Ros-dev

ros-dev@reactos.org

5788 discussions

Re: [ros-dev] [ros-diffs] 01/01: [NULL] Additions for the Null driver.

by Thomas Faber

On 2018-04-22 22:23, Hermès Bélusca-Maïto wrote: > diff --git a/drivers/base/null/null.c b/drivers/base/null/null.c > index 610e886ddd..0d4ed541de 100644 > --- a/drivers/base/null/null.c > +++ b/drivers/base/null/null.c > @@ -181,26 +199,16 @@ DriverEntry(IN PDRIVER_OBJECT DriverObject, > DriverObject->MajorFunction[IRP_MJ_READ] = NullDispatch; > DriverObject->MajorFunction[IRP_MJ_LOCK_CONTROL] = NullDispatch; > DriverObject->MajorFunction[IRP_MJ_QUERY_INFORMATION] = NullDispatch; > + DriverObject->DriverUnload = NullUnload; > > - /* Allocate the fast I/O dispatch table */ > - FastIoDispatch = ExAllocatePoolWithTag(NonPagedPool, > - sizeof(FAST_IO_DISPATCH), > - 'llun'); > - if (!FastIoDispatch) > - { > - /* Failed, cleanup */ > - IoDeleteDevice(DeviceObject); > - return STATUS_INSUFFICIENT_RESOURCES; > - } > - > - /* Initialize it */ > - RtlZeroMemory(FastIoDispatch, sizeof(FAST_IO_DISPATCH)); > - FastIoDispatch->SizeOfFastIoDispatch = sizeof(FAST_IO_DISPATCH); > + /* Initialize the fast I/O dispatch table */ > + RtlZeroMemory(&FastIoDispatch, sizeof(FastIoDispatch)); > + FastIoDispatch.SizeOfFastIoDispatch = sizeof(FastIoDispatch); > > /* Setup our pointers */ > - FastIoDispatch->FastIoRead = NullRead; > - FastIoDispatch->FastIoWrite = NullWrite; > - DriverObject->FastIoDispatch = FastIoDispatch; > + FastIoDispatch.FastIoRead = NullRead; > + FastIoDispatch.FastIoWrite = NullWrite; > + DriverObject->FastIoDispatch = &FastIoDispatch; Are you sure FAST_IO_DISPATCH is allowed to be pageable? It seems to only be used at low IRQLs, so it seems logical. However I see it allocated nonpaged everywhere else and can't seem to find definitive documentation on the subject. (And yes, most filesystem drivers use a static structure, but those drivers don't use MmPageEntireDriver) Thanks, Thomas

6 years, 8 months

Re: [ros-dev] [ros-diffs] 01/01: [WINLOGON] Clean up part 2 - Replace the UNICODE_STRING usMessage by a PWSTR pszMessage. - Use the "%02d:%02d:%02d" time format and get rid of the safe string printf because the string will NEVER be longer than 8 characters. - Rename the timer id constant because it is NOT a resource id. - Rename variables according to the coding style.

by Thomas Faber

Hey Eric, On 2018-04-02 12:58, Eric Kohl wrote: > - RtlStringCbPrintfW(strbuf, sizeof(strbuf), L"%d:%d:%d", hours, minutes, seconds); > + swprintf(szBuffer, L"%02d:%02d:%02d", iHours, iMinutes, iSeconds); Unfortunately I must disagree with this change. Buffer overflows are a big enough threat that code review and static analysis are not generally considered sufficient to protect against them. So it's best practice for new code to always verify sizes at run-time, and never to use s(w)print. Best regards, Thomas PS: from what I see, iHours can be as large as 1193046, which won't fit in 2 digits

6 years, 8 months

Re: [ros-dev] [ros-diffs] 02/08: [NTOSKRNL] Forbid processes without the Tcb prvilege to perform a user-mode hard-error BSOD.

