VirtualBox

source: vbox/trunk/src/VBox/HostDrivers/Support/testcase/tstNtQueryStuff.cpp@ 46284

Last change on this file since 46284 was 45161, checked in by vboxsync, 12 years ago

tstNtQueryStuff.cpp: Ignore ProcessImageFileNameWin32 and ProcessImageFileMapping if not supported (like on the w2k3/x86 testbox).

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 16.8 KB
Line 
1/* $Id: tstNtQueryStuff.cpp 45161 2013-03-25 11:08:50Z vboxsync $ */
2/** @file
3 * SUP Testcase - Exploring some NT Query APIs.
4 */
5
6/*
7 * Copyright (C) 2006-2012 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 *
17 * The contents of this file may alternatively be used under the terms
18 * of the Common Development and Distribution License Version 1.0
19 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
20 * VirtualBox OSE distribution, in which case the provisions of the
21 * CDDL are applicable instead of those of the GPL.
22 *
23 * You may elect to license modified versions of this file under the
24 * terms and conditions of either the GPL or the CDDL or both.
25 */
26
27
28/*******************************************************************************
29* Header Files *
30*******************************************************************************/
31#include <ntstatus.h>
32#define WIN32_NO_STATUS
33#include <Windows.h>
34#include <winternl.h>
35
36typedef enum
37{
38 MemoryBasicInformation = 0,
39 MemoryWorkingSetList,
40 MemorySectionName,
41 MemoryBasicVlmInformation
42} MEMORY_INFORMATION_CLASS;
43
44typedef struct
45{
46 UNICODE_STRING SectionFileName;
47 WCHAR NameBuffer[ANYSIZE_ARRAY];
48} MEMORY_SECTION_NAME;
49
50extern "C"
51NTSYSAPI NTSTATUS NTAPI NtQueryVirtualMemory(IN HANDLE hProcess,
52 IN LPCVOID pvWhere,
53 IN MEMORY_INFORMATION_CLASS MemoryInfo,
54 OUT PVOID pvBuf,
55 IN SIZE_T cbBuf,
56 OUT PSIZE_T pcbReturned OPTIONAL);
57
58#define ProcessDebugPort ((PROCESSINFOCLASS)7 )
59#define ProcessHandleCount ((PROCESSINFOCLASS)20)
60#define ProcessWow64Information ((PROCESSINFOCLASS)26)
61#define ProcessImageFileName ((PROCESSINFOCLASS)27)
62#define ProcessDebugObjectHandle ((PROCESSINFOCLASS)30)
63#define ProcessExecuteFlags ((PROCESSINFOCLASS)34)
64#define ProcessImageFileNameWin32 ((PROCESSINFOCLASS)43)
65#define ProcessImageFileMapping ((PROCESSINFOCLASS)44)
66
67
68#include <iprt/test.h>
69#include <iprt/string.h>
70
71
72/*******************************************************************************
73* Structures and Typedefs *
74*******************************************************************************/
75typedef struct FLAGDESC
76{
77 ULONG f;
78 const char *psz;
79} FLAGDESC;
80typedef const FLAGDESC *PCFLAGDESC;
81
82
83
84/*******************************************************************************
85* Global Variables *
86*******************************************************************************/
87static RTTEST g_hTest = NIL_RTTEST;
88static HANDLE g_hProcess = NULL;
89
90
91static char *stringifyAppend(char *pszBuf, size_t *pcbBuf, const char *pszAppend, bool fWithSpace)
92{
93 size_t cchAppend = strlen(pszAppend);
94 if (cchAppend + 1 + fWithSpace <= *pcbBuf)
95 {
96 if (fWithSpace)
97 {
98 *pszBuf++ = ' ';
99 *pcbBuf += 1;
100 }
101 memcpy(pszBuf, pszAppend, cchAppend + 1);
102 *pcbBuf -= cchAppend;
103 pszBuf += cchAppend;
104 }
105
106 return pszBuf;
107}
108
109
110static char *stringifyAppendUnknownFlags(uint32_t fFlags, char *pszBuf, size_t *pcbBuf, bool fWithSpace)
111{
112 for (unsigned iBit = 0; iBit < 32; iBit++)
113 if (fFlags & RT_BIT_32(iBit))
114 {
115 char szTmp[32]; /* lazy bird */
116 RTStrPrintf(szTmp, sizeof(szTmp), "BIT(%d)", iBit);
117 pszBuf = stringifyAppend(pszBuf, pcbBuf, szTmp, fWithSpace);
118 fWithSpace = true;
119 }
120
121 return pszBuf;
122}
123
124
125static char *stringifyFlags(uint32_t fFlags, char *pszBuf, size_t cbBuf, PCFLAGDESC paFlagDesc, size_t cFlagDesc)
126{
127 char *pszBufStart = pszBuf;
128 if (fFlags)
129 {
130 for (size_t i = 0; i < cFlagDesc; i++)
131 {
132 if (fFlags & paFlagDesc[i].f)
133 {
134 fFlags &= ~paFlagDesc[i].f;
135 pszBuf = stringifyAppend(pszBuf, &cbBuf, paFlagDesc[i].psz, pszBuf != pszBufStart);
136 }
137 }
138
139 if (fFlags)
140 stringifyAppendUnknownFlags(fFlags, pszBuf, &cbBuf, pszBuf != pszBufStart);
141 }
142 else
143 {
144 pszBuf[0] = '0';
145 pszBuf[1] = '\0';
146 }
147 return pszBufStart;
148}
149
150
151static char *stringifyMemType(uint32_t fType, char *pszBuf, size_t cbBuf)
152{
153 static const FLAGDESC s_aMemTypes[] =
154 {
155 { MEM_PRIVATE, "PRIVATE" },
156 { MEM_MAPPED, "MAPPED" },
157 { MEM_IMAGE, "IMAGE" },
158 };
159 return stringifyFlags(fType, pszBuf, cbBuf, s_aMemTypes, RT_ELEMENTS(s_aMemTypes));
160}
161
162
163static char *stringifyMemState(uint32_t fState, char *pszBuf, size_t cbBuf)
164{
165 static const FLAGDESC s_aMemStates[] =
166 {
167 { MEM_FREE, "FREE" },
168 { MEM_COMMIT, "COMMIT" },
169 { MEM_RESERVE, "RESERVE" },
170 { MEM_DECOMMIT, "DECOMMMIT" },
171 };
172 return stringifyFlags(fState, pszBuf, cbBuf, s_aMemStates, RT_ELEMENTS(s_aMemStates));
173}
174
175
176static char *stringifyMemProt(uint32_t fProt, char *pszBuf, size_t cbBuf)
177{
178 static const FLAGDESC s_aProtections[] =
179 {
180 { PAGE_NOACCESS, "NOACCESS" },
181 { PAGE_READONLY, "READONLY" },
182 { PAGE_READWRITE, "READWRITE" },
183 { PAGE_WRITECOPY, "WRITECOPY" },
184 { PAGE_EXECUTE, "EXECUTE" },
185 { PAGE_EXECUTE_READ, "EXECUTE_READ" },
186 { PAGE_EXECUTE_READWRITE, "EXECUTE_READWRITE" },
187 { PAGE_EXECUTE_WRITECOPY, "EXECUTE_WRITECOPY" },
188 { PAGE_GUARD, "GUARD" },
189 { PAGE_NOCACHE, "NOCACHE" },
190 { PAGE_WRITECOMBINE, "WRITECOMBINE" },
191
192 };
193 return stringifyFlags(fProt, pszBuf, cbBuf, s_aProtections, RT_ELEMENTS(s_aProtections));
194}
195
196
197
198static void tstQueryVirtualMemory(void)
199{
200 RTTestISub("NtQueryVirtualMemory");
201
202 uintptr_t cbAdvance = 0;
203 uintptr_t uPtrWhere = 0;
204 for (;;)
205 {
206 SIZE_T cbActual = 0;
207 MEMORY_BASIC_INFORMATION MemInfo = { 0, 0, 0, 0, 0, 0, 0 };
208 NTSTATUS rcNt = NtQueryVirtualMemory(g_hProcess,
209 (void const *)uPtrWhere,
210 MemoryBasicInformation,
211 &MemInfo,
212 sizeof(MemInfo),
213 &cbActual);
214 if (!NT_SUCCESS(rcNt))
215 {
216 RTTestIPrintf(RTTESTLVL_ALWAYS, "%p: rcNt=%#x\n", uPtrWhere, rcNt);
217 break;
218 }
219
220 /* stringify the memory state. */
221 char szMemType[1024];
222 char szMemState[1024];
223 char szMemProt[1024];
224 char szAllocProt[1024];
225
226 if ( MemInfo.AllocationBase != NULL
227 && MemInfo.AllocationBase == MemInfo.BaseAddress
228 && MemInfo.Protect != MemInfo.AllocationProtect)
229 RTTestIPrintf(RTTESTLVL_ALWAYS, "\n");
230
231 RTTestIPrintf(RTTESTLVL_ALWAYS, "%p-%p %-8s %-8s %-12s",
232 MemInfo.BaseAddress, (uintptr_t)MemInfo.BaseAddress + MemInfo.RegionSize - 1,
233 stringifyMemType(MemInfo.Type, szMemType, sizeof(szMemType)),
234 stringifyMemState(MemInfo.State, szMemState, sizeof(szMemState)),
235 stringifyMemProt(MemInfo.Protect, szMemProt, sizeof(szMemProt))
236 );
237 if ((uintptr_t)MemInfo.AllocationBase != 0)
238 {
239 if (MemInfo.AllocationBase != MemInfo.BaseAddress)
240 RTTestIPrintf(RTTESTLVL_ALWAYS, " %p", MemInfo.AllocationBase);
241 else
242 RTTestIPrintf(RTTESTLVL_ALWAYS, " %s", stringifyMemProt(MemInfo.AllocationProtect, szAllocProt, sizeof(szAllocProt)));
243 }
244 RTTestIPrintf(RTTESTLVL_ALWAYS, "\n");
245
246 if ((uintptr_t)MemInfo.BaseAddress != uPtrWhere)
247 RTTestIPrintf(RTTESTLVL_ALWAYS, " !Warning! Queried %p got BaseAddress=%p!\n",
248 uPtrWhere, MemInfo.BaseAddress);
249
250 /* Image or mapped, then try get a file name. */
251 if (MemInfo.Type == MEM_IMAGE || MemInfo.Type == MEM_MAPPED)
252 {
253 union
254 {
255 MEMORY_SECTION_NAME Core;
256 WCHAR awcPadding[UNICODE_STRING_MAX_CHARS + (sizeof(UNICODE_STRING_MAX_CHARS) + 1) / sizeof(WCHAR)];
257 } uBuf;
258 RT_ZERO(uBuf);
259 uBuf.Core.SectionFileName.Length = UNICODE_STRING_MAX_CHARS * 2;
260 uBuf.Core.SectionFileName.MaximumLength = UNICODE_STRING_MAX_CHARS * 2;
261 uBuf.Core.SectionFileName.Buffer = &uBuf.Core.NameBuffer[0];
262
263 cbActual = 0;
264 rcNt = NtQueryVirtualMemory(g_hProcess,
265 (void const *)uPtrWhere,
266 MemorySectionName,
267 &uBuf,
268 sizeof(uBuf),
269 &cbActual);
270 if (NT_SUCCESS(rcNt))
271 RTTestIPrintf(RTTESTLVL_ALWAYS, " %.*ls\n",
272 uBuf.Core.SectionFileName.Length / 2, uBuf.Core.SectionFileName.Buffer);
273 else
274 {
275 RTTestIPrintf(RTTESTLVL_ALWAYS, "%p: MemorySectionName - rcNt=%#x\n", uPtrWhere, rcNt);
276 RTTESTI_CHECK(rcNt == STATUS_FILE_INVALID && MemInfo.Type == MEM_MAPPED);
277 }
278 }
279
280 /* Advance. */
281 cbAdvance = MemInfo.RegionSize;
282 //cbAdvance = 0;
283 if (uPtrWhere + cbAdvance <= uPtrWhere)
284 break;
285 uPtrWhere += MemInfo.RegionSize;
286 }
287}
288
289
290static void tstQueryInformationProcess(void)
