Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

2394 lines
67 KiB

  1. /*++
  2. Copyright (c) 1991 Microsoft Corporation
  3. Module Name:
  4. RegClass.c
  5. Abstract:
  6. This module contains routines to manipulate class registration
  7. registry keys for the win32 registry apis. These routines are called
  8. from several of the functions for manipulating registry, including
  9. the functions that open, enumerate, create, and delete keys.
  10. Author:
  11. Adam P. Edwards (adamed) 14-Nov-1997
  12. Key Functions:
  13. OpenCombinedClassesRoot
  14. BaseRegGetKeySemantics
  15. BaseRegOpenClassKey
  16. BaseRegOpenClassKeyFromLocation
  17. BaseRegGetUserAndMachineClass
  18. Notes:
  19. ****************************************************
  21. ****************************************************
  22. Starting with NT5, the HKEY_CLASSES_ROOT key is per-user
  23. instead of per-machine -- previously, HKCR was an alias for
  24. HKLM\Software\Classes.
  25. The per-user HKCR combines machine classes stored it the
  26. traditional HKLM\Software\Classes location with classes
  27. stored in HKCU\Software\Classes.
  28. Certain keys, such as CLSID, will have subkeys that come
  29. from both the machine and user locations. When there is a conflict
  30. in key names, the user oriented key overrides the other one --
  31. only the user key is seen in that case.
  32. Here are the key ideas for this implementation:
  33. 1. The changes for this module only affect keys under
  34. HKEY_CLASSES_ROOT. Only the Local registry
  35. implementation supports HKCR so all the changes are
  36. local only, they do not exist in the
  37. remote rpc registry server.
  38. 2. We parse each key under HKCR as
  39. <prefix>\<intermediate>\<special>[\<classreg>]\[<lastelement>]
  40. where <prefix> is one of the forms
  41. \Registry\Machine\Software\Classes
  42. \Registry\User\<sid>\Software\Classes
  43. \Registry\User\<sid>_Classes
  44. <intermediate> can be a subpath of arbitrary length
  45. <special> is a certain list of keys, shown below in the
  46. gSpecialSubtrees table, e.g. IID, CLSID.
  47. <classreg> is any subkey of <special>. <lastelement> is
  48. the remainder of the path.
  49. 3. In order to quickly distinguish keys in HKCR from keys not in HKCR, we
  50. use tag bits on each registry handle that we return from an open or create
  51. if the key is under HKCR. When the HKCR predefined handle is opened,
  52. we set a tag on its handle index -- any children open or created with a
  53. parent key whose tag is set like this will inherit the tag. There are other
  54. tags, such as those for local and remote regkeys, already in use prior
  55. to the implementation of per user class registration in NT5. Please see
  56. the header file for more information on how to interpret the tags.
  57. 4. The special keys have the following properties which differentiate
  58. them from standard registry keys:
  59. a. The children of a special key come from both HKLM\Software\Classes
  60. and HKCU\Software\Classes. Thus, since CLSID is a special key,
  61. if HKLM\Software\Classes\CLSID\Key1 exists and
  62. HKCU\Software\Classes\CLSID\Key2 exists, one would find the keys
  63. Key1 and Key2 under HKCR\CLSID.
  64. b. If the same key exists in both the user and machine locations, only
  65. the user version of the key is seen under HKCR.
  66. 5. To create the illusion described above, the code for several api's
  67. had to be modified:
  68. a. RegOpenKeyEx -- for HKCR subkeys, this api was modified to look
  69. for the key to open first in the user part of the registry,
  70. then the machine part if the user version did not exist. All
  71. keys opened with HKCR as an ancestor get a bit set in the handle
  72. index.
  73. b. RegCreateKeyEx -- modified in a fashion similar to RegOpenKeyEx.
  74. c. RegDeleteKey -- modified to find key to delete in fashion similar
  75. to RegOpenKeyEx.
  76. d. RegEnumKeyEx -- extensive changes for HKCR. Previously this api was
  77. simply a wrapper to the kernel version. This is insufficient now
  78. because the kernel knows nothing of our hkcr scheme. See regecls.*
  79. for details.
  80. e. RegQueryInfoKey -- changes related to RegEnumKeyEx changes -- see
  81. regecls.*, regqkey.c.
  82. It should be noted that HKCU\Software\Classes is not the true
  83. location of the user-only class data. If it were, all the class
  84. data would be in ntuser.dat, which roams with the user. Since
  85. class data can get very large, installation of a few apps
  86. would cause HKCU (ntuser.dat) to grow from a manageable size
  87. to many megabytes. Since user-specific class data comes from
  88. the directory, it does not need to roam and therefore it was
  89. separated from HKCU (ntuser.dat) and stored in another hive
  90. mounted under HKEY_USERS.
  91. It is still desirable to allow access to this hive through
  92. HKCU\Software\Classes, so we use some trickery (symlinks) to
  93. make it seem as if the user class data exists there.
  94. **************************
  96. **************************
  97. This code assumes that all special keys exist in both
  98. HKEY_LOCAL_MACHINE\Software\Classes and HKEY_CURRENT_USER\Software\Classes.
  99. The code may break if this is not true.
  100. --*/
  101. #ifdef LOCAL
  102. #include <rpc.h>
  103. #include <string.h>
  104. #include <wchar.h>
  105. #include "regrpc.h"
  106. #include "localreg.h"
  107. #include "regclass.h"
  108. #include "regecls.h"
  109. NTSTATUS QueryKeyInfo(
  110. HKEY hKey,
  111. PKEY_FULL_INFORMATION* ppKeyFullInfo,
  112. ULONG BufferLength,
  113. BOOL fClass,
  114. USHORT MaxClassLength);
  115. extern HKEY HKEY_ClassesRoot;
  116. BOOL gbCombinedClasses = TRUE;
  118. RTL_CRITICAL_SECTION gRegClassHeapCritSect;
  119. DWORD gcbAllocated = 0;
  120. DWORD gcAllocs = 0;
  121. DWORD gcbMaxAllocated = 0;
  122. DWORD gcMaxAllocs = 0;
  123. PVOID gpvAllocs;
  124. #endif // defined(_REGCLASS_MALLOC_INSTRUMENTED_)
  125. UNICODE_STRING gMachineClassesName = {
  129. error_status_t
  130. OpenCombinedClassesRoot(
  131. IN REGSAM samDesired,
  132. OUT HANDLE * phKey
  133. )
  134. /*++
  135. Routine Description:
  136. Attempts to open the the HKEY_CLASSES_ROOT predefined handle.
  137. Arguments:
  138. ServerName - Not used.
  139. samDesired - This access mask describes the desired security access
  140. for the key.
  141. phKey - Returns a handle to the key \REGISTRY\MACHINE\SOFTWARE\CLASSES.
  142. Return Value:
  143. Returns ERROR_SUCCESS (0) for success; error-code for failure.
  144. --*/
  145. {
  147. NTSTATUS Status;
  148. UNICODE_STRING UsersHive;
  149. UNICODE_STRING UsersMergedHive;
  150. // first try for a per-user HKCR
  151. Status = RtlFormatCurrentUserKeyPath( &UsersHive );
  152. if( !NT_SUCCESS(Status) ) {
  153. return Status;
  154. }
  155. UsersMergedHive.MaximumLength = UsersHive.MaximumLength +
  157. UsersMergedHive.Buffer = RtlAllocateHeap( RtlProcessHeap( ), 0,UsersMergedHive.MaximumLength);
  158. if( UsersMergedHive.Buffer == NULL ) {
  159. RtlFreeUnicodeString( &UsersHive );
  161. }
  162. RtlCopyUnicodeString(&UsersMergedHive, &UsersHive );
  163. // add the _Merged_Classes suffix
  164. Status = RtlAppendUnicodeToString( &UsersMergedHive, REG_USER_HIVE_CLASSES_SUFFIX);
  165. ASSERT(NT_SUCCESS(Status));
  166. //
  167. // Initialize the OBJECT_ATTRIBUTES structure so that it creates
  168. // (opens) the key "\HKU\<sid>_Merged_Classes" with a Security
  169. // Descriptor that allows everyone complete access.
  170. //
  171. InitializeObjectAttributes(
  172. &Obja,
  173. &UsersMergedHive,
  175. NULL,
  176. NULL
  177. );
  178. Status = NtOpenKey(
  179. phKey,
  180. samDesired, // MAXIMUM_ALLOWED,
  181. &Obja
  182. );
  183. RtlFreeUnicodeString( &UsersMergedHive );
  184. RtlFreeUnicodeString( &UsersHive );
  185. //
  186. // This key is the ancestor of all keys in HKCR, so
  187. // we must mark its handle so that its origin in HKCR
  188. // is propagated to all children opened with this handle
  189. //
  190. if (NT_SUCCESS(Status)) {
  191. *phKey = REG_CLASS_SET_SPECIAL_KEY(*phKey);
  192. }
  193. return Status;
  194. }
  195. NTSTATUS BaseRegGetKeySemantics(
  196. HKEY hkParent,
  198. SKeySemantics* pKeySemantics)
  199. /*++
  200. Routine Description:
  201. This function parses a key in HKEY_CLASSES_ROOT. It is used to determine if a given key
  202. is a class registration unit key, as well as other syntactic / semantic information about
  203. the key. It sets the value of pfIsClsRegKey to TRUE if it is, FALSE if not.
  204. The key in question is defined by the (hkParent, pSubKey) pair.
  205. Definitions for terms such as Prefix, Special Key, and class registration can
  206. be found at the top of this module.
  207. Arguments:
  208. hkParent - parent portion of key
  209. pSubKey - child portion of key
  210. pKeySemantics - pointer to struct containing key semantic information -- the
  211. following members of this structure are affected:
  212. _fUser: TRUE if this key is rooted in HKEY_USERS, FALSE if not
  213. _fMachine: TRUE if this key is rooted in HKLM, FALSE if not
  214. _fCombinedClasses: TRUE if this key is rooted in HKEY_USERS\\<Sid>_Classes
  215. _fClassRegistration: TRUE if this key is a class registration unit
  216. _fClassRegParent: TRUE if this key is the parent of a class registration unit
  217. _ichKeyStart: index to start of a class reg after the prefix -- this is after
  218. the pathsep which follows the prefix
  219. _cbPrefixLen: Length (in bytes) of prefix from start of full path
  220. _cbSpecialKey: Length (in bytes) of the name of the special key -- this is
  221. not from the start of the full path, just that key name only. It
  222. includes an initial pathsep.
  223. _cbClassRegKey: length of class reg key name (not from start of full path).
  224. Includes an initial pathsep.
  225. _cbFullPath: size of buffer structure pointed to by _pFullPath. On return,
  226. this member is set to the number of bytes written to _pFullPath
  227. by the function, or the required number of bytes if the buffer
  228. passed in was too small
  229. _pFullPath: KEY_NAME_INFORMATION structure containing the full pathname
  230. of the registry key defined by (hkParent, pSubKey). This pathname
  231. is null terminated.
  232. Returns:
  233. NT_SUCCESS If the function completed successfully. If the buffer pointed to by
  234. pKeySemantics->_pFullPath is not large enough to hold the name of the key, the
  235. function returns STATUS_BUFFER_TOO_SMALL and the required size in bytes is
  236. written to pKeySemantics->_cbFullPath. The caller may then reallocate the buffer
  237. and call this function again. All other errors return the appropriate NTSTATUS
  238. failure code.
  239. Notes:
  240. After calling this function and getting a successful return status, the pKeySemantics
  241. structure should be freed by calling BaseRegReleaseKeySemantics
  242. --*/
  243. {
  244. NTSTATUS Status;
  245. UNICODE_STRING NameInfo;
  247. USHORT ichClassesKeyNameEnd;
  248. USHORT ichSpecialKeyNameEnd;
  249. USHORT cbName;
  250. ULONG cbObjInfo;
  251. WCHAR* szClassRegKeyEnd;
  252. //
  253. // Save in params
  254. //
  255. cbObjInfo = pKeySemantics->_cbFullPath - REG_CHAR_SIZE; // subtract one for trailing \0
  256. pNameInfo = pKeySemantics->_pFullPath;
  257. //
  258. // reset out params
  259. //
  260. memset(&(pKeySemantics->_pFullPath), 0, sizeof(*(pKeySemantics->_pFullPath->Name)));
  261. memset(pKeySemantics, 0, sizeof(*pKeySemantics));
  262. //
  263. // restore in params
  264. //
  265. pKeySemantics->_pFullPath = pNameInfo;
  266. pKeySemantics->_cbFullPath = cbObjInfo;
  267. //
  268. // Get full name of key -- first, we need to find the path
  269. // for the registry key hkParent
  270. //
  271. if (!hkParent) {
  272. //
  273. // If no key name was specified, the full path is simply the subkey name
  274. //
  275. pKeySemantics->_cbFullPath = REG_CHAR_SIZE;
  276. (pKeySemantics->_pFullPath->Name)[0] = L'\0';
  277. pKeySemantics->_pFullPath->NameLength = 0;
  278. pKeySemantics->_cbFullPath = sizeof(*(pKeySemantics->_pFullPath));
  279. } else {
  280. Status = NtQueryKey(
  281. hkParent,
  282. KeyNameInformation,
  283. pKeySemantics->_pFullPath,
  284. cbObjInfo,
  285. &pKeySemantics->_cbFullPath);
  286. if (STATUS_KEY_DELETED == Status) {
  287. Status = STATUS_SUCCESS;
  288. }
  289. //
  290. // Kernel set the _cbFullPath member to the necessary size -- tack
  291. // on the length of the subkey too
  292. //
  293. pKeySemantics->_cbFullPath += pSubKey->Length + REG_CHAR_SIZE * 2;
  294. //
  295. // The retrieval of the object's name information may have succeeded,
  296. // but we still need to append the subkey, so verify that enough
  297. // space is left
  298. //
  299. if (NT_SUCCESS(Status) && (cbObjInfo < pKeySemantics->_cbFullPath)) {
  300. //
  301. // we have successfully retrieved the info from the kernel,
  302. // but adding the subkey, we overflow ==> allocate a buffer
  303. // big enough and copy the info from _pFullPath
  304. //
  305. pNameInfo = (PKEY_NAME_INFORMATION) RegClassHeapAlloc(
  306. pKeySemantics->_cbFullPath);
  307. if (!pNameInfo) {
  308. return STATUS_NO_MEMORY;
  309. }
  310. RtlCopyMemory(pNameInfo->Name,
  311. pKeySemantics->_pFullPath->Name,
  312. pKeySemantics->_pFullPath->NameLength);
  313. pNameInfo->NameLength = pKeySemantics->_pFullPath->NameLength;
  314. }
  315. if (!NT_SUCCESS(Status)) {
  316. //
  317. // Retry by allocating a new buffer if the kernel thought the
  318. // supplied buffer was too small. Add extra padding
  319. // because we may need to add a null terminator and pathsep later
  320. //
  321. if (STATUS_BUFFER_OVERFLOW == Status) {
  322. //
  323. // The _cbFullPath member was to the required length in the
  324. // call to NtQueryKey above and includes extra padding
  325. // for appending more characters
  326. //
  327. pNameInfo = (PKEY_NAME_INFORMATION) RegClassHeapAlloc(
  328. pKeySemantics->_cbFullPath);
  329. if (!pNameInfo) {
  330. return STATUS_NO_MEMORY;
  331. }
  332. cbObjInfo = pKeySemantics->_cbFullPath;
  333. //
  334. // Retry -- we should have a large enough buffer now
  335. //
  336. Status = NtQueryKey(
  337. hkParent,
  338. KeyNameInformation,
  339. pNameInfo,
  340. cbObjInfo,
  341. &pKeySemantics->_cbFullPath);
  342. if (STATUS_KEY_DELETED == Status) {
  343. Status = STATUS_SUCCESS;
  344. }
  345. }
  346. if (!NT_SUCCESS(Status)) {
  347. //
  348. // We allocated heap for the second query, but since it failed,
  349. // we need to free the allocated memory.
  350. //
  351. if (pNameInfo != pKeySemantics->_pFullPath) {
  352. RegClassHeapFree(pNameInfo);
  353. }
  354. return Status;
  355. }
  356. }
  357. }
  358. //
  359. // If this isn't set, we know a non-registry key handle was passed in since
  360. // all registry handles have a path associated with them, whereas other types
  361. // of handles may not
  362. //
  363. if (!(pNameInfo->Name)) {
  365. }
  366. //
  367. // We will always return success after this point, so it's
  368. // ok to set the full path member of the structure now. Make
  369. // sure we set the flag indicating that we had to allocate
  370. // memory to store the name if that was indeed the case
  371. //
  372. if (pNameInfo != pKeySemantics->_pFullPath) {
  373. pKeySemantics->_fAllocedNameBuf = TRUE;
  374. }
  375. pKeySemantics->_pFullPath = pNameInfo;
  376. //
  377. // Now that we know the name of the parent key, we can concatenate it
  378. // with the pSubKey parameter
  379. //
  380. //
  381. // First we need to add a trailing pathsep and NULL terminate it
  382. //
  383. pNameInfo->Name[pNameInfo->NameLength / 2] = L'\\';
  384. pNameInfo->Name[pNameInfo->NameLength / 2 + 1] = L'\0';
  385. //
  386. // Get a unicode string so we can perform string operations
  387. //
  388. RtlInitUnicodeString(&NameInfo, pNameInfo->Name);
  389. //
  390. // Adjust the length to reflect the unicode string -- right
  391. // now it inlcudes the length of the Length member of the
  392. // KEY_NAME_INFORMATION structure -- we just want the length
  393. // of the string
  394. //
  395. pNameInfo->NameLength = NameInfo.Length;
  396. //
  397. // Now add space to the string for the subkey and slash
  398. //
  399. NameInfo.MaximumLength += pSubKey->Length + REG_CHAR_SIZE;
  400. //
  401. // append the subkey to the parent key
  402. //
  403. //
  404. // We made sure the buffer was big enough, so the only way this will
  405. // fail is if pSubKey is invalid, which will cause an
  406. // access violation, so no need no test
  407. //
  408. Status = RtlAppendUnicodeStringToString(&NameInfo, pSubKey);
  409. ASSERT(NT_SUCCESS(Status));
  410. //
  411. // if the key name isn't at least as long as the shortest
  412. // classes hive name, leave.
