fuck itt

DarkFire01 · Nov 24, 2024 · eec270d · eec270d
1 parent e91f800
commit eec270d
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 9 deletions.
diff --git a/ntoskrnl/include/internal/i386/ke.h b/ntoskrnl/include/internal/i386/ke.h
@@ -733,6 +733,8 @@ PFX_SAVE_AREA
 KiGetThreadNpxArea(IN PKTHREAD Thread)
 {
     ASSERT((ULONG_PTR)Thread->InitialStack % 16 == 0);
+    if ((ULONG_PTR)Thread->InitialStack < sizeof(FX_SAVE_AREA))
+        return NULL;
     return (PFX_SAVE_AREA)((ULONG_PTR)Thread->InitialStack - sizeof(FX_SAVE_AREA));
 }
 

diff --git a/ntoskrnl/ke/i386/cpu.c b/ntoskrnl/ke/i386/cpu.c
@@ -1291,7 +1291,8 @@ KiFlushNPXState(IN PFLOATING_SAVE_AREA SaveArea)
 
         /* Now load NPX state from the NPX area */
         FxSaveArea = KiGetThreadNpxArea(Thread);
-        Ke386FxStore(FxSaveArea);
+        if (FxSaveArea)
+            Ke386FxStore(FxSaveArea);
     }
     else
     {
@@ -1308,7 +1309,7 @@ KiFlushNPXState(IN PFLOATING_SAVE_AREA SaveArea)
         Thread->NpxState = NPX_STATE_NOT_LOADED;
 
         /* Save state if supported by CPU */
-        if (KeI386FxsrPresent) Ke386FxSave(FxSaveArea);
+        if (KeI386FxsrPresent && FxSaveArea) Ke386FxSave(FxSaveArea);
     }
 
     /* Now save the FN state wherever it was requested */
@@ -1447,13 +1448,15 @@ KeSaveFloatingPointState(
         {
             /* Get the FX frame */
             FxSaveAreaFrame = KiGetThreadNpxArea(CurrentPrcb->NpxThread);
+            if (FxSaveAreaFrame)
+            {
+                /* Save the FPU state */
+                Ke386SaveFpuState(FxSaveAreaFrame);
 
-            /* Save the FPU state */
-            Ke386SaveFpuState(FxSaveAreaFrame);
-
-            /* NPX thread has lost its state */
-            CurrentPrcb->NpxThread->NpxState = NPX_STATE_NOT_LOADED;
-            FxSaveAreaFrame->NpxSavedCpu = 0;
+                /* NPX thread has lost its state */
+                CurrentPrcb->NpxThread->NpxState = NPX_STATE_NOT_LOADED;
+                FxSaveAreaFrame->NpxSavedCpu = 0;
+            }
         }
 
         /* The new NPX thread is the current thread */

diff --git a/ntoskrnl/ke/i386/traphdlr.c b/ntoskrnl/ke/i386/traphdlr.c
@@ -760,7 +760,8 @@ KiTrap07Handler(IN PKTRAP_FRAME TrapFrame)
                 NpxSaveArea = KiGetThreadNpxArea(NpxThread);
 
                 /* Save FPU state */
-                Ke386SaveFpuState(NpxSaveArea);
+                if (NpxSaveArea)
+                    Ke386SaveFpuState(NpxSaveArea);
 
                 /* Update NPX state */
                 NpxThread->NpxState = NPX_STATE_NOT_LOADED;