Alexandre Julliard : ntdll: Make sure that the virtual heap doesn't overlap the preloader range.

Alexandre Julliard julliard at winehq.org
Fri Apr 23 15:20:17 CDT 2021 

Module: wine
Branch: master
Commit: 2e0a96a483bdb2e7609993ac8c55378dbec4dcec
URL:    https://source.winehq.org/git/wine.git/?a=commit;h=2e0a96a483bdb2e7609993ac8c55378dbec4dcec

Author: Alexandre Julliard <julliard at winehq.org>
Date:   Fri Apr 23 17:19:26 2021 +0200

ntdll: Make sure that the virtual heap doesn't overlap the preloader range.

Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=50963
Signed-off-by: Alexandre Julliard <julliard at winehq.org>

---

 dlls/ntdll/unix/virtual.c | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/dlls/ntdll/unix/virtual.c b/dlls/ntdll/unix/virtual.c
index b0ff26ade53..8521dc11258 100644
--- a/dlls/ntdll/unix/virtual.c
+++ b/dlls/ntdll/unix/virtual.c
@@ -2575,11 +2575,23 @@ struct alloc_virtual_heap
 static int CDECL alloc_virtual_heap( void *base, SIZE_T size, void *arg )
 {
     struct alloc_virtual_heap *alloc = arg;
+    void *end = (char *)base + size;
 
     if (is_beyond_limit( base, size, address_space_limit )) address_space_limit = (char *)base + size;
-    if (size < alloc->size) return 0;
     if (is_win64 && base < (void *)0x80000000) return 0;
-    alloc->base = anon_mmap_fixed( (char *)base + size - alloc->size, alloc->size, PROT_READ|PROT_WRITE, 0 );
+    if (preload_reserve_end >= end)
+    {
+        if (preload_reserve_start <= base) return 0;  /* no space in that area */
+        if (preload_reserve_start < end) end = preload_reserve_start;
+    }
+    else if (preload_reserve_end > base)
+    {
+        if (preload_reserve_start <= base) base = preload_reserve_end;
+        else if ((char *)end - (char *)preload_reserve_end >= alloc->size) base = preload_reserve_end;
+        else end = preload_reserve_start;
+    }
+    if ((char *)end - (char *)base < alloc->size) return 0;
+    alloc->base = anon_mmap_fixed( (char *)end - alloc->size, alloc->size, PROT_READ|PROT_WRITE, 0 );
     return (alloc->base != MAP_FAILED);
 }

More information about the wine-cvs mailing list