Ros-diffs January 2005

ros-diffs@reactos.org

28 participants
703 discussions

[weiden] 13184: partial implementation of NtAssignProcessToJobObject() and NtCreateJobObject()
by weiden＠svn.reactos.com 21 Jan '05

21 Jan '05

partial implementation of NtAssignProcessToJobObject() and NtCreateJobObject() Modified: trunk/reactos/ntoskrnl/ps/job.c _____ Modified: trunk/reactos/ntoskrnl/ps/job.c --- trunk/reactos/ntoskrnl/ps/job.c 2005-01-21 13:25:28 UTC (rev 13183) +++ trunk/reactos/ntoskrnl/ps/job.c 2005-01-21 14:12:03 UTC (rev 13184) @@ -19,7 +19,7 @@ POBJECT_TYPE EXPORTED PsJobType = NULL; LIST_ENTRY PsJobListHead; -static KSPIN_LOCK PsJobListLock; +static FAST_MUTEX PsJobListLock; static GENERIC_MAPPING PiJobMapping = {STANDARD_RIGHTS_READ | JOB_OBJECT_QUERY, STANDARD_RIGHTS_WRITE | JOB_OBJECT_ASSIGN_PROCESS | JOB_OBJECT_SET_ATTRIBUTES | JOB_OBJECT_TERMINATE | JOB_OBJECT_SET_SECURITY_ATTRIBUTES, @@ -31,12 +31,23 @@ VOID STDCALL PiDeleteJob(PVOID ObjectBody) { - KIRQL oldIrql; PEJOB Job = (PEJOB)ObjectBody; - KeAcquireSpinLock(&PsJobListLock, &oldIrql); - RemoveEntryList(&Job->JobLinks); - KeReleaseSpinLock(&PsJobListLock, oldIrql); + /* remove the reference to the completion port if associated */ + if(Job->CompletionPort != NULL) + { + ObDereferenceObject(Job->CompletionPort); + } + + /* unlink the job object */ + if(Job->JobLinks.Flink != NULL) + { + ExAcquireFastMutex(&PsJobListLock); + RemoveEntryList(&Job->JobLinks); + ExReleaseFastMutex(&PsJobListLock); + } + + ExDeleteResource(&Job->JobLock); } VOID INIT_FUNCTION @@ -68,9 +79,18 @@ ObpCreateTypeObject(PsJobType); InitializeListHead(&PsJobListHead); - KeInitializeSpinLock(&PsJobListLock); + ExInitializeFastMutex(&PsJobListLock); } +NTSTATUS +PspAssignProcessToJob(PEPROCESS Process, + PEJOB Job) +{ + DPRINT("PspAssignProcessToJob() is unimplemented!\n"); + return STATUS_NOT_IMPLEMENTED; +} + + /* * @unimplemented */ @@ -79,8 +99,80 @@ NtAssignProcessToJobObject(HANDLE JobHandle, HANDLE ProcessHandle) { - UNIMPLEMENTED; - return STATUS_NOT_IMPLEMENTED; + PEPROCESS Process; + KPROCESSOR_MODE PreviousMode; + NTSTATUS Status; + + PreviousMode = ExGetPreviousMode(); + + /* make sure we're having a handle with enough rights, especially the to + terminate the process. otherwise one could abuse the job objects to + terminate processes without having rights granted to do so! The reason + I open the process handle before the job handle is that a simple test showed + that it first complains about a invalid process handle! The other way around + would be simpler though... */ + Status = ObReferenceObjectByHandle(ProcessHandle, + PROCESS_TERMINATE, + PsProcessType, + PreviousMode, + (PVOID*)&Process, + NULL); + if(NT_SUCCESS(Status)) + { + if(Process->Job == NULL) + { + PEJOB Job; + + Status = ObReferenceObjectByHandle(JobHandle, + JOB_OBJECT_ASSIGN_PROCESS, + PsJobType, + PreviousMode, + (PVOID*)&Job, + NULL); + if(NT_SUCCESS(Status)) + { + /* lock the process so we can safely assign the process. Note that in the + meanwhile another thread could have assigned this process to a job! */ + + Status = PsLockProcess(Process, FALSE); + if(NT_SUCCESS(Status)) + { + if(Process->Job == NULL && Process->SessionId == Job->SessionId) + { + /* Just store the pointer to the job object in the process, we'll + assign it later. The reason we can't do this here is that locking + the job object might require it to wait, which is a bad thing + while holding the process lock! */ + Process->Job = Job; + } + else + { + /* process is already assigned to a job or session id differs! */ + Status = STATUS_ACCESS_DENIED; + } + PsUnlockProcess(Process); + + if(NT_SUCCESS(Status)) + { + /* let's actually assign the process to the job as we're not holding + the process lock anymore! */ + Status = PspAssignProcessToJob(Process, Job); + } + } + + ObDereferenceObject(Job); + } + } + else + { + /* process is already assigned to a job or session id differs! */ + Status = STATUS_ACCESS_DENIED; + } + + ObDereferenceObject(Process); + } + + return Status; } @@ -93,8 +185,90 @@ ACCESS_MASK DesiredAccess, POBJECT_ATTRIBUTES ObjectAttributes) { - UNIMPLEMENTED; - return STATUS_NOT_IMPLEMENTED; + HANDLE hJob; + PEJOB Job; + KPROCESSOR_MODE PreviousMode; + PEPROCESS CurrentProcess; + NTSTATUS Status = STATUS_SUCCESS; + + PreviousMode = ExGetPreviousMode(); + CurrentProcess = PsGetCurrentProcess(); + + /* check for valid buffers */ + if(PreviousMode == UserMode) + { + _SEH_TRY + { + /* probe with 32bit alignment */ + ProbeForWrite(JobHandle, + sizeof(HANDLE), + sizeof(ULONG)); + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } + } + + Status = ObCreateObject(PreviousMode, + PsJobType, + ObjectAttributes, + PreviousMode, + NULL, + sizeof(EJOB), + 0, + 0, + (PVOID*)&Job); + + if(NT_SUCCESS(Status)) + { + /* FIXME - Zero all fields as we don't yet implement all of them */ + RtlZeroMemory(Job, sizeof(EJOB)); + + /* make sure that early destruction doesn't attempt to remove the object from + the list before it even gets added! */ + Job->JobLinks.Flink = NULL; + + /* setup the job object */ + InitializeListHead(&Job->ProcessListHead); + Job->SessionId = CurrentProcess->SessionId; /* inherit the session id from the caller */ + + Status = ExInitializeResource(&Job->JobLock); + if(!NT_SUCCESS(Status)) + { + DPRINT1("Failed to initialize job lock!!!\n"); + ObDereferenceObject(Job); + return Status; + } + KeInitializeEvent(&Job->Event, NotificationEvent, FALSE); + + /* link the object into the global job list */ + ExAcquireFastMutex(&PsJobListLock); + InsertTailList(&PsJobListHead, &Job->JobLinks); + ExReleaseFastMutex(&PsJobListLock); + + /* pass the handle back to the caller */ + _SEH_TRY + { + /* NOTE: if the caller passed invalid buffers to receive the handle it's his + own fault! the object will still be created and live... It's possible + to find the handle using ObFindHandleForObject()! */ + *JobHandle = hJob; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + } + + return Status; }

1 0

[weiden] 13183: add PoolType parameter to ObpCaptureObjectAttributes() and removed an unused parameter
by weiden＠svn.reactos.com 21 Jan '05

21 Jan '05

add PoolType parameter to ObpCaptureObjectAttributes() and removed an unused parameter Modified: trunk/reactos/ntoskrnl/include/internal/ob.h Modified: trunk/reactos/ntoskrnl/ob/object.c _____ Modified: trunk/reactos/ntoskrnl/include/internal/ob.h --- trunk/reactos/ntoskrnl/include/internal/ob.h 2005-01-21 12:27:32 UTC (rev 13182) +++ trunk/reactos/ntoskrnl/include/internal/ob.h 2005-01-21 13:25:28 UTC (rev 13183) @@ -327,8 +327,8 @@ NTSTATUS ObpCaptureObjectAttributes(IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, - IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, + IN POOL_TYPE PoolType, IN BOOLEAN CaptureIfKernel, OUT PCAPTURED_OBJECT_ATTRIBUTES CapturedObjectAttributes OPTIONAL, OUT PUNICODE_STRING ObjectName OPTIONAL); _____ Modified: trunk/reactos/ntoskrnl/ob/object.c --- trunk/reactos/ntoskrnl/ob/object.c 2005-01-21 12:27:32 UTC (rev 13182) +++ trunk/reactos/ntoskrnl/ob/object.c 2005-01-21 13:25:28 UTC (rev 13183) @@ -41,8 +41,8 @@ NTSTATUS ObpCaptureObjectAttributes(IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, - IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, + IN POOL_TYPE PoolType, IN BOOLEAN CaptureIfKernel, OUT PCAPTURED_OBJECT_ATTRIBUTES CapturedObjectAttributes OPTIONAL, OUT PUNICODE_STRING ObjectName OPTIONAL) @@ -135,7 +135,7 @@ { Status = SeCaptureSecurityDescriptor(AttributesCopy.SecurityDescriptor, AccessMode, - PagedPool, + PoolType, TRUE, &CapturedObjectAttributes->SecurityDescriptor); if(!NT_SUCCESS(Status)) @@ -183,7 +183,7 @@ if(OriginalCopy.Length > 0) { ObjectName->MaximumLength = OriginalCopy.Length + sizeof(WCHAR); - ObjectName->Buffer = ExAllocatePool(NonPagedPool, + ObjectName->Buffer = ExAllocatePool(PoolType, ObjectName->MaximumLength); if(ObjectName->Buffer != NULL) { @@ -237,7 +237,7 @@ if(OriginalCopy.Length > 0) { ObjectName->MaximumLength = OriginalCopy.Length + sizeof(WCHAR); - ObjectName->Buffer = ExAllocatePool(NonPagedPool, + ObjectName->Buffer = ExAllocatePool(PoolType, ObjectName->MaximumLength); if(ObjectName->Buffer != NULL) {

1 0

[ros-diffs] [ekohl] 13182: Implement MyFree, MyMalloc and MyReAlloc.
by ekohl＠svn.reactos.com 21 Jan '05