by Alex Ionescu

So to be clear, while the kernel still has tons of incompatible code and issues to barely run as a Win2003-compatible kernel, whenever there's an NT design decision you disagree with, you're going to be rewriting the little bit of code that _does work well_ to work contrary to how NT works? Did I get that right? Good luck. Best regards, Alex Ionescu On Mon, Apr 2, 2018 at 6:48 AM, Hermès BÉLUSCA-MAÏTO <hermes.belusca(a)sfr.fr> wrote: > Yes, to only allow programs that REALLY REALLY REALLY REALLY ….. need to > do so to trigger the hard-error “shutdown” BSOD from user-mode to do so, > and these programs would better be only those that run only in SYSTEM > rights, and more exactly these include CSRSS, WINLOGON and SMSS when > something very bad happen to them. > > I would not appreciate, for example, that when I run a program under a > not-so privileged account (like, some random user account) that has just > the shutdown privilege to shut the computer down properly, that this > program suddently “BSODS” my machine. > > To these programs, I say “f$ck these!” > > > > Regards, > > Hermès > > > > *De :* Ros-dev [mailto:ros-dev-bounces@reactos.org] *De la part de* Alex > Ionescu > *Envoyé :* lundi 2 avril 2018 04:20 > *À :* ReactOS Development List; Hermès Bélusca-Maïto > *Cc :* Linda Wang > *Objet :* Re: [ros-dev] [ros-diffs] 02/08: [NTOSKRNL] Forbid processes > without the Tcb prvilege to perform a user-mode hard-error BSOD. > > > > Is there a point to this blatant behavior change? > > > Best regards, > Alex Ionescu > > > > On Sun, Apr 1, 2018 at 3:04 PM, Hermès Bélusca-Maïto < > hermes.belusca-maito(a)reactos.org> wrote: > > https://git.reactos.org/?p=reactos.git;a=commitdiff;h= > f0729b30bb79d6f538cf2b9578ff8ebe7989f8d3 > > commit f0729b30bb79d6f538cf2b9578ff8ebe7989f8d3 > Author: Hermès Bélusca-Maïto <hermes.belusca-maito(a)reactos.org> > AuthorDate: Sun Apr 1 14:46:19 2018 +0200 > Commit: Hermès Bélusca-Maïto <hermes.belusca-maito(a)reactos.org> > CommitDate: Sun Apr 1 22:39:31 2018 +0200 > > [NTOSKRNL] Forbid processes without the Tcb prvilege to perform a > user-mode hard-error BSOD. > --- > ntoskrnl/ex/harderr.c | 14 ++++++++++++-- > 1 file changed, 12 insertions(+), 2 deletions(-) > > diff --git a/ntoskrnl/ex/harderr.c b/ntoskrnl/ex/harderr.c > index 84f409a1bb..a5200e3e74 100644 > --- a/ntoskrnl/ex/harderr.c > +++ b/ntoskrnl/ex/harderr.c > @@ -132,8 +132,18 @@ ExpRaiseHardError(IN NTSTATUS ErrorStatus, > /* Check if this error will shutdown the system */ > if (ValidResponseOptions == OptionShutdownSystem) > { > - /* Check for privilege */ > - if (!SeSinglePrivilegeCheck(SeShutdownPrivilege, PreviousMode)) > + /* > + * Check if we have the privileges. > + * > + * NOTE: In addition to the Shutdown privilege we also check > whether > + * the caller has the Tcb privilege. The purpose is to allow only > + * SYSTEM processes to "shutdown" the system on hard errors (BSOD) > + * while forbidding regular processes to do so. This behaviour > differs > + * from Windows, where any user-mode process, as soon as it has > the > + * Shutdown privilege, can trigger a hard-error BSOD. > + */ > + if (!SeSinglePrivilegeCheck(SeTcbPrivilege, PreviousMode) || > + !SeSinglePrivilegeCheck(SeShutdownPrivilege, PreviousMode)) > { > /* No rights */ > *Response = ResponseNotHandled; > > > > _______________________________________________ > Ros-dev mailing list > Ros-dev(a)reactos.org > http://www.reactos.org/mailman/listinfo/ros-dev > >

