archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/base/win32/verifier/hooks.c

968 lines
25 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) Microsoft Corporation. All rights reserved.
  5. Module Name:
  7. hooks.c
  9. Abstract:
  11. This module implements verifier hooks for various
  12. APIs that do not fall in any specific category.
  14. Author:
  16. Silviu Calinoiu (SilviuC) 3-Dec-2001
  18. Revision History:
  20. 3-Dec-2001 (SilviuC): initial version.
  22. --*/
  24. #include "pch.h"
  26. #include "verifier.h"
  27. #include "support.h"
  28. #include "faults.h"
  30. /////////////////////////////////////////////////////////////////////
  31. /////////////////////////////////////////////////////////// Wait APIs
  32. /////////////////////////////////////////////////////////////////////
  34. //WINBASEAPI
  35. DWORD
  36. WINAPI
  37. AVrfpWaitForSingleObject(
  38. IN HANDLE hHandle,
  39. IN DWORD dwMilliseconds
  40. )
  41. {
  42. typedef DWORD (WINAPI * FUNCTION_TYPE) (HANDLE, DWORD);
  43. FUNCTION_TYPE Function;
  44. DWORD Result;
  46. Function = AVRFP_GET_ORIGINAL_EXPORT (AVrfpKernel32Thunks,
  47. AVRF_INDEX_KERNEL32_WAITFORSINGLEOBJECT);
  49. BUMP_COUNTER (CNT_WAIT_SINGLE_CALLS);
  51. if (dwMilliseconds != INFINITE && dwMilliseconds != 0) {
  53. BUMP_COUNTER (CNT_WAIT_WITH_TIMEOUT_CALLS);
  55. if (SHOULD_FAULT_INJECT(CLS_WAIT_APIS)) {
  56. BUMP_COUNTER (CNT_WAIT_WITH_TIMEOUT_FAILS);
  57. CHECK_BREAK (BRK_WAIT_WITH_TIMEOUT_FAIL);
  58. return WAIT_TIMEOUT;
  59. }
  60. }
  62. Result = (* Function) (hHandle, dwMilliseconds);
  64. //
  65. // No matter if it fails or not we will introduce a random delay
  66. // in order to randomize the timings in the process.
  67. //
  69. if ((AVrfpProvider.VerifierFlags & RTL_VRF_FLG_RACE_CHECKS)) {
  70. AVrfpCreateRandomDelay ();
  71. }
  73. return Result;
  74. }
  77. //WINBASEAPI
  78. DWORD
  79. WINAPI
  80. AVrfpWaitForMultipleObjects(
  81. IN DWORD nCount,
  82. IN CONST HANDLE *lpHandles,
  83. IN BOOL bWaitAll,
  84. IN DWORD dwMilliseconds
  85. )
  86. {
  87. typedef DWORD (WINAPI * FUNCTION_TYPE) (DWORD, CONST HANDLE *, BOOL, DWORD);
  88. FUNCTION_TYPE Function;
  89. DWORD Result;
  91. Function = AVRFP_GET_ORIGINAL_EXPORT (AVrfpKernel32Thunks,
  92. AVRF_INDEX_KERNEL32_WAITFORMULTIPLEOBJECTS);
  94. BUMP_COUNTER (CNT_WAIT_MULTIPLE_CALLS);
  96. if (dwMilliseconds != INFINITE && dwMilliseconds != 0) {
  98. BUMP_COUNTER (CNT_WAIT_WITH_TIMEOUT_CALLS);
  100. if (SHOULD_FAULT_INJECT(CLS_WAIT_APIS)) {
  101. BUMP_COUNTER (CNT_WAIT_WITH_TIMEOUT_FAILS);
  102. CHECK_BREAK (BRK_WAIT_WITH_TIMEOUT_FAIL);
  103. return WAIT_TIMEOUT;
  104. }
  105. }
  107. Result = (* Function) (nCount, lpHandles, bWaitAll, dwMilliseconds);
  109. //
  110. // No matter if it fails or not we will introduce a random delay
  111. // in order to randomize the timings in the process.
