archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
4.9 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/base/win32/client/debug.c

1277 lines
31 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1990 Microsoft Corporation
  5. Module Name:
  7. debug.c
  9. Abstract:
  11. This module implements Win32 Debug APIs
  13. Author:
  15. Mark Lucovsky (markl) 06-Feb-1991
  17. Revision History:
  19. --*/
  21. #include "basedll.h"
  22. #pragma hdrstop
  24. #define TmpHandleHead ((PTMPHANDLES *) (&NtCurrentTeb()->DbgSsReserved[0]))
  25. //
  26. // This structure is used to preserve the strange mechanisms used by win2k and nt4 to close the handles to open processes,
  27. // threads and main image file.
  28. //
  29. typedef struct _TMPHANDLES {
  30. struct _TMPHANDLES *Next;
  31. HANDLE Thread;
  32. HANDLE Process;
  33. DWORD dwProcessId;
  34. DWORD dwThreadId;
  35. BOOLEAN DeletePending;
  36. } TMPHANDLES, *PTMPHANDLES;
  38. VOID
  39. SaveThreadHandle (
  40. DWORD dwProcessId,
  41. DWORD dwThreadId,
  42. HANDLE HandleToThread)
  43. /*++
  45. Routine Description:
  47. This function saves away a handle to a thread in a thread specific list so we can close it later when the thread
  48. termination message is continued.
  50. Arguments:
  52. dwProcessId - Process ID of threads process
  53. dwThreadId - Thread ID of thread handle
  54. HandleToThread - Handle to be closed later
  56. Return Value:
  58. None.
  60. --*/
  61. {
  62. PTMPHANDLES Tmp;
  64. Tmp = RtlAllocateHeap (RtlProcessHeap(), 0, sizeof (TMPHANDLES));
  65. if (Tmp != NULL) {
  66. Tmp->Thread = HandleToThread;
  67. Tmp->Process = NULL;
  68. Tmp->dwProcessId = dwProcessId;
  69. Tmp->dwThreadId = dwThreadId;
  70. Tmp->DeletePending = FALSE;
  71. Tmp->Next = *TmpHandleHead;
  72. *TmpHandleHead = Tmp;
  73. }
  74. }
  76. VOID
  77. SaveProcessHandle (
  78. DWORD dwProcessId,
  79. HANDLE HandleToProcess
  80. )
  81. /*++
  83. Routine Description:
  85. This function saves away a handle to a process and file in a thread specific list so we can close it later
  86. when the process termination message is continued.
  88. Arguments:
  90. dwProcessId - Process ID of threads process
  91. HandleToProcess - Handle to be closed later
  92. HandleToFile - Handle to be closed later
  94. Return Value:
  96. None.
  98. --*/
  99. {
  100. PTMPHANDLES Tmp;
  102. Tmp = RtlAllocateHeap (RtlProcessHeap(), 0, sizeof (TMPHANDLES));
  103. if (Tmp != NULL) {
  104. Tmp->Process = HandleToProcess;
  105. Tmp->Thread = NULL;
  106. Tmp->dwProcessId = dwProcessId;
  107. Tmp->dwThreadId = 0;
  108. Tmp->DeletePending = FALSE;
  109. Tmp->Next = *TmpHandleHead;
  110. *TmpHandleHead = Tmp;
  111. }
  112. }
  114. VOID
  115. MarkThreadHandle (
  116. DWORD dwThreadId
  117. )
  118. /*++
  120. Routine Description:
  122. This function marks a saved thread handle so that the next time this thread is continued we close
  123. its handle
  125. Arguments:
  127. dwThreadId - Thread ID of thread handle
  129. Return Value:
  131. None.
  133. --*/
  134. {
  135. PTMPHANDLES Tmp;
  137. Tmp = *TmpHandleHead;
  139. while (Tmp != NULL) {
  140. if (Tmp->dwThreadId == dwThreadId) {
  141. Tmp->DeletePending = TRUE;
  142. break;
  143. }
  144. Tmp = Tmp->Next;
  145. }
  146. }
  148. VOID
  149. MarkProcessHandle (
  150. DWORD dwProcessId
  151. )
  152. {
  153. PTMPHANDLES Tmp;
  155. Tmp = *TmpHandleHead;
  157. while (Tmp != NULL) {
  158. if (Tmp->dwProcessId == dwProcessId && Tmp->dwThreadId == 0) {
  159. Tmp->DeletePending = TRUE;
  160. break;
  161. }
  162. Tmp = Tmp->Next;
  163. }
  164. }
  166. VOID
  167. RemoveHandles (
  168. DWORD dwThreadId,
  169. DWORD dwProcessId
  170. )
  171. /*++
  173. Routine Description:
  175. This function closes marked handles for this process and thread id
  177. Arguments:
  179. dwProcessId - Process ID of threads process
  180. dwThreadId - Thread ID of thread handle
  182. Return Value:
  184. None.
  186. --*/
  187. {
  188. PTMPHANDLES Tmp, *Last;
  190. Last = TmpHandleHead;
  192. Tmp = *Last;
  193. while (Tmp != NULL) {
  194. if (Tmp->DeletePending) {
  195. if (Tmp->dwProcessId == dwProcessId || Tmp->dwThreadId == dwThreadId) {
  196. if (Tmp->Thread != NULL) {
  197. CloseHandle (Tmp->Thread);
  198. }
  199. if (Tmp->Process != NULL) {
  200. CloseHandle (Tmp->Process);
  201. }
  202. *Last = Tmp->Next;
  203. RtlFreeHeap (RtlProcessHeap(), 0, Tmp);
  204. Tmp = *Last;
  205. continue;
  206. }
  207. }
  208. Last = &Tmp->Next;
  209. Tmp = Tmp->Next;
  210. }
  211. }
  213. VOID
  214. CloseAllProcessHandles (
  215. DWORD dwProcessId
  216. )
  217. /*++
  219. Routine Description:
  221. This function closes all saved handles when we stop debugging a single process
  223. Arguments:
  225. dwProcessId - Process ID of threads process
  227. Return Value:
  229. None.
  231. --*/
  232. {
  233. PTMPHANDLES Tmp, *Last;
  235. Last = TmpHandleHead;
  237. Tmp = *Last;
  238. while (Tmp != NULL) {
  239. if (Tmp->dwProcessId == dwProcessId) {
  240. if (Tmp->Thread != NULL) {
  241. CloseHandle (Tmp->Thread);
  242. }
  243. if (Tmp->Process != NULL) {
  244. CloseHandle (Tmp->Process);
  245. }
  246. *Last = Tmp->Next;
  247. RtlFreeHeap (RtlProcessHeap(), 0, Tmp);
  248. Tmp = *Last;
  249. continue;
  250. }
  251. Last = &Tmp->Next;
  252. Tmp = Tmp->Next;
  253. }
  255. }
  258. BOOL
  259. APIENTRY
  260. IsDebuggerPresent(
  261. VOID
  262. )
  264. /*++
  266. Routine Description:
  268. This function returns TRUE if the current process is being debugged
  269. and FALSE if not.
  271. Arguments:
  273. None.
  275. Return Value:
  277. None.
  279. --*/
  281. {
  282. return NtCurrentPeb()->BeingDebugged;
  283. }
  285. BOOL
  286. APIENTRY
  287. CheckRemoteDebuggerPresent(
  288. IN HANDLE hProcess,
  289. OUT PBOOL pbDebuggerPresent
  290. )
  292. /*++
  294. Routine Description:
  296. This function determines whether the remote process is being debugged.
  298. Arguments:
  300. hProcess - handle to the process
  301. pbDebuggerPresent - supplies a buffer to receive the result of the check
  302. TRUE - remote process is being debugged
  303. FALSE - remote process is not being debugged
  305. Return Value:
  307. TRUE - The function succeeded.
  308. FALSE - The function fail. Extended error status is available using
  309. GetLastError.
  311. --*/
  313. {
  314. HANDLE hDebugPort;
  315. NTSTATUS Status;
  317. if( (hProcess == NULL) || (pbDebuggerPresent == NULL) ) {
  318. SetLastError( ERROR_INVALID_PARAMETER );
  319. return FALSE;
  320. }
  322. Status = NtQueryInformationProcess(
  323. hProcess,
  324. ProcessDebugPort,
  325. (PVOID)(&hDebugPort),
  326. sizeof(hDebugPort),
  327. NULL
  328. );
  330. if( !NT_SUCCESS(Status) ) {
  331. BaseSetLastNTError( Status );
  332. return FALSE;
  333. }
  335. *pbDebuggerPresent = (hDebugPort != NULL);
  337. return TRUE;
  338. }
  340. //#ifdef i386
  341. //#pragma optimize("",off)
  342. //#endif // i386
  343. VOID
  344. APIENTRY
  345. DebugBreak(
  346. VOID
  347. )
  349. /*++
  351. Routine Description:
  353. This function causes a breakpoint exception to occur in the caller.
  354. This allows the calling thread to signal the debugger forcing it to
  355. take some action. If the process is not being debugged, the
  356. standard exception search logic is invoked. In most cases, this
  357. will cause the calling process to terminate (due to an unhandled
  358. breakpoint exception).
  360. Arguments:
  362. None.
  364. Return Value:
  366. None.
  368. --*/
  370. {
  371. DbgBreakPoint();
  372. }
  373. //#ifdef i386
  374. //#pragma optimize("",on)
  375. //#endif // i386
  377. VOID
  378. APIENTRY
  379. OutputDebugStringW(
  380. LPCWSTR lpOutputString
  381. )
  383. /*++
  385. Routine Description:
  387. UNICODE thunk to OutputDebugStringA
  389. --*/
  391. {
  392. UNICODE_STRING UnicodeString;
  393. ANSI_STRING AnsiString;
  394. NTSTATUS Status;
  396. RtlInitUnicodeString (&UnicodeString,lpOutputString);
  397. Status = RtlUnicodeStringToAnsiString (&AnsiString,&UnicodeString,TRUE);
  398. if (!NT_SUCCESS (Status)) {
  399. AnsiString.Buffer = "";
  400. }
  401. OutputDebugStringA (AnsiString.Buffer);
  402. if (NT_SUCCESS (Status)) {
  403. RtlFreeAnsiString (&AnsiString);
  404. }
  405. }
  408. #define DBWIN_TIMEOUT 10000
  409. HANDLE CreateDBWinMutex(VOID) {
  411. SECURITY_ATTRIBUTES SecurityAttributes;
  412. SECURITY_DESCRIPTOR sd;
  413. NTSTATUS Status;
  414. SID_IDENTIFIER_AUTHORITY authNT = SECURITY_NT_AUTHORITY;
  415. SID_IDENTIFIER_AUTHORITY authWorld = SECURITY_WORLD_SID_AUTHORITY;
  416. PSID psidSystem = NULL, psidAdmin = NULL, psidEveryone = NULL;
  417. PACL pAcl = NULL;
  418. DWORD cbAcl, aceIndex;
  419. HANDLE h = NULL;
  420. DWORD i;
  421. //
  422. // Get the system sid
  423. //
  425. Status = RtlAllocateAndInitializeSid(&authNT, 1, SECURITY_LOCAL_SYSTEM_RID,
  426. 0, 0, 0, 0, 0, 0, 0, &psidSystem);
  427. if (!NT_SUCCESS(Status)) {
  428. goto Exit;
  429. }
  431. //
  432. // Get the Admin sid
  433. //
  435. Status = RtlAllocateAndInitializeSid(&authNT, 2, SECURITY_BUILTIN_DOMAIN_RID,
  436. DOMAIN_ALIAS_RID_ADMINS, 0, 0,
  437. 0, 0, 0, 0, &psidAdmin);
  439. if (!NT_SUCCESS(Status)) {
  440. goto Exit;
  441. }
  444. //
  445. // Get the World sid
  446. //
  448. Status = RtlAllocateAndInitializeSid(&authWorld, 1, SECURITY_WORLD_RID,
  449. 0, 0, 0, 0, 0, 0, 0, &psidEveryone);
  451. if (!NT_SUCCESS(Status)) {
  452. goto Exit;
  453. }
  455. //
  456. // Allocate space for the ACL
  457. //
  459. cbAcl = sizeof(ACL) +
  460. 3 * (sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD)) +
  461. RtlLengthSid(psidSystem) +
  462. RtlLengthSid(psidAdmin) +
  463. RtlLengthSid(psidEveryone);
  465. pAcl = (PACL) GlobalAlloc(GMEM_FIXED, cbAcl);
  466. if (!pAcl) {
  467. goto Exit;
  468. }
  470. Status = RtlCreateAcl(pAcl, cbAcl, ACL_REVISION);
  471. if (!NT_SUCCESS(Status)) {
  472. goto Exit;
  473. }
  475. //
  476. // Add Aces.
  477. //
  479. Status = RtlAddAccessAllowedAce(pAcl, ACL_REVISION, READ_CONTROL | SYNCHRONIZE | MUTEX_MODIFY_STATE, psidEveryone);
  480. if (!NT_SUCCESS(Status)) {
  481. goto Exit;
  482. }
  484. Status = RtlAddAccessAllowedAce(pAcl, ACL_REVISION, MUTEX_ALL_ACCESS, psidSystem);
  485. if (!NT_SUCCESS(Status)) {
  486. goto Exit;
  487. }
  489. Status = RtlAddAccessAllowedAce(pAcl, ACL_REVISION, MUTEX_ALL_ACCESS, psidAdmin);
  490. if (!NT_SUCCESS(Status)) {
  491. goto Exit;
  492. }
  494. Status = RtlCreateSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION);
  495. if (!NT_SUCCESS(Status)) {
  496. goto Exit;
  497. }
  499. Status = RtlSetDaclSecurityDescriptor(&sd, TRUE, pAcl, FALSE);
  500. if (!NT_SUCCESS(Status)) {
  501. goto Exit;
  502. }
  504. SecurityAttributes.nLength = sizeof(SECURITY_ATTRIBUTES);
  505. SecurityAttributes.bInheritHandle = FALSE;
  506. SecurityAttributes.lpSecurityDescriptor = &sd;
  508. i = 0;
  509. while (1) {
  510. h = OpenMutex (READ_CONTROL | SYNCHRONIZE | MUTEX_MODIFY_STATE,
  511. FALSE,
  512. "DBWinMutex");
  513. if (h != NULL) {
  514. break;
  515. }
  516. h = CreateMutex(&SecurityAttributes, FALSE, "DBWinMutex");
  517. if (h != NULL || GetLastError () != ERROR_ACCESS_DENIED || i++ > 100) {
  518. break;
  519. }
  520. }
  521. Exit:
  522. if (psidSystem) {
  523. RtlFreeSid(psidSystem);
  524. }
  526. if (psidAdmin) {
  527. RtlFreeSid(psidAdmin);
  528. }
  530. if (psidEveryone) {
  531. RtlFreeSid(psidEveryone);
  532. }
  534. if (pAcl) {
  535. GlobalFree (pAcl);
  536. }
  537. return h;
  538. }
  541. VOID
  542. APIENTRY
  543. OutputDebugStringA(
  544. IN LPCSTR lpOutputString
  545. )
  547. /*++
  549. Routine Description:
  551. This function allows an application to send a string to its debugger
  552. for display. If the application is not being debugged, but the
  553. system debugger is active, the system debugger displays the string.
