archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/ds/security/cryptoapi/secstor/svr/module.c

324 lines
6.5 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1996, 1997 Microsoft Corporation
  5. Module Name:
  7. module.c
  9. Abstract:
  11. This module contains routines to perform module related query activities
  12. in the protected store.
  14. Author:
  16. Scott Field (sfield) 27-Nov-96
  18. --*/
  21. #include <nt.h>
  22. #include <ntrtl.h>
  23. #include <nturtl.h>
  25. #include <windows.h>
  26. #include <tlhelp32.h>
  28. #include "module.h"
  29. #include "filemisc.h"
  31. #include "unicode.h"
  32. #include "debug.h"
  34. #include "pstypes.h"
  35. #include "pstprv.h"
  38. //
  39. // common function typedefs + pointers
  40. //
  42. typedef BOOL (WINAPI *SYMLOADMODULE)(
  43. IN HANDLE hProcess,
  44. IN HANDLE hFile,
  45. IN LPSTR ImageName,
  46. IN LPSTR ModuleName,
  47. IN DWORD_PTR BaseOfDll,
  48. IN DWORD SizeOfDll
  49. );
  51. SYMLOADMODULE _SymLoadModule = NULL;
  53. //
  54. // winnt specific function typedefs + pointers
  55. //
  57. typedef NTSTATUS (NTAPI *NTQUERYPROCESS)(
  58. HANDLE ProcessHandle,
  59. PROCESSINFOCLASS ProcessInformationClass,
  60. PVOID ProcessInformation,
  61. ULONG ProcessInformationLength,
  62. PULONG ReturnLength OPTIONAL
  63. );
  66. #ifdef WIN95_LEGACY
  68. //
  69. // win95 specific function typedefs + pointers.
  70. //
  72. typedef BOOL (WINAPI *MODULEWALK)(
  73. HANDLE hSnapshot,
  74. LPMODULEENTRY32 lpme
  75. );
  77. typedef BOOL (WINAPI *THREADWALK)(
  78. HANDLE hSnapshot,
  79. LPTHREADENTRY32 lpte
  80. );
  82. typedef BOOL (WINAPI *PROCESSWALK)(
  83. HANDLE hSnapshot,
  84. LPPROCESSENTRY32 lppe
  85. );
  87. typedef HANDLE (WINAPI *CREATESNAPSHOT)(
  88. DWORD dwFlags,
  89. DWORD th32ProcessID
  90. );
  92. CREATESNAPSHOT pCreateToolhelp32Snapshot = NULL;
  93. MODULEWALK pModule32First = NULL;
  94. MODULEWALK pModule32Next = NULL;
  95. PROCESSWALK pProcess32First = NULL;
  96. PROCESSWALK pProcess32Next = NULL;
  98. #endif // WIN95_LEGACY
  100. extern FARPROC _ImageNtHeader;
  103. //
  104. // private function prototypes
  105. //
  107. VOID
  108. FixupBrokenLoaderPath(
  109. IN LPWSTR szFilePath
  110. );
  112. BOOL
  113. GetFileNameFromBaseAddrNT(
  114. IN HANDLE hProcess,
  115. IN DWORD dwProcessId,
  116. IN DWORD_PTR dwBaseAddr,
  117. OUT LPWSTR *lpszDirectCaller
  118. );
  121. #ifdef WIN95_LEGACY
  123. BOOL
  124. GetFileNameFromBaseAddr95(
  125. IN HANDLE hProcess,
  126. IN DWORD dwProcessId,
  127. IN DWORD_PTR dwBaseAddr,
  128. OUT LPWSTR *lpszDirectCaller
  129. );
  131. #endif // WIN95_LEGACY
  133. VOID
  134. FixupBrokenLoaderPath(
  135. IN LPWSTR szFilePath
  136. )
  137. {
  138. if( !FIsWinNT() || szFilePath == NULL )
  139. return;
  142. //
  143. // sfield, 28-Oct-97 (NTbug 118803 filed against MarkL)
  144. // for WinNT, the loader data structures are broken:
  145. // a path len extension prefix of \??\ is used instead of \\?\
  146. //
  148. if( szFilePath[0] == L'\\' &&
  149. szFilePath[1] == L'?' &&
  150. szFilePath[2] == L'?' &&
  151. szFilePath[3] == L'\\' ) {
  153. szFilePath[1] = L'\\';
  155. }
  157. }
  160. #ifdef WIN95_LEGACY
  162. BOOL
  163. GetFileNameFromBaseAddr95(
  164. IN HANDLE hProcess,
  165. IN DWORD dwProcessId,
  166. IN DWORD_PTR dwBaseAddr,
  167. OUT LPWSTR *lpszDirectCaller
  168. )
  169. {
