diff --git a/reactos/base/system/services/rpcserver.c b/reactos/base/system/services/rpcserver.c index bfb7d8d7c70..4c877d27b00 100644 --- a/reactos/base/system/services/rpcserver.c +++ b/reactos/base/system/services/rpcserver.c @@ -2764,7 +2764,7 @@ DWORD RQueryServiceConfigW( lpStr += (wcslen(lpStr) + 1); /* Append the group name */ - if (lpService->lpGroup != NULL) + if ((lpService->lpGroup != NULL) && (lpService->lpGroup->lpGroupName != NULL)) { wcscpy(lpStr, lpService->lpGroup->lpGroupName); } @@ -3733,6 +3733,11 @@ DWORD REnumServicesStatusA( DPRINT("REnumServicesStatusA() called\n"); + if (pcbBytesNeeded == NULL || lpServicesReturned == NULL) + { + return ERROR_INVALID_ADDRESS; + } + if ((dwBufSize > 0) && (lpBuffer)) { lpStatusPtrW = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwBufSize); @@ -4498,6 +4503,11 @@ DWORD REnumServiceGroupW( return ERROR_INVALID_HANDLE; } + if (pcbBytesNeeded == NULL || lpServicesReturned == NULL) + { + return ERROR_INVALID_ADDRESS; + } + *pcbBytesNeeded = 0; *lpServicesReturned = 0; @@ -5750,6 +5760,11 @@ DWORD REnumServicesStatusExA( DPRINT("REnumServicesStatusExA() called\n"); + if (pcbBytesNeeded == NULL || lpServicesReturned == NULL) + { + return ERROR_INVALID_ADDRESS; + } + if (pszGroupName) { pszGroupNameW = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, (strlen(pszGroupName) + 1) * sizeof(WCHAR)); @@ -5895,6 +5910,11 @@ DWORD REnumServicesStatusExW( return ERROR_INVALID_HANDLE; } + if (pcbBytesNeeded == NULL || lpServicesReturned == NULL) + { + return ERROR_INVALID_ADDRESS; + } + *pcbBytesNeeded = 0; *lpServicesReturned = 0; diff --git a/reactos/base/system/services/services.c b/reactos/base/system/services/services.c index 56c3f04a719..2edb6e75887 100644 --- a/reactos/base/system/services/services.c +++ b/reactos/base/system/services/services.c @@ -173,7 +173,7 @@ ScmNamedPipeThread(LPVOID Context) hPipe = (HANDLE)Context; - DPRINT("ScmNamedPipeThread(%lu) - Accepting SCM commands through named pipe\n", hPipe); + DPRINT("ScmNamedPipeThread(%p) - Accepting SCM commands through named pipe\n", hPipe); for (;;) { @@ -201,13 +201,13 @@ ScmNamedPipeThread(LPVOID Context) } } - DPRINT("ScmNamedPipeThread(%lu) - Disconnecting named pipe connection\n", hPipe); + DPRINT("ScmNamedPipeThread(%p) - Disconnecting named pipe connection\n", hPipe); FlushFileBuffers(hPipe); DisconnectNamedPipe(hPipe); CloseHandle(hPipe); - DPRINT("ScmNamedPipeThread(%lu) - Done.\n", hPipe); + DPRINT("ScmNamedPipeThread(%p) - Done.\n", hPipe); return ERROR_SUCCESS; } @@ -237,7 +237,7 @@ ScmCreateNamedPipe(VOID) return FALSE; } - DPRINT("CreateNamedPipe() - calling ConnectNamedPipe(%x)\n", hPipe); + DPRINT("CreateNamedPipe() - calling ConnectNamedPipe(%p)\n", hPipe); bConnected = ConnectNamedPipe(hPipe, NULL) ? TRUE : (GetLastError() == ERROR_PIPE_CONNECTED); DPRINT("CreateNamedPipe() - ConnectNamedPipe() returned %d\n", bConnected); diff --git a/reactos/dll/win32/advapi32/service/scm.c b/reactos/dll/win32/advapi32/service/scm.c index dceb296d13c..f8cc95a7310 100644 --- a/reactos/dll/win32/advapi32/service/scm.c +++ b/reactos/dll/win32/advapi32/service/scm.c @@ -165,6 +165,8 @@ ChangeServiceConfig2A(SC_HANDLE hService, TRACE("ChangeServiceConfig2A() called\n"); + if (lpInfo == NULL) return TRUE; + /* Fill relevent field of the Info structure */ Info.dwInfoLevel = dwInfoLevel; switch (dwInfoLevel) @@ -184,9 +186,6 @@ ChangeServiceConfig2A(SC_HANDLE hService, return FALSE; } - if (lpInfo == NULL) - return TRUE; - RpcTryExcept { dwError = RChangeServiceConfig2A((SC_RPC_HANDLE)hService, @@ -224,6 +223,8 @@ ChangeServiceConfig2W(SC_HANDLE hService, TRACE("ChangeServiceConfig2W() called\n"); + if (lpInfo == NULL) return TRUE; + /* Fill relevent field of the Info structure */ Info.dwInfoLevel = dwInfoLevel; switch (dwInfoLevel) @@ -242,9 +243,6 @@ ChangeServiceConfig2W(SC_HANDLE hService, return FALSE; } - if (lpInfo == NULL) - return TRUE; - RpcTryExcept { dwError = RChangeServiceConfig2W((SC_RPC_HANDLE)hService, @@ -926,6 +924,12 @@ EnumServiceGroupW(SC_HANDLE hSCManager, return FALSE; } + if (pcbBytesNeeded == NULL || lpServicesReturned == NULL) + { + SetLastError(ERROR_INVALID_ADDRESS); + return FALSE; + } + if (lpServices == NULL || cbBufSize < sizeof(ENUM_SERVICE_STATUSW)) { lpStatusPtr = &ServiceStatus; @@ -1027,6 +1031,12 @@ EnumServicesStatusA(SC_HANDLE hSCManager, return FALSE; } + if (pcbBytesNeeded == NULL || lpServicesReturned == NULL) + { + SetLastError(ERROR_INVALID_ADDRESS); + return FALSE; + } + if (lpServices == NULL || cbBufSize < sizeof(ENUM_SERVICE_STATUSA)) { lpStatusPtr = &ServiceStatus; @@ -1113,6 +1123,12 @@ EnumServicesStatusW(SC_HANDLE hSCManager, return FALSE; } + if (pcbBytesNeeded == NULL || lpServicesReturned == NULL) + { + SetLastError(ERROR_INVALID_ADDRESS); + return FALSE; + } + if (lpServices == NULL || cbBufSize < sizeof(ENUM_SERVICE_STATUSW)) { lpStatusPtr = &ServiceStatus; @@ -1207,8 +1223,13 @@ EnumServicesStatusExA(SC_HANDLE hSCManager, return FALSE; } - if (lpServices == NULL || - cbBufSize < sizeof(ENUM_SERVICE_STATUS_PROCESSA)) + if (pcbBytesNeeded == NULL || lpServicesReturned == NULL) + { + SetLastError(ERROR_INVALID_ADDRESS); + return FALSE; + } + + if (lpServices == NULL || cbBufSize < sizeof(ENUM_SERVICE_STATUS_PROCESSA)) { lpStatusPtr = &ServiceStatus; dwBufferSize = sizeof(ENUM_SERVICE_STATUS_PROCESSA); @@ -1307,8 +1328,13 @@ EnumServicesStatusExW(SC_HANDLE hSCManager, return FALSE; } - if (lpServices == NULL || - cbBufSize < sizeof(ENUM_SERVICE_STATUS_PROCESSW)) + if (pcbBytesNeeded == NULL || lpServicesReturned == NULL) + { + SetLastError(ERROR_INVALID_ADDRESS); + return FALSE; + } + + if (lpServices == NULL || cbBufSize < sizeof(ENUM_SERVICE_STATUS_PROCESSW)) { lpStatusPtr = &ServiceStatus; dwBufferSize = sizeof(ENUM_SERVICE_STATUS_PROCESSW);