[ros-diffs] [mjmartin] 38797: - Reply 38790, with fix for npfsPeekPipe which was breaking rosautotests.

Author: mjmartin Date: Fri Jan 16 13:30:55 2009 New Revision: 38797

URL: http://svn.reactos.org/svn/reactos?rev=38797&view=rev Log: - Reply 38790, with fix for npfsPeekPipe which was breaking rosautotests.

Modified: trunk/reactos/drivers/filesystems/npfs/create.c trunk/reactos/drivers/filesystems/npfs/finfo.c trunk/reactos/drivers/filesystems/npfs/fsctrl.c trunk/reactos/drivers/filesystems/npfs/rw.c

Modified: trunk/reactos/drivers/filesystems/npfs/create.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/filesystems/npfs/cr... ============================================================================== --- trunk/reactos/drivers/filesystems/npfs/create.c [iso-8859-1] (original) +++ trunk/reactos/drivers/filesystems/npfs/create.c [iso-8859-1] Fri Jan 16 13:30:55 2009 @@ -373,9 +373,9 @@ return STATUS_INSTANCE_NOT_AVAILABLE; }

- /* FIXME: Check pipe modes also! */ if (Fcb->MaximumInstances != Buffer->MaximumInstances || - Fcb->TimeOut.QuadPart != Buffer->DefaultTimeout.QuadPart) + Fcb->TimeOut.QuadPart != Buffer->DefaultTimeout.QuadPart || + Fcb->PipeType != Buffer->NamedPipeType) { DPRINT("Asked for invalid pipe mode.\n"); ExFreePool(Ccb); @@ -420,8 +420,11 @@ KeInitializeMutex(&Fcb->CcbListLock, 0);

Fcb->PipeType = Buffer->NamedPipeType; - Fcb->WriteMode = Buffer->ReadMode; - Fcb->ReadMode = Buffer->ReadMode; + /* FIXME: Verify which is correct */ + Fcb->WriteMode = Buffer->ReadMode;//Buffer->NamedPipeType; + /* MSDN documentation reads that clients always start off in byte mode */ + Fcb->ReadMode = FILE_PIPE_BYTE_STREAM_MODE; + Fcb->CompletionMode = Buffer->CompletionMode; switch (IoStack->Parameters.CreatePipe.ShareAccess & (FILE_SHARE_READ|FILE_SHARE_WRITE)) { @@ -737,6 +740,10 @@ DPRINT("Client\n"); }

+ /* Disconnect the pipes */ + if (Ccb->OtherSide) Ccb->OtherSide->OtherSide = NULL; + if (Ccb) Ccb->OtherSide = NULL; + ASSERT(Ccb->PipeState == FILE_PIPE_CLOSING_STATE);

FileObject->FsContext2 = NULL;

Modified: trunk/reactos/drivers/filesystems/npfs/finfo.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/filesystems/npfs/fi... ============================================================================== --- trunk/reactos/drivers/filesystems/npfs/finfo.c [iso-8859-1] (original) +++ trunk/reactos/drivers/filesystems/npfs/finfo.c [iso-8859-1] Fri Jan 16 13:30:55 2009 @@ -29,6 +29,12 @@ /* Get the Pipe and data */ Fcb = Ccb->Fcb; Request = (PFILE_PIPE_INFORMATION)Info; + + if ((Fcb->PipeType == FILE_PIPE_BYTE_STREAM_TYPE) && (Request->ReadMode == FILE_PIPE_MESSAGE_MODE)) + { + DPRINT("Cannot change readmode to message type on a byte type pipe!\n"); + return STATUS_ACCESS_DENIED; + }

/* Set Pipe Data */ Fcb->ReadMode = Request->ReadMode;

Modified: trunk/reactos/drivers/filesystems/npfs/fsctrl.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/filesystems/npfs/fs... ============================================================================== --- trunk/reactos/drivers/filesystems/npfs/fsctrl.c [iso-8859-1] (original) +++ trunk/reactos/drivers/filesystems/npfs/fsctrl.c [iso-8859-1] Fri Jan 16 13:30:55 2009 @@ -202,7 +202,7 @@ { Server = (Ccb->PipeEnd == FILE_PIPE_SERVER_END); OtherSide = Ccb->OtherSide; - Ccb->OtherSide = NULL; + //Ccb->OtherSide = NULL; Ccb->PipeState = FILE_PIPE_DISCONNECTED_STATE; /* Lock the server first */ if (Server) @@ -216,7 +216,7 @@ ExAcquireFastMutex(&Ccb->DataListLock); } OtherSide->PipeState = FILE_PIPE_DISCONNECTED_STATE; - OtherSide->OtherSide = NULL; + //OtherSide->OtherSide = NULL; /* * Signaling the write event. If is possible that an other * thread waits for an empty buffer. @@ -365,6 +365,7 @@ PIO_STACK_LOCATION IoStack) { ULONG OutputBufferLength; + ULONG ReturnLength = 0; PFILE_PIPE_PEEK_BUFFER Reply; PNPFS_FCB Fcb; PNPFS_CCB Ccb; @@ -396,11 +397,21 @@ Reply->ReadDataAvailable = Ccb->ReadDataAvailable; DPRINT("ReadDataAvailable: %lu\n", Ccb->ReadDataAvailable);

- if (Ccb->Fcb->ReadMode == FILE_PIPE_BYTE_STREAM_MODE) + ExAcquireFastMutex(&Ccb->DataListLock); + BufferPtr = Ccb->Data; + DPRINT("BufferPtr = %x\n", BufferPtr); + if (Ccb->Fcb->PipeType == FILE_PIPE_BYTE_STREAM_TYPE) { DPRINT("Byte Stream Mode\n"); Reply->MessageLength = Ccb->ReadDataAvailable; - DPRINT("Reply->MessageLength %d\n",Reply->MessageLength ); + DPRINT("Reply->MessageLength %lu\n",Reply->MessageLength ); + MessageCount = 1; + + if (Reply->Data[0] && (OutputBufferLength >= Ccb->ReadDataAvailable + FIELD_OFFSET(FILE_PIPE_PEEK_BUFFER, Data[0]))) + { + ReturnLength = Ccb->ReadDataAvailable; + memcpy(&Reply->Data[0], (PVOID)BufferPtr, Ccb->ReadDataAvailable); + } } else { @@ -410,7 +421,7 @@ if (ReadDataAvailable > 0) { memcpy(&Reply->MessageLength,Ccb->Data,sizeof(ULONG)); - BufferPtr = Ccb->Data; + /* NOTE: Modifying the structure in header file to keep track of NumberOfMessage would be better */ while ((ReadDataAvailable > 0) && (BufferPtr < Ccb->WritePtr)) { @@ -418,34 +429,38 @@

ASSERT(MessageLength > 0);

- DPRINT("MessageLength = %d\n",MessageLength); + DPRINT("MessageLength = %lu\n",MessageLength); MessageCount++; ReadDataAvailable -= MessageLength;

/* If its the first message, copy the Message if the size of buffer is large enough */ - if ((MessageCount==1) && (Reply->Data[0]) - && (OutputBufferLength >= (sizeof(FILE_PIPE_PEEK_BUFFER) + MessageLength))) + if (MessageCount==1) { - memcpy(&Reply->Data[0], (PVOID)((ULONG)BufferPtr + sizeof(MessageLength)), MessageLength); + + if ((Reply->Data[0]) + && (OutputBufferLength >= (MessageLength + FIELD_OFFSET(FILE_PIPE_PEEK_BUFFER, Data[0])))) + { + ReturnLength = MessageLength; + memcpy(&Reply->Data[0], (PVOID)((ULONG)BufferPtr + sizeof(MessageLength)), MessageLength); + } } BufferPtr =(PVOID)((ULONG)BufferPtr + MessageLength + sizeof(MessageLength)); - DPRINT("Message %d\n",MessageCount); + DPRINT("BufferPtr = %x\n", BufferPtr); DPRINT("ReadDataAvailable: %lu\n", ReadDataAvailable); }

if (ReadDataAvailable != 0) { - DPRINT1("This should never happen! Possible memory corruption.\n"); - return STATUS_UNSUCCESSFUL; + DPRINT1("Possible memory corruption.\n"); + ASSERT(FALSE); } } } + ExReleaseFastMutex(&Ccb->DataListLock);

Reply->NumberOfMessages = MessageCount; - if (MessageCount > 0) - Reply->Data[0] = 0; - - Irp->IoStatus.Information = OutputBufferLength; + + Irp->IoStatus.Information = ReturnLength + FIELD_OFFSET(FILE_PIPE_PEEK_BUFFER, Data[0]); Irp->IoStatus.Status = STATUS_SUCCESS;

Status = STATUS_SUCCESS;

Modified: trunk/reactos/drivers/filesystems/npfs/rw.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/filesystems/npfs/rw... ============================================================================== --- trunk/reactos/drivers/filesystems/npfs/rw.c [iso-8859-1] (original) +++ trunk/reactos/drivers/filesystems/npfs/rw.c [iso-8859-1] Fri Jan 16 13:30:55 2009 @@ -16,7 +16,6 @@

/* FUNCTIONS *****************************************************************/

-#ifndef NDEBUG VOID HexDump(PUCHAR Buffer, ULONG Length) { CHAR Line[65]; @@ -42,7 +41,6 @@ } DbgPrint("---------------\n"); } -#endif

static DRIVER_CANCEL NpfsReadWriteCancelRoutine; static VOID NTAPI @@ -360,7 +358,6 @@ Irp->RequestorMode, FALSE, NULL); - if ((Status == STATUS_USER_APC) || (Status == STATUS_KERNEL_APC)) { Status = STATUS_CANCELLED; @@ -449,7 +446,7 @@ Irp->RequestorMode, FALSE, NULL); - DPRINT("Finished waiting (%wZ)! Status: %x\n", &Ccb->Fcb->PipeName, Status); + DPRINT("Finished waiting (%wZ)! Status: %x\n", &Ccb->Fcb->PipeName, Status);

