archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
3.8 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/base/ntos/rtl/imagedir.c

692 lines
16 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1991 Microsoft Corporation
  5. Module Name:
  7. imagedir.c
  9. Abstract:
  11. The module contains the code to translate an image directory type to
  12. the address of the data for that entry.
  14. Author:
  16. Steve Wood (stevewo) 18-Aug-1989
  18. Environment:
  20. User Mode or Kernel Mode
  22. Revision History:
  24. --*/
  26. #include "ntrtlp.h"
  28. #if defined(NTOS_KERNEL_RUNTIME)
  30. VOID
  31. RtlpTouchMemory(
  32. IN PVOID Address,
  33. IN ULONG Length
  34. );
  36. VOID
  37. RtlpMakeStackTraceDataPresentForImage(
  38. IN PVOID ImageBase
  39. );
  41. #if defined(ALLOC_PRAGMA)
  42. #pragma alloc_text(PAGE,RtlpTouchMemory)
  43. #pragma alloc_text(PAGE,RtlMakeStackTraceDataPresent)
  44. #pragma alloc_text(PAGE,RtlpMakeStackTraceDataPresentForImage)
  45. #endif
  46. #endif
  48. PIMAGE_NT_HEADERS
  49. RtlImageNtHeader (
  50. IN PVOID Base
  51. )
  53. /*++
  55. Routine Description:
  57. This function returns the address of the NT Header.
  59. Arguments:
  61. Base - Supplies the base of the image.
  63. Return Value:
  65. Returns the address of the NT Header.
  67. --*/
  69. {
  70. #if defined (BLDR_KERNEL_RUNTIME) || defined(NTOS_KERNEL_RUNTIME)
  71. PIMAGE_NT_HEADERS NtHeaders = NULL;
  73. if (Base != NULL && Base != (PVOID)-1) {
  74. if (((PIMAGE_DOS_HEADER)Base)->e_magic == IMAGE_DOS_SIGNATURE) {
  75. NtHeaders = (PIMAGE_NT_HEADERS)((PCHAR)Base + ((PIMAGE_DOS_HEADER)Base)->e_lfanew);
  77. #if defined(NTOS_KERNEL_RUNTIME)
  78. if (Base < MM_HIGHEST_USER_ADDRESS) {
  79. if ((PVOID)NtHeaders >= MM_HIGHEST_USER_ADDRESS) {
  80. return NULL;
  81. }
  82. if ((PVOID)((PCHAR)NtHeaders + sizeof (IMAGE_NT_HEADERS)) >= MM_HIGHEST_USER_ADDRESS) {
  83. return NULL;
  84. }
  85. }
  86. #endif
  88. if (NtHeaders->Signature != IMAGE_NT_SIGNATURE) {
  89. NtHeaders = NULL;
  90. }
  91. }
  92. }
  94. return NtHeaders;
  95. #else
  96. return RtlpImageNtHeader( Base );
  97. #endif
  98. }
  101. PIMAGE_SECTION_HEADER
  102. RtlSectionTableFromVirtualAddress (
  103. IN PIMAGE_NT_HEADERS NtHeaders,
  104. IN PVOID Base,
  105. IN ULONG Address
  106. )
  108. /*++
  110. Routine Description:
  112. This function locates a VirtualAddress within the image header
  113. of a file that is mapped as a file and returns a pointer to the
  114. section table entry for that virtual address
  116. Arguments:
  118. NtHeaders - Supplies the pointer to the image or data file.
  120. Base - Supplies the base of the image or data file.
  122. Address - Supplies the virtual address to locate.
  124. Return Value:
  126. NULL - The file does not contain data for the specified directory entry.
  128. NON-NULL - Returns the pointer of the section entry containing the data.
  130. --*/
  132. {
  133. ULONG i;
  134. PIMAGE_SECTION_HEADER NtSection;
  136. NtSection = IMAGE_FIRST_SECTION( NtHeaders );
  137. for (i=0; i<NtHeaders->FileHeader.NumberOfSections; i++) {
  138. if ((ULONG)Address >= NtSection->VirtualAddress &&
  139. (ULONG)Address < NtSection->VirtualAddress + NtSection->SizeOfRawData
  140. ) {
  141. return NtSection;
  142. }
  143. ++NtSection;
  144. }
  146. return NULL;
  147. }
  150. PVOID
  151. RtlAddressInSectionTable (
  152. IN PIMAGE_NT_HEADERS NtHeaders,
  153. IN PVOID Base,
  154. IN ULONG Address
  155. )
  157. /*++
  159. Routine Description:
  161. This function locates a VirtualAddress within the image header
  162. of a file that is mapped as a file and returns the seek address
  163. of the data the Directory describes.
  165. Arguments:
  167. NtHeaders - Supplies the pointer to the image or data file.
  169. Base - Supplies the base of the image or data file.
  171. Address - Supplies the virtual address to locate.
  173. Return Value:
  175. NULL - The file does not contain data for the specified directory entry.
  177. NON-NULL - Returns the address of the raw data the directory describes.
  179. --*/
  181. {
  182. PIMAGE_SECTION_HEADER NtSection;
  184. NtSection = RtlSectionTableFromVirtualAddress( NtHeaders,
  185. Base,
  186. Address
  187. );
  188. if (NtSection != NULL) {
  189. return( ((PCHAR)Base + ((ULONG_PTR)Address - NtSection->VirtualAddress) + NtSection->PointerToRawData) );
  190. }
  191. else {
  192. return( NULL );
  193. }
  194. }
  197. PVOID
  198. RtlpImageDirectoryEntryToData32 (
  199. IN PVOID Base,
  200. IN BOOLEAN MappedAsImage,
  201. IN USHORT DirectoryEntry,
  202. OUT PULONG Size,
  203. PIMAGE_NT_HEADERS32 NtHeaders
  204. )
  205. {
  206. ULONG DirectoryAddress;
  208. if (DirectoryEntry >= NtHeaders->OptionalHeader.NumberOfRvaAndSizes) {
  209. return( NULL );
  210. }
  212. if (!(DirectoryAddress = NtHeaders->OptionalHeader.DataDirectory[ DirectoryEntry ].VirtualAddress)) {
  213. return( NULL );
  214. }
  216. #if defined(NTOS_KERNEL_RUNTIME)
  217. if (Base < MM_HIGHEST_USER_ADDRESS) {
  218. if ((PVOID)((PCHAR)Base + DirectoryAddress) >= MM_HIGHEST_USER_ADDRESS) {
  219. return( NULL );
  220. }
  221. }
  222. #endif
  224. *Size = NtHeaders->OptionalHeader.DataDirectory[ DirectoryEntry ].Size;
  225. if (MappedAsImage || DirectoryAddress < NtHeaders->OptionalHeader.SizeOfHeaders) {
  226. return( (PVOID)((PCHAR)Base + DirectoryAddress) );
  227. }
  229. return( RtlAddressInSectionTable((PIMAGE_NT_HEADERS)NtHeaders, Base, DirectoryAddress ));
  230. }
  233. PVOID
  234. RtlpImageDirectoryEntryToData64 (
  235. IN PVOID Base,
  236. IN BOOLEAN MappedAsImage,
  237. IN USHORT DirectoryEntry,
  238. OUT PULONG Size,
  239. PIMAGE_NT_HEADERS64 NtHeaders
  240. )
  241. {
  242. ULONG DirectoryAddress;
  244. if (DirectoryEntry >= NtHeaders->OptionalHeader.NumberOfRvaAndSizes) {
  245. return( NULL );
  246. }
  248. if (!(DirectoryAddress = NtHeaders->OptionalHeader.DataDirectory[ DirectoryEntry ].VirtualAddress)) {
  249. return( NULL );
  250. }
  252. #if defined(NTOS_KERNEL_RUNTIME)
  253. if (Base < MM_HIGHEST_USER_ADDRESS) {
  254. if ((PVOID)((PCHAR)Base + DirectoryAddress) >= MM_HIGHEST_USER_ADDRESS) {
  255. return( NULL );
  256. }
  257. }
  258. #endif
  260. *Size = NtHeaders->OptionalHeader.DataDirectory[ DirectoryEntry ].Size;
  261. if (MappedAsImage || DirectoryAddress < NtHeaders->OptionalHeader.SizeOfHeaders) {
  262. return( (PVOID)((PCHAR)Base + DirectoryAddress) );
  263. }
  265. return( RtlAddressInSectionTable((PIMAGE_NT_HEADERS)NtHeaders, Base, DirectoryAddress ));
  266. }
  269. PVOID
  270. RtlImageDirectoryEntryToData (
  271. IN PVOID Base,
  272. IN BOOLEAN MappedAsImage,
  273. IN USHORT DirectoryEntry,
  274. OUT PULONG Size
  275. )
  277. /*++
  279. Routine Description:
  281. This function locates a Directory Entry within the image header
  282. and returns either the virtual address or seek address of the
  283. data the Directory describes.
