Uploaded image for project: 'Core ReactOS'
  1. Core ReactOS
  2. CORE-8469

PSEH3 exception record is below esp in exception handler

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Fix Version/s: 0.3.17
    • Component/s: CRT
    • Labels:
      None

      Description

      What happens is if you use the stack too much, the exception record will be overwritten.
      Real world case where this happens is IoCreateFile, which calls ExFreePool in the exception handler, and that uses a lot of stack. Result is that the subsequent call to _SEH2_GetExceptionCode may return the wrong value (e.g. 0 which can lead to a lot of confusion).

      pseh3-stackframe-test.patch – test case added to pseh2_test
      psehtest.pp.c – preprocessed output, with some formatting applied
      psehtest.c.asm – assembly output

      The test case currently crashes:
      C:\ROS\reactos\output-MinGW-i386\reactos>modules\rostests\tests\pseh2\pseh2_test.exe
      psehtest.c:2599: unhandled exception C0000005 thrown from 004078BA

      With the printf uncommented and the array fill disabled, the output shows the situation (esp > exception record):
      0028F6D8, 0028FA10
      psehtest.c:2897: Test failed: test_PSEH3_bug2 failed
      pseh2_syntax: 104 tests executed (0 marked as todo, 1 failure), 0 skipped.

      cc Timo Kreuzer, zefklop

        Attachments

          Activity

            People

            • Assignee:
              ThFabba ThFabba
              Reporter:
              ThFabba ThFabba
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: