Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-07-12 07:35:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

[WIN32K]

Browse source 
Amendment to r63409.
Zap remaining kernel object header access from win32k. Noticed by Hermes.

svn path=/trunk/; revision=63416
This commit is contained in:
Timo Kreuzer 2014-05-22 19:15:40 +00:00
parent ce7e55def9
commit ea89346b76
2 changed files with 6 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
reactos/win32ss/user/ntuser/desktop.h
View file

@ -174,11 +174,6 @@ HDC FASTCALL UserGetDesktopDC(ULONG,BOOL,BOOL);
#define IntIsActiveDesktop(Desktop) \
((Desktop)->rpwinstaParent->ActiveDesktop == (Desktop))
#define GET_DESKTOP_NAME(d) \
OBJECT_HEADER_TO_NAME_INFO(OBJECT_TO_OBJECT_HEADER(d)) ? \
&(OBJECT_HEADER_TO_NAME_INFO(OBJECT_TO_OBJECT_HEADER(d))->Name) : \
NULL
HWND FASTCALL IntGetMessageWindow(VOID);
PWND FASTCALL UserGetMessageWindow(VOID);

15
reactos/win32ss/user/ntuser/winsta.c
View file

@ -1210,7 +1210,7 @@ BuildDesktopNameList(
DWORD EntryCount;
ULONG ReturnLength;
WCHAR NullWchar;
PUNICODE_STRING DesktopName;
UNICODE_STRING DesktopName;
Status = IntValidateWindowStationHandle(hWindowStation,
KernelMode,
@ -1233,8 +1233,8 @@ BuildDesktopNameList(
DesktopEntry = DesktopEntry->Flink)
{
DesktopObject = CONTAINING_RECORD(DesktopEntry, DESKTOP, ListEntry);
DesktopName = GET_DESKTOP_NAME(DesktopObject);
if (DesktopName) ReturnLength += DesktopName->Length + sizeof(WCHAR);
RtlInitUnicodeString(&DesktopName, DesktopObject->pDeskInfo->szDesktopName);
ReturnLength += DesktopName.Length + sizeof(WCHAR);
EntryCount++;
}
TRACE("Required size: %lu Entry count: %lu\n", ReturnLength, EntryCount);
@ -1277,18 +1277,15 @@ BuildDesktopNameList(
DesktopEntry = DesktopEntry->Flink)
{
DesktopObject = CONTAINING_RECORD(DesktopEntry, DESKTOP, ListEntry);
_PRAGMA_WARNING_SUPPRESS(__WARNING_DEREF_NULL_PTR)
DesktopName = GET_DESKTOP_NAME(DesktopObject);/// @todo Don't mess around with the object headers!
if (!DesktopName) continue;
Status = MmCopyToCaller(lpBuffer, DesktopName->Buffer, DesktopName->Length);
RtlInitUnicodeString(&DesktopName, DesktopObject->pDeskInfo->szDesktopName);
Status = MmCopyToCaller(lpBuffer, DesktopName.Buffer, DesktopName.Length);
if (! NT_SUCCESS(Status))
{
KeReleaseSpinLock(&WindowStation->Lock, OldLevel);
ObDereferenceObject(WindowStation);
return Status;
}
lpBuffer = (PVOID) ((PCHAR)lpBuffer + DesktopName->Length);
lpBuffer = (PVOID) ((PCHAR)lpBuffer + DesktopName.Length);
Status = MmCopyToCaller(lpBuffer, &NullWchar, sizeof(WCHAR));
if (! NT_SUCCESS(Status))
{