if ((Status == STATUS_USER_APC) || (Status == STATUS_KERNEL_APC)) { @@ -480,9 +477,11 @@ } } ASSERT(IoGetCurrentIrpStackLocation(Irp)->FileObject != NULL); - if (Ccb->Fcb->ReadMode == FILE_PIPE_BYTE_STREAM_MODE) - { - DPRINT("Byte stream mode\n"); + + /* If the pipe type and read mode are both byte stream */ + if ((Ccb->Fcb->PipeType == FILE_PIPE_BYTE_STREAM_TYPE) && (Ccb->Fcb->ReadMode == FILE_PIPE_BYTE_STREAM_MODE)) + { + DPRINT("Byte stream mode: Ccb->Data %x\n", Ccb->Data); /* Byte stream mode */ while (Length > 0 && Ccb->ReadDataAvailable > 0) { @@ -522,115 +521,135 @@ break; } } - else - { - DPRINT("Message mode\n"); - - /* For Message mode, the Message length will be stored in the buffer preceeding the Message. */ - if (Ccb->ReadDataAvailable) - { - ULONG NextMessageLength=0; - //HexDump(Ccb->Data, (ULONG)Ccb->WritePtr - (ULONG)Ccb->Data); - /*First get the size of the message */ - memcpy(&NextMessageLength, Ccb->Data, sizeof(NextMessageLength)); - if ((NextMessageLength == 0) || (NextMessageLength > Ccb->ReadDataAvailable)) + else if (Ccb->Fcb->PipeType == FILE_PIPE_MESSAGE_TYPE) + { + ULONG ThisCopyLength = 0; + ULONG TotalLengthNeeded = min(Length, Ccb->ReadDataAvailable); + + DPRINT("Message mode: Ccb>Data %x\n", Ccb->Data); + + do + { + Buffer = (PVOID)((ULONG_PTR)Buffer + ThisCopyLength); + + /* For Message mode, the Message length will be stored in the buffer preceeding the Message. */ + if (Ccb->ReadDataAvailable) { - DPRINT1("This should never happen! Possible memory corruption.\n"); -#ifndef NDEBUG - HexDump(Ccb->Data, (ULONG)Ccb->WritePtr - (ULONG)Ccb->Data); -#endif - ASSERT(FALSE); - } - - /* Use the smaller value */ - - CopyLength = min(NextMessageLength, Length); - - /* retrieve the message from the buffer */ - memcpy(Buffer, (PVOID)((ULONG)Ccb->Data + sizeof(NextMessageLength)), CopyLength); - - - if (Ccb->ReadDataAvailable > CopyLength) - { - if (CopyLength < NextMessageLength) + ULONG NextMessageLength = 0; + + /*First get the size of the message */ + memcpy(&NextMessageLength, Ccb->Data, sizeof(NextMessageLength)); + + if ((NextMessageLength == 0) || (NextMessageLength > Ccb->ReadDataAvailable)) { - /* Client only requested part of the message */ - - /* Calculate the remaining message new size */ - ULONG NewMessageSize = NextMessageLength-CopyLength; - - /* Write a new Message size to buffer for the part of the message still there */ - memcpy(Ccb->Data, &NewMessageSize, sizeof(NewMessageSize)); - - /* Move the memory starting from end of partial Message just retrieved */ - memmove((PVOID)((ULONG_PTR)Ccb->Data + sizeof(NewMessageSize)), - (PVOID)((ULONG_PTR) Ccb->Data + CopyLength + sizeof(NewMessageSize)), - (ULONG)Ccb->WritePtr - ((ULONG)Ccb->Data + sizeof(NewMessageSize)) - CopyLength); - - /* Update the write pointer */ - Ccb->WritePtr = (PVOID)((ULONG)Ccb->WritePtr - CopyLength); - - /* Add CopyLength only to WriteQuotaAvailable as the - Message Size was replaced in the buffer */ - Ccb->WriteQuotaAvailable += CopyLength; + DPRINT("Possible memory corruption.\n"); + HexDump(Ccb->Data, (ULONG_PTR)Ccb->WritePtr - (ULONG_PTR)Ccb->Data); + ASSERT(FALSE); + } + + /* Use the smaller value */ + ThisCopyLength = min(NextMessageLength, Length); + + /* retrieve the message from the buffer */ + memcpy(Buffer, (PVOID)((ULONG_PTR)Ccb->Data + sizeof(NextMessageLength)), ThisCopyLength); + + if (Ccb->ReadDataAvailable > ThisCopyLength) + { + if (ThisCopyLength < NextMessageLength) + { + /* Client only requested part of the message */ + + /* Calculate the remaining message new size */ + ULONG NewMessageSize = NextMessageLength-ThisCopyLength; + + /* Write a new Message size to buffer for the part of the message still there */ + memcpy(Ccb->Data, &NewMessageSize, sizeof(NewMessageSize)); + + /* Move the memory starting from end of partial Message just retrieved */ + memmove((PVOID)((ULONG_PTR)Ccb->Data + sizeof(NewMessageSize)), + (PVOID)((ULONG_PTR)Ccb->Data + ThisCopyLength + sizeof(NewMessageSize)), + (ULONG_PTR)Ccb->WritePtr - ((ULONG_PTR)Ccb->Data + sizeof(NewMessageSize)) - + ThisCopyLength); + + /* Update the write pointer */ + Ccb->WritePtr = (PVOID)((ULONG_PTR)Ccb->WritePtr - ThisCopyLength); + + /* Add ThisCopyLength only to WriteQuotaAvailable as the + Message Size was replaced in the buffer */ + Ccb->WriteQuotaAvailable += ThisCopyLength; + } + else + { + /* Client wanted the entire message */ + + /* Move the memory starting from the next Message just retrieved */ + memmove(Ccb->Data, + (PVOID)((ULONG_PTR) Ccb->Data + NextMessageLength + sizeof(NextMessageLength)), + (ULONG_PTR)Ccb->WritePtr - (ULONG_PTR)Ccb->Data - NextMessageLength - + sizeof(NextMessageLength)); + + /* Update the write pointer */ + Ccb->WritePtr = (PVOID)((ULONG_PTR)Ccb->WritePtr - ThisCopyLength - + sizeof(NextMessageLength)); + + /* Add both the message length and the header to the WriteQuotaAvailable + as they both were removed */ + Ccb->WriteQuotaAvailable += (ThisCopyLength + sizeof(NextMessageLength)); + } } else { - /* Client wanted the entire message */ - - /* Move the memory starting from the next Message just retrieved */ - memmove(Ccb->Data, - (PVOID)((ULONG_PTR) Ccb->Data + NextMessageLength + sizeof(NextMessageLength)), - (ULONG)Ccb->WritePtr - (ULONG)Ccb->Data - NextMessageLength - sizeof(NextMessageLength)); - - /* Update the write pointer */ - Ccb->WritePtr = (PVOID)((ULONG)Ccb->WritePtr - NextMessageLength); + /* This was the last Message, so just zero this messages for safety sake */ + memset(Ccb->Data, 0, NextMessageLength + sizeof(NextMessageLength)); + + /* reset the write pointer to beginning of buffer */ + Ccb->WritePtr = Ccb->Data;

/* Add both the message length and the header to the WriteQuotaAvailable as they both were removed */ - Ccb->WriteQuotaAvailable += (CopyLength + sizeof(NextMessageLength)); + Ccb->WriteQuotaAvailable += (ThisCopyLength + sizeof(ULONG)); + + KeResetEvent(&Ccb->ReadEvent); + if (Ccb->PipeState == FILE_PIPE_CONNECTED_STATE) + { + KeSetEvent(&Ccb->OtherSide->WriteEvent, IO_NO_INCREMENT, FALSE); + } } +#ifndef NDEBUG + DPRINT("Length %d Buffer %x\n",ThisCopyLength,Buffer); + HexDump((PUCHAR)Buffer, ThisCopyLength); +#endif + + Information += ThisCopyLength; + + Ccb->ReadDataAvailable -= ThisCopyLength; + + if ((ULONG)Ccb->WriteQuotaAvailable > (ULONG)Ccb->MaxDataLength) ASSERT(FALSE); } - else - { - /* This was the last Message, so just zero this messages for safety sake */ - memset(Ccb->Data,0,NextMessageLength + sizeof(NextMessageLength)); - - /* reset the write pointer to beginning of buffer */ - Ccb->WritePtr = Ccb->Data; - - /* Add both the message length and the header to the WriteQuotaAvailable - as they both were removed */ - Ccb->WriteQuotaAvailable += (CopyLength + sizeof(ULONG)); - - KeResetEvent(&Ccb->ReadEvent); - if (Ccb->PipeState == FILE_PIPE_CONNECTED_STATE) - { - KeSetEvent(&Ccb->OtherSide->WriteEvent, IO_NO_INCREMENT, FALSE); - } - } -#ifndef NDEBUG - DPRINT("Length %d Buffer %x\n",CopyLength,Buffer); - HexDump((PUCHAR)Buffer, CopyLength); -#endif - - Information += CopyLength; - - Ccb->ReadDataAvailable -= CopyLength; - - if ((ULONG)Ccb->WriteQuotaAvailable > (ULONG)Ccb->MaxDataLength) ASSERT(FALSE); - } + + }while ((ThisCopyLength < TotalLengthNeeded) + && (Ccb->Fcb->ReadMode == FILE_PIPE_BYTE_STREAM_MODE) + && (Ccb->ReadDataAvailable)); +

if (Information > 0) { break; } + } + else + { + DPRINT1("Unhandled Pipe Mode with Read Mode!\n"); + ASSERT(FALSE); } } Irp->IoStatus.Information = Information; Irp->IoStatus.Status = Status;

ASSERT(IoGetCurrentIrpStackLocation(Irp)->FileObject != NULL); + + if (Status == STATUS_CANCELLED) + goto done;

if (IoIsOperationSynchronous(Irp)) { @@ -718,15 +737,15 @@

if (Irp->MdlAddress == NULL) { - DPRINT1("Irp->MdlAddress == NULL\n"); + DPRINT("Irp->MdlAddress == NULL\n"); Status = STATUS_UNSUCCESSFUL; Length = 0; goto done; }

- if (ReaderCcb == NULL) - { - DPRINT1("Pipe is NOT connected!\n"); + if ((ReaderCcb == NULL) || (Ccb->PipeState != FILE_PIPE_CONNECTED_STATE)) + { + DPRINT("Pipe is NOT connected!\n"); if (Ccb->PipeState == FILE_PIPE_LISTENING_STATE) Status = STATUS_PIPE_LISTENING; else if (Ccb->PipeState == FILE_PIPE_DISCONNECTED_STATE) @@ -739,7 +758,7 @@

if (ReaderCcb->Data == NULL) { - DPRINT1("Pipe is NOT writable!\n"); + DPRINT("Pipe is NOT writable!\n"); Status = STATUS_UNSUCCESSFUL; Length = 0; goto done; @@ -749,6 +768,7 @@ Buffer = MmGetSystemAddressForMdl (Irp->MdlAddress);

ExAcquireFastMutex(&ReaderCcb->DataListLock); + #ifndef NDEBUG DPRINT("Length %d Buffer %x Offset %x\n",Length,Buffer,Offset); HexDump(Buffer, Length); @@ -774,7 +794,7 @@ FALSE, NULL); DPRINT("Write Finished waiting (%S)! Status: %x\n", Fcb->PipeName.Buffer, Status); - ExAcquireFastMutex(&ReaderCcb->DataListLock); + if ((Status == STATUS_USER_APC) || (Status == STATUS_KERNEL_APC)) { Status = STATUS_CANCELLED; @@ -792,14 +812,14 @@ { DPRINT("PipeState: %x\n", Ccb->PipeState); Status = STATUS_PIPE_BROKEN; - // ExReleaseFastMutex(&ReaderCcb->DataListLock); goto done; } - } - - if (Fcb->WriteMode == FILE_PIPE_BYTE_STREAM_MODE) - { - DPRINT("Byte stream mode\n"); + ExAcquireFastMutex(&ReaderCcb->DataListLock); + } + + if ((Ccb->Fcb->PipeType == FILE_PIPE_BYTE_STREAM_TYPE) && (Ccb->Fcb->WriteMode == FILE_PIPE_BYTE_STREAM_MODE)) + { + DPRINT("Byte stream mode: Ccb->Data %x, Ccb->WritePtr %x\n", ReaderCcb->Data, ReaderCcb->WritePtr);

