[weiden] 13210: 1. remove obsolete buffer size checks from NtQueryInformationProcess() - Ros-diffs

22 Jan 2005

1. remove obsolete buffer size checks from NtQueryInformationProcess()
2. fixed some buffer checks
Modified: trunk/reactos/ntoskrnl/ex/event.c
Modified: trunk/reactos/ntoskrnl/ex/evtpair.c
Modified: trunk/reactos/ntoskrnl/ex/mutant.c
Modified: trunk/reactos/ntoskrnl/ex/profile.c
Modified: trunk/reactos/ntoskrnl/ex/sysinfo.c
Modified: trunk/reactos/ntoskrnl/io/event.c
Modified: trunk/reactos/ntoskrnl/ps/process.c
  _____
Modified: trunk/reactos/ntoskrnl/ex/event.c

--- trunk/reactos/ntoskrnl/ex/event.c	2005-01-22 12:45:03 UTC (rev
13209)
+++ trunk/reactos/ntoskrnl/ex/event.c	2005-01-22 13:34:27 UTC (rev
13210)
@@ -151,6 +151,11 @@
Status = _SEH_GetExceptionCode();
      }
      _SEH_END;
+     
+     if(!NT_SUCCESS(Status))
+     {
+       return Status;
+     }
    }
Status = ObCreateObject(PreviousMode,
@@ -285,6 +290,11 @@
        Status = _SEH_GetExceptionCode();
      }
      _SEH_END;
+     
+     if(!NT_SUCCESS(Status))
+     {
+       return Status;
+     }
    }
Status = ObReferenceObjectByHandle(EventHandle,
@@ -421,6 +431,11 @@
        Status = _SEH_GetExceptionCode();
      }
      _SEH_END;
+     
+     if(!NT_SUCCESS(Status))
+     {
+       return Status;
+     }
    }
Status = ObReferenceObjectByHandle(EventHandle,
@@ -481,6 +496,11 @@
        Status = _SEH_GetExceptionCode();
      }
      _SEH_END;
+     
+     if(!NT_SUCCESS(Status))
+     {
+       return Status;
+     }
    }
Status = ObReferenceObjectByHandle(EventHandle,
  _____
Modified: trunk/reactos/ntoskrnl/ex/evtpair.c
--- trunk/reactos/ntoskrnl/ex/evtpair.c	2005-01-22 12:45:03 UTC (rev
13209)
+++ trunk/reactos/ntoskrnl/ex/evtpair.c	2005-01-22 13:34:27 UTC (rev
13210)
@@ -114,6 +114,11 @@
Status = _SEH_GetExceptionCode();
      }
      _SEH_END;
+     
+     if(!NT_SUCCESS(Status))
+     {
+       return Status;
+     }
    }
Status = ObCreateObject(ExGetPreviousMode(),
@@ -183,6 +188,11 @@
        Status = _SEH_GetExceptionCode();
      }
      _SEH_END;
+     
+     if(!NT_SUCCESS(Status))
+     {
+       return Status;
+     }
    }
Status = ObOpenObjectByName(ObjectAttributes,
  _____
Modified: trunk/reactos/ntoskrnl/ex/mutant.c
--- trunk/reactos/ntoskrnl/ex/mutant.c	2005-01-22 12:45:03 UTC (rev
13209)
+++ trunk/reactos/ntoskrnl/ex/mutant.c	2005-01-22 13:34:27 UTC (rev
13210)
@@ -137,6 +137,11 @@
Status = _SEH_GetExceptionCode();
      }
      _SEH_END;
+     
+     if(!NT_SUCCESS(Status))
+     {
+       return Status;
+     }
    }
Status = ObCreateObject(PreviousMode,
@@ -343,6 +348,11 @@
        Status = _SEH_GetExceptionCode();
      }
      _SEH_END;
+     
+     if(!NT_SUCCESS(Status))
+     {
+       return Status;
+     }
    }
Status = ObReferenceObjectByHandle(MutantHandle,
  _____
Modified: trunk/reactos/ntoskrnl/ex/profile.c
--- trunk/reactos/ntoskrnl/ex/profile.c	2005-01-22 12:45:03 UTC (rev
13209)
+++ trunk/reactos/ntoskrnl/ex/profile.c	2005-01-22 13:34:27 UTC (rev
13210)
@@ -119,10 +119,42 @@
IN KPROFILE_SOURCE ProfileSource,
    	IN KAFFINITY Affinity)
 {
-  HANDLE SafeProfileHandle;
-  NTSTATUS Status;
+  HANDLE hProfile;
   PKPROFILE Profile;
   PEPROCESS pProcess;
+  KPROCESSOR_MODE PreviousMode;
+  OBJECT_ATTRIBUTES ObjectAttributes;
+  NTSTATUS Status = STATUS_SUCCESS;
+  
+  PreviousMode = ExGetPreviousMode();
+  
+  if(BufferSize == 0)
+  {
+    return STATUS_INVALID_PARAMETER_7;
+  }
+  
+  if(PreviousMode != KernelMode)
+  {
+    _SEH_TRY
+    {
+      ProbeForWrite(ProfileHandle,
+                    sizeof(HANDLE),
+                    sizeof(ULONG));
+      ProbeForWrite(Buffer,
+                    BufferSize,
+                    sizeof(ULONG));
+    }
+    _SEH_HANDLE
+    {
+      Status = _SEH_GetExceptionCode();
+    }
+    _SEH_END;
+    
+    if(!NT_SUCCESS(Status))
+    {
+      return Status;
+    }
+  }
/*
    * Reference the associated process
@@ -132,7 +164,7 @@
       Status = ObReferenceObjectByHandle(Process,
    				 PROCESS_QUERY_INFORMATION,
    				 PsProcessType,
-					 UserMode,
+					 PreviousMode,
    				 (PVOID*)&pProcess,
    				 NULL);
       if (!NT_SUCCESS(Status))
@@ -143,7 +175,11 @@
   else
     {
       pProcess = NULL;
-      /* FIXME: Check privilege. */
+      if(!SeSinglePrivilegeCheck(SeSystemProfilePrivilege,
+                                 PreviousMode))
+      {
+        return STATUS_PRIVILEGE_NOT_HELD;
+      }
     }
/*
@@ -170,11 +206,17 @@
   /*
    * Create the object
    */
-  Status = ObCreateObject(ExGetPreviousMode(),
+  InitializeObjectAttributes(&ObjectAttributes,
+                             NULL,
+                             0,
+                             NULL,
+                             NULL);
+
+  Status = ObCreateObject(KernelMode,
    		  ExProfileObjectType,
+			  &ObjectAttributes,
+			  PreviousMode,
    		  NULL,
-			  ExGetPreviousMode(),
-			  NULL,
    		  sizeof(KPROFILE),
    		  0,
    		  0,
@@ -193,6 +235,7 @@
   Profile->BufferMdl = MmCreateMdl(NULL, Buffer, BufferSize);
   if(Profile->BufferMdl == NULL) {
    DPRINT("MmCreateMdl: Out of memory!");
+	ObDereferenceObject (Profile);
    return(STATUS_NO_MEMORY);
   }  
   MmProbeAndLockPages(Profile->BufferMdl, UserMode, IoWriteAccess);
@@ -212,7 +255,7 @@
    		   STANDARD_RIGHTS_ALL,
    		   0,
    		   NULL,
-			   &SafeProfileHandle);
+			   &hProfile);
   if (!NT_SUCCESS(Status))
     {
       ObDereferenceObject (Profile);
@@ -222,39 +265,70 @@
   /*
    * Copy the created handle back to the caller
    */
-  Status = MmCopyToCaller(ProfileHandle, &SafeProfileHandle,
sizeof(HANDLE));
-  if (!NT_SUCCESS(Status))
-     {
-       ObDereferenceObject(Profile);
-       ZwClose(ProfileHandle);
-       return(Status);
-     }
+  _SEH_TRY
+  {
+    *ProfileHandle = hProfile;
+  }
+  _SEH_HANDLE
+  {
+    Status = _SEH_GetExceptionCode();
