9 May
2005
9 May
'05
6:24 p.m.
Alex Ionescu wrote:
I am not viewing one second call to SeCaptureSubjectContext. I
back-reverse from WinXP no-sp and it only take one call. Can you mail me
version and SP to check ?
Thanks.
This is my
first contact with ReactOS development. I am looking in
code and learning a lot of things here. I want to contribute and i
think that i am a "acceptable" reverser so i followed a blackbox
approach with this patch byte to byte.
I don't have anything against that. Btw, you missed a call to
SeCaptureSubjectContext in SeCreateAccessState.
If you want i can attach in this list my SeCreateAccessState's
dead-listing from Windows XP no-sp (Spanish version).
No, it's ok. The problem which I have is that the binary only
accesses the first two
members of that structure. There is no way anyone could've known the
function of the third member ( I didn't even think/know one existed)
since it is currently unused, even in Windows Server 2003. Therefore I
must conclude it was added from internal microsoft headers which were
emailed to you.
Headers weren't emailed to me. Structure yes and it didn't contain any
reference to Msoft headers.
Anyway the point is that we know that the original structure have tree
members. It is publicly know in a legal or ilegal way but we can't add
that structure because Google doesn't reference that third member and
public code references doesn't exist.
Ok, functions doesn't need that third member so we can delete it.
Alex, my problem is that i get that information with a single question
in an internal but public list to students and professors. When i
change my raw structure by that best match i was thinking in code
calculating sizeofs or allocating memory internally by drivers
programmed for Windows where we have only the binary.
My question is about closed-source drivers. Imagine that they allocate
that opaque structure and then they zeroed with a sizeof(). I am sure
that it should get problems. I think that if we know a structure we
should can add it avoiding future crashes but i get your point perfectly.
so what do you think about erase the third member and keep the two field
touched by SeCreateAccessState ?
-Javier