projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[KERNEL32] FatalAppExitW: Add an 'UNREFERENCED_LOCAL_VARIABLE(Status)' (#2883)
[reactos.git] / dll / win32 / kernel32 / client / proc.c
1 /*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS system libraries
4 * FILE: dll/win32/kernel32/client/proc.c
5 * PURPOSE: Process functions
6 * PROGRAMMERS: Ariadne (ariadne@xs4all.nl)
7 * UPDATE HISTORY:
8 * Created 01/11/98
9 */
10
11 /* INCLUDES ****************************************************************/
12
13 #include <k32.h>
14
15 #define NDEBUG
16 #include <debug.h>
17
18 /* GLOBALS *******************************************************************/
19
20 WaitForInputIdleType UserWaitForInputIdleRoutine;
21 UNICODE_STRING BaseUnicodeCommandLine;
22 ANSI_STRING BaseAnsiCommandLine;
23 UNICODE_STRING BasePathVariableName = RTL_CONSTANT_STRING(L"PATH");
24 LPSTARTUPINFOA BaseAnsiStartupInfo = NULL;
25 PLDR_DATA_TABLE_ENTRY BasepExeLdrEntry;
26 BOOLEAN g_AppCertInitialized;
27 BOOLEAN g_HaveAppCerts;
28 LIST_ENTRY BasepAppCertDllsList;
29 RTL_CRITICAL_SECTION gcsAppCert;
30 PBASEP_APPCERT_EMBEDDED_FUNC fEmbeddedCertFunc;
31 NTSTATUS g_AppCertStatus;
32 RTL_QUERY_REGISTRY_TABLE BasepAppCertTable[2] =
33 {
34 {
35 BasepConfigureAppCertDlls,
36 1,
37 L"AppCertDlls",
38 &BasepAppCertDllsList,
39 0,
40 NULL,
41 0
42 }
43 };
44
45 PSAFER_REPLACE_PROCESS_THREAD_TOKENS g_SaferReplaceProcessThreadTokens;
46 HMODULE gSaferHandle = (HMODULE)-1;
47
48 VOID WINAPI
49 RegisterWaitForInputIdle(WaitForInputIdleType lpfnRegisterWaitForInputIdle);
50
51 #define CMD_STRING L"cmd /c "
52
53 /* FUNCTIONS ****************************************************************/
54
55 VOID
56 WINAPI
57 StuffStdHandle(IN HANDLE ProcessHandle,
58 IN HANDLE StandardHandle,
59 IN PHANDLE Address)
60 {
61 NTSTATUS Status;
62 HANDLE DuplicatedHandle;
63 SIZE_T NumberOfBytesWritten;
64
65 /* If there is no handle to duplicate, return immediately */
66 if (!StandardHandle) return;
67
68 /* Duplicate the handle */
69 Status = NtDuplicateObject(NtCurrentProcess(),
70 StandardHandle,
71 ProcessHandle,
72 &DuplicatedHandle,
73 0,
74 0,
75 DUPLICATE_SAME_ACCESS |
76 DUPLICATE_SAME_ATTRIBUTES);
77 if (!NT_SUCCESS(Status)) return;
78
79 /* Write it */
80 NtWriteVirtualMemory(ProcessHandle,
81 Address,
82 &DuplicatedHandle,
83 sizeof(HANDLE),
84 &NumberOfBytesWritten);
85 }
86
87 BOOLEAN
88 WINAPI
89 BuildSubSysCommandLine(IN LPCWSTR SubsystemName,
90 IN LPCWSTR ApplicationName,
91 IN LPCWSTR CommandLine,
92 OUT PUNICODE_STRING SubsysCommandLine)
93 {
94 UNICODE_STRING CommandLineString, ApplicationNameString;
95 PWCHAR Buffer;
96 ULONG Length;
97
98 /* Convert to unicode strings */
99 RtlInitUnicodeString(&CommandLineString, ApplicationName);
100 RtlInitUnicodeString(&ApplicationNameString, CommandLine);
101
102 /* Allocate buffer for the output string */
103 Length = CommandLineString.MaximumLength + ApplicationNameString.MaximumLength + 32;
104 Buffer = RtlAllocateHeap(RtlGetProcessHeap(), 0, Length);
105 RtlInitEmptyUnicodeString(SubsysCommandLine, Buffer, (USHORT)Length);
106 if (!Buffer)
107 {
108 /* Fail, no memory */
109 BaseSetLastNTError(STATUS_NO_MEMORY);
110 return FALSE;
111 }
112
113 /* Build the final subsystem command line */
114 RtlAppendUnicodeToString(SubsysCommandLine, SubsystemName);
115 RtlAppendUnicodeStringToString(SubsysCommandLine, &CommandLineString);
116 RtlAppendUnicodeToString(SubsysCommandLine, L" /C ");
117 RtlAppendUnicodeStringToString(SubsysCommandLine, &ApplicationNameString);
118 return TRUE;
119 }
120
121 BOOLEAN
122 WINAPI
123 BasepIsImageVersionOk(IN ULONG ImageMajorVersion,
124 IN ULONG ImageMinorVersion)
125 {
126 /* Accept images for NT 3.1 or higher */
127 if (ImageMajorVersion > 3 ||
128 (ImageMajorVersion == 3 && ImageMinorVersion >= 10))
129 {
130 /* ReactOS-specific: Accept images even if they are newer than our internal NT version. */
131 if (ImageMajorVersion > SharedUserData->NtMajorVersion ||
132 (ImageMajorVersion == SharedUserData->NtMajorVersion && ImageMinorVersion > SharedUserData->NtMinorVersion))
133 {
134 DPRINT1("Accepting image version %lu.%lu, although ReactOS is an NT %hu.%hu OS!\n",
135 ImageMajorVersion,
136 ImageMinorVersion,
137 SharedUserData->NtMajorVersion,
138 SharedUserData->NtMinorVersion);
139 }
140
141 return TRUE;
142 }
143
144 return FALSE;
145 }
146
147 NTSTATUS
148 WINAPI
149 BasepCheckWebBladeHashes(IN HANDLE FileHandle)
150 {
151 NTSTATUS Status;
152 CHAR Hash[16];
153
154 /* Get all the MD5 hashes */
155 Status = RtlComputeImportTableHash(FileHandle, Hash, 1);
156 if (!NT_SUCCESS(Status)) return Status;
157
158 /* Depending on which suite this is, run a bsearch and block the appropriate ones */
159 if (SharedUserData->SuiteMask & VER_SUITE_COMPUTE_SERVER)
160 {
161 DPRINT1("Egad! This is a ReactOS Compute Server and we should prevent you from using certain APIs...but we won't.");
162 }
163 else if (SharedUserData->SuiteMask & VER_SUITE_STORAGE_SERVER)
164 {
165 DPRINT1("Gasp! This is a ReactOS Storage Server and we should prevent you from using certain APIs...but we won't.");
166 }
167 else if (SharedUserData->SuiteMask & VER_SUITE_BLADE)
168 {
169 DPRINT1("Golly! This is a ReactOS Web Blade Server and we should prevent you from using certain APIs...but we won't.");
170 }
171
172 /* Actually, fuck it, don't block anything, we're open source */
173 return STATUS_SUCCESS;
174 }
175
176 NTSTATUS
177 NTAPI
178 BasepSaveAppCertRegistryValue(IN PLIST_ENTRY List,
179 IN PWCHAR ComponentName,
180 IN PWCHAR DllName)
181 {
182 /* Pretty much the only thing this key is used for, is malware */
183 UNIMPLEMENTED;
184 return STATUS_NOT_IMPLEMENTED;
185 }
186
187 NTSTATUS
188 NTAPI
189 BasepConfigureAppCertDlls(IN PWSTR ValueName,
190 IN ULONG ValueType,
191 IN PVOID ValueData,
192 IN ULONG ValueLength,
193 IN PVOID Context,
194 IN PVOID EntryContext)
195 {
196 /* Add this to the certification list */
197 return BasepSaveAppCertRegistryValue(Context, ValueName, ValueData);
198 }
199
200 NTSTATUS
201 WINAPI
202 BasepIsProcessAllowed(IN LPWSTR ApplicationName)
203 {
204 NTSTATUS Status, Status1;
205 PWCHAR Buffer;
206 UINT Length;
207 HMODULE TrustLibrary;
208 PBASEP_APPCERT_ENTRY Entry;
209 ULONG CertFlag;
210 PLIST_ENTRY NextEntry;
211 HANDLE KeyHandle;
212 UNICODE_STRING CertKey = RTL_CONSTANT_STRING(L"\\Registry\\MACHINE\\System\\CurrentControlSet\\Control\\Session Manager\\AppCertDlls");
213 OBJECT_ATTRIBUTES KeyAttributes = RTL_CONSTANT_OBJECT_ATTRIBUTES(&CertKey, OBJ_CASE_INSENSITIVE);
214
215 /* Try to initialize the certification subsystem */
216 while (!g_AppCertInitialized)
217 {
218 /* Defaults */
219 Status = STATUS_SUCCESS;
220 Buffer = NULL;
221
222 /* Acquire the lock while initializing and see if we lost a race */
223 RtlEnterCriticalSection(&gcsAppCert);
224 if (g_AppCertInitialized) break;
225
226 /* On embedded, there is a special DLL */
227 if (SharedUserData->SuiteMask & VER_SUITE_EMBEDDEDNT)
228 {
229 /* Allocate a buffer for the name */
230 Buffer = RtlAllocateHeap(RtlGetProcessHeap(),
231 0,
232 MAX_PATH * sizeof(WCHAR) +
233 sizeof(UNICODE_NULL));
234 if (!Buffer)
235 {
236 /* Fail if no memory */
237 Status = STATUS_NO_MEMORY;
238 }
239 else
240 {
241 /* Now get the system32 directory in our buffer, make sure it fits */
242 Length = GetSystemDirectoryW(Buffer, MAX_PATH - sizeof("EmbdTrst.DLL"));
243 if ((Length) && (Length <= MAX_PATH - sizeof("EmbdTrst.DLL")))
244 {
245 /* Add a slash if needed, and add the embedded cert DLL name */
246 if (Buffer[Length - 1] != '\\') Buffer[Length++] = '\\';
247 RtlCopyMemory(&Buffer[Length],
248 L"EmbdTrst.DLL",
249 sizeof(L"EmbdTrst.DLL"));
250
251 /* Try to load it */
252 TrustLibrary = LoadLibraryW(Buffer);
253 if (TrustLibrary)
254 {
255 /* And extract the special function out of it */
256 fEmbeddedCertFunc = (PVOID)GetProcAddress(TrustLibrary,
257 "ImageOkToRunOnEmbeddedNT");
258 }
259 }
260
261 /* If we didn't get this far, set a failure code */
262 if (!fEmbeddedCertFunc) Status = STATUS_UNSUCCESSFUL;
263 }
264 }
265 else
266 {
267 /* Other systems have a registry entry for this */
268 Status1 = NtOpenKey(&KeyHandle, KEY_READ, &KeyAttributes);
269 if (NT_SUCCESS(Status1))
270 {
271 /* Close it, we'll query it through Rtl */
272 NtClose(KeyHandle);
273
274 /* Do the query, which will call a special callback */
275 Status = RtlQueryRegistryValues(RTL_REGISTRY_CONTROL,
276 L"Session Manager",
277 BasepAppCertTable,
278 NULL,
279 NULL);
280 if (Status == STATUS_OBJECT_NAME_NOT_FOUND)
281 {
282 Status = STATUS_SUCCESS;
283 }
284 }
285 }
286
287 /* Free any buffer if we had one */
288 if (Buffer) RtlFreeHeap(RtlGetProcessHeap(), 0, Buffer);
289
290 /* Check for errors, or a missing embedded/custom certification DLL */
291 if (!NT_SUCCESS(Status) ||
292 (!(fEmbeddedCertFunc) && (IsListEmpty(&BasepAppCertDllsList))))
293 {
294 /* The subsystem is not active on this machine, so give up */
295 g_HaveAppCerts = FALSE;
296 g_AppCertStatus = Status;
297 }
298 else
299 {
300 /* We have certification DLLs active, remember this */
301 g_HaveAppCerts = TRUE;
302 }
303
304 /* We are done the initialization phase, release the lock */
305 g_AppCertInitialized = TRUE;
306 RtlLeaveCriticalSection(&gcsAppCert);
307 }
308
309 /* If there's no certification DLLs present, return the failure code */
310 if (!g_HaveAppCerts) return g_AppCertStatus;
311
312 /* Otherwise, assume success and make sure we have *something* */
313 ASSERT(fEmbeddedCertFunc || !IsListEmpty(&BasepAppCertDllsList));
314 Status = STATUS_SUCCESS;
315
316 /* If the something is an embedded certification DLL, call it and return */
317 if (fEmbeddedCertFunc) return fEmbeddedCertFunc(ApplicationName);
318
319 /* Otherwise we have custom certification DLLs, parse them */
320 NextEntry = BasepAppCertDllsList.Flink;
321 CertFlag = 2;
322 while (NextEntry != &BasepAppCertDllsList)
323 {
324 /* Make sure the entry has a callback */
325 Entry = CONTAINING_RECORD(NextEntry, BASEP_APPCERT_ENTRY, Entry);
326 ASSERT(Entry->fPluginCertFunc != NULL);
327
328 /* Call it and check if it failed */
329 Status = Entry->fPluginCertFunc(ApplicationName, 1);
330 if (!NT_SUCCESS(Status)) CertFlag = 3;
331
332 /* Move on */
333 NextEntry = NextEntry->Flink;
334 }
335
336 /* Now loop them again */
337 NextEntry = BasepAppCertDllsList.Flink;
338 while (NextEntry != &BasepAppCertDllsList)
339 {
340 /* Make sure the entry has a callback */
341 Entry = CONTAINING_RECORD(NextEntry, BASEP_APPCERT_ENTRY, Entry);
342 ASSERT(Entry->fPluginCertFunc != NULL);
343
344 /* Call it, this time with the flag from the loop above */
345 Status = Entry->fPluginCertFunc(ApplicationName, CertFlag);
346 }
347
348 /* All done, return the status */
349 return Status;
350 }
351
352 NTSTATUS
353 WINAPI
354 BasepReplaceProcessThreadTokens(IN HANDLE TokenHandle,
355 IN HANDLE ProcessHandle,
356 IN HANDLE ThreadHandle)
357 {
358 NTSTATUS Status;
359 ANSI_STRING SaferiReplaceProcessThreadTokens = RTL_CONSTANT_STRING("SaferiReplaceProcessThreadTokens");
360
361 /* Enter the application certification lock */
362 RtlEnterCriticalSection(&gcsAppCert);
363
364 /* Check if we already know the function */
365 if (g_SaferReplaceProcessThreadTokens)
366 {
367 /* Call it */
368 Status = g_SaferReplaceProcessThreadTokens(TokenHandle,
369 ProcessHandle,
370 ThreadHandle) ?
371 STATUS_SUCCESS :
372 STATUS_UNSUCCESSFUL;
373 }
374 else
375 {
376 /* Check if the app certification DLL isn't loaded */
377 if (!(gSaferHandle) ||
378 (gSaferHandle == (HMODULE)-1) ||
379 (gSaferHandle == (HMODULE)-2))
380 {
381 /* Then we can't call the function */
382 Status = STATUS_ENTRYPOINT_NOT_FOUND;
383 }
384 else
385 {
386 /* We have the DLL, find the address of the Safer function */
387 Status = LdrGetProcedureAddress(gSaferHandle,
388 &SaferiReplaceProcessThreadTokens,
389 0,
390 (PVOID*)&g_SaferReplaceProcessThreadTokens);
391 if (NT_SUCCESS(Status))
392 {
393 /* Found it, now call it */
394 Status = g_SaferReplaceProcessThreadTokens(TokenHandle,
395 ProcessHandle,
396 ThreadHandle) ?
397 STATUS_SUCCESS :
398 STATUS_UNSUCCESSFUL;
399 }
400 else
401 {
402 /* We couldn't find it, so this must be an unsupported DLL */
403 LdrUnloadDll(gSaferHandle);
404 gSaferHandle = NULL;
405 Status = STATUS_ENTRYPOINT_NOT_FOUND;
406 }
407 }
408 }
409
410 /* Release the lock and return the result */
411 RtlLeaveCriticalSection(&gcsAppCert);
412 return Status;
413 }
414
415 VOID
416 WINAPI
417 BasepSxsCloseHandles(IN PBASE_MSG_SXS_HANDLES Handles)
418 {
419 NTSTATUS Status;
420
421 /* Sanity checks */
422 ASSERT(Handles != NULL);
423 ASSERT(Handles->Process == NULL || Handles->Process == NtCurrentProcess());
424
425 /* Close the file handle */
426 if (Handles->File)
427 {
428 Status = NtClose(Handles->File);
429 ASSERT(NT_SUCCESS(Status));
430 }
431
432 /* Close the section handle */
433 if (Handles->Section)
434 {
435 Status = NtClose(Handles->Section);
436 ASSERT(NT_SUCCESS(Status));
437 }
438
439 /* Unmap the section view */
440 if (Handles->ViewBase.QuadPart)
441 {
442 Status = NtUnmapViewOfSection(NtCurrentProcess(),
443 (PVOID)(ULONG_PTR)Handles->ViewBase.QuadPart);
444 ASSERT(NT_SUCCESS(Status));
445 }
446 }
447
448 VOID
449 WINAPI
450 BaseProcessStartup(PPROCESS_START_ROUTINE lpStartAddress)
451 {
452 DPRINT("BaseProcessStartup(..) - setting up exception frame.\n");
453
454 _SEH2_TRY
455 {
456 /* Set our Start Address */
457 NtSetInformationThread(NtCurrentThread(),
458 ThreadQuerySetWin32StartAddress,
459 &lpStartAddress,
460 sizeof(PPROCESS_START_ROUTINE));
461
462 /* Call the Start Routine */
463 ExitThread(lpStartAddress());
464 }
465 _SEH2_EXCEPT(UnhandledExceptionFilter(_SEH2_GetExceptionInformation()))
466 {
467 /* Get the Exit code from the SEH Handler */
468 if (!BaseRunningInServerProcess)
469 {
470 /* Kill the whole process, usually */
471 ExitProcess(_SEH2_GetExceptionCode());
472 }
473 else
474 {
475 /* If running inside CSRSS, kill just this thread */
476 ExitThread(_SEH2_GetExceptionCode());
477 }
478 }
479 _SEH2_END;
480 }
481
482 BOOLEAN
483 WINAPI
484 BasePushProcessParameters(IN ULONG ParameterFlags,
485 IN HANDLE ProcessHandle,
486 IN PPEB RemotePeb,
487 IN LPCWSTR ApplicationPathName,
488 IN LPWSTR lpCurrentDirectory,
489 IN LPWSTR lpCommandLine,
490 IN LPVOID lpEnvironment,
491 IN LPSTARTUPINFOW StartupInfo,
492 IN DWORD CreationFlags,
493 IN BOOL InheritHandles,
494 IN ULONG ImageSubsystem,
495 IN PVOID AppCompatData,
496 IN ULONG AppCompatDataSize)
497 {
498 WCHAR FullPath[MAX_PATH + 5];
499 PWCHAR Remaining, DllPathString, ScanChar;
500 PRTL_USER_PROCESS_PARAMETERS ProcessParameters, RemoteParameters;
501 PVOID RemoteAppCompatData;
502 UNICODE_STRING DllPath, ImageName, CommandLine, CurrentDirectory;
503 UNICODE_STRING Desktop, Shell, Runtime, Title;
504 NTSTATUS Status;
505 ULONG EnviroSize;
506 SIZE_T Size;
507 BOOLEAN HavePebLock = FALSE, Result;
508 PPEB Peb = NtCurrentPeb();
509
510 /* Get the full path name */
511 Size = GetFullPathNameW(ApplicationPathName,
512 MAX_PATH + 4,
513 FullPath,
514 &Remaining);
515 if ((Size) && (Size <= (MAX_PATH + 4)))
516 {
517 /* Get the DLL Path */
518 DllPathString = BaseComputeProcessDllPath(FullPath, lpEnvironment);
519 if (!DllPathString)
520 {
521 /* Fail */
522 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
523 return FALSE;
524 }
525
526 /* Initialize Strings */
527 RtlInitUnicodeString(&DllPath, DllPathString);
528 RtlInitUnicodeString(&ImageName, FullPath);
529 }
530 else
531 {
532 /* Couldn't get the path name. Just take the original path */
533 DllPathString = BaseComputeProcessDllPath((LPWSTR)ApplicationPathName,
534 lpEnvironment);
535 if (!DllPathString)
536 {
537 /* Fail */
538 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
539 return FALSE;
540 }
541
542 /* Initialize Strings */
543 RtlInitUnicodeString(&DllPath, DllPathString);
544 RtlInitUnicodeString(&ImageName, ApplicationPathName);
545 }
546
547 /* Initialize Strings */
548 RtlInitUnicodeString(&CommandLine, lpCommandLine);
549 RtlInitUnicodeString(&CurrentDirectory, lpCurrentDirectory);
550
551 /* Initialize more Strings from the Startup Info */
552 if (StartupInfo->lpDesktop)
553 {
554 RtlInitUnicodeString(&Desktop, StartupInfo->lpDesktop);
555 }
556 else
557 {
558 RtlInitUnicodeString(&Desktop, L"");
559 }
560 if (StartupInfo->lpReserved)
561 {
562 RtlInitUnicodeString(&Shell, StartupInfo->lpReserved);
563 }
564 else
565 {
566 RtlInitUnicodeString(&Shell, L"");
567 }
568 if (StartupInfo->lpTitle)
569 {
570 RtlInitUnicodeString(&Title, StartupInfo->lpTitle);
571 }
572 else
573 {
574 RtlInitUnicodeString(&Title, ApplicationPathName);
575 }
576
577 /* This one is special because the length can differ */
578 Runtime.Buffer = (LPWSTR)StartupInfo->lpReserved2;
579 Runtime.MaximumLength = Runtime.Length = StartupInfo->cbReserved2;
580
581 /* Enforce no app compat data if the pointer was NULL */
582 if (!AppCompatData) AppCompatDataSize = 0;
583
584 /* Create the Parameter Block */
585 ProcessParameters = NULL;
586 DPRINT("ImageName: '%wZ'\n", &ImageName);
587 DPRINT("DllPath : '%wZ'\n", &DllPath);
588 DPRINT("CurDir : '%wZ'\n", &CurrentDirectory);
589 DPRINT("CmdLine : '%wZ'\n", &CommandLine);
590 DPRINT("Title : '%wZ'\n", &Title);
591 DPRINT("Desktop : '%wZ'\n", &Desktop);
592 DPRINT("Shell : '%wZ'\n", &Shell);
593 DPRINT("Runtime : '%wZ'\n", &Runtime);
594 Status = RtlCreateProcessParameters(&ProcessParameters,
595 &ImageName,
596 &DllPath,
597 lpCurrentDirectory ?
