API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 25th, 2019
79
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.24 KB | None | 0 0
raw download clone embed print report
  1. #include <windows.h>
  2. #include <stdio.h>
  3. #include <conio.h>
  4. #include <vector>
  5.  
  6. CRITICAL_SECTION cs_DB1;
  7. CRITICAL_SECTION cs_DB2;
  8.  
  9. static DWORD WINAPI ThreadProc1(LPVOID lpParam)
  10. {
  11. EnterCriticalSection(&cs_DB1);
  12.  
  13. //
  14. // Do work on stack
  15. //
  16. wprintf(L"Updating database 1\n");
  17. Sleep(3000);
  18. EnterCriticalSection(&cs_DB2);
  19.  
  20. wprintf(L"Updating database 2\n");
  21.  
  22. LeaveCriticalSection(&cs_DB2);
  23. LeaveCriticalSection(&cs_DB1);
  24.  
  25. return 1;
  26. }
  27.  
  28. static DWORD WINAPI ThreadProc2(LPVOID lpParam)
  29. {
  30. EnterCriticalSection(&cs_DB2);
  31.  
  32. //
  33. // Do work on stack
  34. //
  35. wprintf(L"Updating database 2\n");
  36. Sleep(3000);
  37. EnterCriticalSection(&cs_DB1);
  38.  
  39. wprintf(L"Updating database 1\n");
  40.  
  41. LeaveCriticalSection(&cs_DB1);
  42. LeaveCriticalSection(&cs_DB2);
  43.  
  44. return 1;
  45. }
  46.  
  47.  
  48.  
  49.  
  50.  
  51. typedef struct _RTL_PROCESS_MODULE_INFORMATION
  52. {
  53. ULONG Section;
  54. PVOID MappedBase;
  55. PVOID ImageBase;
  56. ULONG ImageSize;
  57. ULONG Flags;
  58. USHORT LoadOrderIndex;
  59. USHORT InitOrderIndex;
  60. USHORT LoadCount;
  61. USHORT OffsetToFileName;
  62. CHAR FullPathName[256];
  63. } RTL_PROCESS_MODULE_INFORMATION, *PRTL_PROCESS_MODULE_INFORMATION;
  64.  
  65. typedef struct _RTL_PROCESS_MODULES
  66. {
  67. ULONG NumberOfModules;
  68. RTL_PROCESS_MODULE_INFORMATION Modules[1];
  69. } RTL_PROCESS_MODULES, *PRTL_PROCESS_MODULES;
  70.  
  71. typedef struct _RTL_PROCESS_MODULE_INFORMATION_EX
  72. {
  73. ULONG NextOffset;
  74. RTL_PROCESS_MODULE_INFORMATION BaseInfo;
  75. ULONG ImageCheckSum;
  76. ULONG TimeDateStamp;
  77. PVOID DefaultBase;
  78. } RTL_PROCESS_MODULE_INFORMATION_EX, *PRTL_PROCESS_MODULE_INFORMATION_EX;
  79.  
  80. typedef struct _RTL_HEAP_TAG_INFO
  81. {
  82. ULONG NumberOfAllocations;
  83. ULONG NumberOfFrees;
  84. SIZE_T BytesAllocated;
  85. } RTL_HEAP_TAG_INFO, *PRTL_HEAP_TAG_INFO;
  86.  
  87. typedef struct _RTL_HEAP_USAGE_ENTRY
  88. {
  89. struct _RTL_HEAP_USAGE_ENTRY *Next;
  90. PVOID Address;
  91. SIZE_T Size;
  92. USHORT AllocatorBackTraceIndex;
  93. USHORT TagIndex;
  94. } RTL_HEAP_USAGE_ENTRY, *PRTL_HEAP_USAGE_ENTRY;
  95.  
  96. typedef struct _RTL_HEAP_USAGE
  97. {
  98. ULONG Length;
  99. SIZE_T BytesAllocated;
  100. SIZE_T BytesCommitted;
  101. SIZE_T BytesReserved;
  102. SIZE_T BytesReservedMaximum;
  103. PRTL_HEAP_USAGE_ENTRY Entries;
  104. PRTL_HEAP_USAGE_ENTRY AddedEntries;
  105. PRTL_HEAP_USAGE_ENTRY RemovedEntries;
  106. ULONG_PTR Reserved[8];
  107. } RTL_HEAP_USAGE, *PRTL_HEAP_USAGE;
  108.  
  109. typedef struct _RTL_HEAP_WALK_ENTRY
  110. {
  111. PVOID DataAddress;
  112. SIZE_T DataSize;
  113. UCHAR OverheadBytes;
  114. UCHAR SegmentIndex;
  115. USHORT Flags;
  116. union
  117. {
  118. struct
  119. {
  120. SIZE_T Settable;
  121. USHORT TagIndex;
  122. USHORT AllocatorBackTraceIndex;
  123. ULONG Reserved[2];
  124. } Block;
  125. struct
  126. {
  127. ULONG_PTR CommittedSize;
  128. ULONG_PTR UnCommittedSize;
  129. PVOID FirstEntry;
  130. PVOID LastEntry;
  131. } Segment;
  132. };
  133. } RTL_HEAP_WALK_ENTRY, *PRTL_HEAP_WALK_ENTRY;
  134.  
  135. typedef struct _RTL_HEAP_ENTRY
  136. {
  137. SIZE_T Size;
  138. USHORT Flags;
  139. USHORT AllocatorBackTraceIndex;
  140. union
  141. {
  142. struct
  143. {
  144. SIZE_T Settable;
  145. ULONG Tag;
  146. } s1;
  147. struct
  148. {
  149. SIZE_T CommittedSize;
  150. PVOID FirstBlock;
  151. } s2;
  152. } u;
  153. } RTL_HEAP_ENTRY, *PRTL_HEAP_ENTRY;
  154.  
  155. typedef struct _RTL_HEAP_TAG
  156. {
  157. ULONG NumberOfAllocations;
  158. ULONG NumberOfFrees;
  159. SIZE_T BytesAllocated;
  160. USHORT TagIndex;
  161. USHORT CreatorBackTraceIndex;
  162. WCHAR TagName[24];
  163. } RTL_HEAP_TAG, *PRTL_HEAP_TAG;
  164.  
  165. typedef struct _RTL_HEAP_INFORMATION
  166. {
  167. PVOID BaseAddress;
  168. ULONG Flags;
  169. USHORT EntryOverhead;
  170. USHORT CreatorBackTraceIndex;
  171. SIZE_T BytesAllocated;
  172. SIZE_T BytesCommitted;
  173. ULONG NumberOfTags;
  174. ULONG NumberOfEntries;
  175. ULONG NumberOfPseudoTags;
  176. ULONG PseudoTagGranularity;
  177. ULONG Reserved[4];
  178. PRTL_HEAP_TAG Tags;
  179. PRTL_HEAP_ENTRY Entries;
  180. } RTL_HEAP_INFORMATION, *PRTL_HEAP_INFORMATION;
  181.  
  182. typedef struct _RTL_PROCESS_HEAPS
  183. {
  184. ULONG NumberOfHeaps;
  185. RTL_HEAP_INFORMATION Heaps[1];
  186. } RTL_PROCESS_HEAPS, *PRTL_PROCESS_HEAPS;
  187.  
  188. typedef struct _RTL_PROCESS_LOCK_INFORMATION
  189. {
  190. PVOID Address;
  191. USHORT Type;
  192. USHORT CreatorBackTraceIndex;
  193. ULONG OwnerThreadId;
  194. ULONG ActiveCount;
  195. ULONG ContentionCount;
  196. ULONG EntryCount;
  197. ULONG RecursionCount;
  198. ULONG NumberOfSharedWaiters;
  199. ULONG NumberOfExclusiveWaiters;
  200. } RTL_PROCESS_LOCK_INFORMATION, *PRTL_PROCESS_LOCK_INFORMATION;
  201.  
