Пример #1
0
NTSTATUS
CsrOneTimeInitialize( VOID )
{
    NTSTATUS Status;

    //
    // Save away system information in a global variable
    //

    Status = NtQuerySystemInformation( SystemBasicInformation,
                                       &CsrNtSysInfo,
                                       sizeof( CsrNtSysInfo ),
                                       NULL
                                     );
    if (!NT_SUCCESS( Status )) {
        return( Status );
        }

    //
    // Use the process heap for memory allocation.
    //

    CsrHeap = RtlProcessHeap();

    CsrInitOnceDone = TRUE;

    return( STATUS_SUCCESS );
}
Пример #2
0
BOOLEAN
LsapHeapInitialize()

/*++

Routine Description:

    This function initializes the LSA heap.

Arguments:

    None.

Return Value:

    None.

--*/

{

    //
    // Use the process heap for memory allocations.
    //

    LsapHeap = RtlProcessHeap();

    return TRUE;

}
Пример #3
0
void
TestGetPrivNameA(
    LPSTR *PrivName,
    PLUID  lpLuid
    )
{


    BOOL          Bool;
    DWORD         cbName = 0;
    PCHAR         Name = NULL;


    Bool = LookupPrivilegeNameA(
               NULL,
               lpLuid,
               Name,
               &cbName
               );
    ASSERT( !Bool && GetLastError() == ERROR_INSUFFICIENT_BUFFER );

    Name = RtlAllocateHeap( RtlProcessHeap(), 0, (cbName+1)*sizeof(CHAR) );

    Bool = LookupPrivilegeNameA(
               NULL,
               lpLuid,
               Name,
               &cbName
               );
    ASSERT(Bool);

    (*PrivName) = (LPSTR)Name;

    return;
}
Пример #4
0
/**
 * Queries file attributes.
 *
 * \param FileName The Win32 file name.
 * \param FileInformation A variable that receives the file information.
 */
NTSTATUS PhQueryFullAttributesFileWin32(
    _In_ PWSTR FileName,
    _Out_ PFILE_NETWORK_OPEN_INFORMATION FileInformation
    )
{
    NTSTATUS status;
    UNICODE_STRING fileName;
    OBJECT_ATTRIBUTES oa;

    if (!RtlDosPathNameToNtPathName_U(
        FileName,
        &fileName,
        NULL,
        NULL
        ))
        return STATUS_OBJECT_NAME_NOT_FOUND;

    InitializeObjectAttributes(
        &oa,
        &fileName,
        OBJ_CASE_INSENSITIVE,
        NULL,
        NULL
        );

    status = NtQueryFullAttributesFile(&oa, FileInformation);
    RtlFreeHeap(RtlProcessHeap(), 0, fileName.Buffer);

    return status;
}
Пример #5
0
NTSTATUS
RtlDestroyProcessParameters(
    IN PRTL_USER_PROCESS_PARAMETERS ProcessParameters
    )
{
    RtlFreeHeap (RtlProcessHeap (), 0, ProcessParameters);
    return STATUS_SUCCESS;
}
Пример #6
0
void
TestLookupPrivilegeValueA(
    PLUID lpLuid
    )

{

    //
    // LookupPrivilegeValueA test
    //

    BOOL          Bool;
    LPSTR         PrivName;
    LUID          ReturnedValue;


    TestGetPrivNameA( &PrivName, lpLuid );

    printf("      LookupA call . . . . . . . . . . . . . . . . . ");


    Bool = LookupPrivilegeValueA(
               NULL,
               PrivName,
               &ReturnedValue
               );

    if ( !Bool ) {
        printf("** FAILED **\n");
        printf("        Status:             %d\n", GetLastError());
    } else {

        if (ReturnedValue.LowPart  != lpLuid->LowPart ||
            ReturnedValue.HighPart != lpLuid->HighPart) {
            printf("** FAILED **\n");
            printf("        Value mismatch.\n");
            printf("        Passed Value:    {0x%lx, 0x%lx}\n",
                            lpLuid->HighPart,lpLuid->LowPart);
            printf("        Retrieved Value: {0x%lx, 0x%lx}\n",
                            ReturnedValue.HighPart,ReturnedValue.LowPart);

        } else {
            printf("Succeeded\n");
        }
    }
    printf("\n\n");

    RtlFreeHeap( RtlProcessHeap(), 0, PrivName );
    return;
}
Пример #7
0
BOOL
APIENTRY
MoveFileExW(
    LPCWSTR lpExistingFileName,
    LPCWSTR lpNewFileName,
    DWORD dwFlags
    )

/*++

Routine Description:

    An existing file can be renamed using MoveFile.

Arguments:

    lpExistingFileName - Supplies the name of an existing file that is to be
        renamed.

    lpNewFileName - Supplies the new name for the existing file.  The new
        name must reside in the same file system/drive as the existing
        file and must not already exist.

    dwFlags - Supplies optional flag bits to control the behavior of the
        rename.  The following bits are currently defined:

        MOVEFILE_REPLACE_EXISTING - if the new file name exists, replace
            it by renaming the old file name on top of the new file name.

        MOVEFILE_COPY_ALLOWED - if the new file name is on a different
            volume than the old file name, and causes the rename operation
            to fail, then setting this flag allows the MoveFileEx API
            call to simulate the rename with a call to CopyFile followed
            by a call to DeleteFile to the delete the old file if the
            CopyFile was successful.

        MOVEFILE_DELAY_UNTIL_REBOOT - dont actually do the rename now, but
            instead queue the rename so that it will happen the next time
            the system boots.  If this flag is set, then the lpNewFileName
            parameter may be NULL, in which case a delay DeleteFile of
            the old file name will occur the next time the system is
            booted.

            The delay rename/delete operations occur immediately after
            AUTOCHK is run, but prior to creating any paging files, so
            it can be used to delete paging files from previous boots
            before they are reused.

        MOVEFILE_WRITE_THROUGH - perform the rename operation in such a
            way that the file has actually been moved on the disk before
            the API returns to the caller.  Note that this flag causes a
            flush at the end of a copy operation (if one were allowed and
            necessary), and has no effect if the rename operation is
            delayed until the next reboot.

Return Value:

    TRUE - The operation was successful.

    FALSE/NULL - The operation failed. Extended error status is available
        using GetLastError.

--*/

{
    NTSTATUS Status;
    BOOLEAN ReplaceIfExists;
    OBJECT_ATTRIBUTES Obja;
    HANDLE Handle;
    UNICODE_STRING OldFileName;
    UNICODE_STRING NewFileName;
    IO_STATUS_BLOCK IoStatusBlock;
    PFILE_RENAME_INFORMATION NewName;
    BOOLEAN TranslationStatus;
    RTL_RELATIVE_NAME RelativeName;
    PVOID FreeBuffer;
    ULONG OpenFlags;
    BOOLEAN fDoCrossVolumeMove;
    BOOLEAN b;

#ifdef _CAIRO_
    OBJECTID oid;
    OBJECTID *poid; // only can be valid when fDoCrossVolumeMove = TRUE
#else
    PVOID poid = NULL;
#endif

    //
    // if the target is a device, do not allow the rename !
    //
    if ( lpNewFileName ) {
        if ( RtlIsDosDeviceName_U((PWSTR)lpNewFileName) ) {
            SetLastError(ERROR_ALREADY_EXISTS);
            return FALSE;
        }
    }

    if (dwFlags & MOVEFILE_REPLACE_EXISTING) {
        ReplaceIfExists = TRUE;
    } else {
        ReplaceIfExists = FALSE;
    }

    TranslationStatus = RtlDosPathNameToNtPathName_U(
                            lpExistingFileName,
                            &OldFileName,
                            NULL,
                            &RelativeName
                            );

    if ( !TranslationStatus ) {
        SetLastError(ERROR_PATH_NOT_FOUND);
        return FALSE;
    }

    FreeBuffer = OldFileName.Buffer;

    if (!(dwFlags & MOVEFILE_DELAY_UNTIL_REBOOT)) {

        if ( RelativeName.RelativeName.Length ) {
            OldFileName = *(PUNICODE_STRING)&RelativeName.RelativeName;
        } else {
            RelativeName.ContainingDirectory = NULL;
        }
        InitializeObjectAttributes(
            &Obja,
            &OldFileName,
            OBJ_CASE_INSENSITIVE,
            RelativeName.ContainingDirectory,
            NULL
            );

        //
        // Open the file for delete access
        //

        OpenFlags = FILE_SYNCHRONOUS_IO_NONALERT |
                    FILE_OPEN_FOR_BACKUP_INTENT |
                    (dwFlags & MOVEFILE_WRITE_THROUGH) ? FILE_WRITE_THROUGH : 0;

        Status = NtOpenFile(
                    &Handle,
#ifdef _CAIRO_
                    FILE_READ_ATTRIBUTES |
#endif
                    (ACCESS_MASK)DELETE | SYNCHRONIZE,
                    &Obja,
                    &IoStatusBlock,
                    FILE_SHARE_READ | FILE_SHARE_WRITE,
                    OpenFlags
                    );

        if ( !NT_SUCCESS(Status) ) {
            RtlFreeHeap(RtlProcessHeap(), 0, FreeBuffer);
            BaseSetLastNTError(Status);
            return FALSE;
        }
    }

    if (!(dwFlags & MOVEFILE_DELAY_UNTIL_REBOOT) ||
        (lpNewFileName != NULL)) {
        TranslationStatus = RtlDosPathNameToNtPathName_U(
                                lpNewFileName,
                                &NewFileName,
                                NULL,
                                NULL
                                );

        if ( !TranslationStatus ) {
            RtlFreeHeap(RtlProcessHeap(), 0, FreeBuffer);
            SetLastError(ERROR_PATH_NOT_FOUND);
            NtClose(Handle);
            return FALSE;
            }
    } else {
        RtlInitUnicodeString( &NewFileName, NULL );
    }

    if (dwFlags & MOVEFILE_DELAY_UNTIL_REBOOT) {
        //
        // copy allowed is not permitted on delayed renames
        //


        //
        // (typical stevewo hack, preserved for sentimental value)
        //
        // If ReplaceIfExists is TRUE, prepend an exclamation point
        // to the new filename in order to pass this bit of data
        // along to the session manager.
        //
        if (ReplaceIfExists &&
            (NewFileName.Length != 0)) {
            PWSTR NewBuffer;

            NewBuffer = RtlAllocateHeap( RtlProcessHeap(),
                                         MAKE_TAG( TMP_TAG ),
                                         NewFileName.Length + sizeof(WCHAR) );
            if (NewBuffer != NULL) {
                NewBuffer[0] = L'!';
                CopyMemory(&NewBuffer[1], NewFileName.Buffer, NewFileName.Length);
                NewFileName.Length += sizeof(WCHAR);
                NewFileName.MaximumLength += sizeof(WCHAR);
                RtlFreeHeap(RtlProcessHeap(), 0, NewFileName.Buffer);
                NewFileName.Buffer = NewBuffer;
            }
        }

        if ( dwFlags & MOVEFILE_COPY_ALLOWED ) {
            Status = STATUS_INVALID_PARAMETER;
        } else {
            Status = BasepMoveFileDelayed(&OldFileName, &NewFileName);
        }
        RtlFreeHeap(RtlProcessHeap(), 0, FreeBuffer);
        RtlFreeHeap(RtlProcessHeap(), 0, NewFileName.Buffer);

        if (NT_SUCCESS(Status)) {
            return(TRUE);
        } else {
            BaseSetLastNTError(Status);
            return(FALSE);
        }
    }

    RtlFreeHeap(RtlProcessHeap(), 0, FreeBuffer);
    FreeBuffer = NewFileName.Buffer;

    NewName = RtlAllocateHeap(RtlProcessHeap(), MAKE_TAG( TMP_TAG ), NewFileName.Length+sizeof(*NewName));
    if (NewName != NULL) {
        RtlMoveMemory( NewName->FileName, NewFileName.Buffer, NewFileName.Length );

        NewName->ReplaceIfExists = ReplaceIfExists;
        NewName->RootDirectory = NULL;
        NewName->FileNameLength = NewFileName.Length;
        RtlFreeHeap(RtlProcessHeap(), 0, FreeBuffer);

        Status = NtSetInformationFile(
                    Handle,
                    &IoStatusBlock,
                    NewName,
                    NewFileName.Length+sizeof(*NewName),
                    FileRenameInformation
                    );
        RtlFreeHeap(RtlProcessHeap(), 0, NewName);
    } else {
        Status = STATUS_NO_MEMORY;
    }

    fDoCrossVolumeMove = (Status == STATUS_NOT_SAME_DEVICE) &&
                         (dwFlags & MOVEFILE_COPY_ALLOWED);

#ifdef _CAIRO_
    if (fDoCrossVolumeMove)
    {
        // Get the object'd OBJECTID
        poid = RtlQueryObjectId(Handle, &oid) == STATUS_SUCCESS ? &oid : NULL;
    }
#endif

    NtClose(Handle);
    if ( NT_SUCCESS(Status) ) {
        return TRUE;
    } else if ( fDoCrossVolumeMove ) {
        HELPER_CONTEXT Context;

        Context.pObjectId = poid;
        Context.dwFlags = dwFlags;
        b = CopyFileExW(
                lpExistingFileName,
                lpNewFileName,
                poid || dwFlags & MOVEFILE_WRITE_THROUGH ? BasepCrossVolumeMoveHelper : NULL,
                &Context,
                NULL,
                ReplaceIfExists ? 0 : COPY_FILE_FAIL_IF_EXISTS
                );
        if ( b ) {

            //
            // the copy worked... Delete the source of the rename
            // if it fails, try a set attributes and then a delete
            //

            if (!DeleteFileW( lpExistingFileName ) ) {

                //
                // If the delete fails, we will return true, but possibly
                // leave the source dangling
                //

                SetFileAttributesW(lpExistingFileName,FILE_ATTRIBUTE_NORMAL);
                DeleteFileW( lpExistingFileName );

            }
            return TRUE;
        } else {
            return FALSE;
        }
    } else {
        BaseSetLastNTError(Status);
        return FALSE;
    }
}
Пример #8
0
NTSTATUS
SampFixBug18471 (
    IN ULONG Revision
    )
/*++

Routine Description:

    This routine fixes bug 18471, that SAM does not adjust the protection
    on groups that are members of administrative aliases in the builtin
    domain. It fixes this by opening a fixed set of known aliases
    (Administrators, Account Operators, Backup Operators, Print Operators,
    and Server Operators), and enumerating their members.  To fix this,
    we will remove all the members of these aliases (except the
    Administrator user account) and re-add them.

