archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/base/wow64/wow64log/wow64log.c

1061 lines
23 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1999 Microsoft Corporation
  5. Module Name:
  7. wow64log.c
  9. Abstract:
  11. Main entrypoints for wow64log.dll. To add a data type handler :
  12. 1- Define a LOGDATATYPE for the data to log in w64logp.h
  13. 2- Implement the data type handler using the standard interface
  14. NTSTATUS
  15. LogDataType(IN OUT PLOGINFO LogInfo,
  16. IN ULONG_PTR Data,
  17. IN PSZ FieldName,
  18. IN BOOLEAN ServiceReturn);
  19. 3- Insert the handler into LogDataType[] below.
  22. Author:
  24. 03-Oct-1999 SamerA
  26. Revision History:
  28. --*/
  30. #include "w64logp.h"
  33. /// Public
  35. //
  36. // Control logging flags
  37. //
  38. UINT_PTR Wow64LogFlags;
  39. HANDLE Wow64LogFileHandle;
  43. /// Private
  45. //
  46. // Hold an array of pointers to each system service DebugThunkInfo
  47. //
  48. PULONG_PTR *LogNtBase;
  49. PULONG_PTR *LogWin32;
  50. PULONG_PTR *LogConsole;
  51. PULONG_PTR *LogBase;
  54. //
  55. // NOTE : The order entries in this table should match the LOGTYPE enum in
  56. // w64logp.h.
  57. //
  58. LOGDATATYPE LogDataType[] =
  59. {
  60. {LogTypeValue}, // TypeHex
  61. {LogTypePULongInOut}, // TypePULongPtrInOut
  62. {LogTypePULongOut}, // TypePULONGOut
  63. {LogTypePULongOut}, // TypePHandleOut
  64. {LogTypeUnicodeString}, // TypeUnicodeStringIn
  65. {LogTypeObjectAttrbiutes}, // TypeObjectAttributesIn
  66. {LogTypeIoStatusBlock}, // TypeIoStatusBlockOut
  67. {LogTypePWStr}, // TypePwstrIn
  68. {LogTypePRectIn}, // TypePRectIn
  69. {LogTypePLargeIntegerIn}, // TypePLargeIntegerIn
  70. };
  77. WOW64LOGAPI
  78. NTSTATUS
  79. Wow64LogInitialize(
  80. VOID)
  81. /*++
  83. Routine Description:
  85. This function is called by wow64.dll to initialize wow64 logging
  86. subsystem.
  88. Arguments:
  90. None
  92. Return Value:
  94. NTSTATUS
  95. --*/
  96. {
  97. ULONG NtBaseTableSize, Win32TableSize, ConsoleTableSize, BaseTableSize;
  98. PULONG_PTR *Win32ThunkDebugInfo;
  99. PULONG_PTR *ConsoleThunkDebugInfo;
  100. UNICODE_STRING Log2Name;
  101. PVOID Log2Handle;
  102. NTSTATUS st;
  104. //
  105. // Initialize the logging file handle
  106. //
  107. Wow64LogFileHandle = INVALID_HANDLE_VALUE;
  109. //
  110. // Initialize the logging flags
  111. //
  112. LogInitializeFlags(&Wow64LogFlags);
  113. WOW64LOGOUTPUT((LF_TRACE, "Wow64LogInitialize - Wow64LogFlags = %I64x\n", Wow64LogFlags));
  115. //
  116. // Load the Win32 logging DLL if available.
  117. //
  118. RtlInitUnicodeString(&Log2Name, L"wow64lg2.dll");
  119. st = LdrLoadDll(NULL, NULL, &Log2Name, &Log2Handle);
  120. if (NT_SUCCESS(st)) {
  121. ANSI_STRING ExportName;
  123. RtlInitAnsiString(&ExportName, "Win32ThunkDebugInfo");
  124. st = LdrGetProcedureAddress(Log2Handle, &ExportName, 0, &(PVOID)Win32ThunkDebugInfo);
  125. if (NT_SUCCESS(st)) {
  126. RtlInitAnsiString(&ExportName, "ConsoleThunkDebugInfo");
  127. st = LdrGetProcedureAddress(Log2Handle, &ExportName, 0, &(PVOID)ConsoleThunkDebugInfo);
  128. }
  129. }
  130. if (!NT_SUCCESS(st)) {
  131. Log2Handle = NULL;
  132. Win32ThunkDebugInfo = NULL;
  133. ConsoleThunkDebugInfo = NULL;
  134. }
  136. //
  137. // Build pointers to the debug thunk info for each
  138. // system service
  139. //
  141. NtBaseTableSize = GetThunkDebugTableSize(
  142. (PTHUNK_DEBUG_INFO)NtThunkDebugInfo);
  143. BaseTableSize = GetThunkDebugTableSize(
  144. (PTHUNK_DEBUG_INFO)BaseThunkDebugInfo);
  145. if (Log2Handle) {
  146. Win32TableSize = GetThunkDebugTableSize(
  147. (PTHUNK_DEBUG_INFO)Win32ThunkDebugInfo);
  148. ConsoleTableSize = GetThunkDebugTableSize(
  149. (PTHUNK_DEBUG_INFO)ConsoleThunkDebugInfo);
  150. } else {
  151. Win32TableSize = 0;
  152. ConsoleTableSize = 0;
  153. }
  155. LogNtBase = (PULONG_PTR *)Wow64AllocateHeap((NtBaseTableSize + Win32TableSize + ConsoleTableSize + BaseTableSize) *
  156. sizeof(PULONG_PTR) );
  158. if (!LogNtBase)
  159. {
  160. WOW64LOGOUTPUT((LF_ERROR, "Wow64LogInitialize - Wow64AllocateHeap failed\n"));
  161. return STATUS_UNSUCCESSFUL;
  162. }
  164. LogWin32 = LogNtBase + NtBaseTableSize;
  165. LogConsole = LogWin32 + Win32TableSize;
  166. LogBase = LogConsole + ConsoleTableSize;
  168. BuildDebugThunkInfo((PTHUNK_DEBUG_INFO)NtThunkDebugInfo, LogNtBase);
  169. BuildDebugThunkInfo((PTHUNK_DEBUG_INFO)BaseThunkDebugInfo, LogBase);
  170. if (Log2Handle) {
  171. BuildDebugThunkInfo((PTHUNK_DEBUG_INFO)Win32ThunkDebugInfo, LogWin32);
  172. BuildDebugThunkInfo((PTHUNK_DEBUG_INFO)ConsoleThunkDebugInfo, LogConsole);
  173. }
  175. return STATUS_SUCCESS;
  176. }
  180. WOW64LOGAPI
  181. NTSTATUS
  182. Wow64LogTerminate(
  183. VOID)
  184. /*++
  186. Routine Description:
  188. This function is called by wow64.dll when the process is exiting.
  190. Arguments:
  192. None
  194. Return Value:
  196. NTSTATUS
  197. --*/
  198. {
  199. IO_STATUS_BLOCK IoStatusBlock;
  201. if (Wow64LogFileHandle != INVALID_HANDLE_VALUE)
  202. {
  203. NtFlushBuffersFile(Wow64LogFileHandle, &IoStatusBlock);
  204. NtClose(Wow64LogFileHandle);
  205. }
  207. return STATUS_SUCCESS;
  208. }
  212. NTSTATUS
  213. LogInitializeFlags(
  214. IN OUT PUINT_PTR Flags)
  215. /*++
  217. Routine Description:
  219. Reads the logging flags from the registry
  221. Arguments:
  223. Flags - Pointer to receive logging flags
  225. Return Value:
  227. NTSTATUS
  228. --*/
  229. {
  230. HANDLE Key;
  231. UNICODE_STRING KeyName, ValueName, ResultValue;
  232. OBJECT_ATTRIBUTES ObjectAttributes;
  233. WCHAR KeyValueBuffer[ 128 ];
  234. PKEY_VALUE_PARTIAL_INFORMATION KeyValueInformation;
  235. ULONG ResultLength, RegFlags;
  236. NTSTATUS NtStatus;
  239. //
  240. // Punch in the default
  241. //
  242. *Flags = LF_DEFAULT;
  244. KeyValueInformation = (PKEY_VALUE_PARTIAL_INFORMATION)KeyValueBuffer;
  246. RtlInitUnicodeString(&KeyName,
  247. L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\Session Manager");
  249. InitializeObjectAttributes(&ObjectAttributes,
  250. &KeyName,
  251. OBJ_CASE_INSENSITIVE,
  252. NULL,
  253. NULL);
  255. NtStatus = NtOpenKey(&Key, KEY_READ, &ObjectAttributes);
  257. if (NT_SUCCESS(NtStatus))
  258. {
  259. RtlInitUnicodeString(&ValueName, L"WOW64LOGFLAGS");
  260. NtStatus = NtQueryValueKey(Key,
  261. &ValueName,
  262. KeyValuePartialInformation,
  263. KeyValueInformation,
  264. sizeof(KeyValueBuffer),
  265. &ResultLength);
  267. if (NT_SUCCESS(NtStatus))
  268. {
  269. if ((KeyValueInformation->Type == REG_DWORD) &&
  270. (KeyValueInformation->DataLength == sizeof(DWORD)))
  271. {
  272. *Flags = *((PULONG)KeyValueInformation->Data);
  273. }
  274. }
  275. }
  277. return NtStatus;
  278. }
  281. ULONG
  282. GetThunkDebugTableSize(
  283. IN PTHUNK_DEBUG_INFO DebugInfoTable)
  284. /*++
  286. Routine Description:
  288. This routine retreives the number of DebugThunkInfo entries
  289. in the passed table.
  291. Arguments:
  293. DebugInfoTable - Pointer to services debug info
  295. Return Value:
  297. Number of entries
  298. --*/
  299. {
  300. ULONG Count = 0;
  302. while (DebugInfoTable && DebugInfoTable->ApiName)
  303. {
  304. Count++;
  305. DebugInfoTable = (PTHUNK_DEBUG_INFO)
  306. &DebugInfoTable->Arg[DebugInfoTable->NumberOfArg];
  307. }
  309. return Count;
  310. }
  314. NTSTATUS
  315. BuildDebugThunkInfo(
  316. IN PTHUNK_DEBUG_INFO DebugInfoTable,
  317. OUT PULONG_PTR *LogTable)
  318. /*++
  320. Routine Description:
  322. This routine fills a service-table-indexed with pointers
  323. to the corresponding DebugThunkInfo
  325. Arguments:
  327. DebugInfoTable - Services debug info
  328. LogTable - Table of pointers to fill
  331. Return Value:
  333. NTSTATUS
  334. --*/
  335. {
  336. ULONG i=0;
  338. while (DebugInfoTable && DebugInfoTable->ApiName)
  339. {
  340. LogTable[i++] = (PULONG_PTR) DebugInfoTable;
  342. DebugInfoTable = (PTHUNK_DEBUG_INFO)
  343. &DebugInfoTable->Arg[DebugInfoTable->NumberOfArg];
  344. }
  346. return STATUS_SUCCESS;
  347. }
  352. NTSTATUS
  353. LogApiHeader(
  354. PTHUNK_DEBUG_INFO ThunkDebugInfo,
  355. PLOGINFO LogInfo,
