Rollback last change, since we found out that IoCreateFile can accept usermode parameters too Modified: trunk/reactos/ntoskrnl/include/internal/safe.h Modified: trunk/reactos/ntoskrnl/io/create.c Modified: trunk/reactos/ntoskrnl/io/mailslot.c Modified: trunk/reactos/ntoskrnl/io/npipe.c Modified: trunk/reactos/ntoskrnl/rtl/capture.c _____
Modified: trunk/reactos/ntoskrnl/include/internal/safe.h --- trunk/reactos/ntoskrnl/include/internal/safe.h 2005-01-24 21:05:37 UTC (rev 13253) +++ trunk/reactos/ntoskrnl/include/internal/safe.h 2005-01-24 21:21:17 UTC (rev 13254) @@ -21,28 +21,4 @@
IN KPROCESSOR_MODE CurrentMode, IN BOOLEAN CaptureIfKernel);
-NTSTATUS -RtlCaptureSecurityDescriptor(OUT PSECURITY_DESCRIPTOR Dest, - IN KPROCESSOR_MODE PreviousMode, - IN POOL_TYPE PoolType, - IN BOOLEAN CaptureIfKernel, - IN PSECURITY_DESCRIPTOR UnsafeSrc); - -VOID -RtlReleaseCapturedSecurityDescriptor(IN PSECURITY_DESCRIPTOR CapturedSecurityDescriptor, - IN KPROCESSOR_MODE CurrentMode, - IN BOOLEAN CaptureIfKernel); - -NTSTATUS -RtlCaptureObjectAttributes(OUT POBJECT_ATTRIBUTES Dest, - IN KPROCESSOR_MODE CurrentMode, - IN POOL_TYPE PoolType, - IN BOOLEAN CaptureIfKernel, - IN POBJECT_ATTRIBUTES UnsafeSrc); - -VOID -RtlReleaseCapturedObjectAttributes(IN POBJECT_ATTRIBUTES CapturedObjectAttributes, - IN KPROCESSOR_MODE CurrentMode, - IN BOOLEAN CaptureIfKernel); - -#endif /* __NTOSKRNL_INCLUDE_INTERNAL_SAFE_H */ +#endif /* __NTOSKRNL_INCLUDE_INTERNAL_SAFE_Hb */ _____
Modified: trunk/reactos/ntoskrnl/io/create.c --- trunk/reactos/ntoskrnl/io/create.c 2005-01-24 21:05:37 UTC (rev 13253) +++ trunk/reactos/ntoskrnl/io/create.c 2005-01-24 21:21:17 UTC (rev 13254) @@ -17,7 +17,7 @@
/* GLOBALS *******************************************************************/
-#define TAG_IO_CREATE TAG('I', 'O', 'C', 'R') +#define TAG_FILE_NAME TAG('F', 'N', 'A', 'M')
/* FUNCTIONS *************************************************************/
@@ -357,7 +357,7 @@
PreviousMode = ExGetPreviousMode();
- Status = ObCreateObject(KernelMode, + Status = ObCreateObject(PreviousMode, IoFileObjectType, ObjectAttributes, PreviousMode, @@ -533,132 +533,32 @@ * @implemented */ NTSTATUS STDCALL -NtCreateFile(PHANDLE FileHandleUnsafe, +NtCreateFile(PHANDLE FileHandle, ACCESS_MASK DesiredAccess, - POBJECT_ATTRIBUTES ObjectAttributesUnsafe, - PIO_STATUS_BLOCK IoStatusBlockUnsafe, - PLARGE_INTEGER AllocateSizeUnsafe, + POBJECT_ATTRIBUTES ObjectAttributes, + PIO_STATUS_BLOCK IoStatusBlock, + PLARGE_INTEGER AllocateSize, ULONG FileAttributes, ULONG ShareAccess, ULONG CreateDisposition, ULONG CreateOptions, - PVOID EaBufferUnsafe, + PVOID EaBuffer, ULONG EaLength) { - KPROCESSOR_MODE PreviousMode; - NTSTATUS Status; - HANDLE FileHandle; - OBJECT_ATTRIBUTES ObjectAttributes; - IO_STATUS_BLOCK IoStatusBlock; - LARGE_INTEGER AllocateSize; - PVOID EaBuffer; - - PreviousMode = ExGetPreviousMode(); - if (KernelMode == PreviousMode) - { - return