[PATCH] ntoskrnl: Have MmIsAddressValid use IsBadReadPtr.
Thomas Faber
thomas.faber at reactos.org
Thu Jun 7 05:24:26 CDT 2018
On 2018-06-06 17:11, Derek Lesho wrote:
> Hi Thomas, in your example, does &Base refer to the base of
> ntoskrnl.exe? If so, why are you allocating a buffer there, wouldn't
> that corrupt the memory of ntoskrnl, or am I misunderstanding what
> your code is doing. On windows, do drivers have access to change the
> memory of ntoskrnl?
My intention was to simply make a user mode memory allocation, so there
should be a "Base = NULL;" before the call to ZwAllocateVirtualMemory.
This function cannot allocate kernel address space (or overwrite loaded
modules), so it wouldn't do anything unexpected. I was just suggesting
it to demonstrate behavior with NOACCESS/READONLY/READWRITE pages.
As for your actual use case, I'd assume ntoskrnl's code is most likely
write-protected on Windows as well, much like you encountered on Wine,
but I haven't verified.
Since your patch was committed I don't know if you're still interested
in adding the test. If you are, I'd suggest to go with the simpler
second version, since like I said the "full test" won't be very useful
in Wine.
> On Wed, Jun 6, 2018 at 3:51 AM, Thomas Faber <thomas.faber at reactos.org> wrote:
>> void test_function()
>> {
>> ok(MmIsAddressValid((void*)test_function), ...); // fails in master, succeeds with patch?
>> ptr = ExAllocatePoolWithTag(NonPagedPool, ...)
>> ok(MmIsAddressValid(ptr), ...);
>> ExFreePoolWithTag...
>> ok(!MmIsAddressValid(NULL), ...);
>> }
Perhaps also
ok(MmIsAddressValid((void*)MmIsAddressValid), ...);
to specifically test ntoskrnl instead of the test driver's binary.
-Thomas
More information about the wine-devel
mailing list