Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-05 06:22:58 +00:00
Code Issues Projects Releases Packages Wiki Activity

- don't dereference the section object in MmCreateProcessAddressSpace

Browse source 
- properly handle object references in PspCreateProcess

svn path=/trunk/; revision=18860
This commit is contained in:
Thomas Bluemel 2005-10-29 22:15:10 +00:00
parent 0d70a37f3b
commit e601c831b9
2 changed files with 41 additions and 49 deletions
Download patch file Download diff file Expand all files Collapse all files

2
reactos/ntoskrnl/mm/process.c
View file

@ -473,10 +473,8 @@ MmCreateProcessAddressSpace(IN PEPROCESS Process,
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
DPRINT1("Failed to map process Image\n"); DPRINT1("Failed to map process Image\n");
ObDereferenceObject(Section);
goto exit; goto exit;
} }
ObDereferenceObject(Section);
/* Save the pointer */ /* Save the pointer */
Process->SectionBaseAddress = ImageBase; Process->SectionBaseAddress = ImageBase;

56
reactos/ntoskrnl/ps/process.c
View file

@ -183,8 +183,8 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
IN HANDLE ExceptionPort OPTIONAL) IN HANDLE ExceptionPort OPTIONAL)
{ {
HANDLE hProcess; HANDLE hProcess;
PEPROCESS Process; PEPROCESS Process = NULL;
PEPROCESS pParentProcess; PEPROCESS pParentProcess = NULL;
PEPORT pDebugPort = NULL; PEPORT pDebugPort = NULL;
PEPORT pExceptionPort = NULL; PEPORT pExceptionPort = NULL;
PSECTION_OBJECT SectionObject = NULL; PSECTION_OBJECT SectionObject = NULL;
@ -194,6 +194,7 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
KAFFINITY Affinity; KAFFINITY Affinity;
HANDLE_TABLE_ENTRY CidEntry; HANDLE_TABLE_ENTRY CidEntry;
DirectoryTableBase.QuadPart = (ULONGLONG)0; DirectoryTableBase.QuadPart = (ULONGLONG)0;
BOOLEAN ProcessCreated = FALSE;
DPRINT("PspCreateProcess(ObjectAttributes %x)\n", ObjectAttributes); DPRINT("PspCreateProcess(ObjectAttributes %x)\n", ObjectAttributes);
@ -210,7 +211,7 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
DPRINT1("Failed to reference the parent process: Status: 0x%x\n", Status); DPRINT1("Failed to reference the parent process: Status: 0x%x\n", Status);
return(Status); goto Cleanup;
} }
/* Inherit Parent process's Affinity. */ /* Inherit Parent process's Affinity. */
@ -242,7 +243,7 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
DPRINT1("Failed to reference the debug port: Status: 0x%x\n", Status); DPRINT1("Failed to reference the debug port: Status: 0x%x\n", Status);
goto exitdereferenceobjects; goto Cleanup;
} }
} }
@ -259,7 +260,7 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
DPRINT1("Failed to reference the exception port: Status: 0x%x\n", Status); DPRINT1("Failed to reference the exception port: Status: 0x%x\n", Status);
goto exitdereferenceobjects; goto Cleanup;
} }
} }
@ -267,7 +268,7 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
if (SectionHandle != NULL) if (SectionHandle != NULL)
{ {
Status = ObReferenceObjectByHandle(SectionHandle, Status = ObReferenceObjectByHandle(SectionHandle,
0, SECTION_MAP_EXECUTE,
MmSectionObjectType, MmSectionObjectType,
PreviousMode, PreviousMode,
(PVOID*)&SectionObject, (PVOID*)&SectionObject,
@ -275,7 +276,7 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
DPRINT1("Failed to reference process image section: Status: 0x%x\n", Status); DPRINT1("Failed to reference process image section: Status: 0x%x\n", Status);
goto exitdereferenceobjects; goto Cleanup;
} }
} }
@ -294,7 +295,7 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
DPRINT1("Failed to create process object, Status: 0x%x\n", Status); DPRINT1("Failed to create process object, Status: 0x%x\n", Status);
goto exitdereferenceobjects; goto Cleanup;
} }
/* Clean up the Object */ /* Clean up the Object */
@ -350,8 +351,7 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
DbgPrint("PspInitializeProcessSecurity failed (Status %x)\n", Status); DbgPrint("PspInitializeProcessSecurity failed (Status %x)\n", Status);
ObDereferenceObject(Process); goto Cleanup;
goto exitdereferenceobjects;
} }
/* Create the Process' Address Space */ /* Create the Process' Address Space */
@ -360,8 +360,7 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
DPRINT1("Failed to create Address Space\n"); DPRINT1("Failed to create Address Space\n");
ObDereferenceObject(Process); goto Cleanup;
goto exitdereferenceobjects;
} }
if (SectionObject) if (SectionObject)
@ -380,8 +379,8 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
if(!Process->UniqueProcessId) if(!Process->UniqueProcessId)
{ {
DPRINT1("Failed to create CID handle\n"); DPRINT1("Failed to create CID handle\n");
ObDereferenceObject(Process); Status = STATUS_UNSUCCESSFUL; /* FIXME - what error should we return? */
goto exitdereferenceobjects; goto Cleanup;
} }
/* FIXME: Insert into Job Object */ /* FIXME: Insert into Job Object */
@ -394,13 +393,8 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
DbgPrint("NtCreateProcess() Peb creation failed: Status %x\n",Status); DbgPrint("NtCreateProcess() Peb creation failed: Status %x\n",Status);
ObDereferenceObject(Process); goto Cleanup;
goto exitdereferenceobjects;
} }
/* Let's take advantage of this time to kill the reference too */
ObDereferenceObject(pParentProcess);
pParentProcess = NULL;
} }
/* W00T! The process can now be activated */ /* W00T! The process can now be activated */
@ -409,6 +403,8 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
InsertTailList(&PsActiveProcessHead, &Process->ActiveProcessLinks); InsertTailList(&PsActiveProcessHead, &Process->ActiveProcessLinks);
ExReleaseFastMutex(&PspActiveProcessMutex); ExReleaseFastMutex(&PspActiveProcessMutex);
ProcessCreated = TRUE;
/* FIXME: SeCreateAccessStateEx */ /* FIXME: SeCreateAccessStateEx */
/* Insert the Process into the Object Directory */ /* Insert the Process into the Object Directory */
@ -419,13 +415,8 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
0, 0,
NULL, NULL,
&hProcess); &hProcess);
if (!NT_SUCCESS(Status)) if (NT_SUCCESS(Status))
{ {
DPRINT1("Could not get a handle to the Process Object\n");
ObDereferenceObject(Process);
goto exitdereferenceobjects;
}
/* Set the Creation Time */ /* Set the Creation Time */
KeQuerySystemTime(&Process->CreateTime); KeQuerySystemTime(&Process->CreateTime);
@ -438,18 +429,21 @@ PspCreateProcess(OUT PHANDLE ProcessHandle,
{ {
Status = _SEH_GetExceptionCode(); Status = _SEH_GetExceptionCode();
} _SEH_END; } _SEH_END;
/* FIXME: ObGetObjectSecurity(Process, &SecurityDescriptor) /* FIXME: ObGetObjectSecurity(Process, &SecurityDescriptor)
SeAccessCheck SeAccessCheck
*/ */
ObDereferenceObject(Process); }
return Status;
exitdereferenceobjects: Cleanup:
if(pParentProcess != NULL) ObDereferenceObject(pParentProcess);
if (!ProcessCreated)
{
if(SectionObject != NULL) ObDereferenceObject(SectionObject); if(SectionObject != NULL) ObDereferenceObject(SectionObject);
if(pExceptionPort != NULL) ObDereferenceObject(pExceptionPort); if(pExceptionPort != NULL) ObDereferenceObject(pExceptionPort);
if(pDebugPort != NULL) ObDereferenceObject(pDebugPort); if(pDebugPort != NULL) ObDereferenceObject(pDebugPort);
if(pParentProcess != NULL) ObDereferenceObject(pParentProcess); if(Process != NULL) ObDereferenceObject(Process);
}
return Status; return Status;
} }