Arguments:

    Revision - Revision of the Sam server.

Return Value:


    Note:


--*/
{
    NTSTATUS            Status;
    ULONG               Index, Index2;
    PSID                BuiltinDomainSid = NULL;
    SID_IDENTIFIER_AUTHORITY BuiltinAuthority = SECURITY_NT_AUTHORITY;
    PSID                AccountDomainSid;
    ULONG               AccountDomainIndex = 0xffffffff;
    ULONG               BuiltinDomainIndex = 0xffffffff;
    SAMPR_PSID_ARRAY    AliasMembership;
    ULONG               MemberRid;
    ULONG               SdRevision;
    PSECURITY_DESCRIPTOR OldDescriptor;
    PSECURITY_DESCRIPTOR SecurityDescriptor;
    ULONG               SecurityDescriptorLength;
    SAMP_OBJECT_TYPE    MemberType;
    PSAMP_OBJECT        MemberContext;
    PSAMP_OBJECT        AliasContext;
    SAMP_V1_0A_FIXED_LENGTH_GROUP GroupV1Fixed;
    SAMP_V1_0A_FIXED_LENGTH_USER UserV1Fixed;

    //
    // Check the revision on the server to see if this upgrade has
    // already been performed.
    //


    if (Revision >= SAMP_SERVER_REVISION) {

        //
        // This upgrade has already been performed.
        //

        goto Cleanup;
    }


    //
    // Build a the BuiltIn domain SID.
    //

    BuiltinDomainSid  = RtlAllocateHeap(RtlProcessHeap(), 0,RtlLengthRequiredSid( 1 ));

    if ( BuiltinDomainSid == NULL ) {
        Status = STATUS_INSUFFICIENT_RESOURCES;
        goto Cleanup;
    }

    RtlInitializeSid( BuiltinDomainSid,   &BuiltinAuthority, 1 );
    *(RtlSubAuthoritySid( BuiltinDomainSid,  0 )) = SECURITY_BUILTIN_DOMAIN_RID;


    //
    // Lookup the index of the account domain
    //

    for (Index = 0;
         Index < SampDefinedDomainsCount ;
         Index++ ) {

        if (RtlEqualSid( BuiltinDomainSid, SampDefinedDomains[Index].Sid)) {
            BuiltinDomainIndex = Index;
        } else {
            AccountDomainIndex = Index;
        }
    }

    ASSERT(AccountDomainIndex < SampDefinedDomainsCount);
    ASSERT(BuiltinDomainIndex < SampDefinedDomainsCount);

    AccountDomainSid = SampDefinedDomains[AccountDomainIndex].Sid;

    //
    // Create out transaction log
    //

    Status = SampCreate18471Key();
    if (!NT_SUCCESS(Status)) {
        goto Cleanup;
    }




    //
    // Now loop through and open the aliases we are intersted in
    //

    for (Index = 0;
         Index < ADMINISTRATIVE_ALIAS_COUNT ;
         Index++ )
    {

        SampSetTransactionDomain( BuiltinDomainIndex );

        SampAcquireReadLock();

        Status = SampCreateAccountContext(
                    SampAliasObjectType,
                    AdministrativeRids[Index],
                    TRUE,                       // Trusted client
                    TRUE,                       // Account exists
                    &AliasContext
                    );

        if ( !NT_SUCCESS(Status) ) {

            SampReleaseReadLock();
            if (Status == STATUS_NO_SUCH_ALIAS) {
                Status = STATUS_SUCCESS;
                continue;
            } else {

                goto Cleanup;
            }
        }


        //
        // Get the members in the alias so we can remove and re-add them
        //

        Status = SampRetrieveAliasMembers(
                    AliasContext,
                    &(AliasMembership.Count),
                    (PSID **)&(AliasMembership.Sids)
                    );

        SampDeleteContext(AliasContext);
        SampReleaseReadLock();
        if (!NT_SUCCESS(Status)) {
            break;
        }

        //
        // Write that we are opening this alias to the log.  We don't need
        // to do this for administrators, since for them we the update is
        // idempotent.
        //

        if (AdministrativeRids[Index] != DOMAIN_ALIAS_RID_ADMINS) {
            Status = SampAddAliasTo18471Key(
                        AdministrativeRids[Index]
                        );
            if (!NT_SUCCESS(Status)) {
                break;
            }
        }


        //
        // Loop through the members and split each sid.  For every
        // member in the account domain , remove it and re-add it from
        // this alias.
        //




        for (Index2 = 0; Index2 < AliasMembership.Count ; Index2++ )
        {
            //
            // Check to see if this account is in the account domain
            //

            if ( SampMatchDomainPrefix(
                    (PSID) AliasMembership.Sids[Index2].SidPointer,
                    AccountDomainSid
                    ) )
            {

                //
                // Get the RID for this member
                //

                MemberRid = *RtlSubAuthoritySid(
                                AliasMembership.Sids[Index2].SidPointer,
                                *RtlSubAuthorityCountSid(
                                    AliasMembership.Sids[Index2].SidPointer
                                ) - 1
                                );

                //
                // Now remove and re-add the administratie nature of this
                // membership
                //

                if (AdministrativeRids[Index] == DOMAIN_ALIAS_RID_ADMINS) {

                    Status = SampAcquireWriteLock();
                    if (!NT_SUCCESS(Status)) {
                        break;
                    }

                    SampSetTransactionDomain( AccountDomainIndex );

                    //
                    // Try to create a context for the account as a group.
                    //

                    Status = SampCreateAccountContext(
                                     SampGroupObjectType,
                                     MemberRid,
                                     TRUE, // Trusted client
                                     TRUE, // Account exists
                                     &MemberContext
                                     );

                    if (!NT_SUCCESS( Status ) ) {

                        //
                        // If this ID does not exist as a group, that's fine -
                        // it might be a user or might have been deleted.
                        //

                        SampReleaseWriteLock( FALSE );
                        if (Status == STATUS_NO_SUCH_GROUP) {
                            Status = STATUS_SUCCESS;
                            continue;
                        }
                        break;
                    }

                    //
                    // Now set a flag in the group itself,
                    // so that when users are added and removed
                    // in the future it is known whether this
                    // group is in an ADMIN alias or not.
                    //

                    Status = SampRetrieveGroupV1Fixed(
                                   MemberContext,
                                   &GroupV1Fixed
                                   );

                    if ( NT_SUCCESS(Status)) {

                        GroupV1Fixed.AdminCount = 1;

                        Status = SampReplaceGroupV1Fixed(
                                    MemberContext,
                                    &GroupV1Fixed
                                    );
                        //
                        // Modify the security descriptor to
                        // prevent account operators from adding
                        // anybody to this group
                        //

                        if ( NT_SUCCESS( Status ) ) {

                            Status = SampGetAccessAttribute(
                                        MemberContext,
                                        SAMP_GROUP_SECURITY_DESCRIPTOR,
                                        FALSE, // don't make copy
                                        &SdRevision,
                                        &OldDescriptor
                                        );

                            if (NT_SUCCESS(Status)) {

                                Status = SampModifyAccountSecurity(
                                            SampGroupObjectType,
                                            TRUE, // this is an admin
                                            OldDescriptor,
                                            &SecurityDescriptor,
                                            &SecurityDescriptorLength
                                            );
                            }

                            if ( NT_SUCCESS( Status ) ) {

                                //
                                // Write the new security descriptor into the object
                                //

                                Status = SampSetAccessAttribute(
                                               MemberContext,
                                               SAMP_USER_SECURITY_DESCRIPTOR,
                                               SecurityDescriptor,
                                               SecurityDescriptorLength
                                               );

                                MIDL_user_free( SecurityDescriptor );
                            }



                        }
                        if (NT_SUCCESS(Status)) {

                            //
                            // Add the modified group to the current transaction
                            // Don't use the open key handle since we'll be deleting the context.
                            //

                            Status = SampStoreObjectAttributes(MemberContext, FALSE);

                        }

                    }

                    //
                    // Clean up the group context
                    //

                    SampDeleteContext(MemberContext);

                    //
                    // we don't want the modified count to change
                    //

                    SampTransactionWithinDomain = FALSE;

                    if (NT_SUCCESS(Status)) {
                        Status = SampReleaseWriteLock( TRUE );
                    } else {
                        (VOID) SampReleaseWriteLock( FALSE );
                    }

                }
                else
                {


                    //
                    // Check to see if we've already upgraded this member
                    //

                    Status = SampCheckMemberUpgradedFor18471(
                                AdministrativeRids[Index],
                                MemberRid);

                    if (NT_SUCCESS(Status)) {

                        //
                        // This member already was upgraded.
                        //

                        continue;
                    } else {

                        //
                        // We continue on with the upgrade
                        //

                        Status = STATUS_SUCCESS;
                    }

                    //
                    // Change the operator account for the other
                    // aliases.
                    //

                    if (NT_SUCCESS(Status)) {

                        Status = SampAcquireWriteLock();
                        if (!NT_SUCCESS(Status)) {
                            break;
                        }

                        SampSetTransactionDomain( AccountDomainIndex );

                        Status = SampChangeAccountOperatorAccessToMember(
                                    AliasMembership.Sids[Index2].SidPointer,
                                    NoChange,
                                    AddToAdmin
                                    );

                        //
                        // If that succeeded, add this member to the log
                        // as one that was upgraded.
                        //

                        if (NT_SUCCESS(Status)) {
                            Status = SampAddMemberRidTo18471Key(
                                        AdministrativeRids[Index],
                                        MemberRid
                                        );

                        }

                        //
                        // We don't want the modified count to be updated so
                        // make this not a domain transaction
                        //

                        SampTransactionWithinDomain = FALSE;
                                                if (NT_SUCCESS(Status)) {
                            Status = SampReleaseWriteLock( TRUE );
                        } else {
                            (VOID) SampReleaseWriteLock( FALSE );
                        }

                    }

                    if (!NT_SUCCESS(Status)) {
                        break;
                    }

                }
            }
        }

        SamIFree_SAMPR_PSID_ARRAY(
            &AliasMembership
            );
        AliasMembership.Sids = NULL;


        //
        // If something up above failed or the upgrade was already done,
        // exit now.
        //

        if (!NT_SUCCESS(Status)) {
            break;
        }
    }

Cleanup:

    if (BuiltinDomainSid != NULL) {
        RtlFreeHeap(
            RtlProcessHeap(),
            0,
            BuiltinDomainSid
            );
    }

    if (NT_SUCCESS(Status)) {
        Status = SampCleanup18471();
    }
    return(Status);
}
Пример #9
0
NTSTATUS
BasepMoveFileDelayed(
    IN PUNICODE_STRING OldFileName,
    IN PUNICODE_STRING NewFileName
    )

/*++

Routine Description:

    Appends the given delayed move file operation to the registry
    value that contains the list of move file operations to be
    performed on the next boot.

