Ros-diffs May 2021

ros-diffs@reactos.org

21 participants
183 discussions

[reactos] 01/01: [USBPORT] Make unload work
by Timo Kreuzer 28 May '21

28 May '21

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=e693d5ffc08e945e0d3d3… commit e693d5ffc08e945e0d3d3c4b7172d3f2b79e5f0e Author: Timo Kreuzer <timo.kreuzer(a)reactos.org> AuthorDate: Mon Oct 5 15:43:47 2020 +0200 Commit: Timo Kreuzer <timo.kreuzer(a)reactos.org> CommitDate: Fri May 28 22:29:44 2021 +0200 [USBPORT] Make unload work --- drivers/usb/usbport/pnp.c | 2 +- drivers/usb/usbport/usbport.c | 22 ++++++++++++++++++++++ drivers/usb/usbport/usbport.h | 8 +++++++- 3 files changed, 30 insertions(+), 2 deletions(-) diff --git a/drivers/usb/usbport/pnp.c b/drivers/usb/usbport/pnp.c index 545b75e8201..b744857c94b 100644 --- a/drivers/usb/usbport/pnp.c +++ b/drivers/usb/usbport/pnp.c @@ -490,7 +490,6 @@ NTAPI USBPORT_StopDevice(IN PDEVICE_OBJECT FdoDevice) { DPRINT1("USBPORT_StopDevice: UNIMPLEMENTED. FIXME\n"); - DbgBreakPoint(); return STATUS_SUCCESS; } @@ -901,6 +900,7 @@ USBPORT_StartDevice(IN PDEVICE_OBJECT FdoDevice, return Status; ExitWithError: + USBPORT_StopWorkerThread(FdoDevice); USBPORT_StopDevice(FdoDevice); DPRINT1("USBPORT_StartDevice: ExitWithError Status - %lx\n", Status); diff --git a/drivers/usb/usbport/usbport.c b/drivers/usb/usbport/usbport.c index 226bc6815aa..6fc6d6f155e 100644 --- a/drivers/usb/usbport/usbport.c +++ b/drivers/usb/usbport/usbport.c @@ -1390,6 +1390,11 @@ USBPORT_WorkerThread(IN PVOID StartContext) FALSE, NULL); + if (FdoExtension->Flags & USBPORT_FLAG_WORKER_THREAD_EXIT) + { + break; + } + KeQuerySystemTime(&NewTime); KeAcquireSpinLock(&FdoExtension->WorkerThreadEventSpinLock, &OldIrql); @@ -1445,6 +1450,23 @@ USBPORT_CreateWorkerThread(IN PDEVICE_OBJECT FdoDevice) return Status; } +VOID +NTAPI +USBPORT_StopWorkerThread(IN PDEVICE_OBJECT FdoDevice) +{ + PUSBPORT_DEVICE_EXTENSION FdoExtension; + NTSTATUS Status; + + DPRINT("USBPORT_StopWorkerThread ... \n"); + + FdoExtension = FdoDevice->DeviceExtension; + + FdoExtension->Flags |= USBPORT_FLAG_WORKER_THREAD_EXIT; + USBPORT_SignalWorkerThread(FdoDevice); + Status = ZwWaitForSingleObject(FdoExtension->WorkerThreadHandle, FALSE, NULL); + NT_ASSERT(Status == STATUS_SUCCESS); +} + VOID NTAPI USBPORT_SynchronizeControllersStart(IN PDEVICE_OBJECT FdoDevice) diff --git a/drivers/usb/usbport/usbport.h b/drivers/usb/usbport/usbport.h index 6ec826afede..9240c64545c 100644 --- a/drivers/usb/usbport/usbport.h +++ b/drivers/usb/usbport/usbport.h @@ -8,7 +8,7 @@ #ifndef USBPORT_H__ #define USBPORT_H__ -#include <ntddk.h> +#include <ntifs.h> #include <windef.h> #include <stdio.h> #include <wdmguid.h> @@ -67,6 +67,7 @@ #define USBPORT_FLAG_HC_STARTED 0x00000002 #define USBPORT_FLAG_HC_POLLING 0x00000004 #define USBPORT_FLAG_WORKER_THREAD_ON 0x00000008 +#define USBPORT_FLAG_WORKER_THREAD_EXIT 0x00000010 #define USBPORT_FLAG_HC_SUSPEND 0x00000100 #define USBPORT_FLAG_INTERRUPT_ENABLED 0x00000400 #define USBPORT_FLAG_SELECTIVE_SUSPEND 0x00000800 @@ -595,6 +596,11 @@ NTAPI USBPORT_CreateWorkerThread( IN PDEVICE_OBJECT FdoDevice); +VOID +NTAPI +USBPORT_StopWorkerThread( + IN PDEVICE_OBJECT FdoDevice); + BOOLEAN NTAPI USBPORT_StartTimer(

1 0

[reactos] 06/06: [CRT] Use the asm version of sqrt on amd64
by Timo Kreuzer 28 May '21

28 May '21

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=db0c59cbd43b3be9688f4… commit db0c59cbd43b3be9688f4550a4f5b089ea3ed8d9 Author: Timo Kreuzer <timo.kreuzer(a)reactos.org> AuthorDate: Mon Jan 29 18:41:18 2018 +0100 Commit: Timo Kreuzer <timo.kreuzer(a)reactos.org> CommitDate: Fri May 28 11:52:42 2021 +0200 [CRT] Use the asm version of sqrt on amd64 --- sdk/lib/crt/crt.cmake | 1 - sdk/lib/crt/libcntpr.cmake | 2 +- sdk/lib/crt/math/amd64/sqrt.S | 2 +- 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/sdk/lib/crt/crt.cmake b/sdk/lib/crt/crt.cmake index 848d9a90dbc..f3b9160a9b5 100644 --- a/sdk/lib/crt/crt.cmake +++ b/sdk/lib/crt/crt.cmake @@ -563,7 +563,6 @@ if(NOT ARCH STREQUAL "i386") math/modff.c math/sin.c math/sinhf.c - math/sqrt.c math/sqrtf.c math/tanf.c math/tanhf.c diff --git a/sdk/lib/crt/libcntpr.cmake b/sdk/lib/crt/libcntpr.cmake index 2ffb192219d..178a18cd704 100644 --- a/sdk/lib/crt/libcntpr.cmake +++ b/sdk/lib/crt/libcntpr.cmake @@ -137,6 +137,7 @@ elseif(ARCH STREQUAL "arm") list(APPEND LIBCNTPR_SOURCE except/arm/chkstk_asm.s except/arm/__jump_unwind.s + math/sqrt.c math/arm/__rt_sdiv.c math/arm/__rt_sdiv64_worker.c math/arm/__rt_udiv.c @@ -210,7 +211,6 @@ else() list(APPEND LIBCNTPR_SOURCE math/cos.c math/sin.c - math/sqrt.c mem/memchr.c mem/memcpy.c mem/memmove.c diff --git a/sdk/lib/crt/math/amd64/sqrt.S b/sdk/lib/crt/math/amd64/sqrt.S index 8093ab27920..5f720f5acb6 100644 --- a/sdk/lib/crt/math/amd64/sqrt.S +++ b/sdk/lib/crt/math/amd64/sqrt.S @@ -35,7 +35,7 @@ sqrt: ja short x_is_nan /* All is well, calculate the sqrt */ - sqrtpd xmm0, xmm0 + sqrtsd xmm0, xmm0 ret x_is_negative:

1 0

[reactos] 05/06: [NTOS:KE] Add IRQL checks and fix KiInitiateUserApc
by Timo Kreuzer 28 May '21

28 May '21

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=90a0e426ed7ab13331277… commit 90a0e426ed7ab133312773f03fda77b19a8327f0 Author: Timo Kreuzer <timo.kreuzer(a)reactos.org> AuthorDate: Mon Mar 9 07:01:05 2020 +0100 Commit: Timo Kreuzer <timo.kreuzer(a)reactos.org> CommitDate: Fri May 28 11:52:42 2021 +0200 [NTOS:KE] Add IRQL checks and fix KiInitiateUserApc --- ntoskrnl/ke/amd64/trap.S | 33 +++++++++++++++++++++++++++++++++ sdk/include/asm/trapamd64.inc | 17 +++++++++++++++++ 2 files changed, 50 insertions(+) diff --git a/ntoskrnl/ke/amd64/trap.S b/ntoskrnl/ke/amd64/trap.S index fffcc5d1b31..5d6e1ead384 100644 --- a/ntoskrnl/ke/amd64/trap.S +++ b/ntoskrnl/ke/amd64/trap.S @@ -782,6 +782,14 @@ PUBLIC KiSystemCallEntry64 mov ds, ax mov es, ax +#if DBG + /* Check IRQL */ + mov rax, cr8 + test eax, eax + jz KiSystemCall64Again + int HEX(2C) +#endif + GLOBAL_LABEL KiSystemCall64Again /* Call the C-handler (will enable interrupts) */ @@ -875,6 +883,27 @@ PUBLIC KiServiceExit2 .PROC KiServiceExit2 .ENDPROLOG +#if DBG + /* Get the current IRQL and compare it to the trap frame */ + mov rax, cr8 + cmp byte ptr [rcx + KTRAP_FRAME_PreviousIrql], al + je KiServiceExit2_ok1 + int HEX(2C) + +KiServiceExit2_ok1: + /* Check if this is a user mode exit */ + mov ah, byte ptr [rcx + KTRAP_FRAME_SegCs] + test ah, 1 + jz KiServiceExit2_kernel + + /* Validate that we are at PASSIVE_LEVEL */ + test al, al + jz KiServiceExit2_kernel + int HEX(2C) + +KiServiceExit2_kernel: +#endif + mov rbp, rcx mov rsp, rcx @@ -1055,6 +1084,10 @@ PUBLIC KiInitiateUserApc /* Disable interrupts again */ cli + /* Go back to PASSIVE_LEVEL */ + mov rax, PASSIVE_LEVEL + mov cr8, rax + /* Restore the registers from the KEXCEPTION_FRAME */ RESTORE_EXCEPTION_STATE diff --git a/sdk/include/asm/trapamd64.inc b/sdk/include/asm/trapamd64.inc index a4c1b844625..eeb804ec970 100644 --- a/sdk/include/asm/trapamd64.inc +++ b/sdk/include/asm/trapamd64.inc @@ -116,6 +116,14 @@ MACRO(EnterTrap, Flags) mov es, ax swapgs +#if DBG + /* Check IRQL */ + mov rax, cr8 + test rax, rax + jz kernel_mode_entry + int HEX(2c) +#endif + kernel_mode_entry: // if (Flags AND TF_IRQL) @@ -151,6 +159,7 @@ MACRO(ExitTrap, Flags) LOCAL kernel_mode_return LOCAL IntsEnabled LOCAL NoUserApc + LOCAL IrqlPassive #if DBG /* Check previous irql */ @@ -201,6 +210,14 @@ MACRO(ExitTrap, Flags) jnz IntsEnabled int HEX(2c) IntsEnabled: + + /* Make sure we are at passive level */ + mov rax, cr8 + test rax, rax + jz IrqlPassive + int HEX(2C) + +IrqlPassive: #endif cli

1 0

[reactos] 04/06: [NTOS:KE] Improve KiSystemCallEntry64
by Timo Kreuzer 28 May '21