  112. //
  114. if ((AVrfpProvider.VerifierFlags & RTL_VRF_FLG_RACE_CHECKS)) {
  115. AVrfpCreateRandomDelay ();
  116. }
  118. return Result;
  119. }
  122. //WINBASEAPI
  123. DWORD
  124. WINAPI
  125. AVrfpWaitForSingleObjectEx(
  126. IN HANDLE hHandle,
  127. IN DWORD dwMilliseconds,
  128. IN BOOL bAlertable
  129. )
  130. {
  131. typedef DWORD (WINAPI * FUNCTION_TYPE) (HANDLE, DWORD, BOOL);
  132. FUNCTION_TYPE Function;
  133. DWORD Result;
  135. Function = AVRFP_GET_ORIGINAL_EXPORT (AVrfpKernel32Thunks,
  136. AVRF_INDEX_KERNEL32_WAITFORSINGLEOBJECTEX);
  138. BUMP_COUNTER (CNT_WAIT_SINGLEEX_CALLS);
  140. if (dwMilliseconds != INFINITE && dwMilliseconds != 0) {
  142. BUMP_COUNTER (CNT_WAIT_WITH_TIMEOUT_CALLS);
  144. if (SHOULD_FAULT_INJECT(CLS_WAIT_APIS)) {
  145. BUMP_COUNTER (CNT_WAIT_WITH_TIMEOUT_FAILS);
  146. CHECK_BREAK (BRK_WAIT_WITH_TIMEOUT_FAIL);
  147. return WAIT_TIMEOUT;
  148. }
  149. }
  151. Result = (* Function) (hHandle, dwMilliseconds, bAlertable);
  153. //
  154. // No matter if it fails or not we will introduce a random delay
  155. // in order to randomize the timings in the process.
  156. //
  158. if ((AVrfpProvider.VerifierFlags & RTL_VRF_FLG_RACE_CHECKS)) {
  159. AVrfpCreateRandomDelay ();
  160. }
  162. return Result;
  163. }
  166. //WINBASEAPI
  167. DWORD
  168. WINAPI
  169. AVrfpWaitForMultipleObjectsEx(
  170. IN DWORD nCount,
  171. IN CONST HANDLE *lpHandles,
  172. IN BOOL bWaitAll,
  173. IN DWORD dwMilliseconds,
  174. IN BOOL bAlertable
  175. )
  176. {
  177. typedef DWORD (WINAPI * FUNCTION_TYPE) (DWORD, CONST HANDLE *, BOOL, DWORD, BOOL);
  178. FUNCTION_TYPE Function;
  179. DWORD Result;
  181. Function = AVRFP_GET_ORIGINAL_EXPORT (AVrfpKernel32Thunks,
  182. AVRF_INDEX_KERNEL32_WAITFORMULTIPLEOBJECTSEX);
  184. BUMP_COUNTER (CNT_WAIT_MULTIPLEEX_CALLS);
  186. if (dwMilliseconds != INFINITE && dwMilliseconds != 0) {
  188. BUMP_COUNTER (CNT_WAIT_WITH_TIMEOUT_CALLS);
  190. if (SHOULD_FAULT_INJECT(CLS_WAIT_APIS)) {
  191. BUMP_COUNTER (CNT_WAIT_WITH_TIMEOUT_FAILS);
  192. CHECK_BREAK (BRK_WAIT_WITH_TIMEOUT_FAIL);
  193. return WAIT_TIMEOUT;
  194. }
  195. }
  197. Result = (* Function) (nCount, lpHandles, bWaitAll, dwMilliseconds, bAlertable);
  199. //
  200. // No matter if it fails or not we will introduce a random delay
  201. // in order to randomize the timings in the process.
  202. //
  204. if ((AVrfpProvider.VerifierFlags & RTL_VRF_FLG_RACE_CHECKS)) {
  205. AVrfpCreateRandomDelay ();
  206. }
  208. return Result;
  209. }
  211. //NTSYSCALLAPI
  212. NTSTATUS
  213. NTAPI
  214. AVrfpNtWaitForSingleObject(
  215. IN HANDLE Handle,
  216. IN BOOLEAN Alertable,
  217. IN PLARGE_INTEGER Timeout OPTIONAL
  218. )
  219. {
  220. NTSTATUS Status;
  222. //
  223. // Verify that it is legal to wait for this object
  224. // in the current state. One example of illegal wait
  225. // is waiting for a thread object while holding the
  226. // loader lock. That thread will need the loader lock
  227. // when calling ExitThread so it will most likely
  228. // deadlock with the current thread.
  229. //
  231. AVrfpVerifyLegalWait (&Handle,
  232. 1,
  233. TRUE);
  235. //
  236. // Call the original function.
  237. //
  239. Status = NtWaitForSingleObject (Handle,
  240. Alertable,
  241. Timeout);
  243. return Status;
  244. }
  246. //NTSYSCALLAPI
  247. NTSTATUS
  248. NTAPI
  249. AVrfpNtWaitForMultipleObjects(
  250. IN ULONG Count,
  251. IN HANDLE Handles[],
  252. IN WAIT_TYPE WaitType,
  253. IN BOOLEAN Alertable,
  254. IN PLARGE_INTEGER Timeout OPTIONAL
  255. )
  256. {
  257. NTSTATUS Status;
  259. //
  260. // Verify that it is legal to wait for these objects
  261. // in the current state. One example of illegal wait
  262. // is waiting for a thread object while holding the
  263. // loader lock. That thread will need the loader lock
  264. // when calling ExitThread so it will most likely
  265. // deadlock with the current thread.
  266. //
  268. AVrfpVerifyLegalWait (Handles,
  269. Count,
  270. (WaitType == WaitAll));
  272. //
  273. // Call the original function.
  274. //
  276. Status = NtWaitForMultipleObjects (Count,
  277. Handles,
  278. WaitType,
  279. Alertable,
  280. Timeout);
  282. return Status;
  283. }
  285. /////////////////////////////////////////////////////////////////////
  286. /////////////////////////////////////////////////////////// File APIs
  287. /////////////////////////////////////////////////////////////////////
  289. //NTSYSCALLAPI
  290. NTSTATUS
  291. NTAPI
  292. AVrfpNtCreateFile(
  293. OUT PHANDLE FileHandle,
  294. IN ACCESS_MASK DesiredAccess,
  295. IN POBJECT_ATTRIBUTES ObjectAttributes,
  296. OUT PIO_STATUS_BLOCK IoStatusBlock,
  297. IN PLARGE_INTEGER AllocationSize OPTIONAL,
  298. IN ULONG FileAttributes,
  299. IN ULONG ShareAccess,
  300. IN ULONG CreateDisposition,
  301. IN ULONG CreateOptions,
  302. IN PVOID EaBuffer OPTIONAL,
  303. IN ULONG EaLength
  304. )
  305. {
  306. NTSTATUS Status;
  308. if (SHOULD_FAULT_INJECT(CLS_FILE_APIS)) {
  309. CHECK_BREAK (BRK_CREATE_FILE_FAIL);
  310. return STATUS_NO_MEMORY;
  311. }
  313. Status = NtCreateFile (FileHandle,
  314. DesiredAccess,
  315. ObjectAttributes,
  316. IoStatusBlock,
  317. AllocationSize,
  318. FileAttributes,
  319. ShareAccess,
  320. CreateDisposition,
  321. CreateOptions,
  322. EaBuffer,
  323. EaLength);
  325. return Status;
  326. }
  329. //NTSYSCALLAPI
  330. NTSTATUS
  331. NTAPI
  332. AVrfpNtOpenFile(
  333. OUT PHANDLE FileHandle,
  334. IN ACCESS_MASK DesiredAccess,
  335. IN POBJECT_ATTRIBUTES ObjectAttributes,
  336. OUT PIO_STATUS_BLOCK IoStatusBlock,
  337. IN ULONG ShareAccess,
  338. IN ULONG OpenOptions
  339. )
  340. {
  341. NTSTATUS Status;
  343. if (SHOULD_FAULT_INJECT(CLS_FILE_APIS)) {
  344. CHECK_BREAK (BRK_CREATE_FILE_FAIL);
  345. return STATUS_NO_MEMORY;
  346. }
  348. Status = NtOpenFile (FileHandle,
  349. DesiredAccess,
  350. ObjectAttributes,
  351. IoStatusBlock,
  352. ShareAccess,
  353. OpenOptions);
  355. return Status;
  356. }
  358. //WINBASEAPI
  359. HANDLE
  360. WINAPI
  361. AVrfpCreateFileA(
  362. IN LPCSTR lpFileName,
  363. IN DWORD dwDesiredAccess,
  364. IN DWORD dwShareMode,
  365. IN LPSECURITY_ATTRIBUTES lpSecurityAttributes,
  366. IN DWORD dwCreationDisposition,
  367. IN DWORD dwFlagsAndAttributes,
  368. IN HANDLE hTemplateFile
  369. )
  370. {
  371. typedef HANDLE (WINAPI * FUNCTION_TYPE)
  372. (LPCSTR, DWORD, DWORD, LPSECURITY_ATTRIBUTES,
  373. DWORD, DWORD, HANDLE);
  375. FUNCTION_TYPE Function;
  377. Function = AVRFP_GET_ORIGINAL_EXPORT (AVrfpKernel32Thunks,
  378. AVRF_INDEX_KERNEL32_CREATEFILEA);
  380. if (SHOULD_FAULT_INJECT(CLS_FILE_APIS)) {
  381. CHECK_BREAK (BRK_CREATE_FILE_FAIL);
  382. NtCurrentTeb()->LastErrorValue = ERROR_OUTOFMEMORY;
  383. return INVALID_HANDLE_VALUE;
  384. }
  386. return (* Function) (lpFileName,
  387. dwDesiredAccess,
  388. dwShareMode,
  389. lpSecurityAttributes,
  390. dwCreationDisposition,
  391. dwFlagsAndAttributes,
  392. hTemplateFile);
  393. }
  395. //WINBASEAPI
  396. HANDLE
  397. WINAPI
  398. AVrfpCreateFileW(
  399. IN LPCWSTR lpFileName,
  400. IN DWORD dwDesiredAccess,
  401. IN DWORD dwShareMode,
  402. IN LPSECURITY_ATTRIBUTES lpSecurityAttributes,
  403. IN DWORD dwCreationDisposition,
  404. IN DWORD dwFlagsAndAttributes,
  405. IN HANDLE hTemplateFile
  406. )
  407. {
  408. typedef HANDLE (WINAPI * FUNCTION_TYPE)
  409. (LPCWSTR, DWORD, DWORD, LPSECURITY_ATTRIBUTES,
  410. DWORD, DWORD, HANDLE);
  412. FUNCTION_TYPE Function;
  414. Function = AVRFP_GET_ORIGINAL_EXPORT (AVrfpKernel32Thunks,
  415. AVRF_INDEX_KERNEL32_CREATEFILEW);
  417. if (SHOULD_FAULT_INJECT(CLS_FILE_APIS)) {
  418. CHECK_BREAK (BRK_CREATE_FILE_FAIL);
  419. NtCurrentTeb()->LastErrorValue = ERROR_OUTOFMEMORY;
  420. return INVALID_HANDLE_VALUE;
  421. }
  423. return (* Function) (lpFileName,
  424. dwDesiredAccess,
  425. dwShareMode,
  426. lpSecurityAttributes,
  427. dwCreationDisposition,
  428. dwFlagsAndAttributes,
  429. hTemplateFile);
  430. }
  432. /////////////////////////////////////////////////////////////////////
  433. /////////////////////////////////////////////////////// Registry APIs
  434. /////////////////////////////////////////////////////////////////////
  436. //NTSYSCALLAPI
  437. NTSTATUS
  438. NTAPI
  439. AVrfpNtCreateKey(
  440. OUT PHANDLE KeyHandle,
  441. IN ACCESS_MASK DesiredAccess,
  442. IN POBJECT_ATTRIBUTES ObjectAttributes,
  443. IN ULONG TitleIndex,
  444. IN PUNICODE_STRING Class OPTIONAL,
  445. IN ULONG CreateOptions,
  446. OUT PULONG Disposition OPTIONAL
  447. )
  448. {
  449. NTSTATUS Status;
  451. if (SHOULD_FAULT_INJECT(CLS_REGISTRY_APIS)) {
  452. CHECK_BREAK (BRK_CREATE_KEY_FAIL);
  453. return STATUS_NO_MEMORY;
  454. }
  456. Status = NtCreateKey (KeyHandle,
  457. DesiredAccess,
  458. ObjectAttributes,
  459. TitleIndex,
  460. Class,
  461. CreateOptions,
  462. Disposition);
  464. return Status;
  465. }
  467. //NTSYSCALLAPI
  468. NTSTATUS
  469. NTAPI
  470. AVrfpNtOpenKey(
  471. OUT PHANDLE KeyHandle,
  472. IN ACCESS_MASK DesiredAccess,
  473. IN POBJECT_ATTRIBUTES ObjectAttributes
  474. )
  475. {
  476. NTSTATUS Status;
  478. if (SHOULD_FAULT_INJECT(CLS_REGISTRY_APIS)) {
  479. CHECK_BREAK (BRK_CREATE_KEY_FAIL);
  480. return STATUS_NO_MEMORY;
  481. }
  483. Status = NtOpenKey (KeyHandle,
  484. DesiredAccess,
  485. ObjectAttributes);
  487. return Status;
  488. }
  490. //WINADVAPI
  491. LONG
  492. APIENTRY
  493. AVrfpRegCreateKeyA (
  494. IN HKEY hKey,
  495. IN LPCSTR lpSubKey,
  496. OUT PHKEY phkResult
  497. )
  498. {
  499. typedef LONG (APIENTRY * FUNCTION_TYPE)
  500. (HKEY, LPCSTR, PHKEY);
  502. FUNCTION_TYPE Function;
  504. Function = AVRFP_GET_ORIGINAL_EXPORT (AVrfpAdvapi32Thunks,
  505. AVRF_INDEX_ADVAPI32_REGCREATEKEYA);
  507. if (SHOULD_FAULT_INJECT(CLS_REGISTRY_APIS)) {
  508. CHECK_BREAK (BRK_CREATE_KEY_FAIL);
  509. return ERROR_OUTOFMEMORY;
  510. }
  512. return (* Function) (hKey, lpSubKey, phkResult);
  513. }
  515. //WINADVAPI
  516. LONG
  517. APIENTRY
  518. AVrfpRegCreateKeyW (
  519. IN HKEY hKey,
  520. IN LPCWSTR lpSubKey,
  521. OUT PHKEY phkResult
  522. )
  523. {
  524. typedef LONG (APIENTRY * FUNCTION_TYPE)
  525. (HKEY, LPCWSTR, PHKEY);
  527. FUNCTION_TYPE Function;
  529. Function = AVRFP_GET_ORIGINAL_EXPORT (AVrfpAdvapi32Thunks,
  530. AVRF_INDEX_ADVAPI32_REGCREATEKEYW);
  532. if (SHOULD_FAULT_INJECT(CLS_REGISTRY_APIS)) {
  533. CHECK_BREAK (BRK_CREATE_KEY_FAIL);
  534. return ERROR_OUTOFMEMORY;
  535. }
  537. return (* Function) (hKey, lpSubKey, phkResult);
  538. }
  540. //WINADVAPI
  541. LONG
  542. APIENTRY
  543. AVrfpRegCreateKeyExA (
  544. IN HKEY hKey,
  545. IN LPCSTR lpSubKey,
  546. IN DWORD Reserved,
  547. IN LPSTR lpClass,
  548. IN DWORD dwOptions,
  549. IN REGSAM samDesired,
  550. IN LPSECURITY_ATTRIBUTES lpSecurityAttributes,
  551. OUT PHKEY phkResult,
  552. OUT LPDWORD lpdwDisposition
  553. )
  554. {
  555. typedef LONG (APIENTRY * FUNCTION_TYPE)
  556. (HKEY, LPCSTR, DWORD, LPSTR, DWORD,
  557. REGSAM, LPSECURITY_ATTRIBUTES, PHKEY, LPDWORD);
  559. FUNCTION_TYPE Function;
  561. Function = AVRFP_GET_ORIGINAL_EXPORT (AVrfpAdvapi32Thunks,
  562. AVRF_INDEX_ADVAPI32_REGCREATEKEYEXA);
  564. if (SHOULD_FAULT_INJECT(CLS_REGISTRY_APIS)) {
  565. CHECK_BREAK (BRK_CREATE_KEY_FAIL);
  566. return ERROR_OUTOFMEMORY;
  567. }
  569. return (* Function) (hKey,
  570. lpSubKey,
  571. Reserved,
  572. lpClass,
  573. dwOptions,
  574. samDesired,
  575. lpSecurityAttributes,
  576. phkResult,
  577. lpdwDisposition);
  578. }
  580. //WINADVAPI
  581. LONG
  582. APIENTRY
  583. AVrfpRegCreateKeyExW (
  584. IN HKEY hKey,
  585. IN LPCWSTR lpSubKey,
  586. IN DWORD Reserved,
  587. IN LPWSTR lpClass,
  588. IN DWORD dwOptions,
  589. IN REGSAM samDesired,
  590. IN LPSECURITY_ATTRIBUTES lpSecurityAttributes,
  591. OUT PHKEY phkResult,
  592. OUT LPDWORD lpdwDisposition
  593. )
  594. {
  595. typedef LONG (APIENTRY * FUNCTION_TYPE)
  596. (HKEY, LPCWSTR, DWORD, LPWSTR, DWORD,
  597. REGSAM, LPSECURITY_ATTRIBUTES, PHKEY, LPDWORD);
  599. FUNCTION_TYPE Function;
  601. Function = AVRFP_GET_ORIGINAL_EXPORT (AVrfpAdvapi32Thunks,
  602. AVRF_INDEX_ADVAPI32_REGCREATEKEYEXW);
  604. if (SHOULD_FAULT_INJECT(CLS_REGISTRY_APIS)) {
  605. CHECK_BREAK (BRK_CREATE_KEY_FAIL);
  606. return ERROR_OUTOFMEMORY;
  607. }
  609. return (* Function) (hKey,
  610. lpSubKey,
  611. Reserved,
  612. lpClass,
  613. dwOptions,
  614. samDesired,
  615. lpSecurityAttributes,
  616. phkResult,
  617. lpdwDisposition);
  618. }
  620. //WINADVAPI
  621. LONG
  622. APIENTRY
  623. AVrfpRegOpenKeyA (
  624. IN HKEY hKey,
  625. IN LPCSTR lpSubKey,
  626. OUT PHKEY phkResult
  627. )
  628. {
  629. typedef LONG (APIENTRY * FUNCTION_TYPE)
  630. (HKEY, LPCSTR, PHKEY);
  632. FUNCTION_TYPE Function;
  634. Function = AVRFP_GET_ORIGINAL_EXPORT (AVrfpAdvapi32Thunks,
  635. AVRF_INDEX_ADVAPI32_REGOPENKEYA);
  637. if (SHOULD_FAULT_INJECT(CLS_REGISTRY_APIS)) {
  638. CHECK_BREAK (BRK_CREATE_KEY_FAIL);
  639. return ERROR_OUTOFMEMORY;
  640. }
  642. return (* Function)(hKey, lpSubKey, phkResult);
  643. }
  645. //WINADVAPI
  646. LONG
  647. APIENTRY
  648. AVrfpRegOpenKeyW (
  649. IN HKEY hKey,
  650. IN LPCWSTR lpSubKey,
  651. OUT PHKEY phkResult
  652. )
  653. {
  654. typedef LONG (APIENTRY * FUNCTION_TYPE)
  655. (HKEY, LPCWSTR, PHKEY);
  657. FUNCTION_TYPE Function;
  659. Function = AVRFP_GET_ORIGINAL_EXPORT (AVrfpAdvapi32Thunks,
  660. AVRF_INDEX_ADVAPI32_REGOPENKEYW);
  662. if (SHOULD_FAULT_INJECT(CLS_REGISTRY_APIS)) {
  663. CHECK_BREAK (BRK_CREATE_KEY_FAIL);
  664. return ERROR_OUTOFMEMORY;
  665. }
  667. return (* Function)(hKey, lpSubKey, phkResult);
  668. }
  670. //WINADVAPI
  671. LONG
  672. APIENTRY
  673. AVrfpRegOpenKeyExA (
  674. IN HKEY hKey,
  675. IN LPCSTR lpSubKey,
  676. IN DWORD ulOptions,
  677. IN REGSAM samDesired,
  678. OUT PHKEY phkResult
  679. )
  680. {
  681. typedef LONG (APIENTRY * FUNCTION_TYPE)
  682. (HKEY, LPCSTR, DWORD, REGSAM, PHKEY);
  684. FUNCTION_TYPE Function;
  686. Function = AVRFP_GET_ORIGINAL_EXPORT (AVrfpAdvapi32Thunks,
  687. AVRF_INDEX_ADVAPI32_REGOPENKEYEXA);
  689. if (SHOULD_FAULT_INJECT(CLS_REGISTRY_APIS)) {
  690. CHECK_BREAK (BRK_CREATE_KEY_FAIL);
  691. return ERROR_OUTOFMEMORY;
  692. }
  694. return (* Function) (hKey,
  695. lpSubKey,
  696. ulOptions,
  697. samDesired,
  698. phkResult);
  699. }
  701. //WINADVAPI
  702. LONG
  703. APIENTRY
  704. AVrfpRegOpenKeyExW (
  705. IN HKEY hKey,
  706. IN LPCWSTR lpSubKey,
  707. IN DWORD ulOptions,
  708. IN REGSAM samDesired,
  709. OUT PHKEY phkResult
  710. )
  711. {
  712. typedef LONG (APIENTRY * FUNCTION_TYPE)
