楼主 |
发表于 2025-1-2 18:45:59
- CreateProcessInternalW(
- HANDLE hUserToken,
- LPCWSTR lpApplicationName,
- LPWSTR lpCommandLine,
- LPSECURITY_ATTRIBUTES lpProcessAttributes,
- BOOL bInheritHandles,
- DWORD dwCreationFlags,
- LPVOID lpEnvironment,
- LPCWSTR lpCurrentDirectory,
- LPPROCESS_INFORMATION lpProcessInformation,
- PHANDLE hRestrictedUserToken
- )
- /*++
- Routine Description:
- This is the worker routine for CreateProcess and CreateProcessAsUser.
- CreateProcessAsUser supplies a User token to be stamped on the new process.
- CreateProcess supplies NULL and the current process token is used.
- A process and thread object are created and a handle opened to each
- object using CreateProcessInternal. Note that WinExec and LoadModule are
- still supported, but are implemented as a call to CreateProcess.
- Arguments:
- hUserToken - Supplies an optional token handle to be set on the new process.
- Process token is used is this parameter is NULL.
- lpApplicationName - Supplies an optional pointer to a null terminated
- character string that contains the name of the image file to
- execute. This is a fully qualified DOS path name. If not
- specified, then the image file name is the first whitespace
- delimited token on the command line.
- lpCommandLine - Supplies a null terminated character string that
- contains the command line for the application to be executed.
- The entire command line is made available to the new process
- using GetCommandLine. If the lpApplicationName parameter was
- not specified, then the first token of the command line
- specifies file name of the application (note that this token
- begins at the beginning of the command line and ends at the
- first "white space" character). If the file name does not
- contain an extension (the presence of a "."), then .EXE is
- assumed. If the file name does not contain a directory path,
- Windows will search for the executable file in:
- - The current directory
- - The windows directory
- - The windows system directory
- - The directories listed in the path environment variable
- This parameter is optional onlu if the lpApplicationName
- parameter is specified. In this case the command line the
- application receives will be the application name.
- lpProcessAttributes - An optional parameter that may be used to
- specify the attributes of the new process. If the parameter is
- not specified, then the process is created without a security
- descriptor, and the resulting handle is not inherited on process
- creation:
- DWORD nLength - Specifies the length of this structure. Must be
- set to sizeof( SECURITY_ATTRUBUTES ).
- LPVOID lpSecurityDescriptor - Points to a security descriptor for
- the object (must be NULL for Win32, used on NT/Win32). The
- security descriptor controls the sharing of an object.
- BOOL bInheritHandle - Supplies a flag that indicates whether
- or not the returned handle is to be inherited by a new
- process during process creation. A value of TRUE
- indicates that the new process will inherit the handle.
- lpThreadAttributes - An optional parameter that may be used to specify
- the attributes of the new thread. If the parameter is not
- specified, then the thread is created without a security
- descriptor, and the resulting handle is not inherited on
- process creation.
- dwCreationFlags - Supplies additional flags that control the creation
- of the process.
- dwCreationFlags Flags:
- DEBUG_PROCESS - If this flag bit is set, then the creating
- process is treated as a debugger, and the process being
- created is created as a debugee. All debug events occuring
- in the debugee are reported to the debugger. If this bit is
- clear, but the calling process is a debugee, then the
- process becomes a debugee of the calling processes debugger.
- If this bit is clear and the calling processes is not a
- debugee then no debug related actions occur.
- DEBUG_ONLY_THIS_PROCESS - If this flag is set, then the
- DEBUG_PROCESS flag bit must also be set. The calling
- process is is treated as a debugger, and the new process is
- created as its debuggee. If the new process creates
- additional processes, no debug related activities (with
- respect to the debugger) occur.
- CREATE_SUSPENDED - The process is created, but the initial thread
- of the process remains suspended. The creator can resume this
- thread using ResumeThread. Until this is done, code in the
- process will not execute.
- CREATE_UNICODE_ENVIRONMENT - If set, the environment pointer
- points to a Unicode environment block. Otherwise, the
- block is ANSI (actually OEM.)
- bInheritHandles - Supplies a flag that specifies whether or not the
- new process is to inherit handles to objects visible to the
- calling process. A value of TRUE causes handles to be inherited
- by the new process. If TRUE was specified, then for each handle
- visible to the calling process, if the handle was created with
- the inherit handle option, the handle is inherited to the new
- process. The handle has the same granted access in the new
- process as it has in the calling process, and the value of the
- handle is the same.
- lpEnvironment - An optional parameter, that if specified, supplies a
- pointer to an environment block. If the parameter is not
- specified, the environment block of the current process is used.
- This environment block is made available to the new process
- using GetEnvironmentStrings.
- lpCurrentDirectory - An optional parameter, that if specified,
- supplies a string representing the current drive and directory
- for the new process. The string must be a fully qualified
- pathname that includes a drive letter. If the parameter is not
- specified, then the new process is created with the same current
- drive and directory as the calling process. This option is
- provided primarily for shells that want to start an application
- and specify its initial drive and working directory.
- lpStartupInfo - Supplies information that specified how the
- applications window is to be shown. This structure is described
- in the Win32 User Interface API Book.
- lpProcessInformation - Returns identification information about the
- new process.
- HANDLE hProcess - Returns a handle to the newly created process.
- Through the handle, all operations on process objects are
- allowed.
- HANDLE hThread - Returns a handle to the newly created thread.
- Through the handle, all operations on thread objects are
- allowed.
- DWORD dwProcessId - Returns a global process id that may be used
- to identify a process. The value is valid from the time the
- process is created until the time the process is terminated.
- DWORD dwThreadId - Returns a global thread id that may be used
- to identify a thread. The value is valid from the time the
- thread is created until the time the thread is terminated.
- hRestrictedUserToken - Returns a restricted token if a UsetToken was
- supplied. This is applicable for the CreateProcessAsUser case.
- The token is released by CreateProcessAsUser.
- Return Value:
- TRUE - The operation was successful
- FALSE/NULL - The operation failed. Extended error status is available
- using GetLastError.
- --*/
- {
- NTSTATUS Status;
- HANDLE ProcessHandle, ThreadHandle, VdmWaitHandle = NULL;
- HANDLE FileHandle, SectionHandle;
- CLIENT_ID ClientId;
- IO_STATUS_BLOCK IoStatusBlock;
- BOOLEAN TranslationStatus;
- PVOID FreeBuffer;
- LPWSTR NameBuffer;
- LPWSTR WhiteScan;
- ULONG Length,i;
- NTSTATUS StackStatus;
- BOOLEAN bStatus;
- INITIAL_TEB InitialTeb;
- CONTEXT ThreadContext;
- PPEB Peb;
- PBASE_CREATEPROCESS_MSG a = &m.u.CreateProcess;
- PWCH TempNull = NULL;
- WCHAR TempChar;
- PVOID BaseAddress;
- ULONG VdmReserve;
- SIZE_T BigVdmReserve;
- ULONG iTask=0;
- LPWSTR CurdirBuffer, CurdirFilePart;
- DWORD CurdirLength,CurdirLength2;
- ULONG VDMCreationState=0;
- ULONG VdmBinaryType = 0;
- BOOL bMeowBinary = FALSE;
- UNICODE_STRING SubSysCommandLine;
- DWORD dwNoWindow = (dwCreationFlags & CREATE_NO_WINDOW);
- WCHAR ImageFileDebuggerCommand[ MAX_PATH ];
- LPWSTR QuotedBuffer;
- BOOLEAN QuoteInsert;
- BOOLEAN QuoteCmdLine = FALSE;
- BOOLEAN QuoteFound;
- BOOL bSaferChecksNeeded = FALSE;
- BOOLEAN SearchRetry;
- BOOLEAN IsWowBinary = FALSE;
- DWORD LastError;
- DWORD fileattr;
- PVOID State;
- HANDLE DebugPortHandle = NULL;
- PVOID pAppCompatDataTemp;
- PVOID pAppCompatData = NULL;
- DWORD cbAppCompatData = 0; // for the future
- BOOLEAN bVdmRetry = FALSE;
- DWORD Flags;
- PVOID pAppCompatSxsData = NULL;
- DWORD cbAppCompatSxsData = 0;
- SXS_OVERRIDE_STREAM AppCompatSxsManifest;
- SIZE_T SxsConglomeratedBufferSizeBytes;
- PBYTE SxsConglomeratedByteBuffer = NULL; // this contains all the of the below in one large right-sized heap allocation
- // if we compute its size wrong, other code (if it gets it right..) should
- // do more heap allocation
- ULONG sxsi; // for loop counter
- RTL_UNICODE_STRING_BUFFER SxsWin32ManifestPathBuffer;
- RTL_UNICODE_STRING_BUFFER SxsWin32AssemblyDirectoryBuffer;
- const PRTL_UNICODE_STRING_BUFFER SxsStringBuffers[] = {
- // The order here does not matter.
- &SxsWin32ManifestPathBuffer,
- &SxsWin32PolicyPathBuffer,
- &SxsWin32AssemblyDirectoryBuffer,
- &SxsNtManifestPathBuffer,
- &SxsNtPolicyPathBuffer
- };
- BASE_MSG_SXS_HANDLES SxsExeHandles = {0};
- BASE_MSG_SXS_HANDLES SxsManifestFileHandles = {0};
- CONST SXS_CONSTANT_WIN32_NT_PATH_PAIR SxsExePathPair = { &SxsWin32ExePath, &SxsNtExePath };
- CONST SXS_WIN32_NT_PATH_PAIR SxsManifestPathPair = { &SxsWin32ManifestPathBuffer, &SxsNtManifestPathBuffer };
- CONST SXS_WIN32_NT_PATH_PAIR SxsPolicyPathPair = { &SxsWin32PolicyPathBuffer, &SxsNtPolicyPathBuffer };
- BASE_MSG_SXS_HANDLES SxsPolicyHandles = {0};
- PWSTR ExePathFullBuffer = NULL;
- DWORD dwJobMemberLevel = 0;
- HANDLE hSaferAssignmentJob = NULL;
- HANDLE hSaferRestrictedToken = NULL;
- DWORD dwBasePushProcessParametersFlags = 0;
- #if defined(BUILD_WOW6432) || defined(_WIN64)
- BOOLEAN ComPlusILImage;
- LPCWSTR lpOriginalApplicationName = lpApplicationName;
- LPWSTR lpOriginalCommandLine = lpCommandLine;
- #endif
- #if defined(WX86)
- HANDLE Wx86Info = NULL;
- #endif
- #if defined WX86
- BOOLEAN UseKnownWx86Dll;
- UseKnownWx86Dll = NtCurrentTeb()->Wx86Thread.UseKnownWx86Dll;
- NtCurrentTeb()->Wx86Thread.UseKnownWx86Dll = FALSE;
- #endif
- RtlZeroMemory(&a->Sxs, sizeof(a->Sxs));
- RtlZeroMemory(lpProcessInformation,sizeof(*lpProcessInformation));
- if (ARGUMENT_PRESENT( hRestrictedUserToken )) {
- *hRestrictedUserToken = NULL;
- }
- // Private VDM flag should be ignored; Its meant for internal use only.
- dwCreationFlags &= (ULONG)~CREATE_NO_WINDOW;
- if ((dwCreationFlags & (DETACHED_PROCESS | CREATE_NEW_CONSOLE)) ==
- return FALSE;
- }
- AnsiStringVDMEnv.Buffer = NULL;
- UnicodeStringVDMEnv.Buffer = NULL;
- //
- // the lowest specified priority class is used.
- //
- if (dwCreationFlags & IDLE_PRIORITY_CLASS ) {
- }
- else if (dwCreationFlags & BELOW_NORMAL_PRIORITY_CLASS ) {
- }
- else if (dwCreationFlags & NORMAL_PRIORITY_CLASS ) {
- }
- else if (dwCreationFlags & ABOVE_NORMAL_PRIORITY_CLASS ) {
- }
- else if (dwCreationFlags & HIGH_PRIORITY_CLASS ) {
- }
- else if (dwCreationFlags & REALTIME_PRIORITY_CLASS ) {
- if ( BasepIsRealtimeAllowed(FALSE) ) {
- }
- else {
- }
- }
- else {
- }
- PriClass.Foreground = FALSE;
- dwCreationFlags = (dwCreationFlags & ~PRIORITY_CLASS_MASK );
- //
- // Default separate/shared VDM option if not explicitly specified.
- //
- if (dwCreationFlags & CREATE_SEPARATE_WOW_VDM) {
- if (dwCreationFlags & CREATE_SHARED_WOW_VDM) {
- return FALSE;
- }
- }
- else
- if ((dwCreationFlags & CREATE_SHARED_WOW_VDM) == 0) {
- if (BaseStaticServerData->DefaultSeparateVDM) {
- dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
- }
- }
- if ((dwCreationFlags & CREATE_SEPARATE_WOW_VDM) == 0) {
- //
- // If the creator is running inside a job object, always
- // set SEPERATE_WOW_VDM so the VDM is part of the job.
- //
- Status = NtQueryInformationJobObject(NULL,
- JobObjectBasicUIRestrictions,
- &UiRestrictions,
- sizeof(UiRestrictions),
- NULL);
- if (Status != STATUS_ACCESS_DENIED) {
- //
- // Anything other than STATUS_ACCESS_DENIED indicates the
- // current process is inside a job.
- //
- dwCreationFlags = (dwCreationFlags & (~CREATE_SHARED_WOW_VDM)) |
- }
- }
- //
- // If ANSI environment, convert to Unicode
- //
- if (lpEnvironment && !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT) ) {
- STRING Ansi;
- Ansi.Buffer = s = lpEnvironment;
- while (*s || *(s+1)) // find end of block
- s++;
- Ansi.Length = (USHORT)(s - Ansi.Buffer) + 1;
- Ansi.MaximumLength = Ansi.Length + 1;
- MemoryInformation.RegionSize = Ansi.MaximumLength * sizeof(WCHAR);
- Unicode.Buffer = NULL;
- Status = NtAllocateVirtualMemory( NtCurrentProcess(),
- &Unicode.Buffer,
- 0,
- &MemoryInformation.RegionSize,
- );
- if (!NT_SUCCESS(Status) ) {
- BaseSetLastNTError(Status);
- return FALSE;
- }
- Unicode.MaximumLength = (USHORT)MemoryInformation.RegionSize;
- Status = RtlAnsiStringToUnicodeString(&Unicode, &Ansi, FALSE);
- if (!NT_SUCCESS(Status) ) {
- NtFreeVirtualMemory( NtCurrentProcess(),
- &Unicode.Buffer,
- &MemoryInformation.RegionSize,
- );
- BaseSetLastNTError(Status);
- return FALSE;
- }
- lpEnvironment = Unicode.Buffer;
- }
- FileHandle = NULL;
- SectionHandle = NULL;
- ProcessHandle = NULL;
- ThreadHandle = NULL;
- FreeBuffer = NULL;
- NameBuffer = NULL;
- VdmNameString.Buffer = NULL;
- BaseAddress = (PVOID)1;
- VdmReserve = 0;
- CurdirBuffer = NULL;
- CurdirFilePart = NULL;
- SubSysCommandLine.Buffer = NULL;
- QuoteFound = FALSE;
- QuoteInsert = FALSE;
- QuotedBuffer = NULL;
- try {
- //
- // Make a copy of the startup info so we can change it.
- //
- StartupInfo = *lpStartupInfo;
- //
- // STARTF_USEHOTKEY means hStdInput is really the hotkey value.
- // STARTF_HASSHELLDATA means std handles are used for shell-private
- // data. This flag is used if an icon is passed to ShellExecuteEx.
- // As a result they cannot be specified with STARTF_USESTDHANDLES.
- // Consistent with Win95, USESTDHANDLES is ignored.
- //
- if (StartupInfo.dwFlags & STARTF_USESTDHANDLES &&
- StartupInfo.dwFlags &= ~STARTF_USESTDHANDLES;
- }
- VdmRetry:
- //
- // None of this cleanup/reinit occurs for launching a Win32 or Win64 .exe,
- // but they generally do occur for launching 16bit, .bat, etc.
- //
- if (NameBuffer) {
- RtlFreeHeap(RtlProcessHeap(), 0, NameBuffer);
- NameBuffer = NULL;
- }
- if (FreeBuffer) {
- RtlFreeHeap(RtlProcessHeap(), 0, FreeBuffer);
- FreeBuffer = NULL;
- }
- if (FileHandle) {
- NtClose(FileHandle);
- FileHandle = NULL;
- }
- LastError = 0;
- SearchRetry = TRUE;
- QuoteInsert = FALSE;
- QuoteCmdLine = FALSE;
- if (!ARGUMENT_PRESENT( lpApplicationName )) {
- //
- // Locate the image
- //
- // forgot to free NameBuffer before goto VdmRetry???
- ASSERT(NameBuffer == NULL);
- NameBuffer = RtlAllocateHeap( RtlProcessHeap(),
- MAX_PATH * sizeof( WCHAR ));
- if ( !NameBuffer ) {
- return FALSE;
- }
- lpApplicationName = lpCommandLine;
- TempNull = (PWCH)lpApplicationName;
- WhiteScan = (LPWSTR)lpApplicationName;
- //
- // check for lead quote
- //
- if ( *WhiteScan == L'"' ) {
- SearchRetry = FALSE;
- WhiteScan++;
- lpApplicationName = WhiteScan;
- while(*WhiteScan) {
- if ( *WhiteScan == (WCHAR)'"' ) {
- TempNull = (PWCH)WhiteScan;
- QuoteFound = TRUE;
- break;
- }
- WhiteScan++;
- TempNull = (PWCH)WhiteScan;
- }
- }
- else {
- retrywsscan:
- lpApplicationName = lpCommandLine;
- while(*WhiteScan) {
- if ( *WhiteScan == (WCHAR)' ' ||
- *WhiteScan == (WCHAR)'\t' ) {
- TempNull = (PWCH)WhiteScan;
- break;
- }
- WhiteScan++;
- TempNull = (PWCH)WhiteScan;
- }
- }
- TempChar = *TempNull;
- *TempNull = UNICODE_NULL;
- #ifdef WX86
- //
- // Wx86 applications must use x86 version of known exes
- // for compatibility.
