diff options
author | midipix <writeonce@midipix.org> | 2017-01-19 04:50:09 +0000 |
---|---|---|
committer | midipix <writeonce@midipix.org> | 2017-01-19 00:44:33 -0500 |
commit | 804edfafcbd5066873a1d6a77b6e6bacba783c14 (patch) | |
tree | e48eaaa320b2354113656d0deae9ce6fba32752d /src/process | |
parent | 365987ac7436574fe47040cd67602b71112d76ce (diff) | |
download | ntapi-804edfafcbd5066873a1d6a77b6e6bacba783c14.tar.bz2 ntapi-804edfafcbd5066873a1d6a77b6e6bacba783c14.tar.xz |
__ntapi_tt_get_runtime_data(): integral process: guard against false positives.
Diffstat (limited to 'src/process')
-rw-r--r-- | src/process/ntapi_tt_get_runtime_data.c | 7 | ||||
-rw-r--r-- | src/process/ntapi_tt_spawn_native_process.c | 6 |
2 files changed, 12 insertions, 1 deletions
diff --git a/src/process/ntapi_tt_get_runtime_data.c b/src/process/ntapi_tt_get_runtime_data.c index bda6f7e..71662b4 100644 --- a/src/process/ntapi_tt_get_runtime_data.c +++ b/src/process/ntapi_tt_get_runtime_data.c @@ -74,8 +74,13 @@ int32_t __stdcall __ntapi_tt_get_runtime_data( 0))) return status; - /* update state */ + /* abi */ prtdata = (nt_runtime_data *)address; + + if (__ntapi->tt_guid_compare(&prtdata->abi,&(nt_guid)NT_PROCESS_GUID_RTDATA)) + return NT_STATUS_MORE_PROCESSING_REQUIRED; + + /* update state */ prtdata->flags |= NT_RUNTIME_DATA_INTEGRAL_PROCESS; /* avoid confusion :-) */ diff --git a/src/process/ntapi_tt_spawn_native_process.c b/src/process/ntapi_tt_spawn_native_process.c index c741cf8..2c61012 100644 --- a/src/process/ntapi_tt_spawn_native_process.c +++ b/src/process/ntapi_tt_spawn_native_process.c @@ -124,6 +124,12 @@ int32_t __stdcall __ntapi_tt_spawn_native_process(nt_spawn_process_params * spar (const uintptr_t *)rtctx, sizeof(*rtctx)); + /* abi */ + if (!(__ntapi->tt_guid_compare(&rdata->abi,&(nt_guid)NT_PROCESS_GUID_UNSPEC))) + __ntapi->tt_guid_copy( + &rdata->abi, + &(nt_guid)NT_PROCESS_GUID_RTDATA); + /* imgbuf */ imgbuf = (wchar16_t *)rtblock.addr; imgbuf += 0x10000 / sizeof(*imgbuf); |