[PATCH] ntdll: Validate len in NtQueryVirtualMemory.
Gijs Vermeulen
gijsvrm at gmail.com
Mon Feb 18 08:22:52 CST 2019
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=45632
Signed-off-by: Gijs Vermeulen <gijsvrm at gmail.com>
---
dlls/ntdll/tests/info.c | 3 +++
dlls/ntdll/virtual.c | 3 +++
2 files changed, 6 insertions(+)
diff --git a/dlls/ntdll/tests/info.c b/dlls/ntdll/tests/info.c
index 7690696304..5f27d8bb69 100644
--- a/dlls/ntdll/tests/info.c
+++ b/dlls/ntdll/tests/info.c
@@ -2005,6 +2005,9 @@ static void test_queryvirtualmemory(void)
/* check error code when addr is higher than working set limit */
status = pNtQueryVirtualMemory(NtCurrentProcess(), (void *)~0, MemoryBasicInformation, &mbi, sizeof(mbi), &readcount);
ok(status == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got %08x\n", status);
+ /* check error code when len is less than MEMORY_BASIC_INFORMATION size */
+ status = pNtQueryVirtualMemory(NtCurrentProcess(), GetProcessHeap(), MemoryBasicInformation, &mbi, sizeof(MEMORY_BASIC_INFORMATION) - 1, &readcount);
+ ok(status == STATUS_INFO_LENGTH_MISMATCH, "Expected STATUS_INFO_LENGTH_MISMATCH, got %08x\n", status);
}
static void test_affinity(void)
diff --git a/dlls/ntdll/virtual.c b/dlls/ntdll/virtual.c
index c008db7806..7f4b8f4d31 100644
--- a/dlls/ntdll/virtual.c
+++ b/dlls/ntdll/virtual.c
@@ -2820,6 +2820,9 @@ NTSTATUS WINAPI NtQueryVirtualMemory( HANDLE process, LPCVOID addr,
}
}
+ if(len < sizeof(MEMORY_BASIC_INFORMATION))
+ return STATUS_INFO_LENGTH_MISMATCH;
+
if (process != NtCurrentProcess())
{
NTSTATUS status;
--
2.20.1
More information about the wine-devel
mailing list