Author: sir_richard Date: Tue Nov 2 14:50:06 2010 New Revision: 49439 URL: http://svn.reactos.org/svn/reactos?rev=49439&view=rev Log: [NTOS]: Fix a bug in MmFindGapBottomUp which could make it return an address lower than what the caller said should be the lowest address. Modified: trunk/reactos/ntoskrnl/mm/marea.c Modified: trunk/reactos/ntoskrnl/mm/marea.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/mm/marea.c?rev=49… ============================================================================== --- trunk/reactos/ntoskrnl/mm/marea.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/mm/marea.c [iso-8859-1] Tue Nov 2 14:50:06 2010 @@ -492,13 +492,16 @@ break; AlignedAddress = MM_ROUND_UP(PreviousNode->EndingAddress, Granularity); - if (Node->StartingAddress > AlignedAddress && - (ULONG_PTR)Node->StartingAddress - (ULONG_PTR)AlignedAddress >= Length) - { - DPRINT("MmFindGapBottomUp: %p\n", AlignedAddress); - return AlignedAddress; - } - + if (AlignedAddress >= LowestAddress) + { + if (Node->StartingAddress > AlignedAddress && + (ULONG_PTR)Node->StartingAddress - (ULONG_PTR)AlignedAddress >= Length) + { + DPRINT("MmFindGapBottomUp: %p\n", AlignedAddress); + ASSERT(AlignedAddress >= LowestAddress); + return AlignedAddress; + } + } PreviousNode = Node; } @@ -508,6 +511,7 @@ (ULONG_PTR)HighestAddress - (ULONG_PTR)AlignedAddress >= Length) { DPRINT("MmFindGapBottomUp: %p\n", AlignedAddress); + ASSERT(AlignedAddress >= LowestAddress); return AlignedAddress; } @@ -517,6 +521,7 @@ (ULONG_PTR)FirstNode->StartingAddress - (ULONG_PTR)AlignedAddress >= Length) { DPRINT("MmFindGapBottomUp: %p\n", AlignedAddress); + ASSERT(AlignedAddress >= LowestAddress); return AlignedAddress; }