Ros-diffs January 2005

ros-diffs@reactos.org

28 participants
703 discussions

[weiden] 13184: partial implementation of NtAssignProcessToJobObject() and NtCreateJobObject()

by weiden＠svn.reactos.com

partial implementation of NtAssignProcessToJobObject() and NtCreateJobObject() Modified: trunk/reactos/ntoskrnl/ps/job.c _____ Modified: trunk/reactos/ntoskrnl/ps/job.c --- trunk/reactos/ntoskrnl/ps/job.c 2005-01-21 13:25:28 UTC (rev 13183) +++ trunk/reactos/ntoskrnl/ps/job.c 2005-01-21 14:12:03 UTC (rev 13184) @@ -19,7 +19,7 @@ POBJECT_TYPE EXPORTED PsJobType = NULL; LIST_ENTRY PsJobListHead; -static KSPIN_LOCK PsJobListLock; +static FAST_MUTEX PsJobListLock; static GENERIC_MAPPING PiJobMapping = {STANDARD_RIGHTS_READ | JOB_OBJECT_QUERY, STANDARD_RIGHTS_WRITE | JOB_OBJECT_ASSIGN_PROCESS | JOB_OBJECT_SET_ATTRIBUTES | JOB_OBJECT_TERMINATE | JOB_OBJECT_SET_SECURITY_ATTRIBUTES, @@ -31,12 +31,23 @@ VOID STDCALL PiDeleteJob(PVOID ObjectBody) { - KIRQL oldIrql; PEJOB Job = (PEJOB)ObjectBody; - KeAcquireSpinLock(&PsJobListLock, &oldIrql); - RemoveEntryList(&Job->JobLinks); - KeReleaseSpinLock(&PsJobListLock, oldIrql); + /* remove the reference to the completion port if associated */ + if(Job->CompletionPort != NULL) + { + ObDereferenceObject(Job->CompletionPort); + } + + /* unlink the job object */ + if(Job->JobLinks.Flink != NULL) + { + ExAcquireFastMutex(&PsJobListLock); + RemoveEntryList(&Job->JobLinks); + ExReleaseFastMutex(&PsJobListLock); + } + + ExDeleteResource(&Job->JobLock); } VOID INIT_FUNCTION @@ -68,9 +79,18 @@ ObpCreateTypeObject(PsJobType); InitializeListHead(&PsJobListHead); - KeInitializeSpinLock(&PsJobListLock); + ExInitializeFastMutex(&PsJobListLock); } +NTSTATUS +PspAssignProcessToJob(PEPROCESS Process, + PEJOB Job) +{ + DPRINT("PspAssignProcessToJob() is unimplemented!\n"); + return STATUS_NOT_IMPLEMENTED; +} + + /* * @unimplemented */ @@ -79,8 +99,80 @@ NtAssignProcessToJobObject(HANDLE JobHandle, HANDLE ProcessHandle) { - UNIMPLEMENTED; - return STATUS_NOT_IMPLEMENTED; + PEPROCESS Process; + KPROCESSOR_MODE PreviousMode; + NTSTATUS Status; + + PreviousMode = ExGetPreviousMode(); + + /* make sure we're having a handle with enough rights, especially the to + terminate the process. otherwise one could abuse the job objects to + terminate processes without having rights granted to do so! The reason + I open the process handle before the job handle is that a simple test showed + that it first complains about a invalid process handle! The other way around + would be simpler though... */ + Status = ObReferenceObjectByHandle(ProcessHandle, + PROCESS_TERMINATE, + PsProcessType, + PreviousMode, + (PVOID*)&Process, + NULL); + if(NT_SUCCESS(Status)) + { + if(Process->Job == NULL) + { + PEJOB Job; + + Status = ObReferenceObjectByHandle(JobHandle, + JOB_OBJECT_ASSIGN_PROCESS, + PsJobType, + PreviousMode, + (PVOID*)&Job, + NULL); + if(NT_SUCCESS(Status)) + { + /* lock the process so we can safely assign the process. Note that in the + meanwhile another thread could have assigned this process to a job! */ + + Status = PsLockProcess(Process, FALSE); + if(NT_SUCCESS(Status)) + { + if(Process->Job == NULL && Process->SessionId == Job->SessionId) + { + /* Just store the pointer to the job object in the process, we'll + assign it later. The reason we can't do this here is that locking + the job object might require it to wait, which is a bad thing + while holding the process lock! */ + Process->Job = Job; + } + else + { + /* process is already assigned to a job or session id differs! */ + Status = STATUS_ACCESS_DENIED; + } + PsUnlockProcess(Process); + + if(NT_SUCCESS(Status)) + { + /* let's actually assign the process to the job as we're not holding + the process lock anymore! */ + Status = PspAssignProcessToJob(Process, Job); + } + } + + ObDereferenceObject(Job); + } + } + else + { + /* process is already assigned to a job or session id differs! */ + Status = STATUS_ACCESS_DENIED; + } + + ObDereferenceObject(Process); + } + + return Status; } @@ -93,8 +185,90 @@ ACCESS_MASK DesiredAccess, POBJECT_ATTRIBUTES ObjectAttributes) { - UNIMPLEMENTED; - return STATUS_NOT_IMPLEMENTED; + HANDLE hJob; + PEJOB Job; + KPROCESSOR_MODE PreviousMode; + PEPROCESS CurrentProcess; + NTSTATUS Status = STATUS_SUCCESS; + + PreviousMode = ExGetPreviousMode(); + CurrentProcess = PsGetCurrentProcess(); + + /* check for valid buffers */ + if(PreviousMode == UserMode) + { + _SEH_TRY + { + /* probe with 32bit alignment */ + ProbeForWrite(JobHandle, + sizeof(HANDLE), + sizeof(ULONG)); + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } + } + + Status = ObCreateObject(PreviousMode, + PsJobType, + ObjectAttributes, + PreviousMode, + NULL, + sizeof(EJOB), + 0, + 0, + (PVOID*)&Job); + + if(NT_SUCCESS(Status)) + { + /* FIXME - Zero all fields as we don't yet implement all of them */ + RtlZeroMemory(Job, sizeof(EJOB)); + + /* make sure that early destruction doesn't attempt to remove the object from + the list before it even gets added! */ + Job->JobLinks.Flink = NULL; + + /* setup the job object */ + InitializeListHead(&Job->ProcessListHead); + Job->SessionId = CurrentProcess->SessionId; /* inherit the session id from the caller */ + + Status = ExInitializeResource(&Job->JobLock); + if(!NT_SUCCESS(Status)) + { + DPRINT1("Failed to initialize job lock!!!\n"); + ObDereferenceObject(Job); + return Status; + } + KeInitializeEvent(&Job->Event, NotificationEvent, FALSE); + + /* link the object into the global job list */ + ExAcquireFastMutex(&PsJobListLock); + InsertTailList(&PsJobListHead, &Job->JobLinks); + ExReleaseFastMutex(&PsJobListLock); + + /* pass the handle back to the caller */ + _SEH_TRY + { + /* NOTE: if the caller passed invalid buffers to receive the handle it's his + own fault! the object will still be created and live... It's possible + to find the handle using ObFindHandleForObject()! */ + *JobHandle = hJob; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + } + + return Status; }

