[TCPIP]

- Fix the broken TDI_QUERY_CONNECTION_INFO implementation - Perform buffer size checks on TDI_QUERY_MAX_DATAGRAM_INFO requests [AFD] - Greatly simplify AfdGetPeerName by using the remote address stored while connecting svn path=/trunk/; revision=52698
2024-06-30 09:50:07 +00:00 · 2011-07-16 17:17:08 +00:00 · 2011-07-16 17:17:08 +00:00 · 6195434c6b
parent 0ef6eb1c56
commit 6195434c6b
2 changed files with 28 additions and 67 deletions
--- a/reactos/drivers/network/afd/afd/info.c
+++ b/reactos/drivers/network/afd/afd/info.c
@ -236,60 +236,27 @@ AfdGetSockName( PDEVICE_OBJECT DeviceObject, PIRP Irp,
 NTSTATUS NTAPI
 AfdGetPeerName( PDEVICE_OBJECT DeviceObject, PIRP Irp,
                      PIO_STACK_LOCATION IrpSp ) {
-    NTSTATUS Status = STATUS_SUCCESS;
+    NTSTATUS Status;
    PFILE_OBJECT FileObject = IrpSp->FileObject;
    PAFD_FCB FCB = FileObject->FsContext;
-    PMDL Mdl = NULL;
-    PTDI_CONNECTION_INFORMATION ConnInfo = NULL;


    if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp );

-    if (FCB->RemoteAddress == NULL || FCB->Connection.Object == NULL) {
+    if (FCB->RemoteAddress == NULL) {
        AFD_DbgPrint(MIN_TRACE,("Invalid parameter\n"));
        return UnlockAndMaybeComplete( FCB, STATUS_INVALID_PARAMETER, Irp, 0 );
    }

-    if(NT_SUCCESS(Status = TdiBuildNullConnectionInfo
-                      (&ConnInfo,
-                       FCB->RemoteAddress->Address[0].AddressType)))
+    if (IrpSp->Parameters.DeviceIoControl.OutputBufferLength >= TaLengthOfTransportAddress(FCB->RemoteAddress))
    {
-        Mdl = IoAllocateMdl(ConnInfo, 
-                            sizeof(TDI_CONNECTION_INFORMATION) + 
-                                   TaLengthOfTransportAddress(ConnInfo->RemoteAddress),
-                            FALSE,
-                            FALSE,
-                            NULL);
-
-        if (Mdl)
-        {
-            _SEH2_TRY {
-               MmProbeAndLockPages(Mdl, KernelMode, IoModifyAccess);
-            } _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) {
-	       AFD_DbgPrint(MIN_TRACE, ("MmProbeAndLockPages() failed.\n"));
-	       Status = _SEH2_GetExceptionCode();
-	    } _SEH2_END;
-
-            if (NT_SUCCESS(Status))
-            {
-                Status = TdiQueryInformation(FCB->Connection.Object,
-                          TDI_QUERY_CONNECTION_INFO,
-                          Mdl);
-
-                if (NT_SUCCESS(Status))
-                {
-                    if (IrpSp->Parameters.DeviceIoControl.OutputBufferLength >= TaLengthOfTransportAddress(ConnInfo->RemoteAddress))
-                        RtlCopyMemory(Irp->UserBuffer, ConnInfo->RemoteAddress, TaLengthOfTransportAddress(ConnInfo->RemoteAddress));
-                    else
-                    {
-                        Status = STATUS_BUFFER_TOO_SMALL;
-                        AFD_DbgPrint(MIN_TRACE,("Buffer too small\n"));
-                    }
-                }
-            }
-         }
-
-         ExFreePool(ConnInfo);
+        RtlCopyMemory(Irp->UserBuffer, FCB->RemoteAddress, TaLengthOfTransportAddress(FCB->RemoteAddress));
+        Status = STATUS_SUCCESS;
+    }
+    else
+    {
+        AFD_DbgPrint(MIN_TRACE,("Buffer too small\n"));
+        Status = STATUS_BUFFER_TOO_SMALL;
    }

    return UnlockAndMaybeComplete( FCB, Status, Irp, 0 );
--- a/reactos/drivers/network/tcpip/tcpip/dispatch.c
+++ b/reactos/drivers/network/tcpip/tcpip/dispatch.c
@ -759,51 +759,45 @@ NTSTATUS DispTdiQueryInformation(

    case TDI_QUERY_CONNECTION_INFO:
      {
-        PTDI_CONNECTION_INFORMATION AddressInfo;
-        PADDRESS_FILE AddrFile;
-        PCONNECTION_ENDPOINT Endpoint = NULL;
+        PTDI_CONNECTION_INFO ConnectionInfo;
+        PCONNECTION_ENDPOINT Endpoint;

-        if (MmGetMdlByteCount(Irp->MdlAddress) <
-            (FIELD_OFFSET(TDI_CONNECTION_INFORMATION, RemoteAddress) +
-             sizeof(PVOID))) {
-          TI_DbgPrint(MID_TRACE, ("MDL buffer too small (ptr).\n"));
+        if (MmGetMdlByteCount(Irp->MdlAddress) < sizeof(*ConnectionInfo)) {
+          TI_DbgPrint(MID_TRACE, ("MDL buffer too small.\n"));
          return STATUS_BUFFER_TOO_SMALL;
        }

-        AddressInfo = (PTDI_CONNECTION_INFORMATION)
+        ConnectionInfo = (PTDI_CONNECTION_INFO)
          MmGetSystemAddressForMdl(Irp->MdlAddress);

        switch ((ULONG_PTR)IrpSp->FileObject->FsContext2) {
-          case TDI_TRANSPORT_ADDRESS_FILE:
-            AddrFile = (PADDRESS_FILE)TranContext->Handle.AddressHandle;
-            Endpoint = AddrFile ? AddrFile->Connection : NULL;
-            break;
-
          case TDI_CONNECTION_FILE:
            Endpoint =
              (PCONNECTION_ENDPOINT)TranContext->Handle.ConnectionContext;
-            break;
+            RtlZeroMemory(ConnectionInfo, sizeof(*ConnectionInfo));
+            return STATUS_SUCCESS;

          default:
            TI_DbgPrint(MIN_TRACE, ("Invalid transport context\n"));
            return STATUS_INVALID_PARAMETER;
        }
-
-        if (!Endpoint) {
-          TI_DbgPrint(MID_TRACE, ("No connection object.\n"));
-          return STATUS_INVALID_PARAMETER;
-        }
-
-        return TCPGetSockAddress( Endpoint, AddressInfo->RemoteAddress, TRUE );
      }

      case TDI_QUERY_MAX_DATAGRAM_INFO:
      {
-         PTDI_MAX_DATAGRAM_INFO MaxDatagramInfo = MmGetSystemAddressForMdl(Irp->MdlAddress);
+          PTDI_MAX_DATAGRAM_INFO MaxDatagramInfo;
+          
+          if (MmGetMdlByteCount(Irp->MdlAddress) < sizeof(*MaxDatagramInfo)) {
+              TI_DbgPrint(MID_TRACE, ("MDL buffer too small.\n"));
+              return STATUS_BUFFER_TOO_SMALL;
+          }
+          
+          MaxDatagramInfo = (PTDI_MAX_DATAGRAM_INFO)
+            MmGetSystemAddressForMdl(Irp->MdlAddress);

-         MaxDatagramInfo->MaxDatagramSize = 0xFFFF;
+          MaxDatagramInfo->MaxDatagramSize = 0xFFFF;

-         return STATUS_SUCCESS;
+          return STATUS_SUCCESS;
     }
  }