2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS kernel
4 * FILE: lib/ntdll/ldr/utils.c
5 * PURPOSE: Process startup for PE executables
6 * PROGRAMMERS: Jean Michault
7 * Rex Jolliff (rex@lvcablemodem.com)
12 * - Handle loading flags correctly
13 * - Handle errors correctly (unload dll's)
14 * - Implement a faster way to find modules (hash table)
18 /* INCLUDES *****************************************************************/
24 #define LDRP_PROCESS_CREATION_TIME 0x8000000
25 #define RVA(m, b) ((PVOID)((ULONG_PTR)(b) + (ULONG_PTR)(m)))
27 /* GLOBALS *******************************************************************/
31 #define TRACE_LDR(args...) if (RtlGetNtGlobalFlags() & FLG_SHOW_LDR_SNAPS) { DbgPrint("(LDR:%s:%d) ",__FILE__,__LINE__); DbgPrint(args); }
32 #elif defined(_MSC_VER)
33 #define TRACE_LDR(args, ...) if (RtlGetNtGlobalFlags() & FLG_SHOW_LDR_SNAPS) { DbgPrint("(LDR:%s:%d) ",__FILE__,__LINE__); DbgPrint(__VA_ARGS__); }
36 #define TRACE_LDR(args...) do { DbgPrint("(LDR:%s:%d) ",__FILE__,__LINE__); DbgPrint(args); } while(0)
39 typedef struct _TLS_DATA
41 PVOID StartAddressOfRawData
;
44 PIMAGE_TLS_CALLBACK
*TlsAddressOfCallBacks
;
45 PLDR_DATA_TABLE_ENTRY Module
;
46 } TLS_DATA
, *PTLS_DATA
;
48 static BOOLEAN LdrpDllShutdownInProgress
= FALSE
;
49 static PTLS_DATA LdrpTlsArray
= NULL
;
50 static ULONG LdrpTlsCount
= 0;
51 static ULONG LdrpTlsSize
= 0;
52 static HANDLE LdrpKnownDllsDirHandle
= NULL
;
53 static UNICODE_STRING LdrpKnownDllPath
= {0, 0, NULL
};
54 static PLDR_DATA_TABLE_ENTRY LdrpLastModule
= NULL
;
55 extern PLDR_DATA_TABLE_ENTRY ExeModule
;
57 /* PROTOTYPES ****************************************************************/
59 static NTSTATUS
LdrFindEntryForName(PUNICODE_STRING Name
, PLDR_DATA_TABLE_ENTRY
*Module
, BOOLEAN Ref
);
60 static PVOID
LdrFixupForward(PCHAR ForwardName
);
61 static PVOID
LdrGetExportByName(PVOID BaseAddress
, PUCHAR SymbolName
, USHORT Hint
);
62 static NTSTATUS
LdrpLoadModule(IN PWSTR SearchPath OPTIONAL
,
64 IN PUNICODE_STRING Name
,
65 OUT PLDR_DATA_TABLE_ENTRY
*Module
,
66 OUT PVOID
*BaseAddress OPTIONAL
);
67 static NTSTATUS
LdrpAttachProcess(VOID
);
68 static VOID
LdrpDetachProcess(BOOLEAN UnloadAll
);
70 /* FUNCTIONS *****************************************************************/
72 #if defined(DBG) || defined(KDBG)
75 LdrpLoadUserModuleSymbols(PLDR_DATA_TABLE_ENTRY LdrModule
)
86 #endif /* DBG || KDBG */
89 LdrMappedAsDataFile(PVOID
*BaseAddress
)
91 if (0 != ((DWORD_PTR
) *BaseAddress
& (PAGE_SIZE
- 1)))
93 *BaseAddress
= (PVOID
) ((DWORD_PTR
) *BaseAddress
& ~ ((DWORD_PTR
) PAGE_SIZE
- 1));
100 static __inline LONG
LdrpDecrementLoadCount(PLDR_DATA_TABLE_ENTRY Module
, BOOLEAN Locked
)
105 RtlEnterCriticalSection (NtCurrentPeb()->LoaderLock
);
107 LoadCount
= Module
->LoadCount
;
108 if (Module
->LoadCount
> 0 && Module
->LoadCount
!= 0xFFFF)
114 RtlLeaveCriticalSection(NtCurrentPeb()->LoaderLock
);
119 static __inline LONG
LdrpIncrementLoadCount(PLDR_DATA_TABLE_ENTRY Module
, BOOLEAN Locked
)
124 RtlEnterCriticalSection (NtCurrentPeb()->LoaderLock
);
126 LoadCount
= Module
->LoadCount
;
127 if (Module
->LoadCount
!= 0xFFFF)
133 RtlLeaveCriticalSection(NtCurrentPeb()->LoaderLock
);
138 static __inline VOID
LdrpAcquireTlsSlot(PLDR_DATA_TABLE_ENTRY Module
, ULONG Size
, BOOLEAN Locked
)
142 RtlEnterCriticalSection (NtCurrentPeb()->LoaderLock
);
144 Module
->TlsIndex
= (SHORT
)LdrpTlsCount
;
149 RtlLeaveCriticalSection(NtCurrentPeb()->LoaderLock
);
153 static __inline VOID
LdrpTlsCallback(PLDR_DATA_TABLE_ENTRY Module
, ULONG dwReason
)
155 PIMAGE_TLS_CALLBACK
*TlsCallback
;
156 if (Module
->TlsIndex
!= 0xFFFF && Module
->LoadCount
== 0xFFFF)
158 TlsCallback
= LdrpTlsArray
[Module
->TlsIndex
].TlsAddressOfCallBacks
;
163 TRACE_LDR("%wZ - Calling tls callback at %x\n",
164 &Module
->BaseDllName
, *TlsCallback
);
165 (*TlsCallback
)(Module
->DllBase
, dwReason
, NULL
);
172 static BOOLEAN
LdrpCallDllEntry(PLDR_DATA_TABLE_ENTRY Module
, DWORD dwReason
, PVOID lpReserved
)
174 if (!(Module
->Flags
& LDRP_IMAGE_DLL
) ||
175 Module
->EntryPoint
== 0)
179 LdrpTlsCallback(Module
, dwReason
);
180 return ((PDLLMAIN_FUNC
)Module
->EntryPoint
)(Module
->DllBase
, dwReason
, lpReserved
);
184 LdrpInitializeTlsForThread(VOID
)
190 PTEB Teb
= NtCurrentTeb();
192 DPRINT("LdrpInitializeTlsForThread() called for %wZ\n", &ExeModule
->BaseDllName
);
194 Teb
->StaticUnicodeString
.Length
= 0;
195 Teb
->StaticUnicodeString
.MaximumLength
= sizeof(Teb
->StaticUnicodeBuffer
);
196 Teb
->StaticUnicodeString
.Buffer
= Teb
->StaticUnicodeBuffer
;
198 if (LdrpTlsCount
> 0)
200 TlsPointers
= RtlAllocateHeap(RtlGetProcessHeap(),
202 LdrpTlsCount
* sizeof(PVOID
) + LdrpTlsSize
);
203 if (TlsPointers
== NULL
)
205 DPRINT1("failed to allocate thread tls data\n");
206 return STATUS_NO_MEMORY
;
209 TlsData
= (PVOID
)((ULONG_PTR
)TlsPointers
+ LdrpTlsCount
* sizeof(PVOID
));
210 Teb
->ThreadLocalStoragePointer
= TlsPointers
;
212 TlsInfo
= LdrpTlsArray
;
213 for (i
= 0; i
< LdrpTlsCount
; i
++, TlsInfo
++)
215 TRACE_LDR("Initialize tls data for %wZ\n", &TlsInfo
->Module
->BaseDllName
);
216 TlsPointers
[i
] = TlsData
;
217 if (TlsInfo
->TlsDataSize
)
219 memcpy(TlsData
, TlsInfo
->StartAddressOfRawData
, TlsInfo
->TlsDataSize
);
220 TlsData
= (PVOID
)((ULONG_PTR
)TlsData
+ TlsInfo
->TlsDataSize
);
222 if (TlsInfo
->TlsZeroSize
)
224 memset(TlsData
, 0, TlsInfo
->TlsZeroSize
);
225 TlsData
= (PVOID
)((ULONG_PTR
)TlsData
+ TlsInfo
->TlsZeroSize
);
230 DPRINT("LdrpInitializeTlsForThread() done\n");
231 return STATUS_SUCCESS
;
235 LdrpInitializeTlsForProccess(VOID
)
237 PLIST_ENTRY ModuleListHead
;
239 PLDR_DATA_TABLE_ENTRY Module
;
240 PIMAGE_TLS_DIRECTORY TlsDirectory
;
244 DPRINT("LdrpInitializeTlsForProccess() called for %wZ\n", &ExeModule
->BaseDllName
);
246 if (LdrpTlsCount
> 0)
248 LdrpTlsArray
= RtlAllocateHeap(RtlGetProcessHeap(),
250 LdrpTlsCount
* sizeof(TLS_DATA
));
251 if (LdrpTlsArray
== NULL
)
253 DPRINT1("Failed to allocate global tls data\n");
254 return STATUS_NO_MEMORY
;
257 ModuleListHead
= &NtCurrentPeb()->Ldr
->InLoadOrderModuleList
;
258 Entry
= ModuleListHead
->Flink
;
259 while (Entry
!= ModuleListHead
)
261 Module
= CONTAINING_RECORD(Entry
, LDR_DATA_TABLE_ENTRY
, InLoadOrderLinks
);
262 if (Module
->LoadCount
== 0xFFFF &&
263 Module
->TlsIndex
!= 0xFFFF)
265 TlsDirectory
= (PIMAGE_TLS_DIRECTORY
)
266 RtlImageDirectoryEntryToData(Module
->DllBase
,
268 IMAGE_DIRECTORY_ENTRY_TLS
,
270 ASSERT(Module
->TlsIndex
< LdrpTlsCount
);
271 TlsData
= &LdrpTlsArray
[Module
->TlsIndex
];
272 TlsData
->StartAddressOfRawData
= (PVOID
)TlsDirectory
->StartAddressOfRawData
;
273 TlsData
->TlsDataSize
= TlsDirectory
->EndAddressOfRawData
- TlsDirectory
->StartAddressOfRawData
;
274 TlsData
->TlsZeroSize
= TlsDirectory
->SizeOfZeroFill
;
275 if (TlsDirectory
->AddressOfCallBacks
)
276 TlsData
->TlsAddressOfCallBacks
= (PIMAGE_TLS_CALLBACK
*)TlsDirectory
->AddressOfCallBacks
;
278 TlsData
->TlsAddressOfCallBacks
= NULL
;
279 TlsData
->Module
= Module
;
281 DbgPrint("TLS directory for %wZ\n", &Module
->BaseDllName
);
282 DbgPrint("StartAddressOfRawData: %x\n", TlsDirectory
->StartAddressOfRawData
);
283 DbgPrint("EndAddressOfRawData: %x\n", TlsDirectory
->EndAddressOfRawData
);
284 DbgPrint("SizeOfRawData: %d\n", TlsDirectory
->EndAddressOfRawData
- TlsDirectory
->StartAddressOfRawData
);
285 DbgPrint("AddressOfIndex: %x\n", TlsDirectory
->AddressOfIndex
);
286 DbgPrint("AddressOfCallBacks: %x\n", TlsDirectory
->AddressOfCallBacks
);
287 DbgPrint("SizeOfZeroFill: %d\n", TlsDirectory
->SizeOfZeroFill
);
288 DbgPrint("Characteristics: %x\n", TlsDirectory
->Characteristics
);
292 * Is this region allways writable ?
294 *(PULONG
)TlsDirectory
->AddressOfIndex
= Module
->TlsIndex
;
296 Entry
= Entry
->Flink
;
300 DPRINT("LdrpInitializeTlsForProccess() done\n");
301 return STATUS_SUCCESS
;
307 OBJECT_ATTRIBUTES ObjectAttributes
;
308 UNICODE_STRING LinkTarget
;
314 DPRINT("LdrpInitLoader() called for %wZ\n", &ExeModule
->BaseDllName
);
316 /* Get handle to the 'KnownDlls' directory */
317 RtlInitUnicodeString(&Name
,
319 InitializeObjectAttributes(&ObjectAttributes
,
321 OBJ_CASE_INSENSITIVE
,
324 Status
= NtOpenDirectoryObject(&LdrpKnownDllsDirHandle
,
325 DIRECTORY_QUERY
| DIRECTORY_TRAVERSE
,
327 if (!NT_SUCCESS(Status
))
329 DPRINT("NtOpenDirectoryObject() failed (Status %lx)\n", Status
);
330 LdrpKnownDllsDirHandle
= NULL
;
334 /* Allocate target name string */
335 LinkTarget
.Length
= 0;
336 LinkTarget
.MaximumLength
= MAX_PATH
* sizeof(WCHAR
);
337 LinkTarget
.Buffer
= RtlAllocateHeap(RtlGetProcessHeap(),
339 MAX_PATH
* sizeof(WCHAR
));
340 if (LinkTarget
.Buffer
== NULL
)
342 NtClose(LdrpKnownDllsDirHandle
);
343 LdrpKnownDllsDirHandle
= NULL
;
347 RtlInitUnicodeString(&Name
,
349 InitializeObjectAttributes(&ObjectAttributes
,
351 OBJ_CASE_INSENSITIVE
,
352 LdrpKnownDllsDirHandle
,
354 Status
= NtOpenSymbolicLinkObject(&LinkHandle
,
355 SYMBOLIC_LINK_ALL_ACCESS
,
357 if (!NT_SUCCESS(Status
))
359 RtlFreeUnicodeString(&LinkTarget
);
360 NtClose(LdrpKnownDllsDirHandle
);
361 LdrpKnownDllsDirHandle
= NULL
;
365 Status
= NtQuerySymbolicLinkObject(LinkHandle
,
369 if (!NT_SUCCESS(Status
))
371 RtlFreeUnicodeString(&LinkTarget
);
372 NtClose(LdrpKnownDllsDirHandle
);
373 LdrpKnownDllsDirHandle
= NULL
;
376 RtlCreateUnicodeString(&LdrpKnownDllPath
,
379 RtlFreeUnicodeString(&LinkTarget
);
381 DPRINT("LdrpInitLoader() done\n");
385 /***************************************************************************
390 * Adjusts the name of a dll to a fully qualified name.
