Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-04 00:25:41 +00:00
Code Issues Projects Releases Packages Wiki Activity

- Make sure both FCB->Recv.Window and FCB->Send.Window were created before returning STATUS_SUCCESS

Browse source 
- Make sure MakeSocketIntoConnection() completed successfully
 - Make sure WarmSocketForConnection() completed successfully
 - Don't continue if TdiBuildNullConnectionInfoInPlace() fails
 - SEHify TdiBuildConnectionInfoInPlace()
 - Make sure we have a non-NULL TargetAddress before calling TdiSendDatagram()

svn path=/branches/aicom-network-fixes/; revision=35290
This commit is contained in:
Cameron Gutman 2008-08-12 18:18:03 +00:00
parent 5d9c71ed13
commit b50e9e3146
4 changed files with 54 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

38
drivers/network/afd/afd/connect.c
View file

@ -33,26 +33,32 @@ NTSTATUS WarmSocketForConnection( PAFD_FCB FCB ) {
}
NTSTATUS MakeSocketIntoConnection( PAFD_FCB FCB ) {
NTSTATUS Status = STATUS_NO_MEMORY;
NTSTATUS Status;
/* Allocate the receive area and start receiving */
FCB->Recv.Window =
ExAllocatePool( NonPagedPool, FCB->Recv.Size );
if( !FCB->Recv.Window ) return STATUS_NO_MEMORY;
FCB->Send.Window =
ExAllocatePool( NonPagedPool, FCB->Send.Size );
if( !FCB->Send.Window ) {
ExFreePool( FCB->Recv.Window );
return STATUS_NO_MEMORY;
}
FCB->State = SOCKET_STATE_CONNECTED;
if( FCB->Recv.Window ) {
Status = TdiReceive( &FCB->ReceiveIrp.InFlightRequest,
FCB->Connection.Object,
TDI_RECEIVE_NORMAL,
FCB->Recv.Window,
FCB->Recv.Size,
&FCB->ReceiveIrp.Iosb,
ReceiveComplete,
FCB );
}
Status = TdiReceive( &FCB->ReceiveIrp.InFlightRequest,
FCB->Connection.Object,
TDI_RECEIVE_NORMAL,
FCB->Recv.Window,
FCB->Recv.Size,
&FCB->ReceiveIrp.Iosb,
ReceiveComplete,
FCB );
return Status;
}
@ -102,8 +108,9 @@ static NTSTATUS NTAPI StreamSocketConnectComplete
if( NT_SUCCESS(Status) ) {
Status = MakeSocketIntoConnection( FCB );
if( FCB->Send.Window &&
!IsListEmpty( &FCB->PendingIrpList[FUNCTION_SEND] ) ) {
if( !NT_SUCCESS(Status) ) return Status;
if( !IsListEmpty( &FCB->PendingIrpList[FUNCTION_SEND] ) ) {
NextIrpEntry = RemoveHeadList(&FCB->PendingIrpList[FUNCTION_SEND]);
NextIrp = CONTAINING_RECORD(NextIrpEntry, IRP,
Tail.Overlay.ListEntry);
@ -158,7 +165,7 @@ AfdStreamSocketConnect(PDEVICE_OBJECT DeviceObject, PIRP Irp,
case SOCKET_STATE_CONNECTING:
return LeaveIrpUntilLater( FCB, Irp, FUNCTION_CONNECT );
case SOCKET_STATE_CREATED: {
case SOCKET_STATE_CREATED:
FCB->LocalAddress =
TaCopyTransportAddress( &ConnectReq->RemoteAddress );
@ -182,7 +189,8 @@ AfdStreamSocketConnect(PDEVICE_OBJECT DeviceObject, PIRP Irp,
} else
return UnlockAndMaybeComplete
( FCB, STATUS_NO_MEMORY, Irp, 0, NULL );
} /* Drop through to SOCKET_STATE_BOUND */
/* Drop through to SOCKET_STATE_BOUND */
case SOCKET_STATE_BOUND:
FCB->RemoteAddress =

8
drivers/network/afd/afd/listen.c
View file

@ -182,10 +182,12 @@ NTSTATUS AfdListenSocket(PDEVICE_OBJECT DeviceObject, PIRP Irp,
Status = WarmSocketForConnection( FCB );
FCB->State = SOCKET_STATE_LISTENING;
AFD_DbgPrint(MID_TRACE,("Status from warmsocket %x\n", Status));
if( !NT_SUCCESS(Status) ) return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL );
FCB->State = SOCKET_STATE_LISTENING;
TdiBuildNullConnectionInfo
( &FCB->ListenIrp.ConnectionCallInfo,
FCB->LocalAddress->Address[0].AddressType );
@ -274,7 +276,7 @@ NTSTATUS AfdAccept( PDEVICE_OBJECT DeviceObject, PIRP Irp,
&FCB->ListenIrp.Iosb,
ListenComplete,
FCB );
}
} else return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL );
FCB->NeedsNewListen = FALSE;
}

17
drivers/network/afd/afd/tdiconn.c
View file

@ -8,6 +8,7 @@
* 20040708 Created
*/
#include <afd.h>
#include <pseh/pseh.h>
#include "debug.h"
#include "tdiconn.h"
@ -126,9 +127,11 @@ NTSTATUS TdiBuildNullConnectionInfo
Status = TdiBuildNullConnectionInfoInPlace( ConnInfo, Type );
if (!NT_SUCCESS(Status))
if (!NT_SUCCESS(Status)) {
ExFreePool( ConnInfo );
else
*ConnectionInfo = NULL;
return Status;
} else
*ConnectionInfo = ConnInfo;
ConnInfo->RemoteAddress = (PTA_ADDRESS)&ConnInfo[1];
@ -144,9 +147,13 @@ TdiBuildConnectionInfoInPlace
PTRANSPORT_ADDRESS Address ) {
NTSTATUS Status = STATUS_SUCCESS;
RtlCopyMemory( ConnectionInfo->RemoteAddress,
Address,
ConnectionInfo->RemoteAddressLength );
_SEH_TRY {
RtlCopyMemory( ConnectionInfo->RemoteAddress,
Address,
ConnectionInfo->RemoteAddressLength );
} _SEH_HANDLE {
Status = _SEH_GetExceptionCode();
} _SEH_END;
return Status;
}

26
drivers/network/afd/afd/write.c
View file

@ -233,21 +233,23 @@ AfdConnectedSocketWriteData(PDEVICE_OBJECT DeviceObject, PIRP Irp,
TdiBuildConnectionInfo( &TargetAddress, FCB->RemoteAddress );
SocketCalloutEnter( FCB );
if( TargetAddress ) {
SocketCalloutEnter( FCB );
Status = TdiSendDatagram
( &FCB->SendIrp.InFlightRequest,
FCB->AddressFile.Object,
SendReq->BufferArray[0].buf,
SendReq->BufferArray[0].len,
TargetAddress,
&FCB->SendIrp.Iosb,
PacketSocketSendComplete,
FCB );
Status = TdiSendDatagram
( &FCB->SendIrp.InFlightRequest,
FCB->AddressFile.Object,
SendReq->BufferArray[0].buf,
SendReq->BufferArray[0].len,
TargetAddress,
&FCB->SendIrp.Iosb,
PacketSocketSendComplete,
FCB );
SocketCalloutLeave( FCB );
SocketCalloutLeave( FCB );
ExFreePool( TargetAddress );
ExFreePool( TargetAddress );
} else Status = STATUS_NO_MEMORY;
if( Status == STATUS_PENDING ) Status = STATUS_SUCCESS;