Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 01-18-2006, 17:21
MarkusO
 
Posts: n/a
VirtualAlloc fails on specific memory address

I'm trying to manage a (theoretical) simple task: allocate memory at an address specified by me. However, I don't get it to work for some reason.

I simply use VirtualAlloc(lpAddress, dwSize, flAllocationType, flProtect);

If lpAddress is set to NULL, Windows will allocate the memory at an address it selects by itself. This works without any problems.

However, if I specify any memory location, the function will fail with ERROR_INVALID_ADDRESS from GetLastError. I traced a bit in the Windows kernel, but I found only one error check: If lpAddress is below 0x00010000, GetLastError will return ERROR_INVALID_PARAMETER.

The function even fails if I'm trying to force allocation of the memory region which Windows will give me if I set lpAddress to NULL.

Example:
Code:
VirtualAlloc(0x00830000, 0x4000, MEM_COMMIT, PAGE_READWRITE) -> function fails with ERROR_INVALID_ADDRESS
VirtualAlloc(NULL,       0x4000, MEM_COMMIT, PAGE_READWRITE) -> function allocates 0x4000 bytes at address 0x00830000
Did I miss something special or why doesn't the allocation of a specific memory region work?
Reply With Quote
  #2  
Old 01-18-2006, 18:03
Snatch
 
Posts: n/a
You only have access to memory in your process address space so 400000 to 600000 or so usually. You are trying to address memory outside of this space which will yield the exception.
Reply With Quote
  #3  
Old 01-18-2006, 19:06
Kerlingen
 
Posts: n/a
@MarkusO:
Quote from MSDN:
Quote:
The function fails if you attempt to commit a page that has not been reserved. The resulting error code is ERROR_INVALID_ADDRESS.
@Snatch:
I could allocate any memory region I tried. The mistake here was that MarkusO tried to commit a page which was not reserved. I never heard about that "process address space" rule, like you call it, before.
Reply With Quote
  #4  
Old 01-19-2006, 01:23
Human
 
Posts: n/a
MEM_RESERVE The function reserves a range of the process's virtual address space without allocating any actual physical storage in memory or in the paging file on disk. Other memory allocation functions, such as malloc and LocalAlloc, cannot use a reserved range of memory until it is released. You can commit reserved memory pages in subsequent calls to the VirtualAllocEx function.

seems we have to do 2 virtualalloc's
one with reserve one with commit at least i understand it that way
Reply With Quote
  #5  
Old 01-19-2006, 06:56
adaptor adaptor is offline
Friend
 
Join Date: Jan 2006
Posts: 27
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 0 Times in 0 Posts
adaptor Reputation: 0
Correct way to do what you need:
VirtualAlloc(0x00830000, 0x4000, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE)

The second example works fine because: "If the value of the lpAddress parameter is NULL, specifying MEM_COMMIT without MEM_RESERVE causes the function to BOTH reserve and commit the memory". (MSDN)
Reply With Quote
  #6  
Old 01-19-2006, 14:36
MarkusO
 
Posts: n/a
So I really missed something, even if it is nothing "special". Next time I will read the API documentation better.

Thx @all
Reply With Quote
  #7  
Old 01-22-2006, 17:23
SLV SLV is offline
Friend
 
Join Date: May 2005
Posts: 62
Rept. Given: 3
Rept. Rcvd 4 Times in 3 Posts
Thanks Given: 5
Thanks Rcvd at 2 Times in 2 Posts
SLV Reputation: 4
Read it:

typedef struct _SYSTEM_INFO { // sinf
union {
DWORD dwOemId;
struct {
WORD wProcessorArchitecture;
WORD wReserved;
};
};
DWORD dwPageSize;
LPVOID lpMinimumApplicationAddress; !!!
LPVOID lpMaximumApplicationAddress; !!!
DWORD dwActiveProcessorMask;
DWORD dwNumberOfProcessors;
DWORD dwProcessorType;
DWORD dwAllocationGranularity;
WORD wProcessorLevel;
WORD wProcessorRevision;

} SYSTEM_INFO;
Reply With Quote
  #8  
Old 01-22-2006, 18:11
Kerlingen
 
Posts: n/a
@SLV:
I guess you are posting in answer to my question about the post from "Snatch" above. ("process address space so 400000 to 600000 or so usually")

But when I run "GetSystemInfo" I get:

lpMinimumApplicationAddress = 00010000h
lpMinimumApplicationAddress = 7FFFFFFFh

But this is something I really don't need this API for since it will be the same for all home computers and workstations and for 99.99% of the servers. It is also no answer to the initial question posted by "MarkusO".
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Unpack OneWay.dll problem,Import REConstructor v1.6 Final fails. winndy General Discussion 3 01-07-2006 10:22
MapConv fails to apply IDA .MAP labels or comments 5Alive General Discussion 5 05-25-2005 19:55
Allocating memory at a specific location redbull General Discussion 5 04-18-2005 19:37


All times are GMT +8. The time now is 18:43.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )