BOOLEAN SrvIsSlmStatus ( IN PUNICODE_STRING StatusFile ) { UNICODE_STRING baseName; if ( !SrvIsEtcFile( StatusFile ) ) { return FALSE; } SrvGetBaseFileName( StatusFile, &baseName ); if ( ((RtlUnicodeStringToAnsiSize( &baseName ) - 1) == 10) && (toupper(baseName.Buffer[0]) == 'S') && (toupper(baseName.Buffer[1]) == 'T') && (toupper(baseName.Buffer[2]) == 'A') && (toupper(baseName.Buffer[3]) == 'T') && (toupper(baseName.Buffer[4]) == 'U') && (toupper(baseName.Buffer[5]) == 'S') && ( baseName.Buffer[6] == '.') && (toupper(baseName.Buffer[7]) == 'S') && (toupper(baseName.Buffer[8]) == 'L') && (toupper(baseName.Buffer[9]) == 'M') ) { return TRUE; } return FALSE; } // SrvIsSlmStatus
DynamicStringA StringToANSIString(const TempString &str) { UNICODE_STRING srcString; str.FillNTString(&srcString); DynamicStringA ret; size_t newLen = RtlUnicodeStringToAnsiSize(&srcString); if (!NT_SUCCESS(RtlUnicodeStringToAnsiString(ret.ToNTString(newLen), &srcString, FALSE))) ret.SetLength(0); else ret.UpdateLengthFromNTString(); return ret; }
BOOLEAN SrvIsEtcFile ( IN PUNICODE_STRING FileName ) { if ( ((RtlUnicodeStringToAnsiSize( FileName ) - 1) >= 4) && (toupper(FileName->Buffer[0]) == 'E') && (toupper(FileName->Buffer[1]) == 'T') && (toupper(FileName->Buffer[2]) == 'C') && ( FileName->Buffer[3] == '\\') ) { return TRUE; } else { LONG i; for ( i = 0; i < (LONG)RtlUnicodeStringToAnsiSize( FileName ) - 1 - 4; i++ ) { if ( ( FileName->Buffer[i] == '\\') && (toupper(FileName->Buffer[i+1]) == 'E' ) && (toupper(FileName->Buffer[i+2]) == 'T' ) && (toupper(FileName->Buffer[i+3]) == 'C' ) && ( FileName->Buffer[i+4] == '\\') ) { return TRUE; } } } return FALSE; } // SrvIsEtcFile
BOOLEAN SrvIsTempSlmStatus ( IN PUNICODE_STRING StatusFile ) { UNICODE_STRING baseName; if ( !SrvIsEtcFile( StatusFile ) ) { return FALSE; } SrvGetBaseFileName( StatusFile, &baseName ); if ( ((RtlUnicodeStringToAnsiSize( &baseName ) - 1) == 5) && (toupper(baseName.Buffer[0]) == 'T') && ( baseName.Buffer[1] == '0') ) { return TRUE; } return FALSE; } // SrvIsTempSlmStatus
static BOOL FASTCALL TuiSwapConsole(INT Next) { static PTUI_CONSOLE_DATA SwapConsole = NULL; /* Console we are thinking about swapping with */ DWORD BytesReturned; ANSI_STRING Title; PVOID Buffer; PCOORD pos; if (0 != Next) { /* * Alt-Tab, swap consoles. * move SwapConsole to next console, and print its title. */ EnterCriticalSection(&ActiveVirtConsLock); if (!SwapConsole) SwapConsole = ActiveConsole; SwapConsole = (0 < Next ? GetNextConsole(SwapConsole) : GetPrevConsole(SwapConsole)); Title.MaximumLength = RtlUnicodeStringToAnsiSize(&SwapConsole->Console->Title); Title.Length = 0; Buffer = ConsoleAllocHeap(0, sizeof(COORD) + Title.MaximumLength); pos = (PCOORD)Buffer; Title.Buffer = (PVOID)((ULONG_PTR)Buffer + sizeof(COORD)); RtlUnicodeStringToAnsiString(&Title, &SwapConsole->Console->Title, FALSE); pos->X = (PhysicalConsoleSize.X - Title.Length) / 2; pos->Y = PhysicalConsoleSize.Y / 2; /* Redraw the console to clear off old title */ ConioDrawConsole(ActiveConsole->Console); if (!DeviceIoControl(ConsoleDeviceHandle, IOCTL_CONSOLE_WRITE_OUTPUT_CHARACTER, NULL, 0, Buffer, sizeof(COORD) + Title.Length, &BytesReturned, NULL)) { DPRINT1( "Error writing to console\n" ); } ConsoleFreeHeap(Buffer); LeaveCriticalSection(&ActiveVirtConsLock); return TRUE; } else if (NULL != SwapConsole) { EnterCriticalSection(&ActiveVirtConsLock); if (SwapConsole != ActiveConsole) { /* First remove swapconsole from the list */ SwapConsole->Entry.Blink->Flink = SwapConsole->Entry.Flink; SwapConsole->Entry.Flink->Blink = SwapConsole->Entry.Blink; /* Now insert before activeconsole */ SwapConsole->Entry.Flink = &ActiveConsole->Entry; SwapConsole->Entry.Blink = ActiveConsole->Entry.Blink; ActiveConsole->Entry.Blink->Flink = &SwapConsole->Entry; ActiveConsole->Entry.Blink = &SwapConsole->Entry; } ActiveConsole = SwapConsole; SwapConsole = NULL; ConioDrawConsole(ActiveConsole->Console); LeaveCriticalSection(&ActiveVirtConsLock); return TRUE; } else { return FALSE; } }
