Author: ion
Date: Sat Jul 9 14:52:07 2011
New Revision: 52583
URL: http://svn.reactos.org/svn/reactos?rev=52583&view=rev
Log:
[NTDLL]: LdrFindEntryForAddress should cehck EntryInProgress first. Also add
missing dprint.
[NTDLL]: LdrVerifyImageMatchesCheckSum does not actually do the check if the
FileHandle is ORed with 1 (this is an optimization for KnownDLLs). Also, use
EndOfFile.LowPart for the checksum, not ViewSize.
[NTDLL]: LdrpGetProcedureAddress: fix overflows, incorrect constants, incorrect
memcopy call, and only run init routines if the thunk was actually snapped.
Modified:
trunk/reactos/dll/ntdll/ldr/ldrapi.c
trunk/reactos/dll/ntdll/ldr/ldrutils.c
Modified: trunk/reactos/dll/ntdll/ldr/ldrapi.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/ntdll/ldr/ldrapi.c?rev=52583&r1=52582&r2=52583&view=diff
==============================================================================
--- trunk/reactos/dll/ntdll/ldr/ldrapi.c [iso-8859-1] (original)
+++ trunk/reactos/dll/ntdll/ldr/ldrapi.c [iso-8859-1] Sat Jul 9 14:52:07 2011
@@ -374,6 +374,29 @@
/* Nothing to do */
if (!Ldr) return STATUS_NO_MORE_ENTRIES;
+
+ /* Get the current entry */
+ LdrEntry = Ldr->EntryInProgress;
+ if (LdrEntry)
+ {
+ /* Get the NT Headers */
+ NtHeader = RtlImageNtHeader(LdrEntry->DllBase);
+ if (NtHeader)
+ {
+ /* Get the Image Base */
+ DllBase = (ULONG_PTR)LdrEntry->DllBase;
+ DllEnd = DllBase + NtHeader->OptionalHeader.SizeOfImage;
+
+ /* Check if they match */
+ if (((ULONG_PTR)Address >= DllBase) &&
+ ((ULONG_PTR)Address < DllEnd))
+ {
+ /* Return it */
+ *Module = LdrEntry;
+ return STATUS_SUCCESS;
+ }
+ }
+ }
/* Loop the module list */
ListHead = &Ldr->InMemoryOrderModuleList;
@@ -382,7 +405,8 @@
{
/* Get the entry and NT Headers */
LdrEntry = CONTAINING_RECORD(NextEntry, LDR_DATA_TABLE_ENTRY,
InMemoryOrderModuleList);
- if ((NtHeader = RtlImageNtHeader(LdrEntry->DllBase)))
+ NtHeader = RtlImageNtHeader(LdrEntry->DllBase);
+ if (NtHeader)
{
/* Get the Image Base */
DllBase = (ULONG_PTR)LdrEntry->DllBase;
@@ -403,6 +427,8 @@
}
/* Nothing found */
+ // 85 == DPFLTR_LDR_ID;
+ DbgPrintEx(85, DPFLTR_WARNING_LEVEL, "LDR: %s() exiting 0x%08lx\n",
__FUNCTION__, STATUS_NO_MORE_ENTRIES);
return STATUS_NO_MORE_ENTRIES;
}
@@ -753,14 +779,16 @@
IO_STATUS_BLOCK IoStatusBlock;
PIMAGE_NT_HEADERS NtHeader;
HANDLE SectionHandle;
- SIZE_T ViewSize = 0;
- PVOID ViewBase = NULL;
- BOOLEAN Result;
+ SIZE_T ViewSize;
+ PVOID ViewBase;
+ BOOLEAN Result, NoActualCheck;
NTSTATUS Status;
PVOID ImportName;
ULONG Size;
-
DPRINT("LdrVerifyImageMatchesChecksum() called\n");
+
+ /* If the handle has the magic KnownDll flag, skip actual checksums */
+ NoActualCheck = ((ULONG_PTR)FileHandle & 1);
/* Create the section */
Status = NtCreateSection(&SectionHandle,
@@ -777,6 +805,8 @@
}
/* Map the section */
+ ViewSize = 0;
+ ViewBase = NULL;
Status = NtMapViewOfSection(SectionHandle,
NtCurrentProcess(),
&ViewBase,
@@ -811,13 +841,22 @@
/* Protect with SEH */
_SEH2_TRY
{
- /* Verify the checksum */
- Result = LdrVerifyMappedImageMatchesChecksum(ViewBase,
