Changeset 96502 in vbox

Timestamp:

Aug 25, 2022 10:36:36 PM (2 years ago)

Author:

vboxsync

Message:

Add/VBoxService: Replaced GetVersionEx calls with RTSystemGetNtVersion, so we don't need the IPRT fallback code for ancient NT versions that doesn't have that API. Checked out the KB970910 description against what we're doing with the API, and found that it shouldn't affect us, so RDP detection can run on all systems that have a WTSQuerySessionInformation API. Corrected QueryFullProcessImageNameW/GetModuleFileNameExW calls. bugref:10162

Location:

trunk/src/VBox/Additions/common/VBoxService

Files:

• VBoxService.cpp (modified) (1 diff)
• VBoxServiceControlProcess.cpp (modified) (3 diffs)
• VBoxServiceVMInfo-win.cpp (modified) (9 diffs)

trunk/src/VBox/Additions/common/VBoxService/VBoxService.cpp

@@ -1201 +1201 @@
     OSInfoEx.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX);
 
+
     SetLastError(NO_ERROR);
     HANDLE hMutexAppRunning;
-    if (    GetVersionEx((LPOSVERSIONINFO)&OSInfoEx)
-        &&  OSInfoEx.dwPlatformId == VER_PLATFORM_WIN32_NT
-        &&  OSInfoEx.dwMajorVersion >= 5 /* NT 5.0 a.k.a W2K */)
-        hMutexAppRunning = CreateMutex(NULL, FALSE, "Global\\" VBOXSERVICE_NAME);
+    if (RTSystemGetNtVersion() >= RTSYSTEM_MAKE_NT_VERSION(5,0,0)) /* Windows 2000 */
+        hMutexAppRunning = CreateMutexW(NULL, FALSE, L"Global\\" VBOXSERVICE_NAME);
     else
-        hMutexAppRunning = CreateMutex(NULL, FALSE, VBOXSERVICE_NAME);
+        hMutexAppRunning = CreateMutexW(NULL, FALSE, RT_CONCAT(L,VBOXSERVICE_NAME));
     if (hMutexAppRunning == NULL)
     {

trunk/src/VBox/Additions/common/VBoxService/VBoxServiceControlProcess.cpp

@@ -44 +44 @@
 #include <iprt/string.h>
 #include <iprt/string.h>
+#include <iprt/system.h>
 #include <iprt/thread.h>
 
@@ -1297 +1298 @@
          * so detect the OS and use a different path.
          */
-        OSVERSIONINFOEX OSInfoEx;
-        RT_ZERO(OSInfoEx);
-        OSInfoEx.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX);
-        BOOL fRet = GetVersionEx((LPOSVERSIONINFO) &OSInfoEx);
-        if (    fRet
-            &&  OSInfoEx.dwPlatformId == VER_PLATFORM_WIN32_NT
-            &&  OSInfoEx.dwMajorVersion >= 6 /* Vista or later */)
+        if (RTSystemGetNtVersion() >= RTSYSTEM_MAKE_NT_VERSION(6,0,0) /* Vista and later */)
         {
             rc = RTEnvGetEx(RTENV_DEFAULT, "windir", szSysprepCmd, sizeof(szSysprepCmd), NULL);
@@ -1326 +1321 @@
                 VGSvcError("Failed to detect sysrep location, rc=%Rrc\n", rc);
         }
-        else if (!fRet)
-            VGSvcError("Failed to retrieve OS information, last error=%ld\n", GetLastError());
 
         VGSvcVerbose(3, "Sysprep executable is: %s\n", szSysprepCmd);

trunk/src/VBox/Additions/common/VBoxService/VBoxServiceVMInfo-win.cpp

@@ -144 +144 @@
 /** @} */
 
-/** Windows version.  */
-static OSVERSIONINFOEXA                         g_WinVersion;
-
 
 /**
@@ -157 +154 @@
     /* SECUR32 */
     RTLDRMOD hLdrMod;
-    int rc = RTLdrLoadSystem("secur32.dll", true, &hLdrMod);
+    int rc = RTLdrLoadSystem("secur32.dll", true /*fNoUnload*/, &hLdrMod);
     if (RT_SUCCESS(rc))
     {
@@ -174 +171 @@
         g_pfnLsaEnumerateLogonSessions = NULL;
         g_pfnLsaFreeReturnBuffer = NULL;
-        Assert(g_WinVersion.dwMajorVersion < 5);
+        Assert(RTSystemGetNtVersion() < RTSYSTEM_MAKE_NT_VERSION(5, 0, 0));
     }
 
     /* WTSAPI32 */
-    rc = RTLdrLoadSystem("wtsapi32.dll", true, &hLdrMod);
+    rc = RTLdrLoadSystem("wtsapi32.dll", true /*fNoUnload*/, &hLdrMod);
     if (RT_SUCCESS(rc))
     {
@@ -192 +189 @@
         g_pfnWTSFreeMemory = NULL;
         g_pfnWTSQuerySessionInformationA = NULL;
-        Assert(g_WinVersion.dwMajorVersion < 5);
+        Assert(RTSystemGetNtVersion() < RTSYSTEM_MAKE_NT_VERSION(5, 0, 0));
     }
 