void ProcKernelModuleLoaded(PUNICODE_STRING FullImageName, HANDLE ProcessId, PIMAGE_INFO ImageInfo) { char buf[256], *s, *sbuf; ANSI_STRING AS; ULONG l; modctl_t *ctl; int reloaded = 0; if (ImageInfo->SystemModeImage) { l = RtlUnicodeStringToAnsiSize(FullImageName); if (l == 0) return; RtlInitAnsiString(&AS, NULL); RtlUnicodeStringToAnsiString(&AS, FullImageName, TRUE); if (AS.MaximumLength >= AS.Length + 1) { AS.Buffer[AS.Length] = '\0'; } else { RtlFreeAnsiString(&AS); return; } s = strrchr(AS.Buffer, '\\'); if (s == NULL) { RtlFreeAnsiString(&AS); return; } s++; ctl = modules; do { if (strcmp(ctl->mod_modname, s) == 0 && ctl->size == ImageInfo->ImageSize) { ctl->imgbase = (uintptr_t) ImageInfo->ImageBase; ctl->loadcnt++; reloaded = 1; dprintf("dtrace.sys: module %s reloaded\n", s); break; } } while ((ctl = ctl->mod_next) != modules); if (reloaded == 0) { ctl = ExAllocatePoolWithTag(NonPagedPool, sizeof(modctl_t), 'Tag1'); if (ctl == NULL) { return; } sbuf = ExAllocatePoolWithTag(NonPagedPool, strlen(s)+1, 'Tag1'); RtlFreeAnsiString(&AS); if (sbuf == NULL) { ExFreePoolWithTag(ctl, 'Tag1'); return; } strcpy(sbuf, s); ctl->imgbase = (uintptr_t) ImageInfo->ImageBase; ctl->size = ImageInfo->ImageSize; ctl->mod_modname = sbuf; ctl->loadcnt = 0; ctl->nenabled = 0; ctl->fbt_nentries = 0; dprintf("dtrace.sys: module %s loaded\n", s); ctl->mod_next = modules->mod_next; modules->mod_next = ctl; } dtrace_module_loaded(ctl); } }
static NTSTATUS UserpCaptureStringParameters( OUT PULONG_PTR Parameters, OUT PULONG SizeOfAllUnicodeStrings, IN PHARDERROR_MSG HardErrorMessage, HANDLE hProcess) { ULONG nParam, Size = 0; NTSTATUS Status = STATUS_SUCCESS; UNICODE_STRING TempStringU, ParamStringU; ANSI_STRING TempStringA; if (SizeOfAllUnicodeStrings) *SizeOfAllUnicodeStrings = 0; /* Read all strings from client space */ for (nParam = 0; nParam < HardErrorMessage->NumberOfParameters; nParam++) { Parameters[nParam] = 0; /* Check if the current parameter is a unicode string */ if (HardErrorMessage->UnicodeStringParameterMask & (1 << nParam)) { /* Read the UNICODE_STRING from the process memory */ Status = NtReadVirtualMemory(hProcess, (PVOID)HardErrorMessage->Parameters[nParam], &ParamStringU, sizeof(ParamStringU), NULL); if (!NT_SUCCESS(Status)) break; /* Allocate a buffer for the string */ TempStringU.MaximumLength = ParamStringU.Length; TempStringU.Length = ParamStringU.Length; TempStringU.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, TempStringU.MaximumLength); if (!TempStringU.Buffer) { DPRINT1("Cannot allocate memory %u\n", TempStringU.MaximumLength); Status = STATUS_NO_MEMORY; } /* Read the string buffer from the process memory */ Status = NtReadVirtualMemory(hProcess, ParamStringU.Buffer, TempStringU.Buffer, ParamStringU.Length, NULL); if (!NT_SUCCESS(Status)) { DPRINT1("NtReadVirtualMemory failed with code: %lx\n", Status); RtlFreeHeap(RtlGetProcessHeap(), 0, TempStringU.Buffer); break; } DPRINT("ParamString=\'%wZ\'\n", &TempStringU); /* Allocate a buffer for converted to ANSI string */ TempStringA.MaximumLength = RtlUnicodeStringToAnsiSize(&TempStringU); TempStringA.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, TempStringA.MaximumLength); if (!TempStringA.Buffer) { DPRINT1("Cannot allocate memory %u\n", TempStringA.MaximumLength); RtlFreeHeap(RtlGetProcessHeap(), 0, TempStringU.Buffer); Status = STATUS_NO_MEMORY; break; } /* Convert string to ANSI and free temporary buffer */ Status = RtlUnicodeStringToAnsiString(&TempStringA, &TempStringU, FALSE); RtlFreeHeap(RtlGetProcessHeap(), 0, TempStringU.Buffer); if (!NT_SUCCESS(Status)) { RtlFreeHeap(RtlGetProcessHeap(), 0, TempStringA.Buffer); break; } /* Note: RtlUnicodeStringToAnsiString returns NULL terminated string */ Parameters[nParam] = (ULONG_PTR)TempStringA.Buffer; Size += TempStringU.Length; } else { /* It's not a unicode string */ Parameters[nParam] = HardErrorMessage->Parameters[nParam]; } } if (!NT_SUCCESS(Status)) { UserpFreeStringParameters(Parameters, HardErrorMessage); return Status; } if (SizeOfAllUnicodeStrings) *SizeOfAllUnicodeStrings = Size; return Status; }
ULONG NTAPI BasepUnicodeStringToAnsiSize(IN PUNICODE_STRING String) { return RtlUnicodeStringToAnsiSize(String); }