archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/windows/appcompat/shims/layer/handleapiexceptions.cpp

394 lines
8.7 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 2001 Microsoft Corporation
  5. Module Name:
  7. HandleAPIExceptions.cpp
  9. Abstract:
  11. Handle exceptions thrown by APIs that used to simply fail on Win9x. So far
  12. we have:
  14. 1. BackupSeek: AVs if hFile == NULL
  15. 2. CreateEvent passed bad lpEventAttributes and/or lpName
  16. 3. GetFileAttributes
  18. Also emulate the win9x behavior for VirtualProtect, whereby the last
  19. parameter can be NULL.
  21. GetTextExtentPoint32 AV's when a large/uninitialized value is passed for
  22. the string length. This API now emulates Win9x.
  24. Add sanity checks to pointers in the call to GetMenuItemInfo. This is to match 9x, as
  25. some apps to pass bogus pointers and it AV on NT.
  27. When wsprintf receives lpFormat argument as NULL, no AV on 9x.
  28. But it AV on XP.Shim verifies format string, if it is NULL return the call don't forward
  30. Notes:
  32. This is a general purpose shim.
  34. History:
  36. 04/03/2000 linstev Created
  37. 04/01/2001 linstev Munged with other exception handling shims
  38. 07/11/2001 prashkud Added handling for GetTextExtentPoint32
  39. 04/24/2002 v-ramora Added handling for wsprintfA
  41. --*/
  43. #include "precomp.h"
  44. #include "LegalStr.h"
  46. IMPLEMENT_SHIM_BEGIN(HandleAPIExceptions)
  47. #include "ShimHookMacro.h"
  49. APIHOOK_ENUM_BEGIN
  50. APIHOOK_ENUM_ENTRY(BackupSeek)
  51. APIHOOK_ENUM_ENTRY(CreateEventA)
  52. APIHOOK_ENUM_ENTRY(CreateEventW)
  53. APIHOOK_ENUM_ENTRY(GetFileAttributesA)
  54. APIHOOK_ENUM_ENTRY(GetFileAttributesW)
  55. APIHOOK_ENUM_ENTRY(VirtualProtect)
  56. APIHOOK_ENUM_ENTRY(GetTextExtentPoint32A)
  57. APIHOOK_ENUM_ENTRY(GetMenuItemInfoA)
  58. APIHOOK_ENUM_ENTRY(wsprintfA)
  59. APIHOOK_ENUM_END
  61. #define MAX_WIN9X_STRSIZE 8192
  63. /*++
  65. Stub returns for bad parameters.
  67. --*/
  69. BOOL
  70. APIHOOK(BackupSeek)(
  71. HANDLE hFile,
  72. DWORD dwLowBytesToSeek,
  73. DWORD dwHighBytesToSeek,
  74. LPDWORD lpdwLowBytesSeeked,
  75. LPDWORD lpdwHighBytesSeeked,
  76. LPVOID *lpContext
  77. )
  78. {
  79. if (!hFile) {
  80. LOGN(
  81. eDbgLevelError,
  82. "[BackupSeek] Bad parameter, returning NULL");
  84. return NULL;
  85. }
  87. DWORD dwLowSeeked, dwHighSeeked;
  89. if (IsBadWritePtr(lpdwLowBytesSeeked, 4)) {
  90. LOGN(
  91. eDbgLevelError,
  92. "[BackupSeek] Bad parameter, fixing");
  94. lpdwLowBytesSeeked = &dwLowSeeked;
  95. }
  97. if (IsBadWritePtr(lpdwHighBytesSeeked, 4)) {
  98. LOGN(
  99. eDbgLevelError,
  100. "[BackupSeek] Bad parameter, fixing");
  102. lpdwHighBytesSeeked = &dwHighSeeked;
  103. }
  105. return ORIGINAL_API(BackupSeek)(hFile, dwLowBytesToSeek, dwHighBytesToSeek,
  106. lpdwLowBytesSeeked, lpdwHighBytesSeeked, lpContext);
  107. }
  109. /*++
  111. Validate parameters
  113. --*/
  115. HANDLE
  116. APIHOOK(CreateEventA)(
  117. LPSECURITY_ATTRIBUTES lpEventAttributes,
  118. BOOL bManualReset,
  119. BOOL bInitialState,
  120. LPCSTR lpName
  121. )
  122. {
  123. if (lpEventAttributes &&
  124. IsBadReadPtr(lpEventAttributes, sizeof(*lpEventAttributes))) {
  126. LOGN(
  127. eDbgLevelError,
  128. "[CreateEventA] Bad parameter, returning NULL");
  130. return NULL;
  131. }
  133. if (lpName &&
  134. IsBadStringPtrA(lpName, MAX_PATH)) {
  136. LOGN(
  137. eDbgLevelError,
  138. "[CreateEventA] Bad parameter, returning NULL");
  139. return NULL;
  140. }
  142. return (ORIGINAL_API(CreateEventA)(lpEventAttributes, bManualReset,
  143. bInitialState, lpName));
  144. }
  146. /*++
  148. Validate parameters
  150. --*/
  152. HANDLE
  153. APIHOOK(CreateEventW)(
  154. LPSECURITY_ATTRIBUTES lpEventAttributes,
  155. BOOL bManualReset,
  156. BOOL bInitialState,
  157. LPCWSTR lpName
  158. )
  159. {
  160. if (lpEventAttributes &&
  161. IsBadReadPtr(lpEventAttributes, sizeof(*lpEventAttributes))) {
  163. LOGN(
  164. eDbgLevelError,
  165. "[CreateEventW] Bad parameter, returning NULL");
  167. return NULL;
  168. }
  170. if (lpName &&
  171. IsBadStringPtrW(lpName, MAX_PATH)) {
  173. LOGN(
  174. eDbgLevelError,
  175. "[CreateEventW] Bad parameter, returning NULL");
  176. return NULL;
  177. }
  179. return (ORIGINAL_API(CreateEventW)(lpEventAttributes, bManualReset,
  180. bInitialState, lpName));
  181. }
  183. /*++
  185. This function to emulate Win9x behaviour when getting file attributes.
  187. --*/
  189. DWORD
  190. APIHOOK(GetFileAttributesA)(
  191. LPCSTR lpFileName
  192. )
  193. {
  194. DWORD dwFileAttributes = INVALID_FILE_ATTRIBUTES;
  196. if (!IsBadStringPtrA(lpFileName, MAX_PATH)) {
  197. dwFileAttributes = ORIGINAL_API(GetFileAttributesA)(
  198. lpFileName);
  199. } else {
  200. LOGN(
  201. eDbgLevelError,
  202. "[GetFileAttributesA] Bad parameter - returning INVALID_FILE_ATTRIBUTES.");
  203. }
  205. return dwFileAttributes;
  206. }
  208. /*++
  210. This function is used to emulate Win9x behaviour when getting file attributes.
  212. --*/
  214. DWORD
  215. APIHOOK(GetFileAttributesW)(
  216. LPCWSTR lpFileName
  217. )
  218. {
  219. DWORD dwFileAttributes = INVALID_FILE_ATTRIBUTES;
  221. if (!IsBadStringPtrW(lpFileName, MAX_PATH)) {
  222. dwFileAttributes = ORIGINAL_API(GetFileAttributesW)(
  223. lpFileName);
  224. } else {
  225. LOGN(
  226. eDbgLevelError,
  227. "[GetFileAttributesW] Bad parameter - returning INVALID_FILE_ATTRIBUTES.");
  228. }
  230. return dwFileAttributes;
  231. }
  233. /*++
  235. Win9x allowed the last parameter to be NULL.
  237. --*/
  239. BOOL
  240. APIHOOK(VirtualProtect)(
  241. LPVOID lpAddress,
  242. SIZE_T dwSize,
  243. DWORD flNewProtect,
  244. PDWORD lpflOldProtect
  245. )
  246. {
  247. DWORD dwOldProtect = 0;
  249. if (!lpflOldProtect) {
  250. //
  251. // Detected a bad last parameter, fix it.
  252. //
  253. LOGN(eDbgLevelError, "[VirtualProtect] Bad parameter - fixing");
  254. lpflOldProtect = &dwOldProtect;
  255. }
  257. return ORIGINAL_API(VirtualProtect)(lpAddress, dwSize, flNewProtect, lpflOldProtect);
  258. }
  260. /*++
  262. Win9x only allows 8192 for the size of the string
  264. --*/
  266. BOOL
  267. APIHOOK(GetTextExtentPoint32A)(
  268. HDC hdc,
  269. LPCSTR lpString,
  270. int cbString,
  271. LPSIZE lpSize
  272. )
  273. {
  275. if (cbString > MAX_WIN9X_STRSIZE) {
  276. //
  277. // Detected a bad string size, fix it.
