Author: ion Date: Tue May 16 19:04:50 2006 New Revision: 21916 URL: http://svn.reactos.ru/svn/reactos?rev=21916&view=rev Log: - Check the Image Config Data in MmCreatePeb for address abusing (bug #1487). - Speed-up the ElfpIsPowerOf2 function (bug #1464). Modified: trunk/reactos/ntoskrnl/mm/elf.inc.h trunk/reactos/ntoskrnl/mm/process.c Modified: trunk/reactos/ntoskrnl/mm/elf.inc.h URL: http://svn.reactos.ru/svn/reactos/trunk/reactos/ntoskrnl/mm/elf.inc.h?rev=2… ============================================================================== --- trunk/reactos/ntoskrnl/mm/elf.inc.h (original) +++ trunk/reactos/ntoskrnl/mm/elf.inc.h Tue May 16 19:04:50 2006 @@ -294,10 +294,7 @@ if(Number == 0) return FALSE; - while((Number % 2) == 0) - Number /= 2; - - return Number == 1; + return (Number & (Number - 1)) == 0; } static __inline Elf_Addr ElfFmtpModPow2 Modified: trunk/reactos/ntoskrnl/mm/process.c URL: http://svn.reactos.ru/svn/reactos/trunk/reactos/ntoskrnl/mm/process.c?rev=2… ============================================================================== --- trunk/reactos/ntoskrnl/mm/process.c (original) +++ trunk/reactos/ntoskrnl/mm/process.c Tue May 16 19:04:50 2006 @@ -297,12 +297,6 @@ /* Image Data */ if ((NtHeaders = RtlImageNtHeader(Peb->ImageBaseAddress))) { - /* Get the Image Config Data too */ - ImageConfigData = RtlImageDirectoryEntryToData(Peb->ImageBaseAddress, - TRUE, - IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG, - &ViewSize); - /* Write subsystem data */ Peb->ImageSubSystem = NtHeaders->OptionalHeader.Subsystem; Peb->ImageSubSystemMajorVersion = NtHeaders->OptionalHeader.MajorSubsystemVersion; @@ -315,22 +309,10 @@ Peb->OSMinorVersion = (NtHeaders->OptionalHeader.Win32VersionValue >> 8) & 0xFF; Peb->OSBuildNumber = (NtHeaders->OptionalHeader.Win32VersionValue >> 16) & 0x3FFF; - /* Lie about the version if requested */ - if (ImageConfigData && ImageConfigData->CSDVersion) - { - Peb->OSCSDVersion = ImageConfigData->CSDVersion; - } - /* Set the Platform ID */ Peb->OSPlatformId = (NtHeaders->OptionalHeader.Win32VersionValue >> 30) ^ 2; } - /* Check for affinity override */ - if (ImageConfigData && ImageConfigData->ProcessAffinityMask) - { - ProcessAffinityMask = ImageConfigData->ProcessAffinityMask; - } - /* Check if the image is not safe for SMP */ if (NtHeaders->FileHeader.Characteristics & IMAGE_FILE_UP_SYSTEM_ONLY) { @@ -342,6 +324,37 @@ /* Use affinity from Image Header */ Peb->ImageProcessAffinityMask = ProcessAffinityMask; } + + _SEH_TRY + { + /* Get the Image Config Data too */ + ImageConfigData = RtlImageDirectoryEntryToData(Peb->ImageBaseAddress, + TRUE, + IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG, + &ViewSize); + + ProbeForRead(ImageConfigData, + sizeof(IMAGE_LOAD_CONFIG_DIRECTORY), + sizeof(ULONG)); + + /* Process the image config data overrides if specfied. */ + if (ImageConfigData != NULL) + { + if (ImageConfigData->CSDVersion) + { + Peb->OSCSDVersion = ImageConfigData->CSDVersion; + } + if (ImageConfigData->ProcessAffinityMask) + { + ProcessAffinityMask = ImageConfigData->ProcessAffinityMask; + } + } + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; } /* Misc data */ @@ -352,7 +365,7 @@ KeDetachProcess(); DPRINT("MmCreatePeb: Peb created at %p\n", Peb); - return STATUS_SUCCESS; + return Status; } PTEB