IoCreateFile(FileHandleUnsafe, - DesiredAccess, - ObjectAttributesUnsafe, - IoStatusBlockUnsafe, - AllocateSizeUnsafe, - FileAttributes, - ShareAccess, - CreateDisposition, - CreateOptions, - EaBufferUnsafe, - EaLength, - CreateFileTypeNone, - NULL, - 0); - } - - Status = RtlCaptureObjectAttributes(&ObjectAttributes, - PreviousMode, - PagedPool, - FALSE, - ObjectAttributesUnsafe); - if (! NT_SUCCESS(Status)) - { - return Status; - } - - if (0 != EaLength) - { - EaBuffer = ExAllocatePoolWithTag(PagedPool, EaLength, TAG_IO_CREATE); - if (NULL == EaBuffer) - { - RtlReleaseCapturedObjectAttributes(&ObjectAttributes, - PreviousMode, - FALSE); - return STATUS_NO_MEMORY; - } - } - - _SEH_TRY - { - if (NULL != AllocateSizeUnsafe) - { - ProbeForRead(AllocateSizeUnsafe, - sizeof(LARGE_INTEGER), - sizeof(ULONG)); - AllocateSize = *AllocateSizeUnsafe; - } - if (0 != EaLength) - { - ProbeForRead(EaBufferUnsafe, - EaLength, - sizeof(UCHAR)); - RtlCopyMemory(EaBuffer, EaBufferUnsafe, EaLength); - } - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - - if (! NT_SUCCESS(Status)) - { - return Status; - } - - Status = IoCreateFile(&FileHandle, - DesiredAccess, - &ObjectAttributes, - &IoStatusBlock, - (NULL == AllocateSizeUnsafe ? NULL : &AllocateSize), - FileAttributes, - ShareAccess, - CreateDisposition, - CreateOptions, - (0 == EaLength ? NULL : EaBuffer), - EaLength, - CreateFileTypeNone, - NULL, - 0); - if (! NT_SUCCESS(Status)) - { - return Status; - } - - _SEH_TRY - { - ProbeForWrite(FileHandleUnsafe, - sizeof(HANDLE), - sizeof(ULONG)); - *FileHandleUnsafe = FileHandle; - ProbeForWrite(IoStatusBlockUnsafe, - sizeof(IO_STATUS_BLOCK), - sizeof(ULONG)); - *IoStatusBlockUnsafe = IoStatusBlock; - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - - return Status; + return IoCreateFile(FileHandle, + DesiredAccess, + ObjectAttributes, + IoStatusBlock, + AllocateSize, + FileAttributes, + ShareAccess, + CreateDisposition, + CreateOptions, + EaBuffer, + EaLength, + CreateFileTypeNone, + NULL, + 0); }
@@ -698,90 +598,27 @@ * @implemented */ NTSTATUS STDCALL -NtOpenFile(PHANDLE FileHandleUnsafe, +NtOpenFile(PHANDLE FileHandle, ACCESS_MASK DesiredAccess, - POBJECT_ATTRIBUTES ObjectAttributesUnsafe, - PIO_STATUS_BLOCK IoStatusBlockUnsafe, + POBJECT_ATTRIBUTES ObjectAttributes, + PIO_STATUS_BLOCK IoStatusBlock, ULONG ShareAccess, ULONG OpenOptions) { - KPROCESSOR_MODE PreviousMode; - NTSTATUS Status; - HANDLE FileHandle; - OBJECT_ATTRIBUTES ObjectAttributes; - IO_STATUS_BLOCK IoStatusBlock; - - PreviousMode = ExGetPreviousMode(); - if (KernelMode == PreviousMode) - { - return IoCreateFile(FileHandleUnsafe, - DesiredAccess, - ObjectAttributesUnsafe, - IoStatusBlockUnsafe, - NULL, - 0, - ShareAccess, - FILE_OPEN, - OpenOptions, - NULL, - 0, - CreateFileTypeNone, - NULL, - 0); - } - - Status = RtlCaptureObjectAttributes(&ObjectAttributes, - PreviousMode, - PagedPool, - FALSE, - ObjectAttributesUnsafe); - if (! NT_SUCCESS(Status)) - { - return Status; - } - - if (! NT_SUCCESS(Status)) - { - return Status; - } - - Status = IoCreateFile(&FileHandle, - DesiredAccess, - &ObjectAttributes, - &IoStatusBlock, - NULL, - 0, - ShareAccess, - FILE_OPEN, - OpenOptions, - NULL, - 0, - CreateFileTypeNone, - NULL, - 0); - if (! NT_SUCCESS(Status)) - { - return Status; - } - - _SEH_TRY - { - ProbeForWrite(FileHandleUnsafe, - sizeof(HANDLE), - sizeof(ULONG)); - *FileHandleUnsafe = FileHandle; - ProbeForWrite(IoStatusBlockUnsafe, - sizeof(IO_STATUS_BLOCK), - sizeof(ULONG)); - *IoStatusBlockUnsafe = IoStatusBlock; - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - - return Status; + return IoCreateFile(FileHandle, + DesiredAccess, + ObjectAttributes, + IoStatusBlock, + NULL, + 0, + ShareAccess, + FILE_OPEN, + OpenOptions, + NULL, + 0, + CreateFileTypeNone, + NULL, + 0); }
/* EOF */ _____
Modified: trunk/reactos/ntoskrnl/io/mailslot.c --- trunk/reactos/ntoskrnl/io/mailslot.c 2005-01-24 21:05:37 UTC (rev 13253) +++ trunk/reactos/ntoskrnl/io/mailslot.c 2005-01-24 21:21:17 UTC (rev 13254) @@ -18,21 +18,16 @@
/* FUNCTIONS *****************************************************************/
NTSTATUS STDCALL -NtCreateMailslotFile(OUT PHANDLE FileHandleUnsafe, +NtCreateMailslotFile(OUT PHANDLE FileHandle, IN ACCESS_MASK DesiredAccess, - IN POBJECT_ATTRIBUTES ObjectAttributesUnsafe, - OUT PIO_STATUS_BLOCK IoStatusBlockUnsafe, + IN POBJECT_ATTRIBUTES ObjectAttributes, + OUT PIO_STATUS_BLOCK IoStatusBlock, IN ULONG CreateOptions, IN ULONG MailslotQuota, IN ULONG MaxMessageSize, - IN PLARGE_INTEGER TimeOutUnsafe) + IN PLARGE_INTEGER TimeOut) { MAILSLOT_CREATE_PARAMETERS Buffer; - KPROCESSOR_MODE PreviousMode; - NTSTATUS Status; - HANDLE FileHandle; - OBJECT_ATTRIBUTES ObjectAttributes; - IO_STATUS_BLOCK IoStatusBlock;
DPRINT("NtCreateMailslotFile(FileHandle %x, DesiredAccess %x, " "ObjectAttributes %x ObjectAttributes->ObjectName->Buffer %S)\n", @@ -41,103 +36,32 @@
ASSERT_IRQL(PASSIVE_LEVEL);
- if (TimeOutUnsafe != NULL) + if (TimeOut != NULL) { - if (UserMode == PreviousMode) - { - Status = STATUS_SUCCESS; - _SEH_TRY - { - ProbeForRead(TimeOutUnsafe, - sizeof(LARGE_INTEGER), - sizeof(LARGE_INTEGER)); - Buffer.ReadTimeout.QuadPart = TimeOutUnsafe->QuadPart; - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - } - else - { - Buffer.ReadTimeout.QuadPart = TimeOutUnsafe->QuadPart; - } - Buffer.TimeoutSpecified = TRUE; + Buffer.ReadTimeout.QuadPart = TimeOut->QuadPart; + Buffer.TimeoutSpecified = TRUE; } else { - Buffer.TimeoutSpecified = FALSE; + Buffer.TimeoutSpecified = FALSE; } Buffer.MailslotQuota = MailslotQuota; Buffer.MaximumMessageSize = MaxMessageSize;
