Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

3218 lines
85 KiB

/*++
Copyright (c) 1998-2001 Microsoft Corporation
Module Name:
dumpers.c
Abstract:
Dump routines for various structures.
Author:
Keith Moore (keithmo) 31-Jul-1998
Environment:
User Mode.
Revision History:
--*/
#include "precomp.h"
//
// Private constants.
//
#define MAX_NSGO_NAME_BUFFER 256
#define MAX_URL_PREFIX_BUFFER 256
#define MAX_RAW_VERB_BUFFER 16
#define MAX_RAW_URL_BUFFER 256
#define MAX_URL_BUFFER 256
#define MAX_HEADER_BUFFER 256
#define MAX_FILE_NAME_BUFFER 256
//
// Private prototypes.
//
BOOLEAN
DumpUnknownHeadersCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
);
BOOLEAN
DumpUriEntryCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
);
BOOLEAN
DumpApoolCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
);
#define ENDPOINT_GLOBAL_CALLBACK_CONTEXT_SIGNATURE ((ULONG) 'xGPE')
typedef struct _ENDPOINT_GLOBAL_CALLBACK_CONTEXT
{
ULONG Signature;
PSTR Prefix;
ENDPOINT_CONNS Verbosity;
} ENDPOINT_GLOBAL_CALLBACK_CONTEXT, *PENDPOINT_GLOBAL_CALLBACK_CONTEXT;
BOOLEAN
DumpEndpointCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
);
BOOLEAN
IrpListCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
);
BOOLEAN
ProcListCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
);
BOOLEAN
RequestListCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
);
BOOLEAN
DumpKQueueEntriesCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
);
BOOLEAN
FiltProcListCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
);
BOOLEAN
DumpUlActiveConnectionCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
);
BOOLEAN
DumpUlIdleConnectionCallback(
IN PSINGLE_LIST_ENTRY RemoteSListEntry,
IN PVOID Context
);
typedef struct _CONN_CALLBACK_CONTEXT
{
ULONG Signature;
LONG Index;
LONG SubIndex;
ENDPOINT_CONNS Verbosity;
PSTR Prefix;
} CONN_CALLBACK_CONTEXT, *PCONN_CALLBACK_CONTEXT;
#define CONN_CALLBACK_CONTEXT_SIGNATURE ((ULONG) 'xCcC')
//
// Private globals.
//
PSTR
g_RequestHeaderIDs[] =
{
"CacheControl",
"Connection",
"Date",
"KeepAlive",
"Pragma",
"Trailer",
"TransferEncoding",
"Upgrade",
"Via",
"Warning",
"Allow",
"ContentLength",
"ContentType",
"ContentEncoding",
"ContentLanguage",
"ContentLocation",
"ContentMd5",
"ContentRange",
"Expires",
"LastModified",
"Accept",
"AcceptCharset",
"AcceptEncoding",
"AcceptLanguage",
"Authorization",
"Cookie",
"Expect",
"From",
"Host",
"IfMatch",
"IfModifiedSince",
"IfNoneMatch",
"IfRange",
"IfUnmodifiedSince",
"MaxForwards",
"ProxyAuthorization",
"Referer",
"Range",
"Te",
"UserAgent"
};
PSTR
g_ResponseHeaderIDs[] =
{
"CacheControl",
"Connection",
"Date",
"KeepAlive",
"Pragma",
"Trailer",
"TransferEncoding",
"Upgrade",
"Via",
"Warning",
"Allow",
"ContentLength",
"ContentType",
"ContentEncoding",
"ContentLanguage",
"ContentLocation",
"ContentMd5",
"ContentRange",
"Expires",
"LastModified",
"AcceptRanges",
"Age",
"Etag",
"Location",
"ProxyAuthenticate",
"RetryAfter",
"Server",
"SetCookie",
"Vary",
"WwwAuthenticate"
};
VECTORMAP
g_MdlFlagVector[] =
{
VECTORMAP_ENTRY( MDL_MAPPED_TO_SYSTEM_VA ),
VECTORMAP_ENTRY( MDL_PAGES_LOCKED ),
VECTORMAP_ENTRY( MDL_SOURCE_IS_NONPAGED_POOL),
VECTORMAP_ENTRY( MDL_ALLOCATED_FIXED_SIZE ),
VECTORMAP_ENTRY( MDL_PARTIAL ),
VECTORMAP_ENTRY( MDL_PARTIAL_HAS_BEEN_MAPPED),
VECTORMAP_ENTRY( MDL_IO_PAGE_READ ),
VECTORMAP_ENTRY( MDL_WRITE_OPERATION ),
VECTORMAP_ENTRY( MDL_PARENT_MAPPED_SYSTEM_VA),
VECTORMAP_ENTRY( MDL_LOCK_HELD ),
VECTORMAP_ENTRY( MDL_PHYSICAL_VIEW ),
VECTORMAP_ENTRY( MDL_IO_SPACE ),
VECTORMAP_ENTRY( MDL_NETWORK_HEADER ),
VECTORMAP_ENTRY( MDL_MAPPING_CAN_FAIL ),
VECTORMAP_ENTRY( MDL_ALLOCATED_MUST_SUCCEED ),
VECTORMAP_END
};
//
// Public functions.
//
// If you modify DumpUlConnection, you may need to modify DumpUlConnectionLite
VOID
DumpUlConnection(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_CONNECTION LocalConnection
)
{
CHAR strSignature[MAX_SIGNATURE_LENGTH];
//
// Dump it.
//
dprintf(
"%s%sUL_CONNECTION @ %p\n"
"%s Signature = %08lx (%s)\n"
"%s ReferenceCount = %lu\n"
"%s ConnectionFlags = %08lx\n"
"%s AcceptPending = %ld\n"
"%s AcceptComplete = %ld\n"
"%s DisconnectPending = %ld\n"
"%s DisconnectComplete = %ld\n"
"%s AbortPending = %ld\n"
"%s AbortComplete = %ld\n"
"%s DisconnectIndicated = %ld\n"
"%s AbortIndicated = %ld\n"
"%s CleanupBegun = %ld\n"
"%s FinalReferenceRemoved = %ld\n"
#if REFERENCE_DEBUG
"%s pTraceLog = %p\n"
#endif // REFERENCE_DEBUG
"%s IdleSListEntry @ %p (%p)\n"
"%s ActiveListEntry @ %p (%p)\n"
"%s ConnectionObject @ %p\n"
"%s Handle = %p\n"
"%s pFileObject = %p\n"
"%s pDeviceObject = %p\n"
"%s pConnectionContext = %p\n"
"%s pOwningEndpoint = %p\n"
"%s WorkItem @ %p\n"
"%s LocalAddress = %x\n" // IPv6
"%s LocalPort = %d\n"
"%s RemoteAddress = %x\n" // IPv6
"%s RemotePort = %d\n"
"%s ConnectionId = %I64x\n"
"%s pFilterChannel = %p\n"
"%s ChannelEntry @ %p\n"
"%s FilterConnState = %ld\n"
"%s ConnectionDelivered = %ld\n"
"\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
LocalConnection->Signature,
SignatureToString(
LocalConnection->Signature,
UL_CONNECTION_SIGNATURE,
UL_CONNECTION_SIGNATURE_X,
strSignature
),
Prefix,
LocalConnection->ReferenceCount,
Prefix,
LocalConnection->ConnectionFlags.Value,
Prefix,
LocalConnection->ConnectionFlags.AcceptPending,
Prefix,
LocalConnection->ConnectionFlags.AcceptComplete,
Prefix,
LocalConnection->ConnectionFlags.DisconnectPending,
Prefix,
LocalConnection->ConnectionFlags.DisconnectComplete,
Prefix,
LocalConnection->ConnectionFlags.AbortPending,
Prefix,
LocalConnection->ConnectionFlags.AbortComplete,
Prefix,
LocalConnection->ConnectionFlags.DisconnectIndicated,
Prefix,
LocalConnection->ConnectionFlags.AbortIndicated,
Prefix,
LocalConnection->ConnectionFlags.CleanupBegun,
Prefix,
LocalConnection->ConnectionFlags.FinalReferenceRemoved,
#if REFERENCE_DEBUG
Prefix,
LocalConnection->pTraceLog,
#endif // REFERENCE_DEBUG
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_CONNECTION, IdleSListEntry ),
LocalConnection->IdleSListEntry.Next,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_CONNECTION, ActiveListEntry ),
LocalConnection->ActiveListEntry.Flink,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_CONNECTION, ConnectionObject ),
Prefix,
LocalConnection->ConnectionObject.Handle,
Prefix,
LocalConnection->ConnectionObject.pFileObject,
Prefix,
LocalConnection->ConnectionObject.pDeviceObject,
Prefix,
LocalConnection->pConnectionContext,
Prefix,
LocalConnection->pOwningEndpoint,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_CONNECTION, WorkItem ),
Prefix,
LocalConnection->LocalAddress,
Prefix,
LocalConnection->LocalPort,
Prefix,
LocalConnection->RemoteAddress,
Prefix,
LocalConnection->RemotePort,
Prefix,
LocalConnection->FilterInfo.ConnectionId,
Prefix,
LocalConnection->FilterInfo.pFilterChannel,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_CONNECTION, FilterInfo.ChannelEntry ),
Prefix,
(int) LocalConnection->FilterInfo.ConnState,
Prefix,
LocalConnection->FilterInfo.ConnectionDelivered
);
} // DumpUlConnection
VOID
DumpUlConnectionLite(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_CONNECTION LocalConnection
)
{
CHAR strSignature[MAX_SIGNATURE_LENGTH];
//
// Dump it.