- ViewSize,
-
FileStandardInfo.EndOfFile.LowPart);
+ /* Check if this is the KnownDll hack */
+ if (NoActualCheck)
+ {
+ /* Don't actually do it */
+ Result = TRUE;
+ }
+ else
+ {
+ /* Verify the checksum */
+ Result = LdrVerifyMappedImageMatchesChecksum(ViewBase,
+
FileStandardInfo.EndOfFile.LowPart,
+
FileStandardInfo.EndOfFile.LowPart);
+ }
/* Check if a callback was supplied */
- if (Result && Callback)
+ if ((Result) && (Callback))
{
/* Get the NT Header */
NtHeader = RtlImageNtHeader(ViewBase);
@@ -866,7 +905,7 @@
NtClose(SectionHandle);
/* Return status */
- return !Result ? STATUS_IMAGE_CHECKSUM_MISMATCH : Status;
+ return Result ? Status : STATUS_IMAGE_CHECKSUM_MISMATCH;
}
NTSTATUS
Modified: trunk/reactos/dll/ntdll/ldr/ldrutils.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/ntdll/ldr/ldrutils.c?rev=52583&r1=52582&r2=52583&view=diff
==============================================================================
--- trunk/reactos/dll/ntdll/ldr/ldrutils.c [iso-8859-1] (original)
+++ trunk/reactos/dll/ntdll/ldr/ldrutils.c [iso-8859-1] Sat Jul 9 14:52:07 2011
@@ -1671,7 +1671,7 @@
PVOID ImageBase;
PIMAGE_IMPORT_BY_NAME ImportName = NULL;
PIMAGE_EXPORT_DIRECTORY ExportDir;
- ULONG ExportDirSize;
+ ULONG ExportDirSize, Length;
PLIST_ENTRY Entry;
/* Show debug message */
@@ -1684,20 +1684,22 @@
if (ShowSnaps) DbgPrint("NAME - %s\n", Name->Buffer);
/* Make sure it's not too long */
- if ((Name->Length + sizeof(CHAR) + sizeof(USHORT)) > MAXLONG)
+ Length = Name->Length +
+ sizeof(CHAR) +
+ FIELD_OFFSET(IMAGE_IMPORT_BY_NAME, Name);
+ if (Length > UNICODE_STRING_MAX_BYTES)
{
/* Won't have enough space to add the hint */
return STATUS_NAME_TOO_LONG;
}
/* Check if our buffer is large enough */
- if (Name->Length >= (sizeof(ImportBuffer) - sizeof(CHAR)))
+ if (Name->Length > sizeof(ImportBuffer))
{
/* Allocate from heap, plus 2 bytes for the Hint */
ImportName = RtlAllocateHeap(RtlGetProcessHeap(),
- 0,
- Name->Length + sizeof(CHAR) +
- sizeof(USHORT));
+ 0,
+ Length);
}
else
{
@@ -1709,8 +1711,8 @@
ImportName->Hint = 0;
/* Copy the name and null-terminate it */
- RtlMoveMemory(ImportName->Name, Name->Buffer, Name->Length);
- ImportName->Name[Name->Length] = 0;
+ RtlCopyMemory(ImportName->Name, Name->Buffer, Name->Length);
+ ImportName->Name[Name->Length] = ANSI_NULL;
/* Clear the high bit */
ImageBase = ImportName;
@@ -1724,16 +1726,16 @@
/* Show debug message */
if (ShowSnaps) DbgPrint("ORDINAL - %lx\n", Ordinal);
- if (Ordinal)
- {
- Thunk.u1.Ordinal = Ordinal | IMAGE_ORDINAL_FLAG;
- }
- else
+ /* Make sure an ordinal was given */
+ if (!Ordinal)
{
/* No ordinal */
DPRINT1("No ordinal and no name\n");
return STATUS_INVALID_PARAMETER;
}
+
+ /* Set the orginal flag in the thunk */
+ Thunk.u1.Ordinal = Ordinal | IMAGE_ORDINAL_FLAG;
}
/* Acquire lock unless we are initting */
@@ -1774,7 +1776,7 @@
NULL);
/* Finally, see if we're supposed to run the init routines */
- if (ExecuteInit)
+ if ((NT_SUCCESS(Status)) && (ExecuteInit))
{
/*
* It's possible a forwarded entry had us load the DLL. In that
case,
