Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-05 07:32:57 +00:00
Code Issues Projects Releases Packages Wiki Activity

- Make sure both FCB->Recv.Window and FCB->Send.Window were created before returning STATUS_SUCCESS

Browse source 
- Make sure MakeSocketIntoConnection() completed successfully
 - Make sure WarmSocketForConnection() completed successfully
 - Don't continue if TdiBuildNullConnectionInfoInPlace() fails
 - SEHify TdiBuildConnectionInfoInPlace()
 - Make sure we have a non-NULL TargetAddress before calling TdiSendDatagram()

svn path=/branches/aicom-network-fixes/; revision=35290
This commit is contained in:
Cameron Gutman 2008-08-12 18:18:03 +00:00
parent 5d9c71ed13
commit b50e9e3146
4 changed files with 54 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

22
drivers/network/afd/afd/connect.c
View file

@ -33,17 +33,24 @@ NTSTATUS WarmSocketForConnection( PAFD_FCB FCB ) {
} }
NTSTATUS MakeSocketIntoConnection( PAFD_FCB FCB ) { NTSTATUS MakeSocketIntoConnection( PAFD_FCB FCB ) {
NTSTATUS Status = STATUS_NO_MEMORY; NTSTATUS Status;
/* Allocate the receive area and start receiving */ /* Allocate the receive area and start receiving */
FCB->Recv.Window = FCB->Recv.Window =
ExAllocatePool( NonPagedPool, FCB->Recv.Size ); ExAllocatePool( NonPagedPool, FCB->Recv.Size );
if( !FCB->Recv.Window ) return STATUS_NO_MEMORY;
FCB->Send.Window = FCB->Send.Window =
ExAllocatePool( NonPagedPool, FCB->Send.Size ); ExAllocatePool( NonPagedPool, FCB->Send.Size );
if( !FCB->Send.Window ) {
ExFreePool( FCB->Recv.Window );
return STATUS_NO_MEMORY;
}
FCB->State = SOCKET_STATE_CONNECTED; FCB->State = SOCKET_STATE_CONNECTED;
if( FCB->Recv.Window ) {
Status = TdiReceive( &FCB->ReceiveIrp.InFlightRequest, Status = TdiReceive( &FCB->ReceiveIrp.InFlightRequest,
FCB->Connection.Object, FCB->Connection.Object,
TDI_RECEIVE_NORMAL, TDI_RECEIVE_NORMAL,
@ -52,7 +59,6 @@ NTSTATUS MakeSocketIntoConnection( PAFD_FCB FCB ) {
&FCB->ReceiveIrp.Iosb, &FCB->ReceiveIrp.Iosb,
ReceiveComplete, ReceiveComplete,
FCB ); FCB );
}
return Status; return Status;
} }
@ -102,8 +108,9 @@ static NTSTATUS NTAPI StreamSocketConnectComplete
if( NT_SUCCESS(Status) ) { if( NT_SUCCESS(Status) ) {
Status = MakeSocketIntoConnection( FCB ); Status = MakeSocketIntoConnection( FCB );
if( FCB->Send.Window && if( !NT_SUCCESS(Status) ) return Status;
!IsListEmpty( &FCB->PendingIrpList[FUNCTION_SEND] ) ) {
if( !IsListEmpty( &FCB->PendingIrpList[FUNCTION_SEND] ) ) {
NextIrpEntry = RemoveHeadList(&FCB->PendingIrpList[FUNCTION_SEND]); NextIrpEntry = RemoveHeadList(&FCB->PendingIrpList[FUNCTION_SEND]);
NextIrp = CONTAINING_RECORD(NextIrpEntry, IRP, NextIrp = CONTAINING_RECORD(NextIrpEntry, IRP,
Tail.Overlay.ListEntry); Tail.Overlay.ListEntry);
@ -158,7 +165,7 @@ AfdStreamSocketConnect(PDEVICE_OBJECT DeviceObject, PIRP Irp,
case SOCKET_STATE_CONNECTING: case SOCKET_STATE_CONNECTING:
return LeaveIrpUntilLater( FCB, Irp, FUNCTION_CONNECT ); return LeaveIrpUntilLater( FCB, Irp, FUNCTION_CONNECT );
case SOCKET_STATE_CREATED: { case SOCKET_STATE_CREATED:
FCB->LocalAddress = FCB->LocalAddress =
TaCopyTransportAddress( &ConnectReq->RemoteAddress ); TaCopyTransportAddress( &ConnectReq->RemoteAddress );
@ -182,7 +189,8 @@ AfdStreamSocketConnect(PDEVICE_OBJECT DeviceObject, PIRP Irp,
} else } else
return UnlockAndMaybeComplete return UnlockAndMaybeComplete
( FCB, STATUS_NO_MEMORY, Irp, 0, NULL ); ( FCB, STATUS_NO_MEMORY, Irp, 0, NULL );
} /* Drop through to SOCKET_STATE_BOUND */
/* Drop through to SOCKET_STATE_BOUND */
case SOCKET_STATE_BOUND: case SOCKET_STATE_BOUND:
FCB->RemoteAddress = FCB->RemoteAddress =

8
drivers/network/afd/afd/listen.c
View file

@ -182,10 +182,12 @@ NTSTATUS AfdListenSocket(PDEVICE_OBJECT DeviceObject, PIRP Irp,
Status = WarmSocketForConnection( FCB ); Status = WarmSocketForConnection( FCB );
FCB->State = SOCKET_STATE_LISTENING;
AFD_DbgPrint(MID_TRACE,("Status from warmsocket %x\n", Status)); AFD_DbgPrint(MID_TRACE,("Status from warmsocket %x\n", Status));
if( !NT_SUCCESS(Status) ) return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL );
FCB->State = SOCKET_STATE_LISTENING;
TdiBuildNullConnectionInfo TdiBuildNullConnectionInfo
( &FCB->ListenIrp.ConnectionCallInfo, ( &FCB->ListenIrp.ConnectionCallInfo,
FCB->LocalAddress->Address[0].AddressType ); FCB->LocalAddress->Address[0].AddressType );
@ -274,7 +276,7 @@ NTSTATUS AfdAccept( PDEVICE_OBJECT DeviceObject, PIRP Irp,
&FCB->ListenIrp.Iosb, &FCB->ListenIrp.Iosb,
ListenComplete, ListenComplete,
FCB ); FCB );
} } else return UnlockAndMaybeComplete( FCB, Status, Irp, 0, NULL );
FCB->NeedsNewListen = FALSE; FCB->NeedsNewListen = FALSE;
} }

11
drivers/network/afd/afd/tdiconn.c
View file

@ -8,6 +8,7 @@
* 20040708 Created * 20040708 Created
*/ */
#include <afd.h> #include <afd.h>
#include <pseh/pseh.h>
#include "debug.h" #include "debug.h"
#include "tdiconn.h" #include "tdiconn.h"
@ -126,9 +127,11 @@ NTSTATUS TdiBuildNullConnectionInfo
Status = TdiBuildNullConnectionInfoInPlace( ConnInfo, Type ); Status = TdiBuildNullConnectionInfoInPlace( ConnInfo, Type );
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status)) {
ExFreePool( ConnInfo ); ExFreePool( ConnInfo );
else *ConnectionInfo = NULL;
return Status;
} else
*ConnectionInfo = ConnInfo; *ConnectionInfo = ConnInfo;
ConnInfo->RemoteAddress = (PTA_ADDRESS)&ConnInfo[1]; ConnInfo->RemoteAddress = (PTA_ADDRESS)&ConnInfo[1];
@ -144,9 +147,13 @@ TdiBuildConnectionInfoInPlace
PTRANSPORT_ADDRESS Address ) { PTRANSPORT_ADDRESS Address ) {
NTSTATUS Status = STATUS_SUCCESS; NTSTATUS Status = STATUS_SUCCESS;
_SEH_TRY {
RtlCopyMemory( ConnectionInfo->RemoteAddress, RtlCopyMemory( ConnectionInfo->RemoteAddress,
Address, Address,
ConnectionInfo->RemoteAddressLength ); ConnectionInfo->RemoteAddressLength );
} _SEH_HANDLE {
Status = _SEH_GetExceptionCode();
} _SEH_END;
return Status; return Status;
} }

2
drivers/network/afd/afd/write.c
View file

@ -233,6 +233,7 @@ AfdConnectedSocketWriteData(PDEVICE_OBJECT DeviceObject, PIRP Irp,
TdiBuildConnectionInfo( &TargetAddress, FCB->RemoteAddress ); TdiBuildConnectionInfo( &TargetAddress, FCB->RemoteAddress );
if( TargetAddress ) {
SocketCalloutEnter( FCB ); SocketCalloutEnter( FCB );
Status = TdiSendDatagram Status = TdiSendDatagram
@ -248,6 +249,7 @@ AfdConnectedSocketWriteData(PDEVICE_OBJECT DeviceObject, PIRP Irp,
SocketCalloutLeave( FCB ); SocketCalloutLeave( FCB );
ExFreePool( TargetAddress ); ExFreePool( TargetAddress );
} else Status = STATUS_NO_MEMORY;
if( Status == STATUS_PENDING ) Status = STATUS_SUCCESS; if( Status == STATUS_PENDING ) Status = STATUS_SUCCESS;