[0.4.10][NTOS] Fix a regression in the PE loader CORE-11717

which caused images to be loaded up to MmHighestUserAddress,
thus overwriting the shared user page.

This is now fixed by using MM_HIGHEST_VAD_ADDRESS as the margin instead.
This commit allows again to load WIN32K.sys of Win2K3SP2
which regressed by SVN 67793 == git
3565260212c7b6f12a0fc74dc86aa84ab5590002

fix cherry picked from commit 0.4.14-dev-143-g
56da95671ce87fc3c9fffbf33f411759ce330e49

diff --git a/ntoskrnl/mm/section.c b/ntoskrnl/mm/section.c
index 9bf9f3c..3e2f31f 100644 (file)
--- a/ntoskrnl/mm/section.c
+++ b/ntoskrnl/mm/section.c
@@ -4550,11 +4550,11 @@ MmMapViewOfSection(IN PVOID SectionObject,
         ImageSectionObject->ImageInformation.ImageFileSize = (ULONG)ImageSize;
 
         /* Check for an illegal base address */
         ImageSectionObject->ImageInformation.ImageFileSize = (ULONG)ImageSize;
 
         /* Check for an illegal base address */

-        if (((ImageBase + ImageSize) > (ULONG_PTR)MmHighestUserAddress) ||
+        if (((ImageBase + ImageSize) > (ULONG_PTR)MM_HIGHEST_VAD_ADDRESS) ||

                 ((ImageBase + ImageSize) < ImageSize))
         {
             ASSERT(*BaseAddress == NULL);
                 ((ImageBase + ImageSize) < ImageSize))
         {
             ASSERT(*BaseAddress == NULL);

-            ImageBase = ALIGN_DOWN_BY((ULONG_PTR)MmHighestUserAddress - ImageSize,
+            ImageBase = ALIGN_DOWN_BY((ULONG_PTR)MM_HIGHEST_VAD_ADDRESS - ImageSize,

                                       MM_VIRTMEM_GRANULARITY);
             NotAtBase = TRUE;
         }
                                       MM_VIRTMEM_GRANULARITY);
             NotAtBase = TRUE;
         }