Author: sginsberg Date: Sun Sep 7 12:31:09 2008 New Revision: 36038 URL: http://svn.reactos.org/svn/reactos?rev=36038&view=rev Log: - Patch by Cameron "aicom" Gutman: Ensure allocation succeeded and wrap MmProbeAndLockPages in SEH Modified: trunk/reactos/ntoskrnl/ex/profile.c Modified: trunk/reactos/ntoskrnl/ex/profile.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ex/profile.c?rev=… ============================================================================== --- trunk/reactos/ntoskrnl/ex/profile.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/ex/profile.c [iso-8859-1] Sun Sep 7 12:31:09 2008 @@ -359,14 +359,41 @@ /* Allocate a Kernel Profile Object. */ ProfileObject = ExAllocatePoolWithTag(NonPagedPool, - sizeof(EPROFILE), - TAG_PROFILE); + sizeof(EPROFILE), + TAG_PROFILE); + if (!ProfileObject) + { + /* Out of memory, fail */ + KeReleaseMutex(&ExpProfileMutex, FALSE); + ObDereferenceObject(Profile); + return STATUS_INSUFFICIENT_RESOURCES; + } /* Allocate the Mdl Structure */ Profile->Mdl = MmCreateMdl(NULL, Profile->Buffer, Profile->BufferSize); - /* Probe and Lock for Write Access */ - MmProbeAndLockPages(Profile->Mdl, PreviousMode, IoWriteAccess); + /* Protect this in SEH as we might raise an exception */ + _SEH_TRY + { + /* Probe and Lock for Write Access */ + MmProbeAndLockPages(Profile->Mdl, PreviousMode, IoWriteAccess); + } + _SEH_EXCEPT(_SEH_ExSystemExceptionFilter) + { + /* Get the exception code */ + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + /* Fail if we raised an exception */ + if (!NT_SUCCESS(Status)) + { + /* Release our lock, free the buffer, dereference and return */ + KeReleaseMutex(&ExpProfileMutex, FALSE); + ObDereferenceObject(Profile); + ExFreePool(ProfileObject); + return Status; + } /* Map the pages */ TempLockedBufferAddress = MmMapLockedPages(Profile->Mdl, KernelMode);