Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-09-28 13:34:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

[CSRSRV] Clarify few comments, and use MAXULONG.

Browse source
This commit is contained in:
Hermès Bélusca-Maïto 2020-10-30 01:08:23 +01:00
parent 9b421af118
commit f4279fc356
No known key found for this signature in database
GPG key ID: 3B2539C65E7B93D0
1 changed files with 7 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
subsystems/win32/csrsrv/api.c
View file

@ -1240,7 +1240,7 @@ CsrCaptureArguments(IN PCSR_THREAD CsrThread,
BufferDistance = (ULONG_PTR)ServerCaptureBuffer - (ULONG_PTR)ClientCaptureBuffer; BufferDistance = (ULONG_PTR)ServerCaptureBuffer - (ULONG_PTR)ClientCaptureBuffer;
/* /*
* All the pointer offsets correspond to pointers which point * All the pointer offsets correspond to pointers that point
* to the server data buffer instead of the client one. * to the server data buffer instead of the client one.
*/ */
// PointerCount = ServerCaptureBuffer->PointerCount; // PointerCount = ServerCaptureBuffer->PointerCount;
@ -1355,7 +1355,7 @@ CsrReleaseCapturedArguments(IN PCSR_API_MESSAGE ApiMessage)
BufferDistance = (ULONG_PTR)ServerCaptureBuffer - (ULONG_PTR)ClientCaptureBuffer; BufferDistance = (ULONG_PTR)ServerCaptureBuffer - (ULONG_PTR)ClientCaptureBuffer;
/* /*
* All the pointer offsets correspond to pointers which point * All the pointer offsets correspond to pointers that point
* to the client data buffer instead of the server one (reverse * to the client data buffer instead of the server one (reverse
* the logic of CsrCaptureArguments()). * the logic of CsrCaptureArguments()).
*/ */
@ -1438,7 +1438,7 @@ CsrValidateMessageBuffer(IN PCSR_API_MESSAGE ApiMessage,
* of non-trivial size and that we don't overflow. * of non-trivial size and that we don't overflow.
*/ */
if (!Buffer || ElementSize == 0 || if (!Buffer || ElementSize == 0 ||
(ULONGLONG)ElementCount * ElementSize > (ULONGLONG)0xFFFFFFFF) (ULONGLONG)ElementCount * ElementSize > (ULONGLONG)MAXULONG)
{ {
return FALSE; return FALSE;
} }
@ -1451,10 +1451,7 @@ CsrValidateMessageBuffer(IN PCSR_API_MESSAGE ApiMessage,
/* Check if we have no capture buffer */ /* Check if we have no capture buffer */
if (!CaptureBuffer) if (!CaptureBuffer)
{ {
/* /* In this case, succeed only if the caller is CSRSS */
* In this case, check only the Process ID
* and if there is a match, we succeed.
*/
if (NtCurrentTeb()->ClientId.UniqueProcess == if (NtCurrentTeb()->ClientId.UniqueProcess ==
ApiMessage->Header.ClientId.UniqueProcess) ApiMessage->Header.ClientId.UniqueProcess)
{ {
@ -1463,7 +1460,7 @@ CsrValidateMessageBuffer(IN PCSR_API_MESSAGE ApiMessage,
} }
else else
{ {
/* Make sure that there is still space left in the buffer */ /* Make sure that there is still space left in the capture buffer */
if ((CaptureBuffer->Size - (ULONG_PTR)*Buffer + (ULONG_PTR)CaptureBuffer) >= if ((CaptureBuffer->Size - (ULONG_PTR)*Buffer + (ULONG_PTR)CaptureBuffer) >=
(ElementCount * ElementSize)) (ElementCount * ElementSize))
{ {
@ -1473,8 +1470,8 @@ CsrValidateMessageBuffer(IN PCSR_API_MESSAGE ApiMessage,
while (PointerCount--) while (PointerCount--)
{ {
/* /*
* The pointer offset must be equal to the delta between * Find in the array, the pointer offset (from the
* the addresses of the buffer and of the API message. * API message) that corresponds to the buffer.
*/ */
if (*OffsetPointer == BufferDistance) if (*OffsetPointer == BufferDistance)
{ {