393 * FullDllName: Pointer to caller supplied storage for the fully
394 * qualified dll name.
395 * DllName: Pointer to the dll name.
396 * BaseName: TRUE: Only the file name is passed to FullDllName
397 * FALSE: The full path is preserved in FullDllName
405 * A given path is not affected by the adjustment, but the file
407 * ntdll --> ntdll.dll
409 * ntdll.xyz --> ntdll.xyz
412 LdrAdjustDllName (PUNICODE_STRING FullDllName
,
413 PUNICODE_STRING DllName
,
416 WCHAR Buffer
[MAX_PATH
];
421 Length
= DllName
->Length
/ sizeof(WCHAR
);
425 /* get the base dll name */
426 Pointer
= DllName
->Buffer
+ Length
;
433 while (Pointer
>= DllName
->Buffer
&& *Pointer
!= L
'\\' && *Pointer
!= L
'/');
436 Length
= Extension
- Pointer
;
437 memmove (Buffer
, Pointer
, Length
* sizeof(WCHAR
));
438 Buffer
[Length
] = L
'\0';
442 /* get the full dll name */
443 memmove (Buffer
, DllName
->Buffer
, DllName
->Length
);
444 Buffer
[DllName
->Length
/ sizeof(WCHAR
)] = L
'\0';
447 /* Build the DLL's absolute name */
448 Extension
= wcsrchr (Buffer
, L
'.');
449 if ((Extension
!= NULL
) && (*Extension
== L
'.'))
451 /* with extension - remove dot if it's the last character */
452 if (Buffer
[Length
- 1] == L
'.')
458 /* name without extension - assume that it is .dll */
459 memmove (Buffer
+ Length
, L
".dll", 10);
462 RtlCreateUnicodeString(FullDllName
, Buffer
);
465 PLDR_DATA_TABLE_ENTRY
466 LdrAddModuleEntry(PVOID ImageBase
,
467 PIMAGE_NT_HEADERS NTHeaders
,
470 PLDR_DATA_TABLE_ENTRY Module
;
472 Module
= RtlAllocateHeap(RtlGetProcessHeap(), 0, sizeof (LDR_DATA_TABLE_ENTRY
));
474 memset(Module
, 0, sizeof(LDR_DATA_TABLE_ENTRY
));
475 Module
->DllBase
= (PVOID
)ImageBase
;
476 Module
->EntryPoint
= (PVOID
)NTHeaders
->OptionalHeader
.AddressOfEntryPoint
;
477 if (Module
->EntryPoint
!= 0)
478 Module
->EntryPoint
= (PVOID
)((ULONG_PTR
)Module
->EntryPoint
+ (ULONG_PTR
)Module
->DllBase
);
479 Module
->SizeOfImage
= LdrpGetResidentSize(NTHeaders
);
480 if (NtCurrentPeb()->Ldr
->Initialized
== TRUE
)
482 /* loading while app is running */
483 Module
->LoadCount
= 1;
486 * loading while app is initializing
487 * dll must not be unloaded
489 Module
->LoadCount
= 0xFFFF;
493 Module
->TlsIndex
= -1;
494 Module
->CheckSum
= NTHeaders
->OptionalHeader
.CheckSum
;
495 Module
->TimeDateStamp
= NTHeaders
->FileHeader
.TimeDateStamp
;
497 RtlCreateUnicodeString (&Module
->FullDllName
,
499 RtlCreateUnicodeString (&Module
->BaseDllName
,
500 wcsrchr(FullDosName
, L
'\\') + 1);
501 DPRINT ("BaseDllName %wZ\n", &Module
->BaseDllName
);
503 RtlEnterCriticalSection (NtCurrentPeb()->LoaderLock
);
504 InsertTailList(&NtCurrentPeb()->Ldr
->InLoadOrderModuleList
,
505 &Module
->InLoadOrderLinks
);
506 RtlLeaveCriticalSection(NtCurrentPeb()->LoaderLock
);
513 LdrpMapKnownDll(IN PUNICODE_STRING DllName
,
514 OUT PUNICODE_STRING FullDosName
,
515 OUT PHANDLE SectionHandle
)
517 OBJECT_ATTRIBUTES ObjectAttributes
;
520 DPRINT("LdrpMapKnownDll() called\n");
522 if (LdrpKnownDllsDirHandle
== NULL
)
524 DPRINT("Invalid 'KnownDlls' directory\n");
525 return STATUS_UNSUCCESSFUL
;
528 DPRINT("LdrpKnownDllPath '%wZ'\n", &LdrpKnownDllPath
);
530 InitializeObjectAttributes(&ObjectAttributes
,
532 OBJ_CASE_INSENSITIVE
,
533 LdrpKnownDllsDirHandle
,
535 Status
= NtOpenSection(SectionHandle
,
536 SECTION_MAP_READ
| SECTION_MAP_WRITE
| SECTION_MAP_EXECUTE
,
538 if (!NT_SUCCESS(Status
))
540 DPRINT("NtOpenSection() failed for '%wZ' (Status 0x%08lx)\n", DllName
, Status
);
544 FullDosName
->Length
= LdrpKnownDllPath
.Length
+ DllName
->Length
+ sizeof(WCHAR
);
545 FullDosName
->MaximumLength
= FullDosName
->Length
+ sizeof(WCHAR
);
546 FullDosName
->Buffer
= RtlAllocateHeap(RtlGetProcessHeap(),
548 FullDosName
->MaximumLength
);
549 if (FullDosName
->Buffer
== NULL
)
551 FullDosName
->Length
= 0;
552 FullDosName
->MaximumLength
= 0;
553 return STATUS_SUCCESS
;
556 wcscpy(FullDosName
->Buffer
, LdrpKnownDllPath
.Buffer
);
557 wcscat(FullDosName
->Buffer
, L
"\\");
558 wcscat(FullDosName
->Buffer
, DllName
->Buffer
);
560 DPRINT("FullDosName '%wZ'\n", FullDosName
);
562 DPRINT("LdrpMapKnownDll() done\n");
564 return STATUS_SUCCESS
;
569 LdrpMapDllImageFile(IN PWSTR SearchPath OPTIONAL
,
570 IN PUNICODE_STRING DllName
,
571 OUT PUNICODE_STRING FullDosName
,
572 IN BOOLEAN MapAsDataFile
,
573 OUT PHANDLE SectionHandle
)
575 WCHAR SearchPathBuffer
[MAX_PATH
];
576 WCHAR DosName
[MAX_PATH
];
577 UNICODE_STRING FullNtFileName
;
578 OBJECT_ATTRIBUTES FileObjectAttributes
;
580 char BlockBuffer
[1024];
581 PIMAGE_DOS_HEADER DosHeader
;
582 PIMAGE_NT_HEADERS NTHeaders
;
583 IO_STATUS_BLOCK IoStatusBlock
;
587 DPRINT("LdrpMapDllImageFile() called\n");
589 if (SearchPath
== NULL
)
591 /* get application running path */
593 wcscpy (SearchPathBuffer
, NtCurrentPeb()->ProcessParameters
->ImagePathName
.Buffer
);
595 len
= wcslen (SearchPathBuffer
);
597 while (len
&& SearchPathBuffer
[len
- 1] != L
'\\')
600 if (len
) SearchPathBuffer
[len
-1] = L
'\0';
602 wcscat (SearchPathBuffer
, L
";");
604 wcscat (SearchPathBuffer
, SharedUserData
->NtSystemRoot
);
605 wcscat (SearchPathBuffer
, L
"\\system32;");
606 wcscat (SearchPathBuffer
, SharedUserData
->NtSystemRoot
);
607 wcscat (SearchPathBuffer
, L
";.");
609 SearchPath
= SearchPathBuffer
;
612 if (RtlDosSearchPath_U (SearchPath
,
618 return STATUS_DLL_NOT_FOUND
;
620 if (!RtlDosPathNameToNtPathName_U (DosName
,
624 return STATUS_DLL_NOT_FOUND
;
626 DPRINT("FullNtFileName %wZ\n", &FullNtFileName
);
628 InitializeObjectAttributes(&FileObjectAttributes
,
634 DPRINT("Opening dll \"%wZ\"\n", &FullNtFileName
);
636 Status
= NtOpenFile(&FileHandle
,
637 GENERIC_READ
|SYNCHRONIZE
,
638 &FileObjectAttributes
,
641 FILE_SYNCHRONOUS_IO_NONALERT
);
642 if (!NT_SUCCESS(Status
))
644 DPRINT1("Dll open of %wZ failed: Status = 0x%08lx\n",
645 &FullNtFileName
, Status
);
646 RtlFreeHeap (RtlGetProcessHeap (),
648 FullNtFileName
.Buffer
);
651 RtlFreeHeap (RtlGetProcessHeap (),
653 FullNtFileName
.Buffer
);
658 Status
= NtReadFile(FileHandle
,
667 if (!NT_SUCCESS(Status
))
669 DPRINT("Dll header read failed: Status = 0x%08lx\n", Status
);
675 * Overlay DOS and NT headers structures to the
676 * buffer with DLL's header raw data.
678 DosHeader
= (PIMAGE_DOS_HEADER
) BlockBuffer
;
679 NTHeaders
= (PIMAGE_NT_HEADERS
) (BlockBuffer
+ DosHeader
->e_lfanew
);
681 * Check it is a PE image file.
683 if ((DosHeader
->e_magic
!= IMAGE_DOS_SIGNATURE
)
684 || (DosHeader
->e_lfanew
== 0L)
685 || (*(PULONG
)(NTHeaders
) != IMAGE_NT_SIGNATURE
))
687 DPRINT("NTDLL format invalid\n");
690 return STATUS_UNSUCCESSFUL
;
695 * Create a section for dll.
