[tkreuzer] 63416: [WIN32K] Amendment to r63409. Zap remaining kernel object header access from win32k. Noticed by Hermes. - Ros-diffs

22 May 2014

Author: tkreuzer
Date: Thu May 22 19:15:40 2014
New Revision: 63416
URL: http://svn.reactos.org/svn/reactos?rev=63416&view=rev
Log:
[WIN32K]
Amendment to r63409.
Zap remaining kernel object header access from win32k. Noticed by Hermes.
Modified:
    trunk/reactos/win32ss/user/ntuser/desktop.h
    trunk/reactos/win32ss/user/ntuser/winsta.c
Modified: trunk/reactos/win32ss/user/ntuser/desktop.h
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/win32ss/user/ntuser/desktop...
==============================================================================

--- trunk/reactos/win32ss/user/ntuser/desktop.h	[iso-8859-1] (original)
+++ trunk/reactos/win32ss/user/ntuser/desktop.h	[iso-8859-1] Thu May 22 19:15:40 2014
@@ -174,11 +174,6 @@
 #define IntIsActiveDesktop(Desktop) \
   ((Desktop)->rpwinstaParent->ActiveDesktop == (Desktop))
-#define GET_DESKTOP_NAME(d)                                             \
-    OBJECT_HEADER_TO_NAME_INFO(OBJECT_TO_OBJECT_HEADER(d)) ?            \
-    &(OBJECT_HEADER_TO_NAME_INFO(OBJECT_TO_OBJECT_HEADER(d))->Name) :   \
-    NULL
-
 HWND FASTCALL IntGetMessageWindow(VOID);
 PWND FASTCALL UserGetMessageWindow(VOID);
Modified: trunk/reactos/win32ss/user/ntuser/winsta.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/win32ss/user/ntuser/winsta....
==============================================================================
--- trunk/reactos/win32ss/user/ntuser/winsta.c	[iso-8859-1] (original)
+++ trunk/reactos/win32ss/user/ntuser/winsta.c	[iso-8859-1] Thu May 22 19:15:40 2014
@@ -1210,7 +1210,7 @@
    DWORD EntryCount;
    ULONG ReturnLength;
    WCHAR NullWchar;
-   PUNICODE_STRING DesktopName;
+   UNICODE_STRING DesktopName;
Status = IntValidateWindowStationHandle(hWindowStation,
                                            KernelMode,
@@ -1233,8 +1233,8 @@
          DesktopEntry = DesktopEntry->Flink)
    {
       DesktopObject = CONTAINING_RECORD(DesktopEntry, DESKTOP, ListEntry);
-      DesktopName = GET_DESKTOP_NAME(DesktopObject);
-      if (DesktopName) ReturnLength += DesktopName->Length + sizeof(WCHAR);
+      RtlInitUnicodeString(&DesktopName, DesktopObject->pDeskInfo->szDesktopName);
+      ReturnLength += DesktopName.Length + sizeof(WCHAR);
       EntryCount++;
    }
    TRACE("Required size: %lu Entry count: %lu\n", ReturnLength, EntryCount);
@@ -1277,18 +1277,15 @@
          DesktopEntry = DesktopEntry->Flink)
    {
       DesktopObject = CONTAINING_RECORD(DesktopEntry, DESKTOP, ListEntry);
-      _PRAGMA_WARNING_SUPPRESS(__WARNING_DEREF_NULL_PTR)
-      DesktopName = GET_DESKTOP_NAME(DesktopObject);/// @todo Don't mess around with the object headers!
-      if (!DesktopName) continue;
-
-      Status = MmCopyToCaller(lpBuffer, DesktopName->Buffer, DesktopName->Length);
+      RtlInitUnicodeString(&DesktopName, DesktopObject->pDeskInfo->szDesktopName);
+      Status = MmCopyToCaller(lpBuffer, DesktopName.Buffer, DesktopName.Length);
       if (! NT_SUCCESS(Status))
       {
          KeReleaseSpinLock(&WindowStation->Lock, OldLevel);
          ObDereferenceObject(WindowStation);
          return Status;
       }
-      lpBuffer = (PVOID) ((PCHAR)lpBuffer + DesktopName->Length);
+      lpBuffer = (PVOID) ((PCHAR)lpBuffer + DesktopName.Length);
       Status = MmCopyToCaller(lpBuffer, &NullWchar, sizeof(WCHAR));
       if (! NT_SUCCESS(Status))
       {

    