  356. BOOLEAN ServiceReturn,
  357. ULONG_PTR ReturnResult,
  358. ULONG_PTR ReturnAddress)
  359. /*++
  361. Routine Description:
  363. Log the Thunked API header
  365. Arguments:
  367. ThunkDebugInfo - Pointer to service log info
  368. LogInfo - Logging Info
  369. ServiceReturn - TRUE if called after the thunk API has executed
  370. ReturnResult - Result code returned from the API
  371. ReturnAddress - Return address of for this thunked call
  373. Return Value:
  375. NTSTATUS
  376. --*/
  377. {
  378. if (ServiceReturn)
  379. {
  380. return LogFormat(LogInfo,
  381. "wh%s: Ret=%lx-%lx: ",
  382. ThunkDebugInfo->ApiName,
  383. ReturnResult,
  384. ReturnAddress);
  385. }
  387. return LogFormat(LogInfo,
  388. "%8.8X-wh%s: ",
  389. PtrToUlong(NtCurrentTeb()->ClientId.UniqueThread),
  390. ThunkDebugInfo->ApiName);
  391. }
  395. NTSTATUS
  396. LogApiParameters(
  397. IN OUT PLOGINFO LogInfo,
  398. IN PULONG Stack32,
  399. IN PTHUNK_DEBUG_INFO ThunkDebugInfo,
  400. IN BOOLEAN ServiceReturn)
  401. /*++
  403. Routine Description:
  405. Log the Thunked API Parameters
  407. Arguments:
  409. LogInfo - Output log buffer
  410. Stack32 - Pointer to 32-bit arg stack
  411. ThunkDebugInfo - Pointer to service log info for the API
  412. ServiceReturn - TRUE if called after the Thunk API has executed
  414. Return Value:
  416. NTSTATUS
  417. --*/
  418. {
  419. UINT_PTR i=0;
  421. //
  422. // Loops thru the parameters
  423. //
  424. while (i < ThunkDebugInfo->NumberOfArg)
  425. {
  426. _try
  427. {
  428. LogDataType[ThunkDebugInfo->Arg[i].Type].Handler(
  429. LogInfo,
  430. Stack32[i],
  431. ThunkDebugInfo->Arg[i].Name,
  432. ServiceReturn);
  433. }
  434. _except(EXCEPTION_EXECUTE_HANDLER)
  435. {
  436. //
  437. // Log the bad parameters
  438. //
  439. LogFormat(LogInfo,
  440. "%s=%lx-%ws ",
  441. ThunkDebugInfo->Arg[i].Name,
  442. Stack32[i],
  443. L"(BAD)");
  444. }
  445. i++;
  446. }
  448. return STATUS_SUCCESS;
  449. }
  454. NTSTATUS
  455. LogThunkApi(
  456. IN PTHUNK_LOG_CONTEXT ThunkLogContext,
  457. IN PTHUNK_DEBUG_INFO ThunkDebugInfo,
  458. IN UINT_PTR LogFullInfo)
  459. /*++
  461. Routine Description:
  463. Log the Thunked API
  465. Arguments:
  467. ThunkLogContext - Thunk API log context
  468. ThunkDebugInfo - Pointer to service log info for the API
  469. LogFullInfo - Flag whther to log all the API info or just the name
  471. Return Value:
  473. NTSTATUS
  474. --*/
  475. {
  476. NTSTATUS NtStatus;
  477. CHAR szBuf[ MAX_LOG_BUFFER ];
  478. LOGINFO LogInfo;
  479. PULONG Stack32 = ThunkLogContext->Stack32;
  480. BOOLEAN ServiceReturn = ThunkLogContext->ServiceReturn;
  483. //
  484. // Initialize the log buffer
  485. //
  486. LogInfo.OutputBuffer = szBuf;
  487. LogInfo.BufferSize = MAX_LOG_BUFFER - 1;
  489. //
  490. // Log API header
  491. //
  492. NtStatus = LogApiHeader(ThunkDebugInfo,
  493. &LogInfo,
  494. ServiceReturn,
  495. ThunkLogContext->ReturnResult,
  496. *(Stack32-1));
  498. if (!NT_SUCCESS(NtStatus))
  499. {
  500. return NtStatus;
  501. }
  503. // Log Parameters
  504. if (LogFullInfo)
  505. {
  506. NtStatus = LogApiParameters(&LogInfo,
  507. Stack32,
  508. ThunkDebugInfo,
  509. ServiceReturn);
  510. if (!NT_SUCCESS(NtStatus))
  511. {
  512. return NtStatus;
  513. }
  514. }
  516. //
  517. // Do actual output
  518. //
  519. LogInfo.OutputBuffer[0] = '\0';
  520. LogOut(szBuf, Wow64LogFlags);
  521. LogOut("\r\n", Wow64LogFlags);
  523. return NtStatus;
  524. }
  529. WOW64LOGAPI
  530. NTSTATUS
  531. Wow64LogSystemService(
  532. IN PTHUNK_LOG_CONTEXT ThunkLogContext)
  533. /*++
  535. Routine Description:
  537. Logs information for the specified system service.
  539. Arguments:
  541. LogContext - Thunk API log context
  543. Return Value:
  545. NTSTATUS
  546. --*/
  547. {
  548. NTSTATUS NtStatus;
  549. PTHUNK_DEBUG_INFO ThunkDebugInfo;
  550. ULONG_PTR TableNumber = ThunkLogContext->TableNumber;
  551. ULONG_PTR ServiceNumber = ThunkLogContext->ServiceNumber;
  552. UINT_PTR LogFullInfo;
  554. //
  555. // Use try except !!
  556. //
  558. _try
  559. {
  560. switch(TableNumber)
  561. {
  562. case WHNT32_INDEX:
  563. if (!LF_NTBASE_ENABLED(Wow64LogFlags))
  564. {
  565. return STATUS_SUCCESS;
  566. }
  567. LogFullInfo = (Wow64LogFlags & LF_NTBASE_FULL);
  568. ThunkDebugInfo = (PTHUNK_DEBUG_INFO)LogNtBase[ServiceNumber];
  569. break;
  571. case WHCON_INDEX:
  572. if (!LF_NTCON_ENABLED(Wow64LogFlags) || LogConsole == NULL)
  573. {
  574. return STATUS_SUCCESS;
  575. }
  576. LogFullInfo = (Wow64LogFlags & LF_NTCON_FULL);
  577. ThunkDebugInfo = (PTHUNK_DEBUG_INFO)LogConsole[ServiceNumber];
  578. break;
  580. case WHWIN32_INDEX:
  581. if (!LF_WIN32_ENABLED(Wow64LogFlags) || LogWin32 == NULL)
  582. {
  583. return STATUS_SUCCESS;
  584. }
  585. LogFullInfo = (Wow64LogFlags & LF_WIN32_FULL);
  586. ThunkDebugInfo = (PTHUNK_DEBUG_INFO)LogWin32[ServiceNumber];
  587. break;
  589. case WHBASE_INDEX:
  590. if (!LF_BASE_ENABLED(Wow64LogFlags))
  591. {
  592. return STATUS_SUCCESS;
  593. }
  594. LogFullInfo = (Wow64LogFlags & LF_BASE_FULL);
  595. ThunkDebugInfo = (PTHUNK_DEBUG_INFO)LogBase[ServiceNumber];
  596. break;
  598. default: // invalid service table
  599. WOW64LOGOUTPUT((LF_ERROR, "Wow64LogSystemService: Not supported table number - %lx\n", TableNumber));
  600. return STATUS_UNSUCCESSFUL;
  601. break;
  602. }
  604. NtStatus = LogThunkApi(ThunkLogContext,
  605. ThunkDebugInfo,
  606. LogFullInfo);
  607. }
  608. _except(EXCEPTION_EXECUTE_HANDLER)
  609. {
  610. WOW64LOGOUTPUT((LF_EXCEPTION, "Wow64LogSystemService : Invalid Service ServiceTable = %lx, ServiceNumber = %lx. Status=%lx\n",
  611. TableNumber, ServiceNumber, GetExceptionCode()));
  612. NtStatus = GetExceptionCode();
  613. }
  615. return NtStatus;
  616. }
  621. //////////////////////////////////////////////////////////////////////////
  622. //
  623. // DATA TYPE LOGGING ROUTINES
  624. //
  625. ///////////////////////////////////////////////////////////////////////////
  627. NTSTATUS
  628. LogTypeValue(
  629. IN OUT PLOGINFO LogInfo,
  630. IN ULONG_PTR Data,
  631. IN PSZ FieldName,
  632. IN BOOLEAN ServiceReturn)
  633. /*++
  635. Routine Description:
