mirror of
https://github.com/reactos/reactos.git
synced 2025-01-01 03:54:02 +00:00
- Implement DbgkPostFakeModuleMessages.
- Stub MmGetFileNameForAddress but write documentation on how to implement it (thanks to Filip Navara). For now it always returns ntdll.dll as a testhack. svn path=/trunk/; revision=24609
This commit is contained in:
parent
6d08ee060e
commit
d8762edcd7
3 changed files with 123 additions and 5 deletions
|
@ -464,8 +464,103 @@ DbgkpPostFakeModuleMessages(IN PEPROCESS Process,
|
|||
IN PETHREAD Thread,
|
||||
IN PDEBUG_OBJECT DebugObject)
|
||||
{
|
||||
/* FIXME: TODO */
|
||||
return STATUS_UNSUCCESSFUL;
|
||||
PPEB Peb = Process->Peb;
|
||||
PPEB_LDR_DATA LdrData;
|
||||
PLDR_DATA_TABLE_ENTRY LdrEntry;
|
||||
PLIST_ENTRY ListHead, NextEntry;
|
||||
DBGKM_MSG ApiMessage;
|
||||
PDBGKM_LOAD_DLL LoadDll = &ApiMessage.LoadDll;
|
||||
ULONG i;
|
||||
PIMAGE_NT_HEADERS NtHeader;
|
||||
UNICODE_STRING ModuleName;
|
||||
OBJECT_ATTRIBUTES ObjectAttributes;
|
||||
IO_STATUS_BLOCK IoStatusBlock;
|
||||
NTSTATUS Status;
|
||||
PAGED_CODE();
|
||||
|
||||
/* Quit if there's no PEB */
|
||||
if (!Peb) return STATUS_SUCCESS;
|
||||
|
||||
/* Get the Loader Data List */
|
||||
LdrData = Peb->Ldr;
|
||||
ListHead = &LdrData->InLoadOrderModuleList;
|
||||
NextEntry = ListHead->Flink;
|
||||
|
||||
/* Loop the modules */
|
||||
i = 0;
|
||||
while ((NextEntry != ListHead) && (i < 500))
|
||||
{
|
||||
/* Get the entry */
|
||||
LdrEntry = CONTAINING_RECORD(NextEntry,
|
||||
LDR_DATA_TABLE_ENTRY,
|
||||
InLoadOrderLinks);
|
||||
|
||||
/* Setup the API Message */
|
||||
RtlZeroMemory(&ApiMessage, sizeof(DBGKM_MSG));
|
||||
ApiMessage.ApiNumber = DbgKmLoadDllApi;
|
||||
|
||||
/* Set base and clear the name */
|
||||
LoadDll->BaseOfDll = LdrEntry->DllBase;
|
||||
LoadDll->NamePointer = NULL;
|
||||
|
||||
/* Get the NT Headers */
|
||||
NtHeader = RtlImageNtHeader(LoadDll->BaseOfDll);
|
||||
if (NtHeader)
|
||||
{
|
||||
/* Save debug data */
|
||||
LoadDll->DebugInfoFileOffset = NtHeader->FileHeader.
|
||||
PointerToSymbolTable;
|
||||
LoadDll->DebugInfoSize = NtHeader->FileHeader.NumberOfSymbols;
|
||||
}
|
||||
|
||||
/* Get the name of the DLL */
|
||||
Status = MmGetFileNameForAddress(NtHeader, &ModuleName);
|
||||
if (NT_SUCCESS(Status))
|
||||
{
|
||||
/* Setup the object attributes */
|
||||
InitializeObjectAttributes(&ObjectAttributes,
|
||||
&ModuleName,
|
||||
OBJ_FORCE_ACCESS_CHECK |
|
||||
OBJ_KERNEL_HANDLE |
|
||||
OBJ_CASE_INSENSITIVE,
|
||||
NULL,
|
||||
NULL);
|
||||
|
||||
/* Open the file to get a handle to it */
|
||||
Status = ZwOpenFile(&LoadDll->FileHandle,
|
||||
GENERIC_READ | SYNCHRONIZE,
|
||||
&ObjectAttributes,
|
||||
&IoStatusBlock,
|
||||
FILE_SHARE_READ |
|
||||
FILE_SHARE_WRITE |
|
||||
FILE_SHARE_DELETE,
|
||||
FILE_SYNCHRONOUS_IO_NONALERT);
|
||||
if (!NT_SUCCESS(Status)) LoadDll->FileHandle = NULL;
|
||||
|
||||
/* Free the name now */
|
||||
ExFreePool(ModuleName.Buffer);
|
||||
}
|
||||
|
||||
/* Send the fake module load message */
|
||||
Status = DbgkpQueueMessage(Process,
|
||||
Thread,
|
||||
&ApiMessage,
|
||||
2,
|
||||
DebugObject);
|
||||
if (!NT_SUCCESS(Status))
|
||||
{
|
||||
/* Message send failed, close the file handle if we had one */
|
||||
if (LoadDll->FileHandle) ObCloseHandle(LoadDll->FileHandle,
|
||||
KernelMode);
|
||||
}
|
||||
|
||||
/* Go to the next module */
|
||||
NextEntry = NextEntry->Flink;
|
||||
i++;
|
||||
}
|
||||
|
||||
/* Return success */
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS
|
||||
|
|
|
@ -1315,6 +1315,12 @@ NTAPI
|
|||
MmGetFileObjectForSection(
|
||||
IN PROS_SECTION_OBJECT Section
|
||||
);
|
||||
NTSTATUS
|
||||
NTAPI
|
||||
MmGetFileNameForAddress(
|
||||
IN PVOID Address,
|
||||
OUT PUNICODE_STRING ModuleName
|
||||
);
|
||||
|
||||
PVOID
|
||||
NTAPI
|
||||
|
|
|
@ -106,9 +106,26 @@ MmGetFileObjectForSection(IN PROS_SECTION_OBJECT Section)
|
|||
return Section->FileObject; // Section->ControlArea->FileObject on NT
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
NTSTATUS
|
||||
NTAPI
|
||||
MmGetFileNameForAddress(IN PVOID Address,
|
||||
OUT PUNICODE_STRING ModuleName)
|
||||
{
|
||||
/*
|
||||
* FIXME: TODO.
|
||||
* Filip says to get the MADDRESS_SPACE from EPROCESS,
|
||||
* then use the MmMarea routines to locate the Marea that
|
||||
* corresponds to the address. Then make sure it's a section
|
||||
* view type (MEMORY_AREA_SECTION_VIEW) and use the marea's
|
||||
* per-type union to get the .u.SectionView.Section pointer to
|
||||
* the SECTION_OBJECT. Then we can use MmGetFileObjectForSection
|
||||
* to get the FILE_OBJECT, from which we can then query the name
|
||||
* to get the full filename (much like we do for creating the
|
||||
* SeAuditName in EPROCESS.
|
||||
*/
|
||||
RtlCreateUnicodeString(ModuleName, L"C:\\ReactOS\\system32\\ntdll.dll");
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
/* Note: Mmsp prefix denotes "Memory Manager Section Private". */
|
||||
|
||||
|
|
Loading…
Reference in a new issue