[NTOSKRNL] Fix a nullptr dereference in IopStartDevice

author Mark Jansen <mark.jansen@reactos.org>

Sun, 5 Aug 2018 20:14:44 +0000 (22:14 +0200)

committer Mark Jansen <mark.jansen@reactos.org>

Mon, 6 Aug 2018 18:51:21 +0000 (20:51 +0200)
author Mark Jansen <mark.jansen@reactos.org>
Sun, 5 Aug 2018 20:14:44 +0000 (22:14 +0200)
committer Mark Jansen <mark.jansen@reactos.org>
Mon, 6 Aug 2018 18:51:21 +0000 (20:51 +0200)
diff --git a/ntoskrnl/io/pnpmgr/pnpmgr.c b/ntoskrnl/io/pnpmgr/pnpmgr.c

index 62ad7a2..e4cb7db 100644 (file)
--- a/ntoskrnl/io/pnpmgr/pnpmgr.c
+++ b/ntoskrnl/io/pnpmgr/pnpmgr.c
@@ -786,7 +786,7 @@ IopStartDevice(
  {
     NTSTATUS Status;
     HANDLE InstanceHandle = NULL, ControlHandle = NULL;
-   UNICODE_STRING KeyName;
+   UNICODE_STRING KeyName, ValueString;
     OBJECT_ATTRIBUTES ObjectAttributes;
  
     if (DeviceNode->Flags & DNF_DISABLED)
@@ -817,7 +817,10 @@ IopStartDevice(
         goto ByeBye;
  
     RtlInitUnicodeString(&KeyName, L"ActiveService");
-   Status = ZwSetValueKey(ControlHandle, &KeyName, 0, REG_SZ, DeviceNode->ServiceName.Buffer, DeviceNode->ServiceName.Length + sizeof(UNICODE_NULL));
+   ValueString = DeviceNode->ServiceName;
+   if (!ValueString.Buffer)
+       RtlInitUnicodeString(&ValueString, L"");
+   Status = ZwSetValueKey(ControlHandle, &KeyName, 0, REG_SZ, ValueString.Buffer, ValueString.Length + sizeof(UNICODE_NULL));
     // }
  
  ByeBye:
author	Mark Jansen <mark.jansen@reactos.org>
	Sun, 5 Aug 2018 20:14:44 +0000 (22:14 +0200)
committer	Mark Jansen <mark.jansen@reactos.org>
	Mon, 6 Aug 2018 18:51:21 +0000 (20:51 +0200)