diff options
| -rw-r--r-- | src/nt_path_converter/device.c | 61 | ||||
| -rw-r--r-- | src/nt_path_converter/main.c | 5 | ||||
| -rw-r--r-- | src/nt_path_converter/nt2dos.c | 77 | ||||
| -rw-r--r-- | src/sysenter/main.c | 5 | ||||
| -rw-r--r-- | src/test/device.c | 69 | ||||
| -rw-r--r-- | src/test/main.c | 5 |
6 files changed, 125 insertions, 97 deletions
diff --git a/src/nt_path_converter/device.c b/src/nt_path_converter/device.c index fbffd27..5ee0d3e 100644 --- a/src/nt_path_converter/device.c +++ b/src/nt_path_converter/device.c @@ -22,15 +22,17 @@ static NTSTATUS device_open(DEVICE_OBJECT *device_object, IRP *irp) return status; } -typedef NTSTATUS (*ioctl_handler)(void *, unsigned long, - void *, unsigned long, - ULONG_PTR *); - -static NTSTATUS handle_convert_nt_path(void *in_buf, - unsigned long in_buf_size, - void *out_buf, - unsigned long out_buf_size, - ULONG_PTR *nbwritten) +typedef NTSTATUS (*ioctl_handler)( + void *, unsigned long, + void *, unsigned long, + ULONG_PTR *); + +static NTSTATUS handle_convert_nt_path( + void *in_buf, + unsigned long in_buf_size, + void *out_buf, + unsigned long out_buf_size, + ULONG_PTR *nbwritten) { UNICODE_STRING uUnresolved, uResolved; NTSTATUS status = STATUS_SUCCESS; @@ -52,13 +54,13 @@ static NTSTATUS handle_convert_nt_path(void *in_buf, if (out_buf_size < *nbwritten) { status = STATUS_BUFFER_OVERFLOW; - goto FREE_RESOLVED; + goto free_resolved; } RtlFillMemory(out_buf, *nbwritten, L'\0'); RtlCopyMemory(out_buf, uResolved.Buffer, uResolved.Length); -FREE_RESOLVED: +free_resolved: ExFreePool(uResolved.Buffer); return status; @@ -85,14 +87,16 @@ static NTSTATUS device_ioctl(DEVICE_OBJECT *device_object, IRP *irp) case CONVERT_NT_PATH: handler = handle_convert_nt_path; break; + default: status = irp->IoStatus.Status = STATUS_NOT_SUPPORTED; goto complete_request; } - status = irp->IoStatus.Status = handler(in_buf, in_buf_size, - out_buf, out_buf_size, - &irp->IoStatus.Information); + status = irp->IoStatus.Status = handler( + in_buf, in_buf_size, + out_buf, out_buf_size, + &irp->IoStatus.Information); complete_request: IoCompleteRequest(irp, IO_NO_INCREMENT); @@ -104,18 +108,20 @@ typedef struct { const wchar_t *path; const wchar_t *symlink; -} device_info; +} +DeviceInfo; typedef struct { DEVICE_OBJECT *object; UNICODE_STRING path; UNICODE_STRING symlink; -} device; +} +Device; #define NUMOF_DEVICES 1 -static device_info devices_info[NUMOF_DEVICES] = +static DeviceInfo devices_info[NUMOF_DEVICES] = { { L"\\Device\\nt_path_converter", @@ -123,7 +129,7 @@ static device_info devices_info[NUMOF_DEVICES] = }, }; -static device devices[NUMOF_DEVICES]; +static Device devices[NUMOF_DEVICES]; static void destroy_device(int i) { @@ -145,13 +151,14 @@ static NTSTATUS set_up_device(DRIVER_OBJECT *driver_object, int i) RtlInitUnicodeString(&devices[i].path, devices_info[i].path); RtlInitUnicodeString(&devices[i].symlink, devices_info[i].symlink); - status = IoCreateDevice(driver_object, - 0, - &devices[i].path, - FILE_DEVICE_UNKNOWN, - FILE_DEVICE_SECURE_OPEN, - FALSE, - &devices[i].object); + status = IoCreateDevice( + driver_object, + 0, + &devices[i].path, + FILE_DEVICE_UNKNOWN, + FILE_DEVICE_SECURE_OPEN, + FALSE, + &devices[i].object); if (!NT_SUCCESS(status)) return status; @@ -159,8 +166,8 @@ static NTSTATUS set_up_device(DRIVER_OBJECT *driver_object, int i) devices[i].object->Flags |= DO_BUFFERED_IO; devices[i].object->Flags &= ~DO_DEVICE_INITIALIZING; - if (!NT_SUCCESS(status = IoCreateSymbolicLink(&devices[i].symlink, - &devices[i].path))) + if (!NT_SUCCESS(status = IoCreateSymbolicLink( + &devices[i].symlink, &devices[i].path))) goto delete_device; return status; diff --git a/src/nt_path_converter/main.c b/src/nt_path_converter/main.c index 0dac5c9..7d12e54 100644 --- a/src/nt_path_converter/main.c +++ b/src/nt_path_converter/main.c @@ -15,8 +15,9 @@ static void on_driver_unload(DRIVER_OBJECT *driver_object) destroy_devices(); } -NTSTATUS DriverEntry(DRIVER_OBJECT *driver_object, - UNICODE_STRING *registry_path) +NTSTATUS DriverEntry( + DRIVER_OBJECT *driver_object, + UNICODE_STRING *registry_path) { driver_object->DriverUnload = on_driver_unload; return set_up_devices(driver_object); diff --git a/src/nt_path_converter/nt2dos.c b/src/nt_path_converter/nt2dos.c index 5a21a14..e001fda 100644 --- a/src/nt_path_converter/nt2dos.c +++ b/src/nt_path_converter/nt2dos.c @@ -18,14 +18,20 @@ static NTSTATUS get_object_name_info( NTSTATUS status = STATUS_SUCCESS; status = ObQueryNameString(object, NULL, 0, &nbneeded); + if (status != STATUS_INFO_LENGTH_MISMATCH) return status; + *object_name_info = ExAllocatePoolWithTag(PagedPool, nbneeded, '1l'); + if (*object_name_info == NULL) return STATUS_INSUFFICIENT_RESOURCES; + status = ObQueryNameString(object, *object_name_info, nbneeded, &nbneeded); + if (!NT_SUCCESS(status)) goto free_object_name_info; + return status; free_object_name_info: @@ -46,36 +52,42 @@ NTSTATUS nt2dos(UNICODE_STRING *u_resolved, UNICODE_STRING *u_unresolved) USHORT u_resolved_size; NTSTATUS status = STATUS_SUCCESS; - InitializeObjectAttributes(&file_attrs, - u_unresolved, - OBJ_CASE_INSENSITIVE | OBJ_OPENIF, - NULL, - NULL); - - status = ZwCreateFile(&file, - FILE_READ_ATTRIBUTES, - &file_attrs, - &io_status_block, - NULL, - FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_READ | FILE_SHARE_WRITE, - FILE_OPEN, - FILE_SYNCHRONOUS_IO_NONALERT, - NULL, 0); + InitializeObjectAttributes( + &file_attrs, + u_unresolved, + OBJ_CASE_INSENSITIVE | OBJ_OPENIF, + NULL, + NULL); + + status = ZwCreateFile( + &file, + FILE_READ_ATTRIBUTES, + &file_attrs, + &io_status_block, + NULL, + FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_READ | FILE_SHARE_WRITE, + FILE_OPEN, + FILE_SYNCHRONOUS_IO_NONALERT, + NULL, + 0); if (!NT_SUCCESS(status)) return status; - status = ObReferenceObjectByHandle(file, - FILE_READ_ATTRIBUTES, - *IoFileObjectType, - KernelMode, - &file_object, - NULL); + status = ObReferenceObjectByHandle( + file, + FILE_READ_ATTRIBUTES, + *IoFileObjectType, + KernelMode, + &file_object, + NULL); + if (!NT_SUCCESS(status)) goto close_file; status = get_object_name_info(file_object, &file_name_info); + if (!NT_SUCCESS(status)) goto close_file; @@ -83,15 +95,15 @@ NTSTATUS nt2dos(UNICODE_STRING *u_resolved, UNICODE_STRING *u_unresolved) { u_resolved->Buffer = ExAllocatePoolWithTag( PagedPool, file_name_info->Name.Length, '1l'); + if (u_resolved->Buffer == NULL) { status = STATUS_INSUFFICIENT_RESOURCES; goto free_file_name_info; } - RtlInitEmptyUnicodeString(u_resolved, - u_resolved->Buffer, - file_name_info->Name.Length); + RtlInitEmptyUnicodeString( + u_resolved, u_resolved->Buffer, file_name_info->Name.Length); RtlCopyUnicodeString(u_resolved, &file_name_info->Name); goto free_file_name_info; } @@ -103,15 +115,14 @@ NTSTATUS nt2dos(UNICODE_STRING *u_resolved, UNICODE_STRING *u_unresolved) goto free_file_name_info; status = IoVolumeDeviceToDosName(volume_object, &u_dos_name); + if (!NT_SUCCESS(status)) goto free_volume_name_info; - u_resolved_size = file_name_info->Name.Length - - volume_name_info->Name.Length - + u_dos_name.Length; + u_resolved_size = file_name_info->Name.Length - volume_name_info->Name.Length + u_dos_name.Length; + + u_resolved->Buffer = ExAllocatePoolWithTag(PagedPool, u_resolved_size, '1l'); - u_resolved->Buffer = ExAllocatePoolWithTag( - PagedPool, u_resolved_size, '1l'); if (u_resolved->Buffer == NULL) { status = STATUS_INSUFFICIENT_RESOURCES; @@ -121,10 +132,8 @@ NTSTATUS nt2dos(UNICODE_STRING *u_resolved, UNICODE_STRING *u_unresolved) RtlInitEmptyUnicodeString(u_resolved, u_resolved->Buffer, u_resolved_size); RtlCopyUnicodeString(u_resolved, &u_dos_name); - file_name_info->Name.Buffer += - volume_name_info->Name.Length / sizeof(wchar_t); - file_name_info->Name.Length -= - volume_name_info->Name.Length; + file_name_info->Name.Buffer += volume_name_info->Name.Length / sizeof(wchar_t); + file_name_info->Name.Length -= volume_name_info->Name.Length; RtlUnicodeStringCat(u_resolved, &file_name_info->Name); free_dos_name: diff --git a/src/sysenter/main.c b/src/sysenter/main.c index 9f75eec..c2ad1cb 100644 --- a/src/sysenter/main.c +++ b/src/sysenter/main.c @@ -90,8 +90,9 @@ static void on_driver_unload(DRIVER_OBJECT *driver_object) KeWaitForSingleObject(&timer, Executive, KernelMode, FALSE, NULL); } -NTSTATUS DriverEntry(DRIVER_OBJECT *driver_object, - UNICODE_STRING *registry_path) +NTSTATUS DriverEntry( + DRIVER_OBJECT *driver_object, + UNICODE_STRING *registry_path) { driver_object->DriverUnload = on_driver_unload; hook_sysenter(); diff --git a/src/test/device.c b/src/test/device.c index adb9d24..80b2392 100644 --- a/src/test/device.c +++ b/src/test/device.c @@ -20,25 +20,28 @@ static NTSTATUS device_open(DEVICE_OBJECT *device_object, IRP *irp) return status; } -typedef NTSTATUS (*ioctl_handler)(void *, unsigned long, - void *, unsigned long, - ULONG_PTR *); - -static NTSTATUS handle_say_hello(void *in_buf, - unsigned long in_buf_size, - void *out_buf, - unsigned long out_buf_size, - ULONG_PTR *nbwritten) +typedef NTSTATUS (*ioctl_handler)( + void *, unsigned long, + void *, unsigned long, + ULONG_PTR *); + +static NTSTATUS handle_say_hello( + void *in_buf, + unsigned long in_buf_size, + void *out_buf, + unsigned long out_buf_size, + ULONG_PTR *nbwritten) { DbgPrint("Hello, world!\n"); return STATUS_SUCCESS; } -static NTSTATUS handle_exchange_ints(void *in_buf, - unsigned long in_buf_size, - void *out_buf, - unsigned long out_buf_size, - ULONG_PTR *nbwritten) +static NTSTATUS handle_exchange_ints( + void *in_buf, + unsigned long in_buf_size, + void *out_buf, + unsigned long out_buf_size, + ULONG_PTR *nbwritten) { unsigned int read; unsigned int written = 0xdeadbeef; @@ -82,17 +85,20 @@ static NTSTATUS device_ioctl(DEVICE_OBJECT *device_object, IRP *irp) case SAY_HELLO: handler = handle_say_hello; break; + case EXCHANGE_INTS: handler = handle_exchange_ints; break; + default: status = irp->IoStatus.Status = STATUS_NOT_SUPPORTED; goto complete_request; } - status = irp->IoStatus.Status = handler(in_buf, in_buf_size, - out_buf, out_buf_size, - &irp->IoStatus.Information); + status = irp->IoStatus.Status = handler( + in_buf, in_buf_size, + out_buf, out_buf_size, + &irp->IoStatus.Information); complete_request: IoCompleteRequest(irp, IO_NO_INCREMENT); @@ -104,18 +110,20 @@ typedef struct { const wchar_t *path; const wchar_t *symlink; -} device_info; +} +DeviceInfo; typedef struct { DEVICE_OBJECT *object; UNICODE_STRING path; UNICODE_STRING symlink; -} device; +} +Device; #define NUMOF_DEVICES 2 -static device_info devices_info[NUMOF_DEVICES] = +static DeviceInfo devices_info[NUMOF_DEVICES] = { { L"\\Device\\test_device1", @@ -127,7 +135,7 @@ static device_info devices_info[NUMOF_DEVICES] = }, }; -static device devices[NUMOF_DEVICES]; +static Device devices[NUMOF_DEVICES]; static void destroy_device(int i) { @@ -153,13 +161,14 @@ static NTSTATUS set_up_device(DRIVER_OBJECT *driver_object, int i) RtlInitUnicodeString(&devices[i].path, devices_info[i].path); RtlInitUnicodeString(&devices[i].symlink, devices_info[i].symlink); - status = IoCreateDevice(driver_object, - 0, - &devices[i].path, - FILE_DEVICE_UNKNOWN, - FILE_DEVICE_SECURE_OPEN, - FALSE, - &devices[i].object); + status = IoCreateDevice( + driver_object, + 0, + &devices[i].path, + FILE_DEVICE_UNKNOWN, + FILE_DEVICE_SECURE_OPEN, + FALSE, + &devices[i].object); if (!NT_SUCCESS(status)) return status; @@ -167,8 +176,8 @@ static NTSTATUS set_up_device(DRIVER_OBJECT *driver_object, int i) devices[i].object->Flags |= DO_BUFFERED_IO; devices[i].object->Flags &= ~DO_DEVICE_INITIALIZING; - if (!NT_SUCCESS(status = IoCreateSymbolicLink(&devices[i].symlink, - &devices[i].path))) + if (!NT_SUCCESS(status = IoCreateSymbolicLink( + &devices[i].symlink, &devices[i].path))) goto delete_device; return status; diff --git a/src/test/main.c b/src/test/main.c index 545ecf3..bc3e705 100644 --- a/src/test/main.c +++ b/src/test/main.c @@ -16,8 +16,9 @@ VOID on_driver_unload(DRIVER_OBJECT *driver_object) destroy_devices(); } -NTSTATUS DriverEntry(DRIVER_OBJECT *driver_object, - UNICODE_STRING *registry_path) +NTSTATUS DriverEntry( + DRIVER_OBJECT *driver_object, + UNICODE_STRING *registry_path) { DbgPrint("Loading test driver...\n"); driver_object->DriverUnload = on_driver_unload; |