On 18.08.2016 10:26, Huw Davies wrote:
On 17 Aug 2016, at 15:07, Sebastian Lackner sebastian@fds-team.de wrote:
On 17.08.2016 16:01, Huw Davies wrote:
On 17 Aug 2016, at 14:54, Sebastian Lackner sebastian@fds-team.de wrote:
I assume this is for bug 40106, right? I also investigated it back then, and it looked like a kernel bug to me. If I remember correctly it was somehow triggered by a large number of allocated handles.
Yes, I was wondering whether it was a simple as needing to compare the LOWORD of the handle.
I think I tried that back then, and it was not sufficient. Afaik the whole structure was somehow messed up (including other fields not included in your trace yet) and I suspected that it was returning random kernel memory. I am not sure about all details anymore, and maybe I also made just a stupid mistake while testing. Nevertheless, thanks for your help, maybe you can find out more. ;)
It turns out that both Vista and 2008 only copy the first handle entry into the buffer, so if the required handle isn’t first in the list the tests would fail. Patch sent to detect and win_skip this behaviour.
Huw.
I thought I had tested this aswell, so I'm a bit surprised that the solution is that easy. Nevertheless, thanks for working on this. ;)
Regards, Sebastian