Author: mjmartin Date: Mon Sep 14 11:21:05 2009 New Revision: 43049 URL: http://svn.reactos.org/svn/reactos?rev=43049&view=rev Log: NtAllocateVirtualMemory: Add check to make sure that BaseAddress + RegionSize is inside MemoryArea. For AllocationType of MEM_RESET add FIXME's and return STATUS_SUCCESS, without modifying attributes of region. Fixes 2 virtual tests for kernel32_winetest. Modified: trunk/reactos/ntoskrnl/mm/anonmem.c Modified: trunk/reactos/ntoskrnl/mm/anonmem.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/mm/anonmem.c?rev=… ============================================================================== --- trunk/reactos/ntoskrnl/mm/anonmem.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/mm/anonmem.c [iso-8859-1] Mon Sep 14 11:21:05 2009 @@ -729,6 +729,36 @@ { MemoryAreaLength = (ULONG_PTR)MemoryArea->EndingAddress - (ULONG_PTR)MemoryArea->StartingAddress; + + if (((ULONG)BaseAddress + RegionSize) > (ULONG)MemoryArea->EndingAddress) + { + DPRINT("BaseAddress + RegionSize %x is larger than MemoryArea's EndingAddress %x\n", + (ULONG)BaseAddress + RegionSize, MemoryArea->EndingAddress); + + MmUnlockAddressSpace(AddressSpace); + ObDereferenceObject(Process); + + return STATUS_MEMORY_NOT_ALLOCATED; + } + + if (AllocationType == MEM_RESET) + { + if (MmIsPagePresent(Process, BaseAddress)) + { + /* FIXME: mark pages as not modified */ + } + else + { + /* FIXME: if pages are in paging file discard them and bring in pages of zeros */ + } + + MmUnlockAddressSpace(AddressSpace); + ObDereferenceObject(Process); + + /* MEM_RESET does not modify any attributes of region */ + return STATUS_SUCCESS; + } + if (MemoryArea->Type == MEMORY_AREA_VIRTUAL_MEMORY && MemoryAreaLength >= RegionSize) {