Arguments:

    OldFileName - Supplies the old file name

    NewFileName - Supplies the new file name

Return Value:

    NTSTATUS

--*/

{
    OBJECT_ATTRIBUTES Obja;
    UNICODE_STRING KeyName;
    UNICODE_STRING ValueName;
    HANDLE KeyHandle;
    PWSTR ValueData, s;
    PKEY_VALUE_PARTIAL_INFORMATION ValueInfo;
    ULONG ValueLength = 1024;
    ULONG ReturnedLength;
    NTSTATUS Status;

    RtlInitUnicodeString( &KeyName, L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\Session Manager" );
    RtlInitUnicodeString( &ValueName, L"PendingFileRenameOperations" );
    InitializeObjectAttributes(
        &Obja,
        &KeyName,
        OBJ_OPENIF | OBJ_CASE_INSENSITIVE,
        NULL,
        NULL
        );

    Status = NtCreateKey( &KeyHandle,
                          GENERIC_READ | GENERIC_WRITE,
                          &Obja,
                          0,
                          NULL,
                          0,
                          NULL
                        );
    if ( Status == STATUS_ACCESS_DENIED ) {
        Status = NtCreateKey( &KeyHandle,
                              GENERIC_READ | GENERIC_WRITE,
                              &Obja,
                              0,
                              NULL,
                              REG_OPTION_BACKUP_RESTORE,
                              NULL
                            );
    }

    if (NT_SUCCESS( Status )) {

retry:
        ValueInfo = RtlAllocateHeap(RtlProcessHeap(),
                                    MAKE_TAG(TMP_TAG),
                                    ValueLength + OldFileName->Length + sizeof(WCHAR) +
                                                  NewFileName->Length + 2*sizeof(WCHAR));
        if (ValueInfo == NULL) {
            NtClose(KeyHandle);
            return(STATUS_NO_MEMORY);
        }

        //
        // File rename operations are stored in the registry in a
        // single MULTI_SZ value. This allows the renames to be
        // performed in the same order that they were originally
        // requested. Each rename operation consists of a pair of
        // NULL-terminated strings.
        //

        Status = NtQueryValueKey(KeyHandle,
                                 &ValueName,
                                 KeyValuePartialInformation,
                                 ValueInfo,
                                 ValueLength,
                                 &ReturnedLength);
        if (Status == STATUS_BUFFER_OVERFLOW) {
            //
            // The existing value is too large for our buffer.
            // Retry with a larger buffer.
            //
            ValueLength = ReturnedLength;
            RtlFreeHeap(RtlProcessHeap(), 0, ValueInfo);
            goto retry;
        }

        if (Status == STATUS_OBJECT_NAME_NOT_FOUND) {
            //
            // The value does not currently exist. Create the
            // value with our data.
            //
            s = ValueData = (PWSTR)ValueInfo;
        } else if (NT_SUCCESS(Status)) {
            //
            // A value already exists, append our two strings to the
            // MULTI_SZ.
            //
            ValueData = (PWSTR)(&ValueInfo->Data);
            s = (PWSTR)((PCHAR)ValueData + ValueInfo->DataLength) - 1;
        } else {
            NtClose(KeyHandle);
            RtlFreeHeap(RtlProcessHeap(), 0, ValueInfo);
            return(Status);
        }

        CopyMemory(s, OldFileName->Buffer, OldFileName->Length);
        s += (OldFileName->Length/sizeof(WCHAR));
        *s++ = L'\0';

        CopyMemory(s, NewFileName->Buffer, NewFileName->Length);
        s += (NewFileName->Length/sizeof(WCHAR));
        *s++ = L'\0';
        *s++ = L'\0';

        Status = NtSetValueKey(KeyHandle,
                               &ValueName,
                               0,
                               REG_MULTI_SZ,
                               ValueData,
                               (s-ValueData)*sizeof(WCHAR));
        NtClose(KeyHandle);
        RtlFreeHeap(RtlProcessHeap(), 0, ValueInfo);
    }

    return(Status);
}
// Sets the access-control list for a handle to "Everyone:AccessMask"
// The handle must be open for WRITE_DAC access
static NTSTATUS NtSetObjectAccessForEveryone(
    IN HANDLE ObjectHandle,
    IN ACCESS_MASK AccessMask)
{
    SID_IDENTIFIER_AUTHORITY SiaEveryone = SECURITY_WORLD_SID_AUTHORITY;
    SECURITY_DESCRIPTOR sd;
    NTSTATUS Status;
    ULONG cbAclLength = 0;
    PSID pSidEveryone = NULL; 
    PACL pAcl = NULL;

    // Get the SID of Everyone
    Status = RtlAllocateAndInitializeSid(&SiaEveryone, 1, 0, 0, 0, 0, 0, 0, 0, 0, &pSidEveryone);

    // Allocate space for ACL
    if(NT_SUCCESS(Status))
    {
        ULONG dwSidLength = RtlLengthSid(pSidEveryone);

        // Create ACL for full access to the file
        cbAclLength = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + dwSidLength - sizeof(DWORD);
        pAcl = (PACL)RtlAllocateHeap(RtlProcessHeap(), 0, cbAclLength);
        if(pAcl == NULL)
            Status = STATUS_INSUFFICIENT_RESOURCES;
    }

    // Create the Access control list with one ACE
    if(NT_SUCCESS(Status))
    {
        Status = RtlCreateAcl(pAcl, cbAclLength, ACL_REVISION);
    }

    // Add the ACE to the ACL
    if(NT_SUCCESS(Status))
    {
        Status = RtlAddAccessAllowedAce(pAcl, ACL_REVISION, AccessMask, pSidEveryone);
    }

    // Initialize the blank security descriptor
    if(NT_SUCCESS(Status))
    {
        Status = RtlCreateSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION);
    }

    // Set the ACL to the security descriptor
    if(NT_SUCCESS(Status))
    {
        Status = RtlSetDaclSecurityDescriptor(&sd, TRUE, pAcl, FALSE);
    }

    // Apply the security information to the handle
    if(NT_SUCCESS(Status))
    {
        Status = NtSetSecurityObject(ObjectHandle, DACL_SECURITY_INFORMATION, &sd);
    }

    // Free buffers
    if(pAcl != NULL)
        RtlFreeHeap(RtlProcessHeap(), 0, pAcl);
    if(pSidEveryone != NULL)
        RtlFreeSid(pSidEveryone);
    return Status;
}
Пример #11
0
NTSTATUS
main(
    IN ULONG argc,
    IN PCH argv[],
    IN PCH envp[],
    IN ULONG DebugParameter OPTIONAL
    )

{
    ULONG i;
    char c, *s;
    PCH *Arguments;
    PCH *Variables;
    PCH Parameters[ RTL_USER_PROC_PARAMS_DEBUGFLAG+2 ];

    ULONG TestVector = 0;

    Arguments = argv;
    Variables = envp;
    Parameters[ RTL_USER_PROC_PARAMS_IMAGEFILE ] =
         "Full Path Specification of Image File goes here";

    Parameters[ RTL_USER_PROC_PARAMS_CMDLINE ] =
         "Complete Command Line goes here";

    Parameters[ RTL_USER_PROC_PARAMS_DEBUGFLAG ] =
         "Debugging String goes here";

    Parameters[ RTL_USER_PROC_PARAMS_DEBUGFLAG+1 ] = NULL;

    MyHeap = RtlProcessHeap();


#if DBG
    DbgPrint( "Entering URTL User Mode Test Program\n" );
    DbgPrint( "argc = %ld\n", argc );
    for (i=0; i<=argc; i++) {
        DbgPrint( "argv[ %ld ]: %s\n",
                  i,
                  argv[ i ] ? argv[ i ] : "<NULL>"
                );
        }
    DbgPrint( "\n" );
    for (i=0; envp[i]; i++) {
        DbgPrint( "envp[ %ld ]: %s\n", i, envp[ i ] );
        }
#endif
    i = 1;
    if (argc > 1 ) {
        while (--argc) {
            s = *++argv;
            while ((c = *s++) != '\0') {
                switch (c) {

                case 'V':
                case 'v':
                    TestVector = i++;
                    break;
                default:
                    DbgPrint( "urtl: invalid test code - '%s'", *argv );
                    break;
                }
            }
        }
    }

    if ( TestVector ) {
        VectorTest(Arguments,Variables,Parameters);
    }

    return( STATUS_SUCCESS );
}
Пример #12
0
DWORD
APIENTRY
WaitForMultipleObjectsEx(
    DWORD nCount,
    CONST HANDLE *lpHandles,
    BOOL bWaitAll,
    DWORD dwMilliseconds,
    BOOL bAlertable
)

/*++

Routine Description:

    A wait operation on multiple waitable objects (up to
    MAXIMUM_WAIT_OBJECTS) is accomplished with the
    WaitForMultipleObjects function.

    This API can be used to wait on any of the specified objects to
    enter the signaled state, or all of the objects to enter the
    signaled state.

    If the bAlertable parameter is FALSE, the only way the wait
    terminates is because the specified timeout period expires, or
    because the specified objects entered the signaled state.  If the
    bAlertable parameter is TRUE, then the wait can return due to any one of
    the above wait termination conditions, or because an I/O completion
    callback terminated the wait early (return value of
    WAIT_IO_COMPLETION).

Arguments:

    nCount - A count of the number of objects that are to be waited on.

    lpHandles - An array of object handles.  Each handle must have
        SYNCHRONIZE access to the associated object.

    bWaitAll - A flag that supplies the wait type.  A value of TRUE
        indicates a "wait all".  A value of false indicates a "wait
        any".

    dwMilliseconds - A time-out value that specifies the relative time,
        in milliseconds, over which the wait is to be completed.  A
        timeout value of 0 specified that the wait is to timeout
        immediately.  This allows an application to test an object to
        determine if it is in the signaled state.  A timeout value of
        0xffffffff specifies an infinite timeout period.

    bAlertable - Supplies a flag that controls whether or not the
        wait may terminate early due to an I/O completion callback.
        A value of TRUE allows this API to complete early due to an I/O
        completion callback.  A value of FALSE will not allow I/O
        completion callbacks to terminate this call early.

Return Value:

    WAIT_TIME_OUT - indicates that the wait was terminated due to the
        TimeOut conditions.

    0 to MAXIMUM_WAIT_OBJECTS-1, indicates, in the case of wait for any
        object, the object number which satisfied the wait.  In the case
        of wait for all objects, the value only indicates that the wait
        was completed successfully.

    0xffffffff - The wait terminated due to an error. GetLastError may be
        used to get additional error information.

    WAIT_ABANDONED_0 to (WAIT_ABANDONED_0)+(MAXIMUM_WAIT_OBJECTS - 1),
        indicates, in the case of wait for any object, the object number
        which satisfied the event, and that the object which satisfied
        the event was abandoned.  In the case of wait for all objects,
        the value indicates that the wait was completed successfully and
        at least one of the objects was abandoned.

    WAIT_IO_COMPLETION - The wait terminated due to one or more I/O
        completion callbacks.

--*/
{
    NTSTATUS Status;
    LARGE_INTEGER TimeOut;
    PLARGE_INTEGER pTimeOut;
    DWORD i;
    LPHANDLE HandleArray;
    HANDLE Handles[ 8 ];
    PPEB Peb;

    if (nCount > 8) {
        HandleArray = (LPHANDLE) RtlAllocateHeap(RtlProcessHeap(), MAKE_TAG( TMP_TAG ), nCount*sizeof(HANDLE));
        if (HandleArray == NULL) {
            BaseSetLastNTError(STATUS_NO_MEMORY);
            return 0xffffffff;
        }
    } else {
        HandleArray = Handles;
    }
    RtlCopyMemory(HandleArray,(LPVOID)lpHandles,nCount*sizeof(HANDLE));

    Peb = NtCurrentPeb();
    for (i=0; i<nCount; i++) {
        switch( (DWORD)HandleArray[i] ) {
        case STD_INPUT_HANDLE:
            HandleArray[i] = Peb->ProcessParameters->StandardInput;
            break;
        case STD_OUTPUT_HANDLE:
            HandleArray[i] = Peb->ProcessParameters->StandardOutput;
            break;
        case STD_ERROR_HANDLE:
            HandleArray[i] = Peb->ProcessParameters->StandardError;
            break;
        }

        if (CONSOLE_HANDLE(HandleArray[i]) && VerifyConsoleIoHandle(HandleArray[i])) {
            HandleArray[i] = GetConsoleInputWaitHandle();
        }
    }

    pTimeOut = BaseFormatTimeOut(&TimeOut,dwMilliseconds);
rewait:
    Status = NtWaitForMultipleObjects(
                 (CHAR)nCount,
                 HandleArray,
                 bWaitAll ? WaitAll : WaitAny,
                 (BOOLEAN)bAlertable,
                 pTimeOut
             );
    if ( !NT_SUCCESS(Status) ) {
        BaseSetLastNTError(Status);
        Status = (NTSTATUS)0xffffffff;
    }
    else {
        if ( bAlertable && Status == STATUS_ALERTED ) {
            goto rewait;
        }
    }

    if (HandleArray != Handles) {
        RtlFreeHeap(RtlProcessHeap(), 0, HandleArray);
    }

    return (DWORD)Status;
}
Пример #13
0
/**
 * Creates or opens a file.
 *
 * \param FileHandle A variable that receives the file handle.
 * \param FileName The Win32 file name.
 * \param DesiredAccess The desired access to the file.
 * \param FileAttributes File attributes applied if the file is
 * created or overwritten.
 * \param ShareAccess The file access granted to other threads.
 * \li \c FILE_SHARE_READ Allows other threads to read from the file.
 * \li \c FILE_SHARE_WRITE Allows other threads to write to the file.
 * \li \c FILE_SHARE_DELETE Allows other threads to delete the file.
 * \param CreateDisposition The action to perform if the file does
 * or does not exist.
 * \li \c FILE_SUPERSEDE If the file exists, replace it. Otherwise, create the file.
 * \li \c FILE_CREATE If the file exists, fail. Otherwise, create the file.
 * \li \c FILE_OPEN If the file exists, open it. Otherwise, fail.
 * \li \c FILE_OPEN_IF If the file exists, open it. Otherwise, create the file.
 * \li \c FILE_OVERWRITE If the file exists, open and overwrite it. Otherwise, fail.
 * \li \c FILE_OVERWRITE_IF If the file exists, open and overwrite it. Otherwise, create the file.
 * \param CreateOptions The options to apply when the file is opened or created.
 * \param CreateStatus A variable that receives creation information.
 * \li \c FILE_SUPERSEDED The file was replaced because \c FILE_SUPERSEDE was specified in
 * \a CreateDisposition.
 * \li \c FILE_OPENED The file was opened because \c FILE_OPEN or \c FILE_OPEN_IF was specified in
 * \a CreateDisposition.
 * \li \c FILE_CREATED The file was created because \c FILE_CREATE or \c FILE_OPEN_IF was specified
 * in \a CreateDisposition.
 * \li \c FILE_OVERWRITTEN The file was overwritten because \c FILE_OVERWRITE or \c FILE_OVERWRITE_IF
 * was specified in \a CreateDisposition.
 * \li \c FILE_EXISTS The file was not opened because it already existed and \c FILE_CREATE was
 * specified in \a CreateDisposition.
 * \li \c FILE_DOES_NOT_EXIST The file was not opened because it did not exist and \c FILE_OPEN or
 * \c FILE_OVERWRITE was specified in \a CreateDisposition.
 */
NTSTATUS PhCreateFileWin32Ex(
    _Out_ PHANDLE FileHandle,
    _In_ PWSTR FileName,
    _In_ ACCESS_MASK DesiredAccess,
    _In_opt_ ULONG FileAttributes,
    _In_ ULONG ShareAccess,
    _In_ ULONG CreateDisposition,
    _In_ ULONG CreateOptions,
    _Out_opt_ PULONG CreateStatus
    )
{
    NTSTATUS status;
    HANDLE fileHandle;
    UNICODE_STRING fileName;
    OBJECT_ATTRIBUTES oa;
    IO_STATUS_BLOCK isb;

    if (!FileAttributes)
        FileAttributes = FILE_ATTRIBUTE_NORMAL;

    if (!RtlDosPathNameToNtPathName_U(
        FileName,
        &fileName,
        NULL,
        NULL
        ))
        return STATUS_OBJECT_NAME_NOT_FOUND;

