From 29b2fdcc4d3f85e1b95d321f2d02b4278d904828 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herm=C3=A8s=20B=C3=A9lusca-Ma=C3=AFto?= Date: Sat, 20 Oct 2018 19:30:59 +0200 Subject: [PATCH] [NTOS:CM] Minor fixes. - Validate the information class parameter in NtQueryValueKey(). - Call the post-callback in NtSetValueKey() only if the callback has been registered and the CmSetValueKey() call is executed. --- ntoskrnl/config/ntapi.c | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/ntoskrnl/config/ntapi.c b/ntoskrnl/config/ntapi.c index ee6b57c8052..2aa6f47cb19 100644 --- a/ntoskrnl/config/ntapi.c +++ b/ntoskrnl/config/ntapi.c @@ -533,10 +533,23 @@ NtQueryValueKey(IN HANDLE KeyHandle, REG_QUERY_VALUE_KEY_INFORMATION QueryValueKeyInfo; REG_POST_OPERATION_INFORMATION PostOperationInfo; UNICODE_STRING ValueNameCopy = *ValueName; + PAGED_CODE(); + DPRINT("NtQueryValueKey() KH 0x%p, VN '%wZ', KVIC %d, Length %lu\n", KeyHandle, ValueName, KeyValueInformationClass, Length); + /* Reject classes we don't know about */ + if ((KeyValueInformationClass != KeyValueBasicInformation) && + (KeyValueInformationClass != KeyValueFullInformation) && + (KeyValueInformationClass != KeyValuePartialInformation) && + (KeyValueInformationClass != KeyValueFullInformationAlign64) && + (KeyValueInformationClass != KeyValuePartialInformationAlign64)) + { + /* Fail */ + return STATUS_INVALID_PARAMETER; + } + /* Verify that the handle is valid and is a registry key */ Status = ObReferenceObjectByHandle(KeyHandle, KEY_QUERY_VALUE, @@ -723,11 +736,11 @@ NtSetValueKey(IN HANDLE KeyHandle, Type, Data, DataSize); - } - /* Do the post-callback */ - PostOperationInfo.Status = Status; - CmiCallRegisteredCallbacks(RegNtPostSetValueKey, &PostOperationInfo); + /* Do the post-callback */ + PostOperationInfo.Status = Status; + CmiCallRegisteredCallbacks(RegNtPostSetValueKey, &PostOperationInfo); + } end: /* Dereference and return status */