19 years, 9 months

[weiden] 13183: add PoolType parameter to ObpCaptureObjectAttributes() and removed an unused parameter

by weiden＠svn.reactos.com

add PoolType parameter to ObpCaptureObjectAttributes() and removed an unused parameter Modified: trunk/reactos/ntoskrnl/include/internal/ob.h Modified: trunk/reactos/ntoskrnl/ob/object.c _____ Modified: trunk/reactos/ntoskrnl/include/internal/ob.h --- trunk/reactos/ntoskrnl/include/internal/ob.h 2005-01-21 12:27:32 UTC (rev 13182) +++ trunk/reactos/ntoskrnl/include/internal/ob.h 2005-01-21 13:25:28 UTC (rev 13183) @@ -327,8 +327,8 @@ NTSTATUS ObpCaptureObjectAttributes(IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, - IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, + IN POOL_TYPE PoolType, IN BOOLEAN CaptureIfKernel, OUT PCAPTURED_OBJECT_ATTRIBUTES CapturedObjectAttributes OPTIONAL, OUT PUNICODE_STRING ObjectName OPTIONAL); _____ Modified: trunk/reactos/ntoskrnl/ob/object.c --- trunk/reactos/ntoskrnl/ob/object.c 2005-01-21 12:27:32 UTC (rev 13182) +++ trunk/reactos/ntoskrnl/ob/object.c 2005-01-21 13:25:28 UTC (rev 13183) @@ -41,8 +41,8 @@ NTSTATUS ObpCaptureObjectAttributes(IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, - IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, + IN POOL_TYPE PoolType, IN BOOLEAN CaptureIfKernel, OUT PCAPTURED_OBJECT_ATTRIBUTES CapturedObjectAttributes OPTIONAL, OUT PUNICODE_STRING ObjectName OPTIONAL) @@ -135,7 +135,7 @@ { Status = SeCaptureSecurityDescriptor(AttributesCopy.SecurityDescriptor, AccessMode, - PagedPool, + PoolType, TRUE, &CapturedObjectAttributes->SecurityDescriptor); if(!NT_SUCCESS(Status)) @@ -183,7 +183,7 @@ if(OriginalCopy.Length > 0) { ObjectName->MaximumLength = OriginalCopy.Length + sizeof(WCHAR); - ObjectName->Buffer = ExAllocatePool(NonPagedPool, + ObjectName->Buffer = ExAllocatePool(PoolType, ObjectName->MaximumLength); if(ObjectName->Buffer != NULL) { @@ -237,7 +237,7 @@ if(OriginalCopy.Length > 0) { ObjectName->MaximumLength = OriginalCopy.Length + sizeof(WCHAR); - ObjectName->Buffer = ExAllocatePool(NonPagedPool, + ObjectName->Buffer = ExAllocatePool(PoolType, ObjectName->MaximumLength); if(ObjectName->Buffer != NULL) {

19 years, 9 months

[ros-diffs] [ekohl] 13182: Implement MyFree, MyMalloc and MyReAlloc.

by ekohl＠svn.reactos.com

Implement MyFree, MyMalloc and MyReAlloc. Modified: trunk/reactos/lib/setupapi/Makefile.in Added: trunk/reactos/lib/setupapi/misc.c Modified: trunk/reactos/lib/setupapi/setupapi.spec _____ Modified: trunk/reactos/lib/setupapi/Makefile.in --- trunk/reactos/lib/setupapi/Makefile.in 2005-01-21 11:14:41 UTC (rev 13181) +++ trunk/reactos/lib/setupapi/Makefile.in 2005-01-21 12:27:32 UTC (rev 13182) @@ -15,6 +15,7 @@ dirid.c \ diskspace.c \ install.c \ + misc.c \ parser.c \ queue.c \ setupcab.c \ _____ Added: trunk/reactos/lib/setupapi/misc.c --- trunk/reactos/lib/setupapi/misc.c 2005-01-21 11:14:41 UTC (rev 13181) +++ trunk/reactos/lib/setupapi/misc.c 2005-01-21 12:27:32 UTC (rev 13182) @@ -0,0 +1,93 @@ +/* + * Setupapi miscellaneous functions + * + * Copyright 2005 Eric Kohl + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#include <stdarg.h> + +#include "windef.h" +#include "winbase.h" +#include "wingdi.h" +#include "winuser.h" +#include "winreg.h" +#include "setupapi.h" + + +/********************************************************************** **** + * MyFree [SETUPAPI.@] + * + * Frees an allocated memory block from the process heap. + * + * PARAMS + * lpMem [I] pointer to memory block which will be freed + * + * RETURNS + * None + */ + +VOID WINAPI MyFree(LPVOID lpMem) +{ + HeapFree(GetProcessHeap(), 0, lpMem); +} + + +/********************************************************************** **** + * MyMalloc [SETUPAPI.@] + * + * Allocates memory block from the process heap. + * + * PARAMS + * dwSize [I] size of the allocated memory block + * + * RETURNS + * Success: pointer to allocated memory block + * Failure: NULL + */ + +LPVOID WINAPI MyMalloc(DWORD dwSize) +{ + return HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwSize); +} + + +/********************************************************************** **** + * MyRealloc [SETUPAPI.@] + * + * Changes the size of an allocated memory block or allocates a memory + * block from the process heap. + * + * PARAMS + * lpSrc [I] pointer to memory block which will be resized + * dwSize [I] new size of the memory block + * + * RETURNS + * Success: pointer to the resized memory block + * Failure: NULL + * + * NOTES + * If lpSrc is a NULL-pointer, then MyRealloc allocates a memory + * block like MyMalloc. + */ + +LPVOID WINAPI MyRealloc(LPVOID lpSrc, DWORD dwSize) +{ + if (lpSrc == NULL) + return HeapAlloc(GetProcessHeap(), 0, dwSize); + + return HeapReAlloc(GetProcessHeap(), 0, lpSrc, dwSize); +} _____ Modified: trunk/reactos/lib/setupapi/setupapi.spec --- trunk/reactos/lib/setupapi/setupapi.spec 2005-01-21 11:14:41 UTC (rev 13181) +++ trunk/reactos/lib/setupapi/setupapi.spec 2005-01-21 12:27:32 UTC (rev 13182) @@ -1,3 +1,6 @@ +@ stub AddTagToGroupOrderListEntry +@ stub AppendStringToMultiSz +@ stub AssertFail @ stdcall CM_Connect_MachineW(wstr ptr) @ stdcall CM_Disconnect_Machine(long) @ stub CM_Free_Log_Conf_Handle @@ -36,10 +39,10 @@ @ stub MemoryInitialize @ stub MultiByteToUnicode @ stub MultiSzFromSearchControl -@ stub MyFree +@ stdcall MyFree(ptr) @ stub MyGetFileTitle -@ stub MyMalloc -@ stub MyRealloc +@ stdcall MyMalloc(long) +@ stdcall MyRealloc(ptr long) @ stub OpenAndMapFileForRead @ stub OutOfMemory @ stub QueryMultiSzValueToArray

19 years, 9 months

[weiden] 13181: fixed ObpCaptureObjectAttributes() so it doesn't copy the object name if probing previously failed

by weiden＠svn.reactos.com

fixed ObpCaptureObjectAttributes() so it doesn't copy the object name if probing previously failed Modified: trunk/reactos/ntoskrnl/ob/object.c _____ Modified: trunk/reactos/ntoskrnl/ob/object.c --- trunk/reactos/ntoskrnl/ob/object.c 2005-01-21 10:33:30 UTC (rev 13180) +++ trunk/reactos/ntoskrnl/ob/object.c 2005-01-21 11:14:41 UTC (rev 13181) @@ -178,37 +178,41 @@ } _SEH_END; - if(OriginalCopy.Length > 0) + if(NT_SUCCESS(Status)) { - ObjectName->MaximumLength = OriginalCopy.Length + sizeof(WCHAR); - ObjectName->Buffer = ExAllocatePool(NonPagedPool, - ObjectName->MaximumLength); - if(ObjectName->Buffer != NULL) + if(OriginalCopy.Length > 0) { - _SEH_TRY + ObjectName->MaximumLength = OriginalCopy.Length + sizeof(WCHAR); + ObjectName->Buffer = ExAllocatePool(NonPagedPool, + ObjectName->MaximumLength); + if(ObjectName->Buffer != NULL) { - /* no need to probe OriginalCopy.Buffer again, we already did that - when capturing the UNICODE_STRING structure itself */ - RtlCopyMemory(ObjectName->Buffer, OriginalCopy.Buffer, OriginalCopy.Length); - ObjectName->Buffer[OriginalCopy.Length / sizeof(WCHAR)] = L'\0'; + _SEH_TRY + { + /* no need to probe OriginalCopy.Buffer again, we already did that + when capturing the UNICODE_STRING structure itself */ + RtlCopyMemory(ObjectName->Buffer, OriginalCopy.Buffer, OriginalCopy.Length); + ObjectName->Buffer[OriginalCopy.Length / sizeof(WCHAR)] = L'\0'; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; } - _SEH_HANDLE + else { - Status = _SEH_GetExceptionCode(); + Status = STATUS_INSUFFICIENT_RESOURCES; } - _SEH_END; } - else + else if(AttributesCopy.RootDirectory != NULL /* && OriginalCopy.Length == 0 */) { - Status = STATUS_INSUFFICIENT_RESOURCES; + /* if the caller specified a root directory, there must be an object name! */ + Status = STATUS_OBJECT_NAME_INVALID; } } - else if(AttributesCopy.RootDirectory != NULL /* && OriginalCopy.Length == 0 */) - { - /* if the caller specified a root directory, there must be an object name! */ - Status = STATUS_OBJECT_NAME_INVALID; - } + /* handle failure */ if(!NT_SUCCESS(Status)) { failallocatedcleanup:

19 years, 9 months

[weiden] 13180: fixed usage of uninitialized variable

by weiden＠svn.reactos.com

fixed usage of uninitialized variable Modified: trunk/reactos/ntoskrnl/ob/object.c _____ Modified: trunk/reactos/ntoskrnl/ob/object.c --- trunk/reactos/ntoskrnl/ob/object.c 2005-01-21 10:28:13 UTC (rev 13179) +++ trunk/reactos/ntoskrnl/ob/object.c 2005-01-21 10:33:30 UTC (rev 13180) @@ -90,8 +90,10 @@ } else if(AccessMode == KernelMode && !CaptureIfKernel) { - if(AttributesCopy.Length != sizeof(OBJECT_ATTRIBUTES)) + if(ObjectAttributes->Length != sizeof(OBJECT_ATTRIBUTES)) { + /* we don't have to capture any memory, the caller considers the passed data + as valid */ if(ObjectName != NULL) { *ObjectName = *ObjectAttributes->ObjectName; @@ -102,14 +104,14 @@ CapturedObjectAttributes->Attributes = ObjectAttributes->Attributes; CapturedObjectAttributes->SecurityDescriptor = ObjectAttributes->SecurityDescriptor; } + + return STATUS_SUCCESS; } else { Status = STATUS_INVALID_PARAMETER; goto failbasiccleanup; } - - return STATUS_SUCCESS; } else {

19 years, 9 months

[weiden] 13179: added helper functions ObpCaptureObjectAttributes() and ObpReleaseObjectAttributes() to be used to safely capture OBJECT_ATTRIBUTES structures

