Index: dll/win32/ws2_32/inc/ws2_32p.h =================================================================== --- dll/win32/ws2_32/inc/ws2_32p.h (revision 74033) +++ dll/win32/ws2_32/inc/ws2_32p.h (working copy) @@ -315,9 +315,9 @@ INT WSAAPI -MapUnicodeQuerySetToAnsi(OUT LPWSAQUERYSETW UnicodeSet, +MapUnicodeQuerySetToAnsi(IN LPWSAQUERYSETW UnicodeSet, IN OUT PSIZE_T SetSize, - IN LPWSAQUERYSETA AnsiSet); + OUT LPWSAQUERYSETA AnsiSet); INT WSAAPI @@ -435,7 +435,7 @@ WsNcEntrySetProvider(IN PNSCATALOG_ENTRY Entry, IN PNS_PROVIDER Provider); -DWORD +BOOL WSAAPI WsNqAddProvider( IN PNSQUERY NsQuery, @@ -490,6 +490,13 @@ IN PNSQUERY_PROVIDER Provider ); +PNSQUERY_PROVIDER +WSAAPI +WsNqPreviousProvider( + IN PNSQUERY Query, + IN PNSQUERY_PROVIDER Provider +); + VOID WSAAPI WsNqDereference(IN PNSQUERY Query); @@ -498,11 +505,6 @@ WSAAPI WsNqValidateAndReference(IN PNSQUERY Query); -PNSQUERY_PROVIDER -WSAAPI -WsNqPreviousProvider(IN PNSQUERY Query, - IN PNSQUERY_PROVIDER Provider); - DWORD WSAAPI WsNqProvLookupServiceNext( Index: dll/win32/ws2_32/src/async.c =================================================================== --- dll/win32/ws2_32/src/async.c (revision 74033) +++ dll/win32/ws2_32/src/async.c (working copy) @@ -721,7 +721,7 @@ WsAsyncLock(); /* Process the queue */ - while (ListHead->Flink != ListHead) + while (!IsListEmpty(ListHead)) { /* Remove this entry and get the async block */ Entry = RemoveHeadList(ListHead); @@ -847,6 +847,8 @@ { /* Initialize Thread Context */ Context = HeapAlloc(WsSockHeap, 0, sizeof(*Context)); + if (!Context) + goto Exit; /* Initialize the Queue and event */ WsAsyncQueue = &Context->AsyncQueue; @@ -854,8 +856,10 @@ Context->AsyncEvent = CreateEvent(NULL, FALSE, FALSE, NULL); WsAsyncEvent = Context->AsyncEvent; + // FIX CID 1101934 /* Prevent us from ever being killed while running */ - WSAStartup(MAKEWORD(2,2), &WsaData); + if (WSAStartup(MAKEWORD(2,2), &WsaData) != ERROR_SUCCESS) + goto Fail; /* Create the thread */ ThreadHandle = CreateThread(NULL, @@ -864,6 +868,12 @@ Context, 0, &Tid); + if (ThreadHandle == NULL) + { + /* Cleanup and fail */ + WSACleanup(); + goto Fail; + } /* Close the handle and set init */ CloseHandle(ThreadHandle); @@ -870,9 +880,20 @@ WsAsyncThreadInitialized = TRUE; } +Exit: /* Release the lock */ WsAsyncUnlock(); return WsAsyncThreadInitialized; + +Fail: + /* Bail out */ + + /* Close the event, free the Context */ + if (Context->AsyncEvent) + CloseHandle(Context->AsyncEvent); + HeapFree(WsSockHeap, 0, Context); + + goto Exit; } VOID Index: dll/win32/ws2_32/src/dcatalog.c =================================================================== --- dll/win32/ws2_32/src/dcatalog.c (revision 74033) +++ dll/win32/ws2_32/src/dcatalog.c (working copy) @@ -384,7 +384,7 @@ IN PTCATALOG_ENTRY *CatalogEntry) { INT ErrorCode = WSAEINVAL; - PLIST_ENTRY NextEntry = Catalog->ProtocolList.Flink; + PLIST_ENTRY NextEntry; PTCATALOG_ENTRY Entry; /* Assume failure */ @@ -394,6 +394,7 @@ WsTcLock(); /* Match the Id with all the entries in the List */ + NextEntry = Catalog->ProtocolList.Flink; while (NextEntry != &Catalog->ProtocolList) { /* Get the Current Entry */ @@ -435,7 +436,7 @@ IN PTCATALOG_ENTRY *CatalogEntry) { INT ErrorCode = WSAEINVAL; - PLIST_ENTRY NextEntry = Catalog->ProtocolList.Flink; + PLIST_ENTRY NextEntry; PTCATALOG_ENTRY Entry; /* Lock the catalog */ @@ -442,6 +443,7 @@ WsTcLock(); /* Match the Id with all the entries in the List */ + NextEntry = Catalog->ProtocolList.Flink; while (NextEntry != &Catalog->ProtocolList) { /* Get the Current Entry */ @@ -483,7 +485,7 @@ IN PTCATALOG_ENTRY *CatalogEntry) { INT ErrorCode = WSAEINVAL; - PLIST_ENTRY NextEntry = Catalog->ProtocolList.Flink; + PLIST_ENTRY NextEntry; PTCATALOG_ENTRY Entry; DPRINT("WsTcGetEntryFromTriplet: %lx, %lx, %lx, %lx\n", af, type, protocol, StartId); @@ -493,6 +495,8 @@ /* Lock the catalog */ WsTcLock(); + NextEntry = Catalog->ProtocolList.Flink; + /* Check if we are starting past 0 */ if (StartId) { @@ -587,10 +591,8 @@ Provider = CatalogEntry->Provider; /* Check for a match */ - if ((Provider) && - !