[ros-diffs] [amunger] 28569: NtQuerySystemInformation: Do not blindly zero the buffer with the size sent in by the caller. This fixes the stack smash "ntdll_winetest info" was seeing. Thanks to arty for catching it. Remove the nested SEH. "ntdll_winetest info" now has 16 failures.
amunger at svn.reactos.org
amunger at svn.reactos.org
Sun Aug 26 09:39:29 CEST 2007
Author: amunger
Date: Sun Aug 26 11:39:29 2007
New Revision: 28569
URL: http://svn.reactos.org/svn/reactos?rev=28569&view=rev
Log:
NtQuerySystemInformation:
Do not blindly zero the buffer with the size sent in by the caller. This fixes the stack smash "ntdll_winetest info" was seeing. Thanks to arty for catching it.
Remove the nested SEH.
"ntdll_winetest info" now has 16 failures.
Modified:
trunk/reactos/ntoskrnl/ex/sysinfo.c
Modified: trunk/reactos/ntoskrnl/ex/sysinfo.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ex/sysinfo.c?rev=28569&r1=28568&r2=28569&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/ex/sysinfo.c (original)
+++ trunk/reactos/ntoskrnl/ex/sysinfo.c Sun Aug 26 11:39:29 2007
@@ -501,6 +501,7 @@
{
return (STATUS_INFO_LENGTH_MISMATCH);
}
+ RtlZeroMemory(Sbi, Size);
Sbi->Reserved = 0;
Sbi->TimerResolution = KeMaximumIncrement;
Sbi->PageSize = PAGE_SIZE;
@@ -722,6 +723,7 @@
{
_SEH_YIELD(return STATUS_INFO_LENGTH_MISMATCH); // in case buffer size is too small
}
+ RtlZeroMemory(Spi, Size);
syspr = PsGetNextProcess(NULL);
pr = syspr;
@@ -1819,9 +1821,6 @@
ProbeForWriteUlong(UnsafeResultLength);
}
- /* Clear user buffer. */
- RtlZeroMemory(SystemInformation, Length);
-
/*
* Check the request is valid.
*/
@@ -1842,15 +1841,7 @@
{
if (PreviousMode != KernelMode)
{
- _SEH_TRY
- {
*UnsafeResultLength = ResultLength;
- }
- _SEH_EXCEPT(_SEH_ExSystemExceptionFilter)
- {
- FStatus = _SEH_GetExceptionCode();
- }
- _SEH_END;
}
else
{
More information about the Ros-diffs
mailing list