[hbirr] 17582: - Allocate the csrss request buffer from heap if the necessary length is larger than the request structure.
28 Aug
2005
28 Aug
'05
12:03 p.m.
- Allocate the csrss request buffer from heap if the necessary length is
larger than the request structure.
- Fixed some buffer length calculations.
Modified: trunk/reactos/include/subsys/csrss/csrss.h
Modified: trunk/reactos/lib/kernel32/misc/console.c
Modified: trunk/reactos/subsys/csrss/api/wapi.c
Modified: trunk/reactos/subsys/csrss/win32csr/conio.c
_____
Modified: trunk/reactos/include/subsys/csrss/csrss.h
--- trunk/reactos/include/subsys/csrss/csrss.h 2005-08-28 11:58:06 UTC
(rev 17581)
+++ trunk/reactos/include/subsys/csrss/csrss.h 2005-08-28 12:03:25 UTC
(rev 17582)
@@ -412,12 +412,12 @@
#define CSR_API_MESSAGE_HEADER_SIZE(Type)
(FIELD_OFFSET(CSR_API_MESSAGE, Data) + sizeof(Type))
#define CSRSS_MAX_WRITE_CONSOLE (LPC_MAX_DATA_LENGTH -
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_WRITE_CONSOLE))
-#define CSRSS_MAX_SET_TITLE (LPC_MAX_DATA_LENGTH -
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_SET_TITLE))
#define CSRSS_MAX_WRITE_CONSOLE_OUTPUT_CHAR (LPC_MAX_DATA_LENGTH -
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_WRITE_CONSOLE_OUTPUT_CHAR))
#define CSRSS_MAX_WRITE_CONSOLE_OUTPUT_ATTRIB (LPC_MAX_DATA_LENGTH -
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_WRITE_CONSOLE_OUTPUT_ATTRIB))
#define CSRSS_MAX_READ_CONSOLE (LPC_MAX_DATA_LENGTH -
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_READ_CONSOLE))
#define CSRSS_MAX_READ_CONSOLE_OUTPUT_CHAR (LPC_MAX_DATA_LENGTH -
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_READ_CONSOLE_OUTPUT_CHAR))
#define CSRSS_MAX_READ_CONSOLE_OUTPUT_ATTRIB (LPC_MAX_DATA_LENGTH -
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_READ_CONSOLE_OUTPUT_ATTRIB))
+#define CSRSS_MAX_GET_PROCESS_LIST (LPC_MAX_DATA_LENGTH -
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_GET_PROCESS_LIST))
/* WCHARs, not bytes! */
#define CSRSS_MAX_TITLE_LENGTH 80
@@ -462,7 +462,7 @@
#define GET_OUTPUT_HANDLE (0x25)
#define CLOSE_HANDLE (0x26)
#define VERIFY_HANDLE (0x27)
-#define DUPLICATE_HANDLE (0x28)
+#define DUPLICATE_HANDLE (0x28)
#define SETGET_CONSOLE_HW_STATE (0x29)
#define GET_CONSOLE_WINDOW (0x2A)
#define CREATE_DESKTOP (0x2B)
@@ -475,7 +475,7 @@
#define SET_CONSOLE_CP (0x32)
#define GET_CONSOLE_OUTPUT_CP (0x33)
#define SET_CONSOLE_OUTPUT_CP (0x34)
-#define GET_INPUT_WAIT_HANDLE (0x35)
+#define GET_INPUT_WAIT_HANDLE (0x35)
#define GET_PROCESS_LIST (0x36)
/* Keep in sync with definition below. */
@@ -483,76 +483,65 @@
typedef struct _CSR_API_MESSAGE
{
+ PORT_MESSAGE Header;
+ ULONG Type;
+ NTSTATUS Status;
union
{
- PORT_MESSAGE Header;
- union
- {
- struct
- {
- BYTE HeaderReserved[sizeof(PORT_MESSAGE)];
- ULONG Type;
- NTSTATUS Status;
- union
- {
- CSRSS_CREATE_PROCESS CreateProcessRequest;
- CSRSS_CONNECT_PROCESS ConnectRequest;
- CSRSS_WRITE_CONSOLE WriteConsoleRequest;
- CSRSS_READ_CONSOLE ReadConsoleRequest;
- CSRSS_ALLOC_CONSOLE AllocConsoleRequest;
- CSRSS_SCREEN_BUFFER_INFO ScreenBufferInfoRequest;
- CSRSS_SET_CURSOR SetCursorRequest;
- CSRSS_FILL_OUTPUT FillOutputRequest;
- CSRSS_READ_INPUT ReadInputRequest;
- CSRSS_WRITE_CONSOLE_OUTPUT_CHAR
WriteConsoleOutputCharRequest;
- CSRSS_WRITE_CONSOLE_OUTPUT_ATTRIB
WriteConsoleOutputAttribRequest;
- CSRSS_FILL_OUTPUT_ATTRIB FillOutputAttribRequest;
- CSRSS_SET_CURSOR_INFO SetCursorInfoRequest;
- CSRSS_GET_CURSOR_INFO GetCursorInfoRequest;
- CSRSS_SET_ATTRIB SetAttribRequest;
- CSRSS_SET_CONSOLE_MODE SetConsoleModeRequest;
- CSRSS_GET_CONSOLE_MODE GetConsoleModeRequest;
- CSRSS_CREATE_SCREEN_BUFFER
CreateScreenBufferRequest;
- CSRSS_SET_SCREEN_BUFFER SetScreenBufferRequest;
- CSRSS_SET_TITLE SetTitleRequest;
- CSRSS_GET_TITLE GetTitleRequest;
- CSRSS_WRITE_CONSOLE_OUTPUT
WriteConsoleOutputRequest;
- CSRSS_FLUSH_INPUT_BUFFER FlushInputBufferRequest;
- CSRSS_SCROLL_CONSOLE_SCREEN_BUFFER
ScrollConsoleScreenBufferRequest;
- CSRSS_READ_CONSOLE_OUTPUT_CHAR
ReadConsoleOutputCharRequest;
- CSRSS_READ_CONSOLE_OUTPUT_ATTRIB
ReadConsoleOutputAttribRequest;
- CSRSS_GET_NUM_INPUT_EVENTS
GetNumInputEventsRequest;
- CSRSS_REGISTER_SERVICES_PROCESS
RegisterServicesProcessRequest;
- CSRSS_EXIT_REACTOS ExitReactosRequest;
- CSRSS_SET_SHUTDOWN_PARAMETERS
SetShutdownParametersRequest;
- CSRSS_GET_SHUTDOWN_PARAMETERS
GetShutdownParametersRequest;
- CSRSS_PEEK_CONSOLE_INPUT PeekConsoleInputRequest;
- CSRSS_READ_CONSOLE_OUTPUT ReadConsoleOutputRequest;
- CSRSS_WRITE_CONSOLE_INPUT WriteConsoleInputRequest;