//
dprintf(
"%s%sUL_CONNECTION @ %p\n",
Prefix,
CommandName,
RemoteAddress
);
if (LocalConnection->Signature != UL_CONNECTION_SIGNATURE)
{
dprintf(
"%s Signature = %08lx (%s)\n",
Prefix,
LocalConnection->Signature,
SignatureToString(
LocalConnection->Signature,
UL_CONNECTION_SIGNATURE,
UL_CONNECTION_SIGNATURE_X,
strSignature
)
);
}
dprintf(
"%s ReferenceCount = %lu\n"
"%s ConnectionFlags = %08lx\n",
Prefix,
LocalConnection->ReferenceCount,
Prefix,
LocalConnection->ConnectionFlags.Value
);
if (! HTTP_IS_NULL_ID(&LocalConnection->FilterInfo.ConnectionId))
{
dprintf(
"%s ConnectionId = %I64x\n",
Prefix,
LocalConnection->FilterInfo.ConnectionId
);
}
if (LocalConnection->ActiveListEntry.Flink != NULL)
{
dprintf(
"%s ActiveListEntry @ %p (%p)\n",
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_CONNECTION, ActiveListEntry ),
LocalConnection->ActiveListEntry.Flink
);
}
else
{
dprintf(
"%s IdleSListEntry @ %p (%p)\n",
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_CONNECTION, IdleSListEntry ),
LocalConnection->IdleSListEntry.Next
);
}
} // DumpUlConnectionLite
VOID
DumpHttpConnection(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_HTTP_CONNECTION LocalConnection
)
{
CHAR resourceState[MAX_RESOURCE_STATE_LENGTH];
CHAR strSignature[MAX_SIGNATURE_LENGTH];
//
// Dump the easy parts.
//
dprintf(
"%s%sUL_HTTP_CONNECTION @ %p\n"
"%s Signature = %08lx (%s)\n"
"%s ConnectionId = %I64x\n"
"%s WorkItem @ %p\n"
"%s RefCount = %lu\n"
"%s NextRecvNumber = %lu\n"
"%s NextBufferNumber = %lu\n"
"%s NextBufferToParse = %lu\n"
"%s pConnection = %p\n"
"%s pRequest = %p\n"
"%s Resource @ %p (%s)\n"
"%s BufferHead @ %p%s\n"
"%s BindingHead @ %p%s\n"
"%s pCurrentBuffer = %p\n"
"%s NeedMoreData = %lu\n"
"%s UlconnDestroyed = %lu\n"
"%s WaitingForResponse = %lu\n"
"%s WaitForDisconnectHead @ %p\n"
"%s DisconnectFlag = %s\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
LocalConnection->Signature,
SignatureToString(
LocalConnection->Signature,
UL_HTTP_CONNECTION_POOL_TAG,
0,
strSignature
),
Prefix,
LocalConnection->ConnectionId,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_HTTP_CONNECTION, WorkItem ),
Prefix,
LocalConnection->RefCount,
Prefix,
LocalConnection->NextRecvNumber,
Prefix,
LocalConnection->NextBufferNumber,
Prefix,
LocalConnection->NextBufferToParse,
Prefix,
LocalConnection->pConnection,
Prefix,
LocalConnection->pRequest,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_HTTP_CONNECTION, Resource ),
BuildResourceState( &LocalConnection->Resource, resourceState ),
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_HTTP_CONNECTION, BufferHead ),
IS_LIST_EMPTY(
LocalConnection,
RemoteAddress,
UL_HTTP_CONNECTION,
BufferHead,
) ? " (EMPTY)" : "",
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_HTTP_CONNECTION, BindingHead ),
IS_LIST_EMPTY(
LocalConnection,
RemoteAddress,
UL_HTTP_CONNECTION,
BindingHead,
) ? " (EMPTY)" : "",
Prefix,
LocalConnection->pCurrentBuffer,
Prefix,
LocalConnection->NeedMoreData,
Prefix,
LocalConnection->UlconnDestroyed,
Prefix,
LocalConnection->WaitingForResponse,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_HTTP_CONNECTION, WaitForDisconnectHead ),
Prefix,
LocalConnection->DisconnectFlag ? "TRUE" : "FALSE"
);
#if REFERENCE_DEBUG
dprintf(
"%s pTraceLog = %p\n",
Prefix,
LocalConnection->pTraceLog
);
#endif
dprintf( "\n" );
} // DumpHttpConnection
VOID
DumpHttpRequest(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_INTERNAL_REQUEST LocalRequest
)
{
UCHAR rawVerbBuffer[MAX_RAW_VERB_BUFFER];
UCHAR rawURLBuffer[MAX_RAW_URL_BUFFER];
UCHAR urlBuffer[MAX_URL_BUFFER];
CHAR resourceState[MAX_RESOURCE_STATE_LENGTH];
CHAR strSignature[MAX_SIGNATURE_LENGTH];
ULONG i;
//
// Try to read the raw verb, raw url, and url buffers.
//
READ_REMOTE_STRING(
rawVerbBuffer,
sizeof(rawVerbBuffer),
LocalRequest->pRawVerb,
LocalRequest->RawVerbLength
);
READ_REMOTE_STRING(
rawURLBuffer,
sizeof(rawURLBuffer),
LocalRequest->RawUrl.pUrl,
LocalRequest->RawUrl.Length
);
READ_REMOTE_STRING(
urlBuffer,
sizeof(urlBuffer),
LocalRequest->CookedUrl.pUrl,
LocalRequest->CookedUrl.Length
);
//
// Dump the easy parts.
//
dprintf(
"%s%sHTTP_REQUEST @ %p\n"
"%s Signature = %08lx (%s)\n"
"%s RefCount = %lu\n"
"%s RequestId = %I64x\n"
"%s ConnectionId = %I64x\n"
"%s pHttpConn = %p\n"
"%s WorkItem @ %p\n"
"%s AppPool.QueueState = %s\n"
"%s AppPool.pProcess = %p\n"
"%s AppPool.AppPoolEntry @ %p\n"
"%s pConfigInfo = %p\n"
"%s RecvNumber = %lu\n"
"%s ParseState = %d (%s)\n"
"%s ErrorCode = %lu\n"
"%s TotalRequestSize = %lu\n"
"%s UnknownHeaderCount = %lu\n"
"%s Verb = %s\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
LocalRequest->Signature,
SignatureToString(
LocalRequest->Signature,
UL_INTERNAL_REQUEST_POOL_TAG,
0,
strSignature
),
Prefix,
LocalRequest->RefCount,
Prefix,
LocalRequest->RequestId,
Prefix,
LocalRequest->ConnectionId,
Prefix,
LocalRequest->pHttpConn,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_INTERNAL_REQUEST, WorkItem ),
Prefix,
QueueStateToString( LocalRequest->AppPool.QueueState ),
Prefix,
LocalRequest->AppPool.pProcess,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_INTERNAL_REQUEST, AppPool.AppPoolEntry ),
Prefix,
&LocalRequest->ConfigInfo,
Prefix,
LocalRequest->RecvNumber,
Prefix,
LocalRequest->ParseState,
ParseStateToString( LocalRequest->ParseState ),
Prefix,
LocalRequest->ErrorCode,
Prefix,
LocalRequest->TotalRequestSize,
Prefix,
LocalRequest->UnknownHeaderCount,
Prefix,
VerbToString( LocalRequest->Verb )
);
dprintf(
"%s pRawVerb = %p (%s)\n"
"%s RawVerbLength = %lu\n"
"%s RawUrl.pUrl = %p (%s)\n"
"%s RawUrl.pHost = %p\n"
"%s RawUrl.pAbsPath = %p\n"
"%s RawUrl.Length = %lu\n"
"%s CookedUrl.pUrl = %p (%ws)\n"
"%s CookedUrl.pHost = %p\n"
"%s CookedUrl.pAbsPath = %p\n"
"%s CookedUrl.pQueryString = %p\n"
"%s CookedUrl.Length = %lu\n"
"%s CookedUrl.Hash = %08lx\n"
"%s Version = %s\n"
"%s Headers @ %p\n"
"%s UnknownHeaderList @ %p%s\n",
Prefix,
LocalRequest->pRawVerb,
rawVerbBuffer,
Prefix,
LocalRequest->RawVerbLength,
Prefix,
LocalRequest->RawUrl.pUrl,
rawURLBuffer,
Prefix,
LocalRequest->RawUrl.pHost,
Prefix,
LocalRequest->RawUrl.pAbsPath,
Prefix,
LocalRequest->RawUrl.Length,
Prefix,
LocalRequest->CookedUrl.pUrl,
urlBuffer,
Prefix,
LocalRequest->CookedUrl.pHost,
Prefix,
LocalRequest->CookedUrl.pAbsPath,
Prefix,
LocalRequest->CookedUrl.pQueryString,
Prefix,
LocalRequest->CookedUrl.Length,
Prefix,
LocalRequest->CookedUrl.Hash,
Prefix,
VersionToString( LocalRequest->Version ),
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_INTERNAL_REQUEST, Headers ),
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_INTERNAL_REQUEST, UnknownHeaderList ),
IS_LIST_EMPTY(
LocalRequest,
RemoteAddress,
UL_INTERNAL_REQUEST,
UnknownHeaderList
) ? " (EMPTY)" : ""
);
dprintf(
"%s ContentLength = %I64u\n"
"%s ChunkBytesToParse = %I64u\n"
"%s ChunkBytesParsed = %I64u\n"
"%s ChunkBytesToRead = %I64u\n"
"%s ChunkBytesRead = %I64u\n"
"%s Chunked = %lu\n"
"%s ParsedFirstChunk = %lu\n"
"%s SentResponse = %lu\n"
"%s SentLast = %lu\n"
"%s pHeaderBuffer = %p\n"
"%s pLastHeaderBuffer = %p\n"
"%s IrpHead @ %p%s\n"
"%s pChunkBuffer = %p\n"
"%s pChunkLocation = %p\n",
Prefix,
LocalRequest->ContentLength,
Prefix,
LocalRequest->ChunkBytesToParse,
Prefix,
LocalRequest->ChunkBytesParsed,
Prefix,
LocalRequest->ChunkBytesToRead,
Prefix,
LocalRequest->ChunkBytesRead,
Prefix,
LocalRequest->Chunked,
Prefix,
LocalRequest->ParsedFirstChunk,
Prefix,
LocalRequest->SentResponse,
Prefix,
LocalRequest->SentLast,
Prefix,
LocalRequest->pHeaderBuffer,
Prefix,
LocalRequest->pLastHeaderBuffer,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_INTERNAL_REQUEST, IrpHead ),
IS_LIST_EMPTY(
LocalRequest,
RemoteAddress,
UL_INTERNAL_REQUEST,
IrpHead
) ? " (EMPTY)" : "",
Prefix,
LocalRequest->pChunkBuffer,
Prefix,
LocalRequest->pChunkLocation
);
#if REFERENCE_DEBUG
dprintf(
"%s pTraceLog = %p\n",
Prefix,
LocalRequest->pTraceLog
);
#endif
//
// Dump the known headers.
