BOOLEAN KeGetBugMessageText( IN ULONG MessageId, IN PANSI_STRING ReturnedString OPTIONAL ) { ULONG i; PUCHAR s; PMESSAGE_RESOURCE_BLOCK MessageBlock; PUCHAR Buffer; BOOLEAN Result; Result = FALSE; try { if (KiBugCodeMessages != NULL) { MmMakeKernelResourceSectionWritable (); MessageBlock = &KiBugCodeMessages->Blocks[0]; for (i = KiBugCodeMessages->NumberOfBlocks; i; i -= 1) { if (MessageId >= MessageBlock->LowId && MessageId <= MessageBlock->HighId) { s = (PCHAR)KiBugCodeMessages + MessageBlock->OffsetToEntries; for (i = MessageId - MessageBlock->LowId; i; i -= 1) { s += ((PMESSAGE_RESOURCE_ENTRY)s)->Length; } Buffer = ((PMESSAGE_RESOURCE_ENTRY)s)->Text; i = strlen(Buffer) - 1; while (i > 0 && (Buffer[i] == '\n' || Buffer[i] == '\r' || Buffer[i] == 0 ) ) { if (!ARGUMENT_PRESENT( ReturnedString )) { Buffer[i] = 0; } i -= 1; } if (!ARGUMENT_PRESENT( ReturnedString )) { InbvDisplayString(Buffer); } else { ReturnedString->Buffer = Buffer; ReturnedString->Length = (USHORT)(i+1); ReturnedString->MaximumLength = (USHORT)(i+1); } Result = TRUE; break; } MessageBlock += 1; } } } except ( EXCEPTION_EXECUTE_HANDLER ) { ; } return Result; }
NTSTATUS NTAPI NtQueryInformationPort( IN HANDLE PortHandle OPTIONAL, IN PORT_INFORMATION_CLASS PortInformationClass, OUT PVOID PortInformation, IN ULONG Length, OUT PULONG ReturnLength OPTIONAL ) { KPROCESSOR_MODE PreviousMode; NTSTATUS Status; PLPCP_PORT_OBJECT PortObject; PAGED_CODE(); // // Get previous processor mode and probe output argument if necessary. // PreviousMode = KeGetPreviousMode(); if (PreviousMode != KernelMode) { try { ProbeForWrite( PortInformation, Length, sizeof( ULONG ) ); if (ARGUMENT_PRESENT( ReturnLength )) { ProbeForWriteUlong( ReturnLength ); } } except( EXCEPTION_EXECUTE_HANDLER ) { return( GetExceptionCode() ); } } if (ARGUMENT_PRESENT( PortHandle )) { Status = ObReferenceObjectByHandle( PortHandle, GENERIC_READ, LpcPortObjectType, PreviousMode, &PortObject, NULL ); if (!NT_SUCCESS( Status )) { return( Status ); } ObDereferenceObject( PortObject ); return STATUS_SUCCESS; } else { return STATUS_INVALID_INFO_CLASS; } }
NTSTATUS RtlInitUnicodeStringEx ( OUT PUNICODE_STRING DestinationString, IN PCWSTR SourceString OPTIONAL ) { SIZE_T Length; DestinationString->Length = 0; DestinationString->MaximumLength = 0; DestinationString->Buffer = (PWSTR)SourceString; if (ARGUMENT_PRESENT(SourceString)) { Length = wcslen(SourceString); // We are actually limited to 32765 characters since we want to store a meaningful // MaximumLength also. if (Length > (UNICODE_STRING_MAX_CHARS - 1)) { return STATUS_NAME_TOO_LONG; } Length *= sizeof(WCHAR); DestinationString->Length = (USHORT)Length; DestinationString->MaximumLength = (USHORT)(Length + sizeof(WCHAR)); } return STATUS_SUCCESS; }
VOID SeUnlockSubjectContext( __in PSECURITY_SUBJECT_CONTEXT SubjectContext ) /*++ Routine Description: Releases the read locks on the token(s) in the passed SubjectContext. Arguments: SubjectContext - Points to a SECURITY_SUBJECT_CONTEXT data structure which points to a primary token and an optional impersonation token. Return Value: None --*/ { PAGED_CODE(); SepReleaseTokenReadLock((PTOKEN)(SubjectContext->PrimaryToken)); if (ARGUMENT_PRESENT(SubjectContext->ClientToken)) { SepReleaseTokenReadLock((PTOKEN)(SubjectContext->ClientToken)); } }
// // In safe-arithmetic, perform integer division Dividend/Divisor and return the // result rounded up or down to the nearest integer where 3.5 and 3.75 are near // 4, while 3.25 is near 3. // // Dividend: A 64-bit unsigned integer dividend. // Divisor: A 64-bit unsigned integer divisor. // ResultPtr: A pointer to a 64-bit unsigned integer that receives the result. // // Returns error in case of overflow, otherwise returns STATUS_SUCCESS. // __forceinline NTSTATUS SafeDivRound64x64 ( _In_ ULONGLONG Dividend, _In_ ULONGLONG Divisor, _Out_ ULONGLONG* ResultPtr ) { ASSERT(ARGUMENT_PRESENT(ResultPtr)); ASSERT(Divisor > 0); // // Calculate the following in safe-arithmetic to avoid overflows: // return (Dividend + (Divisor / 2)) / Divisor; // ULONGLONG result; NTSTATUS status = RtlULongLongAdd(Dividend, Divisor / 2, &result); if (!NT_SUCCESS(status)) { return status; } *ResultPtr = result / Divisor; return STATUS_SUCCESS; }
BOOL MmIsAddressValidEx( IN PVOID Pointer ) { VALIDITY_CHECK_STATUS MmRet; ULONG ulTry; if (!ARGUMENT_PRESENT(Pointer) || !Pointer){ return FALSE; } /* //VCS_TRANSITION、VCS_PAGEDOUT内存居然是这样子~~擦~ lkd> dd f8ad5ad8 f8ad5ad8 ???????? ???????? ???????? ???????? f8ad5ae8 ???????? ???????? ???????? ???????? f8ad5af8 ???????? ???????? ???????? ???????? f8ad5b08 ???????? ???????? ???????? ???????? f8ad5b18 ???????? ???????? ???????? ???????? f8ad5b28 ???????? ???????? ???????? ???????? f8ad5b38 ???????? ???????? ???????? ???????? f8ad5b48 ???????? ???????? ???????? ???????? */ MmRet = MiIsAddressValidEx(Pointer); if (MmRet != VCS_VALID){ return FALSE; } return TRUE; }
NTSTATUS RtlInitAnsiStringEx ( OUT PANSI_STRING DestinationString, IN PCSZ SourceString OPTIONAL ) { SIZE_T Length; DestinationString->Length = 0; DestinationString->MaximumLength = 0; DestinationString->Buffer = (PCHAR)SourceString; if (ARGUMENT_PRESENT(SourceString)) { Length = strlen(SourceString); // We are actually limited to 64K - 1 characters since we want to store a meaningful // MaximumLength also. if (Length > (MAXUSHORT - 1)) { return STATUS_NAME_TOO_LONG; } DestinationString->Length = (USHORT)Length; DestinationString->MaximumLength = (USHORT)(Length + 1); } return STATUS_SUCCESS; }
HRESULT AllocAndCopyString(_In_ PCWSTR source, _Outptr_ PWSTR *dest) { HRESULT hr = S_OK; size_t len; if ( !ARGUMENT_PRESENT(source) ) { return E_INVALIDARG; } len = wcslen(source); // Remember: wcslen excludes the null character when calculating the length. // Also, StringCchCopyW takes the total length of the destination buffer *dest = (PWSTR)LocalAlloc(LMEM_ZEROINIT, ((len + 1) * sizeof(wchar_t))); if ( !(*dest) ) { wprintf(L"LocalAlloc failed.\n"); hr = E_OUTOFMEMORY; goto exit_gracefully; } hr = StringCchCopyW(*dest, len + 1, source); FailGracefully(hr, L"StringCchCopyW"); exit_gracefully: if ( !SUCCEEDED(hr) ) { LocalFree(*dest); } return hr; }
