Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

179 lines
5.5 KiB

#define NOTRACE 1
#include "windows.h"
#include "util.h"
#include "faultrep.h"
#include "pchrexec.h"
#include "stdio.h"
#include "stdlib.h"
// ***************************************************************************
LPWSTR MarshallString(LPCWSTR wszSrc, PBYTE pBase, ULONG cbMaxBuf,
PBYTE *ppToWrite, DWORD *pcbWritten)
{
DWORD cb;
PBYTE pwszNormalized;
cb = (wcslen(wszSrc) + 1) * sizeof(WCHAR);
if ((*pcbWritten + cb) > cbMaxBuf)
return NULL;
RtlMoveMemory(*ppToWrite, wszSrc, cb);
// the normalized ptr is the current count
pwszNormalized = (PBYTE)(*ppToWrite - pBase);
// cb is always a mutliple of sizeof(WHCAR) so the pointer addition below
// always produces a result that is 2byte aligned (assuming the input was
// 2byte aligned of course)
*ppToWrite += cb;
*pcbWritten += cb;
return (LPWSTR)pwszNormalized;
}
// **************************************************************************
EFaultRepRetVal PrepareUserManifest(LPWSTR wszExe, DWORD dwSession,
DWORD dwProc, DWORD dwThread)
{
SPCHExecServDWRequest *pesdwreq = NULL;
SPCHExecServDWReply *pesrep = NULL;
EFaultRepRetVal frrvRet = frrvErrNoDW;
HRESULT hr = NOERROR;
DWORD cbReq, cbRead;
WCHAR wszName[MAX_PATH];
BYTE Buf[HANGREP_EXECSVC_BUF_SIZE], *pBuf;
BYTE BufRep[HANGREP_EXECSVC_BUF_SIZE];
VALIDATEPARM(hr, (wszExe == NULL));
if (FAILED(hr))
goto done;
ZeroMemory(&Buf, sizeof(Buf));
pesdwreq = (SPCHExecServDWRequest *)Buf;
cbReq = ((sizeof(SPCHExecServDWRequest) * sizeof(WCHAR)) + sizeof(WCHAR) - 1) / sizeof(WCHAR);
pBuf = Buf + cbReq;
pesdwreq->cbESR = sizeof(SPCHExecServDWRequest);
pesdwreq->pidReqProcess = dwProc;
pesdwreq->thidFault = dwThread;
pesdwreq->ulSessionId = dwSession;
pesdwreq->pvFaultAddr = (UINT64)UnhandledExceptionFilter;
#ifdef _WIN64
pesdwreq->fIs64bit = TRUE;
#else
pesdwreq->fIs64bit = FALSE;
#endif
// marshal in the strings
pesdwreq->wszExe = (UINT64)MarshallString(wszExe, Buf, sizeof(Buf), &pBuf,
&cbReq);
if (pesdwreq->wszExe == 0)
goto done;
pesdwreq->cbTotal = cbReq;
// check and see if the system is shutting down. If so, CreateProcess is
// gonna pop up some annoying UI that we can't get rid of, so we don't
// want to call it if we know it's gonna happen.
if (GetSystemMetrics(SM_SHUTTINGDOWN))
goto done;
// Send the buffer out to the server- wait at most 2m for this to
// succeed. If it times out, bail.
wcscpy(wszName, HANGREP_EXECSVC_DWPIPE);
TESTBOOL(hr, CallNamedPipeW(wszName, Buf, cbReq, &BufRep, sizeof(BufRep),
&cbRead, 120000));
if (FAILED(hr))
{
// determine the error code that indicates whether we've timed out so
// we can set the return code appropriately.
goto done;
}
pesrep = (SPCHExecServDWReply *)BufRep;
// did the call succeed?
VALIDATEEXPR(hr, (pesrep->fRet == FALSE), Err2HR(pesrep->dwErr));
if (FAILED(hr))
{
fprintf(stdout, "Named pipe call failed: 0x%08x\n", pesrep->dwErr);
SetLastError(pesrep->dwErr);
goto done;
}
else
{
fprintf(stdout, "Named pipe call success\n");
}
// gotta wait for DW to be done before we nuke the manifest file, but if
// it hasn't parsed it in 5 minutes, something's wrong with it.
if (WaitForSingleObject(pesrep->pi.hProcess, 300000) == WAIT_TIMEOUT)
{
frrvRet = frrvErrTimeout;
}
// we're only going to delete the files if DW has finished with them. Yes
// this means we can leave stray files in the temp dir, but this is better
// than having DW randomly fail while sending...
else
{
if (pesrep->wszDump != 0)
{
if (pesrep->wszDump < cbRead &&
pesrep->wszDump >= sizeof(SPCHExecServDWReply))
pesrep->wszDump += (UINT64)pesrep;
else
pesrep->wszDump = 0;
}
if (pesrep->wszDump != 0)
fprintf(stdout, "Dump file: %ls\n", pesrep->wszDump);
if (pesrep->wszManifest != 0)
{
if (pesrep->wszManifest < cbRead &&
pesrep->wszManifest >= sizeof(SPCHExecServDWReply))
pesrep->wszManifest += (UINT64)pesrep;
else
pesrep->wszManifest = 0;
}
if (pesrep->wszManifest != 0)
fprintf(stdout, "Manifest file: %ls\n", pesrep->wszDump);
}
CloseHandle(pesrep->pi.hProcess);
CloseHandle(pesrep->pi.hThread);
frrvRet = frrvOkManifest;
SetLastError(0);
done:
return frrvRet;
}
// **************************************************************************
void __cdecl wmain(int argc, WCHAR **argv)
{
DWORD dwPID;
DWORD dwThID;
DWORD dwSession;
WCHAR *wszExe;
if (argc < 4 || argc > 5)
{
fprintf(stdout, "Usage:\nmdpipe <exe name> <PID> <Thread ID> [<Session ID>]\n");
return;
}
wszExe = argv[1];
dwPID = _wtol(argv[2]);
dwThID = _wtol(argv[3]);
if (argc == 5)
dwSession = _wtol(argv[4]);
else
ProcessIdToSessionId(GetCurrentProcessId(), &dwSession);
PrepareUserManifest(wszExe, dwSession, dwPID, dwThID);
}