  278. //
  280. if (!IsBadStringPtrA(lpString, cbString)) {
  281. cbString = strlen(lpString);
  282. LOGN(eDbgLevelError, "[GetTextExtentPoint32A] Bad parameter - fixing");
  283. } else {
  284. LOGN(eDbgLevelError, "[GetTextExtentPoint32A] Bad parameter - returning FALSE");
  285. return FALSE;
  286. }
  287. }
  289. return ORIGINAL_API(GetTextExtentPoint32A)(hdc, lpString, cbString, lpSize);
  290. }
  292. /*++
  294. Emulate Win9x bad pointer protection.
  296. --*/
  298. BOOL
  299. APIHOOK(GetMenuItemInfoA)(
  300. HMENU hMenu, // handle to menu
  301. UINT uItem, // menu item
  302. BOOL fByPosition, // meaning of uItem
  303. LPMENUITEMINFO lpmii // menu item information
  304. )
  305. {
  306. if (IsBadWritePtr(lpmii, sizeof(*lpmii))) {
  307. LOGN(eDbgLevelInfo, "[GetMenuItemInfoA] invalid lpmii pointer, returning FALSE");
  308. return FALSE;
  309. }
  311. if ((lpmii->fMask & MIIM_STRING || lpmii->fMask & MIIM_TYPE) && (lpmii->cch !=0)) {
  312. MENUITEMINFO MyMII={0};
  313. ULONG cch;
  315. MyMII.cbSize = sizeof(MyMII);
  316. MyMII.fMask = MIIM_STRING;
  318. if (ORIGINAL_API(GetMenuItemInfoA)(hMenu, uItem, fByPosition, &MyMII)) {
  319. cch = min(lpmii->cch, MyMII.cch + 1);
  321. if (IsBadWritePtr(lpmii->dwTypeData, cch)) {
  322. LOGN(eDbgLevelInfo, "[GetMenuItemInfoA] invalid pointer for string, clearing it");
  323. lpmii->dwTypeData = 0;
  324. }
  325. } else {
  326. DPFN(eDbgLevelError, "[GetMenuItemInfoA] Internal call to find string size fail (%08X)", GetLastError());
  327. }
  328. }
  330. return ORIGINAL_API(GetMenuItemInfoA)(hMenu, uItem, fByPosition, lpmii);
  331. }
  333. /*++
  335. Make sure format string for wsprintfA is not NULL
  337. --*/
  339. //Avoid wvsprintfA deprecated warning/error
  340. #pragma warning(disable : 4995)
  342. int
  343. APIHOOK(wsprintfA)(
  344. LPSTR lpOut,
  345. LPCSTR lpFmt,
  346. ...)
  347. {
  348. int iRet = 0;
  350. //
  351. // lpFmt can't be NULL, wvsprintfA throw AV
  352. //
  353. if (lpFmt == NULL) {
  354. if (!IsBadWritePtr(lpOut, 1)) {
  355. *lpOut = '\0';
  356. }
  357. DPFN( eDbgLevelInfo, "[wsprintfA] received NULL as format string");
  358. return iRet;
  359. }
  361. va_list arglist;
  363. va_start(arglist, lpFmt);
  364. iRet = wvsprintfA(lpOut, lpFmt, arglist);
  365. va_end(arglist);
  367. return iRet;
  368. }
  370. //Enable back deprecated warning/error
  371. #pragma warning(default : 4995)
  373. /*++
  375. Register hooked functions
  377. --*/
  379. HOOK_BEGIN
  381. APIHOOK_ENTRY(KERNEL32.DLL, BackupSeek)
  382. APIHOOK_ENTRY(KERNEL32.DLL, CreateEventA)
  383. APIHOOK_ENTRY(KERNEL32.DLL, CreateEventW)
  384. APIHOOK_ENTRY(KERNEL32.DLL, GetFileAttributesA)
  385. APIHOOK_ENTRY(KERNEL32.DLL, GetFileAttributesW)
  386. APIHOOK_ENTRY(KERNEL32.DLL, VirtualProtect)
  387. APIHOOK_ENTRY(GDI32.DLL, GetTextExtentPoint32A)
  388. APIHOOK_ENTRY(USER32.DLL, GetMenuItemInfoA)
  389. APIHOOK_ENTRY(USER32.DLL, wsprintfA)
  391. HOOK_END
  393. IMPLEMENT_SHIM_END