From eba20f3ad83b98015bdfb03f976bf88138d35b6b Mon Sep 17 00:00:00 2001 From: Aleksandar Andrejevic Date: Wed, 29 Apr 2015 00:58:22 +0000 Subject: [PATCH] [NTVDM] Also check for BlockData == 0 in RosResizeMemory. This, however, wasn't a crash since we were lucky enough to cast the segment to a WORD before the access. svn path=/trunk/; revision=67476 --- reactos/subsystems/mvdm/ntvdm/dos/dos32krnl/memory.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/reactos/subsystems/mvdm/ntvdm/dos/dos32krnl/memory.c b/reactos/subsystems/mvdm/ntvdm/dos/dos32krnl/memory.c index 892bbbd3ffd..4a96255724d 100644 --- a/reactos/subsystems/mvdm/ntvdm/dos/dos32krnl/memory.c +++ b/reactos/subsystems/mvdm/ntvdm/dos/dos32krnl/memory.c @@ -210,7 +210,9 @@ BOOLEAN DosResizeMemory(WORD BlockData, WORD NewSize, WORD *MaxAvailable) NewSize); /* Make sure this is a valid, allocated block */ - if ((Mcb->BlockType != 'M' && Mcb->BlockType != 'Z') || Mcb->OwnerPsp == 0) + if (BlockData == 0 + || (Mcb->BlockType != 'M' && Mcb->BlockType != 'Z') + || Mcb->OwnerPsp == 0) { Success = FALSE; DosLastError = ERROR_INVALID_HANDLE; -- 2.17.1