6 Dec
2012
6 Dec
'12
11:43 p.m.
Author: hbelusca
Date: Thu Dec 6 23:43:31 2012
New Revision: 57810
URL: http://svn.reactos.org/svn/reactos?rev=57810&view=rev
Log:
[CSRSRV/BASESRV/CONSRV/WINSRV]
- Add a useful CHECK_API_MSG_SIZE macro to check whether a server message structure can
hold in a CSR_API_MESSAGE structure. These checks are required because LPC will use the
generic CSR_API_MESSAGE structure for communicating all the different servers'
messages, and thus we avoid possible buffer overflows with this method.
- Effectively use this macro for all the server message structures.
- Remove a hack regarding the maximum data size we can pass through the CSR LPC port.
- Remove the now unused CSRSS_HEADER_SIZE symbol.
Modified:
branches/ros-csrss/include/reactos/subsys/csr/csrmsg.h
branches/ros-csrss/include/reactos/subsys/win/basemsg.h
branches/ros-csrss/include/reactos/subsys/win/conmsg.h
branches/ros-csrss/include/reactos/subsys/win/winmsg.h
branches/ros-csrss/subsystems/win32/csrsrv/api.c
Modified: branches/ros-csrss/include/reactos/subsys/csr/csrmsg.h
URL:
http://svn.reactos.org/svn/reactos/branches/ros-csrss/include/reactos/subsy…
==============================================================================
--- branches/ros-csrss/include/reactos/subsys/csr/csrmsg.h [iso-8859-1] (original)
+++ branches/ros-csrss/include/reactos/subsys/csr/csrmsg.h [iso-8859-1] Thu Dec 6
23:43:31 2012
@@ -64,6 +64,10 @@
HANDLE ProcessId;
} CSR_CONNECTION_INFO, *PCSR_CONNECTION_INFO;
+// We must have a size at most equal to the maximum acceptable LPC data size.
+C_ASSERT(sizeof(CSR_CONNECTION_INFO) <= LPC_MAX_DATA_LENGTH);
+
+
typedef struct _CSR_IDENTIFY_ALTERTABLE_THREAD
{
CLIENT_ID Cid;
@@ -97,8 +101,6 @@
ULONG_PTR PointerOffsetsArray[ANYSIZE_ARRAY];
} CSR_CAPTURE_BUFFER, *PCSR_CAPTURE_BUFFER;
-/* Keep in sync with definition below. */
-// #define CSRSS_HEADER_SIZE (sizeof(PORT_MESSAGE) + sizeof(ULONG) + sizeof(NTSTATUS))
typedef struct _CSR_API_MESSAGE
{
@@ -117,11 +119,38 @@
CSR_CLIENT_CONNECT CsrClientConnect;
CSR_SET_PRIORITY_CLASS SetPriorityClass;
CSR_IDENTIFY_ALTERTABLE_THREAD IdentifyAlertableThread;
+
+ //
+ // This padding is used to make the CSR_API_MESSAGE structure
+ // large enough to hold full other API_MESSAGE-type structures
+ // used by other servers. These latter structures's sizes must
+ // be checked against the size of CSR_API_MESSAGE by using the
+ // CHECK_API_MSG_SIZE macro defined below.
+ //
+ // This is required because LPC will use this generic structure
+ // for communicating all the different servers' messages, and
+ // thus we avoid possible buffer overflows with this method.
+ // The problems there are, that we have to manually adjust the
+ // size of the padding to hope that all the servers' messaging
+ // structures will hold in it, or, that we have to be careful
+ // to not define too big messaging structures for the servers.
+ //
+ // Finally, the overall message structure size must be at most
+ // equal to the maximum acceptable LPC message size.
+ //
+ ULONG_PTR Padding[35];
} Data;
};
};
} CSR_API_MESSAGE, *PCSR_API_MESSAGE;
+// We must have a size at most equal to the maximum acceptable LPC message size.
