From d361170c2c7dbbfb042304b680d02018f4a4708d Mon Sep 17 00:00:00 2001 From: Thomas Bluemel Date: Sat, 22 Jan 2005 13:34:27 +0000 Subject: [PATCH] 1. remove obsolete buffer size checks from NtQueryInformationProcess() 2. fixed some buffer checks svn path=/trunk/; revision=13210 --- reactos/ntoskrnl/ex/event.c | 20 ++ reactos/ntoskrnl/ex/evtpair.c | 10 + reactos/ntoskrnl/ex/mutant.c | 10 + reactos/ntoskrnl/ex/profile.c | 140 +++++++++--- reactos/ntoskrnl/ex/sysinfo.c | 44 ++-- reactos/ntoskrnl/io/event.c | 17 +- reactos/ntoskrnl/ps/process.c | 406 +++++++++++++++------------------- 7 files changed, 357 insertions(+), 290 deletions(-) diff --git a/reactos/ntoskrnl/ex/event.c b/reactos/ntoskrnl/ex/event.c index 56324c1f1e4..0993470ad9d 100644 --- a/reactos/ntoskrnl/ex/event.c +++ b/reactos/ntoskrnl/ex/event.c @@ -151,6 +151,11 @@ NtCreateEvent(OUT PHANDLE EventHandle, Status = _SEH_GetExceptionCode(); } _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } } Status = ObCreateObject(PreviousMode, @@ -285,6 +290,11 @@ NtPulseEvent(IN HANDLE EventHandle, Status = _SEH_GetExceptionCode(); } _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } } Status = ObReferenceObjectByHandle(EventHandle, @@ -421,6 +431,11 @@ NtResetEvent(IN HANDLE EventHandle, Status = _SEH_GetExceptionCode(); } _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } } Status = ObReferenceObjectByHandle(EventHandle, @@ -481,6 +496,11 @@ NtSetEvent(IN HANDLE EventHandle, Status = _SEH_GetExceptionCode(); } _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } } Status = ObReferenceObjectByHandle(EventHandle, diff --git a/reactos/ntoskrnl/ex/evtpair.c b/reactos/ntoskrnl/ex/evtpair.c index 24730c9eced..6784227ab48 100644 --- a/reactos/ntoskrnl/ex/evtpair.c +++ b/reactos/ntoskrnl/ex/evtpair.c @@ -114,6 +114,11 @@ NtCreateEventPair(OUT PHANDLE EventPairHandle, Status = _SEH_GetExceptionCode(); } _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } } Status = ObCreateObject(ExGetPreviousMode(), @@ -183,6 +188,11 @@ NtOpenEventPair(OUT PHANDLE EventPairHandle, Status = _SEH_GetExceptionCode(); } _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } } Status = ObOpenObjectByName(ObjectAttributes, diff --git a/reactos/ntoskrnl/ex/mutant.c b/reactos/ntoskrnl/ex/mutant.c index 3b7b9bf991c..33e644441be 100644 --- a/reactos/ntoskrnl/ex/mutant.c +++ b/reactos/ntoskrnl/ex/mutant.c @@ -137,6 +137,11 @@ NtCreateMutant(OUT PHANDLE MutantHandle, Status = _SEH_GetExceptionCode(); } _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } } Status = ObCreateObject(PreviousMode, @@ -343,6 +348,11 @@ NtReleaseMutant(IN HANDLE MutantHandle, Status = _SEH_GetExceptionCode(); } _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } } Status = ObReferenceObjectByHandle(MutantHandle, diff --git a/reactos/ntoskrnl/ex/profile.c b/reactos/ntoskrnl/ex/profile.c index d6dcf393127..8d1129f2283 100644 --- a/reactos/ntoskrnl/ex/profile.c +++ b/reactos/ntoskrnl/ex/profile.c @@ -119,10 +119,42 @@ NtCreateProfile(OUT PHANDLE ProfileHandle, IN KPROFILE_SOURCE ProfileSource, IN KAFFINITY Affinity) { - HANDLE SafeProfileHandle; - NTSTATUS Status; + HANDLE hProfile; PKPROFILE Profile; PEPROCESS pProcess; + KPROCESSOR_MODE PreviousMode; + OBJECT_ATTRIBUTES ObjectAttributes; + NTSTATUS Status = STATUS_SUCCESS; + + PreviousMode = ExGetPreviousMode(); + + if(BufferSize == 0) + { + return STATUS_INVALID_PARAMETER_7; + } + + if(PreviousMode != KernelMode) + { + _SEH_TRY + { + ProbeForWrite(ProfileHandle, + sizeof(HANDLE), + sizeof(ULONG)); + ProbeForWrite(Buffer, + BufferSize, + sizeof(ULONG)); + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } + } /* * Reference the associated process @@ -132,7 +164,7 @@ NtCreateProfile(OUT PHANDLE ProfileHandle, Status = ObReferenceObjectByHandle(Process, PROCESS_QUERY_INFORMATION, PsProcessType, - UserMode, + PreviousMode, (PVOID*)&pProcess, NULL); if (!NT_SUCCESS(Status)) @@ -143,7 +175,11 @@ NtCreateProfile(OUT PHANDLE ProfileHandle, else { pProcess = NULL; - /* FIXME: Check privilege. */ + if(!SeSinglePrivilegeCheck(SeSystemProfilePrivilege, + PreviousMode)) + { + return STATUS_PRIVILEGE_NOT_HELD; + } } /* @@ -170,10 +206,16 @@ NtCreateProfile(OUT PHANDLE ProfileHandle, /* * Create the object */ - Status = ObCreateObject(ExGetPreviousMode(), + InitializeObjectAttributes(&ObjectAttributes, + NULL, + 0, + NULL, + NULL); + + Status = ObCreateObject(KernelMode, ExProfileObjectType, - NULL, - ExGetPreviousMode(), + &ObjectAttributes, + PreviousMode, NULL, sizeof(KPROFILE), 0, @@ -193,6 +235,7 @@ NtCreateProfile(OUT PHANDLE ProfileHandle, Profile->BufferMdl = MmCreateMdl(NULL, Buffer, BufferSize); if(Profile->BufferMdl == NULL) { DPRINT("MmCreateMdl: Out of memory!"); + ObDereferenceObject (Profile); return(STATUS_NO_MEMORY); } MmProbeAndLockPages(Profile->BufferMdl, UserMode, IoWriteAccess); @@ -212,7 +255,7 @@ NtCreateProfile(OUT PHANDLE ProfileHandle, STANDARD_RIGHTS_ALL, 0, NULL, - &SafeProfileHandle); + &hProfile); if (!NT_SUCCESS(Status)) { ObDereferenceObject (Profile); @@ -222,39 +265,70 @@ NtCreateProfile(OUT PHANDLE ProfileHandle, /* * Copy the created handle back to the caller */ - Status = MmCopyToCaller(ProfileHandle, &SafeProfileHandle, sizeof(HANDLE)); - if (!NT_SUCCESS(Status)) - { - ObDereferenceObject(Profile); - ZwClose(ProfileHandle); - return(Status); - } + _SEH_TRY + { + *ProfileHandle = hProfile; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; ObDereferenceObject(Profile); - return(STATUS_SUCCESS); + return Status; } NTSTATUS STDCALL NtQueryIntervalProfile(IN KPROFILE_SOURCE ProfileSource, OUT PULONG Interval) { - NTSTATUS Status; + KPROCESSOR_MODE PreviousMode; + NTSTATUS Status = STATUS_SUCCESS; + + PreviousMode = ExGetPreviousMode(); + + if(PreviousMode != KernelMode) + { + _SEH_TRY + { + ProbeForWrite(Interval, + sizeof(ULONG), + sizeof(ULONG)); + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } + } if (ProfileSource == ProfileTime) { - ULONG SafeInterval; + ULONG ReturnInterval; /* FIXME: What units does this use, for now nanoseconds */ - SafeInterval = 100; - Status = MmCopyToCaller(Interval, &SafeInterval, sizeof(ULONG)); - if (!NT_SUCCESS(Status)) - { - return(Status); - } - return(STATUS_SUCCESS); + ReturnInterval = 100; + + _SEH_TRY + { + *Interval = ReturnInterval; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + return Status; } - return(STATUS_INVALID_PARAMETER_2); + return STATUS_INVALID_PARAMETER_2; } NTSTATUS STDCALL @@ -267,13 +341,16 @@ NtSetIntervalProfile(IN ULONG Interval, NTSTATUS STDCALL NtStartProfile(IN HANDLE ProfileHandle) { - NTSTATUS Status; PKPROFILE Profile; + KPROCESSOR_MODE PreviousMode; + NTSTATUS Status; + + PreviousMode = ExGetPreviousMode(); Status = ObReferenceObjectByHandle(ProfileHandle, STANDARD_RIGHTS_ALL, ExProfileObjectType, - UserMode, + PreviousMode, (PVOID*)&Profile, NULL); if (!NT_SUCCESS(Status)) @@ -288,13 +365,16 @@ NtStartProfile(IN HANDLE ProfileHandle) NTSTATUS STDCALL NtStopProfile(IN HANDLE ProfileHandle) { - NTSTATUS Status; PKPROFILE Profile; + KPROCESSOR_MODE PreviousMode; + NTSTATUS Status; + + PreviousMode = ExGetPreviousMode(); Status = ObReferenceObjectByHandle(ProfileHandle, STANDARD_RIGHTS_ALL, ExProfileObjectType, - UserMode, + PreviousMode, (PVOID*)&Profile, NULL); if (!NT_SUCCESS(Status)) diff --git a/reactos/ntoskrnl/ex/sysinfo.c b/reactos/ntoskrnl/ex/sysinfo.c index a9903effe61..b9e6a96b81a 100644 --- a/reactos/ntoskrnl/ex/sysinfo.c +++ b/reactos/ntoskrnl/ex/sysinfo.c @@ -95,7 +95,6 @@ NtQuerySystemEnvironmentValue (IN PUNICODE_STRING VariableName, IN ULONG ValueBufferLength, IN OUT PULONG ReturnLength OPTIONAL) { - NTSTATUS Status; ANSI_STRING AName; UNICODE_STRING WName; BOOLEAN Result; @@ -103,8 +102,38 @@ NtQuerySystemEnvironmentValue (IN PUNICODE_STRING VariableName, ANSI_STRING AValue; UNICODE_STRING WValue; KPROCESSOR_MODE PreviousMode; + NTSTATUS Status = STATUS_SUCCESS; PreviousMode = ExGetPreviousMode(); + + if(PreviousMode != KernelMode) + { + _SEH_TRY + { + ProbeForRead(VariableName, + sizeof(UNICODE_STRING), + sizeof(ULONG)); + ProbeForWrite(ValueBuffer, + ValueBufferLength, + sizeof(WCHAR)); + if(ReturnLength != NULL) + { + ProbeForWrite(ReturnLength, + sizeof(ULONG), + sizeof(ULONG)); + } + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } + } /* * Copy the name to kernel space if necessary and convert it to ANSI. @@ -116,19 +145,6 @@ NtQuerySystemEnvironmentValue (IN PUNICODE_STRING VariableName, VariableName); if(NT_SUCCESS(Status)) { - if(PreviousMode != KernelMode) - { - ProbeForWrite(ValueBuffer, - ValueBufferLength, - sizeof(WCHAR)); - if(ReturnLength != NULL) - { - ProbeForWrite(ReturnLength, - sizeof(ULONG), - sizeof(ULONG)); - } - } - /* * according to ntinternals the SeSystemEnvironmentName privilege is required! */ diff --git a/reactos/ntoskrnl/io/event.c b/reactos/ntoskrnl/io/event.c index edd8c25bb56..b41be412e94 100644 --- a/reactos/ntoskrnl/io/event.c +++ b/reactos/ntoskrnl/io/event.c @@ -65,26 +65,15 @@ IoCreateSynchronizationEvent(PUNICODE_STRING EventName, PHANDLE EventHandle) { OBJECT_ATTRIBUTES ObjectAttributes; - UNICODE_STRING CapturedEventName; KPROCESSOR_MODE PreviousMode; PKEVENT Event; HANDLE Handle; NTSTATUS Status; PreviousMode = ExGetPreviousMode(); - - Status = RtlCaptureUnicodeString(&CapturedEventName, - PreviousMode, - NonPagedPool, - FALSE, - EventName); - if (!NT_SUCCESS(Status)) - { - return NULL; - } InitializeObjectAttributes(&ObjectAttributes, - &CapturedEventName, + EventName, OBJ_OPENIF, NULL, NULL); @@ -95,10 +84,6 @@ IoCreateSynchronizationEvent(PUNICODE_STRING EventName, SynchronizationEvent, TRUE); - RtlRelaseCapturedUnicodeString(&CapturedEventName, - PreviousMode, - FALSE); - if (!NT_SUCCESS(Status)) { return NULL; diff --git a/reactos/ntoskrnl/ps/process.c b/reactos/ntoskrnl/ps/process.c index 26e5a8ea967..fe1c1190803 100644 --- a/reactos/ntoskrnl/ps/process.c +++ b/reactos/ntoskrnl/ps/process.c @@ -1208,39 +1208,34 @@ NtQueryInformationProcess(IN HANDLE ProcessHandle, switch (ProcessInformationClass) { case ProcessBasicInformation: - if (ProcessInformationLength != sizeof(PROCESS_BASIC_INFORMATION)) - { - Status = STATUS_INFO_LENGTH_MISMATCH; - } - else - { - PPROCESS_BASIC_INFORMATION ProcessBasicInformationP = - (PPROCESS_BASIC_INFORMATION)ProcessInformation; + { + PPROCESS_BASIC_INFORMATION ProcessBasicInformationP = + (PPROCESS_BASIC_INFORMATION)ProcessInformation; - _SEH_TRY - { - ProcessBasicInformationP->ExitStatus = Process->ExitStatus; - ProcessBasicInformationP->PebBaseAddress = Process->Peb; - ProcessBasicInformationP->AffinityMask = Process->Pcb.Affinity; - ProcessBasicInformationP->UniqueProcessId = - Process->UniqueProcessId; - ProcessBasicInformationP->InheritedFromUniqueProcessId = - (ULONG)Process->InheritedFromUniqueProcessId; - ProcessBasicInformationP->BasePriority = - Process->Pcb.BasePriority; + _SEH_TRY + { + ProcessBasicInformationP->ExitStatus = Process->ExitStatus; + ProcessBasicInformationP->PebBaseAddress = Process->Peb; + ProcessBasicInformationP->AffinityMask = Process->Pcb.Affinity; + ProcessBasicInformationP->UniqueProcessId = + Process->UniqueProcessId; + ProcessBasicInformationP->InheritedFromUniqueProcessId = + (ULONG)Process->InheritedFromUniqueProcessId; + ProcessBasicInformationP->BasePriority = + Process->Pcb.BasePriority; - if (ReturnLength) - { - *ReturnLength = sizeof(PROCESS_BASIC_INFORMATION); - } - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - } + if (ReturnLength) + { + *ReturnLength = sizeof(PROCESS_BASIC_INFORMATION); + } + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; break; + } case ProcessQuotaLimits: case ProcessIoCounters: @@ -1248,56 +1243,43 @@ NtQueryInformationProcess(IN HANDLE ProcessHandle, break; case ProcessTimes: - if (ProcessInformationLength != sizeof(KERNEL_USER_TIMES)) - { - Status = STATUS_INFO_LENGTH_MISMATCH; - } - else - { - PKERNEL_USER_TIMES ProcessTimeP = (PKERNEL_USER_TIMES)ProcessInformation; - _SEH_TRY - { - ProcessTimeP->CreateTime = Process->CreateTime; - ProcessTimeP->UserTime.QuadPart = Process->Pcb.UserTime * 100000LL; - ProcessTimeP->KernelTime.QuadPart = Process->Pcb.KernelTime * 100000LL; - ProcessTimeP->ExitTime = Process->ExitTime; + { + PKERNEL_USER_TIMES ProcessTimeP = (PKERNEL_USER_TIMES)ProcessInformation; + _SEH_TRY + { + ProcessTimeP->CreateTime = Process->CreateTime; + ProcessTimeP->UserTime.QuadPart = Process->Pcb.UserTime * 100000LL; + ProcessTimeP->KernelTime.QuadPart = Process->Pcb.KernelTime * 100000LL; + ProcessTimeP->ExitTime = Process->ExitTime; - if (ReturnLength) - { - *ReturnLength = sizeof(KERNEL_USER_TIMES); - } - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - } - break; + if (ReturnLength) + { + *ReturnLength = sizeof(KERNEL_USER_TIMES); + } + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + break; + } case ProcessDebugPort: { - if (ProcessInformationLength != sizeof(HANDLE)) - { - Status = STATUS_INFO_LENGTH_MISMATCH; - } - else - { - _SEH_TRY - { - - *(PHANDLE)ProcessInformation = (Process->DebugPort != NULL ? (HANDLE)-1 : NULL); - if (ReturnLength) - { - *ReturnLength = sizeof(HANDLE); - } - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - } + _SEH_TRY + { + *(PHANDLE)ProcessInformation = (Process->DebugPort != NULL ? (HANDLE)-1 : NULL); + if (ReturnLength) + { + *ReturnLength = sizeof(HANDLE); + } + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; break; } @@ -1308,54 +1290,42 @@ NtQueryInformationProcess(IN HANDLE ProcessHandle, break; case ProcessHandleCount: - if (ProcessInformationLength != sizeof(ULONG)) - { - Status = STATUS_INFO_LENGTH_MISMATCH; - } - else - { - ULONG HandleCount = ObpGetHandleCountByHandleTable(&Process->HandleTable); + { + ULONG HandleCount = ObpGetHandleCountByHandleTable(&Process->HandleTable); - _SEH_TRY + _SEH_TRY + { + *(PULONG)ProcessInformation = HandleCount; + if (ReturnLength) { - *(PULONG)ProcessInformation = HandleCount; - if (ReturnLength) - { - *ReturnLength = sizeof(ULONG); - } + *ReturnLength = sizeof(ULONG); } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; break; + } case ProcessSessionInformation: { - if (ProcessInformationLength != sizeof(PROCESS_SESSION_INFORMATION)) - { - Status = STATUS_INFO_LENGTH_MISMATCH; - } - else - { - PPROCESS_SESSION_INFORMATION SessionInfo = (PPROCESS_SESSION_INFORMATION)ProcessInformation; + PPROCESS_SESSION_INFORMATION SessionInfo = (PPROCESS_SESSION_INFORMATION)ProcessInformation; - _SEH_TRY + _SEH_TRY + { + SessionInfo->SessionId = Process->SessionId; + if (ReturnLength) { - SessionInfo->SessionId = Process->SessionId; - if (ReturnLength) - { - *ReturnLength = sizeof(PROCESS_SESSION_INFORMATION); - } + *ReturnLength = sizeof(PROCESS_SESSION_INFORMATION); } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; break; } @@ -1365,148 +1335,123 @@ NtQueryInformationProcess(IN HANDLE ProcessHandle, break; case ProcessVmCounters: - if (ProcessInformationLength != sizeof(VM_COUNTERS)) - { - Status = STATUS_INFO_LENGTH_MISMATCH; - } - else - { - PVM_COUNTERS pOut = (PVM_COUNTERS)ProcessInformation; + { + PVM_COUNTERS pOut = (PVM_COUNTERS)ProcessInformation; - _SEH_TRY - { - pOut->PeakVirtualSize = Process->PeakVirtualSize; - /* - * Here we should probably use VirtualSize.LowPart, but due to - * incompatibilities in current headers (no unnamed union), - * I opted for cast. - */ - pOut->VirtualSize = (ULONG)Process->VirtualSize.QuadPart; - pOut->PageFaultCount = Process->Vm.PageFaultCount; - pOut->PeakWorkingSetSize = Process->Vm.PeakWorkingSetSize; - pOut->WorkingSetSize = Process->Vm.WorkingSetSize; - pOut->QuotaPeakPagedPoolUsage = Process->QuotaPeakPoolUsage[0]; // TODO: Verify! - pOut->QuotaPagedPoolUsage = Process->QuotaPoolUsage[0]; // TODO: Verify! - pOut->QuotaPeakNonPagedPoolUsage = Process->QuotaPeakPoolUsage[1]; // TODO: Verify! - pOut->QuotaNonPagedPoolUsage = Process->QuotaPoolUsage[1]; // TODO: Verify! - pOut->PagefileUsage = Process->PagefileUsage; - pOut->PeakPagefileUsage = Process->PeakPagefileUsage; + _SEH_TRY + { + pOut->PeakVirtualSize = Process->PeakVirtualSize; + /* + * Here we should probably use VirtualSize.LowPart, but due to + * incompatibilities in current headers (no unnamed union), + * I opted for cast. + */ + pOut->VirtualSize = (ULONG)Process->VirtualSize.QuadPart; + pOut->PageFaultCount = Process->Vm.PageFaultCount; + pOut->PeakWorkingSetSize = Process->Vm.PeakWorkingSetSize; + pOut->WorkingSetSize = Process->Vm.WorkingSetSize; + pOut->QuotaPeakPagedPoolUsage = Process->QuotaPeakPoolUsage[0]; // TODO: Verify! + pOut->QuotaPagedPoolUsage = Process->QuotaPoolUsage[0]; // TODO: Verify! + pOut->QuotaPeakNonPagedPoolUsage = Process->QuotaPeakPoolUsage[1]; // TODO: Verify! + pOut->QuotaNonPagedPoolUsage = Process->QuotaPoolUsage[1]; // TODO: Verify! + pOut->PagefileUsage = Process->PagefileUsage; + pOut->PeakPagefileUsage = Process->PeakPagefileUsage; - if (ReturnLength) - { - *ReturnLength = sizeof(VM_COUNTERS); - } - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - } + if (ReturnLength) + { + *ReturnLength = sizeof(VM_COUNTERS); + } + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; break; + } case ProcessDefaultHardErrorMode: - if (ProcessInformationLength != sizeof(ULONG)) + { + PULONG HardErrMode = (PULONG)ProcessInformation; + _SEH_TRY { - Status = STATUS_INFO_LENGTH_MISMATCH; + *HardErrMode = Process->DefaultHardErrorProcessing; + if (ReturnLength) + { + *ReturnLength = sizeof(ULONG); + } } - else + _SEH_HANDLE { - PULONG HardErrMode = (PULONG)ProcessInformation; - _SEH_TRY - { - *HardErrMode = Process->DefaultHardErrorProcessing; - if (ReturnLength) - { - *ReturnLength = sizeof(ULONG); - } - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; + Status = _SEH_GetExceptionCode(); } + _SEH_END; break; + } case ProcessPriorityBoost: - if (ProcessInformationLength != sizeof(ULONG)) - { - Status = STATUS_INFO_LENGTH_MISMATCH; - } - else - { - PULONG BoostEnabled = (PULONG)ProcessInformation; + { + PULONG BoostEnabled = (PULONG)ProcessInformation; - _SEH_TRY - { - *BoostEnabled = Process->Pcb.DisableBoost ? FALSE : TRUE; + _SEH_TRY + { + *BoostEnabled = Process->Pcb.DisableBoost ? FALSE : TRUE; - if (ReturnLength) - { - *ReturnLength = sizeof(ULONG); - } - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - } + if (ReturnLength) + { + *ReturnLength = sizeof(ULONG); + } + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; break; + } case ProcessDeviceMap: - if (ProcessInformationLength != sizeof(PROCESS_DEVICEMAP_INFORMATION)) - { - Status = STATUS_INFO_LENGTH_MISMATCH; - } - else - { - PROCESS_DEVICEMAP_INFORMATION DeviceMap; + { + PROCESS_DEVICEMAP_INFORMATION DeviceMap; - ObQueryDeviceMapInformation(Process, &DeviceMap); - - _SEH_TRY + ObQueryDeviceMapInformation(Process, &DeviceMap); + + _SEH_TRY + { + *(PPROCESS_DEVICEMAP_INFORMATION)ProcessInformation = DeviceMap; + if (ReturnLength) { - *(PPROCESS_DEVICEMAP_INFORMATION)ProcessInformation = DeviceMap; - if (ReturnLength) - { - *ReturnLength = sizeof(PROCESS_DEVICEMAP_INFORMATION); - } - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - } + *ReturnLength = sizeof(PROCESS_DEVICEMAP_INFORMATION); + } + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; break; + } case ProcessPriorityClass: - if (ProcessInformationLength != sizeof(USHORT)) - { - Status = STATUS_INFO_LENGTH_MISMATCH; - } - else - { - PUSHORT Priority = (PUSHORT)ProcessInformation; - - _SEH_TRY - { - *Priority = Process->PriorityClass; + { + PUSHORT Priority = (PUSHORT)ProcessInformation; - if (ReturnLength) - { - *ReturnLength = sizeof(USHORT); - } - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - } + _SEH_TRY + { + *Priority = Process->PriorityClass; + + if (ReturnLength) + { + *ReturnLength = sizeof(USHORT); + } + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; break; + } case ProcessImageFileName: { @@ -1620,6 +1565,7 @@ NtQueryInformationProcess(IN HANDLE ProcessHandle, } } + /* don't forget to detach from the process!!! */ KeDetachProcess(); } else