From 131699fe4a1711291f5005996c84ed4dbbc6e39e Mon Sep 17 00:00:00 2001 From: Boring <1079299053@qq.com> Date: Sun, 8 Oct 2023 14:53:55 +0800 Subject: [PATCH] #35 Fix initialization failure in session 0 --- MemoryModule/Initialize.cpp | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/MemoryModule/Initialize.cpp b/MemoryModule/Initialize.cpp index e0ccdfa..ee845af 100644 --- a/MemoryModule/Initialize.cpp +++ b/MemoryModule/Initialize.cpp @@ -333,12 +333,21 @@ NTSTATUS MmpAllocateGlobalData() { SIZE_T ViewSize = 0; PTEB teb = NtCurrentTeb(); - swprintf_s( - buffer, - L"\\Sessions\\%d\\BaseNamedObjects\\MMPP*%p", - NtCurrentPeb()->SessionId, - (PVOID)(~(ULONG_PTR)teb->ClientId.UniqueProcess ^ (ULONG_PTR)teb->ProcessEnvironmentBlock->ProcessHeap) - ); + if (NtCurrentPeb()->SessionId == 0) { + swprintf_s( + buffer, + L"\\BaseNamedObjects\\MMPP*%p", + (PVOID)(~(ULONG_PTR)teb->ClientId.UniqueProcess ^ (ULONG_PTR)teb->ProcessEnvironmentBlock->ProcessHeap) + ); + } + else { + swprintf_s( + buffer, + L"\\Sessions\\%d\\BaseNamedObjects\\MMPP*%p", + NtCurrentPeb()->SessionId, + (PVOID)(~(ULONG_PTR)teb->ClientId.UniqueProcess ^ (ULONG_PTR)teb->ProcessEnvironmentBlock->ProcessHeap) + ); + } RtlInitUnicodeString(&us, buffer); InitializeObjectAttributes(&oa, &us, 0, nullptr, nullptr);