From c461964dcc98a84027faacae7bdea2078dd1af4b Mon Sep 17 00:00:00 2001 From: Joachim Henze Date: Tue, 28 Feb 2023 03:58:59 +0100 Subject: [PATCH] [0.4.9][NTOS:MM] Fix BSOD0x1E Port back 0.4.12-dev-973-g d29e216f994f8aa321c32ec77b9ad507357b37b3 [NTOSKRNL] In MmCreateImageSection, properly check whether cache was initialized This fixes a crash that occurs if nul is typed in cmd.exe (BSOD0x1E) ---------- Port back also some unrelated formatting-improvements within section.c, e.g.: return(xyz) -> return xyz A *partial* port of 0.4.15-dev-1793-g b7eb0fddf3b675ab495c41e44861a924eded4730 --- ntoskrnl/mm/section.c | 76 +++++++++++++++++++++---------------------- 1 file changed, 37 insertions(+), 39 deletions(-) diff --git a/ntoskrnl/mm/section.c b/ntoskrnl/mm/section.c index ae2140602f9..32ab9ba947d 100644 --- a/ntoskrnl/mm/section.c +++ b/ntoskrnl/mm/section.c @@ -2800,7 +2800,7 @@ MmCreatePhysicalMemorySection(VOID) PhysSection->AllocationAttributes |= SEC_PHYSICALMEMORY; PhysSection->Segment->Flags &= ~MM_PAGEFILE_SEGMENT; - return(STATUS_SUCCESS); + return STATUS_SUCCESS; } NTSTATUS @@ -2833,7 +2833,7 @@ MmInitSectionImplementation(VOID) MmCreatePhysicalMemorySection(); - return(STATUS_SUCCESS); + return STATUS_SUCCESS; } NTSTATUS @@ -2946,7 +2946,7 @@ MmCreateDataFileSection(PROS_SECTION_OBJECT *SectionObject, if (!NT_SUCCESS(Status)) { ObDereferenceObject(FileObject); - return(Status); + return Status; } /* * Initialize it @@ -3005,7 +3005,7 @@ MmCreateDataFileSection(PROS_SECTION_OBJECT *SectionObject, { ObDereferenceObject(Section); ObDereferenceObject(FileObject); - return(STATUS_SECTION_NOT_EXTENDED); + return STATUS_SECTION_NOT_EXTENDED; } } @@ -3025,7 +3025,7 @@ MmCreateDataFileSection(PROS_SECTION_OBJECT *SectionObject, { ObDereferenceObject(Section); ObDereferenceObject(FileObject); - return(Status); + return Status; } /* @@ -3041,7 +3041,7 @@ MmCreateDataFileSection(PROS_SECTION_OBJECT *SectionObject, //KeSetEvent((PVOID)&FileObject->Lock, IO_NO_INCREMENT, FALSE); ObDereferenceObject(Section); ObDereferenceObject(FileObject); - return(STATUS_NO_MEMORY); + return STATUS_NO_MEMORY; } Section->Segment = Segment; Segment->ReferenceCount = 1; @@ -3098,7 +3098,7 @@ MmCreateDataFileSection(PROS_SECTION_OBJECT *SectionObject, #endif //KeSetEvent((PVOID)&FileObject->Lock, IO_NO_INCREMENT, FALSE); *SectionObject = Section; - return(STATUS_SUCCESS); + return STATUS_SUCCESS; } /* @@ -3745,7 +3745,7 @@ MmCreateImageSection(PROS_SECTION_OBJECT *SectionObject, return STATUS_INVALID_FILE_FOR_SECTION; #ifndef NEWCC - if (FileObject->SectionObjectPointer->SharedCacheMap == NULL) + if (!CcIsFileCached(FileObject)) { DPRINT1("Denying section creation due to missing cache initialization\n"); return STATUS_INVALID_FILE_FOR_SECTION; @@ -3767,7 +3767,7 @@ MmCreateImageSection(PROS_SECTION_OBJECT *SectionObject, if (!NT_SUCCESS(Status)) { ObDereferenceObject(FileObject); - return(Status); + return Status; } /* @@ -3788,7 +3788,7 @@ MmCreateImageSection(PROS_SECTION_OBJECT *SectionObject, { ObDereferenceObject(FileObject); ObDereferenceObject(Section); - return(STATUS_NO_MEMORY); + return STATUS_NO_MEMORY; } RtlZeroMemory(ImageSectionObject, sizeof(MM_IMAGE_SECTION_OBJECT)); @@ -3812,7 +3812,7 @@ MmCreateImageSection(PROS_SECTION_OBJECT *SectionObject, ExFreePoolWithTag(ImageSectionObject, TAG_MM_SECTION_SEGMENT); ObDereferenceObject(Section); ObDereferenceObject(FileObject); - return(Status); + return Status; } Section->ImageSection = ImageSectionObject; @@ -3828,7 +3828,7 @@ MmCreateImageSection(PROS_SECTION_OBJECT *SectionObject, ExFreePool(ImageSectionObject); ObDereferenceObject(Section); ObDereferenceObject(FileObject); - return(Status); + return Status; } if (NULL != InterlockedCompareExchangePointer(&FileObject->SectionObjectPointer->ImageSectionObject, @@ -3861,7 +3861,7 @@ MmCreateImageSection(PROS_SECTION_OBJECT *SectionObject, { ObDereferenceObject(Section); ObDereferenceObject(FileObject); - return(Status); + return Status; } ImageSectionObject = FileObject->SectionObjectPointer->ImageSectionObject; @@ -3884,20 +3884,21 @@ MmCreateImageSection(PROS_SECTION_OBJECT *SectionObject, #endif //KeSetEvent((PVOID)&FileObject->Lock, IO_NO_INCREMENT, FALSE); *SectionObject = Section; - return(Status); + return Status; } static NTSTATUS -MmMapViewOfSegment(PMMSUPPORT AddressSpace, - PROS_SECTION_OBJECT Section, - PMM_SECTION_SEGMENT Segment, - PVOID* BaseAddress, - SIZE_T ViewSize, - ULONG Protect, - ULONG ViewOffset, - ULONG AllocationType) +MmMapViewOfSegment( + PMMSUPPORT AddressSpace, + PROS_SECTION_OBJECT Section, + PMM_SECTION_SEGMENT Segment, + PVOID* BaseAddress, + SIZE_T ViewSize, + ULONG Protect, + ULONG ViewOffset, + ULONG AllocationType) { PMEMORY_AREA MArea; NTSTATUS Status; @@ -3946,7 +3947,7 @@ MmMapViewOfSegment(PMMSUPPORT AddressSpace, { DPRINT1("Mapping between 0x%p and 0x%p failed (%X).\n", (*BaseAddress), (char*)(*BaseAddress) + ViewSize, Status); - return(Status); + return Status; } ObReferenceObject((PVOID)Section); @@ -3962,7 +3963,7 @@ MmMapViewOfSegment(PMMSUPPORT AddressSpace, MmInitializeRegion(&MArea->Data.SectionData.RegionListHead, ViewSize, 0, Protect); - return(STATUS_SUCCESS); + return STATUS_SUCCESS; } @@ -4084,7 +4085,7 @@ MmUnmapViewOfSegment(PMMSUPPORT AddressSpace, BaseAddress); if (MemoryArea == NULL) { - return(STATUS_UNSUCCESSFUL); + return STATUS_UNSUCCESSFUL; } Section = MemoryArea->Data.SectionData.Section; @@ -4129,7 +4130,7 @@ MmUnmapViewOfSegment(PMMSUPPORT AddressSpace, } MmUnlockSectionSegment(Segment); ObDereferenceObject(Section); - return(Status); + return Status; } NTSTATUS @@ -4226,7 +4227,7 @@ MiRosUnmapViewOfSection(IN PEPROCESS Process, /* Notify debugger */ if (ImageBaseAddress && !SkipDebuggerNotify) DbgkUnMapViewOfSection(ImageBaseAddress); - return(STATUS_SUCCESS); + return STATUS_SUCCESS; } @@ -4446,7 +4447,7 @@ NtQuerySection( ObDereferenceObject(Section); - return(Status); + return Status; } /********************************************************************** @@ -4602,14 +4603,14 @@ MmMapViewOfSection(IN PVOID SectionObject, if ((*BaseAddress) != NULL) { MmUnlockAddressSpace(AddressSpace); - return(STATUS_CONFLICTING_ADDRESSES); + return STATUS_CONFLICTING_ADDRESSES; } /* Otherwise find a gap to map the image. */ ImageBase = (ULONG_PTR)MmFindGap(AddressSpace, PAGE_ROUND_UP(ImageSize), MM_VIRTMEM_GRANULARITY, FALSE); if (ImageBase == 0) { MmUnlockAddressSpace(AddressSpace); - return(STATUS_CONFLICTING_ADDRESSES); + return STATUS_CONFLICTING_ADDRESSES; } /* Remember that we loaded image at a different base address */ NotAtBase = TRUE; @@ -4632,7 +4633,7 @@ MmMapViewOfSection(IN PVOID SectionObject, if (!NT_SUCCESS(Status)) { MmUnlockAddressSpace(AddressSpace); - return(Status); + return Status; } } @@ -4675,7 +4676,7 @@ MmMapViewOfSection(IN PVOID SectionObject, if ((ViewOffset % PAGE_SIZE) != 0) { MmUnlockAddressSpace(AddressSpace); - return(STATUS_MAPPED_ALIGNMENT); + return STATUS_MAPPED_ALIGNMENT; } if ((*ViewSize) == 0) @@ -4702,7 +4703,7 @@ MmMapViewOfSection(IN PVOID SectionObject, if (!NT_SUCCESS(Status)) { MmUnlockAddressSpace(AddressSpace); - return(Status); + return Status; } } @@ -4788,15 +4789,12 @@ MmCanFileBeTruncated (IN PSECTION_OBJECT_POINTERS SectionObjectPointer, return TRUE; } - - - /* * @implemented */ BOOLEAN NTAPI MmFlushImageSection (IN PSECTION_OBJECT_POINTERS SectionObjectPointer, - IN MMFLUSH_TYPE FlushType) + IN MMFLUSH_TYPE FlushType) { BOOLEAN Result = TRUE; #ifdef NEWCC @@ -4840,7 +4838,8 @@ MmFlushImageSection (IN PSECTION_OBJECT_POINTERS SectionObjectPointer, /* * @implemented */ -NTSTATUS NTAPI +NTSTATUS +NTAPI MmMapViewInSystemSpace (IN PVOID SectionObject, OUT PVOID * MappedBase, IN OUT PSIZE_T ViewSize) @@ -4877,7 +4876,6 @@ MmMapViewInSystemSpace (IN PVOID SectionObject, MmLockSectionSegment(Section->Segment); - Status = MmMapViewOfSegment(AddressSpace, Section, Section->Segment,