by weiden＠svn.reactos.com

added helper functions ObpCaptureObjectAttributes() and ObpReleaseObjectAttributes() to be used to safely capture OBJECT_ATTRIBUTES structures Modified: trunk/reactos/ntoskrnl/include/internal/ob.h Modified: trunk/reactos/ntoskrnl/ob/object.c _____ Modified: trunk/reactos/ntoskrnl/include/internal/ob.h --- trunk/reactos/ntoskrnl/include/internal/ob.h 2005-01-21 02:39:59 UTC (rev 13178) +++ trunk/reactos/ntoskrnl/include/internal/ob.h 2005-01-21 10:28:13 UTC (rev 13179) @@ -315,5 +315,29 @@ VOID ObpDereferenceCachedSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptor); +/* Secure object information functions */ +typedef struct _CAPTURED_OBJECT_ATTRIBUTES +{ + HANDLE RootDirectory; + ULONG Attributes; + PSECURITY_DESCRIPTOR SecurityDescriptor; + /* PVOID SecurityQualityOfService; */ +} CAPTURED_OBJECT_ATTRIBUTES, *PCAPTURED_OBJECT_ATTRIBUTES; + +NTSTATUS +ObpCaptureObjectAttributes(IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, + IN POBJECT_TYPE ObjectType, + IN KPROCESSOR_MODE AccessMode, + IN BOOLEAN CaptureIfKernel, + OUT PCAPTURED_OBJECT_ATTRIBUTES CapturedObjectAttributes OPTIONAL, + OUT PUNICODE_STRING ObjectName OPTIONAL); + +VOID +ObpReleaseObjectAttributes(IN PCAPTURED_OBJECT_ATTRIBUTES CapturedObjectAttributes OPTIONAL, + IN PUNICODE_STRING ObjectName OPTIONAL, + IN KPROCESSOR_MODE AccessMode, + IN BOOLEAN CaptureIfKernel); + + #endif /* __INCLUDE_INTERNAL_OBJMGR_H */ _____ Modified: trunk/reactos/ntoskrnl/ob/object.c --- trunk/reactos/ntoskrnl/ob/object.c 2005-01-21 02:39:59 UTC (rev 13178) +++ trunk/reactos/ntoskrnl/ob/object.c 2005-01-21 10:28:13 UTC (rev 13179) @@ -39,7 +39,257 @@ return(CONTAINING_RECORD((&(chdr->Type)),OBJECT_HEADER,Type)); } +NTSTATUS +ObpCaptureObjectAttributes(IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, + IN POBJECT_TYPE ObjectType, + IN KPROCESSOR_MODE AccessMode, + IN BOOLEAN CaptureIfKernel, + OUT PCAPTURED_OBJECT_ATTRIBUTES CapturedObjectAttributes OPTIONAL, + OUT PUNICODE_STRING ObjectName OPTIONAL) +{ + OBJECT_ATTRIBUTES AttributesCopy; + NTSTATUS Status = STATUS_SUCCESS; + + /* at least one output parameter must be != NULL! */ + ASSERT((ULONG_PTR)SecureObjectInformation ^ (ULONG_PTR)ObjectName != 0); + + if(ObjectAttributes == NULL) + { +failbasiccleanup: + if(ObjectName != NULL) + { + RtlInitUnicodeString(ObjectName, NULL); + } + if(CapturedObjectAttributes != NULL) + { + RtlZeroMemory(CapturedObjectAttributes, sizeof(CAPTURED_OBJECT_ATTRIBUTES)); + } + return Status; /* STATUS_SUCCESS */ + } + + if(AccessMode != KernelMode) + { + _SEH_TRY + { + ProbeForRead(ObjectAttributes, + sizeof(ObjectAttributes), + sizeof(ULONG)); + /* make a copy on the stack */ + AttributesCopy = *ObjectAttributes; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } + } + else if(AccessMode == KernelMode && !CaptureIfKernel) + { + if(AttributesCopy.Length != sizeof(OBJECT_ATTRIBUTES)) + { + if(ObjectName != NULL) + { + *ObjectName = *ObjectAttributes->ObjectName; + } + if(CapturedObjectAttributes != NULL) + { + CapturedObjectAttributes->RootDirectory = ObjectAttributes->RootDirectory; + CapturedObjectAttributes->Attributes = ObjectAttributes->Attributes; + CapturedObjectAttributes->SecurityDescriptor = ObjectAttributes->SecurityDescriptor; + } + } + else + { + Status = STATUS_INVALID_PARAMETER; + goto failbasiccleanup; + } + return STATUS_SUCCESS; + } + else + { + AttributesCopy = *ObjectAttributes; + } + + /* if Length isn't as expected, bail with an invalid parameter status code so + the caller knows he passed garbage... */ + if(AttributesCopy.Length != sizeof(OBJECT_ATTRIBUTES)) + { + Status = STATUS_INVALID_PARAMETER; + goto failbasiccleanup; + } + + if(CapturedObjectAttributes != NULL) + { + CapturedObjectAttributes->RootDirectory = AttributesCopy.RootDirectory; + CapturedObjectAttributes->Attributes = AttributesCopy.Attributes; + + if(AttributesCopy.SecurityDescriptor != NULL) + { + Status = SeCaptureSecurityDescriptor(AttributesCopy.SecurityDescriptor, + AccessMode, + PagedPool, + TRUE, + &CapturedObjectAttributes->SecurityDescriptor); + if(!NT_SUCCESS(Status)) + { + DPRINT1("Unable to capture the security descriptor!!!\n"); + goto failbasiccleanup; + } + } + else + { + CapturedObjectAttributes->SecurityDescriptor = NULL; + } + } + + if(ObjectName != NULL) + { + if(AttributesCopy.ObjectName != NULL) + { + UNICODE_STRING OriginalCopy; + + if(AccessMode != KernelMode) + { + _SEH_TRY + { + /* probe the ObjectName structure and make a local stack copy of it */ + ProbeForRead(AttributesCopy.ObjectName, + sizeof(UNICODE_STRING), + sizeof(ULONG)); + OriginalCopy = *AttributesCopy.ObjectName; + if(OriginalCopy.Length > 0) + { + ProbeForRead(OriginalCopy.Buffer, + OriginalCopy.Length, + sizeof(ULONG)); + } + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(OriginalCopy.Length > 0) + { + ObjectName->MaximumLength = OriginalCopy.Length + sizeof(WCHAR); + ObjectName->Buffer = ExAllocatePool(NonPagedPool, + ObjectName->MaximumLength); + if(ObjectName->Buffer != NULL) + { + _SEH_TRY + { + /* no need to probe OriginalCopy.Buffer again, we already did that + when capturing the UNICODE_STRING structure itself */ + RtlCopyMemory(ObjectName->Buffer, OriginalCopy.Buffer, OriginalCopy.Length); + ObjectName->Buffer[OriginalCopy.Length / sizeof(WCHAR)] = L'\0'; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + } + else + { + Status = STATUS_INSUFFICIENT_RESOURCES; + } + } + else if(AttributesCopy.RootDirectory != NULL /* && OriginalCopy.Length == 0 */) + { + /* if the caller specified a root directory, there must be an object name! */ + Status = STATUS_OBJECT_NAME_INVALID; + } + + if(!NT_SUCCESS(Status)) + { +failallocatedcleanup: + if(ObjectName->Buffer) + { + ExFreePool(ObjectName->Buffer); + } + if(CapturedObjectAttributes != NULL) + { + /* cleanup allocated resources */ + SeReleaseSecurityDescriptor(CapturedObjectAttributes->SecurityDescriptor , + AccessMode, + TRUE); + } + goto failbasiccleanup; + } + } + else /* AccessMode == KernelMode */ + { + OriginalCopy = *AttributesCopy.ObjectName; + + if(OriginalCopy.Length > 0) + { + ObjectName->MaximumLength = OriginalCopy.Length + sizeof(WCHAR); + ObjectName->Buffer = ExAllocatePool(NonPagedPool, + ObjectName->MaximumLength); + if(ObjectName->Buffer != NULL) + { + RtlCopyMemory(ObjectName->Buffer, OriginalCopy.Buffer, OriginalCopy.Length); + ObjectName->Buffer[OriginalCopy.Length / sizeof(WCHAR)] = L'\0'; + } + else + { + Status = STATUS_INSUFFICIENT_RESOURCES; + } + } + else if(AttributesCopy.RootDirectory != NULL /* && OriginalCopy.Length == 0 */) + { + /* if the caller specified a root directory, there must be an object name! */ + Status = STATUS_OBJECT_NAME_INVALID; + } + + if(!NT_SUCCESS(Status)) + { + goto failallocatedcleanup; + } + } + } + else + { + RtlInitUnicodeString(ObjectName, NULL); + } + } + + return Status; +} + +VOID +ObpReleaseObjectAttributes(IN PCAPTURED_OBJECT_ATTRIBUTES CapturedObjectAttributes OPTIONAL, + IN PUNICODE_STRING ObjectName OPTIONAL, + IN KPROCESSOR_MODE AccessMode, + IN BOOLEAN CaptureIfKernel) +{ + /* WARNING - You need to pass the same parameters to this function as you passed + to ObpCaptureObjectAttributes() to avoid memory leaks */ + if(AccessMode != KernelMode || + (AccessMode == KernelMode && CaptureIfKernel)) + { + if(CapturedObjectAttributes != NULL && + CapturedObjectAttributes->SecurityDescriptor != NULL) + { + ExFreePool(CapturedObjectAttributes->SecurityDescriptor); + CapturedObjectAttributes->SecurityDescriptor = NULL; + } + if(ObjectName != NULL && + ObjectName->Length > 0) + { + ExFreePool(ObjectName->Buffer); + } + } +} + + /********************************************************************** * NAME PRIVATE * ObFindObject@16 @@ -344,6 +594,27 @@ SECURITY_SUBJECT_CONTEXT SubjectContext; ASSERT_IRQL(APC_LEVEL); + + if(AccessMode == UserMode) + { + Status = STATUS_SUCCESS; + _SEH_TRY + { + ProbeForRead(ObjectAttributes, + sizeof(OBJECT_ATTRIBUTES), + sizeof(ULONG)); + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } + } DPRINT("ObCreateObject(Type %p ObjectAttributes %p, Object %p)\n", Type, ObjectAttributes, Object);

19 years, 9 months

[weiden] 13178: SeCaptureSecurityDescriptor() should only copy SIDs and ACLs when present

by weiden＠svn.reactos.com

SeCaptureSecurityDescriptor() should only copy SIDs and ACLs when present Modified: trunk/reactos/ntoskrnl/se/sd.c _____ Modified: trunk/reactos/ntoskrnl/se/sd.c --- trunk/reactos/ntoskrnl/se/sd.c 2005-01-21 02:34:33 UTC (rev 13177) +++ trunk/reactos/ntoskrnl/se/sd.c 2005-01-21 02:39:59 UTC (rev 13178) @@ -127,7 +127,7 @@ ULONG OwnerSAC = 0, GroupSAC = 0; ULONG OwnerSize = 0, GroupSize = 0; ULONG SaclSize = 0, DaclSize = 0; - ULONG DescriptorSize; + ULONG DescriptorSize = sizeof(SECURITY_DESCRIPTOR); NTSTATUS Status = STATUS_SUCCESS; if(OriginalSecurityDescriptor != NULL) @@ -212,6 +212,7 @@ 1); \ SidType##SAC = SidType->SubAuthorityCount; \ SidType##Size = RtlLengthRequiredSid(SidType##SAC); \ + DescriptorSize += ROUND_UP(SidType##Size, sizeof(ULONG)); \ ProbeForRead(SidType, \ SidType##Size, \ sizeof(ULONG)); \ @@ -235,6 +236,7 @@ { \ SidType##SAC = SidType->SubAuthorityCount; \ SidType##Size = RtlLengthRequiredSid(SidType##SAC); \ + DescriptorSize += ROUND_UP(SidType##Size, sizeof(ULONG)); \ } \ } \ } while(0) @@ -259,6 +261,7 @@ sizeof(AclType->AclSize), \ 1); \ AclType##Size = AclType->AclSize; \ + DescriptorSize += ROUND_UP(AclType##Size, sizeof(ULONG)); \ ProbeForRead(AclType, \ AclType##Size, \ sizeof(ULONG)); \ @@ -281,6 +284,7 @@ else \ { \ AclType##Size = AclType->AclSize; \ + DescriptorSize += ROUND_UP(AclType##Size, sizeof(ULONG)); \ } \ } \ else \ @@ -294,12 +298,6 @@ /* allocate enough memory to store a complete copy of a self-relative security descriptor */ - DescriptorSize = sizeof(SECURITY_DESCRIPTOR) + - ROUND_UP(OwnerSize, sizeof(ULONG)) + - ROUND_UP(GroupSize, sizeof(ULONG)) + - ROUND_UP(SaclSize, sizeof(ULONG)) + - ROUND_UP(DaclSize, sizeof(ULONG)); - NewDescriptor = ExAllocatePool(PoolType, DescriptorSize); if(NewDescriptor != NULL) @@ -310,30 +308,28 @@ NewDescriptor->Sbz1 = DescriptorCopy.Sbz1; NewDescriptor->Control = DescriptorCopy.Control | SE_SELF_RELATIVE; - /* setup the offsets to the SIDs and ACLs */ - NewDescriptor->Owner = (PVOID)Offset; - Offset += ROUND_UP(OwnerSize, sizeof(ULONG)); - NewDescriptor->Group = (PVOID)Offset; - Offset += ROUND_UP(GroupSize, sizeof(ULONG)); - NewDescriptor->Sacl = (PVOID)Offset; - Offset += ROUND_UP(SaclSize, sizeof(ULONG)); - NewDescriptor->Dacl = (PVOID)Offset; - _SEH_TRY { - /* copy the SIDs and ACLs to the new self-relative security descriptor */ - RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + (ULONG_PTR)NewDescriptor->Owner), - DescriptorCopy.Owner, - OwnerSize); - RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + (ULONG_PTR)NewDescriptor->Group), - DescriptorCopy.Group, - GroupSize); - RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + (ULONG_PTR)NewDescriptor->Sacl), - DescriptorCopy.Sacl, - SaclSize); - RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + (ULONG_PTR)NewDescriptor->Dacl), - DescriptorCopy.Dacl, - DaclSize); + /* setup the offsets and copy the SIDs and ACLs to the new + self-relative security descriptor. Probing the pointers is not + neccessary anymore as we did that when collecting the sizes! */ +#define CopySIDOrACL(Type) \ + do { \ + if(DescriptorCopy.Type != NULL) \ + { \ + NewDescriptor->Type = (PVOID)Offset; \ + RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + \ + (ULONG_PTR)NewDescriptor->Type), \ + DescriptorCopy.Type, \ + Type##Size); \ + Offset += ROUND_UP(Type##Size, sizeof(ULONG)); \ + } \ + } while(0) + + CopySIDOrACL(Owner); + CopySIDOrACL(Group); + CopySIDOrACL(Sacl); + CopySIDOrACL(Dacl); } _SEH_HANDLE {

19 years, 9 months

[tamlin] 13177: Fix crashing browsing namespace with non-zero-terminated UNICODE_STRING.

