[NTOS:OB] Minor refactoring.

- NtQuerySymbolicLinkObject(): Use an intermediate variable for the object header. - Simplify code in ObpLookupEntryDirectory() by calling ObpReleaseLookupContextObject() instead. - Use TAG_OBJECT_TYPE instead of hardcoded tag values.
2025-02-22 16:36:33 +00:00 · 2021-09-24 22:39:35 +02:00 · 2021-09-24 22:39:35 +02:00 · 74513a75ab
commit 74513a75ab
parent 4c63ed5a7a
3 changed files with 16 additions and 19 deletions
--- a/ntoskrnl/ob/obdir.c
+++ b/ntoskrnl/ob/obdir.c
@ -174,6 +174,7 @@ ObpLookupEntryDirectory(IN POBJECT_DIRECTORY Directory,
    PVOID FoundObject = NULL;
    PWSTR Buffer;
    POBJECT_DIRECTORY ShadowDirectory;
+
    PAGED_CODE();

    /* Check if we should search the shadow directory */
@ -317,20 +318,11 @@ Quickie:
        }
    }

-    /* Check if we found an object already */
-    if (Context->Object)
-    {
-        /* We already did a lookup, so remove this object's query reference */
-        ObjectHeader = OBJECT_TO_OBJECT_HEADER(Context->Object);
-        HeaderNameInfo = OBJECT_HEADER_TO_NAME_INFO(ObjectHeader);
-        ObpDereferenceNameInfo(HeaderNameInfo);
-
-        /* Also dereference the object itself */
-        ObDereferenceObject(Context->Object);
-    }
+    /* Release any object previously looked up and replace it with the new one */
+    ObpReleaseLookupContextObject(Context);
+    Context->Object = FoundObject;

    /* Return the object we found */
-    Context->Object = FoundObject;
    return FoundObject;
 }

--- a/ntoskrnl/ob/oblife.c
+++ b/ntoskrnl/ob/oblife.c
@ -635,7 +635,7 @@ ObpAllocateObject(IN POBJECT_CREATE_INFORMATION ObjectCreateInfo,
    {
        /* Use default tag and non-paged pool */
        PoolType = NonPagedPool;
-        Tag = 'TjbO';
+        Tag = TAG_OBJECT_TYPE;
    }
    else
    {
@ -1159,7 +1159,7 @@ ObCreateObjectType(IN PUNICODE_STRING TypeName,

        /* Set the hard-coded key and object count */
        LocalObjectType->TotalNumberOfObjects = 1;
-        LocalObjectType->Key = 'TjbO';
+        LocalObjectType->Key = TAG_OBJECT_TYPE;
    }
    else
    {
--- a/ntoskrnl/ob/oblink.c
+++ b/ntoskrnl/ob/oblink.c
@ -904,11 +904,13 @@ NtQuerySymbolicLinkObject(IN HANDLE LinkHandle,
                          OUT PUNICODE_STRING LinkTarget,
                          OUT PULONG ResultLength OPTIONAL)
 {
+    NTSTATUS Status;
    UNICODE_STRING SafeLinkTarget = { 0, 0, NULL };
    POBJECT_SYMBOLIC_LINK SymlinkObject;
-    KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
-    NTSTATUS Status;
+    POBJECT_HEADER ObjectHeader;
    ULONG LengthUsed;
+    KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
+
    PAGED_CODE();

    if (PreviousMode != KernelMode)
@ -945,12 +947,15 @@ NtQuerySymbolicLinkObject(IN HANDLE LinkHandle,
                                       SYMBOLIC_LINK_QUERY,
                                       ObpSymbolicLinkObjectType,
                                       PreviousMode,
-                                       (PVOID *)&SymlinkObject,
+                                       (PVOID*)&SymlinkObject,
                                       NULL);
    if (NT_SUCCESS(Status))
    {
+        /* Get the object header */
+        ObjectHeader = OBJECT_TO_OBJECT_HEADER(SymlinkObject);
+
        /* Lock the object */
-        ObpAcquireObjectLock(OBJECT_TO_OBJECT_HEADER(SymlinkObject));
+        ObpAcquireObjectLock(ObjectHeader);

        /*
         * So here's the thing: If you specify a return length, then the
@ -995,7 +1000,7 @@ NtQuerySymbolicLinkObject(IN HANDLE LinkHandle,
        _SEH2_END;

        /* Unlock and dereference the object */
-        ObpReleaseObjectLock(OBJECT_TO_OBJECT_HEADER(SymlinkObject));
+        ObpReleaseObjectLock(ObjectHeader);
        ObDereferenceObject(SymlinkObject);
    }