[amunger] 28569: NtQuerySystemInformation: Do not blindly zero the buffer with the size sent in by the caller. This fixes the stack smash "ntdll_winetest info" was seeing. Thanks to arty for catching it. Remove the nested SEH. "ntdll_winetest info" now has 16 failures.
Author: amunger Date: Sun Aug 26 11:39:29 2007 New Revision: 28569
URL: http://svn.reactos.org/svn/reactos?rev=28569&view=rev Log: NtQuerySystemInformation: Do not blindly zero the buffer with the size sent in by the caller. This fixes the stack smash "ntdll_winetest info" was seeing. Thanks to arty for catching it. Remove the nested SEH. "ntdll_winetest info" now has 16 failures.
Modified: trunk/reactos/ntoskrnl/ex/sysinfo.c
Modified: trunk/reactos/ntoskrnl/ex/sysinfo.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ex/sysinfo.c?rev=2... ============================================================================== --- trunk/reactos/ntoskrnl/ex/sysinfo.c (original) +++ trunk/reactos/ntoskrnl/ex/sysinfo.c Sun Aug 26 11:39:29 2007 @@ -501,6 +501,7 @@ { return (STATUS_INFO_LENGTH_MISMATCH); } + RtlZeroMemory(Sbi, Size); Sbi->Reserved = 0; Sbi->TimerResolution = KeMaximumIncrement; Sbi->PageSize = PAGE_SIZE; @@ -722,6 +723,7 @@ { _SEH_YIELD(return STATUS_INFO_LENGTH_MISMATCH); // in case buffer size is too small } + RtlZeroMemory(Spi, Size);
syspr = PsGetNextProcess(NULL); pr = syspr; @@ -1819,9 +1821,6 @@ ProbeForWriteUlong(UnsafeResultLength); }
- /* Clear user buffer. */ - RtlZeroMemory(SystemInformation, Length); - /* * Check the request is valid. */ @@ -1842,15 +1841,7 @@ { if (PreviousMode != KernelMode) { - _SEH_TRY - { *UnsafeResultLength = ResultLength; - } - _SEH_EXCEPT(_SEH_ExSystemExceptionFilter) - { - FStatus = _SEH_GetExceptionCode(); - } - _SEH_END; } else {
-
amunger@svn.reactos.org