Changeset 52163 in vbox

Timestamp:

Jul 24, 2014 11:35:26 AM (11 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

95205

Message:

SUP: Make the middle respawn process wait on both parent and child. Cleanups.

Location:

trunk

Files:

• include/iprt/nt/nt.h (modified) (3 diffs)
• src/VBox/HostDrivers/Support/SUPR3HardenedMain.cpp (modified) (2 diffs)
• src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp (modified) (3 diffs)
• src/VBox/HostDrivers/Support/win/SUPR3HardenedMain-win.cpp (modified) (20 diffs)
• src/VBox/Runtime/r3/win/ntdll-mini-implib.def (modified) (2 diffs)

trunk/include/iprt/nt/nt.h

@@ -1117 +1117 @@
 typedef FILE_FS_ATTRIBUTE_INFORMATION *PFILE_FS_ATTRIBUTE_INFORMATION;
 
+NTSYSAPI NTSTATUS NTAPI NtOpenProcess(PHANDLE, ACCESS_MASK, POBJECT_ATTRIBUTES, PCLIENT_ID);
 NTSYSAPI NTSTATUS NTAPI NtOpenProcessToken(HANDLE, ACCESS_MASK, PHANDLE);
+NTSYSAPI NTSTATUS NTAPI NtOpenThread(PHANDLE, ACCESS_MASK, POBJECT_ATTRIBUTES, PCLIENT_ID);
 NTSYSAPI NTSTATUS NTAPI NtOpenThreadToken(HANDLE, ACCESS_MASK, BOOLEAN, PHANDLE);
 
@@ -1641 +1643 @@
 typedef RTNT_SYSTEM_PROCESS_INFORMATION *PRTNT_SYSTEM_PROCESS_INFORMATION;
 #ifndef IPRT_NT_USE_WINTERNL
-typedef RTNT_SYSTEM_PROCESS_INFORMATION SYSTEM_PROCESS_INFORMATION ;
+typedef RTNT_SYSTEM_PROCESS_INFORMATION SYSTEM_PROCESS_INFORMATION;
 typedef SYSTEM_PROCESS_INFORMATION *PSYSTEM_PROCESS_INFORMATION;
 #endif
@@ -1704 +1706 @@
 NTSYSAPI NTSTATUS NTAPI NtYieldExecution(void);
 #ifndef IPRT_NT_USE_WINTERNL
-NTSYSAPI NTSTATUS NTAPI NtWaitForSingleObject(HANDLE, BOOLEAN PLARGE_INTERGER);
-#endif
+NTSYSAPI NTSTATUS NTAPI NtWaitForSingleObject(HANDLE, BOOLEAN PLARGE_INTEGER);
+#endif
+typedef enum _OBJECT_WAIT_TYPE { WaitAllObjects = 0, WaitAnyObject = 1, ObjectWaitTypeHack = 0x7fffffff } OBJECT_WAIT_TYPE;
+NTSYSAPI NTSTATUS NTAPI NtWaitForMultipleObjects(ULONG, PHANDLE, OBJECT_WAIT_TYPE, BOOLEAN, PLARGE_INTEGER);
 
 

trunk/src/VBox/HostDrivers/Support/SUPR3HardenedMain.cpp

@@ -38 +38 @@
 
 #elif RT_OS_WINDOWS
-# include <Windows.h>
+# include <iprt/nt/nt-and-windows.h>
 
 #else /* UNIXes */
@@ -230 +230 @@
 {
 #ifdef RT_OS_WINDOWS
-    DWORD cbWrittenIgn;
-    WriteFile(GetStdHandle(STD_ERROR_HANDLE), pch, (DWORD)cch, &cbWrittenIgn, NULL);
+    HANDLE hStdOut = NtCurrentPeb()->ProcessParameters->StandardOutput;
+    if (hStdOut != NULL)
+    {
+        IO_STATUS_BLOCK Ios = RTNT_IO_STATUS_BLOCK_INITIALIZER;
+        NtWriteFile(hStdOut, NULL /*Event*/, NULL /*ApcRoutine*/, NULL /*ApcContext*/,
+                    &Ios, (PVOID)pch, cch, NULL /*ByteOffset*/, NULL /*Key*/);
+    }
 #else
     (void)write(2, pch, cch);

