Author: gadamopoulos
Date: Sun Feb 19 22:05:25 2012
New Revision: 55724
URL: http://svn.reactos.org/svn/reactos?rev=55724&view=rev
Log:
[ntoskrnl]
- Fix a crash in KiSystemCall that was caused because PsConvertToGuiThread may
have switched to a large kernel stack, but still returned with failure because
win32k did not succeed. To fix it reload the trap frame after the call before
checking for success.
Modified:
trunk/reactos/ntoskrnl/ke/i386/traphdlr.c
Modified: trunk/reactos/ntoskrnl/ke/i386/traphdlr.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/i386/traphdlr.c?rev=55724&r1=55723&r2=55724&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/ke/i386/traphdlr.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/ke/i386/traphdlr.c [iso-8859-1] Sun Feb 19 22:05:25
2012
@@ -1556,17 +1556,18 @@
/* Convert us to a GUI thread -- must wrap in ASM to get new EBP */
Result = KiConvertToGuiThread();
+
+ /* Reload trap frame and descriptor table pointer from new stack */
+ TrapFrame = *(volatile PVOID*)&Thread->TrapFrame;
+ DescriptorTable = (PVOID)(*(volatile ULONG_PTR*)&Thread->ServiceTable
+ Offset);
+
if (!NT_SUCCESS(Result))
{
/* Set the last error and fail */
//SetLastWin32Error(RtlNtStatusToDosError(Result));
goto ExitCall;
}
-
- /* Reload trap frame and descriptor table pointer from new stack */
- TrapFrame = *(volatile PVOID*)&Thread->TrapFrame;
- DescriptorTable = (PVOID)(*(volatile ULONG_PTR*)&Thread->ServiceTable
+ Offset);
-
+
/* Validate the system call number again */
if (Id >= DescriptorTable->Limit)
{