- //
- if (UseKnownWx86Dll) {
- LPWSTR KnownName;
- NtCurrentTeb()->Wx86Thread.UseKnownWx86Dll = FALSE;
- KnownName = BasepWx86KnownExe(lpApplicationName);
- if (KnownName) {
- lpApplicationName = KnownName;
- }
- }
- #endif
- Length = SearchPathW(
- lpApplicationName,
- L".exe",
- NameBuffer,
- )*2;
- if (Length != 0 && Length < MAX_PATH * sizeof( WCHAR )) {
- //
- // SearchPathW worked, but file might be a directory
- // if this happens, we need to keep trying
- //
- fileattr = GetFileAttributesW(NameBuffer);
- if ( fileattr != 0xffffffff &&
- Length = 0;
- } else {
- Length++;
- Length++;
- }
- }
- if ( !Length || Length >= MAX_PATH<<1 ) {
- //
- // If we search pathed, then return file not found.
- // otherwise, try to be more specific.
- //
- HANDLE hFile;
- PathType = RtlDetermineDosPathNameType_U(lpApplicationName);
- if ( PathType != RtlPathTypeRelative ) {
- //
- // The failed open should set get last error properly.
- //
- hFile = CreateFileW(
- lpApplicationName,
- );
- if ( hFile != INVALID_HANDLE_VALUE ) {
- CloseHandle(hFile);
- }
- }
- else {
- }
- //
- // remember initial last error value for the retry scan path
- //
- if ( LastError ) {
- SetLastError(LastError);
- }
- else {
- LastError = GetLastError();
- }
- //
- // restore the command line
- //
- *TempNull = TempChar;
- lpApplicationName = NameBuffer;
- //
- // If we still have command line left, then keep going
- // the point is to march through the command line looking
- // for whitespace so we can try to find an image name
- // launches of things like:
- // c:\word 95\winword.exe /embedding -automation
- // require this. Our first iteration will stop at c:\word, our next
- // will stop at c:\word 95\winword.exe
- //
- if (*WhiteScan && SearchRetry) {
- WhiteScan++;
- TempNull = WhiteScan;
- QuoteInsert = TRUE;
- QuoteFound = TRUE;
- goto retrywsscan;
- }
- return FALSE;
- }
- //
- // restore the command line
- //
- *TempNull = TempChar;
- lpApplicationName = NameBuffer;
- //
- // check whether it is setup.exe started by winlogon.exe
- //
- if (BasepIsSetupInvokedByWinLogon(lpApplicationName))
- {
- // validate the flag
- if (!(dwCreationFlags & CREATE_IGNORE_SYSTEM_DEFAULT))
- {
- //
- // Winlogon does not set the flag correctly
- // in phase1, ignore it(now)
- // in phase2, ASSERT it
- //
- }
- }
- }
- else
- if (!ARGUMENT_PRESENT( lpCommandLine ) || *lpCommandLine == UNICODE_NULL ) {
- QuoteCmdLine = TRUE;
- lpCommandLine = (LPWSTR)lpApplicationName;
- }
- #ifdef WX86
- //
- // Wx86 applications must use x86 version of known exes
- // for compatibility.
- //
- if (UseKnownWx86Dll) {
- LPWSTR KnownName;
- NtCurrentTeb()->Wx86Thread.UseKnownWx86Dll = FALSE;
- KnownName = BasepWx86KnownExe(lpApplicationName);
- if (KnownName) {
- RtlFreeHeap(RtlProcessHeap(), 0, NameBuffer);
- NameBuffer = KnownName;
- lpApplicationName = KnownName;
- }
- }
- #endif
- //
- // Translate to an NT name.
- //
- TranslationStatus = RtlDosPathNameToNtPathName_U(
- lpApplicationName,
- &PathName,
- &RelativeName
- );
- if ( !TranslationStatus ) {
- return FALSE;
- }
- // forgot to free FreeBuffer before goto VdmRetry????
- ASSERT(FreeBuffer == NULL);
- FreeBuffer = PathName.Buffer;
- RtlInitUnicodeString(&SxsWin32ExePath, lpApplicationName);
- {
- RTL_PATH_TYPE SxsWin32ExePathType = RtlDetermineDosPathNameType_U(lpApplicationName);
- if ((SxsWin32ExePathType != RtlPathTypeDriveAbsolute) &&
- (SxsWin32ExePathType != RtlPathTypeUncAbsolute)) {
- if (ExePathFullBuffer == NULL) {
- // It seems that with VDM things, we can rerun this code with a new lpApplication, so
- // we protect against double-allocating the buffer and just allocate a big
- // MAX_PATH one the first time through, assuming it's good enough for the 2ndary times
- // too.
- ExePathFullBuffer = RtlAllocateHeap(RtlProcessHeap(), 0, (MAX_PATH + 1) * sizeof(WCHAR));
- if (ExePathFullBuffer == NULL) {
- return FALSE;
- }
- }
- RtlGetFullPathName_U(lpApplicationName, (MAX_PATH + 1) * sizeof(WCHAR), ExePathFullBuffer, NULL);
- RtlInitUnicodeString(&SxsWin32ExePath, ExePathFullBuffer);
- }
- }
- SxsNtExePath = PathName;
- if ( RelativeName.RelativeName.Length ) {
- PathName = *(PUNICODE_STRING)&RelativeName.RelativeName;
- }
- else {
- RelativeName.ContainingDirectory = NULL;
- }
- InitializeObjectAttributes(
- &Obja,
- &PathName,
- RelativeName.ContainingDirectory,
- );
- //
- // Open the file for red and execute access
- //
- Status = NtOpenFile(
- &FileHandle,
- &Obja,
- &IoStatusBlock,
- );
- if (!NT_SUCCESS(Status) ) {
- //
- // We failed. Open the file for lesser access.
- //
- Status = NtOpenFile(
- &FileHandle,
- &Obja,
- &IoStatusBlock,
- );
- if (!NT_SUCCESS(Status) ) {
- //
- // if we failed, see if this is a device. If it is a device,
- // then just return invalid image format
- //
- if ( RtlIsDosDeviceName_U(RTL_CONST_CAST(PWSTR)(lpApplicationName)) ) {
- }
- else {
- BaseSetLastNTError(Status);
- }
- return FALSE;
- }
- }
- //
- // If no desktop has been specified, use the caller's
- // desktop.
- //
- if (StartupInfo.lpDesktop == NULL) {
- StartupInfo.lpDesktop =
- ProcessParameters)->DesktopInfo.Buffer;
- }
- //
- // Create a section object backed by the file
- //
- Status = NtCreateSection(
- &SectionHandle,
- FileHandle
- );
- //
- // App Certification DLL
- //
- if (NT_SUCCESS(Status)) {
- Status = BasepIsProcessAllowed(lpApplicationName);
- if (!NT_SUCCESS(Status)) {
- BaseSetLastNTError(Status);
- NtClose(SectionHandle);
- return FALSE;
- }
- //
- // If Meow subsystem is enabled and caller specified CREATE_FORECEDOS for a win32 image
- // push it into the meow subsystem
- //
- if ((dwCreationFlags & CREATE_FORCEDOS) && BaseStaticServerData->ForceDos) {
- dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
- bMeowBinary = TRUE;
- NtClose(SectionHandle);
- SectionHandle = NULL;
- }
- }
- //
- // check appcompat (aka apphelp)
- //
- // if we are running under debugger, bVdmRetry will be FALSE
- // yet pAppCompatData may have some data (from the app itself)
- // debugger will do a separate CreateProcess on debugee
- //
- // apphelp gets called if it is win32 app or if it is a .bat or .cmd
- if(!bVdmRetry &&
- (NT_SUCCESS(Status) ||
- (Status == STATUS_INVALID_IMAGE_NOT_MZ && !BaseIsDosApplication(&PathName,Status)))
- ) {
- NTSTATUS BadAppStatus;
- if (NULL != pAppCompatData) {
- RtlFreeHeap(RtlProcessHeap(), 0, pAppCompatData);
- pAppCompatData = NULL;
- }
- if (NULL != pAppCompatSxsData) {
- RtlFreeHeap(RtlProcessHeap(), 0, pAppCompatSxsData);
- pAppCompatSxsData = NULL;
- }
- //
- // we only check ONCE --
- // the second time around is rather meaningless - to check for posix/ntvdm/os2 emulation
- //
- BadAppStatus = BasepCheckBadapp(FileHandle,
- PathName.Buffer,
- (WCHAR*)lpEnvironment,
- &pAppCompatData,
- &cbAppCompatData,
- &pAppCompatSxsData,
- &cbAppCompatSxsData);
- if (!NT_SUCCESS(BadAppStatus)) {
- if (BadAppStatus == STATUS_ACCESS_DENIED) {
- }
- else {
- BaseSetLastNTError(BadAppStatus);
- }
- if (SectionHandle) {
- NtClose(SectionHandle);
- SectionHandle = NULL;
- }
- return FALSE;
- }
- }
- //
- // Winsafer code
- //
- // If this is the first time then we will have to do Safer checks.
- // Note that we do not impose any restrictions on the interpreter
- // itself since it is part of OS.
- //
- if ((!bVdmRetry) &&
- ( (dwCreationFlags & CREATE_PRESERVE_CODE_AUTHZ_LEVEL) == 0 )) {
- NTSTATUS SaferStatus;
- {
- //
- // WinSafer process sandbox restrictions handling.
- // Should be done for non .NET images only.
- //
- SaferStatus = BasepCheckWinSaferRestrictions(
- hUserToken,
- lpApplicationName, // same as PathName.Buffer
- FileHandle,
- &dwJobMemberLevel,
- &hSaferRestrictedToken,
- &hSaferAssignmentJob);
- if (SaferStatus == -1) {
- bStatus = FALSE;
- leave;
- } else if (!NT_SUCCESS(SaferStatus)) {
- BaseSetLastNTError(SaferStatus);
- bStatus = FALSE;
- leave;
- }
- }
- }
- if (!NT_SUCCESS(Status)) {
- switch (Status) {
- // 16 bit OS/2 exe
- #if defined(i386) && defined(OS2_SUPPORT_ENABLED)
- //
- // Use OS/2 if x86 (OS/2 not supported on risc),
- // and CreationFlags don't have forcedos bit
- // and Registry didn't specify ForceDos
- //
- // else execute as a DOS bound app.
- //
- //
- if (!(dwCreationFlags & CREATE_FORCEDOS) &&
- !BaseStaticServerData->ForceDos)
- {
- if ( !BuildSubSysCommandLine( L"OS2 /P ",
- lpApplicationName,
- lpCommandLine,
- &SubSysCommandLine
- ) ) {
- return FALSE;
- }
- lpCommandLine = SubSysCommandLine.Buffer;
- lpApplicationName = NULL;
- bVdmRetry = TRUE;
- goto VdmRetry;
- }
- #endif
- // Falls into Dos case, so that stub message will be
- // printed, and bound apps will run w/o OS/2 subsytem
- // Dos .exe or .com
- ForceDos:
- {
- ULONG BinarySubType;
- BinarySubType = BINARY_TYPE_DOS_EXE;
- (BinarySubType = BaseIsDosApplication(&PathName,Status)) )
- {
- #if defined(_WIN64) || defined(BUILD_WOW6432)
- //
- // If this a DOS application, then we need to pop up a dialog
- // saying that this an invalid win32 application.
- //
- goto RaiseInvalidWin32Error;
- #endif
- VdmBinaryType = BINARY_TYPE_DOS;
- // create the environment before going to the
- // server. This was done becuase we want NTVDM
- // to have the new environment when it gets
- // created.
- if (!BaseCreateVDMEnvironment(
- lpEnvironment,
- &AnsiStringVDMEnv,
- &UnicodeStringVDMEnv
- )) {
- return FALSE;
- }
- if(!BaseCheckVDM(VdmBinaryType | BinarySubType,
- lpApplicationName,
- lpCommandLine,
- lpCurrentDirectory,
- &AnsiStringVDMEnv,
- &m,
- &iTask,
- dwCreationFlags,
- &StartupInfo
- )) {
- return FALSE;
- }
- // Check the return value from the server
- switch (b->VDMState & VDM_STATE_MASK) {
- // mark this so the server can undo
- // creation if something goes wrong.
- // We marked it "partially created" because
- // the NTVDM has yet not been fully created.
- // a call to UpdateVdmEntry to update
- // process handle will signal the NTVDM
- // process completed creation
- // fail the call if NTVDM process is being
- // created DETACHED.
- // note that, we let it go if NTVDM process
- // is already running.
- if (dwCreationFlags & DETACHED_PROCESS) {
- return FALSE;
- }
- if (!BaseGetVdmConfigInfo(lpCommandLine,
- iTask,
- VdmBinaryType,
- &VdmNameString,
- &VdmReserve)) {
- BaseSetLastNTError(Status);
- return FALSE;
- }
- lpCommandLine = VdmNameString.Buffer;
- lpApplicationName = NULL;
- break;
- SetLastError (ERROR_NOT_READY);
- return FALSE;
- VDMCreationState = VDM_BEING_REUSED;
- VdmWaitHandle = b->WaitObjectForParent;
- break;
- }
- VdmReserve--; // we reserve from addr 1
- if(VdmWaitHandle)
- goto VdmExists;
- else{
- bInheritHandles = FALSE;
- if (lpEnvironment &&
- RtlDestroyEnvironment(lpEnvironment);
- }
- lpEnvironment = UnicodeStringVDMEnv.Buffer;
- bVdmRetry = TRUE;
- goto VdmRetry;
- }
- }
- else {
- //
- // must be a .bat or .cmd file
- //
- static PWCHAR CmdPrefix = L"cmd /c ";
- PWCHAR NewCommandLine;
- ULONG Length;
- PWCHAR Last4 = &PathName.Buffer[PathName.Length / sizeof( WCHAR )-4];
- if ( PathName.Length < 8 ) {
- return FALSE;
- }
- if (_wcsnicmp( Last4, L".bat", 4 ) && _wcsnicmp( Last4, L".cmd", 4 )) {
- return FALSE;
- }
- Length = wcslen( CmdPrefix )
- + (QuoteCmdLine || QuoteFound )
- + wcslen( lpCommandLine )
- + (QuoteCmdLine || QuoteFound)
- + 1;
- NewCommandLine = RtlAllocateHeap( RtlProcessHeap( ),
- Length * sizeof( WCHAR ) );
- if (NewCommandLine == NULL) {
- return FALSE;
- }
- wcscpy( NewCommandLine, CmdPrefix );
- if (QuoteCmdLine || QuoteFound) {
- wcscat( NewCommandLine, L""" );
- }
- wcscat( NewCommandLine, lpCommandLine );
- if (QuoteCmdLine || QuoteFound) {
- wcscat( NewCommandLine, L""" );
- }
- RtlInitUnicodeString( &SubSysCommandLine, NewCommandLine );
- lpCommandLine = SubSysCommandLine.Buffer;
- lpApplicationName = NULL;
- bVdmRetry = TRUE;
- goto VdmRetry;
- }
- }
- // 16 bit windows exe
- #if defined(BUILD_WOW6432) || defined(_WIN64)
- if (lpOriginalApplicationName == NULL) {
- // pass in the part of the command line after the exe name
- // including whitespace
- lpCommandLine = ((*TempNull == '"') ? TempNull + 1 : TempNull);
- } else {
- lpCommandLine = lpOriginalCommandLine;
- }
- return NtVdm64CreateProcess(lpOriginalApplicationName == NULL,
- lpApplicationName, // this is now the real file name we've loaded
- lpCommandLine,
- lpProcessAttributes,
- lpThreadAttributes,
- bInheritHandles,
- (dwCreationFlags & ~CREATE_UNICODE_ENVIRONMENT), // the environment has already been converted to unicode
- lpEnvironment,
- lpCurrentDirectory,
- lpStartupInfo,
- lpProcessInformation
- );
- #endif
- if (dwCreationFlags & CREATE_FORCEDOS) {
- goto ForceDos;
- }
- IsWowBinary = TRUE;
- if (!BaseCreateVDMEnvironment(lpEnvironment,
- &AnsiStringVDMEnv,
- &UnicodeStringVDMEnv)) {
- return FALSE;
- }
- RetrySepWow:
- VdmBinaryType = dwCreationFlags & CREATE_SEPARATE_WOW_VDM
- if (!BaseCheckVDM(VdmBinaryType,
- lpApplicationName,
- lpCommandLine,
- lpCurrentDirectory,
- &AnsiStringVDMEnv,
- &m,
- &iTask,
- dwCreationFlags,
- &StartupInfo
- ))
- {
- //
- // If we failed with access denied, caller may not
- // be allowed allowed to access the shared wow's
- // desktop, so retry as a separate wow
- //
- if (VdmBinaryType == BINARY_TYPE_WIN16 &&
- GetLastError() == ERROR_ACCESS_DENIED)
- {
- dwCreationFlags |= CREATE_SEPARATE_WOW_VDM;
- }
- else {
- return FALSE;
- }
- goto RetrySepWow;
- }
- // Check the return value from the server
- switch (b->VDMState & VDM_STATE_MASK){
- // mark this so the server can undo
- // creation if something goes wrong.
- // We marked it "partitially created" because
- // the NTVDM has yet not been fully created.
- // a call to UpdateVdmEntry to update
- // process handle will signal the NTVDM
- // process completed creation
- // jarbats: 1/8/2001
- // Tell BaseGetVdmConfigInfo to create
- // vdm commandline for meow
- //
- if (bMeowBinary)
- {
- VdmReserve = 1;
- }
- if (!BaseGetVdmConfigInfo(
- lpCommandLine,
- iTask,
- VdmBinaryType,
- &VdmNameString,
- &VdmReserve
- )) {
- BaseSetLastNTError(Status);
- return FALSE;
- }
- lpCommandLine = VdmNameString.Buffer;
- lpApplicationName = NULL;
- //
- // Wow must have a hidden console
- // Throw away DETACHED_PROCESS flag which isn't
- // meaningful for Win16 apps.
- //
- dwCreationFlags |= CREATE_NO_WINDOW;
- //
- // We're starting a WOW VDM, turn on feedback unless
- // the creator passed STARTF_FORCEOFFFEEDBACK.
- //
- StartupInfo.dwFlags |= STARTF_FORCEONFEEDBACK;
- break;
- SetLastError (ERROR_NOT_READY);
- return FALSE;
- VDMCreationState = VDM_BEING_REUSED;
- VdmWaitHandle = b->WaitObjectForParent;
- break;
- }
- VdmReserve--; // we reserve from addr 1
- if(VdmWaitHandle)
- goto VdmExists;
- else {
- bInheritHandles = FALSE;
- // replace the environment with ours
- if (lpEnvironment &&
- !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT)) {
- RtlDestroyEnvironment(lpEnvironment);
- }
- lpEnvironment = UnicodeStringVDMEnv.Buffer;
- bVdmRetry = TRUE;
- goto VdmRetry;
- }
- break;
- default :
- return FALSE;
- }
- }
- //
- // Make sure only WOW apps can have the CREATE_SEPARATE_WOW_VDM flag.
- //
- if (!IsWowBinary && (dwCreationFlags & CREATE_SEPARATE_WOW_VDM)) {
- dwCreationFlags &= ~CREATE_SEPARATE_WOW_VDM;
- }
- //
- // Query the section to determine the stack parameters and
- // image entrypoint.
- //
- Status = NtQuerySection(
- SectionHandle,
- SectionImageInformation,
- &ImageInformation,
- sizeof( ImageInformation ),
- );
- if (!NT_SUCCESS( Status )) {
- BaseSetLastNTError(Status);
- return FALSE;
- }
- if (ImageInformation.ImageCharacteristics & IMAGE_FILE_DLL) {
- return FALSE;
- }
- ImageFileDebuggerCommand[ 0 ] = UNICODE_NULL;
- if (!(dwCreationFlags & (DEBUG_PROCESS | DEBUG_ONLY_THIS_PROCESS)) ||
- NtCurrentPeb()->ReadImageFileExecOptions
- ) {
- LdrQueryImageFileExecutionOptions( &PathName,
- L"Debugger",
- ImageFileDebuggerCommand,
- sizeof( ImageFileDebuggerCommand ),
- );
- }
- if ((ImageInformation.Machine < USER_SHARED_DATA->ImageNumberLow) ||
- (ImageInformation.Machine > USER_SHARED_DATA->ImageNumberHigh)) {
- #if defined(_WIN64) || defined(BUILD_WOW6432)
- if (ImageInformation.Machine == IMAGE_FILE_MACHINE_I386) {
- // Fall through since this is a valid machine type.
- }
- else
- #endif
- {
- ULONG_PTR ErrorParameters[2];
- ULONG ErrorResponse;
- #if defined(_WIN64) || defined(BUILD_WOW6432)
- RaiseInvalidWin32Error:
- #endif
- ErrorResponse = ResponseOk;
- ErrorParameters[0] = (ULONG_PTR)&PathName;
- 1,
- 1,
- ErrorParameters,
- OptionOk,
- &ErrorResponse
- );
- if ( NtCurrentPeb()->ImageSubsystemMajorVersion <= 3 ) {
- }
- else {
- }
- return FALSE;
- }
- }
- if ( ImageInformation.SubSystemType != IMAGE_SUBSYSTEM_WINDOWS_GUI &&
- ImageInformation.SubSystemType != IMAGE_SUBSYSTEM_WINDOWS_CUI ) {
- // POSIX exe
- NtClose(SectionHandle);
- SectionHandle = NULL;
- if ( ImageInformation.SubSystemType == IMAGE_SUBSYSTEM_POSIX_CUI ) {
- if ( !BuildSubSysCommandLine( L"POSIX /P ",
- lpApplicationName,
- lpCommandLine,
- &SubSysCommandLine
- ) ) {
- return FALSE;
- }
- lpCommandLine = SubSysCommandLine.Buffer;
- lpApplicationName = NULL;
- bVdmRetry = TRUE;
- goto VdmRetry;
- }
- else {
- return FALSE;
- }
- }
- else {
- if (!BasepIsImageVersionOk( ImageInformation.SubSystemMajorVersion,
- ImageInformation.SubSystemMinorVersion) ) {
- return FALSE;
- }
- }
- if (ImageFileDebuggerCommand[ 0 ] != UNICODE_NULL) {
- SIZE_T n;
- n = wcslen( lpCommandLine );
- if (n == 0) {
- lpCommandLine = (LPWSTR)lpApplicationName;
- n = wcslen( lpCommandLine );
- }
- n += wcslen( ImageFileDebuggerCommand ) + 1 + 2;
- n *= sizeof( WCHAR );
- SubSysCommandLine.Buffer = RtlAllocateHeap( RtlProcessHeap(), MAKE_TAG( TMP_TAG ), n );
- SubSysCommandLine.Length = 0;
- SubSysCommandLine.MaximumLength = (USHORT)n;
- RtlAppendUnicodeToString( &SubSysCommandLine, ImageFileDebuggerCommand );
- RtlAppendUnicodeToString( &SubSysCommandLine, L" " );
- RtlAppendUnicodeToString( &SubSysCommandLine, lpCommandLine );
- #if DBG
- DbgPrint( "BASE: Calling debugger with '%wZ'\n", &SubSysCommandLine );
- #endif
- lpCommandLine = SubSysCommandLine.Buffer;
- lpApplicationName = NULL;
- NtClose(SectionHandle);
- SectionHandle = NULL;
- RtlFreeHeap(RtlProcessHeap(), 0, NameBuffer);
- NameBuffer = NULL;
- RtlFreeHeap(RtlProcessHeap(), 0, FreeBuffer);
- FreeBuffer = NULL;
- goto VdmRetry;
- }
- //
- // Create the process object
- //
- pObja = BaseFormatObjectAttributes(&Obja,lpProcessAttributes,NULL);
- Flags = 0;
- if (dwCreationFlags & CREATE_BREAKAWAY_FROM_JOB ) {
- }
- if ( dwCreationFlags & (DEBUG_PROCESS | DEBUG_ONLY_THIS_PROCESS) ) {
- Status = DbgUiConnectToDbg();
- if ( !NT_SUCCESS(Status) ) {
- BaseSetLastNTError(Status);
- return FALSE;
- }
- DebugPortHandle = DbgUiGetThreadDebugObject ();
- if (dwCreationFlags & DEBUG_ONLY_THIS_PROCESS) {
- }
- }
- if (bInheritHandles) {
- }
- if (((ImageInformation.LoaderFlags & IMAGE_LOADER_FLAGS_COMPLUS) != 0)) {
- #if defined(_WIN64) || defined(BUILD_WOW6432)
- //
- // Check if this is a 32-bit IL_ONLY COM+ image that needs to run natively
- // on Win64.
- //
- if ( ImageInformation.Machine == IMAGE_FILE_MACHINE_I386 ) {
- Status = BasepIsComplusILImage(
- SectionHandle,
- &ImageInformation,
- &ComPlusILImage
- );
- if ((NT_SUCCESS (Status)) && (ComPlusILImage != FALSE)) {
- }
- }
- #endif
- }
- //
- // This is temporary till we get Shim dlls support for native Win64 applications.
- //
- if (ImageInformation.Machine != IMAGE_FILE_MACHINE_I386) {
- pAppCompatDataTemp = NULL;
- } else {
- pAppCompatDataTemp = pAppCompatData;
- }
- Status = NtCreateProcessEx(
- &ProcessHandle,
- pObja,
- NtCurrentProcess(),
- Flags,
- SectionHandle,
- DebugPortHandle,
- dwJobMemberLevel // Job member level
- );
- if ( !NT_SUCCESS(Status) ) {
- BaseSetLastNTError(Status);
- return FALSE;
- }
- //
- // NtCreateProcess will set to normal OR inherit if parent is IDLE or Below
- // only override if a mask is given during the create.
- //
- if ( PriClass.PriorityClass != PROCESS_PRIORITY_CLASS_UNKNOWN ) {
- State = NULL;
- if ( PriClass.PriorityClass == PROCESS_PRIORITY_CLASS_REALTIME ) {
- State = BasepIsRealtimeAllowed(TRUE);
- }
- Status = NtSetInformationProcess(
- ProcessHandle,
- ProcessPriorityClass,
- (PVOID)&PriClass,
- sizeof(PriClass)
- );
- if ( State ) {
- BasepReleasePrivilege( State );
- }
- if ( !NT_SUCCESS(Status) ) {
- BaseSetLastNTError(Status);
- return FALSE;
- }
- }
- if (dwCreationFlags & CREATE_DEFAULT_ERROR_MODE) {
- UINT NewMode;
- NtSetInformationProcess(
- ProcessHandle,
- ProcessDefaultHardErrorMode,
- &NewMode,
- sizeof(NewMode)
- );
- }
- //
- // If the process is being created for a VDM call the server with
- // process handle.
- //
- if (VdmBinaryType) {
- VdmWaitHandle = ProcessHandle;
- &VdmWaitHandle,
- iTask,
- VdmBinaryType
- ))
- {
- //make sure we don't close the handle twice --
- //(VdmWaitHandle == ProcessHandle) if we don't do this.
- VdmWaitHandle = NULL;
- return FALSE;
- }
- //
- // For Sep wow the VdmWaitHandle = NULL (there is none!)
- //
- VDMCreationState |= VDM_FULLY_CREATED;
- }
- #if defined(i386)
- //
- // Reserve memory in the new process' address space if necessary
- // (for vdms). This is required only for x86 system.
- //
- if ( VdmReserve ) {
- BigVdmReserve = VdmReserve;
- Status = NtAllocateVirtualMemory(
- ProcessHandle,
- &BaseAddress,
- 0L,
- &BigVdmReserve,
- );
- if ( !NT_SUCCESS(Status) ){
- BaseSetLastNTError(Status);
- return FALSE;
- }
- }
- #endif
- //
- // Abuse the StaticSize fields temporarily.
- // They are somewhat private, but we are using them for temporary space, sort of.
- // These are the right values for them, but we need to call the proper initialization function,
- // which will store the values a second time (possibly optimized away).
- //
- SxsWin32ManifestPathBuffer.ByteBuffer.StaticSize = SxsWin32ExePath.Length + sizeof(SXS_MANIFEST_SUFFIX);
- SxsWin32PolicyPathBuffer.ByteBuffer.StaticSize = SxsWin32ExePath.Length + sizeof(SXS_POLICY_SUFFIX);
- SxsWin32AssemblyDirectoryBuffer.ByteBuffer.StaticSize = SxsWin32ExePath.Length + sizeof(WCHAR); // Win32AssemblyDirectory overestimate
- SxsNtManifestPathBuffer.ByteBuffer.StaticSize = SxsNtExePath.Length + sizeof(SXS_MANIFEST_SUFFIX);
- SxsNtPolicyPathBuffer.ByteBuffer.StaticSize = SxsNtExePath.Length + sizeof(SXS_POLICY_SUFFIX);
- //
- // now add them up as BYTE sizes
- //
- SxsConglomeratedBufferSizeBytes = 0;
- for (sxsi = 0 ; sxsi != RTL_NUMBER_OF(SxsStringBuffers) ; ++sxsi) {
- SxsConglomeratedBufferSizeBytes += SxsStringBuffers[sxsi]->ByteBuffer.StaticSize;
- }
- #if DBG
- DbgPrintEx(
- "SXS: SxsConglomeratedBufferSizeBytes:%Id\n",
- SxsConglomeratedBufferSizeBytes
- );
- #endif
- //
- // one honking heap allocation
- //
- SxsConglomeratedByteBuffer = (PBYTE)RtlAllocateHeap(RtlProcessHeap(), 0, SxsConglomeratedBufferSizeBytes);
- if (SxsConglomeratedByteBuffer == NULL) {
- return FALSE;
- }
- //
- // now dole out pieces, calling the proper initialization function
- //
- for (sxsi= 0 ; sxsi != RTL_NUMBER_OF(SxsStringBuffers) ; ++sxsi) {
- RtlInitUnicodeStringBuffer(
- SxsStringBuffers[sxsi],
- (sxsi != 0) ? SxsStringBuffers[sxsi - 1]->ByteBuffer.Buffer + SxsStringBuffers[sxsi- 1]->ByteBuffer.StaticSize
- : SxsConglomeratedByteBuffer,
- SxsStringBuffers[sxsi]->ByteBuffer.StaticSize
- );
- }
- SxsExeHandles.Process = ProcessHandle;
- SxsExeHandles.File = FileHandle;
- // The 1 bit here means something different than in the loader.
- ASSERT((((ULONG_PTR)SectionHandle) & (ULONG_PTR)1) == 0);
- SxsExeHandles.Section = SectionHandle;
- // if we have an override stream, use it
- if (NULL != pAppCompatSxsData) {
- AppCompatSxsManifest.Name = SxsWin32ExePath; // unicode string
- AppCompatSxsManifest.Address = pAppCompatSxsData; // pointer to unicode manifest
- AppCompatSxsManifest.Size = cbAppCompatSxsData; // byte count
- }
- Status = BasepSxsCreateProcessCsrMessage(
- (NULL != pAppCompatSxsData) ? &AppCompatSxsManifest : NULL, // override manifest (appcompat hook)
- NULL, // override policy (appcompat hook)
- &SxsManifestPathPair,
- &SxsManifestFileHandles,
- &SxsExePathPair,
- &SxsExeHandles,
- &SxsPolicyPathPair,
- &SxsPolicyHandles,
- &SxsWin32AssemblyDirectoryBuffer,
- &a->Sxs
- );
- #if DBG
- // verify the buffer size calculation
- for (sxsi = 0 ; sxsi != RTL_NUMBER_OF(SxsStringBuffers) ; ++sxsi)
- {
- if (SxsStringBuffers[sxsi]->ByteBuffer.Buffer != SxsStringBuffers[sxsi]->ByteBuffer.StaticBuffer)
- {
- DbgPrintEx(
- "SXS: SxsStringBuffers[%lu]'s StaticSize was computed too small (%Id, %Id)\n",
- sxsi,
- SxsStringBuffers[sxsi]->ByteBuffer.StaticSize,
- SxsStringBuffers[sxsi]->ByteBuffer.Size
- );
- }
- }
- #endif
- if ( !NT_SUCCESS( Status ) ) {
- BaseSetLastNTError(Status);
- return FALSE;
- }
- //
- // Determine the location of the
- // processes PEB.
- //
- Status = NtQueryInformationProcess(
- ProcessHandle,
- ProcessBasicInformation,
- &ProcessInfo,
- sizeof( ProcessInfo ),
- );
- if ( !NT_SUCCESS( Status ) ) {
- BaseSetLastNTError(Status);
- return FALSE;
- }
- Peb = ProcessInfo.PebBaseAddress;
- //
- // Push the parameters into the address space of the new process
- //
- if ( ARGUMENT_PRESENT(lpCurrentDirectory) ) {
- CurdirBuffer = RtlAllocateHeap( RtlProcessHeap(),
- (MAX_PATH + 1) * sizeof( WCHAR ) );
- if ( !CurdirBuffer ) {
- return FALSE;
- }
- CurdirLength2 = GetFullPathNameW(
- lpCurrentDirectory,
- CurdirBuffer,
- &CurdirFilePart
- );
- if ( CurdirLength2 > MAX_PATH ) {
- return FALSE;
- }
- //
- // now make sure the directory exists
- //
- CurdirLength = GetFileAttributesW(CurdirBuffer);
- if ( (CurdirLength == 0xffffffff) ||
- !(CurdirLength & FILE_ATTRIBUTE_DIRECTORY) ) {
- return FALSE;
- }
- }
- if ( QuoteInsert || QuoteCmdLine) {
- QuotedBuffer = RtlAllocateHeap(RtlProcessHeap(),0,wcslen(lpCommandLine)*2+6);
- if ( QuotedBuffer ) {
- wcscpy(QuotedBuffer,L""");
- if ( QuoteInsert ) {
- TempChar = *TempNull;
- *TempNull = UNICODE_NULL;
- }
- wcscat(QuotedBuffer,lpCommandLine);
- wcscat(QuotedBuffer,L""");
- if ( QuoteInsert ) {
- *TempNull = TempChar;
- wcscat(QuotedBuffer,TempNull);
- }
- }
- else {
- if ( QuoteInsert ) {
- QuoteInsert = FALSE;
- }
- if ( QuoteCmdLine ) {
- QuoteCmdLine = FALSE;
- }
- }
- }
- // If we found a manifest, we want to push that fact to the new process.
- if (!BasePushProcessParameters(
- dwBasePushProcessParametersFlags,
- ProcessHandle,
- Peb,
- lpApplicationName,
- CurdirBuffer,
- QuoteInsert || QuoteCmdLine ? QuotedBuffer : lpCommandLine,
- lpEnvironment,
- &StartupInfo,
- dwCreationFlags | dwNoWindow,
- bInheritHandles,
- pAppCompatDataTemp,
- cbAppCompatData
- ) ) {
- return FALSE;
- }
- RtlFreeUnicodeString(&VdmNameString);
- VdmNameString.Buffer = NULL;
- //
- // Stuff in the standard handles if needed
- //
- if (!VdmBinaryType &&
- !bInheritHandles &&
- !(StartupInfo.dwFlags & STARTF_USESTDHANDLES) &&
- ImageInformation.SubSystemType == IMAGE_SUBSYSTEM_WINDOWS_CUI
- ) {
- Status = NtReadVirtualMemory( ProcessHandle,
- &Peb->ProcessParameters,
- &ParametersInNewProcess,
- sizeof( ParametersInNewProcess ),
- );
- if (NT_SUCCESS( Status )) {
- if (!CONSOLE_HANDLE( NtCurrentPeb()->ProcessParameters->StandardInput )) {
- StuffStdHandle( ProcessHandle,
- NtCurrentPeb()->ProcessParameters->StandardInput,
- &ParametersInNewProcess->StandardInput
- );
- }
- if (!CONSOLE_HANDLE( NtCurrentPeb()->ProcessParameters->StandardOutput )) {
- StuffStdHandle( ProcessHandle,
- NtCurrentPeb()->ProcessParameters->StandardOutput,
- &ParametersInNewProcess->StandardOutput
- );
- }
- if (!CONSOLE_HANDLE( NtCurrentPeb()->ProcessParameters->StandardError )) {
- StuffStdHandle( ProcessHandle,
- NtCurrentPeb()->ProcessParameters->StandardError,
- &ParametersInNewProcess->StandardError
- );
- }
- }
- }
- //
- // Create the thread...
- //
- //
- // Allocate a stack for this thread in the address space of the target
- // process.
- //
- StackStatus = BaseCreateStack(
- ProcessHandle,
- ImageInformation.CommittedStackSize,
- (ImageInformation.MaximumStackSize < 256*1024) ? 256*1024 : ImageInformation.MaximumStackSize,
- &InitialTeb
- );
- if ( !NT_SUCCESS(StackStatus) ) {
- BaseSetLastNTError(StackStatus);
- return FALSE;
- }
- //
- // Create an initial context for the new thread.
- //
- BaseInitializeContext(
- &ThreadContext,
- Peb,
- ImageInformation.TransferAddress,
- InitialTeb.StackBase,
- BaseContextTypeProcess
- );
- //
- // Create the actual thread object
- //
- pObja = BaseFormatObjectAttributes(&Obja,lpThreadAttributes,NULL);
- Status = NtCreateThread(
- &ThreadHandle,
- pObja,
- ProcessHandle,
- &ClientId,
- &ThreadContext,
- &InitialTeb,
- );
- if (!NT_SUCCESS(Status) ) {
- BaseSetLastNTError(Status);
- return FALSE;
- }
- a->Peb = (ULONGLONG) Peb;
- //
- // From here on out, do not modify the address space of the
- // new process. WOW64's implementation of NtCreateThread()
- // reshuffles the new process' address space if the current
- // process is 32-bit and the new process is 64-bit.
