Author: janderwald Date: Wed Mar 26 12:44:08 2008 New Revision: 32766
URL: http://svn.reactos.org/svn/reactos?rev=3D32766&view=3Drev Log: - improve a few parameters checks - should fix bug 3146 See issue #3146 for more details.
Modified: trunk/reactos/base/system/services/rpcserver.c
Modified: trunk/reactos/base/system/services/rpcserver.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/base/system/services/= rpcserver.c?rev=3D32766&r1=3D32765&r2=3D32766&view=3Ddiff =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- trunk/reactos/base/system/services/rpcserver.c (original) +++ trunk/reactos/base/system/services/rpcserver.c Wed Mar 26 12:44:08 2008 @@ -310,7 +310,7 @@ =
/* Check the service handle */ hSvc =3D (PSERVICE_HANDLE)hService; - if (hSvc->Handle.Tag !=3D SERVICE_TAG) + if (!hSvc || hSvc->Handle.Tag !=3D SERVICE_TAG) { DPRINT1("Invalid handle tag!\n"); return ERROR_INVALID_HANDLE; @@ -395,7 +395,7 @@ return ERROR_SHUTDOWN_IN_PROGRESS; =
hSvc =3D (PSERVICE_HANDLE)hService; - if (hSvc->Handle.Tag !=3D SERVICE_TAG) + if (!hSvc || hSvc->Handle.Tag !=3D SERVICE_TAG) return ERROR_INVALID_HANDLE; =
if (!RtlAreAllAccessesGranted(hSvc->Handle.DesiredAccess, @@ -443,7 +443,7 @@ *hLock =3D 0; =
hMgr =3D (PMANAGER_HANDLE)hSCManager; - if (hMgr->Handle.Tag !=3D MANAGER_TAG) + if (!hMgr || hMgr->Handle.Tag !=3D MANAGER_TAG) return ERROR_INVALID_HANDLE; =
if (!RtlAreAllAccessesGranted(hMgr->Handle.DesiredAccess, @@ -479,7 +479,7 @@ DPRINT("ScmrQueryServiceObjectSecurity() called\n"); =
hSvc =3D (PSERVICE_HANDLE)hService; - if (hSvc->Handle.Tag !=3D SERVICE_TAG) + if (!hSvc || hSvc->Handle.Tag !=3D SERVICE_TAG) { DPRINT1("Invalid handle tag!\n"); return ERROR_INVALID_HANDLE; @@ -562,7 +562,7 @@ DPRINT1("ScmrSetServiceObjectSecurity() called\n"); =
hSvc =3D (PSERVICE_HANDLE)hService; - if (hSvc->Handle.Tag !=3D SERVICE_TAG) + if (!hSvc || hSvc->Handle.Tag !=3D SERVICE_TAG) { DPRINT1("Invalid handle tag!\n"); return ERROR_INVALID_HANDLE; @@ -678,7 +678,7 @@ return ERROR_SHUTDOWN_IN_PROGRESS; =
hSvc =3D (PSERVICE_HANDLE)hService; - if (hSvc->Handle.Tag !=3D SERVICE_TAG) + if (!hSvc || hSvc->Handle.Tag !=3D SERVICE_TAG) { DPRINT1("Invalid handle tag!\n"); return ERROR_INVALID_HANDLE; @@ -809,7 +809,7 @@ return ERROR_SHUTDOWN_IN_PROGRESS; =
hSvc =3D (PSERVICE_HANDLE)hService; - if (hSvc->Handle.Tag !=3D SERVICE_TAG) + if (!hSvc || hSvc->Handle.Tag !=3D SERVICE_TAG) { DPRINT1("Invalid handle tag!\n"); return ERROR_INVALID_HANDLE; @@ -1411,7 +1411,7 @@ return ERROR_SHUTDOWN_IN_PROGRESS; =
hManager =3D (PMANAGER_HANDLE)hSCManager; - if (hManager->Handle.Tag !=3D MANAGER_TAG) + if (!hManager || hManager->Handle.Tag !=3D MANAGER_TAG) { DPRINT1("Invalid manager handle!\n"); return ERROR_INVALID_HANDLE; @@ -1698,7 +1698,7 @@ return ERROR_SHUTDOWN_IN_PROGRESS; =
hManager =3D (PMANAGER_HANDLE)hSCManager; - if (hManager->Handle.Tag !=3D MANAGER_TAG) + if (!hManager || hManager->Handle.Tag !=3D MANAGER_TAG) { DPRINT1("Invalid manager handle!\n"); return ERROR_INVALID_HANDLE; @@ -1887,6 +1887,9 @@ if (ScmShutdown) return ERROR_SHUTDOWN_IN_PROGRESS; =
+ if (!hScm) + return ERROR_INVALID_PARAMETER; + dwError =3D ScmCreateManagerHandle(lpDatabaseName, &hHandle); if (dwError !=3D ERROR_SUCCESS) @@ -1936,8 +1939,11 @@ if (ScmShutdown) return ERROR_SHUTDOWN_IN_PROGRESS; =
+ if (!hService) + return ERROR_INVALID_PARAMETER; + hManager =3D (PMANAGER_HANDLE)hSCManager; - if (hManager->Handle.Tag !=3D MANAGER_TAG) + if (!hManager || hManager->Handle.Tag !=3D MANAGER_TAG) { DPRINT1("Invalid manager handle!\n"); return ERROR_INVALID_HANDLE; @@ -2005,7 +2011,7 @@ return ERROR_SHUTDOWN_IN_PROGRESS; =
hSvc =3D (PSERVICE_HANDLE)hService; - if (hSvc->Handle.Tag !=3D SERVICE_TAG) + if (!hSvc || hSvc->Handle.Tag !=3D SERVICE_TAG) { DPRINT1("Invalid handle tag!\n"); return ERROR_INVALID_HANDLE; @@ -2172,7 +2178,7 @@ return ERROR_SHUTDOWN_IN_PROGRESS; =
hSvc =3D (PSERVICE_HANDLE)hService; - if (hSvc->Handle.Tag !=3D SERVICE_TAG) + if (!hSvc || hSvc->Handle.Tag !=3D SERVICE_TAG) { DPRINT1("Invalid handle tag!\n"); return ERROR_INVALID_HANDLE; @@ -2510,7 +2516,7 @@ return ERROR_SHUTDOWN_IN_PROGRESS; =
hSvc =3D (PSERVICE_HANDLE)hService; - if (hSvc->Handle.Tag !=3D SERVICE_TAG) + if (!hSvc || hSvc->Handle.Tag !=3D SERVICE_TAG) { DPRINT1("Invalid handle tag!\n"); return ERROR_INVALID_HANDLE; @@ -2625,7 +2631,7 @@ return ERROR_SHUTDOWN_IN_PROGRESS; =
hSvc =3D (PSERVICE_HANDLE)hService; - if (hSvc->Handle.Tag !=3D SERVICE_TAG) + if (!hSvc || hSvc->Handle.Tag !=3D SERVICE_TAG) { DPRINT1("Invalid handle tag!\n"); return ERROR_INVALID_HANDLE; @@ -2736,7 +2742,7 @@ return ERROR_SHUTDOWN_IN_PROGRESS; =
hSvc =3D (PSERVICE_HANDLE)hService; - if (hSvc->Handle.Tag !=3D SERVICE_TAG) + if (!hSvc || hSvc->Handle.Tag !=3D SERVICE_TAG) { DPRINT1("Invalid handle tag!\n"); return ERROR_INVALID_HANDLE; @@ -2839,7 +2845,7 @@ return ERROR_INSUFFICIENT_BUFFER; =
hSvc =3D (PSERVICE_HANDLE)hService; - if (hSvc->Handle.Tag !=3D SERVICE_TAG) + if (!hSvc || hSvc->Handle.Tag !=3D SERVICE_TAG) { DPRINT1("Invalid handle tag!\n"); return ERROR_INVALID_HANDLE; @@ -2930,7 +2936,7 @@ return ERROR_INVALID_LEVEL; =
hManager =3D (PMANAGER_HANDLE)hSCManager; - if (hManager->Handle.Tag !=3D MANAGER_TAG) + if (!hManager || hManager->Handle.Tag !=3D MANAGER_TAG) { DPRINT1("Invalid manager handle!\n"); return ERROR_INVALID_HANDLE;