From 57ee31ee33e2fdf7ef70172cd78690a0ddb4b92c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=B4me=20Gardou?= <jerome.gardou@reactos.org>
Date: Tue, 29 Dec 2020 16:55:19 +0100
Subject: [PATCH] [NTOS:CC] Perform sanity checks before doing anything else

---
 ntoskrnl/cc/pin.c  |  4 +---
 ntoskrnl/cc/view.c | 21 ++++++++++++---------
 2 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/ntoskrnl/cc/pin.c b/ntoskrnl/cc/pin.c
index 8a79ee45031..30cba0a248a 100644
--- a/ntoskrnl/cc/pin.c
+++ b/ntoskrnl/cc/pin.c
@@ -581,7 +581,6 @@ CcUnpinDataForThread (
     IN	ERESOURCE_THREAD ResourceThreadId)
 {
     PINTERNAL_BCB iBcb = Bcb;
-    PROS_SHARED_CACHE_MAP SharedCacheMap;
 
     CCTRACE(CC_API_DEBUG, "Bcb=%p ResourceThreadId=%lu\n", Bcb, ResourceThreadId);
 
@@ -591,8 +590,7 @@ CcUnpinDataForThread (
         iBcb->PinCount--;
     }
 
-    SharedCacheMap = iBcb->Vacb->SharedCacheMap;
-    CcpDereferenceBcb(SharedCacheMap, iBcb);
+    CcpDereferenceBcb(iBcb->Vacb->SharedCacheMap, iBcb);
 }
 
 /*
diff --git a/ntoskrnl/cc/view.c b/ntoskrnl/cc/view.c
index 6f0490c31d0..4866db4f849 100644
--- a/ntoskrnl/cc/view.c
+++ b/ntoskrnl/cc/view.c
@@ -740,11 +740,13 @@ CcRosEnsureVacbResident(
 
     ASSERT((Offset + Length) <= VACB_MAPPING_GRANULARITY);
 
+#if 0
     if ((Vacb->FileOffset.QuadPart + Offset) > Vacb->SharedCacheMap->SectionSize.QuadPart)
     {
         DPRINT1("Vacb read beyond the file size!\n");
         return FALSE;
     }
+#endif
 
     BaseAddress = (PVOID)((ULONG_PTR)Vacb->BaseAddress + Offset);
 
@@ -862,15 +864,6 @@ CcRosInternalFreeVacb (
     }
 #endif
 
-    /* Delete the mapping */
-    Status = MmUnmapViewInSystemSpace(Vacb->BaseAddress);
-    if (!NT_SUCCESS(Status))
-    {
-        DPRINT1("Failed to unmap VACB from System address space! Status 0x%08X\n", Status);
-        ASSERT(FALSE);
-        /* Proceed with the deĺetion anyway */
-    }
-
     if (Vacb->ReferenceCount != 0)
     {
         DPRINT1("Invalid free: %ld\n", Vacb->ReferenceCount);
@@ -884,6 +877,16 @@ CcRosInternalFreeVacb (
     ASSERT(IsListEmpty(&Vacb->CacheMapVacbListEntry));
     ASSERT(IsListEmpty(&Vacb->DirtyVacbListEntry));
     ASSERT(IsListEmpty(&Vacb->VacbLruListEntry));
+
+    /* Delete the mapping */
+    Status = MmUnmapViewInSystemSpace(Vacb->BaseAddress);
+    if (!NT_SUCCESS(Status))
+    {
+        DPRINT1("Failed to unmap VACB from System address space! Status 0x%08X\n", Status);
+        ASSERT(FALSE);
+        /* Proceed with the deĺetion anyway */
+    }
+
     RtlFillMemory(Vacb, sizeof(*Vacb), 0xfd);
     ExFreeToNPagedLookasideList(&VacbLookasideList, Vacb);
     return STATUS_SUCCESS;