//
for (i = 0 ; i < HttpHeaderRequestMaximum ; i++)
{
if (LocalRequest->HeaderValid[i])
{
DumpHttpHeader(
Prefix,
"",
(ULONG_PTR)REMOTE_OFFSET( RemoteAddress, UL_INTERNAL_REQUEST, Headers[i] ),
&LocalRequest->Headers[i],
i,
g_RequestHeaderIDs
);
}
}
//
// Dump the unknown headers.
//
EnumLinkedList(
(PLIST_ENTRY)REMOTE_OFFSET( RemoteAddress, UL_INTERNAL_REQUEST, UnknownHeaderList ),
&DumpUnknownHeadersCallback,
Prefix
);
} // DumpHttpRequest
VOID
DumpHttpResponse(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_INTERNAL_RESPONSE LocalResponse
)
{
ULONG i;
CHAR strSignature[MAX_SIGNATURE_LENGTH];
//
// Dump the easy parts.
//
dprintf(
"%s%sUL_INTERNAL_RESPONSE @ %p\n"
"%s Signature = %08lx (%s)\n"
"%s ReferenceCount = %d\n"
"%s CompleteIrpEarly = %d\n"
"%s ContentLengthSpecified = %d\n"
"%s ChunkedSpecified = %d\n"
"%s StatusCode = %lu\n"
"%s Verb = %s\n"
"%s HeaderLength = %u\n"
"%s pHeaders = %p\n"
"%s AuxBufferLength = %u\n"
"%s pAuxiliaryBuffer = %p\n"
"%s MaxFileSystemStackSize = %d\n"
"%s ResponseLength = %I64u\n"
"%s ChunkCount = %d\n"
"\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
LocalResponse->Signature,
SignatureToString(
LocalResponse->Signature,
UL_INTERNAL_RESPONSE_POOL_TAG,
MAKE_FREE_TAG( UL_INTERNAL_RESPONSE_POOL_TAG ),
strSignature
),
Prefix,
LocalResponse->ReferenceCount,
Prefix,
LocalResponse->CompleteIrpEarly,
Prefix,
LocalResponse->ContentLengthSpecified,
Prefix,
LocalResponse->ChunkedSpecified,
Prefix,
(ULONG)LocalResponse->StatusCode,
Prefix,
VerbToString( LocalResponse->Verb ),
Prefix,
LocalResponse->HeaderLength,
Prefix,
LocalResponse->pHeaders,
Prefix,
LocalResponse->AuxBufferLength,
Prefix,
LocalResponse->pAuxiliaryBuffer,
Prefix,
LocalResponse->MaxFileSystemStackSize,
Prefix,
LocalResponse->ResponseLength,
Prefix,
LocalResponse->ChunkCount
);
//
// Dump the chunks
//
for (i = 0; i < LocalResponse->ChunkCount; i++) {
UL_INTERNAL_DATA_CHUNK chunk;
ULONG_PTR address;
ULONG result;
address = (ULONG_PTR)REMOTE_OFFSET(
RemoteAddress,
UL_INTERNAL_RESPONSE,
pDataChunks
) + (i * sizeof(UL_INTERNAL_DATA_CHUNK));
if (!ReadMemory(
address,
&chunk,
sizeof(chunk),
&result
))
{
dprintf(
"%s: cannot read UL_INTERNAL_DATA_CHUNK @ %p\n",
CommandName,
address
);
break;
}
DumpDataChunk(
" ",
CommandName,
address,
&chunk
);
}
} // DumpHttpResponse
VOID
DumpDataChunk(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_INTERNAL_DATA_CHUNK Chunk
)
{
dprintf("%s%sUL_INTERNAL_DATA_CHUNK @ %p\n", Prefix, CommandName, RemoteAddress);
switch (Chunk->ChunkType) {
case HttpDataChunkFromMemory:
dprintf(
"%s ChunkType = HttpDataChunkFromMemory\n"
"%s pMdl = %p\n"
"%s pCopiedBuffer = %p\n"
"%s pUserBuffer = %p\n"
"%s BufferLength = %u\n",
Prefix,
Prefix,
Chunk->FromMemory.pMdl,
Prefix,
Chunk->FromMemory.pCopiedBuffer,
Prefix,
Chunk->FromMemory.pUserBuffer,
Prefix,
Chunk->FromMemory.BufferLength
);
break;
case HttpDataChunkFromFileName:
dprintf(
"%s ChunkType = HttpDataChunkFromFileName\n"
"%s ByteRange = [offset %I64d, len %I64d]\n"
"%s FileName = %ws\n"
"%s pFileCacheEntry = %p\n",
Prefix,
Prefix,
Chunk->FromFile.ByteRange.StartingOffset.QuadPart,
Chunk->FromFile.ByteRange.Length.QuadPart,
Prefix,
Chunk->FromFile.FileName.Buffer,
Prefix,
Chunk->FromFile.pFileCacheEntry
);
break;
case HttpDataChunkFromFileHandle:
dprintf(
"%s ChunkType = HttpDataChunkFromFileHandle\n"
"%s ByteRange = [offset %I64d, len %I64d]\n"
"%s FileHandle = %p\n"
"%s pFileCacheEntry = %p\n",
Prefix,
Prefix,
Chunk->FromFile.ByteRange.StartingOffset.QuadPart,
Chunk->FromFile.ByteRange.Length.QuadPart,
Prefix,
Chunk->FromFile.FileHandle,
Prefix,
Chunk->FromFile.pFileCacheEntry
);
break;
default:
dprintf(
"%s ChunkType = <Invalid>\n",
Prefix
);
break;
}
} // DumpDataChunk
VOID
DumpReceiveBuffer(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_RECEIVE_BUFFER LocalBuffer
)
{
CHAR strSignature[MAX_SIGNATURE_LENGTH];
dprintf(
"%s%sUL_RECEIVE_BUFFER @ %p\n"
"%s LookasideEntry @ %p\n"
"%s Signature = %08lx (%s)\n"
"%s pIrp = %p\n"
"%s pMdl = %p\n"
"%s pPartialMdl = %p\n"
"%s pDataArea = %p\n"
"%s pConnection = %p\n"
"\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_RECEIVE_BUFFER, LookasideEntry ),
Prefix,
LocalBuffer->Signature,
SignatureToString(
LocalBuffer->Signature,
UL_RECEIVE_BUFFER_SIGNATURE,
UL_RECEIVE_BUFFER_SIGNATURE_X,
strSignature
),
Prefix,
LocalBuffer->pIrp,
Prefix,
LocalBuffer->pMdl,
Prefix,
LocalBuffer->pPartialMdl,
Prefix,
LocalBuffer->pDataArea,
Prefix,
LocalBuffer->pConnectionContext
);
} // DumpReceiveBuffer
VOID
DumpRequestBuffer(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_REQUEST_BUFFER LocalBuffer
)
{
CHAR strSignature[MAX_SIGNATURE_LENGTH];
dprintf(
"%s%sUL_REQUEST_BUFFER @ %p\n"
"%s Signature = %08lx (%s)\n"
"%s ListEntry @ %p\n"
"%s pConnection = %p\n"
"%s WorkItem @ %p\n"
"%s UsedBytes = %lu\n"
"%s AllocBytes = %lu\n"
"%s ParsedBytes = %lu\n"
"%s BufferNumber = %lu\n"
"%s JumboBuffer = %lu\n"
"%s pBuffer @ %p\n"
"\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
LocalBuffer->Signature,
SignatureToString(
LocalBuffer->Signature,
UL_REQUEST_BUFFER_POOL_TAG,
MAKE_FREE_TAG( UL_REQUEST_BUFFER_POOL_TAG ),
strSignature
),
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_REQUEST_BUFFER, ListEntry ),
Prefix,
LocalBuffer->pConnection,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_REQUEST_BUFFER, WorkItem ),
Prefix,
LocalBuffer->UsedBytes,
Prefix,
LocalBuffer->AllocBytes,
Prefix,
LocalBuffer->ParsedBytes,
Prefix,
LocalBuffer->BufferNumber,
Prefix,
LocalBuffer->JumboBuffer,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_REQUEST_BUFFER, pBuffer )
);
} // DumpRequestBuffer
VOID
DumpUlEndpoint(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_ENDPOINT LocalEndpoint,
IN ENDPOINT_CONNS Verbosity
)
{
PTRANSPORT_ADDRESS pTransportAddress;
UCHAR addressBuffer[MAX_TRANSPORT_ADDRESS_LENGTH];
CHAR connectionRequestSymbol[MAX_SYMBOL_LENGTH];
CHAR connectionCompleteSymbol[MAX_SYMBOL_LENGTH];
CHAR connectionDisconnectSymbol[MAX_SYMBOL_LENGTH];
CHAR connectionDestroyedSymbol[MAX_SYMBOL_LENGTH];
CHAR dataReceiveSymbol[MAX_SYMBOL_LENGTH];
CHAR tmpSymbol[MAX_SYMBOL_LENGTH];
CHAR strSignature[MAX_SIGNATURE_LENGTH];
ULONG offset;
ULONG result;
BOOLEAN NoActiveConns;
int i;
//
// Read the local address if it fits into our stack buffer.
