archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/base/tools/ntsdexts/hleak.c

526 lines
12 KiB
Raw Normal View History

commiting as it is
4 years ago
  3. #include "ntsdextp.h"
  6. #define REASONABLE_NUMBER 8
  9. typedef BOOL (_ID_MATCH_FN)(
  10. PVOID A,
  11. PVOID B);
  12. typedef _ID_MATCH_FN * PID_MATCH_FN;
  14. typedef VOID (_ID_BANNER_FN)(
  15. PVOID Id
  16. );
  17. typedef _ID_BANNER_FN * PID_BANNER_FN;
  19. typedef VOID (_HANDLE_CALLBACK_FN)(
  20. PVOID Context,
  21. HANDLE Here,
  22. HANDLE There
  23. );
  24. typedef _HANDLE_CALLBACK_FN * PHANDLE_CALLBACK_FN;
  27. #define MATCH_LARGE_INT ((PID_MATCH_FN)1)
  29. typedef struct _HANDLE_TRACK {
  30. LIST_ENTRY List ;
  31. ULONG Flags ;
  32. ULONG Count ;
  33. ULONG Size ;
  34. PHANDLE Handles ;
  35. HANDLE HandleList[ REASONABLE_NUMBER ];
  36. UCHAR IdData[ 1 ];
  37. } HANDLE_TRACK, * PHANDLE_TRACK ;
  39. typedef struct _HANDLE_TRACK_ARRAY {
  40. ULONG Count ;
  41. ULONG Size ;
  42. ULONG IdDataSize ;
  43. PID_MATCH_FN MatchFunc ;
  44. LIST_ENTRY List ;
  45. } HANDLE_TRACK_ARRAY, * PHANDLE_TRACK_ARRAY ;
  47. typedef struct _THREAD_TRACK_INFO {
  48. CLIENT_ID Id ;
  49. PVOID Win32StartAddress ;
  50. DWORD Status ;
  51. } THREAD_TRACK_INFO ;
  53. typedef struct _HANDLE_LEAK_HELPER {
  54. PWSTR Type ;
  55. PID_BANNER_FN Banner ;
  56. PHANDLE_CALLBACK_FN Filter ;
  57. ULONG ArraySize ;
  58. PID_MATCH_FN Match ;
  59. } HANDLE_LEAK_HELPER, * PHANDLE_LEAK_HELPER ;
  61. _ID_BANNER_FN ThreadBanner ;
  62. _ID_BANNER_FN TokenBanner ;
  63. _HANDLE_CALLBACK_FN ThreadCallback ;
  64. _HANDLE_CALLBACK_FN TokenCallback ;
  66. HANDLE_LEAK_HELPER HandleLeakHelpers[] = {
  67. { L"Thread", ThreadBanner, ThreadCallback, sizeof( THREAD_TRACK_INFO ), MATCH_LARGE_INT },
  68. { L"Token", TokenBanner, TokenCallback, sizeof( TOKEN_CONTROL ), MATCH_LARGE_INT }
  69. };
  72. PHANDLE_TRACK_ARRAY
  73. CreateArray(
  74. ULONG IdDataSize,
  75. PID_MATCH_FN MatchFn
  76. )
  77. {
  78. PHANDLE_TRACK_ARRAY Array ;
  80. Array = RtlAllocateHeap( RtlProcessHeap(), 0, sizeof( HANDLE_TRACK_ARRAY ) );
  82. if ( Array )
  83. {
  84. Array->Count = 0 ;
  85. Array->Size = 0;
  86. Array->IdDataSize = IdDataSize ;
  87. Array->MatchFunc = MatchFn ;
  89. InitializeListHead( &Array->List );
  91. return Array ;
  92. }
  94. return NULL ;
  95. }
  97. VOID
  98. DeleteArray(
  99. PHANDLE_TRACK_ARRAY Array
  100. )
  101. {
  102. ULONG i ;
  103. PHANDLE_TRACK Track ;
  105. while ( !IsListEmpty( &Array->List ) )
  106. {
  107. Track = (PHANDLE_TRACK) RemoveHeadList( &Array->List );
  109. if ( Track->Handles != Track->HandleList )
  110. {
  111. RtlFreeHeap( RtlProcessHeap(), 0, Track->Handles );
  112. }
  114. RtlFreeHeap( RtlProcessHeap(), 0, Track );
  115. }
