[HIDCLASS]

- Prevent buffer overflow in HidClassPDO_HandleQueryHardwareId
- Reimplement HidClassPDO_HandleQueryInstanceId
- USB Composite driver now gets further(hangs at installation stage)

svn path=/branches/usb-bringup-trunk/; revision=55329

drivers/hid/hidclass/pdo.c

@@ -143,7 +143,7 @@ HidClassPDO_HandleQueryHardwareId(
 {
     NTSTATUS Status;
     PHIDCLASS_PDO_DEVICE_EXTENSION PDODeviceExtension;
-    WCHAR Buffer[100];
+    WCHAR Buffer[200];
     ULONG Offset = 0;
     LPWSTR Ptr;
     PHIDP_COLLECTION_DESC CollectionDescription;
@@ -280,26 +280,38 @@ HidClassPDO_HandleQueryInstanceId(
     IN PDEVICE_OBJECT DeviceObject,
     IN PIRP Irp)
 {
-    NTSTATUS Status;
+    LPWSTR Buffer;
+    PHIDCLASS_PDO_DEVICE_EXTENSION PDODeviceExtension;
 
     //
-    // copy current stack location
+    // get device extension
     //
-    IoCopyCurrentIrpStackLocationToNext(Irp);
+   PDODeviceExtension = (PHIDCLASS_PDO_DEVICE_EXTENSION)DeviceObject->DeviceExtension;
+   ASSERT(PDODeviceExtension->Common.IsFDO == FALSE);
+
 
     //
-    // call mini-driver
+    // allocate buffer
     //
-    Status = HidClassFDO_DispatchRequestSynchronous(DeviceObject, Irp);
+    Buffer = ExAllocatePool(NonPagedPool, 5 * sizeof(WCHAR));
-    if (!NT_SUCCESS(Status))
+    if (!Buffer)
     {
         //
         // failed
         //
-        return Status;
+        return STATUS_INSUFFICIENT_RESOURCES;
     }
-    DPRINT1("HidClassPDO_HandleQueryInstanceId Buffer %S\n", Irp->IoStatus.Information);
+
-    return Status;
+    //
+    // write device id
+    //
+    swprintf(Buffer, L"%04x", PDODeviceExtension->CollectionNumber);
+    Irp->IoStatus.Information = (ULONG_PTR)Buffer;
+
+    //
+    // done
+    //
+    return STATUS_SUCCESS;
 }
 
 NTSTATUS

drivers/hid/kbdhid/kbdhid.c

@@ -384,7 +384,6 @@ KbdHid_InternalDeviceControl(
     {
         /* not implemented */
         DPRINT1("IOCTL_KEYBOARD_QUERY_INDICATORS not implemented\n");
-        ASSERT(FALSE);
         Irp->IoStatus.Status = STATUS_NOT_IMPLEMENTED;
         IoCompleteRequest(Irp, IO_NO_INCREMENT);
         return STATUS_NOT_IMPLEMENTED;
@@ -393,7 +392,6 @@ KbdHid_InternalDeviceControl(
     {
         /* not implemented */
         DPRINT1("IOCTL_KEYBOARD_QUERY_TYPEMATIC not implemented\n");
-        ASSERT(FALSE);
         Irp->IoStatus.Status = STATUS_NOT_IMPLEMENTED;
         IoCompleteRequest(Irp, IO_NO_INCREMENT);
         return STATUS_NOT_IMPLEMENTED;
@@ -402,7 +400,6 @@ KbdHid_InternalDeviceControl(
     {
         /* not implemented */
         DPRINT1("IOCTL_KEYBOARD_SET_INDICATORS not implemented\n");
-        ASSERT(FALSE);
         Irp->IoStatus.Status = STATUS_NOT_IMPLEMENTED;
         IoCompleteRequest(Irp, IO_NO_INCREMENT);
         return STATUS_NOT_IMPLEMENTED;
@@ -411,7 +408,6 @@ KbdHid_InternalDeviceControl(
     {
         /* not implemented */
         DPRINT1("IOCTL_KEYBOARD_SET_TYPEMATIC not implemented\n");
-        ASSERT(FALSE);
         Irp->IoStatus.Status = STATUS_NOT_IMPLEMENTED;
         IoCompleteRequest(Irp, IO_NO_INCREMENT);
         return STATUS_NOT_IMPLEMENTED;
@@ -420,7 +416,6 @@ KbdHid_InternalDeviceControl(
     {
         /* not implemented */
         DPRINT1("IOCTL_KEYBOARD_QUERY_INDICATOR_TRANSLATION not implemented\n");
-        ASSERT(FALSE);
         Irp->IoStatus.Status = STATUS_NOT_IMPLEMENTED;
         IoCompleteRequest(Irp, IO_NO_INCREMENT);
         return STATUS_NOT_IMPLEMENTED;