trunk/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp

@@ -40 +40 @@
 
 #elif defined(RT_OS_WINDOWS)
-# include <Windows.h>
+# include <iprt/nt/nt-and-windows.h>
 # ifndef IN_SUP_HARDENED_R3
 #  include <stdio.h>
@@ -781 +781 @@
 #if defined(RT_OS_WINDOWS)
         LPSTR pszIgnored;
-        char szName2[RTPATH_MAX];
+        char szName2[RTPATH_MAX]; /** @todo Must use UTF-16 here! Code is mixing UTF-8 and native. */
         if (    GetFullPathName(szName, RT_ELEMENTS(szName2), &szName2[0], &pszIgnored)
             &&  GetFullPathName(pszFilename, RT_ELEMENTS(szName), &szName[0], &pszIgnored))
@@ -1713 +1713 @@
             rc = RTErrInfoSetF(pErrInfo, rc, "Error converting '%s' to UTF-16: %Rrc", pszFilename, rc);
     }
-    else if (!DuplicateHandle(GetCurrentProcess(), (HANDLE)hNativeFile, GetCurrentProcess(), &hVerify,
-                              GENERIC_READ, false /*bInheritHandle*/, 0 /*dwOptions*/))
-        hVerify = INVALID_HANDLE_VALUE;
+    else
+    {
+        NTSTATUS rcNt = NtDuplicateObject(NtCurrentProcess(), (HANDLE)hNativeFile, NtCurrentProcess(), &hVerify,
+                                          GENERIC_READ, 0 /*HandleAttributes*/, 0 /*Options*/);
+        if (!NT_SUCCESS(rcNt))
+            hVerify = INVALID_HANDLE_VALUE;
+    }
     if (hVerify != INVALID_HANDLE_VALUE)
     {

trunk/src/VBox/HostDrivers/Support/win/SUPR3HardenedMain-win.cpp

@@ -964 +964 @@
      * notifications from ending up in the debugger.
      */
-    rcNt = NtSetInformationThread(GetCurrentThread(), ThreadHideFromDebugger, NULL, 0);
+    rcNt = NtSetInformationThread(NtCurrentThread(), ThreadHideFromDebugger, NULL, 0);
     if (!NT_SUCCESS(rcNt))
         supR3HardenedFatalMsg("supR3HardenedWinInstallHooks", kSupInitOp_Misc, VERR_GENERAL_FAILURE,
@@ -1064 +1064 @@
 
         DWORD dwOldProt;
-        SUPR3HARDENED_ASSERT_WIN32_SUCCESS(VirtualProtectEx(GetCurrentProcess(), pbNtCreateSection, 16,
+        SUPR3HARDENED_ASSERT_WIN32_SUCCESS(VirtualProtectEx(NtCurrentProcess(), pbNtCreateSection, 16,
                                                             PAGE_EXECUTE_READWRITE, &dwOldProt));
         pbNtCreateSection[0] = 0xff;
@@ -1070 +1070 @@
         *(uint32_t *)&pbNtCreateSection[2] = (uint32_t)((uintptr_t)puJmpTab - (uintptr_t)&pbNtCreateSection[2+4]);
 
-        SUPR3HARDENED_ASSERT_WIN32_SUCCESS(VirtualProtectEx(GetCurrentProcess(), pbNtCreateSection, 16,
+        SUPR3HARDENED_ASSERT_WIN32_SUCCESS(VirtualProtectEx(NtCurrentProcess(), pbNtCreateSection, 16,
                                                             PAGE_EXECUTE_READ, &dwOldProt));
         return;
@@ -1142 +1142 @@
 
         DWORD dwOldProt;
-        SUPR3HARDENED_ASSERT_WIN32_SUCCESS(VirtualProtectEx(GetCurrentProcess(), pbNtCreateSection, 16,
+        SUPR3HARDENED_ASSERT_WIN32_SUCCESS(VirtualProtectEx(NtCurrentProcess(), pbNtCreateSection, 16,
                                                             PAGE_EXECUTE_READWRITE, &dwOldProt));
         pbNtCreateSection[0] = 0xe9;
@@ -1148 +1148 @@
                                            - (uintptr_t)&pbNtCreateSection[1+4];
 
