[weiden] 17205: - reverted ObpCaptureObjectAttributes back to my old implementation (slightly modified and extended) because that one at least does what it's supposed to correctly
- reverted ObpCaptureObjectAttributes back to my old implementation (slightly modified and extended) because that one at least does what it's supposed to correctly Modified: trunk/reactos/ntoskrnl/cm/ntfunc.c Modified: trunk/reactos/ntoskrnl/cm/registry.c Modified: trunk/reactos/ntoskrnl/include/internal/ob.h Modified: trunk/reactos/ntoskrnl/lpc/connect.c Modified: trunk/reactos/ntoskrnl/ob/handle.c Modified: trunk/reactos/ntoskrnl/ob/namespc.c Modified: trunk/reactos/ntoskrnl/ob/object.c _____
Modified: trunk/reactos/ntoskrnl/cm/ntfunc.c --- trunk/reactos/ntoskrnl/cm/ntfunc.c 2005-08-08 15:33:04 UTC (rev 17204) +++ trunk/reactos/ntoskrnl/cm/ntfunc.c 2005-08-08 15:39:35 UTC (rev 17205) @@ -192,20 +192,19 @@
PWSTR Start; UNICODE_STRING ObjectName; OBJECT_CREATE_INFORMATION ObjectCreateInfo; + KPROCESSOR_MODE PreviousMode; unsigned i;
PAGED_CODE(); + + PreviousMode = KeGetPreviousMode();
- DPRINT("NtCreateKey (Name %wZ KeyHandle 0x%p Root 0x%p)\n", - ObjectAttributes->ObjectName, - KeyHandle, - ObjectAttributes->RootDirectory); - /* Capture all the info */ DPRINT("Capturing Create Info\n"); Status = ObpCaptureObjectAttributes(ObjectAttributes, - KeGetPreviousMode(), - CmiKeyType, + PreviousMode, + PagedPool, + FALSE, &ObjectCreateInfo, &ObjectName); if (!NT_SUCCESS(Status)) @@ -219,8 +218,10 @@ (PVOID*)&Object, &RemainingPath, CmiKeyType); - ObpReleaseCapturedAttributes(&ObjectCreateInfo); - if (ObjectName.Buffer) ExFreePool(ObjectName.Buffer); + ObpReleaseCapturedAttributes(&ObjectCreateInfo, + &ObjectName, + PreviousMode, + FALSE); if (!NT_SUCCESS(Status)) { DPRINT("CmpFindObject failed, Status: 0x%x\n", Status); @@ -1169,7 +1170,8 @@ DPRINT("Capturing Create Info\n"); Status = ObpCaptureObjectAttributes(ObjectAttributes, PreviousMode, - CmiKeyType, + PagedPool, + FALSE, &ObjectCreateInfo, &ObjectName); if (!NT_SUCCESS(Status)) @@ -1185,8 +1187,10 @@ (PVOID*)&Object, &RemainingPath, CmiKeyType); - ObpReleaseCapturedAttributes(&ObjectCreateInfo); - if (ObjectName.Buffer) ExFreePool(ObjectName.Buffer); + ObpReleaseCapturedAttributes(&ObjectCreateInfo, + &ObjectName, + PreviousMode, + FALSE); if (!NT_SUCCESS(Status)) { DPRINT("CmpFindObject() returned 0x%08lx\n", Status); _____
Modified: trunk/reactos/ntoskrnl/cm/registry.c --- trunk/reactos/ntoskrnl/cm/registry.c 2005-08-08 15:33:04 UTC (rev 17204) +++ trunk/reactos/ntoskrnl/cm/registry.c 2005-08-08 15:39:35 UTC (rev 17205) @@ -705,7 +705,8 @@
DPRINT("Capturing Create Info\n"); Status = ObpCaptureObjectAttributes(KeyObjectAttributes, KernelMode, - CmiKeyType, + PagedPool, + FALSE, &ObjectCreateInfo, &ObjectName); if (!NT_SUCCESS(Status)) @@ -719,8 +720,10 @@ (PVOID*)&ParentKey, &RemainingPath, CmiKeyType); - ObpReleaseCapturedAttributes(&ObjectCreateInfo); - if (ObjectName.Buffer) ExFreePool(ObjectName.Buffer); + ObpReleaseCapturedAttributes(&ObjectCreateInfo, + &ObjectName, + KernelMode, + FALSE); if (!NT_SUCCESS(Status)) { return Status; _____
Modified: trunk/reactos/ntoskrnl/include/internal/ob.h --- trunk/reactos/ntoskrnl/include/internal/ob.h 2005-08-08 15:33:04 UTC (rev 17204) +++ trunk/reactos/ntoskrnl/include/internal/ob.h 2005-08-08 15:39:35 UTC (rev 17205) @@ -173,14 +173,6 @@
/* Secure object information functions */
-typedef struct _CAPTURED_OBJECT_ATTRIBUTES -{ - HANDLE RootDirectory; - ULONG Attributes; - PSECURITY_DESCRIPTOR SecurityDescriptor; - PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService; -} CAPTURED_OBJECT_ATTRIBUTES, *PCAPTURED_OBJECT_ATTRIBUTES; - NTSTATUS STDCALL ObpCaptureObjectName(IN PUNICODE_STRING CapturedName, @@ -189,16 +181,19 @@
NTSTATUS STDCALL -ObpCaptureObjectAttributes(IN POBJECT_ATTRIBUTES ObjectAttributes, +ObpCaptureObjectAttributes(IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN KPROCESSOR_MODE AccessMode, - IN POBJECT_TYPE ObjectType, - IN POBJECT_CREATE_INFORMATION ObjectCreateInfo, - OUT PUNICODE_STRING ObjectName); + IN POOL_TYPE PoolType, + IN BOOLEAN CaptureIfKernel, + OUT POBJECT_CREATE_INFORMATION CapturedObjectAttributes OPTIONAL, + OUT PUNICODE_STRING ObjectName OPTIONAL);
VOID STDCALL -ObpReleaseCapturedAttributes(IN POBJECT_CREATE_INFORMATION ObjectCreateInfo); - +ObpReleaseCapturedAttributes(IN POBJECT_CREATE_INFORMATION CapturedObjectAttributes OPTIONAL, + IN PUNICODE_STRING ObjectName OPTIONAL, + IN KPROCESSOR_MODE AccessMode, + IN BOOLEAN CaptureIfKernel); /* object information classes */
#define ICIF_QUERY 0x1 _____
Modified: trunk/reactos/ntoskrnl/lpc/connect.c --- trunk/reactos/ntoskrnl/lpc/connect.c 2005-08-08 15:33:04 UTC (rev 17204) +++ trunk/reactos/ntoskrnl/lpc/connect.c 2005-08-08 15:39:35 UTC (rev 17205) @@ -410,7 +410,7 @@
NULL, PORT_ALL_ACCESS, /* DesiredAccess */ LpcPortObjectType, - UserMode, + PreviousMode, NULL, (PVOID*)&NamedPort); if (!NT_SUCCESS(Status)) @@ -430,7 +430,7 @@ Status = ObReferenceObjectByHandle(WriteMap.SectionHandle, SECTION_MAP_READ | SECTION_MAP_WRITE, MmSectionObjectType, - UserMode, + PreviousMode, (PVOID*)&SectionObject, NULL); if (!NT_SUCCESS(Status)) _____
Modified: trunk/reactos/ntoskrnl/ob/handle.c --- trunk/reactos/ntoskrnl/ob/handle.c 2005-08-08 15:33:04 UTC (rev 17204) +++ trunk/reactos/ntoskrnl/ob/handle.c 2005-08-08 15:39:35 UTC (rev 17205) @@ -955,7 +955,7 @@
/* First try to find the Object */ if (ObjectNameInfo && ObjectNameInfo->Name.Buffer) { - DPRINT("Object has a name. Trying to find it: %wZ.\n", &ObjectNameInfo->Name); + DPRINT("Object has a name. Trying to find it: "%wZ".\n", &ObjectNameInfo->Name); Status = ObFindObject(ObjectCreateInfo, &ObjectNameInfo->Name, &FoundObject, @@ -1132,7 +1132,10 @@
/* We can delete the Create Info now */ Header->ObjectCreateInfo = NULL; - ObpReleaseCapturedAttributes(ObjectCreateInfo); + ObpReleaseCapturedAttributes(ObjectCreateInfo, + NULL, + ObjectCreateInfo->ProbeMode, + FALSE); ExFreePool(ObjectCreateInfo);
DPRINT("Status %x\n", Status); _____
Modified: trunk/reactos/ntoskrnl/ob/namespc.c --- trunk/reactos/ntoskrnl/ob/namespc.c 2005-08-08 15:33:04 UTC (rev 17204) +++ trunk/reactos/ntoskrnl/ob/namespc.c 2005-08-08 15:39:35 UTC (rev 17205) @@ -70,20 +70,35 @@
NTSTATUS Status;
PAGED_CODE(); + + /* capture the ObjectPath */ + Status = RtlCaptureUnicodeString(&ObjectName, + AccessMode, + NonPagedPool, /* FIXME */ + FALSE, + ObjectPath); + if (!NT_SUCCESS(Status)) + { + DPRINT("RtlCaptureUnicodeString() failed (Status %lx)\n", Status); + return Status; + }
InitializeObjectAttributes(&ObjectAttributes, - ObjectPath, + &ObjectName, Attributes | OBJ_OPENIF, NULL, NULL);
