[reactos] 03/03: [NTOS:KD] Protect against invalid user arguments for BREAKPOINT_LOAD_SYMBOLS. CORE-14057
10 Dec
2017
10 Dec
'17
2:27 p.m.
https://git.reactos.org/?p=reactos.git;a=commitdiff;h=68ebcf16b8472a61e23a0…
commit 68ebcf16b8472a61e23a03fd44a9ba98155f53cd
Author: Thomas Faber <thomas.faber(a)reactos.org>
AuthorDate: Fri Dec 8 14:45:26 2017 +0100
[NTOS:KD] Protect against invalid user arguments for BREAKPOINT_LOAD_SYMBOLS.
CORE-14057
---
ntoskrnl/kd/kdmain.c | 33 ++++++++++++++++++++++++++++++---
1 file changed, 30 insertions(+), 3 deletions(-)
diff --git a/ntoskrnl/kd/kdmain.c b/ntoskrnl/kd/kdmain.c
index a6627b8ec0..52b8babbce 100644
--- a/ntoskrnl/kd/kdmain.c
+++ b/ntoskrnl/kd/kdmain.c
@@ -153,11 +153,38 @@ KdpEnterDebuggerException(IN PKTRAP_FRAME TrapFrame,
#ifdef KDBG
else if (ExceptionCommand == BREAKPOINT_LOAD_SYMBOLS)
{
+ PKD_SYMBOLS_INFO SymbolsInfo;
+ KD_SYMBOLS_INFO CapturedSymbolsInfo;
PLDR_DATA_TABLE_ENTRY LdrEntry;
- /* Load symbols. Currently implemented only for KDBG! */
-
if(KdbpSymFindModule(((PKD_SYMBOLS_INFO)ExceptionRecord->ExceptionInformation[2])->BaseOfDll,
NULL, -1, &LdrEntry))
- KdbSymProcessSymbols(LdrEntry);
+ SymbolsInfo = (PKD_SYMBOLS_INFO)ExceptionRecord->ExceptionInformation[2];
+ if (PreviousMode != KernelMode)
+ {
+ _SEH2_TRY
+ {
+ ProbeForRead(SymbolsInfo,
+ sizeof(*SymbolsInfo),
+ 1);
+ RtlCopyMemory(&CapturedSymbolsInfo,
+ SymbolsInfo,
+ sizeof(*SymbolsInfo));
+ SymbolsInfo = &CapturedSymbolsInfo;
+ }
+ _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
+ {
+ SymbolsInfo = NULL;
+ }
+ _SEH2_END;
+ }
+
+ if (SymbolsInfo != NULL)
+ {
+ /* Load symbols. Currently implemented only for KDBG! */
+ if (KdbpSymFindModule(SymbolsInfo->BaseOfDll, NULL, -1,
&LdrEntry))
+ {
+ KdbSymProcessSymbols(LdrEntry);
+ }
+ }
}
else if (ExceptionCommand == BREAKPOINT_PROMPT)
{
2476
days inactive
2476
days old
0 comments
1 participants
participants (1)
-
Thomas Faber