Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-07-31 21:11:54 +00:00
Code Issues Projects Releases Packages Wiki Activity

[HIDCLASS]

Browse source 
- Prevent buffer overflow in HidClassPDO_HandleQueryHardwareId
- Reimplement HidClassPDO_HandleQueryInstanceId
- USB Composite driver now gets further(hangs at installation stage)

svn path=/branches/usb-bringup-trunk/; revision=55329
This commit is contained in:
Johannes Anderwald 2012-01-30 16:47:39 +00:00
parent 3aff101683
commit c9a760c226
2 changed files with 22 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

32
drivers/hid/hidclass/pdo.c
View file

@ -143,7 +143,7 @@ HidClassPDO_HandleQueryHardwareId(
{
NTSTATUS Status;
PHIDCLASS_PDO_DEVICE_EXTENSION PDODeviceExtension;
WCHAR Buffer[100];
WCHAR Buffer[200];
ULONG Offset = 0;
LPWSTR Ptr;
PHIDP_COLLECTION_DESC CollectionDescription;
@ -280,26 +280,38 @@ HidClassPDO_HandleQueryInstanceId(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP Irp)
{
NTSTATUS Status;
LPWSTR Buffer;
PHIDCLASS_PDO_DEVICE_EXTENSION PDODeviceExtension;
//
// copy current stack location
// get device extension
//
IoCopyCurrentIrpStackLocationToNext(Irp);
PDODeviceExtension = (PHIDCLASS_PDO_DEVICE_EXTENSION)DeviceObject->DeviceExtension;
ASSERT(PDODeviceExtension->Common.IsFDO == FALSE);
//
// call mini-driver
// allocate buffer
//
Status = HidClassFDO_DispatchRequestSynchronous(DeviceObject, Irp);
if (!NT_SUCCESS(Status))
Buffer = ExAllocatePool(NonPagedPool, 5 * sizeof(WCHAR));
if (!Buffer)
{
//
// failed
//
return Status;
return STATUS_INSUFFICIENT_RESOURCES;
}
DPRINT1("HidClassPDO_HandleQueryInstanceId Buffer %S\n", Irp->IoStatus.Information);
return Status;
//
// write device id
//
swprintf(Buffer, L"%04x", PDODeviceExtension->CollectionNumber);
Irp->IoStatus.Information = (ULONG_PTR)Buffer;
//
// done
//
return STATUS_SUCCESS;
}
NTSTATUS

5
drivers/hid/kbdhid/kbdhid.c
View file

@ -384,7 +384,6 @@ KbdHid_InternalDeviceControl(
{
/* not implemented */
DPRINT1("IOCTL_KEYBOARD_QUERY_INDICATORS not implemented\n");
ASSERT(FALSE);
Irp->IoStatus.Status = STATUS_NOT_IMPLEMENTED;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return STATUS_NOT_IMPLEMENTED;
@ -393,7 +392,6 @@ KbdHid_InternalDeviceControl(
{
/* not implemented */
DPRINT1("IOCTL_KEYBOARD_QUERY_TYPEMATIC not implemented\n");
ASSERT(FALSE);
Irp->IoStatus.Status = STATUS_NOT_IMPLEMENTED;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return STATUS_NOT_IMPLEMENTED;
@ -402,7 +400,6 @@ KbdHid_InternalDeviceControl(
{
/* not implemented */
DPRINT1("IOCTL_KEYBOARD_SET_INDICATORS not implemented\n");
ASSERT(FALSE);
Irp->IoStatus.Status = STATUS_NOT_IMPLEMENTED;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return STATUS_NOT_IMPLEMENTED;
@ -411,7 +408,6 @@ KbdHid_InternalDeviceControl(
{
/* not implemented */
DPRINT1("IOCTL_KEYBOARD_SET_TYPEMATIC not implemented\n");
ASSERT(FALSE);
Irp->IoStatus.Status = STATUS_NOT_IMPLEMENTED;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return STATUS_NOT_IMPLEMENTED;
@ -420,7 +416,6 @@ KbdHid_InternalDeviceControl(
{
/* not implemented */
DPRINT1("IOCTL_KEYBOARD_QUERY_INDICATOR_TRANSLATION not implemented\n");
ASSERT(FALSE);
Irp->IoStatus.Status = STATUS_NOT_IMPLEMENTED;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
return STATUS_NOT_IMPLEMENTED;