Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-07-11 15:15:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Call ExFreePoolWithTag with 0 tag from ExFreePool instead of vice versa, bugcheck system, when Block is not inside any pool.

Browse source 
svn path=/trunk/; revision=39927
This commit is contained in:
Timo Kreuzer 2009-03-10 02:16:38 +00:00
parent 0533a9d290
commit 26593d0ac7
1 changed files with 53 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

75
reactos/ntoskrnl/mm/pool.c
View file

@ -14,6 +14,7 @@
#define NDEBUG #define NDEBUG
#include <debug.h> #include <debug.h>
extern PVOID MiNonPagedPoolStart;
extern ULONG MiNonPagedPoolLength; extern ULONG MiNonPagedPoolLength;
extern ULONG MmTotalPagedPoolQuota; extern ULONG MmTotalPagedPoolQuota;
extern ULONG MmTotalNonPagedPoolQuota; extern ULONG MmTotalNonPagedPoolQuota;
@ -234,18 +235,7 @@ ExAllocatePoolWithQuotaTag (IN POOL_TYPE PoolType,
VOID NTAPI VOID NTAPI
ExFreePool(IN PVOID Block) ExFreePool(IN PVOID Block)
{ {
if (Block >= MmPagedPoolBase && (char*)Block < ((char*)MmPagedPoolBase + MmPagedPoolSize)) ExFreePoolWithTag(Block, 0);
{
if (KeGetCurrentIrql() > APC_LEVEL)
KeBugCheckEx(BAD_POOL_CALLER, 0x09, KeGetCurrentIrql(), PagedPool, (ULONG_PTR)Block);
ExFreePagedPool(Block);
}
else
{
if (KeGetCurrentIrql() > DISPATCH_LEVEL)
KeBugCheckEx(BAD_POOL_CALLER, 0x09, KeGetCurrentIrql(), NonPagedPool, (ULONG_PTR)Block);
ExFreeNonPagedPool(Block);
}
} }
/* /*
@ -253,23 +243,62 @@ ExFreePool(IN PVOID Block)
*/ */
VOID VOID
NTAPI NTAPI
ExFreePoolWithTag(IN PVOID Block, ExFreePoolWithTag(
IN PVOID Block,
IN ULONG Tag) IN ULONG Tag)
{ {
ULONG BlockTag; /* Check for paged pool */
if (Block >= MmPagedPoolBase &&
if (Tag != 0) (char*)Block < ((char*)MmPagedPoolBase + MmPagedPoolSize))
{ {
if (Block >= MmPagedPoolBase && (char*)Block < ((char*)MmPagedPoolBase + MmPagedPoolSize)) /* Validate tag */
BlockTag = EiGetPagedPoolTag(Block); if (Tag != 0 && Tag != EiGetPagedPoolTag(Block))
else KeBugCheckEx(BAD_POOL_CALLER,
BlockTag = EiGetNonPagedPoolTag(Block); 0x0a,
(ULONG_PTR)Block,
EiGetPagedPoolTag(Block),
Tag);
if (BlockTag != Tag) /* Validate IRQL */
KeBugCheckEx(BAD_POOL_CALLER, 0x0a, (ULONG_PTR)Block, BlockTag, Tag); if (KeGetCurrentIrql() > APC_LEVEL)
KeBugCheckEx(BAD_POOL_CALLER,
0x09,
KeGetCurrentIrql(),
PagedPool,
(ULONG_PTR)Block);
/* Free from paged pool */
ExFreePagedPool(Block);
} }
ExFreePool(Block); /* Check for non-paged pool */
else if (Block >= MiNonPagedPoolStart &&
(char*)Block < ((char*)MiNonPagedPoolStart + MiNonPagedPoolLength))
{
/* Validate tag */
if (Tag != 0 && Tag != EiGetNonPagedPoolTag(Block))
KeBugCheckEx(BAD_POOL_CALLER,
0x0a,
(ULONG_PTR)Block,
EiGetNonPagedPoolTag(Block),
Tag);
/* Validate IRQL */
if (KeGetCurrentIrql() > DISPATCH_LEVEL)
KeBugCheckEx(BAD_POOL_CALLER,
0x09,
KeGetCurrentIrql(),
NonPagedPool,
(ULONG_PTR)Block);
/* Free from non-paged pool */
ExFreeNonPagedPool(Block);
}
else
{
/* Block was not inside any pool! */
KeBugCheckEx(BAD_POOL_CALLER, 0x42, (ULONG_PTR)Block, 0, 0);
}
} }
/* /*