Author: weiden Date: Sun Oct 22 13:06:58 2006 New Revision: 24599 URL: http://svn.reactos.org/svn/reactos?rev=24599&view=rev Log: - Change RtlMoveMemory to RtlCopyMemory where memory regions are never overlapping - Re-Secure a few Nt stubs by adding SEH/Probing where neccessary Modified: trunk/reactos/ntoskrnl/dbgk/debug.c trunk/reactos/ntoskrnl/ex/atom.c trunk/reactos/ntoskrnl/ex/error.c trunk/reactos/ntoskrnl/ex/init.c trunk/reactos/ntoskrnl/ex/time.c trunk/reactos/ntoskrnl/io/iomgr/arcname.c trunk/reactos/ntoskrnl/io/iomgr/driver.c trunk/reactos/ntoskrnl/io/iomgr/error.c trunk/reactos/ntoskrnl/io/iomgr/file.c trunk/reactos/ntoskrnl/io/iomgr/mdl.c trunk/reactos/ntoskrnl/io/iomgr/rawfs.c trunk/reactos/ntoskrnl/io/pnpmgr/pnpmgr.c trunk/reactos/ntoskrnl/kd/kdio.c trunk/reactos/ntoskrnl/ke/except.c trunk/reactos/ntoskrnl/ke/i386/exp.c trunk/reactos/ntoskrnl/ke/i386/thread.c trunk/reactos/ntoskrnl/ke/i386/usercall.c trunk/reactos/ntoskrnl/ke/i386/v86vdm.c trunk/reactos/ntoskrnl/ob/obdir.c trunk/reactos/ntoskrnl/ob/oblife.c trunk/reactos/ntoskrnl/ob/obname.c trunk/reactos/ntoskrnl/ob/obsecure.c trunk/reactos/ntoskrnl/ob/symlink.c trunk/reactos/ntoskrnl/ps/query.c trunk/reactos/ntoskrnl/se/audit.c trunk/reactos/ntoskrnl/vdm/vdmexec.c Modified: trunk/reactos/ntoskrnl/dbgk/debug.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/dbgk/debug.c?rev=… ============================================================================== --- trunk/reactos/ntoskrnl/dbgk/debug.c (original) +++ trunk/reactos/ntoskrnl/dbgk/debug.c Sun Oct 22 13:06:58 2006 @@ -131,7 +131,7 @@ KeInitializeEvent(&DebugEvent->ContinueEvent, SynchronizationEvent, FALSE); DebugEvent->Process = Process; DebugEvent->Thread = Thread; - RtlMoveMemory(&DebugEvent->ApiMsg, Message, sizeof(DBGKM_MSG)); + RtlCopyMemory(&DebugEvent->ApiMsg, Message, sizeof(DBGKM_MSG)); DebugEvent->ClientId = Thread->Cid; /* Check if we have a port object */ @@ -190,7 +190,7 @@ NULL); /* Copy API Message back */ - RtlMoveMemory(Message, &DebugEvent->ApiMsg, sizeof(DBGKM_MSG)); + RtlCopyMemory(Message, &DebugEvent->ApiMsg, sizeof(DBGKM_MSG)); /* Set return status */ Status = DebugEvent->Status; @@ -246,7 +246,7 @@ ZwFlushInstructionCache(NtCurrentProcess(), NULL, 0); /* Copy the buffer back */ - if (NT_SUCCESS(Status)) RtlMoveMemory(Message, Buffer, sizeof(DBGKM_MSG)); + if (NT_SUCCESS(Status)) RtlCopyMemory(Message, Buffer, sizeof(DBGKM_MSG)); /* Resume the process if it was suspended */ if (SuspendProcess) DbgkpResumeProcess(); @@ -1499,7 +1499,7 @@ _SEH_TRY { /* Return our wait state change structure */ - RtlMoveMemory(StateChange, + RtlCopyMemory(StateChange, &WaitStateChange, sizeof(DBGUI_WAIT_STATE_CHANGE)); } Modified: trunk/reactos/ntoskrnl/ex/atom.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ex/atom.c?rev=245… ============================================================================== --- trunk/reactos/ntoskrnl/ex/atom.c (original) +++ trunk/reactos/ntoskrnl/ex/atom.c Sun Oct 22 13:06:58 2006 @@ -134,7 +134,7 @@ else { /* Copy the name and null-terminate it */ - RtlMoveMemory(CapturedName, AtomName, AtomNameLength); + RtlCopyMemory(CapturedName, AtomName, AtomNameLength); CapturedName[AtomNameLength / sizeof(WCHAR)] = UNICODE_NULL; } @@ -288,7 +288,7 @@ else { /* Copy the name and null-terminate it */ - RtlMoveMemory(CapturedName, AtomName, AtomNameLength); + RtlCopyMemory(CapturedName, AtomName, AtomNameLength); CapturedName[AtomNameLength / sizeof(WCHAR)] = UNICODE_NULL; } Modified: trunk/reactos/ntoskrnl/ex/error.