- //
- #if DBG
- Peb = NULL;
- #endif
- #if defined(WX86)
- //
- // if this is a Wx86 Process, setup for a Wx86 emulated Thread
- //
- if (Wx86Info) {
- //
- // create a WX86Tib and initialize it's Teb->Vdm.
- //
- Status = BaseCreateWx86Tib(ProcessHandle,
- ThreadHandle,
- (ULONG)((ULONG_PTR)ImageInformation.TransferAddress),
- (ULONG)ImageInformation.CommittedStackSize,
- (ULONG)ImageInformation.MaximumStackSize,
- );
- if (!NT_SUCCESS(Status)) {
- BaseSetLastNTError(Status);
- return( FALSE );
- }
- //
- // Mark Process as WX86
- //
- Status = NtSetInformationProcess (ProcessHandle,
- ProcessWx86Information,
- &Wx86Info,
- sizeof(Wx86Info)
- );
- if (!NT_SUCCESS(Status)) {
- BaseSetLastNTError(Status);
- return( FALSE );
- }
- }
- #endif
- //
- // Call the Windows server to let it know about the
- // process.
- //
- a->ProcessHandle = ProcessHandle;
- a->ThreadHandle = ThreadHandle;
- a->ClientId = ClientId;
- switch (ImageInformation.Machine) {
- #if defined(_WIN64) || defined(BUILD_WOW6432)
- a->ProcessorArchitecture = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64;
- #else
- a->ProcessorArchitecture = PROCESSOR_ARCHITECTURE_INTEL;
- #endif
- break;
- a->ProcessorArchitecture = PROCESSOR_ARCHITECTURE_IA64;
- break;
- a->ProcessorArchitecture = PROCESSOR_ARCHITECTURE_AMD64;
- break;
- default:
- DbgPrint("kernel32: No mapping for ImageInformation.Machine == %04x\n", ImageInformation.Machine);
- a->ProcessorArchitecture = PROCESSOR_ARCHITECTURE_UNKNOWN;
- break;
- }
- //
- // remove debug flags now its not being done by CSR
- //
- a->CreationFlags = dwCreationFlags & ~ (DEBUG_PROCESS | DEBUG_ONLY_THIS_PROCESS);
- a->DebuggerClientId.UniqueProcess = NULL;
- a->DebuggerClientId.UniqueThread = NULL;
- //
- // Set the 2 bit if a gui app is starting. The window manager needs to
- // know this so it can synchronize the startup of this app
- // (WaitForInputIdle api). This info is passed using the process
- // handle tag bits. The 1 bit asks the window manager to turn on
- // or turn off the application start cursor (hourglass/pointer).
- //
- // When starting a WOW process, lie and tell UserSrv NTVDM.EXE is a GUI
- // process. We also turn on bit 0x8 so that UserSrv can ignore the
- // UserNotifyConsoleApplication call made by the console during startup.
- //
- if ( ImageInformation.SubSystemType == IMAGE_SUBSYSTEM_WINDOWS_GUI ||
- IsWowBinary ) {
- a->ProcessHandle = (HANDLE)((ULONG_PTR)a->ProcessHandle | 2);
- //
- // If the creating process is a GUI app, turn on the app. start cursor
- // by default. This can be overridden by STARTF_FORCEOFFFEEDBACK.
- //
- NtHeaders = RtlImageNtHeader((PVOID)GetModuleHandle(NULL));
- if ( NtHeaders
- && (NtHeaders->OptionalHeader.Subsystem
- a->ProcessHandle = (HANDLE)((ULONG_PTR)a->ProcessHandle | 1);
- }
- }
- //
- // If feedback is forced on, turn it on. If forced off, turn it off.
- // Off overrides on.
- //
- if (StartupInfo.dwFlags & STARTF_FORCEONFEEDBACK)
- a->ProcessHandle = (HANDLE)((ULONG_PTR)a->ProcessHandle | 1);
- if (StartupInfo.dwFlags & STARTF_FORCEOFFFEEDBACK)
- a->ProcessHandle = (HANDLE)((ULONG_PTR)a->ProcessHandle & ~1);
- a->VdmBinaryType = VdmBinaryType; // just tell server the truth
- if (VdmBinaryType){
- a->hVDM = iTask ? 0 : NtCurrentPeb()->ProcessParameters->ConsoleHandle;
- a->VdmTask = iTask;
- }
- #if defined(BUILD_WOW6432)
- m.ReturnValue = CsrBasepCreateProcess(a);
- #else
- m.u.CreateProcess = *a;
- if (m.u.CreateProcess.Sxs.Flags != 0)
- {
- const PUNICODE_STRING StringsToCapture[] =
- {
- &m.u.CreateProcess.Sxs.Manifest.Path,
- &m.u.CreateProcess.Sxs.Policy.Path,
- &m.u.CreateProcess.Sxs.AssemblyDirectory
- };
- Status =
- CsrCaptureMessageMultiUnicodeStringsInPlace(
- &CaptureBuffer,
- RTL_NUMBER_OF(StringsToCapture),
- StringsToCapture
- );
- if (!NT_SUCCESS(Status)) {
- BaseSetLastNTError(Status);
- return FALSE;
- }
- }
- CsrClientCallServer( (PCSR_API_MSG)&m,
- CaptureBuffer,
- BasepCreateProcess
- ),
- sizeof( *a )
- );
- if ( CaptureBuffer ) {
- CsrFreeCaptureBuffer( CaptureBuffer );
- CaptureBuffer = NULL;
- }
- #endif
- if (!NT_SUCCESS((NTSTATUS)m.ReturnValue)) {
- BaseSetLastNTError((NTSTATUS)m.ReturnValue);
- NtTerminateProcess(ProcessHandle, (NTSTATUS)m.ReturnValue);
- return FALSE;
- }
- //
- // If the WinSafer sandboxing policy indicates that the
- // process needs to be run with a restricted token or placed
- // into a restricted job object, then do those actions now.
- // Do not replace the token if the restricted token was created
- // from a caller supplied token i.e. the CreateProcessAsUser case.
- //
- if ((hSaferRestrictedToken != NULL) && (hUserToken == NULL)) {
- Status = BasepReplaceProcessThreadTokens(
- hSaferRestrictedToken,
- ProcessHandle,
- ThreadHandle);
- if (!NT_SUCCESS(Status)) {
- // kill and cleanup.
- NtTerminateProcess(ProcessHandle, Status);
- BaseSetLastNTError(Status);
- return FALSE;
- }
- }
- if (hSaferAssignmentJob != NULL) {
- Status = NtAssignProcessToJobObject(
- hSaferAssignmentJob, ProcessHandle);
- if (!NT_SUCCESS(Status)) {
- // kill and cleanup.
- NtTerminateProcess(ProcessHandle, STATUS_ACCESS_DENIED);
- BaseSetLastNTError(Status);
- return FALSE;
- }
- }
- //
- // Make the thread start execution if we are allowed to.
- //
- if (!( dwCreationFlags & CREATE_SUSPENDED) ) {
- NtResumeThread(ThreadHandle,&i);
- }
- VdmExists:
- bStatus = TRUE;
- if (VDMCreationState)
- try {
- if (VdmWaitHandle) {
- //
- // tag Shared WOW VDM handles so that wait for input idle has a
- // chance to work. Shared WOW VDM "process" handles are actually
- // event handles, Separate WOW VDM handles are real process
- // handles. Also mark DOS handles with 0x1 so WaitForInputIdle
- // has a way to distinguish DOS apps and not block forever.
- //
- if (VdmBinaryType == BINARY_TYPE_WIN16) {
- lpProcessInformation->hProcess =
- (HANDLE)((ULONG_PTR)VdmWaitHandle | 0x2);
- //
- // Shared WOW doesn't always start a process, so
- // we don't have a process ID or thread ID to
- // return if the VDM already existed.
- //
- // Separate WOW doesn't hit this codepath
- // (no VdmWaitHandle).
- //
- if (VDMCreationState & VDM_BEING_REUSED) {
- ClientId.UniqueProcess = 0;
- ClientId.UniqueThread = 0;
- }
- }
- else {
- lpProcessInformation->hProcess =
- (HANDLE)((ULONG_PTR)VdmWaitHandle | 0x1);
- }
- //
- // Close the ProcessHandle, since we are returning the
- // VdmProcessHandle instead.
- //
- if (ProcessHandle != NULL)
- NtClose(ProcessHandle);
- }
- else{
- lpProcessInformation->hProcess = ProcessHandle;
- }
- lpProcessInformation->hThread = ThreadHandle;
- lpProcessInformation->dwProcessId = HandleToUlong(ClientId.UniqueProcess);
- lpProcessInformation->dwThreadId = HandleToUlong(ClientId.UniqueThread);
- ProcessHandle = NULL;
- ThreadHandle = NULL;
- }
- NtClose( ProcessHandle );
- NtClose( ThreadHandle );
- ProcessHandle = NULL;
- ThreadHandle = NULL;
- if (VDMCreationState)
- }
- }
- __finally {
- if (ExePathFullBuffer != NULL) {
- SxsWin32ExePath.Buffer = NULL;
- SxsWin32ExePath.Length = 0;
- SxsWin32ExePath.MaximumLength = 0;
- RtlFreeHeap(RtlProcessHeap(), 0, ExePathFullBuffer);
- ExePathFullBuffer = NULL;
- }
- if (!VdmBinaryType) {
- NTSTATUS Status1;
- BasepSxsCloseHandles(&SxsManifestFileHandles);
- BasepSxsCloseHandles(&SxsPolicyHandles);
- //
- // don't close SxsExeHandles, they are
- // aliases of other variables that are either closed
- // or returned to the caller
- //
- //
- // This loop only really frees any memory if our computation
- // of the overall buffer size was too low, which it is not supposed to be.
- //
- if (SxsConglomeratedByteBuffer != NULL) {
- for (sxsi= 0 ; sxsi != RTL_NUMBER_OF(SxsStringBuffers) ; ++sxsi) {
- RtlFreeUnicodeStringBuffer(SxsStringBuffers[sxsi]);
- }
- RtlFreeHeap(RtlProcessHeap(), 0,SxsConglomeratedByteBuffer);
- }
- }
- if (lpEnvironment && !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT) ) {
- RtlDestroyEnvironment(lpEnvironment);
- lpEnvironment = NULL;
- }
- RtlFreeHeap(RtlProcessHeap(), 0,QuotedBuffer);
- RtlFreeHeap(RtlProcessHeap(), 0,NameBuffer);
- RtlFreeHeap(RtlProcessHeap(), 0,CurdirBuffer);
- RtlFreeHeap(RtlProcessHeap(), 0,FreeBuffer);
- if ( FileHandle ) {
- NtClose(FileHandle);
- }
- if ( SectionHandle ) {
- NtClose(SectionHandle);
- }
- if ( ThreadHandle ) {
- NtTerminateProcess(ProcessHandle,STATUS_SUCCESS);
- NtClose(ThreadHandle);
- }
- if ( ProcessHandle ) {
- NtClose(ProcessHandle);
- }
- if ( hSaferAssignmentJob ) {
- NtClose(hSaferAssignmentJob);
- }
- if ( hSaferRestrictedToken ) {
- if (hUserToken == NULL) {
- // CreateProcess case
- NtClose(hSaferRestrictedToken);
- }
- else{
- // CreateProcessAsUser case
- *hRestrictedUserToken = hSaferRestrictedToken;
- }
- }
- if (NULL != pAppCompatData) {
- RtlFreeHeap(RtlProcessHeap(), 0, pAppCompatData);
- }
- if (NULL != pAppCompatSxsData) {
- RtlFreeHeap(RtlProcessHeap(), 0, pAppCompatSxsData);
- }
- RtlFreeUnicodeString(&VdmNameString);
- RtlFreeUnicodeString(&SubSysCommandLine);
- if (AnsiStringVDMEnv.Buffer || UnicodeStringVDMEnv.Buffer)
- BaseDestroyVDMEnvironment(&AnsiStringVDMEnv, &UnicodeStringVDMEnv);
- if (VDMCreationState && !(VDMCreationState & VDM_CREATION_SUCCESSFUL)){
- BaseUpdateVDMEntry (
- (HANDLE *)&iTask,
- VDMCreationState,
- VdmBinaryType
- );
- if(VdmWaitHandle) {
- NtClose(VdmWaitHandle);
- }
- }
- }
- if (lpEnvironment && !(dwCreationFlags & CREATE_UNICODE_ENVIRONMENT) ) {
- RtlDestroyEnvironment(lpEnvironment);
- }
- return bStatus;
- }
- CreateProcessW(
- LPCWSTR lpApplicationName,
- LPWSTR lpCommandLine,
- LPSECURITY_ATTRIBUTES lpProcessAttributes,
- BOOL bInheritHandles,
- DWORD dwCreationFlags,
- LPVOID lpEnvironment,
- LPCWSTR lpCurrentDirectory,
- LPPROCESS_INFORMATION lpProcessInformation
- )
- /*++
- Routine Description:
- A process and thread object are created and a handle opened to each
- object using CreateProcess. Note that WinExec and LoadModule are
- still supported, but are implemented as a call to CreateProcess.
- Arguments:
- lpApplicationName - Supplies an optional pointer to a null terminated
- character string that contains the name of the image file to
- execute. This is a fully qualified DOS path name. If not
- specified, then the image file name is the first whitespace
- delimited token on the command line.
- lpCommandLine - Supplies a null terminated character string that
- contains the command line for the application to be executed.
- The entire command line is made available to the new process
- using GetCommandLine. If the lpApplicationName parameter was
- not specified, then the first token of the command line
- specifies file name of the application (note that this token
- begins at the beginning of the command line and ends at the
- first "white space" character). If the file name does not
- contain an extension (the presence of a "."), then .EXE is
- assumed. If the file name does not contain a directory path,
- Windows will search for the executable file in:
- - The current directory
- - The windows directory
- - The windows system directory
- - The directories listed in the path environment variable
- This parameter is optional onlu if the lpApplicationName
- parameter is specified. In this case the command line the
- application receives will be the application name.
- lpProcessAttributes - An optional parameter that may be used to
- specify the attributes of the new process. If the parameter is
- not specified, then the process is created without a security
- descriptor, and the resulting handle is not inherited on process
- creation:
- DWORD nLength - Specifies the length of this structure. Must be
- set to sizeof( SECURITY_ATTRUBUTES ).
- LPVOID lpSecurityDescriptor - Points to a security descriptor for
- the object (must be NULL for Win32, used on NT/Win32). The
- security descriptor controls the sharing of an object.
- BOOL bInheritHandle - Supplies a flag that indicates whether
- or not the returned handle is to be inherited by a new
- process during process creation. A value of TRUE
- indicates that the new process will inherit the handle.
- lpThreadAttributes - An optional parameter that may be used to specify
- the attributes of the new thread. If the parameter is not
- specified, then the thread is created without a security
- descriptor, and the resulting handle is not inherited on
- process creation.
- dwCreationFlags - Supplies additional flags that control the creation
- of the process.
- dwCreationFlags Flags:
- DEBUG_PROCESS - If this flag bit is set, then the creating
- process is treated as a debugger, and the process being
- created is created as a debugee. All debug events occuring
- in the debugee are reported to the debugger. If this bit is
- clear, but the calling process is a debugee, then the
- process becomes a debugee of the calling processes debugger.
- If this bit is clear and the calling processes is not a
- debugee then no debug related actions occur.
- DEBUG_ONLY_THIS_PROCESS - If this flag is set, then the
- DEBUG_PROCESS flag bit must also be set. The calling
- process is is treated as a debugger, and the new process is
- created as its debuggee. If the new process creates
- additional processes, no debug related activities (with
- respect to the debugger) occur.
- CREATE_SUSPENDED - The process is created, but the initial thread
- of the process remains suspended. The creator can resume this
- thread using ResumeThread. Until this is done, code in the
- process will not execute.
- CREATE_UNICODE_ENVIRONMENT - If set, the environment pointer
- points to a Unicode environment block. Otherwise, the
- block is ANSI (actually OEM.)
- bInheritHandles - Supplies a flag that specifies whether or not the
- new process is to inherit handles to objects visible to the
- calling process. A value of TRUE causes handles to be inherited
- by the new process. If TRUE was specified, then for each handle
- visible to the calling process, if the handle was created with
- the inherit handle option, the handle is inherited to the new
- process. The handle has the same granted access in the new
- process as it has in the calling process, and the value of the
- handle is the same.
- lpEnvironment - An optional parameter, that if specified, supplies a
- pointer to an environment block. If the parameter is not
- specified, the environment block of the current process is used.
- This environment block is made available to the new process
- using GetEnvironmentStrings.
- lpCurrentDirectory - An optional parameter, that if specified,
- supplies a string representing the current drive and directory
- for the new process. The string must be a fully qualified
- pathname that includes a drive letter. If the parameter is not
- specified, then the new process is created with the same current
- drive and directory as the calling process. This option is
- provided primarily for shells that want to start an application
- and specify its initial drive and working directory.
- lpStartupInfo - Supplies information that specified how the
- applications window is to be shown. This structure is described
- in the Win32 User Interface API Book.
- lpProcessInformation - Returns identification information about the
- new process.
- HANDLE hProcess - Returns a handle to the newly created process.
- Through the handle, all operations on process objects are
- allowed.
- HANDLE hThread - Returns a handle to the newly created thread.
- Through the handle, all operations on thread objects are
- allowed.
- DWORD dwProcessId - Returns a global process id that may be used
- to identify a process. The value is valid from the time the
- process is created until the time the process is terminated.
- DWORD dwThreadId - Returns a global thread id that may be used
- to identify a thread. The value is valid from the time the
- thread is created until the time the thread is terminated.
- Return Value:
- TRUE - The operation was successful
- FALSE/NULL - The operation failed. Extended error status is available
- using GetLastError.
- --*/
- {
- return CreateProcessInternalW(
- NULL, // Create new process with the token on the creator process
- lpApplicationName,
- lpCommandLine,
- lpProcessAttributes,
- lpThreadAttributes,
- bInheritHandles,
- dwCreationFlags,
- lpEnvironment,
- lpCurrentDirectory,
- lpStartupInfo,
- lpProcessInformation,
- NULL // Do not return the restricted token
- );
- }
