ntdll: Improve parameter checking in NtOpenKey

[Nikolay Sivov]

Changelog:
   - Improve parameter checking in NtOpenKey

>From 62de820b75750d3f504b53c7be233cf0fafedc27 Mon Sep 17 00:00:00 2001
From: Nikolay Sivov <bunglehead at gmail.com>
Date: Thu, 5 Mar 2009 07:48:09 -0500
Subject: Improve parameter checking in NtOpenKey

---
 dlls/ntdll/reg.c       |   11 ++++++++++-
 dlls/ntdll/tests/reg.c |   11 ++++++++---
 2 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/dlls/ntdll/reg.c b/dlls/ntdll/reg.c
index 6521c70..e92ff75 100644
--- a/dlls/ntdll/reg.c
+++ b/dlls/ntdll/reg.c
@@ -114,13 +114,22 @@ NTSTATUS WINAPI RtlpNtCreateKey( PHANDLE retkey, ACCESS_MASK access, const OBJEC
 NTSTATUS WINAPI NtOpenKey( PHANDLE retkey, ACCESS_MASK access, const OBJECT_ATTRIBUTES *attr )
 {
     NTSTATUS ret;
-    DWORD len = attr->ObjectName->Length;
+    DWORD len;
+
+    if (!attr)
+    {
+        TRACE( "(%p,%x,%p)\n", attr, access, retkey );
+        return STATUS_ACCESS_VIOLATION;
+    }
+
+    len = attr->ObjectName->Length;
 
     TRACE( "(%p,%s,%x,%p)\n", attr->RootDirectory,
            debugstr_us(attr->ObjectName), access, retkey );
 
     if (len > MAX_NAME_LENGTH) return STATUS_BUFFER_OVERFLOW;
     if (!retkey) return STATUS_INVALID_PARAMETER;
+    if (attr->Length != sizeof(OBJECT_ATTRIBUTES)) return STATUS_INVALID_PARAMETER;
 
     SERVER_START_REQ( open_key )
     {
diff --git a/dlls/ntdll/tests/reg.c b/dlls/ntdll/tests/reg.c
index 25d2145..f5a6b9f 100644
--- a/dlls/ntdll/tests/reg.c
+++ b/dlls/ntdll/tests/reg.c
@@ -342,12 +342,12 @@ static void test_NtOpenKey(void)
     /* All NULL */
     status = pNtOpenKey(NULL, 0, NULL);
     ok(status == STATUS_ACCESS_VIOLATION, "Expected STATUS_ACCESS_VIOLATION, got: 0x%08x\n", status);
-
+    }
     /* NULL attributes */
     status = pNtOpenKey(&key, 0, NULL);
     ok(status == STATUS_ACCESS_VIOLATION /* W2K3/XP/W2K */ || status == STATUS_INVALID_PARAMETER /* NT4 */,
         "Expected STATUS_ACCESS_VIOLATION or STATUS_INVALID_PARAMETER(NT4), got: 0x%08x\n", status);
-    }
+
 
     InitializeObjectAttributes(&attr, &winetestpath, 0, 0, 0);
 
@@ -359,8 +359,13 @@ static void test_NtOpenKey(void)
     /* Length > sizeof(OBJECT_ATTRIBUTES) */
     attr.Length *= 2;
     status = pNtOpenKey(&key, am, &attr);
+    ok(status == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got: 0x%08x\n", status);
+
+    /* Length > sizeof(OBJECT_ATTRIBUTES), NULL key - test parameter checking order */
+    attr.Length *= 2;
+    status = pNtOpenKey(NULL, am, &attr);
     todo_wine
-        ok(status == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got: 0x%08x\n", status);
+        ok(status == STATUS_ACCESS_VIOLATION, "Expected STATUS_ACCESS_VIOLATION, got: 0x%08x\n", status);
 }
 
 static void test_NtCreateKey(void)
-- 
1.5.6.5