├── DataStack
    ├── pch.h
    ├── pch.cpp
    ├── DataStack.def
    ├── DataStackAPI.h
    ├── dllmain.cpp
    ├── DataStack.vcxproj.filters
    ├── NativeDataStackAPI.cpp
    ├── DataStackAPI.cpp
    └── DataStack.vcxproj
├── README.md
├── KObjects
    ├── DataStack.h
    ├── DataStackConv.h
    ├── KObjects.cpp
    ├── KObjects.vcxproj.filters
    ├── DataStackNativeAPI.h
    ├── DataStackDevice.cpp
    ├── DataStackImpl.cpp
    ├── KObjects.vcxproj
    └── DataStack.cpp
├── DSTest
    ├── DSTest.vcxproj.filters
    ├── DSTest.cpp
    └── DSTest.vcxproj
├── LICENSE.txt
├── .gitattributes
├── KObjects.sln
└── .gitignore


/DataStack/pch.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | 
3 | #include <windows.h>
4 | #include <winternl.h>
5 | #include <stdlib.h>
6 | 


--------------------------------------------------------------------------------
/DataStack/pch.cpp:
--------------------------------------------------------------------------------
1 | // pch.cpp: source file corresponding to the pre-compiled header
2 | 
3 | #include "pch.h"
4 | 
5 | // When you are using pre-compiled headers, this source file is necessary for compilation to succeed.
6 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Implementing a New kernel Object Type
2 | 
3 | See posts:
4 | 
5 | Part 1: https://scorpiosoftware.net/2024/08/25/creating-kernel-object-type-part-1/)
6 | 
7 | Part 2: https://scorpiosoftware.net/2024/08/31/implementing-kernel-object-type-part-2/)
8 | 
9 | 


--------------------------------------------------------------------------------
/DataStack/DataStack.def:
--------------------------------------------------------------------------------
 1 | LIBRARY
 2 | EXPORTS
 3 | 	CreateDataStack
 4 | 	OpenDataStack
 5 | 	PushDataStack
 6 | 	PopDataStack
 7 | 	ClearDataStack
 8 | 	GetDataStackItemCount
 9 | 	GetDataStackSize
10 | 	GetDataStackConfig
11 | 
12 | 	NtCreateDataStack
13 | 	NtOpenDataStack
14 | 	NtPushDataStack
15 | 	NtPopDataStack
16 | 	NtClearDataStack
17 | 	NtQueryInformationDataStack
18 | 


--------------------------------------------------------------------------------
/KObjects/DataStack.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | 
 3 | const ULONG DataStackTag = 'ktsD';
 4 | 
 5 | struct DataStack {
 6 | 	KEVENT Event;
 7 | 	LIST_ENTRY Head;
 8 | 	FAST_MUTEX Lock;
 9 | 	ULONG Count;
10 | 	ULONG MaxItemCount;
11 | 	ULONG_PTR Size;
12 | 	ULONG MaxItemSize;
13 | 	ULONG_PTR MaxSize;
14 | };
15 | 
16 | struct DataBlock {
17 | 	LIST_ENTRY Link;
18 | 	ULONG Size;
19 | 	UCHAR Data[1];
20 | };
21 | 
22 | NTSTATUS DsCreateDataStackObjectType();
23 | void OnDataStackDelete(_In_ PVOID Object);
24 | 
25 | NTSTATUS DsPushDataStack(DataStack* ds, PVOID Item, ULONG ItemSize);
26 | NTSTATUS DsPopDataStack(DataStack* ds, PVOID Item, ULONG inputSize, ULONG* ItemSize);
27 | NTSTATUS DsClearDataStack(DataStack* ds);
28 | 
29 | 


--------------------------------------------------------------------------------
/KObjects/DataStackConv.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | 
 3 | #include "DataStackNativeAPI.h"
 4 | 
 5 | struct DataStackCreate {
 6 | 	POBJECT_ATTRIBUTES ObjectAttributes;
 7 | 	ULONG MaxItemSize;
 8 | 	ULONG MaxItemCount;
 9 | 	ULONG_PTR MaxSize;
10 | };
11 | 
12 | struct DataStackOpen {
13 | 	ACCESS_MASK DesiredAccess;
14 | 	POBJECT_ATTRIBUTES ObjectAttributes;
15 | };
16 | 
17 | struct DataStackClear {
18 | 	HANDLE DataStackHandle;
19 | };
20 | 
21 | struct DataStackPush {
22 | 	HANDLE DataStackHandle;
23 | 	PVOID Buffer;
24 | 	ULONG Size;
25 | };
26 | 
27 | struct DataStackPop {
28 | 	HANDLE DataStackHandle;
29 | 	PVOID Buffer;
30 | 	PULONG Size;
31 | };
32 | 
33 | struct DataStackQuery {
34 | 	HANDLE DataStackHandle;
35 | 	DataStackInformationClass InfoClass;
36 | 	PVOID Buffer;
37 | 	ULONG BufferSize;
38 | 	PULONG ReturnLength;
39 | };
40 | 


--------------------------------------------------------------------------------
/DSTest/DSTest.vcxproj.filters:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <ItemGroup>
 4 |     <Filter Include="Source Files">
 5 |       <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
 6 |       <Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
 7 |     </Filter>
 8 |     <Filter Include="Header Files">
 9 |       <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
10 |       <Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
11 |     </Filter>
12 |     <Filter Include="Resource Files">
13 |       <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
14 |       <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
15 |     </Filter>
16 |   </ItemGroup>
17 |   <ItemGroup>
18 |     <ClCompile Include="DSTest.cpp">
19 |       <Filter>Source Files</Filter>
20 |     </ClCompile>
21 |   </ItemGroup>
22 | </Project>


--------------------------------------------------------------------------------
/DataStack/DataStackAPI.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | 
 3 | typedef struct _DATA_STACK_CONFIG {
 4 | 	ULONG MaxItemSize;
 5 | 	ULONG MaxItemCount;
 6 | 	ULONG_PTR MaxSize;
 7 | } DATA_STACK_CONFIG;
 8 | 
 9 | extern "C" {
10 | 	HANDLE WINAPI CreateDataStack(
11 | 		_In_opt_ SECURITY_ATTRIBUTES* sa,
12 | 		_In_ ULONG maxItemSize,
13 | 		_In_ ULONG maxItemCount,
14 | 		_In_ ULONG_PTR maxSize,
15 | 		_In_opt_ PCWSTR name);
16 | 
17 | 	HANDLE WINAPI OpenDataStack(
18 | 		_In_ ACCESS_MASK desiredAccess,
19 | 		_In_ BOOL inheritHandle,
20 | 		_In_ PCWSTR name);
21 | 
22 | 	BOOL WINAPI PushDataStack(_In_ HANDLE hDataStack, _In_ const PVOID buffer, _In_ DWORD size);
23 | 	BOOL WINAPI PopDataStack(_In_ HANDLE hDataStack, _Out_ PVOID buffer, _Inout_ DWORD* size);
24 | 	BOOL WINAPI ClearDataStack(_In_ HANDLE hDataStack);
25 | 
26 | 	BOOL WINAPI GetDataStackItemCount(_In_ HANDLE hDataStack, _Out_ ULONG* pCount);
27 | 	BOOL WINAPI GetDataStackSize(_In_ HANDLE hDataStack, _Out_ ULONG_PTR* pSize);
28 | 	BOOL WINAPI GetDataStackConfig(_In_ HANDLE hDataStack, _Out_ DATA_STACK_CONFIG* pConfig);
29 | }
30 | 


--------------------------------------------------------------------------------
/DataStack/dllmain.cpp:
--------------------------------------------------------------------------------
 1 | #include "pch.h"
 2 | 
 3 | HANDLE g_hDevice = INVALID_HANDLE_VALUE;
 4 | 
 5 | bool OpenDevice() {
 6 | 	UNICODE_STRING devName;
 7 | 	RtlInitUnicodeString(&devName, L"\\Device\\KDataStack");
 8 | 	OBJECT_ATTRIBUTES devAttr;
 9 | 	InitializeObjectAttributes(&devAttr, &devName, 0, nullptr, nullptr);
10 | 	IO_STATUS_BLOCK ioStatus;
11 | 	return NT_SUCCESS(NtOpenFile(&g_hDevice, GENERIC_READ | GENERIC_WRITE, &devAttr, &ioStatus, 0, 0));
12 | }
13 | 
14 | void CloseDevice() {
15 | 	if (g_hDevice != INVALID_HANDLE_VALUE) {
16 | 		CloseHandle(g_hDevice);
17 | 		g_hDevice = INVALID_HANDLE_VALUE;
18 | 	}
19 | }
20 | 
21 | BOOL APIENTRY DllMain(HMODULE hModule, DWORD reason, LPVOID lpReserved) {
22 | 	switch (reason) {
23 | 		case DLL_PROCESS_ATTACH:
24 | 			if (BOOL wow; IsWow64Process(GetCurrentProcess(), &wow) && wow)
25 | 				return FALSE;
26 | 
27 | 			DisableThreadLibraryCalls(hModule);
28 | 			return OpenDevice();
29 | 
30 | 		case DLL_THREAD_ATTACH:
31 | 		case DLL_THREAD_DETACH:
32 | 		case DLL_PROCESS_DETACH:
33 | 			CloseDevice();
34 | 			break;
35 | 	}
36 | 	return TRUE;
37 | }
38 | 
39 | 


--------------------------------------------------------------------------------
/LICENSE.txt:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) [year] [fullname]
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/KObjects/KObjects.cpp:
--------------------------------------------------------------------------------
 1 | #include <ntifs.h>
 2 | #include "DataStack.h"
 3 | 
 4 | DRIVER_DISPATCH OnDeviceControl;
 5 | 
 6 | void OnUnload(PDRIVER_OBJECT DriverObject) {
 7 | 	IoDeleteDevice(DriverObject->DeviceObject);
 8 | 	extern POBJECT_TYPE g_DataStackType;
 9 | 	if (g_DataStackType) {
10 | 		//
11 | 		// this causes a BSOD as the kernel does not support object types being destroyed
12 | 		//
13 | 		/*
14 | 		HANDLE hType;
15 | 		auto status = ObOpenObjectByPointer(g_DataStackType, OBJ_KERNEL_HANDLE, nullptr, 0, nullptr, KernelMode, &hType);
16 | 		if (NT_SUCCESS(status)) {
17 | 			status = ZwMakeTemporaryObject(hType);
18 | 			ZwClose(hType);
19 | 		}
20 | 		*/
21 | 		ObDereferenceObject(g_DataStackType);
22 | 	}
23 | }
24 | 
25 | extern "C" NTSTATUS
26 | DriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) {
27 | 	UNREFERENCED_PARAMETER(RegistryPath);
28 | 
29 | 	auto status = DsCreateDataStackObjectType();
30 | 	if (!NT_SUCCESS(status)) {
31 | 		return status;
32 | 	}
33 | 
34 | 	UNICODE_STRING devName = RTL_CONSTANT_STRING(L"\\Device\\KDataStack");
35 | 	PDEVICE_OBJECT devObj;
36 | 	status = IoCreateDevice(DriverObject, 0, &devName, FILE_DEVICE_UNKNOWN, 0, FALSE, &devObj);
37 | 	if (!NT_SUCCESS(status))
38 | 		return status;
39 | 
40 | 	DriverObject->DriverUnload = OnUnload;
41 | 	DriverObject->MajorFunction[IRP_MJ_CREATE] = DriverObject->MajorFunction[IRP_MJ_CLOSE] =
42 | 		[](PDEVICE_OBJECT, PIRP Irp) -> NTSTATUS {
43 | 		Irp->IoStatus.Status = STATUS_SUCCESS;
44 | 		IoCompleteRequest(Irp, IO_NO_INCREMENT);
45 | 		return STATUS_SUCCESS;
46 | 		};
47 | 
48 | 	DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = OnDeviceControl;
49 | 
50 | 	return STATUS_SUCCESS;
51 | }
52 | 


--------------------------------------------------------------------------------
/DataStack/DataStack.vcxproj.filters:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <ItemGroup>
 4 |     <Filter Include="Source Files">
 5 |       <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
 6 |       <Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
 7 |     </Filter>
 8 |     <Filter Include="Header Files">
 9 |       <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
10 |       <Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
11 |     </Filter>
12 |     <Filter Include="Resource Files">
13 |       <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
14 |       <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
15 |     </Filter>
16 |   </ItemGroup>
17 |   <ItemGroup>
18 |     <ClInclude Include="pch.h">
19 |       <Filter>Header Files</Filter>
20 |     </ClInclude>
21 |     <ClInclude Include="DataStackAPI.h">
22 |       <Filter>Header Files</Filter>
23 |     </ClInclude>
24 |   </ItemGroup>
25 |   <ItemGroup>
26 |     <ClCompile Include="dllmain.cpp">
27 |       <Filter>Source Files</Filter>
28 |     </ClCompile>
29 |     <ClCompile Include="pch.cpp">
30 |       <Filter>Source Files</Filter>
31 |     </ClCompile>
32 |     <ClCompile Include="DataStackAPI.cpp">
33 |       <Filter>Source Files</Filter>
34 |     </ClCompile>
35 |     <ClCompile Include="NativeDataStackAPI.cpp">
36 |       <Filter>Source Files</Filter>
37 |     </ClCompile>
38 |   </ItemGroup>
39 |   <ItemGroup>
40 |     <None Include="DataStack.def">
41 |       <Filter>Source Files</Filter>
42 |     </None>
43 |   </ItemGroup>
44 | </Project>


