Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-02-25 01:39:30 +00:00
Code Issues Projects Releases Packages Wiki Activity

- Fix a memory leak that occurs when AfdSetContext is called with a buffer that is too small

Browse source 
- Properly return STATUS_BUFFER_TOO_SMALL when the buffer passed is too small

svn path=/branches/aicom-network-fixes/; revision=35358
This commit is contained in:
Cameron Gutman 2008-08-15 18:26:52 +00:00
parent 3f603adf26
commit 6696dcbc45
1 changed files with 9 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
drivers/network/afd/afd/context.c
View file

@ -39,27 +39,30 @@ AfdGetContext( PDEVICE_OBJECT DeviceObject, PIRP Irp,
NTSTATUS STDCALL
AfdSetContext( PDEVICE_OBJECT DeviceObject, PIRP Irp,
PIO_STACK_LOCATION IrpSp ) {
NTSTATUS Status = STATUS_NO_MEMORY;
NTSTATUS Status = STATUS_BUFFER_TOO_SMALL;
PFILE_OBJECT FileObject = IrpSp->FileObject;
PAFD_FCB FCB = FileObject->FsContext;
if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp );
if( FCB->Context ) {
ExFreePool( FCB->Context );
FCB->Context = NULL;
}
if( FCB->ContextSize <
IrpSp->Parameters.DeviceIoControl.InputBufferLength ) {
if( FCB->Context )
ExFreePool( FCB->Context );
FCB->Context =
ExAllocatePool
( PagedPool,
IrpSp->Parameters.DeviceIoControl.InputBufferLength );
}
if( FCB->Context ) {
Status = STATUS_SUCCESS;
if( !FCB->Context ) return UnlockAndMaybeComplete( FCB, STATUS_NO_MEMORY, Irp, 0, NULL );
RtlCopyMemory( FCB->Context,
IrpSp->Parameters.DeviceIoControl.Type3InputBuffer,
IrpSp->Parameters.DeviceIoControl.InputBufferLength );
Status = STATUS_SUCCESS;
}
AFD_DbgPrint(MID_TRACE,("Returning %x\n", Status));