598 &CurrentDirectory : NULL,
599 &CommandLine,
600 lpEnvironment,
601 &Title,
602 &Desktop,
603 &Shell,
604 &Runtime);
605 if (!NT_SUCCESS(Status)) goto FailPath;
606
607 /* Clear the current directory handle if not inheriting */
608 if (!InheritHandles) ProcessParameters->CurrentDirectory.Handle = NULL;
609
610 /* Check if the user passed in an environment */
611 if (lpEnvironment)
612 {
613 /* We should've made it part of the parameters block, enforce this */
614 ASSERT(ProcessParameters->Environment == lpEnvironment);
615 lpEnvironment = ProcessParameters->Environment;
616 }
617 else
618 {
619 /* The user did not, so use the one from the current PEB */
620 HavePebLock = TRUE;
621 RtlAcquirePebLock();
622 lpEnvironment = Peb->ProcessParameters->Environment;
623 }
624
625 /* Save pointer and start lookup */
626 ScanChar = lpEnvironment;
627 if (lpEnvironment)
628 {
629 /* Find the environment size */
630 while (*ScanChar++) while (*ScanChar++);
631 EnviroSize = (ULONG)((ULONG_PTR)ScanChar - (ULONG_PTR)lpEnvironment);
632
633 /* Allocate and Initialize new Environment Block */
634 Size = EnviroSize;
635 ProcessParameters->Environment = NULL;
636 Status = NtAllocateVirtualMemory(ProcessHandle,
637 (PVOID*)&ProcessParameters->Environment,
638 0,
639 &Size,
640 MEM_COMMIT,
641 PAGE_READWRITE);
642 if (!NT_SUCCESS(Status)) goto FailPath;
643
644 /* Write the Environment Block */
645 Status = NtWriteVirtualMemory(ProcessHandle,
646 ProcessParameters->Environment,
647 lpEnvironment,
648 EnviroSize,
649 NULL);
650
651 /* No longer need the PEB lock anymore */
652 if (HavePebLock)
653 {
654 /* Release it */
655 RtlReleasePebLock();
656 HavePebLock = FALSE;
657 }
658
659 /* Check if the write failed */
660 if (!NT_SUCCESS(Status)) goto FailPath;
661 }
662
663 /* Write new parameters */
664 ProcessParameters->StartingX = StartupInfo->dwX;
665 ProcessParameters->StartingY = StartupInfo->dwY;
666 ProcessParameters->CountX = StartupInfo->dwXSize;
667 ProcessParameters->CountY = StartupInfo->dwYSize;
668 ProcessParameters->CountCharsX = StartupInfo->dwXCountChars;
669 ProcessParameters->CountCharsY = StartupInfo->dwYCountChars;
670 ProcessParameters->FillAttribute = StartupInfo->dwFillAttribute;
671 ProcessParameters->WindowFlags = StartupInfo->dwFlags;
672 ProcessParameters->ShowWindowFlags = StartupInfo->wShowWindow;
673
674 /* Write the handles only if we have to */
675 if (StartupInfo->dwFlags &
676 (STARTF_USESTDHANDLES | STARTF_USEHOTKEY | STARTF_SHELLPRIVATE))
677 {
678 ProcessParameters->StandardInput = StartupInfo->hStdInput;
679 ProcessParameters->StandardOutput = StartupInfo->hStdOutput;
680 ProcessParameters->StandardError = StartupInfo->hStdError;
681 }
682
683 /* Use Special Flags for ConDllInitialize in Kernel32 */
684 if (CreationFlags & DETACHED_PROCESS)
685 {
686 ProcessParameters->ConsoleHandle = HANDLE_DETACHED_PROCESS;
687 }
688 else if (CreationFlags & CREATE_NEW_CONSOLE)
689 {
690 ProcessParameters->ConsoleHandle = HANDLE_CREATE_NEW_CONSOLE;
691 }
692 else if (CreationFlags & CREATE_NO_WINDOW)
693 {
694 ProcessParameters->ConsoleHandle = HANDLE_CREATE_NO_WINDOW;
695 }
696 else
697 {
698 /* Inherit our Console Handle */
699 ProcessParameters->ConsoleHandle = Peb->ProcessParameters->ConsoleHandle;
700
701 /* Make sure that the shell isn't trampling on our handles first */
702 if (!(StartupInfo->dwFlags &
703 (STARTF_USESTDHANDLES | STARTF_USEHOTKEY | STARTF_SHELLPRIVATE)))
704 {
705 /* Copy the handle if we are inheriting or if it's a console handle */
706 if ((InheritHandles) ||
707 (IsConsoleHandle(Peb->ProcessParameters->StandardInput)))
708 {
709 ProcessParameters->StandardInput = Peb->ProcessParameters->StandardInput;
710 }
711 if ((InheritHandles) ||
712 (IsConsoleHandle(Peb->ProcessParameters->StandardOutput)))
713 {
714 ProcessParameters->StandardOutput = Peb->ProcessParameters->StandardOutput;
715 }
716 if ((InheritHandles) ||
717 (IsConsoleHandle(Peb->ProcessParameters->StandardError)))
718 {
719 ProcessParameters->StandardError = Peb->ProcessParameters->StandardError;
720 }
721 }
722 }
723
724 /* Also set the Console Flag */
725 if ((CreationFlags & CREATE_NEW_PROCESS_GROUP) &&
726 (!(CreationFlags & CREATE_NEW_CONSOLE)))
727 {
728 ProcessParameters->ConsoleFlags = 1;
729 }
730
731 /* Check if there's a .local file present */
732 if (ParameterFlags & 1)
733 {
734 ProcessParameters->Flags |= RTL_USER_PROCESS_PARAMETERS_LOCAL_DLL_PATH;
735 }
736
737 /* Check if we failed to open the IFEO key */
738 if (ParameterFlags & 2)
739 {
740 ProcessParameters->Flags |= RTL_USER_PROCESS_PARAMETERS_IMAGE_KEY_MISSING;
741 }
742
743 /* Allocate memory for the parameter block */
744 Size = ProcessParameters->Length;
745 RemoteParameters = NULL;
746 Status = NtAllocateVirtualMemory(ProcessHandle,
747 (PVOID*)&RemoteParameters,
748 0,
749 &Size,
750 MEM_COMMIT,
751 PAGE_READWRITE);
752 if (!NT_SUCCESS(Status)) goto FailPath;
753
754 /* Set the allocated size */
755 ProcessParameters->MaximumLength = Size;
756
757 /* Handle some Parameter Flags */
758 ProcessParameters->Flags |= (CreationFlags & PROFILE_USER) ?
759 RTL_USER_PROCESS_PARAMETERS_PROFILE_USER : 0;
760 ProcessParameters->Flags |= (CreationFlags & PROFILE_KERNEL) ?
761 RTL_USER_PROCESS_PARAMETERS_PROFILE_KERNEL : 0;
762 ProcessParameters->Flags |= (CreationFlags & PROFILE_SERVER) ?
763 RTL_USER_PROCESS_PARAMETERS_PROFILE_SERVER : 0;
764 ProcessParameters->Flags |= (Peb->ProcessParameters->Flags &
765 RTL_USER_PROCESS_PARAMETERS_DISABLE_HEAP_CHECKS);
766
767 /* Write the Parameter Block */
768 Status = NtWriteVirtualMemory(ProcessHandle,
769 RemoteParameters,
770 ProcessParameters,
771 ProcessParameters->Length,
772 NULL);
773 if (!NT_SUCCESS(Status)) goto FailPath;
774
775 /* Write the PEB Pointer */
776 Status = NtWriteVirtualMemory(ProcessHandle,
777 &RemotePeb->ProcessParameters,
778 &RemoteParameters,
779 sizeof(PVOID),
780 NULL);
781 if (!NT_SUCCESS(Status)) goto FailPath;
782
783 /* Check if there's any app compat data to write */
784 RemoteAppCompatData = NULL;
785 if (AppCompatData)
786 {
787 /* Allocate some space for the application compatibility data */
788 Size = AppCompatDataSize;
789 Status = NtAllocateVirtualMemory(ProcessHandle,
790 &RemoteAppCompatData,
791 0,
792 &Size,
793 MEM_COMMIT,
794 PAGE_READWRITE);
795 if (!NT_SUCCESS(Status)) goto FailPath;
796
797 /* Write the application compatibility data */
798 Status = NtWriteVirtualMemory(ProcessHandle,
799 RemoteAppCompatData,
800 AppCompatData,
801 AppCompatDataSize,
802 NULL);
803 if (!NT_SUCCESS(Status)) goto FailPath;
804 }
805
806 /* Write the PEB Pointer to the app compat data (might be NULL) */
807 Status = NtWriteVirtualMemory(ProcessHandle,
808 &RemotePeb->pShimData,
809 &RemoteAppCompatData,
810 sizeof(PVOID),
811 NULL);
812 if (!NT_SUCCESS(Status)) goto FailPath;
813
814 /* Now write Peb->ImageSubSystem */
815 if (ImageSubsystem)
816 {
817 NtWriteVirtualMemory(ProcessHandle,
818 &RemotePeb->ImageSubsystem,
819 &ImageSubsystem,
820 sizeof(ImageSubsystem),
821 NULL);
822 }
823
824 /* Success path */
825 Result = TRUE;
826
827 Quickie:
828 /* Cleanup */
829 if (HavePebLock) RtlReleasePebLock();
830 RtlFreeHeap(RtlGetProcessHeap(), 0, DllPath.Buffer);
831 if (ProcessParameters) RtlDestroyProcessParameters(ProcessParameters);
832 return Result;
833 FailPath:
834 DPRINT1("Failure to create process parameters: %lx\n", Status);
835 BaseSetLastNTError(Status);
836 Result = FALSE;
837 goto Quickie;
838 }
839
840 VOID
841 WINAPI
842 InitCommandLines(VOID)
843 {
844 NTSTATUS Status;
845
846 /* Read the UNICODE_STRING from the PEB */
847 BaseUnicodeCommandLine = NtCurrentPeb()->ProcessParameters->CommandLine;
848
849 /* Convert to ANSI_STRING for the *A callers */
850 Status = RtlUnicodeStringToAnsiString(&BaseAnsiCommandLine,
851 &BaseUnicodeCommandLine,
852 TRUE);
853 if (!NT_SUCCESS(Status)) RtlInitEmptyAnsiString(&BaseAnsiCommandLine, 0, 0);
854 }
855
856 /* PUBLIC FUNCTIONS ***********************************************************/
857
858 /*
859 * @implemented
860 */
861 BOOL
862 WINAPI
863 GetProcessAffinityMask(IN HANDLE hProcess,
864 OUT PDWORD_PTR lpProcessAffinityMask,
865 OUT PDWORD_PTR lpSystemAffinityMask)
866 {
867 PROCESS_BASIC_INFORMATION ProcessInfo;
868 NTSTATUS Status;
869
870 /* Query information on the process from the kernel */
871 Status = NtQueryInformationProcess(hProcess,
872 ProcessBasicInformation,
873 &ProcessInfo,
874 sizeof(ProcessInfo),
875 NULL);
876 if (!NT_SUCCESS(Status))
877 {
878 /* Fail */
879 BaseSetLastNTError(Status);
880 return FALSE;
881 }
882
883 /* Copy the affinity mask, and get the system one from our shared data */
884 *lpProcessAffinityMask = (DWORD)ProcessInfo.AffinityMask;
885 *lpSystemAffinityMask = (DWORD)BaseStaticServerData->SysInfo.ActiveProcessorsAffinityMask;
886 return TRUE;
887 }
888
889 /*
890 * @implemented
891 */
892 BOOL
893 WINAPI
894 SetProcessAffinityMask(IN HANDLE hProcess,
895 IN DWORD_PTR dwProcessAffinityMask)
896 {
897 NTSTATUS Status;
898
899 /* Directly set the affinity mask */
900 Status = NtSetInformationProcess(hProcess,
901 ProcessAffinityMask,
902 (PVOID)&dwProcessAffinityMask,
903 sizeof(DWORD));
904 if (!NT_SUCCESS(Status))
905 {
906 /* Handle failure */
907 BaseSetLastNTError(Status);
908 return FALSE;
909 }
910
911 /* Everything was ok */
912 return TRUE;
913 }
914
915 /*
916 * @implemented
917 */
918 BOOL
919 WINAPI
920 GetProcessShutdownParameters(OUT LPDWORD lpdwLevel,
921 OUT LPDWORD lpdwFlags)
922 {
923 BASE_API_MESSAGE ApiMessage;
924 PBASE_GETSET_PROCESS_SHUTDOWN_PARAMS ShutdownParametersRequest = &ApiMessage.Data.ShutdownParametersRequest;
925
926 /* Ask CSRSS for shutdown information */
927 CsrClientCallServer((PCSR_API_MESSAGE)&ApiMessage,
928 NULL,
929 CSR_CREATE_API_NUMBER(BASESRV_SERVERDLL_INDEX, BasepGetProcessShutdownParam),
930 sizeof(*ShutdownParametersRequest));
931 if (!NT_SUCCESS(ApiMessage.Status))
932 {
933 /* Return the failure from CSRSS */
934 BaseSetLastNTError(ApiMessage.Status);
935 return FALSE;
936 }
937
938 /* Get the data back */
939 *lpdwLevel = ShutdownParametersRequest->ShutdownLevel;
940 *lpdwFlags = ShutdownParametersRequest->ShutdownFlags;
941 return TRUE;
942 }
943
944 /*
945 * @implemented
946 */
947 BOOL
948 WINAPI
949 SetProcessShutdownParameters(IN DWORD dwLevel,
950 IN DWORD dwFlags)
951 {
952 BASE_API_MESSAGE ApiMessage;
953 PBASE_GETSET_PROCESS_SHUTDOWN_PARAMS ShutdownParametersRequest = &ApiMessage.Data.ShutdownParametersRequest;
954
955 /* Write the data into the CSRSS request and send it */
956 ShutdownParametersRequest->ShutdownLevel = dwLevel;
957 ShutdownParametersRequest->ShutdownFlags = dwFlags;
958 CsrClientCallServer((PCSR_API_MESSAGE)&ApiMessage,
959 NULL,
960 CSR_CREATE_API_NUMBER(BASESRV_SERVERDLL_INDEX, BasepSetProcessShutdownParam),
961 sizeof(*ShutdownParametersRequest));
962 if (!NT_SUCCESS(ApiMessage.Status))
963 {
964 /* Return the failure from CSRSS */
965 BaseSetLastNTError(ApiMessage.Status);
966 return FALSE;
967 }
968
969 /* All went well */
970 return TRUE;
971 }
972
973 /*
974 * @implemented
975 */
976 BOOL
977 WINAPI
978 GetProcessWorkingSetSizeEx(IN HANDLE hProcess,
979 OUT PSIZE_T lpMinimumWorkingSetSize,
980 OUT PSIZE_T lpMaximumWorkingSetSize,
981 OUT PDWORD Flags)
982 {
983 QUOTA_LIMITS_EX QuotaLimits;
984 NTSTATUS Status;
985
986 /* Query the kernel about this */
987 Status = NtQueryInformationProcess(hProcess,
988 ProcessQuotaLimits,
989 &QuotaLimits,
990 sizeof(QuotaLimits),
991 NULL);
992 if (!NT_SUCCESS(Status))
993 {
994 /* Return error */
995 BaseSetLastNTError(Status);
996 return FALSE;
997 }
998
999 /* Copy the quota information out */
1000 *lpMinimumWorkingSetSize = QuotaLimits.MinimumWorkingSetSize;
1001 *lpMaximumWorkingSetSize = QuotaLimits.MaximumWorkingSetSize;
1002 *Flags = QuotaLimits.Flags;
1003 return TRUE;
1004 }
1005
1006 /*
1007 * @implemented
1008 */
1009 BOOL
1010 WINAPI
1011 GetProcessWorkingSetSize(IN HANDLE hProcess,
1012 OUT PSIZE_T lpMinimumWorkingSetSize,
1013 OUT PSIZE_T lpMaximumWorkingSetSize)
1014 {
1015 DWORD Dummy;
1016 return GetProcessWorkingSetSizeEx(hProcess,
1017 lpMinimumWorkingSetSize,
1018 lpMaximumWorkingSetSize,
1019 &Dummy);
1020 }
1021
1022 /*
1023 * @implemented
1024 */
1025 BOOL
1026 WINAPI
1027 SetProcessWorkingSetSizeEx(IN HANDLE hProcess,
1028 IN SIZE_T dwMinimumWorkingSetSize,
1029 IN SIZE_T dwMaximumWorkingSetSize,
1030 IN DWORD Flags)
1031 {
1032 QUOTA_LIMITS_EX QuotaLimits;
1033 NTSTATUS Status, ReturnStatus;
1034 BOOL Result;
1035 PVOID State;
1036 ULONG Privilege = SE_INC_BASE_PRIORITY_PRIVILEGE;
1037
1038 /* Zero out the input structure */
1039 RtlZeroMemory(&QuotaLimits, sizeof(QuotaLimits));
1040
1041 /* Check if the caller sent any limits */
1042 if ((dwMinimumWorkingSetSize) && (dwMaximumWorkingSetSize))
1043 {
1044 /* Write the quota information */
1045 QuotaLimits.MinimumWorkingSetSize = dwMinimumWorkingSetSize;
1046 QuotaLimits.MaximumWorkingSetSize = dwMaximumWorkingSetSize;
1047 QuotaLimits.Flags = Flags;
1048
1049 /* Acquire the required privilege */
1050 Status = RtlAcquirePrivilege(&Privilege, 1, 0, &State);
1051
1052 /* Request the new quotas */
1053 ReturnStatus = NtSetInformationProcess(hProcess,
1054 ProcessQuotaLimits,
1055 &QuotaLimits,
1056 sizeof(QuotaLimits));
1057 Result = NT_SUCCESS(ReturnStatus);
1058 if (NT_SUCCESS(Status))
1059 {
1060 /* Release the privilege and set succes code */
1061 ASSERT(State != NULL);
1062 RtlReleasePrivilege(State);
1063 State = NULL;
1064 }
1065 }
1066 else
1067 {
1068 /* No limits, fail the call */
1069 ReturnStatus = STATUS_INVALID_PARAMETER;
1070 Result = FALSE;
1071 }
1072
1073 /* Return result code, set error code if this was a failure */
1074 if (!Result) BaseSetLastNTError(ReturnStatus);
1075 return Result;
1076 }
1077
1078 /*
1079 * @implemented
1080 */
1081 BOOL
1082 WINAPI
1083 SetProcessWorkingSetSize(IN HANDLE hProcess,
1084 IN SIZE_T dwMinimumWorkingSetSize,
1085 IN SIZE_T dwMaximumWorkingSetSize)
1086 {
1087 /* Call the newer API */
1088 return SetProcessWorkingSetSizeEx(hProcess,
1089 dwMinimumWorkingSetSize,
1090 dwMaximumWorkingSetSize,
1091 0);
1092 }
1093
1094 /*
1095 * @implemented
1096 */
1097 BOOL
1098 WINAPI
1099 GetProcessTimes(IN HANDLE hProcess,
1100 IN LPFILETIME lpCreationTime,
1101 IN LPFILETIME lpExitTime,
1102 IN LPFILETIME lpKernelTime,
1103 IN LPFILETIME lpUserTime)
1104 {
1105 KERNEL_USER_TIMES Kut;
1106 NTSTATUS Status;
1107
1108 /* Query the times */
1109 Status = NtQueryInformationProcess(hProcess,
1110 ProcessTimes,
1111 &Kut,
1112 sizeof(Kut),
1113 NULL);
1114 if (!NT_SUCCESS(Status))
1115 {
1116 /* Handle failure */
1117 BaseSetLastNTError(Status);
1118 return FALSE;
1119 }
1120
1121 /* Copy all the times and return success */
1122 lpCreationTime->dwLowDateTime = Kut.CreateTime.u.LowPart;
1123 lpCreationTime->dwHighDateTime = Kut.CreateTime.u.HighPart;
1124 lpExitTime->dwLowDateTime = Kut.ExitTime.u.LowPart;
1125 lpExitTime->dwHighDateTime = Kut.ExitTime.u.HighPart;
1126 lpKernelTime->dwLowDateTime = Kut.KernelTime.u.LowPart;
1127 lpKernelTime->dwHighDateTime = Kut.KernelTime.u.HighPart;
1128 lpUserTime->dwLowDateTime = Kut.UserTime.u.LowPart;
1129 lpUserTime->dwHighDateTime = Kut.UserTime.u.HighPart;
1130 return TRUE;
1131 }
1132
1133 /*
1134 * @implemented
1135 */
1136 HANDLE
1137 WINAPI
1138 GetCurrentProcess(VOID)
1139 {
1140 return (HANDLE)NtCurrentProcess();
1141 }
1142
1143 /*
1144 * @implemented
1145 */
1146 HANDLE
1147 WINAPI
1148 GetCurrentThread(VOID)
1149 {
1150 return (HANDLE)NtCurrentThread();
1151 }
1152
1153 /*
1154 * @implemented
1155 */
1156 DWORD
1157 WINAPI
1158 GetCurrentProcessId(VOID)
1159 {
1160 return HandleToUlong(NtCurrentTeb()->ClientId.UniqueProcess);
1161 }
1162
1163 /*
1164 * @implemented
1165 */
1166 BOOL
1167 WINAPI
1168 GetExitCodeProcess(IN HANDLE hProcess,
1169 IN LPDWORD lpExitCode)
1170 {
1171 PROCESS_BASIC_INFORMATION ProcessBasic;
1172 NTSTATUS Status;
1173
1174 /* Ask the kernel */
1175 Status = NtQueryInformationProcess(hProcess,
1176 ProcessBasicInformation,
1177 &ProcessBasic,
1178 sizeof(ProcessBasic),
1179 NULL);
1180 if (!NT_SUCCESS(Status))
1181 {
1182 /* We failed, was this because this is a VDM process? */
1183 if (BaseCheckForVDM(hProcess, lpExitCode) != FALSE) return TRUE;
1184
1185 /* Not a VDM process, fail the call */
1186 BaseSetLastNTError(Status);
1187 return FALSE;
1188 }
1189
1190 /* Succes case, return the exit code */
1191 *lpExitCode = (DWORD)ProcessBasic.ExitStatus;
1192 return TRUE;
1193 }
1194
1195 /*
1196 * @implemented
1197 */
1198 DWORD
1199 WINAPI
1200 GetProcessId(IN HANDLE Process)
1201 {
1202 PROCESS_BASIC_INFORMATION ProcessBasic;
1203 NTSTATUS Status;
1204
1205 /* Query the kernel */
1206 Status = NtQueryInformationProcess(Process,
1207 ProcessBasicInformation,
1208 &ProcessBasic,
1209 sizeof(ProcessBasic),
1210 NULL);
1211 if (!NT_SUCCESS(Status))
1212 {
1213 /* Handle failure */
1214 BaseSetLastNTError(Status);
1215 return 0;
1216 }
1217
1218 /* Return the PID */
1219 return (DWORD)ProcessBasic.UniqueProcessId;
1220 }
1221
1222 /*
1223 * @implemented
1224 */
1225 HANDLE
1226 WINAPI
1227 OpenProcess(IN DWORD dwDesiredAccess,
1228 IN BOOL bInheritHandle,
1229 IN DWORD dwProcessId)
1230 {
1231 NTSTATUS Status;
1232 HANDLE ProcessHandle;
1233 OBJECT_ATTRIBUTES ObjectAttributes;
1234 CLIENT_ID ClientId;
1235
1236 /* Setup the input client ID structure */
1237 ClientId.UniqueProcess = UlongToHandle(dwProcessId);
1238 ClientId.UniqueThread = 0;
1239
1240 /* This is needed just to define the inheritance flags */
1241 InitializeObjectAttributes(&ObjectAttributes,
1242 NULL,
1243 (bInheritHandle ? OBJ_INHERIT : 0),
1244 NULL,
1245 NULL);
1246
1247 /* Now try to open the process */
1248 Status = NtOpenProcess(&ProcessHandle,
1249 dwDesiredAccess,
1250 &ObjectAttributes,
1251 &ClientId);
1252 if (!NT_SUCCESS(Status))
1253 {
1254 /* Handle failure */
1255 BaseSetLastNTError(Status);
1256 return NULL;
1257 }
1258
1259 /* Otherwise return a handle to the process */
1260 return ProcessHandle;
1261 }
1262
1263 /*
1264 * @implemented
1265 */
1266 VOID
1267 WINAPI
1268 RegisterWaitForInputIdle(IN WaitForInputIdleType lpfnRegisterWaitForInputIdle)
1269 {
1270 /* Write the global function pointer */
1271 UserWaitForInputIdleRoutine = lpfnRegisterWaitForInputIdle;
1272 }
1273
1274 /*
1275 * @implemented
1276 */
1277 VOID
1278 WINAPI
1279 GetStartupInfoW(IN LPSTARTUPINFOW lpStartupInfo)
1280 {
1281 PRTL_USER_PROCESS_PARAMETERS Params;
1282
1283 /* Get the process parameters */
1284 Params = NtCurrentPeb()->ProcessParameters;
1285
1286 /* Copy the data out of there */
1287 lpStartupInfo->cb = sizeof(STARTUPINFOW);
1288 lpStartupInfo->lpReserved = Params->ShellInfo.Buffer;
1289 lpStartupInfo->lpDesktop = Params->DesktopInfo.Buffer;
1290 lpStartupInfo->lpTitle = Params->WindowTitle.Buffer;
1291 lpStartupInfo->dwX = Params->StartingX;
1292 lpStartupInfo->dwY = Params->StartingY;
1293 lpStartupInfo->dwXSize = Params->CountX;
1294 lpStartupInfo->dwYSize = Params->CountY;
1295 lpStartupInfo->dwXCountChars = Params->CountCharsX;
1296 lpStartupInfo->dwYCountChars = Params->CountCharsY;
1297 lpStartupInfo->dwFillAttribute = Params->FillAttribute;
1298 lpStartupInfo->dwFlags = Params->WindowFlags;
1299 lpStartupInfo->wShowWindow = (WORD)Params->ShowWindowFlags;
1300 lpStartupInfo->cbReserved2 = Params->RuntimeData.Length;
1301 lpStartupInfo->lpReserved2 = (LPBYTE)Params->RuntimeData.Buffer;
1302
1303 /* Check if the standard handles are being used for other features */
1304 if (lpStartupInfo->dwFlags & (STARTF_USESTDHANDLES |
1305 STARTF_USEHOTKEY |
1306 STARTF_SHELLPRIVATE))
1307 {
1308 /* These are, so copy the standard handles too */
1309 lpStartupInfo->hStdInput = Params->StandardInput;
1310 lpStartupInfo->hStdOutput = Params->StandardOutput;
1311 lpStartupInfo->hStdError = Params->StandardError;
1312 }
1313 }
1314
1315 /*
1316 * @implemented
1317 */
1318 VOID
1319 WINAPI
1320 GetStartupInfoA(IN LPSTARTUPINFOA lpStartupInfo)
1321 {
1322 PRTL_USER_PROCESS_PARAMETERS Params;
1323 ANSI_STRING TitleString, ShellString, DesktopString;
1324 LPSTARTUPINFOA StartupInfo;
1325 NTSTATUS Status;
1326
1327 /* Get the cached information as well as the PEB parameters */
1328 StartupInfo = BaseAnsiStartupInfo;
1329 Params = NtCurrentPeb()->ProcessParameters;
1330
1331 /* Check if this is the first time we have to get the cached version */
1332 while (!StartupInfo)
1333 {
1334 /* Create new ANSI startup info */
1335 StartupInfo = RtlAllocateHeap(RtlGetProcessHeap(),
1336 0,
1337 sizeof(*StartupInfo));
1338 if (StartupInfo)
1339 {
1340 /* Zero out string pointers in case we fail to create them */
1341 StartupInfo->lpReserved = NULL;
1342 StartupInfo->lpDesktop = NULL;
1343 StartupInfo->lpTitle = NULL;
1344
1345 /* Set the size */
1346 StartupInfo->cb = sizeof(*StartupInfo);
1347
1348 /* Copy what's already stored in the PEB */
1349 StartupInfo->dwX = Params->StartingX;
1350 StartupInfo->dwY = Params->StartingY;
1351 StartupInfo->dwXSize = Params->CountX;
1352 StartupInfo->dwYSize = Params->CountY;
1353 StartupInfo->dwXCountChars = Params->CountCharsX;
1354 StartupInfo->dwYCountChars = Params->CountCharsY;
1355 StartupInfo->dwFillAttribute = Params->FillAttribute;
1356 StartupInfo->dwFlags = Params->WindowFlags;
1357 StartupInfo->wShowWindow = (WORD)Params->ShowWindowFlags;
1358 StartupInfo->cbReserved2 = Params->RuntimeData.Length;
1359 StartupInfo->lpReserved2 = (LPBYTE)Params->RuntimeData.Buffer;
1360 StartupInfo->hStdInput = Params->StandardInput;
1361 StartupInfo->hStdOutput = Params->StandardOutput;
1362 StartupInfo->hStdError = Params->StandardError;
1363
1364 /* Copy shell info string */
1365 Status = RtlUnicodeStringToAnsiString(&ShellString,
1366 &Params->ShellInfo,
1367 TRUE);
1368 if (NT_SUCCESS(Status))
1369 {
1370 /* Save it */
1371 StartupInfo->lpReserved = ShellString.Buffer;
1372
1373 /* Copy desktop info string */
1374 Status = RtlUnicodeStringToAnsiString(&DesktopString,
1375 &Params->DesktopInfo,
1376 TRUE);
1377 if (NT_SUCCESS(Status))
1378 {
1379 /* Save it */
1380 StartupInfo->lpDesktop = DesktopString.Buffer;
1381
1382 /* Copy window title string */
1383 Status = RtlUnicodeStringToAnsiString(&TitleString,
1384 &Params->WindowTitle,
1385 TRUE);
1386 if (NT_SUCCESS(Status))
1387 {
1388 /* Save it */
1389 StartupInfo->lpTitle = TitleString.Buffer;
1390
1391 /* We finished with the ANSI version, try to cache it */
1392 if (!InterlockedCompareExchangePointer((PVOID*)&BaseAnsiStartupInfo,
1393 StartupInfo,
1394 NULL))
1395 {
1396 /* We were the first thread through, use the data */
1397 break;
1398 }
1399
1400 /* Someone beat us to it, use their data instead */
1401 StartupInfo = BaseAnsiStartupInfo;
1402 Status = STATUS_SUCCESS;
1403
1404 /* We're going to free our own stuff, but not raise */
1405 RtlFreeAnsiString(&TitleString);
1406 }
1407 RtlFreeAnsiString(&DesktopString);
1408 }
1409 RtlFreeAnsiString(&ShellString);
1410 }
1411 RtlFreeHeap(RtlGetProcessHeap(), 0, StartupInfo);
1412 }
1413 else
1414 {
1415 /* No memory, fail */
1416 Status = STATUS_NO_MEMORY;
1417 }
1418
1419 /* Raise an error unless we got here due to the race condition */
1420 if (!NT_SUCCESS(Status)) RtlRaiseStatus(Status);
1421 }
1422
1423 /* Now copy from the cached ANSI version */
1424 lpStartupInfo->cb = StartupInfo->cb;
1425 lpStartupInfo->lpReserved = StartupInfo->lpReserved;
1426 lpStartupInfo->lpDesktop = StartupInfo->lpDesktop;
1427 lpStartupInfo->lpTitle = StartupInfo->lpTitle;
1428 lpStartupInfo->dwX = StartupInfo->dwX;
1429 lpStartupInfo->dwY = StartupInfo->dwY;
1430 lpStartupInfo->dwXSize = StartupInfo->dwXSize;
1431 lpStartupInfo->dwYSize = StartupInfo->dwYSize;
1432 lpStartupInfo->dwXCountChars = StartupInfo->dwXCountChars;
1433 lpStartupInfo->dwYCountChars = StartupInfo->dwYCountChars;
1434 lpStartupInfo->dwFillAttribute = StartupInfo->dwFillAttribute;
1435 lpStartupInfo->dwFlags = StartupInfo->dwFlags;
1436 lpStartupInfo->wShowWindow = StartupInfo->wShowWindow;
1437 lpStartupInfo->cbReserved2 = StartupInfo->cbReserved2;
1438 lpStartupInfo->lpReserved2 = StartupInfo->lpReserved2;
1439
1440 /* Check if the shell is hijacking the handles for other features */
1441 if (lpStartupInfo->dwFlags &
1442 (STARTF_USESTDHANDLES | STARTF_USEHOTKEY | STARTF_SHELLPRIVATE))
1443 {
1444 /* It isn't, so we can return the raw values */
1445 lpStartupInfo->hStdInput = StartupInfo->hStdInput;
1446 lpStartupInfo->hStdOutput = StartupInfo->hStdOutput;
1447 lpStartupInfo->hStdError = StartupInfo->hStdError;
1448 }
1449 else
1450 {
1451 /* It is, so make sure nobody uses these as console handles */
1452 lpStartupInfo->hStdInput = INVALID_HANDLE_VALUE;
1453 lpStartupInfo->hStdOutput = INVALID_HANDLE_VALUE;
1454 lpStartupInfo->hStdError = INVALID_HANDLE_VALUE;
1455 }
1456 }
1457
1458 /*
1459 * @implemented
1460 */
1461 BOOL
1462 WINAPI
1463 FlushInstructionCache(IN HANDLE hProcess,
1464 IN LPCVOID lpBaseAddress,
1465 IN SIZE_T nSize)
1466 {
1467 NTSTATUS Status;
1468
1469 /* Call the native function */
1470 Status = NtFlushInstructionCache(hProcess, (PVOID)lpBaseAddress, nSize);
1471 if (!NT_SUCCESS(Status))
1472 {
1473 /* Handle failure case */
1474 BaseSetLastNTError(Status);
1475 return FALSE;
1476 }
1477
1478 /* All good */
1479 return TRUE;
1480 }
1481
1482 /*
1483 * @implemented
1484 */
1485 VOID
1486 WINAPI
1487 ExitProcess(IN UINT uExitCode)
1488 {
1489 BASE_API_MESSAGE ApiMessage;
1490 PBASE_EXIT_PROCESS ExitProcessRequest = &ApiMessage.Data.ExitProcessRequest;
1491
1492 ASSERT(!BaseRunningInServerProcess);
1493
1494 _SEH2_TRY
1495 {
1496 /* Acquire the PEB lock */
1497 RtlAcquirePebLock();
1498
1499 /* Kill all the threads */
1500 NtTerminateProcess(NULL, uExitCode);
1501
1502 /* Unload all DLLs */
1503 LdrShutdownProcess();
1504
1505 /* Notify Base Server of process termination */
1506 ExitProcessRequest->uExitCode = uExitCode;
1507 CsrClientCallServer((PCSR_API_MESSAGE)&ApiMessage,
1508 NULL,
1509 CSR_CREATE_API_NUMBER(BASESRV_SERVERDLL_INDEX, BasepExitProcess),
1510 sizeof(*ExitProcessRequest));
1511
1512 /* Now do it again */
1513 NtTerminateProcess(NtCurrentProcess(), uExitCode);
1514 }
1515 _SEH2_FINALLY
1516 {
1517 /* Release the PEB lock */
1518 RtlReleasePebLock();
1519 }
1520 _SEH2_END;
1521
1522 /* should never get here */
1523 ASSERT(0);
1524 while(1);
1525 }
1526
1527 /*
1528 * @implemented
1529 */
1530 BOOL
1531 WINAPI
1532 TerminateProcess(IN HANDLE hProcess,
1533 IN UINT uExitCode)
1534 {
1535 NTSTATUS Status;
1536
1537 /* Check if no handle was passed in */
1538 if (!hProcess)
1539 {
1540 /* Set error code */
1541 SetLastError(ERROR_INVALID_HANDLE);
1542 }
1543 else
1544 {
1545 /* Otherwise, try to terminate the process */
1546 Status = NtTerminateProcess(hProcess, uExitCode);
1547 if (NT_SUCCESS(Status)) return TRUE;
1548
1549 /* It failed, convert error code */
1550 BaseSetLastNTError(Status);
1551 }
1552
1553 /* This is the failure path */
1554 return FALSE;
1555 }
1556
1557 /*
1558 * @implemented
1559 */
1560 VOID
1561 WINAPI
1562 FatalAppExitA(UINT uAction,
1563 LPCSTR lpMessageText)
1564 {
1565 PUNICODE_STRING MessageTextU;
1566 ANSI_STRING MessageText;
1567 NTSTATUS Status;
1568
1569 /* Initialize the string using the static TEB pointer */
1570 MessageTextU = &NtCurrentTeb()->StaticUnicodeString;
1571 RtlInitAnsiString(&MessageText, (LPSTR)lpMessageText);
1572
1573 /* Convert to unicode, or just exit normally if this failed */
1574 Status = RtlAnsiStringToUnicodeString(MessageTextU, &MessageText, FALSE);
1575 if (!NT_SUCCESS(Status)) ExitProcess(0);
1576
1577 /* Call the Wide function */
1578 FatalAppExitW(uAction, MessageTextU->Buffer);
1579 }
1580
1581 /*
1582 * @implemented
1583 */
1584 VOID
1585 WINAPI
1586 FatalAppExitW(IN UINT uAction,
1587 IN LPCWSTR lpMessageText)
1588 {
1589 UNICODE_STRING UnicodeString;
1590 ULONG Response;
1591 NTSTATUS Status;
1592
1593 /* Setup the string to print out */
1594 RtlInitUnicodeString(&UnicodeString, lpMessageText);
1595
1596 /* Display the hard error no matter what */
1597 Status = NtRaiseHardError(STATUS_FATAL_APP_EXIT | HARDERROR_OVERRIDE_ERRORMODE,
1598 1,
1599 1,
1600 (PULONG_PTR)&UnicodeString,
1601 #if DBG
1602 /* On Checked builds, Windows allows the user to cancel the operation */
1603 OptionOkCancel,
1604 #else
1605 OptionOk,
1606 #endif
1607 &Response);
1608
1609 #if DBG
1610 /* Give the user a chance to abort */
1611 if ((NT_SUCCESS(Status)) && (Response == ResponseCancel)) return;
1612 #else
1613 UNREFERENCED_LOCAL_VARIABLE(Status);
1614 #endif
1615
1616 /* Otherwise kill the process */
1617 ExitProcess(0);
1618 }
1619
1620 /*
1621 * @implemented
1622 */
1623 VOID
1624 WINAPI
1625 FatalExit(IN int ExitCode)
1626 {
1627 #if DBG
1628 /* On Checked builds, Windows gives the user a nice little debugger UI */
1629 CHAR ch[2];
1630 DbgPrint("FatalExit...\n");
1631 DbgPrint("\n");
1632
1633 while (TRUE)
1634 {
1635 DbgPrompt( "A (Abort), B (Break), I (Ignore)? ", ch, sizeof(ch));
1636 switch (ch[0])
1637 {
1638 case 'B': case 'b':
1639 DbgBreakPoint();
1640 break;
1641
1642 case 'A': case 'a':
1643 ExitProcess(ExitCode);
1644
1645 case 'I': case 'i':
1646 return;
1647 }
1648 }
1649 #endif
1650 /* On other builds, just kill the process */
1651 ExitProcess(ExitCode);
1652 }
1653
1654 /*
1655 * @implemented
1656 */
1657 DWORD
1658 WINAPI
1659 GetPriorityClass(IN HANDLE hProcess)
1660 {
1661 NTSTATUS Status;
1662 PROCESS_PRIORITY_CLASS PriorityClass;
1663
1664 /* Query the kernel */
1665 Status = NtQueryInformationProcess(hProcess,
1666 ProcessPriorityClass,
1667 &PriorityClass,
1668 sizeof(PriorityClass),
1669 NULL);
1670 if (NT_SUCCESS(Status))
1671 {
1672 /* Handle the conversion from NT to Win32 classes */
1673 switch (PriorityClass.PriorityClass)
1674 {
1675 case PROCESS_PRIORITY_CLASS_IDLE: return IDLE_PRIORITY_CLASS;
1676 case PROCESS_PRIORITY_CLASS_BELOW_NORMAL: return BELOW_NORMAL_PRIORITY_CLASS;
1677 case PROCESS_PRIORITY_CLASS_ABOVE_NORMAL: return ABOVE_NORMAL_PRIORITY_CLASS;
1678 case PROCESS_PRIORITY_CLASS_HIGH: return HIGH_PRIORITY_CLASS;
1679 case PROCESS_PRIORITY_CLASS_REALTIME: return REALTIME_PRIORITY_CLASS;
1680 case PROCESS_PRIORITY_CLASS_NORMAL: default: return NORMAL_PRIORITY_CLASS;
1681 }
1682 }
1683
1684 /* Failure path */
1685 BaseSetLastNTError(Status);
1686 return FALSE;
1687 }
1688
1689 /*
1690 * @implemented
1691 */
1692 BOOL
1693 WINAPI
1694 SetPriorityClass(IN HANDLE hProcess,
1695 IN DWORD dwPriorityClass)
1696 {
1697 NTSTATUS Status;
1698 PVOID State = NULL;
1699 PROCESS_PRIORITY_CLASS PriorityClass;
1700
1701 /* Handle conversion from Win32 to NT priority classes */
1702 switch (dwPriorityClass)
1703 {
1704 case IDLE_PRIORITY_CLASS:
1705 PriorityClass.PriorityClass = PROCESS_PRIORITY_CLASS_IDLE;
1706 break;
1707
1708 case BELOW_NORMAL_PRIORITY_CLASS:
1709 PriorityClass.PriorityClass = PROCESS_PRIORITY_CLASS_BELOW_NORMAL;
1710 break;
1711
1712 case NORMAL_PRIORITY_CLASS:
1713 PriorityClass.PriorityClass = PROCESS_PRIORITY_CLASS_NORMAL;
1714 break;
1715
1716 case ABOVE_NORMAL_PRIORITY_CLASS:
1717 PriorityClass.PriorityClass = PROCESS_PRIORITY_CLASS_ABOVE_NORMAL;
1718 break;
1719
1720 case HIGH_PRIORITY_CLASS:
1721 PriorityClass.PriorityClass = PROCESS_PRIORITY_CLASS_HIGH;
1722 break;
1723
1724 case REALTIME_PRIORITY_CLASS:
1725 /* Try to acquire the privilege. If it fails, just use HIGH */
1726 State = BasepIsRealtimeAllowed(TRUE);
1727 PriorityClass.PriorityClass = PROCESS_PRIORITY_CLASS_HIGH;
1728 PriorityClass.PriorityClass += (State != NULL);
1729 break;
1730
1731 default:
1732 /* Unrecognized priority classes don't make it to the kernel */
1733 SetLastError(ERROR_INVALID_PARAMETER);
1734 return FALSE;
1735 }
1736
1737 /* Send the request to the kernel, and don't touch the foreground flag */
1738 PriorityClass.Foreground = FALSE;
1739 Status = NtSetInformationProcess(hProcess,
1740 ProcessPriorityClass,
1741 &PriorityClass,
1742 sizeof(PROCESS_PRIORITY_CLASS));
1743
1744 /* Release the privilege if we had it */
1745 if (State) RtlReleasePrivilege(State);
1746 if (!NT_SUCCESS(Status))
1747 {
1748 /* Handle error path */
1749 BaseSetLastNTError(Status);
1750 return FALSE;
1751 }
1752
1753 /* All done */
1754 return TRUE;
1755 }
1756
1757 /*
1758 * @implemented
1759 */
1760 DWORD
1761 WINAPI
1762 GetProcessVersion(IN DWORD ProcessId)
1763 {
1764 DWORD Version = 0;
1765 PIMAGE_NT_HEADERS NtHeader;
1766 PIMAGE_DOS_HEADER DosHeader;
1767 PPEB Peb;
1768 PROCESS_BASIC_INFORMATION ProcessBasicInfo;
1769 PVOID BaseAddress;
1770 ULONG e_lfanew;
1771 HANDLE ProcessHandle = NULL;
1772 NTSTATUS Status;
1773 USHORT VersionData[2];
1774 BOOLEAN Result;
1775
1776 /* We'll be accessing stuff that can fault, so protect everything with SEH */
1777 _SEH2_TRY
1778 {
1779 /* It this an in-process or out-of-process request? */
1780 if (!(ProcessId) || (GetCurrentProcessId() == ProcessId))
1781 {
1782 /* It's in-process, so just read our own header */
1783 NtHeader = RtlImageNtHeader(NtCurrentPeb()->ImageBaseAddress);
1784 if (!NtHeader)
1785 {
1786 /* Unable to read the NT header, something is wrong here... */
1787 Status = STATUS_INVALID_IMAGE_FORMAT;
1788 goto Error;
1789 }
1790
1791 /* Get the version straight out of the NT header */
1792 Version = MAKELONG(NtHeader->OptionalHeader.MinorSubsystemVersion,
1793 NtHeader->OptionalHeader.MajorSubsystemVersion);
1794 }
1795 else
1796 {
1797 /* Out-of-process, so open it */
1798 ProcessHandle = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION,
1799 FALSE,
1800 ProcessId);
1801 if (!ProcessHandle) _SEH2_YIELD(return 0);
1802
1803 /* Try to find out where its PEB lives */
1804 Status = NtQueryInformationProcess(ProcessHandle,
1805 ProcessBasicInformation,
1806 &ProcessBasicInfo,
1807 sizeof(ProcessBasicInfo),
1808 NULL);
1809
1810 if (!NT_SUCCESS(Status)) goto Error;
1811 Peb = ProcessBasicInfo.PebBaseAddress;
1812
1813 /* Now that we have the PEB, read the image base address out of it */
1814 Result = ReadProcessMemory(ProcessHandle,
1815 &Peb->ImageBaseAddress,
1816 &BaseAddress,
1817 sizeof(BaseAddress),
1818 NULL);
1819 if (!Result) goto Error;
1820
1821 /* Now read the e_lfanew (offset to NT header) from the base */
1822 DosHeader = BaseAddress;
1823 Result = ReadProcessMemory(ProcessHandle,
1824 &DosHeader->e_lfanew,
1825 &e_lfanew,
1826 sizeof(e_lfanew),
1827 NULL);
1828 if (!Result) goto Error;
1829
1830 /* And finally, read the NT header itself by adding the offset */
1831 NtHeader = (PVOID)((ULONG_PTR)BaseAddress + e_lfanew);
1832 Result = ReadProcessMemory(ProcessHandle,
1833 &NtHeader->OptionalHeader.MajorSubsystemVersion,
1834 &VersionData,
1835 sizeof(VersionData),
1836 NULL);
1837 if (!Result) goto Error;
1838
1839 /* Get the version straight out of the NT header */
1840 Version = MAKELONG(VersionData[0], VersionData[1]);
1841
1842 Error:
1843 /* If there was an error anywhere, set the last error */
1844 if (!NT_SUCCESS(Status)) BaseSetLastNTError(Status);
1845 }
1846 }
1847 _SEH2_FINALLY
1848 {
1849 /* Close the process handle */
1850 if (ProcessHandle) CloseHandle(ProcessHandle);
1851 }
1852 _SEH2_END;
1853
1854 /* And return the version data */
1855 return Version;
1856 }
1857
1858 /*
1859 * @implemented
1860 */
1861 BOOL
1862 WINAPI
1863 GetProcessIoCounters(IN HANDLE hProcess,
1864 OUT PIO_COUNTERS lpIoCounters)
1865 {
1866 NTSTATUS Status;
1867
1868 /* Query the kernel. Structures are identical, so let it do the copy too. */
1869 Status = NtQueryInformationProcess(hProcess,
1870 ProcessIoCounters,
1871 lpIoCounters,
1872 sizeof(IO_COUNTERS),
1873 NULL);
1874 if (!NT_SUCCESS(Status))
1875 {
1876 /* Handle error path */
1877 BaseSetLastNTError(Status);
1878 return FALSE;
1879 }
1880
1881 /* All done */
1882 return TRUE;
1883 }
1884
1885 /*
1886 * @implemented
1887 */
1888 BOOL
1889 WINAPI
1890 GetProcessPriorityBoost(IN HANDLE hProcess,
1891 OUT PBOOL pDisablePriorityBoost)
1892 {
1893 NTSTATUS Status;
1894 ULONG PriorityBoost;
1895
1896 /* Query the kernel */
1897 Status = NtQueryInformationProcess(hProcess,
1898 ProcessPriorityBoost,
1899 &PriorityBoost,
1900 sizeof(PriorityBoost),
1901 NULL);
1902 if (NT_SUCCESS(Status))
1903 {
1904 /* Convert from ULONG to a BOOL */
1905 *pDisablePriorityBoost = PriorityBoost ? TRUE : FALSE;
1906 return TRUE;
1907 }
1908
1909 /* Handle error path */
1910 BaseSetLastNTError(Status);
1911 return FALSE;
1912 }
1913
1914 /*
1915 * @implemented
1916 */
1917 BOOL
1918 WINAPI
1919 SetProcessPriorityBoost(IN HANDLE hProcess,
1920 IN BOOL bDisablePriorityBoost)
1921 {
1922 NTSTATUS Status;
1923 ULONG PriorityBoost;
1924
1925 /* Enforce that this is a BOOL, and send it to the kernel as a ULONG */
1926 PriorityBoost = (bDisablePriorityBoost ? TRUE : FALSE);
1927 Status = NtSetInformationProcess(hProcess,
1928 ProcessPriorityBoost,
1929 &PriorityBoost,
1930 sizeof(ULONG));
1931 if (!NT_SUCCESS(Status))
1932 {
1933 /* Handle error path */
1934 BaseSetLastNTError(Status);
1935 return FALSE;
1936 }
1937
1938 /* All done */
1939 return TRUE;
1940 }
1941
1942 /*
1943 * @implemented
1944 */
1945 BOOL
1946 WINAPI
1947 GetProcessHandleCount(IN HANDLE hProcess,
1948 OUT PDWORD pdwHandleCount)
1949 {
1950 ULONG phc;
1951 NTSTATUS Status;
1952
1953 /* Query the kernel */
1954 Status = NtQueryInformationProcess(hProcess,
1955 ProcessHandleCount,
1956 &phc,
1957 sizeof(phc),
1958 NULL);
1959 if (NT_SUCCESS(Status))
1960 {
1961 /* Copy the count and return success */
1962 *pdwHandleCount = phc;
1963 return TRUE;
1964 }
1965
1966 /* Handle error path */
1967 BaseSetLastNTError(Status);
1968 return FALSE;
1969 }
1970
1971 /*
1972 * @implemented
1973 */
1974 BOOL
1975 WINAPI
1976 IsWow64Process(IN HANDLE hProcess,
1977 OUT PBOOL Wow64Process)
1978 {
1979 ULONG_PTR pbi;
1980 NTSTATUS Status;
1981
1982 /* Query the kernel */
1983 Status = NtQueryInformationProcess(hProcess,
1984 ProcessWow64Information,
1985 &pbi,
1986 sizeof(pbi),
1987 NULL);
1988 if (!NT_SUCCESS(Status))
1989 {
1990 /* Handle error path */
1991 BaseSetLastNTError(Status);
1992 return FALSE;
1993 }
1994
1995 /* Enforce this is a BOOL, and return success */
1996 *Wow64Process = (pbi != 0);
1997 return TRUE;
1998 }
1999
2000 /*
2001 * @implemented
2002 */
2003 LPSTR
2004 WINAPI
2005 GetCommandLineA(VOID)
2006 {
2007 return BaseAnsiCommandLine.Buffer;
2008 }
2009
2010 /*
2011 * @implemented
2012 */
2013 LPWSTR
2014 WINAPI
2015 GetCommandLineW(VOID)
2016 {
2017 return BaseUnicodeCommandLine.Buffer;
2018 }
2019
2020 /*
2021 * @implemented
2022 */
2023 BOOL
2024 NTAPI
2025 ReadProcessMemory(IN HANDLE hProcess,
2026 IN LPCVOID lpBaseAddress,
2027 IN LPVOID lpBuffer,
2028 IN SIZE_T nSize,
2029 OUT SIZE_T* lpNumberOfBytesRead)
2030 {
2031 NTSTATUS Status;
2032
2033 /* Do the read */
2034 Status = NtReadVirtualMemory(hProcess,
2035 (PVOID)lpBaseAddress,
2036 lpBuffer,
2037 nSize,
2038 &nSize);
2039
2040 /* In user-mode, this parameter is optional */
2041 if (lpNumberOfBytesRead) *lpNumberOfBytesRead = nSize;
2042 if (!NT_SUCCESS(Status))
2043 {
2044 /* We failed */
2045 BaseSetLastNTError(Status);
2046 return FALSE;
2047 }
2048
2049 /* Return success */
2050 return TRUE;
2051 }
2052
2053 /*
2054 * @implemented
2055 */
2056 BOOL
2057 NTAPI
2058 WriteProcessMemory(IN HANDLE hProcess,
2059 IN LPVOID lpBaseAddress,
2060 IN LPCVOID lpBuffer,
2061 IN SIZE_T nSize,
2062 OUT SIZE_T *lpNumberOfBytesWritten)
2063 {
2064 NTSTATUS Status;
2065 ULONG OldValue;
2066 SIZE_T RegionSize;
2067 PVOID Base;
2068 BOOLEAN UnProtect;
2069
2070 /* Set parameters for protect call */
2071 RegionSize = nSize;
2072 Base = lpBaseAddress;
2073
2074 /* Check the current status */
2075 Status = NtProtectVirtualMemory(hProcess,
2076 &Base,
2077 &RegionSize,
2078 PAGE_EXECUTE_READWRITE,
2079 &OldValue);
2080 if (NT_SUCCESS(Status))
2081 {
2082 /* Check if we are unprotecting */
2083 UnProtect = OldValue & (PAGE_READWRITE |
2084 PAGE_WRITECOPY |
2085 PAGE_EXECUTE_READWRITE |
2086 PAGE_EXECUTE_WRITECOPY) ? FALSE : TRUE;
2087 if (!UnProtect)
2088 {
2089 /* Set the new protection */
2090 Status = NtProtectVirtualMemory(hProcess,
2091 &Base,
2092 &RegionSize,
2093 OldValue,
2094 &OldValue);
2095
2096 /* Write the memory */
2097 Status = NtWriteVirtualMemory(hProcess,
2098 lpBaseAddress,
2099 (LPVOID)lpBuffer,
2100 nSize,
2101 &nSize);
2102
2103 /* In Win32, the parameter is optional, so handle this case */
2104 if (lpNumberOfBytesWritten) *lpNumberOfBytesWritten = nSize;
2105
2106 if (!NT_SUCCESS(Status))
2107 {
2108 /* We failed */
2109 BaseSetLastNTError(Status);
2110 return FALSE;
2111 }
2112
2113 /* Flush the ITLB */
2114 NtFlushInstructionCache(hProcess, lpBaseAddress, nSize);
2115 return TRUE;
2116 }
2117 else
2118 {
2119 /* Check if we were read only */
2120 if (OldValue & (PAGE_NOACCESS | PAGE_READONLY))
2121 {
2122 /* Restore protection and fail */
2123 NtProtectVirtualMemory(hProcess,
2124 &Base,
2125 &RegionSize,
2126 OldValue,
2127 &OldValue);
2128 BaseSetLastNTError(STATUS_ACCESS_VIOLATION);
2129
2130 /* Note: This is what Windows returns and code depends on it */
2131 return STATUS_ACCESS_VIOLATION;
2132 }
2133
2134 /* Otherwise, do the write */
2135 Status = NtWriteVirtualMemory(hProcess,
2136 lpBaseAddress,
2137 (LPVOID)lpBuffer,
2138 nSize,
2139 &nSize);
2140
2141 /* In Win32, the parameter is optional, so handle this case */
2142 if (lpNumberOfBytesWritten) *lpNumberOfBytesWritten = nSize;
2143
2144 /* And restore the protection */
2145 NtProtectVirtualMemory(hProcess,
2146 &Base,
2147 &RegionSize,
2148 OldValue,
2149 &OldValue);
2150 if (!NT_SUCCESS(Status))
2151 {
2152 /* We failed */
2153 BaseSetLastNTError(STATUS_ACCESS_VIOLATION);
2154
2155 /* Note: This is what Windows returns and code depends on it */
2156 return STATUS_ACCESS_VIOLATION;
2157 }
2158
2159 /* Flush the ITLB */
2160 NtFlushInstructionCache(hProcess, lpBaseAddress, nSize);
2161 return TRUE;
2162 }
2163 }
2164 else
2165 {
2166 /* We failed */
2167 BaseSetLastNTError(Status);
2168 return FALSE;
2169 }
2170 }
2171
2172 /*
2173 * @implemented
2174 */
2175 BOOL
2176 WINAPI
2177 ProcessIdToSessionId(IN DWORD dwProcessId,
2178 OUT PDWORD pSessionId)
2179 {
2180 PROCESS_SESSION_INFORMATION SessionInformation;
2181 OBJECT_ATTRIBUTES ObjectAttributes;
2182 CLIENT_ID ClientId;
2183 HANDLE ProcessHandle;
2184 NTSTATUS Status;
2185
2186 /* Do a quick check if the pointer is not writable */
2187 if (IsBadWritePtr(pSessionId, sizeof(DWORD)))
2188 {
2189 /* Fail fast */
2190 SetLastError(ERROR_INVALID_PARAMETER);
2191 return FALSE;
2192 }
2193
2194 /* Open the process passed in by ID */
2195 ClientId.UniqueProcess = UlongToHandle(dwProcessId);
2196 ClientId.UniqueThread = 0;
2197 InitializeObjectAttributes(&ObjectAttributes, NULL, 0, NULL, NULL);
2198 Status = NtOpenProcess(&ProcessHandle,
2199 PROCESS_QUERY_INFORMATION,
2200 &ObjectAttributes,
2201 &ClientId);
2202 if (NT_SUCCESS(Status))
2203 {
2204 /* Query the session ID from the kernel */
2205 Status = NtQueryInformationProcess(ProcessHandle,
2206 ProcessSessionInformation,
2207 &SessionInformation,
2208 sizeof(SessionInformation),
2209 NULL);
2210
2211 /* Close the handle and check if we succeeded */
2212 NtClose(ProcessHandle);
2213 if (NT_SUCCESS(Status))
2214 {
2215 /* Return the session ID */
2216 *pSessionId = SessionInformation.SessionId;
2217 return TRUE;
2218 }
2219 }
2220
2221 /* Set error code and fail */
2222 BaseSetLastNTError(Status);
2223 return FALSE;
2224 }
2225
2226
2227 #define AddToHandle(x,y) (x) = (HANDLE)((ULONG_PTR)(x) | (y));
2228 #define RemoveFromHandle(x,y) (x) = (HANDLE)((ULONG_PTR)(x) & ~(y));
2229 C_ASSERT(PROCESS_PRIORITY_CLASS_REALTIME == (PROCESS_PRIORITY_CLASS_HIGH + 1));
2230
2231 /*
2232 * @implemented
2233 */
2234 BOOL
2235 WINAPI
2236 CreateProcessInternalW(IN HANDLE hUserToken,
2237 IN LPCWSTR lpApplicationName,
2238 IN LPWSTR lpCommandLine,
2239 IN LPSECURITY_ATTRIBUTES lpProcessAttributes,
2240 IN LPSECURITY_ATTRIBUTES lpThreadAttributes,
2241 IN BOOL bInheritHandles,
2242 IN DWORD dwCreationFlags,
2243 IN LPVOID lpEnvironment,
2244 IN LPCWSTR lpCurrentDirectory,
2245 IN LPSTARTUPINFOW lpStartupInfo,
2246 IN LPPROCESS_INFORMATION lpProcessInformation,
2247 OUT PHANDLE hNewToken)
2248 {
2249 //
2250 // Core variables used for creating the initial process and thread
2251 //
2252 SECURITY_ATTRIBUTES LocalThreadAttributes, LocalProcessAttributes;
2253 OBJECT_ATTRIBUTES LocalObjectAttributes;
2254 POBJECT_ATTRIBUTES ObjectAttributes;
2255 SECTION_IMAGE_INFORMATION ImageInformation;
2256 IO_STATUS_BLOCK IoStatusBlock;
2257 CLIENT_ID ClientId;
2258 ULONG NoWindow, StackSize, ErrorCode, Flags;
2259 SIZE_T RegionSize;
2260 USHORT ImageMachine;
2261 ULONG ParameterFlags, PrivilegeValue, HardErrorMode, ErrorResponse;
2262 ULONG_PTR ErrorParameters[2];
2263 BOOLEAN InJob, SaferNeeded, UseLargePages, HavePrivilege;
2264 BOOLEAN QuerySection, SkipSaferAndAppCompat;
2265 CONTEXT Context;
2266 BASE_API_MESSAGE CsrMsg[2];
2267 PBASE_CREATE_PROCESS CreateProcessMsg;
2268 PCSR_CAPTURE_BUFFER CaptureBuffer;
2269 PVOID BaseAddress, PrivilegeState, RealTimePrivilegeState;
2270 HANDLE DebugHandle, TokenHandle, JobHandle, KeyHandle, ThreadHandle;
2271 HANDLE FileHandle, SectionHandle, ProcessHandle;
2272 ULONG ResumeCount;
2273 PROCESS_PRIORITY_CLASS PriorityClass;
2274 NTSTATUS Status, AppCompatStatus, SaferStatus, IFEOStatus, ImageDbgStatus;
2275 PPEB Peb, RemotePeb;
2276 PTEB Teb;
2277 INITIAL_TEB InitialTeb;
2278 PVOID TibValue;
2279 PIMAGE_NT_HEADERS NtHeaders;
2280 STARTUPINFOW StartupInfo;
2281 PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
2282 UNICODE_STRING DebuggerString;
2283 BOOL Result;
2284 //
2285 // Variables used for command-line and argument parsing
2286 //
2287 PCHAR pcScan;
2288 SIZE_T n;
2289 WCHAR SaveChar;
2290 ULONG Length, FileAttribs, CmdQuoteLength;
2291 ULONG ResultSize;
2292 SIZE_T EnvironmentLength, CmdLineLength;
2293 PWCHAR QuotedCmdLine, AnsiCmdCommand, ExtBuffer, CurrentDirectory;
2294 PWCHAR NullBuffer, ScanString, NameBuffer, SearchPath, DebuggerCmdLine;
2295 ANSI_STRING AnsiEnv;
2296 UNICODE_STRING UnicodeEnv, PathName;
2297 BOOLEAN SearchRetry, QuotesNeeded, CmdLineIsAppName, HasQuotes;
2298
2299 //
2300 // Variables used for Fusion/SxS (Side-by-Side Assemblies)
2301 //
2302 RTL_PATH_TYPE SxsPathType, PathType;
2303 #if _SXS_SUPPORT_ENABLED_
2304 PRTL_BUFFER ByteBuffer;
2305 PRTL_UNICODE_STRING_BUFFER ThisBuffer, Buffer, SxsStaticBuffers[5];
2306 PRTL_UNICODE_STRING_BUFFER* BufferHead, SxsStringBuffer;
2307 RTL_UNICODE_STRING_BUFFER SxsWin32ManifestPath, SxsNtManifestPath;
2308 RTL_UNICODE_STRING_BUFFER SxsWin32PolicyPath, SxsNtPolicyPath;
2309 RTL_UNICODE_STRING_BUFFER SxsWin32AssemblyDirectory;
2310 BASE_MSG_SXS_HANDLES MappedHandles, Handles, FileHandles;
2311 PVOID CapturedStrings[3];
2312 SXS_WIN32_NT_PATH_PAIR ExePathPair, ManifestPathPair, PolicyPathPair;
2313 SXS_OVERRIDE_MANIFEST OverrideManifest;
2314 UNICODE_STRING FreeString, SxsNtExePath;
2315 PWCHAR SxsConglomeratedBuffer, StaticBuffer;
2316 ULONG ConglomeratedBufferSizeBytes, StaticBufferSize, i;
2317 #endif
2318 ULONG FusionFlags;
2319
2320 //
2321 // Variables used for path conversion (and partially Fusion/SxS)
2322 //
2323 PWCHAR FilePart, PathBuffer, FreeBuffer;
2324 BOOLEAN TranslationStatus;
2325 RTL_RELATIVE_NAME_U SxsWin32RelativePath;
2326 UNICODE_STRING PathBufferString, SxsWin32ExePath;
2327
2328 //
2329 // Variables used by Application Compatibility (and partially Fusion/SxS)
2330 //
2331 PVOID AppCompatSxsData, AppCompatData;
2332 ULONG AppCompatSxsDataSize, AppCompatDataSize;
2333 //
2334 // Variables used by VDM (Virtual Dos Machine) and WOW32 (16-bit Support)
2335 //
2336 ULONG BinarySubType, VdmBinaryType, VdmTask, VdmReserve;
2337 ULONG VdmUndoLevel;
2338 BOOLEAN UseVdmReserve;
2339 HANDLE VdmWaitObject;
2340 ANSI_STRING VdmAnsiEnv;
2341 UNICODE_STRING VdmString, VdmUnicodeEnv;
2342 BOOLEAN IsWowApp;
2343 PBASE_CHECK_VDM CheckVdmMsg;
2344
2345 /* Zero out the initial core variables and handles */
2346 QuerySection = FALSE;
2347 InJob = FALSE;
2348 SkipSaferAndAppCompat = FALSE;
2349 ParameterFlags = 0;
2350 Flags = 0;
2351 DebugHandle = NULL;
2352 JobHandle = NULL;
2353 TokenHandle = NULL;
2354 FileHandle = NULL;
2355 SectionHandle = NULL;
2356 ProcessHandle = NULL;
2357 ThreadHandle = NULL;
2358 BaseAddress = (PVOID)1;
2359
2360 /* Zero out initial SxS and Application Compatibility state */
2361 AppCompatData = NULL;
2362 AppCompatDataSize = 0;
2363 AppCompatSxsData = NULL;
2364 AppCompatSxsDataSize = 0;
2365 CaptureBuffer = NULL;
2366 #if _SXS_SUPPORT_ENABLED_
2367 SxsConglomeratedBuffer = NULL;
2368 #endif
2369 FusionFlags = 0;
2370
2371 /* Zero out initial parsing variables -- others are initialized later */
2372 DebuggerCmdLine = NULL;
2373 PathBuffer = NULL;
2374 SearchPath = NULL;
2375 NullBuffer = NULL;
2376 FreeBuffer = NULL;
2377 NameBuffer = NULL;
2378 CurrentDirectory = NULL;
2379 FilePart = NULL;
2380 DebuggerString.Buffer = NULL;
2381 HasQuotes = FALSE;
2382 QuotedCmdLine = NULL;
2383
2384 /* Zero out initial VDM state */
2385 VdmAnsiEnv.Buffer = NULL;
2386 VdmUnicodeEnv.Buffer = NULL;
2387 VdmString.Buffer = NULL;
2388 VdmTask = 0;
2389 VdmUndoLevel = 0;
2390 VdmBinaryType = 0;
2391 VdmReserve = 0;
2392 VdmWaitObject = NULL;
2393 UseVdmReserve = FALSE;
2394 IsWowApp = FALSE;
2395
2396 /* Set message structures */
2397 CreateProcessMsg = &CsrMsg[0].Data.CreateProcessRequest;
2398 CheckVdmMsg = &CsrMsg[1].Data.CheckVDMRequest;
2399
2400 /* Clear the more complex structures by zeroing out their entire memory */
2401 RtlZeroMemory(&Context, sizeof(Context));
2402 #if _SXS_SUPPORT_ENABLED_
2403 RtlZeroMemory(&FileHandles, sizeof(FileHandles));
2404 RtlZeroMemory(&MappedHandles, sizeof(MappedHandles));
2405 RtlZeroMemory(&Handles, sizeof(Handles));
2406 #endif
2407 RtlZeroMemory(&CreateProcessMsg->Sxs, sizeof(CreateProcessMsg->Sxs));
2408 RtlZeroMemory(&LocalProcessAttributes, sizeof(LocalProcessAttributes));
2409 RtlZeroMemory(&LocalThreadAttributes, sizeof(LocalThreadAttributes));
2410
2411 /* Zero out output arguments as well */
2412 RtlZeroMemory(lpProcessInformation, sizeof(*lpProcessInformation));
2413 if (hNewToken) *hNewToken = NULL;
2414
2415 /* Capture the special window flag */
2416 NoWindow = dwCreationFlags & CREATE_NO_WINDOW;
2417 dwCreationFlags &= ~CREATE_NO_WINDOW;
2418
2419 #if _SXS_SUPPORT_ENABLED_
2420 /* Setup the SxS static string arrays and buffers */
2421 SxsStaticBuffers[0] = &SxsWin32ManifestPath;
2422 SxsStaticBuffers[1] = &SxsWin32PolicyPath;
2423 SxsStaticBuffers[2] = &SxsWin32AssemblyDirectory;
2424 SxsStaticBuffers[3] = &SxsNtManifestPath;
2425 SxsStaticBuffers[4] = &SxsNtPolicyPath;
2426 ExePathPair.Win32 = &SxsWin32ExePath;
2427 ExePathPair.Nt = &SxsNtExePath;
2428 ManifestPathPair.Win32 = &SxsWin32ManifestPath.String;
2429 ManifestPathPair.Nt = &SxsNtManifestPath.String;
2430 PolicyPathPair.Win32 = &SxsWin32PolicyPath.String;
2431 PolicyPathPair.Nt = &SxsNtPolicyPath.String;
2432 #endif
2433
2434 DPRINT("CreateProcessInternalW: '%S' '%S' %lx\n", lpApplicationName, lpCommandLine, dwCreationFlags);
2435
2436 /* Finally, set our TEB and PEB */
2437 Teb = NtCurrentTeb();
2438 Peb = NtCurrentPeb();
2439
2440 /* This combination is illegal (see MSDN) */
2441 if ((dwCreationFlags & (DETACHED_PROCESS | CREATE_NEW_CONSOLE)) ==
2442 (DETACHED_PROCESS | CREATE_NEW_CONSOLE))
2443 {
2444 DPRINT1("Invalid flag combo used\n");
2445 SetLastError(ERROR_INVALID_PARAMETER);
2446 return FALSE;
2447 }
2448
2449 /* Convert the priority class */
2450 if (dwCreationFlags & IDLE_PRIORITY_CLASS)
2451 {
2452 PriorityClass.PriorityClass = PROCESS_PRIORITY_CLASS_IDLE;
2453 }
2454 else if (dwCreationFlags & BELOW_NORMAL_PRIORITY_CLASS)
2455 {
2456 PriorityClass.PriorityClass = PROCESS_PRIORITY_CLASS_BELOW_NORMAL;
2457 }
2458 else if (dwCreationFlags & NORMAL_PRIORITY_CLASS)
2459 {
2460 PriorityClass.PriorityClass = PROCESS_PRIORITY_CLASS_NORMAL;
2461 }
2462 else if (dwCreationFlags & ABOVE_NORMAL_PRIORITY_CLASS)
2463 {
2464 PriorityClass.PriorityClass = PROCESS_PRIORITY_CLASS_ABOVE_NORMAL;
2465 }
2466 else if (dwCreationFlags & HIGH_PRIORITY_CLASS)
2467 {
2468 PriorityClass.PriorityClass = PROCESS_PRIORITY_CLASS_HIGH;
2469 }
2470 else if (dwCreationFlags & REALTIME_PRIORITY_CLASS)
2471 {
2472 PriorityClass.PriorityClass = PROCESS_PRIORITY_CLASS_HIGH;
2473 PriorityClass.PriorityClass += (BasepIsRealtimeAllowed(FALSE) != NULL);
2474 }
2475 else
2476 {
2477 PriorityClass.PriorityClass = PROCESS_PRIORITY_CLASS_INVALID;
2478 }
2479
2480 /* Done with the priority masks, so get rid of them */
2481 PriorityClass.Foreground = FALSE;
2482 dwCreationFlags &= ~(NORMAL_PRIORITY_CLASS |
2483 IDLE_PRIORITY_CLASS |
2484 HIGH_PRIORITY_CLASS |
2485 REALTIME_PRIORITY_CLASS |
2486 BELOW_NORMAL_PRIORITY_CLASS |
2487 ABOVE_NORMAL_PRIORITY_CLASS);
2488
2489 /* You cannot request both a shared and a separate WoW VDM */
2490 if ((dwCreationFlags & CREATE_SEPARATE_WOW_VDM) &&
2491 (dwCreationFlags & CREATE_SHARED_WOW_VDM))
2492 {
2493 /* Fail such nonsensical attempts */
2494 DPRINT1("Invalid WOW flags\n");
2495 SetLastError(ERROR_INVALID_PARAMETER);
2496 return FALSE;
2497 }
2498 else if (!(dwCreationFlags & CREATE_SHARED_WOW_VDM) &&
2499 (BaseStaticServerData->DefaultSeparateVDM))
2500 {
2501 /* A shared WoW VDM was not requested but system enforces separation */
2502 dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
2503 }
2504
2505 /* If a shared WoW VDM is used, make sure the process isn't in a job */
2506 if (!(dwCreationFlags & CREATE_SEPARATE_WOW_VDM) &&
2507 (NtIsProcessInJob(NtCurrentProcess(), NULL)))
2508 {
2509 /* Remove the shared flag and add the separate flag */
2510 dwCreationFlags = (dwCreationFlags &~ CREATE_SHARED_WOW_VDM) |
2511 CREATE_SEPARATE_WOW_VDM;
2512 }
2513
2514 /* Convert the environment */
2515 if ((lpEnvironment) && !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT))
2516 {
2517 /* Scan the environment to calculate its Unicode size */
2518 AnsiEnv.Buffer = pcScan = (PCHAR)lpEnvironment;
2519 while ((*pcScan) || (*(pcScan + 1))) ++pcScan;
2520
2521 /* Make sure the environment is not too large */
2522 EnvironmentLength = (pcScan + sizeof(ANSI_NULL) - (PCHAR)lpEnvironment);
2523 if (EnvironmentLength > MAXUSHORT)
2524 {
2525 /* Fail */
2526 SetLastError(ERROR_INVALID_PARAMETER);
2527 return FALSE;
2528 }
2529
2530 /* Create our ANSI String */
2531 AnsiEnv.Length = (USHORT)EnvironmentLength;
2532 AnsiEnv.MaximumLength = AnsiEnv.Length + sizeof(ANSI_NULL);
2533
2534 /* Allocate memory for the Unicode Environment */
