[ros-diffs] [gadamopoulos] 55724: [ntoskrnl] - Fix a crash in KiSystemCall that was caused because PsConvertToGuiThread may have switched to a large kernel stack, but still returned with failure because win32k...
gadamopoulos at svn.reactos.org
gadamopoulos at svn.reactos.org
Sun Feb 19 22:05:26 UTC 2012
Author: gadamopoulos
Date: Sun Feb 19 22:05:25 2012
New Revision: 55724
URL: http://svn.reactos.org/svn/reactos?rev=55724&view=rev
Log:
[ntoskrnl]
- Fix a crash in KiSystemCall that was caused because PsConvertToGuiThread may have switched to a large kernel stack, but still returned with failure because win32k did not succeed. To fix it reload the trap frame after the call before checking for success.
Modified:
trunk/reactos/ntoskrnl/ke/i386/traphdlr.c
Modified: trunk/reactos/ntoskrnl/ke/i386/traphdlr.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/i386/traphdlr.c?rev=55724&r1=55723&r2=55724&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/ke/i386/traphdlr.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/ke/i386/traphdlr.c [iso-8859-1] Sun Feb 19 22:05:25 2012
@@ -1556,17 +1556,18 @@
/* Convert us to a GUI thread -- must wrap in ASM to get new EBP */
Result = KiConvertToGuiThread();
+
+ /* Reload trap frame and descriptor table pointer from new stack */
+ TrapFrame = *(volatile PVOID*)&Thread->TrapFrame;
+ DescriptorTable = (PVOID)(*(volatile ULONG_PTR*)&Thread->ServiceTable + Offset);
+
if (!NT_SUCCESS(Result))
{
/* Set the last error and fail */
//SetLastWin32Error(RtlNtStatusToDosError(Result));
goto ExitCall;
}
-
- /* Reload trap frame and descriptor table pointer from new stack */
- TrapFrame = *(volatile PVOID*)&Thread->TrapFrame;
- DescriptorTable = (PVOID)(*(volatile ULONG_PTR*)&Thread->ServiceTable + Offset);
-
+
/* Validate the system call number again */
if (Id >= DescriptorTable->Limit)
{
More information about the Ros-diffs
mailing list