-        SUPR3HARDENED_ASSERT_WIN32_SUCCESS(VirtualProtectEx(GetCurrentProcess(), pbNtCreateSection, 16,
+        SUPR3HARDENED_ASSERT_WIN32_SUCCESS(VirtualProtectEx(NtCurrentProcess(), pbNtCreateSection, 16,
                                                             PAGE_EXECUTE_READ, &dwOldProt));
         return;
@@ -1173 +1173 @@
 {
     RTErrInfoInitStatic(&g_ErrInfoStatic);
-    int rc = supHardenedWinVerifyProcess(GetCurrentProcess(), GetCurrentThread(), &g_ErrInfoStatic.Core);
+    int rc = supHardenedWinVerifyProcess(NtCurrentProcess(), NtCurrentThread(), &g_ErrInfoStatic.Core);
     if (RT_FAILURE(rc))
         supR3HardenedFatalMsg("supR3HardenedWinVerifyProcess", kSupInitOp_Integrity, rc,
@@ -1192 +1192 @@
 {
     HANDLE hToken;
-    SUPR3HARDENED_ASSERT_NT_SUCCESS(NtOpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken));
+    SUPR3HARDENED_ASSERT_NT_SUCCESS(NtOpenProcessToken(NtCurrentProcess(), TOKEN_QUERY, &hToken));
     union
     {
@@ -1359 +1359 @@
 
 /**
- * Construct the new command line.  Since argc/argv are both derived from
- * GetCommandLineW (see suplibHardenedWindowsMain), we skip the argument
- * by argument UTF-8 -> UTF-16 conversion and quoting by going to the
- * original source.
+ * Construct the new command line.
+ *
+ * Since argc/argv are both derived from GetCommandLineW (see
+ * suplibHardenedWindowsMain), we skip the argument by argument UTF-8 -> UTF-16
+ * conversion and quoting by going to the original source.
  *
  * The executable name, though, is replaced in case it's not a fullly
@@ -1384 +1385 @@
      * Get the command line and skip the executable name.
      */
-    PCRTUTF16 pwszArgs = GetCommandLineW();
+    PUNICODE_STRING pCmdLineStr = &NtCurrentPeb()->ProcessParameters->CommandLine;
+    PCRTUTF16 pawcArgs = pCmdLineStr->Buffer;
+    uint32_t  cwcArgs  = pCmdLineStr->Length / sizeof(WCHAR);
 
     /* Skip leading space (shouldn't be any, but whatever). */
-    while (suplibCommandLineIsArgSeparator(*pwszArgs))
-        pwszArgs++;
-    SUPR3HARDENED_ASSERT(*pwszArgs != '\0');
+    while (cwcArgs > 0 && suplibCommandLineIsArgSeparator(*pawcArgs) )
+        cwcArgs--, pawcArgs++;
+    SUPR3HARDENED_ASSERT(cwcArgs > 0 && *pawcArgs != '\0');
 
     /* Walk to the end of it. */
@@ -1395 +1398 @@
     do
     {
-        if (*pwszArgs == '"')
+        if (*pawcArgs == '"')
         {
             fQuoted = !fQuoted;
-            pwszArgs++;
+            cwcArgs--; pawcArgs++;
         }
-        else if (*pwszArgs != '\\' || (pwszArgs[1] != '\\' && pwszArgs[1] != '"'))
-            pwszArgs++;
+        else if (*pawcArgs != '\\' || (pawcArgs[1] != '\\' && pawcArgs[1] != '"'))
+            cwcArgs--, pawcArgs++;
         else
         {
             unsigned cSlashes = 0;
             do
+            {
                 cSlashes++;
-            while (*++pwszArgs == '\\');
-            if (*pwszArgs == '"' && (cSlashes & 1))
-                pwszArgs++; /* odd number of slashes == escaped quote */
+                cwcArgs--;
+                pawcArgs++;
+            }
+            while (cwcArgs > 0 && *pawcArgs == '\\');
+            if (cwcArgs > 0 && *pawcArgs == '"' && (cSlashes & 1))
+                cwcArgs--, pawcArgs++; /* odd number of slashes == escaped quote */
         }
-    } while (*pwszArgs && (fQuoted || !suplibCommandLineIsArgSeparator(*pwszArgs)));
+    } while (cwcArgs > 0 && (fQuoted || !suplibCommandLineIsArgSeparator(*pawcArgs)));
 
