Author: cgutman
Date: Sat Jul 16 17:17:08 2011
New Revision: 52698
URL: http://svn.reactos.org/svn/reactos?rev=52698&view=rev
Log:
[TCPIP]
- Fix the broken TDI_QUERY_CONNECTION_INFO implementation
- Perform buffer size checks on TDI_QUERY_MAX_DATAGRAM_INFO requests
[AFD]
- Greatly simplify AfdGetPeerName by using the remote address stored while
connecting
Modified:
trunk/reactos/drivers/network/afd/afd/info.c
trunk/reactos/drivers/network/tcpip/tcpip/dispatch.c
Modified: trunk/reactos/drivers/network/afd/afd/info.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/network/afd/afd/info.c?rev=52698&r1=52697&r2=52698&view=diff
==============================================================================
--- trunk/reactos/drivers/network/afd/afd/info.c [iso-8859-1] (original)
+++ trunk/reactos/drivers/network/afd/afd/info.c [iso-8859-1] Sat Jul 16
17:17:08 2011
@@ -236,60 +236,27 @@
NTSTATUS NTAPI
AfdGetPeerName( PDEVICE_OBJECT DeviceObject, PIRP Irp,
PIO_STACK_LOCATION IrpSp ) {
- NTSTATUS Status = STATUS_SUCCESS;
- PFILE_OBJECT FileObject = IrpSp->FileObject;
- PAFD_FCB FCB = FileObject->FsContext;
- PMDL Mdl = NULL;
- PTDI_CONNECTION_INFORMATION ConnInfo = NULL;
+ NTSTATUS Status;
+ PFILE_OBJECT FileObject = IrpSp->FileObject;
+ PAFD_FCB FCB = FileObject->FsContext;
if( !SocketAcquireStateLock( FCB ) ) return LostSocket( Irp );
- if (FCB->RemoteAddress == NULL || FCB->Connection.Object == NULL) {
+ if (FCB->RemoteAddress == NULL) {
AFD_DbgPrint(MIN_TRACE,("Invalid parameter\n"));
return UnlockAndMaybeComplete( FCB, STATUS_INVALID_PARAMETER, Irp, 0 );
}
- if(NT_SUCCESS(Status = TdiBuildNullConnectionInfo
- (&ConnInfo,
- FCB->RemoteAddress->Address[0].AddressType)))
+ if (IrpSp->Parameters.DeviceIoControl.OutputBufferLength >=
TaLengthOfTransportAddress(FCB->RemoteAddress))
{
- Mdl = IoAllocateMdl(ConnInfo,
- sizeof(TDI_CONNECTION_INFORMATION) +
-
TaLengthOfTransportAddress(ConnInfo->RemoteAddress),
- FALSE,
- FALSE,
- NULL);
-
- if (Mdl)
- {
- _SEH2_TRY {
- MmProbeAndLockPages(Mdl, KernelMode, IoModifyAccess);
- } _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) {
- AFD_DbgPrint(MIN_TRACE, ("MmProbeAndLockPages() failed.\n"));
- Status = _SEH2_GetExceptionCode();
- } _SEH2_END;
-
- if (NT_SUCCESS(Status))
- {
- Status = TdiQueryInformation(FCB->Connection.Object,
- TDI_QUERY_CONNECTION_INFO,
- Mdl);
-
- if (NT_SUCCESS(Status))
- {
- if (IrpSp->Parameters.DeviceIoControl.OutputBufferLength
>= TaLengthOfTransportAddress(ConnInfo->RemoteAddress))
- RtlCopyMemory(Irp->UserBuffer,
ConnInfo->RemoteAddress, TaLengthOfTransportAddress(ConnInfo->RemoteAddress));
- else
- {
- Status = STATUS_BUFFER_TOO_SMALL;
- AFD_DbgPrint(MIN_TRACE,("Buffer too small\n"));
- }
- }
- }
- }
-
- ExFreePool(ConnInfo);
+ RtlCopyMemory(Irp->UserBuffer, FCB->RemoteAddress,
TaLengthOfTransportAddress(FCB->RemoteAddress));
+ Status = STATUS_SUCCESS;
+ }
+ else
+ {
+ AFD_DbgPrint(MIN_TRACE,("Buffer too small\n"));
+ Status = STATUS_BUFFER_TOO_SMALL;
}
return UnlockAndMaybeComplete( FCB, Status, Irp, 0 );
Modified: trunk/reactos/drivers/network/tcpip/tcpip/dispatch.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/network/tcpip/tcpip/dispatch.c?rev=52698&r1=52697&r2=52698&view=diff
==============================================================================
--- trunk/reactos/drivers/network/tcpip/tcpip/dispatch.c [iso-8859-1] (original)
+++ trunk/reactos/drivers/network/tcpip/tcpip/dispatch.c [iso-8859-1] Sat Jul
16 17:17:08 2011
@@ -759,51 +759,45 @@
case TDI_QUERY_CONNECTION_INFO:
{
- PTDI_CONNECTION_INFORMATION AddressInfo;
- PADDRESS_FILE AddrFile;
- PCONNECTION_ENDPOINT Endpoint = NULL;
-
- if (MmGetMdlByteCount(Irp->MdlAddress) <
- (FIELD_OFFSET(TDI_CONNECTION_INFORMATION, RemoteAddress) +
- sizeof(PVOID))) {
- TI_DbgPrint(MID_TRACE, ("MDL buffer too small (ptr).\n"));
+ PTDI_CONNECTION_INFO ConnectionInfo;
+ PCONNECTION_ENDPOINT Endpoint;
+
+ if (MmGetMdlByteCount(Irp->MdlAddress) < sizeof(*ConnectionInfo)) {
+ TI_DbgPrint(MID_TRACE, ("MDL buffer too small.\n"));
return STATUS_BUFFER_TOO_SMALL;
}
- AddressInfo = (PTDI_CONNECTION_INFORMATION)
+ ConnectionInfo = (PTDI_CONNECTION_INFO)
MmGetSystemAddressForMdl(Irp->MdlAddress);
switch ((ULONG_PTR)IrpSp->FileObject->FsContext2) {
- case TDI_TRANSPORT_ADDRESS_FILE:
- AddrFile = (PADDRESS_FILE)TranContext->Handle.AddressHandle;
- Endpoint = AddrFile ? AddrFile->Connection : NULL;
- break;
-
case TDI_CONNECTION_FILE:
Endpoint =
(PCONNECTION_ENDPOINT)TranContext->Handle.ConnectionContext;
- break;
+ RtlZeroMemory(ConnectionInfo, sizeof(*ConnectionInfo));
+ return STATUS_SUCCESS;
default:
TI_DbgPrint(MIN_TRACE, ("Invalid transport context\n"));
return STATUS_INVALID_PARAMETER;
}
-
- if (!Endpoint) {
- TI_DbgPrint(MID_TRACE, ("No connection object.\n"));
- return STATUS_INVALID_PARAMETER;
- }
-
- return TCPGetSockAddress( Endpoint, AddressInfo->RemoteAddress, TRUE );
}
case TDI_QUERY_MAX_DATAGRAM_INFO:
{
- PTDI_MAX_DATAGRAM_INFO MaxDatagramInfo =
MmGetSystemAddressForMdl(Irp->MdlAddress);
-
- MaxDatagramInfo->MaxDatagramSize = 0xFFFF;
-
- return STATUS_SUCCESS;
+ PTDI_MAX_DATAGRAM_INFO MaxDatagramInfo;
+
+ if (MmGetMdlByteCount(Irp->MdlAddress) < sizeof(*MaxDatagramInfo)) {
+ TI_DbgPrint(MID_TRACE, ("MDL buffer too small.\n"));
+ return STATUS_BUFFER_TOO_SMALL;
+ }
+
+ MaxDatagramInfo = (PTDI_MAX_DATAGRAM_INFO)
+ MmGetSystemAddressForMdl(Irp->MdlAddress);
+
+ MaxDatagramInfo->MaxDatagramSize = 0xFFFF;
+
+ return STATUS_SUCCESS;
}
}
