[RTL] Introduce RtlpImageNtHeader,

which implements the required functionality.
ntdll and ntoskrnl now have a wrapper for this, with SEH.
This protects the function against malformed / bad images,
whilst still being able to use the code in freeldr et al.
Idea from Thomas.
CORE-14857
This commit is contained in:
Mark Jansen 2020-03-28 14:28:49 +01:00
parent 4b2665046d
commit 177ae91bf6
No known key found for this signature in database
GPG key ID: B39240EE84BEAE8B
7 changed files with 156 additions and 13 deletions

View file

@ -20,6 +20,7 @@ list(APPEND BOOTLIB_SOURCE
lib/misc/resource.c
lib/misc/font.c
lib/misc/rtlcompat.c
lib/rtl/libsupp.c
lib/firmware/fwutil.c
lib/firmware/efi/firmware.c
lib/mm/mm.c

View file

@ -0,0 +1,39 @@
/*
* COPYRIGHT: See COPYING.ARM in the top level directory
* PROJECT: ReactOS UEFI Boot Library
* FILE: boot/environ/lib/rtl/libsupp.c
* PURPOSE: RTL Support Routines
* PROGRAMMER: Mark Jansen (mark.jansen@reactos.org)
*/
/* INCLUDES ******************************************************************/
#include "bl.h"
/* FUNCTIONS *****************************************************************/
/* Ldr access to IMAGE_NT_HEADERS without SEH */
/* Rtl SEH-Free version of this */
NTSTATUS
NTAPI
RtlpImageNtHeaderEx(
_In_ ULONG Flags,
_In_ PVOID Base,
_In_ ULONG64 Size,
_Out_ PIMAGE_NT_HEADERS *OutHeaders);
/*
* @implemented
*/
NTSTATUS
NTAPI
RtlImageNtHeaderEx(
_In_ ULONG Flags,
_In_ PVOID Base,
_In_ ULONG64 Size,
_Out_ PIMAGE_NT_HEADERS *OutHeaders)
{
return RtlpImageNtHeaderEx(Flags, Base, Size, OutHeaders);
}

View file

@ -57,3 +57,30 @@ RtlpSafeCopyMemory(
RtlCopyMemory(Destination, Source, Length);
return STATUS_SUCCESS;
}
/* Ldr access to IMAGE_NT_HEADERS without SEH */
/* Rtl SEH-Free version of this */
NTSTATUS
NTAPI
RtlpImageNtHeaderEx(
_In_ ULONG Flags,
_In_ PVOID Base,
_In_ ULONG64 Size,
_Out_ PIMAGE_NT_HEADERS *OutHeaders);
/*
* @implemented
*/
NTSTATUS
NTAPI
RtlImageNtHeaderEx(
_In_ ULONG Flags,
_In_ PVOID Base,
_In_ ULONG64 Size,
_Out_ PIMAGE_NT_HEADERS *OutHeaders)
{
return RtlpImageNtHeaderEx(Flags, Base, Size, OutHeaders);
}

View file

@ -505,6 +505,49 @@ RtlpGetAtomEntry(PRTL_ATOM_TABLE AtomTable, ULONG Index)
return NULL;
}
/* Ldr SEH-Protected access to IMAGE_NT_HEADERS */
/* Rtl SEH-Free version of this */
NTSTATUS
NTAPI
RtlpImageNtHeaderEx(
_In_ ULONG Flags,
_In_ PVOID Base,
_In_ ULONG64 Size,
_Out_ PIMAGE_NT_HEADERS *OutHeaders);
/*
* @implemented
* @note: This is here, so that we do not drag SEH into rosload, freeldr and bootmgfw
*/
NTSTATUS
NTAPI
RtlImageNtHeaderEx(
_In_ ULONG Flags,
_In_ PVOID Base,
_In_ ULONG64 Size,
_Out_ PIMAGE_NT_HEADERS *OutHeaders)
{
NTSTATUS Status;
/* Assume failure. This is also done in RtlpImageNtHeaderEx, but this is guarded by SEH. */
if (OutHeaders != NULL)
*OutHeaders = NULL;
_SEH2_TRY
{
Status = RtlpImageNtHeaderEx(Flags, Base, Size, OutHeaders);
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
/* Fail with the SEH error */
Status = _SEH2_GetExceptionCode();
}
_SEH2_END;
return Status;
}
/*
* Ldr Resource support code

View file

@ -464,17 +464,8 @@ FreeLibrary(HINSTANCE hLibModule)
if (LDR_IS_DATAFILE(hLibModule))
{
// FIXME: This SEH should go inside RtlImageNtHeader instead
// See https://jira.reactos.org/browse/CORE-14857
_SEH2_TRY
{
/* This is a LOAD_LIBRARY_AS_DATAFILE module, check if it's a valid one */
NtHeaders = RtlImageNtHeader((PVOID)((ULONG_PTR)hLibModule & ~1));
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
NtHeaders = NULL;
} _SEH2_END
/* This is a LOAD_LIBRARY_AS_DATAFILE module, check if it's a valid one */
NtHeaders = RtlImageNtHeader((PVOID)((ULONG_PTR)hLibModule & ~1));
if (NtHeaders)
{

View file

@ -691,6 +691,49 @@ RtlpGetAtomEntry(PRTL_ATOM_TABLE AtomTable, ULONG Index)
return Entry;
}
/* Ldr SEH-Protected access to IMAGE_NT_HEADERS */
/* Rtl SEH-Free version of this */
NTSTATUS
NTAPI
RtlpImageNtHeaderEx(
_In_ ULONG Flags,
_In_ PVOID Base,
_In_ ULONG64 Size,
_Out_ PIMAGE_NT_HEADERS *OutHeaders);
/*
* @implemented
* @note: This is here, so that we do not drag SEH into rosload, freeldr and bootmgfw
*/
NTSTATUS
NTAPI
RtlImageNtHeaderEx(
_In_ ULONG Flags,
_In_ PVOID Base,
_In_ ULONG64 Size,
_Out_ PIMAGE_NT_HEADERS *OutHeaders)
{
NTSTATUS Status;
/* Assume failure. This is also done in RtlpImageNtHeaderEx, but this is guarded by SEH. */
if (OutHeaders != NULL)
*OutHeaders = NULL;
_SEH2_TRY
{
Status = RtlpImageNtHeaderEx(Flags, Base, Size, OutHeaders);
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
/* Fail with the SEH error */
Status = _SEH2_GetExceptionCode();
}
_SEH2_END;
return Status;
}
/*
* Ldr Resource support code
*/

View file

@ -134,11 +134,10 @@ LdrVerifyMappedImageMatchesChecksum(
/*
* @implemented
* @note This needs SEH (See https://jira.reactos.org/browse/CORE-14857)
*/
NTSTATUS
NTAPI
RtlImageNtHeaderEx(
RtlpImageNtHeaderEx(
_In_ ULONG Flags,
_In_ PVOID Base,
_In_ ULONG64 Size,