From 6379370a50f777acc0d868ce8c5e6924f28d5152 Mon Sep 17 00:00:00 2001 From: RektInator <7003455+RektInator@users.noreply.github.com> Date: Mon, 14 Apr 2025 12:43:11 +0200 Subject: [PATCH] fix(syscalls): fix VirtualQuery return size, ignore unimplemented APC flags and log a warning. --- src/windows-emulator/syscalls.cpp | 38 +++++++++--------------- src/windows-emulator/syscalls/file.cpp | 27 +++++++++++++++++ src/windows-emulator/syscalls/memory.cpp | 2 +- src/windows-emulator/syscalls/thread.cpp | 2 +- 4 files changed, 43 insertions(+), 26 deletions(-) diff --git a/src/windows-emulator/syscalls.cpp b/src/windows-emulator/syscalls.cpp index 7d65af2b..431a50e4 100644 --- a/src/windows-emulator/syscalls.cpp +++ b/src/windows-emulator/syscalls.cpp @@ -96,6 +96,19 @@ namespace syscalls NTSTATUS handle_NtQuerySymbolicLinkObject(const syscall_context& c, handle link_handle, emulator_object>> link_target, emulator_object returned_length); + NTSTATUS handle_NtCreateNamedPipeFile(const syscall_context& c, emulator_object file_handle, + ULONG desired_access, + emulator_object>> object_attributes, + emulator_object>> io_status_block, + ULONG share_access, ULONG create_disposition, ULONG create_options, + ULONG named_pipe_type, ULONG read_mode, ULONG completion_mode, + ULONG maximum_instances, ULONG inbound_quota, ULONG outbound_quota, + emulator_object default_timeout); + NTSTATUS handle_NtFsControlFile(const syscall_context& c, handle event_handle, uint64_t apc_routine, + uint64_t app_context, + emulator_object>> io_status_block, + ULONG fs_control_code, uint64_t input_buffer, ULONG input_buffer_length, + uint64_t output_buffer, ULONG output_buffer_length); // syscalls/locale.cpp: NTSTATUS handle_NtInitializeNlsFiles(const syscall_context& c, emulator_object base_address, @@ -112,7 +125,7 @@ namespace syscalls // syscalls/memory.cpp: NTSTATUS handle_NtQueryVirtualMemory(const syscall_context& c, handle process_handle, uint64_t base_address, uint32_t info_class, uint64_t memory_information, - uint32_t memory_information_length, emulator_object return_length); + uint32_t memory_information_length, emulator_object return_length); NTSTATUS handle_NtProtectVirtualMemory(const syscall_context& c, handle process_handle, emulator_object base_address, emulator_object bytes_to_protect, uint32_t protection, @@ -630,29 +643,6 @@ namespace syscalls { return 0; } - - NTSTATUS handle_NtCreateNamedPipeFile( - const syscall_context& c, const emulator_object file_handle, const ULONG desired_access, - const emulator_object>> object_attributes, - const emulator_object>> io_status_block, const ULONG share_access, - const ULONG create_disposition, const ULONG create_options, const ULONG named_pipe_type, const ULONG read_mode, - const ULONG completion_mode, const ULONG maximum_instances, const ULONG inbound_quota, - const ULONG outbound_quota, const emulator_object default_timeout) - { - file_handle.write(handle{.value = {.id = 1337, .type = handle_types::file, .is_pseudo = 1}}); - - return STATUS_SUCCESS; - } - - NTSTATUS handle_NtFsControlFile(const syscall_context& c, const handle event_handle, const uint64_t apc_routine, - const uint64_t app_context, - const emulator_object>> io_status_block, - const ULONG fs_control_code, const uint64_t input_buffer, - const ULONG input_buffer_length, const uint64_t output_buffer, - const ULONG output_buffer_length) - { - return STATUS_SUCCESS; - } } void syscall_dispatcher::add_handlers(std::map& handler_mapping) diff --git a/src/windows-emulator/syscalls/file.cpp b/src/windows-emulator/syscalls/file.cpp index 0c4ad0d9..fbc968cd 100644 --- a/src/windows-emulator/syscalls/file.cpp +++ b/src/windows-emulator/syscalls/file.cpp @@ -820,4 +820,31 @@ namespace syscalls return STATUS_NOT_SUPPORTED; } + + NTSTATUS handle_NtCreateNamedPipeFile( + const syscall_context& c, const emulator_object file_handle, const ULONG desired_access, + const emulator_object>> object_attributes, + const emulator_object>> io_status_block, const ULONG share_access, + const ULONG create_disposition, const ULONG create_options, const ULONG named_pipe_type, const ULONG read_mode, + const ULONG completion_mode, const ULONG maximum_instances, const ULONG inbound_quota, + const ULONG outbound_quota, const emulator_object default_timeout) + { + c.win_emu.log.error("Unimplemented syscall NtCreateNamedPipeFile!"); + c.emu.stop(); + + return STATUS_NOT_SUPPORTED; + } + + NTSTATUS handle_NtFsControlFile(const syscall_context& c, const handle event_handle, const uint64_t apc_routine, + const uint64_t app_context, + const emulator_object>> io_status_block, + const ULONG fs_control_code, const uint64_t input_buffer, + const ULONG input_buffer_length, const uint64_t output_buffer, + const ULONG output_buffer_length) + { + c.win_emu.log.error("Unimplemented syscall NtFsControlFile!"); + c.emu.stop(); + + return STATUS_NOT_SUPPORTED; + } } \ No newline at end of file diff --git a/src/windows-emulator/syscalls/memory.cpp b/src/windows-emulator/syscalls/memory.cpp index ef714196..dca1749d 100644 --- a/src/windows-emulator/syscalls/memory.cpp +++ b/src/windows-emulator/syscalls/memory.cpp @@ -9,7 +9,7 @@ namespace syscalls NTSTATUS handle_NtQueryVirtualMemory(const syscall_context& c, const handle process_handle, const uint64_t base_address, const uint32_t info_class, const uint64_t memory_information, const uint32_t memory_information_length, - const emulator_object return_length) + const emulator_object return_length) { if (process_handle != CURRENT_PROCESS) { diff --git a/src/windows-emulator/syscalls/thread.cpp b/src/windows-emulator/syscalls/thread.cpp index 70e442c5..3cc470a7 100644 --- a/src/windows-emulator/syscalls/thread.cpp +++ b/src/windows-emulator/syscalls/thread.cpp @@ -577,7 +577,7 @@ namespace syscalls if (apc_flags) { - c.win_emu.log.error("Unsupported APC flags: %X\n", apc_flags); + c.win_emu.log.warn("Unsupported APC flags: %X\n", apc_flags); // c.emu.stop(); // return STATUS_NOT_SUPPORTED; }