[ros-diffs] [ekohl] 53202: [ADVAPI32] Fix QueryServiceConfigEx[A/W]: - If lpServiceConfig is NULL or cbBufSize is less than sizeof(QUERY_SERVICE_CONFIGA/W) pass a pointer to an internal status buffer to RQuery...

Author: ekohl Date: Sat Aug 13 14:26:55 2011 New Revision: 53202 URL: http://svn.reactos.org/svn/reactos?rev=53202&view=rev Log: [ADVAPI32] Fix QueryServiceConfigEx[A/W]: - If lpServiceConfig is NULL or cbBufSize is less than sizeof(QUERY_SERVICE_CONFIGA/W) pass a pointer to an internal status buffer to RQueryServiceConfigA/W. - Revert r53153 and r53154. Adding 'in' and 'unique' attributes is NOT an option because this is not compatible with Windows. Modified: trunk/reactos/dll/win32/advapi32/service/scm.c trunk/reactos/include/reactos/idl/svcctl.idl Modified: trunk/reactos/dll/win32/advapi32/service/scm.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/service… ============================================================================== --- trunk/reactos/dll/win32/advapi32/service/scm.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/advapi32/service/scm.c [iso-8859-1] Sat Aug 13 14:26:55 2011 @@ -1835,17 +1835,32 @@ DWORD cbBufSize, LPDWORD pcbBytesNeeded) { + QUERY_SERVICE_CONFIGA ServiceConfig; + LPQUERY_SERVICE_CONFIGA lpConfigPtr; + DWORD dwBufferSize; DWORD dwError; TRACE("QueryServiceConfigA(%p, %p, %lu, %p)\n", hService, lpServiceConfig, cbBufSize, pcbBytesNeeded); + if (lpServiceConfig == NULL || + cbBufSize < sizeof(QUERY_SERVICE_CONFIGA)) + { + lpConfigPtr = &ServiceConfig; + dwBufferSize = sizeof(QUERY_SERVICE_CONFIGA); + } + else + { + lpConfigPtr = lpServiceConfig; + dwBufferSize = cbBufSize; + } + RpcTryExcept { /* Call to services.exe using RPC */ dwError = RQueryServiceConfigA((SC_RPC_HANDLE)hService, - (LPBYTE)lpServiceConfig, - cbBufSize, + (LPBYTE)lpConfigPtr, + dwBufferSize, pcbBytesNeeded); } RpcExcept(EXCEPTION_EXECUTE_HANDLER) @@ -1862,30 +1877,30 @@ } /* Adjust the pointers */ - if (lpServiceConfig->lpBinaryPathName) - lpServiceConfig->lpBinaryPathName = - (LPSTR)((ULONG_PTR)lpServiceConfig + - (ULONG_PTR)lpServiceConfig->lpBinaryPathName); - - if (lpServiceConfig->lpLoadOrderGroup) - lpServiceConfig->lpLoadOrderGroup = - (LPSTR)((ULONG_PTR)lpServiceConfig + - (ULONG_PTR)lpServiceConfig->lpLoadOrderGroup); - - if (lpServiceConfig->lpDependencies) - lpServiceConfig->lpDependencies = - (LPSTR)((ULONG_PTR)lpServiceConfig + - (ULONG_PTR)lpServiceConfig->lpDependencies); - - if (lpServiceConfig->lpServiceStartName) - lpServiceConfig->lpServiceStartName = - (LPSTR)((ULONG_PTR)lpServiceConfig + - (ULONG_PTR)lpServiceConfig->lpServiceStartName); - - if (lpServiceConfig->lpDisplayName) - lpServiceConfig->lpDisplayName = - (LPSTR)((ULONG_PTR)lpServiceConfig + - (ULONG_PTR)lpServiceConfig->lpDisplayName); + if (lpConfigPtr->lpBinaryPathName) + lpConfigPtr->lpBinaryPathName = + (LPSTR)((ULONG_PTR)lpConfigPtr + + (ULONG_PTR)lpConfigPtr->lpBinaryPathName); + + if (lpConfigPtr->lpLoadOrderGroup) + lpConfigPtr->lpLoadOrderGroup = + (LPSTR)((ULONG_PTR)lpConfigPtr + + (ULONG_PTR)lpConfigPtr->lpLoadOrderGroup); + + if (lpConfigPtr->lpDependencies) + lpConfigPtr->lpDependencies = + (LPSTR)((ULONG_PTR)lpConfigPtr + + (ULONG_PTR)lpConfigPtr->lpDependencies); + + if (lpConfigPtr->lpServiceStartName) + lpConfigPtr->lpServiceStartName = + (LPSTR)((ULONG_PTR)lpConfigPtr + + (ULONG_PTR)lpConfigPtr->lpServiceStartName); + + if (lpConfigPtr->lpDisplayName) + lpConfigPtr->lpDisplayName = + (LPSTR)((ULONG_PTR)lpConfigPtr + + (ULONG_PTR)lpConfigPtr->lpDisplayName); TRACE("QueryServiceConfigA() done\n"); @@ -1904,20 +1919,32 @@ DWORD cbBufSize, LPDWORD pcbBytesNeeded) { + QUERY_SERVICE_CONFIGW ServiceConfig; + LPQUERY_SERVICE_CONFIGW