Skip to content

Commit 5f60d93

Browse files
bb107bb107
committed
Fix the problem of calculating TLS_VECTOR length when there is no TLS in the process
1 parent 3468890 commit 5f60d93

2 files changed

Lines changed: 12 additions & 8 deletions

File tree

MemoryModule/MemoryModulePP.def

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,4 +10,6 @@ LdrLoadDllMemoryExA
1010
LdrLoadDllMemoryExW
1111
LdrUnloadDllMemory
1212
LdrUnloadDllMemoryAndExitThread
13-
LdrQuerySystemMemoryModuleFeatures
13+
LdrQuerySystemMemoryModuleFeatures
14+
15+
MmpGlobalDataPtr

MemoryModule/MmpTls.cpp

Lines changed: 9 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -164,11 +164,13 @@ DWORD NTAPI MmpUserThreadStart(LPVOID lpThreadParameter) {
164164
if (record->TlspMmpBlock) {
165165

166166
auto size = CONTAINING_RECORD(record->TlspLdrBlock, TLS_VECTOR, ModuleTlsData)->Length;
167-
RtlCopyMemory(
168-
record->TlspMmpBlock,
169-
record->TlspLdrBlock,
170-
size * sizeof(PVOID)
171-
);
167+
if ((HANDLE)(ULONG_PTR)size != NtCurrentThreadId()) {
168+
RtlCopyMemory(
169+
record->TlspMmpBlock,
170+
record->TlspLdrBlock,
171+
size * sizeof(PVOID)
172+
);
173+
}
172174

173175
NtCurrentTeb()->ThreadLocalStoragePointer = record->TlspMmpBlock;
174176

@@ -397,7 +399,7 @@ BOOL NTAPI PreHookNtSetInformationProcess() {
397399

398400
ProcessTlsInformation->OperationType = ProcessTlsReplaceVector;
399401
ProcessTlsInformation->Reserved = 0;
400-
ProcessTlsInformation->TlsVectorLength = CurrentTlsPointerSize;
402+
ProcessTlsInformation->TlsVectorLength = (HANDLE)(ULONG_PTR)CurrentTlsPointerSize == NtCurrentThreadId() ? 0 : CurrentTlsPointerSize;
401403
ProcessTlsInformation->ThreadDataCount = CurrentThreadCount;
402404

403405
for (DWORD i = 0; i < CurrentThreadCount; ++i) {
@@ -784,7 +786,7 @@ NTSTATUS NTAPI MmpHandleTlsData(_In_ PLDR_DATA_TABLE_ENTRY lpModuleEntry) {
784786
BOOL NTAPI MmpTlsInitialize() {
785787

786788
auto tls = CONTAINING_RECORD(NtCurrentTeb()->ThreadLocalStoragePointer, TLS_VECTOR, TLS_VECTOR::ModuleTlsData);
787-
if (tls && tls->Length > MMP_START_TLS_INDEX) {
789+
if (tls && (HANDLE)(ULONG_PTR)tls->Length != NtCurrentThreadId() && tls->Length > MMP_START_TLS_INDEX) {
788790
RtlRaiseStatus(STATUS_NOT_SUPPORTED);
789791
return FALSE;
790792
}

0 commit comments

Comments
 (0)