  713. (HKEY, LPCWSTR, DWORD, REGSAM, PHKEY);
  715. FUNCTION_TYPE Function;
  717. Function = AVRFP_GET_ORIGINAL_EXPORT (AVrfpAdvapi32Thunks,
  718. AVRF_INDEX_ADVAPI32_REGOPENKEYEXW);
  720. if (SHOULD_FAULT_INJECT(CLS_REGISTRY_APIS)) {
  721. CHECK_BREAK (BRK_CREATE_KEY_FAIL);
  722. return ERROR_OUTOFMEMORY;
  723. }
  725. return (* Function) (hKey,
  726. lpSubKey,
  727. ulOptions,
  728. samDesired,
  729. phkResult);
  730. }
  733. /////////////////////////////////////////////////////////////////////
  734. ///////////////////////////////////////////////// Read/Write File I/O
  735. /////////////////////////////////////////////////////////////////////
  737. //NTSYSCALLAPI
  738. NTSTATUS
  739. NTAPI
  740. AVrfpNtReadFile(
  741. IN HANDLE FileHandle,
  742. IN HANDLE Event OPTIONAL,
  743. IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
  744. IN PVOID ApcContext OPTIONAL,
  745. OUT PIO_STATUS_BLOCK IoStatusBlock,
  746. OUT PVOID Buffer,
  747. IN ULONG Length,
  748. IN PLARGE_INTEGER ByteOffset OPTIONAL,
  749. IN PULONG Key OPTIONAL
  750. )
  751. {
  752. NTSTATUS Status;
  754. //
  755. // Fill the I/O buffer with garbage.
  756. //
  757. // silviuc: should we link this fill to some feature?
  758. // In principle the operation of filling memory is peanuts
  759. // compared with the time taken by the i/o operation.
  760. //
  762. RtlFillMemory (Buffer, Length, 0xFA);
  764. //
  765. // Call original API.
  766. //
  768. Status = NtReadFile (FileHandle,
  769. Event,
  770. ApcRoutine,
  771. ApcContext,
  772. IoStatusBlock,
  773. Buffer,
  774. Length,
  775. ByteOffset,
  776. Key);
  778. //
  779. // Asynchronous operations are delayed a bit. This conceivably
  780. // has good chances to randomize timings in the process.
  781. //
  783. if (Status == STATUS_PENDING) {
  784. if ((AVrfpProvider.VerifierFlags & RTL_VRF_FLG_RACE_CHECKS)) {
  785. AVrfpCreateRandomDelay ();
  786. }
  787. }
  789. return Status;
  790. }
  792. //NTSYSCALLAPI
  793. NTSTATUS
  794. NTAPI
  795. AVrfpNtReadFileScatter(
  796. IN HANDLE FileHandle,
  797. IN HANDLE Event OPTIONAL,
  798. IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
  799. IN PVOID ApcContext OPTIONAL,
  800. OUT PIO_STATUS_BLOCK IoStatusBlock,
  801. IN PFILE_SEGMENT_ELEMENT SegmentArray,
  802. IN ULONG Length,
  803. IN PLARGE_INTEGER ByteOffset OPTIONAL,
  804. IN PULONG Key OPTIONAL
  805. )
  806. {
  807. NTSTATUS Status;
  809. //
  810. // silviuc: we should fill these buffers with garbage too.
  811. //
  813. //
  814. // Call original API.
  815. //
  817. Status = NtReadFileScatter (FileHandle,
  818. Event,
  819. ApcRoutine,
  820. ApcContext,
  821. IoStatusBlock,
  822. SegmentArray,
  823. Length,
  824. ByteOffset,
  825. Key);
  827. //
  828. // Asynchronous operations are delayed a bit. This conceivably
  829. // has good chances to randomize timings in the process.