697 Status
= NtCreateSection(SectionHandle
,
702 MapAsDataFile
? SEC_COMMIT
: SEC_IMAGE
,
706 if (!NT_SUCCESS(Status
))
708 DPRINT("NTDLL create section failed: Status = 0x%08lx\n", Status
);
712 RtlCreateUnicodeString(FullDosName
,
720 /***************************************************************************
737 LdrLoadDll (IN PWSTR SearchPath OPTIONAL
,
738 IN PULONG LoadFlags OPTIONAL
,
739 IN PUNICODE_STRING Name
,
740 OUT PVOID
*BaseAddress
/* also known as HMODULE*, and PHANDLE 'DllHandle' */)
743 PLDR_DATA_TABLE_ENTRY Module
;
745 PPEB Peb
= NtCurrentPeb();
747 TRACE_LDR("LdrLoadDll, loading %wZ%s%S\n",
749 SearchPath
? L
" from " : L
"",
750 SearchPath
? SearchPath
: L
"");
752 Status
= LdrpLoadModule(SearchPath
, LoadFlags
? *LoadFlags
: 0, Name
, &Module
, BaseAddress
);
754 if (NT_SUCCESS(Status
) &&
755 (!LoadFlags
|| 0 == (*LoadFlags
& LOAD_LIBRARY_AS_DATAFILE
)))
757 if (!(Module
->Flags
& LDRP_PROCESS_ATTACH_CALLED
))
759 RtlEnterCriticalSection(Peb
->LoaderLock
);
760 Status
= LdrpAttachProcess();
761 RtlLeaveCriticalSection(Peb
->LoaderLock
);
765 if ((!Module
) && (NT_SUCCESS(Status
)))
768 *BaseAddress
= NT_SUCCESS(Status
) ? Module
->DllBase
: NULL
;
774 /***************************************************************************
776 * LdrFindEntryForAddress
791 LdrFindEntryForAddress(PVOID Address
,
792 PLDR_DATA_TABLE_ENTRY
*Module
)
794 PLIST_ENTRY ModuleListHead
;
796 PLDR_DATA_TABLE_ENTRY ModulePtr
;
798 DPRINT("LdrFindEntryForAddress(Address %p)\n", Address
);
800 if (NtCurrentPeb()->Ldr
== NULL
)
801 return(STATUS_NO_MORE_ENTRIES
);
803 RtlEnterCriticalSection(NtCurrentPeb()->LoaderLock
);
804 ModuleListHead
= &NtCurrentPeb()->Ldr
->InLoadOrderModuleList
;
805 Entry
= ModuleListHead
->Flink
;
806 if (Entry
== ModuleListHead
)
808 RtlLeaveCriticalSection(NtCurrentPeb()->LoaderLock
);
809 return(STATUS_NO_MORE_ENTRIES
);
812 while (Entry
!= ModuleListHead
)
814 ModulePtr
= CONTAINING_RECORD(Entry
, LDR_DATA_TABLE_ENTRY
, InLoadOrderLinks
);
816 DPRINT("Scanning %wZ at %p\n", &ModulePtr
->BaseDllName
, ModulePtr
->DllBase
);
818 if ((Address
>= ModulePtr
->DllBase
) &&
819 ((ULONG_PTR
)Address
<= ((ULONG_PTR
)ModulePtr
->DllBase
+ ModulePtr
->SizeOfImage
)))
822 RtlLeaveCriticalSection(NtCurrentPeb()->LoaderLock
);
823 return(STATUS_SUCCESS
);
826 Entry
= Entry
->Flink
;
829 DPRINT("Failed to find module entry.\n");
831 RtlLeaveCriticalSection(NtCurrentPeb()->LoaderLock
);
832 return(STATUS_NO_MORE_ENTRIES
);
836 /***************************************************************************
838 * LdrFindEntryForName
852 LdrFindEntryForName(PUNICODE_STRING Name
,
853 PLDR_DATA_TABLE_ENTRY
*Module
,
856 PLIST_ENTRY ModuleListHead
;
858 PLDR_DATA_TABLE_ENTRY ModulePtr
;
859 BOOLEAN ContainsPath
;
860 UNICODE_STRING AdjustedName
;
862 DPRINT("LdrFindEntryForName(Name %wZ)\n", Name
);
864 if (NtCurrentPeb()->Ldr
== NULL
)
865 return(STATUS_NO_MORE_ENTRIES
);
867 RtlEnterCriticalSection(NtCurrentPeb()->LoaderLock
);
868 ModuleListHead
= &NtCurrentPeb()->Ldr
->InLoadOrderModuleList
;
869 Entry
= ModuleListHead
->Flink
;
870 if (Entry
== ModuleListHead
)
872 RtlLeaveCriticalSection(NtCurrentPeb()->LoaderLock
);
873 return(STATUS_NO_MORE_ENTRIES
);
876 // NULL is the current process
880 RtlLeaveCriticalSection(NtCurrentPeb()->LoaderLock
);
881 return(STATUS_SUCCESS
);
884 ContainsPath
= (Name
->Length
>= 2 * sizeof(WCHAR
) && L
':' == Name
->Buffer
[1]);
885 LdrAdjustDllName (&AdjustedName
, Name
, !ContainsPath
);
889 if ((! ContainsPath
&&
890 0 == RtlCompareUnicodeString(&LdrpLastModule
->BaseDllName
, &AdjustedName
, TRUE
)) ||
892 0 == RtlCompareUnicodeString(&LdrpLastModule
->FullDllName
, &AdjustedName
, TRUE
)))
894 *Module
= LdrpLastModule
;
895 if (Ref
&& (*Module
)->LoadCount
!= 0xFFFF)
897 (*Module
)->LoadCount
++;
899 RtlLeaveCriticalSection(NtCurrentPeb()->LoaderLock
);
900 RtlFreeUnicodeString(&AdjustedName
);
901 return(STATUS_SUCCESS
);
904 while (Entry
!= ModuleListHead
)
906 ModulePtr
= CONTAINING_RECORD(Entry
, LDR_DATA_TABLE_ENTRY
, InLoadOrderLinks
);
908 DPRINT("Scanning %wZ %wZ\n", &ModulePtr
->BaseDllName
, &AdjustedName
);
910 if ((! ContainsPath
&&
911 0 == RtlCompareUnicodeString(&ModulePtr
->BaseDllName
, &AdjustedName
, TRUE
)) ||
913 0 == RtlCompareUnicodeString(&ModulePtr
->FullDllName
, &AdjustedName
, TRUE
)))
915 *Module
= LdrpLastModule
= ModulePtr
;
916 if (Ref
&& ModulePtr
->LoadCount
!= 0xFFFF)
918 ModulePtr
->LoadCount
++;
920 RtlLeaveCriticalSection(NtCurrentPeb()->LoaderLock
);
921 RtlFreeUnicodeString(&AdjustedName
);
922 return(STATUS_SUCCESS
);
925 Entry
= Entry
->Flink
;
928 DPRINT("Failed to find dll %wZ\n", Name
);
929 RtlLeaveCriticalSection(NtCurrentPeb()->LoaderLock
);
930 RtlFreeUnicodeString(&AdjustedName
);
931 return(STATUS_NO_MORE_ENTRIES
);
934 /**********************************************************************
950 LdrFixupForward(PCHAR ForwardName
)
952 CHAR NameBuffer
[128];
953 UNICODE_STRING DllName
;
956 PLDR_DATA_TABLE_ENTRY Module
;
959 strcpy(NameBuffer
, ForwardName
);
960 p
= strchr(NameBuffer
, '.');
965 DPRINT("Dll: %s Function: %s\n", NameBuffer
, p
+1);
966 RtlCreateUnicodeStringFromAsciiz (&DllName
,
969 Status
= LdrFindEntryForName (&DllName
, &Module
, FALSE
);
971 * The caller (or the image) is responsible for loading of the dll, where the function is forwarded.
973 if (!NT_SUCCESS(Status
))
975 ULONG Flags
= LDRP_PROCESS_CREATION_TIME
;
976 Status
= LdrLoadDll(NULL
,
980 if (NT_SUCCESS(Status
))
982 Status
= LdrFindEntryForName (&DllName
, &Module
, FALSE
);
985 RtlFreeUnicodeString (&DllName
);
986 if (!NT_SUCCESS(Status
))
988 DPRINT1("LdrFixupForward: failed to load %s\n", NameBuffer
);
992 DPRINT("BaseAddress: %p\n", Module
->DllBase
);
994 return LdrGetExportByName(Module
->DllBase
, (PUCHAR
)(p
+1), -1);
1001 /**********************************************************************
1003 * LdrGetExportByOrdinal
1017 LdrGetExportByOrdinal (
1022 PIMAGE_EXPORT_DIRECTORY ExportDir
;
1023 ULONG ExportDirSize
;
1024 PDWORD
* ExFunctions
;
1027 ExportDir
= (PIMAGE_EXPORT_DIRECTORY
)
1028 RtlImageDirectoryEntryToData (BaseAddress
,
1030 IMAGE_DIRECTORY_ENTRY_EXPORT
,
1034 ExFunctions
= (PDWORD
*)
1037 ExportDir
->AddressOfFunctions
1040 "LdrGetExportByOrdinal(Ordinal %lu) = %p\n",
1042 RVA(BaseAddress
, ExFunctions
[Ordinal
- ExportDir
->Base
] )
1045 Function
= (0 != ExFunctions
[Ordinal
- ExportDir
->Base
]
1046 ? RVA(BaseAddress
, ExFunctions
[Ordinal
- ExportDir
->Base
] )
1049 if (((ULONG
)Function
>= (ULONG
)ExportDir
) &&
1050 ((ULONG
)Function
< (ULONG
)ExportDir
+ (ULONG
)ExportDirSize
))
1052 DPRINT("Forward: %s\n", (PCHAR
)Function
);
1053 Function
= LdrFixupForward((PCHAR
)Function
);
1060 /**********************************************************************
1062 * LdrGetExportByName
1073 * AddressOfNames and AddressOfNameOrdinals are paralell tables,
1074 * both with NumberOfNames entries.
1078 LdrGetExportByName(PVOID BaseAddress
,
1082 PIMAGE_EXPORT_DIRECTORY ExportDir
;
1083 PDWORD
* ExFunctions
;
1085 USHORT
* ExOrdinals
;
1090 ULONG ExportDirSize
;
1092 DPRINT("LdrGetExportByName %p %s %hu\n", BaseAddress
, SymbolName
, Hint
);
1094 ExportDir
= (PIMAGE_EXPORT_DIRECTORY
)
1095 RtlImageDirectoryEntryToData(BaseAddress
,
1097 IMAGE_DIRECTORY_ENTRY_EXPORT
,
1099 if (ExportDir
== NULL
)
1101 DPRINT1("LdrGetExportByName(): no export directory, "
1102 "can't lookup %s/%hu!\n", SymbolName
, Hint
);
1107 //The symbol names may be missing entirely
1108 if (ExportDir
->AddressOfNames
== 0)
1110 DPRINT("LdrGetExportByName(): symbol names missing entirely\n");
1115 * Get header pointers
1117 ExNames
= (PDWORD
*)RVA(BaseAddress
,
1118 ExportDir
->AddressOfNames
);
1119 ExOrdinals
= (USHORT
*)RVA(BaseAddress
,
1120 ExportDir
->AddressOfNameOrdinals
);
1121 ExFunctions
= (PDWORD
*)RVA(BaseAddress
,
1122 ExportDir
->AddressOfFunctions
);
1125 * Check the hint first
1127 if (Hint
< ExportDir
->NumberOfNames
)
1129 ExName
= RVA(BaseAddress
, ExNames
[Hint
]);
1130 if (strcmp(ExName
, (PCHAR
)SymbolName
) == 0)
1132 Ordinal
= ExOrdinals
[Hint
];
1133 Function
= RVA(BaseAddress
, ExFunctions
[Ordinal
]);
1134 if (((ULONG
)Function
>= (ULONG
)ExportDir
) &&
1135 ((ULONG
)Function
< (ULONG
)ExportDir
+ (ULONG
)ExportDirSize
))
1137 DPRINT("Forward: %s\n", (PCHAR
)Function
);
1138 Function
= LdrFixupForward((PCHAR
)Function
);
1139 if (Function
== NULL
)
1141 DPRINT1("LdrGetExportByName(): failed to find %s\n",SymbolName
);
1145 if (Function
!= NULL
)
1154 maxn
= ExportDir
->NumberOfNames
- 1;
1155 while (minn
<= maxn
)
1160 mid
= (minn
+ maxn
) / 2;
1162 ExName
= RVA(BaseAddress
, ExNames
[mid
]);
1163 res
= strcmp(ExName
, (PCHAR
)SymbolName
);
1166 Ordinal
= ExOrdinals
[mid
];
1167 Function
= RVA(BaseAddress
, ExFunctions
[Ordinal
]);
1168 if (((ULONG
)Function
>= (ULONG
)ExportDir
) &&
1169 ((ULONG
)Function
< (ULONG
)ExportDir
+ (ULONG
)ExportDirSize
))
1171 DPRINT("Forward: %s\n", (PCHAR
)Function
);
1172 Function
= LdrFixupForward((PCHAR
)Function
);
1173 if (Function
== NULL
)
1175 DPRINT1("LdrGetExportByName(): failed to find %s\n",SymbolName
);
1179 if (Function
!= NULL
)
1182 else if (minn
== maxn
)
1184 DPRINT("LdrGetExportByName(): binary search failed\n");
1197 DPRINT("LdrGetExportByName(): failed to find %s\n",SymbolName
);
1202 /**********************************************************************
1204 * LdrPerformRelocations
1207 * Relocate a DLL's memory image.
1219 LdrPerformRelocations(PIMAGE_NT_HEADERS NTHeaders
,
1222 PIMAGE_DATA_DIRECTORY RelocationDDir
;
1223 PIMAGE_BASE_RELOCATION RelocationDir
, RelocationEnd
;
1224 ULONG Count
, ProtectSize
, OldProtect
, OldProtect2
;
1225 PVOID Page
, ProtectPage
, ProtectPage2
;
1230 if (NTHeaders
->FileHeader
.Characteristics
& IMAGE_FILE_RELOCS_STRIPPED
)
1232 return STATUS_SUCCESS
;
1236 &NTHeaders
->OptionalHeader
.DataDirectory
[IMAGE_DIRECTORY_ENTRY_BASERELOC
];
1238 if (RelocationDDir
->VirtualAddress
== 0 || RelocationDDir
->Size
== 0)
1240 return STATUS_SUCCESS
;
1243 ProtectSize
= PAGE_SIZE
;
1244 Delta
= (ULONG_PTR
)ImageBase
- NTHeaders
->OptionalHeader
.ImageBase
;
1245 RelocationDir
= (PIMAGE_BASE_RELOCATION
)((ULONG_PTR
)ImageBase
+
1246 RelocationDDir
->VirtualAddress
);
1247 RelocationEnd
= (PIMAGE_BASE_RELOCATION
)((ULONG_PTR
)ImageBase
+
1248 RelocationDDir
->VirtualAddress
+ RelocationDDir
->Size
);
1250 while (RelocationDir
< RelocationEnd
&&
1251 RelocationDir
->SizeOfBlock
> 0)
1253 Count
= (RelocationDir
->SizeOfBlock
- sizeof(IMAGE_BASE_RELOCATION
)) /
1255 Page
= (PVOID
)((ULONG_PTR
)ImageBase
+ (ULONG_PTR
)RelocationDir
->VirtualAddress
);
1256 TypeOffset
= (PUSHORT
)(RelocationDir
+ 1);
1258 /* Unprotect the page(s) we're about to relocate. */
1260 Status
= NtProtectVirtualMemory(NtCurrentProcess(),
1265 if (!NT_SUCCESS(Status
))
1267 DPRINT1("Failed to unprotect relocation target.\n");
1271 if (RelocationDir
->VirtualAddress
+ PAGE_SIZE
<
1272 NTHeaders
->OptionalHeader
.SizeOfImage
)
1274 ProtectPage2
= (PVOID
)((ULONG_PTR
)ProtectPage
+ PAGE_SIZE
);
1275 Status
= NtProtectVirtualMemory(NtCurrentProcess(),
1280 if (!NT_SUCCESS(Status
))
1282 DPRINT1("Failed to unprotect relocation target (2).\n");
1283 NtProtectVirtualMemory(NtCurrentProcess(),
1293 ProtectPage2
= NULL
;
1296 RelocationDir
= LdrProcessRelocationBlock((ULONG_PTR
)Page
,
1300 if (RelocationDir
== NULL
)
1301 return STATUS_UNSUCCESSFUL
;
1303 /* Restore old page protection. */
1304 NtProtectVirtualMemory(NtCurrentProcess(),
1310 if (ProtectPage2
!= NULL
)
1312 NtProtectVirtualMemory(NtCurrentProcess(),
1320 return STATUS_SUCCESS
;
1324 LdrpGetOrLoadModule(PWCHAR SearchPath
,
1326 PLDR_DATA_TABLE_ENTRY
* Module
,
1329 ANSI_STRING AnsiDllName
;
1330 UNICODE_STRING DllName
;
1333 DPRINT("LdrpGetOrLoadModule() called for %s\n", Name
);
1335 RtlInitAnsiString(&AnsiDllName
, Name
);
1336 Status
= RtlAnsiStringToUnicodeString(&DllName
, &AnsiDllName
, TRUE
);
1337 if (!NT_SUCCESS(Status
))
1342 Status
= LdrFindEntryForName (&DllName
, Module
, Load
);
1343 if (Load
&& !NT_SUCCESS(Status
))
1345 Status
= LdrpLoadModule(SearchPath
,
1346 NtCurrentPeb()->Ldr
->Initialized
? 0 : LDRP_PROCESS_CREATION_TIME
,
1350 if (NT_SUCCESS(Status
))
1352 Status
= LdrFindEntryForName (&DllName
, Module
, FALSE
);
1354 if (!NT_SUCCESS(Status
))
1356 ULONG ErrorResponse
;
1357 ULONG_PTR ErrorParameter
= (ULONG_PTR
)&DllName
;
1359 DPRINT1("failed to load %wZ\n", &DllName
);
1360 NtRaiseHardError(STATUS_DLL_NOT_FOUND
,
1368 RtlFreeUnicodeString (&DllName
);
1373 RtlpRaiseImportNotFound(CHAR
*FuncName
, ULONG Ordinal
, PUNICODE_STRING DllName
)
1375 ULONG ErrorResponse
;
1376 ULONG_PTR ErrorParameters
[2];
1377 ANSI_STRING ProcNameAnsi
;
1378 UNICODE_STRING ProcName
;
1383 _snprintf(Buffer
, 8, "# %ld", Ordinal
);
1387 RtlInitAnsiString(&ProcNameAnsi
, FuncName
);
1388 RtlAnsiStringToUnicodeString(&ProcName
, &ProcNameAnsi
, TRUE
);
1389 ErrorParameters
[0] = (ULONG_PTR
)&ProcName
;
1390 ErrorParameters
[1] = (ULONG_PTR
)DllName
;
1391 NtRaiseHardError(STATUS_ENTRYPOINT_NOT_FOUND
,
1397 RtlFreeUnicodeString(&ProcName
);
1401 LdrpProcessImportDirectoryEntry(PLDR_DATA_TABLE_ENTRY Module
,
1402 PLDR_DATA_TABLE_ENTRY ImportedModule
,
1403 PIMAGE_IMPORT_DESCRIPTOR ImportModuleDirectory
)
1406 PVOID
* ImportAddressList
;
1407 PULONG FunctionNameList
;
1413 if (ImportModuleDirectory
== NULL
|| ImportModuleDirectory
->Name
== 0)
1415 return STATUS_UNSUCCESSFUL
;
1418 /* Get the import address list. */
1419 ImportAddressList
= (PVOID
*)((ULONG_PTR
)Module
->DllBase
+ (ULONG_PTR
)ImportModuleDirectory
->FirstThunk
);
1421 /* Get the list of functions to import. */
1422 if (ImportModuleDirectory
->OriginalFirstThunk
!= 0)
1424 FunctionNameList
= (PULONG
) ((ULONG_PTR
)Module
->DllBase
+ (ULONG_PTR
)ImportModuleDirectory
->OriginalFirstThunk
);
1428 FunctionNameList
= (PULONG
)((ULONG_PTR
)Module
->DllBase
+ (ULONG_PTR
)ImportModuleDirectory
->FirstThunk
);
1431 /* Get the size of IAT. */
1433 while (FunctionNameList
[IATSize
] != 0L)
1438 /* Unprotect the region we are about to write into. */
1439 IATBase
= (PVOID
)ImportAddressList
;
1440 IATSize
*= sizeof(PVOID
*);
1441 Status
= NtProtectVirtualMemory(NtCurrentProcess(),
1446 if (!NT_SUCCESS(Status
))
1448 DPRINT1("Failed to unprotect IAT.\n");
1452 /* Walk through function list and fixup addresses. */
1453 while (*FunctionNameList
!= 0L)
1455 if ((*FunctionNameList
) & 0x80000000)
1457 Ordinal
= (*FunctionNameList
) & 0x7fffffff;
1458 *ImportAddressList
= LdrGetExportByOrdinal(ImportedModule
->DllBase
, Ordinal
);
1459 if ((*ImportAddressList
) == NULL
)
1461 DPRINT1("Failed to import #%ld from %wZ\n", Ordinal
, &ImportedModule
->FullDllName
);
1462 RtlpRaiseImportNotFound(NULL
, Ordinal
, &ImportedModule
->FullDllName
);
1463 return STATUS_ENTRYPOINT_NOT_FOUND
;
1468 IMAGE_IMPORT_BY_NAME
*pe_name
;
1469 pe_name
= RVA(Module
->DllBase
, *FunctionNameList
);
1470 *ImportAddressList
= LdrGetExportByName(ImportedModule
->DllBase
, pe_name
->Name
, pe_name
->Hint
);
1471 if ((*ImportAddressList
) == NULL
)
1473 DPRINT1("Failed to import %s from %wZ\n", pe_name
->Name
, &ImportedModule
->FullDllName
);
1474 RtlpRaiseImportNotFound((CHAR
*)pe_name
->Name
, 0, &ImportedModule
->FullDllName
);
1475 return STATUS_ENTRYPOINT_NOT_FOUND
;
1478 ImportAddressList
++;
1482 /* Protect the region we are about to write into. */
1483 Status
= NtProtectVirtualMemory(NtCurrentProcess(),
1488 if (!NT_SUCCESS(Status
))
1490 DPRINT1("Failed to protect IAT.\n");
1494 return STATUS_SUCCESS
;
1498 LdrpProcessImportDirectory(
1499 PLDR_DATA_TABLE_ENTRY Module
,
1500 PLDR_DATA_TABLE_ENTRY ImportedModule
,
1504 PIMAGE_IMPORT_DESCRIPTOR ImportModuleDirectory
;
1508 DPRINT("LdrpProcessImportDirectory(%p '%wZ', '%s')\n",
1509 Module
, &Module
->BaseDllName
, ImportedName
);
1512 ImportModuleDirectory
= (PIMAGE_IMPORT_DESCRIPTOR
)
1513 RtlImageDirectoryEntryToData(Module
->DllBase
,
1515 IMAGE_DIRECTORY_ENTRY_IMPORT
,
1517 if (ImportModuleDirectory
== NULL
)
1519 return STATUS_UNSUCCESSFUL
;
1522 while (ImportModuleDirectory
->Name
)
1524 Name
= (PCHAR
)Module
->DllBase
+ ImportModuleDirectory
->Name
;
1525 if (0 == _stricmp(Name
, ImportedName
))
1527 Status
= LdrpProcessImportDirectoryEntry(Module
,
1529 ImportModuleDirectory
);
1530 if (!NT_SUCCESS(Status
))
1535 ImportModuleDirectory
++;
1539 return STATUS_SUCCESS
;
1544 LdrpAdjustImportDirectory(PLDR_DATA_TABLE_ENTRY Module
,
1545 PLDR_DATA_TABLE_ENTRY ImportedModule
,
1548 PIMAGE_IMPORT_DESCRIPTOR ImportModuleDirectory
;
1550 PVOID
* ImportAddressList
;
1553 PULONG FunctionNameList
;
1558 PIMAGE_NT_HEADERS NTHeaders
;
1562 DPRINT("LdrpAdjustImportDirectory(Module %p '%wZ', %p '%wZ', '%s')\n",
1563 Module
, &Module
->BaseDllName
, ImportedModule
, &ImportedModule
->BaseDllName
, ImportedName
);
1565 ImportModuleDirectory
= (PIMAGE_IMPORT_DESCRIPTOR
)
1566 RtlImageDirectoryEntryToData(Module
->DllBase
,
1568 IMAGE_DIRECTORY_ENTRY_IMPORT
,
1570 if (ImportModuleDirectory
== NULL
)
1572 return STATUS_UNSUCCESSFUL
;
1575 while (ImportModuleDirectory
->Name
)
1577 Name
= (PCHAR
)Module
->DllBase
+ ImportModuleDirectory
->Name
;
1578 if (0 == _stricmp(Name
, (PCHAR
)ImportedName
))
1581 /* Get the import address list. */
1582 ImportAddressList
= (PVOID
*)((ULONG_PTR
)Module
->DllBase
+ (ULONG_PTR
)ImportModuleDirectory
->FirstThunk
);
1584 /* Get the list of functions to import. */
1585 if (ImportModuleDirectory
->OriginalFirstThunk
!= 0)
1587 FunctionNameList
= (PULONG
) ((ULONG_PTR
)Module
->DllBase
+ (ULONG_PTR
)ImportModuleDirectory
->OriginalFirstThunk
);
1591 FunctionNameList
= (PULONG
)((ULONG_PTR
)Module
->DllBase
+ (ULONG_PTR
)ImportModuleDirectory
->FirstThunk
);
1594 /* Get the size of IAT. */
1596 while (FunctionNameList
[IATSize
] != 0L)
1601 /* Unprotect the region we are about to write into. */
1602 IATBase
= (PVOID
)ImportAddressList
;
1603 IATSize
*= sizeof(PVOID
*);
1604 Status
= NtProtectVirtualMemory(NtCurrentProcess(),
1609 if (!NT_SUCCESS(Status
))
1611 DPRINT1("Failed to unprotect IAT.\n");
1615 NTHeaders
= RtlImageNtHeader (ImportedModule
->DllBase
);
1616 Start
= (PVOID
)NTHeaders
->OptionalHeader
.ImageBase
;
1617 End
= (PVOID
)((ULONG_PTR
)Start
+ ImportedModule
->SizeOfImage
);
1618 Offset
= (ULONG
)((ULONG_PTR
)ImportedModule
->DllBase
- (ULONG_PTR
)Start
);
1620 /* Walk through function list and fixup addresses. */
1621 while (*FunctionNameList
!= 0L)
1623 if (*ImportAddressList
>= Start
&& *ImportAddressList
< End
)
1625 (*ImportAddressList
) = (PVOID
)((ULONG_PTR
)(*ImportAddressList
) + Offset
);
1627 ImportAddressList
++;
1631 /* Protect the region we are about to write into. */
1632 Status
= NtProtectVirtualMemory(NtCurrentProcess(),
1637 if (!NT_SUCCESS(Status
))
1639 DPRINT1("Failed to protect IAT.\n");
1643 ImportModuleDirectory
++;
1645 return STATUS_SUCCESS
;
1649 /**********************************************************************
1654 * Compute the entry point for every symbol the DLL imports
1655 * from other modules.
