[ros-diffs] [tkreuzer] 45132: [NTOS] KiTrap0DHandler: fix buffer overrun (Spotted by Amine Khaldi) and optimize the code by checking the counter variable, instead of Instruction, this works the same, but the compiler can make sense of it and safe one comparison.
tkreuzer at svn.reactos.org
tkreuzer at svn.reactos.org
Mon Jan 18 17:16:59 CET 2010
Author: tkreuzer
Date: Mon Jan 18 17:16:59 2010
New Revision: 45132
URL: http://svn.reactos.org/svn/reactos?rev=45132&view=rev
Log:
[NTOS]
KiTrap0DHandler: fix buffer overrun (Spotted by Amine Khaldi) and optimize the code by checking the counter variable, instead of Instruction, this works the same, but the compiler can make sense of it and safe one comparison.
Modified:
trunk/reactos/ntoskrnl/ke/i386/traphdlr.c
Modified: trunk/reactos/ntoskrnl/ke/i386/traphdlr.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/i386/traphdlr.c?rev=45132&r1=45131&r2=45132&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/ke/i386/traphdlr.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/ke/i386/traphdlr.c [iso-8859-1] Mon Jan 18 17:16:59 2010
@@ -1078,7 +1078,7 @@
/* FIXME: Use SEH */
Instructions = (PUCHAR)TrapFrame->Eip;
- /* Scan next 15 opcodes */
+ /* Scan next 15 bytes */
for (i = 0; i < 15; i++)
{
/* Skip prefix instructions */
@@ -1093,7 +1093,7 @@
}
/* Is this NOT any prefix instruction? */
- if (Instructions[i] != KiTrapPrefixTable[j])
+ if (j == sizeof(KiTrapPrefixTable))
{
/* We can go ahead and handle the fault now */
Instruction = Instructions[i];
@@ -1102,7 +1102,7 @@
}
/* If all we found was prefixes, then this instruction is too long */
- if (!Instruction)
+ if (i == 15)
{
/* Setup illegal instruction fault */
KiDispatchException0Args(STATUS_ILLEGAL_INSTRUCTION,
More information about the Ros-diffs
mailing list