[ros-diffs] [aandrejevic] 67476: [NTVDM] Also check for BlockData == 0 in RosResizeMemory. This, however, wasn't a crash since we were lucky enough to cast the segment to a WORD before the access.

Author: aandrejevic Date: Wed Apr 29 00:58:22 2015 New Revision: 67476 URL: http://svn.reactos.org/svn/reactos?rev=67476&view=rev Log: [NTVDM] Also check for BlockData == 0 in RosResizeMemory. This, however, wasn't a crash since we were lucky enough to cast the segment to a WORD before the access. Modified: trunk/reactos/subsystems/mvdm/ntvdm/dos/dos32krnl/memory.c Modified: trunk/reactos/subsystems/mvdm/ntvdm/dos/dos32krnl/memory.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/mvdm/ntvdm/dos/… ============================================================================== --- trunk/reactos/subsystems/mvdm/ntvdm/dos/dos32krnl/memory.c [iso-8859-1] (original) +++ trunk/reactos/subsystems/mvdm/ntvdm/dos/dos32krnl/memory.c [iso-8859-1] Wed Apr 29 00:58:22 2015 @@ -210,7 +210,9 @@ NewSize); /* Make sure this is a valid, allocated block */ - if ((Mcb->BlockType != 'M' && Mcb->BlockType != 'Z') || Mcb->OwnerPsp == 0) + if (BlockData == 0 + || (Mcb->BlockType != 'M' && Mcb->BlockType != 'Z') + || Mcb->OwnerPsp == 0) { Success = FALSE; DosLastError = ERROR_INVALID_HANDLE;