1667 LdrFixupImports(IN PWSTR SearchPath OPTIONAL
,
1668 IN PLDR_DATA_TABLE_ENTRY Module
)
1670 PIMAGE_IMPORT_DESCRIPTOR ImportModuleDirectory
;
1671 PIMAGE_IMPORT_DESCRIPTOR ImportModuleDirectoryCurrent
;
1672 PIMAGE_BOUND_IMPORT_DESCRIPTOR BoundImportDescriptor
;
1673 PIMAGE_BOUND_IMPORT_DESCRIPTOR BoundImportDescriptorCurrent
;
1674 PIMAGE_TLS_DIRECTORY TlsDirectory
;
1677 PLDR_DATA_TABLE_ENTRY ImportedModule
;
1681 DPRINT("LdrFixupImports(SearchPath %S, Module %p)\n", SearchPath
, Module
);
1683 /* Check for tls data */
1684 TlsDirectory
= (PIMAGE_TLS_DIRECTORY
)
1685 RtlImageDirectoryEntryToData(Module
->DllBase
,
1687 IMAGE_DIRECTORY_ENTRY_TLS
,
1691 TlsSize
= TlsDirectory
->EndAddressOfRawData
1692 - TlsDirectory
->StartAddressOfRawData
1693 + TlsDirectory
->SizeOfZeroFill
;
1695 if (TlsSize
> 0 && NtCurrentPeb()->Ldr
->Initialized
)
1697 TRACE_LDR("Trying to dynamically load %wZ which contains a TLS directory\n",
1698 &Module
->BaseDllName
);
1699 TlsDirectory
= NULL
;
1704 * Process each import module.
1706 ImportModuleDirectory
= (PIMAGE_IMPORT_DESCRIPTOR
)
1707 RtlImageDirectoryEntryToData(Module
->DllBase
,
1709 IMAGE_DIRECTORY_ENTRY_IMPORT
,
1712 BoundImportDescriptor
= (PIMAGE_BOUND_IMPORT_DESCRIPTOR
)
1713 RtlImageDirectoryEntryToData(Module
->DllBase
,
1715 IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT
,
1718 if (BoundImportDescriptor
!= NULL
&& ImportModuleDirectory
== NULL
)
1720 DPRINT1("%wZ has only a bound import directory\n", &Module
->BaseDllName
);
1721 return STATUS_UNSUCCESSFUL
;
1723 if (BoundImportDescriptor
)
1725 DPRINT("BoundImportDescriptor %p\n", BoundImportDescriptor
);
1727 BoundImportDescriptorCurrent
= BoundImportDescriptor
;
1728 while (BoundImportDescriptorCurrent
->OffsetModuleName
)
1730 ImportedName
= (PCHAR
)BoundImportDescriptor
+ BoundImportDescriptorCurrent
->OffsetModuleName
;
1731 TRACE_LDR("%wZ bound to %s\n", &Module
->BaseDllName
, ImportedName
);
1732 Status
= LdrpGetOrLoadModule(SearchPath
, ImportedName
, &ImportedModule
, TRUE
);
1733 if (!NT_SUCCESS(Status
))
1735 DPRINT1("failed to load %s\n", ImportedName
);
1738 if (Module
== ImportedModule
)
1740 LdrpDecrementLoadCount(Module
, FALSE
);
1742 if (ImportedModule
->TimeDateStamp
!= BoundImportDescriptorCurrent
->TimeDateStamp
)
1744 TRACE_LDR("%wZ has stale binding to %wZ\n",
1745 &Module
->BaseDllName
, &ImportedModule
->BaseDllName
);
1746 Status
= LdrpProcessImportDirectory(Module
, ImportedModule
, ImportedName
);
1747 if (!NT_SUCCESS(Status
))
1749 DPRINT1("failed to import %s\n", ImportedName
);
1755 BOOLEAN WrongForwarder
;
1756 WrongForwarder
= FALSE
;
1757 if (ImportedModule
->Flags
& LDRP_IMAGE_NOT_AT_BASE
)
1759 TRACE_LDR("%wZ has stale binding to %s\n",
1760 &Module
->BaseDllName
, ImportedName
);
1764 TRACE_LDR("%wZ has correct binding to %wZ\n",
1765 &Module
->BaseDllName
, &ImportedModule
->BaseDllName
);
1767 if (BoundImportDescriptorCurrent
->NumberOfModuleForwarderRefs
)
1769 PIMAGE_BOUND_FORWARDER_REF BoundForwarderRef
;
1771 PLDR_DATA_TABLE_ENTRY ForwarderModule
;
1772 PCHAR ForwarderName
;
1774 BoundForwarderRef
= (PIMAGE_BOUND_FORWARDER_REF
)(BoundImportDescriptorCurrent
+ 1);
1775 for (i
= 0; i
< BoundImportDescriptorCurrent
->NumberOfModuleForwarderRefs
; i
++, BoundForwarderRef
++)
1777 ForwarderName
= (PCHAR
)BoundImportDescriptor
+ BoundForwarderRef
->OffsetModuleName
;
1778 TRACE_LDR("%wZ bound to %s via forwardes from %s\n",
1779 &Module
->BaseDllName
, ForwarderName
, ImportedName
);
1780 Status
= LdrpGetOrLoadModule(SearchPath
, ForwarderName
, &ForwarderModule
, TRUE
);
1781 if (!NT_SUCCESS(Status
))
1783 DPRINT1("failed to load %s\n", ForwarderName
);
1786 if (Module
== ImportedModule
)
1788 LdrpDecrementLoadCount(Module
, FALSE
);
1790 if (ForwarderModule
->TimeDateStamp
!= BoundForwarderRef
->TimeDateStamp
||
1791 ForwarderModule
->Flags
& LDRP_IMAGE_NOT_AT_BASE
)
1793 TRACE_LDR("%wZ has stale binding to %s\n",
1794 &Module
->BaseDllName
, ForwarderName
);
1795 WrongForwarder
= TRUE
;
1799 TRACE_LDR("%wZ has correct binding to %s\n",
1800 &Module
->BaseDllName
, ForwarderName
);
1804 if (WrongForwarder
||
1805 ImportedModule
->Flags
& LDRP_IMAGE_NOT_AT_BASE
)
1807 Status
= LdrpProcessImportDirectory(Module
, ImportedModule
, ImportedName
);
1808 if (!NT_SUCCESS(Status
))
1810 DPRINT1("failed to import %s\n", ImportedName
);
1814 else if (ImportedModule
->Flags
& LDRP_IMAGE_NOT_AT_BASE
)
1816 TRACE_LDR("Adjust imports for %s from %wZ\n",
1817 ImportedName
, &Module
->BaseDllName
);
1818 Status
= LdrpAdjustImportDirectory(Module
, ImportedModule
, ImportedName
);
1819 if (!NT_SUCCESS(Status
))
1821 DPRINT1("failed to adjust import entries for %s\n", ImportedName
);
1825 else if (WrongForwarder
)
1829 * Update only forwarders
1831 TRACE_LDR("Stale BIND %s from %wZ\n",
1832 ImportedName
, &Module
->BaseDllName
);
1833 Status
= LdrpProcessImportDirectory(Module
, ImportedModule
, ImportedName
);
1834 if (!NT_SUCCESS(Status
))
1836 DPRINT1("faild to import %s\n", ImportedName
);
1845 BoundImportDescriptorCurrent
+= BoundImportDescriptorCurrent
->NumberOfModuleForwarderRefs
+ 1;
1848 else if (ImportModuleDirectory
)
1850 DPRINT("ImportModuleDirectory %p\n", ImportModuleDirectory
);
1852 ImportModuleDirectoryCurrent
= ImportModuleDirectory
;
1853 while (ImportModuleDirectoryCurrent
->Name
)
1855 ImportedName
= (PCHAR
)Module
->DllBase
+ ImportModuleDirectoryCurrent
->Name
;
1856 TRACE_LDR("%wZ imports functions from %s\n", &Module
->BaseDllName
, ImportedName
);
1858 Status
= LdrpGetOrLoadModule(SearchPath
, ImportedName
, &ImportedModule
, TRUE
);
1859 if (!NT_SUCCESS(Status
))
1861 DPRINT1("failed to load %s\n", ImportedName
);
1864 if (Module
== ImportedModule
)
1866 LdrpDecrementLoadCount(Module
, FALSE
);
1869 TRACE_LDR("Initializing imports for %wZ from %s\n",
1870 &Module
->BaseDllName
, ImportedName
);
1871 Status
= LdrpProcessImportDirectoryEntry(Module
, ImportedModule
, ImportModuleDirectoryCurrent
);
1872 if (!NT_SUCCESS(Status
))
1874 DPRINT1("failed to import %s\n", ImportedName
);
1877 ImportModuleDirectoryCurrent
++;
1881 if (TlsDirectory
&& TlsSize
> 0)
1883 LdrpAcquireTlsSlot(Module
, TlsSize
, FALSE
);
1886 return STATUS_SUCCESS
;
1890 /**********************************************************************
1895 * 1. Relocate, if needed the EXE.
1896 * 2. Fixup any imported symbol.
1897 * 3. Compute the EXE's entry point.
1901 * Address at which the EXE's image
1905 * Handle of the section that contains
1909 * NULL on error; otherwise the entry point
1910 * to call for initializing the DLL.
1915 * 04.01.2004 hb Previous this function was used for all images (dll + exe).
1916 * Currently the function is only used for the exe.
1918 PEPFUNC
LdrPEStartup (PVOID ImageBase
,
1919 HANDLE SectionHandle
,
1920 PLDR_DATA_TABLE_ENTRY
* Module
,
1924 PEPFUNC EntryPoint
= NULL
;
1925 PIMAGE_DOS_HEADER DosHeader
;
1926 PIMAGE_NT_HEADERS NTHeaders
;
1927 PLDR_DATA_TABLE_ENTRY tmpModule
;
1929 DPRINT("LdrPEStartup(ImageBase %p SectionHandle %p)\n",
1930 ImageBase
, SectionHandle
);
1933 * Overlay DOS and WNT headers structures
1934 * to the DLL's image.
1936 DosHeader
= (PIMAGE_DOS_HEADER
) ImageBase
;
1937 NTHeaders
= (PIMAGE_NT_HEADERS
) ((ULONG_PTR
)ImageBase
+ DosHeader
->e_lfanew
);
1940 * If the base address is different from the
1941 * one the DLL is actually loaded, perform any
1944 if (ImageBase
!= (PVOID
) NTHeaders
->OptionalHeader
.ImageBase
)
1946 DPRINT("LDR: Performing relocations\n");
1947 Status
= LdrPerformRelocations(NTHeaders
, ImageBase
);
1948 if (!NT_SUCCESS(Status
))
1950 DPRINT1("LdrPerformRelocations() failed\n");
1957 *Module
= LdrAddModuleEntry(ImageBase
, NTHeaders
, FullDosName
);
1958 (*Module
)->SectionPointer
= SectionHandle
;
1962 Module
= &tmpModule
;
1963 Status
= LdrFindEntryForAddress(ImageBase
, Module
);
1964 if (!NT_SUCCESS(Status
))
1970 if (ImageBase
!= (PVOID
) NTHeaders
->OptionalHeader
.ImageBase
)
1972 (*Module
)->Flags
|= LDRP_IMAGE_NOT_AT_BASE
;
1976 * If the DLL's imports symbols from other
1977 * modules, fixup the imported calls entry points.
1979 DPRINT("About to fixup imports\n");
1980 Status
= LdrFixupImports(NULL
, *Module
);
1981 if (!NT_SUCCESS(Status
))
1983 DPRINT1("LdrFixupImports() failed for %wZ\n", &(*Module
)->BaseDllName
);
1986 DPRINT("Fixup done\n");
1987 RtlEnterCriticalSection(NtCurrentPeb()->LoaderLock
);
1988 Status
= LdrpInitializeTlsForProccess();
1989 if (NT_SUCCESS(Status
))
1991 Status
= LdrpAttachProcess();
1993 if (NT_SUCCESS(Status
))
1995 LdrpTlsCallback(*Module
, DLL_PROCESS_ATTACH
);
1999 RtlLeaveCriticalSection(NtCurrentPeb()->LoaderLock
);
2000 if (!NT_SUCCESS(Status
))
2006 * Compute the DLL's entry point's address.
2008 DPRINT("ImageBase = %p\n", ImageBase
);
2009 DPRINT("AddressOfEntryPoint = 0x%lx\n",(ULONG
)NTHeaders
->OptionalHeader
.AddressOfEntryPoint
);
2010 if (NTHeaders
->OptionalHeader
.AddressOfEntryPoint
!= 0)
2012 EntryPoint
= (PEPFUNC
) ((ULONG_PTR
)ImageBase
2013 + NTHeaders
->OptionalHeader
.AddressOfEntryPoint
);
2015 DPRINT("LdrPEStartup() = %p\n",EntryPoint
);
2020 LdrpLoadModule(IN PWSTR SearchPath OPTIONAL
,
2022 IN PUNICODE_STRING Name
,
2023 PLDR_DATA_TABLE_ENTRY
*Module
,
2024 PVOID
*BaseAddress OPTIONAL
)
2026 UNICODE_STRING AdjustedName
;
2027 UNICODE_STRING FullDosName
;
2029 PLDR_DATA_TABLE_ENTRY tmpModule
;
2030 HANDLE SectionHandle
;
2033 PIMAGE_NT_HEADERS NtHeaders
;
2034 BOOLEAN MappedAsDataFile
;
2035 PVOID ArbitraryUserPointer
;
2039 Module
= &tmpModule
;
2041 /* adjust the full dll name */
2042 LdrAdjustDllName(&AdjustedName
, Name
, FALSE
);
2044 DPRINT("%wZ\n", &AdjustedName
);
2046 MappedAsDataFile
= FALSE
;
2047 /* Test if dll is already loaded */
2048 Status
= LdrFindEntryForName(&AdjustedName
, Module
, TRUE
);
2049 if (NT_SUCCESS(Status
))
2051 RtlFreeUnicodeString(&AdjustedName
);
2052 if (NULL
!= BaseAddress
)
2054 *BaseAddress
= (*Module
)->DllBase
;
2059 /* Open or create dll image section */
2060 Status
= LdrpMapKnownDll(&AdjustedName
, &FullDosName
, &SectionHandle
);
2061 if (!NT_SUCCESS(Status
))
2063 MappedAsDataFile
= (0 != (LoadFlags
& LOAD_LIBRARY_AS_DATAFILE
));
2064 Status
= LdrpMapDllImageFile(SearchPath
, &AdjustedName
, &FullDosName
,
2065 MappedAsDataFile
, &SectionHandle
);
2067 if (!NT_SUCCESS(Status
))
2069 DPRINT1("Failed to create or open dll section of '%wZ' (Status %lx)\n", &AdjustedName
, Status
);
2070 RtlFreeUnicodeString(&AdjustedName
);
2073 RtlFreeUnicodeString(&AdjustedName
);
2074 /* Map the dll into the process */
2077 ArbitraryUserPointer
= NtCurrentTeb()->Tib
.ArbitraryUserPointer
;
2078 NtCurrentTeb()->Tib
.ArbitraryUserPointer
= FullDosName
.Buffer
;
2079 Status
= NtMapViewOfSection(SectionHandle
,
2089 NtCurrentTeb()->Tib
.ArbitraryUserPointer
= ArbitraryUserPointer
;
2090 if (!NT_SUCCESS(Status
))
2092 DPRINT1("map view of section failed (Status 0x%08lx)\n", Status
);
2093 RtlFreeUnicodeString(&FullDosName
);
2094 NtClose(SectionHandle
);
2097 if (NULL
!= BaseAddress
)
2099 *BaseAddress
= ImageBase
;
2101 if (!MappedAsDataFile
)
2103 /* Get and check the NT headers */
2104 NtHeaders
= RtlImageNtHeader(ImageBase
);
2105 if (NtHeaders
== NULL
)
2107 DPRINT1("RtlImageNtHeaders() failed\n");
2108 NtUnmapViewOfSection (NtCurrentProcess (), ImageBase
);
2109 NtClose (SectionHandle
);
2110 RtlFreeUnicodeString(&FullDosName
);
2111 return STATUS_UNSUCCESSFUL
;
2114 DPRINT("Mapped %wZ at %x\n", &FullDosName
, ImageBase
);
2115 if (MappedAsDataFile
)
2117 ASSERT(NULL
!= BaseAddress
);
2118 if (NULL
!= BaseAddress
)
2120 *BaseAddress
= (PVOID
) ((char *) *BaseAddress
+ 1);
2123 RtlFreeUnicodeString(&FullDosName
);
2124 NtClose(SectionHandle
);
2125 return STATUS_SUCCESS
;
2127 /* If the base address is different from the
2128 * one the DLL is actually loaded, perform any
2130 if (ImageBase
!= (PVOID
) NtHeaders
->OptionalHeader
.ImageBase
)
2132 DPRINT1("Relocating (%lx -> %p) %wZ\n",
2133 NtHeaders
->OptionalHeader
.ImageBase
, ImageBase
, &FullDosName
);
2134 Status
= LdrPerformRelocations(NtHeaders
, ImageBase
);
2135 if (!NT_SUCCESS(Status
))
2137 DPRINT1("LdrPerformRelocations() failed\n");
2138 NtUnmapViewOfSection (NtCurrentProcess (), ImageBase
);
2139 NtClose (SectionHandle
);
2140 RtlFreeUnicodeString(&FullDosName
);
2141 return STATUS_UNSUCCESSFUL
;
2144 *Module
= LdrAddModuleEntry(ImageBase
, NtHeaders
, FullDosName
.Buffer
);
2145 (*Module
)->SectionPointer
= SectionHandle
;
2146 if (ImageBase
!= (PVOID
) NtHeaders
->OptionalHeader
.ImageBase
)
2148 (*Module
)->Flags
|= LDRP_IMAGE_NOT_AT_BASE
;
2150 if (NtHeaders
->FileHeader
.Characteristics
& IMAGE_FILE_DLL
)
2152 (*Module
)->Flags
|= LDRP_IMAGE_DLL
;
2154 /* fixup the imported calls entry points */
2155 Status
= LdrFixupImports(SearchPath
, *Module
);
2156 if (!NT_SUCCESS(Status
))
2158 DPRINT1("LdrFixupImports failed for %wZ, status=%x\n", &(*Module
)->BaseDllName
, Status
);
2161 #if defined(DBG) || defined(KDBG)
2162 LdrpLoadUserModuleSymbols(*Module
);
2163 #endif /* DBG || KDBG */
2164 RtlEnterCriticalSection(NtCurrentPeb()->LoaderLock
);
2165 InsertTailList(&NtCurrentPeb()->Ldr
->InInitializationOrderModuleList
,
2166 &(*Module
)->InInitializationOrderModuleList
);
2167 RtlLeaveCriticalSection (NtCurrentPeb()->LoaderLock
);
2169 return STATUS_SUCCESS
;
2173 LdrpUnloadModule(PLDR_DATA_TABLE_ENTRY Module
,
2176 PIMAGE_IMPORT_DESCRIPTOR ImportModuleDirectory
;
2177 PIMAGE_BOUND_IMPORT_DESCRIPTOR BoundImportDescriptor
;
2178 PIMAGE_BOUND_IMPORT_DESCRIPTOR BoundImportDescriptorCurrent
;
2180 PLDR_DATA_TABLE_ENTRY ImportedModule
;
2187 RtlEnterCriticalSection(NtCurrentPeb()->LoaderLock
);
2190 LoadCount
= LdrpDecrementLoadCount(Module
, Unload
);
2192 TRACE_LDR("Unload %wZ, LoadCount %d\n", &Module
->BaseDllName
, LoadCount
);
2196 /* ?????????????????? */
2198 else if (!(Module
->Flags
& LDRP_STATIC_LINK
) && LoadCount
== 1)
2200 BoundImportDescriptor
= (PIMAGE_BOUND_IMPORT_DESCRIPTOR
)
2201 RtlImageDirectoryEntryToData(Module
->DllBase
,
2203 IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT
,
2205 if (BoundImportDescriptor
)
2207 /* dereferencing all imported modules, use the bound import descriptor */
2208 BoundImportDescriptorCurrent
= BoundImportDescriptor
;
2209 while (BoundImportDescriptorCurrent
->OffsetModuleName
)
2211 ImportedName
= (PCHAR
)BoundImportDescriptor
+ BoundImportDescriptorCurrent
->OffsetModuleName
;
2212 TRACE_LDR("%wZ trys to unload %s\n", &Module
->BaseDllName
, ImportedName
);
2213 Status
= LdrpGetOrLoadModule(NULL
, ImportedName
, &ImportedModule
, FALSE
);
2214 if (!NT_SUCCESS(Status
))
2216 DPRINT1("unable to found imported modul %s\n", ImportedName
);
2220 if (Module
!= ImportedModule
)
2222 Status
= LdrpUnloadModule(ImportedModule
, FALSE
);
2223 if (!NT_SUCCESS(Status
))
2225 DPRINT1("unable to unload %s\n", ImportedName
);
2229 BoundImportDescriptorCurrent
++;
2234 ImportModuleDirectory
= (PIMAGE_IMPORT_DESCRIPTOR
)
2235 RtlImageDirectoryEntryToData(Module
->DllBase
,
2237 IMAGE_DIRECTORY_ENTRY_IMPORT
,
2239 if (ImportModuleDirectory
)
2241 /* dereferencing all imported modules, use the import descriptor */
2242 while (ImportModuleDirectory
->Name
)
2244 ImportedName
= (PCHAR
)Module
->DllBase
+ ImportModuleDirectory
->Name
;
2245 TRACE_LDR("%wZ trys to unload %s\n", &Module
->BaseDllName
, ImportedName
);
2246 Status
= LdrpGetOrLoadModule(NULL
, ImportedName
, &ImportedModule
, FALSE
);
2247 if (!NT_SUCCESS(Status
))
2249 DPRINT1("unable to found imported modul %s\n", ImportedName
);
2253 if (Module
!= ImportedModule
)
2255 Status
= LdrpUnloadModule(ImportedModule
, FALSE
);
2256 if (!NT_SUCCESS(Status
))
2258 DPRINT1("unable to unload %s\n", ImportedName
);
2262 ImportModuleDirectory
++;
2270 if (!(Module
->Flags
& LDRP_STATIC_LINK
))
2272 LdrpDetachProcess(FALSE
);
2275 RtlLeaveCriticalSection (NtCurrentPeb()->LoaderLock
);
2277 return STATUS_SUCCESS
;
2285 LdrUnloadDll (IN PVOID BaseAddress
)
2287 PLDR_DATA_TABLE_ENTRY Module
;
2290 if (BaseAddress
== NULL
)
2291 return STATUS_SUCCESS
;
2293 if (LdrMappedAsDataFile(&BaseAddress
))
2295 Status
= NtUnmapViewOfSection(NtCurrentProcess(), BaseAddress
);
2299 Status
= LdrFindEntryForAddress(BaseAddress
, &Module
);
2300 if (NT_SUCCESS(Status
))
2302 TRACE_LDR("LdrUnloadDll, , unloading %wZ\n", &Module
->BaseDllName
);
2303 Status
= LdrpUnloadModule(Module
, TRUE
);
2314 LdrDisableThreadCalloutsForDll(IN PVOID BaseAddress
)
2316 PLIST_ENTRY ModuleListHead
;
2318 PLDR_DATA_TABLE_ENTRY Module
;
2321 DPRINT("LdrDisableThreadCalloutsForDll (BaseAddress %p)\n", BaseAddress
);
2323 Status
= STATUS_DLL_NOT_FOUND
;
2324 RtlEnterCriticalSection (NtCurrentPeb()->LoaderLock
);
2325 ModuleListHead
= &NtCurrentPeb()->Ldr
->InLoadOrderModuleList
;
2326 Entry
= ModuleListHead
->Flink
;
2327 while (Entry
!= ModuleListHead
)
2329 Module
= CONTAINING_RECORD(Entry
, LDR_DATA_TABLE_ENTRY
, InLoadOrderLinks
);
2331 DPRINT("BaseDllName %wZ BaseAddress %p\n", &Module
->BaseDllName
, Module
->DllBase
);
2333 if (Module
->DllBase
== BaseAddress
)
2335 if (Module
->TlsIndex
== 0xFFFF)
2337 Module
->Flags
|= LDRP_DONT_CALL_FOR_THREADS
;
2338 Status
= STATUS_SUCCESS
;
2342 Entry
= Entry
->Flink
;
2344 RtlLeaveCriticalSection (NtCurrentPeb()->LoaderLock
);
2352 LdrGetDllHandle(IN PWSTR DllPath OPTIONAL
,
2353 IN PULONG DllCharacteristics
,
2354 IN PUNICODE_STRING DllName
,
2355 OUT PVOID
*DllHandle
)
2357 PLDR_DATA_TABLE_ENTRY Module
;
2360 TRACE_LDR("LdrGetDllHandle, searching for %wZ from %S\n",
2361 DllName
, DllPath
? DllPath
: L
"");
2363 /* NULL is the current executable */
2364 if (DllName
== NULL
)
2366 *DllHandle
= ExeModule
->DllBase
;
2367 DPRINT("BaseAddress 0x%lx\n", *DllHandle
);
2368 return STATUS_SUCCESS
;
2371 Status
= LdrFindEntryForName(DllName
, &Module
, FALSE
);
2372 if (NT_SUCCESS(Status
))
2374 *DllHandle
= Module
->DllBase
;
2375 return STATUS_SUCCESS
;
2378 DPRINT("Failed to find dll %wZ\n", DllName
);
2380 return STATUS_DLL_NOT_FOUND
;
2387 LdrAddRefDll(IN ULONG Flags
,
2388 IN PVOID BaseAddress
)
2390 PLIST_ENTRY ModuleListHead
;
2392 PLDR_DATA_TABLE_ENTRY Module
;
2395 if (Flags
& ~(LDR_PIN_MODULE
))
2397 return STATUS_INVALID_PARAMETER
;
2400 Status
= STATUS_DLL_NOT_FOUND
;
2401 RtlEnterCriticalSection (NtCurrentPeb()->LoaderLock
);
2402 ModuleListHead
= &NtCurrentPeb()->Ldr
->InLoadOrderModuleList
;
2403 Entry
= ModuleListHead
->Flink
;
2404 while (Entry
!= ModuleListHead
)
2406 Module
= CONTAINING_RECORD(Entry
, LDR_DATA_TABLE_ENTRY
, InLoadOrderLinks
);
2408 if (Module
->DllBase
== BaseAddress
)
2410 if (Flags
& LDR_PIN_MODULE
)
2412 Module
->Flags
|= LDRP_STATIC_LINK
;
2416 LdrpIncrementLoadCount(Module
,
2419 Status
= STATUS_SUCCESS
;
2422 Entry
= Entry
->Flink
;
2424 RtlLeaveCriticalSection (NtCurrentPeb()->LoaderLock
);
2432 RtlPcToFileHeader(IN PVOID PcValue
,
2435 PLIST_ENTRY ModuleListHead
;
2437 PLDR_DATA_TABLE_ENTRY Module
;
2438 PVOID ImageBase
= NULL
;
2440 RtlEnterCriticalSection (NtCurrentPeb()->LoaderLock
);
2441 ModuleListHead
= &NtCurrentPeb()->Ldr
->InLoadOrderModuleList
;
2442 Entry
= ModuleListHead
->Flink
;
2443 while (Entry
!= ModuleListHead
)
2445 Module
= CONTAINING_RECORD(Entry
, LDR_DATA_TABLE_ENTRY
, InLoadOrderLinks
);
2447 if ((ULONG_PTR
)PcValue
>= (ULONG_PTR
)Module
->DllBase
&&
2448 (ULONG_PTR
)PcValue
< (ULONG_PTR
)Module
->DllBase
+ Module
->SizeOfImage
)
2450 ImageBase
= Module
->DllBase
;
2453 Entry
= Entry
->Flink
;
2455 RtlLeaveCriticalSection (NtCurrentPeb()->LoaderLock
);
2457 *BaseOfImage
= ImageBase
;
2465 LdrGetProcedureAddress (IN PVOID BaseAddress
,
2466 IN PANSI_STRING Name
,
2468 OUT PVOID
*ProcedureAddress
)
2470 NTSTATUS Status
= STATUS_PROCEDURE_NOT_FOUND
;
2471 if (Name
&& Name
->Length
)
2473 TRACE_LDR("LdrGetProcedureAddress by NAME - %Z\n", Name
);
2477 TRACE_LDR("LdrGetProcedureAddress by ORDINAL - %d\n", Ordinal
);
2480 DPRINT("LdrGetProcedureAddress (BaseAddress %p Name %Z Ordinal %lu ProcedureAddress %p)\n",
2481 BaseAddress
, Name
, Ordinal
, ProcedureAddress
);
2485 if (Name
&& Name
->Length
)
2488 *ProcedureAddress
= LdrGetExportByName(BaseAddress
, (PUCHAR
)Name
->Buffer
, 0xffff);
2489 if (*ProcedureAddress
!= NULL
)
2491 Status
= STATUS_SUCCESS
;
2493 DPRINT("LdrGetProcedureAddress: Can't resolve symbol '%Z'\n", Name
);
2498 Ordinal
&= 0x0000FFFF;
2499 *ProcedureAddress
= LdrGetExportByOrdinal(BaseAddress
, (WORD
)Ordinal
);
2500 if (*ProcedureAddress
)
2502 Status
= STATUS_SUCCESS
;
2504 DPRINT("LdrGetProcedureAddress: Can't resolve symbol @%lu\n", Ordinal
);
2507 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER
)
2509 Status
= STATUS_DLL_NOT_FOUND
;
2516 /**********************************************************************
2521 * Unload dll's which are no longer referenced from others dll's
2532 * The loader lock must be held on enty.
2535 LdrpDetachProcess(BOOLEAN UnloadAll
)
2537 PLIST_ENTRY ModuleListHead
;
2539 PLDR_DATA_TABLE_ENTRY Module
;
2540 static ULONG CallingCount
= 0;
2542 DPRINT("LdrpDetachProcess() called for %wZ\n",
2543 &ExeModule
->BaseDllName
);
2546 LdrpDllShutdownInProgress
= TRUE
;
2550 ModuleListHead
= &NtCurrentPeb()->Ldr
->InInitializationOrderModuleList
;
2551 Entry
= ModuleListHead
->Blink
;
2552 while (Entry
!= ModuleListHead
)
2554 Module
= CONTAINING_RECORD(Entry
, LDR_DATA_TABLE_ENTRY
, InInitializationOrderModuleList
);
2555 if (((UnloadAll
&& Module
->LoadCount
== 0xFFFF) || Module
->LoadCount
== 0) &&
2556 Module
->Flags
& LDRP_ENTRY_PROCESSED
&&
2557 !(Module
->Flags
& LDRP_UNLOAD_IN_PROGRESS
))
2559 Module
->Flags
|= LDRP_UNLOAD_IN_PROGRESS
;
2560 if (Module
== LdrpLastModule
)
2562 LdrpLastModule
= NULL
;
2564 if (Module
->Flags
& LDRP_PROCESS_ATTACH_CALLED
)
2566 TRACE_LDR("Unload %wZ - Calling entry point at %x\n",
2567 &Module
->BaseDllName
, Module
->EntryPoint
);
2568 LdrpCallDllEntry(Module
, DLL_PROCESS_DETACH
, (PVOID
)(Module
->LoadCount
== 0xFFFF ? 1 : 0));
2572 TRACE_LDR("Unload %wZ\n", &Module
->BaseDllName
);
2574 Entry
= ModuleListHead
->Blink
;
2578 Entry
= Entry
->Blink
;
2582 if (CallingCount
== 1)
2584 Entry
= ModuleListHead
->Blink
;
2585 while (Entry
!= ModuleListHead
)
2587 Module
= CONTAINING_RECORD(Entry
, LDR_DATA_TABLE_ENTRY
, InInitializationOrderModuleList
);
2588 Entry
= Entry
->Blink
;
2589 if (Module
->Flags
& LDRP_UNLOAD_IN_PROGRESS
&&
2590 ((UnloadAll
&& Module
->LoadCount
!= 0xFFFF) || Module
->LoadCount
== 0))
2592 /* remove the module entry from the list */
2593 RemoveEntryList (&Module
->InLoadOrderLinks
);
2594 RemoveEntryList (&Module
->InInitializationOrderModuleList
);
2596 NtUnmapViewOfSection (NtCurrentProcess (), Module
->DllBase
);
2597 NtClose (Module
->SectionPointer
);
2599 TRACE_LDR("%wZ unloaded\n", &Module
->BaseDllName
);
2601 RtlFreeUnicodeString (&Module
->FullDllName
);
2602 RtlFreeUnicodeString (&Module
->BaseDllName
);
2604 RtlFreeHeap (RtlGetProcessHeap (), 0, Module
);
2609 DPRINT("LdrpDetachProcess() done\n");
2612 /**********************************************************************
2617 * Initialize all dll's which are prepered for loading
2628 * The loader lock must be held on entry.
2632 LdrpAttachProcess(VOID
)
2634 PLIST_ENTRY ModuleListHead
;
2636 PLDR_DATA_TABLE_ENTRY Module
;
2638 NTSTATUS Status
= STATUS_SUCCESS
;
2640 DPRINT("LdrpAttachProcess() called for %wZ\n",
2641 &ExeModule
->BaseDllName
);
2643 ModuleListHead
= &NtCurrentPeb()->Ldr
->InInitializationOrderModuleList
;
2644 Entry
= ModuleListHead
->Flink
;
2645 while (Entry
!= ModuleListHead
)
2647 Module
= CONTAINING_RECORD(Entry
, LDR_DATA_TABLE_ENTRY
, InInitializationOrderModuleList
);
2648 if (!(Module
->Flags
& (LDRP_LOAD_IN_PROGRESS
|LDRP_UNLOAD_IN_PROGRESS
|LDRP_ENTRY_PROCESSED
)))
2650 Module
->Flags
|= LDRP_LOAD_IN_PROGRESS
;
2651 TRACE_LDR("%wZ loaded - Calling init routine at %x for process attaching\n",
2652 &Module
->BaseDllName
, Module
->EntryPoint
);
2653 Result
= LdrpCallDllEntry(Module
, DLL_PROCESS_ATTACH
, (PVOID
)(Module
->LoadCount
== 0xFFFF ? 1 : 0));
2656 Status
= STATUS_DLL_INIT_FAILED
;
2659 if (Module
->Flags
& LDRP_IMAGE_DLL
&& Module
->EntryPoint
!= 0)
2661 Module
->Flags
|= LDRP_PROCESS_ATTACH_CALLED
|LDRP_ENTRY_PROCESSED
;
2665 Module
->Flags
|= LDRP_ENTRY_PROCESSED
;
2667 Module
->Flags
&= ~LDRP_LOAD_IN_PROGRESS
;
2669 Entry
= Entry
->Flink
;
2672 DPRINT("LdrpAttachProcess() done\n");
2681 RtlDllShutdownInProgress (VOID
)
2683 return LdrpDllShutdownInProgress
;
2690 LdrShutdownProcess (VOID
)
2692 LdrpDetachProcess(TRUE
);
2693 return STATUS_SUCCESS
;
2701 LdrpAttachThread (VOID
)
2703 PLIST_ENTRY ModuleListHead
;
2705 PLDR_DATA_TABLE_ENTRY Module
;
2708 DPRINT("LdrpAttachThread() called for %wZ\n",
2709 &ExeModule
->BaseDllName
);
2711 RtlEnterCriticalSection (NtCurrentPeb()->LoaderLock
);
2713 Status
= LdrpInitializeTlsForThread();
2715 if (NT_SUCCESS(Status
))
2717 ModuleListHead
= &NtCurrentPeb()->Ldr
->InInitializationOrderModuleList
;
2718 Entry
= ModuleListHead
->Flink
;
2720 while (Entry
!= ModuleListHead
)
2722 Module
= CONTAINING_RECORD(Entry
, LDR_DATA_TABLE_ENTRY
, InInitializationOrderModuleList
);
2723 if (Module
->Flags
& LDRP_PROCESS_ATTACH_CALLED
&&
2724 !(Module
->Flags
& LDRP_DONT_CALL_FOR_THREADS
) &&
2725 !(Module
->Flags
& LDRP_UNLOAD_IN_PROGRESS
))
2727 TRACE_LDR("%wZ - Calling entry point at %x for thread attaching\n",
2728 &Module
->BaseDllName
, Module
->EntryPoint
);
2729 LdrpCallDllEntry(Module
, DLL_THREAD_ATTACH
, NULL
);
2731 Entry
= Entry
->Flink
;
2734 Entry
= NtCurrentPeb()->Ldr
->InLoadOrderModuleList
.Flink
;
2735 Module
= CONTAINING_RECORD(Entry
, LDR_DATA_TABLE_ENTRY
, InLoadOrderLinks
);
2736 LdrpTlsCallback(Module
, DLL_THREAD_ATTACH
);
2739 RtlLeaveCriticalSection (NtCurrentPeb()->LoaderLock
);
2741 DPRINT("LdrpAttachThread() done\n");
2751 LdrShutdownThread (VOID
)
2753 PLIST_ENTRY ModuleListHead
;
2755 PLDR_DATA_TABLE_ENTRY Module
;
2757 DPRINT("LdrShutdownThread() called for %wZ\n",
2758 &ExeModule
->BaseDllName
);
2760 RtlEnterCriticalSection (NtCurrentPeb()->LoaderLock
);
2762 ModuleListHead
= &NtCurrentPeb()->Ldr
->InInitializationOrderModuleList
;
2763 Entry
= ModuleListHead
->Blink
;
2764 while (Entry
!= ModuleListHead
)
2766 Module
= CONTAINING_RECORD(Entry
, LDR_DATA_TABLE_ENTRY
, InInitializationOrderModuleList
);
2768 if (Module
->Flags
& LDRP_PROCESS_ATTACH_CALLED
&&
2769 !(Module
->Flags
& LDRP_DONT_CALL_FOR_THREADS
) &&
2770 !(Module
->Flags
& LDRP_UNLOAD_IN_PROGRESS
))
2772 TRACE_LDR("%wZ - Calling entry point at %x for thread detaching\n",
2773 &Module
->BaseDllName
, Module
->EntryPoint
);
2774 LdrpCallDllEntry(Module
, DLL_THREAD_DETACH
, NULL
);
2776 Entry
= Entry
->Blink
;
2779 RtlLeaveCriticalSection (NtCurrentPeb()->LoaderLock
);
2783 RtlFreeHeap (RtlGetProcessHeap(), 0, NtCurrentTeb()->ThreadLocalStoragePointer
);
2786 DPRINT("LdrShutdownThread() done\n");
2788 return STATUS_SUCCESS
;
2792 /***************************************************************************
2794 * LdrQueryProcessModuleInformation
2809 LdrQueryProcessModuleInformation(IN PRTL_PROCESS_MODULES ModuleInformation OPTIONAL
,
2810 IN ULONG Size OPTIONAL
,
2811 OUT PULONG ReturnedSize
)
2813 PLIST_ENTRY ModuleListHead
;
2815 PLDR_DATA_TABLE_ENTRY Module
;
2816 PRTL_PROCESS_MODULE_INFORMATION ModulePtr
= NULL
;
2817 NTSTATUS Status
= STATUS_SUCCESS
;
2818 ULONG UsedSize
= sizeof(ULONG
);
2819 ANSI_STRING AnsiString
;
2822 DPRINT("LdrQueryProcessModuleInformation() called\n");
2823 // FIXME: This code is ultra-duplicated. see lib\rtl\dbgbuffer.c
2824 RtlEnterCriticalSection (NtCurrentPeb()->LoaderLock
);
2826 if (ModuleInformation
== NULL
|| Size
== 0)
2828 Status
= STATUS_INFO_LENGTH_MISMATCH
;
2832 ModuleInformation
->NumberOfModules
= 0;
2833 ModulePtr
= &ModuleInformation
->Modules
[0];
2834 Status
= STATUS_SUCCESS
;
2837 ModuleListHead
= &NtCurrentPeb()->Ldr
->InLoadOrderModuleList
;
2838 Entry
= ModuleListHead
->Flink
;
2840 while (Entry
!= ModuleListHead
)
2842 Module
= CONTAINING_RECORD(Entry
, LDR_DATA_TABLE_ENTRY
, InLoadOrderLinks
);
2844 DPRINT(" Module %wZ\n",
2845 &Module
->FullDllName
);
2847 if (UsedSize
> Size
)
2849 Status
= STATUS_INFO_LENGTH_MISMATCH
;
2851 else if (ModuleInformation
!= NULL
)
2853 ModulePtr
->Section
= 0;
2854 ModulePtr
->MappedBase
= NULL
; // FIXME: ??
