Marcus Meissner : ntdll: Check and fix PE header protections.

Alexandre Julliard julliard at winehq.org
Mon Nov 8 11:46:25 CST 2010


Module: wine
Branch: master
Commit: 2e7dc3578663f052b8ee1d39df4a2ad41ed02300
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=2e7dc3578663f052b8ee1d39df4a2ad41ed02300

Author: Marcus Meissner <meissner at suse.de>
Date:   Mon Nov  8 03:34:27 2010 +0100

ntdll: Check and fix PE header protections.

---

 dlls/ntdll/tests/info.c |   11 +++++++++++
 dlls/ntdll/virtual.c    |    5 ++++-
 2 files changed, 15 insertions(+), 1 deletions(-)

diff --git a/dlls/ntdll/tests/info.c b/dlls/ntdll/tests/info.c
index d228816..6345e08 100644
--- a/dlls/ntdll/tests/info.c
+++ b/dlls/ntdll/tests/info.c
@@ -1079,6 +1079,17 @@ static void test_queryvirtualmemory(void)
     char stackbuf[42];
     HMODULE module;
 
+    module = GetModuleHandle( "ntdll.dll" );
+    trace("Check flags of the PE header of NTDLL.DLL at %p\n", module);
+    status = pNtQueryVirtualMemory(NtCurrentProcess(), module, MemoryBasicInformation, &mbi, sizeof(MEMORY_BASIC_INFORMATION), &readcount);
+    ok( status == STATUS_SUCCESS, "Expected STATUS_SUCCESS, got %08x\n", status);
+    ok( readcount == sizeof(MEMORY_BASIC_INFORMATION), "Expected to read %d bytes, got %ld\n",(int)sizeof(MEMORY_BASIC_INFORMATION),readcount);
+    ok (mbi.AllocationBase == module, "mbi.AllocationBase is 0x%p, expected 0x%p\n", mbi.AllocationBase, module);
+    ok (mbi.AllocationProtect == PAGE_EXECUTE_WRITECOPY, "mbi.AllocationProtect is 0x%x, expected 0x%x\n", mbi.AllocationProtect, PAGE_EXECUTE_WRITECOPY);
+    ok (mbi.State == MEM_COMMIT, "mbi.State is 0x%x, expected 0x%x\n", mbi.State, MEM_COMMIT);
+    ok (mbi.Protect == PAGE_READONLY, "mbi.Protect is 0x%x, expected 0x%x\n", mbi.Protect, PAGE_READONLY);
+    ok (mbi.Type == MEM_IMAGE, "mbi.Type is 0x%x, expected 0x%x\n", mbi.Type, MEM_IMAGE);
+
     trace("Check flags of a function entry in NTDLL.DLL at %p\n", pNtQueryVirtualMemory);
     module = GetModuleHandle( "ntdll.dll" );
     status = pNtQueryVirtualMemory(NtCurrentProcess(), pNtQueryVirtualMemory, MemoryBasicInformation, &mbi, sizeof(MEMORY_BASIC_INFORMATION), &readcount);
diff --git a/dlls/ntdll/virtual.c b/dlls/ntdll/virtual.c
index ea1400e..7dff79f 100644
--- a/dlls/ntdll/virtual.c
+++ b/dlls/ntdll/virtual.c
@@ -1445,10 +1445,13 @@ NTSTATUS virtual_create_builtin_view( void *module )
 
     if (status) return status;
 
+    /* The PE header is always read-only, no write, no execute. */
+    view->prot[0] = VPROT_COMMITTED | VPROT_READ;
+
     sec = (IMAGE_SECTION_HEADER *)((char *)&nt->OptionalHeader + nt->FileHeader.SizeOfOptionalHeader);
     for (i = 0; i < nt->FileHeader.NumberOfSections; i++)
     {
-        DWORD flags = VPROT_SYSTEM | VPROT_IMAGE | VPROT_COMMITTED;
+        BYTE flags = VPROT_COMMITTED;
 
         if (sec[i].Characteristics & IMAGE_SCN_MEM_EXECUTE) flags |= VPROT_EXEC;
         if (sec[i].Characteristics & IMAGE_SCN_MEM_READ) flags |= VPROT_READ;




More information about the wine-cvs mailing list