[pschweitzer] 70819: [NTOSKRNL] Don't attempt to null-dereference fastio routine without checking whether it was set first. This fixes RW with FSDs using cache but no FastIO possibilities. CORE-10892
29 Feb
2016
29 Feb
'16
1:59 p.m.
Author: pschweitzer
Date: Mon Feb 29 13:59:32 2016
New Revision: 70819
URL: http://svn.reactos.org/svn/reactos?rev=70819&view=rev
Log:
[NTOSKRNL]
Don't attempt to null-dereference fastio routine without checking whether it was set
first.
This fixes RW with FSDs using cache but no FastIO possibilities.
CORE-10892
Modified:
trunk/reactos/ntoskrnl/io/iomgr/iofunc.c
Modified: trunk/reactos/ntoskrnl/io/iomgr/iofunc.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/iofunc.c…
==============================================================================
--- trunk/reactos/ntoskrnl/io/iomgr/iofunc.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/io/iomgr/iofunc.c [iso-8859-1] Mon Feb 29 13:59:32 2016
@@ -2561,55 +2561,58 @@
/* If the file is cached, try fast I/O */
if (FileObject->PrivateCacheMap)
{
- /* Perform fast write */
+ /* Perform fast read */
FastIoDispatch = DeviceObject->DriverObject->FastIoDispatch;
- Success = FastIoDispatch->FastIoRead(FileObject,
- &CapturedByteOffset,
- Length,
- TRUE,
- CapturedKey,
- Buffer,
- &KernelIosb,
- DeviceObject);
-
- /* Only accept the result if we got a straightforward status */
- if (Success &&
- (KernelIosb.Status == STATUS_SUCCESS ||
- KernelIosb.Status == STATUS_BUFFER_OVERFLOW ||
- KernelIosb.Status == STATUS_END_OF_FILE))
- {
- /* Fast path -- update transfer & operation counts */
- IopUpdateOperationCount(IopReadTransfer);
- IopUpdateTransferCount(IopReadTransfer,
- (ULONG)KernelIosb.Information);
-
- /* Enter SEH to write the IOSB back */
- _SEH2_TRY
+ if (FastIoDispatch != NULL && FastIoDispatch->FastIoRead != NULL)
+ {
+ Success = FastIoDispatch->FastIoRead(FileObject,
+ &CapturedByteOffset,
+ Length,
+ TRUE,
+ CapturedKey,
+ Buffer,
+ &KernelIosb,
+ DeviceObject);
+
+ /* Only accept the result if we got a straightforward status */
+ if (Success &&
+ (KernelIosb.Status == STATUS_SUCCESS ||
+ KernelIosb.Status == STATUS_BUFFER_OVERFLOW ||
+ KernelIosb.Status == STATUS_END_OF_FILE))
{
- /* Write it back to the caller */
- *IoStatusBlock = KernelIosb;
- }
- _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
- {
- /* The caller's IOSB was invalid, so fail */
- if (EventObject) ObDereferenceObject(EventObject);
+ /* Fast path -- update transfer & operation counts */
+ IopUpdateOperationCount(IopReadTransfer);
+ IopUpdateTransferCount(IopReadTransfer,
+ (ULONG)KernelIosb.Information);
+
+ /* Enter SEH to write the IOSB back */
+ _SEH2_TRY
+ {
+ /* Write it back to the caller */
+ *IoStatusBlock = KernelIosb;
+ }
+ _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
+ {
+ /* The caller's IOSB was invalid, so fail */
+ if (EventObject) ObDereferenceObject(EventObject);
+ IopUnlockFileObject(FileObject);
+ ObDereferenceObject(FileObject);
+ _SEH2_YIELD(return _SEH2_GetExceptionCode());
+ }
+ _SEH2_END;
+
+ /* Signal the completion event */
+ if (EventObject)
+ {
+ KeSetEvent(EventObject, 0, FALSE);
+ ObDereferenceObject(EventObject);
+ }
+
+ /* Clean up */
IopUnlockFileObject(FileObject);
ObDereferenceObject(FileObject);
- _SEH2_YIELD(return _SEH2_GetExceptionCode());
+ return KernelIosb.Status;
}
- _SEH2_END;
-
- /* Signal the completion event */
- if (EventObject)
- {
- KeSetEvent(EventObject, 0, FALSE);
- ObDereferenceObject(EventObject);
- }
-
- /* Clean up */
- IopUnlockFileObject(FileObject);
- ObDereferenceObject(FileObject);
- return KernelIosb.Status;
}
}
@@ -3573,53 +3576,56 @@
/* If the file is cached, try fast I/O */
if (FileObject->PrivateCacheMap)
{
- /* Perform fast read */
+ /* Perform fast write */
FastIoDispatch = DeviceObject->DriverObject->FastIoDispatch;
- Success = FastIoDispatch->FastIoWrite(FileObject,
- &CapturedByteOffset,
- Length,
- TRUE,
- CapturedKey,
- Buffer,
- &KernelIosb,
- DeviceObject);
-
- /* Only accept the result if it was successful */
- if (Success &&
- KernelIosb.Status == STATUS_SUCCESS)
- {
- /* Fast path -- update transfer & operation counts */
- IopUpdateOperationCount(IopWriteTransfer);
- IopUpdateTransferCount(IopWriteTransfer,
- (ULONG)KernelIosb.Information);
-
- /* Enter SEH to write the IOSB back */
- _SEH2_TRY
+ if (FastIoDispatch != NULL && FastIoDispatch->FastIoWrite !=
NULL)
+ {
+ Success = FastIoDispatch->FastIoWrite(FileObject,
+ &CapturedByteOffset,
+ Length,
+ TRUE,
+ CapturedKey,
+ Buffer,
+ &KernelIosb,
+ DeviceObject);
+
+ /* Only accept the result if it was successful */
+ if (Success &&
+ KernelIosb.Status == STATUS_SUCCESS)
{
- /* Write it back to the caller */
- *IoStatusBlock = KernelIosb;
- }
- _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
- {
- /* The caller's IOSB was invalid, so fail */
- if (EventObject) ObDereferenceObject(EventObject);
+ /* Fast path -- update transfer & operation counts */
+ IopUpdateOperationCount(IopWriteTransfer);
+ IopUpdateTransferCount(IopWriteTransfer,
+ (ULONG)KernelIosb.Information);
+
+ /* Enter SEH to write the IOSB back */
+ _SEH2_TRY
+ {
+ /* Write it back to the caller */
+ *IoStatusBlock = KernelIosb;
+ }
+ _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
+ {
+ /* The caller's IOSB was invalid, so fail */
+ if (EventObject) ObDereferenceObject(EventObject);
+ IopUnlockFileObject(FileObject);
+ ObDereferenceObject(FileObject);
+ _SEH2_YIELD(return _SEH2_GetExceptionCode());
+ }
+ _SEH2_END;
+
+ /* Signal the completion event */
+ if (EventObject)
+ {
+ KeSetEvent(EventObject, 0, FALSE);
+ ObDereferenceObject(EventObject);
+ }
+
+ /* Clean up */
IopUnlockFileObject(FileObject);
ObDereferenceObject(FileObject);
- _SEH2_YIELD(return _SEH2_GetExceptionCode());
+ return KernelIosb.Status;
}
- _SEH2_END;
-
- /* Signal the completion event */
- if (EventObject)
- {
- KeSetEvent(EventObject, 0, FALSE);
- ObDereferenceObject(EventObject);
- }
-
- /* Clean up */
- IopUnlockFileObject(FileObject);
- ObDereferenceObject(FileObject);
- return KernelIosb.Status;
}
}
3182
days inactive
3182
days old
0 comments
1 participants
participants (1)
-
pschweitzer@svn.reactos.org