  554. Otherwise, this function has no effect.
  556. Arguments:
  558. lpOutputString - Supplies the address of the debug string to be sent
  559. to the debugger.
  561. Return Value:
  563. None.
  565. --*/
  567. {
  568. ULONG_PTR ExceptionArguments[2];
  569. DWORD WaitStatus;
  571. //
  572. // Raise an exception. If APP is being debugged, the debugger
  573. // will catch and handle this. Otherwise, kernel debugger is
  574. // called.
  575. //
  577. try {
  578. ExceptionArguments[0] = strlen (lpOutputString)+1;
  579. ExceptionArguments[1] = (ULONG_PTR)lpOutputString;
  580. RaiseException (DBG_PRINTEXCEPTION_C,0,2,ExceptionArguments);
  581. } except (EXCEPTION_EXECUTE_HANDLER) {
  583. //
  584. // We caught the debug exception, so there's no user-mode
  585. // debugger. If there is a DBWIN running, send the string
  586. // to it. If not, use DbgPrint to send it to the kernel
  587. // debugger. DbgPrint can only handle 511 characters at a
  588. // time, so force-feed it.
  589. //
  591. char szBuf[512];
  592. size_t cchRemaining;
  593. LPCSTR pszRemainingOutput;
  594. DWORD OldError;
  596. HANDLE SharedFile = NULL;
  597. LPSTR SharedMem = NULL;
  598. HANDLE AckEvent = NULL;
  599. HANDLE ReadyEvent = NULL;
  601. static HANDLE DBWinMutex = NULL;
  602. static BOOLEAN CantGetMutex = FALSE;
  604. OldError = GetLastError ();
  606. //
  607. // look for DBWIN.
  608. //
  610. if (!DBWinMutex && !CantGetMutex) {
  611. HANDLE MutexHandle;
  613. MutexHandle = CreateDBWinMutex();
  614. if (MutexHandle == NULL) {
  615. CantGetMutex = TRUE;
  616. } else {
  617. if (InterlockedCompareExchangePointer (&DBWinMutex, MutexHandle, NULL) != NULL) {
  618. CloseHandle (MutexHandle);
  619. }
  620. }
  621. }
  623. if (DBWinMutex) {
  625. WaitStatus = WaitForSingleObject(DBWinMutex, DBWIN_TIMEOUT);
  627. if (WaitStatus == WAIT_OBJECT_0 || WaitStatus == WAIT_ABANDONED) {
  629. SharedFile = OpenFileMapping(FILE_MAP_WRITE, FALSE, "DBWIN_BUFFER");
  631. if (SharedFile) {
  633. SharedMem = MapViewOfFile (SharedFile,
  634. FILE_MAP_READ|FILE_MAP_WRITE, 0, 0, 0);
  635. if (SharedMem) {
  637. AckEvent = OpenEvent(SYNCHRONIZE, FALSE,
  638. "DBWIN_BUFFER_READY");
  639. if (AckEvent) {
  640. ReadyEvent = OpenEvent(EVENT_MODIFY_STATE, FALSE,
  641. "DBWIN_DATA_READY");
  642. }
  643. }
  644. }
  646. if (!ReadyEvent) {
  647. ReleaseMutex(DBWinMutex);
  648. }
  649. }
  651. }
  653. try {
  654. pszRemainingOutput = lpOutputString;
  655. cchRemaining = strlen(pszRemainingOutput);
  657. while (cchRemaining > 0) {
  658. int used;
  660. if (ReadyEvent && WaitForSingleObject(AckEvent, DBWIN_TIMEOUT)
  661. == WAIT_OBJECT_0) {
  663. *((DWORD *)SharedMem) = GetCurrentProcessId();
  665. used = (int)((cchRemaining < 4095 - sizeof(DWORD)) ?
