[phater] 72948: [MSAFD] Fix some return codes and better parameter checks based on wine tests CORE-12104 - Ros-diffs

10 Oct 2016

Author: phater
Date: Mon Oct 10 06:38:52 2016
New Revision: 72948
URL: http://svn.reactos.org/svn/reactos?rev=72948&view=rev
Log:
[MSAFD] Fix some return codes and better parameter checks based on wine tests CORE-12104
Modified:
    trunk/reactos/dll/win32/msafd/misc/dllmain.c
Modified: trunk/reactos/dll/win32/msafd/misc/dllmain.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/msafd/misc/dllmai...
==============================================================================

--- trunk/reactos/dll/win32/msafd/misc/dllmain.c	[iso-8859-1] (original)
+++ trunk/reactos/dll/win32/msafd/misc/dllmain.c	[iso-8859-1] Mon Oct 10 06:38:52 2016
@@ -2189,9 +2189,15 @@
    		else
    			return NO_ERROR;
         case FIONREAD:
-            if( cbOutBuffer < sizeof(INT) || IS_INTRESOURCE(lpvOutBuffer) )
+            if (IS_INTRESOURCE(lpvOutBuffer) || cbOutBuffer == 0)
             {
+                *lpcbBytesReturned = sizeof(ULONG);
                 *lpErrno = WSAEFAULT;
+                return SOCKET_ERROR;
+            }
+            if (cbOutBuffer < sizeof(ULONG))
+            {
+                *lpErrno = WSAEINVAL;
                 return SOCKET_ERROR;
             }
             *lpErrno = GetSocketInformation(Socket, AFD_INFO_RECEIVE_CONTENT_SIZE, NULL, (PULONG)lpvOutBuffer, NULL);
@@ -2203,9 +2209,15 @@
    			return NO_ERROR;
    		}
         case SIOCATMARK:
-            if (cbOutBuffer < sizeof(BOOL) || IS_INTRESOURCE(lpvOutBuffer))
+            if (IS_INTRESOURCE(lpvOutBuffer) || cbOutBuffer == 0)
             {
+                *lpcbBytesReturned = sizeof(BOOL);
                 *lpErrno = WSAEFAULT;
+                return SOCKET_ERROR;
+            }
+            if (cbOutBuffer < sizeof(BOOL))
+            {
+                *lpErrno = WSAEINVAL;
                 return SOCKET_ERROR;
             }
@@ -2220,16 +2232,28 @@
             return SOCKET_ERROR;
case SIO_ADDRESS_LIST_QUERY:
-            if (cbOutBuffer < (sizeof(SOCKET_ADDRESS_LIST) + sizeof(Socket->SharedData->WSLocalAddress)) || IS_INTRESOURCE(lpvOutBuffer))
+            if (IS_INTRESOURCE(lpvOutBuffer) || cbOutBuffer == 0)
+            {
+                *lpcbBytesReturned = sizeof(SOCKET_ADDRESS_LIST) + sizeof(Socket->SharedData->WSLocalAddress);
+                *lpErrno = WSAEFAULT;
+                return SOCKET_ERROR;
+            }
+            if (cbOutBuffer < sizeof(INT))
             {
                 *lpErrno = WSAEINVAL;
                 return SOCKET_ERROR;
             }
-            *lpcbBytesReturned = sizeof(SOCKET_ADDRESS_LIST) +
-                                 sizeof(Socket->SharedData->WSLocalAddress);
+            *lpcbBytesReturned = sizeof(SOCKET_ADDRESS_LIST) + sizeof(Socket->SharedData->WSLocalAddress);
((SOCKET_ADDRESS_LIST*)lpvOutBuffer)->iAddressCount = 1;
+
+            if (cbOutBuffer < (sizeof(SOCKET_ADDRESS_LIST) + sizeof(Socket->SharedData->WSLocalAddress)))
+            {
+                *lpErrno = WSAEFAULT;
+                return SOCKET_ERROR;
+            }
+
             ((SOCKET_ADDRESS_LIST*)lpvOutBuffer)->Address[0].iSockaddrLength = sizeof(Socket->SharedData->WSLocalAddress);
             ((SOCKET_ADDRESS_LIST*)lpvOutBuffer)->Address[0].lpSockaddr = &Socket->SharedData->WSLocalAddress;
@@ -2684,7 +2708,7 @@
     if (*lpdwAddressStringLength < size)
     {
         *lpdwAddressStringLength = size;
-        *lpErrno = WSAENOBUFS;
+        *lpErrno = WSAEFAULT;
         return SOCKET_ERROR;
     }

    