2535 UnicodeEnv.Buffer = NULL;
2536 RegionSize = AnsiEnv.MaximumLength * sizeof(WCHAR);
2537 Status = NtAllocateVirtualMemory(NtCurrentProcess(),
2538 (PVOID)&UnicodeEnv.Buffer,
2539 0,
2540 &RegionSize,
2541 MEM_COMMIT,
2542 PAGE_READWRITE);
2543 if (!NT_SUCCESS(Status))
2544 {
2545 /* Fail */
2546 BaseSetLastNTError(Status);
2547 return FALSE;
2548 }
2549
2550 /* Use the allocated size and convert */
2551 UnicodeEnv.MaximumLength = (USHORT)RegionSize;
2552 Status = RtlAnsiStringToUnicodeString(&UnicodeEnv, &AnsiEnv, FALSE);
2553 if (!NT_SUCCESS(Status))
2554 {
2555 /* Fail */
2556 NtFreeVirtualMemory(NtCurrentProcess(),
2557 (PVOID)&UnicodeEnv.Buffer,
2558 &RegionSize,
2559 MEM_RELEASE);
2560 BaseSetLastNTError(Status);
2561 return FALSE;
2562 }
2563
2564 /* Now set the Unicode environment as the environment string pointer */
2565 lpEnvironment = UnicodeEnv.Buffer;
2566 }
2567
2568 /* Make a copy of the caller's startup info since we'll modify it */
2569 StartupInfo = *lpStartupInfo;
2570
2571 /* Check if private data is being sent on the same channel as std handles */
2572 if ((StartupInfo.dwFlags & STARTF_USESTDHANDLES) &&
2573 (StartupInfo.dwFlags & (STARTF_USEHOTKEY | STARTF_SHELLPRIVATE)))
2574 {
2575 /* Cannot use the std handles since we have monitor/hotkey values */
2576 StartupInfo.dwFlags &= ~STARTF_USESTDHANDLES;
2577 }
2578
2579 /* If there's a debugger, or we have to launch cmd.exe, we go back here */
2580 AppNameRetry:
2581 /* New iteration -- free any existing name buffer */
2582 if (NameBuffer)
2583 {
2584 RtlFreeHeap(RtlGetProcessHeap(), 0, NameBuffer);
2585 NameBuffer = NULL;
2586 }
2587
2588 /* New iteration -- free any existing free buffer */
2589 if (FreeBuffer)
2590 {
2591 RtlFreeHeap(RtlGetProcessHeap(), 0, FreeBuffer);
2592 FreeBuffer = NULL;
2593 }
2594
2595 /* New iteration -- close any existing file handle */
2596 if (FileHandle)
2597 {
2598 NtClose(FileHandle);
2599 FileHandle = NULL;
2600 }
2601
2602 /* Set the initial parsing state. This code can loop -- don't move this! */
2603 ErrorCode = 0;
2604 SearchRetry = TRUE;
2605 QuotesNeeded = FALSE;
2606 CmdLineIsAppName = FALSE;
2607
2608 /* First check if we don't have an application name */
2609 if (!lpApplicationName)
2610 {
2611 /* This should be the first time we attempt creating one */
2612 ASSERT(NameBuffer == NULL);
2613
2614 /* Allocate a buffer to hold it */
2615 NameBuffer = RtlAllocateHeap(RtlGetProcessHeap(),
2616 0,
2617 MAX_PATH * sizeof(WCHAR));
2618 if (!NameBuffer)
2619 {
2620 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
2621 Result = FALSE;
2622 goto Quickie;
2623 }
2624
2625 /* Initialize the application name and our parsing parameters */
2626 lpApplicationName = NullBuffer = ScanString = lpCommandLine;
2627
2628 /* Check for an initial quote*/
2629 if (*lpCommandLine == L'\"')
2630 {
2631 /* We found a quote, keep searching for another one */
2632 SearchRetry = FALSE;
2633 ScanString++;
2634 lpApplicationName = ScanString;
2635 while (*ScanString)
2636 {
2637 /* Have we found the terminating quote? */
2638 if (*ScanString == L'\"')
2639 {
2640 /* We're done, get out of here */
2641 NullBuffer = ScanString;
2642 HasQuotes = TRUE;
2643 break;
2644 }
2645
2646 /* Keep searching for the quote */
2647 ScanString++;
2648 NullBuffer = ScanString;
2649 }
2650 }
2651 else
2652 {
2653 StartScan:
2654 /* We simply make the application name be the command line*/
2655 lpApplicationName = lpCommandLine;
2656 while (*ScanString)
2657 {
2658 /* Check if it starts with a space or tab */
2659 if ((*ScanString == L' ') || (*ScanString == L'\t'))
2660 {
2661 /* Break out of the search loop */
2662 NullBuffer = ScanString;
2663 break;
2664 }
2665
2666 /* Keep searching for a space or tab */
2667 ScanString++;
2668 NullBuffer = ScanString;
2669 }
2670 }
2671
2672 /* We have found the end of the application name, terminate it */
2673 SaveChar = *NullBuffer;
2674 *NullBuffer = UNICODE_NULL;
2675
2676 /* New iteration -- free any existing saved path */
2677 if (SearchPath)
2678 {
2679 RtlFreeHeap(RtlGetProcessHeap(), 0, SearchPath);
2680 SearchPath = NULL;
2681 }
2682
2683 /* Now compute the final EXE path based on the name */
2684 SearchPath = BaseComputeProcessExePath((LPWSTR)lpApplicationName);
2685 DPRINT("Search Path: %S\n", SearchPath);
2686 if (!SearchPath)
2687 {
2688 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
2689 Result = FALSE;
2690 goto Quickie;
2691 }
2692
2693 /* And search for the executable in the search path */
2694 Length = SearchPathW(SearchPath,
2695 lpApplicationName,
2696 L".exe",
2697 MAX_PATH,
2698 NameBuffer,
2699 NULL);
2700
2701 /* Did we find it? */
2702 if ((Length) && (Length < MAX_PATH))
2703 {
2704 /* Get file attributes */
2705 FileAttribs = GetFileAttributesW(NameBuffer);
2706 if ((FileAttribs != INVALID_FILE_ATTRIBUTES) &&
2707 (FileAttribs & FILE_ATTRIBUTE_DIRECTORY))
2708 {
2709 /* This was a directory, fail later on */
2710 Length = 0;
2711 }
2712 else
2713 {
2714 /* It's a file! */
2715 Length++;
2716 }
2717 }
2718
2719 DPRINT("Length: %lu Buffer: %S\n", Length, NameBuffer);
2720
2721 /* Check if there was a failure in SearchPathW */
2722 if ((Length) && (Length < MAX_PATH))
2723 {
2724 /* Everything looks good, restore the name */
2725 *NullBuffer = SaveChar;
2726 lpApplicationName = NameBuffer;
2727 }
2728 else
2729 {
2730 /* Check if this was a relative path, which would explain it */
2731 PathType = RtlDetermineDosPathNameType_U(lpApplicationName);
2732 if (PathType != RtlPathTypeRelative)
2733 {
2734 /* This should fail, and give us a detailed LastError */
2735 FileHandle = CreateFileW(lpApplicationName,
2736 GENERIC_READ,
2737 FILE_SHARE_READ |
2738 FILE_SHARE_WRITE,
2739 NULL,
2740 OPEN_EXISTING,
2741 FILE_ATTRIBUTE_NORMAL,
2742 NULL);
2743 if (FileHandle != INVALID_HANDLE_VALUE)
2744 {
2745 /* It worked? Return a generic error */
2746 CloseHandle(FileHandle);
2747 FileHandle = NULL;
2748 BaseSetLastNTError(STATUS_OBJECT_NAME_NOT_FOUND);
2749 }
2750 }
2751 else
2752 {
2753 /* Path was absolute, which means it doesn't exist */
2754 BaseSetLastNTError(STATUS_OBJECT_NAME_NOT_FOUND);
2755 }
2756
2757 /* Did we already fail once? */
2758 if (ErrorCode)
2759 {
2760 /* Set the error code */
2761 SetLastError(ErrorCode);
2762 }
2763 else
2764 {
2765 /* Not yet, cache it */
2766 ErrorCode = GetLastError();
2767 }
2768
2769 /* Put back the command line */
2770 *NullBuffer = SaveChar;
2771 lpApplicationName = NameBuffer;
2772
2773 /* It's possible there's whitespace in the directory name */
2774 if (!(*ScanString) || !(SearchRetry))
2775 {
2776 /* Not the case, give up completely */
2777 Result = FALSE;
2778 goto Quickie;
2779 }
2780
2781 /* There are spaces, so keep trying the next possibility */
2782 ScanString++;
2783 NullBuffer = ScanString;
2784
2785 /* We will have to add a quote, since there is a space */
2786 QuotesNeeded = TRUE;
2787 HasQuotes = TRUE;
2788 goto StartScan;
2789 }
2790 }
2791 else if (!(lpCommandLine) || !(*lpCommandLine))
2792 {
2793 /* We don't have a command line, so just use the application name */
2794 CmdLineIsAppName = TRUE;
2795 lpCommandLine = (LPWSTR)lpApplicationName;
2796 }
2797
2798 /* Convert the application name to its NT path */
2799 TranslationStatus = RtlDosPathNameToRelativeNtPathName_U(lpApplicationName,
2800 &PathName,
2801 NULL,
2802 &SxsWin32RelativePath);
2803 if (!TranslationStatus)
2804 {
2805 /* Path must be invalid somehow, bail out */
2806 DPRINT1("Path translation for SxS failed\n");
2807 SetLastError(ERROR_PATH_NOT_FOUND);
2808 Result = FALSE;
2809 goto Quickie;
2810 }
2811
2812 /* Setup the buffer that needs to be freed at the end */
2813 ASSERT(FreeBuffer == NULL);
2814 FreeBuffer = PathName.Buffer;
2815
2816 /* Check what kind of path the application is, for SxS (Fusion) purposes */
2817 RtlInitUnicodeString(&SxsWin32ExePath, lpApplicationName);
2818 SxsPathType = RtlDetermineDosPathNameType_U(lpApplicationName);
2819 if ((SxsPathType != RtlPathTypeDriveAbsolute) &&
2820 (SxsPathType != RtlPathTypeLocalDevice) &&
2821 (SxsPathType != RtlPathTypeRootLocalDevice) &&
2822 (SxsPathType != RtlPathTypeUncAbsolute))
2823 {
2824 /* Relative-type path, get the full path */
2825 RtlInitEmptyUnicodeString(&PathBufferString, NULL, 0);
2826 Status = RtlGetFullPathName_UstrEx(&SxsWin32ExePath,
2827 NULL,
2828 &PathBufferString,
2829 NULL,
2830 NULL,
2831 NULL,
2832 &SxsPathType,
2833 NULL);
2834 if (!NT_SUCCESS(Status))
2835 {
2836 /* Fail the rest of the create */
2837 RtlReleaseRelativeName(&SxsWin32RelativePath);
2838 BaseSetLastNTError(Status);
2839 Result = FALSE;
2840 goto Quickie;
2841 }
2842
2843 /* Use this full path as the SxS path */
2844 SxsWin32ExePath = PathBufferString;
2845 PathBuffer = PathBufferString.Buffer;
2846 PathBufferString.Buffer = NULL;
2847 DPRINT("SxS Path: %S\n", PathBuffer);
2848 }
2849
2850 /* Also set the .EXE path based on the path name */
2851 #if _SXS_SUPPORT_ENABLED_
2852 SxsNtExePath = PathName;
2853 #endif
2854 if (SxsWin32RelativePath.RelativeName.Length)
2855 {
2856 /* If it's relative, capture the relative name */
2857 PathName = SxsWin32RelativePath.RelativeName;
2858 }
2859 else
2860 {
2861 /* Otherwise, it's absolute, make sure no relative dir is used */
2862 SxsWin32RelativePath.ContainingDirectory = NULL;
2863 }
2864
2865 /* Now use the path name, and the root path, to try opening the app */
2866 DPRINT("Path: %wZ. Dir: %p\n", &PathName, SxsWin32RelativePath.ContainingDirectory);
2867 InitializeObjectAttributes(&LocalObjectAttributes,
2868 &PathName,
2869 OBJ_CASE_INSENSITIVE,
2870 SxsWin32RelativePath.ContainingDirectory,
2871 NULL);
2872 Status = NtOpenFile(&FileHandle,
2873 SYNCHRONIZE |
2874 FILE_READ_ATTRIBUTES |
2875 FILE_READ_DATA |
2876 FILE_EXECUTE,
2877 &LocalObjectAttributes,
2878 &IoStatusBlock,
2879 FILE_SHARE_READ | FILE_SHARE_DELETE,
2880 FILE_SYNCHRONOUS_IO_NONALERT |
2881 FILE_NON_DIRECTORY_FILE);
2882 if (!NT_SUCCESS(Status))
2883 {
2884 /* Try to open the app just for execute purposes instead */
2885 Status = NtOpenFile(&FileHandle,
2886 SYNCHRONIZE | FILE_EXECUTE,
2887 &LocalObjectAttributes,
2888 &IoStatusBlock,
2889 FILE_SHARE_READ | FILE_SHARE_DELETE,
2890 FILE_SYNCHRONOUS_IO_NONALERT |
2891 FILE_NON_DIRECTORY_FILE);
2892 }
2893
2894 /* Failure path, display which file failed to open */
2895 if (!NT_SUCCESS(Status))
2896 DPRINT1("Open file failed: %lx (%wZ)\n", Status, &PathName);
2897
2898 /* Cleanup in preparation for failure or success */
2899 RtlReleaseRelativeName(&SxsWin32RelativePath);
2900
2901 if (!NT_SUCCESS(Status))
2902 {
2903 /* Failure path, try to understand why */
2904 if (RtlIsDosDeviceName_U(lpApplicationName))
2905 {
2906 /* If a device is being executed, return this special error code */
2907 SetLastError(ERROR_BAD_DEVICE);
2908 Result = FALSE;
2909 goto Quickie;
2910 }
2911 else
2912 {
2913 /* Otherwise return the converted NT error code */
2914 BaseSetLastNTError(Status);
2915 Result = FALSE;
2916 goto Quickie;
2917 }
2918 }
2919
2920 /* Did the caller specify a desktop? */
2921 if (!StartupInfo.lpDesktop)
2922 {
2923 /* Use the one from the current process */
2924 StartupInfo.lpDesktop = Peb->ProcessParameters->DesktopInfo.Buffer;
2925 }
2926
2927 /* Create a section for this file */
2928 Status = NtCreateSection(&SectionHandle,
2929 SECTION_ALL_ACCESS,
2930 NULL,
2931 NULL,
2932 PAGE_EXECUTE,
2933 SEC_IMAGE,
2934 FileHandle);
2935 DPRINT("Section status: %lx\n", Status);
2936 if (NT_SUCCESS(Status))
2937 {
2938 /* Are we running on Windows Embedded, Datacenter, Blade or Starter? */
2939 if (SharedUserData->SuiteMask & (VER_SUITE_EMBEDDEDNT |
2940 VER_SUITE_DATACENTER |
2941 VER_SUITE_PERSONAL |
2942 VER_SUITE_BLADE))
2943 {
2944 /* These SKUs do not allow running certain applications */
2945 Status = BasepCheckWebBladeHashes(FileHandle);
2946 if (Status == STATUS_ACCESS_DENIED)
2947 {
2948 /* And this is one of them! */
2949 DPRINT1("Invalid Blade hashes!\n");
2950 SetLastError(ERROR_ACCESS_DISABLED_WEBBLADE);
2951 Result = FALSE;
2952 goto Quickie;
2953 }
2954
2955 /* Did we get some other failure? */
2956 if (!NT_SUCCESS(Status))
2957 {
2958 /* If we couldn't check the hashes, assume nefariousness */
2959 DPRINT1("Tampered Blade hashes!\n");
2960 SetLastError(ERROR_ACCESS_DISABLED_WEBBLADE_TAMPER);
2961 Result = FALSE;
2962 goto Quickie;
2963 }
2964 }
2965
2966 /* Now do Winsafer, etc, checks */
2967 Status = BasepIsProcessAllowed((LPWSTR)lpApplicationName);
2968 if (!NT_SUCCESS(Status))
2969 {
2970 /* Fail if we're not allowed to launch the process */
2971 DPRINT1("Process not allowed to launch: %lx\n", Status);
2972 BaseSetLastNTError(Status);
2973 if (SectionHandle)
2974 {
2975 NtClose(SectionHandle);
2976 SectionHandle = NULL;
2977 }
2978 Result = FALSE;
2979 goto Quickie;
2980 }
2981
2982 /* Is a DOS VDM being forced, but we already have a WOW32 instance ready? */
2983 if ((dwCreationFlags & CREATE_FORCEDOS) &&
2984 (BaseStaticServerData->IsWowTaskReady))
2985 {
2986 /* This request can't be satisfied, instead, a separate VDM is needed */
2987 dwCreationFlags &= ~(CREATE_FORCEDOS | CREATE_SHARED_WOW_VDM);
2988 dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
2989
2990 /* Set a failure code, ask for VDM reservation */
2991 Status = STATUS_INVALID_IMAGE_WIN_16;
2992 UseVdmReserve = TRUE;
2993
2994 /* Close the current handle */
2995 NtClose(SectionHandle);
2996 SectionHandle = NULL;
2997
2998 /* Don't query the section later */
2999 QuerySection = FALSE;
3000 }
3001 }
3002
3003 /* Did we already do these checks? */
3004 if (!SkipSaferAndAppCompat)
3005 {
3006 /* Is everything OK so far, OR do we have an non-MZ, non-DOS app? */
3007 if ((NT_SUCCESS(Status)) ||
3008 ((Status == STATUS_INVALID_IMAGE_NOT_MZ) &&
3009 !(BaseIsDosApplication(&PathName, Status))))
3010 {
3011 /* Clear the machine type in case of failure */
3012 ImageMachine = 0;
3013
3014 /* Clean any app compat data that may have accumulated */
3015 BasepFreeAppCompatData(AppCompatData, AppCompatSxsData);
3016 AppCompatData = NULL;
3017 AppCompatSxsData = NULL;
3018
3019 /* Do we have a section? */
3020 if (SectionHandle)
3021 {
3022 /* Have we already queried it? */
3023 if (QuerySection)
3024 {
3025 /* Nothing to do */
3026 AppCompatStatus = STATUS_SUCCESS;
3027 }
3028 else
3029 {
3030 /* Get some information about the executable */
3031 AppCompatStatus = NtQuerySection(SectionHandle,
3032 SectionImageInformation,
3033 &ImageInformation,
3034 sizeof(ImageInformation),
3035 NULL);
3036 }
3037
3038 /* Do we have section information now? */
3039 if (NT_SUCCESS(AppCompatStatus))
3040 {
3041 /* Don't ask for it again, save the machine type */
3042 QuerySection = TRUE;
3043 ImageMachine = ImageInformation.Machine;
3044 }
3045 }
3046
3047 /* Is there a reason/Shim we shouldn't run this application? */
3048 AppCompatStatus = BasepCheckBadapp(FileHandle,
3049 FreeBuffer,
3050 lpEnvironment,
3051 ImageMachine,
3052 &AppCompatData,
3053 &AppCompatDataSize,
3054 &AppCompatSxsData,
3055 &AppCompatSxsDataSize,
3056 &FusionFlags);
3057 if (!NT_SUCCESS(AppCompatStatus))
3058 {
3059 /* This is usually the status we get back */
3060 DPRINT1("App compat launch failure: %lx\n", AppCompatStatus);
3061 if (AppCompatStatus == STATUS_ACCESS_DENIED)
3062 {
3063 /* Convert it to something more Win32-specific */
3064 SetLastError(ERROR_CANCELLED);
3065 }
3066 else
3067 {
3068 /* Some other error */
3069 BaseSetLastNTError(AppCompatStatus);
3070 }
3071
3072 /* Did we have a section? */
3073 if (SectionHandle)
3074 {
3075 /* Clean it up */
3076 NtClose(SectionHandle);
3077 SectionHandle = NULL;
3078 }
3079
3080 /* Fail the call */
3081 Result = FALSE;
3082 goto Quickie;
3083 }
3084 }
3085 }
3086
3087 //ASSERT((dwFusionFlags & ~SXS_APPCOMPACT_FLAG_APP_RUNNING_SAFEMODE) == 0);
3088
3089 /* Have we already done, and do we need to do, SRP (WinSafer) checks? */
3090 if (!(SkipSaferAndAppCompat) &&
3091 ~(dwCreationFlags & CREATE_PRESERVE_CODE_AUTHZ_LEVEL))
3092 {
3093 /* Assume yes */
3094 SaferNeeded = TRUE;
3095 switch (Status)
3096 {
3097 case STATUS_INVALID_IMAGE_NE_FORMAT:
3098 case STATUS_INVALID_IMAGE_PROTECT:
3099 case STATUS_INVALID_IMAGE_WIN_16:
3100 case STATUS_FILE_IS_OFFLINE:
3101 /* For all DOS, 16-bit, OS/2 images, we do*/
3102 break;
3103
3104 case STATUS_INVALID_IMAGE_NOT_MZ:
3105 /* For invalid files, we don't, unless it's a .BAT file */
3106 if (BaseIsDosApplication(&PathName, Status)) break;
3107
3108 default:
3109 /* Any other error codes we also don't */
3110 if (!NT_SUCCESS(Status))
3111 {
3112 SaferNeeded = FALSE;
3113 }
3114
3115 /* But for success, we do */
3116 break;
3117 }
3118
3119 /* Okay, so what did the checks above result in? */
3120 if (SaferNeeded)
3121 {
3122 /* We have to call into the WinSafer library and actually check */
3123 SaferStatus = BasepCheckWinSaferRestrictions(hUserToken,
3124 (LPWSTR)lpApplicationName,
3125 FileHandle,
3126 &InJob,
3127 &TokenHandle,
3128 &JobHandle);
3129 if (SaferStatus == 0xFFFFFFFF)
3130 {
3131 /* Back in 2003, they didn't have an NTSTATUS for this... */
3132 DPRINT1("WinSafer blocking process launch\n");
3133 SetLastError(ERROR_ACCESS_DISABLED_BY_POLICY);
3134 Result = FALSE;
3135 goto Quickie;
3136 }
3137
3138 /* Other status codes are not-Safer related, just convert them */
3139 if (!NT_SUCCESS(SaferStatus))
3140 {
3141 DPRINT1("Error checking WinSafer: %lx\n", SaferStatus);
3142 BaseSetLastNTError(SaferStatus);
3143 Result = FALSE;
3144 goto Quickie;
3145 }
3146 }
3147 }
3148
3149 /* The last step is to figure out why the section object was not created */
3150 switch (Status)
3151 {
3152 case STATUS_INVALID_IMAGE_WIN_16:
3153 {
3154 /* 16-bit binary. Should we use WOW or does the caller force VDM? */
3155 if (!(dwCreationFlags & CREATE_FORCEDOS))
3156 {
3157 /* Remember that we're launching WOW */
3158 IsWowApp = TRUE;
3159
3160 /* Create the VDM environment, it's valid for WOW too */
3161 Result = BaseCreateVDMEnvironment(lpEnvironment,
3162 &VdmAnsiEnv,
3163 &VdmUnicodeEnv);
3164 if (!Result)
3165 {
3166 DPRINT1("VDM environment for WOW app failed\n");
3167 goto Quickie;
3168 }
3169
3170 /* We're going to try this twice, so do a loop */
3171 while (TRUE)