  117. RtlFreeHeap( RtlProcessHeap(), 0, Array );
  118. }
  121. VOID
  122. ExtendTrack(
  123. PHANDLE_TRACK Track
  124. )
  125. {
  126. PHANDLE NewHandle ;
  128. NewHandle = RtlAllocateHeap( RtlProcessHeap(), 0, (Track->Size + REASONABLE_NUMBER ) *
  129. sizeof( HANDLE ) );
  131. if ( NewHandle )
  132. {
  133. CopyMemory( NewHandle,
  134. Track->Handles,
  135. Track->Count * sizeof( HANDLE ) );
  137. if ( Track->Handles != Track->HandleList )
  138. {
  139. RtlFreeHeap( RtlProcessHeap(), 0, Track->Handles );
  140. }
  142. Track->Handles = NewHandle ;
  143. Track->Size += REASONABLE_NUMBER ;
  144. }
  145. }
  147. VOID
  148. AddHandleToArray(
  149. PHANDLE_TRACK_ARRAY Array,
  150. PVOID IdData,
  151. HANDLE Handle
  152. )
  153. {
  154. ULONG i;
  155. ULONG j;
  156. BOOL Match ;
  157. PHANDLE_TRACK Track ;
  158. PLIST_ENTRY Scan ;
  160. Scan = Array->List.Flink ;
  162. while ( Scan != &Array->List )
  163. {
  164. Track = (PHANDLE_TRACK) Scan ;
  166. if ( Array->MatchFunc == MATCH_LARGE_INT )
  167. {
  168. Match = ((PLARGE_INTEGER) Track->IdData)->QuadPart ==
  169. ((PLARGE_INTEGER) IdData)->QuadPart ;
  170. }
  171. else
  172. {
  173. Match = Array->MatchFunc( Track->IdData, IdData );
  174. }
  176. if ( Match )
  177. {
  178. //
  179. // We have a match:
  180. //
  182. if ( Track->Count == Track->Size )
  183. {
  184. ExtendTrack( Track );
  185. }
  187. if ( Track->Count < Track->Size )
  188. {
  189. Track->Handles[
  190. Track->Count ] = Handle ;
  192. Track->Count++;
  193. }
  195. return ;
  196. }
  198. Scan = Scan->Flink ;
  199. }
  201. //
  202. // No match, gotta add a new tid
  203. //
  205. Track = RtlAllocateHeap( RtlProcessHeap(), 0,
  206. sizeof( HANDLE_TRACK ) + Array->IdDataSize );
  208. if ( Track )
  209. {
  210. Track->Size = REASONABLE_NUMBER ;
  211. Track->Count = 1 ;
  212. Track->Handles = Track->HandleList ;
  213. Track->HandleList[0] = Handle ;
  215. CopyMemory( Track->IdData, IdData, Array->IdDataSize );
  217. InsertTailList( &Array->List, &Track->List );
  218. }
  220. }
  222. VOID
  223. DumpArray(
  224. PHANDLE_TRACK_ARRAY Array,
  225. PID_BANNER_FN Banner
  226. )
  227. {
  228. ULONG j;
  229. PHANDLE_TRACK Track ;
  230. PLIST_ENTRY Scan ;
  232. Scan = Array->List.Flink ;
  234. while ( Scan != &Array->List )
  235. {
  236. Track = (PHANDLE_TRACK) Scan ;
  238. Banner( Track->IdData );
  240. dprintf(" Handles \t%d: ", Track->Count );
  241. for ( j = 0 ; j < Track->Count ; j++ )
  242. {
  243. dprintf("%x, ", Track->Handles[j] );
  244. }
  246. dprintf("\n");
  248. Scan = Scan->Flink ;
  249. }
  251. }
  253. VOID
  254. HandleScanner(
  255. HANDLE hCurrentProcess,
  256. PWSTR Type,
  257. PVOID Context,
  258. PHANDLE_CALLBACK_FN Callback
  259. )
  260. {
  261. DWORD HandleCount;
