Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-08-04 02:20:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

[WIN32K]

Browse source 
Amendment to r63409.
Zap remaining kernel object header access from win32k. Noticed by Hermes.

svn path=/trunk/; revision=63416
This commit is contained in:
Timo Kreuzer 2014-05-22 19:15:40 +00:00
parent ce7e55def9
commit ea89346b76
2 changed files with 6 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
reactos/win32ss/user/ntuser/desktop.h
View file

@ -174,11 +174,6 @@ HDC FASTCALL UserGetDesktopDC(ULONG,BOOL,BOOL);
#define IntIsActiveDesktop(Desktop) \ #define IntIsActiveDesktop(Desktop) \
((Desktop)->rpwinstaParent->ActiveDesktop == (Desktop)) ((Desktop)->rpwinstaParent->ActiveDesktop == (Desktop))
#define GET_DESKTOP_NAME(d) \
OBJECT_HEADER_TO_NAME_INFO(OBJECT_TO_OBJECT_HEADER(d)) ? \
&(OBJECT_HEADER_TO_NAME_INFO(OBJECT_TO_OBJECT_HEADER(d))->Name) : \
NULL
HWND FASTCALL IntGetMessageWindow(VOID); HWND FASTCALL IntGetMessageWindow(VOID);
PWND FASTCALL UserGetMessageWindow(VOID); PWND FASTCALL UserGetMessageWindow(VOID);

15
reactos/win32ss/user/ntuser/winsta.c
View file

@ -1210,7 +1210,7 @@ BuildDesktopNameList(
DWORD EntryCount; DWORD EntryCount;
ULONG ReturnLength; ULONG ReturnLength;
WCHAR NullWchar; WCHAR NullWchar;
PUNICODE_STRING DesktopName; UNICODE_STRING DesktopName;
Status = IntValidateWindowStationHandle(hWindowStation, Status = IntValidateWindowStationHandle(hWindowStation,
KernelMode, KernelMode,
@ -1233,8 +1233,8 @@ BuildDesktopNameList(
DesktopEntry = DesktopEntry->Flink) DesktopEntry = DesktopEntry->Flink)
{ {
DesktopObject = CONTAINING_RECORD(DesktopEntry, DESKTOP, ListEntry); DesktopObject = CONTAINING_RECORD(DesktopEntry, DESKTOP, ListEntry);
DesktopName = GET_DESKTOP_NAME(DesktopObject); RtlInitUnicodeString(&DesktopName, DesktopObject->pDeskInfo->szDesktopName);
if (DesktopName) ReturnLength += DesktopName->Length + sizeof(WCHAR); ReturnLength += DesktopName.Length + sizeof(WCHAR);
EntryCount++; EntryCount++;
} }
TRACE("Required size: %lu Entry count: %lu\n", ReturnLength, EntryCount); TRACE("Required size: %lu Entry count: %lu\n", ReturnLength, EntryCount);
@ -1277,18 +1277,15 @@ BuildDesktopNameList(
DesktopEntry = DesktopEntry->Flink) DesktopEntry = DesktopEntry->Flink)
{ {
DesktopObject = CONTAINING_RECORD(DesktopEntry, DESKTOP, ListEntry); DesktopObject = CONTAINING_RECORD(DesktopEntry, DESKTOP, ListEntry);
_PRAGMA_WARNING_SUPPRESS(__WARNING_DEREF_NULL_PTR) RtlInitUnicodeString(&DesktopName, DesktopObject->pDeskInfo->szDesktopName);
DesktopName = GET_DESKTOP_NAME(DesktopObject);/// @todo Don't mess around with the object headers! Status = MmCopyToCaller(lpBuffer, DesktopName.Buffer, DesktopName.Length);
if (!DesktopName) continue;
Status = MmCopyToCaller(lpBuffer, DesktopName->Buffer, DesktopName->Length);
if (! NT_SUCCESS(Status)) if (! NT_SUCCESS(Status))
{ {
KeReleaseSpinLock(&WindowStation->Lock, OldLevel); KeReleaseSpinLock(&WindowStation->Lock, OldLevel);
ObDereferenceObject(WindowStation); ObDereferenceObject(WindowStation);
return Status; return Status;
} }
lpBuffer = (PVOID) ((PCHAR)lpBuffer + DesktopName->Length); lpBuffer = (PVOID) ((PCHAR)lpBuffer + DesktopName.Length);
Status = MmCopyToCaller(lpBuffer, &NullWchar, sizeof(WCHAR)); Status = MmCopyToCaller(lpBuffer, &NullWchar, sizeof(WCHAR));
if (! NT_SUCCESS(Status)) if (! NT_SUCCESS(Status))
{ {