[ros-diffs] [hyperion] 37616: modified ntoskrnl/ex/sysinfo.c MaxSystemInfoClass is now much larger than the size of the CallQS table: use the actual size of the table in range checks to prevent an overrun Fixes CID 527, CID 528
hyperion at svn.reactos.org
hyperion at svn.reactos.org
Mon Nov 24 14:47:44 CET 2008
Author: hyperion
Date: Mon Nov 24 07:47:44 2008
New Revision: 37616
URL: http://svn.reactos.org/svn/reactos?rev=37616&view=rev
Log:
modified ntoskrnl/ex/sysinfo.c
MaxSystemInfoClass is now much larger than the size of the CallQS table: use the actual size of the table in range checks to prevent an overrun
Fixes CID 527, CID 528
Modified:
trunk/reactos/ntoskrnl/ex/sysinfo.c
Modified: trunk/reactos/ntoskrnl/ex/sysinfo.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ex/sysinfo.c?rev=37616&r1=37615&r2=37616&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/ex/sysinfo.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/ex/sysinfo.c [iso-8859-1] Mon Nov 24 07:47:44 2008
@@ -1794,6 +1794,9 @@
SI_QX(SystemSessionProcessesInformation)
};
+C_ASSERT(SystemBasicInformation == 0);
+#define MIN_SYSTEM_INFO_CLASS (SystemBasicInformation)
+#define MAX_SYSTEM_INFO_CLASS (sizeof(CallQS) / sizeof(CallQS[0]))
/*
* @implemented
@@ -1825,7 +1828,7 @@
/*
* Check the request is valid.
*/
- if (SystemInformationClass >= MaxSystemInfoClass)
+ if (SystemInformationClass >= MAX_SYSTEM_INFO_CLASS)
{
_SEH2_YIELD(return STATUS_INVALID_INFO_CLASS);
}
@@ -1892,8 +1895,8 @@
/*
* Check the request is valid.
*/
- if ( (SystemInformationClass >= SystemBasicInformation)
- && (SystemInformationClass < MaxSystemInfoClass)
+ if ( (SystemInformationClass >= MIN_SYSTEM_INFO_CLASS)
+ && (SystemInformationClass < MAX_SYSTEM_INFO_CLASS)
)
{
if (NULL != CallQS [SystemInformationClass].Set)
More information about the Ros-diffs
mailing list