  262. NTSTATUS Status;
  263. DWORD Total;
  264. DWORD Handle;
  265. DWORD Hits;
  266. DWORD Matches;
  267. HANDLE hHere ;
  268. PHANDLE_TRACK_ARRAY Array ;
  269. POBJECT_TYPE_INFORMATION pTypeInfo;
  270. UCHAR Buffer[1024];
  272. Status = NtQueryInformationProcess( hCurrentProcess,
  273. ProcessHandleCount,
  274. &HandleCount,
  275. sizeof( HandleCount ),
  276. NULL );
  278. if ( !NT_SUCCESS( Status ) )
  279. {
  280. return;
  281. }
  283. Hits = 0;
  284. Handle = 0;
  285. Matches = 0;
  287. while ( Hits < HandleCount )
  288. {
  289. Status = NtDuplicateObject( hCurrentProcess, (HANDLE)(DWORD_PTR)Handle,
  290. NtCurrentProcess(), &hHere,
  291. 0, 0,
  292. DUPLICATE_SAME_ACCESS );
  294. if ( NT_SUCCESS( Status ) )
  295. {
  297. pTypeInfo = (POBJECT_TYPE_INFORMATION) Buffer;
  299. ZeroMemory( Buffer, 1024 );
  301. Status = NtQueryObject( hHere, ObjectTypeInformation, pTypeInfo, 1024, NULL );
  303. if (NT_SUCCESS(Status))
  304. {
  305. if ( wcscmp( pTypeInfo->TypeName.Buffer, Type ) == 0 )
  306. {
  307. //
  308. // Score!
  309. //
  311. Callback( Context, hHere, (HANDLE)(DWORD_PTR)Handle );
  313. Matches++ ;
  315. }
  316. }
  318. Hits++ ;
  320. NtClose( hHere );
  322. }
  324. Handle += 4;
  325. }
  327. dprintf("%d handles to objects of type %ws\n", Matches, Type );
  328. }
  331. VOID
  332. ThreadBanner(
  333. PVOID Id
  334. )
  335. {
  336. UCHAR Symbol[ MAX_PATH ];
  337. DWORD_PTR Disp ;
  338. THREAD_TRACK_INFO * Info ;
  339. UCHAR ExitStatus[ 32 ];
  341. Info = (THREAD_TRACK_INFO *) Id ;
  343. Symbol[0] = '\0';
  345. GetSymbol( Info->Win32StartAddress, Symbol, &Disp );
  347. if ( Info->Status != STILL_ACTIVE )
  348. {
  349. sprintf(ExitStatus, " Stopped, %#x", Info->Status );
  350. }
  351. else
  352. {
  353. strcpy( ExitStatus, "<Running>");
  354. }
  356. if ( Symbol[0] )
  357. {
  358. dprintf("Thread %x.%x (%s) %s\n", Info->Id.UniqueProcess,
  359. Info->Id.UniqueThread,
  360. Symbol,
  361. ExitStatus );
  362. }
  363. else
  364. {
  365. dprintf("Thread %x.%x %s\n", Info->Id.UniqueProcess,
  366. Info->Id.UniqueThread,
  367. ExitStatus );
  369. }
  370. }
  372. VOID
  373. ThreadCallback(
  374. PVOID Context,
  375. HANDLE Here,
  376. HANDLE There
  377. )
  378. {
  379. NTSTATUS Status ;
  380. THREAD_BASIC_INFORMATION Info;
  382. THREAD_TRACK_INFO ThdInfo ;
  384. ZeroMemory( &ThdInfo, sizeof( ThdInfo ) );
  386. Status = NtQueryInformationThread( Here,
  387. ThreadBasicInformation,
  388. &Info,
  389. sizeof( Info ),
  390. NULL );
  392. if ( NT_SUCCESS( Status ) )
  393. {
  394. ThdInfo.Id = Info.ClientId ;
  395. ThdInfo.Status = Info.ExitStatus ;
  397. Status = NtQueryInformationThread( Here,
  398. ThreadQuerySetWin32StartAddress,
  399. &ThdInfo.Win32StartAddress,
  400. sizeof( PVOID ),
  401. NULL );
  403. AddHandleToArray( Context, &ThdInfo , There );
  404. }
  405. }
  407. VOID
  408. TokenCallback(
  409. PVOID Context,
  410. HANDLE Here,
  411. HANDLE There
  412. )
  413. {
  414. NTSTATUS Status ;
  415. TOKEN_CONTROL Control ;
  416. TOKEN_STATISTICS Stats ;
  417. ULONG Size ;
  419. Status = NtQueryInformationToken( Here,
  420. TokenStatistics,
  421. &Stats,
  422. sizeof( Stats ),
  423. &Size );
  425. if ( NT_SUCCESS( Status ) )
  426. {
  427. Control.TokenId = Stats.TokenId ;
  428. Control.AuthenticationId = Stats.AuthenticationId ;
  429. Control.ModifiedId = Stats.ModifiedId ;
  430. NtQueryInformationToken( Here, TokenSource, &Control.TokenSource, sizeof( TOKEN_SOURCE ), &Size );
  432. AddHandleToArray( Context, &Control, There );
  433. }
  434. else
  435. {
  436. dprintf("Unable to query token information, %x\n", Status );
  437. }
  438. }
  440. VOID
  441. TokenBanner(
  442. PVOID Id
  443. )
  444. {
  445. PTOKEN_CONTROL Control ;
  447. Control = (PTOKEN_CONTROL) Id ;
  449. dprintf("Token Id %x:%x, LogonId = %x:%x, Source = %s\n",
  450. Control->TokenId.HighPart, Control->TokenId.LowPart,
  451. Control->AuthenticationId.HighPart, Control->AuthenticationId.LowPart,
  452. Control->TokenSource.SourceName );
  453. }
  456. DECLARE_API( hleak )
  457. {
  458. UNICODE_STRING String ;
  459. PHANDLE_LEAK_HELPER Helper = NULL ;
  460. PHANDLE_TRACK_ARRAY Array ;
  461. int i ;
  463. INIT_API();
  465. if ( !args ||
  466. (*args == '\0' ) )
  467. {
  468. dprintf( "!hleak <typename>\n" );
  469. goto Exit;
  470. }
  472. while ( *args == ' ' )
  473. {
  474. args++ ;
  475. }
  477. if ( !RtlCreateUnicodeStringFromAsciiz( &String, args ) )
  478. {
  479. goto Exit;
  480. }
  482. for ( i = 0 ;
  483. i < sizeof( HandleLeakHelpers ) / sizeof( HANDLE_LEAK_HELPER ) ;
  484. i++ )
  485. {
  486. if ( _wcsicmp( String.Buffer, HandleLeakHelpers[ i ].Type ) == 0 )
  487. {
  488. Helper = &HandleLeakHelpers[ i ];
  489. break;
  490. }
  491. }
  493. if ( Helper == NULL )
  494. {
  495. dprintf( "The type '%ws' was not recognized. Valid types are:\n", String.Buffer );
  496. for ( i = 0 ;
  497. i < sizeof( HandleLeakHelpers ) / sizeof( HANDLE_LEAK_HELPER ) ;
  498. i++ )
  499. {
  500. dprintf( "\t%ws\n", HandleLeakHelpers[ i ].Type );
  501. }
  502. RtlFreeUnicodeString( &String );
  503. goto Exit;
  504. }
  506. RtlFreeUnicodeString( &String );
  508. Array = CreateArray( Helper->ArraySize, Helper->Match );
  510. if ( !Array )
  511. {
  512. dprintf( "not enough memory\n" );
  513. }
  515. HandleScanner( g_hCurrentProcess,
  516. Helper->Type,
  517. Array,
  518. Helper->Filter );
  520. DumpArray( Array, Helper->Banner );
  522. DeleteArray( Array );
  524. Exit:
  525. EXIT_API();
  526. }