28 Feb
2017
28 Feb
'17
8:49 p.m.
Author: hbelusca
Date: Tue Feb 28 20:49:37 2017
New Revision: 74005
URL: http://svn.reactos.org/svn/reactos?rev=74005&view=rev
Log:
[NTUSER]: NtUserGetObjectInformation, nIndex == UOI_FLAGS case:
- Capture the ObjectFlags to be set in a local variable,
- Then copy its contents in the mem area pointed by pvInformation *under the SEH block*!
This allows:
* protection if pvInformation is an invalid pointer;
* avoid to run the "RtlCopyMemory(pvInformation, pvData, nDataSize);"
afterwards with pvData == NULL.
Modified:
trunk/reactos/win32ss/user/ntuser/winsta.c
Modified: trunk/reactos/win32ss/user/ntuser/winsta.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/win32ss/user/ntuser/winsta…
==============================================================================
--- trunk/reactos/win32ss/user/ntuser/winsta.c [iso-8859-1] (original)
+++ trunk/reactos/win32ss/user/ntuser/winsta.c [iso-8859-1] Tue Feb 28 20:49:37 2017
@@ -671,9 +671,10 @@
DWORD nLength,
PDWORD nLengthNeeded)
{
- PWINSTATION_OBJECT WinStaObject;
+ NTSTATUS Status;
+ PWINSTATION_OBJECT WinStaObject = NULL;
PDESKTOP DesktopObject = NULL;
- NTSTATUS Status;
+ USEROBJECTFLAGS ObjectFlags;
PVOID pvData = NULL;
DWORD nDataSize = 0;
@@ -690,7 +691,7 @@
}
_SEH2_END;
- /* try windowstation */
+ /* Try window station */
TRACE("Trying to open window station %p\n", hObject);
Status = ObReferenceObjectByHandle(hObject,
0,
@@ -701,7 +702,7 @@
if (Status == STATUS_OBJECT_TYPE_MISMATCH)
{
- /* try desktop */
+ /* Try desktop */
TRACE("Trying to open desktop %p\n", hObject);
WinStaObject = NULL;
Status = IntValidateDesktopHandle(hObject,
@@ -718,29 +719,25 @@
TRACE("WinSta or Desktop opened!!\n");
- /* get data */
+ /* Get data */
switch (nIndex)
{
case UOI_FLAGS:
- nDataSize = sizeof(USEROBJECTFLAGS);
- if (nLength >= nDataSize)
- {
- PUSEROBJECTFLAGS ObjectFlags = pvInformation;
-
- ObjectFlags->fInherit = 0;
- ObjectFlags->fReserved = 0;
- ObjectFlags->dwFlags = 0;
-
- Status = STATUS_SUCCESS;
- }
- else
- {
- Status = STATUS_BUFFER_TOO_SMALL;
- }
+ {
+ /* This is a default implementation that does almost nothing */
+ ObjectFlags.fInherit = FALSE;
+ ObjectFlags.fReserved = FALSE;
+ ObjectFlags.dwFlags = 0;
+
+ pvData = &ObjectFlags;
+ nDataSize = sizeof(ObjectFlags);
+ Status = STATUS_SUCCESS;
ERR("UOI_FLAGS unimplemented!\n");
break;
+ }
case UOI_NAME:
+ {
if (WinStaObject != NULL)
{
pvData = WinStaObject->Name.Buffer;
@@ -754,10 +751,14 @@
Status = STATUS_SUCCESS;
}
else
+ {
Status = STATUS_INVALID_PARAMETER;
+ }
break;
+ }
case UOI_TYPE:
+ {
if (WinStaObject != NULL)
{
pvData = L"WindowStation";
@@ -771,8 +772,11 @@
Status = STATUS_SUCCESS;
}
else
+ {
Status = STATUS_INVALID_PARAMETER;
+ }
break;
+ }
case UOI_USER_SID:
Status = STATUS_NOT_IMPLEMENTED;
@@ -785,7 +789,7 @@
}
Exit:
- if (Status == STATUS_SUCCESS && nLength < nDataSize)
+ if ((Status == STATUS_SUCCESS) && (nLength < nDataSize))
Status = STATUS_BUFFER_TOO_SMALL;
_SEH2_TRY
@@ -793,7 +797,7 @@
if (nLengthNeeded)
*nLengthNeeded = nDataSize;
- /* try to copy data to caller */
+ /* Try to copy data to caller */
if (Status == STATUS_SUCCESS)
{
TRACE("Trying to copy data to caller (len = %lu, len needed =
%lu)\n", nLength, nDataSize);
@@ -806,11 +810,11 @@
}
_SEH2_END;
- /* release objects */
+ /* Release objects */
+ if (DesktopObject != NULL)
+ ObDereferenceObject(DesktopObject);
if (WinStaObject != NULL)
ObDereferenceObject(WinStaObject);
- if (DesktopObject != NULL)
- ObDereferenceObject(DesktopObject);
if (!NT_SUCCESS(Status))
{