ShuriZma
/
xenia-canary
mirror of https://github.com/xenia-canary/xenia-canary.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[Kernel/Memory] Restrict NtVirtualMemory only to virtual memory range

This commit is contained in:
Gliniak 2020-09-16 20:10:10 +02:00 committed by Rick Gibbed
parent c071500ff4
commit 26b0aa0cc4
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/xenia/kernel/xboxkrnl/xboxkrnl_memory.cc
View File

@ -101,6 +101,9 @@ dword_result_t NtAllocateVirtualMemory(lpdword_t base_addr_ptr,
if (*base_addr_ptr != 0) { if (*base_addr_ptr != 0) {
// ignore specified page size when base address is specified. // ignore specified page size when base address is specified.
auto heap = kernel_memory()->LookupHeap(*base_addr_ptr); auto heap = kernel_memory()->LookupHeap(*base_addr_ptr);
if (heap->heap_type() != HeapType::kGuestVirtual) {
return X_STATUS_INVALID_PARAMETER;
}
page_size = heap->page_size(); page_size = heap->page_size();
} else { } else {
// Adjust size. // Adjust size.
@ -192,7 +195,9 @@ dword_result_t NtProtectVirtualMemory(lpdword_t base_addr_ptr,
} }
auto heap = kernel_memory()->LookupHeap(*base_addr_ptr); auto heap = kernel_memory()->LookupHeap(*base_addr_ptr);
if (heap->heap_type() != HeapType::kGuestVirtual) {
return X_STATUS_INVALID_PARAMETER;
}
// Adjust the base downwards to the nearest page boundary. // Adjust the base downwards to the nearest page boundary.
uint32_t adjusted_base = uint32_t adjusted_base =
*base_addr_ptr - (*base_addr_ptr % heap->page_size()); *base_addr_ptr - (*base_addr_ptr % heap->page_size());
@ -240,6 +245,9 @@ dword_result_t NtFreeVirtualMemory(lpdword_t base_addr_ptr,
} }
auto heap = kernel_state()->memory()->LookupHeap(base_addr_value); auto heap = kernel_state()->memory()->LookupHeap(base_addr_value);
if (heap->heap_type() != HeapType::kGuestVirtual) {
return X_STATUS_INVALID_PARAMETER;
}
bool result = false; bool result = false;
if (free_type == X_MEM_DECOMMIT) { if (free_type == X_MEM_DECOMMIT) {
// If zero, we may need to query size (free whole region). // If zero, we may need to query size (free whole region).