Alexandre Julliard : ntdll: Disallow changing DEP flags on 64-bit.

Alexandre Julliard julliard at winehq.org
Wed Oct 16 16:59:30 CDT 2019 

Module: wine
Branch: master
Commit: 98238aa8736022ec08205e66a4e92f690ddcc711
URL:    https://source.winehq.org/git/wine.git/?a=commit;h=98238aa8736022ec08205e66a4e92f690ddcc711

Author: Alexandre Julliard <julliard at winehq.org>
Date:   Wed Oct 16 16:29:04 2019 +0200

ntdll: Disallow changing DEP flags on 64-bit.

Signed-off-by: Alexandre Julliard <julliard at winehq.org>

---

 dlls/ntdll/process.c         |  6 ++++--
 dlls/ntdll/tests/exception.c | 19 ++++++++++++++++++-
 2 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/dlls/ntdll/process.c b/dlls/ntdll/process.c
index 02ae4404fd..c7e2cdb1b7 100644
--- a/dlls/ntdll/process.c
+++ b/dlls/ntdll/process.c
@@ -57,7 +57,9 @@
 
 WINE_DEFAULT_DEBUG_CHANNEL(process);
 
-static ULONG execute_flags = MEM_EXECUTE_OPTION_DISABLE;
+static ULONG execute_flags = MEM_EXECUTE_OPTION_DISABLE | (sizeof(void *) > sizeof(int) ?
+                                                           MEM_EXECUTE_OPTION_DISABLE_THUNK_EMULATION |
+                                                           MEM_EXECUTE_OPTION_PERMANENT : 0);
 
 static const BOOL is_win64 = (sizeof(void *) > sizeof(int));
 
@@ -679,7 +681,7 @@ NTSTATUS WINAPI NtSetInformationProcess(
         break;
 
     case ProcessExecuteFlags:
-        if (ProcessInformationLength != sizeof(ULONG))
+        if (is_win64 || ProcessInformationLength != sizeof(ULONG))
             return STATUS_INVALID_PARAMETER;
         else if (execute_flags & MEM_EXECUTE_OPTION_PERMANENT)
             return STATUS_ACCESS_DENIED;
diff --git a/dlls/ntdll/tests/exception.c b/dlls/ntdll/tests/exception.c
index 0a9dae138c..fb58c0ee7a 100644
--- a/dlls/ntdll/tests/exception.c
+++ b/dlls/ntdll/tests/exception.c
@@ -170,6 +170,7 @@ static char**   my_argv;
 #define ProcessExecuteFlags 0x22
 #define MEM_EXECUTE_OPTION_DISABLE   0x01
 #define MEM_EXECUTE_OPTION_ENABLE    0x02
+#define MEM_EXECUTE_OPTION_DISABLE_THUNK_EMULATION 0x04
 #define MEM_EXECUTE_OPTION_PERMANENT 0x08
 #endif
 
@@ -2575,9 +2576,25 @@ static void test_dpe_exceptions(void)
 {
     static const BYTE ret[] = {0xc3};
     DWORD (CDECL *func)(void) = code_mem;
-    DWORD old_prot;
+    DWORD old_prot, val = 0, len = 0xdeadbeef;
+    NTSTATUS status;
     void *handler;
 
+    status = pNtQueryInformationProcess( GetCurrentProcess(), ProcessExecuteFlags, &val, sizeof val, &len );
+    ok( status == STATUS_SUCCESS || status == STATUS_INVALID_PARAMETER, "got status %08x\n", status );
+    if (!status)
+    {
+        ok( len == sizeof(val), "wrong len %u\n", len );
+        ok( val == (MEM_EXECUTE_OPTION_DISABLE | MEM_EXECUTE_OPTION_PERMANENT |
+                    MEM_EXECUTE_OPTION_DISABLE_THUNK_EMULATION),
+            "wrong val %08x\n", val );
+    }
+    else ok( len == 0xdeadbeef, "wrong len %u\n", len );
+
+    val = MEM_EXECUTE_OPTION_DISABLE;
+    status = pNtSetInformationProcess( GetCurrentProcess(), ProcessExecuteFlags, &val, sizeof val );
+    ok( status == STATUS_INVALID_PARAMETER, "got status %08x\n", status );
+
     memcpy(code_mem, ret, sizeof(ret));
 
     handler = pRtlAddVectoredExceptionHandler(TRUE, &dpe_handler);

More information about the wine-cvs mailing list