Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

552 lines
13 KiB

  1. /*++
  2. Copyright (c) 1992 Microsoft Corporation
  3. Module Name:
  4. Reglukey.c
  5. Abstract:
  6. This module contains the server side Win32 Registry
  7. APIs to load, unload and replace keys. That is:
  8. - BaseRegLoadKeyA
  9. - BaseRegLoadKeyW
  10. - BaseRegUnLoadKeyA
  11. - BaseRegUnLoadKeyW
  12. - BaseRegReplaceKeyA
  13. - BaseRegReplaceKeyW
  14. Author:
  15. Ramon J. San Andres (ramonsa) 16-Apr-1992
  16. --*/
  17. #include <rpc.h>
  18. #include "regrpc.h"
  19. #include "localreg.h"
  20. error_status_t
  21. BaseRegLoadKey(
  22. IN HKEY hKey,
  23. IN PUNICODE_STRING lpSubKey OPTIONAL,
  24. IN PUNICODE_STRING lpFile
  25. )
  26. /*++
  27. Routine Description:
  28. Load the tree in the supplied file into the key referenced by the
  29. supplied key handle and sub-key. The loaded tree will overwrite all
  30. of the contents of the supplied sub-key except for its name.
  31. Pictorially, if the file contains:
  32. A
  33. / \
  34. / \
  35. B C
  36. and the supplied key refers to a key name X, the resultant tree would
  37. look like:
  38. X
  39. / \
  40. / \
  41. B C
  42. Arguments:
  43. hKey - Supplies the predefined handle HKEY_USERS or HKEY_LOCAL_MACHINE.
  44. lpSubKey is relative to this handle.
  45. lpSubKey - Supplies a path name to a new (i.e. non-existant) key
  46. where the supplied file will be loaded.
  47. lpFile - Supplies a pointer to an existing file name whose contents was
  48. created with RegSaveKey. The file name may not have an extension.
  49. Return Value:
  50. Returns ERROR_SUCCESS (0) for success; error-code for failure.
  51. Notes:
  52. The difference between RegRestoreKey and RegLoadKey is that in the
  53. latter case the supplied file is used as the actual backing store
  54. whereas in the former case the information in the file is copied into
  55. the Registry.
  56. RegLoadKey requires SeRestorePrivilege.
  57. --*/
  58. {
  59. OBJECT_ATTRIBUTES ObjaKey;
  60. OBJECT_ATTRIBUTES ObjaFile;
  61. BOOLEAN ErrorFlag;
  62. UNICODE_STRING FileName;
  63. RTL_RELATIVE_NAME RelativeName;
  64. PVOID FreeBuffer;
  65. NTSTATUS NtStatus;
  66. PUNICODE_STRING SubKey;
  67. #if DBG
  68. //OutputDebugString( "WINREG: Entering BaseRegLoadKey\n" );
  69. #endif
  70. ASSERT( (hKey != NULL) && (lpFile != NULL) && (lpFile->Buffer != NULL));
  71. if ( (hKey == NULL) || (lpFile == NULL) || (lpFile->Buffer == NULL) ) {
  72. return ERROR_INVALID_PARAMETER;
  73. }
  74. //
  75. // check for oddly formed UNICODE_STRINGs passed by malicious clients
  76. // check also for zero-length strings
  77. //
  78. if ((!lpFile->Length) ||
  79. (lpFile->Length & 1) ||
  80. (lpFile->Buffer[(lpFile->Length-1)/sizeof(WCHAR)] != UNICODE_NULL)) {
  81. return ERROR_INVALID_PARAMETER;
  82. }
  83. if ((lpSubKey) &&
  84. ((!lpSubKey->Length) ||
  85. (lpSubKey->Length & 1) ||
  86. (lpSubKey->Buffer[(lpSubKey->Length-1)/sizeof(WCHAR)] != UNICODE_NULL))) {
  87. return ERROR_INVALID_PARAMETER;
  88. }
  89. RPC_IMPERSONATE_CLIENT( NULL );
  90. //
  91. // Remove terminating NULLs from Length counts. These were added
  92. // on the client side so that RPC would transmit the whole thing.
  93. //
  94. if ( lpSubKey && lpSubKey->Length > 0 ) {
  95. lpSubKey->Length -= sizeof( UNICODE_NULL );
  96. SubKey = lpSubKey;
  97. } else {
  98. SubKey = NULL;
  99. }
  100. if ( lpFile->Length > 0 ) {
  101. lpFile->Length -= sizeof( UNICODE_NULL );
  102. }
  103. InitializeObjectAttributes(
  104. &ObjaKey,
  105. SubKey,
  106. OBJ_CASE_INSENSITIVE,
  107. hKey,
  108. NULL
  109. );
  110. //
  111. // Convert the DOS path name to a canonical Nt path name.
  112. //
  113. ErrorFlag = RtlDosPathNameToNtPathName_U(
  114. lpFile->Buffer,
  115. &FileName,
  116. NULL,
  117. &RelativeName
  118. );
  119. //
  120. // If the name was not succesfully converted assume it was invalid.
  121. //
  122. if ( !ErrorFlag ) {
  123. RPC_REVERT_TO_SELF();
  124. return ERROR_INVALID_PARAMETER;
  125. }
  126. //
  127. // Remember the buffer allocatted by RtlDosPathNameToNtPathName_U.
  128. //
  129. FreeBuffer = FileName.Buffer;
  130. //
  131. // If a relative name and directory handle will work, use those.
  132. //
  133. if ( RelativeName.RelativeName.Length ) {
  134. //
  135. // Replace the full path with the relative path.
  136. //
  137. FileName = *( PUNICODE_STRING ) &RelativeName.RelativeName;
  138. } else {
  139. //
  140. // Using the full path - no containing directory.
  141. //
  142. RelativeName.ContainingDirectory = NULL;
  143. }
  144. //
  145. // Initialize the Obja structure for the file.
  146. //
  147. InitializeObjectAttributes(
  148. &ObjaFile,
  149. &FileName,
  150. OBJ_CASE_INSENSITIVE,
  151. RelativeName.ContainingDirectory,
  152. NULL
  153. );
  154. #if DBG
  155. //OutputDebugString( "WINREG: Before NtLoadKey\n" );
  156. #endif
  157. NtStatus = NtLoadKey(
  158. &ObjaKey,
  159. &ObjaFile
  160. );
  161. #if DBG
  162. //OutputDebugString( "WINREG: After RegLoadKey\n" );
  163. #endif
  164. RPC_REVERT_TO_SELF();
  165. //
  166. // Free the buffer allocatted by RtlDosPathNameToNtPathName_U.
  167. //
  168. RtlFreeHeap( RtlProcessHeap( ), 0, FreeBuffer );
  169. #if DBG
  170. //OutputDebugString( "WINREG: Leaving BaseRegLoadKey\n" );
  171. #endif
  172. return (error_status_t)RtlNtStatusToDosError( NtStatus );
  173. }
  174. error_status_t
  175. BaseRegUnLoadKey(
  176. IN HKEY hKey,
  177. IN PUNICODE_STRING lpSubKey OPTIONAL
  178. )
  179. /*++
  180. Routine Description:
  181. Unload the specified tree (hive) from the Registry.
  182. Arguments:
  183. hKey - Supplies a handle to an open key. lpSubKey is relative to this
  184. handle.
  185. lpSubKey - Supplies a path name to the key that is to be unloaded.
  186. The combination of hKey and lpSubKey must refer to a hive in the
  187. Registry created with RegRestoreKey or RegLoadKey. This parameter may
  188. be NULL.
  189. Return Value:
  190. Returns ERROR_SUCCESS (0) for success; error-code for failure.
  191. RegUnLoadKey requires SeRestorePrivilege.
  192. --*/
  193. {
  194. OBJECT_ATTRIBUTES ObjaKey;
  195. NTSTATUS NtStatus;
  196. ASSERT( hKey != NULL );
  197. if ( hKey == NULL ) {
  198. return ERROR_INVALID_PARAMETER;
  199. }
  200. RPC_IMPERSONATE_CLIENT( NULL );
  201. //
  202. // Remove terminating NULLs from Length counts. These were added
  203. // on the client side so that RPC would transmit the whole thing.
  204. //
  205. if ( lpSubKey && lpSubKey->Length > 0 ) {
  206. lpSubKey->Length -= sizeof( UNICODE_NULL );
  207. }
  208. InitializeObjectAttributes(
  209. &ObjaKey,
  210. lpSubKey,
  211. OBJ_CASE_INSENSITIVE,
  212. hKey,
  213. NULL
  214. );
  215. NtStatus = NtUnloadKey( &ObjaKey );
  216. RPC_REVERT_TO_SELF();
  217. return (error_status_t)RtlNtStatusToDosError( NtStatus );
  218. }
  219. error_status_t
  220. BaseRegReplaceKey(
  221. HKEY hKey,
  222. PUNICODE_STRING lpSubKey,
  223. PUNICODE_STRING lpNewFile,
  224. PUNICODE_STRING lpOldFile
  225. )
  226. /*++
  227. Routine Description:
  228. Replace an existing tree (hive) in the Registry. The new tree will
  229. take effect the next time the system is rebooted.
  230. Arguments:
  231. hKey - Supplies a handle to an open key. lpSubKey is relative to this
  232. handle.
  233. lpSubKey - Supplies a path name to the key that is to be replaced.
  234. The combination of hKey and lpSubKey must refer to a hive in the
  235. Registry. This parameter may be NULL.
  236. lpNewFile - Supplies a file name for the new hive file.
  237. lpOldFile - Supplies a backup file name for the old (existing) hive file.
  238. Return Value:
  239. Returns ERROR_SUCCESS (0) for success; error-code for failure.
  240. Notes:
  241. lpNewFile will remain open until after the system is rebooted.
  242. RegUnLoadKey requires SeRestorePrivilege.
  243. --*/
  244. {
  245. UNICODE_STRING NewFileName;
  246. UNICODE_STRING OldFileName;
  247. RTL_RELATIVE_NAME RelativeName;
  248. PVOID NewFreeBuffer;
  249. PVOID OldFreeBuffer;
  250. HANDLE HiveHandle;
  251. OBJECT_ATTRIBUTES ObjaKey;
  252. OBJECT_ATTRIBUTES ObjaNewFile;
  253. OBJECT_ATTRIBUTES ObjaOldFile;
  254. BOOLEAN ErrorFlag;
  255. NTSTATUS NtStatus;
  256. ErrorFlag = (BOOLEAN)( (hKey == NULL) ||
  257. (lpNewFile == NULL) ||
  258. (lpNewFile->Buffer == NULL) ||
  259. (lpOldFile == NULL) ||
  260. (lpOldFile->Buffer == NULL) );
  261. ASSERT( !ErrorFlag );
  262. if ( ErrorFlag ) {
  263. return ERROR_INVALID_PARAMETER;
  264. }
  265. RPC_IMPERSONATE_CLIENT( NULL );
  266. //
  267. // Remove terminating NULLs from Length counts. These were added
  268. // on the client side so that RPC would transmit the whole thing.
  269. //
  270. if ( lpSubKey && lpSubKey->Length > 0 ) {
  271. lpSubKey->Length -= sizeof( UNICODE_NULL );
  272. }
  273. if ( lpNewFile->Length > 0 ) {
  274. lpNewFile->Length -= sizeof( UNICODE_NULL );
  275. }
  276. if ( lpOldFile->Length > 0 ) {
  277. lpOldFile->Length -= sizeof( UNICODE_NULL );
  278. }
  279. InitializeObjectAttributes(
  280. &ObjaKey,
  281. lpSubKey,
  282. OBJ_CASE_INSENSITIVE,
  283. hKey,
  284. NULL
  285. );
  286. //
  287. // Get a handle to the hive root
  288. //
  289. NtStatus = NtCreateKey(
  290. &HiveHandle,
  291. MAXIMUM_ALLOWED,
  292. &ObjaKey,
  293. 0,
  294. NULL,
  295. REG_OPTION_BACKUP_RESTORE,
  296. NULL
  297. );
  298. if ( !NT_SUCCESS( NtStatus ) ) {
  299. RPC_REVERT_TO_SELF();
  300. return (error_status_t)RtlNtStatusToDosError( NtStatus );
  301. }
  302. //
  303. // Convert the new DOS path name to a canonical Nt path name.