--------------------------------------------------------------------------------
/KObjects/KObjects.vcxproj.filters:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <ItemGroup>
 4 |     <Filter Include="Source Files">
 5 |       <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
 6 |       <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
 7 |     </Filter>
 8 |     <Filter Include="Header Files">
 9 |       <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
10 |       <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
11 |     </Filter>
12 |     <Filter Include="Resource Files">
13 |       <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
14 |       <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
15 |     </Filter>
16 |     <Filter Include="Driver Files">
17 |       <UniqueIdentifier>{8E41214B-6785-4CFE-B992-037D68949A14}</UniqueIdentifier>
18 |       <Extensions>inf;inv;inx;mof;mc;</Extensions>
19 |     </Filter>
20 |   </ItemGroup>
21 |   <ItemGroup>
22 |     <ClCompile Include="KObjects.cpp">
23 |       <Filter>Source Files</Filter>
24 |     </ClCompile>
25 |     <ClCompile Include="DataStack.cpp">
26 |       <Filter>Source Files</Filter>
27 |     </ClCompile>
28 |     <ClCompile Include="DataStackDevice.cpp">
29 |       <Filter>Source Files</Filter>
30 |     </ClCompile>
31 |     <ClCompile Include="DataStackImpl.cpp">
32 |       <Filter>Source Files</Filter>
33 |     </ClCompile>
34 |   </ItemGroup>
35 |   <ItemGroup>
36 |     <ClInclude Include="DataStackNativeAPI.h">
37 |       <Filter>Header Files</Filter>
38 |     </ClInclude>
39 |     <ClInclude Include="DataStack.h">
40 |       <Filter>Header Files</Filter>
41 |     </ClInclude>
42 |     <ClInclude Include="DataStackConv.h">
43 |       <Filter>Header Files</Filter>
44 |     </ClInclude>
45 |   </ItemGroup>
46 | </Project>


--------------------------------------------------------------------------------
/DSTest/DSTest.cpp:
--------------------------------------------------------------------------------
 1 | // DSTest.cpp : This file contains the 'main' function. Program execution begins and ends there.
 2 | //
 3 | 
 4 | #include <Windows.h>
 5 | #include <stdio.h>
 6 | #include "..\DataStack\DataStackAPI.h"
 7 | #include <string>
 8 | 
 9 | bool PushString(HANDLE h, std::string const& text) {
10 | 	auto ok = PushDataStack(h, (PVOID)text.c_str(), (ULONG)text.length() + 1);
11 | 	if (!ok)
12 | 		printf("Error in PushString: %u\n", GetLastError());
13 | 	return ok;
14 | }
15 | 
16 | void PopItems(HANDLE h) {
17 | 	BYTE buffer[256];
18 | 
19 | 	DATA_STACK_CONFIG config;
20 | 	if (GetDataStackConfig(h, &config)) {
21 | 		printf("Data Stack: max items: %u max item size: %u max size: %zu\n",
22 | 			config.MaxItemCount, config.MaxItemSize, config.MaxSize);
23 | 	}
24 | 
25 | 	// wait 5 seconds at most for data to appear
26 | 	while (WaitForSingleObject(h, 5000) == WAIT_OBJECT_0) {
27 | 		DWORD size = sizeof(buffer);
28 | 		if (!PopDataStack(h, buffer, &size) && GetLastError() != ERROR_NO_DATA) {
29 | 			printf("Error in PopDataStack (%u)\n", GetLastError());
30 | 			break;
31 | 		}
32 | 
33 | 		if (size) {
34 | 			printf("Popped %u bytes: ", size);
35 | 			if (size > sizeof(int))
36 | 				printf("%s\n", (PCSTR)buffer);
37 | 			else
38 | 				printf("%d\n", *(int*)buffer);
39 | 		}
40 | 		Sleep(300);
41 | 
42 | 		DWORD count;
43 | 		DWORD_PTR total;
44 | 		if (GetDataStackItemCount(h, &count) && GetDataStackSize(h, &total))
45 | 			printf("Data stack Item count: %u Size: %zu\n", count, total);
46 | 	}
47 | }
48 | 
49 | int main() {
50 | 	HANDLE hDataStack = CreateDataStack(nullptr, 0, 100, 10 << 20, L"MyDataStack");
51 | 	if (!hDataStack) {
52 | 		printf("Failed to create data stack (%u)\n", GetLastError());
53 | 		return 1;
54 | 	}
55 | 
56 | 	printf("Handle created: 0x%p\n", hDataStack);
57 | 
58 | 	if (GetLastError() == ERROR_ALREADY_EXISTS) {
59 | 		printf("Opened an existing object... will pop elements\n");
60 | 		PopItems(hDataStack);
61 | 	}
62 | 	else {
63 | 		Sleep(4000);
64 | 
65 | 		PushString(hDataStack, "Hello, data stack!");
66 | 		PushString(hDataStack, "Pushing another string...");
67 | 		for (int i = 1; i <= 10; i++) {
68 | 			PushDataStack(hDataStack, &i, sizeof(i));
69 | 		}
70 | 	}
71 | 
72 | 	CloseHandle(hDataStack);
73 | 	return 0;
74 | }
75 | 
76 | 


--------------------------------------------------------------------------------
/KObjects/DataStackNativeAPI.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | 
 3 | #define DATA_STACK_QUERY	0x1
 4 | #define DATA_STACK_PUSH		0x2
 5 | #define DATA_STACK_POP		0x4
 6 | #define DATA_STACK_CLEAR	0x8
 7 | 
 8 | #define DATA_STACK_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | DATA_STACK_QUERY | DATA_STACK_PUSH | DATA_STACK_POP | DATA_STACK_CLEAR)
 9 | 
10 | typedef struct _DATA_STACK_CONFIGURATION {
11 | 	ULONG MaxItemSize;
12 | 	ULONG MaxItemCount;
13 | 	ULONG_PTR MaxSize;
14 | } DATA_STACK_CONFIGURATION;
15 | 
16 | typedef enum _DataStackInformationClass {
17 | 	DataStackItemCount,
18 | 	DataStackTotalSize,
19 | 	DataStackConfiguration,
20 | } DataStackInformationClass;
21 | 
22 | extern "C" {
23 | 	NTSTATUS NTAPI NtCreateDataStack(
24 | 		_Out_ PHANDLE DataStackHandle,
25 | 		_In_opt_ POBJECT_ATTRIBUTES DataStackAttributes,
26 | 		_In_ ULONG MaxItemSize,
27 | 		_In_ ULONG MaxItemCount,
28 | 		ULONG_PTR MaxSize);
29 | 	NTSTATUS NTAPI NtOpenDataStack(
30 | 		_Out_ PHANDLE DataStackHandle,
31 | 		_In_ ACCESS_MASK DesiredAccess,
32 | 		_In_ POBJECT_ATTRIBUTES DataStackAttributes);
33 | 	NTSTATUS NTAPI NtQueryInformationDataStack(
34 | 		_In_ HANDLE DataStackHandle,
35 | 		_In_ DataStackInformationClass InformationClass,
36 | 		_Out_ PVOID Buffer,
37 | 		_In_ ULONG BufferSize,
38 | 		_Out_opt_ PULONG ReturnLength);
39 | 	NTSTATUS NTAPI NtPushDataStack(
40 | 		_In_ HANDLE DataStackHandle,
41 | 		_In_ const PVOID Item,
42 | 		_In_ ULONG ItemSize);
43 | 	NTSTATUS NTAPI NtPopDataStack(
44 | 		_In_ HANDLE DataStackHandle,
45 | 		_Out_ PVOID Buffer,
46 | 		_Inout_ PULONG BufferSize);
47 | 	NTSTATUS NTAPI NtClearDataStack(_In_ HANDLE DataStackHandle);
48 | }
49 | 
50 | #define DEVICE_DATASTACK 0x8009
51 | #define IOCTL_DATASTACK_CREATE	CTL_CODE(DEVICE_DATASTACK, 0x800, METHOD_BUFFERED, FILE_ANY_ACCESS)
52 | #define IOCTL_DATASTACK_OPEN	CTL_CODE(DEVICE_DATASTACK, 0x801, METHOD_BUFFERED, FILE_ANY_ACCESS)
53 | #define IOCTL_DATASTACK_PUSH	CTL_CODE(DEVICE_DATASTACK, 0x802, METHOD_BUFFERED, FILE_ANY_ACCESS)
54 | #define IOCTL_DATASTACK_POP		CTL_CODE(DEVICE_DATASTACK, 0x803, METHOD_BUFFERED, FILE_ANY_ACCESS)
55 | #define IOCTL_DATASTACK_CLEAR	CTL_CODE(DEVICE_DATASTACK, 0x804, METHOD_BUFFERED, FILE_ANY_ACCESS)
56 | #define IOCTL_DATASTACK_QUERY	CTL_CODE(DEVICE_DATASTACK, 0x805, METHOD_BUFFERED, FILE_ANY_ACCESS)
57 | 
58 | 


--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
 1 | ###############################################################################
 2 | # Set default behavior to automatically normalize line endings.
 3 | ###############################################################################
 4 | * text=auto
 5 | 
 6 | ###############################################################################
 7 | # Set default behavior for command prompt diff.
 8 | #
 9 | # This is need for earlier builds of msysgit that does not have it on by
10 | # default for csharp files.
11 | # Note: This is only used by command line
12 | ###############################################################################
13 | #*.cs     diff=csharp
14 | 
15 | ###############################################################################
16 | # Set the merge driver for project and solution files
17 | #
18 | # Merging from the command prompt will add diff markers to the files if there
19 | # are conflicts (Merging from VS is not affected by the settings below, in VS
20 | # the diff markers are never inserted). Diff markers may cause the following 
21 | # file extensions to fail to load in VS. An alternative would be to treat
22 | # these files as binary and thus will always conflict and require user
23 | # intervention with every merge. To do so, just uncomment the entries below
24 | ###############################################################################
25 | #*.sln       merge=binary
26 | #*.csproj    merge=binary
27 | #*.vbproj    merge=binary
28 | #*.vcxproj   merge=binary
29 | #*.vcproj    merge=binary
30 | #*.dbproj    merge=binary
31 | #*.fsproj    merge=binary
32 | #*.lsproj    merge=binary
33 | #*.wixproj   merge=binary
34 | #*.modelproj merge=binary
35 | #*.sqlproj   merge=binary
36 | #*.wwaproj   merge=binary
37 | 
38 | ###############################################################################
39 | # behavior for image files
40 | #
41 | # image files are treated as binary by default.
42 | ###############################################################################
43 | #*.jpg   binary
44 | #*.png   binary
45 | #*.gif   binary
46 | 
47 | ###############################################################################
48 | # diff behavior for common document formats
49 | # 
50 | # Convert binary document formats to text before diffing them. This feature
51 | # is only available from the command line. Turn it on by uncommenting the 
52 | # entries below.
53 | ###############################################################################
54 | #*.doc   diff=astextplain
55 | #*.DOC   diff=astextplain
56 | #*.docx  diff=astextplain
57 | #*.DOCX  diff=astextplain
58 | #*.dot   diff=astextplain
59 | #*.DOT   diff=astextplain
60 | #*.pdf   diff=astextplain
61 | #*.PDF   diff=astextplain
62 | #*.rtf   diff=astextplain
63 | #*.RTF   diff=astextplain
64 | 


--------------------------------------------------------------------------------
/DataStack/NativeDataStackAPI.cpp:
--------------------------------------------------------------------------------
 1 | #include "pch.h"
 2 | #include "..\KObjects\DataStackConv.h"
 3 | #include "..\KObjects\DataStackNativeAPI.h"
 4 | 
 5 | #pragma comment(lib, "ntdll")
 6 | 
 7 | extern HANDLE g_hDevice;
 8 | 
 9 | NTSTATUS NTAPI NtCreateDataStack(_Out_ PHANDLE DataStackHandle, _In_opt_ POBJECT_ATTRIBUTES DataStackAttributes, _In_ ULONG MaxItemSize, _In_ ULONG MaxItemCount, ULONG_PTR MaxSize) {
10 | 	DataStackCreate data;
11 | 	data.MaxItemCount = MaxItemCount;
12 | 	data.MaxItemSize = MaxItemSize;
13 | 	data.ObjectAttributes = DataStackAttributes;
14 | 	data.MaxSize = MaxSize;
15 | 
16 | 	IO_STATUS_BLOCK ioStatus;
17 | 	return NtDeviceIoControlFile(g_hDevice, nullptr, nullptr, nullptr, &ioStatus,
18 | 		IOCTL_DATASTACK_CREATE, &data, sizeof(data), DataStackHandle, sizeof(HANDLE));
19 | }
20 | 
21 | NTSTATUS NTAPI NtOpenDataStack(_Out_ PHANDLE DataStackHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES DataStackAttributes) {
22 | 	DataStackOpen data;
23 | 	data.DesiredAccess = DesiredAccess;
24 | 	data.ObjectAttributes = DataStackAttributes;
25 | 
26 | 	IO_STATUS_BLOCK ioStatus;
27 | 	return NtDeviceIoControlFile(g_hDevice, nullptr, nullptr, nullptr, &ioStatus,
28 | 		IOCTL_DATASTACK_OPEN, &data, sizeof(data), DataStackHandle, sizeof(HANDLE));
29 | }
30 | 
31 | NTSTATUS NTAPI NtPushDataStack(_In_ HANDLE DataStackHandle, _In_ const PVOID Item, _In_ ULONG ItemSize) {
32 | 	DataStackPush data;
33 | 	data.DataStackHandle = DataStackHandle;
34 | 	data.Buffer = Item;
35 | 	data.Size = ItemSize;
36 | 
37 | 	IO_STATUS_BLOCK ioStatus;
38 | 	return NtDeviceIoControlFile(g_hDevice, nullptr, nullptr, nullptr, &ioStatus,
39 | 		IOCTL_DATASTACK_PUSH, &data, sizeof(data), nullptr, 0);
40 | }
41 | 
42 | NTSTATUS NTAPI NtPopDataStack(_In_ HANDLE DataStackHandle, _In_ PVOID Buffer, _Inout_ PULONG ItemSize) {
43 | 	DataStackPop data;
44 | 	data.DataStackHandle = DataStackHandle;
45 | 	data.Buffer = Buffer;
46 | 	data.Size = ItemSize;
47 | 
48 | 	IO_STATUS_BLOCK ioStatus;
49 | 	return NtDeviceIoControlFile(g_hDevice, nullptr, nullptr, nullptr, &ioStatus,
50 | 		IOCTL_DATASTACK_POP, &data, sizeof(data), nullptr, 0);
51 | }
52 | 
53 | NTSTATUS NTAPI NtClearDataStack(_In_ HANDLE DataStackHandle) {
54 | 	IO_STATUS_BLOCK ioStatus;
55 | 	return NtDeviceIoControlFile(g_hDevice, nullptr, nullptr, nullptr, &ioStatus,
56 | 		IOCTL_DATASTACK_CLEAR, &DataStackHandle, sizeof(HANDLE), nullptr, 0);
57 | }
58 | 
59 | NTSTATUS NTAPI NtQueryInformationDataStack(_In_ HANDLE DataStackHandle, _In_ DataStackInformationClass InformationClass,
60 | 	_Out_ PVOID Buffer, _In_ ULONG BufferSize, _Out_opt_ PULONG ReturnLength) {
61 | 	DataStackQuery data;
62 | 	data.DataStackHandle = DataStackHandle;
63 | 	data.Buffer = Buffer;
64 | 	data.InfoClass = InformationClass;
65 | 	data.BufferSize = BufferSize;
66 | 	data.ReturnLength = ReturnLength;
67 | 
68 | 	IO_STATUS_BLOCK ioStatus;
69 | 	return NtDeviceIoControlFile(g_hDevice, nullptr, nullptr, nullptr, &ioStatus,
70 | 		IOCTL_DATASTACK_QUERY, &data, sizeof(data), nullptr, 0);
71 | }
72 | 


--------------------------------------------------------------------------------
/KObjects/DataStackDevice.cpp:
--------------------------------------------------------------------------------
  1 | #include <ntifs.h>
  2 | #include "DataStackNativeAPI.h"
  3 | #include "DataStackConv.h"
  4 | 
  5 | NTSTATUS OnDeviceControl(PDEVICE_OBJECT, PIRP Irp) {
  6 | 	auto len = 0U;
  7 | 	auto status = STATUS_INVALID_DEVICE_REQUEST;
  8 | 
  9 | 	if (IoIs32bitProcess(Irp)) {
 10 | 		status = STATUS_NOT_IMPLEMENTED;
 11 | 	}
 12 | 	else {
 13 | 		auto stack = IoGetCurrentIrpStackLocation(Irp);
 14 | 		auto& dic = stack->Parameters.DeviceIoControl;
 15 | 
 16 | 		switch (dic.IoControlCode) {
 17 | 			case IOCTL_DATASTACK_CREATE:
 18 | 			{
 19 | 				auto data = (DataStackCreate*)Irp->AssociatedIrp.SystemBuffer;
 20 | 				if (dic.InputBufferLength < sizeof(*data)) {
 21 | 					status = STATUS_BUFFER_TOO_SMALL;
 22 | 					break;
 23 | 				}
 24 | 				HANDLE hDataStack;
 25 | 				status = NtCreateDataStack(&hDataStack, data->ObjectAttributes, data->MaxItemSize, data->MaxItemCount, data->MaxSize);
 26 | 				if (NT_SUCCESS(status)) {
 27 | 					len = sizeof(HANDLE);
 28 | 					memcpy(data, &hDataStack, len);
 29 | 				}
 30 | 				break;
 31 | 			}
 32 | 
 33 | 			case IOCTL_DATASTACK_OPEN:
 34 | 			{
 35 | 				auto data = (DataStackOpen*)Irp->AssociatedIrp.SystemBuffer;
 36 | 				if (dic.InputBufferLength < sizeof(*data)) {
 37 | 					status = STATUS_BUFFER_TOO_SMALL;
 38 | 					break;
 39 | 				}
 40 | 				HANDLE hDataStack;
 41 | 				status = NtOpenDataStack(&hDataStack, data->DesiredAccess, data->ObjectAttributes);
 42 | 				if (NT_SUCCESS(status)) {
 43 | 					len = sizeof(HANDLE);
 44 | 					memcpy(data, &hDataStack, len);
 45 | 				}
 46 | 				break;
 47 | 			}
 48 | 
 49 | 			case IOCTL_DATASTACK_CLEAR:
 50 | 			{
 51 | 				auto data = (DataStackClear*)Irp->AssociatedIrp.SystemBuffer;
 52 | 				if (dic.InputBufferLength < sizeof(*data)) {
 53 | 					status = STATUS_BUFFER_TOO_SMALL;
 54 | 					break;
 55 | 				}
 56 | 				status = NtClearDataStack(data->DataStackHandle);
 57 | 				break;
 58 | 			}
 59 | 
 60 | 			case IOCTL_DATASTACK_PUSH:
 61 | 			{
 62 | 				auto data = (DataStackPush*)Irp->AssociatedIrp.SystemBuffer;
 63 | 				if (dic.InputBufferLength < sizeof(*data)) {
 64 | 					status = STATUS_BUFFER_TOO_SMALL;
 65 | 					break;
 66 | 				}
 67 | 				status = NtPushDataStack(data->DataStackHandle, data->Buffer, data->Size);
 68 | 				break;
 69 | 			}
 70 | 
 71 | 			case IOCTL_DATASTACK_POP:
 72 | 			{
 73 | 				auto data = (DataStackPop*)Irp->AssociatedIrp.SystemBuffer;
 74 | 				if (dic.InputBufferLength < sizeof(*data)) {
 75 | 					status = STATUS_BUFFER_TOO_SMALL;
 76 | 					break;
 77 | 				}
 78 | 				status = NtPopDataStack(data->DataStackHandle, data->Buffer, data->Size);
 79 | 				break;
 80 | 			}
 81 | 
 82 | 			case IOCTL_DATASTACK_QUERY:
 83 | 			{
 84 | 				auto data = (DataStackQuery*)Irp->AssociatedIrp.SystemBuffer;
 85 | 				if (dic.InputBufferLength < sizeof(*data)) {
 86 | 					status = STATUS_BUFFER_TOO_SMALL;
 87 | 					break;
 88 | 				}
 89 | 				status = NtQueryInformationDataStack(data->DataStackHandle, data->InfoClass, data->Buffer, data->BufferSize, data->ReturnLength);
 90 | 				break;
 91 | 			}
 92 | 
 93 | 		}
 94 | 	}
 95 | 
 96 | 	Irp->IoStatus.Status = status;
 97 | 	Irp->IoStatus.Information = len;
 98 | 	IoCompleteRequest(Irp, IO_NO_INCREMENT);
 99 | 	return status;
100 | }
101 | 


--------------------------------------------------------------------------------
/KObjects/DataStackImpl.cpp:
--------------------------------------------------------------------------------
  1 | #include <ntddk.h>
  2 | #include "DataStack.h"
  3 | 
  4 | NTSTATUS DsPushDataStack(DataStack* ds, PVOID Item, ULONG ItemSize) {
  5 | 	KdPrint(("DsPushDataStack 0x%p 0x%p 0x%X\n", ds, Item, ItemSize));
  6 | 
  7 | 	auto buffer = (DataBlock*)ExAllocatePool2(POOL_FLAG_PAGED | POOL_FLAG_UNINITIALIZED, 
  8 | 		ItemSize + sizeof(DataBlock), DataStackTag);
  9 | 	if (buffer == nullptr)
 10 | 		return STATUS_INSUFFICIENT_RESOURCES;
 11 | 
 12 | 	auto status = STATUS_SUCCESS;
 13 | 	if (ExGetPreviousMode() != KernelMode) {
 14 | 		__try {
 15 | 			ProbeForRead(Item, ItemSize, 1);
 16 | 			memcpy(buffer->Data, Item, ItemSize);
 17 | 		}
 18 | 		__except (EXCEPTION_EXECUTE_HANDLER) {
 19 | 			ExFreePool(buffer);
 20 | 			return GetExceptionCode();
 21 | 		}
 22 | 	}
 23 | 	else {
 24 | 		memcpy(buffer->Data, Item, ItemSize);
 25 | 	}
 26 | 	buffer->Size = ItemSize;
 27 | 
 28 | 	ExAcquireFastMutex(&ds->Lock);
 29 | 	do {
 30 | 		if (ds->MaxItemCount == ds->Count) {
 31 | 			status = STATUS_NO_MORE_ENTRIES;
 32 | 			break;
 33 | 		}
 34 | 
 35 | 		if (ds->MaxItemSize && ItemSize > ds->MaxItemSize) {
 36 | 			status = STATUS_NOT_CAPABLE;
 37 | 			break;
 38 | 		}
 39 | 
 40 | 		if (ds->MaxSize && ds->Size + ItemSize > ds->MaxSize) {
 41 | 			status = STATUS_NOT_CAPABLE;
 42 | 			break;
 43 | 		}
 44 | 	} while (false);
 45 | 
 46 | 	if (NT_SUCCESS(status)) {
 47 | 		InsertTailList(&ds->Head, &buffer->Link);
 48 | 		ds->Count++;
 49 | 		ds->Size += ItemSize;
 50 | 		if(ds->Count == 1)
 51 | 			KeSetEvent(&ds->Event, EVENT_INCREMENT, FALSE);
 52 | 	}
 53 | 	ExReleaseFastMutex(&ds->Lock);
 54 | 
 55 | 	if (!NT_SUCCESS(status))
 56 | 		ExFreePool(buffer);
 57 | 
 58 | 	return status;
 59 | }
 60 | 
 61 | NTSTATUS DsPopDataStack(DataStack* ds, PVOID buffer, ULONG inputSize, ULONG* itemSize) {
 62 | 	KdPrint(("DsPopDataStack 0x%p 0x%p 0x%X 0x%X\n", ds, buffer, inputSize, *itemSize));
 63 | 
 64 | 	ExAcquireFastMutex(&ds->Lock);
 65 | 	__try {
 66 | 		if (inputSize == 0) {
 67 | 			//
 68 | 			// return size of next item
 69 | 			//			
 70 | 			__try {
 71 | 				if (ds->Count == 0) {
 72 | 					//
 73 | 					// stack empty
 74 | 					//
 75 | 					*itemSize = 0;
 76 | 				}
 77 | 				else {
 78 | 					auto top = CONTAINING_RECORD(ds->Head.Blink, DataBlock, Link);
 79 | 					*itemSize = top->Size;
 80 | 				}
 81 | 				return STATUS_SUCCESS;
 82 | 			}
 83 | 			__except (EXCEPTION_EXECUTE_HANDLER) {
 84 | 				return GetExceptionCode();
 85 | 			}
 86 | 		}
 87 | 
 88 | 		if (ds->Count == 0) {
 89 | 			__try {
 90 | 				*itemSize = 0;
 91 | 			}
 92 | 			__except (EXCEPTION_EXECUTE_HANDLER) {
 93 | 				return GetExceptionCode();
 94 | 			}
 95 | 			return STATUS_PIPE_EMPTY;
 96 | 		}
 97 | 
 98 | 		//
 99 | 		// remove item
100 | 		//
101 | 		auto link = RemoveTailList(&ds->Head);
102 | 		NT_ASSERT(link != &ds->Head);
103 | 	
104 | 		auto item = CONTAINING_RECORD(link, DataBlock, Link);
105 | 		__try {
106 | 			*itemSize = item->Size;
107 | 			if (inputSize < item->Size) {
108 | 				//
109 | 				// buffer too small
110 | 				// reinsert item
111 | 				//
112 | 				InsertTailList(&ds->Head, link);
113 | 				return STATUS_BUFFER_TOO_SMALL;
114 | 			}
115 | 			else {
116 | 				memcpy(buffer, item->Data, item->Size);
117 | 				ds->Count--;
118 | 				ds->Size -= item->Size;
119 | 				ExFreePool(item);
120 | 				if (ds->Count == 0)
121 | 					KeClearEvent(&ds->Event);
122 | 				return STATUS_SUCCESS;
123 | 			}
124 | 		}
125 | 		__except (EXCEPTION_EXECUTE_HANDLER) {
126 | 			return GetExceptionCode();
127 | 		}
128 | 	}
129 | 	__finally {
130 | 		ExReleaseFastMutex(&ds->Lock);
131 | 	}
132 | }
133 | 
134 | NTSTATUS DsClearDataStack(DataStack* ds) {
135 | 	KdPrint(("DsClearDataStack 0x%p\n", ds));
136 | 
137 | 	ExAcquireFastMutex(&ds->Lock);
138 | 	LIST_ENTRY* link;
139 | 
140 | 	while ((link = RemoveHeadList(&ds->Head)) != &ds->Head) {
141 | 		auto item = CONTAINING_RECORD(link, DataBlock, Link);
142 | 		ExFreePool(item);
143 | 	}
144 | 	ds->Count = 0;
145 | 	ds->Size = 0;
146 | 	ExReleaseFastMutex(&ds->Lock);
147 | 
148 | 	return STATUS_SUCCESS;
149 | }
150 | 
151 | void OnDataStackDelete(_In_ PVOID Object) {
152 | 	KdPrint(("OnDataStackDelete 0x%p\n", Object));
153 | 
154 | 	auto ds = (DataStack*)Object;
155 | 	DsClearDataStack(ds);
156 | }
157 | 
158 | 


--------------------------------------------------------------------------------
/KObjects.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 12.00
 3 | # Visual Studio Version 17
 4 | VisualStudioVersion = 17.12.35209.166
 5 | MinimumVisualStudioVersion = 10.0.40219.1
 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "KObjects", "KObjects\KObjects.vcxproj", "{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}"
 7 | EndProject
 8 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DSTest", "DSTest\DSTest.vcxproj", "{203E3D8A-2206-4C78-AF4B-9CFAFDEDE7E6}"
 9 | EndProject
10 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DataStack", "DataStack\DataStack.vcxproj", "{AD3A2356-58C4-4737-A121-4E9DC3A5E583}"
11 | 	ProjectSection(ProjectDependencies) = postProject
12 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B} = {3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}
13 | 	EndProjectSection
14 | EndProject
15 | Global
16 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
17 | 		Debug|ARM64 = Debug|ARM64
18 | 		Debug|x64 = Debug|x64
19 | 		Debug|x86 = Debug|x86
20 | 		Release|ARM64 = Release|ARM64
21 | 		Release|x64 = Release|x64
22 | 		Release|x86 = Release|x86
23 | 	EndGlobalSection
24 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
25 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Debug|ARM64.ActiveCfg = Debug|ARM64
26 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Debug|ARM64.Build.0 = Debug|ARM64
27 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Debug|ARM64.Deploy.0 = Debug|ARM64
28 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Debug|x64.ActiveCfg = Debug|x64
29 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Debug|x64.Build.0 = Debug|x64
30 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Debug|x64.Deploy.0 = Debug|x64
31 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Debug|x86.ActiveCfg = Debug|x64
32 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Debug|x86.Build.0 = Debug|x64
33 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Debug|x86.Deploy.0 = Debug|x64
34 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Release|ARM64.ActiveCfg = Release|ARM64
35 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Release|ARM64.Build.0 = Release|ARM64
36 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Release|ARM64.Deploy.0 = Release|ARM64
37 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Release|x64.ActiveCfg = Release|x64
38 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Release|x64.Build.0 = Release|x64
39 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Release|x64.Deploy.0 = Release|x64
40 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Release|x86.ActiveCfg = Release|x64
41 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Release|x86.Build.0 = Release|x64
42 | 		{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}.Release|x86.Deploy.0 = Release|x64
43 | 		{203E3D8A-2206-4C78-AF4B-9CFAFDEDE7E6}.Debug|ARM64.ActiveCfg = Debug|x64
44 | 		{203E3D8A-2206-4C78-AF4B-9CFAFDEDE7E6}.Debug|ARM64.Build.0 = Debug|x64
45 | 		{203E3D8A-2206-4C78-AF4B-9CFAFDEDE7E6}.Debug|x64.ActiveCfg = Debug|x64
46 | 		{203E3D8A-2206-4C78-AF4B-9CFAFDEDE7E6}.Debug|x64.Build.0 = Debug|x64
47 | 		{203E3D8A-2206-4C78-AF4B-9CFAFDEDE7E6}.Debug|x86.ActiveCfg = Debug|Win32
48 | 		{203E3D8A-2206-4C78-AF4B-9CFAFDEDE7E6}.Debug|x86.Build.0 = Debug|Win32
49 | 		{203E3D8A-2206-4C78-AF4B-9CFAFDEDE7E6}.Release|ARM64.ActiveCfg = Release|x64
50 | 		{203E3D8A-2206-4C78-AF4B-9CFAFDEDE7E6}.Release|ARM64.Build.0 = Release|x64
51 | 		{203E3D8A-2206-4C78-AF4B-9CFAFDEDE7E6}.Release|x64.ActiveCfg = Release|x64
52 | 		{203E3D8A-2206-4C78-AF4B-9CFAFDEDE7E6}.Release|x64.Build.0 = Release|x64
53 | 		{203E3D8A-2206-4C78-AF4B-9CFAFDEDE7E6}.Release|x86.ActiveCfg = Release|Win32
54 | 		{203E3D8A-2206-4C78-AF4B-9CFAFDEDE7E6}.Release|x86.Build.0 = Release|Win32
55 | 		{AD3A2356-58C4-4737-A121-4E9DC3A5E583}.Debug|ARM64.ActiveCfg = Debug|x64
56 | 		{AD3A2356-58C4-4737-A121-4E9DC3A5E583}.Debug|ARM64.Build.0 = Debug|x64
57 | 		{AD3A2356-58C4-4737-A121-4E9DC3A5E583}.Debug|x64.ActiveCfg = Debug|x64
58 | 		{AD3A2356-58C4-4737-A121-4E9DC3A5E583}.Debug|x64.Build.0 = Debug|x64
59 | 		{AD3A2356-58C4-4737-A121-4E9DC3A5E583}.Debug|x86.ActiveCfg = Debug|Win32
60 | 		{AD3A2356-58C4-4737-A121-4E9DC3A5E583}.Debug|x86.Build.0 = Debug|Win32
61 | 		{AD3A2356-58C4-4737-A121-4E9DC3A5E583}.Release|ARM64.ActiveCfg = Release|x64
62 | 		{AD3A2356-58C4-4737-A121-4E9DC3A5E583}.Release|ARM64.Build.0 = Release|x64
63 | 		{AD3A2356-58C4-4737-A121-4E9DC3A5E583}.Release|x64.ActiveCfg = Release|x64
64 | 		{AD3A2356-58C4-4737-A121-4E9DC3A5E583}.Release|x64.Build.0 = Release|x64
65 | 		{AD3A2356-58C4-4737-A121-4E9DC3A5E583}.Release|x86.ActiveCfg = Release|Win32
66 | 		{AD3A2356-58C4-4737-A121-4E9DC3A5E583}.Release|x86.Build.0 = Release|Win32
67 | 	EndGlobalSection
68 | 	GlobalSection(SolutionProperties) = preSolution
69 | 		HideSolutionNode = FALSE
70 | 	EndGlobalSection
71 | 	GlobalSection(ExtensibilityGlobals) = postSolution
72 | 		SolutionGuid = {F26EA66E-AC60-4AF3-98D8-FD4D14AD73D3}
73 | 	EndGlobalSection
74 | EndGlobal
75 | 


--------------------------------------------------------------------------------
/DataStack/DataStackAPI.cpp:
--------------------------------------------------------------------------------
  1 | #include "pch.h"
  2 | #include "DataStackAPI.h"
  3 | #include "..\KObjects\DataStackNativeAPI.h"
  4 | 
  5 | #define DIRECTORY_QUERY 0x0001
  6 | #define DIRECTORY_TRAVERSE 0x0002
  7 | #define DIRECTORY_CREATE_OBJECT 0x0004
  8 | #define DIRECTORY_CREATE_SUBDIRECTORY 0x0008
  9 | #define DIRECTORY_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | 0xf)
 10 | 
 11 | extern "C" NTSTATUS NTAPI NtOpenDirectoryObject(
 12 | 	_Out_ PHANDLE DirectoryHandle,
 13 | 	_In_ ACCESS_MASK DesiredAccess,
 14 | 	_In_ POBJECT_ATTRIBUTES ObjectAttributes);
 15 | 
 16 | HANDLE GetUserDirectoryRoot() {
 17 | 	static HANDLE hDir;
 18 | 	if (hDir)
 19 | 		return hDir;
 20 | 
 21 | 	DWORD session = 0;
 22 | 	ProcessIdToSessionId(GetCurrentProcessId(), &session);
 23 | 
 24 | 	UNICODE_STRING name;
 25 | 	WCHAR path[256];
 26 | 	if (session == 0)
 27 | 		RtlInitUnicodeString(&name, L"\\BaseNamedObjects");
 28 | 	else {
 29 | 		wsprintfW(path, L"\\Sessions\\%u\\BaseNamedObjects", session);
 30 | 		RtlInitUnicodeString(&name, path);
 31 | 	}
 32 | 	OBJECT_ATTRIBUTES dirAttr;
 33 | 	InitializeObjectAttributes(&dirAttr, &name, OBJ_CASE_INSENSITIVE, nullptr, nullptr);
 34 | 	NtOpenDirectoryObject(&hDir, DIRECTORY_QUERY, &dirAttr);
 35 | 	return hDir;
 36 | }
 37 | 
 38 | HANDLE WINAPI CreateDataStack(_In_opt_ SECURITY_ATTRIBUTES* sa, _In_ ULONG maxItemSize, _In_ ULONG maxItemCount, _In_ ULONG_PTR maxSize, _In_opt_ PCWSTR name) {
 39 | 	if (BOOL wow; IsWow64Process(GetCurrentProcess(), &wow) && wow) {
 40 | 		SetLastError(ERROR_NOT_SUPPORTED);
 41 | 		return nullptr;
 42 | 	}
 43 | 
 44 | 	UNICODE_STRING uname{};
 45 | 	if (name && *name) {
 46 | 		RtlInitUnicodeString(&uname, name);
 47 | 	}
 48 | 	OBJECT_ATTRIBUTES attr;
 49 | 	InitializeObjectAttributes(&attr,
 50 | 		uname.Length ? &uname : nullptr,
 51 | 		(sa && sa->bInheritHandle ? OBJ_INHERIT : 0) | (uname.Length ? (OBJ_OPENIF | OBJ_CASE_INSENSITIVE) : 0),
 52 | 		uname.Length ? GetUserDirectoryRoot() : nullptr,
 53 | 		sa ? sa->lpSecurityDescriptor : nullptr);
 54 | 
 55 | 	HANDLE hDataStack;
 56 | 	auto status = NtCreateDataStack(&hDataStack, &attr, maxItemSize, maxItemCount, maxSize);
 57 | 	if (NT_SUCCESS(status)) {
 58 | 		const NTSTATUS STATUS_OBJECT_NAME_EXISTS = 0x40000000;
 59 | 
 60 | 		if (status == STATUS_OBJECT_NAME_EXISTS) {
 61 | 			SetLastError(ERROR_ALREADY_EXISTS);
 62 | 		}
 63 | 		else {
 64 | 			SetLastError(0);
 65 | 		}
 66 | 		return hDataStack;
 67 | 	}
 68 | 
 69 | 	SetLastError(RtlNtStatusToDosError(status));
 70 | 	return nullptr;
 71 | }
 72 | 
 73 | HANDLE WINAPI OpenDataStack(_In_ ACCESS_MASK desiredAccess, _In_ BOOL inheritHandle, _In_ PCWSTR name) {
 74 | 	if (BOOL wow; IsWow64Process(GetCurrentProcess(), &wow) && wow) {
 75 | 		SetLastError(ERROR_NOT_SUPPORTED);
 76 | 		return nullptr;
 77 | 	}
 78 | 
 79 | 	if (name == nullptr || *name == 0) {
 80 | 		SetLastError(ERROR_INVALID_NAME);
 81 | 		return nullptr;
 82 | 	}
 83 | 
 84 | 	UNICODE_STRING uname;
 85 | 	RtlInitUnicodeString(&uname, name);
 86 | 	OBJECT_ATTRIBUTES attr;
 87 | 	InitializeObjectAttributes(&attr,
 88 | 		&uname,
 89 | 		OBJ_CASE_INSENSITIVE | (inheritHandle ? OBJ_INHERIT : 0),
 90 | 		GetUserDirectoryRoot(),
 91 | 		nullptr);
 92 | 	HANDLE hDataStack;
 93 | 	auto status = NtOpenDataStack(&hDataStack, desiredAccess, &attr);
 94 | 	if (NT_SUCCESS(status))
 95 | 		return hDataStack;
 96 | 
 97 | 	SetLastError(RtlNtStatusToDosError(status));
 98 | 	return nullptr;
 99 | }
100 | 
101 | _Use_decl_annotations_
102 | BOOL WINAPI PushDataStack(HANDLE hDataStack, const PVOID buffer, DWORD size) {
103 | 	auto status = NtPushDataStack(hDataStack, buffer, size);
104 | 	if (!NT_SUCCESS(status))
105 | 		SetLastError(RtlNtStatusToDosError(status));
106 | 
107 | 	return NT_SUCCESS(status);
108 | }
109 | 
110 | _Use_decl_annotations_
111 | BOOL WINAPI PopDataStack(HANDLE hDataStack, PVOID buffer, DWORD* size) {
112 | 	auto status = NtPopDataStack(hDataStack, buffer, size);
113 | 	if (!NT_SUCCESS(status))
114 | 		SetLastError(RtlNtStatusToDosError(status));
115 | 
116 | 	return NT_SUCCESS(status);
117 | }
118 | 
119 | _Use_decl_annotations_
120 | BOOL WINAPI ClearDataStack(HANDLE hDataStack) {
121 | 	auto status = NtClearDataStack(hDataStack);
122 | 	if (!NT_SUCCESS(status))
123 | 		SetLastError(RtlNtStatusToDosError(status));
124 | 
125 | 	return NT_SUCCESS(status);
126 | }
127 | 
128 | _Use_decl_annotations_
129 | BOOL WINAPI GetDataStackSize(HANDLE hDataStack, ULONG_PTR* pSize) {
130 | 	auto status = NtQueryInformationDataStack(hDataStack, DataStackTotalSize, pSize, sizeof(ULONG_PTR), nullptr);
131 | 	if (!NT_SUCCESS(status))
132 | 		SetLastError(RtlNtStatusToDosError(status));
133 | 
134 | 	return NT_SUCCESS(status);
135 | }
136 | 
137 | _Use_decl_annotations_
138 | BOOL WINAPI GetDataStackItemCount(HANDLE hDataStack, ULONG* pCount) {
139 | 	auto status = NtQueryInformationDataStack(hDataStack, DataStackItemCount, pCount, sizeof(ULONG), nullptr);
140 | 	if (!NT_SUCCESS(status))
141 | 		SetLastError(RtlNtStatusToDosError(status));
142 | 
143 | 	return NT_SUCCESS(status);
144 | }
145 | 
146 | _Use_decl_annotations_
147 | BOOL WINAPI GetDataStackConfig(HANDLE hDataStack, DATA_STACK_CONFIG* pConfig) {
148 | 	auto status = NtQueryInformationDataStack(hDataStack, DataStackConfiguration, pConfig, sizeof(DATA_STACK_CONFIG), nullptr);
149 | 	if (!NT_SUCCESS(status))
150 | 		SetLastError(RtlNtStatusToDosError(status));
151 | 
152 | 	return NT_SUCCESS(status);
153 | }
154 | 


--------------------------------------------------------------------------------
/KObjects/KObjects.vcxproj:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup Label="ProjectConfigurations">
  4 |     <ProjectConfiguration Include="Debug|x64">
  5 |       <Configuration>Debug</Configuration>
  6 |       <Platform>x64</Platform>
  7 |     </ProjectConfiguration>
  8 |     <ProjectConfiguration Include="Release|x64">
  9 |       <Configuration>Release</Configuration>
 10 |       <Platform>x64</Platform>
 11 |     </ProjectConfiguration>
 12 |     <ProjectConfiguration Include="Debug|ARM64">
 13 |       <Configuration>Debug</Configuration>
 14 |       <Platform>ARM64</Platform>
 15 |     </ProjectConfiguration>
 16 |     <ProjectConfiguration Include="Release|ARM64">
 17 |       <Configuration>Release</Configuration>
 18 |       <Platform>ARM64</Platform>
 19 |     </ProjectConfiguration>
 20 |   </ItemGroup>
 21 |   <PropertyGroup Label="Globals">
 22 |     <ProjectGuid>{3F5B4B8B-0AB2-4A8D-B5C2-76DFC4D9370B}</ProjectGuid>
 23 |     <TemplateGuid>{dd38f7fc-d7bd-488b-9242-7d8754cde80d}</TemplateGuid>
 24 |     <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
 25 |     <MinimumVisualStudioVersion>12.0</MinimumVisualStudioVersion>
 26 |     <Configuration>Debug</Configuration>
 27 |     <Platform Condition="'$(Platform)' == ''">x64</Platform>
 28 |     <RootNamespace>KObjects</RootNamespace>
 29 |     <WindowsTargetPlatformVersion>$(LatestTargetPlatformVersion)</WindowsTargetPlatformVersion>
 30 |   </PropertyGroup>
 31 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
 32 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
 33 |     <TargetVersion>Windows10</TargetVersion>
 34 |     <UseDebugLibraries>true</UseDebugLibraries>
 35 |     <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
 36 |     <ConfigurationType>Driver</ConfigurationType>
 37 |     <DriverType>WDM</DriverType>
 38 |     <Driver_SpectreMitigation>Spectre</Driver_SpectreMitigation>
 39 |   </PropertyGroup>
 40 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
 41 |     <TargetVersion>Windows10</TargetVersion>
 42 |     <UseDebugLibraries>false</UseDebugLibraries>
 43 |     <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
 44 |     <ConfigurationType>Driver</ConfigurationType>
 45 |     <DriverType>WDM</DriverType>
 46 |     <Driver_SpectreMitigation>Spectre</Driver_SpectreMitigation>
 47 |   </PropertyGroup>
 48 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'" Label="Configuration">
 49 |     <TargetVersion>Windows10</TargetVersion>
 50 |     <UseDebugLibraries>true</UseDebugLibraries>
 51 |     <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
 52 |     <ConfigurationType>Driver</ConfigurationType>
 53 |     <DriverType>WDM</DriverType>
 54 |   </PropertyGroup>
 55 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'" Label="Configuration">
 56 |     <TargetVersion>Windows10</TargetVersion>
 57 |     <UseDebugLibraries>false</UseDebugLibraries>
 58 |     <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
 59 |     <ConfigurationType>Driver</ConfigurationType>
 60 |     <DriverType>WDM</DriverType>
 61 |   </PropertyGroup>
 62 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
 63 |   <ImportGroup Label="ExtensionSettings">
 64 |   </ImportGroup>
 65 |   <ImportGroup Label="PropertySheets">
 66 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 67 |   </ImportGroup>
 68 |   <PropertyGroup Label="UserMacros" />
 69 |   <PropertyGroup />
 70 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 71 |     <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
 72 |   </PropertyGroup>
 73 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 74 |     <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
 75 |   </PropertyGroup>
 76 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">
 77 |     <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
 78 |   </PropertyGroup>
 79 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">
 80 |     <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
 81 |   </PropertyGroup>
 82 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 83 |     <DriverSign>
 84 |       <FileDigestAlgorithm>sha256</FileDigestAlgorithm>
 85 |     </DriverSign>
 86 |     <ClCompile>
 87 |       <DisableSpecificWarnings>4201;4748;%(DisableSpecificWarnings)</DisableSpecificWarnings>
 88 |       <LanguageStandard>stdcpp20</LanguageStandard>
 89 |     </ClCompile>
 90 |   </ItemDefinitionGroup>
 91 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 92 |     <DriverSign>
 93 |       <FileDigestAlgorithm>sha256</FileDigestAlgorithm>
 94 |     </DriverSign>
 95 |     <ClCompile>
 96 |       <DisableSpecificWarnings>4201;4603;4627;4986;4987;%(DisableSpecificWarnings)</DisableSpecificWarnings>
 97 |       <LanguageStandard>stdcpp20</LanguageStandard>
 98 |     </ClCompile>
 99 |   </ItemDefinitionGroup>
100 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">
101 |     <ClCompile>
102 |       <LanguageStandard>stdcpp20</LanguageStandard>
103 |     </ClCompile>
104 |   </ItemDefinitionGroup>
105 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">
106 |     <ClCompile>
107 |       <LanguageStandard>stdcpp20</LanguageStandard>
108 |     </ClCompile>
109 |   </ItemDefinitionGroup>
110 |   <ItemGroup>
111 |     <FilesToPackage Include="$(TargetPath)" />
112 |   </ItemGroup>
113 |   <ItemGroup>
114 |     <ClCompile Include="DataStack.cpp" />
115 |     <ClCompile Include="DataStackDevice.cpp" />
116 |     <ClCompile Include="DataStackImpl.cpp" />
117 |     <ClCompile Include="KObjects.cpp" />
118 |   </ItemGroup>
119 |   <ItemGroup>
120 |     <ClInclude Include="DataStack.h" />
121 |     <ClInclude Include="DataStackConv.h" />
122 |     <ClInclude Include="DataStackNativeAPI.h" />
123 |   </ItemGroup>
124 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
125 |   <ImportGroup Label="ExtensionTargets">
126 |   </ImportGroup>
127 | </Project>


--------------------------------------------------------------------------------
/DSTest/DSTest.vcxproj:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup Label="ProjectConfigurations">
  4 |     <ProjectConfiguration Include="Debug|Win32">
  5 |       <Configuration>Debug</Configuration>
  6 |       <Platform>Win32</Platform>
  7 |     </ProjectConfiguration>
  8 |     <ProjectConfiguration Include="Release|Win32">
  9 |       <Configuration>Release</Configuration>
 10 |       <Platform>Win32</Platform>
 11 |     </ProjectConfiguration>
 12 |     <ProjectConfiguration Include="Debug|x64">
 13 |       <Configuration>Debug</Configuration>
 14 |       <Platform>x64</Platform>
 15 |     </ProjectConfiguration>
 16 |     <ProjectConfiguration Include="Release|x64">
 17 |       <Configuration>Release</Configuration>
 18 |       <Platform>x64</Platform>
 19 |     </ProjectConfiguration>
 20 |   </ItemGroup>
 21 |   <PropertyGroup Label="Globals">
 22 |     <VCProjectVersion>17.0</VCProjectVersion>
 23 |     <Keyword>Win32Proj</Keyword>
 24 |     <ProjectGuid>{203e3d8a-2206-4c78-af4b-9cfafdede7e6}</ProjectGuid>
 25 |     <RootNamespace>DSTest</RootNamespace>
 26 |     <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
 27 |   </PropertyGroup>
 28 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
 29 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
 30 |     <ConfigurationType>Application</ConfigurationType>
 31 |     <UseDebugLibraries>true</UseDebugLibraries>
 32 |     <PlatformToolset>v143</PlatformToolset>
 33 |     <CharacterSet>Unicode</CharacterSet>
 34 |   </PropertyGroup>
 35 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
 36 |     <ConfigurationType>Application</ConfigurationType>
 37 |     <UseDebugLibraries>false</UseDebugLibraries>
 38 |     <PlatformToolset>v143</PlatformToolset>
 39 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 40 |     <CharacterSet>Unicode</CharacterSet>
 41 |   </PropertyGroup>
 42 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
 43 |     <ConfigurationType>Application</ConfigurationType>
 44 |     <UseDebugLibraries>true</UseDebugLibraries>
 45 |     <PlatformToolset>v143</PlatformToolset>
 46 |     <CharacterSet>Unicode</CharacterSet>
 47 |   </PropertyGroup>
 48 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
 49 |     <ConfigurationType>Application</ConfigurationType>
 50 |     <UseDebugLibraries>false</UseDebugLibraries>
 51 |     <PlatformToolset>v143</PlatformToolset>
 52 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 53 |     <CharacterSet>Unicode</CharacterSet>
 54 |   </PropertyGroup>
 55 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
 56 |   <ImportGroup Label="ExtensionSettings">
 57 |   </ImportGroup>
 58 |   <ImportGroup Label="Shared">
 59 |   </ImportGroup>
 60 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 61 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 62 |   </ImportGroup>
 63 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 64 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 65 |   </ImportGroup>
 66 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 67 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 68 |   </ImportGroup>
 69 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 70 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 71 |   </ImportGroup>
 72 |   <PropertyGroup Label="UserMacros" />
 73 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 74 |     <ClCompile>
 75 |       <WarningLevel>Level3</WarningLevel>
 76 |       <SDLCheck>true</SDLCheck>
 77 |       <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
 78 |       <ConformanceMode>true</ConformanceMode>
 79 |     </ClCompile>
 80 |     <Link>
 81 |       <SubSystem>Console</SubSystem>
 82 |       <GenerateDebugInformation>true</GenerateDebugInformation>
 83 |     </Link>
 84 |   </ItemDefinitionGroup>
 85 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 86 |     <ClCompile>
 87 |       <WarningLevel>Level3</WarningLevel>
 88 |       <FunctionLevelLinking>true</FunctionLevelLinking>
 89 |       <IntrinsicFunctions>true</IntrinsicFunctions>
 90 |       <SDLCheck>true</SDLCheck>
 91 |       <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
 92 |       <ConformanceMode>true</ConformanceMode>
 93 |     </ClCompile>
 94 |     <Link>
 95 |       <SubSystem>Console</SubSystem>
 96 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
 97 |       <OptimizeReferences>true</OptimizeReferences>
 98 |       <GenerateDebugInformation>true</GenerateDebugInformation>
 99 |     </Link>
100 |   </ItemDefinitionGroup>
101 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
102 |     <ClCompile>
103 |       <WarningLevel>Level3</WarningLevel>
104 |       <SDLCheck>true</SDLCheck>
105 |       <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
106 |       <ConformanceMode>true</ConformanceMode>
107 |     </ClCompile>
108 |     <Link>
109 |       <SubSystem>Console</SubSystem>
110 |       <GenerateDebugInformation>true</GenerateDebugInformation>
111 |     </Link>
112 |   </ItemDefinitionGroup>
113 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
114 |     <ClCompile>
115 |       <WarningLevel>Level3</WarningLevel>
116 |       <FunctionLevelLinking>true</FunctionLevelLinking>
117 |       <IntrinsicFunctions>true</IntrinsicFunctions>
118 |       <SDLCheck>true</SDLCheck>
119 |       <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
120 |       <ConformanceMode>true</ConformanceMode>
121 |     </ClCompile>
122 |     <Link>
123 |       <SubSystem>Console</SubSystem>
124 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
125 |       <OptimizeReferences>true</OptimizeReferences>
126 |       <GenerateDebugInformation>true</GenerateDebugInformation>
127 |     </Link>
128 |   </ItemDefinitionGroup>
129 |   <ItemGroup>
130 |     <ClCompile Include="DSTest.cpp" />
131 |   </ItemGroup>
132 |   <ItemGroup>
133 |     <ProjectReference Include="..\DataStack\DataStack.vcxproj">
134 |       <Project>{ad3a2356-58c4-4737-a121-4e9dc3a5e583}</Project>
135 |     </ProjectReference>
136 |   </ItemGroup>
137 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
138 |   <ImportGroup Label="ExtensionTargets">
139 |   </ImportGroup>
140 | </Project>


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
  1 | ## Ignore Visual Studio temporary files, build results, and
  2 | ## files generated by popular Visual Studio add-ons.
  3 | ##
  4 | ## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
  5 | 
  6 | # User-specific files
  7 | *.rsuser
  8 | *.suo
  9 | *.user
 10 | *.userosscache
 11 | *.sln.docstates
 12 | 
 13 | # User-specific files (MonoDevelop/Xamarin Studio)
 14 | *.userprefs
 15 | 
 16 | # Mono auto generated files
 17 | mono_crash.*
 18 | 
 19 | # Build results
 20 | [Dd]ebug/
 21 | [Dd]ebugPublic/
 22 | [Rr]elease/
 23 | [Rr]eleases/
 24 | x64/
 25 | x86/
 26 | [Ww][Ii][Nn]32/
 27 | [Aa][Rr][Mm]/
 28 | [Aa][Rr][Mm]64/
 29 | bld/
 30 | [Bb]in/
 31 | [Oo]bj/
 32 | [Oo]ut/
 33 | [Ll]og/
 34 | [Ll]ogs/
 35 | 
 36 | # Visual Studio 2015/2017 cache/options directory
 37 | .vs/
 38 | # Uncomment if you have tasks that create the project's static files in wwwroot
 39 | #wwwroot/
 40 | 
 41 | # Visual Studio 2017 auto generated files
 42 | Generated\ Files/
 43 | 
 44 | # MSTest test Results
 45 | [Tt]est[Rr]esult*/
 46 | [Bb]uild[Ll]og.*
 47 | 
 48 | # NUnit
 49 | *.VisualState.xml
 50 | TestResult.xml
 51 | nunit-*.xml
 52 | 
 53 | # Build Results of an ATL Project
 54 | [Dd]ebugPS/
 55 | [Rr]eleasePS/
 56 | dlldata.c
 57 | 
 58 | # Benchmark Results
 59 | BenchmarkDotNet.Artifacts/
 60 | 
 61 | # .NET Core
 62 | project.lock.json
 63 | project.fragment.lock.json
 64 | artifacts/
 65 | 
 66 | # ASP.NET Scaffolding
 67 | ScaffoldingReadMe.txt
 68 | 
 69 | # StyleCop
 70 | StyleCopReport.xml
 71 | 
 72 | # Files built by Visual Studio
 73 | *_i.c
 74 | *_p.c
 75 | *_h.h
 76 | *.ilk
 77 | *.meta
 78 | *.obj
 79 | *.iobj
 80 | *.pch
 81 | *.pdb
 82 | *.ipdb
 83 | *.pgc
 84 | *.pgd
 85 | *.rsp
 86 | *.sbr
 87 | *.tlb
 88 | *.tli
 89 | *.tlh
 90 | *.tmp
 91 | *.tmp_proj
 92 | *_wpftmp.csproj
 93 | *.log
 94 | *.vspscc
 95 | *.vssscc
 96 | .builds
 97 | *.pidb
 98 | *.svclog
 99 | *.scc
100 | 
101 | # Chutzpah Test files
102 | _Chutzpah*
103 | 
104 | # Visual C++ cache files
105 | ipch/
106 | *.aps
107 | *.ncb
108 | *.opendb
109 | *.opensdf
110 | *.sdf
111 | *.cachefile
112 | *.VC.db
113 | *.VC.VC.opendb
114 | 
115 | # Visual Studio profiler
116 | *.psess
117 | *.vsp
118 | *.vspx
119 | *.sap
120 | 
121 | # Visual Studio Trace Files
122 | *.e2e
123 | 
124 | # TFS 2012 Local Workspace
125 | $tf/
126 | 
127 | # Guidance Automation Toolkit
128 | *.gpState
129 | 
130 | # ReSharper is a .NET coding add-in
131 | _ReSharper*/
132 | *.[Rr]e[Ss]harper
133 | *.DotSettings.user
134 | 
135 | # TeamCity is a build add-in
136 | _TeamCity*
137 | 
138 | # DotCover is a Code Coverage Tool
139 | *.dotCover
140 | 
141 | # AxoCover is a Code Coverage Tool
142 | .axoCover/*
143 | !.axoCover/settings.json
144 | 
145 | # Coverlet is a free, cross platform Code Coverage Tool
146 | coverage*.json
147 | coverage*.xml
148 | coverage*.info
149 | 
150 | # Visual Studio code coverage results
151 | *.coverage
152 | *.coveragexml
153 | 
154 | # NCrunch
155 | _NCrunch_*
156 | .*crunch*.local.xml
157 | nCrunchTemp_*
158 | 
159 | # MightyMoose
160 | *.mm.*
161 | AutoTest.Net/
162 | 
163 | # Web workbench (sass)
164 | .sass-cache/
165 | 
166 | # Installshield output folder
167 | [Ee]xpress/
168 | 
169 | # DocProject is a documentation generator add-in
170 | DocProject/buildhelp/
171 | DocProject/Help/*.HxT
172 | DocProject/Help/*.HxC
173 | DocProject/Help/*.hhc
174 | DocProject/Help/*.hhk
175 | DocProject/Help/*.hhp
176 | DocProject/Help/Html2
177 | DocProject/Help/html
178 | 
179 | # Click-Once directory
180 | publish/
181 | 
182 | # Publish Web Output
183 | *.[Pp]ublish.xml
184 | *.azurePubxml
185 | # Note: Comment the next line if you want to checkin your web deploy settings,
186 | # but database connection strings (with potential passwords) will be unencrypted
187 | *.pubxml
188 | *.publishproj
189 | 
190 | # Microsoft Azure Web App publish settings. Comment the next line if you want to
191 | # checkin your Azure Web App publish settings, but sensitive information contained
192 | # in these scripts will be unencrypted
193 | PublishScripts/
194 | 
195 | # NuGet Packages
196 | *.nupkg
197 | # NuGet Symbol Packages
198 | *.snupkg
199 | # The packages folder can be ignored because of Package Restore
200 | **/[Pp]ackages/*
201 | # except build/, which is used as an MSBuild target.
202 | !**/[Pp]ackages/build/
203 | # Uncomment if necessary however generally it will be regenerated when needed
204 | #!**/[Pp]ackages/repositories.config
205 | # NuGet v3's project.json files produces more ignorable files
206 | *.nuget.props
207 | *.nuget.targets
208 | 
209 | # Microsoft Azure Build Output
210 | csx/
211 | *.build.csdef
212 | 
213 | # Microsoft Azure Emulator
214 | ecf/
215 | rcf/
216 | 
217 | # Windows Store app package directories and files
218 | AppPackages/
219 | BundleArtifacts/
220 | Package.StoreAssociation.xml
221 | _pkginfo.txt
222 | *.appx
223 | *.appxbundle
224 | *.appxupload
225 | 
226 | # Visual Studio cache files
227 | # files ending in .cache can be ignored
228 | *.[Cc]ache
229 | # but keep track of directories ending in .cache
230 | !?*.[Cc]ache/
231 | 
232 | # Others
233 | ClientBin/
234 | ~$*
235 | *~
236 | *.dbmdl
237 | *.dbproj.schemaview
238 | *.jfm
239 | *.pfx
240 | *.publishsettings
241 | orleans.codegen.cs
242 | 
243 | # Including strong name files can present a security risk
244 | # (https://github.com/github/gitignore/pull/2483#issue-259490424)
245 | #*.snk
246 | 
247 | # Since there are multiple workflows, uncomment next line to ignore bower_components
248 | # (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
249 | #bower_components/
250 | 
251 | # RIA/Silverlight projects
252 | Generated_Code/
253 | 
254 | # Backup & report files from converting an old project file
255 | # to a newer Visual Studio version. Backup files are not needed,
256 | # because we have git ;-)
257 | _UpgradeReport_Files/
258 | Backup*/
259 | UpgradeLog*.XML
260 | UpgradeLog*.htm
261 | ServiceFabricBackup/
262 | *.rptproj.bak
263 | 
264 | # SQL Server files
265 | *.mdf
266 | *.ldf
267 | *.ndf
268 | 
269 | # Business Intelligence projects
270 | *.rdl.data
271 | *.bim.layout
272 | *.bim_*.settings
273 | *.rptproj.rsuser
274 | *- [Bb]ackup.rdl
275 | *- [Bb]ackup ([0-9]).rdl
276 | *- [Bb]ackup ([0-9][0-9]).rdl
277 | 
278 | # Microsoft Fakes
279 | FakesAssemblies/
280 | 
281 | # GhostDoc plugin setting file
282 | *.GhostDoc.xml
283 | 
284 | # Node.js Tools for Visual Studio
285 | .ntvs_analysis.dat
286 | node_modules/
287 | 
288 | # Visual Studio 6 build log
289 | *.plg
290 | 
291 | # Visual Studio 6 workspace options file
292 | *.opt
293 | 
294 | # Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
295 | *.vbw
296 | 
297 | # Visual Studio LightSwitch build output
298 | **/*.HTMLClient/GeneratedArtifacts
299 | **/*.DesktopClient/GeneratedArtifacts
300 | **/*.DesktopClient/ModelManifest.xml
301 | **/*.Server/GeneratedArtifacts
302 | **/*.Server/ModelManifest.xml
303 | _Pvt_Extensions
304 | 
305 | # Paket dependency manager
306 | .paket/paket.exe
307 | paket-files/
308 | 
309 | # FAKE - F# Make
310 | .fake/
311 | 
312 | # CodeRush personal settings
313 | .cr/personal
314 | 
315 | # Python Tools for Visual Studio (PTVS)
316 | __pycache__/
317 | *.pyc
318 | 
319 | # Cake - Uncomment if you are using it
320 | # tools/**
321 | # !tools/packages.config
322 | 
323 | # Tabs Studio
324 | *.tss
325 | 
326 | # Telerik's JustMock configuration file
327 | *.jmconfig
328 | 
329 | # BizTalk build output
330 | *.btp.cs
331 | *.btm.cs
332 | *.odx.cs
333 | *.xsd.cs
334 | 
335 | # OpenCover UI analysis results
336 | OpenCover/
337 | 
338 | # Azure Stream Analytics local run output
339 | ASALocalRun/
340 | 
341 | # MSBuild Binary and Structured Log
342 | *.binlog
343 | 
344 | # NVidia Nsight GPU debugger configuration file
345 | *.nvuser
346 | 
347 | # MFractors (Xamarin productivity tool) working folder
348 | .mfractor/
349 | 
350 | # Local History for Visual Studio
351 | .localhistory/
352 | 
353 | # BeatPulse healthcheck temp database
354 | healthchecksdb
355 | 
356 | # Backup folder for Package Reference Convert tool in Visual Studio 2017
357 | MigrationBackup/
358 | 
359 | # Ionide (cross platform F# VS Code tools) working folder
360 | .ionide/
361 | 
362 | # Fody - auto-generated XML schema
363 | FodyWeavers.xsd


--------------------------------------------------------------------------------
/DataStack/DataStack.vcxproj:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup Label="ProjectConfigurations">
  4 |     <ProjectConfiguration Include="Debug|Win32">
  5 |       <Configuration>Debug</Configuration>
  6 |       <Platform>Win32</Platform>
  7 |     </ProjectConfiguration>
  8 |     <ProjectConfiguration Include="Release|Win32">
  9 |       <Configuration>Release</Configuration>
 10 |       <Platform>Win32</Platform>
 11 |     </ProjectConfiguration>
 12 |     <ProjectConfiguration Include="Debug|x64">
 13 |       <Configuration>Debug</Configuration>
 14 |       <Platform>x64</Platform>
 15 |     </ProjectConfiguration>
 16 |     <ProjectConfiguration Include="Release|x64">
 17 |       <Configuration>Release</Configuration>
 18 |       <Platform>x64</Platform>
 19 |     </ProjectConfiguration>
 20 |   </ItemGroup>
 21 |   <PropertyGroup Label="Globals">
 22 |     <VCProjectVersion>17.0</VCProjectVersion>
 23 |     <Keyword>Win32Proj</Keyword>
 24 |     <ProjectGuid>{ad3a2356-58c4-4737-a121-4e9dc3a5e583}</ProjectGuid>
 25 |     <RootNamespace>DataStack</RootNamespace>
 26 |     <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
 27 |   </PropertyGroup>
 28 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
 29 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
 30 |     <ConfigurationType>DynamicLibrary</ConfigurationType>
 31 |     <UseDebugLibraries>true</UseDebugLibraries>
 32 |     <PlatformToolset>v143</PlatformToolset>
 33 |     <CharacterSet>Unicode</CharacterSet>
 34 |   </PropertyGroup>
 35 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
 36 |     <ConfigurationType>DynamicLibrary</ConfigurationType>
 37 |     <UseDebugLibraries>false</UseDebugLibraries>
 38 |     <PlatformToolset>v143</PlatformToolset>
 39 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 40 |     <CharacterSet>Unicode</CharacterSet>
 41 |   </PropertyGroup>
 42 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
 43 |     <ConfigurationType>DynamicLibrary</ConfigurationType>
 44 |     <UseDebugLibraries>true</UseDebugLibraries>
 45 |     <PlatformToolset>v143</PlatformToolset>
 46 |     <CharacterSet>Unicode</CharacterSet>
 47 |   </PropertyGroup>
 48 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
 49 |     <ConfigurationType>DynamicLibrary</ConfigurationType>
 50 |     <UseDebugLibraries>false</UseDebugLibraries>
 51 |     <PlatformToolset>v143</PlatformToolset>
 52 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 53 |     <CharacterSet>Unicode</CharacterSet>
 54 |   </PropertyGroup>
 55 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
 56 |   <ImportGroup Label="ExtensionSettings">
 57 |   </ImportGroup>
 58 |   <ImportGroup Label="Shared">
 59 |   </ImportGroup>
 60 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 61 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 62 |   </ImportGroup>
 63 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 64 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 65 |   </ImportGroup>
 66 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 67 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 68 |   </ImportGroup>
 69 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 70 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 71 |   </ImportGroup>
 72 |   <PropertyGroup Label="UserMacros" />
 73 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 74 |     <ClCompile>
 75 |       <WarningLevel>Level3</WarningLevel>
 76 |       <SDLCheck>true</SDLCheck>
 77 |       <PreprocessorDefinitions>WIN32;_DEBUG;DATASTACK_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
 78 |       <ConformanceMode>true</ConformanceMode>
 79 |       <PrecompiledHeader>Use</PrecompiledHeader>
 80 |       <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
 81 |       <LanguageStandard>stdcpp20</LanguageStandard>
 82 |     </ClCompile>
 83 |     <Link>
 84 |       <SubSystem>Windows</SubSystem>
 85 |       <GenerateDebugInformation>true</GenerateDebugInformation>
 86 |       <EnableUAC>false</EnableUAC>
 87 |       <ModuleDefinitionFile>DataStack.def</ModuleDefinitionFile>
 88 |     </Link>
 89 |   </ItemDefinitionGroup>
 90 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 91 |     <ClCompile>
 92 |       <WarningLevel>Level3</WarningLevel>
 93 |       <FunctionLevelLinking>true</FunctionLevelLinking>
 94 |       <IntrinsicFunctions>true</IntrinsicFunctions>
 95 |       <SDLCheck>true</SDLCheck>
 96 |       <PreprocessorDefinitions>WIN32;NDEBUG;DATASTACK_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
 97 |       <ConformanceMode>true</ConformanceMode>
 98 |       <PrecompiledHeader>Use</PrecompiledHeader>
 99 |       <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
100 |       <LanguageStandard>stdcpp20</LanguageStandard>
101 |     </ClCompile>
102 |     <Link>
103 |       <SubSystem>Windows</SubSystem>
104 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
105 |       <OptimizeReferences>true</OptimizeReferences>
106 |       <GenerateDebugInformation>true</GenerateDebugInformation>
107 |       <EnableUAC>false</EnableUAC>
108 |       <ModuleDefinitionFile>DataStack.def</ModuleDefinitionFile>
109 |     </Link>
110 |   </ItemDefinitionGroup>
111 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
112 |     <ClCompile>
113 |       <WarningLevel>Level3</WarningLevel>
114 |       <SDLCheck>true</SDLCheck>
115 |       <PreprocessorDefinitions>_DEBUG;DATASTACK_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
116 |       <ConformanceMode>true</ConformanceMode>
117 |       <PrecompiledHeader>Use</PrecompiledHeader>
118 |       <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
119 |       <LanguageStandard>stdcpp20</LanguageStandard>
120 |     </ClCompile>
121 |     <Link>
122 |       <SubSystem>Windows</SubSystem>
123 |       <GenerateDebugInformation>true</GenerateDebugInformation>
124 |       <EnableUAC>false</EnableUAC>
125 |       <ModuleDefinitionFile>DataStack.def</ModuleDefinitionFile>
126 |     </Link>
127 |   </ItemDefinitionGroup>
128 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
129 |     <ClCompile>
130 |       <WarningLevel>Level3</WarningLevel>
131 |       <FunctionLevelLinking>true</FunctionLevelLinking>
132 |       <IntrinsicFunctions>true</IntrinsicFunctions>
133 |       <SDLCheck>true</SDLCheck>
134 |       <PreprocessorDefinitions>NDEBUG;DATASTACK_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
135 |       <ConformanceMode>true</ConformanceMode>
136 |       <PrecompiledHeader>Use</PrecompiledHeader>
137 |       <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
138 |       <LanguageStandard>stdcpp20</LanguageStandard>
139 |     </ClCompile>
140 |     <Link>
141 |       <SubSystem>Windows</SubSystem>
142 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
143 |       <OptimizeReferences>true</OptimizeReferences>
144 |       <GenerateDebugInformation>true</GenerateDebugInformation>
145 |       <EnableUAC>false</EnableUAC>
146 |       <ModuleDefinitionFile>DataStack.def</ModuleDefinitionFile>
147 |     </Link>
148 |   </ItemDefinitionGroup>
149 |   <ItemGroup>
150 |     <ClInclude Include="DataStackAPI.h" />
151 |     <ClInclude Include="pch.h" />
152 |   </ItemGroup>
153 |   <ItemGroup>
154 |     <ClCompile Include="DataStackAPI.cpp" />
155 |     <ClCompile Include="dllmain.cpp" />
156 |     <ClCompile Include="NativeDataStackAPI.cpp" />
157 |     <ClCompile Include="pch.cpp">
158 |       <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader>
159 |       <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
160 |       <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>
161 |       <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">Create</PrecompiledHeader>
162 |     </ClCompile>
163 |   </ItemGroup>
164 |   <ItemGroup>
165 |     <None Include="DataStack.def" />
166 |   </ItemGroup>
167 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
168 |   <ImportGroup Label="ExtensionTargets">
169 |   </ImportGroup>
170 | </Project>


--------------------------------------------------------------------------------
/KObjects/DataStack.cpp:
--------------------------------------------------------------------------------
  1 | #include <ntifs.h>
  2 | #include "DataStack.h"
  3 | #include "DataStackNativeAPI.h"
  4 | 
  5 | POBJECT_TYPE g_DataStackType;
  6 | 
  7 | typedef struct _OBJECT_DUMP_CONTROL {
  8 | 	PVOID Stream;
  9 | 	ULONG Detail;
 10 | } OB_DUMP_CONTROL, * POB_DUMP_CONTROL;
 11 | 
 12 | typedef VOID(*OB_DUMP_METHOD)(
 13 | 	_In_ PVOID Object,
 14 | 	_In_opt_ POB_DUMP_CONTROL Control);
 15 | 
 16 | typedef enum _OB_OPEN_REASON {
 17 | 	ObCreateHandle,
 18 | 	ObOpenHandle,
 19 | 	ObDuplicateHandle,
 20 | 	ObInheritHandle,
 21 | 	ObMaxOpenReason
 22 | } OB_OPEN_REASON;
 23 | 
 24 | typedef NTSTATUS(*OB_OPEN_METHOD)(
 25 | 	_In_ OB_OPEN_REASON OpenReason,
 26 | 	_In_ KPROCESSOR_MODE AccessMode,
 27 | 	_In_opt_ PEPROCESS Process,
 28 | 	_In_ PVOID Object,
 29 | 	_Inout_ PACCESS_MASK GrantedAccess,
 30 | 	_In_ ULONG HandleCount
 31 | 	);
 32 | 
 33 | typedef BOOLEAN(*OB_OKAYTOCLOSE_METHOD)(
 34 | 	_In_opt_ PEPROCESS Process,
 35 | 	_In_ PVOID Object,
 36 | 	_In_ HANDLE Handle,
 37 | 	_In_ KPROCESSOR_MODE PreviousMode
 38 | 	);
 39 | 
 40 | typedef VOID(*OB_CLOSE_METHOD)(
 41 | 	_In_opt_ PEPROCESS Process,
 42 | 	_In_ PVOID Object,
 43 | 	_In_ ULONG_PTR ProcessHandleCount,
 44 | 	_In_ ULONG_PTR SystemHandleCount
 45 | 	);
 46 | 
 47 | typedef VOID(*OB_DELETE_METHOD)(
 48 | 	_In_  PVOID   Object
 49 | 	);
 50 | 
 51 | typedef NTSTATUS(*OB_SECURITY_METHOD)(
 52 | 	_In_ PVOID Object,
 53 | 	_In_ SECURITY_OPERATION_CODE OperationCode,
 54 | 	_In_ PSECURITY_INFORMATION SecurityInformation,
 55 | 	_Inout_ PSECURITY_DESCRIPTOR SecurityDescriptor,
 56 | 	_Inout_ PULONG CapturedLength,
 57 | 	_Inout_ PSECURITY_DESCRIPTOR* ObjectsSecurityDescriptor,
 58 | 	_In_ POOL_TYPE PoolType,
 59 | 	_In_ PGENERIC_MAPPING GenericMapping,
 60 | 	_In_ KPROCESSOR_MODE Mode
 61 | 	);
 62 | 
 63 | typedef NTSTATUS(*OB_QUERYNAME_METHOD)(
 64 | 	_In_ PVOID Object,
 65 | 	_In_ BOOLEAN HasObjectName,
 66 | 	_Out_writes_bytes_opt_(Length) POBJECT_NAME_INFORMATION ObjectNameInfo,
 67 | 	_In_ ULONG Length,
 68 | 	_Out_ PULONG ReturnLength,
 69 | 	_In_ KPROCESSOR_MODE Mode
 70 | 	);
 71 | 
 72 | typedef NTSTATUS(*OB_PARSE_METHOD)(
 73 | 	_In_ PVOID ParseObject,
 74 | 	_In_ PVOID ObjectType,
 75 | 	_Inout_ PACCESS_STATE AccessState,
 76 | 	_In_ KPROCESSOR_MODE AccessMode,
 77 | 	_In_ ULONG Attributes,
 78 | 	_Inout_ PUNICODE_STRING CompleteName,
 79 | 	_Inout_ PUNICODE_STRING RemainingName,
 80 | 	_Inout_opt_ PVOID Context,
 81 | 	_In_opt_ PSECURITY_QUALITY_OF_SERVICE SecurityQos,
 82 | 	_Out_ PVOID* Object);
 83 | 
 84 | typedef struct _OBJECT_TYPE_INITIALIZER {
 85 | 	USHORT Length;
 86 | 	union {
 87 | 		USHORT Flags;
 88 | 		struct {
 89 | 			UCHAR CaseInsensitive : 1;
 90 | 			UCHAR UnnamedObjectsOnly : 1;
 91 | 			UCHAR UseDefaultObject : 1;
 92 | 			UCHAR SecurityRequired : 1;
 93 | 			UCHAR MaintainHandleCount : 1;
 94 | 			UCHAR MaintainTypeList : 1;
 95 | 			UCHAR SupportsObjectCallbacks : 1;
 96 | 			UCHAR CacheAligned : 1;
 97 | 			UCHAR UseExtendedParameters : 1;
 98 | 			UCHAR _Reserved : 7;
 99 | 		};
100 | 	};
101 | 
102 | 	ULONG ObjectTypeCode;
103 | 	ULONG InvalidAttributes;
104 | 	GENERIC_MAPPING GenericMapping;
105 | 	ULONG ValidAccessMask;
106 | 	ULONG RetainAccess;
107 | 	POOL_TYPE PoolType;
108 | 	ULONG DefaultPagedPoolCharge;
109 | 	ULONG DefaultNonPagedPoolCharge;
110 | 	OB_DUMP_METHOD DumpProcedure;
111 | 	OB_OPEN_METHOD OpenProcedure;
112 | 	OB_CLOSE_METHOD CloseProcedure;
113 | 	OB_DELETE_METHOD DeleteProcedure;
114 | 	OB_PARSE_METHOD ParseProcedure;
115 | 	OB_SECURITY_METHOD SecurityProcedure;
116 | 	OB_QUERYNAME_METHOD QueryNameProcedure;
117 | 	OB_OKAYTOCLOSE_METHOD OkayToCloseProcedure;
118 | 	ULONG WaitObjectFlagMask;
119 | 	USHORT WaitObjectFlagOffset;
120 | 	USHORT WaitObjectPointerOffset;
121 | } OBJECT_TYPE_INITIALIZER, * POBJECT_TYPE_INITIALIZER;
122 | 
123 | extern "C" {
124 | 	NTSTATUS NTAPI ObCreateObjectType(
125 | 		_In_ PUNICODE_STRING TypeName,
126 | 		_In_ POBJECT_TYPE_INITIALIZER ObjectTypeInitializer,
127 | 		_In_opt_ PSECURITY_DESCRIPTOR sd,
128 | 		_Deref_out_ POBJECT_TYPE* ObjectType);
129 | 
130 | 	NTSTATUS NTAPI ObCreateObject(
131 | 		_In_ KPROCESSOR_MODE ProbeMode,
132 | 		_In_ POBJECT_TYPE ObjectType,
133 | 		_In_opt_ POBJECT_ATTRIBUTES ObjectAttributes,
134 | 		_In_ KPROCESSOR_MODE OwnershipMode,
135 | 		_Inout_opt_ PVOID ParseContext,
136 | 		_In_ ULONG ObjectBodySize,
137 | 		_In_ ULONG PagedPoolCharge,
138 | 		_In_ ULONG NonPagedPoolCharge,
139 | 		_Deref_out_ PVOID* Object);
140 | 
141 | 	NTSTATUS NTAPI ObOpenObjectByName(
142 | 		_In_ POBJECT_ATTRIBUTES ObjectAttributes,
143 | 		_In_ POBJECT_TYPE ObjectType,
144 | 		_In_ KPROCESSOR_MODE AccessMode,
145 | 		_Inout_opt_ PACCESS_STATE AccessState,
146 | 		_In_opt_ ACCESS_MASK DesiredAccess,
147 | 		_Inout_opt_ PVOID ParseContext,
148 | 		_Out_ PHANDLE Handle);
149 | 
150 | 	NTSTATUS NTAPI ZwGetNextProcess(
151 | 		_In_opt_ HANDLE ProcessHandle,
152 | 		_In_ ACCESS_MASK DesiredAccess,
153 | 		_In_ ULONG HandleAttributes,
154 | 		_In_ ULONG Flags,
155 | 		_Out_ PHANDLE NewProcessHandle);
156 | }
157 | 
158 | PEPROCESS GetUserProcess() {
159 | 	HANDLE hProcess = nullptr, hNewProcess;
160 | 	for (int i = 0; i < 6; i++) {
161 | 		auto status = ZwGetNextProcess(hProcess, GENERIC_READ, OBJ_KERNEL_HANDLE, 0, &hNewProcess);
162 | 		if (hProcess)
163 | 			NtClose(hProcess);
164 | 
165 | 		if (!NT_SUCCESS(status))
166 | 			break;
167 | 
168 | 		hProcess = hNewProcess;
169 | 	}
170 | 	PEPROCESS process = nullptr;
171 | 	if (hProcess) {
172 | 		KdPrint(("Using handle 0x%p for process\n", hProcess));
173 | 		ObReferenceObjectByHandle(hProcess, GENERIC_READ, *PsProcessType, KernelMode, (PVOID*)&process, nullptr);
174 | 		ZwClose(hProcess);
175 | 	}
176 | 	KdPrint(("Process object from handle 0x%p (PID: 0x%X)\n", process, 
177 | 		process ? HandleToULong(PsGetProcessId(process)) : 0));
178 | 	return process;
179 | }
180 | 
181 | NTSTATUS DsCreateDataStackObjectType() {
182 | 	UNICODE_STRING typeName = RTL_CONSTANT_STRING(L"DataStack");
183 | 	OBJECT_TYPE_INITIALIZER init{ sizeof(init) };
184 | 	init.DefaultNonPagedPoolCharge = sizeof(DataStack);
185 | 	init.PoolType = NonPagedPoolNx;
186 | 	init.ValidAccessMask = DATA_STACK_ALL_ACCESS;
187 | 	init.DeleteProcedure = OnDataStackDelete;
188 | 	init.SecurityRequired = TRUE;
189 | 
190 | 	GENERIC_MAPPING mapping{
191 | 		STANDARD_RIGHTS_READ | DATA_STACK_QUERY,
192 | 		STANDARD_RIGHTS_WRITE | DATA_STACK_PUSH | DATA_STACK_POP | DATA_STACK_CLEAR,
193 | 		STANDARD_RIGHTS_EXECUTE | SYNCHRONIZE,
194 | 		DATA_STACK_ALL_ACCESS
195 | 	};
196 | 	init.GenericMapping = mapping;
197 | 
198 | 	auto status = ObCreateObjectType(&typeName, &init, nullptr, &g_DataStackType);
199 | 
200 | 	if (status == STATUS_OBJECT_NAME_COLLISION) {
201 | 		KdPrint(("DataStack Object type already exists\n"));
202 | 	}
203 | 	return status;
204 | }
205 | 
206 | void DsInitializeDataStack(DataStack* DataStack, ULONG MaxItemSize, ULONG MaxItemCount, ULONG_PTR MaxSize) {
207 | 	InitializeListHead(&DataStack->Head);
208 | 	ExInitializeFastMutex(&DataStack->Lock);
209 | 	KeInitializeEvent(&DataStack->Event, NotificationEvent, FALSE);
210 | 	DataStack->Count = 0;
211 | 	DataStack->MaxItemCount = MaxItemCount;
212 | 	DataStack->Size = 0;
213 | 	DataStack->MaxItemSize = MaxItemSize;
214 | 	DataStack->MaxSize = MaxSize;
215 | }
216 | 
217 | NTSTATUS NTAPI NtCreateDataStack(_Out_ PHANDLE DataStackHandle, _In_opt_ POBJECT_ATTRIBUTES DataStackAttributes, _In_ ULONG MaxItemSize, _In_ ULONG MaxItemCount, ULONG_PTR MaxSize) {
218 | 	auto mode = ExGetPreviousMode();
219 | 
220 | 	extern POBJECT_TYPE g_DataStackType;
221 | 	//
222 | 	// sanity check
223 | 	//
224 | 	if (g_DataStackType == nullptr)
225 | 		return STATUS_NOT_FOUND;
226 | 
227 | 	DataStack* ds;
228 | 	auto status = ObCreateObject(mode, g_DataStackType, DataStackAttributes, mode,
229 | 		nullptr, sizeof(DataStack), 0, 0, (PVOID*)&ds);
230 | 	if (!NT_SUCCESS(status)) {
231 | 		KdPrint(("Error in ObCreateObject (0x%X)\n", status));
232 | 		return status;
233 | 	}
234 | 
235 | 	DsInitializeDataStack(ds, MaxItemSize, MaxItemCount, MaxSize);
236 | 	HANDLE hDataStack;
237 | 	status = ObInsertObject(ds, nullptr, DATA_STACK_ALL_ACCESS, 0, nullptr, &hDataStack);
238 | 	if (NT_SUCCESS(status)) {
239 | 		if (mode != KernelMode) {
240 | 			__try {
241 | 				*DataStackHandle = hDataStack;
242 | 			}
243 | 			__except (EXCEPTION_EXECUTE_HANDLER) {
244 | 
245 | 			}
246 | 		}
247 | 		else {
248 | 			*DataStackHandle = hDataStack;
249 | 		}
250 | 	}
251 | 	else {
252 | 		KdPrint(("Error in ObInsertObject (0x%X)\n", status));
253 | 	}
254 | 	return status;
255 | }
256 | 
257 | NTSTATUS NTAPI NtOpenDataStack(_Out_ PHANDLE DataStackHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES DataStackAttributes) {
258 | 	return ObOpenObjectByName(DataStackAttributes, g_DataStackType, ExGetPreviousMode(),
259 | 		nullptr, DesiredAccess, nullptr, DataStackHandle);
260 | }
261 | 
262 | _Use_decl_annotations_
263 | NTSTATUS NTAPI NtPushDataStack(HANDLE DataStackHandle, const PVOID Item, ULONG ItemSize) {
264 | 	if (ItemSize == 0)
265 | 		return STATUS_INVALID_PARAMETER_3;
266 | 
267 | 	if (!ARGUMENT_PRESENT(Item))
268 | 		return STATUS_INVALID_PARAMETER_2;
269 | 
270 | 	DataStack* ds;
271 | 	auto status = ObReferenceObjectByHandleWithTag(DataStackHandle, DATA_STACK_PUSH, g_DataStackType,
272 | 		ExGetPreviousMode(), DataStackTag, (PVOID*)&ds, nullptr);
273 | 	if (!NT_SUCCESS(status))
274 | 		return status;
275 | 
276 | 	status = DsPushDataStack(ds, Item, ItemSize);
277 | 	ObDereferenceObjectWithTag(ds, DataStackTag);
278 | 
279 | 	return status;
280 | }
281 | 
282 | _Use_decl_annotations_
283 | NTSTATUS NTAPI NtPopDataStack(HANDLE DataStackHandle, PVOID Buffer, PULONG BufferSize) {
284 | 	if (!ARGUMENT_PRESENT(BufferSize))
285 | 		return STATUS_INVALID_PARAMETER_3;
286 | 
287 | 	ULONG size;
288 | 	if (ExGetPreviousMode() != KernelMode) {
289 | 		__try {
290 | 			ProbeForRead(BufferSize, sizeof(ULONG), 1);
291 | 			size = *BufferSize;
292 | 		}
293 | 		__except (EXCEPTION_EXECUTE_HANDLER) {
294 | 			return GetExceptionCode();
295 | 		}
296 | 	}
297 | 	else {
298 | 		size = *BufferSize;
299 | 	}
300 | 
301 | 	if (!ARGUMENT_PRESENT(Buffer) && size != 0)
302 | 		return STATUS_INVALID_PARAMETER_2;
303 | 
304 | 	DataStack* ds;
305 | 	auto status = ObReferenceObjectByHandleWithTag(DataStackHandle, DATA_STACK_POP, g_DataStackType,
306 | 		ExGetPreviousMode(), DataStackTag, (PVOID*)&ds, nullptr);
307 | 	if (!NT_SUCCESS(status))
308 | 		return status;
309 | 
310 | 	status = DsPopDataStack(ds, Buffer, size, BufferSize);
311 | 	ObDereferenceObjectWithTag(ds, DataStackTag);
312 | 	return status;
313 | }
314 | 
315 | NTSTATUS NTAPI NtClearDataStack(HANDLE DataStackHandle) {
316 | 	DataStack* ds;
317 | 	auto status = ObReferenceObjectByHandleWithTag(DataStackHandle, DATA_STACK_CLEAR, g_DataStackType,
318 | 		ExGetPreviousMode(), DataStackTag, (PVOID*)&ds, nullptr);
319 | 	if (!NT_SUCCESS(status))
320 | 		return status;
321 | 
322 | 	status = DsClearDataStack(ds);
323 | 	ObDereferenceObjectWithTag(ds, DataStackTag);
324 | 
325 | 	return status;
326 | }
327 | 
328 | NTSTATUS NTAPI NtQueryInformationDataStack(_In_ HANDLE DataStackHandle, _In_ DataStackInformationClass InformationClass, _Out_ PVOID Buffer, _In_ ULONG BufferSize, _Out_opt_ PULONG ReturnLength) {
329 | 	DataStack* ds;
330 | 	auto status = ObReferenceObjectByHandleWithTag(DataStackHandle, DATA_STACK_QUERY, g_DataStackType,
331 | 		ExGetPreviousMode(), DataStackTag, (PVOID*)&ds, nullptr);
332 | 	if (!NT_SUCCESS(status))
333 | 		return status;
334 | 
335 | 	__try {
336 | 		//
337 | 		// if no buffer provided then ReturnLength must be 
338 | 		// non-NULL and buffer size must be zero
339 | 		//
340 | 		if (!ARGUMENT_PRESENT(Buffer) && (!ARGUMENT_PRESENT(ReturnLength) || BufferSize != 0))
341 | 			return STATUS_INVALID_PARAMETER;
342 | 
343 | 		//
344 | 		// if buffer provided, then size must be non-zero
345 | 		//
346 | 		if (ARGUMENT_PRESENT(Buffer) && BufferSize == 0)
347 | 			return STATUS_INVALID_PARAMETER;
348 | 
349 | 
350 | 		ULONG len = 0;
351 | 		switch (InformationClass) {
352 | 			case DataStackItemCount: len = sizeof(ULONG); break;
353 | 			case DataStackTotalSize: len = sizeof(ULONG_PTR); break;
354 | 			case DataStackConfiguration: len = sizeof(DATA_STACK_CONFIGURATION); break;
355 | 			default: return STATUS_INVALID_INFO_CLASS;
356 | 		}
357 | 
358 | 		if (BufferSize < len) {
359 | 			status = STATUS_BUFFER_TOO_SMALL;
360 | 		}
361 | 		else {
362 | 			if (ExGetPreviousMode() != KernelMode) {
363 | 				__try {
364 | 					if (ARGUMENT_PRESENT(Buffer))
365 | 						ProbeForWrite(Buffer, BufferSize, 1);
366 | 					if (ARGUMENT_PRESENT(ReturnLength))
367 | 						ProbeForWrite(ReturnLength, sizeof(ULONG), 1);
368 | 				}
369 | 				__except (EXCEPTION_EXECUTE_HANDLER) {
370 | 					return GetExceptionCode();
371 | 				}
372 | 			}
373 | 
374 | 			switch (InformationClass) {
375 | 				case DataStackItemCount:
376 | 				{
377 | 					ExAcquireFastMutex(&ds->Lock);
378 | 					auto count = ds->Count;
379 | 					ExReleaseFastMutex(&ds->Lock);
380 | 
381 | 					if (ExGetPreviousMode() != KernelMode) {
382 | 						__try {
383 | 							*(ULONG*)Buffer = count;
384 | 						}
385 | 						__except (EXCEPTION_EXECUTE_HANDLER) {
386 | 							return GetExceptionCode();
387 | 						}
388 | 					}
389 | 					else {
390 | 						*(ULONG*)Buffer = count;
391 | 					}
392 | 					break;
393 | 				}
394 | 
395 | 				case DataStackTotalSize:
396 | 				{
397 | 					ExAcquireFastMutex(&ds->Lock);
398 | 					auto total = ds->Size;
399 | 					ExReleaseFastMutex(&ds->Lock);
400 | 
401 | 					if (ExGetPreviousMode() != KernelMode) {
402 | 						__try {
403 | 							*(ULONG_PTR*)Buffer = total;
404 | 						}
405 | 						__except (EXCEPTION_EXECUTE_HANDLER) {
406 | 							return GetExceptionCode();
407 | 						}
408 | 					}
409 | 					else {
410 | 						*(ULONG_PTR*)Buffer = total;
411 | 					}
412 | 					break;
413 | 				}
414 | 
415 | 				case DataStackConfiguration:
416 | 					DATA_STACK_CONFIGURATION config;
417 | 					config.MaxItemCount = ds->MaxItemCount;
418 | 					config.MaxItemSize = ds->MaxItemSize;
419 | 					config.MaxSize = ds->MaxSize;
420 | 
421 | 					if (ExGetPreviousMode() != KernelMode) {
422 | 						__try {
423 | 							memcpy(Buffer, &config, len);
424 | 						}
425 | 						__except (EXCEPTION_EXECUTE_HANDLER) {
426 | 							return GetExceptionCode();
427 | 						}
428 | 					}
429 | 					else {
430 | 						memcpy(Buffer, &config, len);
431 | 					}
432 | 					break;
433 | 
434 | 				default:
435 | 					// unreachable
436 | 					status = STATUS_INVALID_INFO_CLASS;
437 | 					break;
438 | 			}
439 | 		}
440 | 
441 | 		//
442 | 		// set returned bytes if requested
443 | 		//
444 | 		if (ARGUMENT_PRESENT(ReturnLength)) {
445 | 			if (ExGetPreviousMode() != KernelMode) {
446 | 				__try {
447 | 					*ReturnLength = len;
448 | 				}
449 | 				__except (EXCEPTION_EXECUTE_HANDLER) {
450 | 					return GetExceptionCode();
451 | 				}
452 | 			}
453 | 			else {
454 | 				*ReturnLength = len;
455 | 			}
456 | 		}
457 | 	}
458 | 	__finally {
459 | 		ObDereferenceObjectWithTag(ds, DataStackTag);
460 | 	}
461 | 	return status;
462 | }
463 | 
464 | 


--------------------------------------------------------------------------------