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ex/error.c?rev=24… ============================================================================== --- trunk/reactos/ntoskrnl/ex/error.c (original) +++ trunk/reactos/ntoskrnl/ex/error.c Sun Oct 22 13:06:58 2006 @@ -281,7 +281,7 @@ TAG_ERR); /* Copy them */ - RtlMoveMemory(SafeParams, Parameters, ParamSize); + RtlCopyMemory(SafeParams, Parameters, ParamSize); /* Nowo check if there's strings in it */ if (UnicodeStringParameterMask) @@ -298,7 +298,7 @@ sizeof(ULONG_PTR)); /* Capture it */ - RtlMoveMemory(&SafeString, + RtlCopyMemory(&SafeString, (PVOID)SafeParams[i], sizeof(UNICODE_STRING)); Modified: trunk/reactos/ntoskrnl/ex/init.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ex/init.c?rev=245… ============================================================================== --- trunk/reactos/ntoskrnl/ex/init.c (original) +++ trunk/reactos/ntoskrnl/ex/init.c Sun Oct 22 13:06:58 2006 @@ -206,7 +206,7 @@ if (!ExpNlsTableBase) KeBugCheck(PHASE0_INITIALIZATION_FAILED); /* Copy the codepage data in its new location. */ - RtlMoveMemory(ExpNlsTableBase, + RtlCopyMemory(ExpNlsTableBase, LoaderBlock->NlsData->AnsiCodePageData, ExpNlsTableSize); @@ -264,7 +264,7 @@ } /* Copy the codepage data in its new location. */ - RtlMoveMemory(SectionBase, ExpNlsTableBase, ExpNlsTableSize); + RtlCopyMemory(SectionBase, ExpNlsTableBase, ExpNlsTableSize); /* Free the previously allocated buffer and set the new location */ ExFreePool(ExpNlsTableBase); @@ -301,7 +301,7 @@ } /* Copy the table into the system process and set this as the base */ - RtlMoveMemory(SectionBase, ExpNlsTableBase, ExpNlsTableSize); + RtlCopyMemory(SectionBase, ExpNlsTableBase, ExpNlsTableSize); ExpNlsTableBase = SectionBase; } Modified: trunk/reactos/ntoskrnl/ex/time.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ex/time.c?rev=245… ============================================================================== --- trunk/reactos/ntoskrnl/ex/time.c (original) +++ trunk/reactos/ntoskrnl/ex/time.c Sun Oct 22 13:06:58 2006 @@ -106,7 +106,7 @@ ExpTimeZoneId = TIME_ZONE_ID_STANDARD; /* Copy the timezone information */ - RtlMoveMemory(&ExpTimeZoneInfo, + RtlCopyMemory(&ExpTimeZoneInfo, TimeZoneInformation, sizeof(TIME_ZONE_INFORMATION)); Modified: trunk/reactos/ntoskrnl/io/iomgr/arcname.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/arcname.… ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/arcname.c (original) +++ trunk/reactos/ntoskrnl/io/iomgr/arcname.c Sun Oct 22 13:06:58 2006 @@ -403,7 +403,7 @@ if (IoLoaderArcBootDeviceName) { /* Copy the name */ - RtlMoveMemory(IoLoaderArcBootDeviceName, + RtlCopyMemory(IoLoaderArcBootDeviceName, LoaderBlock->ArcBootDeviceName, Length); } Modified: trunk/reactos/ntoskrnl/io/iomgr/driver.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/driver.c… ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/driver.c (original) +++ trunk/reactos/ntoskrnl/io/iomgr/driver.c Sun Oct 22 13:06:58 2006 @@ -1325,7 +1325,7 @@ /* Fill out the key data and copy the buffer */ ServiceKeyName.Length = LocalDriverName.Length; ServiceKeyName.MaximumLength = LocalDriverName.MaximumLength; - RtlMoveMemory(ServiceKeyName.Buffer, + RtlCopyMemory(ServiceKeyName.Buffer, LocalDriverName.Buffer, LocalDriverName.Length); @@ -1334,7 +1334,7 @@ DriverObject->DriverExtension->ServiceKeyName = ServiceKeyName; /* Also store it in the Driver Object. This is a bit of a hack. */ - RtlMoveMemory(&DriverObject->DriverName, + RtlCopyMemory(&DriverObject->DriverName, &ServiceKeyName, sizeof(UNICODE_STRING)); Modified: trunk/reactos/ntoskrnl/io/iomgr/error.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/error.c?… ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/error.c (original) +++ trunk/reactos/ntoskrnl/io/iomgr/error.c Sun Oct 22 13:06:58 2006 @@ -192,7 +192,7 @@ LogEntry->Size; /* Copy the packet */ - RtlMoveMemory(&ErrorMessage->EntryData, + RtlCopyMemory(&ErrorMessage->EntryData, Packet, LogEntry->Size - sizeof(ERROR_LOG_ENTRY)); @@ -290,7 +290,7 @@ */ DriverNameLength = min(DriverNameLength, RemainingLength - 3 * sizeof(UNICODE_NULL)); - RtlMoveMemory(StringBuffer, p, DriverNameLength); + RtlCopyMemory(StringBuffer, p, DriverNameLength); } /* Null-terminate the driver name */ @@ -358,7 +358,7 @@ */ DeviceNameLength = min(ObjectNameInfo->Name.Length, RemainingLength - 2 * sizeof(UNICODE_NULL)); - RtlMoveMemory(StringBuffer, + RtlCopyMemory(StringBuffer, ObjectNameInfo->Name.Buffer, DeviceNameLength); @@ -391,7 +391,7 @@ } /* Now copy the extra strings */ - RtlMoveMemory(StringBuffer, + RtlCopyMemory(StringBuffer, (PCHAR)Packet + Packet->StringOffset, ExtraStringLength); Modified: trunk/reactos/ntoskrnl/io/iomgr/file.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/file.c?r… ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/file.c (original) +++ trunk/reactos/ntoskrnl/io/iomgr/file.c Sun Oct 22 13:06:58 2006 @@ -991,7 +991,7 @@ LocalFileInfo->FileNameLength; /* Write the Name and null-terminate it */ - RtlMoveMemory(p, LocalFileInfo->FileName, FileLength); + RtlCopyMemory(p, LocalFileInfo->FileName, FileLength); p += (FileLength / sizeof(WCHAR)); *p = UNICODE_NULL; LocalReturnLength += sizeof(UNICODE_NULL); @@ -1185,7 +1185,7 @@ _SEH_TRY { /* Copy the buffer back */ - RtlMoveMemory(FileInformation, + RtlCopyMemory(FileInformation, &NetworkOpenInfo, FileInformationSize); } Modified: trunk/reactos/ntoskrnl/io/iomgr/mdl.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/mdl.c?re… ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/mdl.c (original) +++ trunk/reactos/ntoskrnl/io/iomgr/mdl.c Sun Oct 22 13:06:58 2006 @@ -131,7 +131,7 @@ Offset = ((ULONG_PTR)TargetMdl->StartVa - (ULONG_PTR)SourceMdl->StartVa) >> PAGE_SHIFT; SourcePages += Offset; - RtlMoveMemory(TargetPages, SourcePages, Length * sizeof(PFN_TYPE)); + RtlCopyMemory(TargetPages, SourcePages, Length * sizeof(PFN_TYPE)); } /* Modified: trunk/reactos/ntoskrnl/io/iomgr/rawfs.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/rawfs.c?… ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/rawfs.c (original) +++ trunk/reactos/ntoskrnl/io/iomgr/rawfs.c Sun Oct 22 13:06:58 2006 @@ -780,20 +780,20 @@ IN PFILE_FS_ATTRIBUTE_INFORMATION Buffer, IN OUT PULONG Length) { + const WCHAR szRawFSName[] = L"RAW"; ULONG ReturnLength; PAGED_CODE(); /* Check if the buffer is large enough for our name ("RAW") */ ReturnLength = FIELD_OFFSET(FILE_FS_ATTRIBUTE_INFORMATION, - FileSystemName[0]); - ReturnLength += sizeof(L"RAW"); + FileSystemName[sizeof(szRawFSName) / sizeof(szRawFSName[0])]); if (*Length < ReturnLength) return STATUS_BUFFER_OVERFLOW; /* Output the data */ Buffer->FileSystemAttributes = 0; Buffer->MaximumComponentNameLength = 0; Buffer->FileSystemNameLength = 6; - RtlMoveMemory(&Buffer->FileSystemName[0], L"RAW", 6); + RtlCopyMemory(&Buffer->FileSystemName[0], szRawFSName, sizeof(szRawFSName)); /* Return length and success */ *Length -= ReturnLength; Modified: trunk/reactos/ntoskrnl/io/pnpmgr/pnpmgr.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/pnpmgr/pnpmgr.… ============================================================================== --- trunk/reactos/ntoskrnl/io/pnpmgr/pnpmgr.c (original) +++ trunk/reactos/ntoskrnl/io/pnpmgr/pnpmgr.c Sun Oct 22 13:06:58 2006 @@ -932,7 +932,7 @@ if (Stack) { - RtlMoveMemory(&IrpSp->Parameters, + RtlCopyMemory(&IrpSp->Parameters, &Stack->Parameters, sizeof(Stack->Parameters)); } Modified: trunk/reactos/ntoskrnl/kd/kdio.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/kd/kdio.c?rev=245… ============================================================================== --- trunk/reactos/ntoskrnl/kd/kdio.c (original) +++ trunk/reactos/ntoskrnl/kd/kdio.c Sun Oct 22 13:06:58 2006 @@ -64,7 +64,7 @@ if ((CurrentPosition + StringLength) > BufferSize) return; /* Add the string to the buffer */ - RtlMoveMemory(&DebugBuffer[CurrentPosition], String, StringLength); + RtlCopyMemory(&DebugBuffer[CurrentPosition], String, StringLength); /* Update the Current Position */ CurrentPosition += StringLength; Modified: trunk/reactos/ntoskrnl/ke/except.