Fixed bugs with vim

svn path=/trunk/; revision=2377

reactos/ntoskrnl/ex/sysinfo.c

@@ -1,4 +1,4 @@
-/* $Id: sysinfo.c,v 1.13 2001/09/02 17:29:51 dwelch Exp $
+/* $Id: sysinfo.c,v 1.14 2001/11/18 00:31:23 dwelch Exp $
  *
  * COPYRIGHT:       See COPYING in the top level directory
  * PROJECT:         ReactOS kernel
@@ -1013,54 +1013,76 @@ CallQS [] =
 };
 
 
-NTSTATUS
+NTSTATUS STDCALL
-STDCALL
+NtQuerySystemInformation (IN SYSTEM_INFORMATION_CLASS SystemInformationClass,
-NtQuerySystemInformation (
+			  OUT PVOID UnsafeSystemInformation,
-	IN	SYSTEM_INFORMATION_CLASS	SystemInformationClass,
-	OUT	PVOID				SystemInformation,
 			  IN ULONG Length,
-	OUT	PULONG				ResultLength
+			  OUT PULONG UnsafeResultLength)
-	)
 {
-	/*
+  ULONG ResultLength;
-	 * If called from user mode, check 
+  PVOID SystemInformation;
-	 * possible unsafe arguments.
+  NTSTATUS Status;
-	 */
+  NTSTATUS FStatus;
-#if 0
+
-        if (KernelMode != KeGetPreviousMode())
+  if (ExGetPreviousMode() == KernelMode)
     {
-		// Check arguments
+      SystemInformation = UnsafeSystemInformation;
-		//ProbeForWrite(
-		//	SystemInformation,
-		//	Length
-		//	);
-		//ProbeForWrite(
-		//	ResultLength,
-		//	sizeof (ULONG)
-		//	);
     }
-#endif
+  else
-	/*
+    {
-	 * Clear the user buffer.
+      SystemInformation = ExAllocatePool(NonPagedPool, Length);
-	 */
+      if (SystemInformation == NULL)
+	{
+	  return(STATUS_NO_MEMORY);
+	}
+    }
+  
+  /* Clear user buffer. */
   RtlZeroMemory(SystemInformation, Length);
+
   /*
    * Check the request is valid.
    */
-	if (	(SystemInformationClass >= SystemInformationClassMin)
+  if ((SystemInformationClass >= SystemInformationClassMin) && 
-		&& (SystemInformationClass < SystemInformationClassMax)
+      (SystemInformationClass < SystemInformationClassMax))
-		)
     {
       if (NULL != CallQS [SystemInformationClass].Query)
 	{
 	  /*
 	   * Hand the request to a subhandler.
 	   */
-			return CallQS [SystemInformationClass].Query (
+	  FStatus = CallQS [SystemInformationClass].Query(SystemInformation,
-					SystemInformation,
 							  Length,
-					ResultLength
+							  &ResultLength);
-					);
+	  if (ExGetPreviousMode() != KernelMode)
+	    {
+	      Status = MmCopyToCaller(UnsafeSystemInformation, 
+				      SystemInformation,
+				      Length);
+	      ExFreePool(SystemInformation);
+	      if (!NT_SUCCESS(Status))
+		{
+		  return(Status);
+		}
+	    }
+	  if (UnsafeResultLength != NULL)
+	    {
+	      if (ExGetPreviousMode() == KernelMode)
+		{
+		  *UnsafeResultLength = ResultLength;
+		}
+	      else
+		{
+		  Status = MmCopyToCaller(UnsafeResultLength,
+					  &ResultLength,
+					  sizeof(ULONG));
+		  if (!NT_SUCCESS(Status))
+		    {
+		      return(Status);
+		    }
+		}
+	    }
+	  return(FStatus);
 	}
     }
   return (STATUS_INVALID_INFO_CLASS);

reactos/ntoskrnl/ke/i386/exp.c

@@ -38,6 +38,7 @@
 #include <internal/ps.h>
 #include <internal/trap.h>
 #include <ntdll/ldr.h>
+#include <internal/safe.h>
 
 #define NDEBUG
 #include <internal/debug.h>
@@ -368,6 +369,9 @@ KiUserTrapHandler(PKTRAP_FRAME Tf, ULONG ExceptionNr, PVOID Cr2)
   PULONG Frame;
   ULONG cr3;
   ULONG i;
+  ULONG ReturnAddress;
+  ULONG NextFrame;
+  NTSTATUS Status;
 
   /*
    * Get the PDBR
@@ -452,8 +456,25 @@ KiUserTrapHandler(PKTRAP_FRAME Tf, ULONG ExceptionNr, PVOID Cr2)
   Frame = (PULONG)Tf->Ebp;
   while (Frame != NULL)
     {
-      print_address((PVOID)Frame[1]);
+      Status = MmCopyToCaller(&ReturnAddress, &Frame[1], sizeof(ULONG));
-      Frame = (PULONG)Frame[0];
+      if (!NT_SUCCESS(Status))
+	{
+	  DbgPrint("????????\n");
+	  break;
+	}
+      print_address((PVOID)ReturnAddress);
+      Status = MmCopyToCaller(&NextFrame, &Frame[0], sizeof(ULONG));
+      if (!NT_SUCCESS(Status))
+	{
+	  DbgPrint("Frame is inaccessible.\n");
+	  break;
+	}
+      if ((NextFrame + sizeof(ULONG)) >= KERNEL_BASE)
+	{
+	  DbgPrint("Next frame is in kernel space!\n");
+	  break;
+	}
+      Frame = (PULONG)NextFrame;
       i++;
     }