3172 {
3173 /* Pick which kind of WOW mode we want to run in */
3174 VdmBinaryType = (dwCreationFlags &
3175 CREATE_SEPARATE_WOW_VDM) ?
3176 BINARY_TYPE_SEPARATE_WOW : BINARY_TYPE_WOW;
3177
3178 /* Get all the VDM settings and current status */
3179 Status = BaseCheckVDM(VdmBinaryType,
3180 lpApplicationName,
3181 lpCommandLine,
3182 lpCurrentDirectory,
3183 &VdmAnsiEnv,
3184 &CsrMsg[1],
3185 &VdmTask,
3186 dwCreationFlags,
3187 &StartupInfo,
3188 hUserToken);
3189
3190 /* If it worked, no need to try again */
3191 if (NT_SUCCESS(Status)) break;
3192
3193 /* Check if it's disallowed or if it's our second time */
3194 BaseSetLastNTError(Status);
3195 if ((Status == STATUS_VDM_DISALLOWED) ||
3196 (VdmBinaryType == BINARY_TYPE_SEPARATE_WOW) ||
3197 (GetLastError() == ERROR_ACCESS_DENIED))
3198 {
3199 /* Fail the call -- we won't try again */
3200 DPRINT1("VDM message failure for WOW: %lx\n", Status);
3201 Result = FALSE;
3202 goto Quickie;
3203 }
3204
3205 /* Try one more time, but with a separate WOW instance */
3206 dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
3207 }
3208
3209 /* Check which VDM state we're currently in */
3210 switch (CheckVdmMsg->VDMState & (VDM_NOT_LOADED |
3211 VDM_NOT_READY |
3212 VDM_READY))
3213 {
3214 case VDM_NOT_LOADED:
3215 /* VDM is not fully loaded, so not that much to undo */
3216 VdmUndoLevel = VDM_UNDO_PARTIAL;
3217
3218 /* Reset VDM reserve if needed */
3219 if (UseVdmReserve) VdmReserve = 1;
3220
3221 /* Get the required parameters and names for launch */
3222 Result = BaseGetVdmConfigInfo(lpCommandLine,
3223 VdmTask,
3224 VdmBinaryType,
3225 &VdmString,
3226 &VdmReserve);
3227 if (!Result)
3228 {
3229 DPRINT1("VDM Configuration failed for WOW\n");
3230 BaseSetLastNTError(Status);
3231 goto Quickie;
3232 }
3233
3234 /* Update the command-line with the VDM one instead */
3235 lpCommandLine = VdmString.Buffer;
3236 lpApplicationName = NULL;
3237
3238 /* We don't want a console, detachment, nor a window */
3239 dwCreationFlags |= CREATE_NO_WINDOW;
3240 dwCreationFlags &= ~(CREATE_NEW_CONSOLE | DETACHED_PROCESS);
3241
3242 /* Force feedback on */
3243 StartupInfo.dwFlags |= STARTF_FORCEONFEEDBACK;
3244 break;
3245
3246
3247 case VDM_READY:
3248 /* VDM is ready, so we have to undo everything */
3249 VdmUndoLevel = VDM_UNDO_REUSE;
3250
3251 /* Check if CSRSS wants us to wait on VDM */
3252 VdmWaitObject = CheckVdmMsg->WaitObjectForParent;
3253 break;
3254
3255 case VDM_NOT_READY:
3256 /* Something is wrong with VDM, we'll fail the call */
3257 DPRINT1("VDM is not ready for WOW\n");
3258 SetLastError(ERROR_NOT_READY);
3259 Result = FALSE;
3260 goto Quickie;
3261
3262 default:
3263 break;
3264 }
3265
3266 /* Since to get NULL, we allocate from 0x1, account for this */
3267 VdmReserve--;
3268
3269 /* This implies VDM is ready, so skip everything else */
3270 if (VdmWaitObject) goto VdmShortCircuit;
3271
3272 /* Don't inherit handles since we're doing VDM now */
3273 bInheritHandles = FALSE;
3274
3275 /* Had the user passed in environment? If so, destroy it */
3276 if ((lpEnvironment) &&
3277 !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT))
3278 {
3279 RtlDestroyEnvironment(lpEnvironment);
3280 }
3281
3282 /* We've already done all these checks, don't do them again */
3283 SkipSaferAndAppCompat = TRUE;
3284 goto AppNameRetry;
3285 }
3286
3287 // There is no break here on purpose, so FORCEDOS drops down!
3288 }
3289
3290 case STATUS_INVALID_IMAGE_PROTECT:
3291 case STATUS_INVALID_IMAGE_NOT_MZ:
3292 case STATUS_INVALID_IMAGE_NE_FORMAT:
3293 {
3294 /* We're launching an executable application */
3295 BinarySubType = BINARY_TYPE_EXE;
3296
3297 /* We can drop here from other "cases" above too, so check */
3298 if ((Status == STATUS_INVALID_IMAGE_PROTECT) ||
3299 (Status == STATUS_INVALID_IMAGE_NE_FORMAT) ||
3300 (BinarySubType = BaseIsDosApplication(&PathName, Status)))
3301 {
3302 /* We're launching a DOS application */
3303 VdmBinaryType = BINARY_TYPE_DOS;
3304
3305 /* Based on the caller environment, create a VDM one */
3306 Result = BaseCreateVDMEnvironment(lpEnvironment,
3307 &VdmAnsiEnv,
3308 &VdmUnicodeEnv);
3309 if (!Result)
3310 {
3311 DPRINT1("VDM environment for DOS failed\n");
3312 goto Quickie;
3313 }
3314
3315 /* Check the current state of the VDM subsystem */
3316 Status = BaseCheckVDM(VdmBinaryType | BinarySubType,
3317 lpApplicationName,
3318 lpCommandLine,
3319 lpCurrentDirectory,
3320 &VdmAnsiEnv,
3321 &CsrMsg[1],
3322 &VdmTask,
3323 dwCreationFlags,
3324 &StartupInfo,
3325 NULL);
3326 if (!NT_SUCCESS(Status))
3327 {
3328 /* Failed to inquire about VDM, fail the call */
3329 DPRINT1("VDM message failure for DOS: %lx\n", Status);
3330 BaseSetLastNTError(Status);
3331 Result = FALSE;
3332 goto Quickie;
3333 };
3334
3335 /* Handle possible VDM states */
3336 switch (CheckVdmMsg->VDMState & (VDM_NOT_LOADED |
3337 VDM_NOT_READY |
3338 VDM_READY))
3339 {
3340 case VDM_NOT_LOADED:
3341 /* If VDM is not loaded, we'll do a partial undo */
3342 VdmUndoLevel = VDM_UNDO_PARTIAL;
3343
3344 /* A VDM process can't also be detached, so fail */
3345 if (dwCreationFlags & DETACHED_PROCESS)
3346 {
3347 DPRINT1("Detached process but no VDM, not allowed\n");
3348 SetLastError(ERROR_ACCESS_DENIED);
3349 return FALSE;
3350 }
3351
3352 /* Get the required parameters and names for launch */
3353 Result = BaseGetVdmConfigInfo(lpCommandLine,
3354 VdmTask,
3355 VdmBinaryType,
3356 &VdmString,
3357 &VdmReserve);
3358 if (!Result)
3359 {
3360 DPRINT1("VDM Configuration failed for DOS\n");
3361 BaseSetLastNTError(Status);
3362 goto Quickie;
3363 }
3364
3365 /* Update the command-line to launch VDM instead */
3366 lpCommandLine = VdmString.Buffer;
3367 lpApplicationName = NULL;
3368 break;
3369
3370 case VDM_READY:
3371 /* VDM is ready, so we have to undo everything */
3372 VdmUndoLevel = VDM_UNDO_REUSE;
3373
3374 /* Check if CSRSS wants us to wait on VDM */
3375 VdmWaitObject = CheckVdmMsg->WaitObjectForParent;
3376 break;
3377
3378 case VDM_NOT_READY:
3379 /* Something is wrong with VDM, we'll fail the call */
3380 DPRINT1("VDM is not ready for DOS\n");
3381 SetLastError(ERROR_NOT_READY);
3382 Result = FALSE;
3383 goto Quickie;
3384
3385 default:
3386 break;
3387 }
3388
3389 /* Since to get NULL, we allocate from 0x1, account for this */
3390 VdmReserve--;
3391
3392 /* This implies VDM is ready, so skip everything else */
3393 if (VdmWaitObject) goto VdmShortCircuit;
3394
3395 /* Don't inherit handles since we're doing VDM now */
3396 bInheritHandles = FALSE;
3397
3398 /* Had the user passed in environment? If so, destroy it */
3399 if ((lpEnvironment) &&
3400 !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT))
3401 {
3402 RtlDestroyEnvironment(lpEnvironment);
3403 }
3404
3405 /* Use our VDM Unicode environment instead */
3406 lpEnvironment = VdmUnicodeEnv.Buffer;
3407 }
3408 else
3409 {
3410 /* It's a batch file, get the extension */
3411 ExtBuffer = &PathName.Buffer[PathName.Length / sizeof(WCHAR) - 4];
3412
3413 /* Make sure the extensions are correct */
3414 if ((PathName.Length < (4 * sizeof(WCHAR))) ||
3415 ((_wcsnicmp(ExtBuffer, L".bat", 4)) &&
3416 (_wcsnicmp(ExtBuffer, L".cmd", 4))))
3417 {
3418 DPRINT1("'%wZ': Invalid EXE, and not a batch or script file\n", &PathName);
3419 SetLastError(ERROR_BAD_EXE_FORMAT);
3420 Result = FALSE;
3421 goto Quickie;
3422 }
3423
3424 /* Check if we need to account for quotes around the path */
3425 CmdQuoteLength = CmdLineIsAppName || HasQuotes;
3426 if (!CmdLineIsAppName)
3427 {
3428 if (HasQuotes) CmdQuoteLength++;
3429 }
3430 else
3431 {
3432 CmdQuoteLength++;
3433 }
3434
3435 /* Calculate the length of the command line */
3436 CmdLineLength = wcslen(lpCommandLine);
3437 CmdLineLength += wcslen(CMD_STRING);
3438 CmdLineLength += CmdQuoteLength + sizeof(ANSI_NULL);
3439 CmdLineLength *= sizeof(WCHAR);
3440
3441 /* Allocate space for the new command line */
3442 AnsiCmdCommand = RtlAllocateHeap(RtlGetProcessHeap(),
3443 0,
3444 CmdLineLength);
3445 if (!AnsiCmdCommand)
3446 {
3447 BaseSetLastNTError(STATUS_NO_MEMORY);
3448 Result = FALSE;
3449 goto Quickie;
3450 }
3451
3452 /* Build it */
3453 wcscpy(AnsiCmdCommand, CMD_STRING);
3454 if ((CmdLineIsAppName) || (HasQuotes))
3455 {
3456 wcscat(AnsiCmdCommand, L"\"");
3457 }
3458 wcscat(AnsiCmdCommand, lpCommandLine);
3459 if ((CmdLineIsAppName) || (HasQuotes))
3460 {
3461 wcscat(AnsiCmdCommand, L"\"");
3462 }
3463
3464 /* Create it as a Unicode String */
3465 RtlInitUnicodeString(&DebuggerString, AnsiCmdCommand);
3466
3467 /* Set the command line to this */
3468 lpCommandLine = DebuggerString.Buffer;
3469 lpApplicationName = NULL;
3470 DPRINT1("Retrying with: %S\n", lpCommandLine);
3471 }
3472
3473 /* We've already done all these checks, don't do them again */
3474 SkipSaferAndAppCompat = TRUE;
3475 goto AppNameRetry;
3476 }
3477
3478 case STATUS_INVALID_IMAGE_WIN_64:
3479 {
3480 /* 64-bit binaries are not allowed to run on 32-bit ReactOS */
3481 DPRINT1("64-bit binary, failing\n");
3482 SetLastError(ERROR_EXE_MACHINE_TYPE_MISMATCH);
3483 Result = FALSE;
3484 goto Quickie;
3485 }
3486
3487 case STATUS_FILE_IS_OFFLINE:
3488 {
3489 /* Set the correct last error for this */
3490 DPRINT1("File is offline, failing\n");
3491 SetLastError(ERROR_FILE_OFFLINE);
3492 break;
3493 }
3494
3495 default:
3496 {
3497 /* Any other error, convert it to a generic Win32 error */
3498 if (!NT_SUCCESS(Status))
3499 {
3500 DPRINT1("Failed to create section: %lx\n", Status);
3501 SetLastError(ERROR_BAD_EXE_FORMAT);
3502 Result = FALSE;
3503 goto Quickie;
3504 }
3505
3506 /* Otherwise, this must be success */
3507 ASSERT(Status == STATUS_SUCCESS);
3508 break;
3509 }
3510 }
3511
3512 /* Is this not a WOW application, but a WOW32 VDM was requested for it? */
3513 if (!(IsWowApp) && (dwCreationFlags & CREATE_SEPARATE_WOW_VDM))
3514 {
3515 /* Ignore the nonsensical request */
3516 dwCreationFlags &= ~CREATE_SEPARATE_WOW_VDM;
3517 }
3518
3519 /* Did we already check information for the section? */
3520 if (!QuerySection)
3521 {
3522 /* Get some information about the executable */
3523 Status = NtQuerySection(SectionHandle,
3524 SectionImageInformation,
3525 &ImageInformation,
3526 sizeof(ImageInformation),
3527 NULL);
3528 if (!NT_SUCCESS(Status))
3529 {
3530 /* We failed, bail out */
3531 DPRINT1("Section query failed\n");
3532 BaseSetLastNTError(Status);
3533 Result = FALSE;
3534 goto Quickie;
3535 }
3536
3537 /* Don't check this later */
3538 QuerySection = TRUE;
3539 }
3540
3541 /* Check if this was linked as a DLL */
3542 if (ImageInformation.ImageCharacteristics & IMAGE_FILE_DLL)
3543 {
3544 /* These aren't valid images to try to execute! */
3545 DPRINT1("Trying to launch a DLL, failing\n");
3546 SetLastError(ERROR_BAD_EXE_FORMAT);
3547 Result = FALSE;
3548 goto Quickie;
3549 }
3550
3551 /* Don't let callers pass in this flag -- we'll only get it from IFEO */
3552 Flags &= ~PROCESS_CREATE_FLAGS_LARGE_PAGES;
3553
3554 /* Clear the IFEO-missing flag, before we know for sure... */
3555 ParameterFlags &= ~2;
3556
3557 /* If the process is being debugged, only read IFEO if the PEB says so */
3558 if (!(dwCreationFlags & (DEBUG_PROCESS | DEBUG_ONLY_THIS_PROCESS)) ||
3559 (NtCurrentPeb()->ReadImageFileExecOptions))
3560 {
3561 /* Let's do this! Attempt to open IFEO */
3562 IFEOStatus = LdrOpenImageFileOptionsKey(&PathName, 0, &KeyHandle);
3563 if (!NT_SUCCESS(IFEOStatus))
3564 {
3565 /* We failed, set the flag so we store this in the parameters */
3566 if (IFEOStatus == STATUS_OBJECT_NAME_NOT_FOUND) ParameterFlags |= 2;
3567 }
3568 else
3569 {
3570 /* Was this our first time going through this path? */
3571 if (!DebuggerCmdLine)
3572 {
3573 /* Allocate a buffer for the debugger path */
3574 DebuggerCmdLine = RtlAllocateHeap(RtlGetProcessHeap(),
3575 0,
3576 MAX_PATH * sizeof(WCHAR));
3577 if (!DebuggerCmdLine)
3578 {
3579 /* Close IFEO on failure */
3580 IFEOStatus = NtClose(KeyHandle);
3581 ASSERT(NT_SUCCESS(IFEOStatus));
3582
3583 /* Fail the call */
3584 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
3585 Result = FALSE;
3586 goto Quickie;
3587 }
3588 }
3589
3590 /* Now query for the debugger */
3591 IFEOStatus = LdrQueryImageFileKeyOption(KeyHandle,
3592 L"Debugger",
3593 REG_SZ,
3594 DebuggerCmdLine,
3595 MAX_PATH * sizeof(WCHAR),
3596 &ResultSize);
3597 if (!(NT_SUCCESS(IFEOStatus)) ||
3598 (ResultSize < sizeof(WCHAR)) ||
3599 (DebuggerCmdLine[0] == UNICODE_NULL))
3600 {
3601 /* If it's not there, or too small, or invalid, ignore it */
3602 RtlFreeHeap(RtlGetProcessHeap(), 0, DebuggerCmdLine);
3603 DebuggerCmdLine = NULL;
3604 }
3605
3606 /* Also query if we should map with large pages */
3607 IFEOStatus = LdrQueryImageFileKeyOption(KeyHandle,
3608 L"UseLargePages",
3609 REG_DWORD,
3610 &UseLargePages,
3611 sizeof(UseLargePages),
3612 NULL);
3613 if ((NT_SUCCESS(IFEOStatus)) && (UseLargePages))
3614 {
3615 /* Do it! This is the only way this flag can be set */
3616 Flags |= PROCESS_CREATE_FLAGS_LARGE_PAGES;
3617 }
3618
3619 /* We're done with IFEO, can close it now */
3620 IFEOStatus = NtClose(KeyHandle);
3621 ASSERT(NT_SUCCESS(IFEOStatus));
3622 }
3623 }
3624
3625 /* Make sure the image was compiled for this processor */
3626 if ((ImageInformation.Machine < SharedUserData->ImageNumberLow) ||
3627 (ImageInformation.Machine > SharedUserData->ImageNumberHigh))
3628 {
3629 /* It was not -- raise a hard error */
3630 ErrorResponse = ResponseOk;
3631 ErrorParameters[0] = (ULONG_PTR)&PathName;
3632 NtRaiseHardError(STATUS_IMAGE_MACHINE_TYPE_MISMATCH_EXE,
3633 1,
3634 1,
3635 ErrorParameters,
3636 OptionOk,
3637 &ErrorResponse);
3638 if (Peb->ImageSubsystemMajorVersion <= 3)
3639 {
3640 /* If it's really old, return this error */
3641 SetLastError(ERROR_BAD_EXE_FORMAT);
3642 }
3643 else
3644 {
3645 /* Otherwise, return a more modern error */
3646 SetLastError(ERROR_EXE_MACHINE_TYPE_MISMATCH);
3647 }
3648
3649 /* Go to the failure path */
3650 DPRINT1("Invalid image architecture: %lx\n", ImageInformation.Machine);
3651 Result = FALSE;
3652 goto Quickie;
3653 }
3654
3655 /* Check if this isn't a Windows image */
3656 if ((ImageInformation.SubSystemType != IMAGE_SUBSYSTEM_WINDOWS_GUI) &&
3657 (ImageInformation.SubSystemType != IMAGE_SUBSYSTEM_WINDOWS_CUI))
3658 {
3659 /* Get rid of section-related information since we'll retry */
3660 NtClose(SectionHandle);
3661 SectionHandle = NULL;
3662 QuerySection = FALSE;
3663
3664 /* The only other non-Windows image type we support here is POSIX */
3665 if (ImageInformation.SubSystemType != IMAGE_SUBSYSTEM_POSIX_CUI)
3666 {
3667 /* Bail out if it's something else */
3668 SetLastError(ERROR_CHILD_NOT_COMPLETE);
3669 Result = FALSE;
3670 goto Quickie;
3671 }
3672
3673 /* Now build the command-line to have posix launch this image */
3674 Result = BuildSubSysCommandLine(L"POSIX /P ",
3675 lpApplicationName,
3676 lpCommandLine,
3677 &DebuggerString);
3678 if (!Result)
3679 {
3680 /* Bail out if that failed */
3681 DPRINT1("Subsystem command line failed\n");
3682 goto Quickie;
3683 }
3684
3685 /* And re-try launching the process, with the new command-line now */
3686 lpCommandLine = DebuggerString.Buffer;
3687 lpApplicationName = NULL;
3688
3689 /* We've already done all these checks, don't do them again */
3690 SkipSaferAndAppCompat = TRUE;
3691 DPRINT1("Retrying with: %S\n", lpCommandLine);
3692 goto AppNameRetry;
3693 }
3694
3695 /* Was this image built for a version of Windows whose images we can run? */
3696 Result = BasepIsImageVersionOk(ImageInformation.SubSystemMajorVersion,
3697 ImageInformation.SubSystemMinorVersion);
3698 if (!Result)
3699 {
3700 /* It was not, bail out */
3701 DPRINT1("Invalid subsystem version: %hu.%hu\n",
3702 ImageInformation.SubSystemMajorVersion,
3703 ImageInformation.SubSystemMinorVersion);
3704 SetLastError(ERROR_BAD_EXE_FORMAT);
3705 goto Quickie;
3706 }
3707
3708 /* Check if there is a debugger associated with the application */
3709 if (DebuggerCmdLine)
3710 {
3711 /* Get the length of the command line */
3712 n = wcslen(lpCommandLine);
3713 if (!n)
3714 {
3715 /* There's no command line, use the application name instead */
3716 lpCommandLine = (LPWSTR)lpApplicationName;
3717 n = wcslen(lpCommandLine);
3718 }
3719
3720 /* Protect against overflow */
3721 if (n > UNICODE_STRING_MAX_CHARS)
3722 {
3723 BaseSetLastNTError(STATUS_NAME_TOO_LONG);
3724 Result = FALSE;
3725 goto Quickie;
3726 }
3727
3728 /* Now add the length of the debugger command-line */
3729 n += wcslen(DebuggerCmdLine);
3730
3731 /* Again make sure we don't overflow */
3732 if (n > UNICODE_STRING_MAX_CHARS)
3733 {
3734 BaseSetLastNTError(STATUS_NAME_TOO_LONG);
3735 Result = FALSE;
3736 goto Quickie;
3737 }
3738
3739 /* Account for the quotes and space between the two */
3740 n += sizeof("\" \"") - sizeof(ANSI_NULL);
3741
3742 /* Convert to bytes, and make sure we don't overflow */
3743 n *= sizeof(WCHAR);
3744 if (n > UNICODE_STRING_MAX_BYTES)
3745 {
3746 BaseSetLastNTError(STATUS_NAME_TOO_LONG);
3747 Result = FALSE;
3748 goto Quickie;
3749 }
3750
3751 /* Allocate space for the string */
3752 DebuggerString.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), 0, n);
3753 if (!DebuggerString.Buffer)
3754 {
3755 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
3756 Result = FALSE;
3757 goto Quickie;
3758 }
3759
3760 /* Set the length */
3761 RtlInitEmptyUnicodeString(&DebuggerString,
3762 DebuggerString.Buffer,
3763 (USHORT)n);
3764
3765 /* Now perform the command line creation */
3766 ImageDbgStatus = RtlAppendUnicodeToString(&DebuggerString,
3767 DebuggerCmdLine);
3768 ASSERT(NT_SUCCESS(ImageDbgStatus));
3769 ImageDbgStatus = RtlAppendUnicodeToString(&DebuggerString, L" ");
3770 ASSERT(NT_SUCCESS(ImageDbgStatus));
3771 ImageDbgStatus = RtlAppendUnicodeToString(&DebuggerString, lpCommandLine);
3772 ASSERT(NT_SUCCESS(ImageDbgStatus));
3773
3774 /* Make sure it all looks nice */
3775 DbgPrint("BASE: Calling debugger with '%wZ'\n", &DebuggerString);
3776
3777 /* Update the command line and application name */
3778 lpCommandLine = DebuggerString.Buffer;
3779 lpApplicationName = NULL;
3780
3781 /* Close all temporary state */
3782 NtClose(SectionHandle);
3783 SectionHandle = NULL;
3784 QuerySection = FALSE;
3785
3786 /* Free all temporary memory */
3787 RtlFreeHeap(RtlGetProcessHeap(), 0, NameBuffer);
3788 NameBuffer = NULL;
3789 RtlFreeHeap(RtlGetProcessHeap(), 0, FreeBuffer);
3790 FreeBuffer = NULL;
3791 RtlFreeHeap(RtlGetProcessHeap(), 0, DebuggerCmdLine);
3792 DebuggerCmdLine = NULL;
3793 DPRINT1("Retrying with: %S\n", lpCommandLine);
3794 goto AppNameRetry;
3795 }
3796
3797 /* Initialize the process object attributes */
3798 ObjectAttributes = BaseFormatObjectAttributes(&LocalObjectAttributes,
3799 lpProcessAttributes,
3800 NULL);
3801 if ((hUserToken) && (lpProcessAttributes))
3802 {
3803 /* Augment them with information from the user */
3804
3805 LocalProcessAttributes = *lpProcessAttributes;
3806 LocalProcessAttributes.lpSecurityDescriptor = NULL;
3807 ObjectAttributes = BaseFormatObjectAttributes(&LocalObjectAttributes,
3808 &LocalProcessAttributes,
3809 NULL);
3810 }
3811
3812 /* Check if we're going to be debugged */
3813 if (dwCreationFlags & DEBUG_PROCESS)
3814 {
3815 /* Set process flag */
3816 Flags |= PROCESS_CREATE_FLAGS_BREAKAWAY;
3817 }
3818
3819 /* Check if we're going to be debugged */
3820 if (dwCreationFlags & (DEBUG_PROCESS | DEBUG_ONLY_THIS_PROCESS))
3821 {
3822 /* Connect to DbgUi */
3823 Status = DbgUiConnectToDbg();
3824 if (!NT_SUCCESS(Status))
3825 {
3826 DPRINT1("Failed to connect to DbgUI!\n");
3827 BaseSetLastNTError(Status);
3828 Result = FALSE;
3829 goto Quickie;
3830 }
3831
3832 /* Get the debug object */
3833 DebugHandle = DbgUiGetThreadDebugObject();
3834
3835 /* Check if only this process will be debugged */
3836 if (dwCreationFlags & DEBUG_ONLY_THIS_PROCESS)
3837 {
3838 /* Set process flag */
3839 Flags |= PROCESS_CREATE_FLAGS_NO_DEBUG_INHERIT;
3840 }
3841 }
3842
3843 /* Set inherit flag */
3844 if (bInheritHandles) Flags |= PROCESS_CREATE_FLAGS_INHERIT_HANDLES;
3845
3846 /* Check if the process should be created with large pages */
3847 HavePrivilege = FALSE;
3848 PrivilegeState = NULL;
3849 if (Flags & PROCESS_CREATE_FLAGS_LARGE_PAGES)
3850 {
3851 /* Acquire the required privilege so that the kernel won't fail the call */
3852 PrivilegeValue = SE_LOCK_MEMORY_PRIVILEGE;
3853 Status = RtlAcquirePrivilege(&PrivilegeValue, 1, 0, &PrivilegeState);
3854 if (NT_SUCCESS(Status))
3855 {
3856 /* Remember to release it later */
3857 HavePrivilege = TRUE;
3858 }
3859 }
3860
3861 /* Save the current TIB value since kernel overwrites it to store PEB */
3862 TibValue = Teb->NtTib.ArbitraryUserPointer;
3863
3864 /* Tell the kernel to create the process */
3865 Status = NtCreateProcessEx(&ProcessHandle,
3866 PROCESS_ALL_ACCESS,
3867 ObjectAttributes,
3868 NtCurrentProcess(),
3869 Flags,
3870 SectionHandle,
3871 DebugHandle,
3872 NULL,
3873 InJob);
3874
3875 /* Load the PEB address from the hacky location where the kernel stores it */
3876 RemotePeb = Teb->NtTib.ArbitraryUserPointer;
3877
3878 /* And restore the old TIB value */
3879 Teb->NtTib.ArbitraryUserPointer = TibValue;
3880
3881 /* Release the large page privilege if we had acquired it */
3882 if (HavePrivilege) RtlReleasePrivilege(PrivilegeState);
3883
3884 /* And now check if the kernel failed to create the process */
3885 if (!NT_SUCCESS(Status))
3886 {
3887 /* Go to failure path */
3888 DPRINT1("Failed to create process: %lx\n", Status);
3889 BaseSetLastNTError(Status);
3890 Result = FALSE;
3891 goto Quickie;
3892 }
3893
3894 /* Check if there is a priority class to set */
3895 if (PriorityClass.PriorityClass)
3896 {
3897 /* Reset current privilege state */
3898 RealTimePrivilegeState = NULL;
3899
3900 /* Is realtime priority being requested? */
3901 if (PriorityClass.PriorityClass == PROCESS_PRIORITY_CLASS_REALTIME)
3902 {
3903 /* Check if the caller has real-time access, and enable it if so */
3904 RealTimePrivilegeState = BasepIsRealtimeAllowed(TRUE);
3905 }
3906
3907 /* Set the new priority class and release the privilege */
3908 Status = NtSetInformationProcess(ProcessHandle,
3909 ProcessPriorityClass,
3910 &PriorityClass,
3911 sizeof(PROCESS_PRIORITY_CLASS));
3912 if (RealTimePrivilegeState) RtlReleasePrivilege(RealTimePrivilegeState);
3913
3914 /* Check if we failed to set the priority class */
3915 if (!NT_SUCCESS(Status))
3916 {
3917 /* Bail out on failure */
3918 DPRINT1("Failed to set priority class: %lx\n", Status);
3919 BaseSetLastNTError(Status);
3920 Result = FALSE;
3921 goto Quickie;
3922 }
3923 }
3924
3925 /* Check if the caller wants the default error mode */
3926 if (dwCreationFlags & CREATE_DEFAULT_ERROR_MODE)
3927 {
3928 /* Set Error Mode to only fail on critical errors */
3929 HardErrorMode = SEM_FAILCRITICALERRORS;
3930 NtSetInformationProcess(ProcessHandle,
3931 ProcessDefaultHardErrorMode,
3932 &HardErrorMode,
3933 sizeof(ULONG));
3934 }
3935
3936 /* Check if this was a VDM binary */
3937 if (VdmBinaryType)
3938 {
3939 /* Update VDM by telling it the process has now been created */
3940 VdmWaitObject = ProcessHandle;
3941 Result = BaseUpdateVDMEntry(VdmEntryUpdateProcess,
3942 &VdmWaitObject,
3943 VdmTask,
3944 VdmBinaryType);
3945
3946 if (!Result)
3947 {
3948 /* Bail out on failure */
3949 DPRINT1("Failed to update VDM with wait object\n");
3950 VdmWaitObject = NULL;
3951 goto Quickie;
3952 }
3953
3954 /* At this point, a failure means VDM has to undo all the state */
3955 VdmUndoLevel |= VDM_UNDO_FULL;
3956 }
3957
3958 /* Check if VDM needed reserved low-memory */
3959 if (VdmReserve)
3960 {
3961 /* Reserve the requested allocation */
3962 RegionSize = VdmReserve;
3963 Status = NtAllocateVirtualMemory(ProcessHandle,
3964 &BaseAddress,
3965 0,
3966 &RegionSize,
3967 MEM_RESERVE,
3968 PAGE_EXECUTE_READWRITE);
3969 if (!NT_SUCCESS(Status))
3970 {
3971 /* Bail out on failure */
3972 DPRINT1("Failed to reserve memory for VDM: %lx\n", Status);
3973 BaseSetLastNTError(Status);
3974 Result = FALSE;
3975 goto Quickie;
3976 }
3977
3978 VdmReserve = (ULONG)RegionSize;
3979 }
3980
3981 /* Check if we've already queried information on the section */
3982 if (!QuerySection)
3983 {
3984 /* We haven't, so get some information about the executable */
3985 Status = NtQuerySection(SectionHandle,
3986 SectionImageInformation,
3987 &ImageInformation,
3988 sizeof(ImageInformation),
3989 NULL);
3990 if (!NT_SUCCESS(Status))
3991 {
3992 /* Bail out on failure */
3993 DPRINT1("Failed to query section: %lx\n", Status);
3994 BaseSetLastNTError(Status);
3995 Result = FALSE;
3996 goto Quickie;
3997 }
3998
3999 /* If we encounter a restart, don't re-query this information again */
4000 QuerySection = TRUE;
4001 }
4002
4003 /* Do we need to apply SxS to this image? */
4004 if (!(ImageInformation.DllCharacteristics & IMAGE_DLLCHARACTERISTICS_NO_ISOLATION))
4005 {
4006 /* Too bad, we don't support this yet */
4007 DPRINT1("Image should receive SxS Fusion Isolation\n");
4008 }
4009
4010 /* There's some SxS flag that we need to set if fusion flags have 1 set */
4011 if (FusionFlags & 1) CreateProcessMsg->Sxs.Flags |= 0x10;
4012
4013 /* Check if we have a current directory */
4014 if (lpCurrentDirectory)
4015 {
4016 /* Allocate a buffer so we can keep a Unicode copy */
4017 DPRINT("Current directory: %S\n", lpCurrentDirectory);
4018 CurrentDirectory = RtlAllocateHeap(RtlGetProcessHeap(),
4019 0,
4020 (MAX_PATH * sizeof(WCHAR)) +
4021 sizeof(UNICODE_NULL));
4022 if (!CurrentDirectory)
4023 {
4024 /* Bail out if this failed */
4025 BaseSetLastNTError(STATUS_NO_MEMORY);
4026 Result = FALSE;
4027 goto Quickie;
4028 }
4029
4030 /* Get the length in Unicode */
4031 Length = GetFullPathNameW(lpCurrentDirectory,
4032 MAX_PATH,
4033 CurrentDirectory,
4034 &FilePart);
4035 if (Length > MAX_PATH)
4036 {
4037 /* The directory is too long, so bail out */
4038 SetLastError(ERROR_DIRECTORY);
4039 Result = FALSE;
4040 goto Quickie;
4041 }
4042
4043 /* Make sure the directory is actually valid */
4044 FileAttribs = GetFileAttributesW(CurrentDirectory);
4045 if ((FileAttribs == INVALID_FILE_ATTRIBUTES) ||
4046 !(FileAttribs & FILE_ATTRIBUTE_DIRECTORY))
4047 {
4048 /* It isn't, so bail out */
4049 DPRINT1("Current directory is invalid\n");
4050 SetLastError(ERROR_DIRECTORY);
4051 Result = FALSE;
4052 goto Quickie;
4053 }
4054 }
4055
4056 /* Insert quotes if needed */
4057 if ((QuotesNeeded) || (CmdLineIsAppName))
4058 {
4059 /* Allocate our buffer, plus enough space for quotes and a NULL */
4060 QuotedCmdLine = RtlAllocateHeap(RtlGetProcessHeap(),
4061 0,
4062 (wcslen(lpCommandLine) * sizeof(WCHAR)) +
4063 (2 * sizeof(L'\"') + sizeof(UNICODE_NULL)));
4064 if (QuotedCmdLine)
4065 {
4066 /* Copy the first quote */
4067 wcscpy(QuotedCmdLine, L"\"");
4068
4069 /* Save the current null-character */
4070 if (QuotesNeeded)
4071 {
4072 SaveChar = *NullBuffer;
4073 *NullBuffer = UNICODE_NULL;
4074 }
4075
4076 /* Copy the command line and the final quote */
4077 wcscat(QuotedCmdLine, lpCommandLine);
4078 wcscat(QuotedCmdLine, L"\"");
4079
4080 /* Copy the null-char back */
4081 if (QuotesNeeded)
4082 {
4083 *NullBuffer = SaveChar;
4084 wcscat(QuotedCmdLine, NullBuffer);
4085 }
4086 }
4087 else
4088 {
4089 /* We can't put quotes around the thing, so try it anyway */
4090 if (QuotesNeeded) QuotesNeeded = FALSE;
4091 if (CmdLineIsAppName) CmdLineIsAppName = FALSE;
4092 }
4093 }
4094
4095 /* Use isolation if needed */
4096 if (CreateProcessMsg->Sxs.Flags & 1) ParameterFlags |= 1;
4097
4098 /* Set the new command-line if needed */
4099 if ((QuotesNeeded) || (CmdLineIsAppName)) lpCommandLine = QuotedCmdLine;
4100
4101 /* Call the helper function in charge of RTL_USER_PROCESS_PARAMETERS */
4102 Result = BasePushProcessParameters(ParameterFlags,
4103 ProcessHandle,
4104 RemotePeb,
4105 lpApplicationName,
4106 CurrentDirectory,
4107 lpCommandLine,
4108 lpEnvironment,
4109 &StartupInfo,
4110 dwCreationFlags | NoWindow,
4111 bInheritHandles,
4112 IsWowApp ? IMAGE_SUBSYSTEM_WINDOWS_GUI: 0,
4113 AppCompatData,
4114 AppCompatDataSize);
4115 if (!Result)
4116 {
4117 /* The remote process would have an undefined state, so fail the call */
4118 DPRINT1("BasePushProcessParameters failed\n");
4119 goto Quickie;
4120 }
4121
4122 /* Free the VDM command line string as it's no longer needed */
4123 RtlFreeUnicodeString(&VdmString);
4124 VdmString.Buffer = NULL;
4125
4126 /* Non-VDM console applications usually inherit handles unless specified */
4127 if (!(VdmBinaryType) &&
4128 !(bInheritHandles) &&
4129 !(StartupInfo.dwFlags & STARTF_USESTDHANDLES) &&
4130 !(dwCreationFlags & (CREATE_NO_WINDOW |
4131 CREATE_NEW_CONSOLE |
4132 DETACHED_PROCESS)) &&
4133 (ImageInformation.SubSystemType == IMAGE_SUBSYSTEM_WINDOWS_CUI))
4134 {
4135 /* Get the remote parameters */
4136 Status = NtReadVirtualMemory(ProcessHandle,
4137 &RemotePeb->ProcessParameters,
4138 &ProcessParameters,
4139 sizeof(PRTL_USER_PROCESS_PARAMETERS),
4140 NULL);
4141 if (NT_SUCCESS(Status))
4142 {
4143 /* Duplicate standard input unless it's a console handle */
4144 if (!IsConsoleHandle(Peb->ProcessParameters->StandardInput))
4145 {
4146 StuffStdHandle(ProcessHandle,
4147 Peb->ProcessParameters->StandardInput,
4148 &ProcessParameters->StandardInput);
4149 }
4150
4151 /* Duplicate standard output unless it's a console handle */
4152 if (!IsConsoleHandle(Peb->ProcessParameters->StandardOutput))
4153 {
4154 StuffStdHandle(ProcessHandle,
4155 Peb->ProcessParameters->StandardOutput,
4156 &ProcessParameters->StandardOutput);
4157 }
4158
4159 /* Duplicate standard error unless it's a console handle */
4160 if (!IsConsoleHandle(Peb->ProcessParameters->StandardError))
4161 {
4162 StuffStdHandle(ProcessHandle,
4163 Peb->ProcessParameters->StandardError,
4164 &ProcessParameters->StandardError);
4165 }
4166 }
4167 }
4168
4169 /* Create the Thread's Stack */
4170 StackSize = max(256 * 1024, ImageInformation.MaximumStackSize);
4171 Status = BaseCreateStack(ProcessHandle,
4172 ImageInformation.CommittedStackSize,
4173 StackSize,
4174 &InitialTeb);
4175 if (!NT_SUCCESS(Status))
4176 {
4177 DPRINT1("Creating the thread stack failed: %lx\n", Status);
4178 BaseSetLastNTError(Status);
4179 Result = FALSE;
4180 goto Quickie;
4181 }
4182
4183 /* Create the Thread's Context */
4184 BaseInitializeContext(&Context,
4185 Peb,
4186 ImageInformation.TransferAddress,
4187 InitialTeb.StackBase,
4188 0);
4189
4190 /* Convert the thread attributes */
4191 ObjectAttributes = BaseFormatObjectAttributes(&LocalObjectAttributes,
4192 lpThreadAttributes,
4193 NULL);
4194 if ((hUserToken) && (lpThreadAttributes))
4195 {
4196 /* If the caller specified a user token, zero the security descriptor */
4197 LocalThreadAttributes = *lpThreadAttributes;
4198 LocalThreadAttributes.lpSecurityDescriptor = NULL;
4199 ObjectAttributes = BaseFormatObjectAttributes(&LocalObjectAttributes,
4200 &LocalThreadAttributes,
4201 NULL);
4202 }
4203
4204 /* Create the Kernel Thread Object */
4205 Status = NtCreateThread(&ThreadHandle,
4206 THREAD_ALL_ACCESS,
4207 ObjectAttributes,
4208 ProcessHandle,
4209 &ClientId,
4210 &Context,
4211 &InitialTeb,
4212 TRUE);
4213 if (!NT_SUCCESS(Status))
4214 {
4215 /* A process is not allowed to exist without a main thread, so fail */
4216 DPRINT1("Creating the main thread failed: %lx\n", Status);
4217 BaseSetLastNTError(Status);
4218 Result = FALSE;
4219 goto Quickie;
4220 }
4221
4222 /* Begin filling out the CSRSS message, first with our IDs and handles */
4223 CreateProcessMsg->ProcessHandle = ProcessHandle;
4224 CreateProcessMsg->ThreadHandle = ThreadHandle;
4225 CreateProcessMsg->ClientId = ClientId;
4226
4227 /* Write the remote PEB address and clear it locally, we no longer use it */
4228 CreateProcessMsg->PebAddressNative = RemotePeb;
4229 #ifdef _WIN64
4230 DPRINT1("TODO: WOW64 is not supported yet\n");
4231 CreateProcessMsg->PebAddressWow64 = 0;
4232 #else
4233 CreateProcessMsg->PebAddressWow64 = (ULONG)RemotePeb;
4234 #endif
4235 RemotePeb = NULL;
4236
4237 /* Now check what kind of architecture this image was made for */
4238 switch (ImageInformation.Machine)
4239 {
4240 /* IA32, IA64 and AMD64 are supported in Server 2003 */
4241 case IMAGE_FILE_MACHINE_I386:
4242 CreateProcessMsg->ProcessorArchitecture = PROCESSOR_ARCHITECTURE_INTEL;
4243 break;
4244 case IMAGE_FILE_MACHINE_IA64:
4245 CreateProcessMsg->ProcessorArchitecture = PROCESSOR_ARCHITECTURE_IA64;
4246 break;
4247 case IMAGE_FILE_MACHINE_AMD64:
4248 CreateProcessMsg->ProcessorArchitecture = PROCESSOR_ARCHITECTURE_AMD64;
4249 break;
4250
4251 /* Anything else results in image unknown -- but no failure */
4252 default:
4253 DbgPrint("kernel32: No mapping for ImageInformation.Machine == %04x\n",
4254 ImageInformation.Machine);
4255 CreateProcessMsg->ProcessorArchitecture = PROCESSOR_ARCHITECTURE_UNKNOWN;
4256 break;
4257 }
4258
4259 /* Write the input creation flags except any debugger-related flags */
4260 CreateProcessMsg->CreationFlags = dwCreationFlags &
4261 ~(DEBUG_PROCESS | DEBUG_ONLY_THIS_PROCESS);
4262
4263 /* CSRSS needs to know if this is a GUI app or not */
4264 if ((ImageInformation.SubSystemType == IMAGE_SUBSYSTEM_WINDOWS_GUI) ||
4265 (IsWowApp))
4266 {
4267 /*
4268 * For GUI apps we turn on the 2nd bit. This allow CSRSS server dlls
4269 * (basesrv in particular) to know whether or not this is a GUI or a
4270 * TUI application.
4271 */
4272 AddToHandle(CreateProcessMsg->ProcessHandle, 2);
4273
4274 /* Also check if the parent is also a GUI process */
4275 NtHeaders = RtlImageNtHeader(GetModuleHandle(NULL));
4276 if ((NtHeaders) &&
4277 (NtHeaders->OptionalHeader.Subsystem == IMAGE_SUBSYSTEM_WINDOWS_GUI))
4278 {
4279 /* Let it know that it should display the hourglass mouse cursor */
4280 AddToHandle(CreateProcessMsg->ProcessHandle, 1);
4281 }
4282 }
4283
4284 /* For all apps, if this flag is on, the hourglass mouse cursor is shown */
4285 if (StartupInfo.dwFlags & STARTF_FORCEONFEEDBACK)
4286 {
4287 AddToHandle(CreateProcessMsg->ProcessHandle, 1);
4288 }
4289
4290 /* Likewise, the opposite holds as well */
4291 if (StartupInfo.dwFlags & STARTF_FORCEOFFFEEDBACK)
4292 {
4293 RemoveFromHandle(CreateProcessMsg->ProcessHandle, 1);
4294 }
4295
4296 /* Also store which kind of VDM app (if any) this is */
4297 CreateProcessMsg->VdmBinaryType = VdmBinaryType;
4298
4299 /* And if it really is a VDM app... */
4300 if (VdmBinaryType)
4301 {
4302 /* Store the task ID and VDM console handle */
4303 CreateProcessMsg->hVDM = VdmTask ? 0 : Peb->ProcessParameters->ConsoleHandle;
4304 CreateProcessMsg->VdmTask = VdmTask;
4305 }
4306 else if (VdmReserve)
4307 {
4308 /* Extended VDM, set a flag */
4309 CreateProcessMsg->VdmBinaryType |= BINARY_TYPE_WOW_EX;
4310 }
4311
4312 /* Check if there's side-by-side assembly data associated with the process */
4313 if (CreateProcessMsg->Sxs.Flags)
4314 {
4315 /* This should not happen in ReactOS yet */
4316 DPRINT1("This is an SxS Message -- should not happen yet\n");
4317 BaseSetLastNTError(STATUS_NOT_IMPLEMENTED);
4318 NtTerminateProcess(ProcessHandle, STATUS_NOT_IMPLEMENTED);
4319 Result = FALSE;
4320 goto Quickie;
4321 }
4322
4323 /* We are finally ready to call CSRSS to tell it about our new process! */
4324 CsrClientCallServer((PCSR_API_MESSAGE)&CsrMsg[0],
4325 CaptureBuffer,
4326 CSR_CREATE_API_NUMBER(BASESRV_SERVERDLL_INDEX,
4327 BasepCreateProcess),
4328 sizeof(*CreateProcessMsg));
4329
4330 /* CSRSS has returned, free the capture buffer now if we had one */
4331 if (CaptureBuffer)
4332 {
4333 CsrFreeCaptureBuffer(CaptureBuffer);
4334 CaptureBuffer = NULL;
4335 }
4336
4337 /* Check if CSRSS failed to accept ownership of the new Windows process */
4338 if (!NT_SUCCESS(CsrMsg[0].Status))
4339 {
4340 /* Terminate the process and enter failure path with the CSRSS status */
4341 DPRINT1("Failed to tell csrss about new process\n");
4342 BaseSetLastNTError(CsrMsg[0].Status);
4343 NtTerminateProcess(ProcessHandle, CsrMsg[0].Status);
4344 Result = FALSE;
4345 goto Quickie;
4346 }
4347
4348 /* Check if we have a token due to Authz/Safer, not passed by the user */
4349 if ((TokenHandle) && !(hUserToken))
4350 {
4351 /* Replace the process and/or thread token with the one from Safer */
4352 Status = BasepReplaceProcessThreadTokens(TokenHandle,
4353 ProcessHandle,
4354 ThreadHandle);
4355 if (!NT_SUCCESS(Status))
4356 {
4357 /* If this failed, kill the process and enter the failure path */
4358 DPRINT1("Failed to update process token: %lx\n", Status);
4359 NtTerminateProcess(ProcessHandle, Status);
4360 BaseSetLastNTError(Status);
4361 Result = FALSE;
4362 goto Quickie;
4363 }
4364 }
4365
4366 /* Check if a job was associated with this process */
4367 if (JobHandle)
4368 {
4369 /* Bind the process and job together now */
4370 Status = NtAssignProcessToJobObject(JobHandle, ProcessHandle);
4371 if (!NT_SUCCESS(Status))
4372 {
4373 /* Kill the process and enter the failure path if binding failed */
4374 DPRINT1("Failed to assign process to job: %lx\n", Status);
4375 NtTerminateProcess(ProcessHandle, STATUS_ACCESS_DENIED);
4376 BaseSetLastNTError(Status);
4377 Result = FALSE;
4378 goto Quickie;
4379 }
4380 }
4381
4382 /* Finally, resume the thread to actually get the process started */
4383 if (!(dwCreationFlags & CREATE_SUSPENDED))
4384 {
4385 NtResumeThread(ThreadHandle, &ResumeCount);
4386 }
4387
4388 VdmShortCircuit:
4389 /* We made it this far, meaning we have a fully created process and thread */
4390 Result = TRUE;
4391
4392 /* Anyone doing a VDM undo should now undo everything, since we are done */
4393 if (VdmUndoLevel) VdmUndoLevel |= VDM_UNDO_COMPLETED;
4394
4395 /* Having a VDM wait object implies this must be a VDM process */
4396 if (VdmWaitObject)
4397 {
4398 /* Check if it's a 16-bit separate WOW process */
4399 if (VdmBinaryType == BINARY_TYPE_SEPARATE_WOW)
4400 {
4401 /* OR-in the special flag to indicate this, and return to caller */
4402 AddToHandle(VdmWaitObject, 2);
4403 lpProcessInformation->hProcess = VdmWaitObject;
4404
4405 /* Check if this was a re-used VDM */
4406 if (VdmUndoLevel & VDM_UNDO_REUSE)
4407 {
4408 /* No Client ID should be returned in this case */
4409 ClientId.UniqueProcess = 0;
4410 ClientId.UniqueThread = 0;
4411 }
4412 }
4413 else
4414 {
4415 /* OR-in the special flag to indicate this is not a separate VDM */
4416 AddToHandle(VdmWaitObject, 1);
4417
4418 /* Return handle to the caller */
4419 lpProcessInformation->hProcess = VdmWaitObject;
4420 }
4421
4422 /* Close the original process handle, since it's not needed for VDM */
4423 if (ProcessHandle) NtClose(ProcessHandle);
4424 }
4425 else
4426 {
4427 /* This is a regular process, so return the real process handle */
4428 lpProcessInformation->hProcess = ProcessHandle;
4429 }
4430
4431 /* Return the rest of the process information based on what we have so far */
4432 lpProcessInformation->hThread = ThreadHandle;
4433 lpProcessInformation->dwProcessId = HandleToUlong(ClientId.UniqueProcess);
4434 lpProcessInformation->dwThreadId = HandleToUlong(ClientId.UniqueThread);
4435
4436 /* NULL these out here so we know to treat this as a success scenario */
4437 ProcessHandle = NULL;
4438 ThreadHandle = NULL;
4439
4440 Quickie:
4441 /* Free the debugger command line if one was allocated */
4442 if (DebuggerCmdLine) RtlFreeHeap(RtlGetProcessHeap(), 0, DebuggerCmdLine);
4443
4444 /* Check if an SxS full path as queried */
4445 if (PathBuffer)
4446 {
4447 /* Reinitialize the executable path */
4448 RtlInitEmptyUnicodeString(&SxsWin32ExePath, NULL, 0);
4449 SxsWin32ExePath.Length = 0;
4450
4451 /* Free the path buffer */
4452 RtlFreeHeap(RtlGetProcessHeap(), 0, PathBuffer);
4453 }
4454
4455 #if _SXS_SUPPORT_ENABLED_
4456 /* Check if this was a non-VDM process */
4457 if (!VdmBinaryType)
4458 {
4459 /* Then it must've had SxS data, so close the handles used for it */
4460 BasepSxsCloseHandles(&Handles);
4461 BasepSxsCloseHandles(&FileHandles);
4462
4463 /* Check if we built SxS byte buffers for this create process request */
4464 if (SxsConglomeratedBuffer)
4465 {
4466 /* Loop all of them */
4467 for (i = 0; i < 5; i++)
4468 {
4469 /* Check if this one was allocated */
4470 ThisBuffer = SxsStaticBuffers[i];
4471 if (ThisBuffer)
4472 {
4473 /* Get the underlying RTL_BUFFER structure */
4474 ByteBuffer = &ThisBuffer->ByteBuffer;
4475 if ((ThisBuffer != (PVOID)-8) && (ByteBuffer->Buffer))
4476 {
4477 /* Check if it was dynamic */
4478 if (ByteBuffer->Buffer != ByteBuffer->StaticBuffer)
4479 {
4480 /* Free it from the heap */
4481 FreeString.Buffer = (PWCHAR)ByteBuffer->Buffer;
4482 RtlFreeUnicodeString(&FreeString);
4483 }
4484
4485 /* Reset the buffer to its static data */
4486 ByteBuffer->Buffer = ByteBuffer->StaticBuffer;
4487 ByteBuffer->Size = ByteBuffer->StaticSize;
4488 }
4489
4490 /* Reset the string to the static buffer */
4491 RtlInitEmptyUnicodeString(&ThisBuffer->String,
4492 (PWCHAR)ByteBuffer->StaticBuffer,
4493 ByteBuffer->StaticSize);
4494 if (ThisBuffer->String.Buffer)
4495 {
4496 /* Also NULL-terminate it */
4497 *ThisBuffer->String.Buffer = UNICODE_NULL;
4498 }
4499 }
4500 }
4501 }
4502 }
4503 #endif
4504 /* Check if an environment was passed in */
4505 if ((lpEnvironment) && !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT))
4506 {
4507 /* Destroy it */
4508 RtlDestroyEnvironment(lpEnvironment);
4509
4510 /* If this was the VDM environment too, clear that as well */
4511 if (VdmUnicodeEnv.Buffer == lpEnvironment) VdmUnicodeEnv.Buffer = NULL;
4512 lpEnvironment = NULL;
4513 }
4514
4515 /* Unconditionally free all the name parsing buffers we always allocate */
4516 RtlFreeHeap(RtlGetProcessHeap(), 0, QuotedCmdLine);
4517 RtlFreeHeap(RtlGetProcessHeap(), 0, NameBuffer);
4518 RtlFreeHeap(RtlGetProcessHeap(), 0, CurrentDirectory);
4519 RtlFreeHeap(RtlGetProcessHeap(), 0, FreeBuffer);
4520
4521 /* Close open file/section handles */
4522 if (FileHandle) NtClose(FileHandle);
4523 if (SectionHandle) NtClose(SectionHandle);
4524
4525 /* If we have a thread handle, this was a failure path */
4526 if (ThreadHandle)
4527 {
4528 /* So kill the process and close the thread handle */
4529 NtTerminateProcess(ProcessHandle, 0);
4530 NtClose(ThreadHandle);
4531 }
4532
4533 /* If we have a process handle, this was a failure path, so close it */
4534 if (ProcessHandle) NtClose(ProcessHandle);
4535
4536 /* Thread/process handles, if any, are now processed. Now close this one. */
4537 if (JobHandle) NtClose(JobHandle);
4538
4539 /* Check if we had created a token */
4540 if (TokenHandle)
4541 {
4542 /* And if the user asked for one */
4543 if (hUserToken)
4544 {
4545 /* Then return it */
4546 *hNewToken = TokenHandle;
4547 }
4548 else
4549 {
4550 /* User didn't want it, so we used it temporarily -- close it */
4551 NtClose(TokenHandle);
4552 }
4553 }
4554
4555 /* Free any temporary app compatibility data, it's no longer needed */
4556 BasepFreeAppCompatData(AppCompatData, AppCompatSxsData);
4557
4558 /* Free a few strings. The API takes care of these possibly being NULL */
4559 RtlFreeUnicodeString(&VdmString);
4560 RtlFreeUnicodeString(&DebuggerString);
4561
4562 /* Check if we had built any sort of VDM environment */
4563 if ((VdmAnsiEnv.Buffer) || (VdmUnicodeEnv.Buffer))
4564 {
4565 /* Free it */
4566 BaseDestroyVDMEnvironment(&VdmAnsiEnv, &VdmUnicodeEnv);
4567 }
4568
4569 /* Check if this was any kind of VDM application that we ended up creating */
4570 if ((VdmUndoLevel) && (!(VdmUndoLevel & VDM_UNDO_COMPLETED)))
4571 {
4572 /* Send an undo */
4573 BaseUpdateVDMEntry(VdmEntryUndo,
4574 (PHANDLE)&VdmTask,
4575 VdmUndoLevel,
4576 VdmBinaryType);
4577
4578 /* And close whatever VDM handle we were using for notifications */
4579 if (VdmWaitObject) NtClose(VdmWaitObject);
4580 }
4581
4582 /* Check if we ended up here with an allocated search path, and free it */
4583 if (SearchPath) RtlFreeHeap(RtlGetProcessHeap(), 0, SearchPath);
4584
4585 /* Finally, return the API's result */
4586 return Result;
4587 }
4588
4589 /*
4590 * @implemented
4591 */
4592 BOOL
4593 WINAPI
4594 DECLSPEC_HOTPATCH
4595 CreateProcessW(LPCWSTR lpApplicationName,
4596 LPWSTR lpCommandLine,
4597 LPSECURITY_ATTRIBUTES lpProcessAttributes,
4598 LPSECURITY_ATTRIBUTES lpThreadAttributes,
4599 BOOL bInheritHandles,
4600 DWORD dwCreationFlags,
4601 LPVOID lpEnvironment,
4602 LPCWSTR lpCurrentDirectory,
4603 LPSTARTUPINFOW lpStartupInfo,
4604 LPPROCESS_INFORMATION lpProcessInformation)
4605 {
4606 /* Call the internal (but exported) version */
4607 return CreateProcessInternalW(NULL,
4608 lpApplicationName,
4609 lpCommandLine,
4610 lpProcessAttributes,
4611 lpThreadAttributes,
4612 bInheritHandles,
4613 dwCreationFlags,
4614 lpEnvironment,
4615 lpCurrentDirectory,
4616 lpStartupInfo,
4617 lpProcessInformation,
4618 NULL);
4619 }
4620
4621 /*
4622 * @implemented
4623 */
4624 BOOL
4625 WINAPI
4626 CreateProcessInternalA(HANDLE hToken,
4627 LPCSTR lpApplicationName,
4628 LPSTR lpCommandLine,
4629 LPSECURITY_ATTRIBUTES lpProcessAttributes,
4630 LPSECURITY_ATTRIBUTES lpThreadAttributes,
4631 BOOL bInheritHandles,
4632 DWORD dwCreationFlags,
4633 LPVOID lpEnvironment,
4634 LPCSTR lpCurrentDirectory,
4635 LPSTARTUPINFOA lpStartupInfo,
4636 LPPROCESS_INFORMATION lpProcessInformation,
4637 PHANDLE hNewToken)
4638 {
4639 UNICODE_STRING CommandLine;
4640 UNICODE_STRING ApplicationName;
4641 UNICODE_STRING CurrentDirectory;
4642 BOOL bRetVal;
4643 STARTUPINFOW StartupInfo;
4644
4645 DPRINT("dwCreationFlags %x, lpEnvironment %p, lpCurrentDirectory %p, "
4646 "lpStartupInfo %p, lpProcessInformation %p\n",
4647 dwCreationFlags, lpEnvironment, lpCurrentDirectory,
4648 lpStartupInfo, lpProcessInformation);
4649
4650 /* Copy Startup Info */
4651 RtlMoveMemory(&StartupInfo, lpStartupInfo, sizeof(*lpStartupInfo));
4652
4653 /* Initialize all strings to nothing */
4654 CommandLine.Buffer = NULL;
4655 ApplicationName.Buffer = NULL;
4656 CurrentDirectory.Buffer = NULL;
4657 StartupInfo.lpDesktop = NULL;
4658 StartupInfo.lpReserved = NULL;
4659 StartupInfo.lpTitle = NULL;
4660
4661 /* Convert the Command line */
4662 if (lpCommandLine)
4663 {
4664 Basep8BitStringToDynamicUnicodeString(&CommandLine,
4665 lpCommandLine);
4666 }
4667
4668 /* Convert the Name and Directory */
4669 if (lpApplicationName)
4670 {
4671 Basep8BitStringToDynamicUnicodeString(&ApplicationName,
4672 lpApplicationName);
4673 }
4674 if (lpCurrentDirectory)
4675 {
4676 Basep8BitStringToDynamicUnicodeString(&CurrentDirectory,
4677 lpCurrentDirectory);
4678 }
4679
4680 /* Now convert Startup Strings */
4681 if (lpStartupInfo->lpReserved)
4682 {
4683 BasepAnsiStringToHeapUnicodeString(lpStartupInfo->lpReserved,
4684 &StartupInfo.lpReserved);
4685 }
4686 if (lpStartupInfo->lpDesktop)
4687 {
4688 BasepAnsiStringToHeapUnicodeString(lpStartupInfo->lpDesktop,
4689 &StartupInfo.lpDesktop);
4690 }
4691 if (lpStartupInfo->lpTitle)
4692 {
4693 BasepAnsiStringToHeapUnicodeString(lpStartupInfo->lpTitle,
4694 &StartupInfo.lpTitle);
4695 }
4696
4697 /* Call the Unicode function */
4698 bRetVal = CreateProcessInternalW(hToken,
4699 ApplicationName.Buffer,
4700 CommandLine.Buffer,
4701 lpProcessAttributes,
4702 lpThreadAttributes,
4703 bInheritHandles,
4704 dwCreationFlags,
4705 lpEnvironment,
4706 CurrentDirectory.Buffer,
4707 &StartupInfo,
4708 lpProcessInformation,
4709 hNewToken);
4710
4711 /* Clean up */
4712 RtlFreeUnicodeString(&ApplicationName);
4713 RtlFreeUnicodeString(&CommandLine);
4714 RtlFreeUnicodeString(&CurrentDirectory);
4715 RtlFreeHeap(RtlGetProcessHeap(), 0, StartupInfo.lpDesktop);
4716 RtlFreeHeap(RtlGetProcessHeap(), 0, StartupInfo.lpReserved);
4717 RtlFreeHeap(RtlGetProcessHeap(), 0, StartupInfo.lpTitle);
4718
4719 /* Return what Unicode did */
4720 return bRetVal;
4721 }
4722
4723 /*
4724 * FUNCTION: The CreateProcess function creates a new process and its
4725 * primary thread. The new process executes the specified executable file
4726 * ARGUMENTS:
4727 *
4728 * lpApplicationName = Pointer to name of executable module
4729 * lpCommandLine = Pointer to command line string
4730 * lpProcessAttributes = Process security attributes
4731 * lpThreadAttributes = Thread security attributes
4732 * bInheritHandles = Handle inheritance flag
4733 * dwCreationFlags = Creation flags
4734 * lpEnvironment = Pointer to new environment block
4735 * lpCurrentDirectory = Pointer to current directory name
4736 * lpStartupInfo = Pointer to startup info
4737 * lpProcessInformation = Pointer to process information
4738 *
4739 * @implemented
4740 */
4741 BOOL
4742 WINAPI
4743 DECLSPEC_HOTPATCH
4744 CreateProcessA(LPCSTR lpApplicationName,
4745 LPSTR lpCommandLine,
4746 LPSECURITY_ATTRIBUTES lpProcessAttributes,
4747 LPSECURITY_ATTRIBUTES lpThreadAttributes,
4748 BOOL bInheritHandles,
4749 DWORD dwCreationFlags,
4750 LPVOID lpEnvironment,
4751 LPCSTR lpCurrentDirectory,
4752 LPSTARTUPINFOA lpStartupInfo,
4753 LPPROCESS_INFORMATION lpProcessInformation)
4754 {
4755 /* Call the internal (but exported) version */
4756 return CreateProcessInternalA(NULL,
4757 lpApplicationName,
4758 lpCommandLine,
4759 lpProcessAttributes,
4760 lpThreadAttributes,
4761 bInheritHandles,
4762 dwCreationFlags,
4763 lpEnvironment,
4764 lpCurrentDirectory,
4765 lpStartupInfo,
4766 lpProcessInformation,
4767 NULL);
4768 }
4769
4770 /*
4771 * @implemented
4772 */
4773 UINT
4774 WINAPI
4775 DECLSPEC_HOTPATCH
4776 WinExec(LPCSTR lpCmdLine,
4777 UINT uCmdShow)
4778 {
4779 STARTUPINFOA StartupInfo;
4780 PROCESS_INFORMATION ProcessInformation;
4781 DWORD dosErr;
4782
4783 RtlZeroMemory(&StartupInfo, sizeof(StartupInfo));
4784 StartupInfo.cb = sizeof(STARTUPINFOA);
4785 StartupInfo.wShowWindow = (WORD)uCmdShow;
4786 StartupInfo.dwFlags = 0;
4787
4788 if (!CreateProcessA(NULL,
4789 (PVOID)lpCmdLine,
4790 NULL,
4791 NULL,
4792 FALSE,
4793 0,
4794 NULL,
4795 NULL,
4796 &StartupInfo,
4797 &ProcessInformation))
4798 {
4799 dosErr = GetLastError();
4800 return dosErr < 32 ? dosErr : ERROR_BAD_FORMAT;
4801 }
4802
4803 if (NULL != UserWaitForInputIdleRoutine)
4804 {
4805 UserWaitForInputIdleRoutine(ProcessInformation.hProcess,
4806 10000);
4807 }
4808
4809 NtClose(ProcessInformation.hProcess);
4810 NtClose(ProcessInformation.hThread);
4811
4812 return 33; /* Something bigger than 31 means success. */
4813 }
4814
4815 /* EOF */
A free Windows-compatible Operating System