by tamlin＠svn.reactos.com

Fix crashing browsing namespace with non-zero-terminated UNICODE_STRING. Modified: trunk/reactos/subsys/system/explorer/shell/ntobjfs.cpp _____ Modified: trunk/reactos/subsys/system/explorer/shell/ntobjfs.cpp --- trunk/reactos/subsys/system/explorer/shell/ntobjfs.cpp 2005-01-21 02:19:13 UTC (rev 13176) +++ trunk/reactos/subsys/system/explorer/shell/ntobjfs.cpp 2005-01-21 02:34:33 UTC (rev 13177) @@ -227,6 +227,16 @@ memset(&w32fd, 0, sizeof(WIN32_FIND_DATA)); #ifdef UNICODE + if (info->name.string_ptr) { + info->name.string_ptr[info->name.string_len / sizeof(WCHAR)] = 0; + } else { + info->name.string_ptr = TEXT(""); + } + if (info->type.string_ptr) { + info->type.string_ptr[info->type.string_len / sizeof(WCHAR)] = 0; + } else { + info->type.string_ptr = TEXT(""); + } wcscpyn(p, info->name.string_ptr, _MAX_PATH); #else WideCharToMultiByte(CP_ACP, 0, info->name.string_ptr, info->name.string_len, p, MAX_PATH, 0, 0);

19 years, 9 months

[weiden] 13176: SeCaptureSecurityDescriptor() should take PoolType into account...

by weiden＠svn.reactos.com

SeCaptureSecurityDescriptor() should take PoolType into account... Modified: trunk/reactos/ntoskrnl/se/sd.c _____ Modified: trunk/reactos/ntoskrnl/se/sd.c --- trunk/reactos/ntoskrnl/se/sd.c 2005-01-21 02:14:52 UTC (rev 13175) +++ trunk/reactos/ntoskrnl/se/sd.c 2005-01-21 02:19:13 UTC (rev 13176) @@ -300,7 +300,7 @@ ROUND_UP(SaclSize, sizeof(ULONG)) + ROUND_UP(DaclSize, sizeof(ULONG)); - NewDescriptor = ExAllocatePool(PagedPool, + NewDescriptor = ExAllocatePool(PoolType, DescriptorSize); if(NewDescriptor != NULL) {

19 years, 9 months

[weiden] 13175: implemented SeCaptureSecurityDescriptor() and SeReleaseSecurityDescriptor(), thanks also to Alex