- CSRSS_GET_INPUT_HANDLE GetInputHandleRequest;
- CSRSS_GET_OUTPUT_HANDLE GetOutputHandleRequest;
- CSRSS_CLOSE_HANDLE CloseHandleRequest;
- CSRSS_VERIFY_HANDLE VerifyHandleRequest;
- CSRSS_DUPLICATE_HANDLE DuplicateHandleRequest;
- CSRSS_SETGET_CONSOLE_HW_STATE
ConsoleHardwareStateRequest;
- CSRSS_GET_CONSOLE_WINDOW GetConsoleWindowRequest;
- CSRSS_CREATE_DESKTOP CreateDesktopRequest;
- CSRSS_SHOW_DESKTOP ShowDesktopRequest;
- CSRSS_HIDE_DESKTOP HideDesktopRequest;
- CSRSS_SET_CONSOLE_ICON SetConsoleIconRequest;
- CSRSS_SET_LOGON_NOTIFY_WINDOW
SetLogonNotifyWindowRequest;
- CSRSS_REGISTER_LOGON_PROCESS
RegisterLogonProcessRequest;
- CSRSS_GET_CONSOLE_CP GetConsoleCodePage;
- CSRSS_SET_CONSOLE_CP SetConsoleCodePage;
- CSRSS_GET_CONSOLE_OUTPUT_CP
GetConsoleOutputCodePage;
- CSRSS_SET_CONSOLE_OUTPUT_CP
SetConsoleOutputCodePage;
- CSRSS_GET_INPUT_WAIT_HANDLE
GetConsoleInputWaitHandle;
- CSRSS_GET_PROCESS_LIST GetProcessListRequest;
- } Data;
- };
- UCHAR PadBuffer[PORT_MAXIMUM_MESSAGE_LENGTH];
- };
- };
+ CSRSS_CREATE_PROCESS CreateProcessRequest;
+ CSRSS_CONNECT_PROCESS ConnectRequest;
+ CSRSS_WRITE_CONSOLE WriteConsoleRequest;
+ CSRSS_READ_CONSOLE ReadConsoleRequest;
+ CSRSS_ALLOC_CONSOLE AllocConsoleRequest;
+ CSRSS_SCREEN_BUFFER_INFO ScreenBufferInfoRequest;
+ CSRSS_SET_CURSOR SetCursorRequest;
+ CSRSS_FILL_OUTPUT FillOutputRequest;
+ CSRSS_READ_INPUT ReadInputRequest;
+ CSRSS_WRITE_CONSOLE_OUTPUT_CHAR WriteConsoleOutputCharRequest;
+ CSRSS_WRITE_CONSOLE_OUTPUT_ATTRIB
WriteConsoleOutputAttribRequest;
+ CSRSS_FILL_OUTPUT_ATTRIB FillOutputAttribRequest;
+ CSRSS_SET_CURSOR_INFO SetCursorInfoRequest;
+ CSRSS_GET_CURSOR_INFO GetCursorInfoRequest;
+ CSRSS_SET_ATTRIB SetAttribRequest;
+ CSRSS_SET_CONSOLE_MODE SetConsoleModeRequest;
+ CSRSS_GET_CONSOLE_MODE GetConsoleModeRequest;
+ CSRSS_CREATE_SCREEN_BUFFER CreateScreenBufferRequest;
+ CSRSS_SET_SCREEN_BUFFER SetScreenBufferRequest;
+ CSRSS_SET_TITLE SetTitleRequest;
+ CSRSS_GET_TITLE GetTitleRequest;
+ CSRSS_WRITE_CONSOLE_OUTPUT WriteConsoleOutputRequest;
+ CSRSS_FLUSH_INPUT_BUFFER FlushInputBufferRequest;
+ CSRSS_SCROLL_CONSOLE_SCREEN_BUFFER
ScrollConsoleScreenBufferRequest;
+ CSRSS_READ_CONSOLE_OUTPUT_CHAR ReadConsoleOutputCharRequest;
+ CSRSS_READ_CONSOLE_OUTPUT_ATTRIB
ReadConsoleOutputAttribRequest;
+ CSRSS_GET_NUM_INPUT_EVENTS GetNumInputEventsRequest;
+ CSRSS_REGISTER_SERVICES_PROCESS RegisterServicesProcessRequest;
+ CSRSS_EXIT_REACTOS ExitReactosRequest;
+ CSRSS_SET_SHUTDOWN_PARAMETERS SetShutdownParametersRequest;
+ CSRSS_GET_SHUTDOWN_PARAMETERS GetShutdownParametersRequest;
+ CSRSS_PEEK_CONSOLE_INPUT PeekConsoleInputRequest;
+ CSRSS_READ_CONSOLE_OUTPUT ReadConsoleOutputRequest;
+ CSRSS_WRITE_CONSOLE_INPUT WriteConsoleInputRequest;
+ CSRSS_GET_INPUT_HANDLE GetInputHandleRequest;
+ CSRSS_GET_OUTPUT_HANDLE GetOutputHandleRequest;
+ CSRSS_CLOSE_HANDLE CloseHandleRequest;
+ CSRSS_VERIFY_HANDLE VerifyHandleRequest;
+ CSRSS_DUPLICATE_HANDLE DuplicateHandleRequest;
+ CSRSS_SETGET_CONSOLE_HW_STATE ConsoleHardwareStateRequest;
+ CSRSS_GET_CONSOLE_WINDOW GetConsoleWindowRequest;
+ CSRSS_CREATE_DESKTOP CreateDesktopRequest;
+ CSRSS_SHOW_DESKTOP ShowDesktopRequest;
+ CSRSS_HIDE_DESKTOP HideDesktopRequest;
+ CSRSS_SET_CONSOLE_ICON SetConsoleIconRequest;
+ CSRSS_SET_LOGON_NOTIFY_WINDOW SetLogonNotifyWindowRequest;
+ CSRSS_REGISTER_LOGON_PROCESS RegisterLogonProcessRequest;
+ CSRSS_GET_CONSOLE_CP GetConsoleCodePage;
+ CSRSS_SET_CONSOLE_CP SetConsoleCodePage;
+ CSRSS_GET_CONSOLE_OUTPUT_CP GetConsoleOutputCodePage;
+ CSRSS_SET_CONSOLE_OUTPUT_CP SetConsoleOutputCodePage;
+ CSRSS_GET_INPUT_WAIT_HANDLE GetConsoleInputWaitHandle;
+ CSRSS_GET_PROCESS_LIST GetProcessListRequest;
+ } Data;
} CSR_API_MESSAGE, *PCSR_API_MESSAGE;
#endif /* __INCLUDE_CSRSS_CSRSS_H */
_____
Modified: trunk/reactos/lib/kernel32/misc/console.c
--- trunk/reactos/lib/kernel32/misc/console.c 2005-08-28 11:58:06 UTC
(rev 17581)
+++ trunk/reactos/lib/kernel32/misc/console.c 2005-08-28 12:03:25 UTC
(rev 17582)
@@ -1097,7 +1097,7 @@
LPVOID lpReserved,
BOOL bUnicode)
{
- CSR_API_MESSAGE Request;
+ PCSR_API_MESSAGE Request;
ULONG CsrRequest;
NTSTATUS Status;
USHORT nChars;
@@ -1105,40 +1105,51 @@
DWORD Written = 0;
CharSize = (bUnicode ? sizeof(WCHAR) : sizeof(CHAR));
+ Request = RtlAllocateHeap(RtlGetProcessHeap(), 0,
+ max(sizeof(CSR_API_MESSAGE),
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_WRITE_CONSOLE)
+ + min(nNumberOfCharsToWrite,
CSRSS_MAX_WRITE_CONSOLE / CharSize) * CharSize));
+ if (Request == NULL)
+ {
+ SetLastError(ERROR_NOT_ENOUGH_MEMORY);
+ return FALSE;
+ }