     /* Skip trailing spaces. */
-    while (suplibCommandLineIsArgSeparator(*pwszArgs))
-        pwszArgs++;
+    while (cwcArgs > 0 && suplibCommandLineIsArgSeparator(*pawcArgs))
+        cwcArgs--, pawcArgs++;
 
     /*
@@ -1421 +1428 @@
      */
     AssertCompile(sizeof(SUPR3_RESPAWN_1_ARG0) == sizeof(SUPR3_RESPAWN_2_ARG0));
-    size_t cwcArgs    = suplibHardenedWStrLen(pwszArgs);
     size_t cwcCmdLine = (sizeof(SUPR3_RESPAWN_1_ARG0) - 1) / sizeof(SUPR3_RESPAWN_1_ARG0[0]) /* Respawn exe name. */
                       + !!cwcArgs + cwcArgs; /* if arguments present, add space + arguments. */
@@ -1441 +1447 @@
     {
         *pwszDst++ = ' ';
-        suplibHardenedMemCopy(pwszDst, pwszArgs, cwcArgs * sizeof(RTUTF16));
+        suplibHardenedMemCopy(pwszDst, pawcArgs, cwcArgs * sizeof(RTUTF16));
         pwszDst += cwcArgs;
     }
@@ -2115 +2121 @@
  * Does the actually respawning.
  *
- * @returns Exit code (if we get that far).
+ * @returns Never, will call exit or raise fatal error.
+ * @param   iWhich              Which respawn we're to check for, 1 being the
+ *                              first one, and 2 the second and final.
+ *
+ * @todo    Split up this function.
  */
 static int supR3HardenedWinDoReSpawn(int iWhich)
 {
+    NTSTATUS                        rcNt;
+    PPEB                            pPeb              = NtCurrentPeb();
+    PRTL_USER_PROCESS_PARAMETERS    pParentProcParams = pPeb->ProcessParameters;
+
     SUPR3HARDENED_ASSERT(g_cSuplibHardenedWindowsMainCalls == 1);
 
@@ -2150 +2164 @@
 
     SiEx.StartupInfo.dwFlags |= STARTF_USESTDHANDLES;
-    SiEx.StartupInfo.hStdInput  = GetStdHandle(STD_INPUT_HANDLE);
-    SiEx.StartupInfo.hStdOutput = GetStdHandle(STD_OUTPUT_HANDLE);
-    SiEx.StartupInfo.hStdError  = GetStdHandle(STD_ERROR_HANDLE);
+    SiEx.StartupInfo.hStdInput  = pParentProcParams->StandardInput;
+    SiEx.StartupInfo.hStdOutput = pParentProcParams->StandardOutput;
+    SiEx.StartupInfo.hStdError  = pParentProcParams->StandardError;
 
     /*
@@ -2205 +2219 @@
 
     /** @todo this doesn't work. :-( */
-    PPEB                            pPeb              = NtCurrentPeb();
-    PRTL_USER_PROCESS_PARAMETERS    pParentProcParams = pPeb->ProcessParameters;
     pProcParams->ConsoleHandle  = pParentProcParams->ConsoleHandle;
     pProcParams->ConsoleFlags   = pParentProcParams->ConsoleFlags;
@@ -2214 +2226 @@
 
