9 Jul
2011
9 Jul
'11
8:33 p.m.
Author: ion
Date: Sat Jul 9 20:33:29 2011
New Revision: 52588
URL: http://svn.reactos.org/svn/reactos?rev=52588&view=rev
Log:
[NTDLL]: Fix busted up LdrpCreateDllSection function, checking for the wrong things
completely for Safer support, and also messing up the failure/success paths. Based on a
find by arty.
Modified:
trunk/reactos/dll/ntdll/ldr/ldrutils.c
Modified: trunk/reactos/dll/ntdll/ldr/ldrutils.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/ntdll/ldr/ldrutils.c?r…
==============================================================================
--- trunk/reactos/dll/ntdll/ldr/ldrutils.c [iso-8859-1] (original)
+++ trunk/reactos/dll/ntdll/ldr/ldrutils.c [iso-8859-1] Sat Jul 9 20:33:29 2011
@@ -436,7 +436,7 @@
/* Check for Safer restrictions */
if (DllCharacteristics &&
- !(*DllCharacteristics & IMAGE_DLLCHARACTERISTICS_WX86_DLL))
+ !(*DllCharacteristics & IMAGE_FILE_SYSTEM))
{
/* Make sure it's executable */
Status = ZwQuerySection(*SectionHandle,
@@ -446,10 +446,10 @@
NULL);
if (NT_SUCCESS(Status))
{
- /* Check if it's executable */
- if (SectionImageInfo.ImageContainsCode)
- {
- /* It is, check safer */
+ /* Bypass the check for .NET images */
+ if (!(SectionImageInfo.LoaderFlags & IMAGE_LOADER_FLAGS_COMPLUS))
+ {
+ /* Check with Safer */
Status = LdrpCodeAuthzCheckDllAllowed(FullName, DllHandle);
if (!NT_SUCCESS(Status) && (Status != STATUS_NOT_FOUND))
{
@@ -459,18 +459,19 @@
DPRINT1("LDR: Loading of (%wZ) blocked by Winsafer\n",
&FullName);
}
+
+ /* Failure case, close section handle */
+ NtClose(*SectionHandle);
+ *SectionHandle = NULL;
}
- else
- {
- /* We're fine, return normally */
- goto Quickie;
- }
- }
- }
-
- /* Failure case, close section handle */
- NtClose(*SectionHandle);
- *SectionHandle = NULL;
+ }
+ }
+ else
+ {
+ /* Failure case, close section handle */
+ NtClose(*SectionHandle);
+ *SectionHandle = NULL;
+ }
}
Quickie: