From cf2254e61de42d1dec46db2db4ccbc249ad99f4b Mon Sep 17 00:00:00 2001
From: midipix <writeonce@midipix.org>
Date: Feb 01 2023 01:37:45 +0000
Subject: __ntapi_tt_spawn_foreign_process(): added arbitrary environment block support.


---

diff --git a/src/process/ntapi_tt_spawn_foreign_process.c b/src/process/ntapi_tt_spawn_foreign_process.c
index fa3c849..9867b1f 100644
--- a/src/process/ntapi_tt_spawn_foreign_process.c
+++ b/src/process/ntapi_tt_spawn_foreign_process.c
@@ -68,7 +68,11 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa
 	void *				hat;
 	void *				hfile;
 	uint32_t			written;
+	int32_t				envc;
+	size_t				buflen;
 	wchar16_t *			imgbuf;
+	wchar16_t *			wenv;
+	wchar16_t **			wenvp;
 	char **				parg;
 	char *				mark;
 	char *				ch;
@@ -129,7 +133,7 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa
 
 	/* rtblock, rdata */
 	rtblock.addr		= 0;
-	rtblock.size		= 0x40000;
+	rtblock.size		= 0x50000;
 	rtblock.remote_addr	= 0;
 	rtblock.remote_size	= 0;
 	rtblock.flags		= 0;
@@ -145,6 +149,24 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa
 	__ntapi->tt_aligned_block_memset(
 		rtblock.addr,0,rtblock.size);
 
+	/* environment */
+	for (envc=0,parg=sparams->envp; *parg; parg++)
+		envc++;
+
+	wenvp   = rtblock.addr;
+	wenvp  += 0x40000 / sizeof(*wenvp);
+	wenv    = (wchar16_t *)&wenvp[++envc];
+
+	buflen  = 0x10000;
+	buflen -= sizeof(*wenvp) * envc;
+
+	if ((status = __ntapi->tt_array_convert_utf8_to_utf16(
+			sparams->envp,
+			wenvp,0,wenv,
+			buflen,&(size_t){0})))
+		return __tt_spawn_return(
+			&rtblock,0,0,status);
+
 	/* imgbuf */
 	imgbuf  = (wchar16_t *)rtblock.addr;
 	imgbuf += 0x30000 / sizeof(*imgbuf);
@@ -294,7 +316,7 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa
 			(nt_unicode_string *)0,
 			(nt_unicode_string *)0,
 			&nt_cmd_line,
-			__ntapi->tt_get_peb_env_block_utf16(),
+			wenv,
 			(nt_unicode_string *)0,
 			(nt_unicode_string *)0,
 			(nt_unicode_string *)0,
@@ -350,8 +372,9 @@ int32_t __stdcall __ntapi_tt_spawn_foreign_process(nt_spawn_process_params * spa
 				0,
 				0,
 				finherit,
-				sparams->interopflags | fsuspended | fdebug,
-				0,
+				NT_PROCESS_INTEROP_FLAG_UNICODE_ENVIRONMENT
+					| sparams->interopflags | fsuspended | fdebug,
+				wenv,
 				sparams->cwd,
 				sparams->startupinfo,
 				&processinfo)))