[ros-diffs] [cgutman] 35290: - Make sure both FCB->Recv.Window and FCB->Send.Window were created before returning STATUS_SUCCESS - Make sure MakeSocketIntoConnection() completed successfully - Make sure WarmSocketForConnection() completed successfully - Don't continue if TdiBuildNullConnectionInfoInPlace() fails - SEHify TdiBuildConnectionInfoInPlace() - Make sure we have a non-NULL TargetAddress before calling TdiSendDatagram()

Author: cgutman Date: Tue Aug 12 13:18:03 2008 New Revision: 35290 URL: http://svn.reactos.org/svn/reactos?rev=35290&view=rev Log: - Make sure both FCB->Recv.Window and FCB->Send.Window were created before returning STATUS_SUCCESS - Make sure MakeSocketIntoConnection() completed successfully - Make sure WarmSocketForConnection() completed successfully - Don't continue if TdiBuildNullConnectionInfoInPlace() fails - SEHify TdiBuildConnectionInfoInPlace() - Make sure we have a non-NULL TargetAddress before calling TdiSendDatagram() Modified: branches/aicom-network-fixes/drivers/network/afd/afd/connect.c branches/aicom-network-fixes/drivers/network/afd/afd/listen.c branches/aicom-network-fixes/drivers/network/afd/afd/tdiconn.c branches/aicom-network-fixes/drivers/network/afd/afd/write.c Modified: branches/aicom-network-fixes/drivers/network/afd/afd/connect.c URL: http://svn.reactos.org/svn/reactos/branches/aicom-network-fixes/drivers/net… ============================================================================== --- branches/aicom-network-fixes/drivers/network/afd/afd/connect.c [iso-8859-1] (original) +++ branches/aicom-network-fixes/drivers/network/afd/afd/connect.c [iso-8859-1] Tue Aug 12 13:18:03 2008 @@ -33,26 +33,32 @@ } NTSTATUS MakeSocketIntoConnection( PAFD_FCB FCB ) { - NTSTATUS Status = STATUS_NO_MEMORY; + NTSTATUS Status; /* Allocate the receive area and start receiving */ FCB->Recv.Window = ExAllocatePool( NonPagedPool, FCB->Recv.Size ); + + if( !FCB->Recv.Window ) return STATUS_NO_MEMORY; + FCB->Send.Window = ExAllocatePool( NonPagedPool, FCB->Send.Size ); + if( !FCB->Send.Window ) { + ExFreePool( FCB->Recv.Window ); + return STATUS_NO_MEMORY; + } + FCB->State = SOCKET_STATE_CONNECTED; - if( FCB->Recv.Window ) { - Status = TdiReceive( &FCB->ReceiveIrp.InFlightRequest, - FCB->Connection.Object, - TDI_RECEIVE_NORMAL, - FCB->Recv.Window, - FCB->Recv.Size, - &FCB->ReceiveIrp.Iosb, - ReceiveComplete, - FCB ); - } + Status = TdiReceive( &FCB->ReceiveIrp.InFlightRequest, + FCB->Connection.Object, + TDI_RECEIVE_NORMAL, + FCB->Recv.Window, + FCB->Recv.Size, + &FCB->ReceiveIrp.Iosb, + ReceiveComplete, + FCB ); return Status; } @@ -102,8 +108,9 @@ if( NT_SUCCESS(Status) ) { Status = MakeSocketIntoConnection( FCB ); - if( FCB->Send.Window && - !IsListEmpty( &FCB->PendingIrpList[FUNCTION_SEND] ) ) { + if( !NT_SUCCESS(Status) ) return Status; + + if( !IsListEmpty( &FCB->PendingIrpList[FUNCTION_SEND] ) ) { NextIrpEntry = RemoveHeadList(&FCB->PendingIrpList[FUNCTION_SEND]); NextIrp = CONTAINING_RECORD(NextIrpEntry, IRP, Tail.Overlay.ListEntry); @@ -158,7 +165,7 @@ case SOCKET_STATE_CONNECTING: return LeaveIrpUntilLater( FCB, Irp, FUNCTION_CONNECT ); - case SOCKET_STATE_CREATED: { + case SOCKET_STATE_CREATED: FCB->LocalAddress = TaCopyTransportAddress( &ConnectReq->RemoteAddress ); @@ -182,7 +189,8 @@ } else return UnlockAndMaybeComplete ( FCB, STATUS_NO_MEMORY, Irp, 0, NULL ); - } /* Drop through to SOCKET_STATE_BOUND */ + + /* Drop through to SOCKET_STATE_BOUND */ case SOCKET_STATE_BOUND: FCB->RemoteAddress = Modified: branches/aicom-network-fixes/drivers/network/afd/afd/listen.c URL: http://svn.reactos.org/svn/reactos/branches/aicom-network-fixes/drivers/net… ============================================================================== --- branches/aicom-network-fixes/drivers/network/afd/afd/listen.c [iso-8859-1] (original) +++ branches/aicom-network-fixes/drivers/network/afd/afd/listen.c [iso-8859-1] Tue Aug 12 13:18:03 2008 @@ -182,9 +182,11 @@ Status = WarmSocketForConnection( FCB ); + AFD_DbgPrint(MID_TRACE,("Status from warmsocket %x\n", Status)); + + if( !NT_SUCCESS(Status) ) return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL ); + FCB->State = SOCKET_STATE_LISTENING; - - AFD_DbgPrint(MID_TRACE,("Status from warmsocket %x\n", Status)); TdiBuildNullConnectionInfo ( &FCB->ListenIrp.ConnectionCallInfo, @@ -274,7 +276,7 @@ &FCB->ListenIrp.Iosb, ListenComplete, FCB ); - } + } else return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL ); FCB->NeedsNewListen = FALSE; } Modified: branches/aicom-network-fixes/drivers/network/afd/afd/tdiconn.c URL: http://svn.reactos.org/svn/reactos/branches/aicom-network-fixes/drivers/net… ============================================================================== --- branches/aicom-network-fixes/drivers/network/afd/afd/tdiconn.c [iso-8859-1] (original) +++ branches/aicom-network-fixes/drivers/network/afd/afd/tdiconn.c [iso-8859-1] Tue Aug 12 13:18:03 2008 @@ -8,6 +8,7 @@ * 20040708 Created */ #include <afd.h> +#include <pseh/pseh.h> #include "debug.h" #include "tdiconn.h" @@ -126,9 +127,11 @@ Status = TdiBuildNullConnectionInfoInPlace( ConnInfo, Type ); - if (!NT_SUCCESS(Status)) + if (!NT_SUCCESS(Status)) { ExFreePool( ConnInfo ); - else + *ConnectionInfo = NULL; + return Status; + } else *ConnectionInfo = ConnInfo; ConnInfo->RemoteAddress = (PTA_ADDRESS)&ConnInfo[1]; @@ -144,9 +147,13 @@ PTRANSPORT_ADDRESS Address ) { NTSTATUS Status = STATUS_SUCCESS; - RtlCopyMemory( ConnectionInfo->RemoteAddress, - Address, - ConnectionInfo->RemoteAddressLength ); + _SEH_TRY { + RtlCopyMemory( ConnectionInfo->RemoteAddress, + Address, + ConnectionInfo->RemoteAddressLength ); + } _SEH_HANDLE { + Status = _SEH_GetExceptionCode(); + } _SEH_END; return Status; } Modified: branches/aicom-network-fixes/drivers/network/afd/afd/write.c URL: http://svn.reactos.org/svn/reactos/branches/aicom-network-fixes/drivers/net… ============================================================================== --- branches/aicom-network-fixes/drivers/network/afd/afd/write.c [iso-8859-1] (original) +++ branches/aicom-network-fixes/drivers/network/afd/afd/write.c [iso-8859-1] Tue Aug 12 13:18:03 2008 @@ -233,21 +233,23 @@ TdiBuildConnectionInfo( &TargetAddress, FCB->RemoteAddress ); - SocketCalloutEnter( FCB ); - - Status = TdiSendDatagram - ( &FCB->SendIrp.InFlightRequest, - FCB->AddressFile.Object, - SendReq->BufferArray[0].buf, - SendReq->BufferArray[0].len, - TargetAddress, - &FCB->SendIrp.Iosb, - PacketSocketSendComplete, - FCB ); - - SocketCalloutLeave( FCB ); - - ExFreePool( TargetAddress ); + if( TargetAddress ) { + SocketCalloutEnter( FCB ); + + Status = TdiSendDatagram + ( &FCB->SendIrp.InFlightRequest, + FCB->AddressFile.Object, + SendReq->BufferArray[0].buf, + SendReq->BufferArray[0].len, + TargetAddress, + &FCB->SendIrp.Iosb, + PacketSocketSendComplete, + FCB ); + + SocketCalloutLeave( FCB ); + + ExFreePool( TargetAddress ); + } else Status = STATUS_NO_MEMORY; if( Status == STATUS_PENDING ) Status = STATUS_SUCCESS;