6 years, 9 months

by Hermès BÉLUSCA-MAÏTO

If I remember correctly you can make shutdowns delayed of many days on Windows (using the InitiateSystemShutdown(Ex) function), in which case the 2-digit hour won't work at all. Best, Hermès > -----Message d'origine----- > De : Ros-dev [mailto:ros-dev-bounces@reactos.org] De la part de Thomas > Faber > Envoyé : lundi 2 avril 2018 14:13 > À : Eric Kohl > Cc : ros-dev(a)reactos.org > Objet : Re: [ros-dev] [ros-diffs] 01/01: [WINLOGON] Clean up part 2 - Replace > the UNICODE_STRING usMessage by a PWSTR pszMessage. - Use the > "%02d:%02d:%02d" time format and get rid of the safe string printf because > the string will NEVER be longer than 8 character > > Hey Eric, > > On 2018-04-02 12:58, Eric Kohl wrote: > > - RtlStringCbPrintfW(strbuf, sizeof(strbuf), L"%d:%d:%d", hours, minutes, > seconds); > > + swprintf(szBuffer, L"%02d:%02d:%02d", iHours, iMinutes, > > + iSeconds); > > Unfortunately I must disagree with this change. > > Buffer overflows are a big enough threat that code review and static analysis > are not generally considered sufficient to protect against them. > So it's best practice for new code to always verify sizes at run-time, and > never to use s(w)print. > > Best regards, > Thomas > > PS: from what I see, iHours can be as large as 1193046, which won't > fit in 2 digits > > _______________________________________________ > Ros-dev mailing list > Ros-dev(a)reactos.org > http://www.reactos.org/mailman/listinfo/ros-dev

6 years, 9 months

Re: [ros-dev] [ros-diffs] 02/08: [NTOSKRNL] Forbid processes without the Tcb prvilege to perform a user-mode hard-error BSOD.

by Alex Ionescu

Is there a point to this blatant behavior change? Best regards, Alex Ionescu On Sun, Apr 1, 2018 at 3:04 PM, Hermès Bélusca-Maïto < hermes.belusca-maito(a)reactos.org> wrote: > https://git.reactos.org/?p=reactos.git;a=commitdiff;h= > f0729b30bb79d6f538cf2b9578ff8ebe7989f8d3 > > commit f0729b30bb79d6f538cf2b9578ff8ebe7989f8d3 > Author: Hermès Bélusca-Maïto <hermes.belusca-maito(a)reactos.org> > AuthorDate: Sun Apr 1 14:46:19 2018 +0200 > Commit: Hermès Bélusca-Maïto <hermes.belusca-maito(a)reactos.org> > CommitDate: Sun Apr 1 22:39:31 2018 +0200 > > [NTOSKRNL] Forbid processes without the Tcb prvilege to perform a > user-mode hard-error BSOD. > --- > ntoskrnl/ex/harderr.c | 14 ++++++++++++-- > 1 file changed, 12 insertions(+), 2 deletions(-) > > diff --git a/ntoskrnl/ex/harderr.c b/ntoskrnl/ex/harderr.c > index 84f409a1bb..a5200e3e74 100644 > --- a/ntoskrnl/ex/harderr.c > +++ b/ntoskrnl/ex/harderr.c > @@ -132,8 +132,18 @@ ExpRaiseHardError(IN NTSTATUS ErrorStatus, > /* Check if this error will shutdown the system */ > if (ValidResponseOptions == OptionShutdownSystem) > { > - /* Check for privilege */ > - if (!SeSinglePrivilegeCheck(SeShutdownPrivilege, PreviousMode)) > + /* > + * Check if we have the privileges. > + * > + * NOTE: In addition to the Shutdown privilege we also check > whether > + * the caller has the Tcb privilege. The purpose is to allow only > + * SYSTEM processes to "shutdown" the system on hard errors (BSOD) > + * while forbidding regular processes to do so. This behaviour > differs > + * from Windows, where any user-mode process, as soon as it has > the > + * Shutdown privilege, can trigger a hard-error BSOD. > + */ > + if (!SeSinglePrivilegeCheck(SeTcbPrivilege, PreviousMode) || > + !SeSinglePrivilegeCheck(SeShutdownPrivilege, PreviousMode)) > { > /* No rights */ > *Response = ResponseNotHandled; > >

6 years, 9 months

d2d1 in ReactOS

by Giovanni Mascellani

Dear ReactOS developers, I am nosing inside Wine and ReactOS code to understand something of their inner workings. I wanted to compare the code of d2d1.dll, but apparently ReactOS does not have it. Is this intentional, is it just still to be implemented, or is there any other explanation? Thanks and all the best, Giovanni. -- Giovanni Mascellani <g.mascellani(a)gmail.com> Postdoc researcher - Université Libre de Bruxelles

