[ros-dev] [ros-diffs] [sir_richard] 46103: [WIN32K]: Stop memory corruption when InstalledDisplayDrivers has more than one driver in the list. Note that driver loading is inherently broken right now, as the list of drivers is not parsed properly (this breaks eVb's VGA/VBE driver).
Timo Kreuzer
timo.kreuzer at web.de
Thu Mar 11 23:37:35 CET 2010
Hi,
I have a pending rewrite of the driver loading code in
branches/reactos-yarotows.
It should hopefully fix the issues and load eVb's driver.
It's mostly done, I experienced some random lock ups, though and had to
take a break from that code.
Regards,
Timo
sir_richard at svn.reactos.org schrieb:
> Author: sir_richard
> Date: Thu Mar 11 18:46:15 2010
> New Revision: 46103
>
> URL: http://svn.reactos.org/svn/reactos?rev=46103&view=rev
> Log:
> [WIN32K]: Stop memory corruption when InstalledDisplayDrivers has more than one driver in the list. Note that driver loading is inherently broken right now, as the list of drivers is not parsed properly (this breaks eVb's VGA/VBE driver).
>
> Modified:
> trunk/reactos/subsystems/win32/win32k/objects/device.c
>
> Modified: trunk/reactos/subsystems/win32/win32k/objects/device.c
> URL: http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/win32/win32k/objects/device.c?rev=46103&r1=46102&r2=46103&view=diff
> ==============================================================================
> --- trunk/reactos/subsystems/win32/win32k/objects/device.c [iso-8859-1] (original)
> +++ trunk/reactos/subsystems/win32/win32k/objects/device.c [iso-8859-1] Thu Mar 11 18:46:15 2010
> @@ -59,12 +59,37 @@
> return TRUE;
> }
>
> +
> +NTSTATUS
> +NTAPI
> +EnumDisplayQueryRoutine(IN PWSTR ValueName,
> + IN ULONG ValueType,
> + IN PVOID ValueData,
> + IN ULONG ValueLength,
> + IN PVOID Context,
> + IN PVOID EntryContext)
> +{
> + if ((Context == NULL) && ((ValueType == REG_SZ) || (ValueType == REG_MULTI_SZ)))
> + {
> + *(PULONG)EntryContext = ValueLength;
> + }
> + else
> + {
> + DPRINT1("Value data: %S %d\n", ValueData, ValueLength);
> + RtlCopyMemory(Context, ValueData, ValueLength);
> + }
> +
> + return STATUS_SUCCESS;
> +}
> +
> static BOOL FASTCALL
> FindDriverFileNames(PUNICODE_STRING DriverFileNames, ULONG DisplayNumber)
> {
> RTL_QUERY_REGISTRY_TABLE QueryTable[2];
> UNICODE_STRING RegistryPath;
> NTSTATUS Status;
> + PWCHAR DriverNames = NULL;
> + ULONG Length = 0;
>
> if (! GetRegistryPath(&RegistryPath, DisplayNumber))
> {
> @@ -73,23 +98,40 @@
> }
>
> RtlZeroMemory(QueryTable, sizeof(QueryTable));
> - QueryTable[0].Flags = RTL_QUERY_REGISTRY_REQUIRED | RTL_QUERY_REGISTRY_DIRECT;
> + QueryTable[0].Flags = RTL_QUERY_REGISTRY_REQUIRED | RTL_QUERY_REGISTRY_NOEXPAND;
> QueryTable[0].Name = L"InstalledDisplayDrivers";
> - QueryTable[0].EntryContext = DriverFileNames;
> + QueryTable[0].EntryContext = &Length;
> + QueryTable[0].QueryRoutine = EnumDisplayQueryRoutine;
>
> Status = RtlQueryRegistryValues(RTL_REGISTRY_ABSOLUTE,
> RegistryPath.Buffer,
> QueryTable,
> NULL,
> NULL);
> + // DPRINT1("Status: %lx\n", Status);
> + if (Length)
> + {
> + DriverNames = ExAllocatePool(PagedPool, Length);
> + // DPRINT1("Length allocated: %d\n", Length);
> + Status = RtlQueryRegistryValues(RTL_REGISTRY_ABSOLUTE,
> + RegistryPath.Buffer,
> + QueryTable,
> + DriverNames,
> + NULL);
> + if (!NT_SUCCESS(Status)) DriverNames = NULL;
> + }
> +
> ExFreePoolWithTag(RegistryPath.Buffer, TAG_RTLREGISTRY);
> if (! NT_SUCCESS(Status))
> {
> DPRINT1("No InstalledDisplayDrivers value in service entry found\n");
> return FALSE;
> }
> -
> - DPRINT("DriverFileNames %S\n", DriverFileNames->Buffer);
> +
> + RtlInitUnicodeString(DriverFileNames, DriverNames);
> + DriverFileNames->Length = Length;
> + DriverFileNames->MaximumLength = Length;
> + //DPRINT1("DriverFileNames %wZ\n", DriverFileNames);
>
> return TRUE;
> }
> @@ -301,7 +343,7 @@
> continue;
> }
>
> - DPRINT("Display driver %S loaded\n", CurrentName);
> + DPRINT1("Display driver %S loaded\n", CurrentName);
>
> ExFreePoolWithTag(DriverFileNames.Buffer, TAG_RTLREGISTRY);
>
>
>
>
>
More information about the Ros-dev
mailing list