[pschweitzer] 60003: [NTOSKRNL] Fix string size to store GPT GUIDs. This was causing a buffer overflow (with ending null char) and thus a stack corruption. The side effect of the stack corruption w... - Ros-diffs

10 Sep 2013

Author: pschweitzer
Date: Tue Sep 10 13:42:34 2013
New Revision: 60003

URL: http://svn.reactos.org/svn/reactos?rev=60003&view=rev
Log:
[NTOSKRNL]
Fix string size to store GPT GUIDs.
This was causing a buffer overflow (with ending null char) and thus a stack corruption.
The side effect of the stack corruption was that the debug code (display) was looping
forever while attempting to read partition table making ntoskrnl unable to boot with
a machine where there's a GPT disk.
Kernel is now able again to handle GPT disks (and they can be used again in user-land).

This was magically hidding before r59923 or by disabling NDEBUG. Lovely Heisenbugs :-).

Modified:
    trunk/reactos/ntoskrnl/fstub/fstubex.c

Modified: trunk/reactos/ntoskrnl/fstub/fstubex.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/fstub/fstubex.c?r…
==============================================================================

--- trunk/reactos/ntoskrnl/fstub/fstubex.c	[iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/fstub/fstubex.c	[iso-8859-1] Tue Sep 10 13:42:34 2013
@@ -86,6 +86,8 @@
 #define EFI_HEADER_REVISION_1 0x00010000
 /* Defines system type for MBR showing that a GPT is following */
 #define EFI_PMBR_OSTYPE_EFI 0xEE
+/* Defines size to store a complete GUID + null char */
+#define EFI_GUID_STRING_SIZE 0x27
 
 #define IS_VALID_DISK_INFO(Disk) \
   (Disk)               &&        \
@@ -534,7 +536,7 @@
 FstubDbgPrintDriveLayoutEx(IN PDRIVE_LAYOUT_INFORMATION_EX DriveLayout)
 {
     ULONG i;
-    CHAR Guid[38];
+    CHAR Guid[EFI_GUID_STRING_SIZE];
     PAGED_CODE();
 
     DPRINT("FSTUB: DRIVE_LAYOUT_INFORMATION_EX: %p\n", DriveLayout);
@@ -575,7 +577,7 @@
 FstubDbgPrintPartitionEx(IN PPARTITION_INFORMATION_EX PartitionEntry,
                          IN ULONG PartitionNumber)
 {
-    CHAR Guid[38];
+    CHAR Guid[EFI_GUID_STRING_SIZE];
     PAGED_CODE();
 
     DPRINT("Printing partition %lu\n", PartitionNumber);
@@ -614,7 +616,7 @@
 FstubDbgPrintSetPartitionEx(IN PSET_PARTITION_INFORMATION_EX PartitionEntry,
                             IN ULONG PartitionNumber)
 {
-    CHAR Guid[38];
+    CHAR Guid[EFI_GUID_STRING_SIZE];
     PAGED_CODE();
 
     DPRINT("FSTUB: SET_PARTITION_INFORMATION_EX: %p\n", PartitionEntry);



    