From 8ef8cbf7607aca37f8057945ba2032b8c561eec7 Mon Sep 17 00:00:00 2001 From: midipix Date: Thu, 25 Jan 2024 02:23:31 +0000 Subject: __ntapi_tt_spawn_foreign_process(): refactor __tt_spawn_return(). --- src/process/ntapi_tt_spawn_foreign_process.c | 77 ++++++++++++++++++---------- 1 file changed, 49 insertions(+), 28 deletions(-) diff --git a/src/process/ntapi_tt_spawn_foreign_process.c b/src/process/ntapi_tt_spawn_foreign_process.c index 06f9039..1b9ca2f 100644 --- a/src/process/ntapi_tt_spawn_foreign_process.c +++ b/src/process/ntapi_tt_spawn_foreign_process.c @@ -38,6 +38,7 @@ typedef int32_t win32_create_process_utf16( static int32_t __stdcall __tt_spawn_return( nt_runtime_data_block * rtblock, + void * himgfile, void * hprocess, void * hthread, int32_t status) @@ -50,6 +51,9 @@ static int32_t __stdcall __tt_spawn_return( __ntapi->zw_close(hthread); } + if (himgfile) + __ntapi->zw_close(himgfile); + __ntapi->zw_free_virtual_memory( NT_CURRENT_PROCESS_HANDLE, &rtblock->addr, @@ -71,6 +75,7 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa void * hkernel32; void * hat; void * hfile; + void * himgfile; uint32_t written; int32_t envc; wchar16_t * imgbuf; @@ -166,7 +171,8 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa __SPAWN_FOREIGN_PROCESS_RUNTIME_BLOCK_VECTOR_SIZE, &(size_t){0}))) return __tt_spawn_return( - &rtblock,0,0,status); + &rtblock,0, + 0,0,status); /* imgbuf */ imgbuf = rtblock.addr; @@ -174,13 +180,19 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa imgbuf += __SPAWN_FOREIGN_PROCESS_RUNTIME_BLOCK_VECTOR_SIZE / sizeof(wchar16_t); /* hfile */ - if (sparams->himage) - hfile = sparams->himage; + if (sparams->himage) { + hfile = sparams->himage; + himgfile = 0; - else if ((status = __ntapi_tt_open_file_utf8( + } else if ((status = __ntapi_tt_open_file_utf8( &hfile,hat,patharg,1, - imgbuf,__SPAWN_FOREIGN_PROCESS_RUNTIME_BLOCK_IMGBUF_SIZE))) - return status; + imgbuf,__SPAWN_FOREIGN_PROCESS_RUNTIME_BLOCK_IMGBUF_SIZE))) { + return __tt_spawn_return( + &rtblock,0, + 0,0,status); + + himgfile = hfile; + } /* imgname */ if ((status = __ntapi->zw_query_object( @@ -189,7 +201,8 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa imgbuf,__SPAWN_FOREIGN_PROCESS_RUNTIME_BLOCK_VECTOR_SIZE, &written))) return __tt_spawn_return( - &rtblock,0,0,status); + &rtblock,himgfile, + 0,0,status); imgname = (nt_unicode_string *)imgbuf; @@ -213,7 +226,7 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa if ((ch_arg + 2*(mark-ch)) >= ch_cap) return __tt_spawn_return( - &rtblock,0,0, + &rtblock,himgfile,0,0, NT_STATUS_NAME_TOO_LONG); if (!mark[0] && fquote) { @@ -246,7 +259,7 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa if (ch_arg >= ch_cap) return __tt_spawn_return( - &rtblock,0,0, + &rtblock,himgfile,0,0, NT_STATUS_NAME_TOO_LONG); } @@ -266,11 +279,12 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa if ((status = __ntapi->uc_convert_unicode_stream_utf8_to_utf16(&uparams))) return __tt_spawn_return( - &rtblock,0,0,status); + &rtblock,himgfile, + 0,0,status); else if (uparams.leftover_count) return __tt_spawn_return( - &rtblock,0,0, + &rtblock,himgfile,0,0, NT_STATUS_ILLEGAL_CHARACTER); /* nt_cmd_line */ @@ -292,11 +306,12 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa if ((status = __ntapi->uc_convert_unicode_stream_utf8_to_utf16(&uparams))) return __tt_spawn_return( - &rtblock,0,0,status); + &rtblock,himgfile, + 0,0,status); else if (uparams.leftover_count) return __tt_spawn_return( - &rtblock,0,0, + &rtblock,himgfile,0,0, NT_STATUS_ILLEGAL_CHARACTER); nt_image.strlen = uparams.bytes_written; @@ -323,7 +338,9 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa (nt_unicode_string *)0, (nt_unicode_string *)0, (nt_unicode_string *)0))) - return status; + return __tt_spawn_return( + &rtblock,himgfile, + 0,0,status); __ntapi->rtl_normalize_process_params(cparams.process_params); @@ -381,15 +398,19 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa sparams->startupinfo, &processinfo))) return __tt_spawn_return( - &rtblock,0,0,status); + &rtblock,himgfile, + 0,0,status); if ((status = __ntapi->zw_query_information_process( - processinfo.hprocess, - NT_PROCESS_BASIC_INFORMATION, - &cparams.pbi,sizeof(cparams.pbi), - 0))) + processinfo.hprocess, + NT_PROCESS_BASIC_INFORMATION, + &cparams.pbi,sizeof(cparams.pbi), + 0))) return __tt_spawn_return( - &rtblock,0,0,status); + &rtblock,himgfile, + processinfo.hprocess, + processinfo.hthread, + status); cparams.hprocess = processinfo.hprocess; cparams.hthread = processinfo.hthread; @@ -404,7 +425,8 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa if ((status = __ntapi->tt_create_native_process(&cparams))) return __tt_spawn_return( - &rtblock,0,0,status); + &rtblock,himgfile, + 0,0,status); } /* debug */ @@ -415,14 +437,11 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa NT_DEBUG_KILL_ON_EXIT))) return __tt_spawn_return( &rtblock, + himgfile, cparams.hprocess, cparams.hthread, status); - /* tidy up */ - if (!sparams->himage) - __ntapi->zw_close(hfile); - /* output */ sparams->hprocess = cparams.hprocess; sparams->hthread = cparams.hthread; @@ -438,17 +457,19 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa /* create suspended? */ if (fsuspended) return __tt_spawn_return( - &rtblock,0,0,NT_STATUS_SUCCESS); + &rtblock,himgfile, + 0,0,NT_STATUS_SUCCESS); /* tada */ if ((status = __ntapi->zw_resume_thread(cparams.hthread,0))) return __tt_spawn_return( - &rtblock, + &rtblock,himgfile, cparams.hprocess, cparams.hthread, status); /* all done */ return __tt_spawn_return( - &rtblock,0,0,NT_STATUS_SUCCESS); + &rtblock,himgfile, + 0,0,NT_STATUS_SUCCESS); } -- cgit v1.2.3