    InitializeObjectAttributes(
        &oa,
        &fileName,
        OBJ_CASE_INSENSITIVE,
        NULL,
        NULL
        );

    status = NtCreateFile(
        &fileHandle,
        DesiredAccess,
        &oa,
        &isb,
        NULL,
        FileAttributes,
        ShareAccess,
        CreateDisposition,
        CreateOptions,
        NULL,
        0
        );

    RtlFreeHeap(RtlProcessHeap(), 0, fileName.Buffer);

    if (NT_SUCCESS(status))
    {
        *FileHandle = fileHandle;
    }

    if (CreateStatus)
        *CreateStatus = (ULONG)isb.Information;

    return status;
}
Пример #14
0
BOOL
SockInitialize (
    IN PVOID DllHandle,
    IN ULONG Reason,
    IN PVOID Context OPTIONAL
    )
{
    NTSTATUS status;
    SYSTEM_INFO systemInfo;

    //
    // On a thread detach, set up the context param so that all
    // necessary deallocations will occur.
    //

    if ( Reason == DLL_THREAD_DETACH ) {
        Context = NULL;
    }

    switch ( Reason ) {

    case DLL_PROCESS_ATTACH:

        SockModuleHandle = (HMODULE)DllHandle;

#if DBG
        //
        // If there is a file in the current directory called "wsdebug"
        // open it and read the first line to set the debugging flags.
        //

        {
            HANDLE handle;

            handle = CreateFile(
                         "WsDebug",
                         GENERIC_READ,
                         FILE_SHARE_READ | FILE_SHARE_WRITE,
                         NULL,
                         OPEN_EXISTING,
                         0,
                         NULL
                         );

            if( handle == INVALID_HANDLE_VALUE ) {

                //
                // Set default value.
                //

                WsDebug = WINSOCK_DEBUG_DEBUGGER;

            } else {

                CHAR buffer[11];
                DWORD bytesRead;

                RtlZeroMemory( buffer, sizeof(buffer) );

                if ( ReadFile( handle, buffer, 10, &bytesRead, NULL ) ) {

                    buffer[bytesRead] = '\0';

                    WsDebug = strtoul( buffer, NULL, 16 );

                } else {

                    WS_PRINT(( "read file failed: %ld\n", GetLastError( ) ));
                }

                CloseHandle( handle );
            }
        }
#endif

        IF_DEBUG(INIT) {
            WS_PRINT(( "SockInitialize: process attach, PEB = %lx\n",
                           NtCurrentPeb( ) ));
        }

        //
        // Initialize the lists of sockets and helper DLLs.
        //

        InitializeListHead( &SockHelperDllListHead );
        InitializeListHead( &SocketListHead );

        //
        // Initialize the global post routine pointer.  We have to do it
        // here rather than statically because it otherwise won't be
        // thunked correctly.
        //

        SockPostRoutine = PostMessage;

        //
        // *** lock acquisition order: it is legal to acquire SocketLock
        // while holding an individual socket lock, but not the other way
        // around!
        //

        InitializeCriticalSection( &SocketLock );
        InitializeCriticalSection( &csRnRLock);

#if !defined(USE_TEB_FIELD)
        //
        // Allocate space in TLS so that we can convert global variables
        // to thread variables.
        //

        SockTlsSlot = TlsAlloc( );

        if ( SockTlsSlot == 0xFFFFFFFF ) {

            WS_PRINT(( "SockInitialize: TlsAlloc failed: %ld\n", GetLastError( ) ));
            DeleteCriticalSection( &SocketLock );
            DeleteCriticalSection( &csRnRLock );
            return FALSE;
        }
#endif  // !USE_TEB_FIELD

        //
        // Create private WinSock heap on MP machines.  UP machines
        // just use the process heap.
        //

        GetSystemInfo( &systemInfo );

        if( systemInfo.dwNumberOfProcessors > 1 ) {

            SockPrivateHeap = RtlCreateHeap( HEAP_GROWABLE |    // Flags
                                             HEAP_CLASS_1,
                                             NULL,              // HeapBase
                                             0,                 // ReserveSize
                                             0,                 // CommitSize
                                             NULL,              // Lock
                                             NULL );            // Parameters

        } else {

            WS_ASSERT( SockPrivateHeap == NULL );

        }

        if ( SockPrivateHeap == NULL ) {

            //
            // This is either a UP box, or RtlCreateHeap() failed.  In
            // either case, just use the process heap.
            //

            SockPrivateHeap = RtlProcessHeap();

        }

        break;

    case DLL_PROCESS_DETACH:

        IF_DEBUG(INIT) {
            WS_PRINT(( "SockInitialize: process detach, PEB = %lx\n",
                           NtCurrentPeb( ) ));
        }

        //
        // Only clean up resources if we're being called because of a
        // FreeLibrary().  If this is because of process termination,
        // do not clean up, as the system will do it for us.  Also,
        // if we get called at process termination, it is likely that
        // a thread was terminated while it held a winsock lock, which
        // would cause a deadlock if we then tried to grab the lock.
        //

        if ( Context == NULL ) {
            WSACleanup( );
            GetHostCleanup();
            DeleteCriticalSection( &SocketLock );
            DeleteCriticalSection( &csRnRLock );
        }

        SockProcessTerminating = TRUE;

        // *** lack of break is intentional!

    case DLL_THREAD_DETACH:

        IF_DEBUG(INIT) {
            WS_PRINT(( "SockInitialize: thread detach, TEB = %lx\n",
                           NtCurrentTeb( ) ));
        }

        //
        // If the TLS information for this thread has been initialized,
        // free the thread data buffer.
        //

        if ( Context == NULL &&
             GET_THREAD_DATA() != NULL ) {

            FREE_HEAP( GET_THREAD_DATA() );
            SET_THREAD_DATA( NULL );
        }

        //
        // If this is a process detach, free the TLS slot we're using.
        //

        if ( Reason == DLL_PROCESS_DETACH && Context == NULL ) {

#if !defined(USE_TEB_FIELD)
            if ( SockTlsSlot != 0xFFFFFFFF ) {

                BOOLEAN ret;

                ret = TlsFree( SockTlsSlot );
                WS_ASSERT( ret );

                SockTlsSlot = 0xFFFFFFFF;
            }
#endif  // !USE_TEB_FIELD

            //
            //  Also destroy any private WinSock heap.
            //

            if ( SockPrivateHeap != RtlProcessHeap() ) {

                WS_ASSERT( SockPrivateHeap != NULL );
                RtlDestroyHeap( SockPrivateHeap );
                SockPrivateHeap = NULL;

            }
        }

        break;

    case DLL_THREAD_ATTACH:
        break;

    default:

        WS_ASSERT( FALSE );
        break;
    }

    return TRUE;

} // SockInitialize
Пример #15
0
BOOL
CreateRegistryClassesFromRegistry16(
    HANDLE SoftwareRoot,
    PREG_HEADER16 Registry
    )
{
    PREG_KEY16 KeyNode;
    PREG_STRING16 KeyNameString, KeyValueString;
    PREG_NODE16 NodeTable;
    PCH StringTable;
    int i;
    DWORD Level;
    REG16_WALK_STATE State[ MAX_LEVELS ];
    ANSI_STRING AnsiString;
    UNICODE_STRING KeyName;
    UNICODE_STRING KeyValue;
    UNICODE_STRING ValueName;
    NTSTATUS Status;
    OBJECT_ATTRIBUTES ObjectAttributes;
    ULONG CreateDisposition;
    PREG16_PATH_SUBST PathSubst;

    RtlInitUnicodeString( &ValueName, NULL );

    NodeTable = (PREG_NODE16)((PBYTE)Registry + Registry->dwNodeTable);
    StringTable = (PCH)Registry + Registry->dwStringValue;

    i = NodeTable[ 0 ].key.iChild;
    Level = 0;
    while (i != 0) {
        KeyNode = &NodeTable[ i ].key;
        KeyNameString = &NodeTable[ KeyNode->iKey ].str;
        AnsiString.Length = KeyNameString->cb;
        AnsiString.MaximumLength = AnsiString.Length;
        AnsiString.Buffer = StringTable + KeyNameString->irgb;
        if (Level == 0 && *AnsiString.Buffer == '.') {
            AnsiString.Buffer += 1;
            AnsiString.Length -= 1;
            }
        RtlAnsiStringToUnicodeString( &KeyName, &AnsiString, TRUE );

#ifdef SHOW_TREE_MIGRATION
        DbgPrint( "%.*s%wZ", Level * 4, szBlanks, &KeyName );
#endif

        InitializeObjectAttributes( &ObjectAttributes,
                                    &KeyName,
                                    OBJ_CASE_INSENSITIVE,
                                    Level == 0 ? SoftwareRoot : State[ Level-1 ].KeyHandle,
                                    NULL
                                  );
        Status = NtCreateKey( &State[ Level ].KeyHandle,
                              STANDARD_RIGHTS_WRITE |
                                KEY_QUERY_VALUE |
                                KEY_ENUMERATE_SUB_KEYS |
                                KEY_SET_VALUE |
                                KEY_CREATE_SUB_KEY,
                              &ObjectAttributes,
                              0,
                              NULL,
                              0,
                              &CreateDisposition
                            );

        RtlFreeUnicodeString( &KeyName );
        if (!NT_SUCCESS( Status )) {
#ifdef SHOW_TREE_MIGRATION
            DbgPrint( " *** CreateKey failed with Status == %x\n", Status );
#endif
            BaseSetLastNTError( Status );
            break;
            }
#ifdef SHOW_TREE_MIGRATION
        DbgPrint( "%s\n", CreateDisposition == REG_CREATED_NEW_KEY ? " *** NEW ***" : "" );
#endif

        if (KeyNode->iValue != 0) {
            ULONG cb;
            LPSTR s, Src, Dst;

            KeyValueString = &NodeTable[ KeyNode->iValue ].str;
            cb = KeyValueString->cb;
            Src = StringTable + KeyValueString->irgb;
            Dst = RtlAllocateHeap( RtlProcessHeap(), 0, 2*(cb+1) );
            if (Dst != NULL) {
                AnsiString.Length = 0;
                AnsiString.Buffer = Dst;
                while (cb) {
                    PathSubst = &Reg16PathSubstitutes[ 0 ];
                    while (PathSubst->OldValue) {
                        if (cb >= PathSubst->cbOldValue &&
                            !_strnicmp( Src, PathSubst->OldValue, PathSubst->cbOldValue )
                           ) {
                            *Dst = '\0';
                            while (Dst > AnsiString.Buffer) {
                                if (Dst[ -1 ] <= ' ') {
                                    break;
                                    }
                                else {
                                    Dst -= 1;
                                    }
                                }

                            s = PathSubst->NewValue;
#ifdef SHOW_TREE_MIGRATION
                            DbgPrint( " Found '%s%s' changed to '%s' ", Dst, PathSubst->OldValue, PathSubst->NewValue );
#else
                            KdPrint(( "ADVAPI: Found '%s%s' changed to '%s'\n", Dst, PathSubst->OldValue, PathSubst->NewValue ));
#endif
                            Src += PathSubst->cbOldValue;
                            cb -= PathSubst->cbOldValue;
                            while (*Dst = *s++) {
                                Dst += 1;
                                }

                            break;
                            }
                        else {
                            PathSubst += 1;
                            }
                        }

                    if (PathSubst->OldValue == NULL) {
                        *Dst++ = *Src++;
                        cb -= 1;
                        }
                    }
                *Dst = '\0';

                AnsiString.Length = Dst - AnsiString.Buffer;
                AnsiString.MaximumLength = (USHORT)(AnsiString.Length + 1);
                RtlAnsiStringToUnicodeString( &KeyValue, &AnsiString, TRUE );
                RtlFreeHeap( RtlProcessHeap(), 0, AnsiString.Buffer );

