ddraw: Avoid accessing free'd memory on an error path in ddraw_surface_create().
[wine.git] / server / object.c
blobad22ec1e94b6b376a9be4707d8a0626ded8340ac
1 /*
2 * Server-side objects
4 * Copyright (C) 1998 Alexandre Julliard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
21 #include "config.h"
22 #include "wine/port.h"
24 #include <assert.h>
25 #include <limits.h>
26 #include <stdlib.h>
27 #include <stdio.h>
28 #include <string.h>
29 #include <unistd.h>
30 #include <stdarg.h>
32 #include "ntstatus.h"
33 #define WIN32_NO_STATUS
34 #include "winternl.h"
36 #include "file.h"
37 #include "process.h"
38 #include "thread.h"
39 #include "unicode.h"
40 #include "security.h"
43 struct namespace
45 unsigned int hash_size; /* size of hash table */
46 struct list names[1]; /* array of hash entry lists */
50 #ifdef DEBUG_OBJECTS
51 static struct list object_list = LIST_INIT(object_list);
52 static struct list static_object_list = LIST_INIT(static_object_list);
54 void dump_objects(void)
56 struct list *p;
58 LIST_FOR_EACH( p, &static_object_list )
60 struct object *ptr = LIST_ENTRY( p, struct object, obj_list );
61 fprintf( stderr, "%p:%d: ", ptr, ptr->refcount );
62 dump_object_name( ptr );
63 ptr->ops->dump( ptr, 1 );
65 LIST_FOR_EACH( p, &object_list )
67 struct object *ptr = LIST_ENTRY( p, struct object, obj_list );
68 fprintf( stderr, "%p:%d: ", ptr, ptr->refcount );
69 dump_object_name( ptr );
70 ptr->ops->dump( ptr, 1 );
74 void close_objects(void)
76 struct list *ptr;
78 /* release the static objects */
79 while ((ptr = list_head( &static_object_list )))
81 struct object *obj = LIST_ENTRY( ptr, struct object, obj_list );
82 /* move it back to the standard list before freeing */
83 list_remove( &obj->obj_list );
84 list_add_head( &object_list, &obj->obj_list );
85 release_object( obj );
88 dump_objects(); /* dump any remaining objects */
91 #endif /* DEBUG_OBJECTS */
93 /*****************************************************************/
95 /* malloc replacement */
96 void *mem_alloc( size_t size )
98 void *ptr = malloc( size );
99 if (ptr) memset( ptr, 0x55, size );
100 else set_error( STATUS_NO_MEMORY );
101 return ptr;
104 /* duplicate a block of memory */
105 void *memdup( const void *data, size_t len )
107 void *ptr = malloc( len );
108 if (ptr) memcpy( ptr, data, len );
109 else set_error( STATUS_NO_MEMORY );
110 return ptr;
114 /*****************************************************************/
116 static int get_name_hash( const struct namespace *namespace, const WCHAR *name, data_size_t len )
118 WCHAR hash = 0;
119 len /= sizeof(WCHAR);
120 while (len--) hash ^= tolowerW(*name++);
121 return hash % namespace->hash_size;
124 void namespace_add( struct namespace *namespace, struct object_name *ptr )
126 int hash = get_name_hash( namespace, ptr->name, ptr->len );
128 list_add_head( &namespace->names[hash], &ptr->entry );
131 /* allocate a name for an object */
132 static struct object_name *alloc_name( const struct unicode_str *name )
134 struct object_name *ptr;
136 if ((ptr = mem_alloc( sizeof(*ptr) + name->len - sizeof(ptr->name) )))
138 ptr->len = name->len;
139 ptr->parent = NULL;
140 memcpy( ptr->name, name->str, name->len );
142 return ptr;
145 /* get the name of an existing object */
146 const WCHAR *get_object_name( struct object *obj, data_size_t *len )
148 struct object_name *ptr = obj->name;
149 if (!ptr) return NULL;
150 *len = ptr->len;
151 return ptr->name;
154 /* get the full path name of an existing object */
155 WCHAR *get_object_full_name( struct object *obj, data_size_t *ret_len )
157 static const WCHAR backslash = '\\';
158 struct object *ptr = obj;
159 data_size_t len = 0;
160 char *ret;
162 while (ptr && ptr->name)
164 struct object_name *name = ptr->name;
165 len += name->len + sizeof(WCHAR);
166 ptr = name->parent;
168 if (!len) return NULL;
169 if (!(ret = malloc( len ))) return NULL;
171 *ret_len = len;
172 while (obj && obj->name)
174 struct object_name *name = obj->name;
175 memcpy( ret + len - name->len, name->name, name->len );
176 len -= name->len + sizeof(WCHAR);
177 memcpy( ret + len, &backslash, sizeof(WCHAR) );
178 obj = name->parent;
180 return (WCHAR *)ret;
183 /* allocate and initialize an object */
184 void *alloc_object( const struct object_ops *ops )
186 struct object *obj = mem_alloc( ops->size );
187 if (obj)
189 obj->refcount = 1;
190 obj->handle_count = 0;
191 obj->ops = ops;
192 obj->name = NULL;
193 obj->sd = NULL;
194 list_init( &obj->wait_queue );
195 #ifdef DEBUG_OBJECTS
196 list_add_head( &object_list, &obj->obj_list );
197 #endif
198 return obj;
200 return NULL;
203 /* free an object once it has been destroyed */
204 void free_object( struct object *obj )
206 free( obj->sd );
207 #ifdef DEBUG_OBJECTS
208 list_remove( &obj->obj_list );
209 memset( obj, 0xaa, obj->ops->size );
210 #endif
211 free( obj );
214 /* find an object by name starting from the specified root */
215 /* if it doesn't exist, its parent is returned, and name_left contains the remaining name */
216 struct object *lookup_named_object( struct object *root, const struct unicode_str *name,
217 unsigned int attr, struct unicode_str *name_left )
219 struct object *obj, *parent;
220 struct unicode_str name_tmp = *name, *ptr = &name_tmp;
222 if (root)
224 /* if root is specified path shouldn't start with backslash */
225 if (name_tmp.len && name_tmp.str[0] == '\\')
227 set_error( STATUS_OBJECT_PATH_SYNTAX_BAD );
228 return NULL;
230 parent = grab_object( root );
232 else
234 if (!name_tmp.len || name_tmp.str[0] != '\\')
236 set_error( STATUS_OBJECT_PATH_SYNTAX_BAD );
237 return NULL;
239 /* skip leading backslash */
240 name_tmp.str++;
241 name_tmp.len -= sizeof(WCHAR);
242 parent = get_root_directory();
245 if (!name_tmp.len) ptr = NULL; /* special case for empty path */
247 clear_error();
249 while ((obj = parent->ops->lookup_name( parent, ptr, attr )))
251 /* move to the next element */
252 release_object ( parent );
253 parent = obj;
255 if (get_error())
257 release_object( parent );
258 return NULL;
261 if (name_left) *name_left = name_tmp;
262 return parent;
265 static struct object *create_object( struct object *parent, const struct object_ops *ops,
266 const struct unicode_str *name, const struct security_descriptor *sd )
268 struct object *obj;
269 struct object_name *name_ptr;
271 if (!(name_ptr = alloc_name( name ))) return NULL;
272 if (!(obj = alloc_object( ops ))) goto failed;
273 if (sd && !default_set_sd( obj, sd, OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION |
274 DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION ))
275 goto failed;
276 if (!obj->ops->link_name( obj, name_ptr, parent )) goto failed;
278 name_ptr->obj = obj;
279 obj->name = name_ptr;
280 return obj;
282 failed:
283 if (obj) free_object( obj );
284 free( name_ptr );
285 return NULL;
288 /* create an object as named child under the specified parent */
289 void *create_named_object( struct object *parent, const struct object_ops *ops,
290 const struct unicode_str *name, unsigned int attributes,
291 const struct security_descriptor *sd )
293 struct object *obj, *new_obj;
294 struct unicode_str new_name;
296 clear_error();
298 if (!name || !name->len)
300 if (!(new_obj = alloc_object( ops ))) return NULL;
301 if (sd && !default_set_sd( new_obj, sd, OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION |
302 DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION ))
304 free_object( new_obj );
305 return NULL;
307 return new_obj;
310 if (!(obj = lookup_named_object( parent, name, attributes, &new_name ))) return NULL;
312 if (!new_name.len)
314 if (attributes & OBJ_OPENIF && obj->ops == ops)
315 set_error( STATUS_OBJECT_NAME_EXISTS );
316 else
318 release_object( obj );
319 obj = NULL;
320 if (attributes & OBJ_OPENIF)
321 set_error( STATUS_OBJECT_TYPE_MISMATCH );
322 else
323 set_error( STATUS_OBJECT_NAME_COLLISION );
325 return obj;
328 new_obj = create_object( obj, ops, &new_name, sd );
329 release_object( obj );
330 return new_obj;
333 /* open a object by name under the specified parent */
334 void *open_named_object( struct object *parent, const struct object_ops *ops,
335 const struct unicode_str *name, unsigned int attributes )
337 struct unicode_str name_left;
338 struct object *obj;
340 if ((obj = lookup_named_object( parent, name, attributes, &name_left )))
342 if (name_left.len) /* not fully parsed */
343 set_error( STATUS_OBJECT_NAME_NOT_FOUND );
344 else if (ops && obj->ops != ops)
345 set_error( STATUS_OBJECT_TYPE_MISMATCH );
346 else
347 return obj;
349 release_object( obj );
351 return NULL;
354 /* recursive helper for dump_object_name */
355 static void dump_name( struct object *obj )
357 struct object_name *name = obj->name;
359 if (!name) return;
360 if (name->parent) dump_name( name->parent );
361 fputs( "\\\\", stderr );
362 dump_strW( name->name, name->len / sizeof(WCHAR), stderr, "[]" );
365 /* dump the name of an object to stderr */
366 void dump_object_name( struct object *obj )
368 if (!obj->name) return;
369 fputc( '[', stderr );
370 dump_name( obj );
371 fputs( "] ", stderr );
374 /* unlink a named object from its namespace, without freeing the object itself */
375 void unlink_named_object( struct object *obj )
377 struct object_name *name_ptr = obj->name;
379 if (!name_ptr) return;
380 obj->name = NULL;
381 obj->ops->unlink_name( obj, name_ptr );
382 if (name_ptr->parent) release_object( name_ptr->parent );
383 free( name_ptr );
386 /* mark an object as being stored statically, i.e. only released at shutdown */
387 void make_object_static( struct object *obj )
389 #ifdef DEBUG_OBJECTS
390 list_remove( &obj->obj_list );
391 list_add_head( &static_object_list, &obj->obj_list );
392 #endif
395 /* grab an object (i.e. increment its refcount) and return the object */
396 struct object *grab_object( void *ptr )
398 struct object *obj = (struct object *)ptr;
399 assert( obj->refcount < INT_MAX );
400 obj->refcount++;
401 return obj;
404 /* release an object (i.e. decrement its refcount) */
405 void release_object( void *ptr )
407 struct object *obj = (struct object *)ptr;
408 assert( obj->refcount );
409 if (!--obj->refcount)
411 assert( !obj->handle_count );
412 /* if the refcount is 0, nobody can be in the wait queue */
413 assert( list_empty( &obj->wait_queue ));
414 unlink_named_object( obj );
415 obj->ops->destroy( obj );
416 free_object( obj );
420 /* find an object by its name; the refcount is incremented */
421 struct object *find_object( const struct namespace *namespace, const struct unicode_str *name,
422 unsigned int attributes )
424 const struct list *list;
425 struct list *p;
427 if (!name || !name->len) return NULL;
429 list = &namespace->names[ get_name_hash( namespace, name->str, name->len ) ];
430 LIST_FOR_EACH( p, list )
432 const struct object_name *ptr = LIST_ENTRY( p, struct object_name, entry );
433 if (ptr->len != name->len) continue;
434 if (attributes & OBJ_CASE_INSENSITIVE)
436 if (!strncmpiW( ptr->name, name->str, name->len/sizeof(WCHAR) ))
437 return grab_object( ptr->obj );
439 else
441 if (!memcmp( ptr->name, name->str, name->len ))
442 return grab_object( ptr->obj );
445 return NULL;
448 /* find an object by its index; the refcount is incremented */
449 struct object *find_object_index( const struct namespace *namespace, unsigned int index )
451 unsigned int i;
453 /* FIXME: not efficient at all */
454 for (i = 0; i < namespace->hash_size; i++)
456 const struct object_name *ptr;
457 LIST_FOR_EACH_ENTRY( ptr, &namespace->names[i], const struct object_name, entry )
459 if (!index--) return grab_object( ptr->obj );
462 set_error( STATUS_NO_MORE_ENTRIES );
463 return NULL;
466 /* allocate a namespace */
467 struct namespace *create_namespace( unsigned int hash_size )
469 struct namespace *namespace;
470 unsigned int i;
472 namespace = mem_alloc( sizeof(*namespace) + (hash_size - 1) * sizeof(namespace->names[0]) );
473 if (namespace)
475 namespace->hash_size = hash_size;
476 for (i = 0; i < hash_size; i++) list_init( &namespace->names[i] );
478 return namespace;
481 /* functions for unimplemented/default object operations */
483 struct object_type *no_get_type( struct object *obj )
485 return NULL;
488 int no_add_queue( struct object *obj, struct wait_queue_entry *entry )
490 set_error( STATUS_OBJECT_TYPE_MISMATCH );
491 return 0;
494 void no_satisfied( struct object *obj, struct wait_queue_entry *entry )
498 int no_signal( struct object *obj, unsigned int access )
500 set_error( STATUS_OBJECT_TYPE_MISMATCH );
501 return 0;
504 struct fd *no_get_fd( struct object *obj )
506 set_error( STATUS_OBJECT_TYPE_MISMATCH );
507 return NULL;
510 unsigned int no_map_access( struct object *obj, unsigned int access )
512 if (access & GENERIC_READ) access |= STANDARD_RIGHTS_READ;
513 if (access & GENERIC_WRITE) access |= STANDARD_RIGHTS_WRITE;
514 if (access & GENERIC_EXECUTE) access |= STANDARD_RIGHTS_EXECUTE;
515 if (access & GENERIC_ALL) access |= STANDARD_RIGHTS_ALL;
516 return access & ~(GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | GENERIC_ALL);
519 struct security_descriptor *default_get_sd( struct object *obj )
521 return obj->sd;
524 int set_sd_defaults_from_token( struct object *obj, const struct security_descriptor *sd,
525 unsigned int set_info, struct token *token )
527 struct security_descriptor new_sd, *new_sd_ptr;
528 int present;
529 const SID *owner = NULL, *group = NULL;
530 const ACL *sacl, *dacl;
531 char *ptr;
533 if (!set_info) return 1;
535 new_sd.control = sd->control & ~SE_SELF_RELATIVE;
537 if (set_info & OWNER_SECURITY_INFORMATION && sd->owner_len)
539 owner = sd_get_owner( sd );
540 new_sd.owner_len = sd->owner_len;
542 else if (obj->sd && obj->sd->owner_len)
544 owner = sd_get_owner( obj->sd );
545 new_sd.owner_len = obj->sd->owner_len;
547 else if (token)
549 owner = token_get_user( token );
550 new_sd.owner_len = security_sid_len( owner );
552 else new_sd.owner_len = 0;
554 if (set_info & GROUP_SECURITY_INFORMATION && sd->group_len)
556 group = sd_get_group( sd );
557 new_sd.group_len = sd->group_len;
559 else if (obj->sd && obj->sd->group_len)
561 group = sd_get_group( obj->sd );
562 new_sd.group_len = obj->sd->group_len;
564 else if (token)
566 group = token_get_primary_group( token );
567 new_sd.group_len = security_sid_len( group );
569 else new_sd.group_len = 0;
571 new_sd.control |= SE_SACL_PRESENT;
572 sacl = sd_get_sacl( sd, &present );
573 if (set_info & SACL_SECURITY_INFORMATION && present)
574 new_sd.sacl_len = sd->sacl_len;
575 else
577 if (obj->sd) sacl = sd_get_sacl( obj->sd, &present );
579 if (obj->sd && present)
580 new_sd.sacl_len = obj->sd->sacl_len;
581 else
582 new_sd.sacl_len = 0;
585 new_sd.control |= SE_DACL_PRESENT;
586 dacl = sd_get_dacl( sd, &present );
587 if (set_info & DACL_SECURITY_INFORMATION && present)
588 new_sd.dacl_len = sd->dacl_len;
589 else
591 if (obj->sd) dacl = sd_get_dacl( obj->sd, &present );
593 if (obj->sd && present)
594 new_sd.dacl_len = obj->sd->dacl_len;
595 else if (token)
597 dacl = token_get_default_dacl( token );
598 new_sd.dacl_len = dacl->AclSize;
600 else new_sd.dacl_len = 0;
603 ptr = mem_alloc( sizeof(new_sd) + new_sd.owner_len + new_sd.group_len +
604 new_sd.sacl_len + new_sd.dacl_len );
605 if (!ptr) return 0;
606 new_sd_ptr = (struct security_descriptor*)ptr;
608 memcpy( ptr, &new_sd, sizeof(new_sd) );
609 ptr += sizeof(new_sd);
610 memcpy( ptr, owner, new_sd.owner_len );
611 ptr += new_sd.owner_len;
612 memcpy( ptr, group, new_sd.group_len );
613 ptr += new_sd.group_len;
614 memcpy( ptr, sacl, new_sd.sacl_len );
615 ptr += new_sd.sacl_len;
616 memcpy( ptr, dacl, new_sd.dacl_len );
618 free( obj->sd );
619 obj->sd = new_sd_ptr;
620 return 1;
623 /** Set the security descriptor using the current primary token for defaults. */
624 int default_set_sd( struct object *obj, const struct security_descriptor *sd,
625 unsigned int set_info )
627 return set_sd_defaults_from_token( obj, sd, set_info, current->process->token );
630 struct object *no_lookup_name( struct object *obj, struct unicode_str *name,
631 unsigned int attr )
633 if (!name) set_error( STATUS_OBJECT_TYPE_MISMATCH );
634 return NULL;
637 int no_link_name( struct object *obj, struct object_name *name, struct object *parent )
639 set_error( STATUS_OBJECT_TYPE_MISMATCH );
640 return 0;
643 void default_unlink_name( struct object *obj, struct object_name *name )
645 list_remove( &name->entry );
648 struct object *no_open_file( struct object *obj, unsigned int access, unsigned int sharing,
649 unsigned int options )
651 set_error( STATUS_OBJECT_TYPE_MISMATCH );
652 return NULL;
655 int no_close_handle( struct object *obj, struct process *process, obj_handle_t handle )
657 return 1; /* ok to close */
660 void no_destroy( struct object *obj )