Changeset 43417 in vbox

Timestamp:

Sep 24, 2012 1:46:57 PM (12 years ago)

Author:

vboxsync

Message:

More hacking.

File:

• trunk/src/VBox/HostDrivers/Support/testcase/tstNtQueryStuff.cpp (modified) (11 diffs)

trunk/src/VBox/HostDrivers/Support/testcase/tstNtQueryStuff.cpp

@@ -29 +29 @@
 *   Header Files                                                               *
 *******************************************************************************/
+#include <ntstatus.h>
+#define WIN32_NO_STATUS
 #include <Windows.h>
 #include <winternl.h>
@@ -54 +56 @@
                                              OUT PSIZE_T pcbReturned OPTIONAL);
 
+#define ProcessDebugPort            ((PROCESSINFOCLASS)7 )
+#define ProcessHandleCount          ((PROCESSINFOCLASS)20)
+#define ProcessWow64Information     ((PROCESSINFOCLASS)26)
+#define ProcessImageFileName        ((PROCESSINFOCLASS)27)
+#define ProcessDebugObjectHandle    ((PROCESSINFOCLASS)30)
+#define ProcessExecuteFlags         ((PROCESSINFOCLASS)34)
+#define ProcessImageFileNameWin32   ((PROCESSINFOCLASS)43)
+#define ProcessImageFileMapping     ((PROCESSINFOCLASS)44)
+
 
 #include <iprt/test.h>
@@ -75 +86 @@
 *******************************************************************************/
 static RTTEST g_hTest = NIL_RTTEST;
+static HANDLE g_hProcess = NULL;
 
 
@@ -188 +200 @@
     RTTestISub("NtQueryVirtualMemory");
 
-
     uintptr_t   cbAdvance = 0;
     uintptr_t   uPtrWhere = 0;
@@ -195 +206 @@
         SIZE_T                      cbActual = 0;
         MEMORY_BASIC_INFORMATION    MemInfo  = { 0, 0, 0, 0, 0, 0, 0 };
-        NTSTATUS ntRc = NtQueryVirtualMemory(GetCurrentProcess(),
+        NTSTATUS rcNt = NtQueryVirtualMemory(g_hProcess,
                                              (void const *)uPtrWhere,
                                              MemoryBasicInformation,
@@ -201 +212 @@
                                              sizeof(MemInfo),
                                              &cbActual);
-        if (!NT_SUCCESS(ntRc))
-        {
-            RTTestIPrintf(RTTESTLVL_ALWAYS, "%p: ntRc=%#x\n", uPtrWhere, ntRc);
+        if (!NT_SUCCESS(rcNt))
+        {
+            RTTestIPrintf(RTTESTLVL_ALWAYS, "%p: rcNt=%#x\n", uPtrWhere, rcNt);
             break;
         }
@@ -211 +222 @@
         char szMemState[1024];
         char szMemProt[1024];
-
-        RTTestIPrintf(RTTESTLVL_ALWAYS, "%p-%p  %-8s  %-8s  %-12s\n",
+        char szAllocProt[1024];
+
+        if (   MemInfo.AllocationBase != NULL
+            && MemInfo.AllocationBase == MemInfo.BaseAddress
+            && MemInfo.Protect        != MemInfo.AllocationProtect)
+            RTTestIPrintf(RTTESTLVL_ALWAYS, "\n");
+
+        RTTestIPrintf(RTTESTLVL_ALWAYS, "%p-%p  %-8s  %-8s  %-12s",
                       MemInfo.BaseAddress, (uintptr_t)MemInfo.BaseAddress + MemInfo.RegionSize - 1,
                       stringifyMemType(MemInfo.Type, szMemType, sizeof(szMemType)),
@@ -218 +235 @@
                       stringifyMemProt(MemInfo.Protect, szMemProt, sizeof(szMemProt))
                       );
+        if ((uintptr_t)MemInfo.AllocationBase != 0)
+        {
+            if (MemInfo.AllocationBase != MemInfo.BaseAddress)
+                RTTestIPrintf(RTTESTLVL_ALWAYS, "  %p", MemInfo.AllocationBase);
+            else
+                RTTestIPrintf(RTTESTLVL_ALWAYS, "  %s", stringifyMemProt(MemInfo.AllocationProtect, szAllocProt, sizeof(szAllocProt)));
+        }
+        RTTestIPrintf(RTTESTLVL_ALWAYS, "\n");
 
         if ((uintptr_t)MemInfo.BaseAddress != uPtrWhere)
@@ -223 +248 @@
                           uPtrWhere, MemInfo.BaseAddress);
 
+        /* Image or mapped, then try get a file name. */
+        if (MemInfo.Type == MEM_IMAGE || MemInfo.Type == MEM_MAPPED)
+        {
+            union
+            {
+                MEMORY_SECTION_NAME     Core;
+                WCHAR                   awcPadding[UNICODE_STRING_MAX_CHARS + (sizeof(UNICODE_STRING_MAX_CHARS) + 1) / sizeof(WCHAR)];
+            } uBuf;
+            RT_ZERO(uBuf);
+            uBuf.Core.SectionFileName.Length        = UNICODE_STRING_MAX_CHARS * 2;
+            uBuf.Core.SectionFileName.MaximumLength = UNICODE_STRING_MAX_CHARS * 2;
+            uBuf.Core.SectionFileName.Buffer        = &uBuf.Core.NameBuffer[0];
+
+            cbActual = 0;
+            rcNt = NtQueryVirtualMemory(g_hProcess,
+                                        (void const *)uPtrWhere,
+                                        MemorySectionName,
+                                        &uBuf,
+                                        sizeof(uBuf),
+                                        &cbActual);
+            if (NT_SUCCESS(rcNt))
+                RTTestIPrintf(RTTESTLVL_ALWAYS, "    %.*ls\n",
+                              uBuf.Core.SectionFileName.Length / 2, uBuf.Core.SectionFileName.Buffer);
+            else
+            {
+                RTTestIPrintf(RTTESTLVL_ALWAYS, "%p: MemorySectionName - rcNt=%#x\n", uPtrWhere, rcNt);
+                RTTESTI_CHECK(rcNt == STATUS_FILE_INVALID && MemInfo.Type == MEM_MAPPED);
+            }
+        }
+
+        /* Advance. */
         cbAdvance = MemInfo.RegionSize;
         //cbAdvance = 0;
@@ -232 +288 @@
 
