mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2024-12-26 18:19:53 +03:00
Added Try+Except block for ProbeForRead
Possible security problem under double-fetch conditions. Microsoft says all ProbeForRead calls should be treated as if they could throw exceptions. SRC: https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/content/wdm/nf-wdm-probeforread
This commit is contained in:
parent
2b855c8db7
commit
34b99ea2a5
@ -634,18 +634,25 @@ NTSTATUS NeoNdisDispatch(DEVICE_OBJECT *DeviceObject, IRP *Irp)
|
||||
{
|
||||
MmProbeAndLockPages(mdl, KernelMode, IoReadAccess);
|
||||
}
|
||||
|
||||
ProbeForRead(buf, NEO_EXCHANGE_BUFFER_SIZE, 1);
|
||||
|
||||
// Write
|
||||
NeoWrite(buf);
|
||||
Irp->IoStatus.Information = stack->Parameters.Write.Length;
|
||||
ok = true;
|
||||
|
||||
if (mdl != NULL)
|
||||
__try
|
||||
{
|
||||
ProbeForRead(buf, NEO_EXCHANGE_BUFFER_SIZE, 1);
|
||||
}
|
||||
__except (EXCEPTION_EXECUTE_HANDLER)
|
||||
{
|
||||
check_ok = false;
|
||||
}
|
||||
if (check_ok) {
|
||||
// Write
|
||||
NeoWrite(buf);
|
||||
Irp->IoStatus.Information = stack->Parameters.Write.Length;
|
||||
ok = true;
|
||||
|
||||
if (mdl != NULL)
|
||||
{
|
||||
MmUnlockPages(mdl);
|
||||
IoFreeMdl(mdl);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user