mirror of
https://github.com/reactos/reactos.git
synced 2024-10-15 05:37:44 +00:00
PEB will be created in NtCreateProcess.
svn path=/trunk/; revision=695
This commit is contained in:
parent
81a9f1c4b0
commit
babfe77ea9
|
@ -2078,14 +2078,14 @@ CreateProcessA(
|
||||||
DWORD dwCreationFlags,
|
DWORD dwCreationFlags,
|
||||||
LPVOID lpEnvironment,
|
LPVOID lpEnvironment,
|
||||||
LPCSTR lpCurrentDirectory,
|
LPCSTR lpCurrentDirectory,
|
||||||
LPSTARTUPINFO lpStartupInfo,
|
LPSTARTUPINFOA lpStartupInfo,
|
||||||
LPPROCESS_INFORMATION lpProcessInformation
|
LPPROCESS_INFORMATION lpProcessInformation
|
||||||
);
|
);
|
||||||
|
|
||||||
VOID
|
VOID
|
||||||
STDCALL
|
STDCALL
|
||||||
GetStartupInfoA(
|
GetStartupInfoA(
|
||||||
LPSTARTUPINFO lpStartupInfo
|
LPSTARTUPINFOA lpStartupInfo
|
||||||
);
|
);
|
||||||
|
|
||||||
HANDLE
|
HANDLE
|
||||||
|
@ -2979,7 +2979,7 @@ DdeQueryStringA (DWORD, HSZ, char *, DWORD, int);
|
||||||
WINBOOL STDCALL LogonUserA (LPSTR, LPSTR, LPSTR, DWORD, DWORD, HANDLE *);
|
WINBOOL STDCALL LogonUserA (LPSTR, LPSTR, LPSTR, DWORD, DWORD, HANDLE *);
|
||||||
WINBOOL STDCALL CreateProcessAsUserA (HANDLE, LPCTSTR, LPTSTR,
|
WINBOOL STDCALL CreateProcessAsUserA (HANDLE, LPCTSTR, LPTSTR,
|
||||||
SECURITY_ATTRIBUTES*, SECURITY_ATTRIBUTES*, WINBOOL, DWORD, LPVOID,
|
SECURITY_ATTRIBUTES*, SECURITY_ATTRIBUTES*, WINBOOL, DWORD, LPVOID,
|
||||||
LPCTSTR, STARTUPINFO*, PROCESS_INFORMATION*);
|
LPCTSTR, STARTUPINFOA*, PROCESS_INFORMATION*);
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
}
|
}
|
||||||
|
|
|
@ -46,30 +46,31 @@ typedef struct linux_sigcontext {
|
||||||
|
|
||||||
typedef ULONG THREADINFOCLASS;
|
typedef ULONG THREADINFOCLASS;
|
||||||
|
|
||||||
typedef struct _STARTUPINFOW {
|
typedef struct _PROCESSINFO
|
||||||
DWORD cb;
|
{
|
||||||
WCHAR WindowTitle[MAX_PATH];
|
WCHAR WindowTitle[MAX_PATH];
|
||||||
WCHAR ImageFile[MAX_PATH];
|
WCHAR ImageFile[MAX_PATH];
|
||||||
WCHAR CommandLine[MAX_PATH];
|
WCHAR CommandLine[MAX_PATH];
|
||||||
WCHAR DllPath[MAX_PATH];
|
WCHAR DllPath[MAX_PATH];
|
||||||
WCHAR Reserved[MAX_PATH];
|
WCHAR Reserved[MAX_PATH];
|
||||||
WCHAR Desktop[MAX_PATH];
|
WCHAR Desktop[MAX_PATH];
|
||||||
WCHAR Title[MAX_PATH];
|
WCHAR Title[MAX_PATH];
|
||||||
DWORD dwX;
|
PVOID Environment;
|
||||||
DWORD dwY;
|
DWORD dwX;
|
||||||
DWORD dwXSize;
|
DWORD dwY;
|
||||||
DWORD dwYSize;
|
DWORD dwXSize;
|
||||||
DWORD dwXCountChars;
|
DWORD dwYSize;
|
||||||
DWORD dwYCountChars;
|
DWORD dwXCountChars;
|
||||||
DWORD dwFillAttribute;
|
DWORD dwYCountChars;
|
||||||
DWORD dwFlags;
|
DWORD dwFillAttribute;
|
||||||
WORD wShowWindow;
|
DWORD dwFlags;
|
||||||
WORD cbReserved2;
|
WORD wShowWindow;
|
||||||
unsigned char * lpReserved2;
|
WORD cbReserved2;
|
||||||
HANDLE hStdInput;
|
unsigned char *lpReserved2;
|
||||||
HANDLE hStdOutput;
|
HANDLE hStdInput;
|
||||||
HANDLE hStdError;
|
HANDLE hStdOutput;
|
||||||
} PROCESSINFOW, *PPROCESSINFOW;
|
HANDLE hStdError;
|
||||||
|
} PROCESSINFO, *PPROCESSINFO;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -92,7 +93,7 @@ typedef struct _NT_PEB
|
||||||
WORD NumberOfProcessors; // 11h
|
WORD NumberOfProcessors; // 11h
|
||||||
WORD NtGlobalFlag; // 13h
|
WORD NtGlobalFlag; // 13h
|
||||||
|
|
||||||
PPROCESSINFOW StartupInfo; // 15h
|
PPROCESSINFO ProcessInfo; // 15h
|
||||||
HANDLE ProcessHeap; // 19h
|
HANDLE ProcessHeap; // 19h
|
||||||
ATOMTABLE LocalAtomTable; // 1Dh
|
ATOMTABLE LocalAtomTable; // 1Dh
|
||||||
LPCRITICAL_SECTION CriticalSection; // 35h
|
LPCRITICAL_SECTION CriticalSection; // 35h
|
||||||
|
@ -100,7 +101,7 @@ typedef struct _NT_PEB
|
||||||
WORD MajorVersion; // 3Dh
|
WORD MajorVersion; // 3Dh
|
||||||
WORD MinorVersion; // 3Fh
|
WORD MinorVersion; // 3Fh
|
||||||
WORD BuildNumber; // 41h
|
WORD BuildNumber; // 41h
|
||||||
WORD PlatformId; // 43h
|
WORD PlatformId; // 43h
|
||||||
} NT_PEB, *PNT_PEB;
|
} NT_PEB, *PNT_PEB;
|
||||||
|
|
||||||
typedef struct _CLIENT_ID
|
typedef struct _CLIENT_ID
|
||||||
|
@ -124,25 +125,25 @@ typedef struct _NT_TIB {
|
||||||
|
|
||||||
typedef struct _NT_TEB
|
typedef struct _NT_TEB
|
||||||
{
|
{
|
||||||
NT_TIB Tib; // 00h
|
NT_TIB Tib; // 00h
|
||||||
ULONG reserved1; // 1Ch ???
