Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-06-04 08:50:27 +00:00
Code Issues Projects Releases Packages Wiki Activity

modified ntoskrnl/ex/sysinfo.c

Browse source 
MaxSystemInfoClass is now much larger than the size of the CallQS table: use the actual size of the table in range checks to prevent an overrun
   Fixes CID 527, CID 528

svn path=/trunk/; revision=37616
This commit is contained in:
KJK::Hyperion 2008-11-24 13:47:44 +00:00
parent c086cc2302
commit b4d5ee6914
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
reactos/ntoskrnl/ex/sysinfo.c
View file

@ -1794,6 +1794,9 @@ CallQS [] =
SI_QX(SystemSessionProcessesInformation)
};
C_ASSERT(SystemBasicInformation == 0);
#define MIN_SYSTEM_INFO_CLASS (SystemBasicInformation)
#define MAX_SYSTEM_INFO_CLASS (sizeof(CallQS) / sizeof(CallQS[0]))
/*
* @implemented
@ -1825,7 +1828,7 @@ NtQuerySystemInformation (IN SYSTEM_INFORMATION_CLASS SystemInformationClass,
/*
* Check the request is valid.
*/
if (SystemInformationClass >= MaxSystemInfoClass)
if (SystemInformationClass >= MAX_SYSTEM_INFO_CLASS)
{
_SEH2_YIELD(return STATUS_INVALID_INFO_CLASS);
}
@ -1892,8 +1895,8 @@ NtSetSystemInformation (
/*
* Check the request is valid.
*/
if ( (SystemInformationClass >= SystemBasicInformation)
&& (SystemInformationClass < MaxSystemInfoClass)
if ( (SystemInformationClass >= MIN_SYSTEM_INFO_CLASS)
&& (SystemInformationClass < MAX_SYSTEM_INFO_CLASS)
)
{
if (NULL != CallQS [SystemInformationClass].Set)