Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-03 20:56:26 +00:00
Code Issues Projects Releases Packages Wiki Activity

[RXCE]

Browse source 
Assorted fixes:
- Avoid list corruption
- Avoid stack corruption
- Avoid ASSERT on FCB reuse for same file type

CORE-11327

svn path=/trunk/; revision=75269
This commit is contained in:
Pierre Schweitzer 2017-07-02 20:10:16 +00:00
parent 84eb2fc018
commit 07c8bb3ca4
1 changed files with 27 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

41
reactos/sdk/lib/drivers/rxce/rxce.c
View file

@ -2899,13 +2899,13 @@ RxFinalizeSrvOpen(
{ {
PLIST_ENTRY ListEntry; PLIST_ENTRY ListEntry;
for (ListEntry = ThisSrvOpen->FobxList.Flink; ListEntry = ThisSrvOpen->FobxList.Flink;
ListEntry != &ThisSrvOpen->FobxList; while (ListEntry != &ThisSrvOpen->FobxList)
ListEntry = ListEntry->Flink)
{ {
PFOBX Fobx; PFOBX Fobx;
Fobx = CONTAINING_RECORD(ListEntry, FOBX, FobxQLinks); Fobx = CONTAINING_RECORD(ListEntry, FOBX, FobxQLinks);
ListEntry = ListEntry->Flink;
RxFinalizeNetFobx(Fobx, TRUE, ForceFinalize); RxFinalizeNetFobx(Fobx, TRUE, ForceFinalize);
} }
} }
@ -3662,14 +3662,14 @@ RxFinishFcbInitialization(
IN RX_FILE_TYPE FileType, IN RX_FILE_TYPE FileType,
IN PFCB_INIT_PACKET InitPacket OPTIONAL) IN PFCB_INIT_PACKET InitPacket OPTIONAL)
{ {
NODE_TYPE_CODE OldType; RX_FILE_TYPE OldType;
PAGED_CODE(); PAGED_CODE();
DPRINT("RxFinishFcbInitialization(%p, %x, %p)\n", Fcb, FileType, InitPacket); DPRINT("RxFinishFcbInitialization(%p, %x, %p)\n", Fcb, FileType, InitPacket);
OldType = Fcb->Header.NodeTypeCode; OldType = NodeType(Fcb);
Fcb->Header.NodeTypeCode = FileType; NodeType(Fcb) = FileType;
/* If mini-rdr already did the job for mailslot attributes, 0 the rest */ /* If mini-rdr already did the job for mailslot attributes, 0 the rest */
if (BooleanFlagOn(Fcb->FcbState, FCB_STATE_TIME_AND_SIZE_ALREADY_SET) && FileType == RDBSS_NTC_MAILSLOT) if (BooleanFlagOn(Fcb->FcbState, FCB_STATE_TIME_AND_SIZE_ALREADY_SET) && FileType == RDBSS_NTC_MAILSLOT)
{ {
@ -3688,19 +3688,23 @@ RxFinishFcbInitialization(
if (FileType != RDBSS_NTC_STORAGE_TYPE_UNKNOWN && if (FileType != RDBSS_NTC_STORAGE_TYPE_UNKNOWN &&
FileType != RDBSS_NTC_STORAGE_TYPE_DIRECTORY) FileType != RDBSS_NTC_STORAGE_TYPE_DIRECTORY)
{ {
/* If our FCB newly points to a file, initiliaz everything related */ /* If our FCB newly points to a file, initiliaze everything related */
if (FileType == RDBSS_NTC_STORAGE_TYPE_FILE && if (FileType == RDBSS_NTC_STORAGE_TYPE_FILE)
OldType != RDBSS_NTC_STORAGE_TYPE_FILE)
{
if (OldType != RDBSS_NTC_STORAGE_TYPE_FILE)
{ {
RxInitializeLowIoPerFcbInfo(&((PFCB)Fcb)->Specific.Fcb.LowIoPerFcbInfo); RxInitializeLowIoPerFcbInfo(&((PFCB)Fcb)->Specific.Fcb.LowIoPerFcbInfo);
FsRtlInitializeFileLock(&((PFCB)Fcb)->Specific.Fcb.FileLock, &RxLockOperationCompletion, FsRtlInitializeFileLock(&((PFCB)Fcb)->Specific.Fcb.FileLock, RxLockOperationCompletion,
&RxUnlockOperation); RxUnlockOperation);
((PFCB)Fcb)->BufferedLocks.List = NULL; ((PFCB)Fcb)->BufferedLocks.List = NULL;
((PFCB)Fcb)->BufferedLocks.PendingLockOps = 0; ((PFCB)Fcb)->BufferedLocks.PendingLockOps = 0;
Fcb->Header.IsFastIoPossible = FastIoIsQuestionable; Fcb->Header.IsFastIoPossible = FastIoIsQuestionable;
} }
}
/* If not a file, validate type */
else else
{ {
ASSERT(FileType >= RDBSS_NTC_SPOOLFILE && FileType <= RDBSS_NTC_MAILSLOT); ASSERT(FileType >= RDBSS_NTC_SPOOLFILE && FileType <= RDBSS_NTC_MAILSLOT);
@ -4561,8 +4565,7 @@ RxInitializeRxTimer(
{ {
PAGED_CODE(); PAGED_CODE();
RxTimerInterval.HighPart = -1; RxTimerInterval.QuadPart = -550000;
RxTimerInterval.LowPart = -550000;
KeInitializeSpinLock(&RxTimerLock); KeInitializeSpinLock(&RxTimerLock);
InitializeListHead(&RxTimerQueueHead); InitializeListHead(&RxTimerQueueHead);
InitializeListHead(&RxRecurrentWorkItemsList); InitializeListHead(&RxRecurrentWorkItemsList);
@ -6205,15 +6208,17 @@ VOID
RxProcessChangeBufferingStateRequestsForSrvOpen( RxProcessChangeBufferingStateRequestsForSrvOpen(
PSRV_OPEN SrvOpen) PSRV_OPEN SrvOpen)
{ {
LONG NumberOfBufferingChangeRequests, OldBufferingToken; LONG NumberOfBufferingChangeRequests, LockedOldBufferingToken, OldBufferingToken;
/* Get the current number of change requests */ /* Get the current number of change requests */
NumberOfBufferingChangeRequests = ((PSRV_CALL)SrvOpen->pVNetRoot->pNetRoot->pSrvCall)->BufferingManager.CumulativeNumberOfBufferingChangeRequests; NumberOfBufferingChangeRequests = ((PSRV_CALL)SrvOpen->pVNetRoot->pNetRoot->pSrvCall)->BufferingManager.CumulativeNumberOfBufferingChangeRequests;
/* Get our old token */ /* Get our old token */
OldBufferingToken = InterlockedCompareExchange(&SrvOpen->BufferingToken, OldBufferingToken = SrvOpen->BufferingToken;
NumberOfBufferingChangeRequests, NumberOfBufferingChangeRequests); LockedOldBufferingToken = InterlockedCompareExchange(&SrvOpen->BufferingToken,
/* Do we have stuff to process? */ NumberOfBufferingChangeRequests,
if (OldBufferingToken != SrvOpen->BufferingToken) NumberOfBufferingChangeRequests);
/* If buffering state changed in between, process changes */
if (OldBufferingToken != LockedOldBufferingToken)
{ {
PFCB Fcb; PFCB Fcb;
NTSTATUS Status; NTSTATUS Status;