mirror of
https://github.com/reactos/reactos.git
synced 2024-09-29 14:09:10 +00:00
[NTOS:MM] Properly fail for invalid sizes of data section mappings
This commit is contained in:
parent
4c731adc04
commit
998870c5ea
|
@ -1326,25 +1326,26 @@ MiMapViewOfDataSection(IN PCONTROL_AREA ControlArea,
|
|||
/* Check if the caller specified the view size */
|
||||
if (!(*ViewSize))
|
||||
{
|
||||
LONGLONG ViewSizeLL;
|
||||
|
||||
/* The caller did not, so pick a 64K aligned view size based on the offset */
|
||||
SectionOffset->LowPart &= ~(_64K - 1);
|
||||
|
||||
/* Make sure that we will not overflow */
|
||||
if ((Section->SizeOfSection.QuadPart - SectionOffset->QuadPart) > MAXLONG_PTR)
|
||||
/* Calculate size and make sure this fits */
|
||||
if (!NT_SUCCESS(RtlLongLongSub(Section->SizeOfSection.QuadPart, SectionOffset->QuadPart, &ViewSizeLL))
|
||||
|| !NT_SUCCESS(RtlLongLongToSIZET(ViewSizeLL, ViewSize))
|
||||
|| (*ViewSize > MAXLONG_PTR))
|
||||
{
|
||||
MiDereferenceControlArea(ControlArea);
|
||||
return STATUS_INVALID_VIEW_SIZE;
|
||||
}
|
||||
|
||||
*ViewSize = (SIZE_T)(Section->SizeOfSection.QuadPart - SectionOffset->QuadPart);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* A size was specified, align it to a 64K boundary */
|
||||
*ViewSize += SectionOffset->LowPart & (_64K - 1);
|
||||
|
||||
/* Check for overflow or huge value */
|
||||
if ((*ViewSize < (SectionOffset->LowPart & (_64K - 1))) || ((*ViewSize) > MAXLONG_PTR))
|
||||
/* A size was specified, align it to a 64K boundary
|
||||
* and check for overflow or huge value. */
|
||||
if (!NT_SUCCESS(RtlSIZETAdd(*ViewSize, SectionOffset->LowPart & (_64K - 1), ViewSize))
|
||||
|| (*ViewSize > MAXLONG_PTR))
|
||||
{
|
||||
MiDereferenceControlArea(ControlArea);
|
||||
return STATUS_INVALID_VIEW_SIZE;
|
||||
|
|
Loading…
Reference in a new issue