Changeset 10394 for trunk/src/win32k/pe2lx/pe2lx.cpp
- Timestamp:
- Jan 15, 2004, 11:14:58 AM (22 years ago)
- File:
-
- 1 edited
-
trunk/src/win32k/pe2lx/pe2lx.cpp (modified) (12 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/win32k/pe2lx/pe2lx.cpp
r9977 r10394 1 /* $Id: pe2lx.cpp,v 1.3 6 2003-04-02 14:27:32 birdExp $1 /* $Id: pe2lx.cpp,v 1.37 2004-01-15 10:14:58 sandervl Exp $ 2 2 * 3 3 * Pe2Lx class implementation. Ring 0 and Ring 3 … … 500 500 if ((paSections[i].Characteristics & paSecChars2Flags[j].Characteristics) == paSecChars2Flags[j].Characteristics) 501 501 flFlags |= paSecChars2Flags[j].flFlags; 502 /* make sure the import table is writable */ 503 if ( !(flFlags & OBJWRITE) 504 && pNtHdrs->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].Size 505 && paSections[i].VirtualAddress <= pNtHdrs->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress 506 && paSections[i].VirtualAddress + paSections[i].Misc.VirtualSize > pNtHdrs->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress) 507 { 508 printInf(("Forcing section read/write since it contains import directory\n")); 509 flFlags |= OBJWRITE | OBJREAD; 510 } 502 511 if ((flFlags & (OBJEXEC | OBJWRITE)) == (OBJEXEC | OBJWRITE)) 503 512 flFlags &= (ULONG)~OBJEXEC; … … 2718 2727 * Validate pNtHdrs. 2719 2728 * IF forwarders present and exports not made THEN makeExports! 2720 * Check and read directories for imports and relocations.2721 2729 * Create necessary Buffered RVA Readers. 2722 * Make sure kernel32 is the first imported module. 2723 * Initiate the import variables (if any imports): 2724 * Loop thru the import descriptiors looking for the lowest FirstThunk RVA. (ulRVAOrgFirstThunk and ulRVAFirstThunk) 2725 * When found read the module name and add it. (ulModuleOrdinal) 2730 * Make sure kernel32/custombuild is the first imported module. 2726 2731 * Initiate base relocations by reading the first Base Relocation. 2727 2732 * Initiate iObj to 0UL, ulRVAPage to the RVA for the first object (which is allways 0UL!). … … 2781 2786 ULONG Pe2Lx::makeFixups() 2782 2787 { 2783 BOOL fImports; /* fImport is set when a valid import directory is present. */2784 ULONG ulRVAImportDesc; /* RVA of the first import descriptor. */2785 IMAGE_IMPORT_DESCRIPTOR ImportDesc; /* Import descriptor struct used while reading. */2786 BufferedRVARead *pImportReader; /* Buffered reader import descriptors reads. */2787 BufferedRVARead *pImpNameReader; /* Buffered reader for names reads; ie. function and module names. */2788 BufferedRVARead *pImpThunkReader; /* Buffered reader for thunk reads; ie. reading from the OrgiginalFirstThunk array. */2789 ULONG ulModuleOrdinal; /* Module ordinal. Valid as long as fImport is set. */2790 #ifndef RING02791 ULONG ulCustomModOrdinal; /* Module ordinal of custom Odin dll. Valid as long as fImport is set. */2792 char szModuleName[128];2793 #endif2794 char * pszModuleName; /* Pointer to the current modulename or NULL. Only used with Custombuild. */2795 ULONG ulRVAFirstThunk; /* Current first thunk array RVA. Points at current entry. */2796 ULONG ulRVAOrgFirstThunk; /* Current original first thunk array RVA. Points at current entry. */2797 2788 #ifndef RING0 2798 2789 BOOL fBaseRelocs; /* fBaseReloc is set when a valid base reloc directory is present. */ … … 2805 2796 ULONG ulRVAPage; /* RVA for the current page. */ 2806 2797 ULONG ul; /* temporary unsigned long variable. Many uses. */ 2807 PSZ psz; /* temporary string pointer. Used for modulenames and functionnames. */2808 2798 ULONG iObj; /* Object iterator. (Index into paObjects) */ 2809 2799 APIRET rc; /* return