  413. // This assumes that
  414. // HKU\\Sid_Classes is shorter than
  415. // HKU\\Sid\\Software\\Classes
  416. //
  417. if (NameInfo.Length < REG_CLASSES_HIVE_MIN_NAMELEN) {
  418. return STATUS_SUCCESS;
  419. }
  420. //
  421. // remove any terminating pathsep
  422. //
  423. if (NameInfo.Buffer[NameInfo.Length / 2 - 1] == L'\\') {
  424. NameInfo.Length-= sizeof(L'\\');
  425. }
  426. //
  427. // We're done getting the name of the key, save its length
  428. // for the caller
  429. //
  430. pNameInfo->NameLength = NameInfo.Length;
  431. //
  432. // cache the name length
  433. //
  434. cbName = (USHORT) pNameInfo->NameLength;
  435. //
  436. // null terminate the name
  437. //
  438. pNameInfo->Name[cbName / REG_CHAR_SIZE] = L'\0';
  439. if (REG_CLASS_IS_SPECIAL_KEY(hkParent)) {
  440. pKeySemantics->_fCombinedClasses = TRUE;
  441. }
  442. //
  443. // First, see if we're even in the correct hive -- we can check
  444. // certain characters in the path to avoid doing extra string compares
  445. //
  446. switch (pNameInfo->Name[REG_CLASSES_FIRST_DISTINCT_ICH])
  447. {
  448. case L'M':
  449. case L'm':
  450. //
  451. // check if we're in the machine hive
  452. //
  454. //
  455. // Compare prefix with the name for the machine classes key
  456. // Set machine flag if comparison returns equality.
  457. //
  458. if (RtlEqualUnicodeString(
  459. &NameInfo,
  460. &gMachineClassesName,
  461. TRUE) != 0) {
  462. NameInfo.Length = cbName;
  464. pKeySemantics->_fMachine = TRUE;
  465. break;
  466. }
  467. return STATUS_SUCCESS;
  468. case L'U':
  469. case L'u':
  470. //
  471. // check if we're in the users hive
  472. //
  473. {
  474. //
  475. // This will try to find the user prefix -- it fails
  476. // if we're not in the user hive and returns a zero-length
  477. // prefix. Set the flag if it succeeds.
  478. //
  479. ichClassesKeyNameEnd = BaseRegGetUserPrefixLength(
  480. &NameInfo);
  481. if (!ichClassesKeyNameEnd) {
  482. return STATUS_SUCCESS;
  483. }
  484. pKeySemantics->_fUser = TRUE;
  485. break;
  486. }
  487. //
  488. // this isn't a class registration because it isn't in any of the
  489. // correct trees
  490. //
  491. return STATUS_SUCCESS;
  492. default:
  493. //
  494. // the appropriate characters weren't in the key name, so
  495. // this can't be a class registration
  496. //
  497. return STATUS_SUCCESS;
  498. }
  499. //
  500. // At this point, we've found the prefix. The next part of the key
  501. // is the special key -- we look for that now.
  502. //
  503. pKeySemantics->_cbPrefixLen = ichClassesKeyNameEnd * REG_CHAR_SIZE;
  504. pKeySemantics->_ichKeyStart = ichClassesKeyNameEnd;
  505. //
  506. // the start of the special key
  507. // is the character right after the end of the prefix
  508. //
  509. if (pKeySemantics->_cbPrefixLen < pNameInfo->NameLength) {
  510. pKeySemantics->_ichKeyStart++;
  511. }
  512. //
  513. // search for a special subkey of the classes hive --
  514. // this will return the index in the full path of the end
  515. // of the special key name.
  516. //
  517. ichSpecialKeyNameEnd = BaseRegCchSpecialKeyLen(
  518. &NameInfo,
  519. ichClassesKeyNameEnd,
  520. pKeySemantics);
  521. //
  522. // if we find that the entire key is a special key, we're done --
  523. // there's nothing after it in this case so there's no more to
  524. // parse
  525. //
  526. if (pKeySemantics->_fClassRegParent) {
  527. return STATUS_SUCCESS;
  528. }
  529. //
  530. // at this point, we know the key itself is a class registration
  531. //
  532. pKeySemantics->_fClassRegistration = TRUE;
  533. pKeySemantics->_cbClassRegKey = (USHORT) pNameInfo->NameLength -
  534. (pKeySemantics->_cbPrefixLen + pKeySemantics->_cbSpecialKey + REG_CHAR_SIZE);
  535. return STATUS_SUCCESS;
  536. }
  537. void BaseRegReleaseKeySemantics(SKeySemantics* pKeySemantics)
  538. /*++
  539. Routine Description:
  540. This function frees resources associated with an SKeySemantics object
  541. Arguments:
  542. pKeySemantics - pointer to SKeySemantics object whose resources should
  543. be freed
  544. Return Value:
  545. None
  546. --*/
  547. {
  548. if (pKeySemantics->_fAllocedNameBuf) {
  549. RegClassHeapFree(pKeySemantics->_pFullPath);
  550. }
  551. }
  552. NTSTATUS BaseRegOpenClassKey(
  553. IN HKEY hKey,
  555. IN DWORD dwOptions,
  556. IN REGSAM samDesired,
  557. OUT PHKEY phkResult)
  558. /*++
  559. Routine Description:
  560. This function is used to retry opening a class registration key.
  561. Arguments:
  562. hKey - Supplies a handle to an open key. The lpSubKey pathname
  563. parameter is relative to this key handle.
  564. lpSubKey - Supplies the downward key path to the key to open.
  565. lpSubKey is always relative to the key specified by hKey.
  566. dwOptions -- reserved.
  567. samDesired -- This access mask describes the desired security access
  568. for the key.
  569. phkResult -- Returns the handle to the newly opened key.
  570. Return Value:
  571. Returns STATUS_SUCCESS if a key was successfully opened, otherwise it
  572. returns an NTSTATUS error code
  573. Note:
  574. The key must be a class registration key in order to be opened
  575. --*/
  576. {
  578. SKeySemantics keyinfo;
  579. NTSTATUS Status;
  580. //
  581. // Set up the buffer that will hold the name of the key
  582. //
  583. keyinfo._pFullPath = (PKEY_NAME_INFORMATION) rgNameInfoBuf;
  584. keyinfo._cbFullPath = sizeof(rgNameInfoBuf);
  585. keyinfo._fAllocedNameBuf = FALSE;
  586. //
  587. // get information about this key
  588. //
  589. Status = BaseRegGetKeySemantics(hKey, lpSubKey, &keyinfo);
  590. if (!NT_SUCCESS(Status)) {
  591. return Status;
  592. }
  593. //
  594. // Use the information above to look in both user and machine
  595. // hives for the key to be opened
  596. //
  597. Status = BaseRegOpenClassKeyFromLocation(
  598. &keyinfo,
  599. hKey,
  600. lpSubKey,
  601. samDesired,
  603. phkResult);
  604. BaseRegReleaseKeySemantics(&keyinfo);
  605. return Status;
  606. }
  607. NTSTATUS BaseRegOpenClassKeyFromLocation(
  608. SKeySemantics* pKeyInfo,
  609. HKEY hKey,
  610. PUNICODE_STRING lpSubKey,
  611. REGSAM samDesired,
  612. DWORD dwLocation,
  613. HKEY* phkResult)
  614. /*++
  615. Routine Description:
  616. This function will try to open a class registration key that has no link
  617. in the combined classes hive -- it does this by attempting to open the
  618. class registration in the machine hive. If it succeeds, it also creates
  619. a link to the key in the combined classes hive
  620. Arguments:
  621. pKeyInfo -- structure supplying information about a key
  622. hKey -- Supplies a handle to an open key. The lpSubKey pathname
  623. parameter is relative to this key handle.
  624. lpSubKey -- Supplies the downward key path to the key to open.
  625. lpSubKey is always relative to the key specified by hKey.
  626. samDesired -- This access mask describes the desired security access
  627. for the key.
  628. phkResult -- Returns the handle to the newly opened key. If NULL,
  629. no open key handle is returned.
  630. dwLocation -- set of flags that specify where to look for the key.
  631. If LOCATION_MACHINE is specified, the function looks in machine.
  632. If LOCATION_USER is specified, the function looks in user. Both
  633. flags may be specified simultaneously, so that it will look in both
  634. places, or LOCATION_BOTH may be specified for this purpose. If
  635. the function looks in both places, an existing key in the user hive
  636. takes precedence over one in the machine hive.
  637. Return Value:
  638. Returns STATUS_SUCCESS if a key was successfully opened, otherwise it
  639. returns an NTSTATUS error code
  640. Note:
  641. --*/
  642. {
  643. WCHAR* FullPathBuf;
  644. USHORT NewPathLen;
  645. UNICODE_STRING ClassRegkey;
  646. UNICODE_STRING ClassRegSubkey;
  648. NTSTATUS Status;
  649. USHORT PrefixLen;
  650. //
  651. // Init locals
  652. //
  654. NewPathLen = (USHORT) pKeyInfo->_pFullPath->NameLength + REG_CLASSES_SUBTREE_PADDING;
  655. //
  656. // Allocate space for the remapped key -- note that if alloca
  657. // fails, it throws an exception, so we don't check for NULL return value
  658. //
  659. FullPathBuf = (WCHAR*) RegClassHeapAlloc(NewPathLen);
  660. if (!FullPathBuf) {
  661. return STATUS_NO_MEMORY;
  662. }
  663. //
  664. // Set up a unicode string to use this buffer
  665. //
  666. ClassRegkey.MaximumLength = NewPathLen;
  667. ClassRegkey.Buffer = FullPathBuf;
  668. ASSERT((dwLocation == LOCATION_USER) || (dwLocation == LOCATION_MACHINE) ||
  669. (dwLocation == LOCATION_BOTH));
  670. //
  671. // Opening the entire key is a two step process. First, open
  672. // the class registration portion -- we need to do that from
  673. // either the machine or user location. The second step
  674. // is to open everything after the class registration using the
  675. // key obtained in the first step.
  676. //
  677. //
  678. // Below we try to find a user or machine version of the
  679. // class registration
  680. //
  681. if ( LOCATION_USER & dwLocation ) {
  682. //
  683. // Try the user location -- first, move the key name to
  684. // the user hive's namespace
  685. //
  686. if( pKeyInfo->_fUser ) {
  687. //
  688. // in the user's hive we can try a relative open
  689. //
  690. InitializeObjectAttributes(
  691. &Obja,
  692. lpSubKey,
  694. hKey, // relative path
  695. NULL);
  696. } else {
  697. //
  698. // we need to do an absolute path open
  699. //
  700. Status = BaseRegTranslateToUserClassKey(
  701. pKeyInfo,
  702. &ClassRegkey,
  703. &PrefixLen);
  704. if (!NT_SUCCESS(Status)) {
  705. goto cleanup;
  706. }
  707. //
  708. // now try opening the key with the new HKCU string
  709. //
  710. InitializeObjectAttributes(
  711. &Obja,
  712. &ClassRegkey,
  714. NULL, // using absolute path, no hkey
  715. NULL);
  716. }
  717. Status = NtOpenKey(
  718. phkResult,
  719. samDesired,
  720. &Obja);
  721. }
  722. //
  723. // Only try machine if we failed to open user key above
  724. // (or didn't even try to open it)
  725. //
  726. if ((LOCATION_MACHINE & dwLocation) && !NT_SUCCESS(Status)) {
  727. //
  728. // Now try HKLM -- translate the key to the machine
  729. // namespace
  730. //
  731. if( pKeyInfo->_fMachine ) {
  732. //
  733. // in the machine hive we can try a relative open
  734. //
  735. InitializeObjectAttributes(
  736. &Obja,
  737. lpSubKey,
  739. hKey, // relative path
  740. NULL);
  741. } else {
  742. //
  743. // we need to do an absolute path open
  744. //
  745. Status = BaseRegTranslateToMachineClassKey(
  746. pKeyInfo,
  747. &ClassRegkey,
  748. &PrefixLen);
  749. if (!NT_SUCCESS(Status)) {
  750. goto cleanup;
  751. }
  752. //
  753. // now try opening the key with the new HKLM string
  754. //
  755. InitializeObjectAttributes(
  756. &Obja,
  757. &ClassRegkey,
  759. NULL, // using absolute path, no hkey
  760. NULL);
  761. }
  762. Status = NtOpenKey(
  763. phkResult,
  764. samDesired,
  765. &Obja);
  766. if (!NT_SUCCESS(Status)) {
  767. goto cleanup;
  768. }
  769. }
  770. //
  771. // mark this key as a class key from HKCR
  772. //
  773. if (NT_SUCCESS(Status)) {
  774. *phkResult = REG_CLASS_SET_SPECIAL_KEY(*phkResult);
  775. }
  776. cleanup:
  777. RegClassHeapFree(FullPathBuf);
  778. return Status;
  779. }
  780. NTSTATUS BaseRegConstructUserClassPrefix(
  781. SKeySemantics* pKeyInfo,
  782. PUNICODE_STRING pUserClassPrefix)
  783. /*++
  784. Routine Description:
  785. This function creates a prefix for a class key that is in the user hive
  786. Arguments:
  787. pKeyInfo - pointer to struct containing key semantic information
  788. pUserClassPrefix - out param for the constructed prefix
  789. Returns: NT_SUCCESS If the function completed successfully.
  790. Notes:
  791. --*/
  792. {
  793. UNICODE_STRING UserKey;
  794. NTSTATUS Status;
  795. //
  796. // The prefix looks like <sid>_Classes
  797. //
  798. //
  799. // First obtain the sid
  800. //
  801. if (pKeyInfo->_fUser) {
  802. UNICODE_STRING SidString;
  803. //
  804. // construct a string that contains the user's sid
  805. //
  806. KeySemanticsGetSid(pKeyInfo, &SidString);
  807. RtlInitUnicodeString(&UserKey, REG_USER_HIVE_NAME);
  808. //
  809. // create a string that starts with the HKU prefix
  810. //
  811. RtlCopyUnicodeString(pUserClassPrefix, &UserKey);
  812. //
  813. // append the sid to the user prefix
  814. //
  815. Status = RtlAppendUnicodeStringToString(pUserClassPrefix, &SidString);
  816. if (!NT_SUCCESS(Status)) {
  817. return Status;
  818. }
  819. } else {
  820. UNICODE_STRING UsersHive;
  821. //
  822. // This will only happen if a special key has been deleted from
  823. // the user hive
  824. //
  825. Status = RtlFormatCurrentUserKeyPath( &UsersHive );
  826. if (!NT_SUCCESS(Status)) {
  827. return Status;
  828. }
  829. RtlCopyUnicodeString(pUserClassPrefix, &UsersHive );
  830. RtlFreeUnicodeString(&UsersHive);
  831. }
  832. //
  833. // Append the suffix to the sid
  834. //
  835. return RtlAppendUnicodeToString(pUserClassPrefix, REG_USER_HIVE_CLASSES_SUFFIX);
  836. }
  837. NTSTATUS BaseRegTranslateToMachineClassKey(
  838. SKeySemantics* pKeyInfo,
  839. PUNICODE_STRING pMachineClassKey,
  840. USHORT* pPrefixLen)
  841. /*++
  842. Routine Description:
  843. This function translates a class key rooted in HKCR to the machine hive
  844. Arguments:
  845. pKeyInfo - pointer to struct containing key semantic information -- the
  846. pMachineClassKey - out param for result of translation
  847. pPrefixLen - out param for length of the prefix of the resulting translation
  848. Returns: NT_SUCCESS If the function completed successfully.
  849. Notes:
  850. --*/
  851. {
  852. UNICODE_STRING MachineKey;
  853. UNICODE_STRING ClassSubkey;
  854. RtlInitUnicodeString(&MachineKey, REG_MACHINE_CLASSES_HIVE_NAME);
  855. //
  856. // get the unique class key portion
  857. //
  858. KeySemanticsRemovePrefix(pKeyInfo, &ClassSubkey, REMOVEPREFIX_KEEP_INITIAL_PATHSEP);
  859. //
  860. // create a string that starts with the HKLM prefix and has the
  861. // desired class registration key as a subkey
  862. //
  863. RtlCopyUnicodeString(pMachineClassKey, &MachineKey);
  865. return RtlAppendUnicodeStringToString(pMachineClassKey, &ClassSubkey);
  866. }
  867. NTSTATUS BaseRegTranslateToUserClassKey(
  868. SKeySemantics* pKeyInfo,
  869. PUNICODE_STRING pUserClassKey,
  870. USHORT* pPrefixLen)
  871. /*++
  872. Routine Description:
  873. This function translates a class key rooted in HKCR to the user hive
  874. Arguments:
  875. pKeyInfo - pointer to struct containing key semantic information -- the
  876. pUserClassKey - out param for result of translation
  877. pPrefixLen - out param for length of the prefix of the resulting translation
  878. Returns: NT_SUCCESS If the function completed successfully.
  879. Notes:
  880. --*/
  881. {
  882. UNICODE_STRING ClassSubkey;
  883. NTSTATUS Status;
  884. //
  885. // get the unique class key portion
  886. //
  887. KeySemanticsRemovePrefix(pKeyInfo, &ClassSubkey, REMOVEPREFIX_KEEP_INITIAL_PATHSEP);
  888. if (!NT_SUCCESS(Status = BaseRegConstructUserClassPrefix(
  889. pKeyInfo,
  890. pUserClassKey))) {
  891. return Status;
  892. }
  893. *pPrefixLen = pUserClassKey->Length;
  894. //
  895. // finally, append the class key
  896. //
  897. return RtlAppendUnicodeStringToString(pUserClassKey, &ClassSubkey);
  898. }
  899. USHORT BaseRegGetUserPrefixLength(PUNICODE_STRING pFullPath)
  900. /*++
  901. Routine Description:
  902. This function is used to determine the length of the prefix
  903. \\Registry\\User\\<Sid>\\Software\Classes or \\Registry\\User\\\<Sid>_classes
  904. Arguments:
  905. pFullPath - full path of the registry, rooted at \\Registry
  906. Return Value:
  907. Returns the length of the prefix (which must be nonzero), 0 if unsuccessful
  908. --*/
  909. {
  910. UNICODE_STRING UserHive;
  911. UNICODE_STRING FullPath;
  912. USHORT ich;
  913. USHORT ichMax;
  914. FullPath = *pFullPath;
  915. //
  916. // set ourselves up to look for the user hive portion
  917. // of the prefix
  918. //
  919. RtlInitUnicodeString(&UserHive, REG_USER_HIVE_NAME);
  920. if (FullPath.Length <= UserHive.Length) {
  921. return 0;
  922. }
  923. FullPath.Length = UserHive.Length;
  924. //
  925. // check for the user hive prefix, leave if not found
  926. //
  927. if (!RtlEqualUnicodeString(&UserHive, &FullPath, TRUE)) {
  928. return 0;
  929. }
  930. ichMax = pFullPath->Length / REG_CHAR_SIZE;
  931. //
  932. // before looking for the classes subtree, we must skip past
  933. // the user's sid -- the prefix is in the form
  934. // \\Registry\\User\\<sid>\\Software\\Classes or
  935. // \\Registry\\User\\<sid>_Classes
  936. //
  937. for (ich = REG_USER_HIVE_NAMECCH + 1; ich < ichMax; ich++)
  938. {
  939. //
  940. // if we find a pathsep, we cannot be in the combined
  941. // classes hive or the user classes hive
  942. //
  943. if (pFullPath->Buffer[ich] == L'\\') {
  944. return 0;
  945. }
  946. //
  947. // if we find the underscore character, we are in the combined
  948. // classes hive or the user classes hive -- i.e. the prefix looks like
  949. // \\Registry\\User\\<sid>_Classes
  950. // -- use the underscore to distinguish from other cases
  951. //
  952. if (pFullPath->Buffer[ich] == L'_') {
  953. UNICODE_STRING Suffix;
  954. RtlInitUnicodeString(&Suffix, REG_USER_HIVE_CLASSES_SUFFIX);
  955. FullPath.Length = Suffix.Length;
  956. FullPath.Buffer = &(pFullPath->Buffer[ich]);
  957. // look for the user classes suffix in the user hive
  958. if (RtlEqualUnicodeString(&FullPath, &Suffix, TRUE)) {
  960. }
  961. return 0;
  962. }
  963. }
  964. return 0;
  965. }
  966. USHORT BaseRegCchSpecialKeyLen(
  967. PUNICODE_STRING pFullPath,
  968. USHORT ichSpecialKeyStart,
  969. SKeySemantics* pKeySemantics)
  970. /*++
  971. Routine Description:
  972. This function is used to determine the length of a special subkey contained
  973. on the pSpecialKey parameter. If the entire pFullPath is a special key,
  974. a flag in pKeySemantics will be set to TRUE
  975. Arguments:
  976. pFullPath - full path of the registry, rooted at \\Registry
  977. ichSpecialKeyStart - index in the full path of the start of the special key path
  978. pKeySemantics - pointer to structure which stores semantics information about a key
  979. Return Value:
  980. Returns the length of the special key if there is a special key in the pSpecialKey
  981. path, 0 if there is none
  982. Notes:
  983. This function depends on the gSpecialSubtree array being a *sorted* list of special
  984. key names.
  985. --*/
  986. {
  987. WCHAR* wszSpecialKey;
  988. USHORT ichSpecialKeyLen;
  989. ASSERT(pFullPath->Length / REG_CHAR_SIZE >= ichSpecialKeyStart);
  990. //
  991. // For hkcr itself, there is no ancestor -- detect this special
  992. // case and return
  993. //
  994. if (pFullPath->Length / REG_CHAR_SIZE == ichSpecialKeyStart) {
  995. pKeySemantics->_fClassRegParent = TRUE;
  996. return ichSpecialKeyStart;
  997. }
  998. //
  999. // The special key is now just the parent of this key -- find
  1000. // the immediate ancestor of this key
  1001. //
  1002. wszSpecialKey = wcsrchr(&(pFullPath->Buffer[ichSpecialKeyStart]), L'\\');
  1003. ASSERT(wszSpecialKey);
  1004. //
  1005. // The length of the special key is the difference
  1006. // between the '\' at the end of the special key and the start
  1007. // of the string
  1008. //
  1009. ichSpecialKeyLen = (USHORT)(wszSpecialKey - pFullPath->Buffer);
  1010. //
  1011. // Store the length of the special key name by itself as well
  1012. //
  1013. pKeySemantics->_cbSpecialKey = ichSpecialKeyLen - ichSpecialKeyStart;
  1014. return ichSpecialKeyLen;
  1015. }
  1016. NTSTATUS BaseRegOpenClassKeyRoot(
  1017. SKeySemantics* pKeyInfo,
  1018. PHKEY phkClassRoot,
  1019. PUNICODE_STRING pClassKeyPath,
  1020. BOOL fMachine)
  1021. /*++
  1022. Routine Description:
  1023. This function will try to open the class root key appropriate to
  1024. a given key being opened from HKEY_CLASSES_ROOT. The key opened is either
  1025. HKEY_USERS\<Sid>_Classes or HKLM\Software\Classes. If the key exists
  1026. in the user portion, then that the user key will be opened. Otherwise,
  1027. the machine key is returned. It also returns the unicode string
  1028. subkey name used to open the key specified in
  1029. pKeyInfo relative to the class root key returned in phkClassRoot.
  1030. Arguments:
  1031. pKeyInfo -- structure supplying information about a key
  1032. phkClassRoot -- out param for the class root key result of the function
  1033. pClassKeyPath -- Supplies the downward key path to the key to open.
  1034. pClassKeyPath is always relative to the key specified by hKey.
  1035. pfMachine -- out param flag that indicates that whether or not
  1036. this key was opened in the machine hive.
  1037. Return Value:
  1038. Returns STATUS_SUCCESS if a key was successfully deleted, otherwise it
  1039. returns an NTSTATUS error code
  1040. Note:
  1041. --*/
  1042. {
  1043. NTSTATUS Status;
  1044. USHORT PrefixLen;
  1045. UNICODE_STRING NewFullPath;
  1046. PVOID Buffer = NULL;
  1047. Buffer = RtlAllocateHeap( RtlProcessHeap( ), 0,pClassKeyPath->MaximumLength);
  1048. if( Buffer == NULL ) {
  1050. }
  1051. NewFullPath.Buffer = Buffer;
  1052. NewFullPath.MaximumLength = pClassKeyPath->MaximumLength;
  1053. //
  1054. // Translate to appropriate location
  1055. //
  1056. if (fMachine) {
  1057. Status = BaseRegTranslateToMachineClassKey(
  1058. pKeyInfo,
  1059. &NewFullPath,
  1060. &PrefixLen);
  1061. } else {
  1062. Status = BaseRegTranslateToUserClassKey(
  1063. pKeyInfo,
  1064. &NewFullPath,
  1065. &PrefixLen);
  1066. }
  1067. if (!NT_SUCCESS(Status)) {
  1068. RtlFreeHeap( RtlProcessHeap(), 0, Buffer );
  1069. return Status;
  1070. }
  1071. //
  1072. // Open the prefix
  1073. //
  1074. {
  1075. UNICODE_STRING RootKey;
  1077. RootKey.Buffer = NewFullPath.Buffer;
  1078. //
  1079. // Calculate the length of the prefix
  1080. //
  1081. RootKey.Length = PrefixLen;
  1082. //
  1083. // now, get ready to open it
  1084. //
  1085. InitializeObjectAttributes(&Obja,
  1086. &RootKey,
  1088. NULL, // full path, no hkey
  1089. NULL);
  1090. Status = NtOpenKey(
  1091. phkClassRoot,
  1093. &Obja);
  1094. }
  1095. if (NT_SUCCESS(Status)) {
  1096. //
  1097. // Skip past the prefix
  1098. //
  1099. NewFullPath.Buffer += (PrefixLen / REG_CHAR_SIZE);
  1100. NewFullPath.Length -= PrefixLen;
  1101. if (L'\\' == NewFullPath.Buffer[0]) {
  1102. NewFullPath.Length -= REG_CHAR_SIZE;
  1103. NewFullPath.Buffer ++;
  1104. }
  1105. //
  1106. // Copy everything after the prefix
  1107. //
  1108. RtlCopyUnicodeString(pClassKeyPath, &NewFullPath);
  1109. }
  1110. RtlFreeHeap( RtlProcessHeap(), 0, Buffer );
  1111. return Status;
  1112. }
  1113. NTSTATUS
  1114. BaseRegMapClassRegistrationKey(
  1115. HKEY hKey,
  1116. PUNICODE_STRING pSubKey,
  1117. SKeySemantics* pKeyInfo,
  1118. PUNICODE_STRING pDestSubKey,
  1119. BOOL* pfRetryOnAccessDenied,
  1120. PHKEY phkDestResult,
  1121. PUNICODE_STRING* ppSubKeyResult)
  1122. /*++
  1123. Routine Description:
  1124. This function will map a key from HKEY_CLASSES_ROOT into either the
  1125. user hive or machine hive. The remapped key is returned in the
  1126. (*phkDestResult, *ppSubKeyResult) pair.
  1127. Arguments:
  1128. hKey -- root of key to remap
  1129. pSubKey -- Supplies the downward key path to the key to remap.
  1130. pSubKey is always relative to the key specified by hKey.
  1131. pKeyInfo -- structure supplying information about a key
  1132. pDestSubKey -- unicode string in which to store result data
  1133. if the key gets remapped
  1134. pfRetryOnAccessDenied -- out param flag to set indicating whether
  1135. failure to open the remapped key because of access denied should
  1136. be retried
  1137. phkDestResult -- out param for root of remapped key
  1138. ppSubKeyResult -- out param for remainder of path of remapped key
  1139. Return Value:
  1140. Returns STATUS_SUCCESS if a key was successfully deleted, otherwise it
  1141. returns an NTSTATUS error code
  1142. Note:
  1143. --*/
  1144. {
  1145. BOOL fMachine;
  1146. UNICODE_STRING ClassKeyPath;
  1147. NTSTATUS Status;
  1148. HKEY hkUser;
  1149. //
  1150. // by default, use machine
  1151. //
  1152. fMachine = TRUE;
  1153. //
  1154. // Check for existence of the key in the
  1155. // user hive
  1156. //
  1157. Status = BaseRegOpenClassKeyFromLocation(
  1158. pKeyInfo,
  1159. hKey,
  1160. pSubKey,
  1163. &hkUser);
  1164. if (!NT_SUCCESS(Status)) {
  1165. //
  1166. // a not found error is fine -- this just means that
  1167. // neither key exists already -- in this case we
  1168. // choose to use machine
  1169. //
  1170. if (STATUS_OBJECT_NAME_NOT_FOUND != Status) {
  1171. return Status;
  1172. }
  1173. } else {
  1174. //
  1175. // The user key exists, we choose it over
  1176. // the machine key
  1177. //
  1178. fMachine = FALSE;
  1179. NtClose(hkUser);
  1180. }
  1181. //
  1182. // Get a buffer for the new path
  1183. //
  1184. ClassKeyPath.Buffer = (WCHAR*) RegClassHeapAlloc(
  1185. ClassKeyPath.MaximumLength = ((USHORT) pKeyInfo->_pFullPath->NameLength +
  1187. if (!(ClassKeyPath.Buffer)) {
  1188. return STATUS_NO_MEMORY;
  1189. }
  1190. //
  1191. // Remap the key
  1192. //
  1193. Status = BaseRegOpenClassKeyRoot(
  1194. pKeyInfo,
  1195. phkDestResult,
  1196. &ClassKeyPath,
  1197. fMachine);
  1198. if (!NT_SUCCESS(Status)) {
  1199. RegClassHeapFree(ClassKeyPath.Buffer);
  1200. return Status;
  1201. }
  1202. //
  1203. // If the remapped key is in the machine hive, set the flag so that
  1204. // retries are not permitted.
  1205. //
  1206. if (*pfRetryOnAccessDenied && !fMachine) {
  1207. *pfRetryOnAccessDenied = FALSE;
  1208. }
  1209. //
  1210. // phkDestResult, the root portion of the remapped key, was set above.
  1211. // now set the subkey portion and leave
  1212. //
  1213. *pDestSubKey = ClassKeyPath;
  1214. *ppSubKeyResult = pDestSubKey;
  1215. return STATUS_SUCCESS;
  1216. }
  1217. NTSTATUS BaseRegGetUserAndMachineClass(
  1218. SKeySemantics* pKeySemantics,
  1219. HKEY hKey,
  1220. REGSAM samDesired,
  1221. PHKEY phkMachine,
  1222. PHKEY phkUser)
  1223. /*++
  1224. Routine Description:
  1225. This function will return kernel objects corresponding to the user
  1226. and machine components of a given kernel object.
  1227. Arguments:
  1228. pKeySemantics -- supplies information about hKey. This is optional --
  1229. if the caller does not supply it, the function will query for the information.
  1230. This is an optimization for callers that already have this info
  1231. and can save us the time of
  1232. hKey -- key for which to open user and machine versions
  1233. samDesired -- security access mask for one of the returned keys -- see
  1234. note below for important info on this
  1235. phkMachine -- out param for machine version of key
  1236. phkUser -- out param for user version of key
  1237. Return Value:
  1238. Returns STATUS_SUCCESS if a key was successfully deleted, otherwise it
  1239. returns an NTSTATUS error code
  1240. Notes:
  1241. ***VERY IMPORTANT!!!***
  1242. One of the two returned keys will alias hKey -- this way we only open
  1243. one object (one trip to the kernel) instead of two. This means that the caller
  1244. should not blindly call NtClose on the two returned objects -- a == comparison
  1245. between one of the keys and hKey should be made to determine if it that key is
  1246. the alias -- if it is, you should *NOT* call NtClose on it because otherwise the
  1247. owner of hKey will call NtClose on the same handle value after your call to close
  1248. that handle which will cause an exception. You *should* close the handle that does not
  1249. alias hKey -- if you don't you'll get a handle leak.
  1250. Another important note -- only the new key (non-aliased) will have the access mask
  1251. specified in samDesired -- the aliased key is just hKey, so it has the same access
  1252. mask. If you want to ensure the correct access on that key, you'll need to explicitly
  1253. duplicate or open that key with the correct access.
  1254. --*/
  1255. {
  1256. NTSTATUS Status;
  1257. SKeySemantics keyinfo;
  1258. SKeySemantics* pKeyInfo;
  1259. UNICODE_STRING EmptyString = {0, 0, 0};
  1261. DWORD dwLocation;
  1262. PHKEY phkNew;
  1263. //
  1264. // Clear out parameters
  1265. //
  1266. *phkMachine = NULL;
  1267. *phkUser = NULL;
  1268. //
  1269. // Try to use caller supplied key information
  1270. //
  1271. if (pKeySemantics) {
  1272. pKeyInfo = pKeySemantics;
  1273. } else {
  1274. //
  1275. // Set buffer to store info about this key
  1276. //
  1277. keyinfo._pFullPath = (PKEY_NAME_INFORMATION) rgNameBuf;
  1278. keyinfo._cbFullPath = sizeof(rgNameBuf);
  1279. keyinfo._fAllocedNameBuf = FALSE;
  1280. //
  1281. // get information about this key
  1282. //
  1283. Status = BaseRegGetKeySemantics(hKey, &EmptyString, &keyinfo);
  1284. if (!NT_SUCCESS(Status)) {
  1285. return Status;
  1286. }
  1287. pKeyInfo = &keyinfo;
  1288. }
  1289. if (pKeyInfo->_fMachine) {
  1290. *phkMachine = hKey;
  1291. dwLocation = LOCATION_USER;
  1292. phkNew = phkUser;
  1293. } else {
  1294. *phkUser = hKey;
  1295. dwLocation = LOCATION_MACHINE;
  1296. phkNew = phkMachine;
  1297. }
  1298. (void) BaseRegOpenClassKeyFromLocation(
  1299. pKeyInfo,
  1300. hKey,
  1301. &EmptyString,
  1302. (samDesired & KEY_WOW64_RES) | MAXIMUM_ALLOWED,
  1303. dwLocation,
  1304. phkNew);
  1305. if (!pKeySemantics) {
  1306. BaseRegReleaseKeySemantics(&keyinfo);
  1307. }
  1308. return STATUS_SUCCESS;
  1309. }
  1310. NTSTATUS GetFixedKeyInfo(
  1311. HKEY hkUser,
  1312. HKEY hkMachine,
  1313. LPDWORD pdwUserValues,
  1314. LPDWORD pdwMachineValues,
  1315. LPDWORD pdwUserMaxDataLen,
  1316. LPDWORD pdwMachineMaxDataLen,
  1317. LPDWORD pdwMaxValueNameLen)
  1318. {
  1319. NTSTATUS Status;
  1320. DWORD cUserValues;
  1321. DWORD cMachineValues;
  1323. DWORD dwRead;
  1324. DWORD cbMaxNameLen;
  1325. DWORD cbUserMaxDataLen;
  1326. DWORD cbMachineMaxDataLen;
  1327. //
  1328. // Init locals
  1329. //
  1330. cUserValues = 0;
  1331. cMachineValues = 0;
  1332. cbMaxNameLen = 0;
  1333. cbUserMaxDataLen = 0;
  1334. cbMachineMaxDataLen = 0;
  1336. //
  1337. // Init out params
  1338. //
  1339. if (pdwUserValues) {
  1340. *pdwUserValues = 0;
  1341. }
  1342. if (pdwMachineValues) {
  1343. *pdwMachineValues = 0;
  1344. }
  1345. if (pdwMaxValueNameLen) {
  1346. *pdwMaxValueNameLen = 0;
  1347. }
  1348. if (pdwUserMaxDataLen) {
  1349. *pdwUserMaxDataLen = 0;
  1350. }
  1351. if (pdwMachineMaxDataLen) {
  1352. *pdwMachineMaxDataLen = 0;
  1353. }
  1354. //
  1355. // Get user information
  1356. //
  1357. if (hkUser) {
  1358. Status = NtQueryKey(
  1359. hkUser,
  1360. KeyCachedInformation,
  1361. &KeyInfo,
  1362. sizeof(KeyInfo),
  1363. &dwRead);
  1364. //
  1365. // KEY_CACHED_INFORMATION is a fixed struct !!!
  1366. //
  1368. //if (STATUS_BUFFER_OVERFLOW == Status) {
  1369. // Status = STATUS_SUCCESS;
  1370. //}
  1371. if (!NT_SUCCESS(Status)) {
  1372. return Status;
  1373. }
  1374. cUserValues = KeyInfo.Values;
  1375. cbMaxNameLen = KeyInfo.MaxValueNameLen;
  1376. cbUserMaxDataLen = KeyInfo.MaxValueDataLen;
  1377. }
  1378. //
  1379. // Get machine information
  1380. //
  1381. if (hkMachine) {
  1382. Status = NtQueryKey(
  1383. hkMachine,
  1384. KeyCachedInformation,
  1385. &KeyInfo,
  1386. sizeof(KeyInfo),
  1387. &dwRead);
  1388. //
  1389. // KEY_CACHED_INFORMATION is a fixed struct !!!
  1390. //
  1392. //if (STATUS_BUFFER_OVERFLOW == Status) {
  1393. // Status = STATUS_SUCCESS;
  1394. //}
  1395. if (!NT_SUCCESS(Status)) {
  1396. return Status;
  1397. }
  1398. cMachineValues = KeyInfo.Values;
  1399. cbMachineMaxDataLen = KeyInfo.MaxValueDataLen;
  1400. if (KeyInfo.MaxValueNameLen > cbMaxNameLen) {
  1401. cbMaxNameLen = KeyInfo.MaxValueNameLen;
  1402. }
  1403. }
  1404. if (pdwUserValues) {
  1405. *pdwUserValues = cUserValues;
  1406. }
  1407. if (pdwMachineValues) {
  1408. *pdwMachineValues = cMachineValues;
  1409. }
  1410. if (pdwMaxValueNameLen) {
  1411. *pdwMaxValueNameLen = cbMaxNameLen;
  1412. }
  1413. if (pdwUserMaxDataLen) {
  1414. *pdwUserMaxDataLen = cbUserMaxDataLen;
  1415. }
  1416. if (pdwMachineMaxDataLen) {
  1417. *pdwMachineMaxDataLen = cbMachineMaxDataLen;
  1418. }
  1419. return Status;
  1420. }
  1422. NTSTATUS
  1423. BaseRegMapClassOnAccessDenied(
  1424. SKeySemantics* pKeySemantics,
  1425. PHKEY phkDest,
  1426. PUNICODE_STRING pDestSubKey,
  1427. BOOL* pfRetryOnAccessDenied)
  1428. /*++
  1429. Routine Description:
  1430. This function will remap a key to the user hive when an access denied
  1431. error is encountered creating it in the machine hive
  1432. Arguments:
  1433. pKeySemantics -- structure supplying information about a key
  1434. phkDest -- out param for root of remapped key
  1435. pDestSubKey -- out param for remainder of path of remapped key
  1436. pfRetryOnAccessDenied -- in / out param. If true, we can
  1437. remap it. On return this value indicates whether or not
  1438. we can do another retry
  1439. Return Value:
  1440. Returns STATUS_SUCCESS if a key was successfully deleted, otherwise it
  1441. returns an NTSTATUS error code
  1442. Note:
  1443. --*/
  1444. {
  1445. NTSTATUS Status;
  1446. UNICODE_STRING NewFullPath;
  1447. Status = STATUS_ACCESS_DENIED;
  1448. NewFullPath.Buffer=NULL;
  1449. if (pKeySemantics->_fCombinedClasses &&
  1450. *pfRetryOnAccessDenied) {
  1451. USHORT PrefixLen;
  1452. //
  1453. // Close the original key -- we don't need it anymore.
  1454. //
  1455. if(*phkDest) {
  1456. NtClose(*phkDest);
  1457. *phkDest = NULL;
  1458. }
  1459. //
  1460. // No more retries permitted for this key
  1461. //
  1462. *pfRetryOnAccessDenied = FALSE;
  1463. //
  1464. // Get space for the new path -- we will free this below.
  1465. // We avoid using alloca because of stack overflows
  1466. //
  1467. NewFullPath.MaximumLength = (USHORT)(pKeySemantics->_pFullPath->NameLength) + REG_CLASSES_SUBTREE_PADDING;
  1468. NewFullPath.Buffer = RegClassHeapAlloc(NewFullPath.MaximumLength);
  1469. if (!(NewFullPath.Buffer)) {
  1470. return STATUS_NO_MEMORY;
  1471. }
  1472. //
  1473. // Translate this key to the user hive
  1474. //
  1475. Status = BaseRegTranslateToUserClassKey(
  1476. pKeySemantics,
  1477. &NewFullPath,
  1478. &PrefixLen);
  1479. if (NT_SUCCESS(Status)) {
  1480. UNICODE_STRING Prefix;
  1482. //
  1483. // Allocate space for the new key name to give back to the caller
  1484. //
  1485. pDestSubKey->MaximumLength = NewFullPath.MaximumLength - PrefixLen + REG_CHAR_SIZE;
  1486. pDestSubKey->Buffer = (WCHAR*) RegClassHeapAlloc(pDestSubKey->MaximumLength);
  1487. if (!(pDestSubKey->Buffer)) {
  1488. Status = STATUS_NO_MEMORY;
  1489. goto cleanup;
  1490. }
  1491. //
  1492. // Make a string which strips off every thing after the prefix --
  1493. // we will open up to the prefix
  1494. //
  1495. Prefix.Buffer = NewFullPath.Buffer;
  1496. Prefix.Length = PrefixLen;
  1497. //
  1498. // Move our full path past the prefix
  1499. //
  1500. NewFullPath.Buffer += (PrefixLen + REG_CHAR_SIZE) / REG_CHAR_SIZE;
  1501. NewFullPath.Length -= (PrefixLen + REG_CHAR_SIZE);
  1502. //
  1503. // Copy everything after the prefix to the subkey path
  1504. // that we're returning to the caller
  1505. //
  1506. RtlCopyUnicodeString(pDestSubKey, &NewFullPath);
  1507. //
  1508. //Get the original pointer back so we could free it!
  1509. //
  1510. NewFullPath.Buffer -= (PrefixLen + REG_CHAR_SIZE) / REG_CHAR_SIZE;
  1511. NewFullPath.Length += (PrefixLen + REG_CHAR_SIZE);
  1512. //
  1513. // Now open the root for the caller
  1514. //
  1515. InitializeObjectAttributes(&Obja,
  1516. &Prefix,
  1518. NULL, // full path, no hkey
  1519. NULL);
  1520. Status = NtOpenKey(
  1521. phkDest,
  1523. &Obja);
  1524. if(!NT_SUCCESS(Status)) {
  1525. RegClassHeapFree(pDestSubKey->Buffer);
  1526. pDestSubKey->Buffer=NULL;
  1527. }
  1528. }
  1529. }
  1530. cleanup:
  1531. //
  1532. // Free the buffer we allocated above
  1533. //
  1534. if(NewFullPath.Buffer) {
  1535. RegClassHeapFree(NewFullPath.Buffer);
  1536. }
  1537. return Status;
  1538. }
  1540. NTSTATUS
  1541. CreateMultipartUserClassKey(
  1542. IN HKEY hKey,
  1543. OUT PHKEY phkResult)
  1544. /*++
  1545. Routine Description:
  1546. This function creates HKCU\Software\Classes\... subkey
  1547. corresponding to given HKLM\Software\Classes\... subkey
  1548. Arguments:
  1549. IN HKEY hKey - handle of HKLM\Software\Classes\... subkey
  1550. OUT PHKEY phkResult - handle of HKCU\Software\Classes\... subkey
  1551. Return Value:
  1552. Returns STATUS_SUCCESS on success, other NTSTATUS if failed.
  1553. --*/
  1554. {
  1555. LPWSTR KeyBuffer;
  1556. ULONG NumberOfSubKeys;
  1557. LPWSTR p;
  1558. ULONG i;
  1559. LPWSTR Token;
  1560. UNICODE_STRING KeyName;
  1561. HANDLE TempHandle1;
  1562. HANDLE TempHandle2;
  1564. NTSTATUS Status;
  1565. ////////////////////////////////////////////////////////////////////////////
  1567. SKeySemantics keyinfo;
  1568. UNICODE_STRING EmptyString= {0, 0, 0};
  1569. HKEY hkDestKey=NULL;
  1570. UNICODE_STRING DestSubkey;
  1571. BOOL fRetryOnAccessDenied=TRUE;
  1572. //
  1573. // Set up the buffer that will hold the name of the key
  1574. //
  1575. keyinfo._pFullPath = (PKEY_NAME_INFORMATION) rgNameInfoBuf;
  1576. keyinfo._cbFullPath = sizeof(rgNameInfoBuf);
  1577. keyinfo._fAllocedNameBuf = FALSE;
  1578. //
  1579. // get information about this key
  1580. //
  1581. Status = BaseRegGetKeySemantics(hKey, &EmptyString, &keyinfo);
  1582. if (!NT_SUCCESS(Status)) {
  1583. return Status;
  1584. }
  1585. DestSubkey.Buffer=NULL;
  1586. //
  1587. //Remap key to the user hive.
  1588. //
  1589. Status = BaseRegMapClassOnAccessDenied(
  1590. &keyinfo,
  1591. &hkDestKey,
  1592. &DestSubkey,
  1593. &fRetryOnAccessDenied);
  1594. BaseRegReleaseKeySemantics(&keyinfo);
  1595. if(!NT_SUCCESS(Status)) {
  1596. return Status;
  1597. }
  1598. //
  1599. //If we've opened new hkDestKey we must close it.
  1600. //
  1601. if( hkDestKey != hKey ) {
  1602. TempHandle1 = hkDestKey;
  1603. } else {
  1604. TempHandle1 = NULL;
  1605. }
  1606. //
  1607. // Initialize the buffer to be tokenized.
  1608. //
  1609. KeyBuffer = DestSubkey.Buffer;
  1610. //
  1611. // Find out the number of subkeys to be created
  1612. //
  1613. NumberOfSubKeys = 1;
  1614. p = KeyBuffer;
  1615. while ( ( p = wcschr( p, ( WCHAR )'\\' ) ) != NULL ) {
  1616. p++;
  1617. NumberOfSubKeys++;
  1618. }
  1619. for( i = 0, Token = KeyBuffer; i < NumberOfSubKeys; i++ ) {
  1620. ASSERT(Token != NULL);
  1621. if( ( *Token == ( WCHAR )'\\' ) &&
  1622. ( i != NumberOfSubKeys - 1 ) ) {
  1623. //
  1624. // If the first character of the key name is '\', and the key
  1625. // is not the last to be created, then ignore this key name.
  1626. // This condition can happen if the key name contains
  1627. // consecutive '\'.
  1628. // This behavior is consistent with the one we had in the past
  1629. // when the API used wcstok() to get the key names.
  1630. // Note that if the key name is an empty string, we return a handle
  1631. // that is different than hKey, even though both point to the same
  1632. // key. This is by design.
  1633. //
  1634. Token++;
  1635. continue;
  1636. }
  1637. //
  1638. // Convert the token to a counted Unicode string.
  1639. //
  1640. KeyName.Buffer = Token;
  1641. if (i == NumberOfSubKeys - 1) {
  1642. KeyName.Length = wcslen(Token)*sizeof(WCHAR);
  1643. } else {
  1644. KeyName.Length = (USHORT)(wcschr(Token, ( WCHAR )'\\') - Token)*sizeof(WCHAR);
  1645. }
  1646. //
  1647. // Remember the intermediate handle (NULL the first time through).
  1648. //
  1649. TempHandle2 = TempHandle1;
  1650. //
  1651. // Initialize the OBJECT_ATTRIBUTES structure, close the
  1652. // intermediate key and create or open the key.
  1653. //
  1654. InitializeObjectAttributes(
  1655. &Obja,
  1656. &KeyName,
  1658. hkDestKey,
  1659. NULL
  1660. );
  1661. Status = NtCreateKey(
  1662. &TempHandle1,
  1664. &Obja,
  1665. 0,
  1666. NULL,
  1668. NULL
  1669. );
  1670. //
  1671. // Initialize the next object directory (i.e. parent key) handle.
  1672. //
  1673. hkDestKey = TempHandle1;
  1674. //
  1675. // Close the intermediate key.
  1676. // This fails the first time through the loop since the
  1677. // handle is NULL.
  1678. //
  1679. if( TempHandle2 != NULL ) {
  1680. NtClose( TempHandle2 );
  1681. }
  1682. //
  1683. // If creating the key failed, return the error.
  1684. //
  1685. if( ! NT_SUCCESS( Status )) {
  1686. break;
  1687. }
  1688. Token = wcschr( Token, ( WCHAR )'\\') + 1;
  1689. }
  1690. if(DestSubkey.Buffer) {
  1691. RtlFreeHeap(RtlProcessHeap(), 0, DestSubkey.Buffer);
  1692. }
  1693. //
  1694. // Only set the return value once we know we've
  1695. // succeeded.
  1696. //
  1697. if( NT_SUCCESS( Status )) {
  1698. *phkResult = hkDestKey;
  1699. }
  1700. return Status;
  1701. }
  1703. BOOL InitializeInstrumentedRegClassHeap()
  1704. {
  1705. NTSTATUS Status;
  1706. Status = RtlInitializeCriticalSection(
  1707. &(gRegClassHeapCritSect));
  1708. return NT_SUCCESS(Status);
  1709. }
  1710. BOOL CleanupInstrumentedRegClassHeap()
  1711. {
  1712. NTSTATUS Status;
  1713. Status = RtlDeleteCriticalSection(
  1714. &(gRegClassHeapCritSect));
  1715. DbgPrint("WINREG: Instrumented memory data for process id 0x%x\n", NtCurrentTeb()->ClientId.UniqueProcess);
  1716. DbgPrint("WINREG: Classes Heap Maximum Allocated: 0x%x\n", gcbMaxAllocated);
  1717. DbgPrint("WINREG: Classes Heap Maximum Outstanding Allocs: 0x%x\n", gcMaxAllocs);
  1718. if (gcbAllocated || gcAllocs) {
  1719. DbgPrint("WINREG: Classes Heap ERROR!\n");
  1720. DbgPrint("WINREG: Classes Heap not completely freed!\n");
  1721. DbgPrint("WINREG: Classes Heap Leaked 0x%x bytes\n", gcbAllocated);
  1722. DbgPrint("WINREG: Classes Heap Outstanding Allocs: 0x%x\n", gcAllocs);
  1723. DbgBreakPoint();
  1724. } else {
  1725. DbgPrint("WINREG: Classes Heap is OK.\n");
  1726. }
  1727. return NT_SUCCESS(Status);
  1728. }
  1729. #endif // defined(_REGCLASS_MALLOC_INSTRUMENTED_)
  1730. /*++
  1731. Routine Description:
  1732. Replaces HKLM\Software\Classes\<something> path with HKCR\<something>
  1733. Arguments:
  1734. phKey - The pointer to the handle of the key to map
  1735. lpSubKey - The key that is to be opened/created/deleted
  1736. Return Value:
  1737. If the [phKey] is in an interesting area return TRUE
  1738. If not, or if an error occurs, return FALSE.
  1739. --*/
  1740. BOOL
  1741. ExtractClassKey(
  1742. IN OUT HKEY *phKey,
  1744. {
  1745. #define STR_CLASSES1 L"Classes\\"
  1746. #define STR_CLASSES2 L"Software\\Classes\\"
  1747. #define STR_MACHINE1 L"\\Registry\\Machine\\Software"
  1748. #define STR_MACHINE2 L"\\Registry\\Machine"
  1749. static const WCHAR *szCmpStr1[2]={STR_CLASSES1,STR_CLASSES2};
  1750. static const WCHAR *szCmpStr2[2]={STR_MACHINE1,STR_MACHINE2};
  1751. static const USHORT SizeCmpStr1[2]={sizeof(STR_CLASSES1)/sizeof(WCHAR)-2,
  1752. sizeof(STR_CLASSES2)/sizeof(WCHAR)-2};
  1753. static const USHORT SizeCmpStr2[2]={sizeof(STR_MACHINE1)/sizeof(WCHAR)-1,
  1754. sizeof(STR_MACHINE2)/sizeof(WCHAR)-1};
  1755. static const USHORT LengthCmpStr1[2]={sizeof(STR_CLASSES1)-2*sizeof(WCHAR),
  1756. sizeof(STR_CLASSES2)-2*sizeof(WCHAR)};
  1757. static const USHORT LengthCmpStr2[2]={sizeof(STR_MACHINE1)-sizeof(WCHAR),
  1758. sizeof(STR_MACHINE2)-sizeof(WCHAR)};
  1759. static const USHORT offset[2]={sizeof(STR_CLASSES1)-sizeof(WCHAR),
  1760. sizeof(STR_CLASSES2)-sizeof(WCHAR)};
  1761. static BYTE pBuff[sizeof(STR_MACHINE1)+sizeof(KEY_NAME_INFORMATION)];
  1763. ULONG ResultLength;
  1764. NTSTATUS Status;
  1765. int index = 0;
  1766. //if length of the subkey name is less than "Classes" this is
  1767. //not the key we are interested in.
  1768. if(lpSubKey->Length < LengthCmpStr1[index]) {
  1769. return FALSE;
  1770. }
  1771. //see if subkey name starts with "Classes"
  1772. //If length of the subkey name is longer than "Classes",
  1773. //see if we have '\\' in the right place
  1774. //(because it could be something like "ClassesSomething").
  1775. if(_wcsnicmp(lpSubKey->Buffer,szCmpStr1[index],SizeCmpStr1[index]) ||
  1776. (lpSubKey->Length > LengthCmpStr1[index] &&
  1777. lpSubKey->Buffer[SizeCmpStr1[index]] != L'\\')) {
  1778. index = 1;
  1779. //if length of the subkey name is less than "Software\\Classes" this is
  1780. //not the key we are interested in.
  1781. if(lpSubKey->Length < LengthCmpStr1[index]) {
  1782. return FALSE;
  1783. }
  1784. //see if subkey name starts with "Software\\Classes"
  1785. //If length of the subkey name is longer than "Software\\Classes",
  1786. //see if we have '\\' in the right place
  1787. //(because it could be something like "Software\\ClassesSomething").
  1788. if(_wcsnicmp(lpSubKey->Buffer,szCmpStr1[index],SizeCmpStr1[index]) ||
  1789. (lpSubKey->Length > LengthCmpStr1[index] &&
  1790. lpSubKey->Buffer[SizeCmpStr1[index]] != L'\\')) {
  1791. return FALSE;
  1792. }
  1793. }
  1794. //Get the parent key name
  1795. Status = NtQueryKey(
  1796. *phKey,
  1797. KeyNameInformation,
  1798. pNameInfo,
  1799. sizeof(pBuff),
  1800. &ResultLength);
  1801. if (!NT_SUCCESS(Status)) {
  1802. return FALSE;
  1803. }
  1804. if(pNameInfo->NameLength != LengthCmpStr2[index] ||
  1805. _wcsnicmp(pNameInfo->Name,szCmpStr2[index],SizeCmpStr2[index])) {
  1806. return FALSE;
  1807. }
  1808. //Get handle to HKCR
  1809. if( !HKEY_ClassesRoot ) {
  1810. if( LocalOpenClassesRoot(NULL, MAXIMUM_ALLOWED, &HKEY_ClassesRoot) != ERROR_SUCCESS ) {
  1811. return FALSE;
  1812. }
  1813. }
  1814. // cut "Classes\\" or "Software\\Classes\\" from lpSubKey
  1815. if(lpSubKey->Length <= offset[index] ) {
  1816. //user tries to access HKLM\Software\Classes[\]"
  1817. //we will just return him handle to HKCR.
  1818. lpSubKey->Length = 0;
  1819. } else {
  1820. //move pointer after "Classes\\" or "Software\\Classes\\"
  1821. //it will be restored by caller
  1822. lpSubKey->Length -= offset[index];
  1823. lpSubKey->MaximumLength -= offset[index];
  1824. lpSubKey->Buffer += offset[index]/sizeof(WCHAR);
  1825. }
  1826. //replace hKey with HKCR
  1827. *phKey = HKEY_ClassesRoot;
  1828. return TRUE;
  1829. }
  1830. #endif // LOCAL