|
ULONG reserved1; // 1Ch ???
|
||||||
CLIENT_ID Cid; // 20h
|
CLIENT_ID Cid; // 20h
|
||||||
ULONG reserved2; // 28h ???
|
ULONG reserved2; // 28h ???
|
||||||
ULONG reserved3; // 2Ch ???
|
ULONG reserved3; // 2Ch ???
|
||||||
NT_PEB *Peb; // 30h
|
PNT_PEB Peb; // 30h
|
||||||
DWORD LastErrorCode; // 34h
|
DWORD LastErrorCode; // 34h
|
||||||
|
|
||||||
HANDLE RPCHandle; // 36
|
HANDLE RPCHandle; // 36
|
||||||
PVOID TlsData[TLS_MINIMUM_AVAILABLE]; // 40
|
PVOID TlsData[TLS_MINIMUM_AVAILABLE]; // 40
|
||||||
DWORD dwTlsIndex; // 230
|
DWORD dwTlsIndex; // 230
|
||||||
NTSTATUS LastStatusValue; // 242
|
NTSTATUS LastStatusValue; // 242
|
||||||
DWORD LockCount; // 244
|
DWORD LockCount; // 244
|
||||||
UCHAR HardErrorMode; // 248
|
UCHAR HardErrorMode; // 248
|
||||||
|
|
||||||
/* reactos only ??? (Eric Kohl) */
|
/* reactos only ??? (Eric Kohl) */
|
||||||
PVOID StackCommit;
|
PVOID StackCommit;
|
||||||
PVOID StackCommitMax;
|
PVOID StackCommitMax;
|
||||||
PVOID StackReserved;
|
PVOID StackReserved;
|
||||||
} NT_TEB, *PNT_TEB;
|
} NT_TEB, *PNT_TEB;
|
||||||
|
|
||||||
struct _KPROCESS;
|
struct _KPROCESS;
|
||||||
|
@ -233,9 +234,10 @@ typedef struct _KTHREAD
|
||||||
// According to documentation the stack should have a commited [ 1 page ] and
|
// According to documentation the stack should have a commited [ 1 page ] and
|
||||||
// a reserved part [ 1 M ] but can be specified otherwise in the image file.
|
// a reserved part [ 1 M ] but can be specified otherwise in the image file.
|
||||||
|
|
||||||
typedef struct _INITIAL_TEB {
|
typedef struct _INITIAL_TEB
|
||||||
|
{
|
||||||
PVOID StackBase;
|
PVOID StackBase;
|
||||||
PVOID StackLimit;
|
PVOID StackLimit;
|
||||||
PVOID StackCommit;
|
PVOID StackCommit;
|
||||||
PVOID StackCommitMax;
|
PVOID StackCommitMax;
|
||||||
PVOID StackReserved;
|
PVOID StackReserved;
|
||||||
|
|
|
@ -3971,11 +3971,11 @@ typedef struct tagSOUNDSENTRY {
|
||||||
DWORD iWindowsEffectOrdinal;
|
DWORD iWindowsEffectOrdinal;
|
||||||
} SOUNDSENTRY, *LPSOUNDSENTRY;
|
} SOUNDSENTRY, *LPSOUNDSENTRY;
|
||||||
|
|
||||||
typedef struct _STARTUPINFO {
|
typedef struct _STARTUPINFOA {
|
||||||
DWORD cb;
|
DWORD cb;
|
||||||
LPTSTR lpReserved;
|
LPSTR lpReserved;
|
||||||
LPTSTR lpDesktop;
|
LPSTR lpDesktop;
|
||||||
LPTSTR lpTitle;
|
LPSTR lpTitle;
|
||||||
DWORD dwX;
|
DWORD dwX;
|
||||||
DWORD dwY;
|
DWORD dwY;
|
||||||
DWORD dwXSize;
|
DWORD dwXSize;
|
||||||
|
@ -3990,7 +3990,36 @@ typedef struct _STARTUPINFO {
|
||||||
HANDLE hStdInput;
|
HANDLE hStdInput;
|
||||||
HANDLE hStdOutput;
|
HANDLE hStdOutput;
|
||||||
HANDLE hStdError;
|
HANDLE hStdError;
|
||||||
} STARTUPINFO, *LPSTARTUPINFO;
|
} STARTUPINFOA, *LPSTARTUPINFOA;
|
||||||
|
|
||||||
|
typedef struct _STARTUPINFOW {
|
||||||
|
DWORD cb;
|
||||||
|
LPWSTR lpReserved;
|
||||||
|
LPWSTR lpDesktop;
|
||||||
|
LPWSTR lpTitle;
|
||||||
|
DWORD dwX;
|
||||||
|
DWORD dwY;
|
||||||
|
DWORD dwXSize;
|
||||||
|
DWORD dwYSize;
|
||||||
|
DWORD dwXCountChars;
|
||||||
|
DWORD dwYCountChars;
|
||||||
|
DWORD dwFillAttribute;
|
||||||
|
DWORD dwFlags;
|
||||||
|
WORD wShowWindow;
|
||||||
|
WORD cbReserved2;
|
||||||
|
LPBYTE lpReserved2;
|
||||||
|
HANDLE hStdInput;
|
||||||
|
HANDLE hStdOutput;
|
||||||
|
HANDLE hStdError;
|
||||||
|
} STARTUPINFOW, *LPSTARTUPINFOW;
|
||||||
|
|
||||||
|
#ifdef UNICODE
|
||||||
|
typedef STARTUPINFOW STARTUPINFO;
|
||||||
|
typedef LPSTARTUPINFOW LPSTARTUPINFO;
|
||||||
|
#else
|
||||||
|
typedef STARTUPINFOA STARTUPINFO;
|
||||||
|
typedef LPSTARTUPINFOA LPSTARTUPINFO;
|
||||||
|
#endif /* UNICODE */
|
||||||
|
|
||||||
typedef struct tagSTICKYKEYS {
|
typedef struct tagSTICKYKEYS {
|
||||||
DWORD cbSize;
|
DWORD cbSize;
|
||||||
|
|
|
@ -2093,14 +2093,14 @@ CreateProcessW(
|
||||||
DWORD dwCreationFlags,
|
DWORD dwCreationFlags,
|
||||||
LPVOID lpEnvironment,
|
LPVOID lpEnvironment,
|
||||||
LPCWSTR lpCurrentDirectory,
|
LPCWSTR lpCurrentDirectory,
|
||||||
LPSTARTUPINFO lpStartupInfo,
|
LPSTARTUPINFOW lpStartupInfo,
|
||||||
LPPROCESS_INFORMATION lpProcessInformation
|
LPPROCESS_INFORMATION lpProcessInformation
|
||||||
);
|
);
|
||||||
|
|
||||||
VOID
|
VOID
|
||||||
STDCALL