28 May '21

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=3d18831c197d3d03109d4… commit 3d18831c197d3d03109d4719dacd325517028cac Author: Timo Kreuzer <timo.kreuzer(a)reactos.org> AuthorDate: Thu Mar 8 12:23:45 2018 +0100 Commit: Timo Kreuzer <timo.kreuzer(a)reactos.org> CommitDate: Fri May 28 11:52:42 2021 +0200 [NTOS:KE] Improve KiSystemCallEntry64 --- ntoskrnl/ke/amd64/stubs.c | 15 +++------------ ntoskrnl/ke/amd64/trap.S | 49 ++++++++++++++++++++--------------------------- 2 files changed, 24 insertions(+), 40 deletions(-) diff --git a/ntoskrnl/ke/amd64/stubs.c b/ntoskrnl/ke/amd64/stubs.c index 1afc1f54dea..56f13192620 100644 --- a/ntoskrnl/ke/amd64/stubs.c +++ b/ntoskrnl/ke/amd64/stubs.c @@ -260,10 +260,7 @@ NtSyscallFailure(void) PVOID KiSystemCallHandler( - _In_ ULONG64 ReturnAddress, - _In_ ULONG64 P2, - _In_ ULONG64 P3, - _In_ ULONG64 P4) + VOID) { PKTRAP_FRAME TrapFrame; PKSERVICE_TABLE_DESCRIPTOR DescriptorTable; @@ -275,12 +272,6 @@ KiSystemCallHandler( /* Get a pointer to the trap frame */ TrapFrame = (PKTRAP_FRAME)((PULONG64)_AddressOfReturnAddress() + 1 + MAX_SYSCALL_PARAMS); - /* Save some values in the trap frame */ - TrapFrame->Rip = ReturnAddress; - TrapFrame->Rdx = P2; - TrapFrame->R8 = P3; - TrapFrame->R9 = P4; - /* Increase system call count */ __addgsdword(FIELD_OFFSET(KIPCR, Prcb.KeSystemCalls), 1); @@ -388,11 +379,11 @@ KiSystemCallHandler( break; default: - __debugbreak(); + ASSERT(FALSE); break; } } - _SEH2_EXCEPT(1) + _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) { TrapFrame->Rax = _SEH2_GetExceptionCode(); return (PVOID)NtSyscallFailure; diff --git a/ntoskrnl/ke/amd64/trap.S b/ntoskrnl/ke/amd64/trap.S index d0d1ab16edf..fffcc5d1b31 100644 --- a/ntoskrnl/ke/amd64/trap.S +++ b/ntoskrnl/ke/amd64/trap.S @@ -747,10 +747,10 @@ EXTERN KiSystemCallHandler:PROC *--*/ PUBLIC KiSystemCallEntry64 .PROC KiSystemCallEntry64 - - /* Old stack pointer is in rcx, lie and say we saved it in rbp */ - .setframe rbp, 0 - .endprolog + /* The unwind info pretends we have a machine frame */ + .PUSHFRAME + .ALLOCSTACK (KTRAP_FRAME_LENGTH + MAX_SYSCALL_PARAM_SIZE - MachineFrameLength) + .ENDPROLOG /* Swap gs to kernel, so we can access the PCR */ swapgs @@ -763,29 +763,26 @@ PUBLIC KiSystemCallEntry64 /* Allocate a TRAP_FRAME and space for parameters */ sub rsp, (KTRAP_FRAME_LENGTH + MAX_SYSCALL_PARAM_SIZE) -#if DBG - /* Save rbp and load it with the old stack pointer */ - mov [rsp + MAX_SYSCALL_PARAM_SIZE + KTRAP_FRAME_Rbp], rbp - mov rbp, gs:[PcUserRsp] -#endif - /* Save important registers in the trap frame */ + /* Save volatile registers in the trap frame */ mov [rsp + MAX_SYSCALL_PARAM_SIZE + KTRAP_FRAME_Rax], rax + mov [rsp + MAX_SYSCALL_PARAM_SIZE + KTRAP_FRAME_Rip], rcx + mov [rsp + MAX_SYSCALL_PARAM_SIZE + KTRAP_FRAME_Rdx], rdx + mov [rsp + MAX_SYSCALL_PARAM_SIZE + KTRAP_FRAME_R8], r8 + mov [rsp + MAX_SYSCALL_PARAM_SIZE + KTRAP_FRAME_R9], r9 mov [rsp + MAX_SYSCALL_PARAM_SIZE + KTRAP_FRAME_Rcx], r10 mov [rsp + MAX_SYSCALL_PARAM_SIZE + KTRAP_FRAME_EFlags], r11 + /* Store user stack pointer in the trap frame */ + mov rax, gs:[PcUserRsp] + mov [rsp + MAX_SYSCALL_PARAM_SIZE + KTRAP_FRAME_Rsp], rax + /* Set sane segments */ mov ax, (KGDT64_R3_DATA or RPL_MASK) mov ds, ax mov es, ax -.ENDP - -.PROC KiSystemCall64Again - - /* Old stack pointer is in rcx, lie and say we saved it in rbp */ - .setframe rbp, 0 - .endprolog +GLOBAL_LABEL KiSystemCall64Again /* Call the C-handler (will enable interrupts) */ call KiSystemCallHandler @@ -797,19 +794,9 @@ PUBLIC KiSystemCallEntry64 mov r9, [rsp + MAX_SYSCALL_PARAM_SIZE + KTRAP_FRAME_R9] call rax -.ENDP - -PUBLIC KiSystemServiceExit -.PROC KiSystemServiceExit - - /* Old stack pointer is in rcx, lie and say we saved it in rbp */ - .setframe rbp, 0 - .endprolog +GLOBAL_LABEL KiSystemServiceExit #if DBG - /* Restore rbp */ - mov rbp, [rsp + MAX_SYSCALL_PARAM_SIZE + KTRAP_FRAME_Rbp] - test dword ptr [rsp + MAX_SYSCALL_PARAM_SIZE + KTRAP_FRAME_EFlags], HEX(200) jnz IntsEnabled int 3 @@ -838,6 +825,12 @@ no_user_apc_pending: /* Load user mode stack (It was copied to the trap frame) */ mov rsp, [rsp + MAX_SYSCALL_PARAM_SIZE + KTRAP_FRAME_Rsp] + /* r8 points to the user stack */ + mov r8, rsp + + /* r9 matches rbp */ + mov r9, rbp + /* Swap gs back to user */ swapgs