  666. cchRemaining : (4095 - sizeof(DWORD)));
  668. RtlCopyMemory(SharedMem+sizeof(DWORD),
  669. pszRemainingOutput,
  670. used);
  671. SharedMem[used+sizeof(DWORD)] = 0;
  672. SetEvent(ReadyEvent);
  674. } else {
  675. used = (int)((cchRemaining < sizeof(szBuf) - 1) ?
  676. cchRemaining : (int)(sizeof(szBuf) - 1));
  678. RtlCopyMemory(szBuf, pszRemainingOutput, used);
  679. szBuf[used] = 0;
  680. DbgPrint("%s", szBuf);
  681. }
  683. pszRemainingOutput += used;
  684. cchRemaining -= used;
  686. }
  687. } except (EXCEPTION_EXECUTE_HANDLER) {
  688. DbgPrint("\nOutputDebugString faulted during output\n");
  689. }
  691. if (AckEvent) {
  692. CloseHandle(AckEvent);
  693. }
  695. if (SharedMem) {
  696. UnmapViewOfFile(SharedMem);
  697. }
  699. if (SharedFile) {
  700. CloseHandle(SharedFile);
  701. }
  703. if (ReadyEvent) {
  704. CloseHandle(ReadyEvent);
  705. ReleaseMutex(DBWinMutex);
  706. }
  708. SetLastError (OldError);
  709. }
  710. }
  712. BOOL
  713. APIENTRY
  714. WaitForDebugEvent(
  715. LPDEBUG_EVENT lpDebugEvent,
  716. DWORD dwMilliseconds
  717. )
  719. /*++
  721. Routine Description:
  723. A debugger waits for a debug event to occur in one of its debuggees
  724. using WaitForDebugEvent:
  726. Upon successful completion of this API, the lpDebugEvent structure
  727. contains the relevant information of the debug event.
  729. Arguments:
  731. lpDebugEvent - Receives information specifying the type of debug
  732. event that occured.
  734. dwMilliseconds - A time-out value that specifies the relative time,
  735. in milliseconds, over which the wait is to be completed. A
  736. timeout value of 0 specified that the wait is to timeout
  737. immediately. This allows an application to test for debug
  738. events A timeout value of -1 specifies an infinite timeout
  739. period.
  741. Return Value:
  743. TRUE - The operation was successful.
  745. FALSE/NULL - The operation failed (or timed out). Extended error
  746. status is available using GetLastError.
  748. --*/
  750. {
  751. NTSTATUS Status;
  752. DBGUI_WAIT_STATE_CHANGE StateChange;
  753. LARGE_INTEGER TimeOut;
  754. PLARGE_INTEGER pTimeOut;
  757. pTimeOut = BaseFormatTimeOut(&TimeOut,dwMilliseconds);
  759. again:
  760. Status = DbgUiWaitStateChange(&StateChange,pTimeOut);
  761. if ( Status == STATUS_ALERTED || Status == STATUS_USER_APC) {
  762. goto again;
  763. }
  764. if ( !NT_SUCCESS(Status) && Status != DBG_UNABLE_TO_PROVIDE_HANDLE ) {
  765. BaseSetLastNTError(Status);
  766. return FALSE;
  767. }
  769. if ( Status == STATUS_TIMEOUT ) {
  770. SetLastError(ERROR_SEM_TIMEOUT);
  771. return FALSE;
  772. }
  773. Status = DbgUiConvertStateChangeStructure (&StateChange, lpDebugEvent);
  774. if (!NT_SUCCESS (Status)) {
  775. BaseSetLastNTError(Status);
  776. return FALSE;
  777. }
  779. switch (lpDebugEvent->dwDebugEventCode) {
  781. case CREATE_THREAD_DEBUG_EVENT :
  782. //
  783. // Save away thread handle for later cleanup.