#ifdef SHOW_TREE_MIGRATION
                DbgPrint( "%.*s= (%u, %u) %wZ", (Level+1) * 4, szBlanks, KeyValueString->cb, cb, &KeyValue );
#endif

                Status = NtSetValueKey( State[ Level ].KeyHandle,
                                        &ValueName,
                                        0,
                                        REG_SZ,
                                        KeyValue.Buffer,
                                        KeyValue.Length + sizeof( UNICODE_NULL )
                                      );
                RtlFreeUnicodeString( &KeyValue );

                if (!NT_SUCCESS( Status )) {
#ifdef SHOW_TREE_MIGRATION
                    DbgPrint( " *** SetValueKey failed with Status == %x\n", Status );
#endif
                    BaseSetLastNTError( Status );
                    break;
                    }
#ifdef SHOW_TREE_MIGRATION
                DbgPrint( "\n" );
#endif
                }
            }

        if (KeyNode->iChild != 0) {
            State[ Level++ ].NodeIndex = KeyNode->iNext;
            State[ Level ].KeyHandle = NULL;
            i = KeyNode->iChild;
            }
        else {
            NtClose( State[ Level ].KeyHandle );
            if (KeyNode->iNext != 0) {
                i = KeyNode->iNext;
                }
            else {
                while (Level != 0) {
                    Level -= 1;
                    NtClose( State[ Level ].KeyHandle );

                    if (i = State[ Level ].NodeIndex) {
                        break;
                        }
                    }
                }
            }
        }

    if (Level == 0) {
        return TRUE;
        }


    while (Level != 0 && (i = State[ --Level ].NodeIndex) == 0) {
        NtClose( State[ Level ].KeyHandle );
        }

    return FALSE;
}
Пример #16
0
PPH_STRING FiFormatFileName(
    _In_ PPH_STRING FileName
    )
{
    if (!FiArgNative)
    {
        PPH_STRING fileName;
        PPH_STRING fullPath;
        UNICODE_STRING fileNameUs;

        // Get the full path first so we can detect long file names.
        fullPath = PhGetFullPath(FileName->Buffer, NULL);

        if (fullPath)
        {
            if (fullPath->Length / 2 > MAX_PATH)
            {
                wprintf(L"Warning: Detected long file name \"%s\".\n", fullPath->Buffer);

                fileName = PhConcatStrings2(L"\\??\\", fullPath->Buffer);
                PhDereferenceObject(fullPath);

                return fileName;
            }

            PhDereferenceObject(fullPath);
        }

        if (RtlDosPathNameToNtPathName_U(
            FileName->Buffer,
            &fileNameUs,
            NULL,
            NULL
            ))
        {
            fileName = PhCreateStringFromUnicodeString(&fileNameUs);
            RtlFreeHeap(RtlProcessHeap(), 0, fileNameUs.Buffer);

            return fileName;
        }
        else
        {
            wprintf(L"Warning: Unable to convert the file name \"%s\" to a NT file name.\n", FileName->Buffer);
            // Fallback method.
            return PhConcatStrings2(L"\\??\\", FileName->Buffer);
        }
    }
    else
    {
        // Some limited conversions are applied for convenience.

        if (FileName->Length >= 2 * 2 && iswalpha(FileName->Buffer[0]) && FileName->Buffer[1] == ':')
        {
            return PhConcatStrings2(L"\\??\\", FileName->Buffer);
        }
        else if (FileName->Buffer[0] != '\\')
        {
            return PhFormatString(
                L"\\??\\%s%s",
                NtCurrentPeb()->ProcessParameters->CurrentDirectory.DosPath.Buffer,
                FileName->Buffer
                );
        }
        else
        {
            return PhReferenceObject(FileName);
        }
    }
}
Пример #17
0
NET_API_STATUS
ReplDeleteFile(
    IN LPCTSTR FileName
    )
{
    NET_API_STATUS    ApiStatus;
#ifdef USE_BACKUP_APIS
    HANDLE            FileHandle = INVALID_HANDLE_VALUE;
    IO_STATUS_BLOCK   IoStatusBlock;

    const ACCESS_MASK MyAccessDesired =
                          ( DELETE
                          | FILE_READ_ATTRIBUTES
                          | FILE_READ_DATA
                          | FILE_READ_EA
                          | FILE_TRAVERSE
                          | SYNCHRONIZE
                          );

    const ULONG       MyOpenOptions =
                           FILE_SYNCHRONOUS_IO_NONALERT
                         | FILE_DELETE_ON_CLOSE
                         | FILE_OPEN_FOR_BACKUP_INTENT
                         ;

    const ULONG       MyShareAccess =
                          FILE_SHARE_READ;  // BUGBUG
//                        FILE_SHARE_DELETE;

    NTSTATUS          NtStatus;
    OBJECT_ATTRIBUTES ObjectAttributes;
    BOOL              PathAllocated = FALSE;
    UNICODE_STRING    UnicodePath;
#endif

    //
    // Check for caller errors.
    //

    if ( (FileName==NULL) || ((*FileName)==TCHAR_EOS) ) {
        ApiStatus = ERROR_INVALID_PARAMETER;
        goto Cleanup;
    }

    //
    // Tell the world what we're going to do.
    //

    IF_DEBUG( REPL ) {
        NetpKdPrint(( PREFIX_REPL
                "ReplDeleteFile: *** DELETING FILE *** '" FORMAT_LPTSTR "'.\n",
                FileName ));
    }

    //
    // return no error if the file does not exist.
    //
    if ( !ReplFileOrDirExists( FileName ) ) {
        return( NO_ERROR );
    }

#ifndef USE_BACKUP_APIS

    //
    // If the file system ACL allows us to delete, we can just
    // use the Win32 APIs for this.
    //

    if ( ! DeleteFile( (LPTSTR) FileName ) ) {
       ApiStatus = (NET_API_STATUS) GetLastError();
    } else {
       ApiStatus = NO_ERROR;
    }

#else

    //
    // It turns out that "backup semantics" is very powerful.  It allows
    // us to create files in directories which have read-only ACLs.
    // Unfortunately, there isn't a "backup semantics" flag for DeleteFile(),
    // so we need to use the NT APIs to get the same effect.
    //

    //
    // Convert file name to NT style.
    //

    RtlInitUnicodeString(
            & UnicodePath,              // output: struct
            FileName );                 // input: null terminated

    if( !RtlDosPathNameToNtPathName_U(
                            FileName,
                            &UnicodePath,
                            NULL,
                            NULL) ) {

        NetpKdPrint(( PREFIX_REPL_CLIENT
                "ReplDeleteFile: RtlDosPathNameToNtPathname_U"
                " of file '" FORMAT_LPTSTR "' failed.\n", FileName ));

        // BUGBUG: this is just our best guess for an error code this.
        ApiStatus = ERROR_INVALID_PARAMETER;
        goto Cleanup;
    }
    NetpAssert( UnicodePath.Buffer != NULL );
    PathAllocated = TRUE;

    InitializeObjectAttributes(
            &ObjectAttributes,
            (LPVOID) &UnicodePath,
            OBJ_CASE_INSENSITIVE,
            NULL,
            NULL );

    //
    // Open the file, with backup semantics and delete on close.
    //

    NtStatus = NtOpenFile(
            & FileHandle,
            MyAccessDesired,
            &ObjectAttributes,
            &IoStatusBlock,
            MyShareAccess,
            MyOpenOptions );

    if ( !NT_SUCCESS( NtStatus ) ) {

        NetpKdPrint(( PREFIX_REPL_CLIENT
                "ReplDeleteFile: NtOpenFile of file '"
                FORMAT_LPTSTR "' gave NT status " FORMAT_NTSTATUS ".\n",
                FileName, NtStatus ));

        ApiStatus = NetpNtStatusToApiStatus( NtStatus );
        NetpAssert( ApiStatus != NO_ERROR );
        goto Cleanup;
    }
    NetpAssert( NtStatus == STATUS_SUCCESS );
    NetpAssert( FileHandle != INVALID_HANDLE_VALUE );

    //
    // Close the file, which will delete it since we gave the
    // FILE_CLOSE_ON_DELETE flag.
    //

    NtStatus = NtClose( FileHandle );
    FileHandle = INVALID_HANDLE_VALUE;

    if ( !NT_SUCCESS( NtStatus ) ) {

        NetpKdPrint(( PREFIX_REPL_CLIENT
                "ReplDeleteFile: NtClose failed, "
                " NT status is " FORMAT_NTSTATUS
                ".\n", NtStatus ));

        ApiStatus = NetpNtStatusToApiStatus( NtStatus );
        NetpAssert( ApiStatus != NO_ERROR );
        goto Cleanup;
    }
    NetpAssert( NtStatus == STATUS_SUCCESS );

    (void) NtClose( FileHandle );
    FileHandle = INVALID_HANDLE_VALUE;

    (VOID) RtlFreeHeap( RtlProcessHeap(), 0, UnicodePath.Buffer );
    PathAllocated = FALSE;

    ApiStatus = NO_ERROR;

#endif


Cleanup:

    if (ApiStatus != NO_ERROR) {

        NetpKdPrint(( PREFIX_REPL
                "ReplDeleteFile: ERROR " FORMAT_API_STATUS ".\n",
                ApiStatus ));

        //
        // Log the error.
        // BUGBUG: extract master server name and log there too.
        //
        ReplErrorLog(
                NULL,             // no server name (log locally)
                NELOG_ReplSysErr, // log code
                ApiStatus,
                NULL,             // optional str1
                NULL);            // optional str2
    }

#ifdef USE_BACKUP_APIS
    if (FileHandle != INVALID_HANDLE_VALUE) {
        (VOID) NtClose( FileHandle );
    }

    if (PathAllocated) {
        (VOID) RtlFreeHeap( RtlProcessHeap(), 0, UnicodePath.Buffer );
    }
#endif

    return (ApiStatus);

}
Пример #18
0
NTSTATUS
CsrClientConnectToServer(
    IN PWSTR ObjectDirectory,
    IN ULONG ServerDllIndex,
    IN PCSR_CALLBACK_INFO CallbackInformation OPTIONAL,
    IN PVOID ConnectionInformation,
    IN OUT PULONG ConnectionInformationLength OPTIONAL,
    OUT PBOOLEAN CalledFromServer OPTIONAL
    )

/*++

Routine Description:

    This function is called by the client side DLL to connect with its
    server side DLL.

Arguments:

    ObjectDirectory - Points to a null terminate string that is the same
        as the value of the ObjectDirectory= argument passed to the CSRSS
        program.

    ServerDllIndex - Index of the server DLL that is being connected to.
        It should match one of the ServerDll= arguments passed to the CSRSS
        program.

    CallbackInformation - An optional pointer to a structure that contains
        a pointer to the client callback function dispatch table.

    ConnectionInformation - An optional pointer to uninterpreted data.
        This data is intended for clients to pass package, version and
        protocol identification information to the server to allow the
        server to determine if it can satisify the client before
        accepting the connection.  Upon return to the client, the
        ConnectionInformation data block contains any information passed
        back from the server DLL by its call to the
        CsrCompleteConnection call.  The output data overwrites the
        input data.

    ConnectionInformationLength - Pointer to the length of the
        ConnectionInformation data block.  The output value is the
        length of the data stored in the ConnectionInformation data
        block by the server's call to the NtCompleteConnectPort
        service.  This parameter is OPTIONAL only if the
        ConnectionInformation parameter is NULL, otherwise it is
        required.

    CalledFromServer - On output, TRUE if the dll has been called from
        a server process.

Return Value:

    Status value.