VOID RtlpCopyProcString( IN OUT PWSTR *pDst, OUT PUNICODE_STRING DestString, IN PUNICODE_STRING SourceString, IN ULONG DstAlloc OPTIONAL ) { if (!ARGUMENT_PRESENT( DstAlloc )) { DstAlloc = SourceString->MaximumLength; } ASSERT((SourceString->Length == 0) || (SourceString->Buffer != NULL)); if (SourceString->Buffer != NULL && SourceString->Length != 0) { RtlCopyMemory (*pDst, SourceString->Buffer, SourceString->Length); } DestString->Buffer = *pDst; DestString->Length = SourceString->Length; DestString->MaximumLength = (USHORT)DstAlloc; if (DestString->Length < DestString->MaximumLength) { RtlZeroMemory (((PUCHAR)DestString->Buffer) + DestString->Length, DestString->MaximumLength - DestString->Length); } *pDst = (PWSTR)((PCHAR)(*pDst) + ROUND_UP( DstAlloc, sizeof( ULONG ) ) ); return; }
BOOL APIENTRY MoveFileExA( LPCSTR lpExistingFileName, LPCSTR lpNewFileName, DWORD dwFlags ) /*++ Routine Description: ANSI thunk to MoveFileW --*/ { PUNICODE_STRING Unicode; UNICODE_STRING UnicodeNewFileName; ANSI_STRING AnsiString; NTSTATUS Status; BOOL ReturnValue; Unicode = &NtCurrentTeb()->StaticUnicodeString; RtlInitAnsiString(&AnsiString,lpExistingFileName); Status = Basep8BitStringToUnicodeString(Unicode,&AnsiString,FALSE); if ( !NT_SUCCESS(Status) ) { if ( Status == STATUS_BUFFER_OVERFLOW ) { SetLastError(ERROR_FILENAME_EXCED_RANGE); } else { BaseSetLastNTError(Status); } return FALSE; } if (ARGUMENT_PRESENT( lpNewFileName )) { RtlInitAnsiString(&AnsiString,lpNewFileName); Status = Basep8BitStringToUnicodeString(&UnicodeNewFileName,&AnsiString,TRUE); if ( !NT_SUCCESS(Status) ) { BaseSetLastNTError(Status); return FALSE; } } else { UnicodeNewFileName.Buffer = NULL; } ReturnValue = MoveFileExW((LPCWSTR)Unicode->Buffer,(LPCWSTR)UnicodeNewFileName.Buffer,dwFlags); if (UnicodeNewFileName.Buffer != NULL) { RtlFreeUnicodeString(&UnicodeNewFileName); } return ReturnValue; }
VOID SepFreePrimaryGroup( IN PTOKEN Token ) /*++ Routine Description: Free up the space in the dynamic part of the token take up by the primary group. The token is assumed to be locked for write access before calling this routine. Arguments: Token - Pointer to the token. Return Value: None. --*/ { PAGED_CODE(); // // Add the size of the primary group to the DynamicAvailable field. // Token->DynamicAvailable += SeLengthSid( Token->PrimaryGroup ); // // If there is a default discretionary ACL, and it is not already at the // beginning of the dynamic part, move it there (remember to update the // pointer to it). // if (ARGUMENT_PRESENT(Token->DefaultDacl)) { if (Token->DynamicPart != (PULONG)(Token->DefaultDacl)) { RtlMoveMemory( (PVOID)(Token->DynamicPart), (PVOID)(Token->DefaultDacl), Token->DefaultDacl->AclSize ); Token->DefaultDacl = (PACL)(Token->DynamicPart); } } return; }
static FORCEINLINE BOOLEAN AddPartners ( __inout PST_BARRIER Barrier, __in USHORT Count, __out_opt ULONGLONG *AddedPhase ) { PPHASE_STATE PhaseState; ULONG State; ULONG Partners; ULONG Arrived; PhaseState = Barrier->PhaseState; do { Partners = (State = PhaseState->State) >> PARTNERS_SHIFT; Arrived = State & ARRIVED_MASK; // // Validate the argument. // if (Count == 0 || (Count + Partners) > MAX_PARTNERS) { SetLastError(ERROR_INVALID_PARAMETER); return FALSE; } // // If the current phase was already reached, wait unconditionally // until a new phase starts. // if (Arrived == Partners) { StNotificationEvent_WaitEx(&PhaseState->Event, 50, NULL); // // Get the new phase state and retry. // PhaseState = Barrier->PhaseState; continue; } // // Update the number of partners and, if succeed, return. // if (CasLong(&PhaseState->State, State, ((Partners + Count) << PARTNERS_SHIFT) | Arrived)) { if (ARGUMENT_PRESENT(AddedPhase)) { *AddedPhase = Barrier->PhaseNumber; } return TRUE; } } while (TRUE); }
BOOLEAN WritePhysicalMemory (PHYSICAL_ADDRESS pBufSrc, PUCHAR pBufDest, ULONG count,PULONG pcTotalBytesWritten) { if (ARGUMENT_PRESENT(pcTotalBytesWritten)) { *pcTotalBytesWritten = 0; } return (BOOLEAN)NT_SUCCESS(DbgKdWritePhysicalMemory(pBufSrc, (PVOID)pBufDest, count, pcTotalBytesWritten)); }
BOOLEAN ReadVirtualMemory (PUCHAR pBufSrc, PUCHAR pBufDest, ULONG count, PULONG pcTotalBytesRead) { if (ARGUMENT_PRESENT(pcTotalBytesRead)) { *pcTotalBytesRead = 0; } return (BOOLEAN)NT_SUCCESS(DbgKdReadVirtualMemory((PVOID)pBufSrc, (PVOID)pBufDest, count, pcTotalBytesRead)); }
HRESULT RemoveAllInheritedAces(PACL *ppAcl) { BOOL bResult = FALSE; DWORD errorCode = S_OK; HRESULT hr = S_OK; ACL_SIZE_INFORMATION aclInformation; DWORD totalCount; DWORD aceIndex = 0; LPVOID ace = nullptr; BYTE aceFlags = 0; if ( !ARGUMENT_PRESENT(*ppAcl) ) { return E_INVALIDARG; } bResult = GetAclInformation( *ppAcl, &aclInformation, sizeof(aclInformation), AclSizeInformation ); FailGracefullyGLE(bResult, L"GetAclInformation"); totalCount = aclInformation.AceCount; while ( aceIndex < totalCount ) { bResult = GetAce( *ppAcl, aceIndex, &ace ); FailGracefullyGLE(bResult, L"GetAce"); aceFlags = ((PACE_HEADER)ace)->AceFlags; if (IS_FLAG_SET(aceFlags,INHERITED_ACE)) { bResult = DeleteAce( *ppAcl, aceIndex); FailGracefullyGLE(bResult, L"DeleteAce"); totalCount--; } else { aceIndex++; } } exit_gracefully: return hr; }
// This goes through every ACE in 'acl', sums the size of the inheritable // ACEs, and puts it in dwSizeNeeded. HRESULT GetSizeOfAllInheritableAces(PACL acl, DWORD &dwSizeNeeded) { BOOL bResult; DWORD errorCode = S_OK; HRESULT hr = S_OK; ACL_SIZE_INFORMATION aclInformation; DWORD totalCount; LPVOID ace; BYTE aceFlags; if ( !ARGUMENT_PRESENT(acl) ) { return E_INVALIDARG; } bResult = GetAclInformation( acl, &aclInformation, sizeof(aclInformation), AclSizeInformation ); FailGracefullyGLE(bResult, L"GetAclInformation"); totalCount = aclInformation.AceCount; // Start with zero as the size. We'll only initialize this // to sizeof(ACL) if we find an inheritable ACE. dwSizeNeeded = 0; for ( DWORD aceIndex = 0; aceIndex < totalCount; aceIndex ++ ) { bResult = GetAce( acl, aceIndex, &ace ); FailGracefullyGLE(bResult, L"GetAce"); aceFlags = ((PACE_HEADER)ace)->AceFlags; // Only count the inheritable ACEs if (IsInheritableAce(aceFlags)) { // Initialize the size now that we've found an inheritable ACE if ( dwSizeNeeded == 0 ) { dwSizeNeeded = sizeof(ACL); } dwSizeNeeded += ((PACE_HEADER)ace)->AceSize; } } exit_gracefully: return hr; }
NTSTATUS ExpQueryEventIds( OUT PRTL_EVENT_ID_INFO EventIds, IN ULONG EventIdsLength, OUT PULONG ReturnLength OPTIONAL ) { NTSTATUS Status; PLIST_ENTRY Head, Next; PRTL_EVENT_ID_INFO EventId; ULONG TotalLength; ExAcquireFastMutex( &ExpEventIdListMutex ); Status = STATUS_SUCCESS; try { Head = &ExpEventIdListHead; Next = Head->Flink; TotalLength = sizeof( ULONG ); while (Next != Head) { EventId = CONTAINING_RECORD( Next, RTL_EVENT_ID_INFO, Entry ); TotalLength += EventId->Length; Next = Next->Flink; } if (ARGUMENT_PRESENT( ReturnLength )) { *ReturnLength = TotalLength; } if (TotalLength > EventIdsLength) { Status = STATUS_INFO_LENGTH_MISMATCH; leave; } Head = &ExpEventIdListHead; Next = Head->Flink; TotalLength = 0; while (Next != Head) { EventId = CONTAINING_RECORD( Next, RTL_EVENT_ID_INFO, Entry ); RtlMoveMemory( (PCHAR)EventIds + TotalLength, EventId, EventId->Length ); TotalLength += EventId->Length; Next = Next->Flink; } RtlZeroMemory( (PCHAR)EventIds + TotalLength, sizeof( ULONG ) ); } finally { ExReleaseFastMutex( &ExpEventIdListMutex ); } return Status; }
NTSYSAPI NTSTATUS STDAPIVCALLTYPE RtlSetThreadIsCritical( IN BOOLEAN NewValue, OUT PBOOLEAN OldValue OPTIONAL, IN BOOLEAN CheckFlag ) { PPEB Peb; ULONG Enable; NTSTATUS Status; if ( ARGUMENT_PRESENT(OldValue) ) { *OldValue = FALSE; } Peb = RtlGetCurrentPeb(); if ( CheckFlag && ! (Peb->NtGlobalFlag & FLG_ENABLE_SYSTEM_CRIT_BREAKS) ) { return STATUS_UNSUCCESSFUL; } if ( ARGUMENT_PRESENT(OldValue) ) { NtQueryInformationThread(NtCurrentThread(), ThreadBreakOnTermination, &Enable, sizeof(Enable), NULL); *OldValue = (BOOLEAN) Enable; } Enable = NewValue; Status = NtSetInformationThread(NtCurrentThread(), ThreadBreakOnTermination, &Enable, sizeof(Enable)); return Status; }
VOID RtlCopyString( OUT PSTRING DestinationString, IN PSTRING SourceString OPTIONAL ) /*++ Routine Description: The RtlCopyString function copies the SourceString to the DestinationString. If SourceString is not specified, then the Length field of DestinationString is set to zero. The MaximumLength and Buffer fields of DestinationString are not modified by this function. The number of bytes copied from the SourceString is either the Length of SourceString or the MaximumLength of DestinationString, whichever is smaller. Arguments: DestinationString - Pointer to the destination string. SourceString - Optional pointer to the source string. Return Value: None. --*/ { PSZ src, dst; ULONG n; if (ARGUMENT_PRESENT( SourceString )) { dst = DestinationString->Buffer; src = SourceString->Buffer; n = SourceString->Length; if ((USHORT)n > DestinationString->MaximumLength) { n = DestinationString->MaximumLength; } DestinationString->Length = (USHORT)n; while (n) { *dst++ = *src++; n--; } } else { DestinationString->Length = 0; } }
VOID RtlInitString ( OUT PSTRING DestinationString, IN PCSZ SourceString OPTIONAL ) /*++ Routine Description: The RtlInitString function initializes an NT counted string. The DestinationString is initialized to point to the SourceString and the Length and MaximumLength fields of DestinationString are initialized to the length of the SourceString, which is zero if SourceString is not specified. Arguments: DestinationString - Pointer to the counted string to initialize SourceString - Optional pointer to a null terminated string that the counted string is to point to. Return Value: None. --*/ { SIZE_T Length; DestinationString->Length = 0; DestinationString->MaximumLength = 0; DestinationString->Buffer = (PCHAR)SourceString; if (ARGUMENT_PRESENT(SourceString)) { Length = strlen(SourceString); ASSERT(Length < MAXUSHORT); if(Length >= MAXUSHORT) { Length = MAXUSHORT - 1; } DestinationString->Length = (USHORT)Length; DestinationString->MaximumLength = (USHORT)(Length + 1); } return; }
VOID MissypUpdateLegalNoticeRecommendation( IN PBOOL Recommendation OPTIONAL ) /*++ Routine Description: This function returns the recommended "display last name" setting for this workstation given a specified security level. Arguments SecurityLevel - If this value is SECMGR_LEVEL_CURRENT, then the current security level known to Missy will be used. Otherwise, the provided security level will be used. Return Values: The recommended setting. --*/ { MissypLegalNoticeItem->Value.Bool = MissypGetLegalNoticeRecommendation( SECMGR_LEVEL_CURRENT ); // // Indicate whether the current value matches the recommended value. // Since we always recommend a legal notice, if there isn't one then it is always // considered weaker (and so we don't set SECMGR_ITEM_FLAG_VALUE_RECOMMENDED.) // if (MissypLegalNoticeItem->Value.Bool == MissypLegalNoticeItem->RecommendedValue.Bool) { MissypLegalNoticeItem->Flags |= SECMGR_ITEM_FLAG_VALUE_RECOMMENDED; //Recommended value } else { MissypLegalNoticeItem->Flags &= (~SECMGR_ITEM_FLAG_VALUE_RECOMMENDED); //Not recommended value MissypLegalNoticeItem->Flags &= (~SECMGR_ITEM_FLAG_VALUE_STRONGER); //Not stronger } // // return a recommendation if requested // if (ARGUMENT_PRESENT(Recommendation)) { (*Recommendation) = TRUE; } return; }
HANDLE APIENTRY CreateFileMappingA( HANDLE hFile, LPSECURITY_ATTRIBUTES lpFileMappingAttributes, DWORD flProtect, DWORD dwMaximumSizeHigh, DWORD dwMaximumSizeLow, LPCSTR lpName ) /*++ Routine Description: ANSI thunk to CreateFileMappingW --*/ { PUNICODE_STRING Unicode; ANSI_STRING AnsiString; NTSTATUS Status; LPCWSTR NameBuffer; NameBuffer = NULL; if ( ARGUMENT_PRESENT(lpName) ) { Unicode = &NtCurrentTeb()->StaticUnicodeString; RtlInitAnsiString(&AnsiString,lpName); Status = RtlAnsiStringToUnicodeString(Unicode,&AnsiString,FALSE); if ( !NT_SUCCESS(Status) ) { if ( Status == STATUS_BUFFER_OVERFLOW ) { SetLastError(ERROR_FILENAME_EXCED_RANGE); } else { BaseSetLastNTError(Status); } return NULL; } NameBuffer = (LPCWSTR)Unicode->Buffer; } return CreateFileMappingW( hFile, lpFileMappingAttributes, flProtect, dwMaximumSizeHigh, dwMaximumSizeLow, NameBuffer ); }
__forceinline void PwmCreateRequestGetAccess( _In_ WDFREQUEST WdfRequest, _Out_ ACCESS_MASK* DesiredAccessPtr, _Out_ ULONG* ShareAccessPtr ) { NT_ASSERT(ARGUMENT_PRESENT(DesiredAccessPtr)); NT_ASSERT(ARGUMENT_PRESENT(ShareAccessPtr)); WDF_REQUEST_PARAMETERS wdfRequestParameters; WDF_REQUEST_PARAMETERS_INIT(&wdfRequestParameters); WdfRequestGetParameters(WdfRequest, &wdfRequestParameters); NT_ASSERTMSG( "Expected create request", wdfRequestParameters.Type == WdfRequestTypeCreate); *DesiredAccessPtr = wdfRequestParameters.Parameters.Create.SecurityContext->DesiredAccess; *ShareAccessPtr = wdfRequestParameters.Parameters.Create.ShareAccess; }
VOID FsRtlpSetSymbolicLink( IN PUNICODE_STRING DevName OPTIONAL ) { NTSTATUS status; UNICODE_STRING UncSymbolicName; PAGED_CODE(); RtlInitUnicodeString( &UncSymbolicName, UNCSymbolicLink ); (VOID)IoDeleteSymbolicLink( &UncSymbolicName ); if( ARGUMENT_PRESENT( DevName ) ) { status = IoCreateSymbolicLink( &UncSymbolicName, DevName ); ASSERT( NT_SUCCESS( status ) ); } }
