Gijs Vermeulen : ntdll: Validate len in NtQueryVirtualMemory.
Alexandre Julliard
julliard at winehq.org
Wed May 15 14:32:21 CDT 2019
Module: wine
Branch: stable
Commit: dcd7bf05c1bf13bdbb4ee211303219f87b05a649
URL: https://source.winehq.org/git/wine.git/?a=commit;h=dcd7bf05c1bf13bdbb4ee211303219f87b05a649
Author: Gijs Vermeulen <gijsvrm at gmail.com>
Date: Mon Feb 18 15:22:52 2019 +0100
ntdll: Validate len in NtQueryVirtualMemory.
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=45632
Signed-off-by: Gijs Vermeulen <gijsvrm at gmail.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>
(cherry picked from commit d2d52717af2a64196d9bc983ba8b75e64c05c3f8)
Signed-off-by: Michael Stefaniuc <mstefani at winehq.org>
---
dlls/ntdll/tests/info.c | 3 +++
dlls/ntdll/virtual.c | 3 +++
2 files changed, 6 insertions(+)
diff --git a/dlls/ntdll/tests/info.c b/dlls/ntdll/tests/info.c
index 7690696..5f27d8b 100644
--- a/dlls/ntdll/tests/info.c
+++ b/dlls/ntdll/tests/info.c
@@ -2005,6 +2005,9 @@ static void test_queryvirtualmemory(void)
/* check error code when addr is higher than working set limit */
status = pNtQueryVirtualMemory(NtCurrentProcess(), (void *)~0, MemoryBasicInformation, &mbi, sizeof(mbi), &readcount);
ok(status == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got %08x\n", status);
+ /* check error code when len is less than MEMORY_BASIC_INFORMATION size */
+ status = pNtQueryVirtualMemory(NtCurrentProcess(), GetProcessHeap(), MemoryBasicInformation, &mbi, sizeof(MEMORY_BASIC_INFORMATION) - 1, &readcount);
+ ok(status == STATUS_INFO_LENGTH_MISMATCH, "Expected STATUS_INFO_LENGTH_MISMATCH, got %08x\n", status);
}
static void test_affinity(void)
diff --git a/dlls/ntdll/virtual.c b/dlls/ntdll/virtual.c
index 030c658..da2dad1 100644
--- a/dlls/ntdll/virtual.c
+++ b/dlls/ntdll/virtual.c
@@ -2820,6 +2820,9 @@ NTSTATUS WINAPI NtQueryVirtualMemory( HANDLE process, LPCVOID addr,
}
}
+ if (len < sizeof(MEMORY_BASIC_INFORMATION))
+ return STATUS_INFO_LENGTH_MISMATCH;
+
if (process != NtCurrentProcess())
{
NTSTATUS status;
More information about the wine-cvs
mailing list