#define NDEBUG
#include <internal/debug.h>
-/* GLOBALS *******************************************************************/
-
-#define TAG_LPC_CONNECT_MESSAGE TAG('L', 'P', 'C', 'C')
-
/* FUNCTIONS *****************************************************************/
/**********************************************************************
/*
* Initialize the request message.
*/
- RequestMessage->MessageHeader.DataSize =
+ RequestMessage->MessageHeader.u1.s1.DataLength =
sizeof(EPORT_CONNECT_REQUEST_MESSAGE) + RequestConnectDataLength -
- sizeof(LPC_MESSAGE);
- RequestMessage->MessageHeader.MessageSize =
+ sizeof(PORT_MESSAGE);
+ RequestMessage->MessageHeader.u1.s1.TotalLength =
sizeof(EPORT_CONNECT_REQUEST_MESSAGE) + RequestConnectDataLength;
DPRINT("RequestMessageSize %d\n",
- RequestMessage->MessageHeader.MessageSize);
- RequestMessage->MessageHeader.SectionSize = 0;
+ RequestMessage->MessageHeader.u1.s1.TotalLength);
+ RequestMessage->MessageHeader.ClientViewSize = 0;
RequestMessage->ConnectingProcess = PsGetCurrentProcess();
ObReferenceObjectByPointer(RequestMessage->ConnectingProcess,
PROCESS_VM_OPERATION,
/*
* Check for connection refusal.
*/
- if (CReply->MessageHeader.MessageType == LPC_CONNECTION_REFUSED)
+ if (CReply->MessageHeader.u2.s2.Type == LPC_CONNECTION_REFUSED)
{
ObDereferenceObject(OurPort);
ExFreePool(Reply);
NtConnectPort (PHANDLE UnsafeConnectedPortHandle,
PUNICODE_STRING PortName,
PSECURITY_QUALITY_OF_SERVICE Qos,
- PLPC_SECTION_WRITE UnsafeWriteMap,
- PLPC_SECTION_READ UnsafeReadMap,
+ PPORT_VIEW UnsafeWriteMap,
+ PREMOTE_PORT_VIEW UnsafeReadMap,
PULONG UnsafeMaximumMessageSize,
PVOID UnsafeConnectData,
PULONG UnsafeConnectDataLength)
{
HANDLE ConnectedPortHandle;
- LPC_SECTION_WRITE WriteMap;
- LPC_SECTION_READ ReadMap;
+ PORT_VIEW WriteMap;
+ REMOTE_PORT_VIEW ReadMap;
ULONG MaximumMessageSize;
- PVOID ConnectData;
- ULONG ConnectDataLength;
+ PVOID ConnectData = NULL;
+ ULONG ConnectDataLength = 0;
PSECTION_OBJECT SectionObject;
LARGE_INTEGER SectionOffset;
PEPORT ConnectedPort;
- NTSTATUS Status;
+ KPROCESSOR_MODE PreviousMode;
+ NTSTATUS Status = STATUS_SUCCESS;
PEPORT NamedPort;
+
+ PreviousMode = ExGetPreviousMode();
+
+ if (PreviousMode != KernelMode)
+ {
+ _SEH_TRY
+ {
+ ProbeForWriteHandle(UnsafeConnectedPortHandle);
+ if (UnsafeMaximumMessageSize != NULL)
+ {
+ ProbeForWriteUlong(UnsafeMaximumMessageSize);
+ }
+ }
+ _SEH_HANDLE
+ {
+ Status = _SEH_GetExceptionCode();
+ }
+ _SEH_END;
+
+ if (!NT_SUCCESS(Status))
+ {
+ return Status;
+ }
+ }
/*
* Copy in write map and partially validate.
