DynamoRIO
aslr_module_get_times and ReOpenFile support
- Is your feature request related to a problem? Please describe.
The aslr_module_get_times function has multiple issues with file handles per these comments:
https://github.com/DynamoRIO/dynamorio/blob/b0237d21570b92a7d11a2b7a3edf4d25c5c0e1c8/core/win32/aslr.c#L4475-L4478
https://github.com/DynamoRIO/dynamorio/blob/b0237d21570b92a7d11a2b7a3edf4d25c5c0e1c8/core/win32/aslr.c#L4516-L4519
- Describe the solution you'd like
Add support for the ReOpenFile function since it fixes both issues including cases where handles are duplicated using DuplicateHandle. The function is available on Vista and above.
I assume you mean calling whatever ntdll.dll routines are used by kernel32 in its ReOpenFile code as we don't want core DR depending on kernel32.dll.
calling whatever ntdll.dll routines are used by kernel32 in its ReOpenFile
@derekbruening
ReOpenFile passes the original file handle as the OBJECT_ATTRIBUTES RootDirectory and calls the standard NtCreateFile function.
Here's a reimplementation using native routines:
NTSTATUS DynamoReOpenFile(
_Out_ PHANDLE FileHandle,
_In_ HANDLE OriginalFileHandle,
_In_ ACCESS_MASK DesiredAccess,
_In_ ULONG ShareAccess,
_In_ ULONG OpenOptions
)
{
NTSTATUS status;
HANDLE fileHandle;
UNICODE_STRING fileName;
OBJECT_ATTRIBUTES objectAttributes;
IO_STATUS_BLOCK ioStatusBlock;
RtlInitEmptyUnicodeString(&fileName, NULL, 0);
InitializeObjectAttributes(
&objectAttributes,
&fileName,
OBJ_CASE_INSENSITIVE,
OriginalFileHandle,
NULL
);
status = NtCreateFile(
&fileHandle,
DesiredAccess,
&objectAttributes,
&ioStatusBlock,
NULL,
0,
ShareAccess,
FILE_OPEN,
OpenOptions,
NULL,
0
);
if (NT_SUCCESS(status))
{
*FileHandle = fileHandle;
}
return status;
}
FileName must also be a valid pointer to an empty UNICODE_STRING.