Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-04-05 05:01:03 +00:00
Code Issues Projects Releases Packages Wiki Activity

[SERVICES] Fix querying the status of a registered but not started driver.

Browse source 
The current implementation was broken and some dead code was never called; always failing before.
This fix revives this dead code!
Extra fix: avoid derefencing potential null-ptr.
And also, as bonus, comment the function so that logic can be easily understood.

CORE-14062
This commit is contained in:
Pierre Schweitzer 2017-12-08 22:45:04 +01:00
parent 81532227b6
commit 9d91a2e8ce
No known key found for this signature in database
GPG key ID: 7545556C3D585B0B
1 changed files with 26 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
base/system/services/driver.c
View file

@ -140,8 +140,13 @@ ScmGetDriverStatus(PSERVICE lpService,
DPRINT1("ScmGetDriverStatus() called\n");
memset(lpServiceStatus, 0, sizeof(SERVICE_STATUS));
/* Zero output buffer if any */
if (lpServiceStatus != NULL)
{
memset(lpServiceStatus, 0, sizeof(SERVICE_STATUS));
}
/* Select the appropriate object directory based on driver type */
if (lpService->Status.dwServiceType == SERVICE_KERNEL_DRIVER)
{
RtlInitUnicodeString(&DirName, L"\\Driver");
@ -158,6 +163,7 @@ ScmGetDriverStatus(PSERVICE lpService,
NULL,
NULL);
/* Open the object directory where loaded drivers are */
Status = NtOpenDirectoryObject(&DirHandle,
DIRECTORY_QUERY | DIRECTORY_TRAVERSE,
&ObjectAttributes);
@ -167,12 +173,14 @@ ScmGetDriverStatus(PSERVICE lpService,
return RtlNtStatusToDosError(Status);
}
/* Allocate a buffer big enough for querying the object */
BufferLength = sizeof(OBJECT_DIRECTORY_INFORMATION) +
2 * MAX_PATH * sizeof(WCHAR);
DirInfo = (OBJECT_DIRECTORY_INFORMATION*) HeapAlloc(GetProcessHeap(),
HEAP_ZERO_MEMORY,
BufferLength);
/* Now, start browsing entry by entry */
Index = 0;
while (TRUE)
{
@ -183,19 +191,23 @@ ScmGetDriverStatus(PSERVICE lpService,
FALSE,
&Index,
&DataLength);
/* End of enumeration, the driver was not found */
if (Status == STATUS_NO_MORE_ENTRIES)
{
DPRINT("No more services\n");
break;
}
/* Other error, fail */
if (!NT_SUCCESS(Status))
break;
DPRINT("Comparing: '%S' '%wZ'\n", lpService->lpServiceName, &DirInfo->Name);
/* Compare names to check whether it matches our driver */
if (_wcsicmp(lpService->lpServiceName, DirInfo->Name.Buffer) == 0)
{
/* That's our driver, bail out! */
DPRINT1("Found: '%S' '%wZ'\n",
lpService->lpServiceName, &DirInfo->Name);
bFound = TRUE;
@ -204,17 +216,27 @@ ScmGetDriverStatus(PSERVICE lpService,
}
}
/* Release resources we don't need */
HeapFree(GetProcessHeap(),
0,
DirInfo);
NtClose(DirHandle);
if (!NT_SUCCESS(Status))
/* Only quit if there's a failure
* Not having found the driver is legit!
* It means the driver was registered as a service, but not loaded
* We have not to fail in that situation, but to return proper status
*/
if (!NT_SUCCESS(Status) && Status != STATUS_NO_MORE_ENTRIES)
{
DPRINT1("Status: %lx\n", Status);
return RtlNtStatusToDosError(Status);
}
/* Now, we have two cases:
* We found the driver: it means it's running
* We didn't find the driver: it wasn't running
*/
if ((bFound != FALSE) &&
(lpService->Status.dwCurrentState != SERVICE_STOP_PENDING))
{
@ -235,6 +257,7 @@ ScmGetDriverStatus(PSERVICE lpService,
lpService->Status.dwWin32ExitCode = ERROR_SUCCESS;
}
}
/* Not found, return it's stopped */
else
{
lpService->Status.dwCurrentState = SERVICE_STOPPED;
@ -248,6 +271,7 @@ ScmGetDriverStatus(PSERVICE lpService,
lpService->Status.dwWin32ExitCode = ERROR_GEN_FAILURE;
}
/* Copy service status if required */
if (lpServiceStatus != NULL)
{
memcpy(lpServiceStatus,