  170. HANDLE hSnapshot;
  171. MODULEENTRY32 me32;
  172. BOOL bSuccess = FALSE;
  173. BOOL bFound = FALSE;
  175. *lpszDirectCaller = NULL;
  177. hSnapshot = pCreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessId);
  178. if(hSnapshot == INVALID_HANDLE_VALUE)
  179. return FALSE;
  181. me32.dwSize = sizeof(me32);
  183. bSuccess = pModule32First(hSnapshot, &me32);
  185. while(bSuccess) {
  186. LPCSTR szFileName;
  187. DWORD cchModule;
  189. if((DWORD_PTR)me32.modBaseAddr != dwBaseAddr) {
  190. me32.dwSize = sizeof(me32);
  191. bSuccess = pModule32Next(hSnapshot, &me32);
  192. continue;
  193. }
  195. cchModule = lstrlenA(me32.szExePath) + 1;
  197. *lpszDirectCaller = (LPWSTR)SSAlloc(cchModule * sizeof(WCHAR));
  198. if(*lpszDirectCaller == NULL)
  199. break;
  201. if(MultiByteToWideChar(
  202. 0,
  203. 0,
  204. me32.szExePath,
  205. cchModule,
  206. *lpszDirectCaller,
  207. cchModule
  208. ) != 0) {
  210. bFound = TRUE;
  211. }
  213. break;
  214. }
  216. CloseHandle(hSnapshot);
  218. if(!bFound) {
  219. if(*lpszDirectCaller) {
  220. SSFree(*lpszDirectCaller);
  221. *lpszDirectCaller = NULL;
  222. }
  223. }
  225. return bFound;
  226. }
  228. BOOL
  229. GetProcessIdFromPath95(
  230. IN LPCSTR szProcessPath,
  231. IN OUT DWORD *dwProcessId
  232. )
  233. {
  234. LPCSTR szProcessName;
  235. HANDLE hSnapshot;
  236. PROCESSENTRY32 pe32;
  237. DWORD dwLastError = 0;
  238. BOOL bSuccess;
  239. BOOL bFound = FALSE; // assume no match found
  241. if(!GetFileNameFromPathA(szProcessPath, &szProcessName))
  242. return FALSE;
  244. hSnapshot = pCreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
  245. if(hSnapshot == INVALID_HANDLE_VALUE)
  246. return FALSE;
  248. pe32.dwSize = sizeof(pe32);
  250. bSuccess = pProcess32First(hSnapshot, &pe32);
  252. while(bSuccess) {
  253. LPCSTR szFileName;
  255. GetFileNameFromPathA(pe32.szExeFile, &szFileName);
  257. if(lstrcmpiA( szFileName, szProcessName ) == 0) {
  258. *dwProcessId = pe32.th32ProcessID;
  259. bFound = TRUE;
  260. break;
  261. }
  263. pe32.dwSize = sizeof(pe32);
  264. bSuccess = pProcess32Next(hSnapshot, &pe32);
  265. }
  267. CloseHandle(hSnapshot);
  269. if(!bFound && dwLastError) {
  270. SetLastError(dwLastError);
  271. }
  273. return bFound;
  274. }
  277. BOOL
  278. GetBaseAddressModule95(
  279. IN DWORD dwProcessId,
  280. IN LPCSTR szImagePath,
  281. IN OUT DWORD_PTR *dwBaseAddress,
  282. IN OUT DWORD *dwUseCount
  283. )
  284. {
  285. LPSTR szImageName;
  286. HANDLE hSnapshot;
  287. MODULEENTRY32 me32;
  288. BOOL bSuccess = FALSE;
  289. BOOL bFound = FALSE;
  291. if(!GetFileNameFromPathA(szImagePath, &szImageName))
  292. return FALSE;
  294. hSnapshot = pCreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessId);
  295. if(hSnapshot == INVALID_HANDLE_VALUE)
  296. return FALSE;
  298. me32.dwSize = sizeof(me32);
  300. bSuccess = pModule32First(hSnapshot, &me32);
  302. while(bSuccess) {
  303. LPCSTR szFileName;
  305. GetFileNameFromPathA(me32.szExePath, &szFileName);
  307. if(lstrcmpiA( szFileName, szImageName ) == 0) {
  308. *dwBaseAddress = (DWORD_PTR)me32.modBaseAddr;
  309. *dwUseCount = me32.ProccntUsage;
  310. bFound = TRUE;
  311. break;
  312. }
  314. me32.dwSize = sizeof(me32);
  315. bSuccess = pModule32Next(hSnapshot, &me32);
  316. }
  318. CloseHandle(hSnapshot);
  320. return bFound;
  321. }
  323. #endif // WIN95_LEGACY