mirror of
https://github.com/reactos/reactos.git
synced 2024-06-29 01:12:06 +00:00
[WIN32K]
Protect access to the result pointer from KeUserModeCallback with SEH. Fixes a possible kernel mode crash. svn path=/trunk/; revision=48437
This commit is contained in:
parent
f986e82a8d
commit
9c9f4cb9e9
|
@ -267,7 +267,16 @@ co_IntLoadSysMenuTemplate()
|
|||
if (NT_SUCCESS(Status))
|
||||
{
|
||||
/* Simulate old behaviour: copy into our local buffer */
|
||||
Result = *(LRESULT*)ResultPointer;
|
||||
_SEH2_TRY
|
||||
{
|
||||
ProbeForRead(ResultPointer, sizeof(LRESULT), 1);
|
||||
Result = *(LRESULT*)ResultPointer;
|
||||
}
|
||||
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
|
||||
{
|
||||
Result = 0;
|
||||
}
|
||||
_SEH2_END
|
||||
}
|
||||
|
||||
UserEnterCo();
|
||||
|
|
Loading…
Reference in a new issue