- PreviousMode = ExGetPreviousMode(); - if (KernelMode == PreviousMode) - { - return IoCreateFile(FileHandleUnsafe, - DesiredAccess, - ObjectAttributesUnsafe, - IoStatusBlockUnsafe, - NULL, - FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_READ | FILE_SHARE_WRITE, - FILE_CREATE, - CreateOptions, - NULL, - 0, - CreateFileTypeMailslot, - (PVOID)&Buffer, - 0); - } - - Status = RtlCaptureObjectAttributes(&ObjectAttributes, - PreviousMode, - PagedPool, - FALSE, - ObjectAttributesUnsafe); - if (! NT_SUCCESS(Status)) - { - return Status; - } - - Status = IoCreateFile(&FileHandle, - DesiredAccess, - &ObjectAttributes, - &IoStatusBlock, - NULL, - FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_READ | FILE_SHARE_WRITE, - FILE_CREATE, - CreateOptions, - NULL, - 0, - CreateFileTypeMailslot, - (PVOID)&Buffer, - 0); - if (! NT_SUCCESS(Status)) - { - return Status; - } - - _SEH_TRY - { - ProbeForWrite(FileHandleUnsafe, - sizeof(HANDLE), - sizeof(ULONG)); - *FileHandleUnsafe = FileHandle; - ProbeForWrite(IoStatusBlockUnsafe, - sizeof(IO_STATUS_BLOCK), - sizeof(ULONG)); - *IoStatusBlockUnsafe = IoStatusBlock; - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - - return Status; + return IoCreateFile(FileHandle, + DesiredAccess, + ObjectAttributes, + IoStatusBlock, + NULL, + FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_READ | FILE_SHARE_WRITE, + FILE_CREATE, + CreateOptions, + NULL, + 0, + CreateFileTypeMailslot, + (PVOID)&Buffer, + 0); }
/* EOF */ _____
Modified: trunk/reactos/ntoskrnl/io/npipe.c --- trunk/reactos/ntoskrnl/io/npipe.c 2005-01-24 21:05:37 UTC (rev 13253) +++ trunk/reactos/ntoskrnl/io/npipe.c 2005-01-24 21:21:17 UTC (rev 13254) @@ -17,10 +17,10 @@
/* FUNCTIONS *****************************************************************/
NTSTATUS STDCALL -NtCreateNamedPipeFile(PHANDLE FileHandleUnsafe, +NtCreateNamedPipeFile(PHANDLE FileHandle, ACCESS_MASK DesiredAccess, - POBJECT_ATTRIBUTES ObjectAttributesUnsafe, - PIO_STATUS_BLOCK IoStatusBlockUnsafe, + POBJECT_ATTRIBUTES ObjectAttributes, + PIO_STATUS_BLOCK IoStatusBlock, ULONG ShareAccess, ULONG CreateDisposition, ULONG CreateOptions, @@ -30,14 +30,9 @@ ULONG MaximumInstances, ULONG InboundQuota, ULONG OutboundQuota, - PLARGE_INTEGER DefaultTimeoutUnsafe) + PLARGE_INTEGER DefaultTimeout) { NAMED_PIPE_CREATE_PARAMETERS Buffer; - KPROCESSOR_MODE PreviousMode; - NTSTATUS Status; - HANDLE FileHandle; - OBJECT_ATTRIBUTES ObjectAttributes; - IO_STATUS_BLOCK IoStatusBlock;
DPRINT("NtCreateNamedPipeFile(FileHandle %x, DesiredAccess %x, " "ObjectAttributes %x ObjectAttributes->ObjectName->Buffer %S)\n", @@ -46,28 +41,9 @@
ASSERT_IRQL(PASSIVE_LEVEL);
- if (DefaultTimeoutUnsafe != NULL) + if (DefaultTimeout != NULL) { - if (UserMode == PreviousMode) - { - Status = STATUS_SUCCESS; - _SEH_TRY - { - ProbeForRead(DefaultTimeoutUnsafe, - sizeof(LARGE_INTEGER), - sizeof(LARGE_INTEGER)); - Buffer.DefaultTimeout.QuadPart = DefaultTimeoutUnsafe->QuadPart; - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - } - else - { - Buffer.DefaultTimeout.QuadPart = DefaultTimeoutUnsafe->QuadPart; - } + Buffer.DefaultTimeout.QuadPart = DefaultTimeout->QuadPart; Buffer.TimeoutSpecified = TRUE; } else @@ -81,72 +57,20 @@ Buffer.InboundQuota = InboundQuota; Buffer.OutboundQuota = OutboundQuota;
- PreviousMode = ExGetPreviousMode(); - if (KernelMode == PreviousMode) - { - return IoCreateFile(FileHandleUnsafe, - DesiredAccess, - ObjectAttributesUnsafe, - IoStatusBlockUnsafe, - NULL, - FILE_ATTRIBUTE_NORMAL, - ShareAccess, - CreateDisposition, - CreateOptions, - NULL, - 0, - CreateFileTypeNamedPipe, - (PVOID)&Buffer, - 0); - } - - Status = RtlCaptureObjectAttributes(&ObjectAttributes, - PreviousMode, - PagedPool, - FALSE, - ObjectAttributesUnsafe); - if (! NT_SUCCESS(Status)) - { - return Status; - } - - Status = IoCreateFile(&FileHandle, - DesiredAccess, - &ObjectAttributes, - &IoStatusBlock, - NULL, - FILE_ATTRIBUTE_NORMAL, - ShareAccess, - CreateDisposition, - CreateOptions, - NULL, - 0, - CreateFileTypeNamedPipe, - (PVOID)&Buffer, - 0); - if (! NT_SUCCESS(Status)) - { - return Status; - } - - _SEH_TRY - { - ProbeForWrite(FileHandleUnsafe, - sizeof(HANDLE), - sizeof(ULONG)); - *FileHandleUnsafe = FileHandle; - ProbeForWrite(IoStatusBlockUnsafe, - sizeof(IO_STATUS_BLOCK), - sizeof(ULONG)); - *IoStatusBlockUnsafe = IoStatusBlock; - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - - return Status; + return IoCreateFile(FileHandle, + DesiredAccess, + ObjectAttributes, + IoStatusBlock, + NULL, + FILE_ATTRIBUTE_NORMAL, + ShareAccess, + CreateDisposition, + CreateOptions, + NULL, + 0, + CreateFileTypeNamedPipe, + (PVOID)&Buffer, + 0); }
/* EOF */ _____
Modified: trunk/reactos/ntoskrnl/rtl/capture.c --- trunk/reactos/ntoskrnl/rtl/capture.c 2005-01-24 21:05:37 UTC (rev 13253) +++ trunk/reactos/ntoskrnl/rtl/capture.c 2005-01-24 21:21:17 UTC (rev 13254) @@ -32,8 +32,6 @@
#define NDEBUG #include <internal/debug.h>
-#define TAG_CAPT TAG('C', 'A', 'P', 'T') - /* FUNCTIONS *****************************************************************/
NTSTATUS @@ -97,7 +95,7 @@ if(Src.Length > 0) { Dest->MaximumLength = Src.Length + sizeof(WCHAR); - Dest->Buffer = ExAllocatePoolWithTag(PoolType, Dest->MaximumLength, TAG_CAPT); + Dest->Buffer = ExAllocatePool(PoolType, Dest->MaximumLength); if (Dest->Buffer == NULL) { Dest->Length = Dest->MaximumLength = 0; @@ -166,7 +164,7 @@ */ Dest->Length = Src->Length; Dest->MaximumLength = Src->MaximumLength; - Dest->Buffer = ExAllocatePoolWithTag(NonPagedPool, Dest->MaximumLength, TAG_CAPT); + Dest->Buffer = ExAllocatePool(NonPagedPool, Dest->MaximumLength); if (Dest->Buffer == NULL) { return(Status); @@ -185,478 +183,6 @@ return(STATUS_SUCCESS); }
-static NTSTATUS -CaptureSID(OUT PSID *Dest, - IN KPROCESSOR_MODE PreviousMode, - IN POOL_TYPE PoolType, - IN PSID UnsafeSrc) -{ - SID Src; - ULONG Length; - NTSTATUS Status = STATUS_SUCCESS; - - ASSERT(Dest != NULL); - - if(UserMode == PreviousMode) - { - _SEH_TRY - { - ProbeForRead(UnsafeSrc, - sizeof(SID), - sizeof(ULONG)); - RtlCopyMemory(&Src, UnsafeSrc, sizeof(SID)); - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - - if(!NT_SUCCESS(Status)) - { - return Status; - } - } - else - { - /* capture even though it is considered to be valid */ - RtlCopyMemory(&Src, UnsafeSrc, sizeof(SID)); - } - - if(SID_REVISION != Src.Revision) - { - return STATUS_INVALID_PARAMETER; - } - - Length = RtlLengthSid(&Src); - *Dest = ExAllocatePoolWithTag(PoolType, Length, TAG_CAPT); - if(NULL == *Dest) - { - return STATUS_NO_MEMORY; - } - - if(UserMode == PreviousMode) - { - _SEH_TRY - { - ProbeForRead(UnsafeSrc, - Length, - sizeof(ULONG)); - RtlCopyMemory(*Dest, UnsafeSrc, Length); - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - - if(!NT_SUCCESS(Status)) - { - return Status; - } - } - else - { - RtlCopyMemory(*Dest, UnsafeSrc, Length); - } - - return Status; -} - -static NTSTATUS -CaptureACL(OUT PACL *Dest, - IN KPROCESSOR_MODE PreviousMode, - IN POOL_TYPE PoolType, - IN PACL UnsafeSrc) -{ - ACL Src; - ULONG Length; - NTSTATUS Status = STATUS_SUCCESS; - - ASSERT(Dest != NULL); - - if(UserMode == PreviousMode) - { - _SEH_TRY - { - ProbeForRead(UnsafeSrc, - sizeof(ACL), - sizeof(ULONG)); - RtlCopyMemory(&Src, UnsafeSrc, sizeof(ACL)); - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - - if(!NT_SUCCESS(Status)) - { - return Status; - } - } - else - { - /* capture even though it is considered to be valid */ - RtlCopyMemory(&Src, UnsafeSrc, sizeof(ACL)); - } - - if(Src.AclRevision < MIN_ACL_REVISION || MAX_ACL_REVISION < Src.AclRevision) - { - return STATUS_INVALID_PARAMETER; - } - - Length = Src.AclSize; - *Dest = ExAllocatePoolWithTag(PoolType, Length, TAG_CAPT); - if(NULL == *Dest) - { - return STATUS_NO_MEMORY; - } - - if(UserMode == PreviousMode) - { - _SEH_TRY - { - ProbeForRead(UnsafeSrc, - Length, - sizeof(ULONG)); - RtlCopyMemory(*Dest, UnsafeSrc, Length); - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - - if(!NT_SUCCESS(Status)) - { - return Status; - } - } - else - { - RtlCopyMemory(*Dest, UnsafeSrc, Length); - } - - return Status; -} - -NTSTATUS -RtlCaptureSecurityDescriptor(OUT PSECURITY_DESCRIPTOR Dest, - IN KPROCESSOR_MODE PreviousMode, - IN POOL_TYPE PoolType, - IN BOOLEAN CaptureIfKernel, - IN PSECURITY_DESCRIPTOR UnsafeSrc) -{ - SECURITY_DESCRIPTOR Src; - NTSTATUS Status = STATUS_SUCCESS; - - ASSERT(Dest != NULL); - - /* - * Copy the object attributes to kernel space. - */ - - if(PreviousMode == UserMode) - { - _SEH_TRY - { - ProbeForRead(UnsafeSrc, - sizeof(SECURITY_DESCRIPTOR), - sizeof(ULONG)); - Src = *UnsafeSrc; - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - - if(!NT_SUCCESS(Status)) - { - return Status; - } - } - else if(!CaptureIfKernel) - { - /* just copy the structure, the pointers are considered valid */ - *Dest = *UnsafeSrc; - return STATUS_SUCCESS; - } - else - { - /* capture the object attributes even though it is considered to be valid */ - Src = *UnsafeSrc; - } - - if(SECURITY_DESCRIPTOR_REVISION1 != Src.Revision) - { - return STATUS_INVALID_PARAMETER; - } - - Dest->Revision = Src.Revision; - Dest->Sbz1 = Src.Sbz1; - Dest->Control = Src.Control; - Status = CaptureSID(&Dest->Owner, PreviousMode, PoolType, Src.Owner); - if(!NT_SUCCESS(Status)) - { - return Status; - } - Status = CaptureSID(&Dest->Group, PreviousMode, PoolType, Src.Group); - if(!NT_SUCCESS(Status)) - { - if(NULL != Dest->Owner) - { - ExFreePool(Dest->Owner); - } - return Status; - } - Status = CaptureACL(&Dest->Sacl, PreviousMode, PoolType, Src.Sacl); - if(!NT_SUCCESS(Status)) - { - if(NULL != Dest->Group) - { - ExFreePool(Dest->Group); - } - if(NULL != Dest->Owner) - { - ExFreePool(Dest->Owner); - } - return Status; - } - Status = CaptureACL(&Dest->Dacl, PreviousMode, PoolType, Src.Dacl); - if(!NT_SUCCESS(Status)) - { - if(NULL != Dest->Sacl) - { - ExFreePool(Dest->Sacl); - } - if(NULL != Dest->Group) - { - ExFreePool(Dest->Group); - } - if(NULL != Dest->Owner) - { - ExFreePool(Dest->Owner); - } - return Status; - } - - return Status; -} - -VOID -RtlReleaseCapturedSecurityDescriptor(IN PSECURITY_DESCRIPTOR CapturedSecurityDescriptor, - IN KPROCESSOR_MODE PreviousMode, - IN BOOLEAN CaptureIfKernel) -{ - ASSERT(SECURITY_DESCRIPTOR_REVISION1 == CapturedSecurityDescriptor->Revision); - - if(PreviousMode == KernelMode && !CaptureIfKernel) - { - return; - } - - if(NULL != CapturedSecurityDescriptor->Dacl) - { - ExFreePool(CapturedSecurityDescriptor->Dacl); - } - if(NULL != CapturedSecurityDescriptor->Sacl) - { - ExFreePool(CapturedSecurityDescriptor->Sacl); - } - if(NULL != CapturedSecurityDescriptor->Group) - { - ExFreePool(CapturedSecurityDescriptor->Group); - } - if(NULL != CapturedSecurityDescriptor->Owner) - { - ExFreePool(CapturedSecurityDescriptor->Owner); - } -} - -NTSTATUS -RtlCaptureObjectAttributes(OUT POBJECT_ATTRIBUTES Dest, - IN KPROCESSOR_MODE PreviousMode, - IN POOL_TYPE PoolType, - IN BOOLEAN CaptureIfKernel, - IN POBJECT_ATTRIBUTES UnsafeSrc) -{ - OBJECT_ATTRIBUTES Src; - NTSTATUS Status = STATUS_SUCCESS; - - ASSERT(Dest != NULL); - - /* - * Copy the object attributes to kernel space. - */ - - if(PreviousMode == UserMode) - { - _SEH_TRY - { - ProbeForRead(UnsafeSrc, - sizeof(OBJECT_ATTRIBUTES), - sizeof(ULONG)); - Src = *UnsafeSrc; - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - - if(!NT_SUCCESS(Status)) - { - return Status; - } - } - else if(!CaptureIfKernel) - { - /* just copy the structure, the pointers are considered valid */ - *Dest = *UnsafeSrc; - return STATUS_SUCCESS; - } - else - { - /* capture the object attributes even though it is considered to be valid */ - Src = *UnsafeSrc; - } - - if(Src.Length < sizeof(OBJECT_ATTRIBUTES) || NULL == Src.ObjectName) - { - return STATUS_INVALID_PARAMETER; - } - - Dest->Length = sizeof(OBJECT_ATTRIBUTES); - Dest->RootDirectory = Src.RootDirectory; [truncated at 1000 lines; 130 more skipped]