re: weird Windows 2000/XP bug

[<awe () centrum cz>]

Hi,
I've traced this and problem is in API function WriteFile, further
in some NT internal call (int 2E), it only occurs when console is
used as the output file. A have two different results, on one
computer this leads to system reset, on the other to BSOD
(0xc000021a STOP). All were W2K, SP2. I'll try tomorrow on NT4.
The registers before int 2E call were:

 EAX = 000000B0 EBX = 00000000 ECX = 0094007C EDX = 0012F914 ESI =
0012F954 EDI = 00000000
 EIP = 77F8224B ESP = 0012F910 EBP = 0012F92C EFL = 00000246
 MM0 = 0000000000000000 MM1 = 0000000000000000 MM2 =
0000000000000000 MM3 = 0000000000000000 MM4 = 0000000000000000
 MM5 = 0000000000000000 MM6 = 0000000000000000 MM7 = 0000000000000000
 CS = 001B DS = 0023 ES = 0023 SS = 0023 FS = 0038 GS = 0000 OV=0
UP=0 EI=1 PL=0 ZR=1 AC=0 PE=1 CY=0
 ST0 = +0.00000000000000000e+0000 ST1 = +0.00000000000000000e+0000
ST2 = +0.00000000000000000e+0000
 ST3 = +0.00000000000000000e+0000 ST4 = +0.00000000000000000e+0000
ST5 = +0.00000000000000000e+0000
 ST6 = +0.00000000000000000e+0000 ST7 = +0.00000000000000000e+0000
 CTRL = 027F STAT = 0000 TAGS = FFFF EIP = 00000000
 CS = 0000 DS = 0000 EDO = 00000000

Martin.
______________________________________________________________
> Od: Teodor Cimpoesu <teo () gecadsoftware com>
> Komu: vuln-dev () securityfocus com
> CC: 
> Datum: Mon, 29 Oct 2001 17:19:47 +0200
> Předmět: weird Windows 2000/XP bug
>
> Some guys arround here are having fun with a little C program
which causes
> Windows200/XP to reboot:
>
> #include <stdio.h>
>
> int main(void)
> {
>    while (1)
>       printf("\t\t\b\b\b\b\b\b");
>    return 0;
> }
>
> I don't know exactly where it was first seen, and who discovered
it; just
> thought to forward it here maybe others have insights.
>
> comments?
>
> -- teodor


-----
Nový vyhledávač pro český internet www.webfast.cz - prostě najde ...