Author: dchapyshev Date: Fri Jun 19 11:46:46 2009 New Revision: 41464 URL: http://svn.reactos.org/svn/reactos?rev=41464&view=rev Log: - Add probing of the result buffers Modified: trunk/reactos/ntoskrnl/ps/query.c Modified: trunk/reactos/ntoskrnl/ps/query.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ps/query.c?rev=41… ============================================================================== --- trunk/reactos/ntoskrnl/ps/query.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/ps/query.c [iso-8859-1] Fri Jun 19 11:46:46 2009 @@ -80,17 +80,25 @@ ULONG Cookie; PAGED_CODE(); - /* Check validity of Information Class */ -#if 0 - Status = DefaultQueryInfoBufferCheck(ProcessInformationClass, - PsProcessInfoClass, - RTL_NUMBER_OF(PsProcessInfoClass), - ProcessInformation, - ProcessInformationLength, - ReturnLength, - PreviousMode); - if (!NT_SUCCESS(Status)) return Status; -#endif + /* Check for user-mode caller */ + if (PreviousMode != KernelMode) + { + /* Prepare to probe parameters */ + _SEH2_TRY + { + ProbeForWrite(ProcessInformation, + ProcessInformationLength, + sizeof(ULONG)); + if (ReturnLength) ProbeForWriteUlong(ReturnLength); + } + _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) + { + /* Get the error code */ + Status = _SEH2_GetExceptionCode(); + } + _SEH2_END; + if(!NT_SUCCESS(Status)) return Status; + } if((ProcessInformationClass == ProcessCookie) && (ProcessHandle != NtCurrentProcess()))