[PATCH v2 0/2] MR529: wow64: Return error from NtQueryVirtualMemory(MemoryBasicInformation) for a too-large address.
-- v2: wow64: Return error from NtQueryVirtualMemory(MemoryBasicInformation) for a too-large address. ntdll/tests: Add tests for the address limit of NtQueryVirtualMemory(MemoryBasicInformation).
From: Brendan Shanks bshanks@codeweavers.com
--- dlls/ntdll/tests/info.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/dlls/ntdll/tests/info.c b/dlls/ntdll/tests/info.c index c367b4f372e..53f42d5a897 100644 --- a/dlls/ntdll/tests/info.c +++ b/dlls/ntdll/tests/info.c @@ -2773,6 +2773,7 @@ static void test_queryvirtualmemory(void) void *user_shared_data = (void *)0x7ffe0000; char buffer[1024]; MEMORY_SECTION_NAME *name = (MEMORY_SECTION_NAME *)buffer; + SYSTEM_BASIC_INFORMATION sbi;
module = GetModuleHandleA( "ntdll.dll" ); status = pNtQueryVirtualMemory(NtCurrentProcess(), module, MemoryBasicInformation, &mbi, sizeof(MEMORY_BASIC_INFORMATION), &readcount); @@ -2849,9 +2850,20 @@ static void test_queryvirtualmemory(void) ok(mbi.Type == MEM_PRIVATE, "mbi.Type is 0x%lx, expected 0x%x\n", mbi.Type, MEM_PRIVATE); ok(mbi.RegionSize == 0x1000, "mbi.RegionSize is 0x%Ix, expected 0x%x\n", mbi.RegionSize, 0x1000);
- /* check error code when addr is higher than working set limit */ + /* check error code when addr is higher than user space limit */ + status = pNtQuerySystemInformation(SystemBasicInformation, &sbi, sizeof(sbi), NULL); + ok(status == STATUS_SUCCESS, "Expected STATUS_SUCCESS, got %08lx\n", status); + status = pNtQueryVirtualMemory(NtCurrentProcess(), sbi.LowestUserAddress, MemoryBasicInformation, &mbi, sizeof(mbi), &readcount); + ok(status == STATUS_SUCCESS, "Expected STATUS_SUCCESS, got %08lx\n", status); + status = pNtQueryVirtualMemory(NtCurrentProcess(), (char *)sbi.LowestUserAddress-1, MemoryBasicInformation, &mbi, sizeof(mbi), &readcount); + ok(status == STATUS_SUCCESS, "Expected STATUS_SUCCESS, got %08lx\n", status); + status = pNtQueryVirtualMemory(NtCurrentProcess(), sbi.HighestUserAddress, MemoryBasicInformation, &mbi, sizeof(mbi), &readcount); + ok(status == STATUS_SUCCESS, "Expected STATUS_SUCCESS, got %08lx\n", status); + status = pNtQueryVirtualMemory(NtCurrentProcess(), (char *)sbi.HighestUserAddress+1, MemoryBasicInformation, &mbi, sizeof(mbi), &readcount); + ok(status == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got %08lx\n", status); status = pNtQueryVirtualMemory(NtCurrentProcess(), (void *)~0, MemoryBasicInformation, &mbi, sizeof(mbi), &readcount); ok(status == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got %08lx\n", status); + /* check error code when len is less than MEMORY_BASIC_INFORMATION size */ status = pNtQueryVirtualMemory(NtCurrentProcess(), GetProcessHeap(), MemoryBasicInformation, &mbi, sizeof(MEMORY_BASIC_INFORMATION) - 1, &readcount); ok(status == STATUS_INFO_LENGTH_MISMATCH, "Expected STATUS_INFO_LENGTH_MISMATCH, got %08lx\n", status);
From: Brendan Shanks bshanks@codeweavers.com
--- dlls/wow64/syscall.c | 2 ++ dlls/wow64/virtual.c | 7 +++++-- dlls/wow64/wow64_private.h | 1 + 3 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/dlls/wow64/syscall.c b/dlls/wow64/syscall.c index 80c4bf73d8b..bc6d46258ed 100644 --- a/dlls/wow64/syscall.c +++ b/dlls/wow64/syscall.c @@ -36,6 +36,7 @@ WINE_DEFAULT_DEBUG_CHANNEL(wow); USHORT native_machine = 0; USHORT current_machine = 0; ULONG_PTR args_alignment = 0; +ULONG_PTR highest_user_address = 0x7ffeffff; ULONG_PTR default_zero_bits = 0x7fffffff;
typedef NTSTATUS (WINAPI *syscall_thunk)( UINT *args ); @@ -573,6 +574,7 @@ static DWORD WINAPI process_init( RTL_RUN_ONCE *once, void *param, void **contex if (!current_machine) current_machine = native_machine; args_alignment = (current_machine == IMAGE_FILE_MACHINE_I386) ? sizeof(ULONG) : sizeof(ULONG64); NtQuerySystemInformation( SystemEmulationBasicInformation, &info, sizeof(info), NULL ); + highest_user_address = (ULONG_PTR)info.HighestUserAddress; default_zero_bits = (ULONG_PTR)info.HighestUserAddress | 0x7fffffff;
#define GET_PTR(name) p ## name = RtlFindExportedRoutineByName( module, #name ) diff --git a/dlls/wow64/virtual.c b/dlls/wow64/virtual.c index 8b69432829d..8b7d022301f 100644 --- a/dlls/wow64/virtual.c +++ b/dlls/wow64/virtual.c @@ -381,7 +381,11 @@ NTSTATUS WINAPI wow64_NtQueryVirtualMemory( UINT *args ) switch (class) { case MemoryBasicInformation: /* MEMORY_BASIC_INFORMATION */ - if (len >= sizeof(MEMORY_BASIC_INFORMATION32)) + if (len < sizeof(MEMORY_BASIC_INFORMATION32)) + status = STATUS_INFO_LENGTH_MISMATCH; + else if ((ULONG_PTR)addr > highest_user_address) + status = STATUS_INVALID_PARAMETER; + else { MEMORY_BASIC_INFORMATION info; MEMORY_BASIC_INFORMATION32 *info32 = ptr; @@ -397,7 +401,6 @@ NTSTATUS WINAPI wow64_NtQueryVirtualMemory( UINT *args ) info32->Type = info.Type; } } - else status = STATUS_INFO_LENGTH_MISMATCH; res_len = sizeof(MEMORY_BASIC_INFORMATION32); break;
diff --git a/dlls/wow64/wow64_private.h b/dlls/wow64/wow64_private.h index c089a6ec4aa..f2c405bb2c6 100644 --- a/dlls/wow64/wow64_private.h +++ b/dlls/wow64/wow64_private.h @@ -39,6 +39,7 @@ extern BOOL get_file_redirect( OBJECT_ATTRIBUTES *attr ) DECLSPEC_HIDDEN; extern USHORT native_machine DECLSPEC_HIDDEN; extern USHORT current_machine DECLSPEC_HIDDEN; extern ULONG_PTR args_alignment DECLSPEC_HIDDEN; +extern ULONG_PTR highest_user_address DECLSPEC_HIDDEN; extern ULONG_PTR default_zero_bits DECLSPEC_HIDDEN; extern SYSTEM_DLL_INIT_BLOCK *pLdrSystemDllInitBlock DECLSPEC_HIDDEN;
-
Brendan Shanks -
Brendan Shanks (@bshanks)