diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2019-09-08 14:22:27 +0200 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2019-09-08 14:22:27 +0200 |
| commit | 5a6aac95e4edef42c9954abacb9e1f1df8ef314b (patch) | |
| tree | 5f472920e0c28c32e71b4250ac4fc4cbbcf94c22 | |
| parent | 5a139b0f792154d9fd0e6a68250a5a96a87fd375 (diff) | |
fixed invalid KeProtectVirtualMemory call (have: PEP, wanted: PROC_HANDLE)
| -rw-r--r-- | KMemDriver/KMemDriver.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/KMemDriver/KMemDriver.c b/KMemDriver/KMemDriver.c index 161dd9e..8d63e74 100644 --- a/KMemDriver/KMemDriver.c +++ b/KMemDriver/KMemDriver.c @@ -558,7 +558,7 @@ NTSTATUS KRThread(IN PVOID pArg) siz = wr->SizeReq; } ULONG new_prot = PAGE_EXECUTE_READWRITE, old_prot = 0; - KeProtectVirtualMemory(lastPEP, wr->Address, wr->SizeReq, new_prot, &old_prot); + KeProtectVirtualMemory(lastPROC, wr->Address, wr->SizeReq, new_prot, &old_prot); KDBG("WPM to 0x%p size 0x%X bytes (protection before/after: 0x%X/0x%X)\n", wr->Address, wr->SizeReq, old_prot, new_prot); wr->StatusRes = KeWriteVirtualMemory(lastPEP, (PVOID)((ULONG_PTR)shm_buf + sizeof *wr), @@ -654,10 +654,11 @@ NTSTATUS UpdatePPEPIfRequired( KDBG("ObOpenObjectByPointer failed with 0x%X\n", status); } else { +#if 0 PEPROCESS pep = *lastPEP; PVOID addr = NULL; SIZE_T size = 1024; - if (!NT_SUCCESS(AllocMemoryToProcess(pep, &addr, &size, PAGE_EXECUTE_READWRITE))) + if (!NT_SUCCESS(AllocMemoryToProcess(pep, &addr, &size, PAGE_EXECUTE_READ))) { KDBG("VAD Test Alloc failed: 0x%p\n", addr); } @@ -670,6 +671,7 @@ NTSTATUS UpdatePPEPIfRequired( { KDBG("VAD Test Free failed: 0x%p (status: 0x%X)\n", addr, status); } +#endif #if 0 PMM_AVL_TABLE avltable = (PMM_AVL_TABLE)((ULONG_PTR *)pep + VAD_TREE_1803); KDBG("VAD-ROOT.....: 0x%p\n", GET_VAD_ROOT(avltable)); |