https://git.reactos.org/?p=reactos.git;a=commitdiff;h=5fa4fd7bef455cc9fb44214a890f34d35a3582b4
commit 5fa4fd7bef455cc9fb44214a890f34d35a3582b4 Author: Timo Kreuzer <[email protected]> AuthorDate: Sat Sep 21 12:46:01 2019 +0200 Commit: Timo Kreuzer <[email protected]> CommitDate: Fri Jan 3 13:00:45 2020 +0100 [RTL][NTDLL] Add some function stubs - LdrSetAppCompatDllRedirectionCallback - RtlCancelTimer - RtlCreateServiceSid - RtlQueryProcessHeapInformation - RtlQueueApcWow64Thread - RtlSetTimer - RtlUnhandledExceptionFilter2 - RtlpNotOwnerCriticalSection --- dll/ntdll/def/ntdll.spec | 15 ++++++++------- dll/ntdll/include/ntdllp.h | 10 ++++++++++ dll/ntdll/ldr/ldrapi.c | 15 +++++++++++++++ sdk/lib/rtl/amd64/stubs.c | 12 ++++++++++++ sdk/lib/rtl/critical.c | 7 +++++++ sdk/lib/rtl/exception.c | 15 +++++++++++++++ sdk/lib/rtl/heap.c | 16 ++++++++++++++++ sdk/lib/rtl/i386/thread.c | 16 ++++++++++++++++ sdk/lib/rtl/sid.c | 14 ++++++++++++++ sdk/lib/rtl/timerqueue.c | 30 ++++++++++++++++++++++++++++++ 10 files changed, 143 insertions(+), 7 deletions(-) diff --git a/dll/ntdll/def/ntdll.spec b/dll/ntdll/def/ntdll.spec index 38eaea47eb4..7609eb4d914 100644 --- a/dll/ntdll/def/ntdll.spec +++ b/dll/ntdll/def/ntdll.spec @@ -113,7 +113,7 @@ @ stdcall LdrQueryImageFileExecutionOptionsEx(ptr ptr long ptr long ptr long) @ stdcall LdrQueryImageFileKeyOption(ptr ptr long ptr long ptr) @ stdcall LdrQueryProcessModuleInformation(ptr long ptr) -# stdcall LdrSetAppCompatDllRedirectionCallback +@ stdcall LdrSetAppCompatDllRedirectionCallback(long ptr ptr) @ stdcall LdrSetDllManifestProber(ptr) @ stdcall LdrShutdownProcess() @ stdcall LdrShutdownThread() @@ -475,7 +475,7 @@ @ stdcall RtlAreBitsClear(ptr long long) @ stdcall RtlAreBitsSet(ptr long long) @ stdcall RtlAssert(ptr ptr long ptr) -# stdcall RtlCancelTimer +@ stdcall RtlCancelTimer(ptr ptr) @ stdcall -register RtlCaptureContext(ptr) @ stdcall RtlCaptureStackBackTrace(long long ptr ptr) # stdcall RtlCaptureStackContext @@ -525,6 +525,7 @@ @ stdcall RtlCreateQueryDebugBuffer(long long) @ stdcall RtlCreateRegistryKey(long wstr) @ stdcall RtlCreateSecurityDescriptor(ptr long) +@ stdcall RtlCreateServiceSid(ptr ptr ptr) @ stdcall RtlCreateSystemVolumeInformationFolder(ptr) @ stdcall RtlCreateTagHeap(ptr long str str) @ stdcall RtlCreateTimer(ptr ptr ptr ptr long long long) @@ -812,13 +813,13 @@ @ stdcall RtlQueryInterfaceMemoryStream(ptr ptr ptr) # stdcall RtlQueryProcessBackTraceInformation @ stdcall RtlQueryProcessDebugInformation(long long ptr) -# stdcall RtlQueryProcessHeapInformation +@ stdcall RtlQueryProcessHeapInformation(ptr) # stdcall RtlQueryProcessLockInformation @ stdcall RtlQueryRegistryValues(long ptr ptr ptr ptr) @ stdcall RtlQuerySecurityObject(ptr long ptr long ptr) @ stdcall RtlQueryTagHeap(ptr long long long ptr) @ stdcall RtlQueryTimeZoneInformation(ptr) -# stdcall RtlQueueApcWow64Thread +@ stdcall -arch=i386,x86_64 RtlQueueApcWow64Thread(ptr ptr ptr ptr ptr) @ stdcall RtlQueueWorkItem(ptr ptr long) @ stdcall -register RtlRaiseException(ptr) @ stdcall RtlRaiseStatus(long) @@ -878,7 +879,7 @@ @ cdecl RtlSetThreadIsCritical(long ptr long) @ stdcall RtlSetThreadPoolStartFunc(ptr ptr) @ stdcall RtlSetTimeZoneInformation(ptr) -@ stdcall RtlSetTimer(ptr ptr ptr ptr long long long) RtlCreateTimer +@ stdcall RtlSetTimer(ptr ptr ptr ptr long long long) @ stdcall RtlSetUnhandledExceptionFilter(ptr) # stdcall RtlSetUnicodeCallouts @ stdcall RtlSetUserFlagsHeap(ptr long ptr long long) @@ -907,7 +908,7 @@ @ stdcall RtlTraceDatabaseUnlock(ptr) @ stdcall RtlTraceDatabaseValidate(ptr) @ stdcall RtlTryEnterCriticalSection(ptr) -# stdcall RtlUnhandledExceptionFilter2 +@ stdcall RtlUnhandledExceptionFilter2(ptr long) @ stdcall RtlUnhandledExceptionFilter(ptr) @ stdcall RtlUnicodeStringToAnsiSize(ptr) RtlxUnicodeStringToAnsiSize @ stdcall RtlUnicodeStringToAnsiString(ptr ptr long) @@ -957,7 +958,7 @@ @ stdcall RtlZombifyActivationContext(ptr) @ stdcall RtlpApplyLengthFunction(long long ptr ptr) @ stdcall RtlpEnsureBufferSize(long ptr long) -# stdcall RtlpNotOwnerCriticalSection +@ stdcall RtlpNotOwnerCriticalSection(ptr) @ stdcall RtlpNtCreateKey(ptr long ptr long ptr ptr) @ stdcall RtlpNtEnumerateSubKey(ptr ptr long long) @ stdcall RtlpNtMakeTemporaryKey(ptr) diff --git a/dll/ntdll/include/ntdllp.h b/dll/ntdll/include/ntdllp.h index 0f122a642d2..2fe0d778279 100644 --- a/dll/ntdll/include/ntdllp.h +++ b/dll/ntdll/include/ntdllp.h @@ -29,6 +29,16 @@ typedef struct _LDRP_TLS_DATA IMAGE_TLS_DIRECTORY TlsDirectory; } LDRP_TLS_DATA, *PLDRP_TLS_DATA; +typedef +NTSTATUS +(NTAPI* PLDR_APP_COMPAT_DLL_REDIRECTION_CALLBACK_FUNCTION)( + _In_ ULONG Flags, + _In_ PCWSTR DllName, + _In_ PCWSTR DllPath OPTIONAL, + _Inout_opt_ PULONG DllCharacteristics, + _In_ PVOID CallbackData, + _Outptr_ PWSTR* EffectiveDllPath); + /* Global data */ extern RTL_CRITICAL_SECTION LdrpLoaderLock; extern BOOLEAN LdrpInLdrInit; diff --git a/dll/ntdll/ldr/ldrapi.c b/dll/ntdll/ldr/ldrapi.c index b151163dd40..e7fdfec0725 100644 --- a/dll/ntdll/ldr/ldrapi.c +++ b/dll/ntdll/ldr/ldrapi.c @@ -1658,4 +1658,19 @@ LdrFlushAlternateResourceModules(VOID) return FALSE; } +/* + * @unimplemented + * See https://www.kernelmode.info/forum/viewtopic.php?t=991 + */ +NTSTATUS +NTAPI +LdrSetAppCompatDllRedirectionCallback( + _In_ ULONG Flags, + _In_ PLDR_APP_COMPAT_DLL_REDIRECTION_CALLBACK_FUNCTION CallbackFunction, + _In_opt_ PVOID CallbackData) +{ + UNIMPLEMENTED; + return STATUS_NOT_IMPLEMENTED; +} + /* EOF */ diff --git a/sdk/lib/rtl/amd64/stubs.c b/sdk/lib/rtl/amd64/stubs.c index cd9412db2a0..8a3bc4749d6 100644 --- a/sdk/lib/rtl/amd64/stubs.c +++ b/sdk/lib/rtl/amd64/stubs.c @@ -113,4 +113,16 @@ RtlRestoreContext( UNIMPLEMENTED; } +NTSTATUS +NTAPI +RtlQueueApcWow64Thread( + _In_ HANDLE ThreadHandle, + _In_ PKNORMAL_ROUTINE ApcRoutine, + _In_opt_ PVOID NormalContext, + _In_opt_ PVOID SystemArgument1, + _In_opt_ PVOID SystemArgument2) +{ + UNIMPLEMENTED; + return STATUS_NOT_IMPLEMENTED; +} diff --git a/sdk/lib/rtl/critical.c b/sdk/lib/rtl/critical.c index 1f247f53ebf..c9b9c68ff6d 100644 --- a/sdk/lib/rtl/critical.c +++ b/sdk/lib/rtl/critical.c @@ -801,4 +801,11 @@ RtlIsCriticalSectionLockedByThread(PRTL_CRITICAL_SECTION CriticalSection) CriticalSection->RecursionCount != 0; } +VOID +NTAPI +RtlpNotOwnerCriticalSection(PRTL_CRITICAL_SECTION CriticalSection) +{ + RtlRaiseStatus(STATUS_RESOURCE_NOT_OWNED); +} + /* EOF */ diff --git a/sdk/lib/rtl/exception.c b/sdk/lib/rtl/exception.c index d75f255fe87..0abbcc53055 100644 --- a/sdk/lib/rtl/exception.c +++ b/sdk/lib/rtl/exception.c @@ -311,6 +311,21 @@ RtlUnhandledExceptionFilter(IN struct _EXCEPTION_POINTERS* ExceptionInfo) return ERROR_CALL_NOT_IMPLEMENTED; } +/* + * @unimplemented + */ +LONG +NTAPI +RtlUnhandledExceptionFilter2( + _In_ PEXCEPTION_POINTERS ExceptionInfo, + _In_ ULONG Flags) +{ + /* This is used by the security cookie checks, and also called externally */ + UNIMPLEMENTED; + PrintStackTrace(ExceptionInfo); + return ERROR_CALL_NOT_IMPLEMENTED; +} + /* * @implemented */ diff --git a/sdk/lib/rtl/heap.c b/sdk/lib/rtl/heap.c index 4c51053e651..ccdb7d1ef29 100644 --- a/sdk/lib/rtl/heap.c +++ b/sdk/lib/rtl/heap.c @@ -3995,4 +3995,20 @@ RtlMultipleFreeHeap(IN PVOID HeapHandle, return 0; } +/* + * Info: + * - https://securityxploded.com/enumheaps.php + * - https://evilcodecave.wordpress.com/2009/04/14/rtlqueryprocessheapinformation-as-anti-dbg-trick/ + */ +struct _DEBUG_BUFFER; + +NTSTATUS +NTAPI +RtlQueryProcessHeapInformation( + IN struct _DEBUG_BUFFER *DebugBuffer) +{ + UNIMPLEMENTED; + return STATUS_NOT_IMPLEMENTED; +} + /* EOF */ diff --git a/sdk/lib/rtl/i386/thread.c b/sdk/lib/rtl/i386/thread.c index aa74d8b9f4b..48ebbf50623 100644 --- a/sdk/lib/rtl/i386/thread.c +++ b/sdk/lib/rtl/i386/thread.c @@ -77,4 +77,20 @@ RtlInitializeContext(IN HANDLE ProcessHandle, ThreadContext->Esp -= sizeof(PVOID); } +NTSTATUS +NTAPI +RtlQueueApcWow64Thread( + _In_ HANDLE ThreadHandle, + _In_ PKNORMAL_ROUTINE ApcRoutine, + _In_opt_ PVOID NormalContext, + _In_opt_ PVOID SystemArgument1, + _In_opt_ PVOID SystemArgument2) +{ + return NtQueueApcThread(ThreadHandle, + ApcRoutine, + NormalContext, + SystemArgument1, + SystemArgument2); +} + /* EOF */ diff --git a/sdk/lib/rtl/sid.c b/sdk/lib/rtl/sid.c index 093b96f9db4..7f2ee676e96 100644 --- a/sdk/lib/rtl/sid.c +++ b/sdk/lib/rtl/sid.c @@ -404,4 +404,18 @@ RtlConvertSidToUnicodeString(IN PUNICODE_STRING String, return STATUS_SUCCESS; } +/* + * @unimplemented + */ +NTSTATUS +NTAPI +RtlCreateServiceSid( + _In_ PUNICODE_STRING ServiceName, + _Out_writes_bytes_opt_(*ServiceSidLength) PSID ServiceSid, + _Inout_ PULONG ServiceSidLength) +{ + UNIMPLEMENTED; + return STATUS_NOT_IMPLEMENTED; +} + /* EOF */ diff --git a/sdk/lib/rtl/timerqueue.c b/sdk/lib/rtl/timerqueue.c index 25976278e1f..596588bdafd 100644 --- a/sdk/lib/rtl/timerqueue.c +++ b/sdk/lib/rtl/timerqueue.c @@ -463,6 +463,26 @@ NTSTATUS WINAPI RtlCreateTimer(HANDLE TimerQueue, PHANDLE NewTimer, return status; } +NTSTATUS +WINAPI +RtlSetTimer( + HANDLE TimerQueue, + PHANDLE NewTimer, + WAITORTIMERCALLBACKFUNC Callback, + PVOID Parameter, + DWORD DueTime, + DWORD Period, + ULONG Flags) +{ + return RtlCreateTimer(TimerQueue, + NewTimer, + Callback, + Parameter, + DueTime, + Period, + Flags); +} + /*********************************************************************** * RtlUpdateTimer (NTDLL.@) * @@ -557,6 +577,16 @@ NTSTATUS WINAPI RtlDeleteTimer(HANDLE TimerQueue, HANDLE Timer, return status; } +/* + * @implemented + */ +NTSTATUS +NTAPI +RtlCancelTimer(HANDLE TimerQueue, HANDLE Timer) +{ + return RtlDeleteTimer(TimerQueue, Timer, NULL); +} + /* * @implemented */
