Index: section.c =================================================================== --- ntoskrnl/mm/ARM3/section.c (revision 72799) +++ ntoskrnl/mm/ARM3/section.c (working copy) @@ -1898,6 +1898,7 @@ WCHAR ModuleFileNameBuffer[MAX_PATH] = {0}; UNICODE_STRING ModuleFileName; PMEMORY_SECTION_NAME SectionName = NULL; + ULONG NameBufferLength; KPROCESSOR_MODE PreviousMode = ExGetPreviousMode(); Status = ObReferenceObjectByHandle(ProcessHandle, @@ -1919,16 +1920,20 @@ if (NT_SUCCESS(Status)) { SectionName = MemoryInformation; + NameBufferLength = MemoryInformationLength - FIELD_OFFSET(MEMORY_SECTION_NAME, NameBuffer); if (PreviousMode != KernelMode) { _SEH2_TRY { - RtlInitUnicodeString(&SectionName->SectionFileName, SectionName->NameBuffer); - SectionName->SectionFileName.MaximumLength = (USHORT)MemoryInformationLength; + RtlInitEmptyUnicodeString(&SectionName->SectionFileName, + SectionName->NameBuffer, + NameBufferLength); RtlCopyUnicodeString(&SectionName->SectionFileName, &ModuleFileName); - if (ReturnLength) *ReturnLength = ModuleFileName.Length; - + if (ReturnLength) + { + *ReturnLength = ModuleFileName.Length + FIELD_OFFSET(MEMORY_SECTION_NAME, NameBuffer); + } } _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) { @@ -1938,12 +1943,15 @@ } else { - RtlInitUnicodeString(&SectionName->SectionFileName, SectionName->NameBuffer); - SectionName->SectionFileName.MaximumLength = (USHORT)MemoryInformationLength; + RtlInitEmptyUnicodeString(&SectionName->SectionFileName, + SectionName->NameBuffer, + NameBufferLength); RtlCopyUnicodeString(&SectionName->SectionFileName, &ModuleFileName); - if (ReturnLength) *ReturnLength = ModuleFileName.Length; - + if (ReturnLength) + { + *ReturnLength = ModuleFileName.Length + FIELD_OFFSET(MEMORY_SECTION_NAME, NameBuffer); + } } } ObDereferenceObject(Process);