Alexandre Julliard : ntdll: Tweak the file mapping permission checks some more, with tests. - wine-commits

20 May 2009

Module: wine
Branch: master
Commit: d5d0738fb9f87f2c01c172d1653158444f520efa
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=d5d0738fb9f87f2c01c172d165...
Author: Alexandre Julliard julliard@winehq.org
Date:   Tue May 19 21:36:05 2009 +0200
ntdll: Tweak the file mapping permission checks some more, with tests.
---
dlls/kernel32/tests/virtual.c |   35 ++++++++++++++++++++++++++++++++++-
 dlls/kernel32/virtual.c       |    3 +--
 dlls/ntdll/virtual.c          |    6 +++---
 server/mapping.c              |    2 +-
 4 files changed, 39 insertions(+), 7 deletions(-)

diff --git a/dlls/kernel32/tests/virtual.c b/dlls/kernel32/tests/virtual.c
index 5bea009..e665f0f 100644
--- a/dlls/kernel32/tests/virtual.c
+++ b/dlls/kernel32/tests/virtual.c
@@ -328,7 +328,7 @@ static void test_MapViewOfFile(void)
 {
     static const char testfile[] = "testfile.xxx";
     const char *name;
-    HANDLE file, mapping;
+    HANDLE file, mapping, map2;
     void *ptr, *ptr2;
     MEMORY_BASIC_INFORMATION info;
     BOOL ret;
@@ -365,6 +365,39 @@ static void test_MapViewOfFile(void)
     ptr = MapViewOfFile( mapping, FILE_MAP_WRITE, 0, 0, 4096 );
     ok( ptr != NULL, "MapViewOfFile FILE_MAP_WRITE error %u\n", GetLastError() );
     UnmapViewOfFile( ptr );
+
+    ret = DuplicateHandle( GetCurrentProcess(), mapping, GetCurrentProcess(), &map2,
+                           FILE_MAP_READ|FILE_MAP_WRITE, FALSE, 0 );
+    ok( ret, "DuplicateHandle failed error %u\n", GetLastError());
+    ptr = MapViewOfFile( map2, FILE_MAP_WRITE, 0, 0, 4096 );
+    ok( ptr != NULL, "MapViewOfFile FILE_MAP_WRITE error %u\n", GetLastError() );
+    UnmapViewOfFile( ptr );
+    CloseHandle( map2 );
+
+    ret = DuplicateHandle( GetCurrentProcess(), mapping, GetCurrentProcess(), &map2,
+                           FILE_MAP_READ, FALSE, 0 );
+    ok( ret, "DuplicateHandle failed error %u\n", GetLastError());
+    ptr = MapViewOfFile( map2, FILE_MAP_WRITE, 0, 0, 4096 );
+    if (!ptr)
+    {
+        ok( GetLastError() == ERROR_ACCESS_DENIED, "Wrong error %d\n", GetLastError() );
+        CloseHandle( map2 );
+        ret = DuplicateHandle( GetCurrentProcess(), mapping, GetCurrentProcess(), &map2, 0, FALSE, 0 );
+        ok( ret, "DuplicateHandle failed error %u\n", GetLastError());
+        ptr = MapViewOfFile( map2, 0, 0, 0, 4096 );
+        ok( !ptr, "MapViewOfFile succeeded\n" );
+        ok( GetLastError() == ERROR_ACCESS_DENIED, "Wrong error %d\n", GetLastError() );
+        CloseHandle( map2 );
+        ret = DuplicateHandle( GetCurrentProcess(), mapping, GetCurrentProcess(), &map2,
+                               FILE_MAP_READ, FALSE, 0 );
+        ok( ret, "DuplicateHandle failed error %u\n", GetLastError());
+        ptr = MapViewOfFile( map2, 0, 0, 0, 4096 );
+        ok( ptr != NULL, "MapViewOfFile NO_ACCESS error %u\n", GetLastError() );
+    }
+    else win_skip( "no access checks on win9x\n" );
+
+    UnmapViewOfFile( ptr );
+    CloseHandle( map2 );
     CloseHandle( mapping );
/* read-only mapping */
diff --git a/dlls/kernel32/virtual.c b/dlls/kernel32/virtual.c
index 56c7228..9ad941b 100644
--- a/dlls/kernel32/virtual.c
+++ b/dlls/kernel32/virtual.c
@@ -539,9 +539,8 @@ LPVOID WINAPI MapViewOfFileEx( HANDLE handle, DWORD access,
     offset.u.HighPart = offset_high;
if (access & FILE_MAP_WRITE) protect = PAGE_READWRITE;
-    else if (access & FILE_MAP_READ) protect = PAGE_READONLY;
     else if (access & FILE_MAP_COPY) protect = PAGE_WRITECOPY;
-    else protect = PAGE_NOACCESS;
+    else protect = PAGE_READONLY;
if (access & FILE_MAP_EXECUTE) protect <<= 4;
diff --git a/dlls/ntdll/virtual.c b/dlls/ntdll/virtual.c
index e0a758b..0475bd9 100644
--- a/dlls/ntdll/virtual.c
+++ b/dlls/ntdll/virtual.c
@@ -2288,18 +2288,18 @@ NTSTATUS WINAPI NtMapViewOfSection( HANDLE handle, HANDLE process, PVOID *addr_p
     switch(protect)
     {
     case PAGE_NOACCESS:
-        access = SECTION_QUERY;
+        access = 0;
         break;
     case PAGE_READWRITE:
     case PAGE_EXECUTE_READWRITE:
-        access = SECTION_QUERY | SECTION_MAP_WRITE;
+        access = SECTION_MAP_WRITE;
         break;
     case PAGE_READONLY:
     case PAGE_WRITECOPY:
     case PAGE_EXECUTE:
     case PAGE_EXECUTE_READ:
     case PAGE_EXECUTE_WRITECOPY:
-        access = SECTION_QUERY | SECTION_MAP_READ;
+        access = SECTION_MAP_READ;
         break;
     default:
         return STATUS_INVALID_PARAMETER;
diff --git a/server/mapping.c b/server/mapping.c
index 81c5096..5549a64 100644
--- a/server/mapping.c
+++ b/server/mapping.c
@@ -562,7 +562,7 @@ DECL_HANDLER(get_mapping_info)
     struct fd *fd;
if ((mapping = (struct mapping *)get_handle_obj( current->process, req->handle,
-                                                     req->access | SECTION_QUERY, &mapping_ops )))
+                                                     req->access, &mapping_ops )))
     {
         reply->size        = mapping->size;
         reply->protect     = mapping->protect;

    