[hbirr] 14188: Added two missing dereferencing calls in ObReferenceObjectByHandle. - Ros-diffs

19 Mar 2005

Added two missing dereferencing calls in ObReferenceObjectByHandle.  
Checked also for NtCurrentThread in NtDuplicateObject.  
Used the return value from InterlockedIncrement to check for a correct
handle count.
Modified: trunk/reactos/ntoskrnl/ob/handle.c
  _____
Modified: trunk/reactos/ntoskrnl/ob/handle.c

--- trunk/reactos/ntoskrnl/ob/handle.c	2005-03-19 09:14:21 UTC (rev
14187)
+++ trunk/reactos/ntoskrnl/ob/handle.c	2005-03-19 09:18:58 UTC (rev
14188)
@@ -166,6 +166,7 @@
POBJECT_HEADER ObjectHeader;
   LONG ExTargetHandle;
   LONG ExSourceHandle = HANDLE_TO_EX_HANDLE(SourceHandle);
+  ULONG NewHandleCount;
PAGED_CODE();
@@ -200,8 +201,8 @@
      1 here, we're in big trouble... it would've been safe to increment
and
      check the handle count without using interlocked functions because
the
      entry is locked, which means the handle count can't change. */
-  InterlockedIncrement(&ObjectHeader->HandleCount);
-  ASSERT(ObjectHeader->HandleCount >= 2);
+  NewHandleCount = InterlockedIncrement(&ObjectHeader->HandleCount);
+  ASSERT(NewHandleCount >= 2);
ExUnlockHandleTableEntry(SourceProcess->ObjectTable,
                            SourceHandleEntry);
@@ -329,7 +330,8 @@
      }
/* Check for magic handle first */
-   if (SourceHandle == NtCurrentThread())
+   if (SourceHandle == NtCurrentThread() ||
+       SourceHandle == NtCurrentProcess())
      {
        PVOID ObjectBody;
@@ -746,6 +748,7 @@
                                  HandleEntry);
KeLeaveCriticalRegion();
+        ObDereferenceObject(ObjectBody);
return(STATUS_OBJECT_TYPE_MISMATCH);
      }
@@ -762,6 +765,7 @@
    if (!(GrantedAccess & DesiredAccess) &&
        !((~GrantedAccess) & DesiredAccess))
      {
+             ObDereferenceObject(ObjectBody);
         CHECKPOINT;
         return(STATUS_ACCESS_DENIED);
      }

    