Skip to content

Commit a039776

Browse files
author
Dmitry Chapyshev
committed
[NTOS:EX]
- Use ExAcquirePushLockShared instead ExAcquirePushLockExclusive (and move it outside enumeration) - Don't leave a enumeration at ReqSize > Size. It is used for calculation of the size - ObjectHeader->Type field currupted and I do not know who spoils it. Commented. - Remove unneeded SEH svn path=/trunk/; revision=72608
1 parent d97ea85 commit a039776

File tree

1 file changed

+80
-97
lines changed

1 file changed

+80
-97
lines changed

reactos/ntoskrnl/ex/sysinfo.c

Lines changed: 80 additions & 97 deletions
Original file line numberDiff line numberDiff line change
@@ -222,7 +222,7 @@ ExLockUserBuffer(
222222
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
223223
{
224224
ExFreePoolWithTag(Mdl, TAG_MDL);
225-
return _SEH2_GetExceptionCode();
225+
_SEH2_YIELD(return _SEH2_GetExceptionCode());
226226
}
227227
_SEH2_END;
228228

@@ -1171,14 +1171,19 @@ QSI_DEF(SystemNonPagedPoolInformation)
11711171
QSI_DEF(SystemHandleInformation)
11721172
{
11731173
PSYSTEM_HANDLE_INFORMATION HandleInformation;
1174+
PLIST_ENTRY NextTableEntry;
1175+
PHANDLE_TABLE HandleTable;
1176+
PHANDLE_TABLE_ENTRY HandleTableEntry;
1177+
EXHANDLE Handle;
11741178
ULONG Index = 0;
11751179
NTSTATUS Status;
11761180
PMDL Mdl;
1181+
PAGED_CODE();
11771182

11781183
DPRINT("NtQuerySystemInformation - SystemHandleInformation\n");
11791184

11801185
/* Set initial required buffer size */
1181-
*ReqSize = sizeof(SYSTEM_HANDLE_INFORMATION);
1186+
*ReqSize = FIELD_OFFSET(SYSTEM_HANDLE_INFORMATION, Handles);
11821187

11831188
/* Check user's buffer size */
11841189
if (Size < *ReqSize)
@@ -1199,116 +1204,94 @@ QSI_DEF(SystemHandleInformation)
11991204
return Status;
12001205
}
12011206

1202-
_SEH2_TRY
1203-
{
1204-
PLIST_ENTRY NextTableEntry;
1207+
/* Reset of count of handles */
1208+
HandleInformation->NumberOfHandles = 0;
12051209

1206-
/* Reset of count of handles */
1207-
HandleInformation->NumberOfHandles = 0;
1208-
1209-
/* Enumerate all system handles */
1210-
for (NextTableEntry = HandleTableListHead.Flink;
1211-
NextTableEntry != &HandleTableListHead;
1212-
NextTableEntry = NextTableEntry->Flink)
1213-
{
1214-
PHANDLE_TABLE HandleTable;
1215-
1216-
/* Enter a critical region */
1217-
KeEnterCriticalRegion();
1210+
/* Enter a critical region */
1211+
KeEnterCriticalRegion();
12181212

1219-
/* Acquire the handle table lock */
1220-
ExAcquirePushLockExclusive(&HandleTableListLock);
1213+
/* Acquire the handle table lock */
1214+
ExAcquirePushLockShared(&HandleTableListLock);
12211215

1222-
/* Get current handle table */
1223-
HandleTable = CONTAINING_RECORD(NextTableEntry, HANDLE_TABLE, HandleTableList);
1216+
/* Enumerate all system handles */
1217+
for (NextTableEntry = HandleTableListHead.Flink;
1218+
NextTableEntry != &HandleTableListHead;
1219+
NextTableEntry = NextTableEntry->Flink)
1220+
{
1221+
/* Get current handle table */
1222+
HandleTable = CONTAINING_RECORD(NextTableEntry, HANDLE_TABLE, HandleTableList);
12241223

1225-
_SEH2_TRY
1224+
/* Set the initial value and loop the entries */
1225+
Handle.Value = 0;
1226+
while ((HandleTableEntry = ExpLookupHandleTableEntry(HandleTable, Handle)))
1227+
{
1228+
/* Validate the entry */
1229+
if ((HandleTableEntry->Object) &&
1230+
(HandleTableEntry->NextFreeTableEntry != -2))
12261231
{
1227-
PHANDLE_TABLE_ENTRY HandleTableEntry;
1228-
EXHANDLE Handle;
1232+
/* Increase of count of handles */
1233+
++HandleInformation->NumberOfHandles;
12291234

1230-
/* Set the initial value and loop the entries */
1231-
Handle.Value = 0;
1232-
while ((HandleTableEntry = ExpLookupHandleTableEntry(HandleTable, Handle)))
1235+
/* Lock the entry */
1236+
if (ExpLockHandleTableEntry(HandleTable, HandleTableEntry))
12331237
{
1234-
/* Validate the entry */
1235-
if ((HandleTableEntry->Object) &&
1236-
(HandleTableEntry->NextFreeTableEntry != -2))
1238+
/* Increase required buffer size */
1239+
*ReqSize += sizeof(SYSTEM_HANDLE_TABLE_ENTRY_INFO);
1240+
1241+
/* Check user's buffer size */
1242+
if (*ReqSize > Size)
12371243
{
1238-
/* Increase of count of handles */
1239-
++HandleInformation->NumberOfHandles;
1240-
1241-
/* Increase required buffer size */
1242-
*ReqSize += sizeof(SYSTEM_HANDLE_TABLE_ENTRY_INFO);
1243-
1244-
/* Check user's buffer size */
1245-
if (*ReqSize > Size)
1246-
{
1247-
Status = STATUS_INFO_LENGTH_MISMATCH;
1248-
break;
1249-
}
1250-
1251-
/* Lock the entry */
1252-
if (ExpLockHandleTableEntry(HandleTable, HandleTableEntry))
1253-
{
1254-
_SEH2_TRY
1255-
{
1256-
POBJECT_HEADER ObjectHeader = ObpGetHandleObject(HandleTableEntry);
1257-
1258-
/* Filling handle information */
1259-
HandleInformation->Handles[Index].UniqueProcessId =
1260-
(USHORT)(ULONG_PTR) HandleTable->UniqueProcessId;
1261-
1262-
HandleInformation->Handles[Index].CreatorBackTraceIndex = 0;
1263-
1264-
HandleInformation->Handles[Index].ObjectTypeIndex =
1265-
(UCHAR) ObjectHeader->Type->Index;
1266-
1267-
HandleInformation->Handles[Index].HandleAttributes =
1268-
HandleTableEntry->ObAttributes & OBJ_HANDLE_ATTRIBUTES;
1269-
1270-
HandleInformation->Handles[Index].HandleValue =
1271-
(USHORT)(ULONG_PTR) Handle.GenericHandleOverlay;
1272-
1273-
HandleInformation->Handles[Index].Object = &ObjectHeader->Body;
1274-
1275-
HandleInformation->Handles[Index].GrantedAccess =
1276-
HandleTableEntry->GrantedAccess;
1277-
1278-
++Index;
1279-
}
1280-
_SEH2_FINALLY
1281-
{
1282-
/* Unlock it */
1283-
ExUnlockHandleTableEntry(HandleTable, HandleTableEntry);
1284-
}
1285-
_SEH2_END;
1286-
}
1244+
Status = STATUS_INFO_LENGTH_MISMATCH;
12871245
}
1246+
else
1247+
{
1248+
POBJECT_HEADER ObjectHeader = ObpGetHandleObject(HandleTableEntry);
12881249

1289-
/* Go to the next entry */
1290-
Handle.Value += sizeof(HANDLE);
1291-
}
1292-
}
1293-
_SEH2_FINALLY
1294-
{
1295-
/* Release the lock */
1296-
ExReleasePushLockExclusive(&HandleTableListLock);
1250+
/* Filling handle information */
1251+
HandleInformation->Handles[Index].UniqueProcessId =
1252+
(USHORT)(ULONG_PTR) HandleTable->UniqueProcessId;
1253+
1254+
HandleInformation->Handles[Index].CreatorBackTraceIndex = 0;
1255+
1256+
#if 0 /* FIXME!!! Type field currupted */
1257+
HandleInformation->Handles[Index].ObjectTypeIndex =
1258+
(UCHAR) ObjectHeader->Type->Index;
1259+
#else
1260+
HandleInformation->Handles[Index].ObjectTypeIndex = 0;
1261+
#endif
12971262

1298-
/* Leave the critical region */
1299-
KeLeaveCriticalRegion();
1263+
HandleInformation->Handles[Index].HandleAttributes =
1264+
HandleTableEntry->ObAttributes & OBJ_HANDLE_ATTRIBUTES;
1265+
1266+
HandleInformation->Handles[Index].HandleValue =
1267+
(USHORT)(ULONG_PTR) Handle.GenericHandleOverlay;
1268+
1269+
HandleInformation->Handles[Index].Object = &ObjectHeader->Body;
1270+
1271+
HandleInformation->Handles[Index].GrantedAccess =
1272+
HandleTableEntry->GrantedAccess;
1273+
1274+
++Index;
1275+
}
1276+
1277+
/* Unlock it */
1278+
ExUnlockHandleTableEntry(HandleTable, HandleTableEntry);
1279+
}
13001280
}
1301-
_SEH2_END;
13021281

1303-
if (!NT_SUCCESS(Status)) break;
1282+
/* Go to the next entry */
1283+
Handle.Value += sizeof(HANDLE);
13041284
}
13051285
}
1306-
_SEH2_FINALLY
1307-
{
1308-
/* Release the locked user buffer */
1309-
ExUnlockUserBuffer(Mdl);
1310-
}
1311-
_SEH2_END;
1286+
1287+
/* Release the lock */
1288+
ExReleasePushLockShared(&HandleTableListLock);
1289+
1290+
/* Leave the critical region */
1291+
KeLeaveCriticalRegion();
1292+
1293+
/* Release the locked user buffer */
1294+
ExUnlockUserBuffer(Mdl);
13121295

13131296
return Status;
13141297
}

0 commit comments

Comments
 (0)