Signed-off-by: Myah Caron qsniyg@protonmail.com --- I've opted to use a helper function, as it both makes the code cleaner, as well as avoid unneeded "syscalls" (could be a performance issue for an application that calls Encode/DecodePointer repeatedly).
dlls/ntdll/rtl.c | 30 +++++++++++------------------- 1 file changed, 11 insertions(+), 19 deletions(-)
diff --git a/dlls/ntdll/rtl.c b/dlls/ntdll/rtl.c index 154de807501..8c8c8c9bb1a 100644 --- a/dlls/ntdll/rtl.c +++ b/dlls/ntdll/rtl.c @@ -1516,30 +1516,22 @@ WCHAR * WINAPI RtlIpv6AddressToStringW(const IN6_ADDR *address, WCHAR *str) }
/*********************************************************************** - * get_pointer_obfuscator (internal) + * get_process_cookie (internal) */ -static DWORD_PTR get_pointer_obfuscator( void ) +static ULONG get_process_cookie( void ) { - static DWORD_PTR pointer_obfuscator; + static ULONG process_cookie;
- if (!pointer_obfuscator) + if (!process_cookie) { - ULONG seed = NtGetTickCount(); - ULONG_PTR rand; + ULONG cookie; + NtQueryInformationProcess( NtCurrentProcess(), ProcessCookie, &cookie, + sizeof( cookie ), NULL );
- /* generate a random value for the obfuscator */ - rand = RtlUniform( &seed ); - - /* handle 64bit pointers */ - rand ^= (ULONG_PTR)RtlUniform( &seed ) << ((sizeof (DWORD_PTR) - sizeof (ULONG))*8); - - /* set the high bits so dereferencing obfuscated pointers will (usually) crash */ - rand |= (ULONG_PTR)0xc0000000 << ((sizeof (DWORD_PTR) - sizeof (ULONG))*8); - - InterlockedCompareExchangePointer( (void**) &pointer_obfuscator, (void*) rand, NULL ); + InterlockedExchange( (LONG*)&process_cookie, cookie ); }
- return pointer_obfuscator; + return process_cookie; }
/*********************************************************************** @@ -1575,7 +1567,7 @@ PVOID WINAPI RtlEncodePointer( PVOID ptr ) {
DWORD_PTR ptrval = (DWORD_PTR) ptr; - DWORD_PTR cookie = get_pointer_obfuscator(); + DWORD_PTR cookie = (DWORD_PTR) get_process_cookie();
/* http://blogs.msdn.com/b/michael_howard/archive/2006/08/16/702707.aspx */
@@ -1586,7 +1578,7 @@ PVOID WINAPI RtlEncodePointer( PVOID ptr ) PVOID WINAPI RtlDecodePointer( PVOID ptr ) { DWORD_PTR ptrval = (DWORD_PTR) ptr; - DWORD_PTR cookie = get_pointer_obfuscator(); + DWORD_PTR cookie = (DWORD_PTR) get_process_cookie();
ptrval = rotl_ptr(ptrval, cookie); return (PVOID)(ptrval ^ cookie); -- 2.28.0