Author: hbelusca Date: Thu Sep 27 17:16:31 2012 New Revision: 57400 URL: http://svn.reactos.org/svn/reactos?rev=57400&view=rev Log: [NTOSKRNL] Coverity code defects fixes : - Cache: CID 701441 - Config: CIDs 716570, 716669, 716760 - Dbgk: Kdbg: CIDs 716571, 515128/9, 500432 - Ex: CIDs 500156/7, 515122, 716200/67, 701301, 514669 - Fsrtl: Fstub: CIDs 701341/2, 701288, 716770, 701302, and CIDs 716576/7/8 + 514636 + 716805 thanks to Thomas Faber - Io: CIDs 514576, 514643, 514672/3, 716203, 716269, 716581, 716591, 716713 - Ke: CIDs 515125, 716592 - Ps: CIDs 716603/4, 701422 - Ob: Po: CIDs 514671/680, 701419/420/421, 716763, 716601/2 All the details are given in the different bug reports. CORE-6677 CORE-6679 CORE-6680 CORE-6683 CORE-6686 CORE-6692 CORE-6693 CORE-6694 CORE-6695 CORE-6696 #comment Committed in rev.57400 #resolve #close Modified: trunk/reactos/lib/rtl/atom.c trunk/reactos/ntoskrnl/cache/section/swapout.c trunk/reactos/ntoskrnl/config/cminit.c trunk/reactos/ntoskrnl/config/cmparse.c trunk/reactos/ntoskrnl/config/cmsysini.c trunk/reactos/ntoskrnl/dbgk/dbgkobj.c trunk/reactos/ntoskrnl/ex/init.c trunk/reactos/ntoskrnl/ex/sysinfo.c trunk/reactos/ntoskrnl/fsrtl/filelock.c trunk/reactos/ntoskrnl/fsrtl/notify.c trunk/reactos/ntoskrnl/fstub/disksup.c trunk/reactos/ntoskrnl/fstub/fstubex.c trunk/reactos/ntoskrnl/include/internal/cm.h trunk/reactos/ntoskrnl/io/iomgr/device.c trunk/reactos/ntoskrnl/io/iomgr/driver.c trunk/reactos/ntoskrnl/io/iomgr/ioevent.c trunk/reactos/ntoskrnl/io/iomgr/iofunc.c trunk/reactos/ntoskrnl/io/iomgr/iorsrce.c trunk/reactos/ntoskrnl/io/iomgr/ramdisk.c trunk/reactos/ntoskrnl/io/iomgr/volume.c trunk/reactos/ntoskrnl/io/pnpmgr/pnpnotify.c trunk/reactos/ntoskrnl/kdbg/kdb_cli.c trunk/reactos/ntoskrnl/ke/i386/cpu.c trunk/reactos/ntoskrnl/ke/profobj.c trunk/reactos/ntoskrnl/ob/oblife.c trunk/reactos/ntoskrnl/ob/oblink.c trunk/reactos/ntoskrnl/ob/obsdcach.c trunk/reactos/ntoskrnl/ob/obsecure.c trunk/reactos/ntoskrnl/po/power.c trunk/reactos/ntoskrnl/ps/kill.c trunk/reactos/ntoskrnl/ps/security.c Modified: trunk/reactos/lib/rtl/atom.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/lib/rtl/atom.c?rev=57400&a… ============================================================================== --- trunk/reactos/lib/rtl/atom.c [iso-8859-1] (original) +++ trunk/reactos/lib/rtl/atom.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -102,6 +102,12 @@ return TRUE; } + + /* + * AtomName cannot be NULL because this + * case was caught by the previous test. + */ + ASSERT(AtomName != NULL); if (*AtomName != L'#') return FALSE; Modified: trunk/reactos/ntoskrnl/cache/section/swapout.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/cache/section/swa… ============================================================================== --- trunk/reactos/ntoskrnl/cache/section/swapout.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/cache/section/swapout.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -348,7 +348,7 @@ PMM_SECTION_SEGMENT Segment = NULL; LARGE_INTEGER FileOffset; PMEMORY_AREA MemoryArea; - PMMSUPPORT AddressSpace = MmGetKernelAddressSpace(); + PMMSUPPORT AddressSpace = NULL; BOOLEAN Dirty = FALSE; PVOID Address = NULL; PEPROCESS Process = NULL; @@ -385,7 +385,6 @@ DPRINT("No segment association for %x\n", Page); } - Dirty = MmIsDirtyPageRmap(Page); DPRINTC("Trying to unmap all instances of %x\n", Page); @@ -409,7 +408,8 @@ DPRINTC("Process %x Address %x Page %x\n", Process, Address, Page); - if (RMAP_IS_SEGMENT(Address)) { + if (RMAP_IS_SEGMENT(Address)) + { entry = entry->Next; continue; } @@ -440,10 +440,10 @@ KeBugCheck(MEMORY_MANAGEMENT); } - MmLockAddressSpace(AddressSpace); - do { + MmLockAddressSpace(AddressSpace); + MemoryArea = MmLocateMemoryAreaByAddress(AddressSpace, Address); if (MemoryArea == NULL || MemoryArea->DeleteInProgress) { @@ -505,14 +505,13 @@ DPRINT1("bail\n"); goto bail; } - else Status = STATUS_MM_RESTART_OPERATION; + else + { + Status = STATUS_MM_RESTART_OPERATION; + } } - - MmLockAddressSpace(AddressSpace); } while (Status == STATUS_MM_RESTART_OPERATION); - - MmUnlockAddressSpace(AddressSpace); if (ProcRef) { Modified: trunk/reactos/ntoskrnl/config/cminit.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/config/cminit.c?r… ============================================================================== --- trunk/reactos/ntoskrnl/config/cminit.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/config/cminit.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -116,13 +116,24 @@ Hive->ViewLock = ExAllocatePoolWithTag(NonPagedPool, sizeof(KGUARDED_MUTEX), TAG_CM); - if (!Hive->ViewLock) return STATUS_INSUFFICIENT_RESOURCES; + if (!Hive->ViewLock) + { + /* Cleanup allocation and fail */ + ExFreePoolWithTag(Hive, TAG_CM); + return STATUS_INSUFFICIENT_RESOURCES; + } /* Allocate the flush lock */ Hive->FlusherLock = ExAllocatePoolWithTag(NonPagedPool, sizeof(ERESOURCE), TAG_CM); - if (!Hive->FlusherLock) return STATUS_INSUFFICIENT_RESOURCES; + if (!Hive->FlusherLock) + { + /* Cleanup allocations and fail */ + ExFreePoolWithTag(Hive->ViewLock, TAG_CM); + ExFreePoolWithTag(Hive, TAG_CM); + return STATUS_INSUFFICIENT_RESOURCES; + } /* Setup the handles */ Hive->FileHandles[HFILE_TYPE_PRIMARY] = Primary; @@ -189,10 +200,10 @@ (PUNICODE_STRING)FileName); if (!NT_SUCCESS(Status)) { - /* Clear allocations and fail */ - ExFreePool(Hive->ViewLock); - ExFreePool(Hive->FlusherLock); - ExFreePool(Hive); + /* Cleanup allocations and fail */ + ExFreePoolWithTag(Hive->FlusherLock, TAG_CM); + ExFreePoolWithTag(Hive->ViewLock, TAG_CM); + ExFreePoolWithTag(Hive, TAG_CM); return