Skip to content

Commit

Permalink
[NTOS:LPC] Fix input parameter given to ProbeAndCaptureUnicodeString.
Browse files Browse the repository at this point in the history
Addendum to commit b3c55b9 (PR reactos#4399).

Passing &CapturedObjectName as pointer to be probed and captured would
fail if e.g. PreviousMode == UserMode, since that pointer is always in
kernel space. Instead, pass the original user-mode pointer.

Bug caught by Timo Kreuzer ;)
  • Loading branch information
HBelusca committed Oct 22, 2023
1 parent 855008d commit 4a4bebe
Showing 1 changed file with 4 additions and 3 deletions.
7 changes: 4 additions & 3 deletions ntoskrnl/lpc/create.c
Original file line number Diff line number Diff line change
Expand Up @@ -83,8 +83,9 @@ LpcpCreatePort(OUT PHANDLE PortHandle,
}
else
{
if (ObjectAttributes->ObjectName)
CapturedObjectName = *(ObjectAttributes->ObjectName);
ObjectName = ((volatile OBJECT_ATTRIBUTES*)ObjectAttributes)->ObjectName;
if (ObjectName)
CapturedObjectName = *ObjectName;
}

/* Normalize the buffer pointer in case we don't have
Expand All @@ -96,7 +97,7 @@ LpcpCreatePort(OUT PHANDLE PortHandle,
/* Capture the port name for DPRINT only - ObCreateObject does its
* own capture. As it is used only for debugging, ignore any failure;
* the string is zeroed out in such case. */
ProbeAndCaptureUnicodeString(&CapturedPortName, PreviousMode, &CapturedObjectName);
ProbeAndCaptureUnicodeString(&CapturedPortName, PreviousMode, ObjectName);
LPCTRACE(LPC_CREATE_DEBUG, "Name: %wZ\n", &CapturedPortName);
ReleaseCapturedUnicodeString(&CapturedPortName, PreviousMode);
#endif
Expand Down

0 comments on commit 4a4bebe

Please sign in to comment.