From f3dca4689ece29076d221e31fd5ef4a8328b6fbe Mon Sep 17 00:00:00 2001
From: Coldy <Coldy@kolibrios.org>
Date: Mon, 6 Dec 2021 16:57:50 +0000
Subject: [PATCH] Fixed vulnerabilitie in sysfn 68.23 (system halt if the name
 doesn't exist)

git-svn-id: svn://kolibrios.org@9405 a494cfbc-eb01-0410-851d-a64ba20cac60
---
 kernel/trunk/core/heap.inc | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/kernel/trunk/core/heap.inc b/kernel/trunk/core/heap.inc
index 444f0ffef..85d493d62 100644
--- a/kernel/trunk/core/heap.inc
+++ b/kernel/trunk/core/heap.inc
@@ -1478,6 +1478,7 @@ proc shmem_close stdcall, name:dword
         test    eax, eax
         jz      .fail
 
+        push    ebx ; Added
         push    esi
         push    edi
         pushfd
@@ -1485,14 +1486,16 @@ proc shmem_close stdcall, name:dword
 
         mov     esi, [current_slot]
         add     esi, APP_OBJ_OFFSET
+        mov     ebx, esi ; Fixed endless loop bug with not existing name (part 1)
 .next:
         mov     eax, [esi + APPOBJ.fd]
         test    eax, eax
         jz      @F
 
-        cmp     eax, esi
+        cmp     eax, ebx ;esi ; Fixed endless loop bug with not existing name (part 2)
+        je      @F            ; Small optimization
         mov     esi, eax
-        je      @F
+        ;je      @F
 
         cmp     [eax + SMAP.magic], 'SMAP'
         jne     .next
@@ -1514,6 +1517,7 @@ proc shmem_close stdcall, name:dword
         popfd
         pop     edi
         pop     esi
+        pop     ebx ; Added
 .fail:
         ret
 endp