2855 ModulePtr
->ImageBase
= Module
->DllBase
;
2856 ModulePtr
->ImageSize
= Module
->SizeOfImage
;
2857 ModulePtr
->Flags
= Module
->Flags
;
2858 ModulePtr
->LoadOrderIndex
= 0; // FIXME: ??
2859 ModulePtr
->InitOrderIndex
= 0; // FIXME: ??
2860 ModulePtr
->LoadCount
= Module
->LoadCount
;
2862 AnsiString
.Length
= 0;
2863 AnsiString
.MaximumLength
= 256;
2864 AnsiString
.Buffer
= ModulePtr
->FullPathName
;
2865 RtlUnicodeStringToAnsiString(&AnsiString
,
2866 &Module
->FullDllName
,
2869 p
= strrchr(ModulePtr
->FullPathName
, '\\');
2871 ModulePtr
->OffsetToFileName
= p
- ModulePtr
->FullPathName
+ 1;
2873 ModulePtr
->OffsetToFileName
= 0;
2876 ModuleInformation
->NumberOfModules
++;
2878 UsedSize
+= sizeof(RTL_PROCESS_MODULE_INFORMATION
);
2880 Entry
= Entry
->Flink
;
2883 RtlLeaveCriticalSection (NtCurrentPeb()->LoaderLock
);
2885 if (ReturnedSize
!= 0)
2886 *ReturnedSize
= UsedSize
;
2888 DPRINT("LdrQueryProcessModuleInformation() done\n");
2895 LdrpCheckImageChecksum (IN PVOID BaseAddress
,
2898 PIMAGE_NT_HEADERS Header
;
2905 Header
= RtlImageNtHeader (BaseAddress
);
2909 HeaderSum
= Header
->OptionalHeader
.CheckSum
;
2914 Ptr
= (PUSHORT
) BaseAddress
;
2915 for (i
= 0; i
< ImageSize
/ sizeof (USHORT
); i
++)
2918 if (HIWORD(Sum
) != 0)
2920 Sum
= LOWORD(Sum
) + HIWORD(Sum
);
2927 Sum
+= (ULONG
)*((PUCHAR
)Ptr
);
2928 if (HIWORD(Sum
) != 0)
2930 Sum
= LOWORD(Sum
) + HIWORD(Sum
);
2934 CalcSum
= (USHORT
)(LOWORD(Sum
) + HIWORD(Sum
));
2936 /* Subtract image checksum from calculated checksum. */
2937 /* fix low word of checksum */
2938 if (LOWORD(CalcSum
) >= LOWORD(HeaderSum
))
2940 CalcSum
-= LOWORD(HeaderSum
);
2944 CalcSum
= ((LOWORD(CalcSum
) - LOWORD(HeaderSum
)) & 0xFFFF) - 1;
2947 /* fix high word of checksum */
2948 if (LOWORD(CalcSum
) >= HIWORD(HeaderSum
))
2950 CalcSum
-= HIWORD(HeaderSum
);
2954 CalcSum
= ((LOWORD(CalcSum
) - HIWORD(HeaderSum
)) & 0xFFFF) - 1;
2957 /* add file length */
2958 CalcSum
+= ImageSize
;
2960 return (BOOLEAN
)(CalcSum
== HeaderSum
);
2964 * Compute size of an image as it is actually present in virt memory
2965 * (i.e. excluding NEVER_LOAD sections)
2968 LdrpGetResidentSize(PIMAGE_NT_HEADERS NTHeaders
)
2970 PIMAGE_SECTION_HEADER SectionHeader
;
2971 unsigned SectionIndex
;
2974 SectionHeader
= (PIMAGE_SECTION_HEADER
)((char *) &NTHeaders
->OptionalHeader
2975 + NTHeaders
->FileHeader
.SizeOfOptionalHeader
);
2977 for (SectionIndex
= 0; SectionIndex
< NTHeaders
->FileHeader
.NumberOfSections
; SectionIndex
++)
2979 if (0 == (SectionHeader
->Characteristics
& IMAGE_SCN_LNK_REMOVE
)
2980 && ResidentSize
< SectionHeader
->VirtualAddress
+ SectionHeader
->Misc
.VirtualSize
)
2982 ResidentSize
= SectionHeader
->VirtualAddress
+ SectionHeader
->Misc
.VirtualSize
;
2987 return ResidentSize
;
2991 /***************************************************************************
2993 * LdrVerifyImageMatchesChecksum
3008 LdrVerifyImageMatchesChecksum (IN HANDLE FileHandle
,
3013 FILE_STANDARD_INFORMATION FileInfo
;
3014 IO_STATUS_BLOCK IoStatusBlock
;
3015 HANDLE SectionHandle
;
3021 DPRINT ("LdrVerifyImageMatchesChecksum() called\n");
3023 Status
= NtCreateSection (&SectionHandle
,
3030 if (!NT_SUCCESS(Status
))
3032 DPRINT1 ("NtCreateSection() failed (Status %lx)\n", Status
);
3038 Status
= NtMapViewOfSection (SectionHandle
,
3039 NtCurrentProcess (),
3048 if (!NT_SUCCESS(Status
))
3050 DPRINT1 ("NtMapViewOfSection() failed (Status %lx)\n", Status
);
3051 NtClose (SectionHandle
);
3055 Status
= NtQueryInformationFile (FileHandle
,
3058 sizeof (FILE_STANDARD_INFORMATION
),
3059 FileStandardInformation
);
3060 if (!NT_SUCCESS(Status
))
3062 DPRINT1 ("NtMapViewOfSection() failed (Status %lx)\n", Status
);
3063 NtUnmapViewOfSection (NtCurrentProcess (),
3065 NtClose (SectionHandle
);
3069 Result
= LdrpCheckImageChecksum (BaseAddress
,
3070 FileInfo
.EndOfFile
.u
.LowPart
);
3071 if (Result
== FALSE
)
3073 Status
= STATUS_IMAGE_CHECKSUM_MISMATCH
;
3076 NtUnmapViewOfSection (NtCurrentProcess (),
3079 NtClose (SectionHandle
);
3085 /***************************************************************************
3087 * LdrQueryImageFileExecutionOptions
3102 LdrQueryImageFileExecutionOptions (IN PUNICODE_STRING SubKey
,
3103 IN PCWSTR ValueName
,
3106 IN ULONG BufferSize
,
3107 OUT PULONG ReturnedLength OPTIONAL
)
3109 PKEY_VALUE_PARTIAL_INFORMATION KeyInfo
;
3110 OBJECT_ATTRIBUTES ObjectAttributes
;
3111 UNICODE_STRING ValueNameString
;
3112 UNICODE_STRING KeyName
;
3113 WCHAR NameBuffer
[256];
3121 L
"\\Registry\\Machine\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\");
3122 Ptr
= wcsrchr (SubKey
->Buffer
, L
'\\');
3125 Ptr
= SubKey
->Buffer
;
3131 wcscat (NameBuffer
, Ptr
);
3132 RtlInitUnicodeString (&KeyName
,
3135 InitializeObjectAttributes (&ObjectAttributes
,
3137 OBJ_CASE_INSENSITIVE
,
3141 Status
= NtOpenKey (&KeyHandle
,
3144 if (!NT_SUCCESS(Status
))
3146 DPRINT ("NtOpenKey() failed (Status %lx)\n", Status
);
3150 KeyInfoSize
= sizeof(KEY_VALUE_PARTIAL_INFORMATION
) + 32;
3151 KeyInfo
= RtlAllocateHeap (RtlGetProcessHeap(),
3154 if (KeyInfo
== NULL
)
3156 NtClose (KeyHandle
);
3157 return STATUS_INSUFFICIENT_RESOURCES
;
3160 RtlInitUnicodeString (&ValueNameString
,
3162 Status
= NtQueryValueKey (KeyHandle
,
3164 KeyValuePartialInformation
,
3168 if (Status
== STATUS_BUFFER_OVERFLOW
)
3170 KeyInfoSize
= sizeof(KEY_VALUE_PARTIAL_INFORMATION
) + KeyInfo
->DataLength
;
3171 RtlFreeHeap (RtlGetProcessHeap(),
3174 KeyInfo
= RtlAllocateHeap (RtlGetProcessHeap(),
3177 if (KeyInfo
== NULL
)
3179 NtClose (KeyHandle
);
3180 return STATUS_INSUFFICIENT_RESOURCES
;
3183 Status
= NtQueryValueKey (KeyHandle
,
3185 KeyValuePartialInformation
,
3190 NtClose (KeyHandle
);
3192 if (!NT_SUCCESS(Status
))
3194 if (KeyInfo
!= NULL
)
3196 RtlFreeHeap (RtlGetProcessHeap(),
3203 if (KeyInfo
->Type
!= Type
)
3205 RtlFreeHeap (RtlGetProcessHeap(),
3208 return STATUS_OBJECT_TYPE_MISMATCH
;
3211 ResultSize
= BufferSize
;
3212 if (ResultSize
< KeyInfo
->DataLength
)
3214 Status
= STATUS_BUFFER_OVERFLOW
;
3218 ResultSize
= KeyInfo
->DataLength
;
3220 RtlCopyMemory (Buffer
,
3224 RtlFreeHeap (RtlGetProcessHeap(),
3228 if (ReturnedLength
!= NULL
)
3230 *ReturnedLength
= ResultSize
;
3237 PIMAGE_BASE_RELOCATION NTAPI
3238 LdrProcessRelocationBlock(IN ULONG_PTR Address
,
3240 IN PUSHORT TypeOffset
,
3249 for (i
= 0; i
< Count
; i
++)
3251 Offset
= *TypeOffset
& 0xFFF;
3252 Type
= *TypeOffset
>> 12;
3256 case IMAGE_REL_BASED_ABSOLUTE
:
3259 case IMAGE_REL_BASED_HIGH
:
3260 ShortPtr
= (PUSHORT
)((ULONG_PTR
)Address
+ Offset
);
3261 *ShortPtr
+= HIWORD(Delta
);
3264 case IMAGE_REL_BASED_LOW
:
3265 ShortPtr
= (PUSHORT
)((ULONG_PTR
)Address
+ Offset
);
3266 *ShortPtr
+= LOWORD(Delta
);
3269 case IMAGE_REL_BASED_HIGHLOW
:
3270 LongPtr
= (PULONG
)((ULONG_PTR
)Address
+ Offset
);
3274 case IMAGE_REL_BASED_HIGHADJ
:
3275 case IMAGE_REL_BASED_MIPS_JMPADDR
:
3277 DPRINT1("Unknown/unsupported fixup type %hu.\n", Type
);
3284 return (PIMAGE_BASE_RELOCATION
)TypeOffset
;
3289 LdrLockLoaderLock(IN ULONG Flags
,
3290 OUT PULONG Disposition OPTIONAL
,
3291 OUT PULONG Cookie OPTIONAL
)
3294 return STATUS_NOT_IMPLEMENTED
;
3299 LdrUnlockLoaderLock(IN ULONG Flags
,
3300 IN ULONG Cookie OPTIONAL
)
3303 return STATUS_NOT_IMPLEMENTED
;
3308 LdrUnloadAlternateResourceModule(IN PVOID BaseAddress
)