24 Jan
2005
24 Jan
'05
9:21 p.m.
Rollback last change, since we found out that IoCreateFile can accept
usermode parameters too
Modified: trunk/reactos/ntoskrnl/include/internal/safe.h
Modified: trunk/reactos/ntoskrnl/io/create.c
Modified: trunk/reactos/ntoskrnl/io/mailslot.c
Modified: trunk/reactos/ntoskrnl/io/npipe.c
Modified: trunk/reactos/ntoskrnl/rtl/capture.c
_____
Modified: trunk/reactos/ntoskrnl/include/internal/safe.h
--- trunk/reactos/ntoskrnl/include/internal/safe.h 2005-01-24
21:05:37 UTC (rev 13253)
+++ trunk/reactos/ntoskrnl/include/internal/safe.h 2005-01-24
21:21:17 UTC (rev 13254)
@@ -21,28 +21,4 @@
IN KPROCESSOR_MODE CurrentMode,
IN BOOLEAN CaptureIfKernel);
-NTSTATUS
-RtlCaptureSecurityDescriptor(OUT PSECURITY_DESCRIPTOR Dest,
- IN KPROCESSOR_MODE PreviousMode,
- IN POOL_TYPE PoolType,
- IN BOOLEAN CaptureIfKernel,
- IN PSECURITY_DESCRIPTOR UnsafeSrc);
-
-VOID
-RtlReleaseCapturedSecurityDescriptor(IN PSECURITY_DESCRIPTOR
CapturedSecurityDescriptor,
- IN KPROCESSOR_MODE CurrentMode,
- IN BOOLEAN CaptureIfKernel);
-
-NTSTATUS
-RtlCaptureObjectAttributes(OUT POBJECT_ATTRIBUTES Dest,
- IN KPROCESSOR_MODE CurrentMode,
- IN POOL_TYPE PoolType,
- IN BOOLEAN CaptureIfKernel,
- IN POBJECT_ATTRIBUTES UnsafeSrc);
-
-VOID
-RtlReleaseCapturedObjectAttributes(IN POBJECT_ATTRIBUTES
CapturedObjectAttributes,
- IN KPROCESSOR_MODE CurrentMode,
- IN BOOLEAN CaptureIfKernel);
-
-#endif /* __NTOSKRNL_INCLUDE_INTERNAL_SAFE_H */
+#endif /* __NTOSKRNL_INCLUDE_INTERNAL_SAFE_Hb */
_____
Modified: trunk/reactos/ntoskrnl/io/create.c
--- trunk/reactos/ntoskrnl/io/create.c 2005-01-24 21:05:37 UTC (rev
13253)
+++ trunk/reactos/ntoskrnl/io/create.c 2005-01-24 21:21:17 UTC (rev
13254)
@@ -17,7 +17,7 @@
/* GLOBALS
*******************************************************************/
-#define TAG_IO_CREATE TAG('I', 'O', 'C', 'R')
+#define TAG_FILE_NAME TAG('F', 'N', 'A', 'M')
/* FUNCTIONS
*************************************************************/
@@ -357,7 +357,7 @@
PreviousMode = ExGetPreviousMode();
- Status = ObCreateObject(KernelMode,
+ Status = ObCreateObject(PreviousMode,
IoFileObjectType,
ObjectAttributes,
PreviousMode,
@@ -533,132 +533,32 @@
* @implemented
*/
NTSTATUS STDCALL
-NtCreateFile(PHANDLE FileHandleUnsafe,
+NtCreateFile(PHANDLE FileHandle,
ACCESS_MASK DesiredAccess,
- POBJECT_ATTRIBUTES ObjectAttributesUnsafe,
- PIO_STATUS_BLOCK IoStatusBlockUnsafe,
- PLARGE_INTEGER AllocateSizeUnsafe,
+ POBJECT_ATTRIBUTES ObjectAttributes,
