archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 9769ad7c3d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9769ad7c3d'
${ noResults }
windows-xp/Source/XPSP1/NT/base/win32/verifier/support.c

468 lines
8.9 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1989 Microsoft Corporation
  5. Module Name:
  7. support.c
  9. Abstract:
  11. This module implements internal support for the verification code.
  13. Author:
  15. Silviu Calinoiu (SilviuC) 1-Mar-2001
  17. Revision History:
  19. --*/
  21. #include "pch.h"
  23. #include "verifier.h"
  24. #include "support.h"
  26. //
  27. // Security checks
  28. //
  30. VOID
  31. CheckObjectAttributes (
  32. POBJECT_ATTRIBUTES Object
  33. )
  34. {
  35. if (Object /* && Object->ObjectName */) {
  37. if (Object->ObjectName == NULL) {
  38. DbgPrint ("Object attributes @ %p with null name \n", Object);
  39. DbgBreakPoint ();
  40. }
  42. if (Object->SecurityDescriptor == NULL) {
  43. DbgPrint ("Object attributes @ %p with null security descriptor \n", Object);
  44. DbgBreakPoint ();
  45. }
  46. }
  47. }
  49. //
  50. // Handle management
  51. //
  53. LIST_ENTRY HandleList;
  54. RTL_CRITICAL_SECTION HandleLock;
  56. ULONG HandleBreakOnDelayed = 1;
  58. VOID
  59. HandleInitialize (
  60. )
  61. {
  62. InitializeListHead (&HandleList);
  63. RtlInitializeCriticalSection (&HandleLock);
  64. }
  67. PAVRF_HANDLE
  68. HandleFind (
  69. HANDLE Handle
  70. )
  71. {
  72. PLIST_ENTRY Current;
  73. PAVRF_HANDLE Entry;
  75. RtlEnterCriticalSection (&HandleLock);
  77. Current = HandleList.Flink;
  79. while (Current != &HandleList) {
  81. Entry = CONTAINING_RECORD (Current,
  82. AVRF_HANDLE,
  83. Links);
  85. Current = Current->Flink;
  87. if (Entry->Handle == Handle) {
  88. RtlLeaveCriticalSection (&HandleLock);
  89. return Entry;
  90. }
  91. }
  93. RtlLeaveCriticalSection (&HandleLock);
  94. return NULL;
  95. }
  98. PWSTR
  99. HandleName (
  100. PAVRF_HANDLE Handle
  101. )
  102. {
  103. if (Handle) {
  105. if (Handle->Name) {
  106. return Handle->Name;
  107. }
  108. else {
  110. if (Handle->Delayed) {
  111. return L"<noname:ntdll>";
  112. }
  113. else {
  114. return L"<noname>";
  115. }
  116. }
  117. }
  119. return L"<null>";
  120. }
  123. PAVRF_HANDLE
  124. HandleAdd (
  125. HANDLE Handle,
  126. ULONG Type,
  127. BOOLEAN Delayed,
  128. PWSTR Name,
  129. PVOID Context
  130. )
  131. {
  132. PLIST_ENTRY Current;
  133. PAVRF_HANDLE Entry;
  134. PWSTR NameCopy;
  135. ULONG Hash;
  137. if (HandleBreakOnDelayed && Delayed) {
  139. DbgPrint (" --- dumping ... %p \n", HandleList.Flink);
  140. HandleDump (NULL);
  141. DbgPrint ("AVRF: undetected handle \n");
  142. DbgBreakPoint ();
  143. }
  145. Entry = (PAVRF_HANDLE) RtlAllocateHeap (RtlProcessHeap(),
  146. 0,
  147. sizeof *Entry);
  149. if (Entry == NULL) {
  150. return NULL;
  151. }
  153. if (Name) {
  155. NameCopy = (PWSTR) RtlAllocateHeap (RtlProcessHeap(),
  156. 0,
  157. 2 * (wcslen(Name) + 1));
  160. if (NameCopy == NULL) {
  161. RtlFreeHeap (RtlProcessHeap(), 0, Entry);
  162. return NULL;
  163. }
  165. wcscpy (NameCopy, Name);
