From e2a4d8be510500e43cb570991304e57364d427e8 Mon Sep 17 00:00:00 2001
From: Eric Kohl <eric.kohl@reactos.org>
Date: Fri, 29 Aug 2008 10:34:23 +0000
Subject: [PATCH] - ScmCreateManagerHandle: Fail on invalid database names. -
 ROpenServiceW: Fail if lpServiceName is NULL. - ROpenServiceA: Don't pass an
 empty string to ROpenServiceW if lpServiceName is NULL. Use NULL instead.

This patch is based on bug report #3669 by bugboy <martinmnet@hotmail.com>.

svn path=/trunk/; revision=35750
---
 reactos/base/system/services/rpcserver.c | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/reactos/base/system/services/rpcserver.c b/reactos/base/system/services/rpcserver.c
index 416cc13f502..e7902c9e02d 100644
--- a/reactos/base/system/services/rpcserver.c
+++ b/reactos/base/system/services/rpcserver.c
@@ -152,6 +152,17 @@ ScmCreateManagerHandle(LPWSTR lpDatabaseName,
     if (lpDatabaseName == NULL)
         lpDatabaseName = SERVICES_ACTIVE_DATABASEW;
 
+    if (wcsicmp(lpDatabaseName,SERVICES_FAILED_DATABASEW)==0)
+    {
+        DPRINT1("Database %S, does not exist\n",lpDatabaseName);
+        return ERROR_DATABASE_DOES_NOT_EXIST;
+    }
+    else if (wcsicmp(lpDatabaseName, SERVICES_ACTIVE_DATABASEW) != 0)
+    {
+        DPRINT1("Invalid Database name %S.\n",lpDatabaseName);
+        return ERROR_INVALID_NAME;
+    }
+
     Ptr = (MANAGER_HANDLE*) HeapAlloc(GetProcessHeap(),
                     HEAP_ZERO_MEMORY,
                     sizeof(MANAGER_HANDLE) + wcslen(lpDatabaseName) * sizeof(WCHAR));
@@ -1936,6 +1947,9 @@ DWORD ROpenServiceW(
     if (!lpServiceHandle)
         return ERROR_INVALID_PARAMETER;
 
+    if (!lpServiceName)
+        return ERROR_INVALID_ADDRESS;
+
     hManager = (PMANAGER_HANDLE)hSCManager;
     if (!hManager || hManager->Handle.Tag != MANAGER_TAG)
     {
@@ -2489,8 +2503,9 @@ DWORD ROpenServiceA(
 
     DPRINT("ROpenServiceA() called\n");
 
-    RtlCreateUnicodeStringFromAsciiz(&ServiceName,
-                                     lpServiceName);
+    if (lpServiceName)
+        RtlCreateUnicodeStringFromAsciiz(&ServiceName,
+                                         lpServiceName);
 
     dwError = ROpenServiceW(BindingHandle,
                                hSCManager,
@@ -2498,7 +2513,8 @@ DWORD ROpenServiceA(
                                dwDesiredAccess,
                                lpServiceHandle);
 
-    RtlFreeUnicodeString(&ServiceName);
+    if (lpServiceName)
+        RtlFreeUnicodeString(&ServiceName);
 
     return dwError;
 }
-- 
2.17.1