Marcus Meissner : ntdll: Check and fix PE header protections.
Alexandre Julliard
julliard at winehq.org
Mon Nov 8 11:46:25 CST 2010
Module: wine
Branch: master
Commit: 2e7dc3578663f052b8ee1d39df4a2ad41ed02300
URL: http://source.winehq.org/git/wine.git/?a=commit;h=2e7dc3578663f052b8ee1d39df4a2ad41ed02300
Author: Marcus Meissner <meissner at suse.de>
Date: Mon Nov 8 03:34:27 2010 +0100
ntdll: Check and fix PE header protections.
---
dlls/ntdll/tests/info.c | 11 +++++++++++
dlls/ntdll/virtual.c | 5 ++++-
2 files changed, 15 insertions(+), 1 deletions(-)
diff --git a/dlls/ntdll/tests/info.c b/dlls/ntdll/tests/info.c
index d228816..6345e08 100644
--- a/dlls/ntdll/tests/info.c
+++ b/dlls/ntdll/tests/info.c
@@ -1079,6 +1079,17 @@ static void test_queryvirtualmemory(void)
char stackbuf[42];
HMODULE module;
+ module = GetModuleHandle( "ntdll.dll" );
+ trace("Check flags of the PE header of NTDLL.DLL at %p\n", module);
+ status = pNtQueryVirtualMemory(NtCurrentProcess(), module, MemoryBasicInformation, &mbi, sizeof(MEMORY_BASIC_INFORMATION), &readcount);
+ ok( status == STATUS_SUCCESS, "Expected STATUS_SUCCESS, got %08x\n", status);
+ ok( readcount == sizeof(MEMORY_BASIC_INFORMATION), "Expected to read %d bytes, got %ld\n",(int)sizeof(MEMORY_BASIC_INFORMATION),readcount);
+ ok (mbi.AllocationBase == module, "mbi.AllocationBase is 0x%p, expected 0x%p\n", mbi.AllocationBase, module);
+ ok (mbi.AllocationProtect == PAGE_EXECUTE_WRITECOPY, "mbi.AllocationProtect is 0x%x, expected 0x%x\n", mbi.AllocationProtect, PAGE_EXECUTE_WRITECOPY);
+ ok (mbi.State == MEM_COMMIT, "mbi.State is 0x%x, expected 0x%x\n", mbi.State, MEM_COMMIT);
+ ok (mbi.Protect == PAGE_READONLY, "mbi.Protect is 0x%x, expected 0x%x\n", mbi.Protect, PAGE_READONLY);
+ ok (mbi.Type == MEM_IMAGE, "mbi.Type is 0x%x, expected 0x%x\n", mbi.Type, MEM_IMAGE);
+
trace("Check flags of a function entry in NTDLL.DLL at %p\n", pNtQueryVirtualMemory);
module = GetModuleHandle( "ntdll.dll" );
status = pNtQueryVirtualMemory(NtCurrentProcess(), pNtQueryVirtualMemory, MemoryBasicInformation, &mbi, sizeof(MEMORY_BASIC_INFORMATION), &readcount);
diff --git a/dlls/ntdll/virtual.c b/dlls/ntdll/virtual.c
index ea1400e..7dff79f 100644
--- a/dlls/ntdll/virtual.c
+++ b/dlls/ntdll/virtual.c
@@ -1445,10 +1445,13 @@ NTSTATUS virtual_create_builtin_view( void *module )
if (status) return status;
+ /* The PE header is always read-only, no write, no execute. */
+ view->prot[0] = VPROT_COMMITTED | VPROT_READ;
+
sec = (IMAGE_SECTION_HEADER *)((char *)&nt->OptionalHeader + nt->FileHeader.SizeOfOptionalHeader);
for (i = 0; i < nt->FileHeader.NumberOfSections; i++)
{
- DWORD flags = VPROT_SYSTEM | VPROT_IMAGE | VPROT_COMMITTED;
+ BYTE flags = VPROT_COMMITTED;
if (sec[i].Characteristics & IMAGE_SCN_MEM_EXECUTE) flags |= VPROT_EXEC;
if (sec[i].Characteristics & IMAGE_SCN_MEM_READ) flags |= VPROT_READ;
More information about the wine-cvs
mailing list