     RTL_USER_PROCESS_INFORMATION ProcessInfoNt = { sizeof(ProcessInfoNt) };
-    NTSTATUS rcNt = RtlCreateUserProcess(&g_SupLibHardenedExeNtPath.UniStr,
-                                         OBJ_INHERIT | OBJ_CASE_INSENSITIVE /*Attributes*/,
-                                         pProcParams,
-                                         NULL, //&ProcessSecAttrs,
-                                         NULL, //&ThreadSecAttrs,
-                                         NtCurrentProcess() /* ParentProcess */,
-                                         FALSE /*fInheritHandles*/,
-                                         NULL /* DebugPort */,
-                                         NULL /* ExceptionPort */,
-                                         &ProcessInfoNt);
+    rcNt = RtlCreateUserProcess(&g_SupLibHardenedExeNtPath.UniStr,
+                                OBJ_INHERIT | OBJ_CASE_INSENSITIVE /*Attributes*/,
+                                pProcParams,
+                                NULL, //&ProcessSecAttrs,
+                                NULL, //&ThreadSecAttrs,
+                                NtCurrentProcess() /* ParentProcess */,
+                                FALSE /*fInheritHandles*/,
+                                NULL /* DebugPort */,
+                                NULL /* ExceptionPort */,
+                                &ProcessInfoNt);
     if (!NT_SUCCESS(rcNt))
         supR3HardenedFatalMsg("supR3HardenedWinReSpawn", kSupInitOp_Misc, VERR_INVALID_NAME,
@@ -2259 +2271 @@
     SUPR3HARDENED_ASSERT_NT_SUCCESS(NtClose(hThread));
 
+    PROCESS_BASIC_INFORMATION BasicInfo;
     HANDLE hProcWait;
-    DWORD dwRights = SYNCHRONIZE;
+    ULONG fRights = SYNCHRONIZE;
     if (g_uNtVerCombined >= SUP_MAKE_NT_VER_SIMPLE(6, 0)) /* Introduced in Vista. */
-        dwRights |= PROCESS_QUERY_LIMITED_INFORMATION;
+        fRights |= PROCESS_QUERY_LIMITED_INFORMATION;
     else
-        dwRights |= PROCESS_QUERY_INFORMATION;
-    if (!DuplicateHandle(GetCurrentProcess(),
-                         hProcess,
-                         GetCurrentProcess(),
-                         &hProcWait,
-                         SYNCHRONIZE,
-                         FALSE /*fInheritHandle*/,
-                         0))
-    {
-        /* This is unacceptable, kill the process. */
+        fRights |= PROCESS_QUERY_INFORMATION;
+    rcNt = NtDuplicateObject(NtCurrentProcess(), hProcess,
+                             NtCurrentProcess(), &hProcWait,
+                             fRights, 0 /*HandleAttributes*/, 0);
+    if (rcNt == STATUS_ACCESS_DENIED)
+        rcNt = NtDuplicateObject(NtCurrentProcess(), hProcess,
+                                 NtCurrentProcess(), &hProcWait,
+                                 SYNCHRONIZE, 0 /*HandleAttributes*/, 0);
+    if (!NT_SUCCESS(rcNt))
+    {
+        /* Failure is unacceptable, kill the process. */
         DWORD dwErr = GetLastError();
         NtTerminateProcess(hProcess, RTEXITCODE_FAILURE);
-        supR3HardenedError(dwErr, false /*fFatal*/, "DuplicateHandle failed on child process handle: %u\n", dwErr);
-
-        DWORD dwExit;
-        BOOL fExitOk = GetExitCodeProcess(hProcess, &dwExit)
-                    && dwExit != STILL_ACTIVE;
+        supR3HardenedError(dwErr, false /*fFatal*/, "NtDuplicateObject failed on child process handle: %u\n", dwErr);
+
+        NTSTATUS rcNtExit = NtQueryInformationProcess(hProcess, ProcessBasicInformation, &BasicInfo, sizeof(BasicInfo), NULL);
+        bool fExitOk = NT_SUCCESS(rcNtExit) && BasicInfo.ExitStatus != STATUS_PENDING;
         if (!fExitOk)
         {
+            NTSTATUS rcNtWait;
             DWORD dwStartTick = GetTickCount();
-            DWORD dwWait;
             do
             {
                 NtTerminateProcess(hProcess, DBG_TERMINATE_PROCESS);
-                dwWait  = WaitForSingleObject(hProcess, 1000);
-                fExitOk = GetExitCodeProcess(hProcess, &dwExit)
-                       && dwExit != STILL_ACTIVE;
+
+                LARGE_INTEGER Timeout;
+                Timeout.QuadPart = -20000000; /* 2 second */
+                rcNtWait = NtWaitForSingleObject(hProcess, TRUE /*Alertable*/, &Timeout);
+
+                rcNtExit = NtQueryInformationProcess(hProcess, ProcessBasicInformation, &BasicInfo, sizeof(BasicInfo), NULL);
+                fExitOk = NT_SUCCESS(rcNtExit) && BasicInfo.ExitStatus != STATUS_PENDING;
             } while (   !fExitOk
-                     && (dwWait == WAIT_TIMEOUT || dwWait == WAIT_IO_COMPLETION)
+                     && (   rcNtWait == STATUS_TIMEOUT
+                         || rcNtWait == STATUS_USER_APC
+                         || rcNtWait == STATUS_ALERTED)
                      && GetTickCount() - dwStartTick < 60 * 1000);
             if (fExitOk)
                 supR3HardenedError(dwErr, false /*fFatal*/,
-                                   "DuplicateHandle failed and we failed to kill child: dwErr=%u dwWait=%u err=%u hProcess=%p\n",
-                                   dwErr, dwWait, GetLastError(), hProcess);
+                                   "NtDuplicateObject failed and we failed to kill child: rcNt=%u rcNtWait=%u hProcess=%p\n",
+                                   rcNt, rcNtWait, hProcess);
         }
         supR3HardenedFatalMsg("supR3HardenedWinReSpawn", kSupInitOp_Misc, VERR_INVALID_NAME,
-                              "DuplicateHandle failed on child process handle: %u\n", dwErr);
+                              "NtDuplicateObject failed on child process handle: %#x\n", rcNt);
     }
 
@@ -2307 +2326 @@
 
     /*
-     * Wait for the process to terminate and proxy the termination code.
-     */
-    for (;;)
-    {
-        SetLastError(NO_ERROR);
-        DWORD dwWait = WaitForSingleObject(hProcWait, INFINITE);
-        if (   dwWait == WAIT_OBJECT_0
-            || dwWait == WAIT_ABANDONED_0)
-            break;
-        if (   dwWait != WAIT_TIMEOUT
-            && dwWait != WAIT_IO_COMPLETION)
-            supR3HardenedFatal("WaitForSingleObject returned %#x (last error %#x)\n", dwWait, GetLastError());
-    }
-
-    DWORD dwExit;
-    if (   !GetExitCodeProcess(hProcWait, &dwExit)
-        || dwExit == STILL_ACTIVE)
-        dwExit = RTEXITCODE_FAILURE;
+     * If this is the middle process, wait for both parent and child to quit.
+     */
+    HANDLE hParent = NULL;
+    if (iWhich > 1)
+    {
+        rcNt = NtQueryInformationProcess(NtCurrentProcess(), ProcessBasicInformation, &BasicInfo, sizeof(BasicInfo), NULL);
+        if (NT_SUCCESS(rcNt))
+        {
+            OBJECT_ATTRIBUTES ObjAttr;
+            InitializeObjectAttributes(&ObjAttr, NULL, 0, NULL /*hRootDir*/, NULL /*pSecDesc*/);
+
+            CLIENT_ID ClientId;
+            ClientId.UniqueProcess = (HANDLE)BasicInfo.InheritedFromUniqueProcessId;
+            ClientId.UniqueThread  = NULL;
+
+            rcNt = NtOpenProcess(&hParent, SYNCHRONIZE | PROCESS_QUERY_INFORMATION, &ObjAttr, &ClientId);
+        }
+#ifdef DEBUG
+        SUPR3HARDENED_ASSERT_NT_SUCCESS(rcNt);
+#endif
+    }
+
+    if (hParent != NULL)
+    {
+        for (;;)
+        {
+            HANDLE ahHandles[2] = { hProcWait, hParent };
+            rcNt = NtWaitForMultipleObjects(2, &ahHandles[0], WaitAnyObject, TRUE /*Alertable*/, NULL /*pTimeout*/);
+            if (   rcNt == STATUS_WAIT_0
+                || rcNt == STATUS_WAIT_0 + 1
+                || rcNt == STATUS_ABANDONED_WAIT_0
+                || rcNt == STATUS_ABANDONED_WAIT_0 + 1)
+                break;
+            if (   rcNt != STATUS_TIMEOUT
+                && rcNt != STATUS_USER_APC
+                && rcNt != STATUS_ALERTED)
+                supR3HardenedFatal("NtWaitForMultipleObjects returned %#x\n", rcNt);
+        }
+        NtClose(hParent);
+    }
+    else
+    {
+        /*
+         * Wait for the process to terminate.
+         */
+        for (;;)
+        {
+            rcNt = NtWaitForSingleObject(hProcWait, TRUE /*Alertable*/, NULL /*pTimeout*/);
+            if (   rcNt == STATUS_WAIT_0
+                || rcNt == STATUS_ABANDONED_WAIT_0)
+                break;
+            if (   rcNt != STATUS_TIMEOUT
+                && rcNt != STATUS_USER_APC
+                && rcNt != STATUS_ALERTED)
+                supR3HardenedFatal("NtWaitForSingleObject returned %#x\n", rcNt);
+        }
+    }
+
+    /*
+     * Proxy the termination code of the child, if it exited already.
+     */
+    rcNt = NtQueryInformationProcess(hProcWait, ProcessBasicInformation, &BasicInfo, sizeof(BasicInfo), NULL);
+    if (   !NT_SUCCESS(rcNt)
+        || BasicInfo.ExitStatus == STATUS_PENDING)
+        BasicInfo.ExitStatus = RTEXITCODE_FAILURE;
 