Status; } @@ -205,10 +216,10 @@ /* Verify integrity */ if (CmCheckRegistry((PCMHIVE)Hive, TRUE)) { - /* Free all alocations */ - ExFreePool(Hive->ViewLock); - ExFreePool(Hive->FlusherLock); - ExFreePool(Hive); + /* Cleanup allocations and fail */ + ExFreePoolWithTag(Hive->FlusherLock, TAG_CM); + ExFreePoolWithTag(Hive->ViewLock, TAG_CM); + ExFreePoolWithTag(Hive, TAG_CM); return STATUS_REGISTRY_CORRUPT; } } @@ -231,10 +242,10 @@ NTAPI CmpOpenHiveFiles(IN PCUNICODE_STRING BaseName, IN PCWSTR Extension OPTIONAL, - IN PHANDLE Primary, - IN PHANDLE Log, - IN PULONG PrimaryDisposition, - IN PULONG LogDisposition, + OUT PHANDLE Primary, + OUT PHANDLE Log, + OUT PULONG PrimaryDisposition, + OUT PULONG LogDisposition, IN BOOLEAN CreateAllowed, IN BOOLEAN MarkAsSystemHive, IN BOOLEAN NoBuffering, Modified: trunk/reactos/ntoskrnl/config/cmparse.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/config/cmparse.c?… ============================================================================== --- trunk/reactos/ntoskrnl/config/cmparse.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/config/cmparse.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -136,7 +136,7 @@ if (Length > 0xFFFF) goto Exit; /* Check if we need a new buffer */ - if (Length > ObjectName->MaximumLength) + if (Length > ObjectName->MaximumLength) { /* We do -- allocate one */ NewBuffer = ExAllocatePoolWithTag(PagedPool, Length, TAG_CM); @@ -334,7 +334,7 @@ KeyNode->MaxClassLen = 0; KeyNode->NameLength = CmpCopyName(Hive, KeyNode->Name, Name); if (KeyNode->NameLength < Name->Length) KeyNode->Flags |= KEY_COMP_NAME; - + /* Create the KCB */ Kcb = CmpCreateKeyControlBlock(Hive, *KeyCell, @@ -349,7 +349,7 @@ Status = STATUS_INSUFFICIENT_RESOURCES; goto Quickie; } - + /* Sanity check */ ASSERT(Kcb->RefCount == 1); @@ -357,7 +357,7 @@ KeyBody->NotifyBlock = NULL; KeyBody->ProcessID = PsGetCurrentProcessId(); KeyBody->KeyControlBlock = Kcb; - + /* Link it with the KCB */ EnlistKeyBodyWithKCB(KeyBody, 0); @@ -745,7 +745,7 @@ DPRINT1("Invalid link node attempt\n"); return STATUS_ACCESS_DENIED; } - + /* Check if the parent is being deleted */ if (ParentKcb->Delete) { @@ -754,7 +754,7 @@ Status = STATUS_OBJECT_NAME_NOT_FOUND; goto Exit; } - + /* Allocate a link node */ LinkCell = HvAllocateCell(Hive, FIELD_OFFSET(CM_KEY_NODE, Name) + @@ -767,14 +767,14 @@ Status = STATUS_INSUFFICIENT_RESOURCES; goto Exit; } - + /* Get the key cell */ KeyCell = Context->ChildHive.KeyCell; if (KeyCell != HCELL_NIL) { /* Hive exists! */ ChildCell = KeyCell; - + /* Get the node data */ KeyNode = (PCM_KEY_NODE)HvGetCell(Context->ChildHive.KeyHive, ChildCell); if (!KeyNode) @@ -784,12 +784,12 @@ Status = STATUS_INSUFFICIENT_RESOURCES; goto Exit; } - + /* Fill out the data */ KeyNode->Parent = LinkCell; KeyNode->Flags |= KEY_HIVE_ENTRY | KEY_NO_DELETE; HvReleaseCell(Context->ChildHive.KeyHive, ChildCell); - + /* Now open the key cell */ KeyNode = (PCM_KEY_NODE)HvGetCell(Context->ChildHive.KeyHive, KeyCell); if (!KeyNode) @@ -799,7 +799,7 @@ Status = STATUS_INSUFFICIENT_RESOURCES; goto Exit; } - + /* Open the parent */ Status = CmpDoOpen(Context->ChildHive.KeyHive, KeyCell, @@ -834,13 +834,13 @@ Context->ChildHive.KeyHive->BaseBlock->RootCell = ChildCell; } } - + /* Check if open or create suceeded */ if (NT_SUCCESS(Status)) { /* Mark the cell dirty */ HvMarkCellDirty(Context->ChildHive.KeyHive, ChildCell, FALSE); - + /* Get the key node */ KeyNode = HvGetCell(Context->ChildHive.KeyHive, ChildCell); if (!KeyNode) @@ -850,14 +850,14 @@ Status = STATUS_INSUFFICIENT_RESOURCES; goto Exit; } - + /* Release it */ HvReleaseCell(Context->ChildHive.KeyHive, ChildCell); - + /* Set the parent and flags */ KeyNode->Parent = LinkCell; KeyNode->Flags |= KEY_HIVE_ENTRY | KEY_NO_DELETE; - + /* Get the link node */ KeyNode = HvGetCell(Hive, LinkCell); if (!KeyNode) @@ -867,7 +867,7 @@ Status = STATUS_INSUFFICIENT_RESOURCES; goto Exit; } - + /* Set it up */ KeyNode->Signature = CM_LINK_NODE_SIGNATURE; KeyNode->Flags = KEY_HIVE_EXIT | KEY_NO_DELETE; @@ -876,7 +876,7 @@ if (KeyNode->NameLength < Name.Length) KeyNode->Flags |= KEY_COMP_NAME; KeQuerySystemTime(&TimeStamp); KeyNode->LastWriteTime = TimeStamp; - + /* Clear out the rest */ KeyNode->SubKeyCounts[Stable] = 0; KeyNode->SubKeyCounts[Volatile] = 0; @@ -885,12 +885,12 @@ KeyNode->ValueList.Count = 0; KeyNode->ValueList.List = HCELL_NIL; KeyNode->ClassLength = 0; - + /* Reference the root node */ KeyNode->ChildHiveReference.KeyHive = Context->ChildHive.KeyHive; KeyNode->ChildHiveReference.KeyCell = ChildCell; HvReleaseCell(Hive, LinkCell); - + /* Get the parent node */ KeyNode = HvGetCell(Hive, Cell); if (!KeyNode) @@ -900,14 +900,14 @@ Status = STATUS_INSUFFICIENT_RESOURCES; goto Exit; } - + /* Now add the subkey */ if (!CmpAddSubKey(Hive, Cell, LinkCell)) { /* Failure! We don't handle this yet! */ ASSERT(FALSE); } - + /* Get the key body */ KeyBody = (PCM_KEY_BODY)*Object; @@ -915,12 +915,12 @@ ASSERT(KeyBody->KeyControlBlock->ParentKcb->KeyCell == Cell); ASSERT(KeyBody->KeyControlBlock->ParentKcb->KeyHive == Hive); ASSERT(KeyBody->KeyControlBlock->ParentKcb->KcbMaxNameLen == KeyNode->MaxNameLen); - + /* Update the timestamp */ KeQuerySystemTime(&TimeStamp); KeyNode->LastWriteTime = TimeStamp; KeyBody->KeyControlBlock->ParentKcb->KcbLastWriteTime = TimeStamp; - + /* Check if we need to update name maximum */ if (KeyNode->MaxNameLen < Name.Length) { @@ -928,14 +928,14 @@ KeyNode->MaxNameLen = Name.Length; KeyBody->KeyControlBlock->ParentKcb->KcbMaxNameLen = Name.Length; } - + /* Check if we need toupdate class length maximum */ if (KeyNode->MaxClassLen < Context->Class.Length) { /* Update it */ KeyNode->MaxClassLen = Context->Class.Length; } - + /* Release the cell */ HvReleaseCell(Hive, Cell); } @@ -944,7 +944,7 @@ /* Release the link cell */ HvReleaseCell(Hive, LinkCell); } - + Exit: /* Release the flusher locks and return status */ return Status; @@ -965,11 +965,11 @@ ASSERT(*ReleaseHive != NULL); HvReleaseCell((*ReleaseHive), *ReleaseCell); } - + /* Get the link references */ *Hive = (*KeyNode)->ChildHiveReference.KeyHive; *Cell = (*KeyNode)->ChildHiveReference.KeyCell; - + /* Get the new node */ *KeyNode = (PCM_KEY_NODE)HvGetCell((*Hive), *Cell); if (*KeyNode) @@ -1004,10 +1004,10 @@ /* Calculate hash values */ *TotalRemainingSubkeys = 0xBAADF00D; - + /* Lock the registry */ CmpLockRegistry(); - + /* Return hive and cell data */ *Hive = (*Kcb)->KeyHive; *Cell = (*Kcb)->KeyCell; @@ -1060,7 +1060,7 @@ /* Fail if this isn't a key object */ if (ObjectType != CmpKeyObjectType) return STATUS_OBJECT_TYPE_MISMATCH; - + /* Copy the remaining name */ Current = *RemainingName; @@ -1070,9 +1070,12 @@ /* It isn't, so no context */ ParseContext = NULL; } - + /* Grab the KCB */ Kcb = ((PCM_KEY_BODY)ParseObject)->KeyControlBlock; + + /* Sanity check */ + ASSERT(Kcb != NULL); /* Fail if the key was marked as deleted */ if (Kcb->Delete) @@ -1089,10 +1092,13 @@ &TotalSubkeys, NULL, &LockedKcbs); - + /* This is now the parent */ ParentKcb = Kcb; - + + /* Sanity check */ + ASSERT(ParentKcb != NULL); + /* Check if everything was found cached */ if (!TotalRemainingSubkeys) ASSERTMSG("Caching not implemented", FALSE); @@ -1127,7 +1133,7 @@ goto Quickie; } Current.MaximumLength += NextName.MaximumLength; - + /* Parse the symlink */ if (CmpGetSymbolicLink(Hive, CompleteName, @@ -1146,7 +1152,7 @@ /* We're done */ goto Quickie; } - + /* Get the key node */ Node = (PCM_KEY_NODE)HvGetCell(Hive, Cell); if (!Node) @@ -1174,7 +1180,7 @@ Cell = NextCell; Node = (PCM_KEY_NODE)HvGetCell(Hive, Cell); if (!Node) ASSERT(FALSE); - + /* Check if this was the last key */ if (Last) { @@ -1189,7 +1195,7 @@ &CellToRelease); if (!Node) ASSERT(FALSE); } - + /* Do the open */ Status = CmpDoOpen(Hive, Cell, @@ -1214,11 +1220,11 @@ Status = STATUS_OBJECT_NAME_NOT_FOUND; } } - + /* We are done */ break; } - + /* Is this an exit node */ if (Node->Flags & KEY_HIVE_EXIT) { @@ -1239,7 +1245,7 @@ 0, &NextName); if (!Kcb) ASSERT(FALSE); - + /* Dereference the parent and set the new one */ CmpDereferenceKeyControlBlock(ParentKcb); ParentKcb = Kcb; @@ -1275,7 +1281,7 @@ ParentKcb, Object); } - + /* Check for reparse (in this case, someone beat us) */ if (Status == STATUS_REPARSE) break; @@ -1295,7 +1301,7 @@ { /* Save the next name */ Current.Buffer = NextName.Buffer; - + /* Validate the current name string length */ if (Current.Length + NextName.Length > MAXUSHORT) { @@ -1304,7 +1310,7 @@ break; } Current.Length += NextName.Length; - + /* Validate the current name string maximum length */ if (Current.MaximumLength + NextName.MaximumLength > MAXUSHORT) { @@ -1313,7 +1319,7 @@ break; } Current.MaximumLength += NextName.MaximumLength; - + /* Parse the symlink */ if (CmpGetSymbolicLink(Hive, CompleteName, @@ -1363,7 +1369,7 @@ { /* Nothing to do */ } - + /* We're done */ break; } @@ -1378,7 +1384,7 @@ /* Dereference the parent if it exists */ Quickie: if (ParentKcb) CmpDereferenceKeyControlBlock(ParentKcb); - + /* Unlock the registry */ CmpUnlockRegistry(); return Status; Modified: trunk/reactos/ntoskrnl/config/cmsysini.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/config/cmsysini.c… ============================================================================== --- trunk/reactos/ntoskrnl/config/cmsysini.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/config/cmsysini.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -1104,7 +1104,7 @@ //ULONG RegStart; ULONG PrimaryDisposition, SecondaryDisposition, ClusterSize; PCMHIVE CmHive; - HANDLE PrimaryHandle, LogHandle; + HANDLE PrimaryHandle = NULL, LogHandle = NULL; NTSTATUS Status = STATUS_SUCCESS; PVOID ErrorParameters; PAGED_CODE(); Modified: trunk/reactos/ntoskrnl/dbgk/dbgkobj.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/dbgk/dbgkobj.c?re… ============================================================================== --- trunk/reactos/ntoskrnl/dbgk/dbgkobj.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/dbgk/dbgkobj.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -192,7 +192,7 @@ ObDereferenceObject(Process); /* Free the debug event */ - ExFreePool(DebugEvent); + ExFreePoolWithTag(DebugEvent, 'EgbD'); } } @@ -418,7 +418,7 @@ /* Dereference process and thread and free the event */ ObDereferenceObject(DebugEvent->Process); ObDereferenceObject(DebugEvent->Thread); - ExFreePool(DebugEvent); + ExFreePoolWithTag(DebugEvent, 'EgbD'); } VOID Modified: trunk/reactos/ntoskrnl/ex/init.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ex/init.c?rev=574… ============================================================================== --- trunk/reactos/ntoskrnl/ex/init.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/ex/init.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -211,7 +211,7 @@ PLIST_ENTRY ListHead, NextEntry; PMEMORY_ALLOCATION_DESCRIPTOR MdBlock; ULONG NlsTablesEncountered = 0; - SIZE_T NlsTableSizes[3]; /* 3 NLS tables */ + SIZE_T NlsTableSizes[3] = {0, 0, 0}; /* 3 NLS tables */ /* Check if this is boot-time phase 0 initialization */ if (!ExpInitializationPhase) @@ -405,12 +405,11 @@ if (!NT_SUCCESS(Status)) { /* Failed, display error */ - p = InitBuffer->DebugBuffer; - _snwprintf(p, - 256 * sizeof(WCHAR), + _snwprintf(InitBuffer->DebugBuffer, + sizeof(InitBuffer->DebugBuffer)/sizeof(WCHAR), L"INIT: Unable to allocate Process Parameters. 