+ PIO_STATUS_BLOCK IoStatusBlock,
+ PLARGE_INTEGER AllocateSize,
ULONG FileAttributes,
ULONG ShareAccess,
ULONG CreateDisposition,
ULONG CreateOptions,
- PVOID EaBufferUnsafe,
+ PVOID EaBuffer,
ULONG EaLength)
{
- KPROCESSOR_MODE PreviousMode;
- NTSTATUS Status;
- HANDLE FileHandle;
- OBJECT_ATTRIBUTES ObjectAttributes;
- IO_STATUS_BLOCK IoStatusBlock;
- LARGE_INTEGER AllocateSize;
- PVOID EaBuffer;
-
- PreviousMode = ExGetPreviousMode();
- if (KernelMode == PreviousMode)
- {
- return IoCreateFile(FileHandleUnsafe,
- DesiredAccess,
- ObjectAttributesUnsafe,
- IoStatusBlockUnsafe,
- AllocateSizeUnsafe,
- FileAttributes,
- ShareAccess,
- CreateDisposition,
- CreateOptions,
- EaBufferUnsafe,
- EaLength,
- CreateFileTypeNone,
- NULL,
- 0);
- }
-
- Status = RtlCaptureObjectAttributes(&ObjectAttributes,
- PreviousMode,
- PagedPool,
- FALSE,
- ObjectAttributesUnsafe);
- if (! NT_SUCCESS(Status))
- {
- return Status;
- }
-
- if (0 != EaLength)
- {
- EaBuffer = ExAllocatePoolWithTag(PagedPool, EaLength,
TAG_IO_CREATE);
- if (NULL == EaBuffer)
- {
- RtlReleaseCapturedObjectAttributes(&ObjectAttributes,
- PreviousMode,
- FALSE);
- return STATUS_NO_MEMORY;
- }
- }
-
- _SEH_TRY
- {
- if (NULL != AllocateSizeUnsafe)
- {
- ProbeForRead(AllocateSizeUnsafe,
- sizeof(LARGE_INTEGER),
- sizeof(ULONG));
- AllocateSize = *AllocateSizeUnsafe;
- }
- if (0 != EaLength)
- {
- ProbeForRead(EaBufferUnsafe,
- EaLength,
- sizeof(UCHAR));
- RtlCopyMemory(EaBuffer, EaBufferUnsafe, EaLength);
- }
- }
- _SEH_HANDLE
- {
- Status = _SEH_GetExceptionCode();
- }
- _SEH_END;
-
- if (! NT_SUCCESS(Status))
- {
- return Status;
- }
-
- Status = IoCreateFile(&FileHandle,
- DesiredAccess,
- &ObjectAttributes,
- &IoStatusBlock,
- (NULL == AllocateSizeUnsafe ? NULL :
&AllocateSize),
- FileAttributes,
- ShareAccess,
- CreateDisposition,
- CreateOptions,
- (0 == EaLength ? NULL : EaBuffer),
- EaLength,
- CreateFileTypeNone,
- NULL,
- 0);
- if (! NT_SUCCESS(Status))
- {
- return Status;
- }
-
- _SEH_TRY
- {
- ProbeForWrite(FileHandleUnsafe,
- sizeof(HANDLE),
- sizeof(ULONG));
- *FileHandleUnsafe = FileHandle;
- ProbeForWrite(IoStatusBlockUnsafe,
- sizeof(IO_STATUS_BLOCK),
- sizeof(ULONG));
- *IoStatusBlockUnsafe = IoStatusBlock;
- }
- _SEH_HANDLE
- {
- Status = _SEH_GetExceptionCode();
- }
- _SEH_END;
-
- return Status;
+ return IoCreateFile(FileHandle,
+ DesiredAccess,
+ ObjectAttributes,
+ IoStatusBlock,
+ AllocateSize,
+ FileAttributes,
+ ShareAccess,
+ CreateDisposition,
+ CreateOptions,
+ EaBuffer,
+ EaLength,
+ CreateFileTypeNone,
+ NULL,
+ 0);
}
@@ -698,90 +598,27 @@
* @implemented
*/
NTSTATUS STDCALL
-NtOpenFile(PHANDLE FileHandleUnsafe,
+NtOpenFile(PHANDLE FileHandle,
ACCESS_MASK DesiredAccess,
- POBJECT_ATTRIBUTES ObjectAttributesUnsafe,
- PIO_STATUS_BLOCK IoStatusBlockUnsafe,
+ POBJECT_ATTRIBUTES ObjectAttributes,
+ PIO_STATUS_BLOCK IoStatusBlock,
ULONG ShareAccess,
ULONG OpenOptions)
{
- KPROCESSOR_MODE PreviousMode;
- NTSTATUS Status;
- HANDLE FileHandle;
- OBJECT_ATTRIBUTES ObjectAttributes;
- IO_STATUS_BLOCK IoStatusBlock;
-
- PreviousMode = ExGetPreviousMode();
- if (KernelMode == PreviousMode)
- {
- return IoCreateFile(FileHandleUnsafe,
- DesiredAccess,
- ObjectAttributesUnsafe,
- IoStatusBlockUnsafe,
- NULL,
- 0,
- ShareAccess,
- FILE_OPEN,
- OpenOptions,
- NULL,
- 0,
- CreateFileTypeNone,
- NULL,
- 0);
- }
-
- Status = RtlCaptureObjectAttributes(&ObjectAttributes,
- PreviousMode,
- PagedPool,
- FALSE,
- ObjectAttributesUnsafe);
- if (! NT_SUCCESS(Status))
- {
- return Status;
- }
-
- if (! NT_SUCCESS(Status))
- {
- return Status;
- }
-
- Status = IoCreateFile(&FileHandle,
- DesiredAccess,
- &ObjectAttributes,
- &IoStatusBlock,
- NULL,
- 0,
- ShareAccess,
- FILE_OPEN,
- OpenOptions,
- NULL,
- 0,
- CreateFileTypeNone,
- NULL,
- 0);
- if (! NT_SUCCESS(Status))
- {
- return Status;
- }
-
- _SEH_TRY
- {
- ProbeForWrite(FileHandleUnsafe,
- sizeof(HANDLE),
- sizeof(ULONG));
- *FileHandleUnsafe = FileHandle;
- ProbeForWrite(IoStatusBlockUnsafe,
- sizeof(IO_STATUS_BLOCK),
- sizeof(ULONG));
- *IoStatusBlockUnsafe = IoStatusBlock;
- }
- _SEH_HANDLE
- {
- Status = _SEH_GetExceptionCode();
- }
- _SEH_END;
-
- return Status;
+ return IoCreateFile(FileHandle,
+ DesiredAccess,
+ ObjectAttributes,
+ IoStatusBlock,
+ NULL,
+ 0,
+ ShareAccess,
+ FILE_OPEN,
+ OpenOptions,
+ NULL,
+ 0,
+ CreateFileTypeNone,
+ NULL,
+ 0);
}
/* EOF */
_____
Modified: trunk/reactos/ntoskrnl/io/mailslot.c
--- trunk/reactos/ntoskrnl/io/mailslot.c 2005-01-24 21:05:37 UTC
(rev 13253)
+++ trunk/reactos/ntoskrnl/io/mailslot.c 2005-01-24 21:21:17 UTC
(rev 13254)
@@ -18,21 +18,16 @@
/* FUNCTIONS
*****************************************************************/
NTSTATUS STDCALL
-NtCreateMailslotFile(OUT PHANDLE FileHandleUnsafe,
+NtCreateMailslotFile(OUT PHANDLE FileHandle,
IN ACCESS_MASK DesiredAccess,
- IN POBJECT_ATTRIBUTES ObjectAttributesUnsafe,
- OUT PIO_STATUS_BLOCK IoStatusBlockUnsafe,
