Author: hbelusca Date: Tue Feb 28 20:49:37 2017 New Revision: 74005

URL: http://svn.reactos.org/svn/reactos?rev=74005&view=rev Log: [NTUSER]: NtUserGetObjectInformation, nIndex == UOI_FLAGS case: - Capture the ObjectFlags to be set in a local variable, - Then copy its contents in the mem area pointed by pvInformation *under the SEH block*! This allows: * protection if pvInformation is an invalid pointer; * avoid to run the "RtlCopyMemory(pvInformation, pvData, nDataSize);" afterwards with pvData == NULL.

Modified: trunk/reactos/win32ss/user/ntuser/winsta.c

Modified: trunk/reactos/win32ss/user/ntuser/winsta.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/win32ss/user/ntuser/winsta.... ============================================================================== --- trunk/reactos/win32ss/user/ntuser/winsta.c [iso-8859-1] (original) +++ trunk/reactos/win32ss/user/ntuser/winsta.c [iso-8859-1] Tue Feb 28 20:49:37 2017 @@ -671,9 +671,10 @@ DWORD nLength, PDWORD nLengthNeeded) { - PWINSTATION_OBJECT WinStaObject; + NTSTATUS Status; + PWINSTATION_OBJECT WinStaObject = NULL; PDESKTOP DesktopObject = NULL; - NTSTATUS Status; + USEROBJECTFLAGS ObjectFlags; PVOID pvData = NULL; DWORD nDataSize = 0;

@@ -690,7 +691,7 @@ } _SEH2_END;

- /* try windowstation */ + /* Try window station */ TRACE("Trying to open window station %p\n", hObject); Status = ObReferenceObjectByHandle(hObject, 0, @@ -701,7 +702,7 @@

if (Status == STATUS_OBJECT_TYPE_MISMATCH) { - /* try desktop */ + /* Try desktop */ TRACE("Trying to open desktop %p\n", hObject); WinStaObject = NULL; Status = IntValidateDesktopHandle(hObject, @@ -718,29 +719,25 @@

TRACE("WinSta or Desktop opened!!\n");

- /* get data */ + /* Get data */ switch (nIndex) { case UOI_FLAGS: - nDataSize = sizeof(USEROBJECTFLAGS); - if (nLength >= nDataSize) - { - PUSEROBJECTFLAGS ObjectFlags = pvInformation; - - ObjectFlags->fInherit = 0; - ObjectFlags->fReserved = 0; - ObjectFlags->dwFlags = 0; - - Status = STATUS_SUCCESS; - } - else - { - Status = STATUS_BUFFER_TOO_SMALL; - } + { + /* This is a default implementation that does almost nothing */ + ObjectFlags.fInherit = FALSE; + ObjectFlags.fReserved = FALSE; + ObjectFlags.dwFlags = 0; + + pvData = &ObjectFlags; + nDataSize = sizeof(ObjectFlags); + Status = STATUS_SUCCESS; ERR("UOI_FLAGS unimplemented!\n"); break; + }

case UOI_NAME: + { if (WinStaObject != NULL) { pvData = WinStaObject->Name.Buffer; @@ -754,10 +751,14 @@ Status = STATUS_SUCCESS; } else + { Status = STATUS_INVALID_PARAMETER; + } break; + }

case UOI_TYPE: + { if (WinStaObject != NULL) { pvData = L"WindowStation"; @@ -771,8 +772,11 @@ Status = STATUS_SUCCESS; } else + { Status = STATUS_INVALID_PARAMETER; + } break; + }

case UOI_USER_SID: Status = STATUS_NOT_IMPLEMENTED; @@ -785,7 +789,7 @@ }

Exit: - if (Status == STATUS_SUCCESS && nLength < nDataSize) + if ((Status == STATUS_SUCCESS) && (nLength < nDataSize)) Status = STATUS_BUFFER_TOO_SMALL;

_SEH2_TRY @@ -793,7 +797,7 @@ if (nLengthNeeded) *nLengthNeeded = nDataSize;

- /* try to copy data to caller */ + /* Try to copy data to caller */ if (Status == STATUS_SUCCESS) { TRACE("Trying to copy data to caller (len = %lu, len needed = %lu)\n", nLength, nDataSize); @@ -806,11 +810,11 @@ } _SEH2_END;

- /* release objects */ + /* Release objects */ + if (DesktopObject != NULL) + ObDereferenceObject(DesktopObject); if (WinStaObject != NULL) ObDereferenceObject(WinStaObject); - if (DesktopObject != NULL) - ObDereferenceObject(DesktopObject);

if (!NT_SUCCESS(Status)) {