while (Length > 0 && ReaderCcb->WriteQuotaAvailable > 0) { @@ -816,7 +836,10 @@ } else { - TempLength = (ULONG)((ULONG_PTR)ReaderCcb->Data + ReaderCcb->MaxDataLength - (ULONG_PTR)ReaderCcb->WritePtr); + + TempLength = (ULONG)((ULONG_PTR)ReaderCcb->Data + ReaderCcb->MaxDataLength - + (ULONG_PTR)ReaderCcb->WritePtr); + memcpy(ReaderCcb->WritePtr, Buffer, TempLength); memcpy(ReaderCcb->Data, Buffer + TempLength, CopyLength - TempLength); ReaderCcb->WritePtr = (PVOID)((ULONG_PTR)ReaderCcb->Data + CopyLength - TempLength); @@ -837,33 +860,38 @@ break; } } - else + else if ((Ccb->Fcb->PipeType == FILE_PIPE_MESSAGE_TYPE) && (Ccb->Fcb->WriteMode == FILE_PIPE_MESSAGE_MODE)) { /* For Message Type Pipe, the Pipes memory will be used to store the size of each message */ - /* FIXME: Check and verify ReadMode ByteStream */ - + DPRINT("Message mode: Ccb->Data %x, Ccb->WritePtr %x\n",ReaderCcb->Data, ReaderCcb->WritePtr); if (Length > 0) { /* Verify the WritePtr is still inside the buffer */ - if (((ULONG)ReaderCcb->WritePtr > ((ULONG)ReaderCcb->Data + (ULONG)ReaderCcb->MaxDataLength)) || - ((ULONG)ReaderCcb->WritePtr < (ULONG)ReaderCcb->Data)) + if (((ULONG_PTR)ReaderCcb->WritePtr > ((ULONG_PTR)ReaderCcb->Data + (ULONG_PTR)ReaderCcb->MaxDataLength)) || + ((ULONG_PTR)ReaderCcb->WritePtr < (ULONG_PTR)ReaderCcb->Data)) { DPRINT1("NPFS is writing out of its buffer. Report to developer!\n"); - DPRINT1("ReaderCcb->WritePtr %x, ReaderCcb->Data %x, ReaderCcb->MaxDataLength%d\n", - ReaderCcb->WritePtr,ReaderCcb->Data,ReaderCcb->MaxDataLength); + DPRINT1("ReaderCcb->WritePtr %x, ReaderCcb->Data %x, ReaderCcb->MaxDataLength %lu\n", + ReaderCcb->WritePtr, ReaderCcb->Data, ReaderCcb->MaxDataLength); ASSERT(FALSE); }

CopyLength = min(Length, ReaderCcb->WriteQuotaAvailable - sizeof(ULONG)); + if (CopyLength > ReaderCcb->WriteQuotaAvailable) + { + DPRINT1("Writing %lu byte to pipe would overflow as only %lu bytes are available\n", + CopyLength, ReaderCcb->ReadDataAvailable); + ASSERT(FALSE); + }

/* First Copy the Length of the message into the pipes buffer */ memcpy(ReaderCcb->WritePtr, &CopyLength, sizeof(CopyLength));

/* Now the user buffer itself */ - memcpy((PVOID)((ULONG)ReaderCcb->WritePtr+ sizeof(CopyLength)), Buffer, CopyLength); + memcpy((PVOID)((ULONG_PTR)ReaderCcb->WritePtr + sizeof(CopyLength)), Buffer, CopyLength);

/* Update the write pointer */ - ReaderCcb->WritePtr = (PVOID)((ULONG)ReaderCcb->WritePtr + sizeof(CopyLength) + CopyLength); + ReaderCcb->WritePtr = (PVOID)((ULONG_PTR)ReaderCcb->WritePtr + sizeof(CopyLength) + CopyLength);

Information += CopyLength;

@@ -871,7 +899,7 @@

ReaderCcb->WriteQuotaAvailable -= (CopyLength + sizeof(ULONG));

- if ((ULONG)ReaderCcb->WriteQuotaAvailable > (ULONG)ReaderCcb->MaxDataLength) + if ((ULONG_PTR)ReaderCcb->WriteQuotaAvailable > (ULONG)ReaderCcb->MaxDataLength) { DPRINT1("QuotaAvailable is greater than buffer size!\n"); ASSERT(FALSE); @@ -885,6 +913,11 @@ break; } } + else + { + DPRINT1("Unhandled Pipe Type Mode and Read Write Mode!\n"); + ASSERT(FALSE); + } }

ExReleaseFastMutex(&ReaderCcb->DataListLock);