+ IN POBJECT_ATTRIBUTES ObjectAttributes,
+ OUT PIO_STATUS_BLOCK IoStatusBlock,
IN ULONG CreateOptions,
IN ULONG MailslotQuota,
IN ULONG MaxMessageSize,
- IN PLARGE_INTEGER TimeOutUnsafe)
+ IN PLARGE_INTEGER TimeOut)
{
MAILSLOT_CREATE_PARAMETERS Buffer;
- KPROCESSOR_MODE PreviousMode;
- NTSTATUS Status;
- HANDLE FileHandle;
- OBJECT_ATTRIBUTES ObjectAttributes;
- IO_STATUS_BLOCK IoStatusBlock;
DPRINT("NtCreateMailslotFile(FileHandle %x, DesiredAccess %x, "
"ObjectAttributes %x ObjectAttributes->ObjectName->Buffer
%S)\n",
@@ -41,103 +36,32 @@
ASSERT_IRQL(PASSIVE_LEVEL);
- if (TimeOutUnsafe != NULL)
+ if (TimeOut != NULL)
{
- if (UserMode == PreviousMode)
- {
- Status = STATUS_SUCCESS;
- _SEH_TRY
- {
- ProbeForRead(TimeOutUnsafe,
- sizeof(LARGE_INTEGER),
- sizeof(LARGE_INTEGER));
- Buffer.ReadTimeout.QuadPart =
TimeOutUnsafe->QuadPart;
- }
- _SEH_HANDLE
- {
- Status = _SEH_GetExceptionCode();
- }
- _SEH_END;
- }
- else
- {
- Buffer.ReadTimeout.QuadPart = TimeOutUnsafe->QuadPart;
- }
- Buffer.TimeoutSpecified = TRUE;
+ Buffer.ReadTimeout.QuadPart = TimeOut->QuadPart;
+ Buffer.TimeoutSpecified = TRUE;
}
else
{
- Buffer.TimeoutSpecified = FALSE;
+ Buffer.TimeoutSpecified = FALSE;
}
Buffer.MailslotQuota = MailslotQuota;
Buffer.MaximumMessageSize = MaxMessageSize;
- PreviousMode = ExGetPreviousMode();
- if (KernelMode == PreviousMode)
- {
- return IoCreateFile(FileHandleUnsafe,
- DesiredAccess,
- ObjectAttributesUnsafe,
- IoStatusBlockUnsafe,
- NULL,
- FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_READ | FILE_SHARE_WRITE,
- FILE_CREATE,
- CreateOptions,
- NULL,
- 0,
- CreateFileTypeMailslot,
- (PVOID)&Buffer,
- 0);
- }
-
- Status = RtlCaptureObjectAttributes(&ObjectAttributes,
- PreviousMode,
- PagedPool,
- FALSE,
- ObjectAttributesUnsafe);
- if (! NT_SUCCESS(Status))
- {
- return Status;
- }
-
- Status = IoCreateFile(&FileHandle,
- DesiredAccess,
- &ObjectAttributes,
- &IoStatusBlock,
- NULL,
- FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_READ | FILE_SHARE_WRITE,
- FILE_CREATE,
- CreateOptions,
- NULL,
- 0,
- CreateFileTypeMailslot,
- (PVOID)&Buffer,
- 0);
- if (! NT_SUCCESS(Status))
- {
- return Status;
- }
-
- _SEH_TRY
- {
- ProbeForWrite(FileHandleUnsafe,
- sizeof(HANDLE),
- sizeof(ULONG));
- *FileHandleUnsafe = FileHandle;
- ProbeForWrite(IoStatusBlockUnsafe,
- sizeof(IO_STATUS_BLOCK),
- sizeof(ULONG));
- *IoStatusBlockUnsafe = IoStatusBlock;
- }
- _SEH_HANDLE
- {
- Status = _SEH_GetExceptionCode();
- }
- _SEH_END;