  166. }
  167. else {
  168. NameCopy = NULL;
  169. }
  171. RtlZeroMemory (Entry, sizeof *Entry);
  173. Entry->Handle = Handle;
  174. Entry->Type = Type;
  175. Entry->Delayed = Delayed ? 1 : 0;
  176. Entry->Context = Context;
  177. Entry->Name = NameCopy;
  179. RtlCaptureStackBackTrace (2,
  180. MAX_TRACE_DEPTH,
  181. Entry->Trace,
  182. &Hash);
  184. RtlEnterCriticalSection (&HandleLock);
  186. InsertHeadList (&HandleList,
  187. &(Entry->Links));
  189. RtlLeaveCriticalSection (&HandleLock);
  191. return Entry;
  192. }
  195. VOID
  196. HandleDelete (
  197. HANDLE Handle,
  198. PAVRF_HANDLE Entry
  199. )
  200. {
  201. RtlEnterCriticalSection (&HandleLock);
  202. RemoveEntryList (&(Entry->Links));
  203. RtlLeaveCriticalSection (&HandleLock);
  205. if (Entry->Name) {
  206. RtlFreeHeap (RtlProcessHeap(), 0, Entry->Name);
  207. }
  209. RtlFreeHeap (RtlProcessHeap(), 0, Entry);
  210. }
  213. VOID
  214. HandleDump (
  215. HANDLE Handle
  216. )
  217. {
  218. PLIST_ENTRY Current;
  219. PAVRF_HANDLE Entry;
  221. RtlEnterCriticalSection (&HandleLock);
  223. Current = HandleList.Flink;
  225. while (Current != &HandleList) {
  227. Entry = CONTAINING_RECORD (Current,
  228. AVRF_HANDLE,
  229. Links);
  231. Current = Current->Flink;
  233. if (Handle == NULL || Entry->Handle == Handle) {
  235. DbgPrint ("HNDL: %08X %04u `%ws' \n",
  236. HandleToUlong(Entry->Handle),
  237. Entry->Type,
  238. HandleName(Entry));
  239. }
  240. }
  242. RtlLeaveCriticalSection (&HandleLock);
  243. }
  246. //
  247. // Virtual space operations tracking.
  248. //
  250. typedef struct _VS_CALL {
  252. struct {
  253. ULONG Type : 4;
  254. ULONG Trace : 16;
  255. ULONG Thread : 12;
  256. };
  258. PVOID Address;
  259. SIZE_T Size;
  260. ULONG Operation;
  261. ULONG Protection;
  263. } VS_CALL, *PVS_CALL;
  266. #define NO_OF_VS_CALLS 8192
  267. VS_CALL VsCalls [NO_OF_VS_CALLS];
  268. LONG VsCallsIndex;
  270. VOID
  271. VsLogCall (
  272. VS_CALL_TYPE Type,
  273. PVOID Address,
  274. SIZE_T Size,
  275. ULONG Operation,
  276. ULONG Protection
  277. )
  278. {
  279. ULONG Index;
  280. ULONG Hash;
  282. Index = (ULONG)InterlockedIncrement (&VsCallsIndex);
  283. Index %= NO_OF_VS_CALLS;
  285. //RtlZeroMemory (&(VsCalls[Index]), sizeof (VS_CALL));
  286. VsCalls[Index].Address = Address;
  287. VsCalls[Index].Type = Type;
  288. VsCalls[Index].Trace = RtlLogStackBackTrace();
  289. VsCalls[Index].Thread = HandleToUlong(NtCurrentTeb()->ClientId.UniqueThread);
  290. VsCalls[Index].Size = Size;
  291. VsCalls[Index].Operation = Operation;
  292. VsCalls[Index].Protection = Protection;
  294. if (AVrfpProvider.VerifierDebug) {
  296. DbgPrint ("AVRF:VS: %01u (%04X): %p %p %X %X \n",
  297. Type,
  298. (ULONG)(VsCalls[Index].Trace),
  299. Address, Size, Operation, Protection);
  300. }
  301. }
  304. //
  305. // Heap operations tracking
  306. //
  308. typedef struct _HEAP_CALL {
  310. struct {
  311. ULONG Reserved : 4;
  312. ULONG Trace : 16;
  313. ULONG Thread : 12;
  314. };
  316. PVOID Address;
  317. SIZE_T Size;
  319. } HEAP_CALL, *PHEAP_CALL;
  322. #define NO_OF_HEAP_CALLS 8192