21 Jan '05

Implement MyFree, MyMalloc and MyReAlloc. Modified: trunk/reactos/lib/setupapi/Makefile.in Added: trunk/reactos/lib/setupapi/misc.c Modified: trunk/reactos/lib/setupapi/setupapi.spec _____ Modified: trunk/reactos/lib/setupapi/Makefile.in --- trunk/reactos/lib/setupapi/Makefile.in 2005-01-21 11:14:41 UTC (rev 13181) +++ trunk/reactos/lib/setupapi/Makefile.in 2005-01-21 12:27:32 UTC (rev 13182) @@ -15,6 +15,7 @@ dirid.c \ diskspace.c \ install.c \ + misc.c \ parser.c \ queue.c \ setupcab.c \ _____ Added: trunk/reactos/lib/setupapi/misc.c --- trunk/reactos/lib/setupapi/misc.c 2005-01-21 11:14:41 UTC (rev 13181) +++ trunk/reactos/lib/setupapi/misc.c 2005-01-21 12:27:32 UTC (rev 13182) @@ -0,0 +1,93 @@ +/* + * Setupapi miscellaneous functions + * + * Copyright 2005 Eric Kohl + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#include <stdarg.h> + +#include "windef.h" +#include "winbase.h" +#include "wingdi.h" +#include "winuser.h" +#include "winreg.h" +#include "setupapi.h" + + +/********************************************************************** **** + * MyFree [SETUPAPI.@] + * + * Frees an allocated memory block from the process heap. + * + * PARAMS + * lpMem [I] pointer to memory block which will be freed + * + * RETURNS + * None + */ + +VOID WINAPI MyFree(LPVOID lpMem) +{ + HeapFree(GetProcessHeap(), 0, lpMem); +} + + +/********************************************************************** **** + * MyMalloc [SETUPAPI.@] + * + * Allocates memory block from the process heap. + * + * PARAMS + * dwSize [I] size of the allocated memory block + * + * RETURNS + * Success: pointer to allocated memory block + * Failure: NULL + */ + +LPVOID WINAPI MyMalloc(DWORD dwSize) +{ + return HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwSize); +} + + +/********************************************************************** **** + * MyRealloc [SETUPAPI.@] + * + * Changes the size of an allocated memory block or allocates a memory + * block from the process heap. + * + * PARAMS + * lpSrc [I] pointer to memory block which will be resized + * dwSize [I] new size of the memory block + * + * RETURNS + * Success: pointer to the resized memory block + * Failure: NULL + * + * NOTES + * If lpSrc is a NULL-pointer, then MyRealloc allocates a memory + * block like MyMalloc. + */ + +LPVOID WINAPI MyRealloc(LPVOID lpSrc, DWORD dwSize) +{ + if (lpSrc == NULL) + return HeapAlloc(GetProcessHeap(), 0, dwSize); + + return HeapReAlloc(GetProcessHeap(), 0, lpSrc, dwSize); +} _____ Modified: trunk/reactos/lib/setupapi/setupapi.spec --- trunk/reactos/lib/setupapi/setupapi.spec 2005-01-21 11:14:41 UTC (rev 13181) +++ trunk/reactos/lib/setupapi/setupapi.spec 2005-01-21 12:27:32 UTC (rev 13182) @@ -1,3 +1,6 @@ +@ stub AddTagToGroupOrderListEntry +@ stub AppendStringToMultiSz +@ stub AssertFail @ stdcall CM_Connect_MachineW(wstr ptr) @ stdcall CM_Disconnect_Machine(long) @ stub CM_Free_Log_Conf_Handle @@ -36,10 +39,10 @@ @ stub MemoryInitialize @ stub MultiByteToUnicode @ stub MultiSzFromSearchControl -@ stub MyFree +@ stdcall MyFree(ptr) @ stub MyGetFileTitle -@ stub MyMalloc -@ stub MyRealloc +@ stdcall MyMalloc(long) +@ stdcall MyRealloc(ptr long) @ stub OpenAndMapFileForRead @ stub OutOfMemory @ stub QueryMultiSzValueToArray

1 0

[weiden] 13181: fixed ObpCaptureObjectAttributes() so it doesn't copy the object name if probing previously failed
by weiden＠svn.reactos.com 21 Jan '05

21 Jan '05

fixed ObpCaptureObjectAttributes() so it doesn't copy the object name if probing previously failed Modified: trunk/reactos/ntoskrnl/ob/object.c _____ Modified: trunk/reactos/ntoskrnl/ob/object.c --- trunk/reactos/ntoskrnl/ob/object.c 2005-01-21 10:33:30 UTC (rev 13180) +++ trunk/reactos/ntoskrnl/ob/object.c 2005-01-21 11:14:41 UTC (rev 13181) @@ -178,37 +178,41 @@ } _SEH_END; - if(OriginalCopy.Length > 0) + if(NT_SUCCESS(Status)) { - ObjectName->MaximumLength = OriginalCopy.Length + sizeof(WCHAR); - ObjectName->Buffer = ExAllocatePool(NonPagedPool, - ObjectName->MaximumLength); - if(ObjectName->Buffer != NULL) + if(OriginalCopy.Length > 0) { - _SEH_TRY + ObjectName->MaximumLength = OriginalCopy.Length + sizeof(WCHAR); + ObjectName->Buffer = ExAllocatePool(NonPagedPool, + ObjectName->MaximumLength); + if(ObjectName->Buffer != NULL) { - /* no need to probe OriginalCopy.Buffer again, we already did that - when capturing the UNICODE_STRING structure itself */ - RtlCopyMemory(ObjectName->Buffer, OriginalCopy.Buffer, OriginalCopy.Length); - ObjectName->Buffer[OriginalCopy.Length / sizeof(WCHAR)] = L'\0'; + _SEH_TRY + { + /* no need to probe OriginalCopy.Buffer again, we already did that + when capturing the UNICODE_STRING structure itself */ + RtlCopyMemory(ObjectName->Buffer, OriginalCopy.Buffer, OriginalCopy.Length); + ObjectName->Buffer[OriginalCopy.Length / sizeof(WCHAR)] = L'\0'; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; } - _SEH_HANDLE + else { - Status = _SEH_GetExceptionCode(); + Status = STATUS_INSUFFICIENT_RESOURCES; } - _SEH_END; } - else + else if(AttributesCopy.RootDirectory != NULL /* && OriginalCopy.Length == 0 */) { - Status = STATUS_INSUFFICIENT_RESOURCES; + /* if the caller specified a root directory, there must be an object name! */ + Status = STATUS_OBJECT_NAME_INVALID; } } - else if(AttributesCopy.RootDirectory != NULL /* && OriginalCopy.Length == 0 */) - { - /* if the caller specified a root directory, there must be an object name! */ - Status = STATUS_OBJECT_NAME_INVALID; - } + /* handle failure */ if(!NT_SUCCESS(Status)) { failallocatedcleanup:

1 0

[weiden] 13180: fixed usage of uninitialized variable
by weiden＠svn.reactos.com 21 Jan '05

21 Jan '05

fixed usage of uninitialized variable Modified: trunk/reactos/ntoskrnl/ob/object.c _____ Modified: trunk/reactos/ntoskrnl/ob/object.c --- trunk/reactos/ntoskrnl/ob/object.c 2005-01-21 10:28:13 UTC (rev 13179) +++ trunk/reactos/ntoskrnl/ob/object.c 2005-01-21 10:33:30 UTC (rev 13180) @@ -90,8 +90,10 @@ } else if(AccessMode == KernelMode && !CaptureIfKernel) { - if(AttributesCopy.Length != sizeof(OBJECT_ATTRIBUTES)) + if(ObjectAttributes->Length != sizeof(OBJECT_ATTRIBUTES)) { + /* we don't have to capture any memory, the caller considers the passed data + as valid */ if(ObjectName != NULL) { *ObjectName = *ObjectAttributes->ObjectName; @@ -102,14 +104,14 @@ CapturedObjectAttributes->Attributes = ObjectAttributes->Attributes; CapturedObjectAttributes->SecurityDescriptor = ObjectAttributes->SecurityDescriptor; } + + return STATUS_SUCCESS; } else { Status = STATUS_INVALID_PARAMETER; goto failbasiccleanup; } - - return STATUS_SUCCESS; } else {

1 0

[weiden] 13179: added helper functions ObpCaptureObjectAttributes() and ObpReleaseObjectAttributes() to be used to safely capture OBJECT_ATTRIBUTES structures
by weiden＠svn.reactos.com 21 Jan '05

