mirror of
https://github.com/reactos/reactos.git
synced 2025-01-04 21:38:43 +00:00
Fixed memory overwrite due to too-small allocation.
svn path=/trunk/; revision=10305
This commit is contained in:
Art Yerkes
parent
b6a9c73c88
commit
c0dd64494d
4 changed files with 38 additions and 25 deletions
|
|
@ -1,4 +1,4 @@
|
|||
/* $Id: info.c,v 1.3 2004/07/18 22:53:59 arty Exp $
|
||||
/* $Id: info.c,v 1.4 2004/07/29 04:09:06 arty Exp $
|
||||
* COPYRIGHT: See COPYING in the top level directory
|
||||
* PROJECT: ReactOS kernel
|
||||
* FILE: drivers/net/afd/afd/info.c
|
||||
|
|
@ -11,6 +11,7 @@
|
|||
#include "tdi_proto.h"
|
||||
#include "tdiconn.h"
|
||||
#include "debug.h"
|
||||
#include "pseh.h"
|
||||
|
||||
NTSTATUS STDCALL
|
||||
AfdGetInfo( PDEVICE_OBJECT DeviceObject, PIRP Irp,
|
||||
|
|
@ -22,29 +23,34 @@ AfdGetInfo( PDEVICE_OBJECT DeviceObject, PIRP Irp,
|
|||
|
||||
AFD_DbgPrint(MID_TRACE,("Called %x %x\n", InfoReq,
|
||||
InfoReq ? InfoReq->InformationClass : 0));
|
||||
|
||||
if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp, TRUE );
|
||||
|
||||
switch( InfoReq->InformationClass ) {
|
||||
case AFD_INFO_RECEIVE_WINDOW_SIZE:
|
||||
InfoReq->Information.Ulong = FCB->Recv.Size;
|
||||
break;
|
||||
|
||||
case AFD_INFO_SEND_WINDOW_SIZE:
|
||||
InfoReq->Information.Ulong = FCB->Send.Size;
|
||||
AFD_DbgPrint(MID_TRACE,("Send window size %d\n", FCB->Send.Size));
|
||||
break;
|
||||
|
||||
case AFD_INFO_GROUP_ID_TYPE:
|
||||
InfoReq->Information.Ulong = 0; /* What is group id */
|
||||
break;
|
||||
|
||||
default:
|
||||
AFD_DbgPrint(MID_TRACE,("Unknown info id %x\n",
|
||||
InfoReq->InformationClass));
|
||||
_SEH_TRY {
|
||||
if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp, TRUE );
|
||||
|
||||
switch( InfoReq->InformationClass ) {
|
||||
case AFD_INFO_RECEIVE_WINDOW_SIZE:
|
||||
InfoReq->Information.Ulong = FCB->Recv.Size;
|
||||
break;
|
||||
|
||||
case AFD_INFO_SEND_WINDOW_SIZE:
|
||||
InfoReq->Information.Ulong = FCB->Send.Size;
|
||||
AFD_DbgPrint(MID_TRACE,("Send window size %d\n", FCB->Send.Size));
|
||||
break;
|
||||
|
||||
case AFD_INFO_GROUP_ID_TYPE:
|
||||
InfoReq->Information.Ulong = 0; /* What is group id */
|
||||
break;
|
||||
|
||||
default:
|
||||
AFD_DbgPrint(MID_TRACE,("Unknown info id %x\n",
|
||||
InfoReq->InformationClass));
|
||||
Status = STATUS_INVALID_PARAMETER;
|
||||
break;
|
||||
}
|
||||
} _SEH_HANDLE {
|
||||
AFD_DbgPrint(MID_TRACE,("Exception executing GetInfo\n"));
|
||||
Status = STATUS_INVALID_PARAMETER;
|
||||
break;
|
||||
}
|
||||
} _SEH_END;
|
||||
|
||||
AFD_DbgPrint(MID_TRACE,("Returning %x\n", Status));
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
/* $Id: main.c,v 1.2 2004/07/18 22:49:17 arty Exp $
|
||||
/* $Id: main.c,v 1.3 2004/07/29 04:09:06 arty Exp $
|
||||
* COPYRIGHT: See COPYING in the top level directory
|
||||
* PROJECT: ReactOS kernel
|
||||
* FILE: drivers/net/afd/afd/main.c
|
||||
|
|
@ -51,6 +51,8 @@ AfdCreateSocket(PDEVICE_OBJECT DeviceObject, PIRP Irp,
|
|||
PWCHAR EaInfoValue;
|
||||
UINT Disposition, i;
|
||||
|
||||
__asm("int3");
|
||||
|
||||
AFD_DbgPrint(MID_TRACE,
|
||||
("AfdCreate(DeviceObject %p Irp %p)\n", DeviceObject, Irp));
|
||||
|
||||
|
|
@ -80,7 +82,7 @@ AfdCreateSocket(PDEVICE_OBJECT DeviceObject, PIRP Irp,
|
|||
|
||||
AFD_DbgPrint(MID_TRACE,("About to allocate the new FCB\n"));
|
||||
|
||||
FCB = ExAllocatePool(NonPagedPool, sizeof(PAFD_FCB));
|
||||
FCB = ExAllocatePool(NonPagedPool, sizeof(AFD_FCB));
|
||||
if( FCB == NULL ) {
|
||||
Irp->IoStatus.Status = STATUS_NO_MEMORY;
|
||||
IoCompleteRequest(Irp, IO_NO_INCREMENT);
|
||||
|
|
|
|||
|
|
@ -140,6 +140,7 @@ NTSTATUS TdiOpenDevice(
|
|||
} else {
|
||||
AFD_DbgPrint(MIN_TRACE, ("ZwCreateFile() failed with status (0x%X)\n", Status));
|
||||
}
|
||||
|
||||
return Status;
|
||||
}
|
||||
|
||||
|
|
@ -203,6 +204,7 @@ NTSTATUS TdiOpenAddressFile(
|
|||
Address =
|
||||
(PTRANSPORT_ADDRESS)(EaInfo->EaName + TDI_TRANSPORT_ADDRESS_LENGTH + 1); /* 0-terminated */
|
||||
TaCopyTransportAddressInPlace( Address, Name );
|
||||
|
||||
Status = TdiOpenDevice(DeviceName,
|
||||
EaLength,
|
||||
EaInfo,
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# $Id: makefile,v 1.11 2004/07/18 22:49:16 arty Exp $
|
||||
# $Id: makefile,v 1.12 2004/07/29 04:09:05 arty Exp $
|
||||
|
||||
PATH_TO_TOP = ../../..
|
||||
|
||||
|
|
@ -6,6 +6,9 @@ TARGET_TYPE = driver
|
|||
|
||||
TARGET_NAME = afd
|
||||
|
||||
TARGET_DDKLIBS = \
|
||||
$(PATH_TO_TOP)/dk/w32/lib/pseh.a
|
||||
|
||||
TARGET_CFLAGS = -I./include -I$(PATH_TO_TOP)/w32api/include/ddk -I$(PATH_TO_TOP)/include/afd -DDBG -D__USE_W32API -Werror -Wall
|
||||
|
||||
TARGET_OBJECTS = \
|
||||
|
|
|
|||
Loading…
Reference in a new issue