Author: tkreuzer
Date: Sun Feb 27 15:16:00 2011
New Revision: 50917
URL:
http://svn.reactos.org/svn/reactos?rev=50917&view=rev
Log:
[NTOSKRNL]
Fix a serious bug, where NtAllocateVirtualMemory could allocate memory user mode memory
above MmHighestUserAddress up to MmSystemRangeStart - 1, which is a no-access area.
Modified:
trunk/reactos/ntoskrnl/mm/marea.c
Modified: trunk/reactos/ntoskrnl/mm/marea.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/mm/marea.c?rev=50…
==============================================================================
--- trunk/reactos/ntoskrnl/mm/marea.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/mm/marea.c [iso-8859-1] Sun Feb 27 15:16:00 2011
@@ -458,7 +458,7 @@
{
PVOID LowestAddress = MmGetAddressSpaceOwner(AddressSpace) ? MM_LOWEST_USER_ADDRESS :
MmSystemRangeStart;
PVOID HighestAddress = MmGetAddressSpaceOwner(AddressSpace) ?
- (PVOID)((ULONG_PTR)MmSystemRangeStart - 1) :
(PVOID)MAXULONG_PTR;
+ MmHighestUserAddress : (PVOID)MAXULONG_PTR;
PVOID AlignedAddress;
PMEMORY_AREA Node;
PMEMORY_AREA FirstNode;