21 Jan '05

added helper functions ObpCaptureObjectAttributes() and ObpReleaseObjectAttributes() to be used to safely capture OBJECT_ATTRIBUTES structures Modified: trunk/reactos/ntoskrnl/include/internal/ob.h Modified: trunk/reactos/ntoskrnl/ob/object.c _____ Modified: trunk/reactos/ntoskrnl/include/internal/ob.h --- trunk/reactos/ntoskrnl/include/internal/ob.h 2005-01-21 02:39:59 UTC (rev 13178) +++ trunk/reactos/ntoskrnl/include/internal/ob.h 2005-01-21 10:28:13 UTC (rev 13179) @@ -315,5 +315,29 @@ VOID ObpDereferenceCachedSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor); +/* Secure object information functions */ +typedef struct _CAPTURED_OBJECT_ATTRIBUTES +{ + HANDLE RootDirectory; + ULONG Attributes; + PSECURITY_DESCRIPTOR SecurityDescriptor; + /* PVOID SecurityQualityOfService; */ +} CAPTURED_OBJECT_ATTRIBUTES, *PCAPTURED_OBJECT_ATTRIBUTES; + +NTSTATUS +ObpCaptureObjectAttributes(IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, + IN POBJECT_TYPE ObjectType, + IN KPROCESSOR_MODE AccessMode, + IN BOOLEAN CaptureIfKernel, + OUT PCAPTURED_OBJECT_ATTRIBUTES CapturedObjectAttributes OPTIONAL, + OUT PUNICODE_STRING ObjectName OPTIONAL); + +VOID +ObpReleaseObjectAttributes(IN PCAPTURED_OBJECT_ATTRIBUTES CapturedObjectAttributes OPTIONAL, + IN PUNICODE_STRING ObjectName OPTIONAL, + IN KPROCESSOR_MODE AccessMode, + IN BOOLEAN CaptureIfKernel); + + #endif /* __INCLUDE_INTERNAL_OBJMGR_H */ _____ Modified: trunk/reactos/ntoskrnl/ob/object.c --- trunk/reactos/ntoskrnl/ob/object.c 2005-01-21 02:39:59 UTC (rev 13178) +++ trunk/reactos/ntoskrnl/ob/object.c 2005-01-21 10:28:13 UTC (rev 13179) @@ -39,7 +39,257 @@ return(CONTAINING_RECORD((&(chdr->Type)),OBJECT_HEADER,Type)); } +NTSTATUS +ObpCaptureObjectAttributes(IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, + IN POBJECT_TYPE ObjectType, + IN KPROCESSOR_MODE AccessMode, + IN BOOLEAN CaptureIfKernel, + OUT PCAPTURED_OBJECT_ATTRIBUTES CapturedObjectAttributes OPTIONAL, + OUT PUNICODE_STRING ObjectName OPTIONAL) +{ + OBJECT_ATTRIBUTES AttributesCopy; + NTSTATUS Status = STATUS_SUCCESS; + + /* at least one output parameter must be != NULL! */ + ASSERT((ULONG_PTR)SecureObjectInformation ^ (ULONG_PTR)ObjectName != 0); + + if(ObjectAttributes == NULL) + { +failbasiccleanup: + if(ObjectName != NULL) + { + RtlInitUnicodeString(ObjectName, NULL); + } + if(CapturedObjectAttributes != NULL) + { + RtlZeroMemory(CapturedObjectAttributes, sizeof(CAPTURED_OBJECT_ATTRIBUTES)); + } + return Status; /* STATUS_SUCCESS */ + } + + if(AccessMode != KernelMode) + { + _SEH_TRY + { + ProbeForRead(ObjectAttributes, + sizeof(ObjectAttributes), + sizeof(ULONG)); + /* make a copy on the stack */ + AttributesCopy = *ObjectAttributes; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } + } + else if(AccessMode == KernelMode && !CaptureIfKernel) + { + if(AttributesCopy.Length != sizeof(OBJECT_ATTRIBUTES)) + { + if(ObjectName != NULL) + { + *ObjectName = *ObjectAttributes->ObjectName; + } + if(CapturedObjectAttributes != NULL) + { + CapturedObjectAttributes->RootDirectory = ObjectAttributes->RootDirectory; + CapturedObjectAttributes->Attributes = ObjectAttributes->Attributes; + CapturedObjectAttributes->SecurityDescriptor = ObjectAttributes->SecurityDescriptor; + } + } + else + { + Status = STATUS_INVALID_PARAMETER; + goto failbasiccleanup; + } + return STATUS_SUCCESS; + } + else + { + AttributesCopy = *ObjectAttributes; + } + + /* if Length isn't as expected, bail with an invalid parameter status code so + the caller knows he passed garbage... */ + if(AttributesCopy.Length != sizeof(OBJECT_ATTRIBUTES)) + { + Status = STATUS_INVALID_PARAMETER; + goto failbasiccleanup; + } + + if(CapturedObjectAttributes != NULL) + { + CapturedObjectAttributes->RootDirectory = AttributesCopy.RootDirectory; + CapturedObjectAttributes->Attributes = AttributesCopy.Attributes; + + if(AttributesCopy.SecurityDescriptor != NULL) + { + Status = SeCaptureSecurityDescriptor(AttributesCopy.SecurityDescriptor, + AccessMode, + PagedPool, + TRUE, + &CapturedObjectAttributes->SecurityDescriptor); + if(!NT_SUCCESS(Status)) + { + DPRINT1("Unable to capture the security descriptor!!!\n"); + goto failbasiccleanup; + } + } + else + { + CapturedObjectAttributes->SecurityDescriptor = NULL; + } + } + + if(ObjectName != NULL) + { + if(AttributesCopy.ObjectName != NULL) + { + UNICODE_STRING OriginalCopy; + + if(AccessMode != KernelMode) + { + _SEH_TRY + { + /* probe the ObjectName structure and make a local stack copy of it */ + ProbeForRead(AttributesCopy.ObjectName, + sizeof(UNICODE_STRING), + sizeof(ULONG)); + OriginalCopy = *AttributesCopy.ObjectName; + if(OriginalCopy.Length > 0) + { + ProbeForRead(OriginalCopy.Buffer, + OriginalCopy.Length, + sizeof(ULONG)); + } + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(OriginalCopy.Length > 0) + { + ObjectName->MaximumLength = OriginalCopy.Length + sizeof(WCHAR); + ObjectName->Buffer = ExAllocatePool(NonPagedPool, + ObjectName->MaximumLength); + if(ObjectName->Buffer != NULL) + { + _SEH_TRY + { + /* no need to probe OriginalCopy.Buffer again, we already did that + when capturing the UNICODE_STRING structure itself */ + RtlCopyMemory(ObjectName->Buffer, OriginalCopy.Buffer, OriginalCopy.Length); + ObjectName->Buffer[OriginalCopy.Length / sizeof(WCHAR)] = L'\0'; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + } + else + { + Status = STATUS_INSUFFICIENT_RESOURCES; + } + } + else if(AttributesCopy.RootDirectory != NULL /* && OriginalCopy.Length == 0 */) + { + /* if the caller specified a root directory, there must be an object name! */ + Status = STATUS_OBJECT_NAME_INVALID; + } + + if(!NT_SUCCESS(Status)) + { +failallocatedcleanup: + if(ObjectName->Buffer) + { + ExFreePool(ObjectName->Buffer); + } + if(CapturedObjectAttributes != NULL) + { + /* cleanup allocated resources */ + SeReleaseSecurityDescriptor(CapturedObjectAttributes->SecurityDescriptor , + AccessMode, + TRUE); + } + goto failbasiccleanup; + } + } + else /* AccessMode == KernelMode */ + { + OriginalCopy = *AttributesCopy.ObjectName; + + if(OriginalCopy.Length > 0) + { + ObjectName->MaximumLength = OriginalCopy.Length + sizeof(WCHAR); + ObjectName->Buffer = ExAllocatePool(NonPagedPool, + ObjectName->MaximumLength); + if(ObjectName->Buffer != NULL) + { + RtlCopyMemory(ObjectName->Buffer, OriginalCopy.Buffer, OriginalCopy.Length); + ObjectName->Buffer[OriginalCopy.Length / sizeof(WCHAR)] = L'\0'; + } + else + { + Status = STATUS_INSUFFICIENT_RESOURCES; + } + } + else if(AttributesCopy.RootDirectory != NULL /* && OriginalCopy.Length == 0 */) + { + /* if the caller specified a root directory, there must be an object name! */ + Status = STATUS_OBJECT_NAME_INVALID; + } + + if(!NT_SUCCESS(Status)) + { + goto failallocatedcleanup; + } + } + } + else + { + RtlInitUnicodeString(ObjectName, NULL); + } + } + + return Status; +} + +VOID +ObpReleaseObjectAttributes(IN PCAPTURED_OBJECT_ATTRIBUTES CapturedObjectAttributes OPTIONAL, + IN PUNICODE_STRING ObjectName OPTIONAL, + IN KPROCESSOR_MODE AccessMode, + IN BOOLEAN CaptureIfKernel) +{ + /* WARNING - You need to pass the same parameters to this function as you passed + to ObpCaptureObjectAttributes() to avoid memory leaks */ + if(AccessMode != KernelMode || + (AccessMode == KernelMode && CaptureIfKernel)) + { + if(CapturedObjectAttributes != NULL && + CapturedObjectAttributes->SecurityDescriptor != NULL) + { + ExFreePool(CapturedObjectAttributes->SecurityDescriptor); + CapturedObjectAttributes->SecurityDescriptor = NULL; + } + if(ObjectName != NULL && + ObjectName->Length > 0) + { + ExFreePool(ObjectName->Buffer); + } + } +} + + /********************************************************************** * NAME PRIVATE * ObFindObject@16 @@ -344,6 +594,27 @@ SECURITY_SUBJECT_CONTEXT SubjectContext; ASSERT_IRQL(APC_LEVEL); + + if(AccessMode == UserMode) + { + Status = STATUS_SUCCESS; + _SEH_TRY + { + ProbeForRead(ObjectAttributes, + sizeof(OBJECT_ATTRIBUTES), + sizeof(ULONG)); + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } + } DPRINT("ObCreateObject(Type %p ObjectAttributes %p, Object %p)\n", Type, ObjectAttributes, Object);

1 0

[weiden] 13178: SeCaptureSecurityDescriptor() should only copy SIDs and ACLs when present
by weiden＠svn.reactos.com 21 Jan '05

21 Jan '05

SeCaptureSecurityDescriptor() should only copy SIDs and ACLs when present Modified: trunk/reactos/ntoskrnl/se/sd.c _____ Modified: trunk/reactos/ntoskrnl/se/sd.c --- trunk/reactos/ntoskrnl/se/sd.c 2005-01-21 02:34:33 UTC (rev 13177) +++ trunk/reactos/ntoskrnl/se/sd.c 2005-01-21 02:39:59 UTC (rev 13178) @@ -127,7 +127,7 @@ ULONG OwnerSAC = 0, GroupSAC = 0; ULONG OwnerSize = 0, GroupSize = 0; ULONG SaclSize = 0, DaclSize = 0; - ULONG DescriptorSize; + ULONG DescriptorSize = sizeof(SECURITY_DESCRIPTOR); NTSTATUS Status = STATUS_SUCCESS; if(OriginalSecurityDescriptor != NULL) @@ -212,6 +212,7 @@ 1); \ SidType##SAC = SidType->SubAuthorityCount; \ SidType##Size = RtlLengthRequiredSid(SidType##SAC); \ + DescriptorSize += ROUND_UP(SidType##Size, sizeof(ULONG)); \ ProbeForRead(SidType, \ SidType##Size, \ sizeof(ULONG)); \ @@ -235,6 +236,7 @@ { \ SidType##SAC = SidType->SubAuthorityCount; \ SidType##Size = RtlLengthRequiredSid(SidType##SAC); \ + DescriptorSize += ROUND_UP(SidType##Size, sizeof(ULONG)); \ } \ } \ } while(0) @@ -259,6 +261,7 @@ sizeof(AclType->AclSize), \ 1); \ AclType##Size = AclType->AclSize; \ + DescriptorSize += ROUND_UP(AclType##Size, sizeof(ULONG)); \ ProbeForRead(AclType, \ AclType##Size, \ sizeof(ULONG)); \ @@ -281,6 +284,7 @@ else \ { \ AclType##Size = AclType->AclSize; \ + DescriptorSize += ROUND_UP(AclType##Size, sizeof(ULONG)); \ } \ } \ else \ @@ -294,12 +298,6 @@ /* allocate enough memory to store a complete copy of a self-relative security descriptor */ - DescriptorSize = sizeof(SECURITY_DESCRIPTOR) + - ROUND_UP(OwnerSize, sizeof(ULONG)) + - ROUND_UP(GroupSize, sizeof(ULONG)) + - ROUND_UP(SaclSize, sizeof(ULONG)) + - ROUND_UP(DaclSize, sizeof(ULONG)); - NewDescriptor = ExAllocatePool(PoolType, DescriptorSize); if(NewDescriptor != NULL) @@ -310,30 +308,28 @@ NewDescriptor->Sbz1 = DescriptorCopy.Sbz1; NewDescriptor->Control = DescriptorCopy.Control | SE_SELF_RELATIVE; - /* setup the offsets to the SIDs and ACLs */ - NewDescriptor->Owner = (PVOID)Offset; - Offset += ROUND_UP(OwnerSize, sizeof(ULONG)); - NewDescriptor->Group = (PVOID)Offset; - Offset += ROUND_UP(GroupSize, sizeof(ULONG)); - NewDescriptor->Sacl = (PVOID)Offset; - Offset += ROUND_UP(SaclSize, sizeof(ULONG)); - NewDescriptor->Dacl = (PVOID)Offset; - _SEH_TRY { - /* copy the SIDs and ACLs to the new self-relative security descriptor */ - RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + (ULONG_PTR)NewDescriptor->Owner), - DescriptorCopy.Owner, - OwnerSize); - RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + (ULONG_PTR)NewDescriptor->Group), - DescriptorCopy.Group, - GroupSize); - RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + (ULONG_PTR)NewDescriptor->Sacl), - DescriptorCopy.Sacl, - SaclSize); - RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + (ULONG_PTR)NewDescriptor->Dacl), - DescriptorCopy.Dacl, - DaclSize); + /* setup the offsets and copy the SIDs and ACLs to the new + self-relative security descriptor. Probing the pointers is not + neccessary anymore as we did that when collecting the sizes! */ +#define CopySIDOrACL(Type) \ + do { \ + if(DescriptorCopy.Type != NULL) \ + { \ + NewDescriptor->Type = (PVOID)Offset; \ + RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + \ + (ULONG_PTR)NewDescriptor->Type), \ + DescriptorCopy.Type, \ + Type##Size); \ + Offset += ROUND_UP(Type##Size, sizeof(ULONG)); \ + } \ + } while(0) + + CopySIDOrACL(Owner); + CopySIDOrACL(Group); + CopySIDOrACL(Sacl); + CopySIDOrACL(Dacl); } _SEH_HANDLE {

1 0

[tamlin] 13177: Fix crashing browsing namespace with non-zero-terminated UNICODE_STRING.
by tamlin＠svn.reactos.com 21 Jan '05

