[ros-diffs] [tkreuzer] 39985: NtSetSystemInformation: - Don't leak the copied string when being called from user mode. - Don't recursively call ZwSetSystemInformation, instead continue the normal path.
tkreuzer at svn.reactos.org
tkreuzer at svn.reactos.org
Thu Mar 12 19:29:12 CET 2009
Author: tkreuzer
Date: Thu Mar 12 21:29:11 2009
New Revision: 39985
URL: http://svn.reactos.org/svn/reactos?rev=39985&view=rev
Log:
NtSetSystemInformation: - Don't leak the copied string when being called from user mode. - Don't recursively call ZwSetSystemInformation, instead continue the normal path.
Modified:
trunk/reactos/ntoskrnl/ex/sysinfo.c
Modified: trunk/reactos/ntoskrnl/ex/sysinfo.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ex/sysinfo.c?rev=39985&r1=39984&r2=39985&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/ex/sysinfo.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/ex/sysinfo.c [iso-8859-1] Thu Mar 12 21:29:11 2009
@@ -1587,18 +1587,10 @@
/* FIXME: We can't, fail */
//return STATUS_PRIVILEGE_NOT_HELD;
}
-
- /* Probe and capture the driver name */
- ProbeAndCaptureUnicodeString(&ImageName, UserMode, Buffer);
-
- /* Force kernel as previous mode */
- return ZwSetSystemInformation(SystemExtendServiceTableInformation,
- &ImageName,
- sizeof(ImageName));
- }
-
- /* Just copy the string */
- ImageName = *(PUNICODE_STRING)Buffer;
+ }
+
+ /* Probe and capture the driver name */
+ ProbeAndCaptureUnicodeString(&ImageName, PreviousMode, Buffer);
/* Load the image */
Status = MmLoadSystemImage(&ImageName,
@@ -1607,6 +1599,10 @@
0,
(PVOID)&ModuleObject,
&ImageBase);
+
+ /* Release String */
+ ReleaseCapturedUnicodeString(&ImageName, PreviousMode);
+
if (!NT_SUCCESS(Status)) return Status;
/* Get the headers */
More information about the Ros-diffs
mailing list