Signed-off-by: Alex Henrie alexhenrie24@gmail.com --- DEP is enabled by default on server editions of Windows, so this test has been consistently crashing on Windows Server 2008. --- dlls/ntdll/tests/info.c | 29 ++++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-)
diff --git a/dlls/ntdll/tests/info.c b/dlls/ntdll/tests/info.c index 2ab12e4257..2ee9f0deba 100644 --- a/dlls/ntdll/tests/info.c +++ b/dlls/ntdll/tests/info.c @@ -37,6 +37,7 @@ static NTSTATUS (WINAPI * pNtUnmapViewOfSection)(HANDLE,PVOID); static NTSTATUS (WINAPI * pNtClose)(HANDLE); static ULONG (WINAPI * pNtGetCurrentProcessorNumber)(void); static BOOL (WINAPI * pIsWow64Process)(HANDLE, PBOOL); +static BOOL (WINAPI * pGetProcessDEPPolicy)(HANDLE,DWORD*,BOOL*); static BOOL (WINAPI * pGetLogicalProcessorInformationEx)(LOGICAL_PROCESSOR_RELATIONSHIP,SYSTEM_LOGICAL_PROCESSOR_INFORMATION_EX*,DWORD*);
static BOOL is_wow64; @@ -96,6 +97,8 @@ static BOOL InitFunctionPtrs(void) pIsWow64Process = (void *)GetProcAddress(hkernel32, "IsWow64Process"); if (!pIsWow64Process || !pIsWow64Process( GetCurrentProcess(), &is_wow64 )) is_wow64 = FALSE;
+ pGetProcessDEPPolicy = (void *)GetProcAddress(hkernel32, "GetProcessDEPPolicy"); + /* starting with Win7 */ pNtQuerySystemInformationEx = (void *) GetProcAddress(hntdll, "NtQuerySystemInformationEx"); if (!pNtQuerySystemInformationEx) @@ -1838,6 +1841,8 @@ static void test_mapprotection(void) LARGE_INTEGER size, offset; NTSTATUS status; SIZE_T retlen, count; + DWORD dep_flags; + BOOL dep_permanent; void (*f)(void); BOOL reset_flags = FALSE;
@@ -1883,18 +1888,28 @@ static void test_mapprotection(void) status = pNtMapViewOfSection ( h, GetCurrentProcess(), &addr, 0, 0, &offset, &count, ViewShare, 0, PAGE_READWRITE); ok( status == STATUS_SUCCESS, "Expected STATUS_SUCCESS, got %08x\n", status);
+ if (pGetProcessDEPPolicy && + pGetProcessDEPPolicy(GetCurrentProcess(), &dep_flags, &dep_permanent) && + dep_flags & PROCESS_DEP_ENABLE) + { + skip("Data Execution Prevention is enabled\n"); + } + else + { #if defined(__x86_64__) || defined(__i386__) - *(unsigned char*)addr = 0xc3; /* lret ... in both i386 and x86_64 */ + *(unsigned char*)addr = 0xc3; /* lret ... in both i386 and x86_64 */ #elif defined(__arm__) - *(unsigned long*)addr = 0xe12fff1e; /* bx lr */ + *(unsigned long*)addr = 0xe12fff1e; /* bx lr */ #elif defined(__aarch64__) - *(unsigned long*)addr = 0xd65f03c0; /* ret */ + *(unsigned long*)addr = 0xd65f03c0; /* ret */ #else - ok(0, "Add a return opcode for your architecture or expect a crash in this test\n"); + ok(0, "Add a return opcode for your architecture or expect a crash in this test\n"); #endif - trace("trying to execute code in the readwrite only mapped anon file...\n"); - f = addr;f(); - trace("...done.\n"); + trace("trying to execute code in the readwrite-only mapped anon file...\n"); + f = addr; + f(); + trace("...done.\n"); + }
status = pNtQueryVirtualMemory( GetCurrentProcess(), addr, MemoryBasicInformation, &info, sizeof(info), &retlen ); ok( status == STATUS_SUCCESS, "Expected STATUS_SUCCESS, got %08x\n", status);
On Tue, Sep 04, 2018 at 09:54:58PM -0600, Alex Henrie wrote:
Signed-off-by: Alex Henrie alexhenrie24@gmail.com
DEP is enabled by default on server editions of Windows, so this test has been consistently crashing on Windows Server 2008.
dlls/ntdll/tests/info.c | 29 ++++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-)
diff --git a/dlls/ntdll/tests/info.c b/dlls/ntdll/tests/info.c index 2ab12e4257..2ee9f0deba 100644 --- a/dlls/ntdll/tests/info.c +++ b/dlls/ntdll/tests/info.c @@ -37,6 +37,7 @@ static NTSTATUS (WINAPI * pNtUnmapViewOfSection)(HANDLE,PVOID); static NTSTATUS (WINAPI * pNtClose)(HANDLE); static ULONG (WINAPI * pNtGetCurrentProcessorNumber)(void); static BOOL (WINAPI * pIsWow64Process)(HANDLE, PBOOL); +static BOOL (WINAPI * pGetProcessDEPPolicy)(HANDLE,DWORD*,BOOL*); static BOOL (WINAPI * pGetLogicalProcessorInformationEx)(LOGICAL_PROCESSOR_RELATIONSHIP,SYSTEM_LOGICAL_PROCESSOR_INFORMATION_EX*,DWORD*);
static BOOL is_wow64; @@ -96,6 +97,8 @@ static BOOL InitFunctionPtrs(void) pIsWow64Process = (void *)GetProcAddress(hkernel32, "IsWow64Process"); if (!pIsWow64Process || !pIsWow64Process( GetCurrentProcess(), &is_wow64 )) is_wow64 = FALSE;
- pGetProcessDEPPolicy = (void *)GetProcAddress(hkernel32, "GetProcessDEPPolicy");
You want to use NtQueryInformationProcess() to get the DEP flags, to avoid calling back up to kernel32.
/* starting with Win7 */ pNtQuerySystemInformationEx = (void *) GetProcAddress(hntdll, "NtQuerySystemInformationEx"); if (!pNtQuerySystemInformationEx)@@ -1838,6 +1841,8 @@ static void test_mapprotection(void) LARGE_INTEGER size, offset; NTSTATUS status; SIZE_T retlen, count;
- DWORD dep_flags;
- BOOL dep_permanent; void (*f)(void); BOOL reset_flags = FALSE;
@@ -1883,18 +1888,28 @@ static void test_mapprotection(void) status = pNtMapViewOfSection ( h, GetCurrentProcess(), &addr, 0, 0, &offset, &count, ViewShare, 0, PAGE_READWRITE); ok( status == STATUS_SUCCESS, "Expected STATUS_SUCCESS, got %08x\n", status);
- if (pGetProcessDEPPolicy &&
pGetProcessDEPPolicy(GetCurrentProcess(), &dep_flags, &dep_permanent) &&dep_flags & PROCESS_DEP_ENABLE)- {
skip("Data Execution Prevention is enabled\n");- }
- else
- {
#if defined(__x86_64__) || defined(__i386__)
- *(unsigned char*)addr = 0xc3; /* lret ... in both i386 and x86_64 */
*(unsigned char*)addr = 0xc3; /* lret ... in both i386 and x86_64 */#elif defined(__arm__)
- *(unsigned long*)addr = 0xe12fff1e; /* bx lr */
*(unsigned long*)addr = 0xe12fff1e; /* bx lr */#elif defined(__aarch64__)
- *(unsigned long*)addr = 0xd65f03c0; /* ret */
*(unsigned long*)addr = 0xd65f03c0; /* ret */#else
- ok(0, "Add a return opcode for your architecture or expect a crash in this test\n");
ok(0, "Add a return opcode for your architecture or expect a crash in this test\n");#endif
- trace("trying to execute code in the readwrite only mapped anon file...\n");
- f = addr;f();
- trace("...done.\n");
trace("trying to execute code in the readwrite-only mapped anon file...\n");f = addr;f();trace("...done.\n");}
status = pNtQueryVirtualMemory( GetCurrentProcess(), addr, MemoryBasicInformation, &info, sizeof(info), &retlen ); ok( status == STATUS_SUCCESS, "Expected STATUS_SUCCESS, got %08x\n", status);
-- 2.18.0
On Mon, Sep 10, 2018 at 10:30:47AM +0100, Huw Davies wrote:
On Tue, Sep 04, 2018 at 09:54:58PM -0600, Alex Henrie wrote:
Signed-off-by: Alex Henrie alexhenrie24@gmail.com
DEP is enabled by default on server editions of Windows, so this test has been consistently crashing on Windows Server 2008.
dlls/ntdll/tests/info.c | 29 ++++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-)
diff --git a/dlls/ntdll/tests/info.c b/dlls/ntdll/tests/info.c index 2ab12e4257..2ee9f0deba 100644 --- a/dlls/ntdll/tests/info.c +++ b/dlls/ntdll/tests/info.c @@ -37,6 +37,7 @@ static NTSTATUS (WINAPI * pNtUnmapViewOfSection)(HANDLE,PVOID); static NTSTATUS (WINAPI * pNtClose)(HANDLE); static ULONG (WINAPI * pNtGetCurrentProcessorNumber)(void); static BOOL (WINAPI * pIsWow64Process)(HANDLE, PBOOL); +static BOOL (WINAPI * pGetProcessDEPPolicy)(HANDLE,DWORD*,BOOL*); static BOOL (WINAPI * pGetLogicalProcessorInformationEx)(LOGICAL_PROCESSOR_RELATIONSHIP,SYSTEM_LOGICAL_PROCESSOR_INFORMATION_EX*,DWORD*);
static BOOL is_wow64; @@ -96,6 +97,8 @@ static BOOL InitFunctionPtrs(void) pIsWow64Process = (void *)GetProcAddress(hkernel32, "IsWow64Process"); if (!pIsWow64Process || !pIsWow64Process( GetCurrentProcess(), &is_wow64 )) is_wow64 = FALSE;
- pGetProcessDEPPolicy = (void *)GetProcAddress(hkernel32, "GetProcessDEPPolicy");
You want to use NtQueryInformationProcess() to get the DEP flags, to avoid calling back up to kernel32.
But on looking further we already do that (sorry I thought this was a different test), so something else must be going on.
Huw.
-
Alex Henrie -
Huw Davies