VirtualBox

source: vbox/trunk/src/VBox/HostDrivers/Support/testcase/tstNtQueryStuff.cpp@ 78297

Last change on this file since 78297 was 76553, checked in by vboxsync, 6 years ago

scm --update-copyright-year

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 16.5 KB
Line 
1/* $Id: tstNtQueryStuff.cpp 76553 2019-01-01 01:45:53Z vboxsync $ */
2/** @file
3 * SUP Testcase - Exploring some NT Query APIs.
4 */
5
6/*
7 * Copyright (C) 2006-2019 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 *
17 * The contents of this file may alternatively be used under the terms
18 * of the Common Development and Distribution License Version 1.0
19 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
20 * VirtualBox OSE distribution, in which case the provisions of the
21 * CDDL are applicable instead of those of the GPL.
22 *
23 * You may elect to license modified versions of this file under the
24 * terms and conditions of either the GPL or the CDDL or both.
25 */
26
27
28/*********************************************************************************************************************************
29* Header Files *
30*********************************************************************************************************************************/
31#include <iprt/nt/nt-and-windows.h>
32#include <iprt/test.h>
33#include <iprt/string.h>
34
35
36/*********************************************************************************************************************************
37* Structures and Typedefs *
38*********************************************************************************************************************************/
39typedef struct FLAGDESC
40{
41 ULONG f;
42 const char *psz;
43} FLAGDESC;
44typedef const FLAGDESC *PCFLAGDESC;
45
46
47
48/*********************************************************************************************************************************
49* Global Variables *
50*********************************************************************************************************************************/
51static RTTEST g_hTest = NIL_RTTEST;
52static HANDLE g_hProcess = NULL;
53
54
55static char *stringifyAppend(char *pszBuf, size_t *pcbBuf, const char *pszAppend, bool fWithSpace)
56{
57 size_t cchAppend = strlen(pszAppend);
58 if (cchAppend + 1 + fWithSpace <= *pcbBuf)
59 {
60 if (fWithSpace)
61 {
62 *pszBuf++ = ' ';
63 *pcbBuf += 1;
64 }
65 memcpy(pszBuf, pszAppend, cchAppend + 1);
66 *pcbBuf -= cchAppend;
67 pszBuf += cchAppend;
68 }
69
70 return pszBuf;
71}
72
73
74static char *stringifyAppendUnknownFlags(uint32_t fFlags, char *pszBuf, size_t *pcbBuf, bool fWithSpace)
75{
76 for (unsigned iBit = 0; iBit < 32; iBit++)
77 if (fFlags & RT_BIT_32(iBit))
78 {
79 char szTmp[32]; /* lazy bird */
80 RTStrPrintf(szTmp, sizeof(szTmp), "BIT(%d)", iBit);
81 pszBuf = stringifyAppend(pszBuf, pcbBuf, szTmp, fWithSpace);
82 fWithSpace = true;
83 }
84
85 return pszBuf;
86}
87
88
89static char *stringifyFlags(uint32_t fFlags, char *pszBuf, size_t cbBuf, PCFLAGDESC paFlagDesc, size_t cFlagDesc)
90{
91 char *pszBufStart = pszBuf;
92 if (fFlags)
93 {
94 for (size_t i = 0; i < cFlagDesc; i++)
95 {
96 if (fFlags & paFlagDesc[i].f)
97 {
98 fFlags &= ~paFlagDesc[i].f;
99 pszBuf = stringifyAppend(pszBuf, &cbBuf, paFlagDesc[i].psz, pszBuf != pszBufStart);
100 }
101 }
102
103 if (fFlags)
104 stringifyAppendUnknownFlags(fFlags, pszBuf, &cbBuf, pszBuf != pszBufStart);
105 }
106 else
107 {
108 pszBuf[0] = '0';
109 pszBuf[1] = '\0';
110 }
111 return pszBufStart;
112}
113
114
115static char *stringifyMemType(uint32_t fType, char *pszBuf, size_t cbBuf)
116{
117 static const FLAGDESC s_aMemTypes[] =
118 {
119 { MEM_PRIVATE, "PRIVATE" },
120 { MEM_MAPPED, "MAPPED" },
121 { MEM_IMAGE, "IMAGE" },
122 };
123 return stringifyFlags(fType, pszBuf, cbBuf, s_aMemTypes, RT_ELEMENTS(s_aMemTypes));
124}
125
126
127static char *stringifyMemState(uint32_t fState, char *pszBuf, size_t cbBuf)
128{
129 static const FLAGDESC s_aMemStates[] =
130 {
131 { MEM_FREE, "FREE" },
132 { MEM_COMMIT, "COMMIT" },
133 { MEM_RESERVE, "RESERVE" },
134 { MEM_DECOMMIT, "DECOMMMIT" },
135 };
136 return stringifyFlags(fState, pszBuf, cbBuf, s_aMemStates, RT_ELEMENTS(s_aMemStates));
137}
138
139
140static char *stringifyMemProt(uint32_t fProt, char *pszBuf, size_t cbBuf)
141{
142 static const FLAGDESC s_aProtections[] =
143 {
144 { PAGE_NOACCESS, "NOACCESS" },
145 { PAGE_READONLY, "READONLY" },
146 { PAGE_READWRITE, "READWRITE" },
147 { PAGE_WRITECOPY, "WRITECOPY" },
148 { PAGE_EXECUTE, "EXECUTE" },
149 { PAGE_EXECUTE_READ, "EXECUTE_READ" },
150 { PAGE_EXECUTE_READWRITE, "EXECUTE_READWRITE" },
151 { PAGE_EXECUTE_WRITECOPY, "EXECUTE_WRITECOPY" },
152 { PAGE_GUARD, "GUARD" },
153 { PAGE_NOCACHE, "NOCACHE" },
154 { PAGE_WRITECOMBINE, "WRITECOMBINE" },
155
156 };
157 return stringifyFlags(fProt, pszBuf, cbBuf, s_aProtections, RT_ELEMENTS(s_aProtections));
158}
159
160
161
162static void tstQueryVirtualMemory(void)
163{
164 RTTestISub("NtQueryVirtualMemory");
165
166 uintptr_t cbAdvance = 0;
167 uintptr_t uPtrWhere = 0;
168 for (;;)
169 {
170 SIZE_T cbActual = 0;
171 MEMORY_BASIC_INFORMATION MemInfo = { 0, 0, 0, 0, 0, 0, 0 };
172 NTSTATUS rcNt = NtQueryVirtualMemory(g_hProcess,
173 (void const *)uPtrWhere,
174 MemoryBasicInformation,
175 &MemInfo,
176 sizeof(MemInfo),
177 &cbActual);
178 if (!NT_SUCCESS(rcNt))
179 {
180 RTTestIPrintf(RTTESTLVL_ALWAYS, "%p: rcNt=%#x\n", uPtrWhere, rcNt);
181 break;
182 }
183
184 /* stringify the memory state. */
185 char szMemType[1024];
186 char szMemState[1024];
187 char szMemProt[1024];
188 char szAllocProt[1024];
189
190 if ( MemInfo.AllocationBase != NULL
191 && MemInfo.AllocationBase == MemInfo.BaseAddress
192 && MemInfo.Protect != MemInfo.AllocationProtect)
193 RTTestIPrintf(RTTESTLVL_ALWAYS, "\n");
194
195 RTTestIPrintf(RTTESTLVL_ALWAYS, "%p-%p %-8s %-8s %-12s",
196 MemInfo.BaseAddress, (uintptr_t)MemInfo.BaseAddress + MemInfo.RegionSize - 1,
197 stringifyMemType(MemInfo.Type, szMemType, sizeof(szMemType)),
198 stringifyMemState(MemInfo.State, szMemState, sizeof(szMemState)),
199 stringifyMemProt(MemInfo.Protect, szMemProt, sizeof(szMemProt))
200 );
201 if ((uintptr_t)MemInfo.AllocationBase != 0)
202 {
203 if (MemInfo.AllocationBase != MemInfo.BaseAddress)
204 RTTestIPrintf(RTTESTLVL_ALWAYS, " %p", MemInfo.AllocationBase);
205 else
206 RTTestIPrintf(RTTESTLVL_ALWAYS, " %s", stringifyMemProt(MemInfo.AllocationProtect, szAllocProt, sizeof(szAllocProt)));
207 }
208 RTTestIPrintf(RTTESTLVL_ALWAYS, "\n");
209
210 if ((uintptr_t)MemInfo.BaseAddress != uPtrWhere)
211 RTTestIPrintf(RTTESTLVL_ALWAYS, " !Warning! Queried %p got BaseAddress=%p!\n",
212 uPtrWhere, MemInfo.BaseAddress);
213
214 /* Image or mapped, then try get a file name. */
215 if (MemInfo.Type == MEM_IMAGE || MemInfo.Type == MEM_MAPPED)
216 {
217 union
218 {
219 MEMORY_SECTION_NAME Core;
220 WCHAR awcPadding[UNICODE_STRING_MAX_CHARS + (sizeof(UNICODE_STRING_MAX_CHARS) + 1) / sizeof(WCHAR)];
221 } uBuf;
222 RT_ZERO(uBuf);
223 uBuf.Core.SectionFileName.Length = UNICODE_STRING_MAX_CHARS * 2;
224 uBuf.Core.SectionFileName.MaximumLength = UNICODE_STRING_MAX_CHARS * 2;