  202. typedef struct _RTL_PROCESS_LOCKS
  203. {
  204. ULONG NumberOfLocks;
  205. RTL_PROCESS_LOCK_INFORMATION Locks[1];
  206. } RTL_PROCESS_LOCKS, *PRTL_PROCESS_LOCKS;
  207.  
  208. typedef struct _RTL_PROCESS_BACKTRACE_INFORMATION
  209. {
  210. PVOID SymbolicBackTrace;
  211. ULONG TraceCount;
  212. USHORT Index;
  213. USHORT Depth;
  214. PVOID BackTrace[16];
  215. } RTL_PROCESS_BACKTRACE_INFORMATION, *PRTL_PROCESS_BACKTRACE_INFORMATION;
  216.  
  217. typedef struct _RTL_PROCESS_BACKTRACES
  218. {
  219. ULONG CommittedMemory;
  220. ULONG ReservedMemory;
  221. ULONG NumberOfBackTraceLookups;
  222. ULONG NumberOfBackTraces;
  223. RTL_PROCESS_BACKTRACE_INFORMATION BackTraces[1];
  224. } RTL_PROCESS_BACKTRACES, *PRTL_PROCESS_BACKTRACES;
  225.  
  226. typedef struct _RTL_PROCESS_VERIFIER_OPTIONS
  227. {
  228. ULONG SizeStruct;
  229. ULONG Option;
  230. UCHAR OptionData[1];
  231. //
  232. // Option array continues below
  233. //
  234. } RTL_PROCESS_VERIFIER_OPTIONS, *PRTL_PROCESS_VERIFIER_OPTIONS;
  235.  
  236. typedef struct _RTL_DEBUG_INFORMATION
  237. {
  238. HANDLE SectionHandleClient;
  239. PVOID ViewBaseClient;
  240. PVOID ViewBaseTarget;
  241. ULONG ViewBaseDelta;
  242. HANDLE EventPairClient;
  243. PVOID EventPairTarget;
  244. HANDLE TargetProcessId;
  245. HANDLE TargetThreadHandle;
  246. ULONG Flags;
  247. ULONG OffsetFree;
  248. ULONG CommitSize;
  249. ULONG ViewSize;
  250. union
  251. {
  252. PRTL_PROCESS_MODULES Modules;
  253. PRTL_PROCESS_MODULE_INFORMATION_EX ModulesEx;
  254. };
  255. PRTL_PROCESS_BACKTRACES BackTraces;
  256. PRTL_PROCESS_HEAPS Heaps;
  257. PRTL_PROCESS_LOCKS Locks;
  258. HANDLE SpecificHeap;
  259. HANDLE TargetProcessHandle;
  260. RTL_PROCESS_VERIFIER_OPTIONS VerifierOptions;
  261. HANDLE ProcessHeap;
  262. HANDLE CriticalSectionHandle;
  263. HANDLE CriticalSectionOwnerThread;
  264. PVOID Reserved[4];
  265. } RTL_DEBUG_INFORMATION, *PRTL_DEBUG_INFORMATION;
  266.  
  267.  
  268.  
  269.  
  270.  
  271. typedef struct _DEBUGMODULEINFO {
  272. DWORD ImageBase;
  273. DWORD ImageSize;
  274. DWORD Unknown01; // possibly some kind of version info. nthandle doesnt use it
  275. USHORT DllSequenceNum; // if 0 then EXE
  276. USHORT NumDlls; // only know if seqnum is 0
  277. DWORD GrantedAccess;
  278. CHAR Name[MAX_PATH];
  279. DWORD Unknown02;
  280. }DEBUGMODULEINFO, *PDEBUGMODULEINFO;
  281.  
  282. typedef struct _QUERYDEBUGBUFFER_HEADER {
  283. DWORD Unkown12[12];
  284. DWORD* ModArrayHeader;
  285. DWORD Unkown11[11];
  286. DWORD NumNames; // total entries including the EXE
  287. DWORD Reserved[2];
  288. DEBUGMODULEINFO ModInfo[1];
  289. }QUERYDEBUGBUFFER, *PQUERYDEBUGBUFFER;
  290.  
  291. #define RTL_DEBUG_QUERY_MODULES 0x01
  292. #define RTL_DEBUG_QUERY_BACKTRACES 0x02
  293. #define RTL_DEBUG_QUERY_HEAPS 0x04
  294. #define RTL_DEBUG_QUERY_HEAP_TAGS 0x08
  295. #define RTL_DEBUG_QUERY_HEAP_BLOCKS 0x10
  296. #define RTL_DEBUG_QUERY_LOCKS 0x20
  297.  
  298. typedef DWORD(WINAPI *PRtlQueryProcessDebugInformation)(HANDLE, DWORD, PVOID);
  299. typedef DWORD* (WINAPI *PRtlCreateQueryDebugBuffer)(DWORD, DWORD);
  300. typedef DWORD(WINAPI *PRtlDestroyQueryDebugBuffer)(PDWORD);
  301.  
  302. static bool EnumerateHeaps()
  303. {
  304. // Get addresses of NTDLL functions necessary for the heap enumeration.
  305. HMODULE hNtDll = GetModuleHandle(L"ntdll.dll");
  306. PRtlCreateQueryDebugBuffer pfnRtlCreateQueryDebugBuffer = (PRtlCreateQueryDebugBuffer)GetProcAddress(hNtDll, "RtlCreateQueryDebugBuffer");
  307. PRtlDestroyQueryDebugBuffer pfnRtlDestroyQueryDebugBuffer = (PRtlDestroyQueryDebugBuffer)GetProcAddress(hNtDll, "RtlDestroyQueryDebugBuffer");
  308. PRtlQueryProcessDebugInformation pfnRtlQueryProcessDebugInformation = (PRtlQueryProcessDebugInformation)GetProcAddress(hNtDll, "RtlQueryProcessDebugInformation");
  309.  
  310. if (!pfnRtlCreateQueryDebugBuffer || !pfnRtlDestroyQueryDebugBuffer || !pfnRtlQueryProcessDebugInformation)
  311. {
  312. return false;
  313. }
  314.  
  315. // Create debug buffer to hold heap information.
  316. PRTL_DEBUG_INFORMATION db = (PRTL_DEBUG_INFORMATION)pfnRtlCreateQueryDebugBuffer(0, FALSE);
  317. if (!db)
  318. {
  319. return false;
  320. }
  321.  
  322. HANDLE procHdl = OpenProcess(PROCESS_ALL_ACCESS, FALSE, 2580);
  323.  
  324. // Get heap information and put it inside the debug buffer.
  325. NTSTATUS result = pfnRtlQueryProcessDebugInformation(procHdl, RTL_DEBUG_QUERY_LOCKS, db);
  326. if (result != 0)
  327. {
  328. pfnRtlDestroyQueryDebugBuffer((PDWORD)db);
  329. return false;
  330. }
  331.  
  332. // Walk the heaps and add them to the input vector.
  333. for (unsigned int i = 0; i < db->Heaps->NumberOfHeaps; ++i)
  334. {
  335. PRTL_HEAP_INFORMATION curHeap = &db->Heaps->Heaps[i];
  336. //Win32HeapInformation& heap = heapInfoList.Add();
  337. //heap.VirtualAddress = (LONG_PTR)curHeap->BaseAddress;
  338. //heap.BlockCount = curHeap->NumberOfEntries;
  339. //heap.CommittedSize = (LONG)curHeap->BytesCommitted;
  340. //heap.AllocatedSize = (LONG)curHeap->BytesAllocated;
  341. //heap.Flags = curHeap->Flags;
  342. }
  343.  
  344. // Clean up buffer and return.
  345. pfnRtlDestroyQueryDebugBuffer((PDWORD)db);
  346. CloseHandle(procHdl);
  347.  
  348. return true;
  349. }
  350.  
  351. void __cdecl main()
  352. {
  353. EnumerateHeaps();
  354.  
  355. if (!InitializeCriticalSectionAndSpinCount(&cs_DB1, 2000))
  356. {
  357. return;
  358. }
  359. if (!InitializeCriticalSectionAndSpinCount(&cs_DB2, 2000))
  360. {
  361. DeleteCriticalSection(&cs_DB1);
  362. return;
  363. }
  364.  
  365. size_t size1 = sizeof(RTL_DEBUG_INFORMATION);
  366. size_t size2 = sizeof(QUERYDEBUGBUFFER);
  367.  
  368. static PRtlQueryProcessDebugInformation RtlQueryProcessDebugInformation;
  369. static PRtlCreateQueryDebugBuffer RtlCreateQueryDebugBuffer;
  370. static PRtlDestroyQueryDebugBuffer RtlDestroyQueryDebugBuffer;
  371.  
  372. HMODULE hNtDll = GetModuleHandle(L"ntdll.dll");
  373. RtlQueryProcessDebugInformation = (PRtlQueryProcessDebugInformation)
  374. GetProcAddress(hNtDll,
  375. "RtlQueryProcessDebugInformation");
  376.  
  377. RtlCreateQueryDebugBuffer = (PRtlCreateQueryDebugBuffer)
  378. GetProcAddress(hNtDll,
  379. "RtlCreateQueryDebugBuffer");
  380.  
  381. RtlDestroyQueryDebugBuffer = (PRtlDestroyQueryDebugBuffer)
  382. GetProcAddress(hNtDll,
  383. "RtlDestroyQueryDebugBuffer");
  384.  
  385. HANDLE procHdl = OpenProcess(PROCESS_ALL_ACCESS, FALSE, GetCurrentProcessId());
  386. if (procHdl != NULL && procHdl != INVALID_HANDLE_VALUE)
  387. {
  388. DWORD *pRtlBuffer = RtlCreateQueryDebugBuffer(NULL, true);
  389. DWORD error = RtlQueryProcessDebugInformation(procHdl, RTL_DEBUG_QUERY_LOCKS, pRtlBuffer);
  390. RTL_DEBUG_INFORMATION *pDebugInfo = (RTL_DEBUG_INFORMATION*)pRtlBuffer;
  391. RtlDestroyQueryDebugBuffer(pRtlBuffer);
  392. }
  393. CloseHandle(procHdl);
  394.  
  395.  
  396. return;
  397.  
  398. DWORD dwId = 0;
  399. HANDLE hThread1 = CreateThread(NULL, 0, ThreadProc1, NULL, 0, &dwId);
  400. HANDLE hThread2 = CreateThread(NULL, 0, ThreadProc2, NULL, 0, &dwId);
  401.  
  402. HANDLE threads[] = { hThread1,hThread2 };
  403.  
  404. Sleep(10000);
  405.  
  406.  
  407. wprintf(L"Debugging information (critical sections):\n");
  408. std::vector<PRTL_CRITICAL_SECTION> criticalSections;
  409. PRTL_CRITICAL_SECTION_DEBUG dbgInfo = cs_DB1.DebugInfo;
  410. LIST_ENTRY lockList = dbgInfo->ProcessLocksList;
  411.  
  412.  
  413.  
  414. DWORD res = WaitForMultipleObjectsEx(2, threads, true, INFINITE, false);
  415.  
  416.  
  417. DeleteCriticalSection(&cs_DB1);
  418. DeleteCriticalSection(&cs_DB2);
  419. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!