+C_ASSERT(sizeof(CSR_API_MESSAGE) <= LPC_MAX_MESSAGE_LENGTH);
+
+// Macro to check that the total size of servers' message structures
+// are at most equal to the size of the CSR_API_MESSAGE structure.
+#define CHECK_API_MSG_SIZE(type) C_ASSERT(sizeof(type) <= sizeof(CSR_API_MESSAGE))
+
#endif // _CSRMSG_H
/* EOF */
Modified: branches/ros-csrss/include/reactos/subsys/win/basemsg.h
URL:
http://svn.reactos.org/svn/reactos/branches/ros-csrss/include/reactos/subsy…
==============================================================================
--- branches/ros-csrss/include/reactos/subsys/win/basemsg.h [iso-8859-1] (original)
+++ branches/ros-csrss/include/reactos/subsys/win/basemsg.h [iso-8859-1] Thu Dec 6
23:43:31 2012
@@ -203,6 +203,9 @@
} Data;
} BASE_API_MESSAGE, *PBASE_API_MESSAGE;
+// Check that a BASE_API_MESSAGE can hold in a CSR_API_MESSAGE.
+CHECK_API_MSG_SIZE(BASE_API_MESSAGE);
+
#endif // _BASEMSG_H
/* EOF */
Modified: branches/ros-csrss/include/reactos/subsys/win/conmsg.h
URL:
http://svn.reactos.org/svn/reactos/branches/ros-csrss/include/reactos/subsy…
==============================================================================
--- branches/ros-csrss/include/reactos/subsys/win/conmsg.h [iso-8859-1] (original)
+++ branches/ros-csrss/include/reactos/subsys/win/conmsg.h [iso-8859-1] Thu Dec 6
23:43:31 2012
@@ -618,6 +618,9 @@
} Data;
} CONSOLE_API_MESSAGE, *PCONSOLE_API_MESSAGE;
+// Check that a CONSOLE_API_MESSAGE can hold in a CSR_API_MESSAGE.
+CHECK_API_MSG_SIZE(CONSOLE_API_MESSAGE);
+
#endif // _CONMSG_H
/* EOF */
Modified: branches/ros-csrss/include/reactos/subsys/win/winmsg.h
URL:
http://svn.reactos.org/svn/reactos/branches/ros-csrss/include/reactos/subsy…
==============================================================================
--- branches/ros-csrss/include/reactos/subsys/win/winmsg.h [iso-8859-1] (original)
+++ branches/ros-csrss/include/reactos/subsys/win/winmsg.h [iso-8859-1] Thu Dec 6
23:43:31 2012
@@ -83,6 +83,9 @@
} Data;
} USER_API_MESSAGE, *PUSER_API_MESSAGE;
+// Check that a USER_API_MESSAGE can hold in a CSR_API_MESSAGE.
+CHECK_API_MSG_SIZE(USER_API_MESSAGE);
+
#endif // _WINMSG_H
/* EOF */
Modified: branches/ros-csrss/subsystems/win32/csrsrv/api.c
URL:
http://svn.reactos.org/svn/reactos/branches/ros-csrss/subsystems/win32/csrs…
==============================================================================
--- branches/ros-csrss/subsystems/win32/csrsrv/api.c [iso-8859-1] (original)
+++ branches/ros-csrss/subsystems/win32/csrsrv/api.c [iso-8859-1] Thu Dec 6 23:43:31
2012
@@ -919,13 +919,13 @@
&CsrApiPortName,
0,
NULL,
- NULL /* FIXME*/);
+ NULL /* FIXME: Use the Security Descriptor */);
/* Create the Port Object */
Status = NtCreatePort(&CsrApiPort,
&ObjectAttributes,
- LPC_MAX_DATA_LENGTH, // HACK: the real value is:
sizeof(CSR_CONNECTION_INFO),
- LPC_MAX_MESSAGE_LENGTH, // HACK: the real value is:
sizeof(CSR_API_MESSAGE),
+ sizeof(CSR_CONNECTION_INFO),
+ sizeof(CSR_API_MESSAGE),
16 * PAGE_SIZE);
if (NT_SUCCESS(Status))
{