--*/

{
    NTSTATUS Status;
    CSR_API_MSG m;
    PCSR_CLIENTCONNECT_MSG a = &m.u.ClientConnect;
    PCSR_CAPTURE_HEADER CaptureBuffer;
    HANDLE CsrServerModuleHandle;
    STRING ProcedureName;
    ANSI_STRING DllName;
    UNICODE_STRING DllName_U;
    PIMAGE_NT_HEADERS NtHeaders;

    if (ARGUMENT_PRESENT( ConnectionInformation ) &&
        (!ARGUMENT_PRESENT( ConnectionInformationLength ) ||
          *ConnectionInformationLength == 0
        )
       ) {
        return( STATUS_INVALID_PARAMETER );
        }

    if (!CsrInitOnceDone) {
        Status = CsrOneTimeInitialize();
        if (!NT_SUCCESS( Status )) {
            return( Status );
            }
        }

    if (ARGUMENT_PRESENT( CallbackInformation )) {
        CsrLoadedClientDll[ ServerDllIndex ] = RtlAllocateHeap( CsrHeap, MAKE_TAG( CSR_TAG ), sizeof(CSR_CALLBACK_INFO) );
        CsrLoadedClientDll[ ServerDllIndex ]->ApiNumberBase =
                CallbackInformation->ApiNumberBase;
        CsrLoadedClientDll[ ServerDllIndex ]->MaxApiNumber =
                CallbackInformation->MaxApiNumber;
        CsrLoadedClientDll[ ServerDllIndex ]->CallbackDispatchTable =
                CallbackInformation->CallbackDispatchTable;
    }

    //
    // if we are being called by a server process, skip lpc port initialization
    // and call to server connect routine and just initialize heap.  the
    // dll initialization routine will do any necessary initialization.  this
    // stuff only needs to be done for the first connect.
    //

    if ( CsrServerProcess == TRUE ) {
        *CalledFromServer = CsrServerProcess;
        return STATUS_SUCCESS;
        }

    //
    // If the image is an NT Native image, we are running in the
    // context of the server.
    //

    NtHeaders = RtlImageNtHeader(NtCurrentPeb()->ImageBaseAddress);
    CsrServerProcess =
        (NtHeaders->OptionalHeader.Subsystem == IMAGE_SUBSYSTEM_NATIVE) ? TRUE : FALSE;

    if ( CsrServerProcess ) {
        extern PVOID NtDllBase;
        RtlInitAnsiString( &DllName, "csrsrv" );
        Status = RtlAnsiStringToUnicodeString(&DllName_U, &DllName, TRUE);
        ASSERT(NT_SUCCESS(Status));

        LdrDisableThreadCalloutsForDll(NtDllBase);

        Status = LdrGetDllHandle(
        		UNICODE_NULL,
                    NULL,
        		&DllName_U,
                    (PVOID *)&CsrServerModuleHandle
                    );

        RtlFreeUnicodeString(&DllName_U);

        CsrServerProcess = TRUE;

        RtlInitString(&ProcedureName,"CsrCallServerFromServer");
        Status = LdrGetProcedureAddress(
                        CsrServerModuleHandle,
                        &ProcedureName,
                        0L,
                        (PVOID *)&CsrServerApiRoutine
                        );
        ASSERT(NT_SUCCESS(Status));

        RtlInitString(&ProcedureName, "CsrLocateThreadInProcess");
        Status = LdrGetProcedureAddress(
                        CsrServerModuleHandle,
                        &ProcedureName,
                        0L,
                        (PVOID *)&CsrpLocateThreadInProcess
                        );
        ASSERT(NT_SUCCESS(Status));

        ASSERT (CsrPortHeap==NULL);
        CsrPortHeap = RtlProcessHeap();

        CsrPortBaseTag = RtlCreateTagHeap( CsrPortHeap,
                                           0,
                                           L"CSRPORT!",
                                           L"CAPTURE\0"
                                         );

        if (ARGUMENT_PRESENT(CalledFromServer)) {
            *CalledFromServer = CsrServerProcess;
            }
        return STATUS_SUCCESS;
        }

    if ( ARGUMENT_PRESENT(ConnectionInformation) ) {
        CsrServerProcess = FALSE;
        if (CsrPortHandle == NULL) {
            Status = CsrpConnectToServer( ObjectDirectory );
            if (!NT_SUCCESS( Status )) {
                return( Status );
                }
            }

        a->ServerDllIndex = ServerDllIndex;
        a->ConnectionInformationLength = *ConnectionInformationLength;
        if (ARGUMENT_PRESENT( ConnectionInformation )) {
            CaptureBuffer = CsrAllocateCaptureBuffer( 1,
                                                      0,
                                                      a->ConnectionInformationLength
                                                    );
            if (CaptureBuffer == NULL) {
                return( STATUS_NO_MEMORY );
                }

            CsrAllocateMessagePointer( CaptureBuffer,
                                       a->ConnectionInformationLength,
                                       (PVOID *)&a->ConnectionInformation
                                     );
            RtlMoveMemory( a->ConnectionInformation,
                           ConnectionInformation,
                           a->ConnectionInformationLength
                         );

            *ConnectionInformationLength = a->ConnectionInformationLength;
            }
        else {
            CaptureBuffer = NULL;
            }

        Status = CsrClientCallServer( &m,
                                      CaptureBuffer,
                                      CSR_MAKE_API_NUMBER( CSRSRV_SERVERDLL_INDEX,
                                                           CsrpClientConnect
                                                         ),
                                      sizeof( *a )
                                    );

        if (CaptureBuffer != NULL) {
            if (ARGUMENT_PRESENT( ConnectionInformation )) {
                RtlMoveMemory( ConnectionInformation,
                               a->ConnectionInformation,
                               *ConnectionInformationLength
                             );
                }

            CsrFreeCaptureBuffer( CaptureBuffer );
            }
        }
    else {
        Status = STATUS_SUCCESS;
        }

    if (ARGUMENT_PRESENT(CalledFromServer)) {
        *CalledFromServer = CsrServerProcess;
        }
    return( Status );
}
Пример #19
0
/*page*******************************************************
       d o _ t d i _ a c t i o n

       Generate a TDI_ACTION down to the streams
       driver.

       Arguments - fd     = Handle to send on
            cmd    = Command to send down
            optbuf = Ptr to options buffer
            optlen = Ptr to options length
            addrflag = TRUE  = This is for DG/STREAM socket on addr handle
                       FALSE = This is for conn handle

       Returns - A WinSock error code (NO_ERROR = OK)
************************************************************/
INT do_tdi_action(HANDLE fd, ULONG cmd, PUCHAR optbuf, INT optlen, BOOLEAN addrflag, PHANDLE eventhandle OPTIONAL)
{
    NTSTATUS status;
    PSTREAMS_TDI_ACTION tdibuf;
    ULONG           tdilen;
    IO_STATUS_BLOCK iostat;
    HANDLE          event;


    /** If the eventhandle is passed, it also means that the **/
    /** NWLINK_ACTION header is pre-allocated in the buffer, **/
    /** although we still have to fill the header in here.   **/

    if (eventhandle == NULL) {

        /** Get the length of the buffer we need to allocate **/

        tdilen = FIELD_OFFSET(STREAMS_TDI_ACTION,Buffer) + sizeof(ULONG) + optlen;

        /** Allocate a buffer to use for the action **/

        tdibuf = RtlAllocateHeap(RtlProcessHeap(), 0, tdilen);
        if (tdibuf == NULL) {
           return WSAENOBUFS;
        }

    } else {

        tdilen = optlen;
        tdibuf = (PSTREAMS_TDI_ACTION)optbuf;

    }

    /** Set the datagram option **/

    RtlMoveMemory(&tdibuf->Header.TransportId, "MISN", 4);
    tdibuf->DatagramOption = addrflag;

    /**
       Fill out the buffer, the buffer looks like this:

       ULONG cmd
       data passed.
    **/

    memcpy(tdibuf->Buffer, &cmd, sizeof(ULONG));

    if (eventhandle == NULL) {

        tdibuf->BufferLength = sizeof(ULONG) + optlen;

        RtlMoveMemory(tdibuf->Buffer + sizeof(ULONG), optbuf, optlen);

        /** Create an event to wait on **/

        status = NtCreateEvent(
           &event,
           EVENT_ALL_ACCESS,
           NULL,
           SynchronizationEvent,
           FALSE);

        /** If no event - then return error **/

        if (!NT_SUCCESS(status)) {
           RtlFreeHeap(RtlProcessHeap(), 0, tdibuf);
           return WSAENOBUFS;
        }

    } else {

        tdibuf->BufferLength = sizeof(ULONG) + optlen - FIELD_OFFSET (NWLINK_ACTION, Data[0]);

        /** Use the event handle passed in **/

        event = *eventhandle;

    }

    /** **/

    status = NtDeviceIoControlFile(
       fd,
       event,
       NULL,
       NULL,
       &iostat,
       IOCTL_TDI_ACTION,
       NULL,
       0,
       tdibuf,
       tdilen);


    if (eventhandle == NULL) {

        /** If pending - wait for it to finish **/

        if (status == STATUS_PENDING) {
           status = NtWaitForSingleObject(event, FALSE, NULL);
           ASSERT(status == 0);
           status = iostat.Status;
        }

        /** Close the event **/

        NtClose(event);

    }

    /** If we get an error - return it **/

    if (!NT_SUCCESS(status)) {
       if (eventhandle == NULL) {
           RtlFreeHeap(RtlProcessHeap(), 0, tdibuf);
       }
       return WSAEINVAL;
    }

    if (eventhandle == NULL) {

        /** Copy the returned back to optbuf if needed */

        if (optlen) {
            RtlMoveMemory (optbuf, tdibuf->Buffer + sizeof(ULONG), optlen);
        }

        RtlFreeHeap(RtlProcessHeap(), 0, tdibuf);

    }

    /** Return OK **/

    return NO_ERROR;
}
Пример #20
0
DWORD
APIENTRY
GetFileAttributesW(
    LPCWSTR lpFileName
    )

/*++

Routine Description:

    The attributes of a file can be obtained using GetFileAttributes.

    This API provides the same functionality as DOS (int 21h, function
    43H with AL=0), and provides a subset of OS/2's DosQueryFileInfo.

Arguments:

    lpFileName - Supplies the file name of the file whose attributes are to
        be set.

Return Value:

    Not -1 - Returns the attributes of the specified file.  Valid
        returned attributes are:

        FILE_ATTRIBUTE_NORMAL - The file is a normal file.

        FILE_ATTRIBUTE_READONLY - The file is marked read-only.

        FILE_ATTRIBUTE_HIDDEN - The file is marked as hidden.

        FILE_ATTRIBUTE_SYSTEM - The file is marked as a system file.

        FILE_ATTRIBUTE_ARCHIVE - The file is marked for archive.

        FILE_ATTRIBUTE_DIRECTORY - The file is marked as a directory.

        FILE_ATTRIBUTE_VOLUME_LABEL - The file is marked as a volume lable.

    0xffffffff - The operation failed. Extended error status is available
        using GetLastError.

--*/

{
    NTSTATUS Status;
    OBJECT_ATTRIBUTES Obja;
    UNICODE_STRING FileName;
    FILE_BASIC_INFORMATION BasicInfo;
    BOOLEAN TranslationStatus;
    RTL_RELATIVE_NAME RelativeName;
    PVOID FreeBuffer;

    TranslationStatus = RtlDosPathNameToNtPathName_U(
                            lpFileName,
                            &FileName,
                            NULL,
                            &RelativeName
                            );

    if ( !TranslationStatus ) {
        SetLastError(ERROR_PATH_NOT_FOUND);
        return (DWORD)-1;
        }

    FreeBuffer = FileName.Buffer;

    if ( RelativeName.RelativeName.Length ) {
        FileName = *(PUNICODE_STRING)&RelativeName.RelativeName;
        }
    else {
        RelativeName.ContainingDirectory = NULL;
        }

    InitializeObjectAttributes(
        &Obja,
        &FileName,
        OBJ_CASE_INSENSITIVE,
        RelativeName.ContainingDirectory,
        NULL
        );

    //
    // Open the file
    //

    Status = NtQueryAttributesFile( &Obja, &BasicInfo );
    RtlFreeHeap(RtlProcessHeap(), 0, FreeBuffer);
    if ( NT_SUCCESS(Status) ) {
        return BasicInfo.FileAttributes;
        }
    else {

        //
        // Check for a device name.
        //

        if ( RtlIsDosDeviceName_U((PWSTR)lpFileName) ) {
            return FILE_ATTRIBUTE_ARCHIVE;
            }
        BaseSetLastNTError(Status);
        return (DWORD)-1;
        }
}
// Takes ownership on handle (file or registry key).
// The handle must be open for WRITE_OWNER access
static NTSTATUS NtTakeOwnershipObject(HANDLE ObjectHandle)
{
    SECURITY_DESCRIPTOR sd;
    PTOKEN_USER pTokenUser = NULL;
    NTSTATUS Status;
    HANDLE TokenHandle = NULL;
    ULONG cbTokenUser = 0;

    // Open the token of the current process
    Status = NtOpenProcessToken(NtCurrentProcess(),
                                TOKEN_QUERY,
                               &TokenHandle);
    if(NT_SUCCESS(Status))
    {
        NtQueryInformationToken(TokenHandle, 
                                TokenUser,
                                pTokenUser,
                                cbTokenUser,
                               &cbTokenUser);
        if(cbTokenUser == 0)
        {
            NtClose(TokenHandle);
            return STATUS_UNSUCCESSFUL;
        }

        pTokenUser = (PTOKEN_USER)RtlAllocateHeap(RtlProcessHeap(), 0, cbTokenUser);
        if(pTokenUser != NULL)
        {
            Status = NtQueryInformationToken(TokenHandle, 
                                             TokenUser,
                                             pTokenUser,
                                             cbTokenUser,
                                            &cbTokenUser);
        }
        else
        {
            Status = STATUS_NO_MEMORY;
        }
    }

    // Initialize the blank security descriptor
    if(NT_SUCCESS(Status))
    {
        Status = RtlCreateSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION);
    }

    // Set the owner to the security descriptor
    if(NT_SUCCESS(Status))
    {
        Status = RtlSetOwnerSecurityDescriptor(&sd, pTokenUser->User.Sid, FALSE);
    }

    // Apply the owner to the object handle
    if(NT_SUCCESS(Status))
    {
        Status = NtSetSecurityObject(ObjectHandle, OWNER_SECURITY_INFORMATION, &sd);
    }

    // Free buffers
    if(pTokenUser != NULL)
        RtlFreeHeap(RtlProcessHeap(), 0, pTokenUser);
    if(TokenHandle != NULL)
        NtClose(TokenHandle);
    return Status;
}
Пример #22
0
BOOL
APIENTRY
DeleteFileW(
    LPCWSTR lpFileName
    )

/*++

    Routine Description:

    An existing file can be deleted using DeleteFile.

    This API provides the same functionality as DOS (int 21h, function 41H)
    and OS/2's DosDelete.

