Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-07-23 04:53:40 +00:00
Code Issues Projects Releases Packages Wiki Activity

Guard the calls to MmProbeAndLockPages and IoPrepareIrpBuffer with an exception frame and do free allocated resources if an exception occurs.

Browse source 
svn path=/trunk/; revision=14418
This commit is contained in:
Hartmut Birr 2005-04-01 18:17:47 +00:00
parent fc9d1af415
commit 4ea628ccaa
1 changed files with 74 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

65
reactos/ntoskrnl/io/buildirp.c
View file

@ -37,7 +37,6 @@ NTSTATUS IoPrepareIrpBuffer(PIRP Irp,
(PVOID)ExAllocatePoolWithTag(NonPagedPool,Length, TAG_SYS_BUF); (PVOID)ExAllocatePoolWithTag(NonPagedPool,Length, TAG_SYS_BUF);
if (Irp->AssociatedIrp.SystemBuffer==NULL) if (Irp->AssociatedIrp.SystemBuffer==NULL)
{ {
IoFreeIrp(Irp);
return(STATUS_NOT_IMPLEMENTED); return(STATUS_NOT_IMPLEMENTED);
} }
/* FIXME: should copy buffer in on other ops */ /* FIXME: should copy buffer in on other ops */
@ -121,14 +120,35 @@ IoBuildAsynchronousFsdRequest(ULONG MajorFunction,
StackPtr->FileObject = NULL; StackPtr->FileObject = NULL;
StackPtr->CompletionRoutine = NULL; StackPtr->CompletionRoutine = NULL;
if (Buffer != NULL) if (Length > 0)
{ {
IoPrepareIrpBuffer(Irp, NTSTATUS Status = STATUS_SUCCESS;
_SEH_FILTER(FreeAndGoOn)
{
IoFreeIrp(Irp);
return EXCEPTION_CONTINUE_SEARCH;
}
_SEH_TRY_FILTER(FreeAndGoOn)
{
Status = IoPrepareIrpBuffer(Irp,
DeviceObject, DeviceObject,
Buffer, Buffer,
Length, Length,
MajorFunction); MajorFunction);
} }
_SEH_HANDLE
{
KEBUGCHECK(0);
}
_SEH_END;
if (!NT_SUCCESS(Status))
{
IoFreeIrp(Irp);
return NULL;
}
}
if (MajorFunction == IRP_MJ_READ) if (MajorFunction == IRP_MJ_READ)
{ {
@ -296,8 +316,28 @@ IoBuildDeviceIoControlRequest(ULONG IoControlCode,
FALSE, FALSE,
FALSE, FALSE,
Irp); Irp);
if (Irp->MdlAddress == NULL)
{
IoFreeIrp(Irp);
return NULL;
}
_SEH_FILTER(FreeAndGoOn)
{
IoFreeIrp(Irp);
return EXCEPTION_CONTINUE_SEARCH;
}
_SEH_TRY_FILTER(FreeAndGoOn)
{
MmProbeAndLockPages(Irp->MdlAddress,UserMode,IoReadAccess); MmProbeAndLockPages(Irp->MdlAddress,UserMode,IoReadAccess);
} }
_SEH_HANDLE
{
KEBUGCHECK(0);
}
_SEH_END;
}
break; break;
case METHOD_OUT_DIRECT: case METHOD_OUT_DIRECT:
@ -329,8 +369,27 @@ IoBuildDeviceIoControlRequest(ULONG IoControlCode,
FALSE, FALSE,
FALSE, FALSE,
Irp); Irp);
if (Irp->MdlAddress == NULL)
{
IoFreeIrp(Irp);
return NULL;
}
_SEH_FILTER(FreeAndGoOn)
{
IoFreeIrp(Irp);
return EXCEPTION_CONTINUE_SEARCH;
}
_SEH_TRY_FILTER(FreeAndGoOn)
{
MmProbeAndLockPages(Irp->MdlAddress,UserMode,IoWriteAccess); MmProbeAndLockPages(Irp->MdlAddress,UserMode,IoWriteAccess);
} }
_SEH_HANDLE
{
KEBUGCHECK(0);
}
_SEH_END;
}
break; break;
case METHOD_NEITHER: case METHOD_NEITHER: