Mirrors_Framework/ghidra
1
0
Fork 0
mirror of https://github.com/NationalSecurityAgency/ghidra.git synced 2026-05-28 08:05:41 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

GP-4612: Implement Windows Job control

Browse Source
This commit is contained in:
Dan
2024-05-21 14:27:13 +00:00
parent 587307eefe
commit b66983787b
3 changed files with 52 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Ghidra/Framework/Pty/src/main/java/ghidra/pty/local/LocalWindowsNativeProcessPtySession.java
+6 -12
View File
@@ -25,6 +25,7 @@ import com.sun.jna.ptr.IntByReference;
import ghidra.pty.PtySession; import ghidra.pty.PtySession;
import ghidra.pty.windows.Handle; import ghidra.pty.windows.Handle;
import ghidra.pty.windows.jna.JobApiNative;
import ghidra.util.Msg; import ghidra.util.Msg;
public class LocalWindowsNativeProcessPtySession implements PtySession { public class LocalWindowsNativeProcessPtySession implements PtySession {
@@ -33,14 +34,16 @@ public class LocalWindowsNativeProcessPtySession implements PtySession {
private final Handle processHandle; private final Handle processHandle;
//private final Handle threadHandle; //private final Handle threadHandle;
private final String ptyName; private final String ptyName;
private final Handle jobHandle;
public LocalWindowsNativeProcessPtySession(int pid, int tid, Handle processHandle, public LocalWindowsNativeProcessPtySession(int pid, int tid, Handle processHandle,
Handle threadHandle, String ptyName) { Handle threadHandle, String ptyName, Handle jobHandle) {
this.pid = pid; this.pid = pid;
//this.tid = tid; //this.tid = tid;
this.processHandle = processHandle; this.processHandle = processHandle;
//this.threadHandle = threadHandle; //this.threadHandle = threadHandle;
this.ptyName = ptyName; this.ptyName = ptyName;
this.jobHandle = jobHandle;
Msg.info(this, "local Windows Pty session. PID = " + pid); Msg.info(this, "local Windows Pty session. PID = " + pid);
} }
@@ -84,17 +87,8 @@ public class LocalWindowsNativeProcessPtySession implements PtySession {
@Override @Override
public void destroyForcibly() { public void destroyForcibly() {
if (!Kernel32.INSTANCE.TerminateProcess(processHandle.getNative(), 1)) { if (!JobApiNative.INSTANCE.TerminateJobObject(jobHandle.getNative(), 1).booleanValue()) {
int error = Kernel32.INSTANCE.GetLastError(); throw new LastErrorException(Kernel32.INSTANCE.GetLastError());
switch (error) {
case Kernel32.ERROR_ACCESS_DENIED:
/**
* This indicates the process has already terminated. It's unclear to me whether
* or not that is the only possible cause of this error.
*/
return;
}
throw new LastErrorException(error);
} }
} }
Ghidra/Framework/Pty/src/main/java/ghidra/pty/windows/ConPtyChild.java
+12 -2
View File
@@ -31,6 +31,7 @@ import ghidra.pty.PtyChild;
import ghidra.pty.local.LocalWindowsNativeProcessPtySession; import ghidra.pty.local.LocalWindowsNativeProcessPtySession;
import ghidra.pty.windows.jna.ConsoleApiNative; import ghidra.pty.windows.jna.ConsoleApiNative;
import ghidra.pty.windows.jna.ConsoleApiNative.STARTUPINFOEX; import ghidra.pty.windows.jna.ConsoleApiNative.STARTUPINFOEX;
import ghidra.pty.windows.jna.JobApiNative;
public class ConPtyChild extends ConPtyEndpoint implements PtyChild { public class ConPtyChild extends ConPtyEndpoint implements PtyChild {
@@ -83,6 +84,11 @@ public class ConPtyChild extends ConPtyEndpoint implements PtyChild {
* TODO: How to control local echo? * TODO: How to control local echo?
*/ */
HANDLE hJob = JobApiNative.INSTANCE.CreateJobObjectW(null, null);
if (hJob == null) {
throw new LastErrorException(Kernel32.INSTANCE.GetLastError());
}
STARTUPINFOEX si = prepareStartupInfo(); STARTUPINFOEX si = prepareStartupInfo();
PROCESS_INFORMATION pi = new PROCESS_INFORMATION(); PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
@@ -102,9 +108,13 @@ public class ConPtyChild extends ConPtyEndpoint implements PtyChild {
throw new LastErrorException(Kernel32.INSTANCE.GetLastError()); throw new LastErrorException(Kernel32.INSTANCE.GetLastError());
} }
if (!JobApiNative.INSTANCE.AssignProcessToJobObject(hJob, pi.hProcess).booleanValue()) {
throw new LastErrorException(Kernel32.INSTANCE.GetLastError());
}
return new LocalWindowsNativeProcessPtySession(pi.dwProcessId.intValue(), return new LocalWindowsNativeProcessPtySession(pi.dwProcessId.intValue(),
pi.dwThreadId.intValue(), pi.dwThreadId.intValue(), new Handle(pi.hProcess), new Handle(pi.hThread), "ConPTY",
new Handle(pi.hProcess), new Handle(pi.hThread), "ConPTY"); new Handle(hJob));
} }
@Override @Override
Ghidra/Framework/Pty/src/main/java/ghidra/pty/windows/jna/JobApiNative.java
+34
View File
@@ -0,0 +1,34 @@
/* ###
* IP: GHIDRA
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package ghidra.pty.windows.jna;
import com.sun.jna.Native;
import com.sun.jna.WString;
import com.sun.jna.platform.win32.WinDef.BOOL;
import com.sun.jna.platform.win32.WinNT.HANDLE;
import com.sun.jna.win32.StdCallLibrary;
import ghidra.pty.windows.jna.ConsoleApiNative.SECURITY_ATTRIBUTES;
public interface JobApiNative extends StdCallLibrary {
JobApiNative INSTANCE = Native.load("kernel32.dll", JobApiNative.class);
HANDLE CreateJobObjectW(SECURITY_ATTRIBUTES.ByReference lpJobAttributes, WString lpName);
BOOL AssignProcessToJobObject(HANDLE hJob, HANDLE hProcess);
BOOL TerminateJobObject(HANDLE hJob, int uExitCode);
}