(memcmp(&CatalogEntry->ProtocolInfo.ProviderId, - ProviderId, - sizeof(GUID)))) + if (Provider && + IsEqualGUID(&CatalogEntry->ProtocolInfo.ProviderId, ProviderId)) { /* Found a match */ return Provider; @@ -674,7 +676,7 @@ RemoveEntryList(&Catalog->ProtocolList); InitializeListHead(&Catalog->ProtocolList); - /* Loop every item on the list */ + /* Loop every item in the list */ while (!IsListEmpty(List)) { /* Get the catalog entry */ @@ -681,7 +683,7 @@ Entry = RemoveHeadList(List); CatalogEntry = CONTAINING_RECORD(Entry, TCATALOG_ENTRY, CatalogLink); - /* Check if this item is already on our list */ + /* Check if this item is already in our list */ Entry = TempList.Flink; while (Entry != &TempList) { @@ -709,7 +711,7 @@ Catalog->ItemCount++; } - /* If there's anything left on the temporary list */ + /* If there's anything left in the temporary list */ while (!IsListEmpty(&TempList)) { /* Get the entry */ @@ -875,10 +877,8 @@ /* Get this entry */ CatalogEntry = CONTAINING_RECORD(Entry, TCATALOG_ENTRY, CatalogLink); - /* Remove it */ + /* Remove it and dereference it */ WsTcRemoveCatalogItem(Catalog, CatalogEntry); - - /* Dereference it */ WsTcEntryDereference(CatalogEntry); /* Move to the next entry */ Index: dll/win32/ws2_32/src/dcatitem.c =================================================================== --- dll/win32/ws2_32/src/dcatitem.c (revision 74033) +++ dll/win32/ws2_32/src/dcatitem.c (working copy) @@ -20,10 +20,12 @@ /* Allocate the catalog entry */ CatalogEntry = HeapAlloc(WsSockHeap, HEAP_ZERO_MEMORY, sizeof(*CatalogEntry)); + if (CatalogEntry) + { + /* Set the default non-null members */ + CatalogEntry->RefCount = 1; + } - /* Set the default non-null members */ - CatalogEntry->RefCount = 1; - /* Return it */ return CatalogEntry; } Index: dll/win32/ws2_32/src/dprocess.c =================================================================== --- dll/win32/ws2_32/src/dprocess.c (revision 74032) +++ dll/win32/ws2_32/src/dprocess.c (working copy) @@ -37,6 +37,8 @@ Process->ProtocolCatalogEvent = CreateEvent(NULL, TRUE, FALSE, NULL); Process->ProtocolCatalog = WsTcAllocate(); + // FIXME: Check for Process->ProtocolCatalog == NULL + /* Initialize it */ WsTcInitializeFromRegistry(Process->ProtocolCatalog, RootKey, @@ -46,6 +48,8 @@ Process->NamespaceCatalogEvent = CreateEvent(NULL, TRUE, FALSE, NULL); Process->NamespaceCatalog = WsNcAllocate(); + // FIXME: Check for Process->NamespaceCatalog == NULL + /* Initialize it */ ErrorCode = WsNcInitializeFromRegistry(Process->NamespaceCatalog, RootKey, @@ -64,10 +68,12 @@ /* Allocate the structure */ Process = HeapAlloc(WsSockHeap, HEAP_ZERO_MEMORY, sizeof(*Process)); + if (Process) + { + /* Set default non-zero values */ + Process->Version = MAKEWORD(2,2); + } - /* Set default non-zero values */ - Process->Version = MAKEWORD(2,2); - /* Return it */ return Process; } @@ -296,6 +302,9 @@ /* Delete the thread lock */ DeleteCriticalSection(&Process->ThreadLock); + + /* Delete us */ + HeapFree(WsSockHeap, 0, Process); } VOID Index: dll/win32/ws2_32/src/dprovide.c =================================================================== --- dll/win32/ws2_32/src/dprovide.c (revision 74033) +++ dll/win32/ws2_32/src/dprovide.c (working copy) @@ -21,13 +21,14 @@ { PTPROVIDER Provider; - DPRINT("WsTpAllocate: WsSockHeap %d\n", WsSockHeap); /* Allocate the object */ Provider = HeapAlloc(WsSockHeap, HEAP_ZERO_MEMORY, sizeof(*Provider)); + if (Provider) + { + /* Setup non-zero data */ + Provider->RefCount = 1; + } - /* Setup non-zero data */ - Provider->RefCount = 1; - /* Return it */ return Provider; } @@ -130,10 +131,12 @@ /* Unload the library */ FreeLibrary(Provider->DllHandle); - - /* Clear the handle value */ Provider->DllHandle = NULL; } + + // FIX CID 1401152 + /* Delete us */ + HeapFree(WsSockHeap, 0, Provider); } VOID Index: dll/win32/ws2_32/src/dsocket.c =================================================================== --- dll/win32/ws2_32/src/dsocket.c (revision 74032) +++ dll/win32/ws2_32/src/dsocket.c (working copy) @@ -50,12 +50,14 @@ PWSSOCKET Socket; /* Allocate the socket object */ - Socket = HeapAlloc(WsSockHeap, HEAP_ZERO_MEMORY, sizeof(WSSOCKET)); + Socket = HeapAlloc(WsSockHeap, HEAP_ZERO_MEMORY, sizeof(*Socket)); + if (Socket) + { + /* Setup default non-zero values */ + Socket->RefCount = 2; + Socket->Overlapped = TRUE; + } - /* Setup default non-zero values */ - Socket->RefCount = 2; - Socket->Overlapped = TRUE; - /* Return it */ return Socket; } @@ -193,6 +195,9 @@ WsTcEntryDereference(Socket->CatalogEntry); Socket->CatalogEntry = NULL; } + + /* Delete us */ + HeapFree(WsSockHeap, 0, Socket); } VOID Index: dll/win32/ws2_32/src/dthread.c =================================================================== --- dll/win32/ws2_32/src/dthread.c (revision 74033) +++ dll/win32/ws2_32/src/dthread.c (working copy) @@ -138,10 +138,12 @@ /* Allocate the object */ Thread = HeapAlloc(WsSockHeap, HEAP_ZERO_MEMORY, sizeof(*Thread)); + if (Thread) + { + /* Set non-zero data */ + Thread->BlockingHook = (FARPROC)WsThreadDefaultBlockingHook; + } - /* Set non-zero data */ - Thread->BlockingHook = (FARPROC)WsThreadDefaultBlockingHook; - /* Return it */ return Thread; } Index: dll/win32/ws2_32/src/nscatalo.c =================================================================== --- dll/win32/ws2_32/src/nscatalo.c (revision 74033) +++ dll/win32/ws2_32/src/nscatalo.c (working copy) @@ -459,9 +459,8 @@ Entry = Entry->Flink; /* Check if they match */ - if (memcmp(&CatalogEntry->ProviderId, - &OldCatalogEntry->ProviderId, - sizeof(GUID))) + if (IsEqualGUID(&CatalogEntry->ProviderId, + &OldCatalogEntry->ProviderId)) { /* We have a match, use the old item instead */ WsNcEntryDereference(CatalogEntry); @@ -498,7 +497,8 @@ IN LPGUID ProviderId, OUT PNSCATALOG_ENTRY *CatalogEntry) { - PLIST_ENTRY NextEntry = Catalog->CatalogList.Flink; + INT ErrorCode = WSAEINVAL; + PLIST_ENTRY NextEntry; PNSCATALOG_ENTRY Entry; /* Lock the catalog */ @@ -505,6 +505,7 @@ WsNcLock(); /* Match the Id with all the entries in the List */ + NextEntry = Catalog->CatalogList.Flink; while (NextEntry != &Catalog->CatalogList) { /* Get the Current Entry */ @@ -512,19 +513,23 @@ NextEntry = NextEntry->Flink; /* Check if this is the Catalog Entry ID we want */ - if (!(memcmp(&Entry->ProviderId, ProviderId, sizeof(GUID)))) + if (IsEqualGUID(&Entry->ProviderId, ProviderId)) { /* Check if it doesn't already have a provider */ if (!Entry->Provider) { /* Match, load the Provider */ - WsNcLoadProvider(Catalog, Entry); + ErrorCode = WsNcLoadProvider(Catalog, Entry); } - /* Reference the entry and return it */ - InterlockedIncrement(&Entry->RefCount); - *CatalogEntry = Entry; - break; + /* If we succeeded, reference the entry and return it */ + if (Entry->Provider || ErrorCode == ERROR_SUCCESS) + { + InterlockedIncrement(&Entry->RefCount); + *CatalogEntry = Entry; + ErrorCode = ERROR_SUCCESS; + break; + } } } @@ -532,7 +537,7 @@ WsNcUnlock(); /* Return */ - return ERROR_SUCCESS; + return ErrorCode; } BOOL @@ -618,10 +623,8 @@ /* Get this entry */ CatalogEntry = CONTAINING_RECORD(Entry, NSCATALOG_ENTRY, CatalogLink); - /* Remove it */ + /* Remove it and dereference it */ WsNcRemoveCatalogItem(Catalog, CatalogEntry); - - /* Dereference it */ WsNcEntryDereference(CatalogEntry); /* Move to the next entry */ Index: dll/win32/ws2_32/src/nscatent.c =================================================================== --- dll/win32/ws2_32/src/nscatent.c (revision 74032) +++ dll/win32/ws2_32/src/nscatent.c (working copy) @@ -20,12 +20,14 @@ /* Allocate the catalog */ CatalogEntry = HeapAlloc(WsSockHeap, HEAP_ZERO_MEMORY, sizeof(*CatalogEntry)); + if (CatalogEntry) + { + /* Set the default non-null members */ + CatalogEntry->RefCount = 1; + CatalogEntry->Enabled = TRUE; + CatalogEntry->AddressFamily = -1; + } - /* Set the default non-null members */ - CatalogEntry->RefCount = 1; - CatalogEntry->Enabled = TRUE; - CatalogEntry->AddressFamily = -1; - /* Return it */ return CatalogEntry; } Index: dll/win32/ws2_32/src/nsprovid.c =================================================================== --- dll/win32/ws2_32/src/nsprovid.c (revision 74033) +++ dll/win32/ws2_32/src/nsprovid.c (working copy) @@ -10,6 +10,9 @@ #include +#define NDEBUG +#include + /* FUNCTIONS *****************************************************************/ PNSQUERY_PROVIDER @@ -66,15 +69,48 @@ /* Allocate the object */ Provider = HeapAlloc(WsSockHeap, HEAP_ZERO_MEMORY, sizeof(*Provider)); + if (Provider) + { + /* Set non-null data */ + Provider->RefCount = 1; + Provider->Service.cbSize = sizeof(NSP_ROUTINE); + } - /* Set non-null data */ - Provider->RefCount = 1; - Provider->Service.cbSize = sizeof(NSP_ROUTINE); - - /* Return us */ + /* Return it */ return Provider; } +static VOID +DumpProviderService(IN PNSP_ROUTINE Service) +{ + DPRINT1("\nDumpProviderService(0x%p)\n" + "cbSize = %d\n" + "dwMajorVersion = %d\n" + "dwMinorVersion = %d\n" + "NSPCleanup = 0x%p\n" + "NSPLookupServiceBegin = 0x%p\n" + "NSPLookupServiceNext = 0x%p\n" + "NSPLookupServiceEnd = 0x%p\n" + "NSPSetService = 0x%p\n" + "NSPInstallServiceClass = 0x%p\n" + "NSPRemoveServiceClass = 0x%p\n" + "NSPGetServiceClassInfo = 0x%p\n" + "NSPIoctl = 0x%p\n", + Service->cbSize, + Service->dwMajorVersion, + Service->dwMinorVersion, + Service->NSPCleanup, + Service->NSPLookupServiceBegin, + Service->NSPLookupServiceNext, + Service->NSPLookupServiceEnd, + Service->NSPSetService, + Service->NSPInstallServiceClass, + Service->NSPRemoveServiceClass, + Service->NSPGetServiceClassInfo, + Service->NSPIoctl); +} + + DWORD WSAAPI WsNpInitialize(IN PNS_PROVIDER Provider, @@ -85,6 +121,8 @@ LPNSPSTARTUP NSPStartupProc; CHAR AnsiPath[MAX_PATH], ExpandedDllPath[MAX_PATH]; + DPRINT1("WsNpInitialize(0x%p, %S)\n", Provider, DllName); + /* Convert the path to ANSI */ WideCharToMultiByte(CP_ACP, 0, @@ -121,6 +159,7 @@ /* Call it */ (*NSPStartupProc)(ProviderId, &Provider->Service); + DumpProviderService(&Provider->Service); /* Save the provider ID */ Provider->ProviderId = *ProviderId; @@ -129,6 +168,7 @@ Fail: /* Bail out */ if (Provider->DllHandle) FreeLibrary(Provider->DllHandle); + Provider->DllHandle = NULL; return ErrorCode; } @@ -165,10 +205,11 @@ /* Unload the library */ FreeLibrary(Provider->DllHandle); - - /* Clear the handle value */ Provider->DllHandle = NULL; } + + /* Delete us */ + HeapFree(WsSockHeap, 0, Provider); } VOID @@ -255,6 +296,9 @@ OUT PHANDLE LookupHandle) { /* Call the NSP */ + DPRINT1("WsNpLookupServiceBegin(0x%p) - Provider->Service.NSPLookupServiceBegin = 0x%p\n", + Provider, Provider->Service.NSPLookupServiceBegin); + return Provider->Service.NSPLookupServiceBegin(&Provider->ProviderId, Restrictions, ServiceClassInfo, Index: dll/win32/ws2_32/src/nsquery.c =================================================================== --- dll/win32/ws2_32/src/nsquery.c (revision 74033) +++ dll/win32/ws2_32/src/nsquery.c (working copy) @@ -25,12 +25,14 @@ /* Allocate the object */ NsQuery = HeapAlloc(WsSockHeap, HEAP_ZERO_MEMORY, sizeof(*NsQuery)); + if (NsQuery) + { + /* Set non-zero fields */ + NsQuery->Signature = ~0xBEADFACE; + InitializeListHead(&NsQuery->ProviderList); + NsQuery->TryAgain = TRUE; + } - /* Set non-zero fields */ - NsQuery->Signature = ~0xBEADFACE; - InitializeListHead(&NsQuery->ProviderList); - NsQuery->TryAgain = TRUE; - /* Return it */ return NsQuery; } @@ -134,9 +136,9 @@ if (!(Provider = Entry->Provider)) { /* None was loaded, load it */ - if ((WsNcLoadProvider(EnumContext->Catalog, Entry) != ERROR_SUCCESS)) + if (WsNcLoadProvider(EnumContext->Catalog, Entry) != ERROR_SUCCESS) { - /* return TRUE to continue enumerating */ + /* Return TRUE to continue enumerating */ return TRUE; } @@ -145,7 +147,7 @@ } /* Add it to the query */ - if (!(WsNqAddProvider(NsQuery, Provider))) + if (!WsNqAddProvider(NsQuery, Provider)) { /* We failed */ EnumContext->ErrorCode = WSASYSCALLFAILURE; @@ -195,157 +197,145 @@ OUT LPWSAQUERYSETW Results) { PNSQUERY_PROVIDER Provider, NextProvider; + PLIST_ENTRY Entry; INT ErrorCode = SOCKET_ERROR, OldErrorCode; - PLIST_ENTRY Entry; /* Make sure we're not shutting down */ - if (!NsQuery->ShuttingDown) + if (NsQuery->ShuttingDown) { - /* Acquire query lock */ - WsNqLock(); + /* We are shutting down, fail */ + SetLastError(WSAECANCELLED); + return ErrorCode; + } - /* Check if we already have an active provider */ - NextProvider = NsQuery->ActiveProvider; - if (!NextProvider) + /* Acquire query lock */ + WsNqLock(); + + /* Check if we already have an active provider */ + NextProvider = NsQuery->ActiveProvider; + if (!NextProvider) + { + /* Make sure we have a current provider */ + if (!NsQuery->CurrentProvider) { - /* Make sure we have a current provider */ - if (!NsQuery->CurrentProvider) + /* We don't; fail */ + WsNqUnlock(); + SetLastError(WSA_E_NO_MORE); + return SOCKET_ERROR; + } + + /* Get the last provider in the list and start looping */ + NextProvider = WsNqPreviousProvider(NsQuery, NULL); + while (NextProvider) + { + /* Check if this is a new-style provider */ + if (NextProvider->Provider->Service.NSPIoctl) { - /* We don't; fail */ - WsNqUnlock(); - SetLastError(WSA_E_NO_MORE); - return SOCKET_ERROR; + /* Remove it and re-add it on top */ + RemoveEntryList(&NextProvider->QueryLink); + InsertHeadList(&NsQuery->ProviderList, &NextProvider->QueryLink); + + /* Set it as the active provider and exit the loop */ + NsQuery->ActiveProvider = NextProvider; + break; } - /* Get the first provider on the list and start looping */ - Entry = NsQuery->ProviderList.Blink; - NextProvider = CONTAINING_RECORD(Entry, NSQUERY_PROVIDER, QueryLink); - while (NextProvider) - { - /* Check if this is a new-style provider */ - if (NextProvider->Provider->Service.NSPIoctl) - { - /* Remove it and re-add it on top */ - RemoveEntryList(&NextProvider->QueryLink); - InsertHeadList(&NsQuery->ProviderList, &NextProvider->QueryLink); + /* Get the previous provider */ + NextProvider = WsNqPreviousProvider(NsQuery, NextProvider); + } + } - /* Set it as the active provider and exit the loop */ - NsQuery->ActiveProvider = NextProvider; - break; - } + /* Release