  637. Log Data as ULONG
  639. Arguments:
  642. LogInfo - Output log buffer
  643. Data - Value to log
  644. FieldName - Descriptive name of value to log
  645. ServiceReturn - TRUE if called after the thunk API has executed
  647. Return Value:
  649. NTSTATUS
  650. --*/
  651. {
  652. if (ServiceReturn)
  653. {
  654. return STATUS_SUCCESS;
  655. }
  657. return LogFormat(LogInfo,
  658. "%s=%lx ",
  659. FieldName,
  660. (ULONG)Data);
  661. }
  665. NTSTATUS
  666. LogTypeUnicodeString(
  667. IN OUT PLOGINFO LogInfo,
  668. IN ULONG_PTR Data,
  669. IN PSZ FieldName,
  670. IN BOOLEAN ServiceReturn)
  671. /*++
  673. Routine Description:
  675. Log Data as UNICODE_STRING32
  677. Arguments:
  680. LogInfo - Output log buffer
  681. Data - Value to log
  682. FieldName - Descriptive name of value to log
  683. ServiceReturn - TRUE if called after the thunk API has executed
  685. Return Value:
  687. NTSTATUS
  688. --*/
  689. {
  690. UNICODE_STRING32 *Name32;
  691. PWCHAR Buffer = L" ";
  693. if (ServiceReturn)
  694. {
  695. return STATUS_SUCCESS;
  696. }
  698. Name32 = (UNICODE_STRING32 *)Data;
  699. if (Data > 0xffff)
  700. {
  701. if (Name32->Buffer)
  702. {
  703. Buffer = (PWCHAR)Name32->Buffer;
  704. }
  705. if (Name32->Length && Name32->Buffer > 0xffff) {
  706. return LogFormat(LogInfo,
  707. "%s=%ws ",
  708. FieldName,
  709. Buffer);
  710. } else {
  711. return LogFormat(LogInfo,
  712. "%s={L=%x,M=%x,B=%x}",
  713. FieldName,
  714. Name32->Length,
  715. Name32->MaximumLength,
  716. Name32->Buffer);
  717. }
  718. }
  720. return LogFormat(LogInfo,
  721. "%s=%x",
  722. FieldName,
  723. Name32);
  724. }
  727. NTSTATUS
  728. LogTypePULongInOut(
  729. IN OUT PLOGINFO LogInfo,
  730. IN ULONG_PTR Data,
  731. IN PSZ FieldName,
  732. IN BOOLEAN ServiceReturn)
  733. /*++
  735. Routine Description:
  737. Log Data as PULONG
  739. Arguments:
  742. LogInfo - Output log buffer
  743. Data - Value to log
  744. FieldName - Descriptive name of value to log
  745. ServiceReturn - TRUE if called after the thunk API has executed
  747. Return Value:
  749. NTSTATUS
  750. --*/
  751. {
  752. return LogFormat(LogInfo,
  753. "[%s-%lx]=%lx ",
  754. FieldName,
  755. (ULONG)Data,
  756. ((PULONG)Data ? *((PULONG)Data) : 0));
  757. }
  761. NTSTATUS
  762. LogTypePULongOut(
  763. IN OUT PLOGINFO LogInfo,
  764. IN ULONG_PTR Data,
  765. IN PSZ FieldName,
  766. IN BOOLEAN ServiceReturn)
  767. /*++
  769. Routine Description:
  771. Log Data as PULONG (Out field)
  773. Arguments:
  776. LogInfo - Output log buffer
  777. Data - Value to log
  778. FieldName - Descriptive name of value to log
  779. ServiceReturn - TRUE if called after the thunk API has executed