*/
if (UnsafeWriteMap != NULL)
{
- Status = MmCopyFromCaller(&WriteMap,
- UnsafeWriteMap,
- sizeof(LPC_SECTION_WRITE));
- if (!NT_SUCCESS(Status))
- {
- return(Status);
- }
- if (WriteMap.Length != sizeof(LPC_SECTION_WRITE))
+ if (PreviousMode != KernelMode)
+ {
+ _SEH_TRY
+ {
+ ProbeForWrite(UnsafeWriteMap,
+ sizeof(PORT_VIEW),
+ 1);
+ RtlCopyMemory(&WriteMap,
+ UnsafeWriteMap,
+ sizeof(PORT_VIEW));
+ }
+ _SEH_HANDLE
+ {
+ Status = _SEH_GetExceptionCode();
+ }
+ _SEH_END;
+
+ if (!NT_SUCCESS(Status))
+ {
+ return Status;
+ }
+ }
+ else
+ {
+ RtlCopyMemory(&WriteMap,
+ UnsafeWriteMap,
+ sizeof(PORT_VIEW));
+ }
+
+ if (WriteMap.Length != sizeof(PORT_VIEW))
{
return(STATUS_INVALID_PARAMETER_4);
}
/*
* Handle connection data.
*/
- if (UnsafeConnectData == NULL)
- {
- ConnectDataLength = 0;
- ConnectData = NULL;
- }
- else
- {
- if (ExGetPreviousMode() == KernelMode)
- {
- ConnectDataLength = *UnsafeConnectDataLength;
- ConnectData = UnsafeConnectData;
- }
+ if (UnsafeConnectData)
+ {
+ if (PreviousMode != KernelMode)
+ {
+ _SEH_TRY
+ {
+ ConnectDataLength = ProbeForReadUlong(UnsafeConnectDataLength);
+ }
+ _SEH_HANDLE
+ {
+ Status = _SEH_GetExceptionCode();
+ }
+ _SEH_END;
+
+ if (!NT_SUCCESS(Status))
+ {
+ return Status;
+ }
+ }
else
- {
- Status = MmCopyFromCaller(&ConnectDataLength,
- UnsafeConnectDataLength,
- sizeof(ULONG));
- if (!NT_SUCCESS(Status))
- {
- return(Status);
- }
- ConnectData = ExAllocatePool(NonPagedPool, ConnectDataLength);
- if (ConnectData == NULL && ConnectDataLength != 0)
- {
- return(STATUS_NO_MEMORY);
- }
- Status = MmCopyFromCaller(ConnectData,
- UnsafeConnectData,
- ConnectDataLength);
- if (!NT_SUCCESS(Status))
- {
- ExFreePool(ConnectData);
- return(Status);
- }
- }
+ {
+ ConnectDataLength = *UnsafeConnectDataLength;
+ }
+
+ if (ConnectDataLength != 0)
+ {
+ ConnectData = ExAllocatePool(NonPagedPool, ConnectDataLength);
+ if (ConnectData == NULL)
+ {
+ return(STATUS_NO_MEMORY);
+ }
+
+ if (PreviousMode != KernelMode)
+ {
+ _SEH_TRY
+ {
+ ProbeForWriteUlong(UnsafeConnectData);
+ RtlCopyMemory(ConnectData,
+ UnsafeConnectData,
+ ConnectDataLength);
+ }
+ _SEH_HANDLE
+ {
+ Status = _SEH_GetExceptionCode();
+ }
+ _SEH_END;
+
+ if (!NT_SUCCESS(Status))
+ {
+ ExFreePool(ConnectData);
+ return Status;
+ }
+ }
+ else
+ {
+ RtlCopyMemory(ConnectData,
+ UnsafeConnectData,
+ ConnectDataLength);
+ }
+ }
}
/*
NULL,
PORT_ALL_ACCESS, /* DesiredAccess */
LpcPortObjectType,
- UserMode,
+ PreviousMode,
NULL,
(PVOID*)&NamedPort);
if (!NT_SUCCESS(Status))
Status = ObReferenceObjectByHandle(WriteMap.SectionHandle,
SECTION_MAP_READ | SECTION_MAP_WRITE,
MmSectionObjectType,
- UserMode,
+ PreviousMode,
(PVOID*)&SectionObject,
NULL);
if (!NT_SUCCESS(Status))
SectionOffset,
WriteMap.ViewSize,
&WriteMap.ViewBase,
- &WriteMap.TargetViewBase,
+ &WriteMap.ViewRemoteBase,
&ReadMap.ViewSize,
&ReadMap.ViewBase,
&MaximumMessageSize,
/* FIXME: Again, check what NT does here. */
if (UnsafeConnectDataLength != NULL)
{
- if (ExGetPreviousMode() != KernelMode)
+ if (PreviousMode != KernelMode)
{
- MmCopyToCaller(UnsafeConnectData,
- ConnectData,
- ConnectDataLength);
- ExFreePool(ConnectData);
+ _SEH_TRY
+ {
+ RtlCopyMemory(UnsafeConnectData,
+ ConnectData,
+ ConnectDataLength);
+ *UnsafeConnectDataLength = ConnectDataLength;
+ }
+ _SEH_HANDLE
+ {
+ Status = _SEH_GetExceptionCode();
+ }
+ _SEH_END;
+ }
+ else
+ {
+ RtlCopyMemory(UnsafeConnectData,
+ ConnectData,
+ ConnectDataLength);
+ *UnsafeConnectDataLength = ConnectDataLength;
}
- MmCopyToCaller(UnsafeConnectDataLength,
- &ConnectDataLength,
- sizeof(ULONG));
+
+ ExFreePool(ConnectData);
}
return(Status);
}
/*
* Copy the data back to the caller.
*/
- if (ExGetPreviousMode() != KernelMode)
+
+ if (UnsafeConnectDataLength != NULL)
{
- if (UnsafeConnectDataLength != NULL)
+ if (PreviousMode != KernelMode)
{
- Status = MmCopyToCaller(UnsafeConnectDataLength,
- &ConnectDataLength,
- sizeof(ULONG));
+ _SEH_TRY
+ {
+ *UnsafeConnectDataLength = ConnectDataLength;
+
+ if (ConnectData != NULL)
+ {
+ RtlCopyMemory(UnsafeConnectData,
+ ConnectData,
+ ConnectDataLength);
+ }
+ }
+ _SEH_HANDLE
+ {
+ Status = _SEH_GetExceptionCode();
+ }
+ _SEH_END;
+
if (!NT_SUCCESS(Status))
{
- return(Status);
+ if (ConnectData != NULL)
+ {
+ ExFreePool(ConnectData);
+ }
+ return(Status);
}
}
- if (UnsafeConnectData != NULL && ConnectData != NULL)
+ else
+ {
+ *UnsafeConnectDataLength = ConnectDataLength;
+
+ if (ConnectData != NULL)
+ {
+ RtlCopyMemory(UnsafeConnectData,
+ ConnectData,
+ ConnectDataLength);
+ }
+ }
+
+ if (ConnectData != NULL)
{
- Status = MmCopyToCaller(UnsafeConnectData,
- ConnectData,
- ConnectDataLength);
ExFreePool(ConnectData);
- if (!NT_SUCCESS(Status))
- {
- return(Status);
- }
}
}
Status = ObInsertObject(ConnectedPort,
{
return(Status);
}
- Status = MmCopyToCaller(UnsafeConnectedPortHandle,
- &ConnectedPortHandle,
- sizeof(HANDLE));
- if (!NT_SUCCESS(Status))
- {
- return(Status);
- }
- if (UnsafeWriteMap != NULL)
- {
- Status = MmCopyToCaller(UnsafeWriteMap,
- &WriteMap,
- sizeof(LPC_SECTION_WRITE));
- if (!NT_SUCCESS(Status))
- {
- return(Status);
- }
- }
- if (UnsafeReadMap != NULL)
- {
- Status = MmCopyToCaller(UnsafeReadMap,
- &ReadMap,
- sizeof(LPC_SECTION_READ));
+
+ if (PreviousMode != KernelMode)
+ {
+ _SEH_TRY
+ {
+ *UnsafeConnectedPortHandle = ConnectedPortHandle;
+
+ if (UnsafeWriteMap != NULL)
+ {
+ RtlCopyMemory(UnsafeWriteMap,
+ &WriteMap,
+ sizeof(PORT_VIEW));
+ }
+
+ if (UnsafeReadMap != NULL)
+ {
+ RtlCopyMemory(UnsafeReadMap,
+ &ReadMap,
+ sizeof(REMOTE_PORT_VIEW));
+ }
+
+ if (UnsafeMaximumMessageSize != NULL)
+ {
+ *UnsafeMaximumMessageSize = MaximumMessageSize;
+ }
+ }
+ _SEH_HANDLE
+ {
+ Status = _SEH_GetExceptionCode();
+ }
+ _SEH_END;
+
if (!NT_SUCCESS(Status))
- {
- return(Status);
- }
+ {
+ return Status;
+ }
}
- if (UnsafeMaximumMessageSize != NULL)
+ else
{
- Status = MmCopyToCaller(UnsafeMaximumMessageSize,
- &MaximumMessageSize,
- sizeof(ULONG));
- if (!NT_SUCCESS(Status))
- {
- return(Status);
- }
+ *UnsafeConnectedPortHandle = ConnectedPortHandle;
+
+ if (UnsafeWriteMap != NULL)
+ {
+ RtlCopyMemory(UnsafeWriteMap,
+ &WriteMap,
+ sizeof(PORT_VIEW));
+ }
+
+ if (UnsafeReadMap != NULL)
+ {
+ RtlCopyMemory(UnsafeReadMap,
+ &ReadMap,
+ sizeof(REMOTE_PORT_VIEW));
+ }
+
+ if (UnsafeMaximumMessageSize != NULL)
+ {
+ *UnsafeMaximumMessageSize = MaximumMessageSize;
+ }
}
/*
/*EXPORTED*/ NTSTATUS STDCALL
NtAcceptConnectPort (PHANDLE ServerPortHandle,
HANDLE NamedPortHandle,
- PLPC_MESSAGE LpcMessage,
+ PPORT_MESSAGE LpcMessage,
BOOLEAN AcceptIt,
- PLPC_SECTION_WRITE WriteMap,
- PLPC_SECTION_READ ReadMap)
+ PPORT_VIEW WriteMap,
+ PREMOTE_PORT_VIEW ReadMap)
{
NTSTATUS Status;
PEPORT NamedPort;
PEPORT_CONNECT_REQUEST_MESSAGE CRequest;
PEPORT_CONNECT_REPLY_MESSAGE CReply;
ULONG Size;
+ KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
Size = sizeof(EPORT_CONNECT_REPLY_MESSAGE);
if (LpcMessage)
{
- Size += LpcMessage->DataSize;
+ Size += LpcMessage->u1.s1.DataLength;
}
CReply = ExAllocatePool(NonPagedPool, Size);
Status = ObReferenceObjectByHandle(NamedPortHandle,
PORT_ALL_ACCESS,
LpcPortObjectType,
- UserMode,
+ PreviousMode,
(PVOID*)&NamedPort,
NULL);
if (!NT_SUCCESS(Status))
*/
if (AcceptIt)
{
- Status = ObCreateObject(ExGetPreviousMode(),
+ Status = ObCreateObject(PreviousMode,
LpcPortObjectType,
NULL,
- ExGetPreviousMode(),
+ PreviousMode,
NULL,
sizeof(EPORT),
0,
*/
if (LpcMessage != NULL)
{
- memcpy(&CReply->MessageHeader, LpcMessage, sizeof(LPC_MESSAGE));
+ memcpy(&CReply->MessageHeader, LpcMessage, sizeof(PORT_MESSAGE));
memcpy(&CReply->ConnectData, (PVOID)(LpcMessage + 1),
- LpcMessage->DataSize);
- CReply->MessageHeader.MessageSize =
- sizeof(EPORT_CONNECT_REPLY_MESSAGE) + LpcMessage->DataSize;
- CReply->MessageHeader.DataSize = CReply->MessageHeader.MessageSize -
- sizeof(LPC_MESSAGE);
- CReply->ConnectDataLength = LpcMessage->DataSize;
+ LpcMessage->u1.s1.DataLength);
+ CReply->MessageHeader.u1.s1.TotalLength =
+ sizeof(EPORT_CONNECT_REPLY_MESSAGE) + LpcMessage->u1.s1.DataLength;
+ CReply->MessageHeader.u1.s1.DataLength = CReply->MessageHeader.u1.s1.TotalLength -
+ sizeof(PORT_MESSAGE);
+ CReply->ConnectDataLength = LpcMessage->u1.s1.DataLength;
}
else
{
- CReply->MessageHeader.MessageSize = sizeof(EPORT_CONNECT_REPLY_MESSAGE);
- CReply->MessageHeader.DataSize = sizeof(EPORT_CONNECT_REPLY_MESSAGE) -
- sizeof(LPC_MESSAGE);
+ CReply->MessageHeader.u1.s1.TotalLength = sizeof(EPORT_CONNECT_REPLY_MESSAGE);
+ CReply->MessageHeader.u1.s1.DataLength = sizeof(EPORT_CONNECT_REPLY_MESSAGE) -
+ sizeof(PORT_MESSAGE);
CReply->ConnectDataLength = 0;
}
if (!AcceptIt)
Status = ObReferenceObjectByHandle(WriteMap->SectionHandle,
SECTION_MAP_READ | SECTION_MAP_WRITE,
MmSectionObjectType,
- UserMode,
+ PreviousMode,
(PVOID*)&SectionObject,
NULL);
if (!NT_SUCCESS(Status))
}
SectionOffset.QuadPart = WriteMap->SectionOffset;
- WriteMap->TargetViewBase = 0;
+ WriteMap->ViewRemoteBase = 0;
CReply->ReceiveClientViewSize = WriteMap->ViewSize;
Status = MmMapViewOfSection(SectionObject,
CRequest->ConnectingProcess,
- &WriteMap->TargetViewBase,
+ &WriteMap->ViewRemoteBase,
0,
CReply->ReceiveClientViewSize,
&SectionOffset,
}
if (WriteMap != NULL)
{
- CReply->ReceiveClientViewBase = WriteMap->TargetViewBase;
+ CReply->ReceiveClientViewBase = WriteMap->ViewRemoteBase;
}
- CReply->MaximumMessageSize = PORT_MAX_MESSAGE_LENGTH;
+ CReply->MaximumMessageSize = LPC_MAX_MESSAGE_LENGTH;
/*
OurPort->OtherPort = ConnectionRequest->Sender;
OurPort->OtherPort->OtherPort = OurPort;
EiReplyOrRequestPort(ConnectionRequest->Sender,
- (PLPC_MESSAGE)CReply,
+ (PPORT_MESSAGE)CReply,
LPC_REPLY,
OurPort);
ExFreePool(ConnectionRequest);
NtSecureConnectPort (OUT PHANDLE ConnectedPort,
IN PUNICODE_STRING PortName,
IN PSECURITY_QUALITY_OF_SERVICE Qos,
- IN OUT PLPC_SECTION_WRITE WriteMap OPTIONAL,
+ IN OUT PPORT_VIEW WriteMap OPTIONAL,
IN PSID ServerSid OPTIONAL,
- IN OUT PLPC_SECTION_READ ReadMap OPTIONAL,
+ IN OUT PREMOTE_PORT_VIEW ReadMap OPTIONAL,
OUT PULONG MaxMessageSize OPTIONAL,
IN OUT PVOID ConnectInfo OPTIONAL,
IN OUT PULONG UserConnectInfoLength OPTIONAL)