21 Jan '05

Fix crashing browsing namespace with non-zero-terminated UNICODE_STRING. Modified: trunk/reactos/subsys/system/explorer/shell/ntobjfs.cpp _____ Modified: trunk/reactos/subsys/system/explorer/shell/ntobjfs.cpp --- trunk/reactos/subsys/system/explorer/shell/ntobjfs.cpp 2005-01-21 02:19:13 UTC (rev 13176) +++ trunk/reactos/subsys/system/explorer/shell/ntobjfs.cpp 2005-01-21 02:34:33 UTC (rev 13177) @@ -227,6 +227,16 @@ memset(&w32fd, 0, sizeof(WIN32_FIND_DATA)); #ifdef UNICODE + if (info->name.string_ptr) { + info->name.string_ptr[info->name.string_len / sizeof(WCHAR)] = 0; + } else { + info->name.string_ptr = TEXT(""); + } + if (info->type.string_ptr) { + info->type.string_ptr[info->type.string_len / sizeof(WCHAR)] = 0; + } else { + info->type.string_ptr = TEXT(""); + } wcscpyn(p, info->name.string_ptr, _MAX_PATH); #else WideCharToMultiByte(CP_ACP, 0, info->name.string_ptr, info->name.string_len, p, MAX_PATH, 0, 0);

1 0

[weiden] 13176: SeCaptureSecurityDescriptor() should take PoolType into account...
by weiden＠svn.reactos.com 21 Jan '05

21 Jan '05

SeCaptureSecurityDescriptor() should take PoolType into account... Modified: trunk/reactos/ntoskrnl/se/sd.c _____ Modified: trunk/reactos/ntoskrnl/se/sd.c --- trunk/reactos/ntoskrnl/se/sd.c 2005-01-21 02:14:52 UTC (rev 13175) +++ trunk/reactos/ntoskrnl/se/sd.c 2005-01-21 02:19:13 UTC (rev 13176) @@ -300,7 +300,7 @@ ROUND_UP(SaclSize, sizeof(ULONG)) + ROUND_UP(DaclSize, sizeof(ULONG)); - NewDescriptor = ExAllocatePool(PagedPool, + NewDescriptor = ExAllocatePool(PoolType, DescriptorSize); if(NewDescriptor != NULL) {

1 0

[weiden] 13175: implemented SeCaptureSecurityDescriptor() and SeReleaseSecurityDescriptor(), thanks also to Alex
by weiden＠svn.reactos.com 21 Jan '05