+  }
+  _SEH_END;
ObDereferenceObject(Profile);
-  return(STATUS_SUCCESS);
+  return Status;
 }
NTSTATUS STDCALL 
 NtQueryIntervalProfile(IN  KPROFILE_SOURCE ProfileSource,
    	       OUT PULONG Interval)
 {
-  NTSTATUS Status;
+  KPROCESSOR_MODE PreviousMode;
+  NTSTATUS Status = STATUS_SUCCESS;
+  
+  PreviousMode = ExGetPreviousMode();
+  
+  if(PreviousMode != KernelMode)
+  {
+    _SEH_TRY
+    {
+      ProbeForWrite(Interval,
+                    sizeof(ULONG),
+                    sizeof(ULONG));
+    }
+    _SEH_HANDLE
+    {
+      Status = _SEH_GetExceptionCode();
+    }
+    _SEH_END;
+    
+    if(!NT_SUCCESS(Status))
+    {
+      return Status;
+    }
+  }
if (ProfileSource == ProfileTime)
     {
-      ULONG SafeInterval;
+      ULONG ReturnInterval;
/* FIXME: What units does this use, for now nanoseconds */
-      SafeInterval = 100;
-      Status = MmCopyToCaller(Interval, &SafeInterval, sizeof(ULONG));
-      if (!NT_SUCCESS(Status))
-	{
-	  return(Status);
-	}
-      return(STATUS_SUCCESS);
+      ReturnInterval = 100;
+
+      _SEH_TRY
+      {
+        *Interval = ReturnInterval;
+      }
+      _SEH_HANDLE
+      {
+        Status = _SEH_GetExceptionCode();
+      }
+      _SEH_END;
+      
+      return Status;
     }
-  return(STATUS_INVALID_PARAMETER_2);
+  return STATUS_INVALID_PARAMETER_2;
 }
NTSTATUS STDCALL 
@@ -267,13 +341,16 @@
 NTSTATUS STDCALL 
 NtStartProfile(IN HANDLE ProfileHandle)
 {
+  PKPROFILE Profile;
+  KPROCESSOR_MODE PreviousMode;
   NTSTATUS Status;
-  PKPROFILE Profile;
+  
+  PreviousMode = ExGetPreviousMode();
Status = ObReferenceObjectByHandle(ProfileHandle,
    			     STANDARD_RIGHTS_ALL,
    			     ExProfileObjectType,
-				     UserMode,
+				     PreviousMode,
    			     (PVOID*)&Profile,
    			     NULL);
   if (!NT_SUCCESS(Status))
@@ -288,13 +365,16 @@
 NTSTATUS STDCALL 
 NtStopProfile(IN HANDLE ProfileHandle)
 {
+  PKPROFILE Profile;
+  KPROCESSOR_MODE PreviousMode;
   NTSTATUS Status;
-  PKPROFILE Profile;
+  
+  PreviousMode = ExGetPreviousMode();
Status = ObReferenceObjectByHandle(ProfileHandle,
    			     STANDARD_RIGHTS_ALL,
    			     ExProfileObjectType,
-				     UserMode,
+				     PreviousMode,
    			     (PVOID*)&Profile,
    			     NULL);
   if (!NT_SUCCESS(Status))
  _____
Modified: trunk/reactos/ntoskrnl/ex/sysinfo.c
--- trunk/reactos/ntoskrnl/ex/sysinfo.c	2005-01-22 12:45:03 UTC (rev
13209)
+++ trunk/reactos/ntoskrnl/ex/sysinfo.c	2005-01-22 13:34:27 UTC (rev
13210)
@@ -95,7 +95,6 @@
IN	ULONG
ValueBufferLength,
    		       IN OUT	PULONG		ReturnLength
OPTIONAL)
 {
-  NTSTATUS Status;
   ANSI_STRING AName;
   UNICODE_STRING WName;
   BOOLEAN Result;
@@ -103,21 +102,17 @@
   ANSI_STRING AValue;
   UNICODE_STRING WValue;
   KPROCESSOR_MODE PreviousMode;
+  NTSTATUS Status = STATUS_SUCCESS;
PreviousMode = ExGetPreviousMode();
-
-  /*
-   * Copy the name to kernel space if necessary and convert it to ANSI.
-   */
-  Status = RtlCaptureUnicodeString(&WName,
-                                   PreviousMode,
-                                   NonPagedPool,
-                                   FALSE,
-                                   VariableName);
-  if(NT_SUCCESS(Status))
+  
+  if(PreviousMode != KernelMode)
   {
-    if(PreviousMode != KernelMode)
+    _SEH_TRY
     {
+      ProbeForRead(VariableName,
+                   sizeof(UNICODE_STRING),
+                   sizeof(ULONG));
       ProbeForWrite(ValueBuffer,
                     ValueBufferLength,
                     sizeof(WCHAR));
@@ -128,7 +123,28 @@
                       sizeof(ULONG));
       }
     }
+    _SEH_HANDLE
+    {
+      Status = _SEH_GetExceptionCode();
+    }
+    _SEH_END;
+    if(!NT_SUCCESS(Status))
+    {
+      return Status;
+    }
+  }
+
+  /*
+   * Copy the name to kernel space if necessary and convert it to ANSI.
+   */
+  Status = RtlCaptureUnicodeString(&WName,
+                                   PreviousMode,
+                                   NonPagedPool,
+                                   FALSE,
+                                   VariableName);
+  if(NT_SUCCESS(Status))
+  {
     /*
      * according to ntinternals the SeSystemEnvironmentName privilege
is required!
      */
  _____
Modified: trunk/reactos/ntoskrnl/io/event.c
--- trunk/reactos/ntoskrnl/io/event.c	2005-01-22 12:45:03 UTC (rev
13209)
+++ trunk/reactos/ntoskrnl/io/event.c	2005-01-22 13:34:27 UTC (rev
13210)
@@ -65,26 +65,15 @@
PHANDLE EventHandle)
 {
    OBJECT_ATTRIBUTES ObjectAttributes;
-   UNICODE_STRING CapturedEventName;
    KPROCESSOR_MODE PreviousMode;
    PKEVENT Event;
    HANDLE Handle;
    NTSTATUS Status;
PreviousMode = ExGetPreviousMode();
-   
-   Status = RtlCaptureUnicodeString(&CapturedEventName,
-                                    PreviousMode,
-                                    NonPagedPool,
-                                    FALSE,
-                                    EventName);
-   if (!NT_SUCCESS(Status))
-     {
-	return NULL;
-     }
InitializeObjectAttributes(&ObjectAttributes,
-			      &CapturedEventName,
+			      EventName,
    		      OBJ_OPENIF,
    		      NULL,
    		      NULL);
@@ -95,10 +84,6 @@
    		  SynchronizationEvent,
    		  TRUE);
-   RtlRelaseCapturedUnicodeString(&CapturedEventName,
-                                  PreviousMode,
-                                  FALSE);
-
    if (!NT_SUCCESS(Status))
      {
    return NULL;
  _____
Modified: trunk/reactos/ntoskrnl/ps/process.c
--- trunk/reactos/ntoskrnl/ps/process.c	2005-01-22 12:45:03 UTC (rev
13209)
+++ trunk/reactos/ntoskrnl/ps/process.c	2005-01-22 13:34:27 UTC (rev
13210)
@@ -1208,39 +1208,34 @@
switch (ProcessInformationClass)
      {
       case ProcessBasicInformation:
-	if (ProcessInformationLength !=
sizeof(PROCESS_BASIC_INFORMATION))
-	{
-	  Status = STATUS_INFO_LENGTH_MISMATCH;
-	}
-	else
-	{
-          PPROCESS_BASIC_INFORMATION ProcessBasicInformationP =
-	    (PPROCESS_BASIC_INFORMATION)ProcessInformation;
+      {
+        PPROCESS_BASIC_INFORMATION ProcessBasicInformationP =
+	  (PPROCESS_BASIC_INFORMATION)ProcessInformation;
-          _SEH_TRY
-          {
-	    ProcessBasicInformationP->ExitStatus = Process->ExitStatus;
-	    ProcessBasicInformationP->PebBaseAddress = Process->Peb;
-	    ProcessBasicInformationP->AffinityMask =
