Aimed at fixing the ATTEMPED_EXECUTE_OF_NOEXECUTE_MEMORY BSoD reporte…

…d by yyjdelete, still has problems.
nmap · Feb 28, 2016 · f68b20f · f68b20f
1 parent 35769ef
commit f68b20f
Show file tree

Hide file tree

Showing 3 changed files with 84 additions and 10 deletions.
diff --git a/packetWin7/npf/npf/Openclos.c b/packetWin7/npf/npf/Openclos.c
@@ -1302,6 +1302,7 @@ NPF_CreateOpenObject(
 	//
 	Open->NumPendingIrps = 0;
 	Open->ClosePending = FALSE;
+	Open->PausePending = FALSE;
 	NdisAllocateSpinLock(&Open->OpenInUseLock);
 
 	//
@@ -1583,14 +1584,26 @@ NPF_Pause(
 	PNDIS_FILTER_PAUSE_PARAMETERS   PauseParameters
 	)
 {
-	NDIS_STATUS Status;
+	POPEN_INSTANCE          Open = (POPEN_INSTANCE)FilterModuleContext;
+	NDIS_STATUS             Status;
 
-	UNREFERENCED_PARAMETER(FilterModuleContext);
 	UNREFERENCED_PARAMETER(PauseParameters);
 	TRACE_ENTER();
 
-	// Do nothing here
-	Status = NDIS_STATUS_SUCCESS;
+	NdisAcquireSpinLock(&Open->OpenInUseLock);
+
+	if (Open->Multiple_Write_Counter > 0 || Open->TransmitPendingPackets > 0)
+	{
+		Open->PausePending = TRUE;
+		Status = NDIS_STATUS_PENDING;
+	}
+	else
+	{
+		Status = NDIS_STATUS_SUCCESS;
+	}
+
+	NdisReleaseSpinLock(&Open->OpenInUseLock);
+
 	TRACE_EXIT();
 	return Status;
 }

diff --git a/packetWin7/npf/npf/Packet.h b/packetWin7/npf/npf/Packet.h
@@ -362,6 +362,7 @@ typedef struct _OPEN_INSTANCE
 	ULONG					TransmitPendingPackets;	///< Specifies the number of packets that are pending to be transmitted, i.e. have been submitted to NdisSendXXX but the SendComplete has not been called yet.
 	ULONG					NumPendingIrps;
 	BOOLEAN					ClosePending;
+	BOOLEAN					PausePending;
 	NDIS_SPIN_LOCK			OpenInUseLock;
 }
 OPEN_INSTANCE, *POPEN_INSTANCE;

diff --git a/packetWin7/npf/npf/Write.c b/packetWin7/npf/npf/Write.c
@@ -131,7 +131,7 @@ NPF_Write(
 
 		TRACE_EXIT();
 		return STATUS_INVALID_DEVICE_REQUEST;
-	} 
+	}
 
 	NdisAcquireSpinLock(&Open->WriteLock);
 	if (Open->WriteInProgress)
@@ -209,7 +209,34 @@ NPF_Write(
 
 			// Attach the writes buffer to the packet
 
-			InterlockedIncrement(&Open->TransmitPendingPackets);
+			NdisAcquireSpinLock(&Open->OpenInUseLock);
+			if (Open->PausePending)
+			{
+				Status = NDIS_STATUS_PAUSED;
+			}
+			else
+			{
+				Status = NDIS_STATUS_SUCCESS;
+				InterlockedIncrement(&Open->TransmitPendingPackets);
+			}
+			NdisReleaseSpinLock(&Open->OpenInUseLock);
+
+			if (Status == NDIS_STATUS_PAUSED)
+			{
+				// The adapter is pending to pause, so we don't send the packets.
+				TRACE_MESSAGE(PACKET_DEBUG_LOUD, "The adapter is pending to pause, unable to send the packets.");
+
+				NPF_FreePackets(pNetBufferList);
+				NPF_StopUsingBinding(Open);
+				NPF_StopUsingOpenInstance(Open);
+
+				Irp->IoStatus.Information = 0;
+				Irp->IoStatus.Status = STATUS_UNSUCCESSFUL;
+				IoCompleteRequest(Irp, IO_NO_INCREMENT);
+				TRACE_EXIT();
+				return STATUS_UNSUCCESSFUL;
+			}
+
 
 			NdisResetEvent(&Open->NdisWriteCompleteEvent);
 
@@ -416,7 +443,7 @@ NPF_BufferedWrite(
 		// The Network adapter was removed. 
 		TRACE_EXIT();
 		return 0;
-	} 
+	}
 
 	// Sanity check on the user buffer
 	if (UserBuff == NULL)
@@ -432,7 +459,7 @@ NPF_BufferedWrite(
 	// Check that the MaxFrameSize is correctly initialized
 	if (Open->MaxFrameSize == 0)
 	{
-		IF_LOUD(DbgPrint("BufferedWrite: Open->MaxFrameSize not initialized, probably because of a problem in the OID query\n");)
+		IF_LOUD(DbgPrint("NPF_BufferedWrite: Open->MaxFrameSize not initialized, probably because of a problem in the OID query\n");)
 
 		// 
 		// release ownership of the NdisAdapter binding
@@ -572,8 +599,27 @@ NPF_BufferedWrite(
 
 		TmpMdl->Next = NULL;
 
-		// Increment the number of pending sends
-		InterlockedIncrement(&Open->Multiple_Write_Counter);
+		NdisAcquireSpinLock(&Open->OpenInUseLock);
+		if (Open->PausePending)
+		{
+			Status = NDIS_STATUS_PAUSED;
+		}
+		else
+		{
+			Status = NDIS_STATUS_SUCCESS;
+			// Increment the number of pending sends
+			InterlockedIncrement(&Open->Multiple_Write_Counter);
+		}
+		NdisReleaseSpinLock(&Open->OpenInUseLock);
+
+		if (Status == NDIS_STATUS_PAUSED)
+		{
+			// The adapter is pending to pause, so we don't send the packets.
+			IF_LOUD(DbgPrint("NPF_BufferedWrite: the adapter is pending to pause, unable to send the packets.\n");)
+
+			result = -1;
+			break;
+		}
 
 		//receive the packets before sending them
 		ASSERT(Open->GroupHead != NULL);
@@ -892,8 +938,11 @@ NPF_SendCompleteExForEachOpen(
 	IN BOOLEAN FreeBufAfterWrite
 	)
 {
+	BOOLEAN CompletePause = FALSE;
 	//TRACE_ENTER();
 
+	NdisAcquireSpinLock(&Open->OpenInUseLock);
+
 	if (FreeBufAfterWrite)
 	{
 		// Increment the number of pending sends
@@ -937,6 +986,17 @@ NPF_SendCompleteExForEachOpen(
 		//TRACE_EXIT();
 	}
 
+	if (Open->Multiple_Write_Counter == 0 && Open->TransmitPendingPackets == 0 && Open->PausePending)
+	{
+		CompletePause = TRUE;
+	}
+
+	NdisReleaseSpinLock(&Open->OpenInUseLock);
+
+	if (CompletePause)
+	{
+		NdisFPauseComplete(Open->AdapterHandle);
+	}
 }
 
 //-------------------------------------------------------------------