VOID RtlInitAnsiString( OUT PANSI_STRING DestinationString, IN PSZ SourceString OPTIONAL ) /*++ Routine Description: The RtlInitAnsiString function initializes an NT counted string. The DestinationString is initialized to point to the SourceString and the Length and MaximumLength fields of DestinationString are initialized to the length of the SourceString, which is zero if SourceString is not specified. Arguments: DestinationString - Pointer to the counted string to initialize SourceString - Optional pointer to a null terminated string that the counted string is to point to. Return Value: None. --*/ { USHORT Length; Length = 0; DestinationString->Length = 0; DestinationString->Buffer = SourceString; if (ARGUMENT_PRESENT( SourceString )) { while (*SourceString++) { Length++; } DestinationString->Length = Length; DestinationString->MaximumLength = (SHORT)(Length+1); } else { DestinationString->MaximumLength = 0; } }
// // In safe-arithmetic, perform a multiplication followed by division in the form // (Mul64 * Mul32) / Div64 where the result is rounded to the nearest integer. // // Mul64: A 64-bit unsigned integer multiplicand. // Mul32: A 32-bit unsigned multiplier. // Div64: A 64-bit unsigned integer divisor. // ResultPtr: A pointer to a 64-bit unsigned integer that receives the result. // // Returns error in case of overflow, otherwise returns STATUS_SUCCESS. // __forceinline NTSTATUS SafeMulDivRound64x32x64 ( _In_ ULONGLONG Mul64, _In_ ULONG Mul32, _In_ ULONGLONG Div64, _Out_ ULONGLONG* Result64Ptr ) { ASSERT(ARGUMENT_PRESENT(Result64Ptr)); ULONGLONG q = Mul64 / Div64; ULONGLONG r = Mul64 % Div64; NTSTATUS status; // // Calculate the following in safe-arithmetic to avoid overflows: // return (q * Mul32) + ((r * Mul32) / Div64); // ULONGLONG qMul32; status = RtlULongLongMult(q, Mul32, &qMul32); if (!NT_SUCCESS(status)) { return status; } ULONGLONG rMul32; status = RtlULongLongMult(r, Mul32, &rMul32); if (!NT_SUCCESS(status)) { return status; } ULONGLONG rMul32OverDiv64; status = SafeDivRound64x64(rMul32, Div64, &rMul32OverDiv64); if (!NT_SUCCESS(status)) { return status; } ULONGLONG result; status = RtlULongLongAdd(qMul32, rMul32OverDiv64, &result); if (!NT_SUCCESS(status)) { return status; } *Result64Ptr = result; return STATUS_SUCCESS; }
PRTL_USER_PROCESS_PARAMETERS RtlDeNormalizeProcessParams( IN OUT PRTL_USER_PROCESS_PARAMETERS ProcessParameters ) { if (!ARGUMENT_PRESENT( ProcessParameters )) { return( NULL ); } if (!(ProcessParameters->Flags & RTL_USER_PROC_PARAMS_NORMALIZED)) { return( ProcessParameters ); } RtlpDeNormalizeProcessParam( ProcessParameters, ProcessParameters->CurrentDirectory.DosPath.Buffer ); RtlpDeNormalizeProcessParam( ProcessParameters, ProcessParameters->DllPath.Buffer ); RtlpDeNormalizeProcessParam( ProcessParameters, ProcessParameters->ImagePathName.Buffer ); RtlpDeNormalizeProcessParam( ProcessParameters, ProcessParameters->CommandLine.Buffer ); RtlpDeNormalizeProcessParam( ProcessParameters, ProcessParameters->WindowTitle.Buffer ); RtlpDeNormalizeProcessParam( ProcessParameters, ProcessParameters->DesktopInfo.Buffer ); RtlpDeNormalizeProcessParam( ProcessParameters, ProcessParameters->ShellInfo.Buffer ); RtlpDeNormalizeProcessParam( ProcessParameters, ProcessParameters->RuntimeData.Buffer ); ProcessParameters->Flags &= ~RTL_USER_PROC_PARAMS_NORMALIZED; return( ProcessParameters ); }
