[NTOS/PS]

- Do not leak a reference to the process object when setting quotas. svn path=/trunk/; revision=65210
2025-02-23 17:05:46 +00:00 · 2014-11-03 09:52:08 +00:00 · 2014-11-03 09:52:08 +00:00 · 0039187504
commit 0039187504
parent 21cd59bc0f
3 changed files with 5 additions and 20 deletions
--- a/reactos/ntoskrnl/include/internal/ps.h
+++ b/reactos/ntoskrnl/include/internal/ps.h
@ -303,7 +303,7 @@ PspDestroyQuotaBlock(
 NTSTATUS
 NTAPI
 PspSetQuotaLimits(
-    _In_ HANDLE ProcessHandle,
+    _In_ PEPROCESS Process,
    _In_ ULONG Unused,
    _In_ PVOID QuotaLimits,
    _In_ ULONG QuotaLimitsLength,
--- a/reactos/ntoskrnl/ps/query.c
+++ b/reactos/ntoskrnl/ps/query.c
@ -1528,6 +1528,7 @@ NtSetInformationProcess(IN HANDLE ProcessHandle,
            /* Validate the number */
            if ((BasePriority > HIGH_PRIORITY) || (BasePriority <= LOW_PRIORITY))
            {
+                ObDereferenceObject(Process);
                return STATUS_INVALID_PARAMETER;
            }

@ -1918,11 +1919,12 @@ NtSetInformationProcess(IN HANDLE ProcessHandle,

        case ProcessQuotaLimits:

-            return PspSetQuotaLimits(ProcessHandle,
+            Status = PspSetQuotaLimits(Process,
                                     1,
                                     ProcessInformation,
                                     ProcessInformationLength,
                                     PreviousMode);
+            break;

        case ProcessWorkingSetWatch:
            DPRINT1("WS watch not implemented\n");
--- a/reactos/ntoskrnl/ps/quota.c
+++ b/reactos/ntoskrnl/ps/quota.c
@ -292,14 +292,13 @@ PsReturnProcessPageFileQuota(IN PEPROCESS Process,
 NTSTATUS
 NTAPI
 PspSetQuotaLimits(
-    _In_ HANDLE ProcessHandle,
+    _In_ PEPROCESS Process,
    _In_ ULONG Unused,
    _In_ PVOID QuotaLimits,
    _In_ ULONG QuotaLimitsLength,
    _In_ KPROCESSOR_MODE PreviousMode)
 {
    QUOTA_LIMITS_EX CapturedQuotaLimits;
-    PEPROCESS Process;
    PEPROCESS_QUOTA_BLOCK QuotaBlock, OldQuotaBlock;
    BOOLEAN IncreaseOkay;
    KAPC_STATE SavedApcState;
@ -368,19 +367,6 @@ PspSetQuotaLimits(
    }
    _SEH2_END;

-    /* Reference the process */
-    Status = ObReferenceObjectByHandle(ProcessHandle,
-                                       PROCESS_SET_QUOTA,
-                                       PsProcessType,
-                                       PreviousMode,
-                                       (PVOID*)&Process,
-                                       NULL);
-    if (!NT_SUCCESS(Status))
-    {
-        DPRINT1("Failed to reference process handle: 0x%lx\n", Status);
-        return Status;
-    }
-
    /* Check the caller changes the working set size limits */
    if ((CapturedQuotaLimits.MinimumWorkingSetSize != 0) &&
        (CapturedQuotaLimits.MaximumWorkingSetSize != 0))
@ -418,7 +404,6 @@ PspSetQuotaLimits(
        /* Check if the caller has the required privilege */
        if (!SeSinglePrivilegeCheck(SeIncreaseQuotaPrivilege, PreviousMode))
        {
-            ObDereferenceObject(Process);
            return STATUS_PRIVILEGE_NOT_HELD;
        }

@ -460,8 +445,6 @@ PspSetQuotaLimits(
        Status = STATUS_SUCCESS;
    }

-    /* Dereference the process and return the status */
-    ObDereferenceObject(Process);
    return Status;
 }