forked from KolibriOS/kolibrios
Fixed vulnerabilitie in sysfn 68.23 (system halt if the name doesn't exist)
git-svn-id: svn://kolibrios.org@9405 a494cfbc-eb01-0410-851d-a64ba20cac60
This commit is contained in:
Coldy
parent
743ff0dfff
commit
f3dca4689e
@ -1478,6 +1478,7 @@ proc shmem_close stdcall, name:dword
|
|||||||
test eax, eax
|
test eax, eax
|
||||||
jz .fail
|
jz .fail
|
||||||
|
|
||||||
|
push ebx ; Added
|
||||||
push esi
|
push esi
|
||||||
push edi
|
push edi
|
||||||
pushfd
|
pushfd
|
||||||
@ -1485,14 +1486,16 @@ proc shmem_close stdcall, name:dword
|
|||||||
|
|
||||||
mov esi, [current_slot]
|
mov esi, [current_slot]
|
||||||
add esi, APP_OBJ_OFFSET
|
add esi, APP_OBJ_OFFSET
|
||||||
|
mov ebx, esi ; Fixed endless loop bug with not existing name (part 1)
|
||||||
.next:
|
.next:
|
||||||
mov eax, [esi + APPOBJ.fd]
|
mov eax, [esi + APPOBJ.fd]
|
||||||
test eax, eax
|
test eax, eax
|
||||||
jz @F
|
jz @F
|
||||||
|
|
||||||
cmp eax, esi
|
cmp eax, ebx ;esi ; Fixed endless loop bug with not existing name (part 2)
|
||||||
|
je @F ; Small optimization
|
||||||
mov esi, eax
|
mov esi, eax
|
||||||
je @F
|
;je @F
|
||||||
|
|
||||||
cmp [eax + SMAP.magic], 'SMAP'
|
cmp [eax + SMAP.magic], 'SMAP'
|
||||||
jne .next
|
jne .next
|
||||||
@ -1514,6 +1517,7 @@ proc shmem_close stdcall, name:dword
|
|||||||
popfd
|
popfd
|
||||||
pop edi
|
pop edi
|
||||||
pop esi
|
pop esi
|
||||||
|
pop ebx ; Added
|
||||||
.fail:
|
.fail:
|
||||||
ret
|
ret
|
||||||
endp
|
endp
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user