[NTOS:LPC]

- Capture the ServerView/ClientView *only* when those pointers are not NULL.
- Fix a LpcRequest vs. CapturedLpcRequest in a call to LpcpMoveMessage. Caught by Thomas. CORE-7371 CR-100

svn path=/trunk/; revision=73166

diff --git a/reactos/ntoskrnl/lpc/complete.c b/reactos/ntoskrnl/lpc/complete.c
index 23472ac..30eb700 100644 (file)
--- a/reactos/ntoskrnl/lpc/complete.c
+++ b/reactos/ntoskrnl/lpc/complete.c
@@ -84,7 +84,9 @@ NtAcceptConnectPort(OUT PHANDLE PortHandle,
             ProbeForRead(ReplyMessage + 1, ConnectionInfoLength, 1);
 
             /* The following parameters are optional */
-            if (ServerView != NULL)
+
+            /* Capture the server view */
+            if (ServerView)
             {
                 ProbeForWrite(ServerView, sizeof(*ServerView), sizeof(ULONG));
                 CapturedServerView = *(volatile PORT_VIEW*)ServerView;
@@ -97,7 +99,8 @@ NtAcceptConnectPort(OUT PHANDLE PortHandle,
                 }
             }
 
-            if (ClientView != NULL)
+            /* Capture the client view */
+            if (ClientView)
             {
                 ProbeForWrite(ClientView, sizeof(*ClientView), sizeof(ULONG));
 
@@ -121,19 +124,27 @@ NtAcceptConnectPort(OUT PHANDLE PortHandle,
         CapturedReplyMessage = *ReplyMessage;
         ConnectionInfoLength = CapturedReplyMessage.u1.s1.DataLength;
 
-        /* Validate the size of the server view */
-        if ((ServerView) && (ServerView->Length != sizeof(*ServerView)))
+        /* Capture the server view */
+        if (ServerView)
         {
-            /* Invalid size */
-            return STATUS_INVALID_PARAMETER;
+            /* Validate the size of the server view */
+            if (ServerView->Length != sizeof(*ServerView))
+            {
+                /* Invalid size */
+                return STATUS_INVALID_PARAMETER;
+            }
+            CapturedServerView = *ServerView;
         }
-        CapturedServerView = *ServerView;
 
-        /* Validate the size of the client view */
-        if ((ClientView) && (ClientView->Length != sizeof(*ClientView)))
+        /* Capture the client view */
+        if (ClientView)
         {
-            /* Invalid size */
-            return STATUS_INVALID_PARAMETER;
+            /* Validate the size of the client view */
+            if (ClientView->Length != sizeof(*ClientView))
+            {
+                /* Invalid size */
+                return STATUS_INVALID_PARAMETER;
+            }
         }
     }
 

diff --git a/reactos/ntoskrnl/lpc/connect.c b/reactos/ntoskrnl/lpc/connect.c
index 9e99538..a45468b 100644 (file)
--- a/reactos/ntoskrnl/lpc/connect.c
+++ b/reactos/ntoskrnl/lpc/connect.c
@@ -130,7 +130,7 @@ NtSecureConnectPort(OUT PHANDLE PortHandle,
             /* The following parameters are optional */
 
             /* Capture the client view */
-            if (ClientView != NULL)
+            if (ClientView)
             {
                 ProbeForWrite(ClientView, sizeof(*ClientView), sizeof(ULONG));
                 CapturedClientView = *(volatile PORT_VIEW*)ClientView;
@@ -145,7 +145,7 @@ NtSecureConnectPort(OUT PHANDLE PortHandle,
             }
 
             /* Capture the server view */
-            if (ServerView != NULL)
+            if (ServerView)
             {
                 ProbeForWrite(ServerView, sizeof(*ServerView), sizeof(ULONG));
 
@@ -202,7 +202,7 @@ NtSecureConnectPort(OUT PHANDLE PortHandle,
         /* The following parameters are optional */
 
         /* Capture the client view */
-        if (ClientView != NULL)
+        if (ClientView)
         {
             /* Validate the size of the client view */
             if (ClientView->Length != sizeof(*ClientView))
@@ -214,7 +214,7 @@ NtSecureConnectPort(OUT PHANDLE PortHandle,
         }
 
         /* Capture the server view */
-        if (ServerView != NULL)
+        if (ServerView)
         {
             /* Validate the size of the server view */
             if (ServerView->Length != sizeof(*ServerView))

diff --git a/reactos/ntoskrnl/lpc/send.c b/reactos/ntoskrnl/lpc/send.c
index 74589b9..d6b2206 100644 (file)
--- a/reactos/ntoskrnl/lpc/send.c
+++ b/reactos/ntoskrnl/lpc/send.c
@@ -857,7 +857,7 @@ NtRequestWaitReplyPort(IN HANDLE PortHandle,
 
             /* Copy it */
             LpcpMoveMessage(&Message->Request,
-                            LpcRequest,
+                            &CapturedLpcRequest,
                             LpcRequest + 1,
                             MessageType,
                             &Thread->Cid);