     NtClose(hProcWait);
-    suplibHardenedExit((RTEXITCODE)dwExit);
+    suplibHardenedExit((RTEXITCODE)BasicInfo.ExitStatus);
 }
 
@@ -2587 +2653 @@
  *
  * @returns Pointer to the argument array.
- * @param   pwszCmdLine         The UTF-16 windows command line to parse.
+ * @param   pawcCmdLine         The UTF-16 windows command line to parse.
+ * @param   cwcCmdLine          The length of the command line.
  * @param   pcArgs              Where to return the number of arguments.
  */
-static char **suplibCommandLineToArgvWStub(PCRTUTF16 pwszCmdLine, int *pcArgs)
+static char **suplibCommandLineToArgvWStub(PCRTUTF16 pawcCmdLine, size_t cwcCmdLine, int *pcArgs)
 {
     /*
      * Convert the command line string to UTF-8.
      */
-    char *pszCmdLine;
-    SUPR3HARDENED_ASSERT(RT_SUCCESS(RTUtf16ToUtf8(pwszCmdLine, &pszCmdLine)));
+    char *pszCmdLine = NULL;
+    SUPR3HARDENED_ASSERT(RT_SUCCESS(RTUtf16ToUtf8Ex(pawcCmdLine, cwcCmdLine, &pszCmdLine, 0, NULL)));
 
     /*
@@ -2725 +2792 @@
      * Convert the arguments to UTF-8 and call the C/C++ main function.
      */
-    int    cArgs;
-    char **papszArgs = suplibCommandLineToArgvWStub(GetCommandLineW(), &cArgs);
+    PUNICODE_STRING pCmdLineStr = &NtCurrentPeb()->ProcessParameters->CommandLine;
+    int             cArgs;
+    char **papszArgs = suplibCommandLineToArgvWStub(pCmdLineStr->Buffer, pCmdLineStr->Length / sizeof(WCHAR), &cArgs);
 
     rcExit = (RTEXITCODE)main(cArgs, papszArgs, NULL);

trunk/src/VBox/Runtime/r3/win/ntdll-mini-implib.def

@@ -45 +45 @@
     NtOpenProcess                         ;;= _NtOpenProcess@16
     NtOpenProcessToken                    ;;= _NtOpenProcessToken@12
+    NtOpenThread                          ;;= _NtOpenThread@16
     NtOpenThreadToken                     ;;= _NtOpenThreadToken@16
     NtProtectVirtualMemory                ;;= _NtProtectVirtualMemory@20
@@ -73 +74 @@
     NtUnmapViewOfSection                  ;;= _NtUnmapViewOfSection@8
     NtWaitForSingleObject                 ;;= _NtWaitForSingleObject@12
+    NtWaitForMultipleObjects              ;;= _NtWaitForMultipleObjects@20
     NtWriteFile                           ;;= _NtWriteFile@36
     NtWriteVirtualMemory                  ;;= _NtWriteVirtualMemory@20