1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
/*++
Copyright (c) 1989 Microsoft Corporation
Module Name:
nullloop.c
Abstract:
Session Manager Listen and API loops
Author:
Mark Lucovsky (markl) 04-Oct-1989
Revision History:
--*/
#include "nullsrvp.h"
PNULLAPI NullSrvApiDispatch[NullMaxApiNumber] = {
NullSrvNull1,
NullSrvNull4,
NullSrvNull8,
NullSrvNull16
};
#if DBG
PSZ NullSrvApiName[ NullMaxApiNumber+1 ] = {
"NullSrvNull1",
"NullSrvNull4",
"NullSrvNull8",
"NullSrvNull16",
"Unknown Sm Api Number"
};
#endif // DBG
NTSTATUS
NullSrvApiLoop (
IN PVOID ThreadParameter
)
{
PNULLAPIMSG ApiReplyMsg;
NULLAPIMSG ApiMsg;
NTSTATUS Status;
HANDLE ConnectionPort,CommunicationPort;
ConnectionPort = (HANDLE) ThreadParameter;
ApiReplyMsg = NULL;
for(;;) {
Status = NtReplyWaitReceivePort(
ConnectionPort,
NULL,
(PPORT_MESSAGE) ApiReplyMsg,
(PPORT_MESSAGE) &ApiMsg
);
if ( !NT_SUCCESS(Status) ) {
ApiReplyMsg = NULL;
continue;
}
else if ( ApiMsg.h.u2.s2.Type == LPC_CONNECTION_REQUEST ) {
Status = NtAcceptConnectPort(
&CommunicationPort,
NULL,
&ApiMsg,
TRUE,
NULL,
NULL
);
if (!NT_SUCCESS(Status)) {
printf("NtAccept Failed %x\n",Status);
ExitProcess(1);
}
Status = NtCompleteConnectPort(CommunicationPort);
if (!NT_SUCCESS(Status)) {
printf("NtAccept Failed %x\n",Status);
ExitProcess(1);
}
ApiReplyMsg = NULL;
}
else if ( ApiMsg.h.u2.s2.Type == LPC_PORT_CLOSED ) {
ApiReplyMsg = NULL;
}
else {
Status = (NullSrvApiDispatch[ApiMsg.ApiNumber])(&ApiMsg);
ApiMsg.ReturnedStatus = Status;
ApiReplyMsg = &ApiMsg;
}
}
//
// Make the compiler happy
//
return STATUS_UNSUCCESSFUL;
}
|