Author: gedmurphy Date: Wed Dec 23 11:26:28 2015 New Revision: 70408
URL: http://svn.reactos.org/svn/reactos?rev=70408&view=rev Log: [NTOSKRNL] - Raise the IRQL when enumerating device lists so it doesn't get edited mid-listing - Don't hardcode the pointer size when checking the buffer size
Modified: trunk/reactos/ntoskrnl/io/iomgr/device.c
Modified: trunk/reactos/ntoskrnl/io/iomgr/device.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/device.c?... ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/device.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/io/iomgr/device.c [iso-8859-1] Wed Dec 23 11:26:28 2015 @@ -1088,6 +1088,10 @@ { ULONG ActualDevices = 1; PDEVICE_OBJECT CurrentDevice = DriverObject->DeviceObject; + KIRQL OldIrql; + + /* Raise to dispatch level */ + KeRaiseIrql(DISPATCH_LEVEL, &OldIrql);
/* Find out how many devices we'll enumerate */ while ((CurrentDevice = CurrentDevice->NextDevice)) ActualDevices++; @@ -1099,13 +1103,14 @@ *ActualNumberDeviceObjects = ActualDevices;
/* Check if we can support so many */ - if ((ActualDevices * 4) > DeviceObjectListSize) + if ((ActualDevices * sizeof(PDEVICE_OBJECT)) > DeviceObjectListSize) { /* Fail because the buffer was too small */ + KeLowerIrql(OldIrql); return STATUS_BUFFER_TOO_SMALL; }
- /* Check if the caller only wanted the size */ + /* Check if the caller wanted the device list */ if (DeviceObjectList) { /* Loop through all the devices */ @@ -1123,6 +1128,9 @@ DeviceObjectList++; } } + + /* Return back to previous IRQL */ + KeLowerIrql(OldIrql);
/* Return the status */ return STATUS_SUCCESS;