Process->Pcb.Affinity;
-	    ProcessBasicInformationP->UniqueProcessId =
-	      Process->UniqueProcessId;
-	    ProcessBasicInformationP->InheritedFromUniqueProcessId =
-	      (ULONG)Process->InheritedFromUniqueProcessId;
-	    ProcessBasicInformationP->BasePriority =
-	      Process->Pcb.BasePriority;
+        _SEH_TRY
+        {
+	  ProcessBasicInformationP->ExitStatus = Process->ExitStatus;
+	  ProcessBasicInformationP->PebBaseAddress = Process->Peb;
+	  ProcessBasicInformationP->AffinityMask =
Process->Pcb.Affinity;
+	  ProcessBasicInformationP->UniqueProcessId =
+	    Process->UniqueProcessId;
+	  ProcessBasicInformationP->InheritedFromUniqueProcessId =
+	    (ULONG)Process->InheritedFromUniqueProcessId;
+	  ProcessBasicInformationP->BasePriority =
+	    Process->Pcb.BasePriority;
-	    if (ReturnLength)
-	    {
-	      *ReturnLength = sizeof(PROCESS_BASIC_INFORMATION);
-	    }
-          }
-          _SEH_HANDLE
-          {
-            Status = _SEH_GetExceptionCode();
-          }
-          _SEH_END;
-	}
+	  if (ReturnLength)
+	  {
+	    *ReturnLength = sizeof(PROCESS_BASIC_INFORMATION);
+	  }
+        }
+        _SEH_HANDLE
+        {
+          Status = _SEH_GetExceptionCode();
+        }
+        _SEH_END;
    break;
+      }
case ProcessQuotaLimits:
       case ProcessIoCounters:
@@ -1248,56 +1243,43 @@
    break;
case ProcessTimes:
-	if (ProcessInformationLength != sizeof(KERNEL_USER_TIMES))
-	{
-	  Status = STATUS_INFO_LENGTH_MISMATCH;
-	}
-	else
-	{
-           PKERNEL_USER_TIMES ProcessTimeP =
(PKERNEL_USER_TIMES)ProcessInformation;
-           _SEH_TRY
-           {
-	      ProcessTimeP->CreateTime = Process->CreateTime;
-              ProcessTimeP->UserTime.QuadPart = Process->Pcb.UserTime *
100000LL;
-              ProcessTimeP->KernelTime.QuadPart =
Process->Pcb.KernelTime * 100000LL;
-	      ProcessTimeP->ExitTime = Process->ExitTime;
+      {
+         PKERNEL_USER_TIMES ProcessTimeP =
(PKERNEL_USER_TIMES)ProcessInformation;
+         _SEH_TRY
+         {
+	    ProcessTimeP->CreateTime = Process->CreateTime;
+            ProcessTimeP->UserTime.QuadPart = Process->Pcb.UserTime *
100000LL;
+            ProcessTimeP->KernelTime.QuadPart = Process->Pcb.KernelTime
* 100000LL;
+	    ProcessTimeP->ExitTime = Process->ExitTime;
-	     if (ReturnLength)
-	     {
-	       *ReturnLength = sizeof(KERNEL_USER_TIMES);
-	     }
-           }
-           _SEH_HANDLE
-           {
-             Status = _SEH_GetExceptionCode();
-           }
-           _SEH_END;
-	}
-	break;
+	   if (ReturnLength)
+	   {
+	     *ReturnLength = sizeof(KERNEL_USER_TIMES);
+	   }
+         }
+         _SEH_HANDLE
+         {
+           Status = _SEH_GetExceptionCode();
+         }
+         _SEH_END;
+	 break;
+      }
case ProcessDebugPort:
       {
-      	if (ProcessInformationLength != sizeof(HANDLE))
-	{
-	  Status = STATUS_INFO_LENGTH_MISMATCH;
-	}
-	else
-	{
-          _SEH_TRY
-          {
-
-            *(PHANDLE)ProcessInformation = (Process->DebugPort != NULL
? (HANDLE)-1 : NULL);
-	    if (ReturnLength)
-	    {
-	      *ReturnLength = sizeof(HANDLE);
-	    }
-          }
-          _SEH_HANDLE
-          {
-            Status = _SEH_GetExceptionCode();
-          }
-          _SEH_END;
-	}
+        _SEH_TRY
+        {
+          *(PHANDLE)ProcessInformation = (Process->DebugPort != NULL ?
