projects / reactos.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 21cd59b)
[NTOS/PS]
authorJérôme Gardou <jerome.gardou@reactos.org>
Mon, 3 Nov 2014 09:52:08 +0000 (09:52 +0000)
committerJérôme Gardou <jerome.gardou@reactos.org>
Mon, 3 Nov 2014 09:52:08 +0000 (09:52 +0000)
 - Do not leak a reference to the process object when setting quotas.

svn path=/trunk/; revision=65210

reactos/ntoskrnl/include/internal/ps.h patch | blob | history
reactos/ntoskrnl/ps/query.c patch | blob | history
reactos/ntoskrnl/ps/quota.c patch | blob | history

diff --git a/reactos/ntoskrnl/include/internal/ps.h b/reactos/ntoskrnl/include/internal/ps.h
index 67506f8..5ea1e0e 100644 (file)
--- a/reactos/ntoskrnl/include/internal/ps.h
+++ b/reactos/ntoskrnl/include/internal/ps.h
@@ -303,7 +303,7 @@ PspDestroyQuotaBlock(
 NTSTATUS
 NTAPI
 PspSetQuotaLimits(
-    _In_ HANDLE ProcessHandle,
+    _In_ PEPROCESS Process,
     _In_ ULONG Unused,
     _In_ PVOID QuotaLimits,
     _In_ ULONG QuotaLimitsLength,
diff --git a/reactos/ntoskrnl/ps/query.c b/reactos/ntoskrnl/ps/query.c
index b370191..a6a4e29 100644 (file)
--- a/reactos/ntoskrnl/ps/query.c
+++ b/reactos/ntoskrnl/ps/query.c
@@ -1528,6 +1528,7 @@ NtSetInformationProcess(IN HANDLE ProcessHandle,
             /* Validate the number */
             if ((BasePriority > HIGH_PRIORITY) || (BasePriority <= LOW_PRIORITY))
             {
+                ObDereferenceObject(Process);
                 return STATUS_INVALID_PARAMETER;
             }
 
@@ -1918,11 +1919,12 @@ NtSetInformationProcess(IN HANDLE ProcessHandle,
 
         case ProcessQuotaLimits:
 
-            return PspSetQuotaLimits(ProcessHandle,
+            Status = PspSetQuotaLimits(Process,
                                      1,
                                      ProcessInformation,
                                      ProcessInformationLength,
                                      PreviousMode);
+            break;
 
         case ProcessWorkingSetWatch:
             DPRINT1("WS watch not implemented\n");
diff --git a/reactos/ntoskrnl/ps/quota.c b/reactos/ntoskrnl/ps/quota.c
index beba4d0..d5b3060 100644 (file)
--- a/reactos/ntoskrnl/ps/quota.c
+++ b/reactos/ntoskrnl/ps/quota.c
@@ -292,14 +292,13 @@ PsReturnProcessPageFileQuota(IN PEPROCESS Process,
 NTSTATUS
 NTAPI
 PspSetQuotaLimits(
-    _In_ HANDLE ProcessHandle,
+    _In_ PEPROCESS Process,
     _In_ ULONG Unused,
     _In_ PVOID QuotaLimits,
     _In_ ULONG QuotaLimitsLength,
     _In_ KPROCESSOR_MODE PreviousMode)
 {
     QUOTA_LIMITS_EX CapturedQuotaLimits;
-    PEPROCESS Process;
     PEPROCESS_QUOTA_BLOCK QuotaBlock, OldQuotaBlock;
     BOOLEAN IncreaseOkay;
     KAPC_STATE SavedApcState;
@@ -368,19 +367,6 @@ PspSetQuotaLimits(
     }
     _SEH2_END;
 
-    /* Reference the process */
-    Status = ObReferenceObjectByHandle(ProcessHandle,
-                                       PROCESS_SET_QUOTA,
-                                       PsProcessType,
-                                       PreviousMode,
-                                       (PVOID*)&Process,
-                                       NULL);
-    if (!NT_SUCCESS(Status))
-    {
-        DPRINT1("Failed to reference process handle: 0x%lx\n", Status);
-        return Status;
-    }
-
     /* Check the caller changes the working set size limits */
     if ((CapturedQuotaLimits.MinimumWorkingSetSize != 0) &&
         (CapturedQuotaLimits.MaximumWorkingSetSize != 0))
@@ -418,7 +404,6 @@ PspSetQuotaLimits(
         /* Check if the caller has the required privilege */
         if (!SeSinglePrivilegeCheck(SeIncreaseQuotaPrivilege, PreviousMode))
         {
-            ObDereferenceObject(Process);
             return STATUS_PRIVILEGE_NOT_HELD;
         }
 
@@ -460,8 +445,6 @@ PspSetQuotaLimits(
         Status = STATUS_SUCCESS;
     }
 
-    /* Dereference the process and return the status */
-    ObDereferenceObject(Process);
     return Status;
 }
 
A free Windows-compatible Operating System