Arguments:

    lpFileName - Supplies the file name of the file to be deleted.

Return Value:

    TRUE - The operation was successful.

    FALSE/NULL - The operation failed. Extended error status is available
        using GetLastError.

--*/

{
    NTSTATUS Status;
    OBJECT_ATTRIBUTES Obja;
    HANDLE Handle;
    UNICODE_STRING FileName;
    IO_STATUS_BLOCK IoStatusBlock;
    FILE_DISPOSITION_INFORMATION Disposition;
    BOOLEAN TranslationStatus;
    RTL_RELATIVE_NAME RelativeName;
    PVOID FreeBuffer;

    TranslationStatus = RtlDosPathNameToNtPathName_U(
                            lpFileName,
                            &FileName,
                            NULL,
                            &RelativeName
                            );

    if ( !TranslationStatus ) {
        SetLastError(ERROR_PATH_NOT_FOUND);
        return FALSE;
        }

    FreeBuffer = FileName.Buffer;

    if ( RelativeName.RelativeName.Length ) {
        FileName = *(PUNICODE_STRING)&RelativeName.RelativeName;
        }
    else {
        RelativeName.ContainingDirectory = NULL;
        }

    InitializeObjectAttributes(
        &Obja,
        &FileName,
        OBJ_CASE_INSENSITIVE,
        RelativeName.ContainingDirectory,
        NULL
        );

    //
    // Open the file for delete access
    //

    Status = NtOpenFile(
                &Handle,
                (ACCESS_MASK)DELETE,
                &Obja,
                &IoStatusBlock,
                FILE_SHARE_DELETE |
                   FILE_SHARE_READ |
                   FILE_SHARE_WRITE,
                   FILE_NON_DIRECTORY_FILE | FILE_OPEN_FOR_BACKUP_INTENT
                );
    RtlFreeHeap(RtlProcessHeap(), 0,FreeBuffer);
    if ( !NT_SUCCESS(Status) ) {
        BaseSetLastNTError(Status);
        return FALSE;
        }

    //
    // Delete the file
    //
#undef DeleteFile
    Disposition.DeleteFile = TRUE;

    Status = NtSetInformationFile(
                Handle,
                &IoStatusBlock,
                &Disposition,
                sizeof(Disposition),
                FileDispositionInformation
                );

    NtClose(Handle);
    if ( NT_SUCCESS(Status) ) {
        return TRUE;
        }
    else {
        BaseSetLastNTError(Status);
        return FALSE;
        }
}
Пример #23
0
DWORD
WINAPI
GetCompressedFileSizeW(
    LPCWSTR lpFileName,
    LPDWORD lpFileSizeHigh
    )
{
    NTSTATUS Status;
    OBJECT_ATTRIBUTES Obja;
    HANDLE Handle;
    UNICODE_STRING FileName;
    IO_STATUS_BLOCK IoStatusBlock;
    FILE_COMPRESSION_INFORMATION CompressionInfo;
    BOOLEAN TranslationStatus;
    RTL_RELATIVE_NAME RelativeName;
    PVOID FreeBuffer;
    DWORD FileSizeLow;

    TranslationStatus = RtlDosPathNameToNtPathName_U(
                            lpFileName,
                            &FileName,
                            NULL,
                            &RelativeName
                            );

    if ( !TranslationStatus ) {
        SetLastError(ERROR_PATH_NOT_FOUND);
        return (DWORD)-1;
        }

    FreeBuffer = FileName.Buffer;

    if ( RelativeName.RelativeName.Length ) {
        FileName = *(PUNICODE_STRING)&RelativeName.RelativeName;
        }
    else {
        RelativeName.ContainingDirectory = NULL;
        }

    InitializeObjectAttributes(
        &Obja,
        &FileName,
        OBJ_CASE_INSENSITIVE,
        RelativeName.ContainingDirectory,
        NULL
        );

    //
    // Open the file
    //

    Status = NtOpenFile(
                &Handle,
                (ACCESS_MASK)FILE_READ_ATTRIBUTES,
                &Obja,
                &IoStatusBlock,
                FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
                FILE_OPEN_FOR_BACKUP_INTENT
                );
    RtlFreeHeap(RtlProcessHeap(), 0, FreeBuffer);
    if ( !NT_SUCCESS(Status) ) {
        BaseSetLastNTError(Status);
        return (DWORD)-1;
        }

    //
    // Get the compressed file size.
    //

    Status = NtQueryInformationFile(
                Handle,
                &IoStatusBlock,
                &CompressionInfo,
                sizeof(CompressionInfo),
                FileCompressionInformation
                );

    if ( !NT_SUCCESS(Status) ) {
        FileSizeLow = GetFileSize(Handle,lpFileSizeHigh);
        NtClose(Handle);
        return FileSizeLow;
        }


    NtClose(Handle);
    if ( ARGUMENT_PRESENT(lpFileSizeHigh) ) {
        *lpFileSizeHigh = (DWORD)CompressionInfo.CompressedFileSize.HighPart;
        }
    if (CompressionInfo.CompressedFileSize.LowPart == -1 ) {
        SetLastError(0);
        }
    return CompressionInfo.CompressedFileSize.LowPart;
}
Пример #24
0
BOOL
SetCtrlHandler(
    IN PHANDLER_ROUTINE HandlerRoutine
)

/*++

Routine Description:

    This routine adds a ctrl handler to the process's list.

Arguments:

    HandlerRoutine - pointer to ctrl handler.

Return Value:

    TRUE - success.

--*/

{
    PHANDLER_ROUTINE *NewHandlerList;

    //
    // NULL handler routine is not stored in table. It is
    // used to temporarily inhibit ^C event handling
    //

    if ( !HandlerRoutine ) {
        NtCurrentPeb()->ProcessParameters->ConsoleFlags = IGNORE_CTRL_C;
        return TRUE;
    }

    if (HandlerListLength == AllocatedHandlerListLength) {

        //
        // grow list
        //

        NewHandlerList = (PHANDLER_ROUTINE *) RtlAllocateHeap( RtlProcessHeap(), 0,
                         sizeof(PHANDLER_ROUTINE) * (HandlerListLength + LIST_INCREMENT));
        if (!NewHandlerList) {
            SET_LAST_ERROR(ERROR_NOT_ENOUGH_MEMORY);
            return FALSE;
        }

        //
        // copy list
        //

        RtlCopyMemory(NewHandlerList,HandlerList,sizeof(PHANDLER_ROUTINE) * HandlerListLength);

        if (HandlerList != SingleHandler) {

            //
            // free old list
            //

            RtlFreeHeap(RtlProcessHeap(), 0, HandlerList);
        }
        HandlerList = NewHandlerList;
        AllocatedHandlerListLength += LIST_INCREMENT;
    }
    ASSERT (HandlerListLength < AllocatedHandlerListLength);

    HandlerList[HandlerListLength] = HandlerRoutine;
    HandlerListLength++;
    return TRUE;
}
Пример #25
0
BOOL
APIENTRY
GetFileAttributesExW(
    LPCWSTR lpFileName,
    GET_FILEEX_INFO_LEVELS fInfoLevelId,
    LPVOID lpFileInformation
    )

/*++

Routine Description:

    The main attributes of a file can be obtained using GetFileAttributesEx.

Arguments:

    lpFileName - Supplies the file name of the file whose attributes are to
        be set.

    fInfoLevelId - Supplies the info level indicating the information to be
        returned about the file.

    lpFileInformation - Supplies a buffer to receive the specified information
        about the file.

Return Value:

    TRUE - The operation was successful.

    FALSE/NULL - The operation failed. Extended error status is available
        using GetLastError.


--*/

{
    NTSTATUS Status;
    OBJECT_ATTRIBUTES Obja;
    UNICODE_STRING FileName;
    FILE_NETWORK_OPEN_INFORMATION NetworkInfo;
    LPWIN32_FILE_ATTRIBUTE_DATA AttributeData;
    BOOLEAN TranslationStatus;
    RTL_RELATIVE_NAME RelativeName;
    PVOID FreeBuffer;

    //
    // Check the parameters.  Note that for now there is only one info level,
    // so there's no special code here to determine what to do.
    //

    if ( fInfoLevelId >= GetFileExMaxInfoLevel || fInfoLevelId < GetFileExInfoStandard ) {
        SetLastError(ERROR_INVALID_PARAMETER);
        return FALSE;
        }

    TranslationStatus = RtlDosPathNameToNtPathName_U(
                            lpFileName,
                            &FileName,
                            NULL,
                            &RelativeName
                            );

    if ( !TranslationStatus ) {
        SetLastError(ERROR_PATH_NOT_FOUND);
        return FALSE;
        }

    FreeBuffer = FileName.Buffer;

    if ( RelativeName.RelativeName.Length ) {
        FileName = *(PUNICODE_STRING)&RelativeName.RelativeName;
        }
    else {
        RelativeName.ContainingDirectory = NULL;
        }

    InitializeObjectAttributes(
        &Obja,
        &FileName,
        OBJ_CASE_INSENSITIVE,
        RelativeName.ContainingDirectory,
        NULL
        );

    //
    // Query the information about the file using the path-based NT service.
    //

    Status = NtQueryFullAttributesFile( &Obja, &NetworkInfo );
    RtlFreeHeap(RtlProcessHeap(), 0, FreeBuffer);
    if ( NT_SUCCESS(Status) ) {
        AttributeData = (LPWIN32_FILE_ATTRIBUTE_DATA)lpFileInformation;
        AttributeData->dwFileAttributes = NetworkInfo.FileAttributes;
        AttributeData->ftCreationTime = *(PFILETIME)&NetworkInfo.CreationTime;
        AttributeData->ftLastAccessTime = *(PFILETIME)&NetworkInfo.LastAccessTime;
        AttributeData->ftLastWriteTime = *(PFILETIME)&NetworkInfo.LastWriteTime;
        AttributeData->nFileSizeHigh = NetworkInfo.EndOfFile.HighPart;
        AttributeData->nFileSizeLow = (DWORD)NetworkInfo.EndOfFile.LowPart;
        return TRUE;
        }
    else {
        BaseSetLastNTError(Status);
        return FALSE;
        }
}
Пример #26
0
BOOL GetDeviceObject(
    WCHAR           wcDrive,            // drive letter to get info about
    PUNICODE_STRING pustrLinkTarget)    // Output buffer
{
    BOOL                bResult;
    HANDLE              hSymbolicLink;
#if 0
    WCHAR               wszLinkName[sizeof(L"\\DosDevices\\A:")];
#else
    WCHAR               wszLinkName[sizeof(L"A:\\")];
#endif
    UNICODE_STRING      ustrLinkName;
    OBJECT_ATTRIBUTES   LinkAttributes;

    UserAssert( wcDrive >= L'A' && wcDrive <= L'Z' );
    UserAssert( pustrLinkTarget != NULL );

    /*
     * Construct the link name by calling RtlDosPathNameToNtPathName, and
     * strip of the trailing backslash. At the end of this, ustrLinkName
     * should be of the form \DosDevices\X:
     */
#if 0
    wsprintfW( wszLinkName, L"\\DosDevices\\%lc:", wcDrive );
    RtlInitUnicodeString(&ustrLinkName, wszLinkName);
#else
    wsprintfW( wszLinkName, L"%lc:\\", wcDrive);
    RtlInitUnicodeString(&ustrLinkName, NULL);
    bResult = RtlDosPathNameToNtPathName_U(wszLinkName, &ustrLinkName, NULL, NULL);
    if (!bResult) {
        goto CantDoIt;
    }
    ustrLinkName.Length -= sizeof(WCHAR);
#endif


    /*
     * Get the symbolic link object
     */
    InitializeObjectAttributes(&LinkAttributes,
                               &ustrLinkName,
                               OBJ_CASE_INSENSITIVE | OBJ_PERMANENT,
                               NULL,
                               NULL);
    bResult = NT_SUCCESS( NtOpenSymbolicLinkObject(&hSymbolicLink,
                                                   GENERIC_READ,
                                                   &LinkAttributes));
    if (!bResult)
    {
        goto CantDoIt;
    }

    /*
     * Find out if the device specified is DFS DeviceObject
     */
    pustrLinkTarget->MaximumLength -= sizeof(WCHAR);
    bResult = NT_SUCCESS( NtQuerySymbolicLinkObject(hSymbolicLink,
                                                    pustrLinkTarget,
                                                    NULL));
    pustrLinkTarget->MaximumLength += sizeof(WCHAR);
    if (bResult) {
        *((WCHAR *)((PSTR)(pustrLinkTarget->Buffer) + pustrLinkTarget->Length)) = UNICODE_NULL;
    }
    NtClose(hSymbolicLink);

CantDoIt:
    /*
     * Free the string buffer that was allocated by RtlDosPathNameToNtPathName_U
     */
#if 1
    if (ustrLinkName.Buffer) {
        RtlFreeHeap(RtlProcessHeap(), 0, ustrLinkName.Buffer);
    }
#endif
    return bResult;
}
Пример #27
0
BOOL
APIENTRY
SetFileAttributesW(
    LPCWSTR lpFileName,
    DWORD dwFileAttributes
    )

/*++

Routine Description:

    The attributes of a file can be set using SetFileAttributes.

    This API provides the same functionality as DOS (int 21h, function
    43H with AL=1), and provides a subset of OS/2's DosSetFileInfo.

Arguments:

    lpFileName - Supplies the file name of the file whose attributes are to
        be set.

    dwFileAttributes - Specifies the file attributes to be set for the
        file.  Any combination of flags is acceptable except that all
        other flags override the normal file attribute,
        FILE_ATTRIBUTE_NORMAL.

        FileAttributes Flags:

        FILE_ATTRIBUTE_NORMAL - A normal file should be created.

        FILE_ATTRIBUTE_READONLY - A read-only file should be created.

        FILE_ATTRIBUTE_HIDDEN - A hidden file should be created.

        FILE_ATTRIBUTE_SYSTEM - A system file should be created.

        FILE_ATTRIBUTE_ARCHIVE - The file should be marked so that it
            will be archived.

Return Value:

    TRUE - The operation was successful.

    FALSE/NULL - The operation failed. Extended error status is available
        using GetLastError.

--*/

{
    NTSTATUS Status;
    OBJECT_ATTRIBUTES Obja;
    HANDLE Handle;
    UNICODE_STRING FileName;
    IO_STATUS_BLOCK IoStatusBlock;
    FILE_BASIC_INFORMATION BasicInfo;
    BOOLEAN TranslationStatus;
    RTL_RELATIVE_NAME RelativeName;
    PVOID FreeBuffer;

    TranslationStatus = RtlDosPathNameToNtPathName_U(
                            lpFileName,
                            &FileName,
                            NULL,
                            &RelativeName
                            );

    if ( !TranslationStatus ) {
        SetLastError(ERROR_PATH_NOT_FOUND);
        return FALSE;
        }

    FreeBuffer = FileName.Buffer;

    if ( RelativeName.RelativeName.Length ) {
        FileName = *(PUNICODE_STRING)&RelativeName.RelativeName;
        }
    else {
        RelativeName.ContainingDirectory = NULL;
        }

    InitializeObjectAttributes(
        &Obja,
        &FileName,
        OBJ_CASE_INSENSITIVE,
        RelativeName.ContainingDirectory,
        NULL
        );

    //
    // Open the file
    //

    Status = NtOpenFile(
                &Handle,
                (ACCESS_MASK)FILE_WRITE_ATTRIBUTES | SYNCHRONIZE,
                &Obja,
                &IoStatusBlock,
                FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
                FILE_SYNCHRONOUS_IO_NONALERT | FILE_OPEN_FOR_BACKUP_INTENT
                );

    RtlFreeHeap(RtlProcessHeap(), 0, FreeBuffer);
    if ( !NT_SUCCESS(Status) ) {
        BaseSetLastNTError(Status);
        return FALSE;
        }

    //
    // Set the attributes
    //

    RtlZeroMemory(&BasicInfo,sizeof(BasicInfo));
    BasicInfo.FileAttributes = (dwFileAttributes & FILE_ATTRIBUTE_VALID_SET_FLAGS) | FILE_ATTRIBUTE_NORMAL;

    Status = NtSetInformationFile(
                Handle,
                &IoStatusBlock,
                &BasicInfo,
                sizeof(BasicInfo),
                FileBasicInformation
                );

    NtClose(Handle);
    if ( NT_SUCCESS(Status) ) {
        return TRUE;
        }
    else {
        BaseSetLastNTError(Status);
        return FALSE;
        }
}
Пример #28
0
void
initialize (void)
{

    ULONG SidWithZeroSubAuthorities;
    ULONG SidWithOneSubAuthority;
    ULONG SidWithThreeSubAuthorities;
    ULONG SidWithFourSubAuthorities;

    SID_IDENTIFIER_AUTHORITY NullSidAuthority    = SECURITY_NULL_SID_AUTHORITY;
    SID_IDENTIFIER_AUTHORITY WorldSidAuthority   = SECURITY_WORLD_SID_AUTHORITY;
    SID_IDENTIFIER_AUTHORITY LocalSidAuthority   = SECURITY_LOCAL_SID_AUTHORITY;
    SID_IDENTIFIER_AUTHORITY CreatorSidAuthority = SECURITY_CREATOR_SID_AUTHORITY;

    SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;


    //
    //  The following SID sizes need to be allocated
    //

    SidWithZeroSubAuthorities  = GetSidLengthRequired( 0 );
    SidWithOneSubAuthority     = GetSidLengthRequired( 1 );
    SidWithThreeSubAuthorities = GetSidLengthRequired( 3 );
    SidWithFourSubAuthorities  = GetSidLengthRequired( 4 );

    //
    //  Allocate and initialize the universal SIDs
    //

    NullSid         = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority);
    WorldSid        = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority);
    LocalSid        = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority);
    CreatorOwnerSid = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority);

    InitializeSid( NullSid,    &NullSidAuthority, 1 );
    InitializeSid( WorldSid,   &WorldSidAuthority, 1 );
    InitializeSid( LocalSid,   &LocalSidAuthority, 1 );
    InitializeSid( CreatorOwnerSid, &CreatorSidAuthority, 1 );

    *(GetSidSubAuthority( NullSid, 0 ))         = SECURITY_NULL_RID;
    *(GetSidSubAuthority( WorldSid, 0 ))        = SECURITY_WORLD_RID;
    *(GetSidSubAuthority( LocalSid, 0 ))        = SECURITY_LOCAL_RID;
    *(GetSidSubAuthority( CreatorOwnerSid, 0 )) = SECURITY_CREATOR_OWNER_RID;

    //
    // Allocate and initialize the NT defined SIDs
    //

    NtAuthoritySid  = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithZeroSubAuthorities);
    DialupSid       = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority);
    NetworkSid      = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority);
    BatchSid        = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority);
    InteractiveSid  = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority);
    LocalSystemSid  = (PSID)RtlAllocateHeap( RtlProcessHeap(), 0,SidWithOneSubAuthority);

    InitializeSid( NtAuthoritySid,   &NtAuthority, 0 );
    InitializeSid( DialupSid,        &NtAuthority, 1 );
    InitializeSid( NetworkSid,       &NtAuthority, 1 );
    InitializeSid( BatchSid,         &NtAuthority, 1 );
    InitializeSid( InteractiveSid,   &NtAuthority, 1 );
    InitializeSid( LocalSystemSid,   &NtAuthority, 1 );

    *(GetSidSubAuthority( DialupSid,       0 )) = SECURITY_DIALUP_RID;
    *(GetSidSubAuthority( NetworkSid,      0 )) = SECURITY_NETWORK_RID;
    *(GetSidSubAuthority( BatchSid,        0 )) = SECURITY_BATCH_RID;
    *(GetSidSubAuthority( InteractiveSid,  0 )) = SECURITY_INTERACTIVE_RID;
    *(GetSidSubAuthority( LocalSystemSid,  0 )) = SECURITY_LOCAL_SYSTEM_RID;


    //
    // Initialize the well known privilege values
    //

    SeCreateTokenPrivilege =
        RtlConvertLongToLargeInteger(SE_CREATE_TOKEN_PRIVILEGE);
    SeAssignPrimaryTokenPrivilege =
        RtlConvertLongToLargeInteger(SE_ASSIGNPRIMARYTOKEN_PRIVILEGE);
    SeLockMemoryPrivilege =
        RtlConvertLongToLargeInteger(SE_LOCK_MEMORY_PRIVILEGE);
    SeIncreaseQuotaPrivilege =
        RtlConvertLongToLargeInteger(SE_INCREASE_QUOTA_PRIVILEGE);
    SeUnsolicitedInputPrivilege =
        RtlConvertLongToLargeInteger(SE_UNSOLICITED_INPUT_PRIVILEGE);
    SeTcbPrivilege =
        RtlConvertLongToLargeInteger(SE_TCB_PRIVILEGE);
    SeSecurityPrivilege =
        RtlConvertLongToLargeInteger(SE_SECURITY_PRIVILEGE);
    SeTakeOwnershipPrivilege =
        RtlConvertLongToLargeInteger(SE_TAKE_OWNERSHIP_PRIVILEGE);
    SeLoadDriverPrivilege =
        RtlConvertLongToLargeInteger(SE_LOAD_DRIVER_PRIVILEGE);
    SeCreatePagefilePrivilege =
        RtlConvertLongToLargeInteger(SE_CREATE_PAGEFILE_PRIVILEGE);
    SeIncreaseBasePriorityPrivilege =
        RtlConvertLongToLargeInteger(SE_INC_BASE_PRIORITY_PRIVILEGE);
    SeSystemProfilePrivilege =
        RtlConvertLongToLargeInteger(SE_SYSTEM_PROFILE_PRIVILEGE);
    SeSystemtimePrivilege =
        RtlConvertLongToLargeInteger(SE_SYSTEMTIME_PRIVILEGE);
    SeProfileSingleProcessPrivilege =
        RtlConvertLongToLargeInteger(SE_PROF_SINGLE_PROCESS_PRIVILEGE);
    SeCreatePermanentPrivilege =
        RtlConvertLongToLargeInteger(SE_CREATE_PERMANENT_PRIVILEGE);
    SeBackupPrivilege =
        RtlConvertLongToLargeInteger(SE_BACKUP_PRIVILEGE);
    SeRestorePrivilege =
        RtlConvertLongToLargeInteger(SE_RESTORE_PRIVILEGE);
    SeShutdownPrivilege =
        RtlConvertLongToLargeInteger(SE_SHUTDOWN_PRIVILEGE);
    SeDebugPrivilege =
        RtlConvertLongToLargeInteger(SE_DEBUG_PRIVILEGE);
    SeAuditPrivilege =
        RtlConvertLongToLargeInteger(SE_AUDIT_PRIVILEGE);
    SeSystemEnvironmentPrivilege =
        RtlConvertLongToLargeInteger(SE_SYSTEM_ENVIRONMENT_PRIVILEGE);
    SeChangeNotifyPrivilege =
        RtlConvertLongToLargeInteger(SE_CHANGE_NOTIFY_PRIVILEGE);
    SeRemoteShutdownPrivilege =
        RtlConvertLongToLargeInteger(SE_REMOTE_SHUTDOWN_PRIVILEGE);


}
Пример #29
0
VOID
main(
    int argc,
    char *argv[]
    )
{
    ULONG i;
    ULONG Count;
    VOID FatMain();
    CHAR Device[8];
    STRING NtDevice;
    CHAR NtDeviceBuffer[32];

    if (argc <= 1) {

        printf("usage: %s drive: [iterations [writethrough] ]\n", argv[0]);
        return;
    }

    //
    //  Decode the device/drive
    //

    strcpy( Device, argv[1] );

    NtDevice.MaximumLength = NtDevice.Length = 32;
    NtDevice.Buffer = NtDeviceBuffer;

    if (!RtlDosPathNameToNtPathName( Device, &NtDevice, NULL, NULL )) {
        printf( "Invalid Dos Device Name\n" );
        RtlFreeHeap(RtlProcessHeap(), 0, NtDevice.Buffer);
        return;
    }

    if (NtDevice.Length > 31) {
        NtDevice.Length = 31;
    }

    NtDevice.Buffer[NtDevice.Length] = 0;

    //
    //  Now do the iteration count
    //

    if (argc >= 3) {
        Count = 0;
        for (i = 0; isdigit(argv[2][i]); i += 1) {
            Count = Count * 10 + argv[2][i] - '0';
        }
    } else {
        Count = 1;
    }

    //
    //  Check for write through
    //

    if (argc >= 4) {
        WriteThrough = FILE_WRITE_THROUGH;
    }

    //
    //  Check for silent operation
    //

    if (toupper(Device[0]) != Device[0]) {
        Silent = TRUE;
    } else {
        Silent = FALSE;
    }

    //
    //  Do the work
    //

    FatMain(Count, NtDevice.Buffer);

    RtlFreeHeap(RtlProcessHeap(), 0, NtDevice.Buffer);

    return;
}
Пример #30
0
void
TestLookupPrivilegeDisplayNameA(
    PLUID lpLuid
    )

{

    //
    // LookupPrivilegeDisplayNameA test
    //

    BOOL          Bool;
    DWORD         cbName = 0;
    UCHAR         Name[BUFFER_SIZE];
    DWORD         LanguageId;
    LPSTR         PrivName;


    printf("      LookupA call . . . . . . . . . . . . . . . . . ");


    TestGetPrivNameA( &PrivName, lpLuid );
    Bool = LookupPrivilegeDisplayNameA(
               NULL,
               PrivName,
               Name,
               &cbName,
               &LanguageId
               );

    //
    // Expect failure here
    //

    if ( !Bool && GetLastError() != ERROR_INSUFFICIENT_BUFFER ) {
        printf("** FAILED **\n");
        printf("        First call.\n");
        printf("        Status:             %d\n", GetLastError());
        printf("        Name Length:        %d\n", cbName);
    } else {


        Bool = LookupPrivilegeDisplayNameA(
                   NULL,
                   PrivName,
                   Name,
                   &cbName,
               &LanguageId
                   );

        if ( !Bool ) {
            printf("** FAILED **\n");
            printf("        Second call.\n");
            printf("        Status:             %d\n", GetLastError());
            printf("        Name Length:        %d\n", cbName);
        } else {
            printf("Succeeded\n");
            printf("        Name Length:        %d\n", cbName);
            printf("        Name:               *%s*\n", Name);
            printf("        LanguageID:         %d\n", LanguageId);
            printf("\n\n");
        }
    }

    RtlFreeHeap( RtlProcessHeap(), 0, PrivName );
    return;
}