Alex Ionescu wrote:
This is my first contact with ReactOS development. I am looking in code and learning a lot of things here. I want to contribute and i think that i am a "acceptable" reverser so i followed a blackbox approach with this patch byte to byte.
I don't have anything against that. Btw, you missed a call to SeCaptureSubjectContext in SeCreateAccessState.
I am not viewing one second call to SeCaptureSubjectContext. I back-reverse from WinXP no-sp and it only take one call. Can you mail me version and SP to check ?
If you want i can attach in this list my SeCreateAccessState's dead-listing from Windows XP no-sp (Spanish version).
No, it's ok.
Thanks.
The problem which I have is that the binary only accesses the first two members of that structure. There is no way anyone could've known the function of the third member ( I didn't even think/know one existed) since it is currently unused, even in Windows Server 2003. Therefore I must conclude it was added from internal microsoft headers which were emailed to you.
Headers weren't emailed to me. Structure yes and it didn't contain any reference to Msoft headers.
Anyway the point is that we know that the original structure have tree members. It is publicly know in a legal or ilegal way but we can't add that structure because Google doesn't reference that third member and public code references doesn't exist.
Ok, functions doesn't need that third member so we can delete it.
Alex, my problem is that i get that information with a single question in an internal but public list to students and professors. When i change my raw structure by that best match i was thinking in code calculating sizeofs or allocating memory internally by drivers programmed for Windows where we have only the binary.
My question is about closed-source drivers. Imagine that they allocate that opaque structure and then they zeroed with a sizeof(). I am sure that it should get problems. I think that if we know a structure we should can add it avoiding future crashes but i get your point perfectly.
so what do you think about erase the third member and keep the two field touched by SeCreateAccessState ?
-Javier