[ros-diffs] [reactos] 01/01: [NTOS:IO] Fix IRP stack location check in IoForwardIrpSynchronously We are doing IoCallDriver here, so the valid stack location should be CurrentLocation <= Irp->StackCount (just a check for a completly incorrect value) && CurrentLocation > 1 (ensure that we have a place for another call)

7 Sep 2020

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=f562f9c5c629cba3f370f0...
commit f562f9c5c629cba3f370f078d12c2f13a997c8f2
Author:     Victor Perevertkin victor.perevertkin@reactos.org
AuthorDate: Mon Sep 7 04:57:17 2020 +0300
Commit:     Victor Perevertkin victor.perevertkin@reactos.org
CommitDate: Mon Sep 7 04:57:17 2020 +0300
[NTOS:IO] Fix IRP stack location check in IoForwardIrpSynchronously
    We are doing IoCallDriver here, so the valid stack location should be
    CurrentLocation <= Irp->StackCount (just a check for a completly incorrect value)
    && CurrentLocation > 1 (ensure that we have a place for another call)
CORE-17189
Co-authored-by: Thomas Faber thomas.faber@reactos.org
---
 ntoskrnl/io/iomgr/irp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ntoskrnl/io/iomgr/irp.c b/ntoskrnl/io/iomgr/irp.c
index 1b19d49e9a4..2de843975e0 100644
--- a/ntoskrnl/io/iomgr/irp.c
+++ b/ntoskrnl/io/iomgr/irp.c
@@ -1629,7 +1629,7 @@ IoForwardIrpSynchronously(IN PDEVICE_OBJECT DeviceObject,
     NTSTATUS Status;
/* Check if next stack location is available */
-    if (Irp->CurrentLocation < Irp->StackCount)
+    if (Irp->CurrentLocation > Irp->StackCount || Irp->CurrentLocation <= 1)
     {
         /* No more stack location */
         return FALSE;

    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004