CsrRequest = MAKE_CSR_API(WRITE_CONSOLE, CSR_CONSOLE);
- Request.Data.WriteConsoleRequest.ConsoleHandle = hConsoleOutput;
- Request.Data.WriteConsoleRequest.Unicode = bUnicode;
+ Request->Data.WriteConsoleRequest.ConsoleHandle = hConsoleOutput;
+ Request->Data.WriteConsoleRequest.Unicode = bUnicode;
while(nNumberOfCharsToWrite > 0)
{
- nChars = min(nNumberOfCharsToWrite, CSRSS_MAX_WRITE_CONSOLE) /
CharSize;
- Request.Data.WriteConsoleRequest.NrCharactersToWrite = nChars;
+ nChars = min(nNumberOfCharsToWrite, CSRSS_MAX_WRITE_CONSOLE /
CharSize);
+ Request->Data.WriteConsoleRequest.NrCharactersToWrite = nChars;
SizeBytes = nChars * CharSize;
- memcpy(Request.Data.WriteConsoleRequest.Buffer, lpBuffer,
SizeBytes);
+ memcpy(Request->Data.WriteConsoleRequest.Buffer, lpBuffer,
SizeBytes);
- Status = CsrClientCallServer(&Request,
+ Status = CsrClientCallServer(Request,
NULL,
CsrRequest,
- sizeof(CSR_API_MESSAGE));
+ max(sizeof(CSR_API_MESSAGE),
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_WRITE_CONSOLE) + SizeBytes));
- if(!NT_SUCCESS(Status) || !NT_SUCCESS(Status = Request.Status))
+ if(!NT_SUCCESS(Status) || !NT_SUCCESS(Status = Request->Status))
{
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
SetLastErrorByStatus(Status);
return FALSE;
}
nNumberOfCharsToWrite -= nChars;
lpBuffer = (PVOID)((ULONG_PTR)lpBuffer + (ULONG_PTR)SizeBytes);
- Written += Request.Data.WriteConsoleRequest.NrCharactersWritten;
+ Written += Request->Data.WriteConsoleRequest.NrCharactersWritten;
}
if(lpNumberOfCharsWritten != NULL)
{
*lpNumberOfCharsWritten = Written;
}
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
return TRUE;
}
@@ -1196,20 +1207,29 @@
LPVOID lpReserved,
BOOL bUnicode)
{
- CSR_API_MESSAGE Request;
+ PCSR_API_MESSAGE Request;
ULONG CsrRequest;
NTSTATUS Status;
ULONG CharSize, CharsRead = 0;
CharSize = (bUnicode ? sizeof(WCHAR) : sizeof(CHAR));
+ Request = RtlAllocateHeap(RtlGetProcessHeap(), 0,
+ max(sizeof(CSR_API_MESSAGE),
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_READ_CONSOLE)
+ + min(nNumberOfCharsToRead,
CSRSS_MAX_READ_CONSOLE / CharSize) * CharSize));
+ if (Request == NULL)
+ {
+ SetLastError(ERROR_NOT_ENOUGH_MEMORY);
+ return FALSE;
+ }
- Request.Status = STATUS_SUCCESS;
+ Request->Status = STATUS_SUCCESS;
do
{
- if(Request.Status == STATUS_PENDING)
+ if(Request->Status == STATUS_PENDING)
{
- Status =
NtWaitForSingleObject(Request.Data.ReadConsoleRequest.EventHandle,
FALSE, 0);
+ Status =
NtWaitForSingleObject(Request->Data.ReadConsoleRequest.EventHandle,
FALSE, 0);
if(!NT_SUCCESS(Status))
{
DPRINT1("Wait for console input failed!\n");
@@ -1218,44 +1238,49 @@
}
CsrRequest = MAKE_CSR_API(READ_CONSOLE, CSR_CONSOLE);
- Request.Data.ReadConsoleRequest.ConsoleHandle = hConsoleInput;
- Request.Data.ReadConsoleRequest.Unicode = bUnicode;
- Request.Data.ReadConsoleRequest.NrCharactersToRead =
min(nNumberOfCharsToRead, CSRSS_MAX_READ_CONSOLE) / CharSize;
- Request.Data.ReadConsoleRequest.nCharsCanBeDeleted = CharsRead;
- Status = CsrClientCallServer(&Request,
+ Request->Data.ReadConsoleRequest.ConsoleHandle = hConsoleInput;
+ Request->Data.ReadConsoleRequest.Unicode = bUnicode;
+ Request->Data.ReadConsoleRequest.NrCharactersToRead =
min(nNumberOfCharsToRead, CSRSS_MAX_READ_CONSOLE / CharSize);
+ Request->Data.ReadConsoleRequest.nCharsCanBeDeleted = CharsRead;
+ Status = CsrClientCallServer(Request,
NULL,
CsrRequest,
- sizeof(CSR_API_MESSAGE));
+ max(sizeof(CSR_API_MESSAGE),
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_READ_CONSOLE)
+ +
Request->Data.ReadConsoleRequest.NrCharactersToRead * CharSize));
- if(!NT_SUCCESS(Status) || !NT_SUCCESS(Status = Request.Status))
+ if(!NT_SUCCESS(Status) || !NT_SUCCESS(Status = Request->Status))
{
DPRINT1("CSR returned error in ReadConsole\n");
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
SetLastErrorByStatus(Status);
return FALSE;
}
- nNumberOfCharsToRead -=
Request.Data.ReadConsoleRequest.NrCharactersRead;
+ nNumberOfCharsToRead -=
Request->Data.ReadConsoleRequest.NrCharactersRead;
memcpy((PVOID)((ULONG_PTR)lpBuffer + (ULONG_PTR)(CharsRead *
CharSize)),
- Request.Data.ReadConsoleRequest.Buffer,
- Request.Data.ReadConsoleRequest.NrCharactersRead *
CharSize);
- CharsRead += Request.Data.ReadConsoleRequest.NrCharactersRead;
+ Request->Data.ReadConsoleRequest.Buffer,
+ Request->Data.ReadConsoleRequest.NrCharactersRead *
CharSize);
+ CharsRead += Request->Data.ReadConsoleRequest.NrCharactersRead;
- if(Request.Status == STATUS_NOTIFY_CLEANUP)
+ if(Request->Status == STATUS_NOTIFY_CLEANUP)
{
if(CharsRead > 0)
{
CharsRead--;
nNumberOfCharsToRead++;
