Hartmut Birr wrote:
The real bug starts here. NtUserToUnicodeEx trys
to allocate to much
from nonpaged pool. This means cchBuff is to large. The only caller of
NtUserToUnicodeEx is ConioProcessKey. ConioProcessKey calls ToUnicodeEx
(which calls NtUserToUnicodeEx) with cchBuff = 2. Something is wrong in
the paramter translation between real and protected mode.
I set cchBuff = 2 inside of NtUserToUnicodeEx and this fixes the
following warnings:
I've the feeling that there exist an index mismatch of the called
functions. Possible user32 and win32k use different versions of w32ksvc.db.
- Hartmut