- /* Capture all the info */ + /* "Capture" all the info, it doesn't make sense to capture from the kernel + stack as the information should be safe anyway...just do a raw copy of the + data into the OBJECT_CREATE_INFORMATION structure */ DPRINT("Capturing Create Info\n"); Status = ObpCaptureObjectAttributes(&ObjectAttributes, - AccessMode, - ObjectType, + KernelMode, /* raw copy! */ + NonPagedPool, + FALSE, &ObjectCreateInfo, - &ObjectName); + NULL); if (!NT_SUCCESS(Status)) { DPRINT("ObpCaptureObjectAttributes() failed (Status %lx)\n", Status); @@ -96,9 +111,19 @@ &RemainingPath, ObjectType);
- ObpReleaseCapturedAttributes(&ObjectCreateInfo); - if (ObjectName.Buffer) ExFreePool(ObjectName.Buffer); + /* we don't need to release the "captured" object attributes! Nothing was allocated! */ +#if 0 + ObpReleaseCapturedAttributes(&ObjectCreateInfo, + NULL, + AccessMode, + FALSE); +#endif
+ /* free the captured ObjectPath if needed */ + RtlReleaseCapturedUnicodeString(&ObjectName, + AccessMode, + FALSE); + if (!NT_SUCCESS(Status)) { return(Status); @@ -169,7 +194,8 @@ DPRINT("Capturing Create Info\n"); Status = ObpCaptureObjectAttributes(ObjectAttributes, AccessMode, - ObjectType, + PagedPool, + FALSE, &ObjectCreateInfo, &ObjectName); if (!NT_SUCCESS(Status)) @@ -183,8 +209,10 @@ &Object, &RemainingPath, ObjectType); - ObpReleaseCapturedAttributes(&ObjectCreateInfo); - if (ObjectName.Buffer) ExFreePool(ObjectName.Buffer); + ObpReleaseCapturedAttributes(&ObjectCreateInfo, + &ObjectName, + AccessMode, + FALSE); if (!NT_SUCCESS(Status)) { DPRINT("ObFindObject() failed (Status %lx)\n", Status); _____
Modified: trunk/reactos/ntoskrnl/ob/object.c --- trunk/reactos/ntoskrnl/ob/object.c 2005-08-08 15:33:04 UTC (rev 17204) +++ trunk/reactos/ntoskrnl/ob/object.c 2005-08-08 15:39:35 UTC (rev 17205) @@ -110,162 +110,298 @@
NTSTATUS STDCALL -ObpCaptureObjectAttributes(IN POBJECT_ATTRIBUTES ObjectAttributes, +ObpCaptureObjectAttributes(IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN KPROCESSOR_MODE AccessMode, - IN POBJECT_TYPE ObjectType, - IN POBJECT_CREATE_INFORMATION ObjectCreateInfo, - OUT PUNICODE_STRING ObjectName) + IN POOL_TYPE PoolType, + IN BOOLEAN CaptureIfKernel, + OUT POBJECT_CREATE_INFORMATION CapturedObjectAttributes OPTIONAL, + OUT PUNICODE_STRING ObjectName OPTIONAL) { + OBJECT_ATTRIBUTES AttributesCopy; NTSTATUS Status = STATUS_SUCCESS; - PSECURITY_DESCRIPTOR SecurityDescriptor; - PSECURITY_QUALITY_OF_SERVICE SecurityQos; - PUNICODE_STRING LocalObjectName = NULL;
- /* Zero out the Capture Data */ - DPRINT("ObpCaptureObjectAttributes\n"); - RtlZeroMemory(ObjectCreateInfo, sizeof(OBJECT_CREATE_INFORMATION)); - - /* Check if we got Oba */ - if (ObjectAttributes) + /* at least one output parameter must be != NULL! */ + ASSERT(CapturedObjectAttributes != NULL || ObjectName != NULL); + + if (ObjectAttributes == NULL) { - if (AccessMode != KernelMode) + /* we're going to return STATUS_SUCCESS! */ + goto failbasiccleanup; + } + + if (AccessMode != KernelMode) + { + _SEH_TRY { - DPRINT("Probing OBA\n"); - _SEH_TRY + ProbeForRead(ObjectAttributes, + sizeof(ObjectAttributes), + sizeof(ULONG)); + /* make a copy on the stack */ + AttributesCopy = *ObjectAttributes; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(!NT_SUCCESS(Status)) + { + DPRINT1("ObpCaptureObjectAttributes failed to probe object attributes 0x%p\n", ObjectAttributes); + KEBUGCHECK(0); + goto failbasiccleanup; + } + } + else if (!CaptureIfKernel) + { + if (ObjectAttributes->Length == sizeof(OBJECT_ATTRIBUTES)) + { + if (ObjectName != NULL) { - /* FIXME: SMSS SENDS BULLSHIT. */ - #if 0 - ProbeForRead(ObjectAttributes, - sizeof(ObjectAttributes), - sizeof(ULONG)); - #endif + /* we don't have to capture any memory, the caller considers the passed data + as valid */ + if (ObjectAttributes->ObjectName != NULL) + { + *ObjectName = *ObjectAttributes->ObjectName; + } + else + { + ObjectName->Length = ObjectName->MaximumLength = 0; + ObjectName->Buffer = NULL; + } } - _SEH_HANDLE + if (CapturedObjectAttributes != NULL) { - Status = _SEH_GetExceptionCode(); + CapturedObjectAttributes->RootDirectory = ObjectAttributes->RootDirectory; + CapturedObjectAttributes->Attributes = ObjectAttributes->Attributes; + CapturedObjectAttributes->SecurityDescriptor = ObjectAttributes->SecurityDescriptor; + CapturedObjectAttributes->SecurityDescriptorCharge = 0; /* FIXME */ + CapturedObjectAttributes->ProbeMode = AccessMode; } - _SEH_END; + + return STATUS_SUCCESS; } - - /* Validate the Size */ - DPRINT("Validating OBA\n"); - if (ObjectAttributes->Length != sizeof(OBJECT_ATTRIBUTES)) + else { Status = STATUS_INVALID_PARAMETER; + goto failbasiccleanup; } + } + else + { + AttributesCopy = *ObjectAttributes; + }
- /* Fail if SEH or Size Validation failed */ - if(!NT_SUCCESS(Status)) + /* if Length isn't as expected, bail with an invalid parameter status code so + the caller knows he passed garbage... */ + if (AttributesCopy.Length != sizeof(OBJECT_ATTRIBUTES)) + { + Status = STATUS_INVALID_PARAMETER; + goto failbasiccleanup; + } + + if (CapturedObjectAttributes != NULL) + { + CapturedObjectAttributes->RootDirectory = AttributesCopy.RootDirectory; + CapturedObjectAttributes->Attributes = AttributesCopy.Attributes; + + if (AttributesCopy.SecurityDescriptor != NULL) { - DPRINT1("ObpCaptureObjectAttributes failed to probe object attributes\n"); - goto fail; - } - - /* Set some Create Info */ - DPRINT("Creating OBCI\n"); - ObjectCreateInfo->RootDirectory = ObjectAttributes->RootDirectory; - ObjectCreateInfo->Attributes = ObjectAttributes->Attributes; - LocalObjectName = ObjectAttributes->ObjectName; - SecurityDescriptor = ObjectAttributes->SecurityDescriptor; - SecurityQos = ObjectAttributes->SecurityQualityOfService; - - /* Validate the SD */ - if (SecurityDescriptor) - { - DPRINT("Probing SD: %x\n", SecurityDescriptor); - Status = SeCaptureSecurityDescriptor(SecurityDescriptor, + Status = SeCaptureSecurityDescriptor(AttributesCopy.SecurityDescriptor, AccessMode, - NonPagedPool, + PoolType, TRUE, - &ObjectCreateInfo->SecurityDescriptor); - if(!NT_SUCCESS(Status)) + &CapturedObjectAttributes->SecurityDescriptor); + if (!NT_SUCCESS(Status)) { DPRINT1("Unable to capture the security descriptor!!!