}
- Request.Status = STATUS_PENDING;
+ Request->Status = STATUS_PENDING;
}
- } while(Request.Status == STATUS_PENDING && nNumberOfCharsToRead >
0);
+ } while(Request->Status == STATUS_PENDING && nNumberOfCharsToRead >
0);
if(lpNumberOfCharsRead != NULL)
{
*lpNumberOfCharsRead = CharsRead;
}
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
+
return TRUE;
}
@@ -2018,7 +2043,7 @@
LPDWORD lpNumberOfCharsRead,
BOOL bUnicode)
{
- CSR_API_MESSAGE Request; ULONG CsrRequest;
+ PCSR_API_MESSAGE Request; ULONG CsrRequest;
NTSTATUS Status;
ULONG nChars, SizeBytes, CharSize;
DWORD CharsRead = 0;
@@ -2028,35 +2053,47 @@
nChars = min(nLength, CSRSS_MAX_READ_CONSOLE_OUTPUT_CHAR) / CharSize;
SizeBytes = nChars * CharSize;
+ Request = RtlAllocateHeap(RtlGetProcessHeap(), 0,
+ max(sizeof(CSR_API_MESSAGE),
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_READ_CONSOLE_OUTPUT_CHAR)
+ + min (nChars,
CSRSS_MAX_READ_CONSOLE_OUTPUT_CHAR / CharSize) * CharSize));
+ if (Request == NULL)
+ {
+ SetLastError(ERROR_NOT_ENOUGH_MEMORY);
+ return FALSE;
+ }
+
CsrRequest = MAKE_CSR_API(READ_CONSOLE_OUTPUT_CHAR, CSR_CONSOLE);
- Request.Data.ReadConsoleOutputCharRequest.ConsoleHandle =
hConsoleOutput;
- Request.Data.ReadConsoleOutputCharRequest.Unicode = bUnicode;
- Request.Data.ReadConsoleOutputCharRequest.ReadCoord = dwReadCoord;
+ Request->Data.ReadConsoleOutputCharRequest.ConsoleHandle =
hConsoleOutput;
+ Request->Data.ReadConsoleOutputCharRequest.Unicode = bUnicode;
+ Request->Data.ReadConsoleOutputCharRequest.ReadCoord = dwReadCoord;
while(nLength > 0)
{
DWORD BytesRead;
- Request.Data.ReadConsoleOutputCharRequest.NumCharsToRead =
min(nLength, nChars);
- SizeBytes =
Request.Data.ReadConsoleOutputCharRequest.NumCharsToRead * CharSize;
+ Request->Data.ReadConsoleOutputCharRequest.NumCharsToRead =
min(nLength, nChars);
+ SizeBytes =
Request->Data.ReadConsoleOutputCharRequest.NumCharsToRead * CharSize;
- Status = CsrClientCallServer(&Request,
+ Status = CsrClientCallServer(Request,
NULL,
CsrRequest,
- sizeof(CSR_API_MESSAGE));
- if(!NT_SUCCESS(Status) || !NT_SUCCESS(Request.Status))
+ max (sizeof(CSR_API_MESSAGE),
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_READ_CONSOLE_OUTPUT_CHAR) +
SizeBytes));
+ if(!NT_SUCCESS(Status) || !NT_SUCCESS(Request->Status))
{
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
SetLastErrorByStatus(Status);
break;
}
- BytesRead = Request.Data.ReadConsoleOutputCharRequest.CharsRead *
CharSize;
- memcpy(lpCharacter,
Request.Data.ReadConsoleOutputCharRequest.String, BytesRead);
+ BytesRead = Request->Data.ReadConsoleOutputCharRequest.CharsRead *
CharSize;
+ memcpy(lpCharacter,
Request->Data.ReadConsoleOutputCharRequest.String, BytesRead);
lpCharacter = (PVOID)((ULONG_PTR)lpCharacter +
(ULONG_PTR)BytesRead);
- CharsRead += Request.Data.ReadConsoleOutputCharRequest.CharsRead;
- nLength -= Request.Data.ReadConsoleOutputCharRequest.CharsRead;
+ CharsRead += Request->Data.ReadConsoleOutputCharRequest.CharsRead;
+ nLength -= Request->Data.ReadConsoleOutputCharRequest.CharsRead;
- Request.Data.ReadConsoleOutputCharRequest.ReadCoord =
Request.Data.ReadConsoleOutputCharRequest.EndCoord;
+ Request->Data.ReadConsoleOutputCharRequest.ReadCoord =
Request->Data.ReadConsoleOutputCharRequest.EndCoord;
}
if(lpNumberOfCharsRead != NULL)
@@ -2064,6 +2101,8 @@
*lpNumberOfCharsRead = CharsRead;
}
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
+
return TRUE;
}
@@ -2131,16 +2170,26 @@
LPDWORD lpNumberOfAttrsRead
)
{
- CSR_API_MESSAGE Request; ULONG CsrRequest;
+ PCSR_API_MESSAGE Request; ULONG CsrRequest;
NTSTATUS Status;
DWORD Size;
if (lpNumberOfAttrsRead != NULL)
*lpNumberOfAttrsRead = nLength;
+ Request = RtlAllocateHeap(RtlGetProcessHeap(), 0,
+ max(sizeof(CSR_API_MESSAGE),
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_READ_CONSOLE_OUTPUT_ATTRIB)
+ + min (nLength,
CSRSS_MAX_READ_CONSOLE_OUTPUT_ATTRIB / sizeof(WORD)) * sizeof(WORD)));
+ if (Request == NULL)
+ {
+ SetLastError(ERROR_NOT_ENOUGH_MEMORY);
+ return FALSE;
+ }
+
CsrRequest = MAKE_CSR_API(READ_CONSOLE_OUTPUT_ATTRIB, CSR_CONSOLE);
- Request.Data.ReadConsoleOutputAttribRequest.ConsoleHandle =
hConsoleOutput;
- Request.Data.ReadConsoleOutputAttribRequest.ReadCoord = dwReadCoord;
+ Request->Data.ReadConsoleOutputAttribRequest.ConsoleHandle =
hConsoleOutput;
+ Request->Data.ReadConsoleOutputAttribRequest.ReadCoord = dwReadCoord;
while (nLength != 0)
{
@@ -2149,24 +2198,28 @@
else
Size = nLength;
- Request.Data.ReadConsoleOutputAttribRequest.NumAttrsToRead =
Size;
+ Request->Data.ReadConsoleOutputAttribRequest.NumAttrsToRead =
Size;
- Status = CsrClientCallServer(&Request,
+ Status = CsrClientCallServer(Request,
NULL,
CsrRequest,
- sizeof(CSR_API_MESSAGE));
- if (!NT_SUCCESS(Status) || !NT_SUCCESS(Request.Status))
+ max (sizeof(CSR_API_MESSAGE),
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_READ_CONSOLE_OUTPUT_ATTRIB) + Size *
sizeof(WORD)));
+ if (!NT_SUCCESS(Status) || !NT_SUCCESS(Request->Status))
{
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
SetLastErrorByStatus(Status);
return(FALSE);
}
- memcpy(lpAttribute,
Request.Data.ReadConsoleOutputAttribRequest.Attribute, Size *
sizeof(WORD));
+ memcpy(lpAttribute,
Request->Data.ReadConsoleOutputAttribRequest.Attribute, Size *
sizeof(WORD));
lpAttribute += Size;
nLength -= Size;
- Request.Data.ReadConsoleOutputAttribRequest.ReadCoord =
Request.Data.ReadConsoleOutputAttribRequest.EndCoord;
+ Request->Data.ReadConsoleOutputAttribRequest.ReadCoord =
Request->Data.ReadConsoleOutputAttribRequest.EndCoord;
}
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
+
return(TRUE);
}
@@ -2179,7 +2232,7 @@
LPDWORD lpNumberOfCharsWritten,
BOOL bUnicode)
{
- CSR_API_MESSAGE Request; ULONG CsrRequest;
+ PCSR_API_MESSAGE Request; ULONG CsrRequest;
NTSTATUS Status;
ULONG SizeBytes, CharSize, nChars;
DWORD Written = 0;
@@ -2189,36 +2242,48 @@
nChars = min(nLength, CSRSS_MAX_WRITE_CONSOLE_OUTPUT_CHAR /
CharSize);
SizeBytes = nChars * CharSize;
+ Request = RtlAllocateHeap(RtlGetProcessHeap(), 0,
+ max (sizeof(CSR_API_MESSAGE),
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_WRITE_CONSOLE_OUTPUT_CHAR)
+ + min (nChars,
CSRSS_MAX_WRITE_CONSOLE_OUTPUT_CHAR / CharSize) * CharSize));
+ if (Request == NULL)
+ {
+ SetLastError(ERROR_NOT_ENOUGH_MEMORY);
+ return FALSE;
+ }
+
CsrRequest = MAKE_CSR_API(WRITE_CONSOLE_OUTPUT_CHAR, CSR_CONSOLE);
- Request.Data.WriteConsoleOutputCharRequest.ConsoleHandle =
hConsoleOutput;
- Request.Data.WriteConsoleOutputCharRequest.Unicode = bUnicode;
- Request.Data.WriteConsoleOutputCharRequest.Coord = dwWriteCoord;
+ Request->Data.WriteConsoleOutputCharRequest.ConsoleHandle =
hConsoleOutput;
+ Request->Data.WriteConsoleOutputCharRequest.Unicode = bUnicode;
+ Request->Data.WriteConsoleOutputCharRequest.Coord = dwWriteCoord;
while(nLength > 0)
{
DWORD BytesWrite;
- Request.Data.WriteConsoleOutputCharRequest.Length = min(nLength,
nChars);
- BytesWrite = Request.Data.WriteConsoleOutputCharRequest.Length *
CharSize;
+ Request->Data.WriteConsoleOutputCharRequest.Length = min(nLength,
nChars);
+ BytesWrite = Request->Data.WriteConsoleOutputCharRequest.Length *
CharSize;
- memcpy(Request.Data.WriteConsoleOutputCharRequest.String,
lpCharacter, BytesWrite);
+ memcpy(Request->Data.WriteConsoleOutputCharRequest.String,
lpCharacter, BytesWrite);
- Status = CsrClientCallServer(&Request,
+ Status = CsrClientCallServer(Request,
NULL,
CsrRequest,
- sizeof(CSR_API_MESSAGE));
+ max (sizeof(CSR_API_MESSAGE),
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_WRITE_CONSOLE_OUTPUT_CHAR) +
BytesWrite));
- if(!NT_SUCCESS(Status) || !NT_SUCCESS(Status = Request.Status))
+ if(!NT_SUCCESS(Status) || !NT_SUCCESS(Status = Request->Status))
{
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
SetLastErrorByStatus(Status);
return FALSE;
}
- nLength -=
Request.Data.WriteConsoleOutputCharRequest.NrCharactersWritten;
- lpCharacter = (PVOID)((ULONG_PTR)lpCharacter +
(ULONG_PTR)(Request.Data.WriteConsoleOutputCharRequest.NrCharactersWritt
en * CharSize));
- Written +=
Request.Data.WriteConsoleOutputCharRequest.NrCharactersWritten;
+ nLength -=
Request->Data.WriteConsoleOutputCharRequest.NrCharactersWritten;
+ lpCharacter = (PVOID)((ULONG_PTR)lpCharacter +
(ULONG_PTR)(Request->Data.WriteConsoleOutputCharRequest.NrCharactersWrit
ten * CharSize));
+ Written +=
Request->Data.WriteConsoleOutputCharRequest.NrCharactersWritten;
- Request.Data.WriteConsoleOutputCharRequest.Coord =
Request.Data.WriteConsoleOutputCharRequest.EndCoord;
+ Request->Data.WriteConsoleOutputCharRequest.Coord =
Request->Data.WriteConsoleOutputCharRequest.EndCoord;
}
if(lpNumberOfCharsWritten != NULL)
@@ -2226,6 +2291,8 @@
*lpNumberOfCharsWritten = Written;
}
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
+
return TRUE;
}
@@ -2287,32 +2354,50 @@
LPDWORD lpNumberOfAttrsWritten
)
{
- CSR_API_MESSAGE Request; ULONG CsrRequest;
+ PCSR_API_MESSAGE Request; ULONG CsrRequest;
NTSTATUS Status;
WORD Size;
+ Request = RtlAllocateHeap(RtlGetProcessHeap(), 0,
+ max (sizeof(CSR_API_MESSAGE),
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_WRITE_CONSOLE_OUTPUT_ATTRIB)
+ + min(nLength,
CSRSS_MAX_WRITE_CONSOLE_OUTPUT_ATTRIB / sizeof(WORD)) * sizeof(WORD)));
+ if (Request == NULL)
+ {
+ SetLastError(ERROR_NOT_ENOUGH_MEMORY);
+ return FALSE;
+ }
+
CsrRequest = MAKE_CSR_API(WRITE_CONSOLE_OUTPUT_ATTRIB, CSR_CONSOLE);
- Request.Data.WriteConsoleOutputAttribRequest.ConsoleHandle =
hConsoleOutput;
- Request.Data.WriteConsoleOutputAttribRequest.Coord = dwWriteCoord;
+ Request->Data.WriteConsoleOutputAttribRequest.ConsoleHandle =
hConsoleOutput;
+ Request->Data.WriteConsoleOutputAttribRequest.Coord = dwWriteCoord;
if( lpNumberOfAttrsWritten )
*lpNumberOfAttrsWritten = nLength;
while( nLength )
{
Size = min(nLength, CSRSS_MAX_WRITE_CONSOLE_OUTPUT_ATTRIB /
sizeof(WORD));
- Request.Data.WriteConsoleOutputAttribRequest.Length = Size;
- memcpy(Request.Data.WriteConsoleOutputAttribRequest.Attribute,
lpAttribute, Size * sizeof(WORD));
+ Request->Data.WriteConsoleOutputAttribRequest.Length = Size;
+
memcpy(Request->Data.WriteConsoleOutputAttribRequest.Attribute,
lpAttribute, Size * sizeof(WORD));
- Status = CsrClientCallServer( &Request, NULL, CsrRequest,
sizeof(CSR_API_MESSAGE));
- if( !NT_SUCCESS( Status ) || !NT_SUCCESS( Status =
Request.Status ) )
+ Status = CsrClientCallServer( Request,
+ NULL,
+ CsrRequest,
+ max (sizeof(CSR_API_MESSAGE),
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_WRITE_CONSOLE_OUTPUT_ATTRIB) + Size *
sizeof(WORD)));
+
+ if( !NT_SUCCESS( Status ) || !NT_SUCCESS( Status =
Request->Status ) )
{
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
SetLastErrorByStatus ( Status );
return FALSE;
}
nLength -= Size;
lpAttribute += Size;
- Request.Data.WriteConsoleOutputAttribRequest.Coord =
Request.Data.WriteConsoleOutputAttribRequest.EndCoord;
+ Request->Data.WriteConsoleOutputAttribRequest.Coord =
Request->Data.WriteConsoleOutputAttribRequest.EndCoord;
}
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
+
return TRUE;
}
@@ -2879,7 +2964,7 @@
DWORD nSize
)
{
- CSR_API_MESSAGE Request; ULONG CsrRequest;
+ PCSR_API_MESSAGE Request; ULONG CsrRequest;
NTSTATUS Status;
HANDLE hConsole;
@@ -2889,32 +2974,43 @@
return 0;
}
+ Request = RtlAllocateHeap(RtlGetProcessHeap(), 0,
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_GET_TITLE) + CSRSS_MAX_TITLE_LENGTH *
sizeof(WCHAR));
+ if (Request == NULL)
+ {
+ SetLastError(ERROR_NOT_ENOUGH_MEMORY);
+ return FALSE;
+ }
+
CsrRequest = MAKE_CSR_API(GET_TITLE, CSR_CONSOLE);
- Request.Data.GetTitleRequest.ConsoleHandle = hConsole;
+ Request->Data.GetTitleRequest.ConsoleHandle = hConsole;
- Status = CsrClientCallServer(&Request,
+ Status = CsrClientCallServer(Request,
NULL,
CsrRequest,
- sizeof(CSR_API_MESSAGE));
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_GET_TITLE) + CSRSS_MAX_TITLE_LENGTH *
sizeof(WCHAR));
CloseHandle(hConsole);
- if(!NT_SUCCESS(Status) || !(NT_SUCCESS(Status = Request.Status)))
+ if(!NT_SUCCESS(Status) || !(NT_SUCCESS(Status = Request->Status)))
{
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
SetLastErrorByStatus(Status);
return 0;
}
- if(nSize * sizeof(WCHAR) < Request.Data.GetTitleRequest.Length)
+ if(nSize * sizeof(WCHAR) < Request->Data.GetTitleRequest.Length)
{
- wcsncpy(lpConsoleTitle, Request.Data.GetTitleRequest.Title, nSize
- 1);
+ wcsncpy(lpConsoleTitle, Request->Data.GetTitleRequest.Title,
nSize - 1);
lpConsoleTitle[nSize--] = L'\0';
}
else
{
- nSize = Request.Data.GetTitleRequest.Length / sizeof (WCHAR);
- wcscpy(lpConsoleTitle, Request.Data.GetTitleRequest.Title);
+ nSize = Request->Data.GetTitleRequest.Length / sizeof (WCHAR);
+ wcscpy(lpConsoleTitle, Request->Data.GetTitleRequest.Title);
lpConsoleTitle[nSize] = L'\0';
}
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
+
return nSize;
}
@@ -2971,7 +3067,7 @@
LPCWSTR lpConsoleTitle
)
{
- CSR_API_MESSAGE Request; ULONG CsrRequest;
+ PCSR_API_MESSAGE Request; ULONG CsrRequest;
NTSTATUS Status;
unsigned int c;
HANDLE hConsole;
@@ -2982,24 +3078,36 @@
return FALSE;
}
+ Request = RtlAllocateHeap(RtlGetProcessHeap(), 0,
+ max (sizeof(CSR_API_MESSAGE),
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_SET_TITLE) +
+ min (wcslen(lpConsoleTitle),
CSRSS_MAX_TITLE_LENGTH) * sizeof(WCHAR)));
+ if (Request == NULL)
+ {
+ SetLastError(ERROR_NOT_ENOUGH_MEMORY);
+ return FALSE;
+ }
+
CsrRequest = MAKE_CSR_API(SET_TITLE, CSR_CONSOLE);
- Request.Data.SetTitleRequest.Console = hConsole;
+ Request->Data.SetTitleRequest.Console = hConsole;
for( c = 0; lpConsoleTitle[c] && c < CSRSS_MAX_TITLE_LENGTH; c++ )
- Request.Data.SetTitleRequest.Title[c] = lpConsoleTitle[c];
- // add null
- Request.Data.SetTitleRequest.Title[c] = 0;
- Request.Data.SetTitleRequest.Length = c;
- Status = CsrClientCallServer(&Request,
+ Request->Data.SetTitleRequest.Title[c] = lpConsoleTitle[c];
+ Request->Data.SetTitleRequest.Length = c * sizeof(WCHAR);
+ Status = CsrClientCallServer(Request,
NULL,
CsrRequest,
- sizeof(CSR_API_MESSAGE));
+ max (sizeof(CSR_API_MESSAGE),
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_SET_TITLE) + c * sizeof(WCHAR)));
CloseHandle(hConsole);
- if (!NT_SUCCESS(Status) || !NT_SUCCESS( Status = Request.Status ) )
+ if (!NT_SUCCESS(Status) || !NT_SUCCESS( Status = Request->Status ) )
{
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
SetLastErrorByStatus (Status);
return(FALSE);
}
+
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
+
return TRUE;
}
@@ -3017,7 +3125,7 @@
LPCSTR lpConsoleTitle
)
{
- CSR_API_MESSAGE Request; ULONG CsrRequest;
+ PCSR_API_MESSAGE Request; ULONG CsrRequest;
NTSTATUS Status;
unsigned int c;
HANDLE hConsole;
@@ -3028,24 +3136,36 @@
return FALSE;
}
+ Request = RtlAllocateHeap(RtlGetProcessHeap(), 0,
+ max (sizeof(CSR_API_MESSAGE),
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_SET_TITLE) +
+ min (strlen(lpConsoleTitle),
CSRSS_MAX_TITLE_LENGTH) * sizeof(WCHAR)));
+ if (Request == NULL)
+ {
+ SetLastError(ERROR_NOT_ENOUGH_MEMORY);
+ return FALSE;
+ }
+
CsrRequest = MAKE_CSR_API(SET_TITLE, CSR_CONSOLE);
- Request.Data.SetTitleRequest.Console = hConsole;
+ Request->Data.SetTitleRequest.Console = hConsole;
for( c = 0; lpConsoleTitle[c] && c < CSRSS_MAX_TITLE_LENGTH; c++ )
- Request.Data.SetTitleRequest.Title[c] = lpConsoleTitle[c];
- // add null
- Request.Data.SetTitleRequest.Title[c] = 0;
- Request.Data.SetTitleRequest.Length = c;
- Status = CsrClientCallServer(&Request,
+ Request->Data.SetTitleRequest.Title[c] = lpConsoleTitle[c];
+ Request->Data.SetTitleRequest.Length = c * sizeof(WCHAR);
+ Status = CsrClientCallServer(Request,
NULL,
CsrRequest,
- sizeof(CSR_API_MESSAGE));
+ max (sizeof(CSR_API_MESSAGE),
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_SET_TITLE) + c * sizeof(WCHAR)));
CloseHandle(hConsole);
- if (!NT_SUCCESS(Status) || !NT_SUCCESS( Status = Request.Status ) )
+ if (!NT_SUCCESS(Status) || !NT_SUCCESS( Status = Request->Status ) )
{
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
SetLastErrorByStatus (Status);
return(FALSE);
}
+
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
+
return TRUE;
}
@@ -3194,7 +3314,7 @@
GetConsoleProcessList(LPDWORD lpdwProcessList,
DWORD dwProcessCount)
{
- CSR_API_MESSAGE Request; ULONG CsrRequest;
+ PCSR_API_MESSAGE Request; ULONG CsrRequest;
ULONG nProcesses;
NTSTATUS Status;
@@ -3204,34 +3324,42 @@
return 0;
}
+ Request = RtlAllocateHeap(RtlGetProcessHeap(), 0,
+ max (sizeof(CSR_API_MESSAGE),
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_GET_PROCESS_LIST)
+ + min (dwProcessCount,
CSRSS_MAX_GET_PROCESS_LIST / sizeof(DWORD)) * sizeof(DWORD)));
+ if (Request == NULL)
+ {
+ SetLastError(ERROR_NOT_ENOUGH_MEMORY);
+ return FALSE;
+ }
+
CsrRequest = MAKE_CSR_API(GET_PROCESS_LIST, CSR_CONSOLE);
- Request.Data.GetProcessListRequest.nMaxIds = dwProcessCount;
+ Request->Data.GetProcessListRequest.nMaxIds = min (dwProcessCount,
CSRSS_MAX_GET_PROCESS_LIST / sizeof(DWORD));
- Status = CsrClientCallServer(&Request,
+ Status = CsrClientCallServer(Request,
NULL,
CsrRequest,
- sizeof(CSR_API_MESSAGE));
- if (!NT_SUCCESS(Status) || !NT_SUCCESS(Status = Request.Status))
+ max (sizeof(CSR_API_MESSAGE),
+
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_GET_PROCESS_LIST)
+ +
Request->Data.GetProcessListRequest.nMaxIds * sizeof(DWORD)));
+ if (!NT_SUCCESS(Status) || !NT_SUCCESS(Status = Request->Status))
{
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
SetLastErrorByStatus (Status);
nProcesses = 0;
}
else
{
- if(dwProcessCount >=
Request.Data.GetProcessListRequest.nProcessIdsTotal)
+ nProcesses = Request->Data.GetProcessListRequest.nProcessIdsCopied;
+ if(dwProcessCount >= nProcesses)
{
- nProcesses =
Request.Data.GetProcessListRequest.nProcessIdsCopied;
- for(nProcesses = 0; nProcesses <
Request.Data.GetProcessListRequest.nProcessIdsCopied; nProcesses++)
- {
- *(lpdwProcessList++) =
(DWORD)Request.Data.GetProcessListRequest.ProcessId[nProcesses];
- }
+ memcpy(lpdwProcessList,
Request->Data.GetProcessListRequest.ProcessId, nProcesses *
sizeof(DWORD));
}
- else
- {
- nProcesses = Request.Data.GetProcessListRequest.nProcessIdsTotal;
- }
}
+ RtlFreeHeap(RtlGetProcessHeap(), 0, Request);
+
return nProcesses;
}
_____
Modified: trunk/reactos/subsys/csrss/api/wapi.c
--- trunk/reactos/subsys/csrss/api/wapi.c 2005-08-28 11:58:06 UTC
(rev 17581)
+++ trunk/reactos/subsys/csrss/api/wapi.c 2005-08-28 12:03:25 UTC
(rev 17582)
@@ -108,7 +108,8 @@
ClientConnectionThread(HANDLE ServerPort)
{
NTSTATUS Status;
- CSR_API_MESSAGE Request;
+ BYTE RawRequest[LPC_MAX_DATA_LENGTH];
+ PCSR_API_MESSAGE Request = (PCSR_API_MESSAGE)RawRequest;
PCSR_API_MESSAGE Reply;
PCSRSS_PROCESS_DATA ProcessData;
@@ -124,7 +125,7 @@
Status = NtReplyWaitReceivePort(ServerPort,
0,
&Reply->Header,
- &Request.Header);
+ &Request->Header);
if (!NT_SUCCESS(Status))
{
DPRINT1("CSR: NtReplyWaitReceivePort failed\n");
@@ -132,31 +133,31 @@
}
/* If the connection was closed, handle that */
- if (Request.Header.u2.s2.Type == LPC_PORT_CLOSED)
+ if (Request->Header.u2.s2.Type == LPC_PORT_CLOSED)
{
- CsrFreeProcessData( Request.Header.ClientId.UniqueProcess
);
+ CsrFreeProcessData( Request->Header.ClientId.UniqueProcess
);
break;
}
DPRINT("CSR: Got CSR API: %x [Message Origin: %x]\n",
- Request.Type,
- Request.Header.ClientId.UniqueProcess);
+ Request->Type,
+ Request->Header.ClientId.UniqueProcess);
/* Get the Process Data */
- ProcessData =
CsrGetProcessData(Request.Header.ClientId.UniqueProcess);
+ ProcessData =
CsrGetProcessData(Request->Header.ClientId.UniqueProcess);
if (ProcessData == NULL)
{
DPRINT1("CSR: Message %d: Unable to find data for process
0x%x\n",
- Request.Header.u2.s2.Type,
- Request.Header.ClientId.UniqueProcess);
+ Request->Header.u2.s2.Type,
+ Request->Header.ClientId.UniqueProcess);
break;
}
/* Call the Handler */
- CsrApiCallHandler(ProcessData, &Request);
+ CsrApiCallHandler(ProcessData, Request);
/* Send back the reply */
- Reply = &Request;
+ Reply = Request;
}
/* Close the port and exit the thread */
_____
Modified: trunk/reactos/subsys/csrss/win32csr/conio.c
--- trunk/reactos/subsys/csrss/win32csr/conio.c 2005-08-28 11:58:06 UTC
(rev 17581)
+++ trunk/reactos/subsys/csrss/win32csr/conio.c 2005-08-28 12:03:25 UTC
(rev 17582)
@@ -564,7 +564,7 @@
/* truncate length to CSRSS_MAX_READ_CONSOLE_REQUEST */
nNumberOfCharsToRead =
min(Request->Data.ReadConsoleRequest.NrCharactersToRead,
CSRSS_MAX_READ_CONSOLE / CharSize);
Request->Header.u1.s1.TotalLength = sizeof(CSR_API_MESSAGE);
- Request->Header.u1.s1.DataLength = Request->Header.u1.s1.TotalLength
- sizeof(PORT_MESSAGE);
+ Request->Header.u1.s1.DataLength = sizeof(CSR_API_MESSAGE) -
sizeof(PORT_MESSAGE);
Buffer = Request->Data.ReadConsoleRequest.Buffer;
UnicodeBuffer = (PWCHAR)Buffer;
@@ -672,9 +672,15 @@
{
Console->EchoCount = 0; /* if the client is no longer
waiting on input, do not echo */
}
- Request->Header.u1.s1.TotalLength += i * CharSize;
ConioUnlockConsole(Console);
+
+ if (CSR_API_MESSAGE_HEADER_SIZE(CSRSS_READ_CONSOLE) + i * CharSize >
sizeof(CSR_API_MESSAGE))
+ {
+ Request->Header.u1.s1.TotalLength =
CSR_API_MESSAGE_HEADER_SIZE(CSRSS_READ_CONSOLE) + i * CharSize;
+ Request->Header.u1.s1.DataLength =
Request->Header.u1.s1.TotalLength - sizeof(PORT_MESSAGE);
+ }
+
return Request->Status;
}
@@ -923,8 +929,8 @@
DPRINT("CsrWriteConsole\n");
- if (Request->Header.u1.s1.DataLength
- < sizeof(CSRSS_WRITE_CONSOLE)
+ if (Request->Header.u1.s1.TotalLength
+ < CSR_API_MESSAGE_HEADER_SIZE(CSRSS_WRITE_CONSOLE)
+ (Request->Data.WriteConsoleRequest.NrCharactersToWrite *
CharSize))
{
DPRINT1("Invalid request size\n");
@@ -1558,8 +1564,8 @@
CharSize = (Request->Data.WriteConsoleOutputCharRequest.Unicode ?
sizeof(WCHAR) : sizeof(CHAR));
- if (Request->Header.u1.s1.DataLength
- < sizeof(CSRSS_WRITE_CONSOLE_OUTPUT_CHAR)
+ if (Request->Header.u1.s1.TotalLength
+ < CSR_API_MESSAGE_HEADER_SIZE(CSRSS_WRITE_CONSOLE_OUTPUT_CHAR)
+ (Request->Data.WriteConsoleOutputCharRequest.Length *
CharSize))
{
DPRINT1("Invalid request size\n");
@@ -1812,9 +1818,9 @@
DPRINT("CsrWriteConsoleOutputAttrib\n");
- if (Request->Header.u1.s1.DataLength
- < sizeof(CSRSS_WRITE_CONSOLE_OUTPUT_ATTRIB)
- + Request->Data.WriteConsoleOutputAttribRequest.Length)
+ if (Request->Header.u1.s1.TotalLength
+ < CSR_API_MESSAGE_HEADER_SIZE(CSRSS_WRITE_CONSOLE_OUTPUT_ATTRIB)
+ + Request->Data.WriteConsoleOutputAttribRequest.Length *
sizeof(WORD))
{
DPRINT1("Invalid request size\n");
Request->Header.u1.s1.TotalLength = sizeof(CSR_API_MESSAGE);
@@ -2256,11 +2262,12 @@
{
NTSTATUS Status;
PCSRSS_CONSOLE Console;
+ PWCHAR Buffer;
DPRINT("CsrSetTitle\n");
- if (Request->Header.u1.s1.DataLength
- < sizeof(CSRSS_SET_TITLE)
+ if (Request->Header.u1.s1.TotalLength
[truncated at 1000 lines; 145 more skipped]
6962
days inactive
6962
days old
0 comments
1 participants
participants (1)
-
hbirr@svn.reactos.com