lpConfigPtr; + DWORD dwBufferSize; DWORD dwError; TRACE("QueryServiceConfigW(%p, %p, %lu, %p)\n", hService, lpServiceConfig, cbBufSize, pcbBytesNeeded); - - if(pcbBytesNeeded) - *pcbBytesNeeded = 0; - + + if (lpServiceConfig == NULL || + cbBufSize < sizeof(QUERY_SERVICE_CONFIGW)) + { + lpConfigPtr = &ServiceConfig; + dwBufferSize = sizeof(QUERY_SERVICE_CONFIGW); + } + else + { + lpConfigPtr = lpServiceConfig; + dwBufferSize = cbBufSize; + } + RpcTryExcept { /* Call to services.exe using RPC */ dwError = RQueryServiceConfigW((SC_RPC_HANDLE)hService, - (LPBYTE)lpServiceConfig, - cbBufSize, + (LPBYTE)lpConfigPtr, + dwBufferSize, pcbBytesNeeded); } RpcExcept(EXCEPTION_EXECUTE_HANDLER) @@ -1934,30 +1961,30 @@ } /* Adjust the pointers */ - if (lpServiceConfig->lpBinaryPathName) - lpServiceConfig->lpBinaryPathName = - (LPWSTR)((ULONG_PTR)lpServiceConfig + - (ULONG_PTR)lpServiceConfig->lpBinaryPathName); - - if (lpServiceConfig->lpLoadOrderGroup) - lpServiceConfig->lpLoadOrderGroup = - (LPWSTR)((ULONG_PTR)lpServiceConfig + - (ULONG_PTR)lpServiceConfig->lpLoadOrderGroup); - - if (lpServiceConfig->lpDependencies) - lpServiceConfig->lpDependencies = - (LPWSTR)((ULONG_PTR)lpServiceConfig + - (ULONG_PTR)lpServiceConfig->lpDependencies); - - if (lpServiceConfig->lpServiceStartName) - lpServiceConfig->lpServiceStartName = - (LPWSTR)((ULONG_PTR)lpServiceConfig + - (ULONG_PTR)lpServiceConfig->lpServiceStartName); - - if (lpServiceConfig->lpDisplayName) - lpServiceConfig->lpDisplayName = - (LPWSTR)((ULONG_PTR)lpServiceConfig + - (ULONG_PTR)lpServiceConfig->lpDisplayName); + if (lpConfigPtr->lpBinaryPathName) + lpConfigPtr->lpBinaryPathName = + (LPWSTR)((ULONG_PTR)lpConfigPtr + + (ULONG_PTR)lpConfigPtr->lpBinaryPathName); + + if (lpConfigPtr->lpLoadOrderGroup) + lpConfigPtr->lpLoadOrderGroup = + (LPWSTR)((ULONG_PTR)lpConfigPtr + + (ULONG_PTR)lpConfigPtr->lpLoadOrderGroup); + + if (lpConfigPtr->lpDependencies) + lpConfigPtr->lpDependencies = + (LPWSTR)((ULONG_PTR)lpConfigPtr + + (ULONG_PTR)lpConfigPtr->lpDependencies); + + if (lpConfigPtr->lpServiceStartName) + lpConfigPtr->lpServiceStartName = + (LPWSTR)((ULONG_PTR)lpConfigPtr + + (ULONG_PTR)lpConfigPtr->lpServiceStartName); + + if (lpConfigPtr->lpDisplayName) + lpConfigPtr->lpDisplayName = + (LPWSTR)((ULONG_PTR)lpConfigPtr + + (ULONG_PTR)lpConfigPtr->lpDisplayName); TRACE("QueryServiceConfigW() done\n"); Modified: trunk/reactos/include/reactos/idl/svcctl.idl URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/reactos/idl/svcctl… ============================================================================== --- trunk/reactos/include/reactos/idl/svcctl.idl [iso-8859-1] (original) +++ trunk/reactos/include/reactos/idl/svcctl.idl [iso-8859-1] Sat Aug 13 14:26:55 2011 @@ -435,10 +435,10 @@ /* Function 17 */ DWORD RQueryServiceConfigW( [in] SC_RPC_HANDLE hService, - [in, out, size_is(cbBufSize), unique] LPBYTE lpServiceConfig, + [out, size_is(cbBufSize)] LPBYTE lpServiceConfig, /* FIXME: should be [out] LPQUERY_SERVICE_CONFIGW lpServiceConfig, */ [in, range(0, 1024*8)] DWORD cbBufSize, - [in, out, unique] LPBOUNDED_DWORD_8K pcbBytesNeeded); + [out] LPBOUNDED_DWORD_8K pcbBytesNeeded); /* Function 18 */ DWORD RQueryServiceLockStatusW( @@ -547,10 +547,10 @@ /* Function 29 */ DWORD RQueryServiceConfigA( [in] SC_RPC_HANDLE hService, - [in, out, size_is(cbBufSize), unique] LPBYTE lpServiceConfig, + [out, size_is(cbBufSize)] LPBYTE lpServiceConfig, /* FIXME: should be [out] LPQUERY_SERVICE_CONFIGA lpServiceConfig, */ [in, range(0, 1024*8)] DWORD cbBufSize, - [in, out, unique] LPBOUNDED_DWORD_8K pcbBytesNeeded); + [out] LPBOUNDED_DWORD_8K pcbBytesNeeded); /* Function 30 */ DWORD RQueryServiceLockStatusA(