//
pTransportAddress = NULL;
if (LocalEndpoint->LocalAddressLength <= sizeof(addressBuffer))
{
if (ReadMemory(
(ULONG_PTR)LocalEndpoint->pLocalAddress,
addressBuffer,
LocalEndpoint->LocalAddressLength,
&result
))
{
pTransportAddress = (PTRANSPORT_ADDRESS)addressBuffer;
}
}
//
// Try to resolve the callback symbols.
//
BuildSymbol(
LocalEndpoint->pConnectionRequestHandler,
connectionRequestSymbol
);
BuildSymbol(
LocalEndpoint->pConnectionCompleteHandler,
connectionCompleteSymbol
);
BuildSymbol(
LocalEndpoint->pConnectionDisconnectHandler,
connectionDisconnectSymbol
);
BuildSymbol(
LocalEndpoint->pConnectionDestroyedHandler,
connectionDestroyedSymbol
);
BuildSymbol(
LocalEndpoint->pDataReceiveHandler,
dataReceiveSymbol
);
NoActiveConns = TRUE;
for (i = 0; i < DEFAULT_MAX_CONNECTION_ACTIVE_LISTS; ++i)
{
NoActiveConns &= IS_LIST_EMPTY(
LocalEndpoint,
RemoteAddress,
UL_ENDPOINT,
ActiveConnectionListHead[i]
);
}
//
// Dump it.
//
dprintf(
"%s%sUL_ENDPOINT @ %p\n"
"%s Signature = %08lx (%s)\n"
"%s ReferenceCount = %ld\n"
"%s UsageCount = %ld\n"
"%s GlobalEndpointListEntry @ %p%s\n"
"%s IdleConnectionSListHead @ %p (%hd entries)\n"
"%s ActiveConnectionListHead @ %p%s\n"
"%s EndpointSpinLock @ %p (%s)\n"
"%s AddressObject @ %p\n"
"%s Handle = %p\n"
"%s pFileObject = %p\n"
"%s pDeviceObject = %p\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
LocalEndpoint->Signature,
SignatureToString(
LocalEndpoint->Signature,
UL_ENDPOINT_SIGNATURE,
UL_ENDPOINT_SIGNATURE_X,
strSignature
),
Prefix,
LocalEndpoint->ReferenceCount,
Prefix,
LocalEndpoint->UsageCount,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_ENDPOINT, GlobalEndpointListEntry ),
LocalEndpoint->GlobalEndpointListEntry.Flink == NULL
? " (DISCONNECTED)"
: "",
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_ENDPOINT, IdleConnectionSListHead ),
SLIST_HEADER_DEPTH(&LocalEndpoint->IdleConnectionSListHead),
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_ENDPOINT, ActiveConnectionListHead ),
NoActiveConns ? " (EMPTY)" : "",
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_ENDPOINT, EndpointSpinLock ),
GetSpinlockState( &LocalEndpoint->EndpointSpinLock ),
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_ENDPOINT, AddressObject ),
Prefix,
LocalEndpoint->AddressObject.Handle,
Prefix,
LocalEndpoint->AddressObject.pFileObject,
Prefix,
LocalEndpoint->AddressObject.pDeviceObject
);
dprintf(
"%s pConnectionRequestHandler = %p %s\n"
"%s pConnectionCompleteHandler = %p %s\n"
"%s pConnectionDisconnectHandler = %p %s\n"
"%s pConnectionDestroyedHandler = %p %s\n"
"%s pDataReceiveHandler = %p %s\n"
"%s pListeningContext = %p\n"
"%s pLocalAddress = %p\n"
"%s LocalAddressLength = %lu\n",
Prefix,
LocalEndpoint->pConnectionRequestHandler,
connectionRequestSymbol,
Prefix,
LocalEndpoint->pConnectionCompleteHandler,
connectionCompleteSymbol,
Prefix,
LocalEndpoint->pConnectionDisconnectHandler,
connectionDisconnectSymbol,
Prefix,
LocalEndpoint->pConnectionDestroyedHandler,
connectionDestroyedSymbol,
Prefix,
LocalEndpoint->pDataReceiveHandler,
dataReceiveSymbol,
Prefix,
LocalEndpoint->pListeningContext,
Prefix,
LocalEndpoint->pLocalAddress,
Prefix,
LocalEndpoint->LocalAddressLength
);
if (pTransportAddress != NULL)
{
CHAR newPrefix[256];
sprintf( newPrefix, "%s ", Prefix );
DumpTransportAddress(
newPrefix,
pTransportAddress,
(ULONG_PTR)LocalEndpoint->pLocalAddress
);
}
dprintf(
#if ENABLE_OWNER_REF_TRACE
"%s pOwnerRefTraceLog = %p\n"
#endif
"%s WorkItem @ %p\n"
"%s EndpointSynch @ %p\n"
"%s ReplenishScheduled = %d\n"
"%s IdleConnections = %d\n"
"\n",
#if ENABLE_OWNER_REF_TRACE
Prefix,
LocalEndpoint->pOwnerRefTraceLog,
#endif
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_ENDPOINT, WorkItem ),
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_ENDPOINT, EndpointSynch ),
Prefix,
LocalEndpoint->EndpointSynch.ReplenishScheduled,
Prefix,
LocalEndpoint->EndpointSynch.IdleConnections
);
if (Verbosity != ENDPOINT_NO_CONNS)
{
CONN_CALLBACK_CONTEXT ConnContext;
ConnContext.Signature = CONN_CALLBACK_CONTEXT_SIGNATURE;
ConnContext.Index = 0;
ConnContext.SubIndex = 0;
ConnContext.Verbosity = Verbosity;
ConnContext.Prefix = "";
if (! NoActiveConns)
{
dprintf(
"\n"
"%s Active Connections\n",
Prefix);
for (i = 0; i < DEFAULT_MAX_CONNECTION_ACTIVE_LISTS; ++i)
{
if (! IS_LIST_EMPTY(LocalEndpoint,
RemoteAddress,
UL_ENDPOINT,
ActiveConnectionListHead[i]))
{
CHAR newPrefix[256];
sprintf( newPrefix, "%s %2d ", Prefix, i );
dprintf(
"\n"
"%s Active Connections[%d]\n",
Prefix);
ConnContext.Index = i;
ConnContext.SubIndex = 0;
ConnContext.Prefix = newPrefix;
EnumLinkedList(
(PLIST_ENTRY) REMOTE_OFFSET(RemoteAddress, UL_ENDPOINT,
ActiveConnectionListHead[i]),
&DumpUlActiveConnectionCallback,
&ConnContext
);
}
}
}
if (SLIST_HEADER_NEXT(&LocalEndpoint->IdleConnectionSListHead) != NULL)
{
dprintf(
"\n"
"%s Idle Connections, slist depth = %hd\n",
Prefix,
SLIST_HEADER_DEPTH(&LocalEndpoint->IdleConnectionSListHead)
);
ConnContext.Index = 0;
ConnContext.SubIndex = 0;
ConnContext.Prefix = Prefix;
EnumSList(
(PSLIST_HEADER) REMOTE_OFFSET(RemoteAddress, UL_ENDPOINT,
IdleConnectionSListHead),
&DumpUlIdleConnectionCallback,
&ConnContext
);
}
}
#ifdef _WIN64
else
{
dprintf("\n"
" Cannot enumerate Idle Connections SList on Win64 :-(\n");
}
#endif // _WIN64
} // DumpUlEndpoint
VOID
DumpAllEndpoints(
IN ENDPOINT_CONNS Verbosity
)
{
ULONG_PTR address = GetExpression("&http!g_TdiEndpointListHead");
ENDPOINT_GLOBAL_CALLBACK_CONTEXT Context;
if (!address) {
dprintf(
"!endp *: cannot find symbol for http!g_TdiEndpointListHead\n"
);
return;
}
Context.Signature = ENDPOINT_GLOBAL_CALLBACK_CONTEXT_SIGNATURE ;
Context.Verbosity = Verbosity;
Context.Prefix = "";
EnumLinkedList(
(PLIST_ENTRY) address,
&DumpEndpointCallback,
&Context
);
}
VOID
DumpUlRequest(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PHTTP_REQUEST LocalRequest
)
{
UCHAR rawVerbBuffer[MAX_RAW_VERB_BUFFER];
UCHAR rawURLBuffer[MAX_RAW_URL_BUFFER];
UCHAR urlBuffer[MAX_URL_BUFFER];
//
// Try to read the raw verb, raw url, and url buffers.
//
READ_REMOTE_STRING(
rawVerbBuffer,
sizeof(rawVerbBuffer),
LocalRequest->pUnknownVerb,
LocalRequest->UnknownVerbLength
);
READ_REMOTE_STRING(
rawURLBuffer,
sizeof(rawURLBuffer),
LocalRequest->pRawUrl,
LocalRequest->RawUrlLength
);
READ_REMOTE_STRING(
urlBuffer,
sizeof(urlBuffer),
LocalRequest->CookedUrl.pFullUrl,
LocalRequest->CookedUrl.FullUrlLength
);
//
// Dump the easy parts.
//
dprintf(
"%s%sHTTP_REQUEST @ %p:\n"
"%s ConnectionId = %I64x\n"
"%s RequestId = %I64x\n"
"%s Verb = %s\n"
"%s VerbLength = %lu\n"
"%s VerbOffset = %p (%S)\n"
"%s RawUrlLength = %lu\n"
"%s RawUrlOffset = %p (%S)\n"
"%s UrlLength = %lu\n"
"%s UrlOffset = %p (%S)\n"
"%s UnknownHeaderCount = %lu\n"
"%s UnknownHeaderOffset = %p\n"
"%s EntityBodyLength = %lu\n"
"%s EntityBodyOffset = %p\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
LocalRequest->ConnectionId,
Prefix,
LocalRequest->RequestId,
Prefix,
VerbToString( LocalRequest->Verb ),
Prefix,
LocalRequest->UnknownVerbLength,
Prefix,
LocalRequest->pUnknownVerb,
rawVerbBuffer,
Prefix,
LocalRequest->RawUrlLength,
Prefix,
LocalRequest->pRawUrl,
rawURLBuffer,
Prefix,
LocalRequest->CookedUrl.FullUrlLength,
Prefix,
LocalRequest->CookedUrl.pFullUrl,
urlBuffer,
Prefix,
LocalRequest->Headers.UnknownHeaderCount,
Prefix,
LocalRequest->Headers.pUnknownHeaders,
Prefix,
LocalRequest->pEntityChunks->FromMemory.BufferLength,
Prefix,
LocalRequest->pEntityChunks->FromMemory.pBuffer
);
} // DumpUlRequest
VOID
DumpHttpHeader(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_HTTP_HEADER LocalHeader,
IN ULONG HeaderOrdinal,
IN PSTR *pHeaderIdMap
)
{
UCHAR headerBuffer[MAX_HEADER_BUFFER];
READ_REMOTE_STRING(
headerBuffer,
sizeof(headerBuffer),
LocalHeader->pHeader,
LocalHeader->HeaderLength
);
dprintf(
"%s%s UL_HTTP_HEADER[%lu] @ %p (%s):\n"
"%s HeaderLength = %lu\n"
"%s pHeader = %p (%s)\n"
"%s OurBuffer = %lu\n"
"%s Valid = %lu\n",
Prefix,
CommandName,
HeaderOrdinal,
RemoteAddress,
pHeaderIdMap[HeaderOrdinal],
Prefix,
LocalHeader->HeaderLength,
Prefix,
LocalHeader->pHeader,
headerBuffer,
Prefix,
LocalHeader->OurBuffer,
Prefix,
1
);
} // DumpHttpHeader
VOID
DumpUnknownHeader(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_HTTP_UNKNOWN_HEADER LocalHeader
)
{
UCHAR headerName[MAX_HEADER_BUFFER];
UCHAR headerValue[MAX_HEADER_BUFFER];
READ_REMOTE_STRING(
headerName,
sizeof(headerName),
LocalHeader->pHeaderName,
LocalHeader->HeaderNameLength
);
READ_REMOTE_STRING(
headerValue,
sizeof(headerValue),
LocalHeader->HeaderValue.pHeader,
LocalHeader->HeaderValue.HeaderLength
);
dprintf(
"%s%s HTTP_UNKNOWN_HEADER @ %p:\n"
"%s List @ %p\n"
"%s HeaderNameLength = %lu\n"
"%s pHeaderName = %p (%s)\n"
"%s HeaderValue @ %p\n"
"%s HeaderLength = %lu\n"
"%s pHeader = %p (%s)\n"
"%s OurBuffer = %lu\n"
"%s Valid = %lu\n",
"%s ExternalAllocated = %lu\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_HTTP_UNKNOWN_HEADER, List ),
Prefix,
LocalHeader->HeaderNameLength,
Prefix,
LocalHeader->pHeaderName,
headerName,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_HTTP_UNKNOWN_HEADER, HeaderValue ),
Prefix,
LocalHeader->HeaderValue.HeaderLength,
Prefix,
LocalHeader->HeaderValue.pHeader,
headerValue,
Prefix,
LocalHeader->HeaderValue.OurBuffer,
Prefix,
1,
Prefix,
LocalHeader->HeaderValue.ExternalAllocated
);
} // DumpUnknownHeader
VOID
DumpFileCacheEntry(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_FILE_CACHE_ENTRY LocalFile
)
{
ULONG result;
ULONG_PTR offset;
ULONG nameLength;
WCHAR fileNameBuffer[MAX_PATH+1];
CHAR mdlReadSymbol[MAX_SYMBOL_LENGTH];
CHAR mdlReadCompleteSymbol[MAX_SYMBOL_LENGTH];
CHAR strSignature[MAX_SIGNATURE_LENGTH];
nameLength = min( sizeof(fileNameBuffer), (ULONG)LocalFile->FileName.Length );
if (!ReadMemory(
(ULONG_PTR)LocalFile->FileName.Buffer,
fileNameBuffer,
nameLength,
&result
))
{
nameLength = 0;
}
fileNameBuffer[nameLength / sizeof(WCHAR)] = L'\0';
GetSymbol(
LocalFile->pMdlRead,
mdlReadSymbol,
&offset
);
GetSymbol(
LocalFile->pMdlReadComplete,
mdlReadCompleteSymbol,
&offset
);
dprintf(
"%s%sUL_FILE_CACHE_ENTRY @ %p\n"
"%s Signature = %08lx (%s)\n"
"%s ReferenceCount = %lu\n"
"%s pFileObject = %p\n"
"%s pDeviceObject = %p\n"
"%s pMdlRead = %p %s\n"
"%s pMdlReadComplete = %p %s\n"
"%s FileName @ %p (%ws)\n"
"%s FileHandle = %p\n"
"%s WorkItem @ %p\n"
"%s FileInfo @ %p\n"
"%s AllocationSize = %I64u\n"
"%s EndOfFile = %I64u\n"
"%s NumberOfLinks = %lu\n"
"%s DeletePending = %lu\n"
"%s Directory = %lu\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
LocalFile->Signature,
SignatureToString(
LocalFile->Signature,
UL_FILE_CACHE_ENTRY_SIGNATURE,
UL_FILE_CACHE_ENTRY_SIGNATURE_X,
strSignature
),
Prefix,
LocalFile->ReferenceCount,
Prefix,
LocalFile->pFileObject,
Prefix,
LocalFile->pDeviceObject,
Prefix,
LocalFile->pMdlRead,
mdlReadSymbol,
Prefix,
LocalFile->pMdlReadComplete,
mdlReadCompleteSymbol,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_FILE_CACHE_ENTRY, FileName ),
fileNameBuffer,
Prefix,
LocalFile->FileHandle,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_FILE_CACHE_ENTRY, WorkItem ),
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_FILE_CACHE_ENTRY, FileInfo ),
Prefix,
LocalFile->FileInfo.AllocationSize.QuadPart,
Prefix,
LocalFile->FileInfo.EndOfFile.QuadPart,
Prefix,
LocalFile->FileInfo.NumberOfLinks,
Prefix,
(ULONG)LocalFile->FileInfo.DeletePending,
Prefix,
(ULONG)LocalFile->FileInfo.Directory
);
} // DumpFileCacheEntry
#if 0
// BUGBUG: GeorgeRe must fix
VOID
DumpUriEntry(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_URI_CACHE_ENTRY UriEntry
)
{
UCHAR urlBuffer[MAX_URL_BUFFER];
CHAR strSignature[MAX_SIGNATURE_LENGTH];
READ_REMOTE_STRING(
urlBuffer,
sizeof(urlBuffer),
UriEntry->Uri.pUri,
UriEntry->Uri.Length
);
dprintf(
"%s%sUL_URI_CACHE_ENTRY @ %p\n"
"%s%S\n"
"%s\n"
"%s Signature = %08lx (%s)\n"
"%s BucketEntry @ %p\n"
"%s Flink = %p ( !ulkd.uri %p )\n"
"%s Blink = %p ( !ulkd.uri %p )\n"
"%s Uri @ %p\n"
"%s Hash = %08lx\n"
"%s Length = %lu\n"
"%s pUri = %p\n"
"%s ReferenceCount = %lu\n"
"%s HitCount = %lu\n"
"%s Zombie = %lu\n"
"%s Cached = %lu\n"
"%s ContentLengthSpecified = %lu\n"
"%s StatusCode = %u\n"
"%s Verb = %s\n"
"%s ScavengerTicks = %lu\n"
"%s CachePolicy @ %p\n"
"%s Policy = %s\n"
"%s SecondsToLive = %lu\n"
"%s ExpirationTime = %08x%08x\n"
"%s pConfigInfo = %p\n"
"%s pProcess = %p\n"
"%s HeaderLength = %lu\n"
"%s pHeaders = %p\n"
"%s ContentLength = %lu\n"
"%s pContent = %p\n"
"\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
urlBuffer,
Prefix,
Prefix,
UriEntry->Signature,
SignatureToString(
UriEntry->Signature,
UL_URI_CACHE_ENTRY_POOL_TAG,
MAKE_FREE_TAG(UL_URI_CACHE_ENTRY_POOL_TAG),
strSignature
),
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_URI_CACHE_ENTRY, BucketEntry ),
Prefix,
UriEntry->BucketEntry.Flink,
CONTAINING_RECORD(
UriEntry->BucketEntry.Flink,
UL_URI_CACHE_ENTRY,
BucketEntry
),
Prefix,
UriEntry->BucketEntry.Blink,
CONTAINING_RECORD(
UriEntry->BucketEntry.Blink,
UL_URI_CACHE_ENTRY,
BucketEntry
),
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_URI_CACHE_ENTRY, Uri ),
Prefix,
UriEntry->Uri.Hash,
Prefix,
UriEntry->Uri.Length,
Prefix,
UriEntry->Uri.pUri,
Prefix,
UriEntry->ReferenceCount,
Prefix,
UriEntry->HitCount,
Prefix,
UriEntry->Zombie,
Prefix,
UriEntry->Cached,
Prefix,
UriEntry->ContentLengthSpecified,
Prefix,
(ULONG)UriEntry->StatusCode,
Prefix,
VerbToString( UriEntry->Verb ),
Prefix,
UriEntry->ScavengerTicks,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_URI_CACHE_ENTRY, CachePolicy ),
Prefix,
CachePolicyToString( UriEntry->CachePolicy.Policy ),
Prefix,
UriEntry->CachePolicy.SecondsToLive,
Prefix,
UriEntry->ExpirationTime.HighPart,
UriEntry->ExpirationTime.LowPart,
Prefix,
UriEntry->pConfigInfo,
Prefix,
UriEntry->pProcess,
Prefix,
UriEntry->HeaderLength,
Prefix,
UriEntry->pHeaders,
Prefix,
UriEntry->ContentLength,
Prefix,
UriEntry->pContent
);
} // DumpUriEntry
#endif
VOID
DumpAllUriEntries(
VOID
)
{
ULONG_PTR address = 0;
// UL_URI_CACHE_TABLE table;
ULONG_PTR dataAddress;
ULONG i;
dprintf("BUGBUG: GeorgeRe needs to fix DumpAllUriEntries!\n");
#if 0
//
// find table
//
address = GetExpression("&http!g_pUriCacheTable");
if (address) {
if (ReadMemory(
address,
&dataAddress,
sizeof(dataAddress),
NULL
))
{
if (ReadMemory(
dataAddress,
&table,
sizeof(table),
NULL
))
{
//
// dump live entries
//
dprintf("Live UL_URI_CACHE_ENTRIES\n\n");
for (i = 0; i < table.BucketCount; i++) {
EnumLinkedList(
((PLIST_ENTRY)
REMOTE_OFFSET(
dataAddress,
UL_URI_CACHE_TABLE,
Buckets
)) + i,
&DumpUriEntryCallback,
"L "
);
}
} else {
dprintf(
"uri*: cannot read memory for http!g_pUriCacheTable = %p\n",
dataAddress
);
}
} else {
dprintf(
"uri*: cannot read memory for http!g_pUriCacheTable @ %p\n",
address
);
}
} else {
dprintf(
"uri*: cannot find symbol for http!g_pUriCacheTable\n"
);
}
//
// dump the zombie list
//
address = GetExpression("&http!g_ZombieListHead");
if (!address) {
dprintf(
"uri*: cannot find symbol for http!g_ZombieListHead\n"
);
return;
}
dprintf("Zombie UL_URI_CACHE_ENTRIES\n\n");
EnumLinkedList(
(PLIST_ENTRY) address,
&DumpUriEntryCallback,
"Z "
);
#endif
} // DumpAllUriEntries
VOID
DumpMdl(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PMDL LocalMdl,
IN ULONG MaxBytesToDump
)
{
dprintf(
"%s%sMDL @ %p\n"
"%s Next = %p\n"
"%s Size = %04x\n"
"%s MdlFlags = %04x\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
LocalMdl->Next,
Prefix,
LocalMdl->Size,
Prefix,
LocalMdl->MdlFlags
);
DumpBitVector(
Prefix,
" ",
LocalMdl->MdlFlags,
g_MdlFlagVector
);
dprintf(
"%s Process = %p\n"
"%s MappedSystemVa = %p\n"
"%s StartVa = %p\n"
"%s ByteCount = %08lx\n"
"%s ByteOffset = %08lx\n",
Prefix,
LocalMdl->Process,
Prefix,
LocalMdl->MappedSystemVa,
Prefix,
LocalMdl->StartVa,
Prefix,
LocalMdl->ByteCount,
Prefix,
LocalMdl->ByteOffset
);
if (MaxBytesToDump > LocalMdl->ByteCount)
{
MaxBytesToDump = LocalMdl->ByteCount;
}
if (MaxBytesToDump > 0)
{
DumpRawData(
Prefix,
(ULONG_PTR)LocalMdl->MappedSystemVa,
MaxBytesToDump
);
}
} // DumpMdl
//
// Private functions.
