[NTOSKRNL]

Fix a serious bug, where NtAllocateVirtualMemory could allocate memory user mode memory above MmHighestUserAddress up to MmSystemRangeStart - 1, which is a no-access area.

svn path=/trunk/; revision=50917

diff --git a/reactos/ntoskrnl/mm/marea.c b/reactos/ntoskrnl/mm/marea.c
index cacf2ae..dc50d13 100644 (file)
--- a/reactos/ntoskrnl/mm/marea.c
+++ b/reactos/ntoskrnl/mm/marea.c
@@ -458,7 +458,7 @@ MmFindGapBottomUp(
 {
    PVOID LowestAddress  = MmGetAddressSpaceOwner(AddressSpace) ? MM_LOWEST_USER_ADDRESS : MmSystemRangeStart;
    PVOID HighestAddress = MmGetAddressSpaceOwner(AddressSpace) ?
-                          (PVOID)((ULONG_PTR)MmSystemRangeStart - 1) : (PVOID)MAXULONG_PTR;
+                            MmHighestUserAddress : (PVOID)MAXULONG_PTR;
    PVOID AlignedAddress;
    PMEMORY_AREA Node;
    PMEMORY_AREA FirstNode;