[WINLOGON] Protect function calls to '3rd-party' DLLs by SEH. (reactos#4743)

This includes:
- Notification dll calling in CallNotificationDll().
- winmm.dll API calling (e.g. PlaySound) in PlaySoundRoutine().

Also:
- Fix dwKeyName usage in RegEnumKeyExW() specifying a number of *characters*.

Author: HBelusca

base/system/winlogon/CMakeLists.txt

@@ -21,7 +21,7 @@ list(APPEND SOURCE
 
 add_rc_deps(winlogon.rc ${CMAKE_CURRENT_SOURCE_DIR}/res/winlogon.ico)
 add_executable(winlogon ${SOURCE} winlogon.rc)
-target_link_libraries(winlogon wine)
+target_link_libraries(winlogon wine ${PSEH_LIB})
 set_module_type(winlogon win32gui)
 add_importlibs(winlogon user32 advapi32 userenv secur32 rpcrt4 mpr msvcrt kernel32 ntdll)
 add_pch(winlogon winlogon.h SOURCE)

base/system/winlogon/notify.c

@@ -278,7 +278,7 @@ InitNotifications(VOID)
     dwIndex = 0;
     for(;;)
     {
-        dwKeyName = 80 * sizeof(WCHAR);
+        dwKeyName = ARRAYSIZE(szKeyName);
         lError = RegEnumKeyExW(hNotifyKey,
                                dwIndex,
                                szKeyName,
@@ -312,11 +312,8 @@ CallNotificationDll(
     NOTIFICATION_TYPE Type,
     PWLX_NOTIFICATION_INFO pInfo)
 {
-    HKEY hDllKey = NULL;
-    HMODULE hModule = NULL;
+    HMODULE hModule;
     CHAR szFuncBuffer[128];
-    DWORD dwSize;
-    DWORD dwType;
     DWORD dwError = ERROR_SUCCESS;
     PWLX_NOTIFY_HANDLER pNotifyHandler;
 
@@ -338,6 +335,10 @@ CallNotificationDll(
     }
     else
     {
+        HKEY hDllKey;
+        DWORD dwSize;
+        DWORD dwType;
+
         dwError = RegOpenKeyExW(hNotifyKey,
                                 NotificationDll->pszKeyName,
                                 0,
@@ -356,23 +357,32 @@ CallNotificationDll(
                                    &dwType,
                                    (PBYTE)szFuncBuffer,
                                    &dwSize);
+
+        RegCloseKey(hDllKey);
     }
 
-    if (dwError == ERROR_SUCCESS)
-    {
-        hModule = LoadLibraryW(NotificationDll->pszDllName);
-        if (hModule != NULL)
-        {
-            pNotifyHandler = (PWLX_NOTIFY_HANDLER)GetProcAddress(hModule, szFuncBuffer);
-            if (pNotifyHandler != NULL)
-                pNotifyHandler(pInfo);
+    if (dwError != ERROR_SUCCESS)
+        return;
 
-            FreeLibrary(hModule);
-        }
+    hModule = LoadLibraryW(NotificationDll->pszDllName);
+    if (!hModule)
+        return;
+
+    pNotifyHandler = (PWLX_NOTIFY_HANDLER)GetProcAddress(hModule, szFuncBuffer);
+
+    _SEH2_TRY
+    {
+        if (pNotifyHandler)
+            pNotifyHandler(pInfo);
+    }
+    _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
+    {
+        ERR("WL: Exception while running notification %S!%s, Status 0x%08lx\n",
+            NotificationDll->pszDllName, szFuncBuffer, _SEH2_GetExceptionCode());
     }
+    _SEH2_END;
 
-    if (hDllKey != NULL)
-        RegCloseKey(hDllKey);
+    FreeLibrary(hModule);
 }
 
 

base/system/winlogon/sas.c

@@ -251,30 +251,36 @@ PlaySoundRoutine(
     BOOL Ret = FALSE;
 
     hLibrary = LoadLibraryW(L"winmm.dll");
-    if (hLibrary)
+    if (!hLibrary)
+        return FALSE;
+
+    waveOutGetNumDevs = (WAVEOUTGETNUMDEVS)GetProcAddress(hLibrary, "waveOutGetNumDevs");
+    Play = (PLAYSOUNDW)GetProcAddress(hLibrary, "PlaySoundW");
+
+    _SEH2_TRY
     {
-        waveOutGetNumDevs = (WAVEOUTGETNUMDEVS)GetProcAddress(hLibrary, "waveOutGetNumDevs");
         if (waveOutGetNumDevs)
         {
             NumDevs = waveOutGetNumDevs();
             if (!NumDevs)
             {
                 if (!bLogon)
-                {
                     Beep(440, 125);
-                }
-                FreeLibrary(hLibrary);
-                return FALSE;
+                _SEH2_LEAVE;
             }
         }
 
-        Play = (PLAYSOUNDW)GetProcAddress(hLibrary, "PlaySoundW");
         if (Play)
-        {
             Ret = Play(FileName, NULL, Flags);
-        }
-        FreeLibrary(hLibrary);
     }
+    _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
+    {
+        ERR("WL: Exception while playing sound '%S', Status 0x%08lx\n",
+            FileName ? FileName : L"(n/a)", _SEH2_GetExceptionCode());
+    }
+    _SEH2_END;
+
+    FreeLibrary(hLibrary);
 
     return Ret;
 }

base/system/winlogon/winlogon.h

@@ -26,10 +26,12 @@
 #ifndef __WINLOGON_MAIN_H__
 #define __WINLOGON_MAIN_H__
 
-#include <stdarg.h>
-
 #define USE_GETLASTINPUTINFO
 
+
+#include <stdarg.h>
+
+/* PSDK/NDK Headers */
 #define WIN32_NO_STATUS
 #include <windef.h>
 #include <winbase.h>
@@ -41,6 +43,9 @@
 #include <ndk/exfuncs.h>
 #include <strsafe.h>
 
+/* PSEH for SEH Support */
+#include <pseh/pseh2.h>
+
 #include <reactos/undocuser.h>
 #include <reactos/undocmpr.h>