  323. HEAP_CALL HeapCalls [NO_OF_HEAP_CALLS];
  324. LONG HeapCallsIndex;
  326. VOID
  327. HeapLogCall (
  328. PVOID Address,
  329. SIZE_T Size
  330. )
  331. {
  332. ULONG Index;
  333. ULONG Hash;
  335. Index = (ULONG)InterlockedIncrement (&HeapCallsIndex);
  336. Index %= NO_OF_HEAP_CALLS;
  338. //RtlZeroMemory (&(HeapCalls[Index]), sizeof (HEAP_CALL));
  339. HeapCalls[Index].Address = Address;
  340. HeapCalls[Index].Trace = RtlLogStackBackTrace();
  341. HeapCalls[Index].Thread = HandleToUlong(NtCurrentTeb()->ClientId.UniqueThread);
  342. HeapCalls[Index].Size = Size;
  344. if (AVrfpProvider.VerifierDebug) {
  346. DbgPrint ("AVRF:HEAP: %04X (%04X): %p %p \n",
  347. (ULONG)(HeapCalls[Index].Thread),
  348. (ULONG)(HeapCalls[Index].Trace),
  349. Address, Size);
  350. }
  351. }
  353. VOID
  354. AVrfpDirtyThreadStack (
  355. )
  356. {
  357. PTEB Teb = NtCurrentTeb();
  358. ULONG_PTR StackStart;
  359. ULONG_PTR StackEnd;
  361. try {
  363. StackStart = (ULONG_PTR)(Teb->NtTib.StackLimit);
  365. //
  366. // ISSUE: SilviuC: we should dirty stacks on all architectures
  367. //
  369. #if defined(_X86_)
  370. _asm mov StackEnd, ESP;
  371. #else
  372. StackEnd = StackStart;
  373. #endif
  375. //
  376. // Limit stack dirtying to only 8K.
  377. //
  379. if (StackStart < StackEnd - 0x2000) {
  380. StackStart = StackEnd - 0x2000;
  381. }
  383. if (AVrfpProvider.VerifierDebug) {
  385. DbgPrint ("Dirtying stack range %p - %p for thread %p \n",
  386. StackStart, StackEnd, Teb->ClientId.UniqueThread);
  387. }
  389. while (StackStart < StackEnd) {
  390. *((PULONG)StackStart) = 0xBAD1BAD1;
  391. StackStart += sizeof(ULONG);
  392. }
  393. }
  394. except (EXCEPTION_EXECUTE_HANDLER) {
  396. // nothing
  397. }
  398. }
  400. //
  401. // Standard function used for hooked CreateThread.
  402. //
  405. ULONG
  406. AVrfpThreadFunctionExceptionFilter (
  407. ULONG ExceptionCode,
  408. PVOID ExceptionRecord
  409. )
  410. {
  411. VERIFIER_STOP (APPLICATION_VERIFIER_UNEXPECTED_EXCEPTION,
  412. "unexpected exception raised in thread function",
  413. ExceptionCode, "Exception code",
  414. ExceptionRecord, "Exception record (.exr on 1st word, .cxr on 2nd word)",
  415. 0, "",
  416. 0, "");
  418. return EXCEPTION_EXECUTE_HANDLER;
  419. }
  422. DWORD
  423. WINAPI
  424. AVrfpStandardThreadFunction (
  425. LPVOID Context
  426. )
  427. {
  428. PAVRF_THREAD_INFO Info = (PAVRF_THREAD_INFO)Context;
  429. DWORD Result;
  431. try {
  433. //
  434. // Call the real thing.
  435. //
  437. Result = (Info->Function)(Info->Parameter);
  438. }
  439. except (AVrfpThreadFunctionExceptionFilter (_exception_code(), _exception_info())) {
  441. //
  442. // Nothing.
  443. //
  444. }
  446. //
  447. // Perform all typical checks for a thread that has just finished.
  448. //
  450. RtlCheckForOrphanedCriticalSections (NtCurrentThread());
  452. AVrfpCheckThreadTermination ();
  454. RtlFreeHeap (RtlProcessHeap(), 0, Info);
  456. return Result;
  457. }
  459. VOID
  460. AVrfpCheckThreadTermination (
  461. VOID
  462. )
  463. {
  464. //
  465. // Nothing yet.
  466. //
  467. }