[pschweitzer] 70819: [NTOSKRNL] Don't attempt to null-dereference fastio routine without checking whether it was set first. This fixes RW with FSDs using cache but no FastIO possibilities. CORE-10892
Author: pschweitzer Date: Mon Feb 29 13:59:32 2016 New Revision: 70819
URL: http://svn.reactos.org/svn/reactos?rev=70819&view=rev Log: [NTOSKRNL] Don't attempt to null-dereference fastio routine without checking whether it was set first.
This fixes RW with FSDs using cache but no FastIO possibilities.
CORE-10892
Modified: trunk/reactos/ntoskrnl/io/iomgr/iofunc.c
Modified: trunk/reactos/ntoskrnl/io/iomgr/iofunc.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/iofunc.c?... ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/iofunc.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/io/iomgr/iofunc.c [iso-8859-1] Mon Feb 29 13:59:32 2016 @@ -2561,55 +2561,58 @@ /* If the file is cached, try fast I/O */ if (FileObject->PrivateCacheMap) { - /* Perform fast write */ + /* Perform fast read */ FastIoDispatch = DeviceObject->DriverObject->FastIoDispatch; - Success = FastIoDispatch->FastIoRead(FileObject, - &CapturedByteOffset, - Length, - TRUE, - CapturedKey, - Buffer, - &KernelIosb, - DeviceObject); - - /* Only accept the result if we got a straightforward status */ - if (Success && - (KernelIosb.Status == STATUS_SUCCESS || - KernelIosb.Status == STATUS_BUFFER_OVERFLOW || - KernelIosb.Status == STATUS_END_OF_FILE)) - { - /* Fast path -- update transfer & operation counts */ - IopUpdateOperationCount(IopReadTransfer); - IopUpdateTransferCount(IopReadTransfer, - (ULONG)KernelIosb.Information); - - /* Enter SEH to write the IOSB back */ - _SEH2_TRY + if (FastIoDispatch != NULL && FastIoDispatch->FastIoRead != NULL) + { + Success = FastIoDispatch->FastIoRead(FileObject, + &CapturedByteOffset, + Length, + TRUE, + CapturedKey, + Buffer, + &KernelIosb, + DeviceObject); + + /* Only accept the result if we got a straightforward status */ + if (Success && + (KernelIosb.Status == STATUS_SUCCESS || + KernelIosb.Status == STATUS_BUFFER_OVERFLOW || + KernelIosb.Status == STATUS_END_OF_FILE)) { - /* Write it back to the caller */ - *IoStatusBlock = KernelIosb; - } - _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) - { - /* The caller's IOSB was invalid, so fail */ - if (EventObject) ObDereferenceObject(EventObject); + /* Fast path -- update transfer & operation counts */ + IopUpdateOperationCount(IopReadTransfer); + IopUpdateTransferCount(IopReadTransfer, + (ULONG)KernelIosb.Information); + + /* Enter SEH to write the IOSB back */ + _SEH2_TRY + { + /* Write it back to the caller */ + *IoStatusBlock = KernelIosb; + } + _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) + { + /* The caller's IOSB was invalid, so fail */ + if (EventObject) ObDereferenceObject(EventObject); + IopUnlockFileObject(FileObject); + ObDereferenceObject(FileObject); + _SEH2_YIELD(return _SEH2_GetExceptionCode()); + } + _SEH2_END; + + /* Signal the completion event */ + if (EventObject) + { + KeSetEvent(EventObject, 0, FALSE); + ObDereferenceObject(EventObject); + } + + /* Clean up */ IopUnlockFileObject(FileObject); ObDereferenceObject(FileObject); - _SEH2_YIELD(return _SEH2_GetExceptionCode()); + return KernelIosb.Status; } - _SEH2_END; - - /* Signal the completion event */ - if (EventObject) - { - KeSetEvent(EventObject, 0, FALSE); - ObDereferenceObject(EventObject); - } - - /* Clean up */ - IopUnlockFileObject(FileObject); - ObDereferenceObject(FileObject); - return KernelIosb.Status; } }
@@ -3573,53 +3576,56 @@ /* If the file is cached, try fast I/O */ if (FileObject->PrivateCacheMap) { - /* Perform fast read */ + /* Perform fast write */ FastIoDispatch = DeviceObject->DriverObject->FastIoDispatch; - Success = FastIoDispatch->FastIoWrite(FileObject, - &CapturedByteOffset, - Length, - TRUE, - CapturedKey, - Buffer, - &KernelIosb, - DeviceObject); - - /* Only accept the result if it was successful */ - if (Success && - KernelIosb.Status == STATUS_SUCCESS) - { - /* Fast path -- update transfer & operation counts */ - IopUpdateOperationCount(IopWriteTransfer); - IopUpdateTransferCount(IopWriteTransfer, - (ULONG)KernelIosb.Information); - - /* Enter SEH to write the IOSB back */ - _SEH2_TRY + if (FastIoDispatch != NULL && FastIoDispatch->FastIoWrite != NULL) + { + Success = FastIoDispatch->FastIoWrite(FileObject, + &CapturedByteOffset, + Length, + TRUE, + CapturedKey, + Buffer, + &KernelIosb, + DeviceObject); + + /* Only accept the result if it was successful */ + if (Success && + KernelIosb.Status == STATUS_SUCCESS) { - /* Write it back to the caller */ - *IoStatusBlock = KernelIosb; - } - _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) - { - /* The caller's IOSB was invalid, so fail */ - if (EventObject) ObDereferenceObject(EventObject); + /* Fast path -- update transfer & operation counts */ + IopUpdateOperationCount(IopWriteTransfer); + IopUpdateTransferCount(IopWriteTransfer, + (ULONG)KernelIosb.Information); + + /* Enter SEH to write the IOSB back */ + _SEH2_TRY + { + /* Write it back to the caller */ + *IoStatusBlock = KernelIosb; + } + _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) + { + /* The caller's IOSB was invalid, so fail */ + if (EventObject) ObDereferenceObject(EventObject); + IopUnlockFileObject(FileObject); + ObDereferenceObject(FileObject); + _SEH2_YIELD(return _SEH2_GetExceptionCode()); + } + _SEH2_END; + + /* Signal the completion event */ + if (EventObject) + { + KeSetEvent(EventObject, 0, FALSE); + ObDereferenceObject(EventObject); + } + + /* Clean up */ IopUnlockFileObject(FileObject); ObDereferenceObject(FileObject); - _SEH2_YIELD(return _SEH2_GetExceptionCode()); + return KernelIosb.Status; } - _SEH2_END; - - /* Signal the completion event */ - if (EventObject) - { - KeSetEvent(EventObject, 0, FALSE); - ObDereferenceObject(EventObject); - } - - /* Clean up */ - IopUnlockFileObject(FileObject); - ObDereferenceObject(FileObject); - return KernelIosb.Status; } }
-
pschweitzer@svn.reactos.org