Merge pull request #3976 from mikem8361/readmemoryav

mellinoe · mellinoe · commit 160901107df2 · 2016-03-30T00:34:25.000Z
Fix ReadMemory AV (Issue #3916)
diff --git a/src/debug/shared/dbgtransportsession.cpp b/src/debug/shared/dbgtransportsession.cpp
@@ -1126,6 +1126,34 @@ DbgTransportSession::Message * DbgTransportSession::RemoveMessageFromSendQueue(D
 #endif
 
 #ifndef RIGHT_SIDE_COMPILE
+
+#ifdef FEATURE_PAL
+__attribute__((noinline))
+__attribute__((optnone))
+static void 
+ProbeMemory(__in_ecount(cbBuffer) volatile PBYTE pbBuffer, DWORD cbBuffer, bool fWriteAccess)
+{
+    // Need an throw in this function to fool the C++ runtime into handling the 
+    // possible h/w exception below.
+    if (pbBuffer == NULL)
+    {
+        throw PAL_SEHException();
+    }
+
+    // Simple one byte at a time probing
+    while (cbBuffer > 0)
+    {
+        volatile BYTE read = *pbBuffer;
+        if (fWriteAccess)
+        {
+            *pbBuffer = read;
+        }
+        ++pbBuffer;
+        --cbBuffer;
+    }
+}
+#endif // FEATURE_PAL
+
 // Check read and optionally write memory access to the specified range of bytes. Used to check
 // ReadProcessMemory and WriteProcessMemory requests.
 HRESULT DbgTransportSession::CheckBufferAccess(__in_ecount(cbBuffer) PBYTE pbBuffer, DWORD cbBuffer, bool fWriteAccess)
@@ -1138,7 +1166,6 @@ HRESULT DbgTransportSession::CheckBufferAccess(__in_ecount(cbBuffer) PBYTE pbBuf
 
     // VirtualQuery doesn't know much about memory allocated outside of PAL's VirtualAlloc 
     // that's why on Unix we can't rely on in to detect invalid memory reads  
-    // TODO: We need to find and use appropriate memory map API on other operating systems. 
 #ifndef FEATURE_PAL
     do 
     {
@@ -1179,11 +1206,24 @@ HRESULT DbgTransportSession::CheckBufferAccess(__in_ecount(cbBuffer) PBYTE pbBuf
         }
     }
     while (cbBuffer > 0);
+#else
+    try
+    {
+        // Need to explicit h/w exception holder so to catch them in ProbeMemory
+        CatchHardwareExceptionHolder __catchHardwareException;
+
+        ProbeMemory(pbBuffer, cbBuffer, fWriteAccess);
+    }
+    catch(...)
+    {
+        return HRESULT_FROM_WIN32(ERROR_INVALID_ADDRESS);
+    }
 #endif
 
     // The specified region has passed all of our checks.
     return S_OK;
 }
+
 #endif // !RIGHT_SIDE_COMPILE
 
 // Initialize all session state to correct starting values. Used during Init() and on the LS when we
diff --git a/src/pal/src/thread/context.cpp b/src/pal/src/thread/context.cpp
@@ -655,7 +655,7 @@ DWORD CONTEXTGetExceptionCodeForSignal(const siginfo_t *siginfo,
                             return exceptionCode;
                         }
                     }
-                    // fall through
+                    return EXCEPTION_ACCESS_VIOLATION;
                 }
 #endif
                 default:

Original file line number	Diff line number	Diff line change
`@@ -655,7 +655,7 @@ DWORD CONTEXTGetExceptionCodeForSignal(const siginfo_t *siginfo,`
`655`	`655`	`return exceptionCode;`
`656`	`656`	`}`
`657`	`657`	`}`
`658`		`- // fall through`
	`658`	`+ return EXCEPTION_ACCESS_VIOLATION;`
`659`	`659`	`}`
`660`	`660`	`#endif`
`661`	`661`	`default:`