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/except.c?rev=2… ============================================================================== --- trunk/reactos/ntoskrnl/ke/except.c (original) +++ trunk/reactos/ntoskrnl/ke/except.c Sun Oct 22 13:06:58 2006 @@ -24,7 +24,7 @@ /* We'll have to make a copy and probe it */ ProbeForRead(Context, sizeof(CONTEXT), sizeof(ULONG)); - RtlMoveMemory(&LocalContext, Context, sizeof(CONTEXT)); + RtlCopyMemory(&LocalContext, Context, sizeof(CONTEXT)); Context = &LocalContext; /* Convert the context into Exception/Trap Frames */ @@ -128,8 +128,8 @@ ProbeForRead(ExceptionRecord, Size, sizeof(ULONG)); /* Now make copies in the stack */ - RtlMoveMemory(&LocalContext, Context, sizeof(CONTEXT)); - RtlMoveMemory(&LocalExceptionRecord, ExceptionRecord, Size); + RtlCopyMemory(&LocalContext, Context, sizeof(CONTEXT)); + RtlCopyMemory(&LocalExceptionRecord, ExceptionRecord, Size); Context = &LocalContext; ExceptionRecord = &LocalExceptionRecord; Modified: trunk/reactos/ntoskrnl/ke/i386/exp.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/i386/exp.c?rev… ============================================================================== --- trunk/reactos/ntoskrnl/ke/i386/exp.c (original) +++ trunk/reactos/ntoskrnl/ke/i386/exp.c Sun Oct 22 13:06:58 2006 @@ -26,7 +26,7 @@ _SEH_ACCESS_LOCALS(KiCopyInfo); /* Copy the exception records and return to the handler */ - RtlMoveMemory((PVOID)&_SEH_VAR(SehExceptRecord), + RtlCopyMemory((PVOID)&_SEH_VAR(SehExceptRecord), _SEH_GetExceptionPointers()->ExceptionRecord, sizeof(EXCEPTION_RECORD)); return EXCEPTION_EXECUTE_HANDLER; @@ -776,7 +776,7 @@ /* Copy the exception address and record */ _SEH_VAR(SehExceptRecord).ExceptionAddress = ExceptionRecord->ExceptionAddress; - RtlMoveMemory(ExceptionRecord, + RtlCopyMemory(ExceptionRecord, (PVOID)&_SEH_VAR(SehExceptRecord), sizeof(EXCEPTION_RECORD)); Modified: trunk/reactos/ntoskrnl/ke/i386/thread.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/i386/thread.c?… ============================================================================== --- trunk/reactos/ntoskrnl/ke/i386/thread.c (original) +++ trunk/reactos/ntoskrnl/ke/i386/thread.c Sun Oct 22 13:06:58 2006 @@ -88,7 +88,7 @@ DPRINT("Setting up a user-mode thread. InitFrame at: %p\n", InitFrame); /* Copy over the context we got */ - RtlMoveMemory(&LocalContext, ContextPointer, sizeof(CONTEXT)); + RtlCopyMemory(&LocalContext, ContextPointer, sizeof(CONTEXT)); Context = &LocalContext; ContextFlags = CONTEXT_CONTROL; Modified: trunk/reactos/ntoskrnl/ke/i386/usercall.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/i386/usercall.… ============================================================================== --- trunk/reactos/ntoskrnl/ke/i386/usercall.c (original) +++ trunk/reactos/ntoskrnl/ke/i386/usercall.c Sun Oct 22 13:06:58 2006 @@ -24,7 +24,7 @@ _SEH_ACCESS_LOCALS(KiCopyInfo); /* Copy the exception records and return to the handler */ - RtlMoveMemory((PVOID)&_SEH_VAR(SehExceptRecord), + RtlCopyMemory((PVOID)&_SEH_VAR(SehExceptRecord), _SEH_GetExceptionPointers()->ExceptionRecord, sizeof(EXCEPTION_RECORD)); return EXCEPTION_EXECUTE_HANDLER; @@ -93,7 +93,7 @@ ASSERT(!(Stack & 3)); /* Copy data into it */ - RtlMoveMemory((PVOID)(Stack + (4 * sizeof(ULONG_PTR))), + RtlCopyMemory((PVOID)(Stack + (4 * sizeof(ULONG_PTR))), &Context, sizeof(CONTEXT)); Modified: trunk/reactos/ntoskrnl/ke/i386/v86vdm.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/i386/v86vdm.c?