1 Jun
2010
1 Jun
'10
9:12 a.m.
Author: janderwald
Date: Tue Jun 1 11:12:32 2010
New Revision: 47509
URL: http://svn.reactos.org/svn/reactos?rev=47509&view=rev
Log:
[NPFS]
- Add more buffer checks
- Clear DO_DEVICE_INITIALIZING flag
Modified:
trunk/reactos/drivers/filesystems/npfs/finfo.c
trunk/reactos/drivers/filesystems/npfs/npfs.c
Modified: trunk/reactos/drivers/filesystems/npfs/finfo.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/filesystems/npfs/f…
==============================================================================
--- trunk/reactos/drivers/filesystems/npfs/finfo.c [iso-8859-1] (original)
+++ trunk/reactos/drivers/filesystems/npfs/finfo.c [iso-8859-1] Tue Jun 1 11:12:32 2010
@@ -26,6 +26,13 @@
PFILE_PIPE_INFORMATION Request;
DPRINT("NpfsSetPipeInformation()\n");
+ if (*BufferLength < sizeof(FILE_PIPE_INFORMATION))
+ {
+ /* Buffer too small */
+ return STATUS_INFO_LENGTH_MISMATCH;
+ }
+
+
/* Get the Pipe and data */
Fcb = Ccb->Fcb;
Request = (PFILE_PIPE_INFORMATION)Info;
@@ -63,6 +70,12 @@
PFILE_PIPE_REMOTE_INFORMATION Request;
DPRINT("NpfsSetPipeRemoteInformation()\n");
+ if (*BufferLength < sizeof(FILE_PIPE_REMOTE_INFORMATION))
+ {
+ /* Buffer too small */
+ return STATUS_INFO_LENGTH_MISMATCH;
+ }
+
/* Get the Pipe and data */
Fcb = Ccb->Fcb;
Request = (PFILE_PIPE_REMOTE_INFORMATION)Info;
@@ -86,6 +99,13 @@
ULONG ConnectionSideReadMode;
DPRINT("NpfsQueryPipeInformation()\n");
+ if (*BufferLength < sizeof(FILE_PIPE_INFORMATION))
+ {
+ /* Buffer too small */
+ *BufferLength = sizeof(FILE_PIPE_INFORMATION);
+ return STATUS_BUFFER_OVERFLOW;
+ }
+
/* Get the Pipe */
Fcb = Ccb->Fcb;
@@ -100,7 +120,7 @@
Info->ReadMode = ConnectionSideReadMode;
/* Return success */
- *BufferLength -= sizeof(FILE_PIPE_INFORMATION);
+ *BufferLength = sizeof(FILE_PIPE_INFORMATION);
return STATUS_SUCCESS;
}
@@ -114,6 +134,13 @@
PNPFS_FCB Fcb;
DPRINT("NpfsQueryPipeRemoteInformation()\n");
+ if (*BufferLength < sizeof(FILE_PIPE_REMOTE_INFORMATION))
+ {
+ /* Buffer too small */
+ *BufferLength = sizeof(FILE_PIPE_REMOTE_INFORMATION);
+ return STATUS_BUFFER_OVERFLOW;
+ }
+
/* Get the Pipe */
Fcb = Ccb->Fcb;
@@ -125,7 +152,7 @@
Info->CollectDataTime = Fcb->TimeOut;
/* Return success */
- *BufferLength -= sizeof(FILE_PIPE_REMOTE_INFORMATION);
+ *BufferLength = sizeof(FILE_PIPE_REMOTE_INFORMATION);
return STATUS_SUCCESS;
}
@@ -140,11 +167,21 @@
DPRINT("NpfsQueryLocalPipeInformation()\n");
- Fcb = Ccb->Fcb;
-
+ if (*BufferLength < sizeof(FILE_PIPE_REMOTE_INFORMATION))
+ {
+ /* Buffer too small */
+ *BufferLength = sizeof(FILE_PIPE_REMOTE_INFORMATION);
+ return STATUS_BUFFER_OVERFLOW;
+ }
+
+ /* Get the Pipe */
+ Fcb = Ccb->Fcb;
+
+ /* Clear Info */
RtlZeroMemory(Info,
sizeof(FILE_PIPE_LOCAL_INFORMATION));
+ /* Return Info */
Info->NamedPipeType = Fcb->PipeType;
Info->NamedPipeConfiguration = Fcb->PipeConfiguration;
Info->MaximumInstances = Fcb->MaximumInstances;
@@ -165,7 +202,7 @@
Info->WriteQuotaAvailable = Ccb->OtherSide->WriteQuotaAvailable;
}
- *BufferLength -= sizeof(FILE_PIPE_LOCAL_INFORMATION);
+ *BufferLength = sizeof(FILE_PIPE_LOCAL_INFORMATION);
return STATUS_SUCCESS;
}
@@ -226,14 +263,12 @@
default:
Status = STATUS_NOT_SUPPORTED;
+ BufferLength = 0;
}
Irp->IoStatus.Status = Status;
- if (NT_SUCCESS(Status))
- Irp->IoStatus.Information =
- IoStack->Parameters.QueryFile.Length - BufferLength;
- else
- Irp->IoStatus.Information = 0;
+ Irp->IoStatus.Information = BufferLength;
+
IoCompleteRequest (Irp, IO_NO_INCREMENT);
return Status;
Modified: trunk/reactos/drivers/filesystems/npfs/npfs.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/filesystems/npfs/n…
==============================================================================
--- trunk/reactos/drivers/filesystems/npfs/npfs.c [iso-8859-1] (original)
+++ trunk/reactos/drivers/filesystems/npfs/npfs.c [iso-8859-1] Tue Jun 1 11:12:32 2010
@@ -70,6 +70,7 @@
/* initialize the device object */
DeviceObject->Flags |= DO_DIRECT_IO;
+ DeviceObject->Flags &= ~DO_DEVICE_INITIALIZING;
/* initialize the device extension */
DeviceExtension = DeviceObject->DeviceExtension;