Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-07-31 18:22:35 +00:00
Code Issues Projects Releases Packages Wiki Activity

- Enable sanity check in ObInsertObject to catch assholes that were calling it incorrectly (without a Handle output parameter, which is only allowed in a specific scenario). Changes:

Browse source 
- Registry code which was calling ObInsertObject for no reason at all. Now an ugly hack has been added to Cm code to perform the only operation the insert did -> to free the create info.
   - SeSubProcessToken was broken and calling it incorrectly, fixed.
   - \Device\PhysicalMemory was being inserted incorrectly, fixed.
   - Boot-time driver objects were being inserted for no reason, call removed.
- Support the only case of ObInsertObject where it is OK to call it without an output handle. This codepath will only charge quota instead of creating the full-blown handle.

svn path=/trunk/; revision=25394
This commit is contained in:
Alex Ionescu 2007-01-09 08:38:07 +00:00
parent 612a4059a4
commit fe1190c599
6 changed files with 61 additions and 57 deletions
Download patch file Download diff file Expand all files Collapse all files

6
reactos/ntoskrnl/cm/registry.c
View file

@ -597,6 +597,7 @@ CmiConnectHive(IN POBJECT_ATTRIBUTES KeyObjectAttributes,
RtlFreeUnicodeString(&RemainingPath);
return Status;
}
#if 0
DPRINT("Inserting Key into Object Tree\n");
Status = ObInsertObject((PVOID)NewKey,
NULL,
@ -605,6 +606,11 @@ CmiConnectHive(IN POBJECT_ATTRIBUTES KeyObjectAttributes,
NULL,
NULL);
DPRINT("Status %x\n", Status);
#else
/* Free the create information */
ObpFreeAndReleaseCapturedAttributes(OBJECT_TO_OBJECT_HEADER(NewKey)->ObjectCreateInfo);
OBJECT_TO_OBJECT_HEADER(NewKey)->ObjectCreateInfo = NULL;
#endif
NewKey->Flags = 0;
NewKey->SubKeyCounts = 0;
NewKey->SubKeys = NULL;

6
reactos/ntoskrnl/cm/regobj.c
View file

@ -382,6 +382,7 @@ CmiObjectParse(IN PVOID ParsedObject,
RtlFreeUnicodeString(&KeyName);
return(Status);
}
#if 0
DPRINT("Inserting Key into Object Tree\n");
Status = ObInsertObject((PVOID)FoundObject,
NULL,
@ -390,6 +391,11 @@ CmiObjectParse(IN PVOID ParsedObject,
NULL,
NULL);
DPRINT("Status %x\n", Status);
#else
/* Free the create information */
ObpFreeAndReleaseCapturedAttributes(OBJECT_TO_OBJECT_HEADER(FoundObject)->ObjectCreateInfo);
OBJECT_TO_OBJECT_HEADER(FoundObject)->ObjectCreateInfo = NULL;
#endif
/* Add the keep-alive reference */
ObReferenceObject(FoundObject);

12
reactos/ntoskrnl/io/iomgr/driver.c
View file

@ -263,18 +263,6 @@ IopCreateDriverObject(
ExFreePool(Buffer);
}
Status = ObInsertObject(Object,
NULL,
FILE_ALL_ACCESS,
0,
NULL,
NULL);
if (!NT_SUCCESS(Status))
{
return Status;
}
*DriverObject = Object;
return STATUS_SUCCESS;

4
reactos/ntoskrnl/mm/section.c
View file

@ -2216,6 +2216,7 @@ MmCreatePhysicalMemorySection(VOID)
OBJECT_ATTRIBUTES Obj;
UNICODE_STRING Name = RTL_CONSTANT_STRING(L"\\Device\\PhysicalMemory");
LARGE_INTEGER SectionSize;
HANDLE Handle;
/*
* Create the section mapping physical memory
@ -2244,11 +2245,12 @@ MmCreatePhysicalMemorySection(VOID)
SECTION_ALL_ACCESS,
0,
NULL,
NULL);
&Handle);
if (!NT_SUCCESS(Status))
{
ObDereferenceObject(PhysSection);
}
ObCloseHandle(Handle, KernelMode);
PhysSection->AllocationAttributes |= SEC_PHYSICALMEMORY;
PhysSection->Segment->Flags &= ~MM_PAGEFILE_SEGMENT;

86
reactos/ntoskrnl/ob/obhandle.c
View file

@ -2329,6 +2329,7 @@ ObInsertObject(IN PVOID Object,
OB_OPEN_REASON OpenReason;
KPROCESSOR_MODE PreviousMode;
NTSTATUS Status = STATUS_SUCCESS, RealStatus;
BOOLEAN IsNewObject;
PAGED_CODE();
/* Get the Header */
@ -2371,34 +2372,28 @@ ObInsertObject(IN PVOID Object,
ObjectName = &ObjectNameInfo->Name;
}
/* Sanity check, but broken on ROS due to Cm */
#if 0
/* Sanity check */
ASSERT((Handle) ||
((ObjectPointerBias == 0) &&
(ObjectName == NULL) &&
(ObjectType->TypeInfo.SecurityRequired) &&
(NewObject == NULL)));
#endif
/* Check if the object is unnamed and also doesn't have security */
PreviousMode = KeGetPreviousMode();
if (!(ObjectType->TypeInfo.SecurityRequired) && !(ObjectName))
{
/* ReactOS HACK */
if (Handle)
{
/* Assume failure */
*Handle = NULL;
/* Assume failure */
*Handle = NULL;
/* Create the handle */
Status = ObpCreateUnnamedHandle(Object,
DesiredAccess,
ObjectPointerBias + 1,
ObjectCreateInfo->Attributes,
PreviousMode,
NewObject,
Handle);
}
/* Create the handle */
Status = ObpCreateUnnamedHandle(Object,
DesiredAccess,
ObjectPointerBias + 1,
ObjectCreateInfo->Attributes,
PreviousMode,
NewObject,
Handle);
/* Free the create information */
ObpFreeAndReleaseCapturedAttributes(ObjectCreateInfo);
@ -2408,7 +2403,7 @@ ObInsertObject(IN PVOID Object,
if (ObjectNameInfo) ObpDecrementQueryReference(ObjectNameInfo);
/* Remove the extra keep-alive reference */
if (Handle) ObDereferenceObject(Object);
ObDereferenceObject(Object);
/* Return */
OBTRACE(OB_HANDLE_DEBUG,
@ -2590,12 +2585,7 @@ ObInsertObject(IN PVOID Object,
/* Save the actual status until here */
RealStatus = Status;
/* HACKHACK: Because of ROS's incorrect startup, this can be called
* without a valid Process until I finalize the startup patch,
* so don't create a handle if this is the case. We also don't create
* a handle if Handle is NULL when the Registry Code calls it, because
* the registry code totally bastardizes the Ob and needs to be fixed
*/
/* Check if caller wants us to create a handle */
ObjectHeader->ObjectCreateInfo = NULL;
if (Handle)
{
@ -2610,29 +2600,39 @@ ObInsertObject(IN PVOID Object,
PreviousMode,
NewObject,
Handle);
}
if (!NT_SUCCESS(Status))
{
/* If the object had a name, backout everything */
if (ObjectName) ObpDeleteNameCheck(Object);
/* Check if creating the handle failed */
if (!NT_SUCCESS(Status))
/* Return the status of the failure */
*Handle = NULL;
RealStatus = Status;
}
/* Remove a query reference */
if (ObjectNameInfo) ObpDecrementQueryReference(ObjectNameInfo);
/* Remove the extra keep-alive reference */
ObDereferenceObject(Object);
}
else
{
/* If the object had a name, backout everything */
if (ObjectName) ObpDeleteNameCheck(Object);
/* Otherwise, lock the object type */
ObpEnterObjectTypeMutex(ObjectType);
/* And charge quota for the process to make it appear as used */
RealStatus = ObpChargeQuotaForObject(ObjectHeader,
ObjectType,
&IsNewObject);
/* Release the lock */
ObpLeaveObjectTypeMutex(ObjectType);
/* Check if we failed and dereference the object if so */
if (!NT_SUCCESS(RealStatus)) ObDereferenceObject(Object);
}
/* Check our final status */
if (!NT_SUCCESS(Status))
{
/* Return the status of the failure */
*Handle = NULL;
RealStatus = Status;
}
/* Remove a query reference */
if (ObjectNameInfo) ObpDecrementQueryReference(ObjectNameInfo);
/* Remove the extra keep-alive reference */
if (Handle) ObDereferenceObject(Object);
/* We can delete the Create Info now */
ObpFreeAndReleaseCapturedAttributes(ObjectCreateInfo);

4
reactos/ntoskrnl/se/token.c
View file

@ -350,7 +350,7 @@ SeSubProcessToken(IN PTOKEN ParentToken,
Status = ObInsertObject(NewToken,
NULL,
0,
1,
0,
NULL,
NULL);
if (NT_SUCCESS(Status))
@ -658,6 +658,8 @@ SepInitializeTokenImplementation(VOID)
RtlZeroMemory(&ObjectTypeInitializer, sizeof(ObjectTypeInitializer));
RtlInitUnicodeString(&Name, L"Token");
ObjectTypeInitializer.Length = sizeof(ObjectTypeInitializer);
ObjectTypeInitializer.InvalidAttributes = OBJ_OPENLINK;
ObjectTypeInitializer.SecurityRequired = TRUE;
ObjectTypeInitializer.DefaultPagedPoolCharge = sizeof(TOKEN);
ObjectTypeInitializer.GenericMapping = SepTokenMapping;
ObjectTypeInitializer.PoolType = PagedPool;