Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-07-07 05:05:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

[LSASRV]

Browse source 
Fix memory related issues in calls to LsaEnumerateLogonSessions.
- Initialize ClientBaseAddress to NULL because we do not need to allocate a fixed memory page.
- Protect Length from being overwitten by NtWriteVirtualMemory.

svn path=/trunk/; revision=64318
This commit is contained in:
Eric Kohl 2014-09-26 23:46:59 +00:00
parent 3ac9edfd99
commit d3c1b50d46
1 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
reactos/dll/win32/lsasrv/session.c
View file

@ -131,8 +131,8 @@ LsapEnumLogonSessions(IN OUT PLSA_API_MSG RequestMsg)
PLIST_ENTRY SessionEntry;
PLSAP_LOGON_SESSION CurrentSession;
PLUID SessionList;
ULONG i, Length;
PVOID ClientBaseAddress;
ULONG i, Length, MemSize;
PVOID ClientBaseAddress = NULL;
NTSTATUS Status;
TRACE("LsapEnumLogonSessions()\n");
@ -175,10 +175,11 @@ LsapEnumLogonSessions(IN OUT PLSA_API_MSG RequestMsg)
goto done;
}
MemSize = Length;
Status = NtAllocateVirtualMemory(ProcessHandle,
&ClientBaseAddress,
0,
&Length,
&MemSize,
MEM_COMMIT,
PAGE_READWRITE);
if (!NT_SUCCESS(Status))