[ros-diffs] [cgutman] 40301: - Move the buffer size validation before writing to the buffer - Change the status to STATUS_BUFFER_TOO_SMALL

30 Mar 2009

Author: cgutman
Date: Tue Mar 31 02:32:37 2009
New Revision: 40301
URL: http://svn.reactos.org/svn/reactos?rev=40301&view=rev
Log:
 - Move the buffer size validation before writing to the buffer
 - Change the status to STATUS_BUFFER_TOO_SMALL
Modified:
    trunk/reactos/drivers/network/tcpip/tcpip/dispatch.c
Modified: trunk/reactos/drivers/network/tcpip/tcpip/dispatch.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/network/tcpip/tcpip...
==============================================================================

--- trunk/reactos/drivers/network/tcpip/tcpip/dispatch.c [iso-8859-1] (original)
+++ trunk/reactos/drivers/network/tcpip/tcpip/dispatch.c [iso-8859-1] Tue Mar 31 02:32:37 2009
@@ -674,6 +674,14 @@
         PTA_IP_ADDRESS Address;
         PCONNECTION_ENDPOINT Endpoint = NULL;
+
+        if (MmGetMdlByteCount(Irp->MdlAddress) <
+            (FIELD_OFFSET(TDI_ADDRESS_INFO, Address.Address[0].Address) +
+             sizeof(TDI_ADDRESS_IP))) {
+          TI_DbgPrint(MID_TRACE, ("MDL buffer too small.\n"));
+          return STATUS_BUFFER_TOO_SMALL;
+        }
+
         AddressInfo = (PTDI_ADDRESS_INFO)MmGetSystemAddressForMdl(Irp->MdlAddress);
    	Address = (PTA_IP_ADDRESS)&AddressInfo->Address;
@@ -711,13 +719,6 @@
           return STATUS_INVALID_PARAMETER;
         }
-        if (MmGetMdlByteCount(Irp->MdlAddress) <
-            (FIELD_OFFSET(TDI_ADDRESS_INFO, Address.Address[0].Address) +
-             sizeof(TDI_ADDRESS_IP))) {
-          TI_DbgPrint(MID_TRACE, ("MDL buffer too small.\n"));
-          return STATUS_BUFFER_OVERFLOW;
-        }
-
         return STATUS_SUCCESS;
       }
@@ -727,6 +728,13 @@
         PADDRESS_FILE AddrFile;
         PCONNECTION_ENDPOINT Endpoint = NULL;
+        if (MmGetMdlByteCount(Irp->MdlAddress) <
+            (FIELD_OFFSET(TDI_CONNECTION_INFORMATION, RemoteAddress) +
+             sizeof(PVOID))) {
+          TI_DbgPrint(MID_TRACE, ("MDL buffer too small (ptr).\n"));
+          return STATUS_BUFFER_TOO_SMALL;
+        }
+
         AddressInfo = (PTDI_CONNECTION_INFORMATION)
           MmGetSystemAddressForMdl(Irp->MdlAddress);
@@ -748,13 +756,6 @@
         if (!Endpoint) {
           TI_DbgPrint(MID_TRACE, ("No connection object.\n"));
           return STATUS_INVALID_PARAMETER;
-        }
-
-        if (MmGetMdlByteCount(Irp->MdlAddress) <
-            (FIELD_OFFSET(TDI_CONNECTION_INFORMATION, RemoteAddress) +
-             sizeof(PVOID))) {
-          TI_DbgPrint(MID_TRACE, ("MDL buffer too small (ptr).\n"));
-          return STATUS_BUFFER_OVERFLOW;
         }
return TCPGetSockAddress( Endpoint, AddressInfo->RemoteAddress, TRUE );

    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[ros-diffs] [cgutman] 40301: - Move the buffer size validation before writing to the buffer - Change the status to STATUS_BUFFER_TOO_SMALL