From 03f90f222d297e914e724b920fb8500526b87efb Mon Sep 17 00:00:00 2001 From: Andrew Munger Date: Sun, 26 Aug 2007 07:39:29 +0000 Subject: [PATCH] NtQuerySystemInformation: Do not blindly zero the buffer with the size sent in by the caller. This fixes the stack smash "ntdll_winetest info" was seeing. Thanks to arty for catching it. Remove the nested SEH. "ntdll_winetest info" now has 16 failures. svn path=/trunk/; revision=28569 --- reactos/ntoskrnl/ex/sysinfo.c | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/reactos/ntoskrnl/ex/sysinfo.c b/reactos/ntoskrnl/ex/sysinfo.c index cd609fef63c..ffcb4aad9e5 100644 --- a/reactos/ntoskrnl/ex/sysinfo.c +++ b/reactos/ntoskrnl/ex/sysinfo.c @@ -501,6 +501,7 @@ QSI_DEF(SystemBasicInformation) { return (STATUS_INFO_LENGTH_MISMATCH); } + RtlZeroMemory(Sbi, Size); Sbi->Reserved = 0; Sbi->TimerResolution = KeMaximumIncrement; Sbi->PageSize = PAGE_SIZE; @@ -722,6 +723,7 @@ QSI_DEF(SystemProcessInformation) { _SEH_YIELD(return STATUS_INFO_LENGTH_MISMATCH); // in case buffer size is too small } + RtlZeroMemory(Spi, Size); syspr = PsGetNextProcess(NULL); pr = syspr; @@ -1819,9 +1821,6 @@ NtQuerySystemInformation (IN SYSTEM_INFORMATION_CLASS SystemInformationClass, ProbeForWriteUlong(UnsafeResultLength); } - /* Clear user buffer. */ - RtlZeroMemory(SystemInformation, Length); - /* * Check the request is valid. */ @@ -1842,15 +1841,7 @@ NtQuerySystemInformation (IN SYSTEM_INFORMATION_CLASS SystemInformationClass, { if (PreviousMode != KernelMode) { - _SEH_TRY - { *UnsafeResultLength = ResultLength; - } - _SEH_EXCEPT(_SEH_ExSystemExceptionFilter) - { - FStatus = _SEH_GetExceptionCode(); - } - _SEH_END; } else {