[ros-dev] [ros-diffs] [hbelusca] 66192: [WINLOGON][WIN32K] Move the shutdown privilege check from winlogon to win32k (function "UserInitiateShutdown") as it should be done. [WIN32K] - Introduce the pair of UserInitiateS...
Alex Ionescu
ionucu at videotron.ca
Mon Feb 9 18:37:26 UTC 2015
This would be the win32k 0 day that's been blogged and unfixed in Windows
for over 4 years now, and which allows the Surface RT to be jailbroken. You
really want to fix this? :( What about hackcompat?!
Best regards,
Alex Ionescu
On Sun, Feb 8, 2015 at 12:37 AM, Thomas Faber <thomas.faber at reactos.org>
wrote:
> On 2015-02-07 16:26, hbelusca at svn.reactos.org wrote:
> > @@ -792,24 +791,54 @@
> > case UserThreadInitiateShutdown:
> > {
> > ERR("Shutdown initiated\n");
> > - STUB;
> > - Status = STATUS_NOT_IMPLEMENTED;
> > +
> > + if (ThreadInformationLength != sizeof(ULONG))
> > + {
> > + Status = STATUS_INFO_LENGTH_MISMATCH;
> > + break;
> > + }
> > +
> > + Status = UserInitiateShutdown(Thread,
> (PULONG)ThreadInformation);
> > break;
> > }
>
> This looks like contrary to the other cases, ThreadInformation is
> neither probed, nor accessed inside SEH here?
>
> _______________________________________________
> Ros-dev mailing list
> Ros-dev at reactos.org
> http://www.reactos.org/mailman/listinfo/ros-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.reactos.org/pipermail/ros-dev/attachments/20150209/feaac8e6/attachment.html>
More information about the Ros-dev
mailing list