From 3a292fe93da344650e4187e33a9b6cc090675dff Mon Sep 17 00:00:00 2001 From: Hartmut Birr Date: Sat, 10 Sep 2005 22:35:08 +0000 Subject: [PATCH] - Acquire the temporary buffer from non paged pool in NtQueryDirectoryObject, because the buffer is accessed at DPC_LEVEL. - Do always add an empty entry at the end of the buffer svn path=/trunk/; revision=17789 --- reactos/ntoskrnl/ob/dirobj.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/reactos/ntoskrnl/ob/dirobj.c b/reactos/ntoskrnl/ob/dirobj.c index 35f69471a65..e2558f05614 100644 --- a/reactos/ntoskrnl/ob/dirobj.c +++ b/reactos/ntoskrnl/ob/dirobj.c @@ -219,14 +219,14 @@ NtQueryDirectoryObject (IN HANDLE DirectoryHandle, NULL); if(NT_SUCCESS(Status)) { - PVOID TemporaryBuffer = ExAllocatePool(PagedPool, + PVOID TemporaryBuffer = ExAllocatePool(NonPagedPool, BufferLength); if(TemporaryBuffer != NULL) { POBJECT_HEADER EntryHeader; PLIST_ENTRY ListEntry; KIRQL OldLevel; - ULONG RequiredSize = 0; + ULONG RequiredSize = sizeof(OBJECT_DIRECTORY_INFORMATION); ULONG nDirectories = 0; POBJECT_DIRECTORY_INFORMATION DirInfo = (POBJECT_DIRECTORY_INFORMATION)TemporaryBuffer; @@ -315,10 +315,11 @@ NtQueryDirectoryObject (IN HANDLE DirectoryHandle, if(NT_SUCCESS(Status) && nDirectories > 0) { - PWSTR strbuf = (PWSTR)((POBJECT_DIRECTORY_INFORMATION)TemporaryBuffer + nDirectories); - PWSTR deststrbuf = (PWSTR)((POBJECT_DIRECTORY_INFORMATION)Buffer + nDirectories); + PWSTR strbuf = (PWSTR)((POBJECT_DIRECTORY_INFORMATION)TemporaryBuffer + nDirectories + 1); + PWSTR deststrbuf = (PWSTR)((POBJECT_DIRECTORY_INFORMATION)Buffer + nDirectories + 1); + memset((POBJECT_DIRECTORY_INFORMATION)TemporaryBuffer + nDirectories, 0, sizeof(OBJECT_DIRECTORY_INFORMATION)); - CopyBytes = nDirectories * sizeof(OBJECT_DIRECTORY_INFORMATION); + CopyBytes = (nDirectories + 1) * sizeof(OBJECT_DIRECTORY_INFORMATION); /* copy the names from the objects and append them to the list of the objects. copy to the temporary buffer only because the directory -- 2.17.1