… ============================================================================== --- trunk/reactos/ntoskrnl/ke/i386/v86vdm.c (original) +++ trunk/reactos/ntoskrnl/ke/i386/v86vdm.c Sun Oct 22 13:06:58 2006 @@ -60,7 +60,7 @@ *VdmState = 0; /* Copy the context */ - RtlMoveMemory(&VdmTib->VdmContext, Context, ContextSize); + RtlCopyMemory(&VdmTib->VdmContext, Context, ContextSize); VdmTib->VdmContext.SegCs = (ULONG_PTR)Trampoline >> 4; VdmTib->VdmContext.SegSs = (ULONG_PTR)Trampoline >> 4; VdmTib->VdmContext.Eip = 0; @@ -88,7 +88,7 @@ /* Make sure there's space for two IOPMs, then copy & clear the current */ //ASSERT(((PKGDTENTRY)&KeGetPcr()->GDT[KGDT_TSS / 8])->LimitLow >= // (0x2000 + IOPM_OFFSET - 1)); - RtlMoveMemory(Ki386IopmSaveArea, &Tss->IoMaps[0].IoMap, PAGE_SIZE * 2); + RtlCopyMemory(Ki386IopmSaveArea, &Tss->IoMaps[0].IoMap, PAGE_SIZE * 2); RtlZeroMemory(&Tss->IoMaps[0].IoMap, PAGE_SIZE * 2); /* Save the old offset and base, and set the new ones */ @@ -101,7 +101,7 @@ Ki386SetupAndExitToV86Mode(VdmTeb); /* Restore IOPM */ - RtlMoveMemory(&Tss->IoMaps[0].IoMap, Ki386IopmSaveArea, PAGE_SIZE * 2); + RtlCopyMemory(&Tss->IoMaps[0].IoMap, Ki386IopmSaveArea, PAGE_SIZE * 2); Process->IopmOffset = OldOffset; Tss->IoMapBase = OldBase; @@ -109,7 +109,7 @@ KeRevertToUserAffinityThread(); /* Restore context */ - RtlMoveMemory(Context, &VdmTib->VdmContext, ContextSize); + RtlCopyMemory(Context, &VdmTib->VdmContext, ContextSize); Context->ContextFlags = CONTEXT_FULL; /* Free VDM objects */ Modified: trunk/reactos/ntoskrnl/ob/obdir.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ob/obdir.c?rev=24… ============================================================================== --- trunk/reactos/ntoskrnl/ob/obdir.c (original) +++ trunk/reactos/ntoskrnl/ob/obdir.c Sun Oct 22 13:06:58 2006 @@ -343,7 +343,7 @@ /* Write back the handle to the caller */ *DirectoryHandle = hDirectory; } - _SEH_HANDLE + _SEH_EXCEPT(_SEH_ExSystemExceptionFilter) { /* Get the exception code */ Status = _SEH_GetExceptionCode(); @@ -585,7 +585,7 @@ while (Count--) { /* Copy the name buffer */ - RtlMoveMemory(p, + RtlCopyMemory(p, DirectoryInfo->Name.Buffer, DirectoryInfo->Name.Length); @@ -599,7 +599,7 @@ *p++ = UNICODE_NULL; /* Now copy the type name buffer */ - RtlMoveMemory(p, + RtlCopyMemory(p, DirectoryInfo->TypeName.Buffer, DirectoryInfo->TypeName.Length); @@ -620,14 +620,22 @@ *Context = CurrentEntry; } - /* Copy the buffer */ - RtlMoveMemory(Buffer, - LocalBuffer, - (TotalLength <= BufferLength) ? - TotalLength : BufferLength); - - /* Check if the caller requested the return length and return it*/ - if (ReturnLength) *ReturnLength = TotalLength; + _SEH_TRY + { + /* Copy the buffer */ + RtlCopyMemory(Buffer, + LocalBuffer, + (TotalLength <= BufferLength) ? + TotalLength : BufferLength); + + /* Check if the caller requested the return length and return it*/ + if (ReturnLength) *ReturnLength = TotalLength; + } + _SEH_EXCEPT(_SEH_ExSystemExceptionFilter) + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; /* Dereference the directory and free our buffer */ ObDereferenceObject(Directory); @@ -718,7 +726,7 @@ /* Return the handle back to the caller */ *DirectoryHandle = hDirectory; } - _SEH_HANDLE + _SEH_EXCEPT(_SEH_ExSystemExceptionFilter) { /* Get the exception code */ Status = _SEH_GetExceptionCode(); Modified: trunk/reactos/ntoskrnl/ob/oblife.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ob/oblife.c?rev=2… ============================================================================== --- trunk/reactos/ntoskrnl/ob/oblife.c (original) +++ trunk/reactos/ntoskrnl/ob/oblife.c Sun Oct 22 13:06:58 2006 @@ -1251,143 +1251,142 @@ ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object); } - /* Check the information class */ - switch (ObjectInformationClass) - { - /* Basic info */ - case ObjectBasicInformation: - - /* Validate length */ - InfoLength = sizeof(OBJECT_BASIC_INFORMATION); - if (Length != sizeof(OBJECT_BASIC_INFORMATION)) - { - /* Fail */ - Status = STATUS_INFO_LENGTH_MISMATCH; + _SEH_TRY + { + /* Check the information class */ + switch (ObjectInformationClass) + { + /* Basic info */ + case ObjectBasicInformation: + + /* Validate length */ + InfoLength = sizeof(OBJECT_BASIC_INFORMATION); + if (Length != sizeof(OBJECT_BASIC_INFORMATION)) + { + /* Fail */ + Status = STATUS_INFO_LENGTH_MISMATCH; + break; + } + + /* Fill out the basic information */ + BasicInfo = (POBJECT_BASIC_INFORMATION)ObjectInformation; + BasicInfo->Attributes = HandleInfo.HandleAttributes; + BasicInfo->GrantedAccess = HandleInfo.GrantedAccess; + BasicInfo->HandleCount = ObjectHeader->HandleCount; + BasicInfo->PointerCount = ObjectHeader->PointerCount; + + /* Permanent/Exclusive Flags are NOT in Handle attributes! */ + if (ObjectHeader->Flags & OB_FLAG_EXCLUSIVE) + { + /* Set the flag */ + BasicInfo->Attributes |= OBJ_EXCLUSIVE; + } + if (ObjectHeader->Flags & OB_FLAG_PERMANENT) + { + /* Set the flag */ + BasicInfo->Attributes |= OBJ_PERMANENT; + } + + /* Copy quota information */ + BasicInfo->PagedPoolUsage = 0; /* FIXME*/ + BasicInfo->NonPagedPoolUsage = 0; /* FIXME*/ + + /* Copy name information */ + BasicInfo->NameInformationLength = 0; /* FIXME*/ + BasicInfo->TypeInformationLength = 0; /* FIXME*/ + + /* Copy security information */ + BasicInfo->SecurityDescriptorLength = 0; /* FIXME*/ + + /* Check if this is a symlink */ + if (ObjectHeader->Type == ObSymbolicLinkType) + { + /* Return the creation time */ + BasicInfo->CreateTime.QuadPart = + ((POBJECT_SYMBOLIC_LINK)Object)->CreationTime.QuadPart; + } + else + { + /* Otherwise return 0 */ + BasicInfo->CreateTime.QuadPart = (ULONGLONG)0; + } + + /* Break out with success */ + Status = STATUS_SUCCESS; break; - } - - /* Fill out the basic information */ - BasicInfo = (POBJECT_BASIC_INFORMATION)ObjectInformation; - BasicInfo->Attributes = HandleInfo.HandleAttributes; - BasicInfo->GrantedAccess = HandleInfo.GrantedAccess; - BasicInfo->HandleCount = ObjectHeader->HandleCount; - BasicInfo->PointerCount = ObjectHeader->PointerCount; - - /* Permanent/Exclusive Flags are NOT in Handle attributes! */ - if (ObjectHeader->Flags & OB_FLAG_EXCLUSIVE) - { - /* Set the flag */ - BasicInfo->Attributes |= OBJ_EXCLUSIVE; - } - if (ObjectHeader->Flags & OB_FLAG_PERMANENT) - { - /* Set the flag */ - BasicInfo->Attributes |= OBJ_PERMANENT; - } - - /* Copy quota information */ - BasicInfo->PagedPoolUsage = 0; /* FIXME*/ - BasicInfo->NonPagedPoolUsage = 0; /* FIXME*/ - - /* Copy name information */ - BasicInfo->NameInformationLength = 0; /* FIXME*/ - BasicInfo->TypeInformationLength = 0; /* FIXME*/ - - /* Copy security information */ - BasicInfo->SecurityDescriptorLength = 0; /* FIXME*/ - - /* Check if this is a symlink */ - if (ObjectHeader->Type == ObSymbolicLinkType) - { - /* Return the creation time */ - BasicInfo->CreateTime.QuadPart = - ((POBJECT_SYMBOLIC_LINK)Object)->CreationTime.QuadPart; - } - else - { - /* Otherwise return 0 */ - BasicInfo->CreateTime.QuadPart = (ULONGLONG)0; - } - - /* Break out with success */ - Status = STATUS_SUCCESS; - break; - - /* Name information */ - case ObjectNameInformation: - - /* Call the helper and break out */ - Status = ObQueryNameString(Object, - (POBJECT_NAME_INFORMATION) - ObjectInformation, - Length, - &InfoLength); - break; - - /* Information about this type */ - case ObjectTypeInformation: - DPRINT1("NOT IMPLEMENTED!\n"); - Status = STATUS_NOT_IMPLEMENTED; - break; - - /* Information about all types */ - case ObjectAllTypesInformation: - DPRINT1("NOT IMPLEMENTED!\n"); - Status = STATUS_NOT_IMPLEMENTED; - break; - - /* Information about the handle flags */ - case ObjectHandleInformation: - - /* Validate length */ - InfoLength = sizeof (OBJECT_HANDLE_ATTRIBUTE_INFORMATION); - if (Length != sizeof (OBJECT_HANDLE_ATTRIBUTE_INFORMATION)) - { - Status = STATUS_INFO_LENGTH_MISMATCH; + + /* Name information */ + case ObjectNameInformation: + + /* Call the helper and break out */ + Status = ObQueryNameString(Object, + (POBJECT_NAME_INFORMATION) + ObjectInformation, + Length, + &InfoLength); break; - } - - /* Get the structure */ - HandleFlags = (POBJECT_HANDLE_ATTRIBUTE_INFORMATION) - ObjectInformation; - - /* Set the flags */ - HandleFlags->Inherit = (HandleInfo.HandleAttributes & - EX_HANDLE_ENTRY_INHERITABLE) != 0; - HandleFlags->ProtectFromClose = (HandleInfo.HandleAttributes & - EX_HANDLE_ENTRY_PROTECTFROMCLOSE) != 0; - - /* Break out with success */ - Status = STATUS_SUCCESS; - break; - - /* Anything else */ - default: - - /* Fail it */ - Status = STATUS_INVALID_INFO_CLASS; - break; - } + + /* Information about this type */ + case ObjectTypeInformation: + DPRINT1("NOT IMPLEMENTED!\n"); + Status = STATUS_NOT_IMPLEMENTED; + break; + + /* Information about all types */ + case ObjectAllTypesInformation: + DPRINT1("NOT IMPLEMENTED!\n"); + Status = STATUS_NOT_IMPLEMENTED; + break; + + /* Information about the handle flags */ + case ObjectHandleInformation: + + /* Validate length */ + InfoLength = sizeof (OBJECT_HANDLE_ATTRIBUTE_INFORMATION); + if (Length != sizeof (OBJECT_HANDLE_ATTRIBUTE_INFORMATION)) + { + Status = STATUS_INFO_LENGTH_MISMATCH; + break; + } + + /* Get the structure */ + HandleFlags = (POBJECT_HANDLE_ATTRIBUTE_INFORMATION) + ObjectInformation; + + /* Set the flags */ + HandleFlags->Inherit = (HandleInfo.HandleAttributes & + EX_HANDLE_ENTRY_INHERITABLE) != 0; + HandleFlags->ProtectFromClose = (HandleInfo.HandleAttributes & + EX_HANDLE_ENTRY_PROTECTFROMCLOSE) != 0; + + /* Break out with success */ + Status = STATUS_SUCCESS; + break; + + /* Anything else */ + default: + + /* Fail it */ + Status = STATUS_INVALID_INFO_CLASS; + break; + } + + /* Check if the caller wanted the return length */ + if (ResultLength) + { + /* Write the length */ + *ResultLength = Length; + } + } + _SEH_EXCEPT(_SEH_ExSystemExceptionFilter) + { + /* Otherwise, get the exception code */ + Status = _SEH_GetExceptionCode(); + } + _SEH_END; /* Dereference the object if we had referenced it */ if (Object) ObDereferenceObject (Object); - - /* Check if the caller wanted the return length */ - if (ResultLength) - { - /* Protect the write to user mode */ - _SEH_TRY - { - /* Write the length */ - *ResultLength = Length; - } - _SEH_HANDLE - { - /* Otherwise, get the exception code */ - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - } /* Return status */ return Status; @@ -1446,8 +1445,28 @@ /* Save the previous mode and actual information */ Context.PreviousMode = ExGetPreviousMode(); - Context.Information = *(POBJECT_HANDLE_ATTRIBUTE_INFORMATION) - ObjectInformation; + + if (Context.PreviousMode != KernelMode) + { + _SEH_TRY + { + ProbeForRead(ObjectInformation, + sizeof(OBJECT_HANDLE_ATTRIBUTE_INFORMATION), + sizeof(ULONG)); + Context.Information = *(POBJECT_HANDLE_ATTRIBUTE_INFORMATION) + ObjectInformation; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if (!NT_SUCCESS(Status)) return Status; + } + else + Context.Information = *(POBJECT_HANDLE_ATTRIBUTE_INFORMATION) + ObjectInformation; /* Check if this is a kernel handle */ if (ObIsKernelHandle(ObjectHandle, Context.PreviousMode)) Modified: trunk/reactos/ntoskrnl/ob/obname.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ob/obname.c?rev=2… ============================================================================== --- trunk/reactos/ntoskrnl/ob/obname.c (original) +++ trunk/reactos/ntoskrnl/ob/obname.c Sun Oct 22 13:06:58 2006 @@ -500,7 +500,7 @@ ObjectNameInfo = OBJECT_HEADER_TO_NAME_INFO(CurrentHeader); /* Copy the Name */ - RtlMoveMemory(NewName, PartName.Buffer, PartName.MaximumLength); + RtlCopyMemory(NewName, PartName.Buffer, PartName.MaximumLength); /* Free old name */ if (ObjectNameInfo->Name.Buffer) ExFreePool(ObjectNameInfo->Name.Buffer); @@ -792,7 +792,7 @@ /* Start by adding the Object's Name */ ObjectName = (PWCH)((ULONG_PTR)ObjectName - LocalInfo->Name.Length); - RtlMoveMemory(ObjectName, + RtlCopyMemory(ObjectName, LocalInfo->Name.Buffer, LocalInfo->Name.Length); @@ -813,7 +813,7 @@ /* Add the name */ ObjectName = (PWCH)((ULONG_PTR)ObjectName - LocalInfo->Name.Length); - RtlMoveMemory(ObjectName, + RtlCopyMemory(ObjectName, LocalInfo->Name.Buffer, LocalInfo->Name.Length); @@ -859,7 +859,7 @@ /* Make a copy */ DeviceMapInfo->Query.DriveMap = ObSystemDeviceMap->DriveMap; - RtlMoveMemory(DeviceMapInfo->Query.DriveType, + RtlCopyMemory(DeviceMapInfo->Query.DriveType, ObSystemDeviceMap->DriveType, sizeof(ObSystemDeviceMap->DriveType)); Modified: trunk/reactos/ntoskrnl/ob/obsecure.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ob/obsecure.c?rev… ============================================================================== --- trunk/reactos/ntoskrnl/ob/obsecure.c (original) +++ trunk/reactos/ntoskrnl/ob/obsecure.c Sun Oct 22 13:06:58 2006 @@ -620,7 +620,7 @@ InputSecurityDescriptor); SdCopy = ExAllocatePool(PagedPool, sizeof(*SdCopy)); - RtlMoveMemory(SdCopy, InputSecurityDescriptor, sizeof(*SdCopy)); + RtlCopyMemory(SdCopy, InputSecurityDescriptor, sizeof(*SdCopy)); *OutputSecurityDescriptor = SdCopy; return STATUS_SUCCESS; } Modified: trunk/reactos/ntoskrnl/ob/symlink.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ob/symlink.c?rev=… ============================================================================== --- trunk/reactos/ntoskrnl/ob/symlink.c (original) +++ trunk/reactos/ntoskrnl/ob/symlink.c Sun Oct 22 13:06:58 2006 @@ -152,13 +152,13 @@ if (RemainingName->Length) { /* Copy the new path */ - RtlMoveMemory((PVOID)((ULONG_PTR)NewTargetPath + TargetPath->Length), + RtlCopyMemory((PVOID)((ULONG_PTR)NewTargetPath + TargetPath->Length), RemainingName->Buffer, RemainingName->Length); } /* Copy the target path and null-terminate it */ - RtlMoveMemory(NewTargetPath, TargetPath->Buffer, TargetPath->Length); + RtlCopyMemory(NewTargetPath, TargetPath->Buffer, TargetPath->Length); NewTargetPath[LengthUsed / sizeof(WCHAR)] = UNICODE_NULL; /* If the optimization didn't work, free the old buffer */ @@ -287,7 +287,7 @@ if (!SymbolicLink->LinkTarget.Buffer) return STATUS_NO_MEMORY; /* Copy it */ - RtlMoveMemory(SymbolicLink->LinkTarget.Buffer, + RtlCopyMemory(SymbolicLink->LinkTarget.Buffer, CapturedLinkTarget.Buffer, CapturedLinkTarget.MaximumLength); Modified: trunk/reactos/ntoskrnl/ps/query.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ps/query.c?rev=24… ============================================================================== --- trunk/reactos/ntoskrnl/ps/query.c (original) +++ trunk/reactos/ntoskrnl/ps/query.c Sun Oct 22 13:06:58 2006 @@ -376,7 +376,7 @@ _SEH_TRY { /* Copy it */ - RtlMoveMemory(ProcessInformation, + RtlCopyMemory(ProcessInformation, ImageName, Length); Modified: trunk/reactos/ntoskrnl/se/audit.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/audit.c?rev=24… ============================================================================== --- trunk/reactos/ntoskrnl/se/audit.c (original) +++ trunk/reactos/ntoskrnl/se/audit.c Sun Oct 22 13:06:58 2006 @@ -160,7 +160,7 @@ if (ImageName) { /* Make a copy of it */ - RtlMoveMemory(ImageName, + RtlCopyMemory(ImageName, &AuditName->Name, AuditName->Name.MaximumLength + sizeof(UNICODE_STRING)); Modified: trunk/reactos/ntoskrnl/vdm/vdmexec.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/vdm/vdmexec.c?rev… ============================================================================== --- trunk/reactos/ntoskrnl/vdm/vdmexec.c (original) +++ trunk/reactos/ntoskrnl/vdm/vdmexec.c Sun Oct 22 13:06:58 2006 @@ -251,7 +251,7 @@ VdmTib->MonitorContext.Eax = STATUS_SUCCESS; /* Make a copy of the monitor context */ - RtlMoveMemory(&Context, &VdmTib->MonitorContext, sizeof(CONTEXT)); + RtlCopyMemory(&Context, &VdmTib->MonitorContext, sizeof(CONTEXT)); /* Switch contexts */ VdmSwapContext(TrapFrame, &VdmTib->VdmContext, &Context);