291{
292 RTTestISub("NtQueryInformationProcess");
293
294 NTSTATUS rcNt;
295
296 /* Basic info */
297 PROCESS_BASIC_INFORMATION BasicInfo;
298 RT_ZERO(BasicInfo);
299 DWORD cbActual = 0;
300 rcNt = NtQueryInformationProcess(g_hProcess,
301 ProcessBasicInformation,
302 &BasicInfo, sizeof(BasicInfo), &cbActual);
303 RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
304 if (NT_SUCCESS(rcNt))
305 RTTestIPrintf(RTTESTLVL_ALWAYS, "BasicInfo:\n"
306 " UniqueProcessId = %#x (%6d)\n"
307 " PebBaseAddress = %p\n"
308 " Reserved1 = %p ExitStatus?\n"
309 " Reserved2a = %p AffinityMask?\n"
310 " Reserved2b = %p (%6d) BasePriority?\n"
311 " Reserved3 = %p (%6d) InheritedFromUniqueProcessId?\n"
312 ,
313 BasicInfo.UniqueProcessId, BasicInfo.UniqueProcessId,
314 BasicInfo.PebBaseAddress,
315 BasicInfo.Reserved1,
316 BasicInfo.Reserved2[0],
317 BasicInfo.Reserved2[1], BasicInfo.Reserved2[1],
318 BasicInfo.Reserved3, BasicInfo.Reserved3
319 );
320
321
322 /* Debugger present? */
323 DWORD_PTR uPtr = ~(DWORD_PTR)0;
324 cbActual = 0;
325 rcNt = NtQueryInformationProcess(g_hProcess,
326 ProcessDebugPort,
327 &uPtr, sizeof(uPtr), &cbActual);
328 RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
329 if (NT_SUCCESS(rcNt))
330 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessDebugPort: %p\n", uPtr);
331
332 /* Debug object handle, whatever that is... */
333 uPtr = ~(DWORD_PTR)0;
334 cbActual = 0;
335 rcNt = NtQueryInformationProcess(g_hProcess,
336 ProcessDebugObjectHandle,
337 &uPtr, sizeof(uPtr), &cbActual);
338 if (NT_SUCCESS(rcNt))
339 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessDebugObjectHandle: %p\n", uPtr);
340 else if (rcNt == STATUS_PORT_NOT_SET)
341 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessDebugObjectHandle: rcNt=%#x (STATUS_PORT_NOT_SET)\n", uPtr);
342 else
343 RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
344
345 /* 32-bit app on 64-bit host? */
346 uPtr = ~(DWORD_PTR)0;
347 cbActual = 0;
348 rcNt = NtQueryInformationProcess(g_hProcess,
349 ProcessWow64Information,
350 &uPtr, sizeof(uPtr), &cbActual);
351 RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
352 if (NT_SUCCESS(rcNt))
353 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessWow64Information: %p\n", uPtr);
354
355 /* Process image name (NT). */
356 struct
357 {
358 UNICODE_STRING UniStr;
359 WCHAR awBuffer[UNICODE_STRING_MAX_CHARS];
360 } StrBuf;
361 RT_ZERO(StrBuf);
362 StrBuf.UniStr.Length = UNICODE_STRING_MAX_CHARS * 2;
363 StrBuf.UniStr.MaximumLength = UNICODE_STRING_MAX_CHARS * 2;
364 StrBuf.UniStr.Buffer = &StrBuf.awBuffer[0];
365 cbActual = 0;
366 rcNt = NtQueryInformationProcess(g_hProcess,
367 ProcessImageFileName,
368 &StrBuf, sizeof(StrBuf), &cbActual);
369 RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
370 if (NT_SUCCESS(rcNt))
371 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessImageFileName: len=%u\n %.*ls\n",
372 StrBuf.UniStr.Length, StrBuf.UniStr.Length, StrBuf.UniStr.Buffer);
373
374 /* Process image name (Win32) - Not available on Windows 2003. */
375 RT_ZERO(StrBuf);
376 StrBuf.UniStr.Length = UNICODE_STRING_MAX_CHARS * 2;
377 StrBuf.UniStr.MaximumLength = UNICODE_STRING_MAX_CHARS * 2;
378 StrBuf.UniStr.Buffer = &StrBuf.awBuffer[0];
379 cbActual = 0;
380 rcNt = NtQueryInformationProcess(g_hProcess,
381 ProcessImageFileNameWin32,
382 &StrBuf, sizeof(StrBuf), &cbActual);
383 if (rcNt != STATUS_INVALID_INFO_CLASS)
384 {
385 RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
386 if (NT_SUCCESS(rcNt))
387 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessImageFileNameWin32: len=%u\n %.*ls\n",
388 StrBuf.UniStr.Length, StrBuf.UniStr.Length, StrBuf.UniStr.Buffer);
389 }
390 else
391 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessImageFileNameWin32: Not supported (STATUS_INVALID_INFO_CLASS).\n");
392
393 /* Process image mapping - Not available on Windows 2003. */
394 uPtr = ~(DWORD_PTR)0;
395 cbActual = 0;
396 rcNt = NtQueryInformationProcess(g_hProcess,
397 ProcessImageFileMapping,
398 &uPtr, sizeof(uPtr), &cbActual);
399 if (NT_SUCCESS(rcNt))
400 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessImageFileMapping: %p\n", uPtr);
401 else if (rcNt == STATUS_OBJECT_TYPE_MISMATCH)
402 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessImageFileMapping: rcNt=%#x (STATUS_OBJECT_TYPE_MISMATCH)\n", rcNt);
403 else if (rcNt == STATUS_INVALID_INFO_CLASS)
404 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessImageFileMapping: Not supported (STATUS_INVALID_INFO_CLASS).\n");
405 else
406 RTTestIFailed("ProcessImageFileMapping: rcNt=%#x\n", rcNt);
407
408
409 /* Handles. Broken for 64-bit input. */
410 uint32_t u32 = UINT32_MAX;
411 cbActual = 0;
412 rcNt = NtQueryInformationProcess(g_hProcess,
413 ProcessHandleCount,
414 &u32, sizeof(u32), &cbActual);
415 if (NT_SUCCESS(rcNt))
416 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessHandleCount: %#x (%d)\n", u32, u32);
417 else
418 RTTestIFailed("ProcessHandleCount: rcNt=%#x\n", rcNt);
419
420 /* Execute flags. */
421#if 0 /* fails... wrong process handle? */
422 u32 = ~(DWORD_PTR)0;
423 cbActual = 0;
424 rcNt = NtQueryInformationProcess(g_hProcess,
425 ProcessExecuteFlags,
426 &u32, sizeof(u32), &cbActual);
427 if (NT_SUCCESS(rcNt))
428 RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessExecuteFlags: %#p\n", u32);
429 else
430 RTTestIFailed("ProcessExecuteFlags: rcNt=%#x\n", rcNt);
431#endif
432
433 /** @todo ProcessImageInformation */
434}
435
436
437int main()
438{
439 RTEXITCODE rcExit = RTTestInitAndCreate("tstNtQueryStuff", &g_hTest);
440 if (rcExit != RTEXITCODE_SUCCESS)
441 return rcExit;
442 RTTestBanner(g_hTest);
443
444 g_hProcess = GetCurrentProcess();
445
446 //tstQueryVirtualMemory();
447 tstQueryInformationProcess();
448
449
450 return RTTestSummaryAndDestroy(g_hTest);
451}
452
453
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette