Changing Protection Attributes

Previous page
Table of content
Next page
[Previous] [Next]

Although the practice is rare, it is possible to change the protection attributes associated with a page or pages of committed physical storage. For example, say you've developed code to manage a linked list, the nodes of which you are keeping in a reserved region. You could design the functions that process the linked list so that they change the protection attributes of the committed storage to PAGE_READWRITE at the start of each function and then back to PAGE_NOACCESS just before each function terminates.

By doing this, you protect your linked-list data from other bugs hiding in your program. If any other code in your process has a stray pointer that attempts to access your linked-list data, an access violation is raised. Taking advantage of protection attributes can be incredibly useful when you're trying to locate hard-to-find bugs in your application.

You can alter the protection rights of a page of memory by calling VirtualProtect:

 BOOL VirtualProtect( PVOID pvAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD pflOldProtect);

Here, pvAddress points to the base address of the memory (which must be in your process's user-mode partition), dwSize indicates the number of bytes for which you want to change the protection attribute, and flNewProtect can represent any one of the PAGE_* protection attribute identifiers except for PAGE_WRITECOPY and PAGE_EXECUTE_WRITECOPY.

The last parameter, pflOldProtect, is the address of a DWORD that VirtualProtect will fill in with the protection attribute originally associated with the byte at pvAddress. Even though many applications don't need this information, you must pass a valid address for this parameter, or the function fails.

Of course, protection attributes are associated with entire pages of storage and cannot be assigned to individual bytes. So if you were to call VirtualProtect on a 4-KB page machine using the following code, you would end up assigning PAGE_NOACCESS protection to two pages of storage.

 VirtualProtect(pvRgnBase + (3 * 1024), 2 * 1024, PAGE_NOACCESS, &flOldProtect);

WINDOWS 98
Windows 98 supports only the PAGE_NOACCESS, PAGE_READONLY, and PAGE_READWRITE protection attributes. If you attempt to change a page's protection to PAGE_EXECUTE or PAGE_EXECUTE_READ, the page receives PAGE_READONLY protection. Likewise, if you change a page's protection to PAGE_EXECUTE_READWRITE, the page receives PAGE_READWRITE protection.

VirtualProtect cannot be used to change the protection of pages that span different reserved regions. If you have adjoining reserved regions and you want to alter the page protection on the pages within these regions, you must make multiple calls to VirtualProtect.


Previous page
Table of content
Next page
Programming Applications for Microsoft Windows
Programming Applications for Microsoft Windows (Microsoft Programming Series)
ISBN: 1572319968
EAN: 2147483647
Year: 1999
Pages: 193
Authors: Jeffrey Richter
BUY ON AMAZON
Crystal Reports 9 on Oracle (Database Professionals)
Data Structures and Algorithms in Java
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
Oracle SQL*Plus: The Definitive Guide (Definitive Guides)
Cultural Imperative: Global Trends in the 21st Century
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy