archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
4.9 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/base/screg/winreg/server/reglukey.c

564 lines
14 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1992 Microsoft Corporation
  5. Module Name:
  7. Reglukey.c
  9. Abstract:
  11. This module contains the server side Win32 Registry
  12. APIs to load, unload and replace keys. That is:
  14. - BaseRegLoadKeyA
  15. - BaseRegLoadKeyW
  16. - BaseRegUnLoadKeyA
  17. - BaseRegUnLoadKeyW
  18. - BaseRegReplaceKeyA
  19. - BaseRegReplaceKeyW
  21. Author:
  24. Ramon J. San Andres (ramonsa) 16-Apr-1992
  28. --*/
  30. #include <rpc.h>
  31. #include "regrpc.h"
  32. #include "localreg.h"
  34. error_status_t
  35. BaseRegLoadKey(
  36. IN HKEY hKey,
  37. IN PUNICODE_STRING lpSubKey OPTIONAL,
  38. IN PUNICODE_STRING lpFile
  39. )
  41. /*++
  43. Routine Description:
  45. Load the tree in the supplied file into the key referenced by the
  46. supplied key handle and sub-key. The loaded tree will overwrite all
  47. of the contents of the supplied sub-key except for its name.
  48. Pictorially, if the file contains:
  50. A
  51. / \
  52. / \
  53. B C
  55. and the supplied key refers to a key name X, the resultant tree would
  56. look like:
  58. X
  59. / \
  60. / \
  61. B C
  63. Arguments:
  65. hKey - Supplies the predefined handle HKEY_USERS or HKEY_LOCAL_MACHINE.
  66. lpSubKey is relative to this handle.
  68. lpSubKey - Supplies a path name to a new (i.e. non-existant) key
  69. where the supplied file will be loaded.
  71. lpFile - Supplies a pointer to an existing file name whose contents was
  72. created with RegSaveKey. The file name may not have an extension.
  74. Return Value:
  76. Returns ERROR_SUCCESS (0) for success; error-code for failure.
  78. Notes:
  80. The difference between RegRestoreKey and RegLoadKey is that in the
  81. latter case the supplied file is used as the actual backing store
  82. whereas in the former case the information in the file is copied into
  83. the Registry.
  85. RegLoadKey requires SeRestorePrivilege.
  87. --*/
  89. {
  90. OBJECT_ATTRIBUTES ObjaKey;
  91. OBJECT_ATTRIBUTES ObjaFile;
  92. BOOLEAN ErrorFlag;
  93. UNICODE_STRING FileName;
  94. RTL_RELATIVE_NAME_U RelativeName;
  95. PVOID FreeBuffer;
  96. NTSTATUS NtStatus;
  97. PUNICODE_STRING SubKey;
  99. #if DBG
  100. //OutputDebugString( "WINREG: Entering BaseRegLoadKey\n" );
  101. #endif
  104. ASSERT( (hKey != NULL) && (lpFile != NULL) && (lpFile->Buffer != NULL));
  105. if ( (hKey == NULL) || (lpFile == NULL) || (lpFile->Buffer == NULL) ) {
  106. return ERROR_INVALID_PARAMETER;
  107. }
  109. //
  110. // check for oddly formed UNICODE_STRINGs passed by malicious clients
  111. // check also for zero-length strings
  112. //
  113. if ((!lpFile->Length) ||
  114. (lpFile->Length & 1) ||
  115. (lpFile->Buffer[lpFile->Length/sizeof(WCHAR) - 1] != UNICODE_NULL)) {
  116. return ERROR_INVALID_PARAMETER;
  117. }
  119. if ((lpSubKey) &&
  120. ((!lpSubKey->Length) ||
  121. (lpSubKey->Length & 1) ||
  122. (lpSubKey->Buffer && (lpSubKey->Buffer[lpSubKey->Length/sizeof(WCHAR) - 1] != UNICODE_NULL)))) {
  123. return ERROR_INVALID_PARAMETER;
  124. }
  126. RPC_IMPERSONATE_CLIENT( NULL );
  129. //
  130. // Remove terminating NULLs from Length counts. These were added
  131. // on the client side so that RPC would transmit the whole thing.