  784. //
  785. SaveThreadHandle (lpDebugEvent->dwProcessId,
  786. lpDebugEvent->dwThreadId,
  787. lpDebugEvent->u.CreateThread.hThread);
  788. break;
  790. case CREATE_PROCESS_DEBUG_EVENT :
  792. SaveProcessHandle (lpDebugEvent->dwProcessId,
  793. lpDebugEvent->u.CreateProcessInfo.hProcess);
  795. SaveThreadHandle (lpDebugEvent->dwProcessId,
  796. lpDebugEvent->dwThreadId,
  797. lpDebugEvent->u.CreateProcessInfo.hThread);
  799. break;
  801. case EXIT_THREAD_DEBUG_EVENT :
  803. MarkThreadHandle (lpDebugEvent->dwThreadId);
  805. break;
  807. case EXIT_PROCESS_DEBUG_EVENT :
  809. MarkThreadHandle (lpDebugEvent->dwThreadId);
  810. MarkProcessHandle (lpDebugEvent->dwProcessId);
  812. break;
  814. case OUTPUT_DEBUG_STRING_EVENT :
  815. case RIP_EVENT :
  816. case EXCEPTION_DEBUG_EVENT :
  817. break;
  819. case LOAD_DLL_DEBUG_EVENT :
  820. break;
  822. case UNLOAD_DLL_DEBUG_EVENT :
  823. break;
  825. default:
  826. return FALSE;
  827. }
  828. return TRUE;
  829. }
  831. BOOL
  832. APIENTRY
  833. ContinueDebugEvent(
  834. DWORD dwProcessId,
  835. DWORD dwThreadId,
  836. DWORD dwContinueStatus
  837. )
  839. /*++
  841. Routine Description:
  843. A debugger can continue a thread that previously reported a debug
  844. event using ContinueDebugEvent.
  846. Upon successful completion of this API, the specified thread is
  847. continued. Depending on the debug event previously reported by the
  848. thread certain side effects occur.
  850. If the continued thread previously reported an exit thread debug
  851. event, the handle that the debugger has to the thread is closed.
  853. If the continued thread previously reported an exit process debug
  854. event, the handles that the debugger has to the thread and to the
  855. process are closed.
  857. Arguments:
  859. dwProcessId - Supplies the process id of the process to continue. The
  860. combination of process id and thread id must identify a thread that
  861. has previously reported a debug event.
  863. dwThreadId - Supplies the thread id of the thread to continue. The
  864. combination of process id and thread id must identify a thread that
  865. has previously reported a debug event.
  867. dwContinueStatus - Supplies the continuation status for the thread
  868. reporting the debug event.
  870. dwContinueStatus Values:
  872. DBG_CONTINUE - If the thread being continued had
  873. previously reported an exception event, continuing with
  874. this value causes all exception processing to stop and
  875. the thread continues execution. For any other debug
  876. event, this continuation status simply allows the thread
  877. to continue execution.
  879. DBG_EXCEPTION_NOT_HANDLED - If the thread being continued
  880. had previously reported an exception event, continuing
  881. with this value causes exception processing to continue.
  882. If this is a first chance exception event, then
  883. structured exception handler search/dispatch logic is
  884. invoked. Otherwise, the process is terminated. For any
  885. other debug event, this continuation status simply
  886. allows the thread to continue execution.
  888. DBG_TERMINATE_THREAD - After all continue side effects are
  889. processed, this continuation status causes the thread to
  890. jump to a call to ExitThread. The exit code is the
  891. value DBG_TERMINATE_THREAD.
  893. DBG_TERMINATE_PROCESS - After all continue side effects are
  894. processed, this continuation status causes the thread to
  895. jump to a call to ExitProcess. The exit code is the
  896. value DBG_TERMINATE_PROCESS.
  898. Return Value:
  900. TRUE - The operation was successful.
  902. FALSE/NULL - The operation failed. Extended error status is available
  903. using GetLastError.
  905. --*/
  907. {
  909. NTSTATUS Status;
  910. CLIENT_ID ClientId;
  912. ClientId.UniqueProcess = (HANDLE)LongToHandle(dwProcessId);
  913. ClientId.UniqueThread = (HANDLE)LongToHandle(dwThreadId);
  916. Status = DbgUiContinue(&ClientId,(NTSTATUS)dwContinueStatus);
  917. if ( !NT_SUCCESS(Status) ) {
  918. BaseSetLastNTError(Status);
  919. return FALSE;
  920. }
  922. RemoveHandles (dwThreadId, dwProcessId);
  924. return TRUE;
  925. }
  927. HANDLE
  928. ProcessIdToHandle (
  929. IN DWORD dwProcessId
  930. )
  931. {
  932. OBJECT_ATTRIBUTES oa;
  933. HANDLE Process;
  934. CLIENT_ID ClientId;
  935. NTSTATUS Status;
  937. if (dwProcessId == -1) {
  938. ClientId.UniqueProcess = CsrGetProcessId ();
  939. } else {
  940. ClientId.UniqueProcess = LongToHandle(dwProcessId);
  941. }
  942. ClientId.UniqueThread = NULL;
  944. InitializeObjectAttributes (&oa, NULL, 0, NULL, NULL);
  946. Status = NtOpenProcess (&Process,
  947. PROCESS_SET_PORT|PROCESS_CREATE_THREAD|PROCESS_QUERY_INFORMATION|PROCESS_VM_OPERATION|
  948. PROCESS_VM_WRITE|PROCESS_VM_READ,
  949. &oa,
  950. &ClientId);
  951. if (!NT_SUCCESS(Status)) {
  952. BaseSetLastNTError(Status);
  953. Process = NULL;
  954. }
  955. return Process;
  956. }
  958. BOOL
  959. APIENTRY
  960. DebugActiveProcess(
  961. DWORD dwProcessId
  962. )
  964. /*++
  966. Routine Description:
  968. This API allows a debugger to attach to an active process and debug
  969. the process. The debugger specifies the process that it wants to
  970. debug through the process id of the target process. The debugger
  971. gets debug access to the process as if it had created the process
  972. with the DEBUG_ONLY_THIS_PROCESS creation flag.
  974. The debugger must have approriate access to the calling process such
  975. that it can open the process for PROCESS_ALL_ACCESS. For Dos/Win32
  976. this never fails (the process id just has to be a valid process id).
  977. For NT/Win32 this check can fail if the target process was created
  978. with a security descriptor that denies the debugger approriate
  979. access.
  981. Once the process id check has been made and the system determines
  982. that a valid debug attachment is being made, this call returns
  983. success to the debugger. The debugger is then expected to wait for
  984. debug events. The system will suspend all threads in the process
  985. and feed the debugger debug events representing the current state of
  986. the process.
  988. The system will feed the debugger a single create process debug
  989. event representing the process specified by dwProcessId. The
  990. lpStartAddress field of the create process debug event is NULL. For
  991. each thread currently part of the process, the system will send a
  992. create thread debug event. The lpStartAddress field of the create
  993. thread debug event is NULL. For each DLL currently loaded into the
  994. address space of the target process, the system will send a LoadDll
  995. debug event. The system will arrange for the first thread in the
  996. process to execute a breakpoint instruction after it is resumed.
  997. Continuing this thread causes the thread to return to whatever it
  998. was doing prior to the debug attach.
  1000. After all of this has been done, the system resumes all threads within
  1001. the process. When the first thread in the process resumes, it will
  1002. execute a breakpoint instruction causing an exception debug event
  1003. to be sent to the debugger.
  1005. All future debug events are sent to the debugger using the normal
  1006. mechanism and rules.
  1009. Arguments:
  1011. dwProcessId - Supplies the process id of a process the caller
  1012. wants to debug.
  1014. Return Value:
  1016. TRUE - The operation was successful.
  1018. FALSE/NULL - The operation failed. Extended error status is available
  1019. using GetLastError.
  1021. --*/
  1023. {
  1024. HANDLE Process;
  1025. NTSTATUS Status, Status1;
  1028. //
  1029. // Connect to dbgss as a user interface
  1030. //
  1032. Status = DbgUiConnectToDbg ();
  1033. if (!NT_SUCCESS (Status)) {
  1034. BaseSetLastNTError (Status);
  1035. return FALSE;
  1036. }
  1039. //
  1040. // Convert the process ID to a handle
  1041. //
  1042. Process = ProcessIdToHandle (dwProcessId);
  1043. if (Process == NULL) {
  1044. return FALSE;
  1045. }
  1048. Status = DbgUiDebugActiveProcess (Process);
  1050. if (!NT_SUCCESS (Status)) {
  1051. Status1 = NtClose (Process);
  1052. ASSERT (NT_SUCCESS (Status1));
  1053. BaseSetLastNTError (Status);
  1054. return FALSE;
  1055. }
  1057. Status1 = NtClose (Process);
  1058. ASSERT (NT_SUCCESS (Status1));
  1060. return TRUE;
  1061. }
  1063. BOOL
  1064. APIENTRY
  1065. DebugActiveProcessStop(
  1066. DWORD dwProcessId
  1067. )
  1069. /*++
  1071. Routine Description:
  1075. Arguments:
  1077. dwProcessId - Supplies the process id of a process the caller
  1078. wants to stop debugging.
  1080. Return Value:
  1082. TRUE - The operation was successful.
  1084. FALSE/NULL - The operation failed. Extended error status is available
  1085. using GetLastError.
  1087. --*/
  1089. {
  1090. HANDLE Process, Thread;
  1091. NTSTATUS Status;
  1092. NTSTATUS Status1;
  1093. DWORD ThreadId;
  1095. Process = ProcessIdToHandle (dwProcessId);
  1096. if (Process == NULL) {
  1097. return FALSE;
  1098. }
  1099. //
  1100. // Tell dbgss we have finished with this process.
