internal void FromSafeBuffer(SafeAlpcPortMessageBuffer buffer, NtAlpc port)
{
Header = buffer.Result;
AllocatedDataLength = buffer.Length - _header_size;
OnFromSafeBuffer(buffer, port);
_port = port;
}
internal void FromSafeBuffer(SafeAlpcMessageAttributesBuffer buffer, NtAlpc port, AlpcMessage message)
{
var result = buffer.Result;
var valid_attrs = result.ValidAttributes;
if (valid_attrs.HasFlag(AlpcMessageAttributeFlags.Token))
{
AddAttribute <AlpcTokenMessageAttribute>(buffer, port, message);
}
if (valid_attrs.HasFlag(AlpcMessageAttributeFlags.Context))
{
AddAttribute <AlpcContextMessageAttribute>(buffer, port, message);
}
if (valid_attrs.HasFlag(AlpcMessageAttributeFlags.Handle))
{
var attribute = AddAttribute <AlpcHandleMessageAttribute>(buffer, port, message);
_handles.AddRange(attribute.Handles.Select(h => NtObjectUtils.FromHandle(h.Handle, true)));
}
if (valid_attrs.HasFlag(AlpcMessageAttributeFlags.Security))
{
var attr = AddAttribute <AlpcSecurityMessageAttribute>(buffer, port, message);
SecurityContext = new SafeAlpcSecurityContextHandle(attr.ContextHandle, true, port, attr.Flags, attr.SecurityQoS);
}
if (valid_attrs.HasFlag(AlpcMessageAttributeFlags.View))
{
var attr = AddAttribute <AlpcDataViewMessageAttribute>(buffer, port, message);
DataView = new SafeAlpcDataViewBuffer(new IntPtr(attr.ViewBase), attr.ViewSize,
new SafeAlpcPortSectionHandle(attr.SectionHandle, true, port), attr.Flags, true);
}
if (valid_attrs.HasFlag(AlpcMessageAttributeFlags.WorkOnBehalfOf))
{
AddAttribute <AlpcWorkOnBehalfMessageAttribute>(buffer, port, message);
}
}
/// <summary>
/// Query a fixed structure from the object.
/// </summary>
/// <typeparam name="T">The type of structure to return.</typeparam>
/// <param name="info_class">The information class to query.</param>
/// <param name="port">The port which has processed the message.</param>
/// <param name="default_value">A default value for the query.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The result of the query.</returns>
/// <exception cref="NtException">Thrown on error.</exception>
public NtResult <T> Query <T>(NtAlpc port, AlpcMessageInformationClass info_class,
T default_value, bool throw_on_error) where T : new()
{
using (var buffer = new SafeStructureInOutBuffer <T>(default_value)) {
return(QueryInformation(port, info_class,
buffer, out int return_length).CreateResult(throw_on_error, () => buffer.Result));
}
}
internal SafeAlpcSecurityContextHandle(AlpcHandle handle, bool owns_handle, NtAlpc port,
AlpcSecurityAttrFlags flags, SecurityQualityOfService security_quality_of_service)
: base(IntPtr.Zero, owns_handle)
{
SetHandle(new IntPtr(handle.Value));
_port = port;
Flags = flags;
SecurityQualityOfService = security_quality_of_service;
}
internal T AddAttribute <T>(SafeAlpcMessageAttributesBuffer buffer,
NtAlpc port, AlpcMessage message) where T : AlpcMessageAttribute, new()
{
T attribute = new T();
attribute.FromSafeBuffer(buffer, port, message);
_attributes.Add(attribute.AttributeFlag, attribute);
ValidAttributes |= attribute.AttributeFlag;
return(attribute);
}
/// <summary>
/// Method to query information for a message.
/// </summary>
/// <param name="info_class">The information class.</param>
/// <param name="port">The port which has processed the message.</param>
/// <param name="buffer">The buffer to return data in.</param>
/// <param name="return_length">Return length from the query.</param>
/// <returns>The NT status code for the query.</returns>
public NtStatus QueryInformation(NtAlpc port, AlpcMessageInformationClass info_class,
SafeBuffer buffer, out int return_length)
{
if (_port == null)
{
throw new ArgumentNullException("Message must be associated with a port");
}
return(NtSystemCalls.NtAlpcQueryInformationMessage(port.Handle, Header,
info_class, buffer, buffer.GetLength(), out return_length));
}
internal void GetHandleAttribute(AlpcHandleMessageAttribute attribute, NtAlpc port, AlpcMessage message)
{
var attr = GetAttribute <AlpcHandleAttr>(AlpcMessageAttributeFlags.Handle).Result;
if ((attr.Flags & AlpcHandleAttrFlags.Indirect) == AlpcHandleAttrFlags.Indirect)
{
if (port == null || message == null)
{
throw new ArgumentException("Can't rebuild indirect handle attribute without port and message");
}
GetIndirectHandleAttribute(attribute, port, message);
}
else if (attr.Handle != IntPtr.Zero)
{
attribute.SetHandles(new AlpcHandleMessageAttributeEntry[] { new AlpcHandleMessageAttributeEntry(attr) });
}
else
{
attribute.SetHandles(new AlpcHandleMessageAttributeEntry[0]);
}
}
internal override void FromSafeBuffer(SafeAlpcMessageAttributesBuffer buffer, NtAlpc port, AlpcMessage message)
{
buffer.GetHandleAttribute(this, port, message);
}
internal override void FromSafeBuffer(SafeAlpcMessageAttributesBuffer buffer, NtAlpc port, AlpcMessage message)
{
buffer.GetSecurityAttribute(this);
}
internal abstract void FromSafeBuffer(SafeAlpcMessageAttributesBuffer buffer, NtAlpc port, AlpcMessage message);
internal SafeAlpcPortSectionHandle(AlpcHandle handle, bool owns_handle, NtAlpc port) : base(owns_handle)
{
SetHandle(new IntPtr(handle.Value));
Port = port;
}
internal AlpcPortSection(AlpcHandle handle, IntPtr size, IntPtr actual_section_size, NtAlpc port)
{
Handle = new SafeAlpcPortSectionHandle(handle, true, port);
Size = size.ToInt64();
ActualSectionSize = actual_section_size.ToInt64();
}
/// <summary>
/// Query a fixed structure from the object.
/// </summary>
/// <typeparam name="T">The type of structure to return.</typeparam>
/// <param name="port">The port which has processed the message.</param>
/// <param name="info_class">The information class to query.</param>
/// <returns>The result of the query.</returns>
/// <exception cref="NtException">Thrown on error.</exception>
public T Query <T>(NtAlpc port, AlpcMessageInformationClass info_class) where T : new()
{
return(Query(port, info_class, new T()));
}
/// <summary>
/// Query a fixed structure from the object.
/// </summary>
/// <typeparam name="T">The type of structure to return.</typeparam>
/// <param name="port">The port which has processed the message.</param>
/// <param name="info_class">The information class to query.</param>
/// <param name="default_value">A default value for the query.</param>
/// <returns>The result of the query.</returns>
/// <exception cref="NtException">Thrown on error.</exception>
public T Query <T>(NtAlpc port, AlpcMessageInformationClass info_class, T default_value) where T : new()
{
return(Query(port, info_class, default_value, true).Result);
}
/// <summary> /// Method to handle when FromSafeBuffer is called. /// </summary> /// <param name="buffer">The message buffer to initialize from..</param> /// <param name="port">The ALPC port associated with this message.</param> protected abstract void OnFromSafeBuffer(SafeAlpcPortMessageBuffer buffer, NtAlpc port);
internal override void FromSafeBuffer(SafeAlpcMessageAttributesBuffer buffer, NtAlpc port, AlpcMessage message)
{
throw new NotImplementedException();
}
internal override void FromSafeBuffer(SafeAlpcMessageAttributesBuffer buffer, NtAlpc port, AlpcMessage message)
{
buffer.GetWorkOnBehalfAttribute(this);
}
internal void GetIndirectHandleAttribute(AlpcHandleMessageAttribute attribute, NtAlpc port, AlpcMessage message)
{
// Indirect handle attributes need to be queried from the port.
var attr = GetAttribute <AlpcHandleAttrIndirect>(AlpcMessageAttributeFlags.Handle).Result;
attribute.SetHandles(Enumerable.Range(0, attr.HandleCount).Select(i => port.GetHandleInformation(message, i)));
}