code. */ … … 2830 2820 return rc; 2831 2821 } 2832 2833 /* Check if empty import directory. */2834 fImports = pNtHdrs->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].Size > 0UL2835 &&2836 (ulRVAImportDesc = pNtHdrs->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress) > 0UL2837 &&2838 ulRVAImportDesc < pNtHdrs->OptionalHeader.SizeOfImage;2839 2822 2840 2823 /* Check if empty base relocation directory. */ … … 2850 2833 printInf(("\n")); 2851 2834 #ifndef RING0 2852 printInf(("Make fixups, fBaseReloc=%s, fImports=%s\n", 2853 fBaseRelocs ? "true" : "false", 2854 fImports ? "true" : "false")); 2855 #else 2856 printInf(("Make fixups, fImports=%s\n", fImports ? "true" : "false")); 2835 printInf(("Make fixups, fBaseReloc=%s\n", 2836 fBaseRelocs ? "true" : "false")); 2857 2837 #endif 2858 2838 printInf(("\n")); … … 2870 2850 pRelocReader = pPageReader = NULL; 2871 2851 #endif 2872 if (fImports)2873 {2874 pImportReader = new BufferedRVARead(hFile, cObjects, paObjects);2875 pImpNameReader = new BufferedRVARead(hFile, cObjects, paObjects);2876 pImpThunkReader = new BufferedRVARead(hFile, cObjects, paObjects);2877 if (pImportReader == NULL || pImpNameReader == NULL || pImpThunkReader == NULL)2878 rc = ERROR_NOT_ENOUGH_MEMORY;2879 }2880 else2881 pImpThunkReader = pImpNameReader = pImportReader = NULL;2882 2852 2883 2853 /* check for errors */ … … 2890 2860 delete pRelocReader; 2891 2861 #endif 2892 if (pImportReader != NULL)2893 delete pImportReader;2894 if (pImpNameReader != NULL)2895 delete pImpNameReader;2896 if (pImpThunkReader != NULL)2897 delete pImpThunkReader;2898 2862 return rc; 2899 2863 } … … 2902 2866 #ifndef RING0 2903 2867 if (hasCustomDll()) 2904 {2905 2868 rc = addModule(options.pszCustomDll, (PULONG)SSToDS(&ul)); 2906 ulCustomModOrdinal = ul;2907 }2908 2869 else 2909 2870 #endif 2910 2871 rc = addModule("KERNEL32.DLL", (PULONG)SSToDS(&ul)); 2911 2912 /* initiate the import variables */2913 if (fImports && rc == NO_ERROR)2914 {2915 rc = pImportReader->readAtRVA(ulRVAImportDesc, SSToDS(&ImportDesc), sizeof(ImportDesc));2916 if (rc == NO_ERROR)2917 {2918 ul = 0;2919 ulRVAFirstThunk = ~0UL;2920 while (rc == NO_ERROR && ImportDesc.Name != 0UL && ImportDesc.FirstThunk != 0UL)2921 {2922 if ((ULONG)ImportDesc.FirstThunk < ulRVAFirstThunk || ulRVAFirstThunk == 0UL) /* 0 test: just in case... */2923 {2924 ulRVAFirstThunk = (ULONG)ImportDesc.FirstThunk;2925 ulRVAOrgFirstThunk = (ULONG)ImportDesc.u.OriginalFirstThunk != 0UL ?2926 (ULONG)ImportDesc.u.OriginalFirstThunk : (ULONG)ImportDesc.FirstThunk;2927 ulModuleOrdinal = ImportDesc.Name;2928 }2929 2930 /* next */2931 ul++;2932 rc = pImportReader->readAtRVA(ulRVAImportDesc + ul * sizeof(ImportDesc), SSToDS(&ImportDesc), sizeof(ImportDesc));2933 }2934 2935 if (ulRVAFirstThunk != ~0UL)2936 {2937 rc = pImpNameReader->dupString(ulModuleOrdinal, (PSZ*)SSToDS(&psz));2938 if (rc == NO_ERROR)2939 {2940 pszModuleName = NULL;2941 #ifdef RING02942 rc = addModule(psz, (PULONG)SSToDS(&ulModuleOrdinal));2943 2944 #else2945 /* Uppercase the module names, and skip the extension. */2946 if (hasCustomDll())2947 {2948 strcpy((pszModuleName = (char*)SSToDS(szModuleName)), psz);2949 ulModuleOrdinal = ulCustomModOrdinal;2950 for (char *pszTmp = pszModuleName; *pszTmp !