  285. Arguments:
  287. Base - Supplies the base of the image or data file.
  289. MappedAsImage - FALSE if the file is mapped as a data file.
  290. - TRUE if the file is mapped as an image.
  292. DirectoryEntry - Supplies the directory entry to locate.
  294. Size - Return the size of the directory.
  296. Return Value:
  298. NULL - The file does not contain data for the specified directory entry.
  300. NON-NULL - Returns the address of the raw data the directory describes.
  302. --*/
  304. {
  305. PIMAGE_NT_HEADERS NtHeaders;
  307. if (LDR_IS_DATAFILE(Base)) {
  308. Base = LDR_DATAFILE_TO_VIEW(Base);
  309. MappedAsImage = FALSE;
  310. }
  312. NtHeaders = RtlImageNtHeader(Base);
  314. if (!NtHeaders)
  315. return NULL;
  317. if (NtHeaders->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
  318. return (RtlpImageDirectoryEntryToData32(Base,
  319. MappedAsImage,
  320. DirectoryEntry,
  321. Size,
  322. (PIMAGE_NT_HEADERS32)NtHeaders));
  323. } else if (NtHeaders->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
  324. return (RtlpImageDirectoryEntryToData64(Base,
  325. MappedAsImage,
  326. DirectoryEntry,
  327. Size,
  328. (PIMAGE_NT_HEADERS64)NtHeaders));
  329. } else {
  330. return (NULL);
  331. }
  332. }
  334. #if defined(NTOS_KERNEL_RUNTIME)
  336. VOID
  337. RtlMakeStackTraceDataPresent(
  338. VOID
  339. )
  341. /*++
  343. Routine Description:
  345. This function walks the loaded user-mode images and makes present the
  346. portions of the data necessary to support a kernel-debugger stack
  347. dump of the user-mode stack.
  349. N.B. The necessary pieces are merely touched to be brought in. In a low
  350. memory situation, some of the previously-touched pages may be paged
  351. out in order for the new ones to be brought in. This routine is
  352. not guaranteed to do anything useful, however it does more often than
  353. not.
  355. Arguments:
  357. None.
  359. Return value:
  361. None.
  363. --*/
  365. {
  366. PPEB peb;
  367. PLIST_ENTRY head;
  368. PLIST_ENTRY next;
  369. PVOID imageBase;
  370. ULONG imageCount;
  371. LDR_DATA_TABLE_ENTRY UNALIGNED *ldrDataTableEntry;
  373. RTL_PAGED_CODE();
  375. //
  376. // The image list is in user mode and is not to be trusted. The
  377. // surrounding try/except block will guard against most forms of
  378. // list corruption. imageCount is used to bail in finite time
  379. // in the event of a cyclic image list.
  380. //
  382. imageCount = 0;
  383. try {
  385. peb = NtCurrentPeb();
  386. head = &peb->Ldr->InLoadOrderModuleList;
  388. ProbeForReadSmallStructure( head,
  389. sizeof(LIST_ENTRY),
  390. PROBE_ALIGNMENT(LIST_ENTRY) );
  392. next = head;
  393. while (imageCount < 1000) {
  395. next = next->Flink;
  396. if (next == head) {
  397. break;
  398. }
  399. imageCount += 1;
  401. //
  402. // Locate the base address of the image
  403. //
  405. ldrDataTableEntry = CONTAINING_RECORD(next,
  406. LDR_DATA_TABLE_ENTRY,
  407. InLoadOrderLinks);
  409. ProbeForReadSmallStructure( ldrDataTableEntry,
  410. sizeof(LDR_DATA_TABLE_ENTRY),
  411. PROBE_ALIGNMENT(LDR_DATA_TABLE_ENTRY) );
  413. imageBase = ldrDataTableEntry->DllBase;
  414. ProbeForReadSmallStructure (imageBase, sizeof (IMAGE_DOS_HEADER), sizeof (UCHAR));
  416. //
  417. // Make the stack trace data present for this image. Use a
  418. // seperate try/except block here so that subsequent images
  419. // will be processed in the event of a failure.
  420. //
  422. try {
  423. RtlpMakeStackTraceDataPresentForImage(imageBase);
  424. } except (EXCEPTION_EXECUTE_HANDLER) {
  425. NOTHING;
  426. }
  427. }
  429. } except (EXCEPTION_EXECUTE_HANDLER) {
  430. NOTHING;
  431. }
  432. }
  434. VOID
  435. RtlpMakeStackTraceDataPresentForImage(
  436. IN PVOID ImageBase
  437. )
  439. /*++
  441. Routine Description:
  443. This function attempts to make present the portions of an image necessary
  444. to support a kernel-debugger stack dump of the user-mode stack.
  446. Arguments:
  448. ImageBase - Supplies the VA of the base of the image to process.
  450. Return value:
  452. None.
  454. --*/
  456. {
  457. PVOID directory;
  458. ULONG directorySize;
  459. PIMAGE_RUNTIME_FUNCTION_ENTRY functionEntry;
  460. PIMAGE_RUNTIME_FUNCTION_ENTRY lastFunctionEntry;
  461. PCHAR imageBase;
  463. #if defined(_IA64_)
  464. PUNWIND_INFO unwindInfo;
  465. #endif
  467. RTL_PAGED_CODE();
  469. //
  470. // Make present the IMAGE_DIRECTORY_EXCEPTION section.
  471. //
  473. directory = RtlImageDirectoryEntryToData(ImageBase,
  474. TRUE,
  475. IMAGE_DIRECTORY_ENTRY_EXCEPTION,
  476. &directorySize);
  477. if (directory == NULL) {
  478. return;
  479. }
  481. RtlpTouchMemory(directory, directorySize);
  483. #if defined(_IA64_)
  485. //
  486. // The IMAGE_DIRECTORY_EXCEPTION section is an array of
  487. // IMAGE_RUNTIME_FUNCTION_ENTRY structures. Each function entry
  488. // refers, via UnwindInfoAddress (expressed as an image offset) to
  489. // an UNWIND_INFO structure.
  490. //
  491. // All UNWIND_INFO structures must be made present.
  492. //
  494. functionEntry = (PIMAGE_RUNTIME_FUNCTION_ENTRY)directory;
  495. lastFunctionEntry = functionEntry +
  496. directorySize / sizeof(IMAGE_RUNTIME_FUNCTION_ENTRY);
  498. while (functionEntry < lastFunctionEntry) {
  500. unwindInfo = (PUNWIND_INFO)((PCHAR)ImageBase +
  501. functionEntry->UnwindInfoAddress);
  503. //
  504. // An UNWIND_INFO structure consists of a fixed header plus
  505. // a variable-length portion.
  506. //
  508. RtlpTouchMemory(unwindInfo,
  509. sizeof(UNWIND_INFO) +
  510. unwindInfo->DataLength * sizeof(ULONGLONG));
  512. functionEntry += 1;
  513. }
  515. //
  516. // Make present the IMAGE_DIRECTORY_ENTRY_GLOBALPTR section.
