[dchapyshev] 41383: - Add missed checks of the buffer length - Ros-diffs

11 Jun 2009

Author: dchapyshev
Date: Thu Jun 11 19:21:58 2009
New Revision: 41383
URL: http://svn.reactos.org/svn/reactos?rev=41383&view=rev
Log:
- Add missed checks of the buffer length
Modified:
    trunk/reactos/ntoskrnl/ps/query.c
Modified: trunk/reactos/ntoskrnl/ps/query.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ps/query.c?rev=413...
==============================================================================

--- trunk/reactos/ntoskrnl/ps/query.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/ps/query.c [iso-8859-1] Thu Jun 11 19:21:58 2009
@@ -782,6 +782,13 @@
         /* Error/Exception Port */
         case ProcessExceptionPort:
+            /* Check buffer length */
+            if (ProcessInformationLength != sizeof(HANDLE))
+            {
+                Status = STATUS_INFO_LENGTH_MISMATCH;
+                break;
+            }
+
             /* Use SEH for capture */
             _SEH2_TRY
             {
@@ -819,6 +826,13 @@
         /* Security Token */
         case ProcessAccessToken:
+            /* Check buffer length */
+            if (ProcessInformationLength != sizeof(PROCESS_ACCESS_TOKEN))
+            {
+                Status = STATUS_INFO_LENGTH_MISMATCH;
+                break;
+            }
+
             /* Use SEH for capture */
             _SEH2_TRY
             {
@@ -841,6 +855,13 @@
         /* Hard error processing */
         case ProcessDefaultHardErrorMode:
+            /* Check buffer length */
+            if (ProcessInformationLength != sizeof(ULONG))
+            {
+                Status = STATUS_INFO_LENGTH_MISMATCH;
+                break;
+            }
+
             /* Enter SEH for direct buffer read */
             _SEH2_TRY
             {
@@ -858,6 +879,13 @@
/* Session ID */
         case ProcessSessionInformation:
+
+            /* Check buffer length */
+            if (ProcessInformationLength != sizeof(PROCESS_SESSION_INFORMATION))
+            {
+                Status = STATUS_INFO_LENGTH_MISMATCH;
+                break;
+            }
/* Enter SEH for capture */
             _SEH2_TRY
@@ -1062,6 +1090,13 @@
         /* Thread priority */
         case ThreadPriority:
+            /* Check buffer length */
+            if (ThreadInformationLength != sizeof(KPRIORITY))
+            {
+                Status = STATUS_INFO_LENGTH_MISMATCH;
+                break;
+            }
+
             /* Use SEH for capture */
             _SEH2_TRY
             {
@@ -1090,6 +1125,13 @@
             break;
case ThreadBasePriority:
+
+            /* Check buffer length */
+            if (ThreadInformationLength != sizeof(LONG))
+            {
+                Status = STATUS_INFO_LENGTH_MISMATCH;
+                break;
+            }
/* Use SEH for capture */
             _SEH2_TRY
@@ -1130,6 +1172,13 @@
case ThreadAffinityMask:
+            /* Check buffer length */
+            if (ThreadInformationLength != sizeof(ULONG_PTR))
+            {
+                Status = STATUS_INFO_LENGTH_MISMATCH;
+                break;
+            }
+
             /* Use SEH for capture */
             _SEH2_TRY
             {
@@ -1191,6 +1240,13 @@
case ThreadImpersonationToken:
+            /* Check buffer length */
+            if (ThreadInformationLength != sizeof(HANDLE))
+            {
+                Status = STATUS_INFO_LENGTH_MISMATCH;
+                break;
+            }
+
             /* Use SEH for capture */
             _SEH2_TRY
             {
@@ -1211,6 +1267,13 @@
case ThreadQuerySetWin32StartAddress:
+            /* Check buffer length */
+            if (ThreadInformationLength != sizeof(ULONG_PTR))
+            {
+                Status = STATUS_INFO_LENGTH_MISMATCH;
+                break;
+            }
+
             /* Use SEH for capture */
             _SEH2_TRY
             {
@@ -1230,6 +1293,13 @@
             break;
case ThreadIdealProcessor:
+
+            /* Check buffer length */
+            if (ThreadInformationLength != sizeof(ULONG_PTR))
+            {
+                Status = STATUS_INFO_LENGTH_MISMATCH;
+                break;
+            }
/* Use SEH for capture */
             _SEH2_TRY
@@ -1272,6 +1342,13 @@
case ThreadPriorityBoost:
+            /* Check buffer length */
+            if (ThreadInformationLength != sizeof(ULONG_PTR))
+            {
+                Status = STATUS_INFO_LENGTH_MISMATCH;
+                break;
+            }
+
             /* Use SEH for capture */
             _SEH2_TRY
             {
@@ -1291,6 +1368,13 @@
             break;
case ThreadZeroTlsCell:
+
+            /* Check buffer length */
+            if (ThreadInformationLength != sizeof(ULONG_PTR))
+            {
+                Status = STATUS_INFO_LENGTH_MISMATCH;
+                break;
+            }
/* Use SEH for capture */
             _SEH2_TRY

    