     /* PSAPI */
-    rc = RTLdrLoadSystem("psapi.dll", true, &hLdrMod);
+    rc = RTLdrLoadSystem("psapi.dll", true /*fNoUnload*/, &hLdrMod);
     if (RT_SUCCESS(rc))
     {
@@ -210 +207 @@
         g_pfnEnumProcesses = NULL;
         g_pfnGetModuleFileNameExW = NULL;
-        Assert(g_WinVersion.dwMajorVersion < 5);
+        Assert(RTSystemGetNtVersion() < RTSYSTEM_MAKE_NT_VERSION(5, 0, 0));
     }
 
     /* Kernel32: */
-    rc = RTLdrLoadSystem("kernel32.dll", true, &hLdrMod);
+    rc = RTLdrLoadSystem("kernel32.dll", true /*fNoUnload*/, &hLdrMod);
     AssertRCReturn(rc, rc);
     rc = RTLdrGetSymbol(hLdrMod, "QueryFullProcessImageNameW", (void **)&g_pfnQueryFullProcessImageNameW);
     if (RT_FAILURE(rc))
     {
-        Assert(g_WinVersion.dwMajorVersion < 6);
+        Assert(RTSystemGetNtVersion() < RTSYSTEM_MAKE_NT_VERSION(6, 0, 0));
         g_pfnQueryFullProcessImageNameW = NULL;
     }
     RTLdrClose(hLdrMod);
-
-    /*
-     * Get the extended windows version once and for all.
-     */
-    g_WinVersion.dwOSVersionInfoSize = sizeof(g_WinVersion);
-    if (!GetVersionExA((OSVERSIONINFO *)&g_WinVersion))
-    {
-        RT_ZERO(g_WinVersion);
-        g_WinVersion.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
-        if (!GetVersionExA((OSVERSIONINFO *)&g_WinVersion))
-        {
-            AssertFailed();
-            RT_ZERO(g_WinVersion);
-        }
-    }
 
     return VINF_SUCCESS;
@@ -245 +227 @@
 static bool vgsvcVMInfoSession0Separation(void)
 {
-    return g_WinVersion.dwPlatformId == VER_PLATFORM_WIN32_NT
-        && g_WinVersion.dwMajorVersion >= 6; /* Vista = 6.0 */
+    return RTSystemGetNtVersion() >= RTSYSTEM_MAKE_NT_VERSION(6, 0, 0); /* Vista */
 }
 
@@ -255 +236 @@
  * @return  IPRT status code.
  */
-static int vgsvcVMInfoWinProcessesGetModuleNameA(PVBOXSERVICEVMINFOPROC const pProc, PRTUTF16 *ppszName)
-{
+static int vgsvcVMInfoWinProcessesGetModuleNameW(PVBOXSERVICEVMINFOPROC const pProc, PRTUTF16 *ppszName)
+{
+    *ppszName = NULL;
+    AssertPtrReturn(ppszName, VERR_INVALID_POINTER);
     AssertPtrReturn(pProc, VERR_INVALID_POINTER);
-    AssertPtrReturn(ppszName, VERR_INVALID_POINTER);
-
-    /** @todo Only do this once. Later. */
-    /* Platform other than NT (e.g. Win9x) not supported. */
-    if (g_WinVersion.dwPlatformId != VER_PLATFORM_WIN32_NT)
-        return VERR_NOT_SUPPORTED;
-
-    int rc = VINF_SUCCESS;
-
+    AssertReturn(g_pfnGetModuleFileNameExW || g_pfnQueryFullProcessImageNameW, VERR_NOT_SUPPORTED);
+
+    /*
+     * Open the process.
+     */
     DWORD dwFlags = PROCESS_QUERY_INFORMATION | PROCESS_VM_READ;
-    if (g_WinVersion.dwMajorVersion >= 6 /* Vista or later */)
+    if (RTSystemGetNtVersion() >= RTSYSTEM_MAKE_NT_VERSION(6, 0, 0)) /* Vista and later */
         dwFlags = PROCESS_QUERY_LIMITED_INFORMATION; /* possible to do on more processes */
 
-    HANDLE h = OpenProcess(dwFlags, FALSE, pProc->id);
-    if (h == NULL)
+    HANDLE hProcess = OpenProcess(dwFlags, FALSE, pProc->id);
+    if (hProcess == NULL)
     {
         DWORD dwErr = GetLastError();
         if (g_cVerbosity)
             VGSvcError("Unable to open process with PID=%u, error=%u\n", pProc->id, dwErr);
+        return RTErrConvertFromWin32(dwErr);
+    }
+
+    /*
+     * Since GetModuleFileNameEx has trouble with cross-bitness stuff (32-bit apps
+     * cannot query 64-bit apps and vice verse) we have to use a different code
+     * path for Vista and up.
+     *
+     * So use QueryFullProcessImageNameW when available (Vista+), fall back on
+     * GetModuleFileNameExW on older windows version (
+     */
+    WCHAR wszName[_1K];
+    DWORD dwLen = _1K;
+    BOOL  fRc;
+    if (g_pfnQueryFullProcessImageNameW)
+        fRc = g_pfnQueryFullProcessImageNameW(hProcess, 0 /*PROCESS_NAME_NATIVE*/, wszName, &dwLen);
+    else
+        fRc = g_pfnGetModuleFileNameExW(hProcess, NULL /* Get main executable */, wszName, dwLen);
+
+    int rc;
+    if (fRc)
+        rc = RTUtf16DupEx(ppszName, wszName, 0);
+    else
+    {
+        DWORD dwErr = GetLastError();
+        if (g_cVerbosity > 3)
+            VGSvcError("Unable to retrieve process name for PID=%u, LastError=%Rwc\n", pProc->id, dwErr);
         rc = RTErrConvertFromWin32(dwErr);
     }
-    else
-    {
-        /* Since GetModuleFileNameEx has trouble with cross-bitness stuff (32-bit apps cannot query 64-bit
-           apps and vice verse) we have to use a different code path for Vista and up. */
-        WCHAR wszName[_1K];
-        DWORD dwLen = sizeof(wszName); /** @todo r=bird: wrong? */
-
-        /* Use QueryFullProcessImageNameW if available (Vista+). */
-        if (g_pfnQueryFullProcessImageNameW)
-        {
-            if (!g_pfnQueryFullProcessImageNameW(h, 0 /*PROCESS_NAME_NATIVE*/, wszName, &dwLen))
-                rc = VERR_ACCESS_DENIED;
-        }
-        else if (!g_pfnGetModuleFileNameExW(h, NULL /* Get main executable */, wszName, dwLen))
-            rc = VERR_ACCESS_DENIED;
-
-        if (   RT_FAILURE(rc)
-            && g_cVerbosity > 3)
-           VGSvcError("Unable to retrieve process name for PID=%u, error=%u\n", pProc->id, GetLastError());
-        else
-        {
-            PRTUTF16 pszName = RTUtf16Dup(wszName);
-            if (pszName)
-                *ppszName = pszName;
-            else
-                rc = VERR_NO_MEMORY;
-        }
-
-        CloseHandle(h);
-    }
-
+
+    CloseHandle(hProcess);
     return rc;
 }
@@ -697 +674 @@
                 {
                     PRTUTF16 pszName;
-                    int rc2 = vgsvcVMInfoWinProcessesGetModuleNameA(&paProcs[i], &pszName);
+                    int rc2 = vgsvcVMInfoWinProcessesGetModuleNameW(&paProcs[i], &pszName);
                     VGSvcVerbose(4, "Session %RU32: PID=%u (fInt=%RTbool): %ls\n",
                                  pSessionData->Session, paProcs[i].id, paProcs[i].fInteractive,
@@ -867 +844 @@
                              pSessionData->LogonId.LowPart, pUserInfo->wszAuthenticationPackage, pUserInfo->wszLogonDomain);
 
-                /**
-                 * Note: On certain Windows OSes WTSQuerySessionInformation leaks memory when used
-                 * under a heavy stress situation. There are hotfixes available from Microsoft.
+                /* KB970910 (check http://support.microsoft.com/kb/970910 on archive.org)
+                 * indicates that WTSQuerySessionInformation may leak memory and return the
+                 * wrong status code for WTSApplicationName and WTSInitialProgram queries.
                  *
-                 * See: http://support.microsoft.com/kb/970910
+                 * The system must be low on resources, and presumably some internal operation
+                 * must fail because of this, triggering an error handling path that forgets
+                 * to free memory and set last error.
+                 *
+                 * bird 2022-08-26: However, we do not query either of those info items.  We
+                 * query WTSConnectState, which is a rather simple affair.  So, I've
+                 * re-enabled the code for all systems that includes the API.
                  */
                 if (!s_fSkipRDPDetection)
                 {
-                    /* Skip RDP detection on non-NT systems. */
-                    if (g_WinVersion.dwPlatformId != VER_PLATFORM_WIN32_NT)
-                        s_fSkipRDPDetection = true;
-
-                    /* Skip RDP detection on Windows 2000.
-                     * For Windows 2000 however we don't have any hotfixes, so just skip the
-                     * RDP detection in any case. */
-                    if (   g_WinVersion.dwMajorVersion == 5
-                        && g_WinVersion.dwMinorVersion == 0)
-                        s_fSkipRDPDetection = true;
-
                     /* Skip if we don't have the WTS API. */
                     if (!g_pfnWTSQuerySessionInformationA)
                         s_fSkipRDPDetection = true;
-
+#if 0 /* bird: see above */
+                    /* Skip RDP detection on Windows 2000 and older.
+                       For Windows 2000 however we don't have any hotfixes, so just skip the
+                       RDP detection in any case. */
+                    else if (RTSystemGetNtVersion() < RTSYSTEM_MAKE_NT_VERSION(5, 1, 0)) /* older than XP */
+                        s_fSkipRDPDetection = true;
+#endif
                     if (s_fSkipRDPDetection)
                         VGSvcVerbose(0, "Detection of logged-in users via RDP is disabled\n");