[ros-diffs] [dchapyshev] 41383: - Add missed checks of the buffer length

Author: dchapyshev Date: Thu Jun 11 19:21:58 2009 New Revision: 41383 URL: http://svn.reactos.org/svn/reactos?rev=41383&view=rev Log: - Add missed checks of the buffer length Modified: trunk/reactos/ntoskrnl/ps/query.c Modified: trunk/reactos/ntoskrnl/ps/query.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ps/query.c?rev=41… ============================================================================== --- trunk/reactos/ntoskrnl/ps/query.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/ps/query.c [iso-8859-1] Thu Jun 11 19:21:58 2009 @@ -782,6 +782,13 @@ /* Error/Exception Port */ case ProcessExceptionPort: + /* Check buffer length */ + if (ProcessInformationLength != sizeof(HANDLE)) + { + Status = STATUS_INFO_LENGTH_MISMATCH; + break; + } + /* Use SEH for capture */ _SEH2_TRY { @@ -819,6 +826,13 @@ /* Security Token */ case ProcessAccessToken: + /* Check buffer length */ + if (ProcessInformationLength != sizeof(PROCESS_ACCESS_TOKEN)) + { + Status = STATUS_INFO_LENGTH_MISMATCH; + break; + } + /* Use SEH for capture */ _SEH2_TRY { @@ -841,6 +855,13 @@ /* Hard error processing */ case ProcessDefaultHardErrorMode: + /* Check buffer length */ + if (ProcessInformationLength != sizeof(ULONG)) + { + Status = STATUS_INFO_LENGTH_MISMATCH; + break; + } + /* Enter SEH for direct buffer read */ _SEH2_TRY { @@ -858,6 +879,13 @@ /* Session ID */ case ProcessSessionInformation: + + /* Check buffer length */ + if (ProcessInformationLength != sizeof(PROCESS_SESSION_INFORMATION)) + { + Status = STATUS_INFO_LENGTH_MISMATCH; + break; + } /* Enter SEH for capture */ _SEH2_TRY @@ -1062,6 +1090,13 @@ /* Thread priority */ case ThreadPriority: + /* Check buffer length */ + if (ThreadInformationLength != sizeof(KPRIORITY)) + { + Status = STATUS_INFO_LENGTH_MISMATCH; + break; + } + /* Use SEH for capture */ _SEH2_TRY { @@ -1090,6 +1125,13 @@ break; case ThreadBasePriority: + + /* Check buffer length */ + if (ThreadInformationLength != sizeof(LONG)) + { + Status = STATUS_INFO_LENGTH_MISMATCH; + break; + } /* Use SEH for capture */ _SEH2_TRY @@ -1130,6 +1172,13 @@ case ThreadAffinityMask: + /* Check buffer length */ + if (ThreadInformationLength != sizeof(ULONG_PTR)) + { + Status = STATUS_INFO_LENGTH_MISMATCH; + break; + } + /* Use SEH for capture */ _SEH2_TRY { @@ -1191,6 +1240,13 @@ case ThreadImpersonationToken: + /* Check buffer length */ + if (ThreadInformationLength != sizeof(HANDLE)) + { + Status = STATUS_INFO_LENGTH_MISMATCH; + break; + } + /* Use SEH for capture */ _SEH2_TRY { @@ -1211,6 +1267,13 @@ case ThreadQuerySetWin32StartAddress: + /* Check buffer length */ + if (ThreadInformationLength != sizeof(ULONG_PTR)) + { + Status = STATUS_INFO_LENGTH_MISMATCH; + break; + } + /* Use SEH for capture */ _SEH2_TRY { @@ -1230,6 +1293,13 @@ break; case ThreadIdealProcessor: + + /* Check buffer length */ + if (ThreadInformationLength != sizeof(ULONG_PTR)) + { + Status = STATUS_INFO_LENGTH_MISMATCH; + break; + } /* Use SEH for capture */ _SEH2_TRY @@ -1272,6 +1342,13 @@ case ThreadPriorityBoost: + /* Check buffer length */ + if (ThreadInformationLength != sizeof(ULONG_PTR)) + { + Status = STATUS_INFO_LENGTH_MISMATCH; + break; + } + /* Use SEH for capture */ _SEH2_TRY { @@ -1291,6 +1368,13 @@ break; case ThreadZeroTlsCell: + + /* Check buffer length */ + if (ThreadInformationLength != sizeof(ULONG_PTR)) + { + Status = STATUS_INFO_LENGTH_MISMATCH; + break; + } /* Use SEH for capture */ _SEH2_TRY