//
BOOLEAN
DumpUnknownHeadersCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
)
{
UL_HTTP_UNKNOWN_HEADER header;
UCHAR headerName[MAX_HEADER_BUFFER];
UCHAR headerValue[MAX_HEADER_BUFFER];
ULONG result;
ULONG_PTR address;
address = (ULONG_PTR)CONTAINING_RECORD(
RemoteListEntry,
UL_HTTP_UNKNOWN_HEADER,
List
);
if (!ReadMemory(
address,
&header,
sizeof(header),
&result
))
{
return FALSE;
}
DumpUnknownHeader(
(PSTR) Context,
"",
address,
&header
);
return TRUE;
} // DumpUnknownHeadersCallback
VOID
DumpApoolObj(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_APP_POOL_OBJECT ApoolObj
)
{
UCHAR name[MAX_URL_BUFFER];
CHAR strSignature[MAX_SIGNATURE_LENGTH];
READ_REMOTE_STRING(
name,
sizeof(name),
REMOTE_OFFSET( RemoteAddress, UL_APP_POOL_OBJECT, pName ),
ApoolObj->NameLength
);
dprintf(
"%s%sUL_APP_POOL_OBJECT @ %p\n"
"%s Signature = %08lx (%s)\n"
"%s RefCount = %d\n"
"%s ListEntry @ %p\n"
"%s Flink = %p ( !ulkd.apool %p )\n"
"%s Blink = %p ( !ulkd.apool %p )\n"
"%s pResource = %p\n"
"%s NewRequestQueue\n"
"%s RequestCount = %d\n"
"%s MaxRequests = %d\n"
"%s RequestHead @ %p\n"
"%s pDemandStartIrp = %p\n"
"%s pDemandStartProcess = %p\n"
"%s ProcessListHead @ %p\n"
"%s pSecurityDescriptor = %p\n"
"%s NameLength = %d\n"
"%s pName = %p ( %S )\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
ApoolObj->Signature,
SignatureToString(
ApoolObj->Signature,
UL_APP_POOL_OBJECT_POOL_TAG,
MAKE_FREE_TAG(UL_APP_POOL_OBJECT_POOL_TAG),
strSignature
),
Prefix,
ApoolObj->RefCount,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_APP_POOL_OBJECT, ListEntry ),
Prefix,
ApoolObj->ListEntry.Flink,
CONTAINING_RECORD(
ApoolObj->ListEntry.Flink,
UL_APP_POOL_OBJECT,
ListEntry
),
Prefix,
ApoolObj->ListEntry.Blink,
CONTAINING_RECORD(
ApoolObj->ListEntry.Blink,
UL_APP_POOL_OBJECT,
ListEntry
),
Prefix,
ApoolObj->pResource,
Prefix,
Prefix,
ApoolObj->NewRequestQueue.RequestCount,
Prefix,
ApoolObj->NewRequestQueue.MaxRequests,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_APP_POOL_OBJECT, NewRequestQueue.RequestHead ),
Prefix,
ApoolObj->pDemandStartIrp,
Prefix,
ApoolObj->pDemandStartProcess,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_APP_POOL_OBJECT, ProcessListHead ),
Prefix,
ApoolObj->pSecurityDescriptor,
Prefix,
ApoolObj->NameLength,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_APP_POOL_OBJECT, pName ),
name
);
if (ApoolObj->ProcessListHead.Flink != (PLIST_ENTRY)REMOTE_OFFSET(
RemoteAddress,
UL_APP_POOL_OBJECT,
ProcessListHead
))
{
dprintf("%s AP Process List:\n", Prefix);
EnumLinkedList(
(PLIST_ENTRY)REMOTE_OFFSET(
RemoteAddress,
UL_APP_POOL_OBJECT,
ProcessListHead
),
&ProcListCallback,
Prefix
);
}
if (ApoolObj->NewRequestQueue.RequestHead.Flink != (PLIST_ENTRY)REMOTE_OFFSET(
RemoteAddress,
UL_APP_POOL_OBJECT,
NewRequestQueue.RequestHead
))
{
dprintf("%s New Request List:\n", Prefix);
EnumLinkedList(
(PLIST_ENTRY)REMOTE_OFFSET(
RemoteAddress,
UL_APP_POOL_OBJECT,
NewRequestQueue.RequestHead
),
&RequestListCallback,
Prefix
);
}
dprintf("\n");
} // DumpApoolObj
VOID
DumpAllApoolObjs(
VOID
)
{
ULONG_PTR address = 0;
address = GetExpression("&http!g_AppPoolListHead");
if (!address) {
dprintf(
"apool*: cannot find symbol for http!g_AppPoolListHead\n"
);
return;
}
EnumLinkedList(
(PLIST_ENTRY) address,
&DumpApoolCallback,
""
);
}
VOID
DumpApoolProc(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_APP_POOL_PROCESS ApoolProc
)
{
CHAR strSignature[MAX_SIGNATURE_LENGTH];
dprintf(
"%s%sUL_APP_POOL_PROCESS @ %p\n"
"%s Signature = %08lx (%s)\n"
"%s InCleanup = %d\n"
"%s ListEntry @ %p\n"
"%s Flink = %p ( !ulkd.proc %p )\n"
"%s Blink = %p ( !ulkd.proc %p )\n"
"%s pAppPool = %p\n"
"%s NewIrpHead @ %p\n"
"%s PendingRequestQueue\n"
"%s RequestCount = %d\n"
"%s MaxRequests = %d\n"
"%s RequestHead @ %p\n"
"%s pProcess = %p\n"
"%s WaitForDisconnectHead @ %p\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
ApoolProc->Signature,
SignatureToString(
ApoolProc->Signature,
UL_APP_POOL_PROCESS_POOL_TAG,
MAKE_FREE_TAG(UL_APP_POOL_PROCESS_POOL_TAG),
strSignature
),
Prefix,
ApoolProc->InCleanup,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_APP_POOL_PROCESS, ListEntry ),
Prefix,
ApoolProc->ListEntry.Flink,
CONTAINING_RECORD(
ApoolProc->ListEntry.Flink,
UL_APP_POOL_PROCESS,
ListEntry
),
Prefix,
ApoolProc->ListEntry.Blink,
CONTAINING_RECORD(
ApoolProc->ListEntry.Blink,
UL_APP_POOL_PROCESS,
ListEntry
),
Prefix,
ApoolProc->pAppPool,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_APP_POOL_PROCESS, NewIrpHead ),
Prefix,
Prefix,
ApoolProc->PendingRequestQueue.RequestCount,
Prefix,
ApoolProc->PendingRequestQueue.MaxRequests,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_APP_POOL_PROCESS, PendingRequestQueue.RequestHead ),
Prefix,
ApoolProc->pProcess,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_APP_POOL_PROCESS, WaitForDisconnectHead )
);
//
// dump the IRP list
//
if (ApoolProc->NewIrpHead.Flink != (PLIST_ENTRY)REMOTE_OFFSET(
RemoteAddress,
UL_APP_POOL_PROCESS,
NewIrpHead
))
{
dprintf("%s Irp List:\n", Prefix);
EnumLinkedList(
(PLIST_ENTRY) REMOTE_OFFSET(
RemoteAddress,
UL_APP_POOL_PROCESS,
NewIrpHead
),
&IrpListCallback,
Prefix
);
}
//
// dump pending request list
//
if (ApoolProc->PendingRequestQueue.RequestHead.Flink != (PLIST_ENTRY)REMOTE_OFFSET(
RemoteAddress,
UL_APP_POOL_PROCESS,
PendingRequestQueue.RequestHead
))
{
dprintf("%s Request List:\n", Prefix);
EnumLinkedList(
(PLIST_ENTRY) REMOTE_OFFSET(
RemoteAddress,
UL_APP_POOL_PROCESS,
PendingRequestQueue.RequestHead
),
&RequestListCallback,
Prefix
);
}
dprintf("\n");
} // DumpApoolProc
VOID
DumpConfigGroup(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_CONFIG_GROUP_OBJECT Obj
)
{
CHAR temp[sizeof("1234567812345678")];
CHAR strSignature[MAX_SIGNATURE_LENGTH];
dprintf(
"%s%sUL_CONFIG_GROUP_OBJECT @ %p\n"
"%s Signature = %x (%s)\n"
"%s RefCount = %d\n"
"%s ConfigGroupId = %I64x\n"
"%s ControlChannelEntry @ %p\n"
"%s pControlChannel = %p\n"
"%s UrlListHead @ %p\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
Obj->Signature,
SignatureToString(
Obj->Signature,
UL_CG_OBJECT_POOL_TAG,
MAKE_FREE_TAG(UL_CG_OBJECT_POOL_TAG),
strSignature
),
Prefix,
Obj->RefCount,
Prefix,
Obj->ConfigGroupId,
Prefix,
REMOTE_OFFSET(RemoteAddress, UL_CONFIG_GROUP_OBJECT, ControlChannelEntry),
Prefix,
Obj->pControlChannel,
Prefix,
REMOTE_OFFSET(RemoteAddress, UL_CONFIG_GROUP_OBJECT, UrlListHead)
);
if (Obj->AppPoolFlags.Present) {
dprintf(
"%s pAppPool = %p\n",
Prefix,
Obj->pAppPool
);
} else {
dprintf(
"%s pAppPool (none)\n",
Prefix
);
}
dprintf(
"%s pAutoResponse = %p\n",
Prefix,
Obj->pAutoResponse
);
if (Obj->MaxBandwidth.Flags.Present) {
dprintf(
"%s MaxBandwidth = %d\n",
Prefix,
Obj->MaxBandwidth.MaxBandwidth
);
} else {
dprintf(
"%s MaxBandwidth (none)\n",
Prefix
);
}
if (Obj->MaxConnections.Flags.Present) {
dprintf(
"%s MaxConnections = %d\n",
Prefix,
Obj->MaxConnections.MaxConnections
);
} else {
dprintf(
"%s MaxConnections (none)\n",
Prefix
);
}
if (Obj->State.Flags.Present) {
dprintf(
"%s State = %s\n",
Prefix,
UlEnabledStateToString(Obj->State.State)
);
} else {
dprintf(
"%s State (none)\n",
Prefix
);
}
if (Obj->Security.Flags.Present) {
dprintf(
"%s Security.pSecurityDescriptor = %p\n",
Prefix,
Obj->Security.pSecurityDescriptor
);
if (Obj->Security.pSecurityDescriptor) {
sprintf(temp, "%p", Obj->Security.pSecurityDescriptor);
CallExtensionRoutine("sd", temp);
}
} else {
dprintf(
"%s Security (none)\n",
Prefix
);
}
}
VOID
DumpConfigTree(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_CG_URL_TREE_HEADER Tree
)
{
CHAR strSignature[MAX_SIGNATURE_LENGTH];
dprintf(
"%s%sUL_CG_URL_TREE_HEADER @ %p\n"
"%s Signature = %x (%s)\n"
"%s AllocCount = %u\n"
"%s UsedCount = %u\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
Tree->Signature,
SignatureToString(
Tree->Signature,
UL_CG_TREE_HEADER_POOL_TAG,
MAKE_FREE_TAG(UL_CG_TREE_HEADER_POOL_TAG),
strSignature
),
Prefix,
Tree->AllocCount,
Prefix,
Tree->UsedCount
);
}
VOID
DumpCgroupEntry(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_CG_URL_TREE_ENTRY Entry
)
{
UCHAR tokenBuffer[MAX_URL_BUFFER];
CHAR strSignature[MAX_SIGNATURE_LENGTH];
dprintf(
"%s%sUL_CG_URL_TREE_ENTRY @ %p\n"
"%s Signature = %08lx (%s)\n"
"%s pParent = %p (cgentry)\n"
"%s pChildren = %p (cgtree)\n"
"%s TokenHash = 0x%08x\n"
"%s TokenLength = %d\n"
"%s FullUrl = %d\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
Entry->Signature,
SignatureToString(
Entry->Signature,
UL_CG_TREE_ENTRY_POOL_TAG,
MAKE_FREE_TAG(UL_CG_TREE_ENTRY_POOL_TAG),
strSignature
),
Prefix,
Entry->pParent,
Prefix,
Entry->pChildren,
Prefix,
Entry->TokenHash,
Prefix,
Entry->TokenLength,
Prefix,
Entry->FullUrl
);
if (Entry->FullUrl) {
dprintf(
"%s UrlContext = %I64x\n"
"%s pConfigGroup = %p\n"
"%s ConfigGroupListEntry @ %p\n",
Prefix,
Entry->UrlContext,
Prefix,
Entry->pConfigGroup,
Prefix,
REMOTE_OFFSET(RemoteAddress, UL_CG_URL_TREE_ENTRY, ConfigGroupListEntry)
);
}
READ_REMOTE_STRING(
tokenBuffer,
sizeof(tokenBuffer),
REMOTE_OFFSET(RemoteAddress, UL_CG_URL_TREE_ENTRY, pToken),
Entry->TokenLength
);
dprintf(
"%s pToken = %ws\n"
"\n",
Prefix,
tokenBuffer
);
}
VOID
DumpCgroupHeader(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_CG_HEADER_ENTRY Entry
)
{
UL_CG_URL_TREE_ENTRY tentry;
ULONG result;
dprintf(
"%s%sUL_CG_HEADER_ENTRY @ %p\n"
"%s TokenHash = 0x%08x\n"
"%s pEntry = %p\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
Entry->TokenHash,
Prefix,
Entry->pEntry
);
if (!ReadMemory(
(ULONG_PTR)Entry->pEntry,
&tentry,
sizeof(tentry),
&result
))
{
dprintf(
"%scouldn't read UL_CG_TREE_ENTRY @ %p\n",
CommandName,
Entry->pEntry
);
return;
}
DumpCgroupEntry(
Prefix,
CommandName,
(ULONG_PTR)Entry->pEntry,
&tentry
);
}
#if 0
BOOLEAN
DumpUriEntryCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
)
{
UL_URI_CACHE_ENTRY entry;
ULONG_PTR address;
ULONG result;
address = (ULONG_PTR)CONTAINING_RECORD(
RemoteListEntry,
UL_URI_CACHE_ENTRY,
BucketEntry
);
if (!ReadMemory(
address,
&entry,
sizeof(entry),
&result
))
{
return FALSE;
}
DumpUriEntry(
(PSTR) Context,
"uri*: ",
address,
&entry
);
return TRUE;
} // DumpUriEntryCallback
#endif
BOOLEAN
DumpApoolCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
)
{
UL_APP_POOL_OBJECT obj;
ULONG_PTR address;
ULONG result;
address = (ULONG_PTR)CONTAINING_RECORD(
RemoteListEntry,
UL_APP_POOL_OBJECT,
ListEntry
);
if (!ReadMemory(
address,
&obj,
sizeof(obj),
&result
))
{
return FALSE;
}
DumpApoolObj(
(PSTR) Context,
"apool*: ",
address,
&obj
);
return TRUE;
} // DumpApoolCallback
BOOLEAN
DumpEndpointCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
)
{
UL_ENDPOINT endp;
ULONG_PTR address;
ULONG result;
PENDPOINT_GLOBAL_CALLBACK_CONTEXT pCtxt
= (PENDPOINT_GLOBAL_CALLBACK_CONTEXT) Context;
ASSERT(pCtxt->Signature == ENDPOINT_GLOBAL_CALLBACK_CONTEXT_SIGNATURE);
address = (ULONG_PTR)CONTAINING_RECORD(
RemoteListEntry,
UL_ENDPOINT,
GlobalEndpointListEntry
);
if (!ReadMemory(
address,
&endp,
sizeof(endp),
&result
))
{
return FALSE;
}
DumpUlEndpoint(
pCtxt->Prefix,
"endp *: ",
address,
&endp,
pCtxt->Verbosity
);
return TRUE;
} // DumpEndpointCallback
BOOLEAN
ProcListCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
)
{
ULONG_PTR address;
address = (ULONG_PTR)CONTAINING_RECORD(
RemoteListEntry,
UL_APP_POOL_PROCESS,
ListEntry
);
dprintf("%s %p\n", (PSTR) Context, address);
return TRUE;
} // ProcListCallback
BOOLEAN
IrpListCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
)
{
ULONG_PTR address;
address = (ULONG_PTR)CONTAINING_RECORD(
RemoteListEntry,
IRP,
Tail.Overlay.ListEntry
);
dprintf("%s %p\n", (PSTR) Context, address);
return TRUE;
} // IrpListCallback
BOOLEAN
RequestListCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
)
{
UL_INTERNAL_REQUEST request;
ULONG_PTR address;
ULONG result;
UCHAR urlBuffer[MAX_URL_BUFFER];
address = (ULONG_PTR)CONTAINING_RECORD(
RemoteListEntry,
UL_INTERNAL_REQUEST,
AppPool.AppPoolEntry
);
if (!ReadMemory(
address,
&request,
sizeof(request),
&result
))
{
return FALSE;
}
READ_REMOTE_STRING(
urlBuffer,
sizeof(urlBuffer),
request.CookedUrl.pUrl,
request.CookedUrl.Length
);
dprintf(
"%s %p - %s %ws\n",
(PSTR) Context,
address,
VerbToString(request.Verb),
urlBuffer
);
return TRUE;
} // RequestListCallback
VOID
DumpKernelQueue(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PKQUEUE LocalQueue,
IN ULONG Flags
)
{
dprintf(
"%s%sKQUEUE @ %p\n"
"%s Type = %02x\n"
"%s Absolute = %02x\n"
"%s Size = %02x\n"
"%s Inserted = %02x\n"
"%s SignalState = %ld\n"
"%s WaitListHead @ %p%s\n"
"%s EntryListHead @ %p%s\n"
"%s CurrentCount = %lu\n"
"%s MaximumCount = %lu\n"
"%s ThreadListHead @ %p%s\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
LocalQueue->Header.Type,
Prefix,
LocalQueue->Header.Absolute,
Prefix,
LocalQueue->Header.Size,
Prefix,
LocalQueue->Header.Inserted,
Prefix,
LocalQueue->Header.SignalState,
Prefix,
REMOTE_OFFSET( RemoteAddress, KQUEUE, Header.WaitListHead ),
IS_LIST_EMPTY(
LocalQueue,
RemoteAddress,
KQUEUE,
Header.WaitListHead
) ? " (EMPTY)" : "",
Prefix,
REMOTE_OFFSET( RemoteAddress, KQUEUE, EntryListHead ),
IS_LIST_EMPTY(
LocalQueue,
RemoteAddress,
KQUEUE,
EntryListHead
) ? " (EMPTY)" : "",
Prefix,
LocalQueue->CurrentCount,
Prefix,
LocalQueue->MaximumCount,
Prefix,
REMOTE_OFFSET( RemoteAddress, KQUEUE, ThreadListHead ),
IS_LIST_EMPTY(
LocalQueue,
RemoteAddress,
KQUEUE,
ThreadListHead
) ? " (EMPTY)" : ""
);
if (Flags & 1)
{
EnumLinkedList(
(PLIST_ENTRY)REMOTE_OFFSET( RemoteAddress, KQUEUE, EntryListHead ),
&DumpKQueueEntriesCallback,
NULL
);
}
} // DumpKernelQueue
BOOLEAN
DumpKQueueEntriesCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
)
{
ULONG_PTR address;
CHAR temp[sizeof("1234567812345678 f")];
address = (ULONG_PTR)CONTAINING_RECORD(
RemoteListEntry,
IRP,
Tail.Overlay.ListEntry
);
sprintf( temp, "%p f", address );
CallExtensionRoutine( "irp", temp );
return TRUE;
} // DumpKQueueEntriesCallback
VOID
DumpFilterChannel(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_FILTER_CHANNEL Filter,
IN ULONG Flags
)
{
UCHAR name[MAX_URL_BUFFER];
CHAR strSignature[MAX_SIGNATURE_LENGTH];
READ_REMOTE_STRING(
name,
sizeof(name),
REMOTE_OFFSET( RemoteAddress, UL_FILTER_CHANNEL, pName ),
Filter->NameLength
);
dprintf(
"%s%sUL_FILTER_CHANNEL @ %p\n"
"%s Signature = %x (%s)\n"
"%s RefCount = %d\n"
"%s ListEntry @ %p\n"
"%s pDemandStartIrp = %p\n"
"%s pDemandStartProcess = %p\n"
"%s SpinLock @ %p (%s)\n"
"%s ProcessListHead @ %p%s\n"
"%s ConnectionListHead @ %p%s\n"
"%s pSecurityDescriptor = %p\n"
"%s NameLength = %d\n"
"%s pName = %p (%S)\n"
"\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
Filter->Signature,
SignatureToString(
Filter->Signature,
UL_FILTER_CHANNEL_POOL_TAG,
MAKE_FREE_TAG(UL_FILTER_CHANNEL_POOL_TAG),
strSignature
),
Prefix,
Filter->RefCount,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_FILTER_CHANNEL, ListEntry ),
Prefix,
Filter->pDemandStartIrp,
Prefix,
Filter->pDemandStartProcess,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_FILTER_CHANNEL, SpinLock ),
GetSpinlockState( &Filter->SpinLock ),
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_FILTER_CHANNEL, ProcessListHead ),
IS_LIST_EMPTY(
Filter,
RemoteAddress,
UL_FILTER_CHANNEL,
ProcessListHead
) ? " (EMPTY)" : "",
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_FILTER_CHANNEL, ConnectionListHead ),
IS_LIST_EMPTY(
Filter,
RemoteAddress,
UL_FILTER_CHANNEL,
ConnectionListHead
) ? " (EMPTY)" : "",
Prefix,
Filter->pSecurityDescriptor,
Prefix,
Filter->NameLength,
Prefix,
Filter->pName,
name
);
if (Filter->ProcessListHead.Flink != (PLIST_ENTRY)REMOTE_OFFSET(
RemoteAddress,
UL_FILTER_CHANNEL,
ProcessListHead
))
{
dprintf("%s Filter Process List:\n", Prefix);
EnumLinkedList(
(PLIST_ENTRY)REMOTE_OFFSET(
RemoteAddress,
UL_FILTER_CHANNEL,
ProcessListHead
),
&FiltProcListCallback,
Prefix
);
}
dprintf("\n");
}
BOOLEAN
FiltProcListCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
)
{
ULONG_PTR address;
address = (ULONG_PTR)CONTAINING_RECORD(
RemoteListEntry,
UL_FILTER_PROCESS,
ListEntry
);
dprintf("%s %p\n", (PSTR) Context, address);
return TRUE;
} // FiltProcListCallback
VOID
DumpFilterProc(
IN PSTR Prefix,
IN PSTR CommandName,
IN ULONG_PTR RemoteAddress,
IN PUL_FILTER_PROCESS Proc,
IN ULONG Flags
)
{
CHAR strSignature[MAX_SIGNATURE_LENGTH];
dprintf(
"%s%sUL_FILTER_PROCESS @ %p\n"
"%s Signature = %x (%s)\n"
"%s InCleanup = %ld\n"
"%s pFilterChannel = %p\n"
"%s ListEntry @ %p\n"
"%s ConnectionHead @ %p%s\n"
"%s IrpHead @ %p%s\n"
"%s pProcess = %p\n"
"\n",
Prefix,
CommandName,
RemoteAddress,
Prefix,
Proc->Signature,
SignatureToString(
Proc->Signature,
UL_FILTER_PROCESS_POOL_TAG,
MAKE_FREE_TAG(UL_FILTER_PROCESS_POOL_TAG),
strSignature
),
Prefix,
Proc->InCleanup,
Prefix,
Proc->pFilterChannel,
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_FILTER_PROCESS, ListEntry ),
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_FILTER_PROCESS, ConnectionHead ),
IS_LIST_EMPTY(
Proc,
RemoteAddress,
UL_FILTER_PROCESS,
ConnectionHead
) ? " (EMPTY)" : "",
Prefix,
REMOTE_OFFSET( RemoteAddress, UL_FILTER_PROCESS, IrpHead ),
IS_LIST_EMPTY(
Proc,
RemoteAddress,
UL_FILTER_PROCESS,
IrpHead
) ? " (EMPTY)" : "",
Prefix,
Proc->pProcess
);
} // DumpFilterProc
BOOLEAN
DumpUlActiveConnectionCallback(
IN PLIST_ENTRY RemoteListEntry,
IN PVOID Context
)
{
ULONG_PTR address;
UL_CONNECTION connection;
ULONG result;
PCONN_CALLBACK_CONTEXT pConnContext = (PCONN_CALLBACK_CONTEXT) Context;
ASSERT(pConnContext->Signature == CONN_CALLBACK_CONTEXT_SIGNATURE);
address = (ULONG_PTR) CONTAINING_RECORD(
RemoteListEntry,
UL_CONNECTION,
ActiveListEntry // <--
);
if (!ReadMemory(
address,
&connection,
sizeof(connection),
&result
))
{
return FALSE;
}
dprintf("active conn[%2d][%2d]: ",
pConnContext->Index, pConnContext->SubIndex++);
switch (pConnContext->Verbosity)
{
case ENDPOINT_BRIEF_CONNS:
DumpUlConnectionLite(
pConnContext->Prefix,
"",
address,
&connection
);
break;
case ENDPOINT_VERBOSE_CONNS:
DumpUlConnection(
pConnContext->Prefix,
"",
address,
&connection
);
break;
default:
ASSERT(! "Invalid ENDPOINT_CONNS");
}
return TRUE;
} // DumpUlActiveConnectionCallback
BOOLEAN
DumpUlIdleConnectionCallback(
IN PSINGLE_LIST_ENTRY RemoteSListEntry,
IN PVOID Context
)
{
ULONG_PTR address;
UL_CONNECTION connection;
ULONG result;
PCONN_CALLBACK_CONTEXT pConnContext = (PCONN_CALLBACK_CONTEXT) Context;
ASSERT(pConnContext->Signature == CONN_CALLBACK_CONTEXT_SIGNATURE);
address = (ULONG_PTR) CONTAINING_RECORD(
RemoteSListEntry,
UL_CONNECTION,
IdleSListEntry // <--
);
if (!ReadMemory(
address,
&connection,
sizeof(connection),
&result
))
{
return FALSE;
}
dprintf("idle conn[%2d]: ", pConnContext->SubIndex++);
switch (pConnContext->Verbosity)
{
case ENDPOINT_BRIEF_CONNS:
DumpUlConnectionLite(
pConnContext->Prefix,
"",
address,
&connection
);
break;
case ENDPOINT_VERBOSE_CONNS:
DumpUlConnection(
pConnContext->Prefix,
"",
address,
&connection
);
break;
default:
ASSERT(! "Invalid ENDPOINT_CONNS");
}
return TRUE;
} // DumpUlIdleConnectionCallback