Author: ion Date: Sat Jul 9 20:33:29 2011 New Revision: 52588
URL: http://svn.reactos.org/svn/reactos?rev=52588&view=rev Log: [NTDLL]: Fix busted up LdrpCreateDllSection function, checking for the wrong things completely for Safer support, and also messing up the failure/success paths. Based on a find by arty.
Modified: trunk/reactos/dll/ntdll/ldr/ldrutils.c
Modified: trunk/reactos/dll/ntdll/ldr/ldrutils.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/ntdll/ldr/ldrutils.c?re... ============================================================================== --- trunk/reactos/dll/ntdll/ldr/ldrutils.c [iso-8859-1] (original) +++ trunk/reactos/dll/ntdll/ldr/ldrutils.c [iso-8859-1] Sat Jul 9 20:33:29 2011 @@ -436,7 +436,7 @@
/* Check for Safer restrictions */ if (DllCharacteristics && - !(*DllCharacteristics & IMAGE_DLLCHARACTERISTICS_WX86_DLL)) + !(*DllCharacteristics & IMAGE_FILE_SYSTEM)) { /* Make sure it's executable */ Status = ZwQuerySection(*SectionHandle, @@ -446,10 +446,10 @@ NULL); if (NT_SUCCESS(Status)) { - /* Check if it's executable */ - if (SectionImageInfo.ImageContainsCode) - { - /* It is, check safer */ + /* Bypass the check for .NET images */ + if (!(SectionImageInfo.LoaderFlags & IMAGE_LOADER_FLAGS_COMPLUS)) + { + /* Check with Safer */ Status = LdrpCodeAuthzCheckDllAllowed(FullName, DllHandle); if (!NT_SUCCESS(Status) && (Status != STATUS_NOT_FOUND)) { @@ -459,18 +459,19 @@ DPRINT1("LDR: Loading of (%wZ) blocked by Winsafer\n", &FullName); } + + /* Failure case, close section handle */ + NtClose(*SectionHandle); + *SectionHandle = NULL; } - else - { - /* We're fine, return normally */ - goto Quickie; - } - } - } - - /* Failure case, close section handle */ - NtClose(*SectionHandle); - *SectionHandle = NULL; + } + } + else + { + /* Failure case, close section handle */ + NtClose(*SectionHandle); + *SectionHandle = NULL; + } }
Quickie: