From: Cameron Gutman Date: Mon, 7 Jun 2010 01:50:26 +0000 (+0000) Subject: [MSAFD] X-Git-Tag: backups/header-work@57446~11^2~5 X-Git-Url: https://git.reactos.org/?p=reactos.git;a=commitdiff_plain;h=e91cc9349b2b4c6622371dcb21bd880d5bade722 [MSAFD] - Fix 2 more callers who don't pass a valid lpErrno pointer - Check the return value of WSPSocket - Return WSAEWOULDBLOCK if there are no connections that can be accepted instead of silently returning 0 which is not INVALID_SOCKET so the caller treats it as a valid socket pointer and passes it to other functions which caused wide-spread mayhem since we never checked whether the socket handle the caller passed was valid until my last commit svn path=/trunk/; revision=47652 --- diff --git a/reactos/dll/win32/msafd/misc/dllmain.c b/reactos/dll/win32/msafd/misc/dllmain.c index 1ea4ce7002c..f06b0a508d2 100644 --- a/reactos/dll/win32/msafd/misc/dllmain.c +++ b/reactos/dll/win32/msafd/misc/dllmain.c @@ -1102,12 +1102,17 @@ WSPAccept(SOCKET Handle, Timeout.tv_sec=0; Timeout.tv_usec=0; - WSPSelect(0, &ReadSet, NULL, NULL, &Timeout, NULL); + if (WSPSelect(0, &ReadSet, NULL, NULL, &Timeout, lpErrno) == SOCKET_ERROR) + { + NtClose(SockEvent); + return INVALID_SOCKET; + } if (ReadSet.fd_array[0] != Socket->Handle) { NtClose(SockEvent); - return 0; + *lpErrno = WSAEWOULDBLOCK; + return INVALID_SOCKET; } /* Send IOCTL */ @@ -1345,7 +1350,9 @@ WSPAccept(SOCKET Handle, &ProtocolInfo, GroupID, Socket->SharedData.CreateFlags, - NULL); + lpErrno); + if (AcceptSocket == INVALID_SOCKET) + return INVALID_SOCKET; /* Set up the Accept Structure */ AcceptData.ListenHandle = (HANDLE)AcceptSocket; diff --git a/reactos/dll/win32/msafd/misc/sndrcv.c b/reactos/dll/win32/msafd/misc/sndrcv.c index db26a367101..557fdae910e 100644 --- a/reactos/dll/win32/msafd/misc/sndrcv.c +++ b/reactos/dll/win32/msafd/misc/sndrcv.c @@ -51,7 +51,11 @@ WSPAsyncSelect(IN SOCKET Handle, /* Deactive WSPEventSelect */ if (Socket->SharedData.AsyncEvents) { - WSPEventSelect(Handle, NULL, 0, NULL); + if (WSPEventSelect(Handle, NULL, 0, lpErrno) == SOCKET_ERROR) + { + HeapFree(GetProcessHeap(), 0, AsyncData); + return SOCKET_ERROR; + } } /* Create the Asynch Thread if Needed */