6 years, 9 months

Status Meeting (March 2018)

by Colin Finck

Hi all! With GSoC and 0.4.8 approaching, and many interesting things going on, it's finally time for a monthly meeting again. Let me invite you to the March 2018 meeting, taking place next Thursday, March 29, 2018. Time will be 19:00 UTC as always. The agenda so far includes: - Status Updates ==> Please prepare a short text what you did since January, so we can finish this quickly! - GSoC - 0.4.8 Status und Release Planning - Hackfest 2018? Please let me know if you want anything else to be added to the agenda. Just as the last few times, the meeting will take place on a custom IRC server. The required credentials will be sent shortly before the meeting to a group of ReactOS members. If you think you belong to this group, but didn't get a mail last time, please also let me know in advance. See you on Thursday! Colin

6 years, 9 months

GSoC 2018: Proposal for Review

by Abhishek Singh Bisht

Hello there, Here I have attached my proposal for the GSoC 2018 project regarding the search shell extension for ReactOS. Kindly let me know if any changes are required, before submitting it to Google. Thanks, Abhishek

6 years, 9 months

GSoc Proposal (WebSite)

by Вова Титаренко

*GSoc ProposalProject: Developer Web InterfaceAuthor: Volodymyr Tytarenkobovatitar(a)gmail.com <bovatitar(a)gmail.com>General info:Full name: Volodymyr TytarenkoLanguages: 1. Russian (Fluently)2. Ukrainian (Fluently)3. Polish (Fluently)4. English (Intermediate)Timezone: (GMT+1) WarsawReactOS account: titarIRC Nickname: titarAbout me:I am second year student in Poland. I study informatics at University of Silesia in the specialty of developing web application. Programming is my passion. I started programming from the age of 15 and now i have 4 games for android, several programs on java for my needs and a lot of projects for freelanceTime Commitment:The main important thing, what can obligations my time in summer it’s a my University exams in June, but its only around 10 days, and i believe i will have a few exemption from the exam, because last time i had only 1 exam out of 6. Second thing it’s a 1 week holiday in end of July or start August, but it’s not 100%. I can spend 5-6 hours per day on this project including holidays.Technical skills:FrontEnd: HTML5, CSS, JavaScript and MithrillJS (arround 20)BackEnd: PHPDataBase: MySQLUX, UI, WebDesign, GitWork with different public API: GitHub, Telegram, Instagram, Facebook, VK, different weather api and other.I have experience Designing api for my own projects.My test design for a similar task (Custom ERP and CRM):Proposed Project:Develop a web system of managing and showing commits, builds, PRs and other informations for developers of ReactOS.I really want to work on a Website for ReactOS. I believe that I have enough knowledge to contribute to the operating system ReactOs in this way.Milestones: 1. Design basic interface and basic functionality. 2. Develop basic website with Integration githubAPI.3. Gradual increase of site functionality from the list of ideas reactos.org <http://reactos.org>Developing a website with the provision that at every moment we need to have a fully working website, gradually adding new features I hereby swear that I have not used nor seen the source code to any version of the Windows operating system nor any Microsoft product that may be related to the proposed project that is under a license incompatible with contribution to ReactOS, including but not limited to the leaked Windows 2000 source code and the Windows Research Kernel.*

6 years, 9 months

GSoC 2018

by Abhishek Singh Bisht

Hi there, I am interested in a couple of projects under System enhancement, that I found on your projects list: 1) NT6 Recycle Bin Project 2) Search Shell extension 3) WebKit based MSHTML implementation Kindly help me choose one, if I could get some more information regarding the projects, it would be really helpful and I can go ahead with the proposal. Also, I have performed a complete build of ReactOS Live CD, and Boot CD and gave it a test run. I found it lacking a decent browser, tried to run iexplore.exe but it still couldn’t load any web pages. I might be able to create something to help improve on this. Looking forward to contribute to this reactOS. Thanks, Abhishek

6 years, 9 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Ros-dev