(HANDLE)-1 : NULL);
+	  if (ReturnLength)
+	  {
+	    *ReturnLength = sizeof(HANDLE);
+	  }
+        }
+        _SEH_HANDLE
+        {
+          Status = _SEH_GetExceptionCode();
+        }
+        _SEH_END;
         break;
       }
@@ -1308,54 +1290,42 @@
    break;
case ProcessHandleCount:
-      	if (ProcessInformationLength != sizeof(ULONG))
-	{
-	  Status = STATUS_INFO_LENGTH_MISMATCH;
-	}
-	else
-	{
-	  ULONG HandleCount =
ObpGetHandleCountByHandleTable(&Process->HandleTable);
+      {
+	ULONG HandleCount =
ObpGetHandleCountByHandleTable(&Process->HandleTable);
      
-	  _SEH_TRY
+	_SEH_TRY
+	{
+          *(PULONG)ProcessInformation = HandleCount;
+	  if (ReturnLength)
      {
-            *(PULONG)ProcessInformation = HandleCount;
-	    if (ReturnLength)
-	    {
-	      *ReturnLength = sizeof(ULONG);
-	    }
+	    *ReturnLength = sizeof(ULONG);
      }
-	  _SEH_HANDLE
-	  {
-            Status = _SEH_GetExceptionCode();
-	  }
-	  _SEH_END;
    }
+	_SEH_HANDLE
+	{
+          Status = _SEH_GetExceptionCode();
+	}
+	_SEH_END;
    break;
+      }
case ProcessSessionInformation:
       {
-        if (ProcessInformationLength !=
sizeof(PROCESS_SESSION_INFORMATION))
-        {
-          Status = STATUS_INFO_LENGTH_MISMATCH;
-        }
-        else
-        {
-          PPROCESS_SESSION_INFORMATION SessionInfo =
(PPROCESS_SESSION_INFORMATION)ProcessInformation;
+        PPROCESS_SESSION_INFORMATION SessionInfo =
(PPROCESS_SESSION_INFORMATION)ProcessInformation;
-          _SEH_TRY
+        _SEH_TRY
+        {
+          SessionInfo->SessionId = Process->SessionId;
+          if (ReturnLength)
           {
-            SessionInfo->SessionId = Process->SessionId;
-            if (ReturnLength)
-            {
-              *ReturnLength = sizeof(PROCESS_SESSION_INFORMATION);
-            }
+            *ReturnLength = sizeof(PROCESS_SESSION_INFORMATION);
           }
-          _SEH_HANDLE
-          {
-            Status = _SEH_GetExceptionCode();
-          }
-          _SEH_END;
         }
+        _SEH_HANDLE
+        {
+          Status = _SEH_GetExceptionCode();
+        }
+        _SEH_END;
         break;
       }
@@ -1365,148 +1335,123 @@
    break;
case ProcessVmCounters:
-	if (ProcessInformationLength != sizeof(VM_COUNTERS))
-	{
-	  Status = STATUS_INFO_LENGTH_MISMATCH;
-	}
-	else
-	{
-	  PVM_COUNTERS pOut = (PVM_COUNTERS)ProcessInformation;
+      {
+	PVM_COUNTERS pOut = (PVM_COUNTERS)ProcessInformation;
      
-	  _SEH_TRY
-	  {
-	    pOut->PeakVirtualSize            = Process->PeakVirtualSize;
-	    /*
-	     * Here we should probably use VirtualSize.LowPart, but due
to
-	     * incompatibilities in current headers (no unnamed union),
-	     * I opted for cast.
-	     */
-	    pOut->VirtualSize                =
(ULONG)Process->VirtualSize.QuadPart;
-	    pOut->PageFaultCount             =
Process->Vm.PageFaultCount;
-	    pOut->PeakWorkingSetSize         =
Process->Vm.PeakWorkingSetSize;
-	    pOut->WorkingSetSize             =
Process->Vm.WorkingSetSize;
-	    pOut->QuotaPeakPagedPoolUsage    =
Process->QuotaPeakPoolUsage[0]; // TODO: Verify!
-	    pOut->QuotaPagedPoolUsage        =
Process->QuotaPoolUsage[0];     // TODO: Verify!
-	    pOut->QuotaPeakNonPagedPoolUsage =
Process->QuotaPeakPoolUsage[1]; // TODO: Verify!
-	    pOut->QuotaNonPagedPoolUsage     =
Process->QuotaPoolUsage[1];     // TODO: Verify!
-	    pOut->PagefileUsage              = Process->PagefileUsage;
-	    pOut->PeakPagefileUsage          =
Process->PeakPagefileUsage;
+	_SEH_TRY
+	{
+	  pOut->PeakVirtualSize            = Process->PeakVirtualSize;
+	  /*
+	   * Here we should probably use VirtualSize.LowPart, but due to
+	   * incompatibilities in current headers (no unnamed union),
+	   * I opted for cast.
+	   */
+	  pOut->VirtualSize                =
(ULONG)Process->VirtualSize.QuadPart;
+	  pOut->PageFaultCount             = Process->Vm.PageFaultCount;
+	  pOut->PeakWorkingSetSize         =
Process->Vm.PeakWorkingSetSize;
+	  pOut->WorkingSetSize             = Process->Vm.WorkingSetSize;
+	  pOut->QuotaPeakPagedPoolUsage    =
Process->QuotaPeakPoolUsage[0]; // TODO: Verify!
+	  pOut->QuotaPagedPoolUsage        = Process->QuotaPoolUsage[0];
// TODO: Verify!
+	  pOut->QuotaPeakNonPagedPoolUsage =
Process->QuotaPeakPoolUsage[1]; // TODO: Verify!
+	  pOut->QuotaNonPagedPoolUsage     = Process->QuotaPoolUsage[1];
// TODO: Verify!
+	  pOut->PagefileUsage              = Process->PagefileUsage;
+	  pOut->PeakPagefileUsage          = Process->PeakPagefileUsage;
-	    if (ReturnLength)
-	    {
-	      *ReturnLength = sizeof(VM_COUNTERS);
-	    }
-          }
-          _SEH_HANDLE
-          {
-            Status = _SEH_GetExceptionCode();
-          }
-          _SEH_END;
-	}
+	  if (ReturnLength)
+	  {
+	    *ReturnLength = sizeof(VM_COUNTERS);
+	  }
+        }
+        _SEH_HANDLE
+        {
+          Status = _SEH_GetExceptionCode();
+        }
+        _SEH_END;
    break;
+      }
case ProcessDefaultHardErrorMode:
-	if (ProcessInformationLength != sizeof(ULONG))
+      {
+	PULONG HardErrMode = (PULONG)ProcessInformation;
+	_SEH_TRY
    {
-	  Status = STATUS_INFO_LENGTH_MISMATCH;
-	}
-	else
-	{
-	  PULONG HardErrMode = (PULONG)ProcessInformation;
-	  _SEH_TRY
+	  *HardErrMode = Process->DefaultHardErrorProcessing;
+	  if (ReturnLength)
      {
-	    *HardErrMode = Process->DefaultHardErrorProcessing;
-	    if (ReturnLength)
-	    {
-	      *ReturnLength = sizeof(ULONG);
-	    }
+	    *ReturnLength = sizeof(ULONG);
      }
-	  _SEH_HANDLE
-	  {
-            Status = _SEH_GetExceptionCode();
-	  }
-	  _SEH_END;
    }
+	_SEH_HANDLE
+	{
+          Status = _SEH_GetExceptionCode();
+	}
+	_SEH_END;
    break;
+      }
case ProcessPriorityBoost:
-	if (ProcessInformationLength != sizeof(ULONG))
-	{
-	  Status = STATUS_INFO_LENGTH_MISMATCH;
-	}
-	else
-	{
-	  PULONG BoostEnabled = (PULONG)ProcessInformation;
+      {
+	PULONG BoostEnabled = (PULONG)ProcessInformation;
      
-	  _SEH_TRY
-	  {
-	    *BoostEnabled = Process->Pcb.DisableBoost ? FALSE : TRUE;
+	_SEH_TRY
+	{
+	  *BoostEnabled = Process->Pcb.DisableBoost ? FALSE : TRUE;
-	    if (ReturnLength)
-	    {
-	      *ReturnLength = sizeof(ULONG);
-	    }
-          }
-          _SEH_HANDLE
-          {
-            Status = _SEH_GetExceptionCode();
-          }
-          _SEH_END;
-	}
+	  if (ReturnLength)
+	  {
+	    *ReturnLength = sizeof(ULONG);
+	  }
+        }
+        _SEH_HANDLE
+        {
+          Status = _SEH_GetExceptionCode();
+        }
+        _SEH_END;
    break;
+      }
case ProcessDeviceMap:
-	if (ProcessInformationLength !=
sizeof(PROCESS_DEVICEMAP_INFORMATION))
-        {
-	  Status = STATUS_INFO_LENGTH_MISMATCH;
-	}
-        else
-        {
-          PROCESS_DEVICEMAP_INFORMATION DeviceMap;
+      {
+        PROCESS_DEVICEMAP_INFORMATION DeviceMap;
-          ObQueryDeviceMapInformation(Process, &DeviceMap);
-          
-          _SEH_TRY
+        ObQueryDeviceMapInformation(Process, &DeviceMap);
+
+        _SEH_TRY
+        {
+          *(PPROCESS_DEVICEMAP_INFORMATION)ProcessInformation =
DeviceMap;
+	  if (ReturnLength)
           {
-            *(PPROCESS_DEVICEMAP_INFORMATION)ProcessInformation =
DeviceMap;
-	    if (ReturnLength)
-            {
-	      *ReturnLength = sizeof(PROCESS_DEVICEMAP_INFORMATION);
-	    }
-          }
-          _SEH_HANDLE
-          {
-            Status = _SEH_GetExceptionCode();
-          }
-          _SEH_END;
-	}
+	    *ReturnLength = sizeof(PROCESS_DEVICEMAP_INFORMATION);
+	  }
+        }
+        _SEH_HANDLE
+        {
+          Status = _SEH_GetExceptionCode();
+        }
+        _SEH_END;
    break;
+      }
case ProcessPriorityClass:
-	if (ProcessInformationLength != sizeof(USHORT))
+      {
+	PUSHORT Priority = (PUSHORT)ProcessInformation;
+
+	_SEH_TRY
    {
-	  Status = STATUS_INFO_LENGTH_MISMATCH;
-	}
-	else
-	{
-	  PUSHORT Priority = (PUSHORT)ProcessInformation;
-	  
-	  _SEH_TRY
-	  {
-	    *Priority = Process->PriorityClass;
+	  *Priority = Process->PriorityClass;
-	    if (ReturnLength)
-	    {
-	      *ReturnLength = sizeof(USHORT);
-	    }
-          }
-          _SEH_HANDLE
-          {
-            Status = _SEH_GetExceptionCode();
-          }
-          _SEH_END;
-	}
+	  if (ReturnLength)
+	  {
+	    *ReturnLength = sizeof(USHORT);
+	  }
+        }
+        _SEH_HANDLE
+        {
+          Status = _SEH_GetExceptionCode();
+        }
+        _SEH_END;
    break;
+      }
case ProcessImageFileName:
       {
@@ -1620,6 +1565,7 @@
             }
           }
+          /* don't forget to detach from the process!!! */
           KeDetachProcess();
         }
         else

    