='\0' && *pszTmp != '.'; pszTmp++)2951 if (*pszTmp >= 'a' && *pszTmp <= 'z')2952 *pszTmp += ('A' - 'a');2953 *pszTmp = '\0';2954 }2955 if (!hasCustomDll() || isCustomDllExcluded(pszModuleName))2956 {2957 rc = addModule(psz, (PULONG)SSToDS(&ulModuleOrdinal));2958 szModuleName[0] = '\0';2959 pszModuleName = NULL;2960 }2961 #endif2962 free(psz);2963 }2964 }2965 else2966 fImports = FALSE;2967 }2968 }2969 2872 2970 2873 … … 3013 2916 ORD_REGISTERPE2LXDLL : ORD_REGISTERPE2LXEXE, pszTmp); 3014 2917 } 3015 if (rc != NO_ERROR)3016 break;3017 }3018 3019 3020 /* check for imports at this page */3021 if (fImports && ulRVAFirstThunk < ulRVAPage + PAGESIZE)3022 {3023 while (rc == NO_ERROR && ulRVAFirstThunk < ulRVAPage + PAGESIZE)3024 {3025 IMAGE_THUNK_DATA Thunk;3026 rc = pImpThunkReader->readAtRVA(ulRVAOrgFirstThunk, SSToDS(&Thunk), sizeof(Thunk));3027 if (rc != NO_ERROR)3028 break;3029 if (Thunk.u1.Ordinal != 0UL)3030 {3031 if (Thunk.u1.Ordinal & (ULONG)IMAGE_ORDINAL_FLAG)3032 rc = add32OrdImportFixup((WORD)(ulRVAFirstThunk & (PAGESIZE-1)),3033 ulModuleOrdinal, Thunk.u1.Ordinal & 0xffff, pszModuleName);3034 else if (Thunk.u1.Ordinal > 0UL && Thunk.u1.Ordinal < pNtHdrs->OptionalHeader.SizeOfImage)3035 {3036 rc = pImpNameReader->dupString(Thunk.u1.Ordinal + offsetof(IMAGE_IMPORT_BY_NAME, Name),3037 (PSZ*)SSToDS(&psz));3038 if (rc != NO_ERROR)3039 break;3040 rc = add32NameImportFixup((WORD)(ulRVAFirstThunk & (PAGESIZE-1)),3041 ulModuleOrdinal, psz, pszModuleName);3042 free(psz);3043 }3044 else3045 {3046 printErr(("invalid value in thunk array, neither an ordinal value nor an valid RVA. 0x%08x\n", Thunk.u1.Ordinal));3047 rc = ERROR_INVALID_ADDRESS;3048 break;3049 }3050 3051 /* next */3052 ulRVAFirstThunk += sizeof(IMAGE_THUNK_DATA);3053 ulRVAOrgFirstThunk += sizeof(IMAGE_THUNK_DATA);3054 }3055 else3056 { /* next module */3057 rc = pImportReader->readAtRVA(ulRVAImportDesc, SSToDS(&ImportDesc), sizeof(ImportDesc));3058 if (rc == NO_ERROR)3059 {3060 ULONG ulRVAFirstThunkPrev = ulRVAFirstThunk;3061 ul = 0;3062 ulRVAFirstThunk = ~0UL;3063 while (rc == NO_ERROR && ImportDesc.Name != 0UL && ImportDesc.FirstThunk != 0UL)3064 {3065 if ((ULONG)ImportDesc.FirstThunk < ulRVAFirstThunk3066 && (ULONG)ImportDesc.FirstThunk > ulRVAFirstThunkPrev)3067 {3068 ulRVAFirstThunk = (ULONG)ImportDesc.FirstThunk;3069 ulRVAOrgFirstThunk = (ULONG)ImportDesc.u.OriginalFirstThunk != 0UL ?3070 (ULONG)ImportDesc.u.OriginalFirstThunk : (ULONG)ImportDesc.FirstThunk;3071 ulModuleOrdinal = ImportDesc.Name;3072 }3073 3074 /* next */3075 ul++;3076 rc = pImportReader->readAtRVA(ulRVAImportDesc + ul * sizeof(ImportDesc), SSToDS(&ImportDesc), sizeof(ImportDesc));3077 }3078 3079 if (ulRVAFirstThunk != ~0UL)3080 { /* modulename */3081 rc = pImpNameReader->dupString(ulModuleOrdinal, (PSZ*)SSToDS(&psz));3082 if (rc == NO_ERROR)3083 {3084 pszModuleName = NULL;3085 #ifdef RING03086 rc = addModule(psz, (PULONG)SSToDS(&ulModuleOrdinal));3087 3088 #else3089 if (hasCustomDll())3090 {3091 strcpy((pszModuleName = (char*)SSToDS(szModuleName)), psz);3092 ulModuleOrdinal = ulCustomModOrdinal;3093 for (char *pszTmp = pszModuleName; *pszTmp !='\0' && *pszTmp != '.'; pszTmp++)3094 if (*pszTmp >= 'a' && *pszTmp <= 'z')3095 *pszTmp += ('A' - 'a');3096 *pszTmp = '\0';3097 }3098 if (!hasCustomDll() || isCustomDllExcluded(pszModuleName))3099 {3100 rc = addModule(psz, (PULONG)SSToDS(&ulModuleOrdinal));3101 szModuleName[0] = '\0';3102 pszModuleName = NULL;3103 }3104 #endif3105 free(psz);3106 }3107 }3108 else3109 fImports = FALSE;3110 }3111 }3112 } /* while */3113 2918 if (rc != NO_ERROR) 3114 2919 break; … … 3212 3017 delete pRelocReader; 3213 3018 #endif 3214 if (pImportReader != NULL)3215 delete pImportReader;3216 if (pImpNameReader != NULL)3217 delete pImpNameReader;3218 if (pImpThunkReader != NULL)3219 delete pImpThunkReader;3220 3019 3221 3020 /* Release unused memory in fixup and import structures. */
Note:
See TracChangeset
for help on using the changeset viewer.