  517. //
  519. directory = RtlImageDirectoryEntryToData(ImageBase,
  520. TRUE,
  521. IMAGE_DIRECTORY_ENTRY_GLOBALPTR,
  522. &directorySize);
  523. if (directory == NULL) {
  524. return;
  525. }
  527. RtlpTouchMemory(directory, directorySize);
  529. #endif // _IA64_
  530. }
  532. VOID
  533. RtlpTouchMemory(
  534. IN PVOID Address,
  535. IN ULONG Length
  536. )
  537. /*++
  539. Routine Description:
  541. This function touches all of the pages within a given region.
  543. Arguments:
  545. Address - Supplies the VA of the start of the image to make present.
  547. Length - Supplies the length, in bytes, of the image to make present.
  549. Return value:
  551. None.
  553. --*/
  554. {
  555. PCHAR regionStart;
  556. PCHAR regionEnd;
  558. RTL_PAGED_CODE();
  560. regionStart = Address;
  561. regionEnd = regionStart + Length;
  563. while (regionStart < regionEnd) {
  564. *(volatile UCHAR *)regionStart;
  565. regionStart = PAGE_ALIGN(regionStart + PAGE_SIZE);
  566. }
  567. }
  569. #endif
  571. #if !defined(NTOS_KERNEL_RUNTIME) && !defined(BLDR_KERNEL_RUNTIME)
  573. PIMAGE_SECTION_HEADER
  574. RtlImageRvaToSection(
  575. IN PIMAGE_NT_HEADERS NtHeaders,
  576. IN PVOID Base,
  577. IN ULONG Rva
  578. )
  580. /*++
  582. Routine Description:
  584. This function locates an RVA within the image header of a file
  585. that is mapped as a file and returns a pointer to the section
  586. table entry for that virtual address
  588. Arguments:
  590. NtHeaders - Supplies the pointer to the image or data file.
  592. Base - Supplies the base of the image or data file. The image
  593. was mapped as a data file.
  595. Rva - Supplies the relative virtual address (RVA) to locate.
  597. Return Value:
  599. NULL - The RVA was not found within any of the sections of the image.
  601. NON-NULL - Returns the pointer to the image section that contains
  602. the RVA
  604. --*/
  606. {
  607. ULONG i;
  608. PIMAGE_SECTION_HEADER NtSection;
  610. NtSection = IMAGE_FIRST_SECTION( NtHeaders );
  611. for (i=0; i<NtHeaders->FileHeader.NumberOfSections; i++) {
  612. if (Rva >= NtSection->VirtualAddress &&
  613. Rva < NtSection->VirtualAddress + NtSection->SizeOfRawData
  614. ) {
  615. return NtSection;
  616. }
  617. ++NtSection;
  618. }
  620. return NULL;
  621. }
  625. PVOID
  626. RtlImageRvaToVa(
  627. IN PIMAGE_NT_HEADERS NtHeaders,
  628. IN PVOID Base,
  629. IN ULONG Rva,
  630. IN OUT PIMAGE_SECTION_HEADER *LastRvaSection OPTIONAL
  631. )
  633. /*++
  635. Routine Description:
  637. This function locates an RVA within the image header of a file that
  638. is mapped as a file and returns the virtual addrees of the
  639. corresponding byte in the file.
  642. Arguments:
  644. NtHeaders - Supplies the pointer to the image or data file.
  646. Base - Supplies the base of the image or data file. The image
  647. was mapped as a data file.
  649. Rva - Supplies the relative virtual address (RVA) to locate.
  651. LastRvaSection - Optional parameter that if specified, points
  652. to a variable that contains the last section value used for
  653. the specified image to translate and RVA to a VA.
  655. Return Value:
  657. NULL - The file does not contain the specified RVA
  659. NON-NULL - Returns the virtual addrees in the mapped file.
  661. --*/
  663. {
  664. PIMAGE_SECTION_HEADER NtSection;
  666. if (!ARGUMENT_PRESENT( LastRvaSection ) ||
  667. (NtSection = *LastRvaSection) == NULL ||
  668. Rva < NtSection->VirtualAddress ||
  669. Rva >= NtSection->VirtualAddress + NtSection->SizeOfRawData
  670. ) {
  671. NtSection = RtlImageRvaToSection( NtHeaders,
  672. Base,
  673. Rva
  674. );
  675. }
  677. if (NtSection != NULL) {
  678. if (LastRvaSection != NULL) {
  679. *LastRvaSection = NtSection;
  680. }
  682. return (PVOID)((PCHAR)Base +
  683. (Rva - NtSection->VirtualAddress) +
  684. NtSection->PointerToRawData
  685. );
  686. }
  687. else {
  688. return NULL;
  689. }
  690. }
  692. #endif