1 /* 2 * Test suite for imagehlp integrity functions 3 * 4 * Copyright 2009 Owen Rudge for CodeWeavers 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, write to the Free Software 18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA 19 */ 20 21 #define COBJMACROS 22 #include "wine/test.h" 23 #include "windef.h" 24 #include "winbase.h" 25 #include "winuser.h" 26 #include "winerror.h" 27 #include "winnt.h" 28 #include "imagehlp.h" 29 #include "psapi.h" 30 31 static HMODULE hImageHlp, hPsapi; 32 static char test_dll_path[MAX_PATH]; 33 34 static BOOL (WINAPI *pImageAddCertificate)(HANDLE, LPWIN_CERTIFICATE, PDWORD); 35 static BOOL (WINAPI *pImageEnumerateCertificates)(HANDLE, WORD, PDWORD, PDWORD, DWORD); 36 static BOOL (WINAPI *pImageGetCertificateData)(HANDLE, DWORD, LPWIN_CERTIFICATE, PDWORD); 37 static BOOL (WINAPI *pImageGetCertificateHeader)(HANDLE, DWORD, LPWIN_CERTIFICATE); 38 static BOOL (WINAPI *pImageRemoveCertificate)(HANDLE, DWORD); 39 static PIMAGE_NT_HEADERS (WINAPI *pCheckSumMappedFile)(PVOID, DWORD, PDWORD, PDWORD); 40 41 static BOOL (WINAPI *pGetModuleInformation)(HANDLE, HMODULE, LPMODULEINFO, DWORD cb); 42 43 static const char test_cert_data[] = 44 {0x30,0x82,0x02,0xE1,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02 45 ,0xA0,0x82,0x02,0xD2,0x30,0x82,0x02,0xCE,0x02,0x01,0x01,0x31,0x00,0x30,0x0B 46 ,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,0xA0,0x82,0x02,0xB4 47 ,0x30,0x82,0x02,0xB0,0x30,0x82,0x02,0x19,0xA0,0x03,0x02,0x01,0x02,0x02,0x09 48 ,0x00,0xE2,0x59,0x17,0xA5,0x87,0x0F,0x88,0x89,0x30,0x0D,0x06,0x09,0x2A,0x86 49 ,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,0x05,0x00,0x30,0x45,0x31,0x0B,0x30,0x09 50 ,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x41,0x55,0x31,0x13,0x30,0x11,0x06,0x03 51 ,0x55,0x04,0x08,0x13,0x0A,0x53,0x6F,0x6D,0x65,0x2D,0x53,0x74,0x61,0x74,0x65 52 ,0x31,0x21,0x30,0x1F,0x06,0x03,0x55,0x04,0x0A,0x13,0x18,0x49,0x6E,0x74,0x65 53 ,0x72,0x6E,0x65,0x74,0x20,0x57,0x69,0x64,0x67,0x69,0x74,0x73,0x20,0x50,0x74 54 ,0x79,0x20,0x4C,0x74,0x64,0x30,0x1E,0x17,0x0D,0x30,0x39,0x31,0x31,0x32,0x30 55 ,0x31,0x37,0x33,0x38,0x31,0x32,0x5A,0x17,0x0D,0x31,0x30,0x31,0x31,0x32,0x30 56 ,0x31,0x37,0x33,0x38,0x31,0x32,0x5A,0x30,0x45,0x31,0x0B,0x30,0x09,0x06,0x03 57 ,0x55,0x04,0x06,0x13,0x02,0x41,0x55,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04 58 ,0x08,0x13,0x0A,0x53,0x6F,0x6D,0x65,0x2D,0x53,0x74,0x61,0x74,0x65,0x31,0x21 59 ,0x30,0x1F,0x06,0x03,0x55,0x04,0x0A,0x13,0x18,0x49,0x6E,0x74,0x65,0x72,0x6E 60 ,0x65,0x74,0x20,0x57,0x69,0x64,0x67,0x69,0x74,0x73,0x20,0x50,0x74,0x79,0x20 61 ,0x4C,0x74,0x64,0x30,0x81,0x9F,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7 62 ,0x0D,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8D,0x00,0x30,0x81,0x89,0x02,0x81 63 ,0x81,0x00,0x9B,0xC1,0x5E,0x28,0x70,0x32,0x81,0xEF,0x41,0x5C,0xCA,0x29,0x4A 64 ,0xB0,0x12,0xF7,0xAE,0x1E,0x30,0x93,0x14,0x3E,0x54,0x7C,0xC3,0x60,0x8C,0xB2 65 ,0x2F,0xC4,0x1F,0x20,0xEE,0x76,0xAC,0x83,0xD9,0xD4,0xC0,0x3C,0x78,0x6B,0xAA 66 ,0xA2,0x35,0x08,0x72,0x4A,0x5F,0xAE,0xD6,0x7D,0x5A,0xD8,0x27,0xEC,0xE0,0x24 67 ,0xBE,0xBE,0x62,0x86,0xF9,0x83,0x66,0x20,0xBC,0xF6,0x4B,0xC8,0x2D,0x1B,0x4C 68 ,0x5C,0xFA,0x0C,0x42,0x9F,0x57,0x49,0xDC,0xB9,0xC7,0x88,0x53,0xFA,0x26,0x21 69 ,0xC3,0xAB,0x4D,0x93,0x83,0x48,0x88,0xF1,0x14,0xB8,0x64,0x03,0x46,0x58,0x35 70 ,0xAC,0xD2,0xD2,0x9C,0xD4,0x6F,0xA4,0xE4,0x88,0x83,0x1C,0xD8,0x98,0xEE,0x2C 71 ,0xA3,0xEC,0x0C,0x4B,0xFB,0x1D,0x6E,0xBE,0xD9,0x77,0x02,0x03,0x01,0x00,0x01 72 ,0xA3,0x81,0xA7,0x30,0x81,0xA4,0x30,0x1D,0x06,0x03,0x55,0x1D,0x0E,0x04,0x16 73 ,0x04,0x14,0x3F,0xB3,0xC8,0x15,0x12,0xC7,0xD8,0xC0,0x13,0x3D,0xBE,0xF1,0x2F 74 ,0x5A,0xB3,0x51,0x59,0x79,0x89,0xF8,0x30,0x75,0x06,0x03,0x55,0x1D,0x23,0x04 75 ,0x6E,0x30,0x6C,0x80,0x14,0x3F,0xB3,0xC8,0x15,0x12,0xC7,0xD8,0xC0,0x13,0x3D 76 ,0xBE,0xF1,0x2F,0x5A,0xB3,0x51,0x59,0x79,0x89,0xF8,0xA1,0x49,0xA4,0x47,0x30 77 ,0x45,0x31,0x0B,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x41,0x55,0x31 78 ,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x08,0x13,0x0A,0x53,0x6F,0x6D,0x65,0x2D 79 ,0x53,0x74,0x61,0x74,0x65,0x31,0x21,0x30,0x1F,0x06,0x03,0x55,0x04,0x0A,0x13 80 ,0x18,0x49,0x6E,0x74,0x65,0x72,0x6E,0x65,0x74,0x20,0x57,0x69,0x64,0x67,0x69 81 ,0x74,0x73,0x20,0x50,0x74,0x79,0x20,0x4C,0x74,0x64,0x82,0x09,0x00,0xE2,0x59 82 ,0x17,0xA5,0x87,0x0F,0x88,0x89,0x30,0x0C,0x06,0x03,0x55,0x1D,0x13,0x04,0x05 83 ,0x30,0x03,0x01,0x01,0xFF,0x30,0x0D,0x06,0x09,0x2A,0x86,0x48,0x86,0xF7,0x0D 84 ,0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x52,0x09,0xA5,0x81,0x63,0xEF 85 ,0xF7,0x76,0x65,0x2B,0xA5,0x48,0xC1,0xC5,0xE0,0x73,0x60,0x9B,0x66,0x2E,0x21 86 ,0xCF,0xF2,0xBD,0xFF,0x81,0xC4,0x99,0x39,0xD0,0x5D,0x1B,0x12,0xFD,0xAE,0x30 87 ,0x5D,0x9C,0x1A,0xD4,0x76,0x8A,0x25,0x10,0x0A,0x7E,0x5D,0x78,0xB5,0x94,0xD8 88 ,0x97,0xBD,0x9A,0x5A,0xD6,0x23,0xCA,0x5C,0x46,0x8C,0xC7,0x30,0x45,0xB4,0x77 89 ,0x44,0x6F,0x16,0xDD,0xC6,0x58,0xFE,0x16,0x15,0xAD,0xB8,0x58,0x49,0x9A,0xFE 90 ,0x6B,0x87,0x78,0xEE,0x13,0xFF,0x29,0x26,0x8E,0x13,0x83,0x0D,0x18,0xCA,0x9F 91 ,0xA9,0x3E,0x6E,0x3C,0xA6,0x50,0x4A,0x04,0x71,0x9F,0x2E,0xCF,0x25,0xA6,0x03 92 ,0x46,0xCA,0xEB,0xEA,0x67,0x89,0x49,0x7C,0x43,0xA2,0x52,0xD9,0x41,0xCC,0x65 93 ,0xED,0x2D,0xA1,0x00,0x31,0x00}; 94 95 static const char test_cert_data_2[] = {0xDE,0xAD,0xBE,0xEF,0x01,0x02,0x03}; 96 97 static char test_pe_executable[] = 98 { 99 0x4d,0x5a,0x90,0x00,0x03,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0xff,0xff,0x00, 100 0x00,0xb8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x00,0x00, 101 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 102 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 103 0x80,0x00,0x00,0x00,0x0e,0x1f,0xba,0x0e,0x00,0xb4,0x09,0xcd,0x21,0xb8,0x01, 104 0x4c,0xcd,0x21,0x54,0x68,0x69,0x73,0x20,0x70,0x72,0x6f,0x67,0x72,0x61,0x6d, 105 0x20,0x63,0x61,0x6e,0x6e,0x6f,0x74,0x20,0x62,0x65,0x20,0x72,0x75,0x6e,0x20, 106 0x69,0x6e,0x20,0x44,0x4f,0x53,0x20,0x6d,0x6f,0x64,0x65,0x2e,0x0d,0x0d,0x0a, 107 0x24,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x50,0x45,0x00,0x00,0x4c,0x01,0x0f, 108 0x00,0xfd,0x38,0xc9,0x55,0x00,0x24,0x01,0x00,0xea,0x04,0x00,0x00,0xe0,0x00, 109 0x07,0x01,0x0b,0x01,0x02,0x18,0x00,0x1a,0x00,0x00,0x00,0x2c,0x00,0x00,0x00, 110 0x06,0x00,0x00,0xe0,0x14,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x30,0x00,0x00, 111 0x00,0x00,0x40,0x00,0x00,0x10,0x00,0x00,0x00,0x02,0x00,0x00,0x04,0x00,0x00, 112 0x00,0x01,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xc0, 113 0x01,0x00,0x00,0x04,0x00,0x00,/* checksum */ 0x11,0xEF,0xCD,0xAB,0x03,0x00, 114 0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x10,0x00,0x00, 115 0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00 116 }; 117 118 static BOOL copy_dll_file(void) 119 { 120 char sys_dir[MAX_PATH+15]; 121 char temp_path[MAX_PATH]; 122 123 if (GetSystemDirectoryA(sys_dir, MAX_PATH) == 0) 124 { 125 skip("Failed to get system directory. Skipping certificate/PE image tests.\n"); 126 return FALSE; 127 } 128 129 if (sys_dir[lstrlenA(sys_dir) - 1] != '\\') 130 lstrcatA(sys_dir, "\\"); 131 132 lstrcatA(sys_dir, "imagehlp.dll"); 133 134 /* Copy DLL to a temp file */ 135 GetTempPathA(MAX_PATH, temp_path); 136 GetTempFileNameA(temp_path, "img", 0, test_dll_path); 137 138 if (CopyFileA(sys_dir, test_dll_path, FALSE) == 0) 139 { 140 skip("Unable to create copy of imagehlp.dll for tests.\n"); 141 return FALSE; 142 } 143 144 return TRUE; 145 } 146 147 static DWORD get_file_size(void) 148 { 149 HANDLE file; 150 DWORD filesize = 0; 151 152 file = CreateFileA(test_dll_path, GENERIC_READ, FILE_SHARE_READ, NULL, 153 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); 154 if (file == INVALID_HANDLE_VALUE) 155 return 0; 156 157 filesize = GetFileSize(file, NULL); 158 CloseHandle(file); 159 160 return filesize; 161 } 162 163 static DWORD test_add_certificate(const char *cert_data, int len) 164 { 165 HANDLE hFile; 166 LPWIN_CERTIFICATE cert; 167 DWORD cert_len; 168 DWORD index; 169 BOOL ret; 170 171 hFile = CreateFileA(test_dll_path, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); 172 173 if (hFile == INVALID_HANDLE_VALUE) 174 { 175 skip("Unable to open %s, skipping test\n", test_dll_path); 176 return ~0; 177 } 178 179 cert_len = sizeof(WIN_CERTIFICATE) + len; 180 cert = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, cert_len); 181 182 if (!cert) 183 { 184 skip("Unable to allocate memory, skipping test\n"); 185 CloseHandle(hFile); 186 return ~0; 187 } 188 189 cert->dwLength = cert_len; 190 cert->wRevision = WIN_CERT_REVISION_1_0; 191 cert->wCertificateType = WIN_CERT_TYPE_PKCS_SIGNED_DATA; 192 CopyMemory(cert->bCertificate, cert_data, len); 193 194 ret = pImageAddCertificate(hFile, cert, &index); 195 ok(ret, "Unable to add certificate to image, error %x\n", GetLastError()); 196 trace("added cert index %d\n", index); 197 198 HeapFree(GetProcessHeap(), 0, cert); 199 CloseHandle(hFile); 200 return index; 201 } 202 203 static void test_get_certificate(const char *cert_data, int index) 204 { 205 HANDLE hFile; 206 LPWIN_CERTIFICATE cert; 207 DWORD cert_len = 0; 208 DWORD err; 209 BOOL ret; 210 211 hFile = CreateFileA(test_dll_path, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); 212 213 if (hFile == INVALID_HANDLE_VALUE) 214 { 215 skip("Unable to open %s, skipping test\n", test_dll_path); 216 return; 217 } 218 219 ret = pImageGetCertificateData(hFile, index, NULL, &cert_len); 220 err = GetLastError(); 221 222 ok ((ret == FALSE) && (err == ERROR_INSUFFICIENT_BUFFER), "ImageGetCertificateData gave unexpected result; ret=%d / err=%x\n", ret, err); 223 224 cert = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, cert_len); 225 226 if (!cert) 227 { 228 skip("Unable to allocate memory, skipping test\n"); 229 CloseHandle(hFile); 230 return; 231 } 232 233 ret = pImageGetCertificateData(hFile, index, cert, &cert_len); 234 ok(ret, "Unable to retrieve certificate; err=%x\n", GetLastError()); 235 ok(memcmp(cert->bCertificate, cert_data, cert_len - sizeof(WIN_CERTIFICATE)) == 0, "Certificate retrieved did not match original\n"); 236 237 HeapFree(GetProcessHeap(), 0, cert); 238 CloseHandle(hFile); 239 } 240 241 static void test_remove_certificate(int index) 242 { 243 DWORD orig_count = 0, count = 0; 244 HANDLE hFile; 245 BOOL ret; 246 247 hFile = CreateFileA(test_dll_path, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); 248 249 if (hFile == INVALID_HANDLE_VALUE) 250 { 251 skip("Unable to open %s, skipping test\n", test_dll_path); 252 return; 253 } 254 255 ret = pImageEnumerateCertificates(hFile, CERT_SECTION_TYPE_ANY, &orig_count, NULL, 0); 256 ok (ret, "Unable to enumerate certificates in file; err=%x\n", GetLastError()); 257 ret = pImageRemoveCertificate(hFile, index); 258 ok (ret, "Unable to remove certificate from file; err=%x\n", GetLastError()); 259 260 /* Test to see if the certificate has actually been removed */ 261 pImageEnumerateCertificates(hFile, CERT_SECTION_TYPE_ANY, &count, NULL, 0); 262 ok (count == orig_count - 1, "Certificate count mismatch; orig=%d new=%d\n", orig_count, count); 263 264 CloseHandle(hFile); 265 } 266 267 static DWORD _get_checksum_offset(PVOID base, PIMAGE_NT_HEADERS *nt_header, DWORD *checksum) 268 { 269 IMAGE_DOS_HEADER *dos = (IMAGE_DOS_HEADER *)base; 270 PIMAGE_NT_HEADERS32 Header32; 271 PIMAGE_NT_HEADERS64 Header64; 272 273 if (dos->e_magic != IMAGE_DOS_SIGNATURE) 274 return 0; 275 276 Header32 = (IMAGE_NT_HEADERS32 *)((char *)dos + dos->e_lfanew); 277 if (Header32->Signature != IMAGE_NT_SIGNATURE) 278 return 0; 279 280 *nt_header = (PIMAGE_NT_HEADERS)Header32; 281 282 if (Header32->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC) 283 { 284 *checksum = Header32->OptionalHeader.CheckSum; 285 return (char *)&Header32->OptionalHeader.CheckSum - (char *)base; 286 } 287 else if (Header32->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC) 288 { 289 Header64 = (IMAGE_NT_HEADERS64 *)Header32; 290 *checksum = Header64->OptionalHeader.CheckSum; 291 return (char *)&Header64->OptionalHeader.CheckSum - (char *)base; 292 } 293 294 return 0; 295 } 296 297 static void test_pe_checksum(void) 298 { 299 DWORD checksum_orig, checksum_new, checksum_off, checksum_correct; 300 PIMAGE_NT_HEADERS nt_header; 301 PIMAGE_NT_HEADERS ret; 302 HMODULE quartz_data; 303 char* quartz_base; 304 MODULEINFO modinfo; 305 char buffer[20]; 306 BOOL ret_bool; 307 308 if (!pCheckSumMappedFile) 309 { 310 win_skip("CheckSumMappedFile not supported, skipping tests\n"); 311 return; 312 } 313 314 SetLastError(0xdeadbeef); 315 checksum_orig = checksum_new = 0xdeadbeef; 316 ret = pCheckSumMappedFile(NULL, 0, &checksum_orig, &checksum_new); 317 ok(!ret, "Expected CheckSumMappedFile to fail, got %p\n", ret); 318 ok(GetLastError() == 0xdeadbeef, "Expected err=0xdeadbeef, got %x\n", GetLastError()); 319 ok(checksum_orig == 0, "Expected 0, got %x\n", checksum_orig); 320 ok(checksum_new == 0, "Expected 0, got %x\n", checksum_new); 321 322 SetLastError(0xdeadbeef); 323 checksum_orig = checksum_new = 0xdeadbeef; 324 ret = pCheckSumMappedFile((void *)0xdeadbeef, 0, &checksum_orig, &checksum_new); 325 ok(!ret, "Expected CheckSumMappedFile to fail, got %p\n", ret); 326 ok(GetLastError() == 0xdeadbeef, "Expected err=0xdeadbeef, got %x\n", GetLastError()); 327 ok(checksum_orig == 0, "Expected 0, got %x\n", checksum_orig); 328 ok(checksum_new == 0, "Expected 0, got %x\n", checksum_new); 329 330 if (0) 331 { 332 /* crashes on Windows */ 333 checksum_orig = checksum_new = 0xdeadbeef; 334 pCheckSumMappedFile(0, 0x1000, &checksum_orig, &checksum_new); 335 pCheckSumMappedFile((void *)0xdeadbeef, 0x1000, NULL, NULL); 336 } 337 338 /* basic checksum tests */ 339 memset(buffer, 0x11, sizeof(buffer)); 340 checksum_orig = checksum_new = 0xdeadbeef; 341 ret = pCheckSumMappedFile(buffer, sizeof(buffer), &checksum_orig, &checksum_new); 342 ok(ret == NULL, "Expected NULL, got %p\n", ret); 343 ok(checksum_orig == 0, "Expected 0, got %x\n", checksum_orig); 344 ok(checksum_new == 0xaabe, "Expected 0xaabe, got %x\n", checksum_new); 345 346 memset(buffer, 0x22, sizeof(buffer)); 347 checksum_orig = checksum_new = 0xdeadbeef; 348 ret = pCheckSumMappedFile(buffer, sizeof(buffer), &checksum_orig, &checksum_new); 349 ok(ret == NULL, "Expected NULL, got %p\n", ret); 350 ok(checksum_orig == 0, "Expected 0, got %x\n", checksum_orig); 351 ok(checksum_new == 0x5569, "Expected 0x5569, got %x\n", checksum_new); 352 353 memset(buffer, 0x22, sizeof(buffer)); 354 checksum_orig = checksum_new = 0xdeadbeef; 355 ret = pCheckSumMappedFile(buffer, 10, &checksum_orig, &checksum_new); 356 ok(ret == NULL, "Expected NULL, got %p\n", ret); 357 ok(checksum_orig == 0, "Expected 0, got %x\n", checksum_orig); 358 ok(checksum_new == 0xaab4, "Expected 0xaab4, got %x\n", checksum_new); 359 360 memset(buffer, 0x22, sizeof(buffer)); 361 checksum_orig = checksum_new = 0xdeadbeef; 362 ret = pCheckSumMappedFile(buffer, 11, &checksum_orig, &checksum_new); 363 ok(ret == NULL, "Expected NULL, got %p\n", ret); 364 ok(checksum_orig == 0, "Expected 0, got %x\n", checksum_orig); 365 ok(checksum_new == 0xaad7, "Expected 0xaad7, got %x\n", checksum_new); 366 367 /* test checksum of PE module */ 368 memset(buffer, 0x22, sizeof(buffer)); 369 checksum_orig = checksum_new = 0xdeadbeef; 370 ret = pCheckSumMappedFile(test_pe_executable, sizeof(test_pe_executable), 371 &checksum_orig, &checksum_new); 372 ok((char *)ret == test_pe_executable + 0x80, "Expected %p, got %p\n", test_pe_executable + 0x80, ret); 373 ok(checksum_orig == 0xabcdef11, "Expected 0xabcdef11, got %x\n", checksum_orig); 374 ok(checksum_new == 0xaa4, "Expected 0xaa4, got %x\n", checksum_new); 375 376 if (!pGetModuleInformation) 377 { 378 win_skip("GetModuleInformation not supported, skipping tests\n"); 379 return; 380 } 381 382 ret_bool = pGetModuleInformation(GetCurrentProcess(), GetModuleHandleA(NULL), 383 &modinfo, sizeof(modinfo)); 384 ok(ret_bool, "GetModuleInformation failed, error: %x\n", GetLastError()); 385 386 if (0) 387 { 388 /* crashes on Windows */ 389 pCheckSumMappedFile(modinfo.lpBaseOfDll, modinfo.SizeOfImage, NULL, NULL); 390 } 391 392 SetLastError(0xdeadbeef); 393 checksum_orig = checksum_new = 0xdeadbeef; 394 ret = pCheckSumMappedFile(modinfo.lpBaseOfDll, modinfo.SizeOfImage, &checksum_orig, &checksum_new); 395 ok(ret != NULL, "Expected CheckSumMappedFile to succeed\n"); 396 ok(GetLastError() == 0xdeadbeef, "Expected err=0xdeadbeef, got %x\n", GetLastError()); 397 ok(checksum_orig != 0xdeadbeef, "Expected orig checksum != 0xdeadbeef\n"); 398 ok(checksum_new != 0xdeadbeef, "Expected new checksum != 0xdeadbeef\n"); 399 400 SetLastError(0xdeadbeef); 401 checksum_orig = checksum_new = 0xdeadbeef; 402 ret = pCheckSumMappedFile((char *)modinfo.lpBaseOfDll + 100, modinfo.SizeOfImage - 100, 403 &checksum_orig, &checksum_new); 404 ok(!ret, "Expected CheckSumMappedFile to fail, got %p\n", ret); 405 ok(GetLastError() == 0xdeadbeef, "Expected err=0xdeadbeef, got %x\n", GetLastError()); 406 ok(checksum_orig == 0, "Expected 0xdeadbeef, got %x\n", checksum_orig); 407 ok(checksum_new != 0 && checksum_new != 0xdeadbeef, "Got unexpected value %x\n", checksum_new); 408 409 checksum_off = _get_checksum_offset(modinfo.lpBaseOfDll, &nt_header, &checksum_correct); 410 ok(checksum_off != 0, "Failed to get checksum offset\n"); 411 412 checksum_orig = checksum_new = 0xdeadbeef; 413 ret = pCheckSumMappedFile(modinfo.lpBaseOfDll, checksum_off, &checksum_orig, &checksum_new); 414 ok(ret == nt_header, "Expected %p, got %p\n", nt_header, ret); 415 ok(checksum_orig == checksum_correct, "Expected %x, got %x\n", checksum_correct, checksum_orig); 416 ok(checksum_new != 0 && checksum_new != 0xdeadbeef, "Got unexpected value %x\n", checksum_new); 417 418 checksum_orig = checksum_new = 0xdeadbeef; 419 ret = pCheckSumMappedFile(modinfo.lpBaseOfDll, (char *)nt_header - (char *)modinfo.lpBaseOfDll, 420 &checksum_orig, &checksum_new); 421 ok(ret == nt_header, "Expected %p, got %p\n", nt_header, ret); 422 ok(checksum_orig == checksum_correct, "Expected %x, got %x\n", checksum_correct, checksum_orig); 423 ok(checksum_new != 0 && checksum_new != 0xdeadbeef, "Got unexpected value %x\n", checksum_new); 424 425 checksum_orig = checksum_new = 0xdeadbeef; 426 ret = pCheckSumMappedFile(modinfo.lpBaseOfDll, sizeof(IMAGE_DOS_HEADER), 427 &checksum_orig, &checksum_new); 428 ok(ret == nt_header, "Expected %p, got %p\n", nt_header, ret); 429 ok(checksum_orig == checksum_correct, "Expected %x, got %x\n", checksum_correct, checksum_orig); 430 ok(checksum_new != 0 && checksum_new != 0xdeadbeef, "Got unexpected value %x\n", checksum_new); 431 432 checksum_orig = checksum_new = 0xdeadbeef; 433 ret = pCheckSumMappedFile(modinfo.lpBaseOfDll, 0, &checksum_orig, &checksum_new); 434 ok(ret == nt_header, "Expected %p, got %p\n", nt_header, ret); 435 ok(checksum_orig == checksum_correct, "Expected %x, got %x\n", checksum_correct, checksum_orig); 436 todo_wine ok(checksum_new != 0 && checksum_new != 0xdeadbeef, "Got unexpected value %x\n", checksum_new); 437 438 checksum_orig = checksum_new = 0xdeadbeef; 439 ret = pCheckSumMappedFile((char *)modinfo.lpBaseOfDll + 1, 0, 440 &checksum_orig, &checksum_new); 441 ok(ret == NULL, "Expected NULL, got %p\n", ret); 442 ok(checksum_orig == 0, "Expected 0, got %x\n", checksum_orig); 443 ok(checksum_new == 0, "Expected 0, got %x\n", checksum_new); 444 445 quartz_data = LoadLibraryExA("quartz.dll", NULL, LOAD_LIBRARY_AS_DATAFILE); 446 if (!quartz_data) 447 { 448 skip("Failed to load quartz as datafile, skipping tests\n"); 449 return; 450 } 451 452 quartz_base = (char *)((DWORD_PTR)quartz_data & ~1); 453 checksum_off = _get_checksum_offset(quartz_base, &nt_header, &checksum_correct); 454 ok(checksum_off != 0, "Failed to get checksum offset\n"); 455 456 checksum_orig = checksum_new = 0xdeadbeef; 457 ret = pCheckSumMappedFile(quartz_base, checksum_off, &checksum_orig, &checksum_new); 458 ok(ret == nt_header, "Expected %p, got %p\n", nt_header, ret); 459 ok(checksum_orig == checksum_correct, "Expected %x, got %x\n", checksum_correct, checksum_orig); 460 ok(checksum_new != 0 && checksum_new != 0xdeadbeef, "Got unexpected value %x\n", checksum_new); 461 462 checksum_orig = checksum_new = 0xdeadbeef; 463 ret = pCheckSumMappedFile(quartz_base, (char *)nt_header - quartz_base, 464 &checksum_orig, &checksum_new); 465 ok(ret == nt_header, "Expected %p, got %p\n", nt_header, ret); 466 ok(checksum_orig == checksum_correct, "Expected %x, got %x\n", checksum_correct, checksum_orig); 467 ok(checksum_new != 0 && checksum_new != 0xdeadbeef, "Got unexpected value %x\n", checksum_new); 468 469 checksum_orig = checksum_new = 0xdeadbeef; 470 ret = pCheckSumMappedFile(quartz_base, sizeof(IMAGE_DOS_HEADER), &checksum_orig, &checksum_new); 471 ok(ret == nt_header, "Expected %p, got %p\n", nt_header, ret); 472 ok(checksum_orig == checksum_correct, "Expected %x, got %x\n", checksum_correct, checksum_orig); 473 ok(checksum_new != 0 && checksum_new != 0xdeadbeef, "Got unexpected value %x\n", checksum_new); 474 475 checksum_orig = checksum_new = 0xdeadbeef; 476 ret = pCheckSumMappedFile(quartz_base, 0, &checksum_orig, &checksum_new); 477 ok(ret == nt_header, "Expected %p, got %p\n", nt_header, ret); 478 ok(checksum_orig == checksum_correct, "Expected %x, got %x\n", checksum_correct, checksum_orig); 479 todo_wine ok(checksum_new != 0 && checksum_new != 0xdeadbeef, "Got unexpected value %x\n", checksum_new); 480 481 FreeLibrary(quartz_data); 482 } 483 484 START_TEST(integrity) 485 { 486 DWORD file_size, file_size_orig, first, second; 487 488 hImageHlp = LoadLibraryA("imagehlp.dll"); 489 490 if (!hImageHlp) 491 { 492 win_skip("ImageHlp unavailable\n"); 493 return; 494 } 495 496 if (!copy_dll_file()) 497 { 498 FreeLibrary(hImageHlp); 499 return; 500 } 501 502 file_size_orig = get_file_size(); 503 /* 504 * Align file_size_orig to an 8-byte boundary. This avoids tests failures where 505 * the original dll is not correctly aligned (but when written to it will be). 506 */ 507 if (file_size_orig % 8 != 0) 508 { 509 skip("We need to align to an 8-byte boundary\n"); 510 file_size_orig = (file_size_orig + 7) & ~7; 511 } 512 513 pImageAddCertificate = (void *) GetProcAddress(hImageHlp, "ImageAddCertificate"); 514 pImageEnumerateCertificates = (void *) GetProcAddress(hImageHlp, "ImageEnumerateCertificates"); 515 pImageGetCertificateData = (void *) GetProcAddress(hImageHlp, "ImageGetCertificateData"); 516 pImageGetCertificateHeader = (void *) GetProcAddress(hImageHlp, "ImageGetCertificateHeader"); 517 pImageRemoveCertificate = (void *) GetProcAddress(hImageHlp, "ImageRemoveCertificate"); 518 pCheckSumMappedFile = (void *) GetProcAddress(hImageHlp, "CheckSumMappedFile"); 519 520 hPsapi = LoadLibraryA("psapi.dll"); 521 if (hPsapi) 522 pGetModuleInformation = (void *) GetProcAddress(hPsapi, "GetModuleInformation"); 523 524 first = test_add_certificate(test_cert_data, sizeof(test_cert_data)); 525 test_get_certificate(test_cert_data, first); 526 test_remove_certificate(first); 527 528 file_size = get_file_size(); 529 ok(file_size == file_size_orig, "File size different after add and remove (old: %d; new: %d)\n", file_size_orig, file_size); 530 531 /* Try adding multiple certificates */ 532 first = test_add_certificate(test_cert_data, sizeof(test_cert_data)); 533 second = test_add_certificate(test_cert_data_2, sizeof(test_cert_data_2)); 534 ok(second == first + 1, "got %d %d\n", first, second); 535 536 test_get_certificate(test_cert_data, first); 537 test_get_certificate(test_cert_data_2, second); 538 539 /* Remove the first one and verify the second certificate is intact */ 540 test_remove_certificate(first); 541 second--; 542 test_get_certificate(test_cert_data_2, second); 543 544 test_remove_certificate(second); 545 546 file_size = get_file_size(); 547 ok(file_size == file_size_orig, "File size different after add and remove (old: %d; new: %d)\n", file_size_orig, file_size); 548 549 test_pe_checksum(); 550 551 if (hPsapi) FreeLibrary(hPsapi); 552 FreeLibrary(hImageHlp); 553 DeleteFileA(test_dll_path); 554 } 555