[ros-diffs] [pschweitzer] 71221: [KS] - Don't leak memory in KspValidateConnectRequest(), patch by Victor Martinez - Also compute connect medium ID string only twice (could be even computed once) instead of do...

Author: pschweitzer Date: Sun May 1 08:25:22 2016 New Revision: 71221

URL: http://svn.reactos.org/svn/reactos?rev=71221&view=rev Log: [KS] - Don't leak memory in KspValidateConnectRequest(), patch by Victor Martinez - Also compute connect medium ID string only twice (could be even computed once) instead of doing so in each loop iteration

CORE-11099 #resolve #comment Committed in r71221

Modified: trunk/reactos/drivers/ksfilter/ks/connectivity.c

Modified: trunk/reactos/drivers/ksfilter/ks/connectivity.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/ksfilter/ks/connect... ============================================================================== --- trunk/reactos/drivers/ksfilter/ks/connectivity.c [iso-8859-1] (original) +++ trunk/reactos/drivers/ksfilter/ks/connectivity.c [iso-8859-1] Sun May 1 08:25:22 2016 @@ -73,6 +73,7 @@ ULONG Count; BOOLEAN Found; PKSPIN_DESCRIPTOR Descriptor; + UNICODE_STRING GuidString2;

/* did the caller miss the connect parameter */ if (!Connect) @@ -93,7 +94,10 @@

/* is pin id out of bounds */ if (ConnectDetails->PinId >= DescriptorsCount) + { + FreeItem(ConnectDetails); return STATUS_INVALID_PARAMETER; + }

if (DescriptorSize == sizeof(KSPIN_DESCRIPTOR)) { @@ -124,14 +128,16 @@ /* now check the interface */ Found = FALSE; Index = 0; + RtlStringFromGUID(&ConnectDetails->Interface.Set, &GuidString2); do { - UNICODE_STRING GuidString, GuidString2; + UNICODE_STRING GuidString; RtlStringFromGUID(&Interface[Index].Set, &GuidString); - RtlStringFromGUID(&ConnectDetails->Interface.Set, &GuidString2);

DPRINT("Driver Interface %S Id %u\n", GuidString.Buffer, Interface[Index].Id); DPRINT("Connect Interface %S Id %u\n", GuidString2.Buffer, ConnectDetails->Interface.Id); + + RtlFreeUnicodeString(&GuidString);

if (IsEqualGUIDAligned(&Interface[Index].Set, &ConnectDetails->Interface.Set) && Interface[Index].Id == ConnectDetails->Interface.Id) @@ -143,10 +149,12 @@ /* iterate to next interface */ Index++; }while(Index < Count); + RtlFreeUnicodeString(&GuidString2);

if (!Found) { /* pin doesnt support this interface */ + FreeItem(ConnectDetails); return STATUS_NO_MATCH; }

@@ -167,15 +175,16 @@ /* now check the interface */ Found = FALSE; Index = 0; + RtlStringFromGUID(&ConnectDetails->Medium.Set, &GuidString2); do { - UNICODE_STRING GuidString, GuidString2; + UNICODE_STRING GuidString; RtlStringFromGUID(&Medium[Index].Set, &GuidString); - RtlStringFromGUID(&ConnectDetails->Medium.Set, &GuidString2);

DPRINT("Driver Medium %S Id %u\n", GuidString.Buffer, Medium[Index].Id); DPRINT("Connect Medium %S Id %u\n", GuidString2.Buffer, ConnectDetails->Medium.Id);

+ RtlFreeUnicodeString(&GuidString);

if (IsEqualGUIDAligned(&Medium[Index].Set, &ConnectDetails->Medium.Set) && Medium[Index].Id == ConnectDetails->Medium.Id) @@ -185,15 +194,15 @@ break; }

- - /* iterate to next medium */ Index++; }while(Index < Count); + RtlFreeUnicodeString(&GuidString2);

if (!Found) { /* pin doesnt support this medium */ + FreeItem(ConnectDetails); return STATUS_NO_MATCH; }