  830. //
  832. if (Status == STATUS_PENDING) {
  833. if ((AVrfpProvider.VerifierFlags & RTL_VRF_FLG_RACE_CHECKS)) {
  834. AVrfpCreateRandomDelay ();
  835. }
  836. }
  838. return Status;
  839. }
  841. //NTSYSCALLAPI
  842. NTSTATUS
  843. NTAPI
  844. AVrfpNtWriteFile(
  845. IN HANDLE FileHandle,
  846. IN HANDLE Event OPTIONAL,
  847. IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
  848. IN PVOID ApcContext OPTIONAL,
  849. OUT PIO_STATUS_BLOCK IoStatusBlock,
  850. IN PVOID Buffer,
  851. IN ULONG Length,
  852. IN PLARGE_INTEGER ByteOffset OPTIONAL,
  853. IN PULONG Key OPTIONAL
  854. )
  855. {
  856. NTSTATUS Status;
  858. //
  859. // Call original API.
  860. //
  862. Status = NtWriteFile (FileHandle,
  863. Event,
  864. ApcRoutine,
  865. ApcContext,
  866. IoStatusBlock,
  867. Buffer,
  868. Length,
  869. ByteOffset,
  870. Key);
  872. //
  873. // Asynchronous operations are delayed a bit. This conceivably
  874. // has good chances to randomize timings in the process.
  875. //
  877. if (Status == STATUS_PENDING) {
  878. if ((AVrfpProvider.VerifierFlags & RTL_VRF_FLG_RACE_CHECKS)) {
  879. AVrfpCreateRandomDelay ();
  880. }
  881. }
  883. return Status;
  884. }
  886. //NTSYSCALLAPI
  887. NTSTATUS
  888. NTAPI
  889. AVrfpNtWriteFileGather(
  890. IN HANDLE FileHandle,
  891. IN HANDLE Event OPTIONAL,
  892. IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
  893. IN PVOID ApcContext OPTIONAL,
  894. OUT PIO_STATUS_BLOCK IoStatusBlock,
  895. IN PFILE_SEGMENT_ELEMENT SegmentArray,
  896. IN ULONG Length,
  897. IN PLARGE_INTEGER ByteOffset OPTIONAL,
  898. IN PULONG Key OPTIONAL
  899. )
  900. {
  901. NTSTATUS Status;
  903. //
  904. // Call original API.
  905. //
  907. Status = NtWriteFileGather (FileHandle,
  908. Event,
  909. ApcRoutine,
  910. ApcContext,
  911. IoStatusBlock,
  912. SegmentArray,
  913. Length,
  914. ByteOffset,
  915. Key);
  917. //
  918. // Asynchronous operations are delayed a bit. This conceivably
  919. // has good chances to randomize timings in the process.
  920. //
  922. if (Status == STATUS_PENDING) {
  923. if ((AVrfpProvider.VerifierFlags & RTL_VRF_FLG_RACE_CHECKS)) {
  924. AVrfpCreateRandomDelay ();
  925. }
  926. }
  928. return Status;
  929. }
  932. /////////////////////////////////////////////////////////////////////
  933. ////////////////////////////////////////////////// Tick count overlap
  934. /////////////////////////////////////////////////////////////////////
  936. //
  937. // Special value so that the counter will overlap in 5 mins.
  938. //
  940. DWORD AVrfpTickCountOffset = 0xFFFFFFFF - 5 * 60 * 1000;
  942. //WINBASEAPI
  943. DWORD
  944. WINAPI
  945. AVrfpGetTickCount(
  946. VOID
  947. )
  948. {
  949. typedef DWORD (WINAPI * FUNCTION_TYPE) (VOID);
  950. FUNCTION_TYPE Function;
  951. DWORD Result;
  953. Function = AVRFP_GET_ORIGINAL_EXPORT (AVrfpKernel32Thunks,
  954. AVRF_INDEX_KERNEL32_GETTICKCOUNT);
  956. Result = (* Function) ();
  958. if ((AVrfpProvider.VerifierFlags & RTL_VRF_FLG_MISCELLANEOUS_CHECKS)) {
  960. return Result + AVrfpTickCountOffset;
  961. }
  962. else {
  964. return Result;
  965. }
  966. }