 
-
-//NtQueryInformationProcess
+static void tstQueryInformationProcess(void)
+{
+    RTTestISub("NtQueryInformationProcess");
+
+    NTSTATUS rcNt;
+
+    /* Basic info */
+    PROCESS_BASIC_INFORMATION BasicInfo;
+    RT_ZERO(BasicInfo);
+    DWORD cbActual = 0;
+    rcNt = NtQueryInformationProcess(g_hProcess,
+                                     ProcessBasicInformation,
+                                     &BasicInfo, sizeof(BasicInfo), &cbActual);
+    RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
+    if (NT_SUCCESS(rcNt))
+        RTTestIPrintf(RTTESTLVL_ALWAYS, "BasicInfo:\n"
+                                        "    UniqueProcessId = %#x (%6d)\n"
+                                        "    PebBaseAddress  = %p\n"
+                                        "    Reserved1       = %p          ExitStatus?\n"
+                                        "    Reserved2a      = %p          AffinityMask?\n"
+                                        "    Reserved2b      = %p (%6d) BasePriority?\n"
+                                        "    Reserved3       = %p (%6d) InheritedFromUniqueProcessId?\n"
+                      ,
+                      BasicInfo.UniqueProcessId, BasicInfo.UniqueProcessId,
+                      BasicInfo.PebBaseAddress,
+                      BasicInfo.Reserved1,
+                      BasicInfo.Reserved2[0],
+                      BasicInfo.Reserved2[1], BasicInfo.Reserved2[1],
+                      BasicInfo.Reserved3, BasicInfo.Reserved3
+                      );
+
+
+    /* Debugger present? */
+    DWORD_PTR uPtr = ~(DWORD_PTR)0;
+    cbActual = 0;
+    rcNt = NtQueryInformationProcess(g_hProcess,
+                                     ProcessDebugPort,
+                                     &uPtr, sizeof(uPtr), &cbActual);
+    RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
+    if (NT_SUCCESS(rcNt))
+        RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessDebugPort:          %p\n", uPtr);
+
+    /* Debug object handle, whatever that is... */
+    uPtr = ~(DWORD_PTR)0;
+    cbActual = 0;
+    rcNt = NtQueryInformationProcess(g_hProcess,
+                                     ProcessDebugObjectHandle,
+                                     &uPtr, sizeof(uPtr), &cbActual);
+    if (NT_SUCCESS(rcNt))
+        RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessDebugObjectHandle:  %p\n", uPtr);
+    else if (rcNt == STATUS_PORT_NOT_SET)
+        RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessDebugObjectHandle:  rcNt=%#x (STATUS_PORT_NOT_SET)\n", uPtr);
+    else
+        RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
+
+    /* 32-bit app on 64-bit host? */
+    uPtr = ~(DWORD_PTR)0;
+    cbActual = 0;
+    rcNt = NtQueryInformationProcess(g_hProcess,
+                                     ProcessWow64Information,
+                                     &uPtr, sizeof(uPtr), &cbActual);
+    RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
+    if (NT_SUCCESS(rcNt))
+        RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessWow64Information:   %p\n", uPtr);
+
+    /* Process image name (NT). */
+    struct
+    {
+        UNICODE_STRING     UniStr;
+        WCHAR              awBuffer[UNICODE_STRING_MAX_CHARS];
+    } StrBuf;
+    RT_ZERO(StrBuf);
+    StrBuf.UniStr.Length        = UNICODE_STRING_MAX_CHARS * 2;
+    StrBuf.UniStr.MaximumLength = UNICODE_STRING_MAX_CHARS * 2;
+    StrBuf.UniStr.Buffer        = &StrBuf.awBuffer[0];
+    cbActual = 0;
+    rcNt = NtQueryInformationProcess(g_hProcess,
+                                     ProcessImageFileName,
+                                     &StrBuf, sizeof(StrBuf), &cbActual);
+    RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
+    if (NT_SUCCESS(rcNt))
+        RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessImageFileName:      len=%u\n    %.*ls\n",
+                      StrBuf.UniStr.Length, StrBuf.UniStr.Length, StrBuf.UniStr.Buffer);
+
+    /* Process image name (Win32). */
+    RT_ZERO(StrBuf);
+    StrBuf.UniStr.Length        = UNICODE_STRING_MAX_CHARS * 2;
+    StrBuf.UniStr.MaximumLength = UNICODE_STRING_MAX_CHARS * 2;
+    StrBuf.UniStr.Buffer        = &StrBuf.awBuffer[0];
+    cbActual = 0;
+    rcNt = NtQueryInformationProcess(g_hProcess,
+                                     ProcessImageFileNameWin32,
+                                     &StrBuf, sizeof(StrBuf), &cbActual);
+    RTTESTI_CHECK_MSG(NT_SUCCESS(rcNt), ("rcNt=%#x\n", rcNt));
+    if (NT_SUCCESS(rcNt))
+        RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessImageFileNameWin32: len=%u\n    %.*ls\n",
+                      StrBuf.UniStr.Length, StrBuf.UniStr.Length, StrBuf.UniStr.Buffer);
+
+    /* Process image mapping. */
+    uPtr = ~(DWORD_PTR)0;
+    cbActual = 0;
+    rcNt = NtQueryInformationProcess(g_hProcess,
+                                     ProcessImageFileMapping,
+                                     &uPtr, sizeof(uPtr), &cbActual);
+    if (NT_SUCCESS(rcNt))
+        RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessImageFileMapping:   %p\n", uPtr);
+    else if (rcNt == STATUS_OBJECT_TYPE_MISMATCH)
+        RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessImageFileMapping:   rcNt=%#x (STATUS_OBJECT_TYPE_MISMATCH)\n", rcNt);
+    else
+        RTTestIFailed("ProcessImageFileMapping: rcNt=%#x\n", rcNt);
+
+
+    /* Handles. Broken for 64-bit input. */
+    uint32_t u32 = UINT32_MAX;
+    cbActual = 0;
+    rcNt = NtQueryInformationProcess(g_hProcess,
+                                     ProcessHandleCount,
+                                     &u32, sizeof(u32), &cbActual);
+    if (NT_SUCCESS(rcNt))
+        RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessHandleCount:        %#x (%d)\n", u32, u32);
+    else
+        RTTestIFailed("ProcessHandleCount: rcNt=%#x\n", rcNt);
+
+    /* Execute flags. */
+#if 0 /* fails... wrong process handle? */
+    u32 = ~(DWORD_PTR)0;
+    cbActual = 0;
+    rcNt = NtQueryInformationProcess(g_hProcess,
+                                     ProcessExecuteFlags,
+                                     &u32, sizeof(u32), &cbActual);
+    if (NT_SUCCESS(rcNt))
+        RTTestIPrintf(RTTESTLVL_ALWAYS, "ProcessExecuteFlags:       %#p\n", u32);
+    else
+        RTTestIFailed("ProcessExecuteFlags: rcNt=%#x\n", rcNt);
+#endif
+
+    /** @todo ProcessImageInformation */
+}
+
 
 int main()
@@ -242 +435 @@
     RTTestBanner(g_hTest);
 
-    tstQueryVirtualMemory();
+    g_hProcess = GetCurrentProcess();
+
+    //tstQueryVirtualMemory();
+    tstQueryInformationProcess();