by weiden＠svn.reactos.com

implemented SeCaptureSecurityDescriptor() and SeReleaseSecurityDescriptor(), thanks also to Alex Modified: trunk/reactos/ntoskrnl/se/sd.c _____ Modified: trunk/reactos/ntoskrnl/se/sd.c --- trunk/reactos/ntoskrnl/se/sd.c 2005-01-20 23:25:05 UTC (rev 13174) +++ trunk/reactos/ntoskrnl/se/sd.c 2005-01-21 02:14:52 UTC (rev 13175) @@ -110,7 +110,7 @@ } /* - * @unimplemented + * @implemented */ NTSTATUS STDCALL @@ -122,8 +122,250 @@ OUT PSECURITY_DESCRIPTOR *CapturedSecurityDescriptor ) { - UNIMPLEMENTED; - return STATUS_NOT_IMPLEMENTED; + SECURITY_DESCRIPTOR DescriptorCopy; + PSECURITY_DESCRIPTOR NewDescriptor; + ULONG OwnerSAC = 0, GroupSAC = 0; + ULONG OwnerSize = 0, GroupSize = 0; + ULONG SaclSize = 0, DaclSize = 0; + ULONG DescriptorSize; + NTSTATUS Status = STATUS_SUCCESS; + + if(OriginalSecurityDescriptor != NULL) + { + if(CurrentMode != KernelMode) + { + _SEH_TRY + { + ProbeForRead(OriginalSecurityDescriptor, + sizeof(SECURITY_DESCRIPTOR), + sizeof(ULONG)); + + /* make a copy on the stack */ + DescriptorCopy = *OriginalSecurityDescriptor; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } + } + else + { + /* make a copy on the stack */ + DescriptorCopy = *OriginalSecurityDescriptor; + } + + if(CurrentMode == KernelMode && !CaptureIfKernel) + { + *CapturedSecurityDescriptor = OriginalSecurityDescriptor; + return STATUS_SUCCESS; + } + + if(DescriptorCopy.Revision != SECURITY_DESCRIPTOR_REVISION1) + { + return STATUS_UNKNOWN_REVISION; + } + + if(DescriptorCopy.Control & SE_SELF_RELATIVE) + { + /* in case we're dealing with a self-relative descriptor, do a basic convert + to an absolute descriptor. We do this so we can simply access the data + using the pointers without calculating them again. */ + DescriptorCopy.Control &= ~SE_SELF_RELATIVE; + if(DescriptorCopy.Owner != NULL) + { + DescriptorCopy.Owner = (PSID)((ULONG_PTR)OriginalSecurityDescriptor + (ULONG_PTR)DescriptorCopy.Owner); + } + if(DescriptorCopy.Group != NULL) + { + DescriptorCopy.Group = (PSID)((ULONG_PTR)OriginalSecurityDescriptor + (ULONG_PTR)DescriptorCopy.Group); + } + if(DescriptorCopy.Dacl != NULL) + { + DescriptorCopy.Dacl = (PACL)((ULONG_PTR)OriginalSecurityDescriptor + (ULONG_PTR)DescriptorCopy.Dacl); + } + if(DescriptorCopy.Sacl != NULL) + { + DescriptorCopy.Sacl = (PACL)((ULONG_PTR)OriginalSecurityDescriptor + (ULONG_PTR)DescriptorCopy.Sacl); + } + } + + /* determine the size of the SIDs */ +#define DetermineSIDSize(SidType) \ + do { \ + if(DescriptorCopy.SidType != NULL) \ + { \ + SID *SidType = (SID*)DescriptorCopy.SidType; \ + \ + if(CurrentMode != KernelMode) \ + { \ + /* securely access the buffers! */ \ + _SEH_TRY \ + { \ + ProbeForRead(&SidType->SubAuthorityCount, \ + sizeof(SidType->SubAuthorityCount), \ + 1); \ + SidType##SAC = SidType->SubAuthorityCount; \ + SidType##Size = RtlLengthRequiredSid(SidType##SAC); \ + ProbeForRead(SidType, \ + SidType##Size, \ + sizeof(ULONG)); \ + if(!RtlValidSid(SidType)) \ + { \ + Status = STATUS_INVALID_SID; \ + } \ + } \ + _SEH_HANDLE \ + { \ + Status = _SEH_GetExceptionCode(); \ + } \ + _SEH_END; \ + \ + if(!NT_SUCCESS(Status)) \ + { \ + return Status; \ + } \ + } \ + else \ + { \ + SidType##SAC = SidType->SubAuthorityCount; \ + SidType##Size = RtlLengthRequiredSid(SidType##SAC); \ + } \ + } \ + } while(0) + + DetermineSIDSize(Owner); + DetermineSIDSize(Group); + + /* determine the size of the ACLs */ +#define DetermineACLSize(AclType, AclFlag) \ + do { \ + if((DescriptorCopy.Control & SE_##AclFlag##_PRESENT) && \ + DescriptorCopy.AclType != NULL) \ + { \ + PACL AclType = (PACL)DescriptorCopy.AclType; \ + \ + if(CurrentMode != KernelMode) \ + { \ + /* securely access the buffers! */ \ + _SEH_TRY \ + { \ + ProbeForRead(&AclType->AclSize, \ + sizeof(AclType->AclSize), \ + 1); \ + AclType##Size = AclType->AclSize; \ + ProbeForRead(AclType, \ + AclType##Size, \ + sizeof(ULONG)); \ + if(!RtlValidAcl(AclType)) \ + { \ + Status = STATUS_INVALID_ACL; \ + } \ + } \ + _SEH_HANDLE \ + { \ + Status = _SEH_GetExceptionCode(); \ + } \ + _SEH_END; \ + \ + if(!NT_SUCCESS(Status)) \ + { \ + return Status; \ + } \ + } \ + else \ + { \ + AclType##Size = AclType->AclSize; \ + } \ + } \ + else \ + { \ + DescriptorCopy.AclType = NULL; \ + } \ + } while(0) + + DetermineACLSize(Sacl, SACL); + DetermineACLSize(Dacl, DACL); + + /* allocate enough memory to store a complete copy of a self-relative + security descriptor */ + DescriptorSize = sizeof(SECURITY_DESCRIPTOR) + + ROUND_UP(OwnerSize, sizeof(ULONG)) + + ROUND_UP(GroupSize, sizeof(ULONG)) + + ROUND_UP(SaclSize, sizeof(ULONG)) + + ROUND_UP(DaclSize, sizeof(ULONG)); + + NewDescriptor = ExAllocatePool(PagedPool, + DescriptorSize); + if(NewDescriptor != NULL) + { + ULONG_PTR Offset = sizeof(SECURITY_DESCRIPTOR); + + NewDescriptor->Revision = DescriptorCopy.Revision; + NewDescriptor->Sbz1 = DescriptorCopy.Sbz1; + NewDescriptor->Control = DescriptorCopy.Control | SE_SELF_RELATIVE; + + /* setup the offsets to the SIDs and ACLs */ + NewDescriptor->Owner = (PVOID)Offset; + Offset += ROUND_UP(OwnerSize, sizeof(ULONG)); + NewDescriptor->Group = (PVOID)Offset; + Offset += ROUND_UP(GroupSize, sizeof(ULONG)); + NewDescriptor->Sacl = (PVOID)Offset; + Offset += ROUND_UP(SaclSize, sizeof(ULONG)); + NewDescriptor->Dacl = (PVOID)Offset; + + _SEH_TRY + { + /* copy the SIDs and ACLs to the new self-relative security descriptor */ + RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + (ULONG_PTR)NewDescriptor->Owner), + DescriptorCopy.Owner, + OwnerSize); + RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + (ULONG_PTR)NewDescriptor->Group), + DescriptorCopy.Group, + GroupSize); + RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + (ULONG_PTR)NewDescriptor->Sacl), + DescriptorCopy.Sacl, + SaclSize); + RtlCopyMemory((PVOID)((ULONG_PTR)NewDescriptor + (ULONG_PTR)NewDescriptor->Dacl), + DescriptorCopy.Dacl, + DaclSize); + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(NT_SUCCESS(Status)) + { + /* we're finally done! copy the pointer to the captured descriptor to + to the caller */ + *CapturedSecurityDescriptor = NewDescriptor; + return STATUS_SUCCESS; + } + else + { + /* we failed to copy the data to the new descriptor */ + ExFreePool(NewDescriptor); + } + } + else + { + Status = STATUS_INSUFFICIENT_RESOURCES; + } + } + else + { + /* nothing to do... */ + *CapturedSecurityDescriptor = NULL; + } + + return Status; } /* @@ -262,7 +504,7 @@ } /* - * @unimplemented + * @implemented */ NTSTATUS STDCALL @@ -272,8 +514,18 @@ IN BOOLEAN CaptureIfKernelMode ) { - UNIMPLEMENTED; - return STATUS_NOT_IMPLEMENTED; + /* WARNING! You need to call this function with the same value for CurrentMode + and CaptureIfKernelMode that you previously passed to + SeCaptureSecurityDescriptor() in order to avoid memory leaks! */ + if(CapturedSecurityDescriptor != NULL && + (CurrentMode == UserMode || + (CurrentMode == KernelMode && CaptureIfKernelMode))) + { + /* only delete the descriptor when SeCaptureSecurityDescriptor() allocated one! */ + ExFreePool(CapturedSecurityDescriptor); + } + + return STATUS_SUCCESS; } /*

19 years, 9 months

← Newer
1
...
17
18
19
20
21
22
23
...
71
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Ros-diffs January 2005