[1/4] ntdll: Trigger write watches before passing userdata pointer to wait_reply.
Sebastian Lackner
sebastian at fds-team.de
Fri Oct 3 20:45:35 CDT 2014
The reply_data field sometimes points directly to user-provided memory. If the user provides a memory block with page guard or write watch protection, then read() will fail with EFAULT and Wine will abort with a "wine client error" message.
Can be triggered for example with NtQueryInformationToken(..., TokenOwner, ...).
---
dlls/ntdll/server.c | 8 ++++++++
1 file changed, 8 insertions(+)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-ntdll-Trigger-write-watches-before-passing-userdata-.patch
Type: text/x-patch
Size: 1012 bytes
Desc: not available
URL: <http://www.winehq.org/pipermail/wine-patches/attachments/20141004/8ed2b85a/attachment.bin>
More information about the wine-patches
mailing list