Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-04 04:36:40 +00:00
Code Issues Projects Releases Packages Wiki Activity

- Add probing of the result buffer

Browse source 
- Add missing target process reference/dereference in MemorySectionName case of NtQueryVirtualMemory. Fixes 2 "psapi_winetest" failures.

svn path=/trunk/; revision=41406
This commit is contained in:
Dmitry Chapyshev 2009-06-14 08:30:22 +00:00
parent 7c65e049ea
commit a72b50ba4d
1 changed files with 22 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

24
reactos/ntoskrnl/mm/virtual.c
View file

@ -849,6 +849,7 @@ NtProtectVirtualMemory(IN HANDLE ProcessHandle,
SIZE_T NumberOfBytesToProtect = 0; SIZE_T NumberOfBytesToProtect = 0;
KPROCESSOR_MODE PreviousMode = ExGetPreviousMode(); KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
NTSTATUS Status = STATUS_SUCCESS; NTSTATUS Status = STATUS_SUCCESS;
PAGED_CODE();
/* Check for valid protection flags */ /* Check for valid protection flags */
Protection = NewAccessProtection & ~(PAGE_GUARD|PAGE_NOCACHE); Protection = NewAccessProtection & ~(PAGE_GUARD|PAGE_NOCACHE);
@ -961,6 +962,7 @@ NtQueryVirtualMemory(IN HANDLE ProcessHandle,
WCHAR ModuleFileNameBuffer[MAX_PATH] = {0}; WCHAR ModuleFileNameBuffer[MAX_PATH] = {0};
UNICODE_STRING ModuleFileName; UNICODE_STRING ModuleFileName;
PMEMORY_SECTION_NAME SectionName = NULL; PMEMORY_SECTION_NAME SectionName = NULL;
PEPROCESS Process;
union union
{ {
MEMORY_BASIC_INFORMATION BasicInfo; MEMORY_BASIC_INFORMATION BasicInfo;
@ -975,11 +977,15 @@ NtQueryVirtualMemory(IN HANDLE ProcessHandle,
PreviousMode = ExGetPreviousMode(); PreviousMode = ExGetPreviousMode();
if (PreviousMode != KernelMode && UnsafeResultLength != NULL) if (PreviousMode != KernelMode)
{ {
_SEH2_TRY _SEH2_TRY
{ {
ProbeForWriteSize_t(UnsafeResultLength); ProbeForWrite(VirtualMemoryInformation,
Length,
sizeof(ULONG_PTR));
if (UnsafeResultLength) ProbeForWriteSize_t(UnsafeResultLength);
} }
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{ {
@ -1002,6 +1008,19 @@ NtQueryVirtualMemory(IN HANDLE ProcessHandle,
/* FIXME: Move this inside MiQueryVirtualMemory */ /* FIXME: Move this inside MiQueryVirtualMemory */
if (VirtualMemoryInformationClass == MemorySectionName) if (VirtualMemoryInformationClass == MemorySectionName)
{ {
Status = ObReferenceObjectByHandle(ProcessHandle,
PROCESS_QUERY_INFORMATION,
NULL,
PreviousMode,
(PVOID*)(&Process),
NULL);
if (!NT_SUCCESS(Status))
{
DPRINT("NtQueryVirtualMemory() = %x\n",Status);
return(Status);
}
RtlInitEmptyUnicodeString(&ModuleFileName, ModuleFileNameBuffer, sizeof(ModuleFileNameBuffer)); RtlInitEmptyUnicodeString(&ModuleFileName, ModuleFileNameBuffer, sizeof(ModuleFileNameBuffer));
Status = MmGetFileNameForAddress(Address, &ModuleFileName); Status = MmGetFileNameForAddress(Address, &ModuleFileName);
@ -1039,6 +1058,7 @@ NtQueryVirtualMemory(IN HANDLE ProcessHandle,
} }
} }
} }
ObDereferenceObject(Process);
return Status; return Status;
} }
else else