\n"); - ObjectCreateInfo->SecurityDescriptor = NULL; - goto fail; + goto failbasiccleanup; } - - DPRINT("Probe done\n"); - ObjectCreateInfo->SecurityDescriptorCharge = 0; /* FIXME */ - ObjectCreateInfo->ProbeMode = AccessMode; + CapturedObjectAttributes->SecurityDescriptorCharge = 0; /* FIXME */ } - - /* Validate the QoS */ - if (SecurityQos) + else { + CapturedObjectAttributes->SecurityDescriptor = NULL; + CapturedObjectAttributes->SecurityDescriptorCharge = 0; + } + } + + if (ObjectName != NULL) + { + ObjectName->Buffer = NULL; + + if (AttributesCopy.ObjectName != NULL) + { + UNICODE_STRING OriginalCopy = {0}; + if (AccessMode != KernelMode) { - DPRINT("Probing QoS\n"); _SEH_TRY { - ProbeForRead(SecurityQos, - sizeof(SECURITY_QUALITY_OF_SERVICE), + /* probe the ObjectName structure and make a local stack copy of it */ + ProbeForRead(AttributesCopy.ObjectName, + sizeof(UNICODE_STRING), sizeof(ULONG)); + OriginalCopy = *AttributesCopy.ObjectName; + if (OriginalCopy.Length > 0) + { + ProbeForRead(OriginalCopy.Buffer, + OriginalCopy.Length, + sizeof(WCHAR)); + } } _SEH_HANDLE { Status = _SEH_GetExceptionCode(); } _SEH_END; + + if (NT_SUCCESS(Status)) + { + ObjectName->Length = OriginalCopy.Length; + + if(OriginalCopy.Length > 0) + { + ObjectName->MaximumLength = OriginalCopy.Length + sizeof(WCHAR); + ObjectName->Buffer = ExAllocatePool(PoolType, + ObjectName->MaximumLength); + if (ObjectName->Buffer != NULL) + { + _SEH_TRY + { + /* no need to probe OriginalCopy.Buffer again, we already did that + when capturing the UNICODE_STRING structure itself */ + RtlCopyMemory(ObjectName->Buffer, OriginalCopy.Buffer, OriginalCopy.Length); + ObjectName->Buffer[OriginalCopy.Length / sizeof(WCHAR)] = L'\0'; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if (!NT_SUCCESS(Status)) + { + DPRINT1("ObpCaptureObjectAttributes failed to copy the unicode string!\n"); + } + } + else + { + Status = STATUS_INSUFFICIENT_RESOURCES; + } + } + else if(AttributesCopy.RootDirectory != NULL /* && OriginalCopy.Length == 0 */) + { + /* if the caller specified a root directory, there must be an object name! */ + Status = STATUS_OBJECT_NAME_INVALID; + } + else + { + ObjectName->Length = ObjectName->MaximumLength = 0; + } + } +#ifdef DBG + else + { + DPRINT1("ObpCaptureObjectAttributes failed to probe the object name UNICODE_STRING structure!\n"); + } +#endif } + else /* AccessMode == KernelMode */ + { + OriginalCopy = *AttributesCopy.ObjectName; + ObjectName->Length = OriginalCopy.Length;
- if(!NT_SUCCESS(Status)) - { - DPRINT1("Unable to capture QoS!!!\n"); - goto fail; + if (OriginalCopy.Length > 0) + { + ObjectName->MaximumLength = OriginalCopy.Length + sizeof(WCHAR); + ObjectName->Buffer = ExAllocatePool(PoolType, + ObjectName->MaximumLength); + if (ObjectName->Buffer != NULL) + { + RtlCopyMemory(ObjectName->Buffer, OriginalCopy.Buffer, OriginalCopy.Length); + ObjectName->Buffer[OriginalCopy.Length / sizeof(WCHAR)] = L'\0'; + } + else + { + Status = STATUS_INSUFFICIENT_RESOURCES; + } + } + else if (AttributesCopy.RootDirectory != NULL /* && OriginalCopy.Length == 0 */) + { + /* if the caller specified a root directory, there must be an object name! */ + Status = STATUS_OBJECT_NAME_INVALID; + } + else + { + ObjectName->Length = ObjectName->MaximumLength = 0; + } } - - ObjectCreateInfo->SecurityQualityOfService = *SecurityQos; - ObjectCreateInfo->SecurityQos = &ObjectCreateInfo->SecurityQualityOfService; } - } - - /* Clear Local Object Name */ - DPRINT("Clearing name\n"); - RtlZeroMemory(ObjectName, sizeof(UNICODE_STRING)); - - /* Now check if the Object Attributes had an Object Name */ - if (LocalObjectName) - { - DPRINT("Name Buffer: %x\n", LocalObjectName->Buffer); - Status = ObpCaptureObjectName(ObjectName, - LocalObjectName, - AccessMode); - } - else - { - /* He can't have specified a Root Directory */ - if (ObjectCreateInfo->RootDirectory) + else { - DPRINT1("Invalid name\n"); - Status = STATUS_OBJECT_NAME_INVALID; + ObjectName->Length = ObjectName->MaximumLength = 0; } }
-fail: + CapturedObjectAttributes->ProbeMode = AccessMode; + if (!NT_SUCCESS(Status)) { - DPRINT1("Failed to capture, cleaning up\n"); - ObpReleaseCapturedAttributes(ObjectCreateInfo); + if (ObjectName->Buffer) + { + ExFreePool(ObjectName->Buffer); + } + if (CapturedObjectAttributes != NULL) + { + /* cleanup allocated resources */ + SeReleaseSecurityDescriptor(CapturedObjectAttributes->SecurityDescriptor , + AccessMode, + TRUE); + } + +failbasiccleanup: + if (ObjectName != NULL) + { + ObjectName->Length = ObjectName->MaximumLength = 0; + ObjectName->Buffer = NULL; + } + if (CapturedObjectAttributes != NULL) + { + RtlZeroMemory(CapturedObjectAttributes, sizeof(OBJECT_CREATE_INFORMATION)); + } } - - DPRINT("Return to caller\n"); + return Status; }
VOID STDCALL -ObpReleaseCapturedAttributes(IN POBJECT_CREATE_INFORMATION ObjectCreateInfo) +ObpReleaseCapturedAttributes(IN POBJECT_CREATE_INFORMATION CapturedObjectAttributes OPTIONAL, + IN PUNICODE_STRING ObjectName OPTIONAL, + IN KPROCESSOR_MODE AccessMode, + IN BOOLEAN CaptureIfKernel) { - /* Release the SD, it's the only thing we allocated */ - if (ObjectCreateInfo->SecurityDescriptor) + /* WARNING - You need to pass the same parameters to this function as you passed + to ObpCaptureObjectAttributes() to avoid memory leaks */ + if(AccessMode != KernelMode || CaptureIfKernel) + { + if(CapturedObjectAttributes != NULL && + CapturedObjectAttributes->SecurityDescriptor != NULL) { - SeReleaseSecurityDescriptor(ObjectCreateInfo->SecurityDescriptor, - ObjectCreateInfo->ProbeMode, - TRUE); - ObjectCreateInfo->SecurityDescriptor = NULL; + ExFreePool(CapturedObjectAttributes->SecurityDescriptor); + +#ifdef DBG + RtlZeroMemory(CapturedObjectAttributes, sizeof(OBJECT_CREATE_INFORMATION)); +#endif } + if(ObjectName != NULL && + ObjectName->Length > 0) + { + ExFreePool(ObjectName->Buffer); + } + } }
@@ -348,7 +484,7 @@ ObjectName->Buffer[0] != L'\') { ObDereferenceObject (CurrentObject); - DPRINT1("failed\n"); + DPRINT1("failed: "%wZ"\n", ObjectName); return STATUS_UNSUCCESSFUL; }
@@ -795,8 +931,9 @@ /* Capture all the info */ DPRINT("Capturing Create Info\n"); Status = ObpCaptureObjectAttributes(ObjectAttributes, - AccessMode, - Type, + ObjectAttributesAccessMode, + NonPagedPool, + TRUE, ObjectCreateInfo, &ObjectName);
@@ -822,8 +959,10 @@
/* Release the Capture Info, we don't need it */ DPRINT1("Allocation failed\n"); - ObpReleaseCapturedAttributes(ObjectCreateInfo); - if (ObjectName.Buffer) ExFreePool(ObjectName.Buffer); + ObpReleaseCapturedAttributes(ObjectCreateInfo, + &ObjectName, + ObjectAttributesAccessMode, + TRUE); }
/* We failed, so release the Buffer */ @@ -977,7 +1116,10 @@ } if (Header->ObjectCreateInfo) { - ObpReleaseCapturedAttributes(Header->ObjectCreateInfo); + ObpReleaseCapturedAttributes(Header->ObjectCreateInfo, + NULL, + Header->ObjectCreateInfo->ProbeMode, + FALSE); ExFreePool(Header->ObjectCreateInfo); }
-
weiden@svn.reactos.com