].Gp = Gp;
  683. #endif
  685. InvertedTable->CurrentSize += 1;
  687. } else {
  688. InvertedTable->Overflow = TRUE;
  689. }
  691. return;
  692. }
  694. VOID
  695. RtlRemoveInvertedFunctionTable (
  696. PINVERTED_FUNCTION_TABLE InvertedTable,
  697. PVOID ImageBase
  698. )
  700. /*++
  702. Routine Description:
  704. This routine removes an entry from an inverted function table.
  706. N.B. It is assumed that appropriate locks are held when this routine
  707. is called.
  709. Arguments:
  711. InvertedTable - Supplies a pointer to the inverted function table from
  712. which the specified entry is to be removed.
  714. ImageBase - Supplies the base address of the containing image.
  716. Return Value:
  718. None.
  720. --*/
  722. {
  724. ULONG CurrentSize;
  725. ULONG Index;
  727. //
  728. // Search for an entry in the specified inverted table that matches the
  729. // image base.
  730. //
  731. // N.B. It is possible a matching entry is not in the inverted table
  732. // the table was full when an attempt was made to insert the
  733. // corresponding entry.
  734. //
  736. CurrentSize = InvertedTable->CurrentSize;
  737. for (Index = 0; Index < CurrentSize; Index += 1) {
  738. if (ImageBase == InvertedTable->TableEntry[Index].ImageBase) {
  739. break;
  740. }
  741. }
  743. //
  744. // If the entry was found in the inverted table, then remove the entry
  745. // and reduce the size of the table.
  746. //
  748. if (Index != CurrentSize) {
  750. //
  751. // If the size of the table is not one, then shuffle the table and
  752. // remove the specified entry.
  753. //
  755. if (CurrentSize != 1) {
  756. RtlCopyMemory(&InvertedTable->TableEntry[Index],
  757. &InvertedTable->TableEntry[Index + 1],
  758. (CurrentSize - Index - 1) * sizeof(INVERTED_FUNCTION_TABLE_ENTRY));
  759. }
  761. //
  762. // Reduce the size of the inverted table.
  763. //
  765. InvertedTable->CurrentSize -= 1;
  766. }
  768. return;
  769. }
  771. #endif // !_X86_