Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-12-28 10:04:49 +00:00
Code Issues Projects Releases Packages Wiki Activity

- Release the lock while accessing pageable user mode buffers in NtReplyWaitReceivePortEx.

Browse source 
svn path=/trunk/; revision=4908
This commit is contained in:
Hartmut Birr 2003-06-16 19:17:08 +00:00
parent b13e656c10
commit 5f1dae9d19
1 changed files with 7 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
reactos/ntoskrnl/lpc/reply.c
View file

@ -1,4 +1,4 @@
/* $Id: reply.c,v 1.14 2003/05/01 22:00:31 gvg Exp $ /* $Id: reply.c,v 1.15 2003/06/16 19:17:08 hbirr Exp $
* *
* COPYRIGHT: See COPYING in the top level directory * COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel * PROJECT: ReactOS kernel
@ -233,6 +233,7 @@ NtReplyWaitReceivePortEx(IN HANDLE PortHandle,
*/ */
KeAcquireSpinLock(&Port->Lock, &oldIrql); KeAcquireSpinLock(&Port->Lock, &oldIrql);
Request = EiDequeueMessagePort(Port); Request = EiDequeueMessagePort(Port);
KeReleaseSpinLock(&Port->Lock, oldIrql);
if (Request->Message.MessageType == LPC_CONNECTION_REQUEST) if (Request->Message.MessageType == LPC_CONNECTION_REQUEST)
{ {
@ -244,7 +245,7 @@ NtReplyWaitReceivePortEx(IN HANDLE PortHandle,
Header.DataSize = CRequest->ConnectDataLength; Header.DataSize = CRequest->ConnectDataLength;
Header.MessageSize = Header.DataSize + sizeof(LPC_MESSAGE); Header.MessageSize = Header.DataSize + sizeof(LPC_MESSAGE);
Status = MmCopyToCaller(LpcMessage, &Header, sizeof(LPC_MESSAGE)); Status = MmCopyToCaller(LpcMessage, &Header, sizeof(LPC_MESSAGE));
if (!NT_SUCCESS(Status)) if (NT_SUCCESS(Status))
{ {
Status = MmCopyToCaller((PVOID)(LpcMessage + 1), Status = MmCopyToCaller((PVOID)(LpcMessage + 1),
CRequest->ConnectData, CRequest->ConnectData,
@ -263,6 +264,7 @@ NtReplyWaitReceivePortEx(IN HANDLE PortHandle,
* undo what we did and return. * undo what we did and return.
* FIXME: Also increment semaphore. * FIXME: Also increment semaphore.
*/ */
KeAcquireSpinLock(&Port->Lock, &oldIrql);
EiEnqueueMessageAtHeadPort(Port, Request); EiEnqueueMessageAtHeadPort(Port, Request);
KeReleaseSpinLock(&Port->Lock, oldIrql); KeReleaseSpinLock(&Port->Lock, oldIrql);
ObDereferenceObject(Port); ObDereferenceObject(Port);
@ -270,12 +272,12 @@ NtReplyWaitReceivePortEx(IN HANDLE PortHandle,
} }
if (Request->Message.MessageType == LPC_CONNECTION_REQUEST) if (Request->Message.MessageType == LPC_CONNECTION_REQUEST)
{ {
KeAcquireSpinLock(&Port->Lock, &oldIrql);
EiEnqueueConnectMessagePort(Port, Request); EiEnqueueConnectMessagePort(Port, Request);
KeReleaseSpinLock(&Port->Lock, oldIrql); KeReleaseSpinLock(&Port->Lock, oldIrql);
} }
else else
{ {
KeReleaseSpinLock(&Port->Lock, oldIrql);
ExFreePool(Request); ExFreePool(Request);
} }
@ -335,6 +337,7 @@ NtReplyWaitReplyPort (HANDLE PortHandle,
PLPC_MESSAGE ReplyMessage) PLPC_MESSAGE ReplyMessage)
{ {
UNIMPLEMENTED; UNIMPLEMENTED;
return(STATUS_NOT_IMPLEMENTED);
} }