IDontCode
/
physmeme
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

sometimes the gdrv returns an invalid virtual address that is 1 page

Browse Source 
ahead of the actual mapping... added a try/catch around memcmp
master
xerox 4 years ago
parent 61fb1b0638
commit 48e3357155
2 changed files with 110 additions and 78 deletions
Show Stats Download Patch File Download Diff File

16
physmeme-lib/kernel_ctx/kernel_ctx.cpp
Unescape View File

@ -43,7 +43,11 @@ namespace physmeme
{ {
// scan every page of the physical memory range // scan every page of the physical memory range
for (auto page = page_va; page < page_va + end; page += 0x1000) for (auto page = page_va; page < page_va + end; page += 0x1000)
{
if (!is_page_found.load()) // keep scanning until its found if (!is_page_found.load()) // keep scanning until its found
{
__try
{
if (!memcmp(reinterpret_cast<void*>(page), ntoskrnl_buffer + nt_rva, 32)) if (!memcmp(reinterpret_cast<void*>(page), ntoskrnl_buffer + nt_rva, 32))
{ {
// //
@ -59,6 +63,10 @@ namespace physmeme
is_page_found.store(true); is_page_found.store(true);
return; return;
} }
}
__except (EXCEPTION_EXECUTE_HANDLER) {}
}
}
physmeme::unmap_phys(page_va, end); physmeme::unmap_phys(page_va, end);
} }
} }
@ -76,6 +84,8 @@ namespace physmeme
for (auto page = page_va; page < page_va + 0x1000 * 512; page += 0x1000) for (auto page = page_va; page < page_va + 0x1000 * 512; page += 0x1000)
{ {
if (!is_page_found.load()) if (!is_page_found.load())
{
__try
{ {
if (!memcmp(reinterpret_cast<void*>(page), ntoskrnl_buffer + nt_rva, 32)) if (!memcmp(reinterpret_cast<void*>(page), ntoskrnl_buffer + nt_rva, 32))
{ {
@ -93,6 +103,8 @@ namespace physmeme
return; return;
} }
} }
__except (EXCEPTION_EXECUTE_HANDLER) {}
}
} }
physmeme::unmap_phys(page_va, 0x1000 * 512); physmeme::unmap_phys(page_va, 0x1000 * 512);
} }
@ -105,6 +117,8 @@ namespace physmeme
for (auto page = page_va; page < page_va + remainder; page += 0x1000) for (auto page = page_va; page < page_va + remainder; page += 0x1000)
{ {
if (!is_page_found.load()) if (!is_page_found.load())
{
__try
{ {
if (!memcmp(reinterpret_cast<void*>(page), ntoskrnl_buffer + nt_rva, 32)) if (!memcmp(reinterpret_cast<void*>(page), ntoskrnl_buffer + nt_rva, 32))
{ {
@ -122,6 +136,8 @@ namespace physmeme
return; return;
} }
} }
__except (EXCEPTION_EXECUTE_HANDLER) {}
}
} }
physmeme::unmap_phys(page_va, remainder); physmeme::unmap_phys(page_va, remainder);
} }

16
physmeme/kernel_ctx/kernel_ctx.cpp
Unescape View File

@ -43,7 +43,11 @@ namespace physmeme
{ {
// scan every page of the physical memory range // scan every page of the physical memory range
for (auto page = page_va; page < page_va + end; page += 0x1000) for (auto page = page_va; page < page_va + end; page += 0x1000)
{
if (!is_page_found.load()) // keep scanning until its found if (!is_page_found.load()) // keep scanning until its found
{
__try
{
if (!memcmp(reinterpret_cast<void*>(page), ntoskrnl_buffer + nt_rva, 32)) if (!memcmp(reinterpret_cast<void*>(page), ntoskrnl_buffer + nt_rva, 32))
{ {
// //
@ -59,6 +63,10 @@ namespace physmeme
is_page_found.store(true); is_page_found.store(true);
return; return;
} }
}
__except (EXCEPTION_EXECUTE_HANDLER) {}
}
}
physmeme::unmap_phys(page_va, end); physmeme::unmap_phys(page_va, end);
} }
} }
@ -76,6 +84,8 @@ namespace physmeme
for (auto page = page_va; page < page_va + 0x1000 * 512; page += 0x1000) for (auto page = page_va; page < page_va + 0x1000 * 512; page += 0x1000)
{ {
if (!is_page_found.load()) if (!is_page_found.load())
{
__try
{ {
if (!memcmp(reinterpret_cast<void*>(page), ntoskrnl_buffer + nt_rva, 32)) if (!memcmp(reinterpret_cast<void*>(page), ntoskrnl_buffer + nt_rva, 32))
{ {
@ -93,6 +103,8 @@ namespace physmeme
return; return;
} }
} }
__except (EXCEPTION_EXECUTE_HANDLER) {}
}
} }
physmeme::unmap_phys(page_va, 0x1000 * 512); physmeme::unmap_phys(page_va, 0x1000 * 512);
} }
@ -105,6 +117,8 @@ namespace physmeme
for (auto page = page_va; page < page_va + remainder; page += 0x1000) for (auto page = page_va; page < page_va + remainder; page += 0x1000)
{ {
if (!is_page_found.load()) if (!is_page_found.load())
{
__try
{ {
if (!memcmp(reinterpret_cast<void*>(page), ntoskrnl_buffer + nt_rva, 32)) if (!memcmp(reinterpret_cast<void*>(page), ntoskrnl_buffer + nt_rva, 32))
{ {
@ -122,6 +136,8 @@ namespace physmeme
return; return;
} }
} }
__except (EXCEPTION_EXECUTE_HANDLER) {}
}
} }
physmeme::unmap_phys(page_va, remainder); physmeme::unmap_phys(page_va, remainder);
} }

Write Preview
Loading…
Cancel
Save