projects
/
reactos.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
b64865f
)
[UDFS] Fix NewCFBName leakage in UDFFirstOpenFile()
author
Victor Martinez
<vicmarcal@gmail.com>
Sat, 17 Aug 2019 13:39:55 +0000
(16:39 +0300)
committer
Victor Perevertkin
<victor@perevertkin.ru>
Sat, 17 Aug 2019 13:49:11 +0000
(16:49 +0300)
CORE-11098
drivers/filesystems/udfs/create.cpp
patch
|
blob
|
history
diff --git
a/drivers/filesystems/udfs/create.cpp
b/drivers/filesystems/udfs/create.cpp
index
3c777e8
..
6455389
100644
(file)
--- a/
drivers/filesystems/udfs/create.cpp
+++ b/
drivers/filesystems/udfs/create.cpp
@@
-2312,7
+2312,10
@@
UDFFirstOpenFile(
((LocalPath->Buffer[LocalPath->Length/sizeof(WCHAR)-1] != L':') /*&&
(LocalPath->Buffer[LocalPath->Length/sizeof(WCHAR)-1] != L'\\')*/) )) {
RC = MyAppendUnicodeToString(&(NewFCBName->ObjectName), L"\\");
((LocalPath->Buffer[LocalPath->Length/sizeof(WCHAR)-1] != L':') /*&&
(LocalPath->Buffer[LocalPath->Length/sizeof(WCHAR)-1] != L'\\')*/) )) {
RC = MyAppendUnicodeToString(&(NewFCBName->ObjectName), L"\\");
- if(!NT_SUCCESS(RC)) return STATUS_INSUFFICIENT_RESOURCES;
+ if(!NT_SUCCESS(RC)) {
+ UDFReleaseObjectName(NewFCBName);
+ return STATUS_INSUFFICIENT_RESOURCES;
+ }
}
// Make link between Fcb and FileInfo
}
// Make link between Fcb and FileInfo
@@
-2321,9
+2324,11
@@
UDFFirstOpenFile(
(*PtrNewFcb)->ParentFcb = RelatedFileInfo->Fcb;
if(!((*PtrNewFcb)->NTRequiredFCB = NewFileInfo->Dloc->CommonFcb)) {
(*PtrNewFcb)->ParentFcb = RelatedFileInfo->Fcb;
if(!((*PtrNewFcb)->NTRequiredFCB = NewFileInfo->Dloc->CommonFcb)) {
- if(!((*PtrNewFcb)->NTRequiredFCB =
- (PtrUDFNTRequiredFCB)MyAllocatePool__(NonPagedPool, UDFQuadAlign(sizeof(UDFNTRequiredFCB))) ) )
+ (*PtrNewFcb)->NTRequiredFCB = (PtrUDFNTRequiredFCB)MyAllocatePool__(NonPagedPool, UDFQuadAlign(sizeof(UDFNTRequiredFCB)));
+ if(!((*PtrNewFcb)->NTRequiredFCB)) {
+ UDFReleaseObjectName(NewFCBName);
return STATUS_INSUFFICIENT_RESOURCES;
return STATUS_INSUFFICIENT_RESOURCES;
+ }
UDFPrint(("UDFAllocateNtReqFCB: %x\n", (*PtrNewFcb)->NTRequiredFCB));
RtlZeroMemory((*PtrNewFcb)->NTRequiredFCB, UDFQuadAlign(sizeof(UDFNTRequiredFCB)));
UDFPrint(("UDFAllocateNtReqFCB: %x\n", (*PtrNewFcb)->NTRequiredFCB));
RtlZeroMemory((*PtrNewFcb)->NTRequiredFCB, UDFQuadAlign(sizeof(UDFNTRequiredFCB)));
@@
-2333,6
+2338,7
@@
UDFFirstOpenFile(
if(!(NewFileInfo->Dloc->CommonFcb->NtReqFCBFlags & UDF_NTREQ_FCB_VALID)) {
(*PtrNewFcb)->NTRequiredFCB = NULL;
BrutePoint();
if(!(NewFileInfo->Dloc->CommonFcb->NtReqFCBFlags & UDF_NTREQ_FCB_VALID)) {
(*PtrNewFcb)->NTRequiredFCB = NULL;
BrutePoint();
+ UDFReleaseObjectName(NewFCBName);
return STATUS_ACCESS_DENIED;
}
}
return STATUS_ACCESS_DENIED;
}
}