  132. //
  133. if ( lpSubKey && lpSubKey->Length > 0 ) {
  134. lpSubKey->Length -= sizeof( UNICODE_NULL );
  135. SubKey = lpSubKey;
  136. } else {
  137. SubKey = NULL;
  138. }
  140. if ( lpFile->Length > 0 ) {
  141. lpFile->Length -= sizeof( UNICODE_NULL );
  142. }
  145. InitializeObjectAttributes(
  146. &ObjaKey,
  147. SubKey,
  148. OBJ_CASE_INSENSITIVE,
  149. hKey,
  150. NULL
  151. );
  153. //
  154. // Convert the DOS path name to a canonical Nt path name.
  155. //
  156. ErrorFlag = RtlDosPathNameToRelativeNtPathName_U(
  157. lpFile->Buffer,
  158. &FileName,
  159. NULL,
  160. &RelativeName
  161. );
  163. //
  164. // If the name was not succesfully converted assume it was invalid.
  165. //
  166. if ( !ErrorFlag ) {
  167. RPC_REVERT_TO_SELF();
  168. return ERROR_INVALID_PARAMETER;
  169. }
  171. //
  172. // Remember the buffer allocatted by RtlDosPathNameToRelativeNtPathName_U.
  173. //
  174. FreeBuffer = FileName.Buffer;
  176. //
  177. // If a relative name and directory handle will work, use those.
  178. //
  179. if ( RelativeName.RelativeName.Length ) {
  181. //
  182. // Replace the full path with the relative path.
  183. //
  184. FileName = RelativeName.RelativeName;
  186. } else {
  188. //
  189. // Using the full path - no containing directory.
  190. //
  191. RelativeName.ContainingDirectory = NULL;
  192. }
  194. //
  195. // Initialize the Obja structure for the file.
  196. //
  197. InitializeObjectAttributes(
  198. &ObjaFile,
  199. &FileName,
  200. OBJ_CASE_INSENSITIVE,
  201. RelativeName.ContainingDirectory,
  202. NULL
  203. );
  205. #if DBG
  206. //OutputDebugString( "WINREG: Before NtLoadKey\n" );
  207. #endif
  210. NtStatus = NtLoadKey(
  211. &ObjaKey,
  212. &ObjaFile
  213. );
  215. RtlReleaseRelativeName(&RelativeName);
  217. #if DBG
  218. //OutputDebugString( "WINREG: After RegLoadKey\n" );
  219. #endif
  221. RPC_REVERT_TO_SELF();
  223. //
  224. // Free the buffer allocatted by RtlDosPathNameToRelativeNtPathName_U.
  225. //
  226. RtlFreeHeap( RtlProcessHeap( ), 0, FreeBuffer );
  228. #if DBG
  229. //OutputDebugString( "WINREG: Leaving BaseRegLoadKey\n" );
  230. #endif
  232. return (error_status_t)RtlNtStatusToDosError( NtStatus );
  233. }
  238. error_status_t
  239. BaseRegUnLoadKey(
  240. IN HKEY hKey,
  241. IN PUNICODE_STRING lpSubKey OPTIONAL
  242. )
  244. /*++
  246. Routine Description:
  248. Unload the specified tree (hive) from the Registry.
  250. Arguments:
  252. hKey - Supplies a handle to an open key. lpSubKey is relative to this
  253. handle.
  255. lpSubKey - Supplies a path name to the key that is to be unloaded.
  256. The combination of hKey and lpSubKey must refer to a hive in the
  257. Registry created with RegRestoreKey or RegLoadKey. This parameter may
  258. be NULL.
  260. Return Value:
  262. Returns ERROR_SUCCESS (0) for success; error-code for failure.
  264. RegUnLoadKey requires SeRestorePrivilege.
  266. --*/
  268. {
  270. OBJECT_ATTRIBUTES ObjaKey;
  271. NTSTATUS NtStatus;
  274. ASSERT( hKey != NULL );
  275. if ( (hKey == NULL) ||
  276. (lpSubKey && (lpSubKey->Length &1)) ) {
  277. return ERROR_INVALID_PARAMETER;
  278. }
  281. RPC_IMPERSONATE_CLIENT( NULL );
  283. //
  284. // Remove terminating NULLs from Length counts. These were added
  285. // on the client side so that RPC would transmit the whole thing.
  286. //
  287. if ( lpSubKey && lpSubKey->Length > 0 ) {
  288. lpSubKey->Length -= sizeof( UNICODE_NULL );
  289. }
  292. InitializeObjectAttributes(
  293. &ObjaKey,
  294. lpSubKey,
  295. OBJ_CASE_INSENSITIVE,
  296. hKey,
  297. NULL
  298. );
  300. NtStatus = NtUnloadKey( &ObjaKey );
  302. RPC_REVERT_TO_SELF();
  303. return (error_status_t)RtlNtStatusToDosError( NtStatus );
  304. }
  314. error_status_t
  315. BaseRegReplaceKey(
  316. HKEY hKey,
  317. PUNICODE_STRING lpSubKey,
  318. PUNICODE_STRING lpNewFile,
  319. PUNICODE_STRING lpOldFile
  320. )
  322. /*++
  324. Routine Description:
  326. Replace an existing tree (hive) in the Registry. The new tree will
  327. take effect the next time the system is rebooted.
  329. Arguments:
  331. hKey - Supplies a handle to an open key. lpSubKey is relative to this
  332. handle.
  334. lpSubKey - Supplies a path name to the key that is to be replaced.
  335. The combination of hKey and lpSubKey must refer to a hive in the
  336. Registry. This parameter may be NULL.
  338. lpNewFile - Supplies a file name for the new hive file.
  340. lpOldFile - Supplies a backup file name for the old (existing) hive file.
  342. Return Value:
  344. Returns ERROR_SUCCESS (0) for success; error-code for failure.
  346. Notes:
  348. lpNewFile will remain open until after the system is rebooted.
  350. RegUnLoadKey requires SeRestorePrivilege.
  352. --*/
  354. {
  356. UNICODE_STRING NewFileName;
  357. UNICODE_STRING OldFileName;
  358. RTL_RELATIVE_NAME_U NewRelativeName;
  359. RTL_RELATIVE_NAME_U OldRelativeName;
  360. PVOID NewFreeBuffer;
  361. PVOID OldFreeBuffer;
  362. HANDLE HiveHandle;
  363. OBJECT_ATTRIBUTES ObjaKey;
  364. OBJECT_ATTRIBUTES ObjaNewFile;
  365. OBJECT_ATTRIBUTES ObjaOldFile;
  366. BOOLEAN ErrorFlag;
  367. NTSTATUS NtStatus;
  370. ErrorFlag = (BOOLEAN)( (hKey == NULL) ||
  371. (lpNewFile == NULL) ||
  372. (lpNewFile->Buffer == NULL) ||
  373. (lpNewFile->Length & 1) ||
  374. (lpOldFile == NULL) ||
  375. (lpOldFile->Buffer == NULL) ||
  376. (lpOldFile->Length & 1) ||
  377. (lpSubKey && (lpSubKey->Length & 1))
  378. );
  380. ASSERT( !ErrorFlag );
  382. if ( ErrorFlag ) {
  383. return ERROR_INVALID_PARAMETER;
  384. }
  387. RPC_IMPERSONATE_CLIENT( NULL );
  389. //
  390. // Remove terminating NULLs from Length counts. These were added
  391. // on the client side so that RPC would transmit the whole thing.
  392. //
  393. if ( lpSubKey && lpSubKey->Length > 0 ) {
  394. lpSubKey->Length -= sizeof( UNICODE_NULL );
  395. }
  397. if ( lpNewFile->Length > 0 ) {
  398. lpNewFile->Length -= sizeof( UNICODE_NULL );
  399. }
  401. if ( lpOldFile->Length > 0 ) {
  402. lpOldFile->Length -= sizeof( UNICODE_NULL );
  403. }
  406. InitializeObjectAttributes(
  407. &ObjaKey,
  408. lpSubKey,
  409. OBJ_CASE_INSENSITIVE,
  410. hKey,
  411. NULL
  412. );
  414. //
  415. // Get a handle to the hive root
  416. //
  417. NtStatus = NtCreateKey(
  418. &HiveHandle,
  419. MAXIMUM_ALLOWED,
  420. &ObjaKey,
  421. 0,
  422. NULL,
  423. REG_OPTION_BACKUP_RESTORE,
  424. NULL
  425. );
  428. if ( !NT_SUCCESS( NtStatus ) ) {
  429. RPC_REVERT_TO_SELF();
  430. return (error_status_t)RtlNtStatusToDosError( NtStatus );
  431. }
  435. //
  436. // Convert the new DOS path name to a canonical Nt path name.