-
- return Status;
+ return IoCreateFile(FileHandle,
+ DesiredAccess,
+ ObjectAttributes,
+ IoStatusBlock,
+ NULL,
+ FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ | FILE_SHARE_WRITE,
+ FILE_CREATE,
+ CreateOptions,
+ NULL,
+ 0,
+ CreateFileTypeMailslot,
+ (PVOID)&Buffer,
+ 0);
}
/* EOF */
_____
Modified: trunk/reactos/ntoskrnl/io/npipe.c
--- trunk/reactos/ntoskrnl/io/npipe.c 2005-01-24 21:05:37 UTC (rev
13253)
+++ trunk/reactos/ntoskrnl/io/npipe.c 2005-01-24 21:21:17 UTC (rev
13254)
@@ -17,10 +17,10 @@
/* FUNCTIONS
*****************************************************************/
NTSTATUS STDCALL
-NtCreateNamedPipeFile(PHANDLE FileHandleUnsafe,
+NtCreateNamedPipeFile(PHANDLE FileHandle,
ACCESS_MASK DesiredAccess,
- POBJECT_ATTRIBUTES ObjectAttributesUnsafe,
- PIO_STATUS_BLOCK IoStatusBlockUnsafe,
+ POBJECT_ATTRIBUTES ObjectAttributes,
+ PIO_STATUS_BLOCK IoStatusBlock,
ULONG ShareAccess,
ULONG CreateDisposition,
ULONG CreateOptions,
@@ -30,14 +30,9 @@
ULONG MaximumInstances,
ULONG InboundQuota,
ULONG OutboundQuota,
- PLARGE_INTEGER DefaultTimeoutUnsafe)
+ PLARGE_INTEGER DefaultTimeout)
{
NAMED_PIPE_CREATE_PARAMETERS Buffer;
- KPROCESSOR_MODE PreviousMode;
- NTSTATUS Status;
- HANDLE FileHandle;
- OBJECT_ATTRIBUTES ObjectAttributes;
- IO_STATUS_BLOCK IoStatusBlock;
DPRINT("NtCreateNamedPipeFile(FileHandle %x, DesiredAccess %x, "
"ObjectAttributes %x ObjectAttributes->ObjectName->Buffer
%S)\n",
@@ -46,28 +41,9 @@
ASSERT_IRQL(PASSIVE_LEVEL);
- if (DefaultTimeoutUnsafe != NULL)
+ if (DefaultTimeout != NULL)
{
- if (UserMode == PreviousMode)
- {
- Status = STATUS_SUCCESS;
- _SEH_TRY
- {
- ProbeForRead(DefaultTimeoutUnsafe,
- sizeof(LARGE_INTEGER),
- sizeof(LARGE_INTEGER));
- Buffer.DefaultTimeout.QuadPart =
DefaultTimeoutUnsafe->QuadPart;
- }
- _SEH_HANDLE
- {
- Status = _SEH_GetExceptionCode();
- }
- _SEH_END;
- }
- else
- {
- Buffer.DefaultTimeout.QuadPart =
DefaultTimeoutUnsafe->QuadPart;
- }
+ Buffer.DefaultTimeout.QuadPart = DefaultTimeout->QuadPart;
Buffer.TimeoutSpecified = TRUE;
}
else
@@ -81,72 +57,20 @@
Buffer.InboundQuota = InboundQuota;
Buffer.OutboundQuota = OutboundQuota;
- PreviousMode = ExGetPreviousMode();
- if (KernelMode == PreviousMode)
- {
- return IoCreateFile(FileHandleUnsafe,
- DesiredAccess,
- ObjectAttributesUnsafe,
- IoStatusBlockUnsafe,
- NULL,
- FILE_ATTRIBUTE_NORMAL,
- ShareAccess,
- CreateDisposition,
- CreateOptions,
- NULL,
- 0,
- CreateFileTypeNamedPipe,
- (PVOID)&Buffer,
- 0);
- }
-
- Status = RtlCaptureObjectAttributes(&ObjectAttributes,
- PreviousMode,
- PagedPool,
- FALSE,
- ObjectAttributesUnsafe);
- if (! NT_SUCCESS(Status))
- {
- return Status;
- }
-
- Status = IoCreateFile(&FileHandle,
- DesiredAccess,
- &ObjectAttributes,
- &IoStatusBlock,
- NULL,
- FILE_ATTRIBUTE_NORMAL,
- ShareAccess,
- CreateDisposition,
- CreateOptions,
- NULL,
- 0,
- CreateFileTypeNamedPipe,
- (PVOID)&Buffer,
- 0);
- if (! NT_SUCCESS(Status))
- {
- return Status;
- }
-
- _SEH_TRY
- {
- ProbeForWrite(FileHandleUnsafe,
- sizeof(HANDLE),
- sizeof(ULONG));
- *FileHandleUnsafe = FileHandle;
- ProbeForWrite(IoStatusBlockUnsafe,
- sizeof(IO_STATUS_BLOCK),
- sizeof(ULONG));
- *IoStatusBlockUnsafe = IoStatusBlock;
- }
- _SEH_HANDLE
- {
- Status = _SEH_GetExceptionCode();
- }
- _SEH_END;
-
- return Status;
+ return IoCreateFile(FileHandle,
+ DesiredAccess,
+ ObjectAttributes,
+ IoStatusBlock,
+ NULL,
+ FILE_ATTRIBUTE_NORMAL,
+ ShareAccess,
+ CreateDisposition,
+ CreateOptions,
+ NULL,
+ 0,
+ CreateFileTypeNamedPipe,
+ (PVOID)&Buffer,
+ 0);
}
/* EOF */
_____
Modified: trunk/reactos/ntoskrnl/rtl/capture.c
--- trunk/reactos/ntoskrnl/rtl/capture.c 2005-01-24 21:05:37 UTC
(rev 13253)
+++ trunk/reactos/ntoskrnl/rtl/capture.c 2005-01-24 21:21:17 UTC
(rev 13254)
@@ -32,8 +32,6 @@
#define NDEBUG
#include <internal/debug.h>
-#define TAG_CAPT TAG('C', 'A', 'P', 'T')
-
/* FUNCTIONS
*****************************************************************/
NTSTATUS
@@ -97,7 +95,7 @@
if(Src.Length > 0)
{
Dest->MaximumLength = Src.Length + sizeof(WCHAR);
- Dest->Buffer = ExAllocatePoolWithTag(PoolType, Dest->MaximumLength,
TAG_CAPT);
+ Dest->Buffer = ExAllocatePool(PoolType, Dest->MaximumLength);
if (Dest->Buffer == NULL)
{
Dest->Length = Dest->MaximumLength = 0;
@@ -166,7 +164,7 @@
*/
Dest->Length = Src->Length;
Dest->MaximumLength = Src->MaximumLength;
- Dest->Buffer = ExAllocatePoolWithTag(NonPagedPool,
Dest->MaximumLength, TAG_CAPT);
+ Dest->Buffer = ExAllocatePool(NonPagedPool, Dest->MaximumLength);
if (Dest->Buffer == NULL)
{
return(Status);
@@ -185,478 +183,6 @@
return(STATUS_SUCCESS);
}
-static NTSTATUS
-CaptureSID(OUT PSID *Dest,
- IN KPROCESSOR_MODE PreviousMode,
- IN POOL_TYPE PoolType,
- IN PSID UnsafeSrc)
-{
- SID Src;
- ULONG Length;
- NTSTATUS Status = STATUS_SUCCESS;
-
- ASSERT(Dest != NULL);
-
- if(UserMode == PreviousMode)
- {
- _SEH_TRY
- {
- ProbeForRead(UnsafeSrc,
- sizeof(SID),
- sizeof(ULONG));
- RtlCopyMemory(&Src, UnsafeSrc, sizeof(SID));
- }
- _SEH_HANDLE
- {
- Status = _SEH_GetExceptionCode();
- }
- _SEH_END;
-
- if(!NT_SUCCESS(Status))
- {
- return Status;
- }
- }
- else
- {
- /* capture even though it is considered to be valid */
- RtlCopyMemory(&Src, UnsafeSrc, sizeof(SID));
- }
-
- if(SID_REVISION != Src.Revision)
- {
- return STATUS_INVALID_PARAMETER;
- }
-
- Length = RtlLengthSid(&Src);
- *Dest = ExAllocatePoolWithTag(PoolType, Length, TAG_CAPT);
- if(NULL == *Dest)
- {
- return STATUS_NO_MEMORY;
- }
-
- if(UserMode == PreviousMode)
- {
- _SEH_TRY
- {
- ProbeForRead(UnsafeSrc,
- Length,
- sizeof(ULONG));
- RtlCopyMemory(*Dest, UnsafeSrc, Length);
- }
- _SEH_HANDLE
- {
- Status = _SEH_GetExceptionCode();
- }
- _SEH_END;
-
- if(!NT_SUCCESS(Status))
- {
- return Status;
- }
- }
- else
- {
- RtlCopyMemory(*Dest, UnsafeSrc, Length);
- }
-
- return Status;
-}
-
-static NTSTATUS
-CaptureACL(OUT PACL *Dest,
- IN KPROCESSOR_MODE PreviousMode,
- IN POOL_TYPE PoolType,
- IN PACL UnsafeSrc)
-{
- ACL Src;
- ULONG Length;
- NTSTATUS Status = STATUS_SUCCESS;
-
- ASSERT(Dest != NULL);
-
- if(UserMode == PreviousMode)
- {
- _SEH_TRY
- {
- ProbeForRead(UnsafeSrc,
- sizeof(ACL),
- sizeof(ULONG));
- RtlCopyMemory(&Src, UnsafeSrc, sizeof(ACL));
- }
- _SEH_HANDLE
- {
- Status = _SEH_GetExceptionCode();
- }
- _SEH_END;
-
- if(!NT_SUCCESS(Status))
- {
- return Status;
- }
- }
- else
- {
- /* capture even though it is considered to be valid */
- RtlCopyMemory(&Src, UnsafeSrc, sizeof(ACL));
- }
-
- if(Src.AclRevision < MIN_ACL_REVISION || MAX_ACL_REVISION <
Src.AclRevision)
- {
- return STATUS_INVALID_PARAMETER;
- }
-
- Length = Src.AclSize;
- *Dest = ExAllocatePoolWithTag(PoolType, Length, TAG_CAPT);
- if(NULL == *Dest)
- {
- return STATUS_NO_MEMORY;
- }
-
- if(UserMode == PreviousMode)
- {
- _SEH_TRY
- {
- ProbeForRead(UnsafeSrc,
- Length,
- sizeof(ULONG));
- RtlCopyMemory(*Dest, UnsafeSrc, Length);
- }
- _SEH_HANDLE
- {
- Status = _SEH_GetExceptionCode();
- }
- _SEH_END;
-
- if(!NT_SUCCESS(Status))
- {
- return Status;
- }
- }
- else
- {
- RtlCopyMemory(*Dest, UnsafeSrc, Length);
- }
-
- return Status;
-}
-
-NTSTATUS
-RtlCaptureSecurityDescriptor(OUT PSECURITY_DESCRIPTOR Dest,
- IN KPROCESSOR_MODE PreviousMode,
- IN POOL_TYPE PoolType,
- IN BOOLEAN CaptureIfKernel,
- IN PSECURITY_DESCRIPTOR UnsafeSrc)
-{
- SECURITY_DESCRIPTOR Src;
- NTSTATUS Status = STATUS_SUCCESS;
-
- ASSERT(Dest != NULL);
-
- /*
- * Copy the object attributes to kernel space.
- */
-
- if(PreviousMode == UserMode)
- {
- _SEH_TRY
- {
- ProbeForRead(UnsafeSrc,
- sizeof(SECURITY_DESCRIPTOR),
- sizeof(ULONG));
- Src = *UnsafeSrc;
- }
- _SEH_HANDLE
- {
- Status = _SEH_GetExceptionCode();
- }
- _SEH_END;
-
- if(!NT_SUCCESS(Status))
- {
- return Status;
- }
- }
- else if(!CaptureIfKernel)
- {
- /* just copy the structure, the pointers are considered valid */
- *Dest = *UnsafeSrc;
- return STATUS_SUCCESS;
- }
- else
- {
- /* capture the object attributes even though it is considered to be
valid */
- Src = *UnsafeSrc;
- }
-
- if(SECURITY_DESCRIPTOR_REVISION1 != Src.Revision)
- {
- return STATUS_INVALID_PARAMETER;
- }
-
- Dest->Revision = Src.Revision;
- Dest->Sbz1 = Src.Sbz1;
- Dest->Control = Src.Control;
- Status = CaptureSID(&Dest->Owner, PreviousMode, PoolType, Src.Owner);
- if(!NT_SUCCESS(Status))
- {
- return Status;
- }
- Status = CaptureSID(&Dest->Group, PreviousMode, PoolType, Src.Group);
- if(!NT_SUCCESS(Status))
- {
- if(NULL != Dest->Owner)
- {
- ExFreePool(Dest->Owner);
- }
- return Status;
- }
- Status = CaptureACL(&Dest->Sacl, PreviousMode, PoolType, Src.Sacl);
- if(!NT_SUCCESS(Status))
- {
- if(NULL != Dest->Group)
- {
- ExFreePool(Dest->Group);
- }
- if(NULL != Dest->Owner)
- {
- ExFreePool(Dest->Owner);
- }
- return Status;
- }
- Status = CaptureACL(&Dest->Dacl, PreviousMode, PoolType, Src.Dacl);
- if(!NT_SUCCESS(Status))
- {
- if(NULL != Dest->Sacl)
- {
- ExFreePool(Dest->Sacl);
- }
- if(NULL != Dest->Group)
- {
- ExFreePool(Dest->Group);
- }
- if(NULL != Dest->Owner)
- {
- ExFreePool(Dest->Owner);
- }
- return Status;
- }
-
- return Status;
-}
-
-VOID
-RtlReleaseCapturedSecurityDescriptor(IN PSECURITY_DESCRIPTOR
CapturedSecurityDescriptor,
- IN KPROCESSOR_MODE PreviousMode,
- IN BOOLEAN CaptureIfKernel)
-{
- ASSERT(SECURITY_DESCRIPTOR_REVISION1 ==
CapturedSecurityDescriptor->Revision);
-
- if(PreviousMode == KernelMode && !CaptureIfKernel)
- {
- return;
- }
-
- if(NULL != CapturedSecurityDescriptor->Dacl)
- {
- ExFreePool(CapturedSecurityDescriptor->Dacl);
- }
- if(NULL != CapturedSecurityDescriptor->Sacl)
- {
- ExFreePool(CapturedSecurityDescriptor->Sacl);
- }
- if(NULL != CapturedSecurityDescriptor->Group)
- {
- ExFreePool(CapturedSecurityDescriptor->Group);
- }
- if(NULL != CapturedSecurityDescriptor->Owner)
- {
- ExFreePool(CapturedSecurityDescriptor->Owner);
- }
-}
-
-NTSTATUS
-RtlCaptureObjectAttributes(OUT POBJECT_ATTRIBUTES Dest,
- IN KPROCESSOR_MODE PreviousMode,
- IN POOL_TYPE PoolType,
- IN BOOLEAN CaptureIfKernel,
- IN POBJECT_ATTRIBUTES UnsafeSrc)
-{
- OBJECT_ATTRIBUTES Src;
- NTSTATUS Status = STATUS_SUCCESS;
-
- ASSERT(Dest != NULL);
-
- /*
- * Copy the object attributes to kernel space.
- */
-
- if(PreviousMode == UserMode)
- {
- _SEH_TRY
- {
- ProbeForRead(UnsafeSrc,
- sizeof(OBJECT_ATTRIBUTES),
- sizeof(ULONG));
- Src = *UnsafeSrc;
- }
- _SEH_HANDLE
- {
- Status = _SEH_GetExceptionCode();
- }
- _SEH_END;
-
- if(!NT_SUCCESS(Status))
- {
- return Status;
- }
- }
- else if(!CaptureIfKernel)
- {
- /* just copy the structure, the pointers are considered valid */
- *Dest = *UnsafeSrc;
- return STATUS_SUCCESS;
- }
- else
- {
- /* capture the object attributes even though it is considered to be
valid */
- Src = *UnsafeSrc;
- }
-
- if(Src.Length < sizeof(OBJECT_ATTRIBUTES) || NULL == Src.ObjectName)
- {
- return STATUS_INVALID_PARAMETER;
- }
-
- Dest->Length = sizeof(OBJECT_ATTRIBUTES);
- Dest->RootDirectory = Src.RootDirectory;
[truncated at 1000 lines; 130 more skipped]