MEM_RESERVE regions are not accessible by ReadProcessMemory()

util/win/process_info_test.cc

Index: util/win/process_info_test.cc
diff --git a/util/win/process_info_test.cc b/util/win/process_info_test.cc
index d3d674dd875ad10131145d151731abde57776915..1017c7d5a91c028a6590c222932f7b2ea362eafc 100644
--- a/util/win/process_info_test.cc
+++ b/util/win/process_info_test.cc
@@ -19,6 +19,7 @@
 #include <wchar.h>
 
 #include "base/files/file_path.h"
+#include "base/memory/scoped_ptr.h"
 #include "build/build_config.h"
 #include "gtest/gtest.h"
 #include "test/paths.h"
@@ -279,6 +280,29 @@ TEST(ProcessInfo, AccessibleRangesOneMovedStart) {
   EXPECT_EQ(5, result[0].size());
 }
 
+TEST(ProcessInfo, ReserveIsInaccessible) {
+  std::vector<ProcessInfo::MemoryInfo> memory_info;
+  MEMORY_BASIC_INFORMATION mbi = {0};
+
+  mbi.BaseAddress = 0;
+  mbi.RegionSize = 10;
+  mbi.State = MEM_RESERVE;
+  memory_info.push_back(ProcessInfo::MemoryInfo(mbi));
+
+  mbi.BaseAddress = reinterpret_cast<void*>(10);
+  mbi.RegionSize = 20;
+  mbi.State = MEM_COMMIT;
+  memory_info.push_back(ProcessInfo::MemoryInfo(mbi));
+
+  std::vector<CheckedRange<WinVMAddress, WinVMSize>> result =
+      GetReadableRangesOfMemoryMap(CheckedRange<WinVMAddress, WinVMSize>(5, 10),
+                                   memory_info);
+
+  ASSERT_EQ(result.size(), 1u);
+  EXPECT_EQ(10, result[0].base());
+  EXPECT_EQ(5, result[0].size());
+}
+
 TEST(ProcessInfo, AccessibleRangesCoalesced) {
   std::vector<ProcessInfo::MemoryInfo> memory_info;
   MEMORY_BASIC_INFORMATION mbi = {0};
@@ -295,7 +319,7 @@ TEST(ProcessInfo, AccessibleRangesCoalesced) {
 
   mbi.BaseAddress = reinterpret_cast<void*>(12);
   mbi.RegionSize = 5;
-  mbi.State = MEM_RESERVE;
+  mbi.State = MEM_COMMIT;
   memory_info.push_back(ProcessInfo::MemoryInfo(mbi));
 
   std::vector<CheckedRange<WinVMAddress, WinVMSize>> result =
@@ -373,6 +397,72 @@ TEST(ProcessInfo, RequestedAfterMap) {
   EXPECT_EQ(5, result[0].size());
 }
 
+TEST(ProcessInfo, ReadableRanges) {
+  ProcessInfo info;

[Mark Mentovai, 2015/10/01 21:43:52]

Don’t declare this until you use it below.

[scottmg, 2015/10/01 22:03:49]

Done.

+
+  SYSTEM_INFO system_info;
+  GetSystemInfo(&system_info);
+
+  const size_t kBlockSize = system_info.dwPageSize;
+
+  // Allocate 6 pages, and then commit the second, fourth, and fifth, so we have
+  // a setup like this:
+  // 0       1       2       3       4       5
+  // +-----------------------------------------------+
+  // | ????? |       | ????? |       |       | ????? |

[Mark Mentovai, 2015/10/01 21:43:52]

Maybe page[2] should be PAGE_NOACCESS to test that too.

[scottmg, 2015/10/01 22:03:49]

Sadly, I screwed that three line function up when I changed the sense. :(

Good idea on the test anyway!

[Mark Mentovai, 2015/10/01 22:22:28]

scottmg wrote:
The power of tests!

+  // +-----------------------------------------------+
+  void* reserve_region =
+      VirtualAlloc(nullptr, kBlockSize * 6, MEM_RESERVE, PAGE_READWRITE);
+  ASSERT_TRUE(reserve_region);
+  uintptr_t reserved_as_int = reinterpret_cast<uintptr_t>(reserve_region);
+  void* readable1 =
+      VirtualAlloc(reinterpret_cast<void*>(reserved_as_int + kBlockSize),
+                   kBlockSize,
+                   MEM_COMMIT,
+                   PAGE_READWRITE);
+  ASSERT_TRUE(readable1);
+  void* readable2 =
+      VirtualAlloc(reinterpret_cast<void*>(reserved_as_int + (kBlockSize * 3)),
+                   kBlockSize * 2,
+                   MEM_COMMIT,
+                   PAGE_READWRITE);
+  ASSERT_TRUE(readable2);
+
+  info.Initialize(GetCurrentProcess());

[Mark Mentovai, 2015/10/01 21:43:52]

You call GetCurrentProcess() five times in this test. Cache it in a local
HANDLE?

[scottmg, 2015/10/01 22:03:49]

Sure, it's just "return -1", but I guess it means less parens in the calls.

+  auto ranges = info.GetReadableRanges(
+      CheckedRange<WinVMAddress, WinVMSize>(reserved_as_int, kBlockSize * 6));
+
+  ASSERT_EQ(ranges.size(), 2u);

[Mark Mentovai, 2015/10/01 21:43:52]

Order as (2u, ranges.size()).

[scottmg, 2015/10/01 22:03:49]

Done.

+  EXPECT_EQ(reserved_as_int + kBlockSize, ranges[0].base());
+  EXPECT_EQ(kBlockSize, ranges[0].size());
+  EXPECT_EQ(reserved_as_int + (kBlockSize * 3), ranges[1].base());
+  EXPECT_EQ(kBlockSize * 2, ranges[1].size());
+
+  // Also make sure what we think we can read corresponds with what we can
+  // actually read.
+  scoped_ptr<unsigned char[]> into(new unsigned char[kBlockSize * 6]);
+  SIZE_T bytes_read;
+
+  EXPECT_TRUE(ReadProcessMemory(
+      GetCurrentProcess(), readable1, into.get(), kBlockSize, &bytes_read));
+  EXPECT_EQ(kBlockSize, bytes_read);
+
+  EXPECT_TRUE(ReadProcessMemory(
+      GetCurrentProcess(), readable2, into.get(), kBlockSize * 2, &bytes_read));
+  EXPECT_EQ(kBlockSize * 2, bytes_read);
+
+  EXPECT_FALSE(ReadProcessMemory(GetCurrentProcess(),
+                                 reserve_region,
+                                 into.get(),
+                                 kBlockSize,
+                                 &bytes_read));
+  EXPECT_FALSE(ReadProcessMemory(GetCurrentProcess(),
+                                 reserve_region,
+                                 into.get(),
+                                 kBlockSize * 6,
+                                 &bytes_read));
+}
+
 }  // namespace
 }  // namespace test
 }  // namespace crashpad