1 0

[reactos] 03/06: [NTOS:KE] Fix stack alignment issues
by Timo Kreuzer 28 May '21

28 May '21

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=69e8cb635ae8cabc78fd9… commit 69e8cb635ae8cabc78fd95fa4012ffc6827a1865 Author: Timo Kreuzer <timo.kreuzer(a)reactos.org> AuthorDate: Wed Mar 21 10:33:31 2018 +0100 Commit: Timo Kreuzer <timo.kreuzer(a)reactos.org> CommitDate: Fri May 28 11:52:42 2021 +0200 [NTOS:KE] Fix stack alignment issues --- ntoskrnl/ke/amd64/trap.S | 20 ++++++++++++++++++-- ntoskrnl/ke/amd64/usercall.c | 9 ++++++--- 2 files changed, 24 insertions(+), 5 deletions(-) diff --git a/ntoskrnl/ke/amd64/trap.S b/ntoskrnl/ke/amd64/trap.S index db7684d9b96..d0d1ab16edf 100644 --- a/ntoskrnl/ke/amd64/trap.S +++ b/ntoskrnl/ke/amd64/trap.S @@ -600,7 +600,19 @@ PUBLIC KiApcInterrupt ExitTrap (TF_VOLATILES or TF_IRQL) .ENDP +/* + * VOID + * KiRetireDpcList( + * PKPRCB Prcb); + */ EXTERN KiRetireDpcList:PROC + +/* + * VOID + * KiRetireDpcListInDpcStack( + * PKPRCB Prcb, + * PVOID DpcStack); + */ PUBLIC KiRetireDpcListInDpcStack .PROC KiRetireDpcListInDpcStack push rbp @@ -609,9 +621,13 @@ PUBLIC KiRetireDpcListInDpcStack .setframe rbp, 0 .endprolog - /* Switch stack and call the function */ + /* Switch to the DpcStack */ mov rsp, rdx - sub rsp, 40 + + /* The stack is 16 byte aligned, allocate 32 bytes home space */ + sub rsp, 32 + + /* Call KiRetireDpcList on the given stack */ call KiRetireDpcList /* Restore stack, cleanup and return */ diff --git a/ntoskrnl/ke/amd64/usercall.c b/ntoskrnl/ke/amd64/usercall.c index 42976d340ef..8eb059ccd54 100644 --- a/ntoskrnl/ke/amd64/usercall.c +++ b/ntoskrnl/ke/amd64/usercall.c @@ -66,7 +66,7 @@ KiInitializeUserApc( _SEH2_TRY { /* Probe the context */ - ProbeForWrite(Context, sizeof(CONTEXT), 16); + ProbeForWrite(Context, sizeof(CONTEXT), 16); /* Convert the current trap frame to a context */ Context->ContextFlags = CONTEXT_FULL | CONTEXT_DEBUG_REGISTERS; @@ -253,8 +253,11 @@ KeUserModeCallback( /* Enter a SEH Block */ _SEH2_TRY { - /* Calculate and align the stack size */ - UserArguments = (PUCHAR)ALIGN_DOWN_POINTER_BY(OldStack - ArgumentLength, sizeof(PVOID)); + /* Calculate and align the stack. This is unaligned by 8 bytes, since the following + UCALLOUT_FRAME compensates for that and on entry we already have a full stack + frame with home space for the next call, i.e. we are already inside the function + body and the stack needs to be 16 byte aligned. */ + UserArguments = (PUCHAR)ALIGN_DOWN_POINTER_BY(OldStack - ArgumentLength, 16) - 8; /* The callout frame is below the arguments */ CalloutFrame = ((PUCALLOUT_FRAME)UserArguments) - 1;

1 0

[reactos] 02/06: [NTOS:KE] Remove duplicated EFlag definitions
by Timo Kreuzer 28 May '21

28 May '21

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=2a2d0903bf4fee27c5be3… commit 2a2d0903bf4fee27c5be3b0f3b06e62103ee4e7f Author: Timo Kreuzer <timo.kreuzer(a)reactos.org> AuthorDate: Sun May 23 14:50:10 2021 +0200 Commit: Timo Kreuzer <timo.kreuzer(a)reactos.org> CommitDate: Fri May 28 11:52:42 2021 +0200 [NTOS:KE] Remove duplicated EFlag definitions --- ntoskrnl/ke/amd64/cpu.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/ntoskrnl/ke/amd64/cpu.c b/ntoskrnl/ke/amd64/cpu.c index 3c2b706a906..91ca92ac189 100644 --- a/ntoskrnl/ke/amd64/cpu.c +++ b/ntoskrnl/ke/amd64/cpu.c @@ -13,12 +13,6 @@ #define NDEBUG #include <debug.h> -/* FIXME: Local EFLAGS defines not used anywhere else */ -#define EFLAGS_IOPL 0x3000 -#define EFLAGS_NF 0x4000 -#define EFLAGS_RF 0x10000 -#define EFLAGS_ID 0x200000 - /* GLOBALS *******************************************************************/ /* The Boot TSS */

1 0

[reactos] 01/06: [ASM] Clear interrupt flag in ExitTrap before returning
by Timo Kreuzer 28 May '21

28 May '21

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=42e1fefcc6c4833913cbb… commit 42e1fefcc6c4833913cbb1552d04ae63a9f895da Author: Timo Kreuzer <timo.kreuzer(a)reactos.org> AuthorDate: Sat Mar 24 11:06:18 2018 +0100 Commit: Timo Kreuzer <timo.kreuzer(a)reactos.org> CommitDate: Fri May 28 11:52:42 2021 +0200 [ASM] Clear interrupt flag in ExitTrap before returning --- sdk/include/asm/trapamd64.inc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sdk/include/asm/trapamd64.inc b/sdk/include/asm/trapamd64.inc index d3772689938..a4c1b844625 100644 --- a/sdk/include/asm/trapamd64.inc +++ b/sdk/include/asm/trapamd64.inc @@ -203,6 +203,8 @@ MACRO(ExitTrap, Flags) IntsEnabled: #endif + cli + /* Swap gs to user mode */ swapgs

1 0

[reactos] 01/01: [WIN32K][USER32] Change mechanism for storing dialog info pointer
by Timo Kreuzer 28 May '21

28 May '21

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=d07203ecb700a11c21608… commit d07203ecb700a11c21608448d2326ea6a6b3f368 Author: Timo Kreuzer <timo.kreuzer(a)reactos.org> AuthorDate: Fri Mar 9 00:04:54 2018 +0100 Commit: Timo Kreuzer <timo.kreuzer(a)reactos.org> CommitDate: Fri May 28 08:26:36 2021 +0200 [WIN32K][USER32] Change mechanism for storing dialog info pointer DLGWINDOWEXTRA is 30 (both on win32 and win64). This has storage for the following entries: DWLP_MSGRESULT (0), DWLP_DLGPROC (8), DWLP_USER (16) We used to store the dialog info pointer using SetWindowLongPtr (DWLP_ROS_DIALOGINFO == DWLP_USER+sizeof(ULONG_PTR) == 24), which was fine on win32, but failed on win64, since there wasn't enough space left (24 + 8 = 32 > 30). Rewrite the way the DLGINFO pointer is stored, by adding an additional field to the WND structure and set it using NtUserxSetDialogPointer (which is what it is for). Also fix too small cbWndExtra for the button class. --- win32ss/include/ntuser.h | 2 ++ win32ss/user/ntuser/simplecall.c | 3 ++- win32ss/user/user32/controls/button.c | 2 +- win32ss/user/user32/windows/dialog.c | 16 ++++------------ 4 files changed, 9 insertions(+), 14 deletions(-) diff --git a/win32ss/include/ntuser.h b/win32ss/include/ntuser.h index b997b21c848..22538c84818 100644 --- a/win32ss/include/ntuser.h +++ b/win32ss/include/ntuser.h @@ -726,6 +726,8 @@ typedef struct _WND PSBINFOEX pSBInfoex; // convert to PSBINFO /* Entry in the list of thread windows. */ LIST_ENTRY ThreadListEntry; + + PVOID DialogPointer; } WND, *PWND; #define PWND_BOTTOM ((PWND)1) diff --git a/win32ss/user/ntuser/simplecall.c b/win32ss/user/ntuser/simplecall.c index 462bbe15bb7..fdc52c1c478 100644 --- a/win32ss/user/ntuser/simplecall.c +++ b/win32ss/user/ntuser/simplecall.c @@ -798,9 +798,10 @@ NtUserCallHwndParam( UserRefObjectCo(pWnd, &Ref); if (pWnd->head.pti->ppi == PsGetCurrentProcessWin32Process() && - pWnd->cbwndExtra == DLGWINDOWEXTRA && + pWnd->cbwndExtra >= DLGWINDOWEXTRA && !(pWnd->state & WNDS_SERVERSIDEWINDOWPROC)) { + pWnd->DialogPointer = (PVOID)Param; if (Param) { if (!pWnd->fnid) pWnd->fnid = FNID_DIALOG; diff --git a/win32ss/user/user32/controls/button.c b/win32ss/user/user32/controls/button.c index 6b65c536795..69377a96b2d 100644 --- a/win32ss/user/user32/controls/button.c +++ b/win32ss/user/user32/controls/button.c @@ -72,7 +72,7 @@ WINE_DEFAULT_DEBUG_CHANNEL(button); #define BUTTON_HFONT_GWL_OFFSET (sizeof(LONG)) #define HIMAGE_GWL_OFFSET (BUTTON_HFONT_GWL_OFFSET+sizeof(HFONT)) #define BUTTON_UISTATE_GWL_OFFSET (HIMAGE_GWL_OFFSET+sizeof(HFONT)) -#define NB_EXTRA_BYTES (BUTTON_UISTATE_GWL_OFFSET+sizeof(LONG)) +#define NB_EXTRA_BYTES (BUTTON_UISTATE_GWL_OFFSET+sizeof(LONG_PTR)) /* undocumented flags */ #define BUTTON_NSTATES 0x0F diff --git a/win32ss/user/user32/windows/dialog.c b/win32ss/user/user32/windows/dialog.c index c853e5f8ebd..359cfd150c6 100644 --- a/win32ss/user/user32/windows/dialog.c +++ b/win32ss/user/user32/windows/dialog.c @@ -36,9 +36,7 @@ WINE_DEFAULT_DEBUG_CHANNEL(user32); #define DF_END 0x0001 #define DF_DIALOGACTIVE 0x4000 // ReactOS -#define DWLP_ROS_DIALOGINFO (DWLP_USER+sizeof(ULONG_PTR)) #define GETDLGINFO(hwnd) DIALOG_get_info(hwnd, FALSE) -#define SETDLGINFO(hwnd, info) SetWindowLongPtrW((hwnd), DWLP_ROS_DIALOGINFO, (LONG_PTR)(info)) #define GET_WORD(ptr) (*(WORD *)(ptr)) #define GET_DWORD(ptr) (*(DWORD *)(ptr)) #define GET_LONG(ptr) (*(const LONG *)(ptr)) @@ -141,7 +139,7 @@ DIALOGINFO *DIALOG_get_info( HWND hWnd, BOOL create ) return NULL; } - dlgInfo = (DIALOGINFO *)GetWindowLongPtrW( hWnd, DWLP_ROS_DIALOGINFO ); + dlgInfo = pWindow->DialogPointer; if (!dlgInfo && create) { @@ -151,7 +149,7 @@ DIALOGINFO *DIALOG_get_info( HWND hWnd, BOOL create ) return NULL; dlgInfo->idResult = IDOK; - SETDLGINFO( hWnd, dlgInfo ); + NtUserxSetDialogPointer( hWnd, dlgInfo ); } else { @@ -159,13 +157,6 @@ DIALOGINFO *DIALOG_get_info( HWND hWnd, BOOL create ) } } - if (dlgInfo) - { - if (!(pWindow->state & WNDS_DIALOGWINDOW)) - { - NtUserxSetDialogPointer( hWnd, dlgInfo ); - } - } return dlgInfo; } @@ -1258,7 +1249,8 @@ static LRESULT DEFDLG_Proc( HWND hwnd, UINT msg, WPARAM wParam, } case WM_NCDESTROY: //// ReactOS - if ((dlgInfo = (DIALOGINFO *)SetWindowLongPtrW( hwnd, DWLP_ROS_DIALOGINFO, 0 ))) + dlgInfo = DIALOG_get_info(hwnd, FALSE); + if (dlgInfo != NULL) { if (dlgInfo->hUserFont) DeleteObject( dlgInfo->hUserFont ); if (dlgInfo->hMenu) DestroyMenu( dlgInfo->hMenu );

1 0

[reactos] 01/01: [WIN32K] Fix wrong calculation in DIB_32BPP_BitBltSrcCopy
by Timo Kreuzer 27 May '21

27 May '21

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=50c9dab6c97837ef01466… commit 50c9dab6c97837ef014669f5cce9fd3186e1a699 Author: Timo Kreuzer <timo.kreuzer(a)reactos.org> AuthorDate: Sun May 23 14:02:09 2021 +0200 Commit: Timo Kreuzer <timo.kreuzer(a)reactos.org> CommitDate: Thu May 27 15:53:24 2021 +0200 [WIN32K] Fix wrong calculation in DIB_32BPP_BitBltSrcCopy Using an unsigned integer will cause the calculations to be unsigned, which on x64 leads to wrong results, when adding it to a pointer. --- win32ss/gdi/dib/dib32bpp.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/win32ss/gdi/dib/dib32bpp.c b/win32ss/gdi/dib/dib32bpp.c index 1b2d920e96e..f8e58829a73 100644 --- a/win32ss/gdi/dib/dib32bpp.c +++ b/win32ss/gdi/dib/dib32bpp.c @@ -58,7 +58,8 @@ DIB_32BPP_BitBltSrcCopy(PBLTINFO BltInfo) PBYTE SourceBitsT, SourceBitsB, DestBitsT, DestBitsB; PBYTE SourceBits_4BPP, SourceLine_4BPP; PDWORD Source32, Dest32; - DWORD Index, DestWidth, DestHeight; + DWORD Index; + LONG DestWidth, DestHeight; BOOLEAN bTopToBottom, bLeftToRight; BOOLEAN blDeltaSrcNeg, blDeltaDestNeg; BOOLEAN blDeltaAdjustDone = FALSE; @@ -365,10 +366,9 @@ DIB_32BPP_BitBltSrcCopy(PBLTINFO BltInfo) { /* SourceBits points to bottom-left pixel for lDelta < 0 and top-left for lDelta > 0 */ SourceBits = (PBYTE)BltInfo->SourceSurface->pvScan0 - + ((BltInfo->SourcePoint.y - + DestHeight - 1) * BltInfo->SourceSurface->lDelta) + + ((BltInfo->SourcePoint.y + DestHeight - 1) * BltInfo->SourceSurface->lDelta) + 4 * BltInfo->SourcePoint.x; - /* SourceBits points to bottom-left pixel for lDelta < 0 and top-left for lDelta > 0 */ + /* DestBits points to bottom-left pixel for lDelta < 0 and top-left for lDelta > 0 */ DestBits = (PBYTE)BltInfo->DestSurface->pvScan0 + ((BltInfo->DestRect.bottom - 1) * BltInfo->DestSurface->lDelta) + 4 * BltInfo->DestRect.left;

1 0

[reactos] 01/01: [SHELL32] CDefView: Prevent use after free
by Mark Jansen 26 May '21

26 May '21

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=f0bee6c4bc20d74999281… commit f0bee6c4bc20d74999281a5fa26cc94549256b22 Author: Mark Jansen <mark.jansen(a)reactos.org> AuthorDate: Wed May 26 22:57:43 2021 +0200 Commit: Mark Jansen <mark.jansen(a)reactos.org> CommitDate: Wed May 26 22:57:43 2021 +0200 [SHELL32] CDefView: Prevent use after free While updating the item, the LVIF_STATE would be requested, for which the old lParam would be accessed. --- dll/win32/shell32/CDefView.cpp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/dll/win32/shell32/CDefView.cpp b/dll/win32/shell32/CDefView.cpp index b3ed556acf4..50471196d31 100644 --- a/dll/win32/shell32/CDefView.cpp +++ b/dll/win32/shell32/CDefView.cpp @@ -861,7 +861,8 @@ BOOLEAN CDefView::LV_RenameItem(PCUITEMID_CHILD pidlOld, PCUITEMID_CHILD pidlNew lvItem.iSubItem = 0; m_ListView.GetItem(&lvItem); - SHFree(reinterpret_cast<LPVOID>(lvItem.lParam)); + LPVOID oldPidl = reinterpret_cast<LPVOID>(lvItem.lParam); /* Store the old pidl until the new item is replaced */ + lvItem.mask = LVIF_PARAM | LVIF_IMAGE | LVIF_TEXT; lvItem.iItem = nItem; lvItem.iSubItem = 0; @@ -870,6 +871,9 @@ BOOLEAN CDefView::LV_RenameItem(PCUITEMID_CHILD pidlOld, PCUITEMID_CHILD pidlNew lvItem.iImage = SHMapPIDLToSystemImageListIndex(m_pSFParent, pidlNew, 0); m_ListView.SetItem(&lvItem); m_ListView.Update(nItem); + + SHFree(oldPidl); /* Now that the new item is in place, we can safely release the old pidl */ + return TRUE; /* FIXME: better handling */ }

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Ros-diffs May 2021