[ros-diffs] [fireball] 34630: Yuriy Sidorov <jura@cp-lab.com> - Invalid parameter error is returned if requested memory area is located above USER_SHARED_DATA address (0x7FFE0000) (WinXP compatible). - Access violation error is returned if existing memory area found on requested address and this area have uninitialized region list. See issue #3467 for more details.

Author: fireball Date: Mon Jul 21 04:40:12 2008 New Revision: 34630

URL: http://svn.reactos.org/svn/reactos?rev=34630&view=rev Log: Yuriy Sidorov jura@cp-lab.com - Invalid parameter error is returned if requested memory area is located above USER_SHARED_DATA address (0x7FFE0000) (WinXP compatible). - Access violation error is returned if existing memory area found on requested address and this area have uninitialized region list. See issue #3467 for more details.

Modified: trunk/reactos/ntoskrnl/mm/anonmem.c

Modified: trunk/reactos/ntoskrnl/mm/anonmem.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/mm/anonmem.c?rev=3... ============================================================================== --- trunk/reactos/ntoskrnl/mm/anonmem.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/mm/anonmem.c [iso-8859-1] Mon Jul 21 04:40:12 2008 @@ -656,7 +656,7 @@ * Yes, MmCreateMemoryArea does similar checks, but they don't return * the right status codes that a caller of this routine would expect. */ - if (BaseAddress >= MM_HIGHEST_USER_ADDRESS) + if ((ULONG_PTR)BaseAddress >= USER_SHARED_DATA) { DPRINT1("Virtual allocation base above User Space\n"); return STATUS_INVALID_PARAMETER_2; @@ -666,7 +666,7 @@ DPRINT1("Region size is invalid (zero)\n"); return STATUS_INVALID_PARAMETER_4; } - if (((ULONG_PTR)MM_HIGHEST_USER_ADDRESS - (ULONG_PTR)BaseAddress) < RegionSize) + if ((USER_SHARED_DATA - (ULONG_PTR)BaseAddress) < RegionSize) { DPRINT1("Region size would overflow into kernel-memory\n"); return STATUS_INVALID_PARAMETER_4; @@ -726,12 +726,21 @@ } else if (MemoryAreaLength >= RegionSize) { - Status = - MmAlterRegion(AddressSpace, - MemoryArea->StartingAddress, - &MemoryArea->Data.SectionData.RegionListHead, - BaseAddress, RegionSize, - Type, Protect, MmModifyAttributes); + /* Region list initialized? */ + if (MemoryArea->Data.SectionData.RegionListHead.Flink) + { + Status = + MmAlterRegion(AddressSpace, + MemoryArea->StartingAddress, + &MemoryArea->Data.SectionData.RegionListHead, + BaseAddress, RegionSize, + Type, Protect, MmModifyAttributes); + } + else + { + Status = STATUS_ACCESS_VIOLATION; + } + MmUnlockAddressSpace(AddressSpace); ObDereferenceObject(Process); DPRINT("NtAllocateVirtualMemory() = %x\n",Status);