0x%lx", Status); - RtlInitUnicodeString(&DebugString, p); + RtlInitUnicodeString(&DebugString, InitBuffer->DebugBuffer); ZwDisplayString(&DebugString); /* Bugcheck the system */ @@ -434,12 +433,11 @@ if (!NT_SUCCESS(Status)) { /* Failed, display error */ - p = InitBuffer->DebugBuffer; - _snwprintf(p, - 256 * sizeof(WCHAR), + _snwprintf(InitBuffer->DebugBuffer, + sizeof(InitBuffer->DebugBuffer)/sizeof(WCHAR), L"INIT: Unable to allocate Process Environment. 0x%lx", Status); - RtlInitUnicodeString(&DebugString, p); + RtlInitUnicodeString(&DebugString, InitBuffer->DebugBuffer); ZwDisplayString(&DebugString); /* Bugcheck the system */ @@ -560,12 +558,11 @@ if (!NT_SUCCESS(Status)) { /* Failed, display error */ - p = InitBuffer->DebugBuffer; - _snwprintf(p, - 256 * sizeof(WCHAR), + _snwprintf(InitBuffer->DebugBuffer, + sizeof(InitBuffer->DebugBuffer)/sizeof(WCHAR), L"INIT: Unable to create Session Manager. 0x%lx", Status); - RtlInitUnicodeString(&DebugString, p); + RtlInitUnicodeString(&DebugString, InitBuffer->DebugBuffer); ZwDisplayString(&DebugString); /* Bugcheck the system */ @@ -577,12 +574,11 @@ if (!NT_SUCCESS(Status)) { /* Failed, display error */ - p = InitBuffer->DebugBuffer; - _snwprintf(p, - 256 * sizeof(WCHAR), + _snwprintf(InitBuffer->DebugBuffer, + sizeof(InitBuffer->DebugBuffer)/sizeof(WCHAR), L"INIT: Unable to resume Session Manager. 0x%lx", Status); - RtlInitUnicodeString(&DebugString, p); + RtlInitUnicodeString(&DebugString, InitBuffer->DebugBuffer); ZwDisplayString(&DebugString); /* Bugcheck the system */ Modified: trunk/reactos/ntoskrnl/ex/sysinfo.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ex/sysinfo.c?rev=… ============================================================================== --- trunk/reactos/ntoskrnl/ex/sysinfo.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/ex/sysinfo.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -150,7 +150,7 @@ Prcb = KeGetCurrentPrcb(); - ScaledIdle = Prcb->IdleThread->KernelTime * 100; + ScaledIdle = (ULONGLONG)Prcb->IdleThread->KernelTime * 100; TotalTime = Prcb->KernelTime + Prcb->UserTime; if (TotalTime != 0) *CpuUsage = (ULONG)(100 - (ScaledIdle / TotalTime)); @@ -785,7 +785,7 @@ } } } - if (!ImageNameLength && Process != PsIdleProcess && Process->ImageFileName) + if (!ImageNameLength && Process != PsIdleProcess) { ImageNameLength = (USHORT)strlen(Process->ImageFileName) * sizeof(WCHAR); } @@ -824,7 +824,7 @@ /* Release the memory allocated by SeLocateProcessImageName */ ExFreePool(ProcessImageName); } - else if (Process->ImageFileName) + else { RtlInitAnsiString(&ImageName, Process->ImageFileName); RtlAnsiStringToUnicodeString(&SpiCurrent->ImageName, &ImageName, FALSE); Modified: trunk/reactos/ntoskrnl/fsrtl/filelock.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/fsrtl/filelock.c?… ============================================================================== --- trunk/reactos/ntoskrnl/fsrtl/filelock.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/fsrtl/filelock.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -380,12 +380,13 @@ if (!FileLock->LockInformation) { LockInfo = ExAllocatePoolWithTag(NonPagedPool, sizeof(LOCK_INFORMATION), 'FLCK'); - FileLock->LockInformation = LockInfo; - if (!FileLock) { + if (!LockInfo) + { IoStatus->Status = STATUS_NO_MEMORY; return FALSE; } - + FileLock->LockInformation = LockInfo; + LockInfo->BelongsTo = FileLock; InitializeListHead(&LockInfo->SharedLocks); @@ -416,13 +417,13 @@ ToInsert.Exclusive.FileLock.ProcessId = Process->UniqueProcessId; ToInsert.Exclusive.FileLock.Key = Key; ToInsert.Exclusive.FileLock.ExclusiveLock = ExclusiveLock; - + Conflict = RtlInsertElementGenericTable (FileLock->LockInformation, &ToInsert, sizeof(ToInsert), &InsertedNew); - + if (Conflict && !InsertedNew) { if (Conflict->Exclusive.FileLock.ExclusiveLock || ExclusiveLock) @@ -475,8 +476,9 @@ for (i = 0; i < RtlNumberGenericTableElements(&LockInfo->RangeTable); i++) { Conflict = RtlGetElementGenericTable(&LockInfo->RangeTable, i); + /* The first argument will be inserted as a shared range */ - if (LockCompare(&LockInfo->RangeTable, Conflict, &ToInsert) == GenericEqual) + if (Conflict && (LockCompare(&LockInfo->RangeTable, Conflict, &ToInsert) == GenericEqual)) { if (Conflict->Exclusive.FileLock.ExclusiveLock) { @@ -520,8 +522,9 @@ Conflict->Exclusive.FileLock.StartingByte.LowPart, Conflict->Exclusive.FileLock.EndingByte.HighPart, Conflict->Exclusive.FileLock.EndingByte.LowPart); - Conflict = FsRtlpRebuildSharedLockRange - (FileLock, LockInfo, &ToInsert); + Conflict = FsRtlpRebuildSharedLockRange(FileLock, + LockInfo, + &ToInsert); if (!Conflict) { IoStatus->Status = STATUS_NO_MEMORY; @@ -918,7 +921,6 @@ PLIST_ENTRY SharedRangeEntry; PLOCK_SHARED_RANGE WatchSharedRange; COMBINED_LOCK_ELEMENT RemadeElement; - PCOMBINED_LOCK_ELEMENT RemadeElementInserted = NULL; Find.Exclusive.FileLock.StartingByte = SharedRange->Start; Find.Exclusive.FileLock.EndingByte = SharedRange->End; SharedEntry = SharedRange->Entry.Flink; @@ -939,30 +941,28 @@ SharedRangeEntry != &InternalInfo->SharedLocks; SharedRangeEntry = SharedRangeEntry->Flink) { - COMBINED_LOCK_ELEMENT Find; + COMBINED_LOCK_ELEMENT LockElement; WatchSharedRange = CONTAINING_RECORD(SharedRangeEntry, LOCK_SHARED_RANGE, Entry); - Find.Exclusive.FileLock.StartingByte = WatchSharedRange->Start; - Find.Exclusive.FileLock.EndingByte = WatchSharedRange->End; - if (LockCompare(&InternalInfo->RangeTable, &RemadeElement, &Find) != GenericEqual) + LockElement.Exclusive.FileLock.StartingByte = WatchSharedRange->Start; + LockElement.Exclusive.FileLock.EndingByte = WatchSharedRange->End; + if (LockCompare(&InternalInfo->RangeTable, &RemadeElement, &LockElement) != GenericEqual) { DPRINT("Skipping range %08x%08x:%08x%08x\n", - Find.Exclusive.FileLock.StartingByte.HighPart, - Find.Exclusive.FileLock.StartingByte.LowPart, - Find.Exclusive.FileLock.EndingByte.HighPart, - Find.Exclusive.FileLock.EndingByte.LowPart); + LockElement.Exclusive.FileLock.StartingByte.HighPart, + LockElement.Exclusive.FileLock.StartingByte.LowPart, + LockElement.Exclusive.FileLock.EndingByte.HighPart, + LockElement.Exclusive.FileLock.EndingByte.LowPart); continue; } DPRINT("Re-creating range %08x%08x:%08x%08x\n", - Find.Exclusive.FileLock.StartingByte.HighPart, - Find.Exclusive.FileLock.StartingByte.LowPart, - Find.Exclusive.FileLock.EndingByte.HighPart, - Find.Exclusive.FileLock.EndingByte.LowPart); + LockElement.Exclusive.FileLock.StartingByte.HighPart, + LockElement.Exclusive.FileLock.StartingByte.LowPart, + LockElement.Exclusive.FileLock.EndingByte.HighPart, + LockElement.Exclusive.FileLock.EndingByte.LowPart); RtlZeroMemory(&RemadeElement, sizeof(RemadeElement)); RemadeElement.Exclusive.FileLock.StartingByte = WatchSharedRange->Start; RemadeElement.Exclusive.FileLock.EndingByte = WatchSharedRange->End; - RemadeElementInserted = - FsRtlpRebuildSharedLockRange - (FileLock, InternalInfo, &RemadeElement); + FsRtlpRebuildSharedLockRange(FileLock, InternalInfo, &RemadeElement); } } else Modified: trunk/reactos/ntoskrnl/fsrtl/notify.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/fsrtl/notify.c?re… ============================================================================== --- trunk/reactos/ntoskrnl/fsrtl/notify.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/fsrtl/notify.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -586,6 +586,13 @@ /* Allocate new notification */ NotifyChange = ExAllocatePoolWithTag(PagedPool | POOL_RAISE_IF_ALLOCATION_FAILURE, sizeof(NOTIFY_CHANGE), 'FSrN'); + + /* + * If NotifyChange == NULL then an + * exception was already raised. + */ + ASSERT(NotifyChange != NULL); + RtlZeroMemory(NotifyChange, sizeof(NOTIFY_CHANGE)); /* Set basic information */ Modified: trunk/reactos/ntoskrnl/fstub/disksup.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/fstub/disksup.c?r… ============================================================================== --- trunk/reactos/ntoskrnl/fstub/disksup.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/fstub/disksup.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -446,38 +446,46 @@ DPRINT("RDiskCount %d\n", RDiskCount); - Buffer1 = (PWSTR)ExAllocatePoolWithTag(PagedPool, - 64 * sizeof(WCHAR), TAG_FILE_SYSTEM); - Buffer2 = (PWSTR)ExAllocatePoolWithTag(PagedPool, - 32 * sizeof(WCHAR), TAG_FILE_SYSTEM); - - PartialInformation = (PKEY_VALUE_PARTIAL_INFORMATION)ExAllocatePoolWithTag(PagedPool, - sizeof(KEY_VALUE_PARTIAL_INFORMATION) + sizeof(REG_DISK_MOUNT_INFO), TAG_FILE_SYSTEM); - - if (!Buffer1 || !Buffer2 || !PartialInformation) return; + Buffer1 = ExAllocatePoolWithTag(PagedPool, + 64 * sizeof(WCHAR), + TAG_FILE_SYSTEM); + if (!Buffer1) return; + + Buffer2 = ExAllocatePoolWithTag(PagedPool, + 32 * sizeof(WCHAR), + TAG_FILE_SYSTEM); + if (!Buffer2) + { + ExFreePoolWithTag(Buffer1, TAG_FILE_SYSTEM); + return; + } + + PartialInformation = ExAllocatePoolWithTag(PagedPool, + sizeof(KEY_VALUE_PARTIAL_INFORMATION) + sizeof(REG_DISK_MOUNT_INFO), + TAG_FILE_SYSTEM); + if (!PartialInformation) + { + ExFreePoolWithTag(Buffer2, TAG_FILE_SYSTEM); + ExFreePoolWithTag(Buffer1, TAG_FILE_SYSTEM); + return; + } DiskMountInfo = (PREG_DISK_MOUNT_INFO) PartialInformation->Data; - /* Open or Create the 'MountedDevices' key */ + /* Create or open the 'MountedDevices' key */ RtlInitUnicodeString(&UnicodeString1, L"\\Registry\\Machine\\SYSTEM\\MountedDevices"); InitializeObjectAttributes(&ObjectAttributes, &UnicodeString1, - OBJ_CASE_INSENSITIVE, + OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL); - Status = ZwOpenKey(&hKey, + Status = ZwCreateKey(&hKey, KEY_ALL_ACCESS, - &ObjectAttributes); - if (!NT_SUCCESS(Status)) - { - Status = ZwCreateKey(&hKey, - KEY_ALL_ACCESS, - &ObjectAttributes, - 0, - NULL, - REG_OPTION_NON_VOLATILE, - NULL); - } + &ObjectAttributes, + 0, + NULL, + REG_OPTION_NON_VOLATILE, + NULL); if (!NT_SUCCESS(Status)) { hKey = NULL; @@ -535,7 +543,8 @@ ExFreePoolWithTag(PartialInformation, TAG_FILE_SYSTEM); ExFreePoolWithTag(Buffer2, TAG_FILE_SYSTEM); ExFreePoolWithTag(Buffer1, TAG_FILE_SYSTEM); - if (hKey) ZwClose(hKey); + if (hKey) ObCloseHandle(hKey, KernelMode); + return; } RtlZeroMemory(LayoutArray, @@ -951,10 +960,7 @@ ExFreePoolWithTag(PartialInformation, TAG_FILE_SYSTEM); ExFreePoolWithTag(Buffer2, TAG_FILE_SYSTEM); ExFreePoolWithTag(Buffer1, TAG_FILE_SYSTEM); - if (hKey) - { - ZwClose(hKey); - } + if (hKey) ObCloseHandle(hKey, KernelMode); } #endif Modified: trunk/reactos/ntoskrnl/fstub/fstubex.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/fstub/fstubex.c?r… ============================================================================== --- trunk/reactos/ntoskrnl/fstub/fstubex.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/fstub/fstubex.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -985,7 +985,7 @@ if ((Disk->SectorCount - 1ULL) != EfiHeader.AlternateLBA) { /* We'll update it. First, count number of sectors needed to store partitions */ - SectorsForPartitions = (EfiHeader.NumberOfEntries * PARTITION_ENTRY_SIZE) / Disk->SectorSize; + SectorsForPartitions = ((ULONGLONG)EfiHeader.NumberOfEntries * PARTITION_ENTRY_SIZE) / Disk->SectorSize; /* Then set first usable LBA: Legacy MBR + GPT header + Partitions entries */ EfiHeader.FirstUsableLBA = SectorsForPartitions + 2; /* Then set last usable LBA: Last sector - GPT header - Partitions entries */ Modified: trunk/reactos/ntoskrnl/include/internal/cm.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/include/internal/… ============================================================================== --- trunk/reactos/ntoskrnl/include/internal/cm.h [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/include/internal/cm.h [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -801,10 +801,10 @@ CmpOpenHiveFiles( IN PCUNICODE_STRING BaseName, IN PCWSTR Extension OPTIONAL, - IN PHANDLE Primary, - IN PHANDLE Log, - IN PULONG PrimaryDisposition, - IN PULONG LogDisposition, + OUT PHANDLE Primary, + OUT PHANDLE Log, + OUT PULONG PrimaryDisposition, + OUT PULONG LogDisposition, IN BOOLEAN CreateAllowed, IN BOOLEAN MarkAsSystemHive, IN BOOLEAN NoBuffering, Modified: trunk/reactos/ntoskrnl/io/iomgr/device.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/device.c… ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/device.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/io/iomgr/device.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -227,11 +227,14 @@ NULL, &Event, &StatusBlock); - Status = IoCallDriver(DeviceObject, Irp); - if (Status == STATUS_PENDING) + if (Irp) { - /* Wait on the driver */ - KeWaitForSingleObject(&Event, Executive, KernelMode, FALSE, NULL); + Status = IoCallDriver(DeviceObject, Irp); + if (Status == STATUS_PENDING) + { + /* Wait on the driver */ + KeWaitForSingleObject(&Event, Executive, KernelMode, FALSE, NULL); + } } /* Remove the flag */ Modified: trunk/reactos/ntoskrnl/io/iomgr/driver.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/driver.c… ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/driver.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/io/iomgr/driver.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -795,6 +795,11 @@ &MissingApiName, &MissingDriverName, &LoadedImports); + + /* Free the temporary buffer */ + ExFreePoolWithTag(Buffer, TAG_LDR_WSTR); + + /* Check the result of the imports resolution */ if (!NT_SUCCESS(Status)) return Status; /* Return */ Modified: trunk/reactos/ntoskrnl/io/iomgr/ioevent.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/ioevent.… ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/ioevent.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/io/iomgr/ioevent.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -42,12 +42,17 @@ if (!NT_SUCCESS(Status)) return NULL; /* Get a handle to it */ - ObReferenceObjectByHandle(Handle, - 0, - ExEventObjectType, - KernelMode, - (PVOID*)&Event, - NULL); + Status = ObReferenceObjectByHandle(Handle, + 0, + ExEventObjectType, + KernelMode, + (PVOID*)&Event, + NULL); + if (!NT_SUCCESS(Status)) + { + ZwClose(Handle); + return NULL; + } /* Dereference the extra count, and return the handle */ ObDereferenceObject(Event); Modified: trunk/reactos/ntoskrnl/io/iomgr/iofunc.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/iofunc.c… ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/iofunc.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/io/iomgr/iofunc.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -119,7 +119,7 @@ { NTSTATUS Status; PKNORMAL_ROUTINE NormalRoutine; - PVOID NormalContext; + PVOID NormalContext = NULL; KIRQL OldIrql; PAGED_CODE(); IOTRACE(IO_API_DEBUG, "IRP: %p. DO: %p. FO: %p \n", Modified: trunk/reactos/ntoskrnl/io/iomgr/iorsrce.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/iorsrce.… ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/iorsrce.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/io/iomgr/iorsrce.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -701,7 +701,7 @@ UNICODE_STRING LinkTarget, KeyName; OBJECT_ATTRIBUTES ObjectAttributes; HANDLE LinkHandle, RegistryHandle, KeyHandle; - WCHAR LinkTargetBuffer[256], KeyNameBuffer[sizeof(L"SystemPartition") / sizeof(WCHAR)]; + WCHAR LinkTargetBuffer[256]; UNICODE_STRING CmRegistryMachineSystemName = RTL_CONSTANT_STRING(L"\\Registry\\Machine\\SYSTEM"); ASSERT(NtSystemPartitionDeviceName->MaximumLength >= NtSystemPartitionDeviceName->Length + sizeof(WCHAR)); @@ -760,13 +760,9 @@ return; } - /* We'll store in Setup subkey, and as we love fun, we use only one buffer for three writings... */ - wcscpy(KeyNameBuffer, L"Setup"); - KeyName.Length = sizeof(L"Setup") - sizeof(UNICODE_NULL); - KeyName.MaximumLength = sizeof(L"Setup"); - KeyName.Buffer = KeyNameBuffer; - - /* So, open or create the subkey */ + /* Open or create the Setup subkey where we'll store in */ + RtlInitUnicodeString(&KeyName, L"Setup"); + Status = IopCreateRegistryKeyEx(&KeyHandle, RegistryHandle, &KeyName, @@ -784,9 +780,7 @@ } /* Prepare first data writing... */ - wcscpy(KeyNameBuffer, L"SystemPartition"); - KeyName.Length = sizeof(L"SystemPartition") - sizeof(UNICODE_NULL); - KeyName.MaximumLength = sizeof(L"SystemPartition"); + RtlInitUnicodeString(&KeyName, L"SystemPartition"); /* Write SystemPartition value which is the target of the symbolic link */ Status = ZwSetValueKey(KeyHandle, @@ -800,10 +794,8 @@ DPRINT("Failed writing SystemPartition value!\n"); } - /* Prepare for second data writing... */ - wcscpy(KeyName.Buffer, L"OsLoaderPath"); - KeyName.Length = sizeof(L"OsLoaderPath") - sizeof(UNICODE_NULL); - KeyName.MaximumLength = sizeof(L"OsLoaderPath"); + /* Prepare for second data writing... */ + RtlInitUnicodeString(&KeyName, L"OsLoaderPath"); /* Remove trailing slash if any (one slash only excepted) */ if (OsLoaderPathName->Length > sizeof(WCHAR) && Modified: trunk/reactos/ntoskrnl/io/iomgr/ramdisk.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/ramdisk.… ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/ramdisk.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/io/iomgr/ramdisk.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -224,7 +224,7 @@ // Build the symbolic link name and target // _snwprintf(SourceString, - sizeof(SourceString), + sizeof(SourceString)/sizeof(WCHAR), L"\\Device\\Ramdisk%wZ", &GuidString); SymbolicLinkName.Length = 38; Modified: trunk/reactos/ntoskrnl/io/iomgr/volume.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/volume.c… ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/volume.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/io/iomgr/volume.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -377,11 +377,14 @@ NULL, &Event, &StatusBlock); - Status = IoCallDriver(DeviceObject, Irp); - if (Status == STATUS_PENDING) - { - /* Wait on the driver */ - KeWaitForSingleObject(&Event, Executive, KernelMode, FALSE, NULL); + if (Irp) + { + Status = IoCallDriver(DeviceObject, Irp); + if (Status == STATUS_PENDING) + { + /* Wait on the driver */ + KeWaitForSingleObject(&Event, Executive, KernelMode, FALSE, NULL); + } } /* Reset the event */ Modified: trunk/reactos/ntoskrnl/io/pnpmgr/pnpnotify.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/pnpmgr/pnpnoti… ============================================================================== --- trunk/reactos/ntoskrnl/io/pnpmgr/pnpnotify.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/io/pnpmgr/pnpnotify.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -80,7 +80,7 @@ if (!NT_SUCCESS(Status)) { KeReleaseGuardedMutex(&PnpNotifyListLock); - ExFreePool(NotificationStructure); + ExFreePoolWithTag(NotificationStructure, TAG_PNP_NOTIFY); return; } break; @@ -177,21 +177,22 @@ case EventCategoryTargetDeviceChange: { Status = IoGetRelatedTargetDevice(ChangeEntry->FileObject, &EntryDeviceObject); - if (NT_SUCCESS(Status)) - { - if (DeviceObject == EntryDeviceObject) - { - if (Event == &GUID_PNP_CUSTOM_NOTIFICATION) - { - ((PTARGET_DEVICE_CUSTOM_NOTIFICATION)NotificationStructure)->FileObject = ChangeEntry->FileObject; - } - else - { - ((PTARGET_DEVICE_REMOVAL_NOTIFICATION)NotificationStructure)->FileObject = ChangeEntry->FileObject; - } - CallCurrentEntry = TRUE; - } + if (NT_SUCCESS(Status)) + { + if (DeviceObject == EntryDeviceObject) + { + if (Event == &GUID_PNP_CUSTOM_NOTIFICATION) + { + ((PTARGET_DEVICE_CUSTOM_NOTIFICATION)NotificationStructure)->FileObject = ChangeEntry->FileObject; + } + else + { + ((PTARGET_DEVICE_REMOVAL_NOTIFICATION)NotificationStructure)->FileObject = ChangeEntry->FileObject; + } + CallCurrentEntry = TRUE; + } } + break; } default: { Modified: trunk/reactos/ntoskrnl/kdbg/kdb_cli.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/kdbg/kdb_cli.c?re… ============================================================================== --- trunk/reactos/ntoskrnl/kdbg/kdb_cli.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/kdbg/kdb_cli.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -864,7 +864,7 @@ else if (Argv[0][0] == 'c') /* cregs */ { ULONG Cr0, Cr2, Cr3, Cr4; - KDESCRIPTOR Gdtr, Idtr; + KDESCRIPTOR Gdtr = {0, 0, 0}, Idtr = {0, 0, 0}; USHORT Ldtr; static const PCHAR Cr0Bits[32] = { " PE", " MP", " EM", " TS", " ET", " NE", NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, Modified: trunk/reactos/ntoskrnl/ke/i386/cpu.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/i386/cpu.c?rev… ============================================================================== --- trunk/reactos/ntoskrnl/ke/i386/cpu.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/ke/i386/cpu.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -1137,7 +1137,7 @@ INIT_FUNCTION KiI386PentiumLockErrataFixup(VOID) { - KDESCRIPTOR IdtDescriptor; + KDESCRIPTOR IdtDescriptor = {0, 0, 0}; PKIDTENTRY NewIdt, NewIdt2; /* Allocate memory for a new IDT */ Modified: trunk/reactos/ntoskrnl/ke/profobj.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/profobj.c?rev=… ============================================================================== --- trunk/reactos/ntoskrnl/ke/profobj.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/ke/profobj.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -142,7 +142,7 @@ KeLowerIrql(OldIrql); /* Free the pool */ - if (FreeBuffer) ExFreePool(SourceBuffer); + if (FreeBuffer) ExFreePoolWithTag(SourceBuffer, 'forP'); /* Return whether we could start the profile */ return StartedProfile; Modified: trunk/reactos/ntoskrnl/ob/oblife.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ob/oblife.c?rev=5… ============================================================================== --- trunk/reactos/ntoskrnl/ob/oblife.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/ob/oblife.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -1429,7 +1429,7 @@ POBJECT_HEADER ObjectHeader = NULL; POBJECT_HANDLE_ATTRIBUTE_INFORMATION HandleFlags; POBJECT_BASIC_INFORMATION BasicInfo; - ULONG InfoLength; + ULONG InfoLength = 0; PVOID Object = NULL; NTSTATUS Status; KPROCESSOR_MODE PreviousMode = ExGetPreviousMode(); Modified: trunk/reactos/ntoskrnl/ob/oblink.