21 Jan '05

implemented SeCaptureSecurityDescriptor() and SeReleaseSecurityDescriptor(), thanks also to Alex Modified: trunk/reactos/ntoskrnl/se/sd.c _____ Modified: trunk/reactos/ntoskrnl/se/sd.c --- trunk/reactos/ntoskrnl/se/sd.c 2005-01-20 23:25:05 UTC (rev 13174) +++ trunk/reactos/ntoskrnl/se/sd.c 2005-01-21 02:14:52 UTC (rev 13175) @@ -110,7 +110,7 @@ } /* - * @unimplemented + * @implemented */ NTSTATUS STDCALL @@ -122,8 +122,250 @@ OUT PSECURITY_DESCRIPTOR *CapturedSecurityDescriptor ) { - UNIMPLEMENTED; - return STATUS_NOT_IMPLEMENTED; + SECURITY_DESCRIPTOR DescriptorCopy; + PSECURITY_DESCRIPTOR NewDescriptor; + ULONG OwnerSAC = 0, GroupSAC = 0; + ULONG OwnerSize = 0, GroupSize = 0; + ULONG SaclSize = 0, DaclSize = 0; + ULONG DescriptorSize; + NTSTATUS Status = STATUS_SUCCESS; + + if(OriginalSecurityDescriptor != NULL) + { + if(CurrentMode != KernelMode) + { + _SEH_TRY + { + ProbeForRead(OriginalSecurityDescriptor, + sizeof(SECURITY_DESCRIPTOR), + sizeof(ULONG)); + + /* make a copy on the stack */ + DescriptorCopy = *OriginalSecurityDescriptor; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } + } + else + { + /* make a copy on the stack */ + DescriptorCopy = *OriginalSecurityDescriptor; + } + + if(CurrentMode == KernelMode && !CaptureIfKernel) + { + *CapturedSecurityDescriptor = OriginalSecurityDescriptor; + return STATUS_SUCCESS; + } + + if(DescriptorCopy.Revision != SECURITY_DESCRIPTOR_REVISION1) + { + return STATUS_UNKNOWN_REVISION; + } + + if(DescriptorCopy.Control & SE_SELF_RELATIVE) + { + /* in case we're dealing with a self-relative descriptor, do a basic convert + to an absolute descriptor. We do this so we can simply access the data + using the pointers without calculating them again. */ + DescriptorCopy.Control &= ~SE_SELF_RELATIVE; + if(DescriptorCopy.Owner != NULL) + { + DescriptorCopy.Owner = (PSID)((ULONG_PTR)OriginalSecurityDescriptor + (ULONG_PTR)DescriptorCopy.Owner); + } + if(DescriptorCopy.Group != NULL) + { + DescriptorCopy.Group = (PSID)((ULONG_PTR)OriginalSecurityDescriptor + (ULONG_PTR)DescriptorCopy.Group); + } + if(DescriptorCopy.Dacl != NULL) + { + DescriptorCopy.Dacl = (PACL)((ULONG_PTR)OriginalSecurityDescriptor + (ULONG_PTR)DescriptorCopy.Dacl); + } + if(DescriptorCopy.Sacl != NULL) + { + DescriptorCopy.Sacl = (PACL)((ULONG_PTR)OriginalSecurityDescriptor + (ULONG_PTR)DescriptorCopy.Sacl); + } + } + + /* determine the size of the SIDs */ +#define DetermineSIDSize(SidType) \ + do { \ + if(DescriptorCopy.SidType != NULL) \ + { \ + SID *SidType = (SID*)DescriptorCopy.SidType; \ + \ + if(CurrentMode != KernelMode) \ + { \ + /* securely access the buffers! */ \ + _SEH_TRY \ + { \ + ProbeForRead(&SidType->SubAuthorityCount, \ + sizeof(SidType->SubAuthorityCount), \ + 1); \ + SidType##SAC = SidType->SubAuthorityCount; \ + SidType##Size = RtlLengthRequiredSid(SidType##SAC); \ + ProbeForRead(SidType, \ + SidType##Size, \ + sizeof(ULONG)); \ + if(!RtlValidSid(SidType)) \ + { \ + Status = STATUS_INVALID_SID; \ + } \ + } \ + _SEH_HANDLE \ + { \ + Status = _SEH_GetExceptionCode(); \ + } \ + _SEH_END; \ + \ + if(!NT_SUCCESS(Status)) \ + { \ + return Status; \ + } \ + } \ + else \ + { \ + SidType##SAC = SidType->SubAuthorityCount; \ + SidType##Size = RtlLengthRequiredSid(SidType##SAC); \ + } \ + } \ + } while(0) + + DetermineSIDSize(Owner); + DetermineSIDSize(Group); + + /* determine the size of the ACLs */ +#define DetermineACLSize(AclType, AclFlag) \ + do { \ + if((DescriptorCopy.Control & SE_##AclFlag##_PRESENT) && \ + DescriptorCopy.AclType != NULL) \ + { \ + PACL AclType = (PACL)DescriptorCopy.AclType; \ + \ + if(CurrentMode != KernelMode) \ + { \ + /* securely access the buffers! */ \ + _SEH_TRY \ + { \ + ProbeForRead(&AclType->AclSize, \ + sizeof(AclType->AclSize), \ + 1); \ + AclType##Size = AclType->AclSize; \ + ProbeForRead(AclType, \ + AclType##Size, \ + sizeof(ULONG)); \ + if(!RtlValidAcl(AclType)) \ + { \ + Status = STATUS_INVALID_ACL; \ + } \ + } \ + _SEH_HANDLE \ + { \ + Status = _SEH_GetExceptionCode(); \ + } \ + _SEH_END; \ + \ + if(!NT_SUCCESS(Status)) \ + { \ + return Status; \ + } \ + } \ + else \ + { \ + AclType##Size = AclType->AclSize; \ + } \ + } \ + else \ + { \ + DescriptorCopy.AclType = NULL; \ + } \ + } while(0) + + DetermineACLSize(Sacl, SACL); + DetermineACLSize(Dacl, DACL); + + /* allocate enough memory to store a complete copy of a self-relative + security descriptor */ + DescriptorSize = sizeof(SECURITY_DESCRIPTOR) + + ROUND_UP(OwnerSize, sizeof(ULONG)) + + ROUND_UP(GroupSize, sizeof(ULONG)) + + ROUND_UP(SaclSize, sizeof(ULONG)) + + ROUND_UP(DaclSize, sizeof(ULONG)); + + NewDescriptor = ExAllocatePool(PagedPool, + DescriptorSize); + if(NewDescriptor != NULL) + { + ULONG_PTR Offset = sizeof(SECURITY_DESCRIPTOR); + + NewDescriptor->Revision = DescriptorCopy.Revision; + NewDescriptor->Sbz1 = DescriptorCopy.Sbz1; + NewDescriptor->Control = DescriptorCopy.Control | SE_SELF_RELATIVE; + + /* setup the offsets to the SIDs and ACLs */ + NewDescriptor->Owner = (PVOID)Offset; + Offset += ROUND_UP(OwnerSize, sizeof(ULONG)); + NewDescriptor->Group = (PVOID)Offset; + Offset += ROUND_UP(GroupSize, sizeof(ULONG)); + NewDescriptor->Sacl = (PVOID)Offset; + Offset += ROUND_UP(SaclSize, sizeof(ULONG)); + NewDescriptor->Dacl = (PVOID)Offset; + + _SEH_TRY + { + /* copy the SIDs and ACLs to the new self-relative security descriptor */ + RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + (ULONG_PTR)NewDescriptor->Owner), + DescriptorCopy.Owner, + OwnerSize); + RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + (ULONG_PTR)NewDescriptor->Group), + DescriptorCopy.Group, + GroupSize); + RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + (ULONG_PTR)NewDescriptor->Sacl), + DescriptorCopy.Sacl, + SaclSize); + RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + (ULONG_PTR)NewDescriptor->Dacl), + DescriptorCopy.Dacl, + DaclSize); + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(NT_SUCCESS(Status)) + { + /* we're finally done! copy the pointer to the captured descriptor to + to the caller */ + *CapturedSecurityDescriptor = NewDescriptor; + return STATUS_SUCCESS; + } + else + { + /* we failed to copy the data to the new descriptor */ + ExFreePool(NewDescriptor); + } + } + else + { + Status = STATUS_INSUFFICIENT_RESOURCES; + } + } + else + { + /* nothing to do... */ + *CapturedSecurityDescriptor = NULL; + } + + return Status; } /* @@ -262,7 +504,7 @@ } /* - * @unimplemented + * @implemented */ NTSTATUS STDCALL @@ -272,8 +514,18 @@ IN BOOLEAN CaptureIfKernelMode ) { - UNIMPLEMENTED; - return STATUS_NOT_IMPLEMENTED; + /* WARNING! You need to call this function with the same value for CurrentMode + and CaptureIfKernelMode that you previously passed to + SeCaptureSecurityDescriptor() in order to avoid memory leaks! */ + if(CapturedSecurityDescriptor != NULL && + (CurrentMode == UserMode || + (CurrentMode == KernelMode && CaptureIfKernelMode))) + { + /* only delete the descriptor when SeCaptureSecurityDescriptor() allocated one! */ + ExFreePool(CapturedSecurityDescriptor); + } + + return STATUS_SUCCESS; } /*

1 0

← Newer
1
...
17
18
19
20
21
22
23
...
71
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Ros-diffs January 2005