[NTOS:OB] Minor refactoring.

- NtQuerySymbolicLinkObject(): Use an intermediate variable for the object header.
- Simplify code in ObpLookupEntryDirectory() by calling ObpReleaseLookupContextObject() instead.
- Use TAG_OBJECT_TYPE instead of hardcoded tag values.

ntoskrnl/ob/obdir.c

@@ -174,6 +174,7 @@ ObpLookupEntryDirectory(IN POBJECT_DIRECTORY Directory,
     PVOID FoundObject = NULL;
     PWSTR Buffer;
     POBJECT_DIRECTORY ShadowDirectory;
+
     PAGED_CODE();
 
     /* Check if we should search the shadow directory */
@@ -317,20 +318,11 @@ Quickie:
         }
     }
 
-    /* Check if we found an object already */
+    /* Release any object previously looked up and replace it with the new one */
-    if (Context->Object)
+    ObpReleaseLookupContextObject(Context);
-    {
+    Context->Object = FoundObject;
-        /* We already did a lookup, so remove this object's query reference */
-        ObjectHeader = OBJECT_TO_OBJECT_HEADER(Context->Object);
-        HeaderNameInfo = OBJECT_HEADER_TO_NAME_INFO(ObjectHeader);
-        ObpDereferenceNameInfo(HeaderNameInfo);
-
-        /* Also dereference the object itself */
-        ObDereferenceObject(Context->Object);
-    }
 
     /* Return the object we found */
-    Context->Object = FoundObject;
     return FoundObject;
 }
 

ntoskrnl/ob/oblife.c

@@ -635,7 +635,7 @@ ObpAllocateObject(IN POBJECT_CREATE_INFORMATION ObjectCreateInfo,
     {
         /* Use default tag and non-paged pool */
         PoolType = NonPagedPool;
-        Tag = 'TjbO';
+        Tag = TAG_OBJECT_TYPE;
     }
     else
     {
@@ -1159,7 +1159,7 @@ ObCreateObjectType(IN PUNICODE_STRING TypeName,
 
         /* Set the hard-coded key and object count */
         LocalObjectType->TotalNumberOfObjects = 1;
-        LocalObjectType->Key = 'TjbO';
+        LocalObjectType->Key = TAG_OBJECT_TYPE;
     }
     else
     {

ntoskrnl/ob/oblink.c

@@ -904,11 +904,13 @@ NtQuerySymbolicLinkObject(IN HANDLE LinkHandle,
                           OUT PUNICODE_STRING LinkTarget,
                           OUT PULONG ResultLength OPTIONAL)
 {
+    NTSTATUS Status;
     UNICODE_STRING SafeLinkTarget = { 0, 0, NULL };
     POBJECT_SYMBOLIC_LINK SymlinkObject;
-    KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
+    POBJECT_HEADER ObjectHeader;
-    NTSTATUS Status;
     ULONG LengthUsed;
+    KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
+
     PAGED_CODE();
 
     if (PreviousMode != KernelMode)
@@ -945,12 +947,15 @@ NtQuerySymbolicLinkObject(IN HANDLE LinkHandle,
                                        SYMBOLIC_LINK_QUERY,
                                        ObpSymbolicLinkObjectType,
                                        PreviousMode,
-                                       (PVOID *)&SymlinkObject,
+                                       (PVOID*)&SymlinkObject,
                                        NULL);
     if (NT_SUCCESS(Status))
     {
+        /* Get the object header */
+        ObjectHeader = OBJECT_TO_OBJECT_HEADER(SymlinkObject);
+
         /* Lock the object */
-        ObpAcquireObjectLock(OBJECT_TO_OBJECT_HEADER(SymlinkObject));
+        ObpAcquireObjectLock(ObjectHeader);
 
         /*
          * So here's the thing: If you specify a return length, then the
@@ -995,7 +1000,7 @@ NtQuerySymbolicLinkObject(IN HANDLE LinkHandle,
         _SEH2_END;
 
         /* Unlock and dereference the object */
-        ObpReleaseObjectLock(OBJECT_TO_OBJECT_HEADER(SymlinkObject));
+        ObpReleaseObjectLock(ObjectHeader);
         ObDereferenceObject(SymlinkObject);
     }