// // Event Services // HANDLE APIENTRY CreateEventA( LPSECURITY_ATTRIBUTES lpEventAttributes, BOOL bManualReset, BOOL bInitialState, LPCSTR lpName ) /*++ Routine Description: ANSI thunk to CreateEventW --*/ { PUNICODE_STRING Unicode; ANSI_STRING AnsiString; NTSTATUS Status; LPCWSTR NameBuffer; NameBuffer = NULL; if ( ARGUMENT_PRESENT(lpName) ) { Unicode = &NtCurrentTeb()->StaticUnicodeString; RtlInitAnsiString(&AnsiString,lpName); Status = RtlAnsiStringToUnicodeString(Unicode,&AnsiString,FALSE); if ( !NT_SUCCESS(Status) ) { if ( Status == STATUS_BUFFER_OVERFLOW ) { SetLastError(ERROR_FILENAME_EXCED_RANGE); } else { BaseSetLastNTError(Status); } return NULL; } NameBuffer = (LPCWSTR)Unicode->Buffer; } return CreateEventW( lpEventAttributes, bManualReset, bInitialState, NameBuffer ); }
NTSTATUS RtlAppendAsciizToString ( IN PSTRING Destination, IN PCSZ Source OPTIONAL ) /*++ Routine Description: This routine appends the supplied ASCIIZ string to an existing PSTRING. It will copy bytes from the Source PSZ to the destination PSTRING up to the destinations PSTRING->MaximumLength field. Arguments: IN PSTRING Destination, - Supplies a pointer to the destination string IN PSZ Source - Supplies the string to append to the destination Return Value: STATUS_SUCCESS - The source string was successfully appended to the destination counted string. STATUS_BUFFER_TOO_SMALL - The destination string length was not big enough to allow the source string to be appended. The Destination string length is not updated. --*/ { USHORT n; if (ARGUMENT_PRESENT( Source )) { n = (USHORT)strlen( Source ); if ((n + Destination->Length) > Destination->MaximumLength) { return( STATUS_BUFFER_TOO_SMALL ); } RtlMoveMemory( &Destination->Buffer[ Destination->Length ], Source, n ); Destination->Length += n; } return( STATUS_SUCCESS ); }
VOID RtlInitString( OUT PSTRING DestinationString, IN PCSZ SourceString OPTIONAL ) /*++ Routine Description: The RtlInitString function initializes an NT counted string. The DestinationString is initialized to point to the SourceString and the Length and MaximumLength fields of DestinationString are initialized to the length of the SourceString, which is zero if SourceString is not specified. This is a copy of the same function in \nt\private\ntos\rtl\string.c. It is here to minimize what the linker drags into the image. Arguments: DestinationString - Pointer to the counted string to initialize SourceString - Optional pointer to a null terminated string that the counted string is to point to. Return Value: None. --*/ { DestinationString->Length = 0; DestinationString->Buffer = (PCHAR)SourceString; if (ARGUMENT_PRESENT( SourceString )) { while (*SourceString++) { DestinationString->Length++; } DestinationString->MaximumLength = (SHORT)(DestinationString->Length+1); } else { DestinationString->MaximumLength = 0; } }