the lock */ + WsNqUnlock(); - /* Get the previous provider */ - NextProvider = WsNqPreviousProvider(NsQuery, NextProvider); - } + /* Restart and keep looping as long as there is an active provider */ + while (NextProvider) + { + /* Call its routine */ + ErrorCode = WsNqProvLookupServiceNext(NextProvider, + ControlFlags, + BufferLength, + Results); + /* Check for error or shutdown */ + if ((ErrorCode == ERROR_SUCCESS) || + (GetLastError() == WSAEFAULT) || (NsQuery->ShuttingDown)) + { + /* Get out */ + break; } - /* Release the lock */ - WsNqUnlock(); + /* Acquire Query Lock */ + WsNqLock(); - /* Check if we have an active provider now */ - if (NextProvider) + /* Check if we have an active provider */ + if (NsQuery->ActiveProvider) { - /* Start loop */ - do + /* Save the old provider and get the next one */ + Provider = NextProvider; + NextProvider = WsNqNextProvider(NsQuery, NsQuery->ActiveProvider); + + /* Was the old provider our active? */ + if (Provider == NsQuery->ActiveProvider) { - /* Call its routine */ - ErrorCode = WsNqProvLookupServiceNext(NextProvider, - ControlFlags, - BufferLength, - Results); - /* Check for error or shutdown */ - if ((ErrorCode == ERROR_SUCCESS) || - (GetLastError() == WSAEFAULT) || (NsQuery->ShuttingDown)) - { - /* Get out */ - break; - } + /* Change our active provider to the new one */ + NsQuery->ActiveProvider = NextProvider; + } + } + else + { + /* No next provider */ + NextProvider = NULL; + } - /* Acquire Query Lock */ - WsNqLock(); + /* Check if we failed and if we can try again */ + if (!(NextProvider) && + (ErrorCode == SOCKET_ERROR) && + (NsQuery->TryAgain)) + { + /* Save the error code so RAS doesn't overwrite it */ + OldErrorCode = GetLastError(); - /* Save the current active provider */ - Provider = NsQuery->ActiveProvider; + /* Make sure we won't try for a 3rd time */ + NsQuery->TryAgain = FALSE; - /* Check if one exists */ - if (Provider) + /* Call the helper to auto-dial */ + if (WSAttemptAutodialName(NsQuery->QuerySet)) + { + /* It succeeded, so we'll delete the current state. */ + while (!IsListEmpty(&NsQuery->ProviderList)) { - /* Get the next one */ - NextProvider = WsNqNextProvider(NsQuery, - NsQuery->ActiveProvider); + /* Remove the entry and get its provider */ + Entry = RemoveHeadList(&NsQuery->ProviderList); + Provider = CONTAINING_RECORD(Entry, + NSQUERY_PROVIDER, + QueryLink); - /* Was the old provider our active? */ - if (Provider == NsQuery->ActiveProvider) - { - /* Change our active provider to the new one */ - NsQuery->ActiveProvider = NextProvider; - } + /* Reset it */ + WsNqProvLookupServiceEnd(Provider); + WsNqProvDelete(Provider); } - else - { - /* No next provider */ - NextProvider = NULL; - } - /* Check if we failed and if we can try again */ - if (!(NextProvider) && - (ErrorCode == SOCKET_ERROR) && - (NsQuery->TryAgain)) + /* Start a new query */ + if (WsNqLookupServiceBegin(NsQuery, + NsQuery->QuerySet, + NsQuery->ControlFlags, + NsQuery->Catalog) == ERROR_SUCCESS) { - /* Save the error code so RAS doesn't overwrite it */ - OldErrorCode = GetLastError(); - - /* Make sure we won't try for a 3rd time */ - NsQuery->TryAgain = FALSE; - - /* Call the helper to auto-dial */ - if (WSAttemptAutodialName(NsQuery->QuerySet)) - { - /* It succeeded, so we'll delete the current state. */ - while (!IsListEmpty(&NsQuery->ProviderList)) - { - /* Remove the entry and get its provider */ - Entry = RemoveHeadList(&NsQuery->ProviderList); - Provider = CONTAINING_RECORD(Entry, - NSQUERY_PROVIDER, - QueryLink); - - /* Reset it */ - WsNqProvLookupServiceEnd(Provider); - WsNqProvDelete(Provider); - } - - /* Start a new query */ - if (!WsNqLookupServiceBegin(NsQuery, - NsQuery->QuerySet, - NsQuery->ControlFlags, - NsQuery->Catalog)) - { - /* New query succeeded, set active provider now */ - NsQuery->ActiveProvider = - WsNqNextProvider(NsQuery, - NsQuery->ActiveProvider); - } - } - else - { - /* Reset the error code */ - SetLastError(OldErrorCode); - } + /* New query succeeded, set active provider now */ + NsQuery->ActiveProvider = + WsNqNextProvider(NsQuery, NsQuery->ActiveProvider); } + } + else + { + /* Reset the error code */ + SetLastError(OldErrorCode); + } + } - /* Release lock */ - WsNqUnlock(); - - /* Keep looping as long as there is a provider */ - } while (NextProvider); - } + /* Release lock */ + WsNqUnlock(); } - else - { - /* We are shuting down; fail */ - SetLastError(WSAECANCELLED); - } /* Return */ return ErrorCode; @@ -359,9 +349,8 @@ IN PNSCATALOG Catalog) { WSASERVICECLASSINFOW ClassInfo; - PNSQUERY_PROVIDER Provider; LPWSASERVICECLASSINFOW pClassInfo = &ClassInfo; - PNSQUERY_PROVIDER NextProvider; + PNSQUERY_PROVIDER Provider, NextProvider; PLIST_ENTRY Entry; INT ErrorCode; DWORD ClassInfoSize; @@ -409,7 +398,13 @@ else { /* Add this provider */ - WsNqAddProvider(NsQuery, CatalogEntry->Provider); + if (!WsNqAddProvider(NsQuery, CatalogEntry->Provider)) + { + /* Fail */ + SetLastError(WSA_NOT_ENOUGH_MEMORY); + ErrorCode = SOCKET_ERROR; + goto error; + } } } else @@ -461,8 +456,7 @@ } /* Get the first provider and loop */ - Entry = NsQuery->ProviderList.Flink; - NextProvider = CONTAINING_RECORD(Entry, NSQUERY_PROVIDER, QueryLink); + NextProvider = WsNqNextProvider(NsQuery, NULL); while (NextProvider) { /* Call it */ @@ -504,10 +498,11 @@ else { /* Set the active provider */ - Entry = NsQuery->ProviderList.Flink; - NsQuery->ActiveProvider = CONTAINING_RECORD(Entry, - NSQUERY_PROVIDER, - QueryLink); + NsQuery->ActiveProvider = WsNqNextProvider(NsQuery, NULL); + // Entry = NsQuery->ProviderList.Flink; + // NsQuery->ActiveProvider = CONTAINING_RECORD(Entry, + // NSQUERY_PROVIDER, + // QueryLink); } /* Return */ @@ -523,7 +518,11 @@ PLIST_ENTRY Entry; /* Get the first entry and get its provider */ - Entry = Provider->QueryLink.Flink; + if (Provider) + Entry = Provider->QueryLink.Flink; + else + Entry = Query->ProviderList.Flink; + if (Entry != &Query->ProviderList) { /* Get the current provider */ @@ -539,28 +538,32 @@ WsNqPreviousProvider(IN PNSQUERY Query, IN PNSQUERY_PROVIDER Provider) { - PNSQUERY_PROVIDER NextProvider = NULL; + PNSQUERY_PROVIDER PrevProvider = NULL; PLIST_ENTRY Entry; - /* Get the first entry and get its provider */ - Entry = Provider->QueryLink.Blink; + /* Get the last entry and get its provider */ + if (Provider) + Entry = Provider->QueryLink.Blink; + else + Entry = Query->ProviderList.Blink; + if (Entry != &Query->ProviderList) { /* Get the current provider */ - NextProvider = CONTAINING_RECORD(Entry, NSQUERY_PROVIDER, QueryLink); + PrevProvider = CONTAINING_RECORD(Entry, NSQUERY_PROVIDER, QueryLink); } /* Return it */ - return NextProvider; + return PrevProvider; } -DWORD +BOOL WSAAPI WsNqAddProvider(IN PNSQUERY Query, IN PNS_PROVIDER Provider) { + BOOL Success = TRUE; PNSQUERY_PROVIDER QueryProvider; - DWORD Return = TRUE; /* Allocate a new Query Provider */ if ((QueryProvider = WsNqProvAllocate())) @@ -575,11 +578,11 @@ { /* We failed */ SetLastError(WSASYSCALLFAILURE); - Return = FALSE; + Success = FALSE; } /* Return */ - return Return; + return Success; } Index: dll/win32/ws2_32/src/qshelpr.c =================================================================== --- dll/win32/ws2_32/src/qshelpr.c (revision 74033) +++ dll/win32/ws2_32/src/qshelpr.c (working copy) @@ -498,9 +498,10 @@ sizeof(CSADDR_INFO), sizeof(PVOID)); + // CID 513446 and CID 513447 /* Copy it into the buffer */ - RtlCopyMemory(RelativeSet->lpafpProtocols, - AnsiSet->lpafpProtocols, + RtlCopyMemory(RelativeSet->lpcsaBuffer, + AnsiSet->lpcsaBuffer, AnsiSet->dwNumberOfCsAddrs * sizeof(CSADDR_INFO)); /* Copy the addresses inside the CSADDR */ @@ -692,9 +693,10 @@ sizeof(CSADDR_INFO), sizeof(PVOID)); + // CID 513444 and CID 513445 /* Copy it into the buffer */ - RtlCopyMemory(RelativeSet->lpafpProtocols, - UnicodeSet->lpafpProtocols, + RtlCopyMemory(RelativeSet->lpcsaBuffer, + UnicodeSet->lpcsaBuffer, UnicodeSet->dwNumberOfCsAddrs * sizeof(CSADDR_INFO)); /* Copy the addresses inside the CSADDR */ @@ -926,9 +928,9 @@ INT WSAAPI -MapUnicodeQuerySetToAnsi(OUT LPWSAQUERYSETW UnicodeSet, +MapUnicodeQuerySetToAnsi(IN LPWSAQUERYSETW UnicodeSet, IN OUT PSIZE_T SetSize, - IN LPWSAQUERYSETA AnsiSet) + OUT LPWSAQUERYSETA AnsiSet) { INT ErrorCode = ERROR_SUCCESS; SIZE_T UnicodeSize, AnsiSize; Index: dll/win32/ws2_32/src/rnr.c =================================================================== --- dll/win32/ws2_32/src/rnr.c (revision 74033) +++ dll/win32/ws2_32/src/rnr.c (working copy) @@ -2,7 +2,7 @@ * COPYRIGHT: See COPYING in the top level directory * PROJECT: ReactOS WinSock 2 API * FILE: dll/win32/ws2_32_new/src/rnr.c - * PURPOSE: Registration n' Resolution Support + * PURPOSE: Registration and Resolution Support * PROGRAMMER: Alex Ionescu (alex@relsoft.net) */ @@ -285,11 +285,6 @@ dwControlFlags, lphLookup); } - else - { - /* Fail, conversion failed */ - SetLastError(ErrorCode); - } /* Free our buffer */ HeapFree(WsSockHeap, 0, UnicodeQuerySet); @@ -297,14 +292,13 @@ else { /* No memory to allocate */ - SetLastError(WSAEFAULT); + ErrorCode = WSAEFAULT; } } - else - { - /* We couldn't get the size for some reason */ + + /* Set the error in case of failure */ + if (ErrorCode != ERROR_SUCCESS) SetLastError(ErrorCode); - } /* Return to caller */ return ErrorCode == ERROR_SUCCESS ? ErrorCode : SOCKET_ERROR; @@ -403,8 +397,9 @@ return SOCKET_ERROR; } - /* Verify pointer */ - if (IsBadWritePtr(lpqsResults, sizeof(*lpqsResults))) + /* Verify pointers */ + if (IsBadReadPtr(lpdwBufferLength, sizeof(*lpdwBufferLength)) || + IsBadWritePtr(lpqsResults, sizeof(*lpqsResults))) { /* It is invalid; fail */ SetLastError(WSAEFAULT); @@ -443,10 +438,21 @@ OUT LPWSAQUERYSETA lpqsResults) { LPWSAQUERYSETW UnicodeQuerySet; - DWORD UnicodeQuerySetSize = *lpdwBufferLength; + DWORD UnicodeQuerySetSize; INT ErrorCode; DPRINT("WSALookupServiceNextA: %lx\n", hLookup); + /* Verify pointers */ + if (IsBadReadPtr(lpdwBufferLength, sizeof(*lpdwBufferLength)) || + IsBadWritePtr(lpqsResults, sizeof(*lpqsResults))) + { + /* It is invalid; fail */ + SetLastError(WSAEFAULT); + return SOCKET_ERROR; + } + + UnicodeQuerySetSize = *lpdwBufferLength; + /* Check how much the user is giving */ if (UnicodeQuerySetSize >= sizeof(WSAQUERYSETW)) { Index: dll/win32/ws2_32/src/wsautil.c =================================================================== --- dll/win32/ws2_32/src/wsautil.c (revision 74033) +++ dll/win32/ws2_32/src/wsautil.c (working copy) @@ -31,15 +31,16 @@ if (ErrorCode == ERROR_FILE_NOT_FOUND) { /* Create it */ - RegCreateKeyEx(HKEY_LOCAL_MACHINE, - WINSOCK_ROOT, - 0, - NULL, - REG_OPTION_NON_VOLATILE, - KEY_ALL_ACCESS, - NULL, - &WinsockRootKey, - &CreateDisposition); + // FIX CID 715923 + ErrorCode = RegCreateKeyEx(HKEY_LOCAL_MACHINE, + WINSOCK_ROOT, + 0, + NULL, + REG_OPTION_NON_VOLATILE, + KEY_ALL_ACCESS, + NULL, + &WinsockRootKey, + &CreateDisposition); } else if (ErrorCode == ERROR_SUCCESS) {