  304. //
  305. ErrorFlag = RtlDosPathNameToNtPathName_U(
  306. lpNewFile->Buffer,
  307. &NewFileName,
  308. NULL,
  309. &RelativeName
  310. );
  311. //
  312. // If the name was not succesfully converted assume it was invalid.
  313. //
  314. if ( !ErrorFlag ) {
  315. NtClose( HiveHandle );
  316. RPC_REVERT_TO_SELF();
  317. return ERROR_INVALID_PARAMETER;
  318. }
  319. //
  320. // Remember the buffer allocatted by RtlDosPathNameToNtPathName_U.
  321. //
  322. NewFreeBuffer = NewFileName.Buffer;
  323. //
  324. // If a relative name and directory handle will work, use those.
  325. //
  326. if ( RelativeName.RelativeName.Length ) {
  327. //
  328. // Replace the full path with the relative path.
  329. //
  330. NewFileName = *( PUNICODE_STRING ) &RelativeName.RelativeName;
  331. } else {
  332. //
  333. // Using the full path - no containing directory.
  334. //
  335. RelativeName.ContainingDirectory = NULL;
  336. }
  337. //
  338. // Initialize the Obja structure for the new file.
  339. //
  340. InitializeObjectAttributes(
  341. &ObjaNewFile,
  342. &NewFileName,
  343. OBJ_CASE_INSENSITIVE,
  344. RelativeName.ContainingDirectory,
  345. NULL
  346. );
  347. //
  348. // Convert the old DOS path name to a canonical Nt path name.
  349. //
  350. ErrorFlag = RtlDosPathNameToNtPathName_U(
  351. lpOldFile->Buffer,
  352. &OldFileName,
  353. NULL,
  354. &RelativeName
  355. );
  356. //
  357. // If the name was not succesfully converted assume it was invalid.
  358. //
  359. if ( !ErrorFlag ) {
  360. RtlFreeHeap( RtlProcessHeap( ), 0, NewFreeBuffer );
  361. NtClose( HiveHandle );
  362. RPC_REVERT_TO_SELF();
  363. return ERROR_INVALID_PARAMETER;
  364. }
  365. //
  366. // Remember the buffer allocatted by RtlDosPathNameToNtPathName_U.
  367. //
  368. OldFreeBuffer = OldFileName.Buffer;
  369. //
  370. // If a relative name and directory handle will work, use those.
  371. //
  372. if ( RelativeName.RelativeName.Length ) {
  373. //
  374. // Replace the full path with the relative path.
  375. //
  376. OldFileName = *( PUNICODE_STRING ) &RelativeName.RelativeName;
  377. } else {
  378. //
  379. // Using the full path - no containing directory.
  380. //
  381. RelativeName.ContainingDirectory = NULL;
  382. }
  383. //
  384. // Initialize the Obja structure for the new file.
  385. //
  386. InitializeObjectAttributes(
  387. &ObjaOldFile,
  388. &OldFileName,
  389. OBJ_CASE_INSENSITIVE,
  390. RelativeName.ContainingDirectory,
  391. NULL
  392. );
  393. NtStatus = NtReplaceKey(
  394. &ObjaNewFile,
  395. HiveHandle,
  396. &ObjaOldFile
  397. );
  398. //
  399. // Free the buffers allocatted by RtlDosPathNameToNtPathName_U.
  400. //
  401. RtlFreeHeap( RtlProcessHeap( ), 0, NewFreeBuffer );
  402. RtlFreeHeap( RtlProcessHeap( ), 0, OldFreeBuffer );
  403. NtClose( HiveHandle );
  404. RPC_REVERT_TO_SELF();
  405. return (error_status_t)RtlNtStatusToDosError( NtStatus );
  406. }