Author: tfaber Date: Sun Oct 12 11:35:11 2014 New Revision: 64690 URL: http://svn.reactos.org/svn/reactos?rev=64690&view=rev Log: [NTDLL:DBG] - Use NtReadVirtualMemory instead of dereferencing a pointer from a different process in DbgUiConvertStateChangeStructure. CORE-8622 #resolve Modified: trunk/reactos/dll/ntdll/dbg/dbgui.c Modified: trunk/reactos/dll/ntdll/dbg/dbgui.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/ntdll/dbg/dbgui.c?rev=… ============================================================================== --- trunk/reactos/dll/ntdll/dbg/dbgui.c [iso-8859-1] (original) +++ trunk/reactos/dll/ntdll/dbg/dbgui.c [iso-8859-1] Sun Oct 12 11:35:11 2014 @@ -66,6 +66,9 @@ THREAD_BASIC_INFORMATION ThreadBasicInfo; LPDEBUG_EVENT DebugEvent = Win32DebugEvent; HANDLE ThreadHandle; + HANDLE ProcessHandle; + PTEB Teb; + PVOID Pointer; /* Write common data */ DebugEvent->dwProcessId = (DWORD)WaitStateChange-> @@ -256,13 +259,31 @@ NtClose(ThreadHandle); } - /* Check if we got thread information */ + /* If we got thread information, open the process */ if (NT_SUCCESS(Status)) { - /* Save the image name from the TIB */ - DebugEvent->u.LoadDll.lpImageName = - ((PTEB)ThreadBasicInfo.TebBaseAddress)-> - NtTib.ArbitraryUserPointer; + Status = NtOpenProcess(&ProcessHandle, + PROCESS_VM_READ, + &ObjectAttributes, + &WaitStateChange->AppClientId); + } + + if (NT_SUCCESS(Status)) + { + /* Read the image name from the TIB */ + Teb = ThreadBasicInfo.TebBaseAddress; + Status = NtReadVirtualMemory(ProcessHandle, + &Teb->NtTib.ArbitraryUserPointer, + &Pointer, + sizeof(Pointer), + NULL); + NtClose(ProcessHandle); + } + + if (NT_SUCCESS(Status)) + { + /* If everything was successful, set the image name */ + DebugEvent->u.LoadDll.lpImageName = Pointer; } else {