archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/base/ntos/rtl/imagedir.c

639 lines
16 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1991 Microsoft Corporation
  5. Module Name:
  7. imagedir.c
  9. Abstract:
  11. The module contains the code to translate an image directory type to
  12. the address of the data for that entry.
  14. Author:
  16. Steve Wood (stevewo) 18-Aug-1989
  18. Environment:
  20. User Mode or Kernel Mode
  22. Revision History:
  24. --*/
  26. #include "ntrtlp.h"
  28. #if defined(NTOS_KERNEL_RUNTIME)
  30. VOID
  31. RtlpTouchMemory(
  32. IN PVOID Address,
  33. IN ULONG Length
  34. );
  36. VOID
  37. RtlpMakeStackTraceDataPresentForImage(
  38. IN PVOID ImageBase
  39. );
  41. #if defined(ALLOC_PRAGMA)
  42. #pragma alloc_text(PAGE,RtlpTouchMemory)
  43. #pragma alloc_text(PAGE,RtlMakeStackTraceDataPresent)
  44. #pragma alloc_text(PAGE,RtlpMakeStackTraceDataPresentForImage)
  45. #endif
  46. #endif
  48. PIMAGE_SECTION_HEADER
  49. RtlSectionTableFromVirtualAddress (
  50. IN PIMAGE_NT_HEADERS NtHeaders,
  51. IN PVOID Base,
  52. IN ULONG Address
  53. )
  55. /*++
  57. Routine Description:
  59. This function locates a VirtualAddress within the image header
  60. of a file that is mapped as a file and returns a pointer to the
  61. section table entry for that virtual address
  63. Arguments:
  65. NtHeaders - Supplies the pointer to the image or data file.
  67. Base - Supplies the base of the image or data file.
  69. Address - Supplies the virtual address to locate.
  71. Return Value:
  73. NULL - The file does not contain data for the specified directory entry.
  75. NON-NULL - Returns the pointer of the section entry containing the data.
  77. --*/
  79. {
  80. ULONG i;
  81. PIMAGE_SECTION_HEADER NtSection;
  83. NtSection = IMAGE_FIRST_SECTION( NtHeaders );
  84. for (i=0; i<NtHeaders->FileHeader.NumberOfSections; i++) {
  85. if ((ULONG)Address >= NtSection->VirtualAddress &&
  86. (ULONG)Address < NtSection->VirtualAddress + NtSection->SizeOfRawData
  87. ) {
  88. return NtSection;
  89. }
  90. ++NtSection;
  91. }
  93. return NULL;
  94. }
  97. PVOID
  98. RtlAddressInSectionTable (
  99. IN PIMAGE_NT_HEADERS NtHeaders,
  100. IN PVOID Base,
  101. IN ULONG Address
  102. )
  104. /*++
  106. Routine Description:
  108. This function locates a VirtualAddress within the image header
  109. of a file that is mapped as a file and returns the seek address
  110. of the data the Directory describes.
  112. Arguments:
  114. NtHeaders - Supplies the pointer to the image or data file.
  116. Base - Supplies the base of the image or data file.
  118. Address - Supplies the virtual address to locate.
  120. Return Value:
  122. NULL - The file does not contain data for the specified directory entry.
  124. NON-NULL - Returns the address of the raw data the directory describes.
  126. --*/
  128. {
  129. PIMAGE_SECTION_HEADER NtSection;
  131. NtSection = RtlSectionTableFromVirtualAddress( NtHeaders,
  132. Base,
  133. Address
  134. );
  135. if (NtSection != NULL) {
  136. return( ((PCHAR)Base + ((ULONG_PTR)Address - NtSection->VirtualAddress) + NtSection->PointerToRawData) );
  137. }
  138. else {
  139. return( NULL );
  140. }
  141. }
  144. PVOID
  145. RtlpImageDirectoryEntryToData32 (
  146. IN PVOID Base,
  147. IN BOOLEAN MappedAsImage,
  148. IN USHORT DirectoryEntry,
  149. OUT PULONG Size,
  150. PIMAGE_NT_HEADERS32 NtHeaders
  151. )
  152. {
  153. ULONG DirectoryAddress;
  155. if (DirectoryEntry >= NtHeaders->OptionalHeader.NumberOfRvaAndSizes) {
  156. return( NULL );
  157. }
  159. if (!(DirectoryAddress = NtHeaders->OptionalHeader.DataDirectory[ DirectoryEntry ].VirtualAddress)) {
  160. return( NULL );
  161. }
  163. #if defined(NTOS_KERNEL_RUNTIME)
  164. if (Base < MM_HIGHEST_USER_ADDRESS) {
  165. if ((PVOID)((PCHAR)Base + DirectoryAddress) >= MM_HIGHEST_USER_ADDRESS) {
  166. return( NULL );
  167. }
  168. }
  169. #endif
  171. *Size = NtHeaders->OptionalHeader.DataDirectory[ DirectoryEntry ].Size;
  172. if (MappedAsImage || DirectoryAddress < NtHeaders->OptionalHeader.SizeOfHeaders) {
  173. return( (PVOID)((PCHAR)Base + DirectoryAddress) );
  174. }
  176. return( RtlAddressInSectionTable((PIMAGE_NT_HEADERS)NtHeaders, Base, DirectoryAddress ));
  177. }
  180. PVOID
  181. RtlpImageDirectoryEntryToData64 (
  182. IN PVOID Base,
  183. IN BOOLEAN MappedAsImage,
  184. IN USHORT DirectoryEntry,
  185. OUT PULONG Size,
  186. PIMAGE_NT_HEADERS64 NtHeaders
  187. )
  188. {
  189. ULONG DirectoryAddress;
  191. if (DirectoryEntry >= NtHeaders->OptionalHeader.NumberOfRvaAndSizes) {
  192. return( NULL );
  193. }
  195. if (!(DirectoryAddress = NtHeaders->OptionalHeader.DataDirectory[ DirectoryEntry ].VirtualAddress)) {
  196. return( NULL );
  197. }
  199. #if defined(NTOS_KERNEL_RUNTIME)
  200. if (Base < MM_HIGHEST_USER_ADDRESS) {
  201. if ((PVOID)((PCHAR)Base + DirectoryAddress) >= MM_HIGHEST_USER_ADDRESS) {
  202. return( NULL );
  203. }
  204. }
  205. #endif
  207. *Size = NtHeaders->OptionalHeader.DataDirectory[ DirectoryEntry ].Size;
  208. if (MappedAsImage || DirectoryAddress < NtHeaders->OptionalHeader.SizeOfHeaders) {
  209. return( (PVOID)((PCHAR)Base + DirectoryAddress) );
  210. }
  212. return( RtlAddressInSectionTable((PIMAGE_NT_HEADERS)NtHeaders, Base, DirectoryAddress ));
  213. }
  216. PVOID
  217. RtlImageDirectoryEntryToData (
  218. IN PVOID Base,
  219. IN BOOLEAN MappedAsImage,
  220. IN USHORT DirectoryEntry,
  221. OUT PULONG Size
  222. )
  224. /*++
  226. Routine Description:
  228. This function locates a Directory Entry within the image header
  229. and returns either the virtual address or seek address of the
  230. data the Directory describes.
  232. Arguments:
  234. Base - Supplies the base of the image or data file.
  236. MappedAsImage - FALSE if the file is mapped as a data file.
  237. - TRUE if the file is mapped as an image.
  239. DirectoryEntry - Supplies the directory entry to locate.
  241. Size - Return the size of the directory.
  243. Return Value:
  245. NULL - The file does not contain data for the specified directory entry.
  247. NON-NULL - Returns the address of the raw data the directory describes.
  249. --*/
  251. {
  252. PIMAGE_NT_HEADERS NtHeaders;
  254. if (LDR_IS_DATAFILE(Base)) {
  255. Base = LDR_DATAFILE_TO_VIEW(Base);
  256. MappedAsImage = FALSE;
  257. }
  259. NtHeaders = RtlImageNtHeader(Base);
  261. if (!NtHeaders)
  262. return NULL;
  264. if (NtHeaders->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
  265. return (RtlpImageDirectoryEntryToData32(Base,
  266. MappedAsImage,
  267. DirectoryEntry,
  268. Size,
  269. (PIMAGE_NT_HEADERS32)NtHeaders));
  270. } else if (NtHeaders->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
  271. return (RtlpImageDirectoryEntryToData64(Base,
  272. MappedAsImage,
  273. DirectoryEntry,
  274. Size,
  275. (PIMAGE_NT_HEADERS64)NtHeaders));
  276. } else {
  277. return (NULL);
  278. }
  279. }
  281. #if defined(NTOS_KERNEL_RUNTIME)
  283. VOID
  284. RtlMakeStackTraceDataPresent(
  285. VOID
  286. )
  288. /*++
  290. Routine Description:
  292. This function walks the loaded user-mode images and makes present the
  293. portions of the data necessary to support a kernel-debugger stack
  294. dump of the user-mode stack.
  296. N.B. The necessary pieces are merely touched to be brought in. In a low
  297. memory situation, some of the previously-touched pages may be paged
  298. out in order for the new ones to be brought in. This routine is
  299. not guaranteed to do anything useful, however it does more often than
  300. not.
  302. Arguments:
  304. None.
  306. Return value:
  308. None.
  310. --*/
  312. {
  313. PPEB peb;
  314. PLIST_ENTRY head;
  315. PLIST_ENTRY next;
  316. PVOID imageBase;
  317. ULONG imageCount;
  318. LDR_DATA_TABLE_ENTRY UNALIGNED *ldrDataTableEntry;
  320. RTL_PAGED_CODE();
  322. //
  323. // The image list is in user mode and is not to be trusted. The
  324. // surrounding try/except block will guard against most forms of
  325. // list corruption. imageCount is used to bail in finite time
  326. // in the event of a cyclic image list.
  327. //
  329. imageCount = 0;
  330. try {
  332. peb = NtCurrentPeb();
  333. head = &peb->Ldr->InLoadOrderModuleList;
  335. ProbeForReadSmallStructure( head,
  336. sizeof(LIST_ENTRY),
  337. PROBE_ALIGNMENT(LIST_ENTRY) );
  339. next = head;
  340. while (imageCount < 1000) {
  342. next = next->Flink;
  343. if (next == head) {
  344. break;
  345. }
  346. imageCount += 1;
  348. //
  349. // Locate the base address of the image
  350. //
  352. ldrDataTableEntry = CONTAINING_RECORD(next,
  353. LDR_DATA_TABLE_ENTRY,
  354. InLoadOrderLinks);
  356. ProbeForReadSmallStructure( ldrDataTableEntry,
  357. sizeof(LDR_DATA_TABLE_ENTRY),
  358. PROBE_ALIGNMENT(LDR_DATA_TABLE_ENTRY) );
  360. imageBase = ldrDataTableEntry->DllBase;
  361. ProbeForReadSmallStructure (imageBase, sizeof (IMAGE_DOS_HEADER), sizeof (UCHAR));
  363. //
  364. // Make the stack trace data present for this image. Use a
  365. // seperate try/except block here so that subsequent images
  366. // will be processed in the event of a failure.
  367. //
  369. try {
  370. RtlpMakeStackTraceDataPresentForImage(imageBase);
  371. } except (EXCEPTION_EXECUTE_HANDLER) {
  372. NOTHING;
  373. }
  374. }
  376. } except (EXCEPTION_EXECUTE_HANDLER) {
  377. NOTHING;
  378. }
  379. }
  381. VOID
  382. RtlpMakeStackTraceDataPresentForImage(
  383. IN PVOID ImageBase
  384. )
  386. /*++
  388. Routine Description:
  390. This function attempts to make present the portions of an image necessary
  391. to support a kernel-debugger stack dump of the user-mode stack.
  393. Arguments:
  395. ImageBase - Supplies the VA of the base of the image to process.
  397. Return value:
  399. None.
  401. --*/
  403. {
  404. PVOID directory;
  405. ULONG directorySize;
  406. PIMAGE_RUNTIME_FUNCTION_ENTRY functionEntry;
  407. PIMAGE_RUNTIME_FUNCTION_ENTRY lastFunctionEntry;
  408. PCHAR imageBase;
  410. #if defined(_IA64_)
  411. PUNWIND_INFO unwindInfo;
  412. #endif
  414. RTL_PAGED_CODE();
  416. //
  417. // Make present the IMAGE_DIRECTORY_EXCEPTION section.
  418. //
  420. directory = RtlImageDirectoryEntryToData(ImageBase,
  421. TRUE,
  422. IMAGE_DIRECTORY_ENTRY_EXCEPTION,
  423. &directorySize);
  424. if (directory == NULL) {
  425. return;
  426. }
  428. RtlpTouchMemory(directory, directorySize);
  430. #if defined(_IA64_)
  432. //
  433. // The IMAGE_DIRECTORY_EXCEPTION section is an array of
  434. // IMAGE_RUNTIME_FUNCTION_ENTRY structures. Each function entry
  435. // refers, via UnwindInfoAddress (expressed as an image offset) to
  436. // an UNWIND_INFO structure.
  437. //
  438. // All UNWIND_INFO structures must be made present.
  439. //
  441. functionEntry = (PIMAGE_RUNTIME_FUNCTION_ENTRY)directory;
  442. lastFunctionEntry = functionEntry +
  443. directorySize / sizeof(IMAGE_RUNTIME_FUNCTION_ENTRY);
  445. while (functionEntry < lastFunctionEntry) {
  447. unwindInfo = (PUNWIND_INFO)((PCHAR)ImageBase +
  448. functionEntry->UnwindInfoAddress);
  450. //
  451. // An UNWIND_INFO structure consists of a fixed header plus
  452. // a variable-length portion.
  453. //
  455. RtlpTouchMemory(unwindInfo,
  456. sizeof(UNWIND_INFO) +
  457. unwindInfo->DataLength * sizeof(ULONGLONG));
  459. functionEntry += 1;
  460. }
  462. //
  463. // Make present the IMAGE_DIRECTORY_ENTRY_GLOBALPTR section.
  464. //
  466. directory = RtlImageDirectoryEntryToData(ImageBase,
  467. TRUE,
  468. IMAGE_DIRECTORY_ENTRY_GLOBALPTR,
  469. &directorySize);
  470. if (directory == NULL) {
  471. return;
  472. }
  474. RtlpTouchMemory(directory, directorySize);
  476. #endif // _IA64_
  477. }
  479. VOID
  480. RtlpTouchMemory(
  481. IN PVOID Address,
  482. IN ULONG Length
  483. )
  484. /*++
  486. Routine Description:
  488. This function touches all of the pages within a given region.
  490. Arguments:
  492. Address - Supplies the VA of the start of the image to make present.
  494. Length - Supplies the length, in bytes, of the image to make present.
  496. Return value:
  498. None.
  500. --*/
  501. {
  502. PCHAR regionStart;
  503. PCHAR regionEnd;
  505. RTL_PAGED_CODE();
  507. regionStart = Address;
  508. regionEnd = regionStart + Length;
  510. while (regionStart < regionEnd) {
  511. *(volatile UCHAR *)regionStart;
  512. regionStart = PAGE_ALIGN(regionStart + PAGE_SIZE);
  513. }
  514. }
  516. #endif
  518. #if !defined(NTOS_KERNEL_RUNTIME) && !defined(BLDR_KERNEL_RUNTIME)
  520. PIMAGE_SECTION_HEADER
  521. RtlImageRvaToSection(
  522. IN PIMAGE_NT_HEADERS NtHeaders,
  523. IN PVOID Base,
  524. IN ULONG Rva
  525. )
  527. /*++
  529. Routine Description:
  531. This function locates an RVA within the image header of a file
  532. that is mapped as a file and returns a pointer to the section
  533. table entry for that virtual address
  535. Arguments:
  537. NtHeaders - Supplies the pointer to the image or data file.
  539. Base - Supplies the base of the image or data file. The image
  540. was mapped as a data file.
  542. Rva - Supplies the relative virtual address (RVA) to locate.
  544. Return Value:
  546. NULL - The RVA was not found within any of the sections of the image.
  548. NON-NULL - Returns the pointer to the image section that contains
  549. the RVA
  551. --*/
  553. {
  554. ULONG i;
  555. PIMAGE_SECTION_HEADER NtSection;
  557. NtSection = IMAGE_FIRST_SECTION( NtHeaders );
  558. for (i=0; i<NtHeaders->FileHeader.NumberOfSections; i++) {
  559. if (Rva >= NtSection->VirtualAddress &&
  560. Rva < NtSection->VirtualAddress + NtSection->SizeOfRawData
  561. ) {
  562. return NtSection;
  563. }
  564. ++NtSection;
  565. }
  567. return NULL;
  568. }
  572. PVOID
  573. RtlImageRvaToVa(
  574. IN PIMAGE_NT_HEADERS NtHeaders,
  575. IN PVOID Base,
  576. IN ULONG Rva,
  577. IN OUT PIMAGE_SECTION_HEADER *LastRvaSection OPTIONAL
  578. )
  580. /*++
  582. Routine Description:
  584. This function locates an RVA within the image header of a file that
  585. is mapped as a file and returns the virtual addrees of the
  586. corresponding byte in the file.
  589. Arguments:
  591. NtHeaders - Supplies the pointer to the image or data file.
  593. Base - Supplies the base of the image or data file. The image
  594. was mapped as a data file.
  596. Rva - Supplies the relative virtual address (RVA) to locate.
  598. LastRvaSection - Optional parameter that if specified, points
  599. to a variable that contains the last section value used for
  600. the specified image to translate and RVA to a VA.
  602. Return Value:
  604. NULL - The file does not contain the specified RVA
  606. NON-NULL - Returns the virtual addrees in the mapped file.
  608. --*/
  610. {
  611. PIMAGE_SECTION_HEADER NtSection;
  613. if (!ARGUMENT_PRESENT( LastRvaSection ) ||
  614. (NtSection = *LastRvaSection) == NULL ||
  615. Rva < NtSection->VirtualAddress ||
  616. Rva >= NtSection->VirtualAddress + NtSection->SizeOfRawData
  617. ) {
  618. NtSection = RtlImageRvaToSection( NtHeaders,
  619. Base,
  620. Rva
  621. );
  622. }
  624. if (NtSection != NULL) {
  625. if (LastRvaSection != NULL) {
  626. *LastRvaSection = NtSection;
  627. }
  629. return (PVOID)((PCHAR)Base +
  630. (Rva - NtSection->VirtualAddress) +
  631. NtSection->PointerToRawData
  632. );
  633. }
  634. else {
  635. return NULL;
  636. }
  637. }
  639. #endif