225 uBuf.Core.SectionFileName.Buffer = &uBuf.Core.NameBuffer[0];
226
227 cbActual = 0;
228 rcNt = NtQueryVirtualMemory(g_hProcess,
229 (void const *)uPtrWhere,
230 MemorySectionName,
231 &uBuf,
232 sizeof(uBuf),
233 &cbActual);
234 if (NT_SUCCESS(rcNt))
235 RTTestIPrintf(RTTESTLVL_ALWAYS, " %.*ls\n",
236 uBuf.Core.SectionFileName.Length / 2, uBuf.Core.SectionFileName.Buffer);
237 else
238 {
239 RTTestIPrintf(RTTESTLVL_ALWAYS, "%p: MemorySectionName - rcNt=%#x\n", uPtrWhere, rcNt);
240 RTTESTI_CHECK(rcNt == STATUS_FILE_INVALID && MemInfo.Type == MEM_MAPPED);
241 }
242 }
243
244 /* Advance. */
245 cbAdvance = MemInfo.RegionSize;
246 //cbAdvance = 0;
247 if (uPtrWhere + cbAdvance <= uPtrWhere)
248 break;
249 uPtrWhere += MemInfo.RegionSize;
250 }
251}
252
253
254static void tstQueryInformationProcess(void)
255{
256 RTTestISub("NtQueryInformationProcess");
257
258 NTSTATUS rcNt;
259
260 /* Basic info */
261 PROCESS_BASIC_INFORMATION BasicInfo;
262 RT_ZERO(BasicInfo);
263 DWORD cbActual = 0;
264 rcNt = NtQueryInformationProcess(g_hProcess,
265 ProcessBasicInformation,
266 &BasicInfo, sizeof(BasicInfo), &cbActual);
267 RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
268 if (NT_SUCCESS(rcNt))
269 RTTestIPrintf(RTTESTLVL_ALWAYS, "BasicInfo:\n"
270 " UniqueProcessId = %#x (%6d)\n"
271 " InheritedFromUniqueProcessId = %#x (%6d)\n"
272 " ExitStatus = %#x\n"
273 " PebBaseAddress = %p\n"
274 " AffinityMask = %#zx\n"
275 " BasePriority = %#zx\n"
276 ,
277 BasicInfo.UniqueProcessId, BasicInfo.UniqueProcessId,
278 BasicInfo.InheritedFromUniqueProcessId, BasicInfo.InheritedFromUniqueProcessId,
279 BasicInfo.ExitStatus,
280 BasicInfo.PebBaseAddress,
281 BasicInfo.AffinityMask,
282 BasicInfo.BasePriority
283 );
284
285 /* Debugger present? */
286 DWORD_PTR uPtr = ~(DWORD_PTR)0;
287 cbActual = 0;
288 rcNt = NtQueryInformationProcess(g_hProcess,
289 ProcessDebugPort,
290 &uPtr, sizeof(uPtr), &cbActual);
291 RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
292 if (NT_SUCCESS(rcNt))
293 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessDebugPort: %p\n", uPtr);
294
295 /* Debug object handle, whatever that is... */
296 uPtr = ~(DWORD_PTR)0;
297 cbActual = 0;
298 rcNt = NtQueryInformationProcess(g_hProcess,
299 ProcessDebugObjectHandle,
300 &uPtr, sizeof(uPtr), &cbActual);
301 if (NT_SUCCESS(rcNt))
302 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessDebugObjectHandle: %p\n", uPtr);
303 else if (rcNt == STATUS_PORT_NOT_SET)
304 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessDebugObjectHandle: rcNt=%#x (STATUS_PORT_NOT_SET)\n", uPtr);
305 else
306 RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
307
308 /* 32-bit app on 64-bit host? */
309 uPtr = ~(DWORD_PTR)0;
310 cbActual = 0;
311 rcNt = NtQueryInformationProcess(g_hProcess,
312 ProcessWow64Information,
313 &uPtr, sizeof(uPtr), &cbActual);
314 RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
315 if (NT_SUCCESS(rcNt))
316 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessWow64Information: %p\n", uPtr);
317
318 /* Process image name (NT). */
319 struct
320 {
321 UNICODE_STRING UniStr;
322 WCHAR awBuffer[UNICODE_STRING_MAX_CHARS];
323 } StrBuf;
324 RT_ZERO(StrBuf);
325 StrBuf.UniStr.Length = UNICODE_STRING_MAX_CHARS * 2;
326 StrBuf.UniStr.MaximumLength = UNICODE_STRING_MAX_CHARS * 2;
327 StrBuf.UniStr.Buffer = &StrBuf.awBuffer[0];
328 cbActual = 0;
329 rcNt = NtQueryInformationProcess(g_hProcess,
330 ProcessImageFileName,
331 &StrBuf, sizeof(StrBuf), &cbActual);
332 RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
333 if (NT_SUCCESS(rcNt))
334 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessImageFileName: len=%u\n %.*ls\n",
335 StrBuf.UniStr.Length, StrBuf.UniStr.Length, StrBuf.UniStr.Buffer);
336
337 /* Process image name (Win32) - Not available on Windows 2003. */
338 RT_ZERO(StrBuf);
339 StrBuf.UniStr.Length = UNICODE_STRING_MAX_CHARS * 2;
340 StrBuf.UniStr.MaximumLength = UNICODE_STRING_MAX_CHARS * 2;
341 StrBuf.UniStr.Buffer = &StrBuf.awBuffer[0];
342 cbActual = 0;
343 rcNt = NtQueryInformationProcess(g_hProcess,
344 ProcessImageFileNameWin32,
345 &StrBuf, sizeof(StrBuf), &cbActual);
346 if (rcNt != STATUS_INVALID_INFO_CLASS)
347 {
348 RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
349 if (NT_SUCCESS(rcNt))
350 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessImageFileNameWin32: len=%u\n %.*ls\n",
351 StrBuf.UniStr.Length, StrBuf.UniStr.Length, StrBuf.UniStr.Buffer);
352 }
353 else
354 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessImageFileNameWin32: Not supported (STATUS_INVALID_INFO_CLASS).\n");
355
356 /* Process image mapping - Not available on Windows 2003. */
357 uPtr = ~(DWORD_PTR)0;
358 cbActual = 0;
359 rcNt = NtQueryInformationProcess(g_hProcess,
360 ProcessImageFileMapping,
361 &uPtr, sizeof(uPtr), &cbActual);
362 if (NT_SUCCESS(rcNt))
363 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessImageFileMapping: %p\n", uPtr);
364 else if (rcNt == STATUS_OBJECT_TYPE_MISMATCH)
365 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessImageFileMapping: rcNt=%#x (STATUS_OBJECT_TYPE_MISMATCH)\n", rcNt);
366 else if (rcNt == STATUS_INVALID_INFO_CLASS)
367 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessImageFileMapping: Not supported (STATUS_INVALID_INFO_CLASS).\n");
368 else
369 RTTestIFailed("ProcessImageFileMapping: rcNt=%#x\n", rcNt);
370
371
372 /* Handles. Broken for 64-bit input. */
373 uint32_t u32 = UINT32_MAX;
374 cbActual = 0;
375 rcNt = NtQueryInformationProcess(g_hProcess,
376 ProcessHandleCount,
377 &u32, sizeof(u32), &cbActual);
378 if (NT_SUCCESS(rcNt))
379 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessHandleCount: %#x (%d)\n", u32, u32);
380 else
381 RTTestIFailed("ProcessHandleCount: rcNt=%#x\n", rcNt);
382
383 /* Execute flags. */
384#if 0 /* fails... wrong process handle? */
385 u32 = ~(DWORD_PTR)0;
386 cbActual = 0;
387 rcNt = NtQueryInformationProcess(g_hProcess,
388 ProcessExecuteFlags,
389 &u32, sizeof(u32), &cbActual);
390 if (NT_SUCCESS(rcNt))
391 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessExecuteFlags: %#p\n", u32);
392 else
393 RTTestIFailed("ProcessExecuteFlags: rcNt=%#x\n", rcNt);
394#endif
395
396 /** @todo ProcessImageInformation */
397}
398
399
400int main(int argc, char **argv)
401{
402 RTEXITCODE rcExit = RTTestInitAndCreate("tstNtQueryStuff", &g_hTest);
403 if (rcExit != RTEXITCODE_SUCCESS)
404 return rcExit;
405 RTTestBanner(g_hTest);
406
407 g_hProcess = GetCurrentProcess();
408 if (argc >= 2 && argv[1][0] != '-')
409 {
410 const char *pszPid = argv[1];
411 uint32_t idPid = RTStrToInt32(pszPid);
412
413 uint32_t fAccess = PROCESS_QUERY_INFORMATION;
414 if (argc >= 3)
415 fAccess = RTStrToInt32(argv[2]);
416
417 g_hProcess = OpenProcess(fAccess, FALSE, idPid);
418 if (g_hProcess == NULL)
419 {
420 RTTestIFailed("Error %u opening process %u (%s)\n", GetLastError(), idPid, pszPid);
421 return RTTestSummaryAndDestroy(g_hTest);
422 }
423 }
424
425 tstQueryVirtualMemory();
426 tstQueryInformationProcess();
427
428 return RTTestSummaryAndDestroy(g_hTest);
429}
430
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette