mirror of
https://github.com/reactos/reactos.git
synced 2024-07-08 21:55:08 +00:00
[NTOS:PO]
- Protect against invalid user mode pointers in NtPowerInformation svn path=/trunk/; revision=72800
This commit is contained in:
parent
7986e05dd7
commit
3e357794f9
|
@ -657,6 +657,7 @@ NtPowerInformation(IN POWER_INFORMATION_LEVEL PowerInformationLevel,
|
||||||
IN ULONG OutputBufferLength)
|
IN ULONG OutputBufferLength)
|
||||||
{
|
{
|
||||||
NTSTATUS Status;
|
NTSTATUS Status;
|
||||||
|
KPROCESSOR_MODE PreviousMode = KeGetPreviousMode();
|
||||||
|
|
||||||
PAGED_CODE();
|
PAGED_CODE();
|
||||||
|
|
||||||
|
@ -666,6 +667,20 @@ NtPowerInformation(IN POWER_INFORMATION_LEVEL PowerInformationLevel,
|
||||||
InputBuffer, InputBufferLength,
|
InputBuffer, InputBufferLength,
|
||||||
OutputBuffer, OutputBufferLength);
|
OutputBuffer, OutputBufferLength);
|
||||||
|
|
||||||
|
if (PreviousMode != KernelMode)
|
||||||
|
{
|
||||||
|
_SEH2_TRY
|
||||||
|
{
|
||||||
|
ProbeForRead(InputBuffer, InputBufferLength, 1);
|
||||||
|
ProbeForWrite(OutputBuffer, OutputBufferLength, sizeof(ULONG));
|
||||||
|
}
|
||||||
|
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
|
||||||
|
{
|
||||||
|
_SEH2_YIELD(return _SEH2_GetExceptionCode());
|
||||||
|
}
|
||||||
|
_SEH2_END;
|
||||||
|
}
|
||||||
|
|
||||||
switch (PowerInformationLevel)
|
switch (PowerInformationLevel)
|
||||||
{
|
{
|
||||||
case SystemBatteryState:
|
case SystemBatteryState:
|
||||||
|
@ -677,11 +692,20 @@ NtPowerInformation(IN POWER_INFORMATION_LEVEL PowerInformationLevel,
|
||||||
if (OutputBufferLength < sizeof(SYSTEM_BATTERY_STATE))
|
if (OutputBufferLength < sizeof(SYSTEM_BATTERY_STATE))
|
||||||
return STATUS_BUFFER_TOO_SMALL;
|
return STATUS_BUFFER_TOO_SMALL;
|
||||||
|
|
||||||
|
_SEH2_TRY
|
||||||
|
{
|
||||||
/* Just zero the struct (and thus set BatteryState->BatteryPresent = FALSE) */
|
/* Just zero the struct (and thus set BatteryState->BatteryPresent = FALSE) */
|
||||||
RtlZeroMemory(BatteryState, sizeof(SYSTEM_BATTERY_STATE));
|
RtlZeroMemory(BatteryState, sizeof(SYSTEM_BATTERY_STATE));
|
||||||
BatteryState->EstimatedTime = MAXULONG;
|
BatteryState->EstimatedTime = MAXULONG;
|
||||||
|
|
||||||
Status = STATUS_SUCCESS;
|
Status = STATUS_SUCCESS;
|
||||||
|
}
|
||||||
|
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
|
||||||
|
{
|
||||||
|
Status = _SEH2_GetExceptionCode();
|
||||||
|
}
|
||||||
|
_SEH2_END;
|
||||||
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -694,11 +718,20 @@ NtPowerInformation(IN POWER_INFORMATION_LEVEL PowerInformationLevel,
|
||||||
if (OutputBufferLength < sizeof(SYSTEM_POWER_CAPABILITIES))
|
if (OutputBufferLength < sizeof(SYSTEM_POWER_CAPABILITIES))
|
||||||
return STATUS_BUFFER_TOO_SMALL;
|
return STATUS_BUFFER_TOO_SMALL;
|
||||||
|
|
||||||
/* Just zero the struct (and thus set BatteryState->BatteryPresent = FALSE) */
|
_SEH2_TRY
|
||||||
|
{
|
||||||
|
/* Just zero the struct (and thus set PowerCapabilities->SystemBatteriesPresent = FALSE) */
|
||||||
RtlZeroMemory(PowerCapabilities, sizeof(SYSTEM_POWER_CAPABILITIES));
|
RtlZeroMemory(PowerCapabilities, sizeof(SYSTEM_POWER_CAPABILITIES));
|
||||||
//PowerCapabilities->SystemBatteriesPresent = 0;
|
//PowerCapabilities->SystemBatteriesPresent = 0;
|
||||||
|
|
||||||
Status = STATUS_SUCCESS;
|
Status = STATUS_SUCCESS;
|
||||||
|
}
|
||||||
|
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
|
||||||
|
{
|
||||||
|
Status = _SEH2_GetExceptionCode();
|
||||||
|
}
|
||||||
|
_SEH2_END;
|
||||||
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -711,6 +744,8 @@ NtPowerInformation(IN POWER_INFORMATION_LEVEL PowerInformationLevel,
|
||||||
if (OutputBufferLength < sizeof(PROCESSOR_POWER_INFORMATION))
|
if (OutputBufferLength < sizeof(PROCESSOR_POWER_INFORMATION))
|
||||||
return STATUS_BUFFER_TOO_SMALL;
|
return STATUS_BUFFER_TOO_SMALL;
|
||||||
|
|
||||||
|
_SEH2_TRY
|
||||||
|
{
|
||||||
PowerInformation->Number = 0;
|
PowerInformation->Number = 0;
|
||||||
PowerInformation->MaxMhz = 1000;
|
PowerInformation->MaxMhz = 1000;
|
||||||
PowerInformation->CurrentMhz = 1000;
|
PowerInformation->CurrentMhz = 1000;
|
||||||
|
@ -719,6 +754,13 @@ NtPowerInformation(IN POWER_INFORMATION_LEVEL PowerInformationLevel,
|
||||||
PowerInformation->CurrentIdleState = 0;
|
PowerInformation->CurrentIdleState = 0;
|
||||||
|
|
||||||
Status = STATUS_SUCCESS;
|
Status = STATUS_SUCCESS;
|
||||||
|
}
|
||||||
|
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
|
||||||
|
{
|
||||||
|
Status = _SEH2_GetExceptionCode();
|
||||||
|
}
|
||||||
|
_SEH2_END;
|
||||||
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue