[ros-diffs] [cgutman] 35290: - Make sure both FCB->Recv.Window and FCB->Send.Window were created before returning STATUS_SUCCESS - Make sure MakeSocketIntoConnection() completed successfully - Make sure WarmSocketForConnection() completed successfully - Don't continue if TdiBuildNullConnectionInfoInPlace() fails - SEHify TdiBuildConnectionInfoInPlace() - Make sure we have a non-NULL TargetAddress before calling TdiSendDatagram()

12 Aug 2008

Author: cgutman
Date: Tue Aug 12 13:18:03 2008
New Revision: 35290
URL: http://svn.reactos.org/svn/reactos?rev=35290&view=rev
Log:
 - Make sure both FCB->Recv.Window and FCB->Send.Window were created before returning STATUS_SUCCESS
 - Make sure MakeSocketIntoConnection() completed successfully
 - Make sure WarmSocketForConnection() completed successfully
 - Don't continue if TdiBuildNullConnectionInfoInPlace() fails
 - SEHify TdiBuildConnectionInfoInPlace()
 - Make sure we have a non-NULL TargetAddress before calling TdiSendDatagram()
Modified:
    branches/aicom-network-fixes/drivers/network/afd/afd/connect.c
    branches/aicom-network-fixes/drivers/network/afd/afd/listen.c
    branches/aicom-network-fixes/drivers/network/afd/afd/tdiconn.c
    branches/aicom-network-fixes/drivers/network/afd/afd/write.c
Modified: branches/aicom-network-fixes/drivers/network/afd/afd/connect.c
URL: http://svn.reactos.org/svn/reactos/branches/aicom-network-fixes/drivers/netw...
==============================================================================

--- branches/aicom-network-fixes/drivers/network/afd/afd/connect.c [iso-8859-1] (original)
+++ branches/aicom-network-fixes/drivers/network/afd/afd/connect.c [iso-8859-1] Tue Aug 12 13:18:03 2008
@@ -33,26 +33,32 @@
 }
NTSTATUS MakeSocketIntoConnection( PAFD_FCB FCB ) {
-    NTSTATUS Status = STATUS_NO_MEMORY;
+    NTSTATUS Status;
/* Allocate the receive area and start receiving */
     FCB->Recv.Window =
    ExAllocatePool( NonPagedPool, FCB->Recv.Size );
+
+    if( !FCB->Recv.Window ) return STATUS_NO_MEMORY;
+
     FCB->Send.Window =
    ExAllocatePool( NonPagedPool, FCB->Send.Size );
+    if( !FCB->Send.Window ) {
+	ExFreePool( FCB->Recv.Window );	
+	return STATUS_NO_MEMORY;
+    }
+
     FCB->State = SOCKET_STATE_CONNECTED;
-    if( FCB->Recv.Window ) {
-	Status = TdiReceive( &FCB->ReceiveIrp.InFlightRequest,
-			     FCB->Connection.Object,
-			     TDI_RECEIVE_NORMAL,
-			     FCB->Recv.Window,
-			     FCB->Recv.Size,
-			     &FCB->ReceiveIrp.Iosb,
-			     ReceiveComplete,
-			     FCB );
-    }
+    Status = TdiReceive( &FCB->ReceiveIrp.InFlightRequest,
+			 FCB->Connection.Object,
+			 TDI_RECEIVE_NORMAL,
+			 FCB->Recv.Window,
+			 FCB->Recv.Size,
+			 &FCB->ReceiveIrp.Iosb,
+			 ReceiveComplete,
+			 FCB );
return Status;
 }
@@ -102,8 +108,9 @@
     if( NT_SUCCESS(Status) ) {
    Status = MakeSocketIntoConnection( FCB );
-	if( FCB->Send.Window &&
-	    !IsListEmpty( &FCB->PendingIrpList[FUNCTION_SEND] ) ) {
+	if( !NT_SUCCESS(Status) ) return Status;
+
+	if( !IsListEmpty( &FCB->PendingIrpList[FUNCTION_SEND] ) ) {
        NextIrpEntry = RemoveHeadList(&FCB->PendingIrpList[FUNCTION_SEND]);
        NextIrp = CONTAINING_RECORD(NextIrpEntry, IRP,
    				Tail.Overlay.ListEntry);
@@ -158,7 +165,7 @@
     case SOCKET_STATE_CONNECTING:
    return LeaveIrpUntilLater( FCB, Irp, FUNCTION_CONNECT );
-    case SOCKET_STATE_CREATED: {
+    case SOCKET_STATE_CREATED:
    FCB->LocalAddress =
        TaCopyTransportAddress( &ConnectReq->RemoteAddress );
@@ -182,7 +189,8 @@
    } else
        return UnlockAndMaybeComplete
    	( FCB, STATUS_NO_MEMORY, Irp, 0, NULL );
-    } /* Drop through to SOCKET_STATE_BOUND */
+    
+    /* Drop through to SOCKET_STATE_BOUND */
case SOCKET_STATE_BOUND:
    FCB->RemoteAddress =
Modified: branches/aicom-network-fixes/drivers/network/afd/afd/listen.c
URL: http://svn.reactos.org/svn/reactos/branches/aicom-network-fixes/drivers/netw...
==============================================================================
--- branches/aicom-network-fixes/drivers/network/afd/afd/listen.c [iso-8859-1] (original)
+++ branches/aicom-network-fixes/drivers/network/afd/afd/listen.c [iso-8859-1] Tue Aug 12 13:18:03 2008
@@ -182,9 +182,11 @@
Status = WarmSocketForConnection( FCB );
+    AFD_DbgPrint(MID_TRACE,("Status from warmsocket %x\n", Status));
+
+    if( !NT_SUCCESS(Status) ) return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL );
+
     FCB->State = SOCKET_STATE_LISTENING;
-
-    AFD_DbgPrint(MID_TRACE,("Status from warmsocket %x\n", Status));
TdiBuildNullConnectionInfo
    ( &FCB->ListenIrp.ConnectionCallInfo,
@@ -274,7 +276,7 @@
    			&FCB->ListenIrp.Iosb,
    			ListenComplete,
    			FCB );
-	}
+	} else return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL );
    FCB->NeedsNewListen = FALSE;
     }
Modified: branches/aicom-network-fixes/drivers/network/afd/afd/tdiconn.c
URL: http://svn.reactos.org/svn/reactos/branches/aicom-network-fixes/drivers/netw...
==============================================================================
--- branches/aicom-network-fixes/drivers/network/afd/afd/tdiconn.c [iso-8859-1] (original)
+++ branches/aicom-network-fixes/drivers/network/afd/afd/tdiconn.c [iso-8859-1] Tue Aug 12 13:18:03 2008
@@ -8,6 +8,7 @@
  * 20040708 Created
  */
 #include <afd.h>
+#include <pseh/pseh.h>
 #include "debug.h"
 #include "tdiconn.h"
@@ -126,9 +127,11 @@
Status = TdiBuildNullConnectionInfoInPlace( ConnInfo, Type );
-  if (!NT_SUCCESS(Status))
+  if (!NT_SUCCESS(Status)) {
       ExFreePool( ConnInfo );
-  else
+      *ConnectionInfo = NULL;
+      return Status;
+  } else
       *ConnectionInfo = ConnInfo;
ConnInfo->RemoteAddress = (PTA_ADDRESS)&ConnInfo[1];
@@ -144,9 +147,13 @@
   PTRANSPORT_ADDRESS Address ) {
     NTSTATUS Status = STATUS_SUCCESS;
-    RtlCopyMemory( ConnectionInfo->RemoteAddress,
-		   Address,
-		   ConnectionInfo->RemoteAddressLength );
+    _SEH_TRY {
+    	RtlCopyMemory( ConnectionInfo->RemoteAddress,
+		       Address,
+		       ConnectionInfo->RemoteAddressLength );
+    } _SEH_HANDLE {
+	Status = _SEH_GetExceptionCode();
+    } _SEH_END;
return Status;
 }
Modified: branches/aicom-network-fixes/drivers/network/afd/afd/write.c
URL: http://svn.reactos.org/svn/reactos/branches/aicom-network-fixes/drivers/netw...
==============================================================================
--- branches/aicom-network-fixes/drivers/network/afd/afd/write.c [iso-8859-1] (original)
+++ branches/aicom-network-fixes/drivers/network/afd/afd/write.c [iso-8859-1] Tue Aug 12 13:18:03 2008
@@ -233,21 +233,23 @@
TdiBuildConnectionInfo( &TargetAddress, FCB->RemoteAddress );
-        SocketCalloutEnter( FCB );
-
-        Status = TdiSendDatagram
-            ( &FCB->SendIrp.InFlightRequest,
-              FCB->AddressFile.Object,
-              SendReq->BufferArray[0].buf,
-              SendReq->BufferArray[0].len,
-              TargetAddress,
-              &FCB->SendIrp.Iosb,
-              PacketSocketSendComplete,
-              FCB );
-
-        SocketCalloutLeave( FCB );
-
-        ExFreePool( TargetAddress );
+	if( TargetAddress ) {
+            SocketCalloutEnter( FCB );
+
+            Status = TdiSendDatagram
+                ( &FCB->SendIrp.InFlightRequest,
+                  FCB->AddressFile.Object,
+                  SendReq->BufferArray[0].buf,
+                  SendReq->BufferArray[0].len,
+                  TargetAddress,
+                  &FCB->SendIrp.Iosb,
+                  PacketSocketSendComplete,
+                  FCB );
+
+           SocketCalloutLeave( FCB );
+
+           ExFreePool( TargetAddress );
+	} else Status = STATUS_NO_MEMORY;
if( Status == STATUS_PENDING ) Status = STATUS_SUCCESS;

    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004