summaryrefslogtreecommitdiffhomepage
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/process/ntapi_tt_create_remote_runtime_data.c114
1 files changed, 55 insertions, 59 deletions
diff --git a/src/process/ntapi_tt_create_remote_runtime_data.c b/src/process/ntapi_tt_create_remote_runtime_data.c
index 4bde549..b3809b0 100644
--- a/src/process/ntapi_tt_create_remote_runtime_data.c
+++ b/src/process/ntapi_tt_create_remote_runtime_data.c
@@ -51,59 +51,51 @@ int32_t __stdcall __ntapi_tt_create_remote_runtime_data(
sizeof(runtime_arg));
/* obtain process information */
- status = __ntapi->zw_query_information_process(
- hprocess,
- NT_PROCESS_BASIC_INFORMATION,
- (void *)&rpbi,
- sizeof(nt_process_basic_information),
- 0);
-
- if (status != NT_STATUS_SUCCESS)
+ if ((status = __ntapi->zw_query_information_process(
+ hprocess,
+ NT_PROCESS_BASIC_INFORMATION,
+ (void *)&rpbi,
+ sizeof(nt_process_basic_information),
+ 0)))
return status;
- status = __ntapi->zw_read_virtual_memory(
- hprocess,
- pe_va_from_rva(
- rpbi.peb_base_address,
- (uintptr_t)&(((nt_peb *)0)->process_params)),
- (char *)&rprocess_params,
- sizeof(uintptr_t),
- &bytes_written);
-
- if (status != NT_STATUS_SUCCESS)
+ if ((status = __ntapi->zw_read_virtual_memory(
+ hprocess,
+ pe_va_from_rva(
+ rpbi.peb_base_address,
+ (uintptr_t)&(((nt_peb *)0)->process_params)),
+ (char *)&rprocess_params,
+ sizeof(uintptr_t),
+ &bytes_written)))
return status;
- status = __ntapi->zw_read_virtual_memory(
- hprocess,
- &rprocess_params->command_line,
- (char *)&rcmd_line,
- sizeof(nt_unicode_string),
- &bytes_written);
-
- if (status != NT_STATUS_SUCCESS)
+ if ((status = __ntapi->zw_read_virtual_memory(
+ hprocess,
+ &rprocess_params->command_line,
+ (char *)&rcmd_line,
+ sizeof(nt_unicode_string),
+ &bytes_written)))
return status;
if (rcmd_line.buffer == 0)
return NT_STATUS_BUFFER_TOO_SMALL;
- else if (rcmd_line.strlen < sizeof(runtime_arg) + 4*sizeof(wchar16_t))
- return NT_STATUS_INVALID_USER_BUFFER;
- status = __ntapi->zw_read_virtual_memory(
- hprocess,
- pe_va_from_rva(
- rcmd_line.buffer,
- rcmd_line.strlen - sizeof(runtime_arg)),
- (char *)&runtime_arg,
- sizeof(runtime_arg),
- &bytes_written);
+ if (rcmd_line.strlen < sizeof(runtime_arg) + 4*sizeof(wchar16_t))
+ return NT_STATUS_INVALID_USER_BUFFER;
- if (status != NT_STATUS_SUCCESS)
+ if ((status = __ntapi->zw_read_virtual_memory(
+ hprocess,
+ pe_va_from_rva(
+ rcmd_line.buffer,
+ rcmd_line.strlen - sizeof(runtime_arg)),
+ (char *)&runtime_arg,
+ sizeof(runtime_arg),
+ &bytes_written)))
return status;
/* verify remote process compatibility */
runtime_arg_hash ^= __ntapi->tt_buffer_crc32(
- 0,
- (char *)runtime_arg,
+ 0,(char *)runtime_arg,
sizeof(runtime_arg));
if (runtime_arg_hash)
@@ -111,31 +103,34 @@ int32_t __stdcall __ntapi_tt_create_remote_runtime_data(
/* remote block */
rtblock->remote_size = rtblock->size;
- status = __ntapi->zw_allocate_virtual_memory(
- hprocess,
- &rtblock->remote_addr,
- 0,
- &rtblock->remote_size,
- NT_MEM_RESERVE | NT_MEM_COMMIT,
- NT_PAGE_READWRITE);
- if (status != NT_STATUS_SUCCESS)
+ if ((status = __ntapi->zw_allocate_virtual_memory(
+ hprocess,
+ &rtblock->remote_addr,
+ 0,
+ &rtblock->remote_size,
+ NT_MEM_RESERVE | NT_MEM_COMMIT,
+ NT_PAGE_READWRITE)))
return status;
/* session handles */
+ rtdata = 0;
+ srv_ready = 0;
+
if (rtblock->flags & NT_RUNTIME_DATA_DUPLICATE_SESSION_HANDLES) {
- rtdata = (nt_runtime_data *)rtblock->addr;
+ rtdata = (nt_runtime_data *)rtblock->addr;
srv_ready = rtdata->srv_ready;
- status = __ntapi->zw_duplicate_object(
- NT_CURRENT_PROCESS_HANDLE,
- srv_ready,
- hprocess,
- &rtdata->srv_ready,
- 0,0,NT_DUPLICATE_SAME_ATTRIBUTES | NT_DUPLICATE_SAME_ACCESS);
- if (status) return status;
- } else
- srv_ready = 0;
+ if ((status = __ntapi->zw_duplicate_object(
+ NT_CURRENT_PROCESS_HANDLE,
+ srv_ready,
+ hprocess,
+ &rtdata->srv_ready,
+ 0,0,
+ NT_DUPLICATE_SAME_ATTRIBUTES
+ |NT_DUPLICATE_SAME_ACCESS)))
+ return status;
+ }
/* copy local block to remote process */
status = __ntapi->zw_write_virtual_memory(
@@ -146,10 +141,11 @@ int32_t __stdcall __ntapi_tt_create_remote_runtime_data(
&bytes_written);
/* restore rtdata */
- if (srv_ready)
+ if (rtdata)
rtdata->srv_ready = srv_ready;
- if (status != NT_STATUS_SUCCESS)
+ /* verify above remote write */
+ if (status)
return status;
/* runtime_arg */