Fix heap corruptions and memory leaks in dnsapi

Patch by Samuel Serapión with some modifications by me after discussing it with Art Yerkes

See issue #3387 for more details.

svn path=/trunk/; revision=34297

diff --git a/reactos/dll/win32/dnsapi/dnsapi/context.c b/reactos/dll/win32/dnsapi/dnsapi/context.c
index 7664384..95ef7c6 100644 (file)
--- a/reactos/dll/win32/dnsapi/dnsapi/context.c
+++ b/reactos/dll/win32/dnsapi/dnsapi/context.c
@@ -46,6 +46,12 @@ DNS_STATUS WINAPI DnsAcquireContextHandle_W
     /* For now, don't worry about the user's identity. */
     Context = (PWINDNS_CONTEXT)RtlAllocateHeap( RtlGetProcessHeap(), 0,
                                                sizeof( WINDNS_CONTEXT ) );
     /* For now, don't worry about the user's identity. */
     Context = (PWINDNS_CONTEXT)RtlAllocateHeap( RtlGetProcessHeap(), 0,
                                                sizeof( WINDNS_CONTEXT ) );

+
+    if(!Context){
+        *ContextHandle = 0;
+        return ERROR_OUTOFMEMORY;
+    }
+

     /* The real work here is to create an adns_state that will help us
      * do what we want to later. */
     adns_status = adns_init( &Context->State,
     /* The real work here is to create an adns_state that will help us
      * do what we want to later. */
     adns_status = adns_init( &Context->State,


@@ -55,6 +61,7 @@ DNS_STATUS WINAPI DnsAcquireContextHandle_W
                             0 );
     if( adns_status != adns_s_ok ) {
       *ContextHandle = 0;
                             0 );
     if( adns_status != adns_s_ok ) {
       *ContextHandle = 0;

+      RtlFreeHeap( RtlGetProcessHeap(), 0, Context );

       return DnsIntTranslateAdnsToDNS_STATUS( adns_status );
     } else {
       *ContextHandle = (HANDLE)Context;
       return DnsIntTranslateAdnsToDNS_STATUS( adns_status );
     } else {
       *ContextHandle = (HANDLE)Context;


@@ -115,3 +122,4 @@ void WINAPI DnsReleaseContextHandle
   RtlFreeHeap( RtlGetProcessHeap(), 0, Context );
 }
 
   RtlFreeHeap( RtlGetProcessHeap(), 0, Context );
 }
 

+

diff --git a/reactos/dll/win32/dnsapi/dnsapi/names.c b/reactos/dll/win32/dnsapi/dnsapi/names.c
index d1b1d90..a1c4eea 100644 (file)
--- a/reactos/dll/win32/dnsapi/dnsapi/names.c
+++ b/reactos/dll/win32/dnsapi/dnsapi/names.c
@@ -145,7 +145,7 @@ DNS_STATUS WINAPI DnsValidateName_UTF8
                            sizeof( WCHAR ) * (StrLenWc + 1) );
   mbstowcs( Buffer, Name, StrLenWc + 1 );
   Status = DnsValidateName_W( Buffer, Format );
                            sizeof( WCHAR ) * (StrLenWc + 1) );
   mbstowcs( Buffer, Name, StrLenWc + 1 );
   Status = DnsValidateName_W( Buffer, Format );

-  RtlFreeHeap( GetProcessHeap(), 0, Buffer );
+  RtlFreeHeap( RtlGetProcessHeap(), 0, Buffer );

   
   return Status;
 }
   
   return Status;
 }

diff --git a/reactos/dll/win32/dnsapi/dnsapi/query.c b/reactos/dll/win32/dnsapi/dnsapi/query.c
index 1b901b6..6d559fd 100644 (file)
--- a/reactos/dll/win32/dnsapi/dnsapi/query.c
+++ b/reactos/dll/win32/dnsapi/dnsapi/query.c
@@ -102,14 +102,14 @@ DNS_STATUS WINAPI DnsQuery_A
       if( adns_error != adns_s_ok ) {
         adns_finish( astate );
         if ( CurrentName != Name ) {
       if( adns_error != adns_s_ok ) {
         adns_finish( astate );
         if ( CurrentName != Name ) {

-          RtlFreeHeap( CurrentName, 0, GetProcessHeap() );
+          RtlFreeHeap( RtlGetProcessHeap(), 0, CurrentName );

         }
         return DnsIntTranslateAdnsToDNS_STATUS( adns_error );
       }
 
       if( answer && answer->rrs.addr ) {
         if ( CurrentName != Name ) {
         }
         return DnsIntTranslateAdnsToDNS_STATUS( adns_error );
       }
 
       if( answer && answer->rrs.addr ) {
         if ( CurrentName != Name ) {

-          RtlFreeHeap( CurrentName, 0, GetProcessHeap() );
+          RtlFreeHeap( RtlGetProcessHeap(), 0, CurrentName );

         }
         *QueryResultSet =
           (PDNS_RECORD)RtlAllocateHeap( RtlGetProcessHeap(), 0,
         }
         *QueryResultSet =
           (PDNS_RECORD)RtlAllocateHeap( RtlGetProcessHeap(), 0,


@@ -132,12 +132,12 @@ DNS_STATUS WINAPI DnsQuery_A
            NULL == answer->cname ) {
         adns_finish( astate );
         if ( CurrentName != Name ) {
            NULL == answer->cname ) {
         adns_finish( astate );
         if ( CurrentName != Name ) {

-          RtlFreeHeap( CurrentName, 0, GetProcessHeap() );
+          RtlFreeHeap( RtlGetProcessHeap(), 0, CurrentName );

         }
         return ERROR_FILE_NOT_FOUND;
       }
       if ( CurrentName != Name ) {
         }
         return ERROR_FILE_NOT_FOUND;
       }
       if ( CurrentName != Name ) {

-        RtlFreeHeap( CurrentName, 0, GetProcessHeap() );
+        RtlFreeHeap( RtlGetProcessHeap(), 0, CurrentName );

       }
       CurrentName = xstrsave( answer->cname );
       if ( NULL == CurrentName ) {
       }
       CurrentName = xstrsave( answer->cname );
       if ( NULL == CurrentName ) {


@@ -146,7 +146,7 @@ DNS_STATUS WINAPI DnsQuery_A
       }
     }
     adns_finish( astate );
       }
     }
     adns_finish( astate );

-    RtlFreeHeap( CurrentName, 0, GetProcessHeap() );
+    RtlFreeHeap( RtlGetProcessHeap(), 0, CurrentName );

     return ERROR_FILE_NOT_FOUND;
   default:
     return ERROR_OUTOFMEMORY; /* XXX arty: find a better error code. */
     return ERROR_FILE_NOT_FOUND;
   default:
     return ERROR_OUTOFMEMORY; /* XXX arty: find a better error code. */


@@ -298,8 +298,8 @@ DNS_STATUS WINAPI DnsQuery_UTF8
   PIP4_ARRAY Servers,
   PDNS_RECORD *QueryResultSet,
   PVOID *Reserved ) {
   PIP4_ARRAY Servers,
   PDNS_RECORD *QueryResultSet,
   PVOID *Reserved ) {

-  return DnsQuery_UTF8( Name, Type, Options, Servers, QueryResultSet,
-                       Reserved );
+  UNIMPLEMENTED;
+  return ERROR_OUTOFMEMORY;

 }
 
 void DnsIntFreeRecordList( PDNS_RECORD ToDelete ) {
 }
 
 void DnsIntFreeRecordList( PDNS_RECORD ToDelete ) {