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ob/oblink.c?rev=5… ============================================================================== --- trunk/reactos/ntoskrnl/ob/oblink.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/ob/oblink.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -595,7 +595,12 @@ ExAllocatePoolWithTag(PagedPool, CapturedLinkTarget.MaximumLength, TAG_SYMLINK_TARGET); - if (!SymbolicLink->LinkTarget.Buffer) return STATUS_NO_MEMORY; + if (!SymbolicLink->LinkTarget.Buffer) + { + /* Dereference the symbolic link object and fail */ + ObDereferenceObject(SymbolicLink); + return STATUS_NO_MEMORY; + } /* Copy it */ RtlCopyMemory(SymbolicLink->LinkTarget.Buffer, Modified: trunk/reactos/ntoskrnl/ob/obsdcach.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ob/obsdcach.c?rev… ============================================================================== --- trunk/reactos/ntoskrnl/ob/obsdcach.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/ob/obsdcach.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -427,7 +427,7 @@ *OutputSecurityDescriptor = &SdHeader->SecurityDescriptor; /* Free anything that we may have had to create */ - if (NewHeader) ExFreePool(NewHeader); + if (NewHeader) ExFreePoolWithTag(NewHeader, TAG_OB_SD_CACHE); return STATUS_SUCCESS; } Modified: trunk/reactos/ntoskrnl/ob/obsecure.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ob/obsecure.c?rev… ============================================================================== --- trunk/reactos/ntoskrnl/ob/obsecure.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/ob/obsecure.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -217,7 +217,7 @@ { POBJECT_HEADER ObjectHeader; POBJECT_TYPE ObjectType; - PSECURITY_DESCRIPTOR SecurityDescriptor; + PSECURITY_DESCRIPTOR SecurityDescriptor = NULL; BOOLEAN SdAllocated; BOOLEAN Result = TRUE; ACCESS_MASK GrantedAccess = 0; @@ -280,7 +280,7 @@ { POBJECT_HEADER ObjectHeader; POBJECT_TYPE ObjectType; - PSECURITY_DESCRIPTOR SecurityDescriptor; + PSECURITY_DESCRIPTOR SecurityDescriptor = NULL; BOOLEAN SdAllocated; BOOLEAN Result; ACCESS_MASK GrantedAccess = 0; @@ -338,7 +338,7 @@ { POBJECT_HEADER ObjectHeader; POBJECT_TYPE ObjectType; - PSECURITY_DESCRIPTOR SecurityDescriptor; + PSECURITY_DESCRIPTOR SecurityDescriptor = NULL; BOOLEAN SdAllocated; BOOLEAN Result; ACCESS_MASK GrantedAccess = 0; Modified: trunk/reactos/ntoskrnl/po/power.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/po/power.c?rev=57… ============================================================================== --- trunk/reactos/ntoskrnl/po/power.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/po/power.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -79,11 +79,11 @@ PIO_STACK_LOCATION IrpSp; PIRP Irp; NTSTATUS Status; - + KeInitializeEvent(&Event, NotificationEvent, FALSE); - + Irp = IoBuildSynchronousFsdRequest(IRP_MJ_POWER, DeviceObject, NULL, @@ -91,13 +91,14 @@ NULL, &Event, &IoStatusBlock); - + if (!Irp) return STATUS_INSUFFICIENT_RESOURCES; + IrpSp = IoGetNextIrpStackLocation(Irp); IrpSp->MinorFunction = IRP_MN_QUERY_POWER; IrpSp->Parameters.Power.Type = SystemPowerState; IrpSp->Parameters.Power.State.SystemState = SystemState; IrpSp->Parameters.Power.ShutdownType = PowerAction; - + Status = PoCallDriver(DeviceObject, Irp); if (Status == STATUS_PENDING) { @@ -108,7 +109,7 @@ NULL); Status = IoStatusBlock.Status; } - + return Status; } @@ -120,11 +121,11 @@ PIO_STACK_LOCATION IrpSp; PIRP Irp; NTSTATUS Status; - + KeInitializeEvent(&Event, NotificationEvent, FALSE); - + Irp = IoBuildSynchronousFsdRequest(IRP_MJ_POWER, DeviceObject, NULL, @@ -132,13 +133,14 @@ NULL, &Event, &IoStatusBlock); - + if (!Irp) return STATUS_INSUFFICIENT_RESOURCES; + IrpSp = IoGetNextIrpStackLocation(Irp); IrpSp->MinorFunction = IRP_MN_SET_POWER; IrpSp->Parameters.Power.Type = SystemPowerState; IrpSp->Parameters.Power.State.SystemState = SystemState; IrpSp->Parameters.Power.ShutdownType = PowerAction; - + Status = PoCallDriver(DeviceObject, Irp); if (Status == STATUS_PENDING) { @@ -149,7 +151,7 @@ NULL); Status = IoStatusBlock.Status; } - + return Status; } Modified: trunk/reactos/ntoskrnl/ps/kill.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ps/kill.c?rev=574… ============================================================================== --- trunk/reactos/ntoskrnl/ps/kill.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/ps/kill.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -1006,7 +1006,7 @@ } /* We failed, free the APC */ - ExFreePool(Apc); + ExFreePoolWithTag(Apc, TAG_TERMINATE_APC); /* Return Status */ return Status; Modified: trunk/reactos/ntoskrnl/ps/security.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ps/security.c?rev… ============================================================================== --- trunk/reactos/ntoskrnl/ps/security.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/ps/security.c [iso-8859-1] Thu Sep 27 17:16:31 2012 @@ -221,7 +221,7 @@ PACCESS_TOKEN NewToken = Token; NTSTATUS Status, AccessStatus; BOOLEAN Result, SdAllocated; - PSECURITY_DESCRIPTOR SecurityDescriptor; + PSECURITY_DESCRIPTOR SecurityDescriptor = NULL; SECURITY_SUBJECT_CONTEXT SubjectContext; PSTRACE(PS_SECURITY_DEBUG, "Process: %p Token: %p\n", Process, Token); @@ -638,7 +638,7 @@ if (OldData) { /* Someone beat us to it, free our copy */ - ExFreePool(Impersonation); + ExFreePoolWithTag(Impersonation, TAG_PS_IMPERSONATION); Impersonation = OldData; } }