Check for failed allocations. Spotted by Martin Bealby.
authorFilip Navara <filip.navara@gmail.com>
Mon, 12 Dec 2005 19:23:52 +0000 (19:23 +0000)
committerFilip Navara <filip.navara@gmail.com>
Mon, 12 Dec 2005 19:23:52 +0000 (19:23 +0000)
svn path=/trunk/; revision=20106

reactos/lib/ntdll/csr/capture.c
reactos/lib/ntdll/csr/connect.c
reactos/lib/ntdll/ldr/startup.c
reactos/lib/ntdll/ldr/utils.c

index b42124c..fd48ed4 100644 (file)
@@ -95,6 +95,7 @@ CsrAllocateCaptureBuffer(ULONG ArgumentCount,
 
     /* Allocate memory from the port heap */
     CaptureBuffer = RtlAllocateHeap(CsrPortHeap, 0, BufferSize);
+    if (CaptureBuffer == NULL) return NULL;
 
     /* Initialize the header */
     CaptureBuffer->Size = BufferSize;
index 8421894..7f3e787 100644 (file)
@@ -203,6 +203,10 @@ CsrConnectToServer(IN PWSTR ObjectDirectory)
 
     /* Allocate a buffer for it */
     PortName.Buffer = RtlAllocateHeap(RtlGetProcessHeap(), 0, PortNameLength);
+    if (PortName.Buffer == NULL)
+    {
+        return STATUS_INSUFFICIENT_RESOURCES;
+    }
 
     /* Create the name */
     RtlAppendUnicodeToString(&PortName, ObjectDirectory );
@@ -255,6 +259,13 @@ CsrConnectToServer(IN PWSTR ObjectDirectory)
                                           0,
                                           0,
                                           &SystemSid);
+    if (!NT_SUCCESS(Status))
+    {
+        /* Failure */
+        DPRINT1("Couldn't allocate SID\n");
+        NtClose(CsrSectionHandle);
+        return Status;
+    }
 
     /* Connect to the port */
     Status = NtSecureConnectPort(&CsrApiPort,
@@ -293,6 +304,12 @@ CsrConnectToServer(IN PWSTR ObjectDirectory)
                                 PAGE_SIZE,
                                 0,
                                 0);
+    if (CsrPortHeap == NULL)
+    {
+        NtClose(CsrApiPort);
+        CsrApiPort = NULL;
+        return STATUS_INSUFFICIENT_RESOURCES;
+    }
 
     /* Return success */
     return STATUS_SUCCESS;
@@ -399,6 +416,10 @@ CsrClientConnectToServer(PWSTR ObjectDirectory,
         /* Setup a buffer for the connection info */
         CaptureBuffer = CsrAllocateCaptureBuffer(1,
                                                  ClientConnect->ConnectionInfoSize);
+        if (CaptureBuffer == NULL)
+        {
+            return STATUS_INSUFFICIENT_RESOURCES;
+        }
 
         /* Allocate a pointer for the connection info*/
         CsrAllocateMessagePointer(CaptureBuffer,
index 443a81d..7cfcbb4 100644 (file)
@@ -266,7 +266,7 @@ LdrpInit(PCONTEXT Context,
        if (ImageBase <= (PVOID)0x1000)
          {
            DPRINT("ImageBase is null\n");
-           ZwTerminateProcess(NtCurrentProcess(), STATUS_UNSUCCESSFUL);
+           ZwTerminateProcess(NtCurrentProcess(), STATUS_INVALID_IMAGE_FORMAT);
          }
 
        /*  If MZ header exists  */
@@ -278,7 +278,7 @@ LdrpInit(PCONTEXT Context,
            *(PULONG)((PUCHAR)ImageBase + PEDosHeader->e_lfanew) != IMAGE_NT_SIGNATURE)
          {
            DPRINT1("Image has bad header\n");
-           ZwTerminateProcess(NtCurrentProcess(), STATUS_UNSUCCESSFUL);
+           ZwTerminateProcess(NtCurrentProcess(), STATUS_INVALID_IMAGE_FORMAT);
          }
 
        /* normalize process parameters */
@@ -321,7 +321,7 @@ LdrpInit(PCONTEXT Context,
        if (Peb->ProcessHeap == 0)
          {
            DPRINT1("Failed to create process heap\n");
-           ZwTerminateProcess(NtCurrentProcess(),STATUS_UNSUCCESSFUL);
+           ZwTerminateProcess(NtCurrentProcess(), STATUS_INSUFFICIENT_RESOURCES);
          }
 
        /* initialized vectored exception handling */
@@ -345,6 +345,11 @@ LdrpInit(PCONTEXT Context,
          RtlAllocateHeap(RtlGetProcessHeap(),
                          0,
                          sizeof(PVOID) * (USER32_CALLBACK_MAXIMUM + 1));
+       if (Peb->KernelCallbackTable == NULL)
+         {
+           DPRINT1("Failed to create callback table\n");
+           ZwTerminateProcess(NtCurrentProcess(),STATUS_INSUFFICIENT_RESOURCES);
+         }
 
        /* initalize loader lock */
        RtlInitializeCriticalSection (&LoaderLock);
@@ -357,7 +362,7 @@ LdrpInit(PCONTEXT Context,
        if (Peb->Ldr == NULL)
          {
            DPRINT1("Failed to create loader data\n");
-           ZwTerminateProcess(NtCurrentProcess(),STATUS_UNSUCCESSFUL);
+           ZwTerminateProcess(NtCurrentProcess(), STATUS_INSUFFICIENT_RESOURCES);
          }
        Peb->Ldr->Length = sizeof(PEB_LDR_DATA);
        Peb->Ldr->Initialized = FALSE;
@@ -383,7 +388,7 @@ LdrpInit(PCONTEXT Context,
        if (NtModule == NULL)
          {
            DPRINT1("Failed to create loader module entry (NTDLL)\n");
-           ZwTerminateProcess(NtCurrentProcess(),STATUS_UNSUCCESSFUL);
+           ZwTerminateProcess(NtCurrentProcess(), STATUS_INSUFFICIENT_RESOURCES);
         }
        memset(NtModule, 0, sizeof(LDR_DATA_TABLE_ENTRY));
 
@@ -422,7 +427,7 @@ LdrpInit(PCONTEXT Context,
        if (ExeModule == NULL)
          {
            DPRINT1("Failed to create loader module infomation\n");
-           ZwTerminateProcess(NtCurrentProcess(),STATUS_UNSUCCESSFUL);
+           ZwTerminateProcess(NtCurrentProcess(), STATUS_INSUFFICIENT_RESOURCES);
          }
        ExeModule->DllBase = Peb->ImageBaseAddress;
 
@@ -473,7 +478,7 @@ LdrpInit(PCONTEXT Context,
        if (EntryPoint == NULL)
          {
            DPRINT1("Failed to initialize image\n");
-           ZwTerminateProcess(NtCurrentProcess(),STATUS_UNSUCCESSFUL);
+           ZwTerminateProcess(NtCurrentProcess(), STATUS_INVALID_IMAGE_FORMAT);
          }
      }
    /* attach the thread */
index 15fae4c..76cabd3 100644 (file)
@@ -2986,6 +2986,11 @@ LdrQueryImageFileExecutionOptions (IN PUNICODE_STRING SubKey,
   KeyInfo = RtlAllocateHeap (RtlGetProcessHeap(),
                              HEAP_ZERO_MEMORY,
                              KeyInfoSize);
+  if (KeyInfo == NULL)
+    {
+      NtClose (KeyHandle);
+      return STATUS_INSUFFICIENT_RESOURCES;
+    }
 
   RtlInitUnicodeString (&ValueNameString,
                         (PWSTR)ValueName);
@@ -3007,7 +3012,7 @@ LdrQueryImageFileExecutionOptions (IN PUNICODE_STRING SubKey,
       if (KeyInfo == NULL)
         {
           NtClose (KeyHandle);
-          return Status;
+          return STATUS_INSUFFICIENT_RESOURCES;
         }
 
       Status = NtQueryValueKey (KeyHandle,