  1101. //
  1103. CloseAllProcessHandles (dwProcessId);
  1104. Status = DbgUiStopDebugging (Process);
  1106. Status1 = NtClose (Process);
  1108. ASSERT (NT_SUCCESS (Status1));
  1110. if (!NT_SUCCESS(Status)) {
  1111. SetLastError(ERROR_ACCESS_DENIED);
  1112. return FALSE;
  1113. }
  1115. return TRUE;
  1116. }
  1118. BOOL
  1119. APIENTRY
  1120. DebugBreakProcess (
  1121. IN HANDLE Process
  1122. )
  1123. /*++
  1125. Routine Description:
  1127. This functions creates a thread inside the target process that issues a break.
  1129. Arguments:
  1131. Process - Handle to process
  1133. Return Value:
  1135. TRUE - The operation was successful
  1137. FALSE/NULL - The operation failed. Extended error status is available
  1138. using GetLastError.
  1140. --*/
  1141. {
  1142. NTSTATUS Status;
  1144. Status = DbgUiIssueRemoteBreakin (Process);
  1145. if (NT_SUCCESS (Status)) {
  1146. return TRUE;
  1147. } else {
  1148. BaseSetLastNTError (Status);
  1149. return FALSE;
  1150. }
  1151. }
  1153. BOOL
  1154. APIENTRY
  1155. DebugSetProcessKillOnExit (
  1156. IN BOOL KillOnExit
  1157. )
  1158. /*++
  1160. Routine Description:
  1162. This functions sets the action to be performed when the debugging thread dies
  1164. Arguments:
  1166. KillOnExit - TRUE: Kill debugged processes on exit, FALSE: Detatch on debug exit
  1168. Return Value:
  1170. TRUE - The operation was successful
  1172. FALSE/NULL - The operation failed. Extended error status is available
  1173. using GetLastError.
  1175. --*/
  1176. {
  1177. HANDLE DebugHandle;
  1178. ULONG Flags;
  1179. NTSTATUS Status;
  1181. DebugHandle = DbgUiGetThreadDebugObject ();
  1182. if (DebugHandle == NULL) {
  1183. BaseSetLastNTError (STATUS_INVALID_HANDLE);
  1184. return FALSE;
  1185. }
  1187. if (KillOnExit) {
  1188. Flags = DEBUG_KILL_ON_CLOSE;
  1189. } else {
  1190. Flags = 0;
  1191. }
  1193. Status = NtSetInformationDebugObject (DebugHandle,
  1194. DebugObjectFlags,
  1195. &Flags,
  1196. sizeof (Flags),
  1197. NULL);
  1198. if (!NT_SUCCESS (Status)) {
  1199. BaseSetLastNTError (Status);
  1200. return FALSE;
  1201. }
  1202. return TRUE;
  1203. }
  1205. BOOL
  1206. APIENTRY
  1207. GetThreadSelectorEntry(
  1208. HANDLE hThread,
  1209. DWORD dwSelector,
  1210. LPLDT_ENTRY lpSelectorEntry
  1211. )
  1213. /*++
  1215. Routine Description:
  1217. This function is used to return a descriptor table entry for the
  1218. specified thread corresponding to the specified selector.
  1220. This API is only functional on x86 based systems. For non x86 based
  1221. systems. A value of FALSE is returned.
  1223. This API is used by a debugger so that it can convert segment
  1224. relative addresses to linear virtual address (since this is the only
  1225. format supported by ReadProcessMemory and WriteProcessMemory.
  1227. Arguments:
  1229. hThread - Supplies a handle to the thread that contains the
  1230. specified selector. The handle must have been created with
  1231. THREAD_QUERY_INFORMATION access.
  1233. dwSelector - Supplies the selector value to lookup. The selector
  1234. value may be a global selector or a local selector.
  1236. lpSelectorEntry - If the specified selector is contained withing the
  1237. threads descriptor tables, this parameter returns the selector
  1238. entry corresponding to the specified selector value. This data
  1239. can be used to compute the linear base address that segment
  1240. relative addresses refer to.
  1242. Return Value:
  1244. TRUE - The operation was successful
  1246. FALSE/NULL - The operation failed. Extended error status is available
  1247. using GetLastError.
  1249. --*/
  1251. {
  1252. #if defined(i386)
  1254. DESCRIPTOR_TABLE_ENTRY DescriptorEntry;
  1255. NTSTATUS Status;
  1257. DescriptorEntry.Selector = dwSelector;
  1258. Status = NtQueryInformationThread(
  1259. hThread,
  1260. ThreadDescriptorTableEntry,
  1261. &DescriptorEntry,
  1262. sizeof(DescriptorEntry),
  1263. NULL
  1264. );
  1265. if ( !NT_SUCCESS(Status) ) {
  1266. BaseSetLastNTError(Status);
  1267. return FALSE;
  1268. }
  1269. *lpSelectorEntry = DescriptorEntry.Descriptor;
  1270. return TRUE;
  1272. #else
  1273. BaseSetLastNTError(STATUS_NOT_SUPPORTED);
  1274. return FALSE;
  1275. #endif // i386
  1277. }