|
STDCALL
|
||||||
GetStartupInfoW(
|
GetStartupInfoW(
|
||||||
LPSTARTUPINFO lpStartupInfo
|
LPSTARTUPINFOW lpStartupInfo
|
||||||
);
|
);
|
||||||
|
|
||||||
HANDLE
|
HANDLE
|
||||||
|
@ -2999,7 +2999,7 @@ DdeQueryStringW (DWORD, HSZ, LPCWSTR, DWORD, int);
|
||||||
WINBOOL STDCALL LogonUserW (LPWSTR, LPWSTR, LPWSTR, DWORD, DWORD, HANDLE *);
|
WINBOOL STDCALL LogonUserW (LPWSTR, LPWSTR, LPWSTR, DWORD, DWORD, HANDLE *);
|
||||||
WINBOOL STDCALL CreateProcessAsUserW (HANDLE, LPCWSTR, LPWSTR,
|
WINBOOL STDCALL CreateProcessAsUserW (HANDLE, LPCWSTR, LPWSTR,
|
||||||
SECURITY_ATTRIBUTES*, SECURITY_ATTRIBUTES*, WINBOOL,
|
SECURITY_ATTRIBUTES*, SECURITY_ATTRIBUTES*, WINBOOL,
|
||||||
DWORD, LPVOID, LPCWSTR, STARTUPINFO*,
|
DWORD, LPVOID, LPCWSTR, STARTUPINFOW*,
|
||||||
PROCESS_INFORMATION*);
|
PROCESS_INFORMATION*);
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
|
|
|
@ -41,6 +41,6 @@ LPSTR STDCALL GetCommandLineA(VOID)
|
||||||
|
|
||||||
LPWSTR STDCALL GetCommandLineW(VOID)
|
LPWSTR STDCALL GetCommandLineW(VOID)
|
||||||
{
|
{
|
||||||
return(NtCurrentPeb()->StartupInfo->CommandLine);
|
return(NtCurrentPeb()->ProcessInfo->CommandLine);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
/*
|
/* $Id: create.c,v 1.12 1999/10/13 22:35:55 ekohl Exp $
|
||||||
|
*
|
||||||
* COPYRIGHT: See COPYING in the top level directory
|
* COPYRIGHT: See COPYING in the top level directory
|
||||||
* PROJECT: ReactOS system libraries
|
* PROJECT: ReactOS system libraries
|
||||||
* FILE: lib/kernel32/proc/proc.c
|
* FILE: lib/kernel32/proc/proc.c
|
||||||
|
@ -36,7 +37,7 @@ WINBOOL STDCALL CreateProcessA(LPCSTR lpApplicationName,
|
||||||
DWORD dwCreationFlags,
|
DWORD dwCreationFlags,
|
||||||
LPVOID lpEnvironment,
|
LPVOID lpEnvironment,
|
||||||
LPCSTR lpCurrentDirectory,
|
LPCSTR lpCurrentDirectory,
|
||||||
LPSTARTUPINFO lpStartupInfo,
|
LPSTARTUPINFOA lpStartupInfo,
|
||||||
LPPROCESS_INFORMATION lpProcessInformation)
|
LPPROCESS_INFORMATION lpProcessInformation)
|
||||||
/*
|
/*
|
||||||
* FUNCTION: The CreateProcess function creates a new process and its
|
* FUNCTION: The CreateProcess function creates a new process and its
|
||||||
|
@ -81,7 +82,7 @@ WINBOOL STDCALL CreateProcessA(LPCSTR lpApplicationName,
|
||||||
dwCreationFlags,
|
dwCreationFlags,
|
||||||
lpEnvironment,
|
lpEnvironment,
|
||||||
PCurrentDirectoryW,
|
PCurrentDirectoryW,
|
||||||
lpStartupInfo,
|
(LPSTARTUPINFOW)lpStartupInfo,
|
||||||
lpProcessInformation);
|
lpProcessInformation);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -142,7 +143,6 @@ HANDLE STDCALL CreateFirstThread(HANDLE ProcessHandle,
|
||||||
return(NULL);
|
return(NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
memset(&ThreadContext,0,sizeof(CONTEXT));
|
memset(&ThreadContext,0,sizeof(CONTEXT));
|
||||||
ThreadContext.Eip = (ULONG)lpStartAddress;
|
ThreadContext.Eip = (ULONG)lpStartAddress;
|
||||||
ThreadContext.SegGs = USER_DS;
|
ThreadContext.SegGs = USER_DS;
|
||||||
|
@ -348,39 +348,33 @@ static NTSTATUS CreatePeb(HANDLE ProcessHandle, PWSTR CommandLine)
|
||||||
ULONG PebSize;
|
ULONG PebSize;
|
||||||
NT_PEB Peb;
|
NT_PEB Peb;
|
||||||
ULONG BytesWritten;
|
ULONG BytesWritten;
|
||||||
PVOID StartupInfoBase;
|
PVOID ProcessInfoBase;
|
||||||
ULONG StartupInfoSize;
|
ULONG ProcessInfoSize;
|
||||||
PROCESSINFOW StartupInfo;
|
PROCESSINFO ProcessInfo;
|
||||||
|
|
||||||
PebBase = (PVOID)PEB_BASE;
|
PebBase = (PVOID)PEB_BASE;
|
||||||
PebSize = 0x1000;
|
PebSize = 0x1000;
|
||||||
Status = ZwAllocateVirtualMemory(ProcessHandle,
|
|
||||||
&PebBase,
|
|
||||||
0,
|
|
||||||
&PebSize,
|
|
||||||
MEM_COMMIT,
|
|
||||||
PAGE_READWRITE);
|
|
||||||
if (!NT_SUCCESS(Status))
|
|
||||||
{
|
|
||||||
return(Status);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
NtReadVirtualMemory(ProcessHandle,
|
||||||
|
(PVOID)PEB_BASE,
|
||||||
|
&Peb,
|
||||||
|
sizeof(Peb),
|
||||||
|
&BytesWritten);
|
||||||
|
|
||||||
memset(&Peb, 0, sizeof(Peb));
|
Peb.ProcessInfo = (PPROCESSINFO)PEB_STARTUPINFO;
|
||||||
Peb.StartupInfo = (PPROCESSINFOW)PEB_STARTUPINFO;
|
|
||||||
|
|
||||||
ZwWriteVirtualMemory(ProcessHandle,
|
NtWriteVirtualMemory(ProcessHandle,
|
||||||
(PVOID)PEB_BASE,
|
(PVOID)PEB_BASE,
|
||||||
&Peb,
|
&Peb,
|
||||||
sizeof(Peb),
|
sizeof(Peb),
|
||||||
&BytesWritten);
|
&BytesWritten);
|
||||||
|
|
||||||
StartupInfoBase = (PVOID)PEB_STARTUPINFO;
|
ProcessInfoBase = (PVOID)PEB_STARTUPINFO;
|
||||||
StartupInfoSize = 0x1000;
|
ProcessInfoSize = 0x1000;
|
||||||
Status = ZwAllocateVirtualMemory(ProcessHandle,
|
Status = NtAllocateVirtualMemory(ProcessHandle,
|
||||||
&StartupInfoBase,
|
&ProcessInfoBase,
|
||||||
0,
|
0,
|
||||||
&StartupInfoSize,
|
&ProcessInfoSize,
|
||||||
MEM_COMMIT,
|
MEM_COMMIT,
|
||||||
PAGE_READWRITE);
|
PAGE_READWRITE);
|
||||||
if (!NT_SUCCESS(Status))
|
if (!NT_SUCCESS(Status))
|
||||||
|
@ -388,15 +382,14 @@ static NTSTATUS CreatePeb(HANDLE ProcessHandle, PWSTR CommandLine)
|
||||||
return(Status);
|
return(Status);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
memset(&ProcessInfo, 0, sizeof(PROCESSINFO));
|
||||||
|
wcscpy(ProcessInfo.CommandLine, CommandLine);
|
||||||
|
|
||||||
memset(&StartupInfo, 0, sizeof(StartupInfo));
|
DPRINT("ProcessInfoSize %x\n",ProcessInfoSize);
|
||||||
wcscpy(StartupInfo.CommandLine, CommandLine);
|
|
||||||
|
|
||||||
DPRINT("StartupInfoSize %x\n",StartupInfoSize);
|
|
||||||
ZwWriteVirtualMemory(ProcessHandle,
|
ZwWriteVirtualMemory(ProcessHandle,
|
||||||
(PVOID)PEB_STARTUPINFO,
|
(PVOID)PEB_STARTUPINFO,
|
||||||
&StartupInfo,
|
&ProcessInfo,
|
||||||
StartupInfoSize,
|
ProcessInfoSize,
|
||||||
&BytesWritten);
|
&BytesWritten);
|
||||||
|
|
||||||
return(STATUS_SUCCESS);
|
return(STATUS_SUCCESS);
|
||||||
|
@ -411,7 +404,7 @@ WINBOOL STDCALL CreateProcessW(LPCWSTR lpApplicationName,
|
||||||
DWORD dwCreationFlags,
|
DWORD dwCreationFlags,
|
||||||
LPVOID lpEnvironment,
|
LPVOID lpEnvironment,
|
||||||
LPCWSTR lpCurrentDirectory,
|
LPCWSTR lpCurrentDirectory,
|
||||||
LPSTARTUPINFO lpStartupInfo,
|
LPSTARTUPINFOW lpStartupInfo,
|
||||||
LPPROCESS_INFORMATION lpProcessInformation)
|
LPPROCESS_INFORMATION lpProcessInformation)
|
||||||
{
|
{
|
||||||
HANDLE hSection, hProcess, hThread;
|
HANDLE hSection, hProcess, hThread;
|
||||||
|
@ -502,7 +495,7 @@ WINBOOL STDCALL CreateProcessW(LPCWSTR lpApplicationName,
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
*
|
* Create Process Environment Block
|
||||||
*/
|
*/
|
||||||
DPRINT("Creating peb\n");
|
DPRINT("Creating peb\n");
|
||||||
CreatePeb(hProcess, TempCommandLine);
|
CreatePeb(hProcess, TempCommandLine);
|
||||||
|
@ -533,3 +526,4 @@ WINBOOL STDCALL CreateProcessW(LPCWSTR lpApplicationName,
|
||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* EOF */
|
|
@ -1,4 +1,4 @@
|
||||||
/* $Id: proc.c,v 1.21 1999/10/07 23:45:25 ekohl Exp $
|
/* $Id: proc.c,v 1.22 1999/10/13 22:35:55 ekohl Exp $
|
||||||
*
|
*
|
||||||
* COPYRIGHT: See COPYING in the top level directory
|
* COPYRIGHT: See COPYING in the top level directory
|
||||||
* PROJECT: ReactOS system libraries
|
* PROJECT: ReactOS system libraries
|
||||||
|
@ -11,7 +11,7 @@
|
||||||
|
|
||||||
/* INCLUDES ****************************************************************/
|
/* INCLUDES ****************************************************************/
|
||||||
|
|
||||||
#define UNICODE
|
//#define UNICODE
|
||||||
#include <ddk/ntddk.h>
|
#include <ddk/ntddk.h>
|
||||||
#include <windows.h>
|
#include <windows.h>
|
||||||
#include <kernel32/proc.h>
|
#include <kernel32/proc.h>
|
||||||
|
@ -25,7 +25,7 @@
|
||||||
#include <kernel32/kernel32.h>
|
#include <kernel32/kernel32.h>
|
||||||
|
|
||||||
/* TYPES *********************************************************************/
|
/* TYPES *********************************************************************/
|
||||||
|
/*
|
||||||
typedef struct _WSTARTUPINFO {
|
typedef struct _WSTARTUPINFO {
|
||||||
DWORD cb;
|
DWORD cb;
|
||||||
LPWSTR lpReserved;
|
LPWSTR lpReserved;
|
||||||
|
@ -46,6 +46,7 @@ typedef struct _WSTARTUPINFO {
|
||||||
HANDLE hStdOutput;
|
HANDLE hStdOutput;
|
||||||
HANDLE hStdError;
|
HANDLE hStdError;
|
||||||
} WSTARTUPINFO, *LPWSTARTUPINFO;
|
} WSTARTUPINFO, *LPWSTARTUPINFO;
|
||||||
|
*/
|
||||||
|
|
||||||
/* GLOBALS *******************************************************************/
|
/* GLOBALS *******************************************************************/
|
||||||
|
|
||||||
|
@ -186,13 +187,13 @@ InternalAnsiToUnicode (
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
i = 0;
|
i = 0;
|
||||||
while ((*In)!=0 && i < MaxLength)
|
while ((*In)!=0 && i < MaxLength)
|
||||||
{
|
{
|
||||||
Out[i] = *In;
|
Out[i] = *In;
|
||||||
In++;
|
In++;
|
||||||
i++;
|
i++;
|
||||||
}
|
}
|
||||||
Out[i] = 0;
|
Out[i] = 0;
|
||||||
return(Out);
|
return(Out);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -245,13 +246,13 @@ WinExec (
|
||||||
UINT uCmdShow
|
UINT uCmdShow
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
STARTUPINFO StartupInfo;
|
STARTUPINFOA StartupInfo;
|
||||||
PROCESS_INFORMATION ProcessInformation;
|
PROCESS_INFORMATION ProcessInformation;
|
||||||
HINSTANCE hInst;
|
HINSTANCE hInst;
|
||||||
DWORD dosErr;
|
DWORD dosErr;
|
||||||
|
|
||||||
StartupInfo.cb = sizeof(STARTUPINFO);
|
StartupInfo.cb = sizeof(STARTUPINFOA);
|
||||||
StartupInfo.wShowWindow = uCmdShow ;
|
StartupInfo.wShowWindow = uCmdShow;
|
||||||
StartupInfo.dwFlags = 0;
|
StartupInfo.dwFlags = 0;
|
||||||
|
|
||||||
hInst = (HINSTANCE)CreateProcessA(NULL,
|
hInst = (HINSTANCE)CreateProcessA(NULL,
|
||||||
|
@ -335,11 +336,10 @@ SleepEx (
|
||||||
VOID
|
VOID
|
||||||
STDCALL
|
STDCALL
|
||||||
GetStartupInfoW (
|
GetStartupInfoW (
|
||||||
LPSTARTUPINFO _lpStartupInfo
|
LPSTARTUPINFOW lpStartupInfo
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
NT_PEB *pPeb = NtCurrentPeb();
|
NT_PEB *pPeb = NtCurrentPeb();
|
||||||
LPWSTARTUPINFO lpStartupInfo = (LPWSTARTUPINFO)_lpStartupInfo;
|
|
||||||
|
|
||||||
if (lpStartupInfo == NULL)
|
if (lpStartupInfo == NULL)
|
||||||
{
|
{
|
||||||
|
@ -347,52 +347,32 @@ GetStartupInfoW (
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
lpStartupInfo->cb = sizeof(STARTUPINFO);
|
lpStartupInfo->cb = sizeof(STARTUPINFOW);
|
||||||
// lstrcpyW(lpStartupInfo->lpDesktop, pPeb->StartupInfo->Desktop);
|
// lstrcpyW(lpStartupInfo->lpDesktop, pPeb->ProcessInfo->Desktop);
|
||||||
// lstrcpyW(lpStartupInfo->lpTitle, pPeb->StartupInfo->Title);
|
// lstrcpyW(lpStartupInfo->lpTitle, pPeb->ProcessInfo->Title);
|
||||||
lpStartupInfo->dwX = pPeb->StartupInfo->dwX;
|
lpStartupInfo->dwX = pPeb->ProcessInfo->dwX;
|
||||||
lpStartupInfo->dwY = pPeb->StartupInfo->dwY;
|
lpStartupInfo->dwY = pPeb->ProcessInfo->dwY;
|
||||||
lpStartupInfo->dwXSize = pPeb->StartupInfo->dwXSize;
|
lpStartupInfo->dwXSize = pPeb->ProcessInfo->dwXSize;
|
||||||
lpStartupInfo->dwYSize = pPeb->StartupInfo->dwYSize;
|
lpStartupInfo->dwYSize = pPeb->ProcessInfo->dwYSize;
|
||||||
lpStartupInfo->dwXCountChars = pPeb->StartupInfo->dwXCountChars;
|
lpStartupInfo->dwXCountChars = pPeb->ProcessInfo->dwXCountChars;
|
||||||
lpStartupInfo->dwYCountChars = pPeb->StartupInfo->dwYCountChars;
|
lpStartupInfo->dwYCountChars = pPeb->ProcessInfo->dwYCountChars;
|
||||||
lpStartupInfo->dwFillAttribute = pPeb->StartupInfo->dwFillAttribute;
|
lpStartupInfo->dwFillAttribute = pPeb->ProcessInfo->dwFillAttribute;
|
||||||
lpStartupInfo->dwFlags = pPeb->StartupInfo->dwFlags;
|
lpStartupInfo->dwFlags = pPeb->ProcessInfo->dwFlags;
|
||||||
lpStartupInfo->wShowWindow = pPeb->StartupInfo->wShowWindow;
|
lpStartupInfo->wShowWindow = pPeb->ProcessInfo->wShowWindow;
|
||||||
//lpStartupInfo->cbReserved2 = pPeb->StartupInfo->cbReserved;
|
// lpStartupInfo->cbReserved2 = pPeb->ProcessInfo->cbReserved;
|
||||||
//lpStartupInfo->lpReserved = pPeb->StartupInfo->lpReserved1;
|
// lpStartupInfo->lpReserved = pPeb->ProcessInfo->lpReserved1;
|
||||||
//lpStartupInfo->lpReserved2 = pPeb->StartupInfo->lpReserved2;
|
// lpStartupInfo->lpReserved2 = pPeb->ProcessInfo->lpReserved2;
|
||||||
|
|
||||||
lpStartupInfo->cb = sizeof(STARTUPINFO);
|
lpStartupInfo->hStdInput = pPeb->ProcessInfo->hStdInput;
|
||||||
lstrcpyW(lpStartupInfo->lpDesktop, pPeb->StartupInfo->Desktop);
|
lpStartupInfo->hStdOutput = pPeb->ProcessInfo->hStdOutput;
|
||||||
lstrcpyW(lpStartupInfo->lpTitle, pPeb->StartupInfo->Title);
|
lpStartupInfo->hStdError = pPeb->ProcessInfo->hStdError;
|
||||||
lpStartupInfo->dwX = pPeb->StartupInfo->dwX;
|
|
||||||
lpStartupInfo->dwY = pPeb->StartupInfo->dwY;
|
|
||||||
lpStartupInfo->dwXSize = pPeb->StartupInfo->dwXSize;
|
|
||||||
lpStartupInfo->dwYSize = pPeb->StartupInfo->dwYSize;
|
|
||||||
lpStartupInfo->dwXCountChars = pPeb->StartupInfo->dwXCountChars;
|
|
||||||
lpStartupInfo->dwYCountChars = pPeb->StartupInfo->dwYCountChars;
|
|
||||||
lpStartupInfo->dwFillAttribute = pPeb->StartupInfo->dwFillAttribute;
|
|
||||||
lpStartupInfo->dwFlags = pPeb->StartupInfo->dwFlags;
|
|
||||||
lpStartupInfo->wShowWindow = pPeb->StartupInfo->wShowWindow;
|
|
||||||
//lpStartupInfo->cbReserved2 = pPeb->StartupInfo->cbReserved;
|
|
||||||
//lpStartupInfo->lpReserved = pPeb->StartupInfo->lpReserved1;
|
|
||||||
//lpStartupInfo->lpReserved2 = pPeb->StartupInfo->lpReserved2;
|
|
||||||
|
|
||||||
lpStartupInfo->hStdInput = pPeb->StartupInfo->hStdInput;
|
|
||||||
lpStartupInfo->hStdOutput = pPeb->StartupInfo->hStdOutput;
|
|
||||||
lpStartupInfo->hStdError = pPeb->StartupInfo->hStdError;
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
VOID
|
VOID
|
||||||
STDCALL
|
STDCALL
|
||||||
GetStartupInfoA (
|
GetStartupInfoA (
|
||||||
LPSTARTUPINFO lpStartupInfo
|
LPSTARTUPINFOA lpStartupInfo
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
NT_PEB *pPeb = NtCurrentPeb();
|
NT_PEB *pPeb = NtCurrentPeb();
|
||||||
|
@ -404,43 +384,41 @@ GetStartupInfoA (
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
lpStartupInfo->cb = sizeof(STARTUPINFO);
|
lpStartupInfo->cb = sizeof(STARTUPINFOA);
|
||||||
i = 0;
|
|
||||||
|
|
||||||
while ((pPeb->StartupInfo->Desktop[i])!=0 && i < MAX_PATH)
|
i = 0;
|
||||||
|
while ((pPeb->ProcessInfo->Desktop[i])!=0 && i < MAX_PATH)
|
||||||
{
|
{
|
||||||
lpStartupInfo->lpDesktop[i] = (unsigned char)
|
lpStartupInfo->lpDesktop[i] = (unsigned char)
|
||||||
pPeb->StartupInfo->Desktop[i];
|
pPeb->ProcessInfo->Desktop[i];
|
||||||
i++;
|
i++;
|
||||||
}
|
}
|
||||||
lpStartupInfo->lpDesktop[i] = 0;
|
lpStartupInfo->lpDesktop[i] = 0;
|
||||||
|
|
||||||
i = 0;
|
i = 0;
|
||||||
while ((pPeb->StartupInfo->Title[i])!=0 && i < MAX_PATH)
|
while ((pPeb->ProcessInfo->Title[i])!=0 && i < MAX_PATH)
|
||||||
{
|
{
|
||||||
lpStartupInfo->lpTitle[i] = (unsigned char)pPeb->StartupInfo->Title[i];
|
lpStartupInfo->lpTitle[i] = (unsigned char)pPeb->ProcessInfo->Title[i];
|
||||||
i++;
|
i++;
|
||||||
}
|
}
|
||||||
lpStartupInfo->lpTitle[i] = 0;
|
lpStartupInfo->lpTitle[i] = 0;
|
||||||
|
|
||||||
lpStartupInfo->dwX = pPeb->StartupInfo->dwX;
|
lpStartupInfo->dwX = pPeb->ProcessInfo->dwX;
|
||||||
lpStartupInfo->dwY = pPeb->StartupInfo->dwY;
|
lpStartupInfo->dwY = pPeb->ProcessInfo->dwY;
|
||||||
lpStartupInfo->dwXSize = pPeb->StartupInfo->dwXSize;
|
lpStartupInfo->dwXSize = pPeb->ProcessInfo->dwXSize;
|
||||||
lpStartupInfo->dwYSize = pPeb->StartupInfo->dwYSize;
|
lpStartupInfo->dwYSize = pPeb->ProcessInfo->dwYSize;
|
||||||
lpStartupInfo->dwXCountChars = pPeb->StartupInfo->dwXCountChars;
|
lpStartupInfo->dwXCountChars = pPeb->ProcessInfo->dwXCountChars;
|
||||||
lpStartupInfo->dwYCountChars = pPeb->StartupInfo->dwYCountChars;
|
lpStartupInfo->dwYCountChars = pPeb->ProcessInfo->dwYCountChars;
|
||||||
lpStartupInfo->dwFillAttribute = pPeb->StartupInfo->dwFillAttribute;
|
lpStartupInfo->dwFillAttribute = pPeb->ProcessInfo->dwFillAttribute;
|
||||||
lpStartupInfo->dwFlags = pPeb->StartupInfo->dwFlags;
|
lpStartupInfo->dwFlags = pPeb->ProcessInfo->dwFlags;
|
||||||
lpStartupInfo->wShowWindow = pPeb->StartupInfo->wShowWindow;
|
lpStartupInfo->wShowWindow = pPeb->ProcessInfo->wShowWindow;
|
||||||
//lpStartupInfo->cbReserved2 = pPeb->StartupInfo->cbReserved;
|
// lpStartupInfo->cbReserved2 = pPeb->ProcessInfo->cbReserved;
|
||||||
//lpStartupInfo->lpReserved = pPeb->StartupInfo->lpReserved1;
|
// lpStartupInfo->lpReserved = pPeb->ProcessInfo->lpReserved1;
|
||||||
//lpStartupInfo->lpReserved2 = pPeb->StartupInfo->lpReserved2;
|
// lpStartupInfo->lpReserved2 = pPeb->ProcessInfo->lpReserved2;
|
||||||
|
|
||||||
lpStartupInfo->hStdInput = pPeb->StartupInfo->hStdInput;
|
lpStartupInfo->hStdInput = pPeb->ProcessInfo->hStdInput;
|
||||||
lpStartupInfo->hStdOutput = pPeb->StartupInfo->hStdOutput;
|
lpStartupInfo->hStdOutput = pPeb->ProcessInfo->hStdOutput;
|
||||||
lpStartupInfo->hStdError = pPeb->StartupInfo->hStdError;
|
lpStartupInfo->hStdError = pPeb->ProcessInfo->hStdError;
|
||||||
|
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -520,7 +498,6 @@ FatalAppExitA (
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
VOID
|
VOID
|
||||||
STDCALL
|
STDCALL
|
||||||
FatalAppExitW (
|
FatalAppExitW (
|
||||||
|
|
|
@ -124,7 +124,6 @@ RtlpCreateFirstThread(HANDLE ProcessHandle,
|
||||||
sizeof(DupSectionHandle),
|
sizeof(DupSectionHandle),
|
||||||
&BytesWritten);
|
&BytesWritten);
|
||||||
|
|
||||||
|
|
||||||
Status = NtCreateThread(&ThreadHandle,
|
Status = NtCreateThread(&ThreadHandle,
|
||||||
THREAD_ALL_ACCESS,
|
THREAD_ALL_ACCESS,
|
||||||
&ObjectAttributes,
|
&ObjectAttributes,
|
||||||
|
@ -230,23 +229,21 @@ RtlpCreatePeb(HANDLE ProcessHandle, PUNICODE_STRING CommandLine)
|
||||||
ULONG PebSize;
|
ULONG PebSize;
|
||||||
NT_PEB Peb;
|
NT_PEB Peb;
|
||||||
ULONG BytesWritten;
|
ULONG BytesWritten;
|
||||||
PVOID StartupInfoBase;
|
PVOID ProcessInfoBase;
|
||||||
ULONG StartupInfoSize;
|
ULONG ProcessInfoSize;
|
||||||
PROCESSINFOW StartupInfo;
|
PROCESSINFO ProcessInfo;
|
||||||
|
|
||||||
PebBase = (PVOID)PEB_BASE;
|
PebBase = (PVOID)PEB_BASE;
|
||||||
PebSize = 0x1000;
|
PebSize = 0x1000;
|
||||||
Status = NtAllocateVirtualMemory(ProcessHandle,
|
|
||||||
&PebBase,
|
NtReadVirtualMemory(ProcessHandle,
|
||||||
0,
|
(PVOID)PEB_BASE,
|
||||||
&PebSize,
|
&Peb,
|
||||||
MEM_COMMIT,
|
sizeof(Peb),
|
||||||
PAGE_READWRITE);
|
&BytesWritten);
|
||||||
if (!NT_SUCCESS(Status))
|
|
||||||
return(Status);
|
|
||||||
|
|
||||||
memset(&Peb, 0, sizeof(Peb));
|
memset(&Peb, 0, sizeof(Peb));
|
||||||
Peb.StartupInfo = (PPROCESSINFOW)PEB_STARTUPINFO;
|
Peb.ProcessInfo = (PPROCESSINFO)PEB_STARTUPINFO;
|
||||||
|
|
||||||
NtWriteVirtualMemory(ProcessHandle,
|
NtWriteVirtualMemory(ProcessHandle,
|
||||||
(PVOID)PEB_BASE,
|
(PVOID)PEB_BASE,
|
||||||
|
@ -254,25 +251,25 @@ RtlpCreatePeb(HANDLE ProcessHandle, PUNICODE_STRING CommandLine)
|
||||||
sizeof(Peb),
|
sizeof(Peb),
|
||||||
&BytesWritten);
|
&BytesWritten);
|
||||||
|
|
||||||
StartupInfoBase = (PVOID)PEB_STARTUPINFO;
|
ProcessInfoBase = (PVOID)PEB_STARTUPINFO;
|
||||||
StartupInfoSize = 0x1000;
|
ProcessInfoSize = 0x1000;
|
||||||
Status = NtAllocateVirtualMemory(ProcessHandle,
|
Status = NtAllocateVirtualMemory(ProcessHandle,
|
||||||
&StartupInfoBase,
|
&ProcessInfoBase,
|
||||||
0,
|
0,
|
||||||
&StartupInfoSize,
|
&ProcessInfoSize,
|
||||||
MEM_COMMIT,
|
MEM_COMMIT,
|
||||||
PAGE_READWRITE);
|
PAGE_READWRITE);
|
||||||
if (!NT_SUCCESS(Status))
|
if (!NT_SUCCESS(Status))
|
||||||
return(Status);
|
return(Status);
|
||||||
|
|
||||||
memset(&StartupInfo, 0, sizeof(StartupInfo));
|
memset(&ProcessInfo, 0, sizeof(PROCESSINFO));
|
||||||
wcscpy(StartupInfo.CommandLine, CommandLine->Buffer);
|
wcscpy(ProcessInfo.CommandLine, CommandLine->Buffer);
|
||||||
|
|
||||||
DPRINT("StartupInfoSize %x\n",StartupInfoSize);
|
DPRINT("ProcessInfoSize %x\n",ProcessInfoSize);
|
||||||
NtWriteVirtualMemory(ProcessHandle,
|
NtWriteVirtualMemory(ProcessHandle,
|
||||||
(PVOID)PEB_STARTUPINFO,
|
(PVOID)PEB_STARTUPINFO,
|
||||||
&StartupInfo,
|
&ProcessInfo,
|
||||||
StartupInfoSize,
|
ProcessInfoSize,
|
||||||
&BytesWritten);
|
&BytesWritten);
|
||||||
|
|
||||||
return STATUS_SUCCESS;
|
return STATUS_SUCCESS;
|
||||||
|
@ -283,14 +280,11 @@ NTSTATUS STDCALL
|
||||||
RtlCreateUserProcess(PUNICODE_STRING ApplicationName,
|
RtlCreateUserProcess(PUNICODE_STRING ApplicationName,
|
||||||
PSECURITY_DESCRIPTOR ProcessSd,
|
PSECURITY_DESCRIPTOR ProcessSd,
|
||||||
PSECURITY_DESCRIPTOR ThreadSd,
|
PSECURITY_DESCRIPTOR ThreadSd,
|
||||||
WINBOOL bInheritHandles,
|
WINBOOL bInheritHandles,
|
||||||
DWORD dwCreationFlags,
|
DWORD dwCreationFlags,
|
||||||
// LPVOID lpEnvironment,
|
PCLIENT_ID ClientId,
|
||||||
// LPCWSTR lpCurrentDirectory,
|
PHANDLE ProcessHandle,
|
||||||
// LPSTARTUPINFO lpStartupInfo,
|
PHANDLE ThreadHandle)
|
||||||
PCLIENT_ID ClientId,
|
|
||||||
PHANDLE ProcessHandle,
|
|
||||||
PHANDLE ThreadHandle)
|
|
||||||
{
|
{
|
||||||
HANDLE hSection, hProcess, hThread;
|
HANDLE hSection, hProcess, hThread;
|
||||||
NTSTATUS Status;
|
NTSTATUS Status;
|
||||||
|
@ -398,3 +392,4 @@ RtlCreateUserProcess(PUNICODE_STRING ApplicationName,
|
||||||
return STATUS_SUCCESS;
|
return STATUS_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* EOF */
|
||||||
|
|
|
@ -63,24 +63,12 @@ static NTSTATUS LdrCreatePeb(HANDLE ProcessHandle)
|
||||||
NT_PEB Peb;
|
NT_PEB Peb;
|
||||||
ULONG BytesWritten;
|
ULONG BytesWritten;
|
||||||
|
|
||||||
|
|
||||||
PebBase = (PVOID)PEB_BASE;
|
PebBase = (PVOID)PEB_BASE;
|
||||||
PebSize = 0x1000;
|
PebSize = 0x1000;
|
||||||
Status = ZwAllocateVirtualMemory(ProcessHandle,
|
|
||||||
&PebBase,
|
|
||||||
0,
|
|
||||||
&PebSize,
|
|
||||||
MEM_COMMIT,
|
|
||||||
PAGE_READWRITE);
|
|
||||||
if (!NT_SUCCESS(Status))
|
|
||||||
{
|
|
||||||
return(Status);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
memset(&Peb, 0, sizeof Peb);
|
memset(&Peb, 0, sizeof Peb);
|
||||||
|
|
||||||
Peb.StartupInfo = (PPROCESSINFOW) PEB_STARTUPINFO;
|
Peb.ProcessInfo = (PPROCESSINFO) PEB_STARTUPINFO;
|
||||||
|
|
||||||
ZwWriteVirtualMemory(ProcessHandle,
|
ZwWriteVirtualMemory(ProcessHandle,
|
||||||
(PVOID)PEB_BASE,
|
(PVOID)PEB_BASE,
|
||||||
|
@ -88,6 +76,8 @@ static NTSTATUS LdrCreatePeb(HANDLE ProcessHandle)
|
||||||
sizeof(Peb),
|
sizeof(Peb),
|
||||||
&BytesWritten);
|
&BytesWritten);
|
||||||
|
|
||||||
|
/* FIXME: Create ProcessInfo block */
|
||||||
|
|
||||||
return(STATUS_SUCCESS);
|
return(STATUS_SUCCESS);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -18,6 +18,7 @@
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <internal/string.h>
|
#include <internal/string.h>
|
||||||
#include <internal/id.h>
|
#include <internal/id.h>
|
||||||
|
#include <internal/teb.h>
|
||||||
|
|
||||||
//#define NDEBUG
|
//#define NDEBUG
|
||||||
#include <internal/debug.h>
|
#include <internal/debug.h>
|
||||||
|
@ -109,6 +110,44 @@ VOID PiDeleteProcess(PVOID ObjectBody)
|
||||||
(VOID)MmReleaseMmInfo((PEPROCESS)ObjectBody);
|
(VOID)MmReleaseMmInfo((PEPROCESS)ObjectBody);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static NTSTATUS
|
||||||
|
PsCreatePeb(HANDLE ProcessHandle)
|
||||||
|
{
|
||||||
|
NTSTATUS Status;
|
||||||
|
PVOID PebBase;
|
||||||
|
ULONG PebSize;
|
||||||
|
NT_PEB Peb;
|
||||||
|
ULONG BytesWritten;
|
||||||
|
|
||||||
|
PebBase = (PVOID)PEB_BASE;
|
||||||
|
PebSize = 0x1000;
|
||||||
|
Status = NtAllocateVirtualMemory(ProcessHandle,
|
||||||
|
&PebBase,
|
||||||
|
0,
|
||||||
|
&PebSize,
|
||||||
|
MEM_COMMIT,
|
||||||
|
PAGE_READWRITE);
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
{
|
||||||
|
return(Status);
|
||||||
|
}
|
||||||
|
|
||||||
|
memset(&Peb, 0, sizeof(Peb));
|
||||||
|
|
||||||
|
ZwWriteVirtualMemory(ProcessHandle,
|
||||||
|
(PVOID)PEB_BASE,
|
||||||
|
&Peb,
|
||||||
|
sizeof(Peb),
|
||||||
|
&BytesWritten);
|
||||||
|
|
||||||
|
DbgPrint ("PsCreatePeb: Peb created at %x\n", PebBase);
|
||||||
|
// DPRINT("PsCreatePeb: Peb created at %x\n", PebBase);
|
||||||
|
|
||||||
|
return(STATUS_SUCCESS);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
PKPROCESS KeGetCurrentProcess(VOID)
|
PKPROCESS KeGetCurrentProcess(VOID)
|
||||||
/*
|
/*
|
||||||
* FUNCTION: Returns a pointer to the current process
|
* FUNCTION: Returns a pointer to the current process
|
||||||
|
@ -211,6 +250,14 @@ NtCreateProcess (
|
||||||
InsertHeadList(&PsProcessListHead, &KProcess->ProcessListEntry);
|
InsertHeadList(&PsProcessListHead, &KProcess->ProcessListEntry);
|
||||||
KeReleaseSpinLock(&PsProcessListLock, oldIrql);
|
KeReleaseSpinLock(&PsProcessListLock, oldIrql);
|
||||||
|
|
||||||
|
Status = PsCreatePeb (*ProcessHandle);
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
{
|
||||||
|
// DPRINT("NtCreateProcess() Peb creation failed: Status %x\n",Status);
|
||||||
|
DbgPrint ("NtCreateProcess() Peb creation failed: Status %x\n",Status);
|
||||||
|
return(Status);
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* FIXME: I don't what I'm supposed to know with a section handle
|
* FIXME: I don't what I'm supposed to know with a section handle
|
||||||
*/
|
*/
|
||||||
|
|
Loading…
Reference in a new issue