  781. Return Value:
  783. NTSTATUS
  784. --*/
  785. {
  786. if (ServiceReturn)
  787. {
  788. return LogFormat(LogInfo,
  789. "[%s-%lx]=%lx ",
  790. FieldName,
  791. (PULONG)Data,
  792. ((PULONG)Data ? *(PULONG)Data : 0));
  793. }
  795. return LogFormat(LogInfo,
  796. "%s=%lx ",
  797. FieldName,
  798. (PULONG)Data);
  799. }
  802. NTSTATUS
  803. LogTypeObjectAttrbiutes(
  804. IN OUT PLOGINFO LogInfo,
  805. IN ULONG_PTR Data,
  806. IN PSZ FieldName,
  807. IN BOOLEAN ServiceReturn)
  808. /*++
  810. Routine Description:
  812. Log Data as POBJECT_ATTRIBUTES
  814. Arguments:
  817. LogInfo - Output log buffer
  818. Data - Value to log
  819. FieldName - Descriptive name of value to log
  820. ServiceReturn - TRUE if called after the thunk API has executed
  822. Return Value:
  824. NTSTATUS
  825. --*/
  826. {
  827. NT32OBJECT_ATTRIBUTES *ObjA32;
  828. UNICODE_STRING32 *ObjectName = NULL;
  829. PWCHAR Buffer = L"";
  831. if (ServiceReturn)
  832. {
  833. return STATUS_SUCCESS;
  834. }
  836. ObjA32 = (NT32OBJECT_ATTRIBUTES *)Data;
  837. if (ObjA32)
  838. {
  839. ObjectName = (UNICODE_STRING32 *)ObjA32->ObjectName;
  840. if (ObjectName)
  841. {
  842. if (ObjectName->Buffer)
  843. {
  844. Buffer = (PWCHAR)ObjectName->Buffer;
  845. }
  846. }
  847. }
  850. return LogFormat(LogInfo,
  851. "%s=%lx {N=%ws,A=%lx} ",
  852. FieldName,
  853. (PULONG)Data,
  854. Buffer,
  855. (ObjA32 ? ObjA32->Attributes : 0));
  856. }
  859. NTSTATUS
  860. LogTypeIoStatusBlock(
  861. IN OUT PLOGINFO LogInfo,
  862. IN ULONG_PTR Data,
  863. IN PSZ FieldName,
  864. IN BOOLEAN ServiceReturn)
  865. /*++
  867. Routine Description:
  869. Log Data as IO_STATUS_BLOCK
  871. Arguments:
  874. LogInfo - Output log buffer
  875. Data - Value to log
  876. FieldName - Descriptive name of value to log
  877. ServiceReturn - TRUE if called after the thunk API has executed
  879. Return Value:
  881. NTSTATUS
  882. --*/
  883. {
  884. if (ServiceReturn)
  885. {
  886. PIO_STATUS_BLOCK32 StatusBlock32 = (PIO_STATUS_BLOCK32)Data;
  888. return LogFormat(LogInfo,
  889. "%s={S=%lx,I=%lx} ",
  890. FieldName,
  891. (PULONG)Data,
  892. (StatusBlock32 ? StatusBlock32->Status : 0),
  893. (StatusBlock32 ? StatusBlock32->Information : 0));
  894. }
  896. return LogFormat(LogInfo,
  897. "%s=%lx ",
  898. FieldName,
  899. (PULONG)Data);
  900. }
  902. NTSTATUS
  903. LogTypePWStr(
  904. IN OUT PLOGINFO LogInfo,
  905. IN ULONG_PTR Data,
  906. IN PSZ FieldName,
  907. IN BOOLEAN ServiceReturn)
  908. /*++
  910. Routine Description:
  912. Log Data as PWSTR
  914. Arguments:
  917. LogInfo - Output log buffer
  918. Data - Value to log
  919. FieldName - Descriptive name of value to log
  920. ServiceReturn - TRUE if called after the thunk API has executed
  922. Return Value:
  924. NTSTATUS
  925. --*/
  926. {
  927. ULONG_PTR i;
  928. WCHAR Buffer[ 14 ];
  929. PWSTR String = (PWSTR) Data;
  931. if (ServiceReturn)
  932. {
  933. return STATUS_SUCCESS;
  934. }
  936. //
  937. // Sometime this type is treated as a pointer
  938. // to WCHARs without NULL terminating it, like
  939. // how it's used in NtGdiExtTextOutW, so let's dump
  940. // a minimal string
  941. //
  942. if (Data)
  943. {
  944. i = 0;
  945. while((i < ((sizeof(Buffer) / sizeof(WCHAR)) - 4)) && (String[i]))
  946. {
  947. Buffer[i] = String[i];
  948. i++;
  949. }
  951. if (i == ((sizeof(Buffer) / sizeof(WCHAR)) - 4))
  952. {
  953. Buffer[i++] = L'.';
  954. Buffer[i++] = L'.';
  955. Buffer[i++] = L'.';
  956. }
  957. Buffer[i++] = UNICODE_NULL;
  958. }
  961. return LogFormat(LogInfo,
  962. "%s=%ws ",
  963. FieldName,
  964. (Data > 0xffff) ? Buffer : L"");
  965. }
  969. NTSTATUS
  970. LogTypePRectIn(
  971. IN OUT PLOGINFO LogInfo,
  972. IN ULONG_PTR Data,
  973. IN PSZ FieldName,
  974. IN BOOLEAN ServiceReturn)
  975. /*++
  977. Routine Description:
  979. Log Data as PWSTR
  981. Arguments:
  984. LogInfo - Output log buffer
  985. Data - Value to log
  986. FieldName - Descriptive name of value to log
  987. ServiceReturn - TRUE if called after the thunk API has executed
  989. Return Value:
  991. NTSTATUS
  992. --*/
  993. {
  994. if (ServiceReturn)
  995. {
  996. return STATUS_SUCCESS;
  997. }
  999. if (Data)
  1000. {
  1001. PRECT Rect = (PRECT)Data;
  1002. return LogFormat(LogInfo,
  1003. "%s={%lx,%lx,%lx,%lx} ",
  1004. FieldName,
  1005. Rect->left, Rect->top, Rect->right, Rect->bottom);
  1007. }
  1009. return LogTypeValue(LogInfo,
  1010. Data,
  1011. FieldName,
  1012. ServiceReturn);
  1013. }
  1017. NTSTATUS
  1018. LogTypePLargeIntegerIn(
  1019. IN OUT PLOGINFO LogInfo,
  1020. IN ULONG_PTR Data,
  1021. IN PSZ FieldName,
  1022. IN BOOLEAN ServiceReturn)
  1023. /*++
  1025. Routine Description:
  1027. Log Data as PLARGE_INTEGER
  1029. Arguments:
  1032. LogInfo - Output log buffer
  1033. Data - Value to log
  1034. FieldName - Descriptive name of value to log
  1035. ServiceReturn - TRUE if called after the thunk API has executed
  1037. Return Value:
  1039. NTSTATUS
  1040. --*/
  1041. {
  1042. if (ServiceReturn)
  1043. {
  1044. return STATUS_SUCCESS;
  1045. }
  1047. if (Data)
  1048. {
  1049. NT32ULARGE_INTEGER *ULargeInt = (NT32ULARGE_INTEGER *)Data;
  1050. return LogFormat(LogInfo,
  1051. "%s={H=%lx,L=%lx} ",
  1052. FieldName,
  1053. ULargeInt->HighPart, ULargeInt->LowPart);
  1055. }
  1057. return LogTypeValue(LogInfo,
  1058. Data,
  1059. FieldName,
  1060. ServiceReturn);
  1061. }