[NPFS]

- Don't call RtlEqualUnicodeString (paged code) while holding a spin lock. Powered by Driver Verifier. svn path=/trunk/; revision=64762
2024-11-18 13:01:40 +00:00 · 2014-10-16 16:40:13 +00:00 · 2014-10-16 16:40:13 +00:00 · 32f8a44f8e
commit 32f8a44f8e
parent c38e07c128
1 changed files with 18 additions and 1 deletions
--- a/reactos/drivers/filesystems/npfs/waitsup.c
+++ b/reactos/drivers/filesystems/npfs/waitsup.c
@ -99,6 +99,22 @@ NpInitializeWaitQueue(IN PNP_WAIT_QUEUE WaitQueue)
    KeInitializeSpinLock(&WaitQueue->WaitLock);
 }

+static
+BOOLEAN
+NpEqualUnicodeString(IN PCUNICODE_STRING String1,
+                     IN PCUNICODE_STRING String2)
+{
+    SIZE_T EqualLength;
+
+    if (String1->Length != String2->Length)
+        return FALSE;
+
+    EqualLength = RtlCompareMemory(String1->Buffer,
+                                   String2->Buffer,
+                                   String1->Length);
+    return EqualLength == String1->Length;
+}
+
 NTSTATUS
 NTAPI
 NpCancelWaiter(IN PNP_WAIT_QUEUE WaitQueue,
@ -156,7 +172,8 @@ NpCancelWaiter(IN PNP_WAIT_QUEUE WaitQueue,
            PipeName.MaximumLength = PipeName.Length;
        }

-        if (RtlEqualUnicodeString(&WaitName, &PipeName, FALSE))
+        /* Can't use RtlEqualUnicodeString with a spinlock held */
+        if (NpEqualUnicodeString(&WaitName, &PipeName))
        {
            /* Found a matching wait. Cancel it */
            RemoveEntryList(&WaitIrp->Tail.Overlay.ListEntry);