  437. //
  438. ErrorFlag = RtlDosPathNameToRelativeNtPathName_U(
  439. lpNewFile->Buffer,
  440. &NewFileName,
  441. NULL,
  442. &NewRelativeName
  443. );
  445. //
  446. // If the name was not succesfully converted assume it was invalid.
  447. //
  448. if ( !ErrorFlag ) {
  449. NtClose( HiveHandle );
  450. RPC_REVERT_TO_SELF();
  451. return ERROR_INVALID_PARAMETER;
  452. }
  454. //
  455. // Remember the buffer allocatted by RtlDosPathNameToRelativeNtPathName_U.
  456. //
  457. NewFreeBuffer = NewFileName.Buffer;
  459. //
  460. // If a relative name and directory handle will work, use those.
  461. //
  462. if ( NewRelativeName.RelativeName.Length ) {
  464. //
  465. // Replace the full path with the relative path.
  466. //
  467. NewFileName = NewRelativeName.RelativeName;
  469. } else {
  471. //
  472. // Using the full path - no containing directory.
  473. //
  474. NewRelativeName.ContainingDirectory = NULL;
  475. }
  477. //
  478. // Initialize the Obja structure for the new file.
  479. //
  480. InitializeObjectAttributes(
  481. &ObjaNewFile,
  482. &NewFileName,
  483. OBJ_CASE_INSENSITIVE,
  484. NewRelativeName.ContainingDirectory,
  485. NULL
  486. );
  489. //
  490. // Convert the old DOS path name to a canonical Nt path name.
  491. //
  492. ErrorFlag = RtlDosPathNameToRelativeNtPathName_U(
  493. lpOldFile->Buffer,
  494. &OldFileName,
  495. NULL,
  496. &OldRelativeName
  497. );
  499. //
  500. // If the name was not succesfully converted assume it was invalid.
  501. //
  502. if ( !ErrorFlag ) {
  503. RtlReleaseRelativeName(&NewRelativeName);
  504. RtlFreeHeap( RtlProcessHeap( ), 0, NewFreeBuffer );
  505. NtClose( HiveHandle );
  506. RPC_REVERT_TO_SELF();
  507. return ERROR_INVALID_PARAMETER;
  508. }
  510. //
  511. // Remember the buffer allocatted by RtlDosPathNameToRelativeNtPathName_U.
  512. //
  513. OldFreeBuffer = OldFileName.Buffer;
  515. //
  516. // If a relative name and directory handle will work, use those.
  517. //
  518. if ( OldRelativeName.RelativeName.Length ) {
  520. //
  521. // Replace the full path with the relative path.
  522. //
  523. OldFileName = OldRelativeName.RelativeName;
  525. } else {
  527. //
  528. // Using the full path - no containing directory.
  529. //
  530. OldRelativeName.ContainingDirectory = NULL;
  531. }
  533. //
  534. // Initialize the Obja structure for the new file.
  535. //
  536. InitializeObjectAttributes(
  537. &ObjaOldFile,
  538. &OldFileName,
  539. OBJ_CASE_INSENSITIVE,
  540. OldRelativeName.ContainingDirectory,
  541. NULL
  542. );
  545. NtStatus = NtReplaceKey(
  546. &ObjaNewFile,
  547. HiveHandle,
  548. &ObjaOldFile
  549. );
  551. RtlReleaseRelativeName(&NewRelativeName);
  552. RtlReleaseRelativeName(&OldRelativeName);
  554. //
  555. // Free the buffers allocatted by RtlDosPathNameToRelativeNtPathName_U.
  556. //
  557. RtlFreeHeap( RtlProcessHeap( ), 0, NewFreeBuffer );
  558. RtlFreeHeap( RtlProcessHeap( ), 0, OldFreeBuffer );
  560. NtClose( HiveHandle );
  562. RPC_REVERT_TO_SELF();
  563. return (error_status_t)RtlNtStatusToDosError( NtStatus );
  564. }