[cgutman] 52193: [MSAFD] - Fix linger and graceful disconnect - Fix a crash in WSPGetSockName and WSPGetPeerName exposed by ws2_32 winetest sock - Ros-diffs

11 Jun 2011

Author: cgutman
Date: Sat Jun 11 17:49:30 2011
New Revision: 52193
URL: http://svn.reactos.org/svn/reactos?rev=52193&view=rev
Log:
[MSAFD]
- Fix linger and graceful disconnect
- Fix a crash in WSPGetSockName and WSPGetPeerName exposed by ws2_32 winetest sock
Modified:
    trunk/reactos/dll/win32/msafd/misc/dllmain.c
Modified: trunk/reactos/dll/win32/msafd/misc/dllmain.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/msafd/misc/dllma…
==============================================================================

--- trunk/reactos/dll/win32/msafd/misc/dllmain.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/msafd/misc/dllmain.c [iso-8859-1] Sat Jun 11 17:49:30 2011
@@ -401,6 +401,7 @@
     HANDLE SockEvent;
     AFD_DISCONNECT_INFO DisconnectInfo;
     SOCKET_STATE OldState;
+    LONG LingerWait = -1;
     /* Create the Wait Event */
     Status = NtCreateEvent(&SockEvent,
@@ -453,7 +454,6 @@
     /* FIXME: Should we do this on Datagram Sockets too? */
     if ((OldState == SocketConnected) &&
(Socket->SharedData.LingerData.l_onoff))
     {
-        ULONG LingerWait;
         ULONG SendsInProgress;
         ULONG SleepWait;
@@ -477,7 +477,11 @@
             /* Bail out if no more sends are pending */
             if (!SendsInProgress)
+            {
+                LingerWait = -1;
                 break;
+            }
+
             /*
              * We have to execute a sleep, so it's kind of like
              * a block. If the socket is Nonblock, we cannot
@@ -502,15 +506,14 @@
             Sleep(SleepWait);
             LingerWait -= SleepWait;
         }
-
-        /*
-        * We have reached the timeout or sends are over.
-        * Disconnect if the timeout has been reached.
-        */
+    }
+
+    if (OldState == SocketConnected)
+    {
         if (LingerWait <= 0)
         {
             DisconnectInfo.Timeout = RtlConvertLongToLargeInteger(0);
-            DisconnectInfo.DisconnectType = AFD_DISCONNECT_ABORT;
+            DisconnectInfo.DisconnectType = LingerWait < 0 ? AFD_DISCONNECT_SEND :
AFD_DISCONNECT_ABORT;
             /* Send IOCTL */
             Status = NtDeviceIoControlFile((HANDLE)Handle,
@@ -1564,6 +1567,7 @@
     if (Status != STATUS_SUCCESS)
         goto notify;
+    Socket->SharedData.State = SocketConnected;
     Socket->TdiConnectionHandle = (HANDLE)IOSB.Information;
     /* Get any pending connect data */
@@ -1742,6 +1746,13 @@
        return SOCKET_ERROR;
     }
+    if (!Name || !NameLength)
+    {
+        NtClose(SockEvent);
+        *lpErrno = WSAEFAULT;
+        return SOCKET_ERROR;
+    }
+
     /* Allocate a buffer for the address */
     TdiAddressSize =
                sizeof(TRANSPORT_ADDRESS) + Socket->SharedData.SizeOfLocalAddress;
@@ -1834,6 +1845,20 @@
        NtClose(SockEvent);
        *lpErrno = WSAENOTSOCK;
        return SOCKET_ERROR;
+    }
+
+    if (Socket->SharedData.State != SocketConnected)
+    {
+        NtClose(SockEvent);
+        *lpErrno = WSAENOTCONN;
+        return SOCKET_ERROR;
+    }
+
+    if (!Name || !NameLength)
+    {
+        NtClose(SockEvent);
+        *lpErrno = WSAEFAULT;
+        return SOCKET_ERROR;
     }
     /* Allocate a buffer for the address */
    