Merge branch 'master' into master

KSystemInformer/vm.c

@@ -227,9 +227,7 @@ NTSTATUS KphReadVirtualMemory(
 
     if (AccessMode != KernelMode)
     {
-        if ((Add2Ptr(BaseAddress, BufferSize) < BaseAddress) ||
-            (Add2Ptr(Buffer, BufferSize) < Buffer) ||
-            (Add2Ptr(Buffer, BufferSize) > MmHighestUserAddress))
+        if (Add2Ptr(BaseAddress, BufferSize) < BaseAddress)
         {
             status = STATUS_ACCESS_VIOLATION;
             goto Exit;

SystemInformer/include/phsettings.h

@@ -45,6 +45,8 @@ EXT BOOLEAN PhEnableLinuxSubsystemSupport;
 EXT BOOLEAN PhEnableNetworkResolveDoHSupport;
 EXT BOOLEAN PhEnableVersionShortText;
 EXT BOOLEAN PhEnableDeferredLayout;
+EXT BOOLEAN PhEnableKsiWarnings;
+EXT BOOLEAN PhEnableKsiSupport;
 
 EXT ULONG PhCsForceNoParent;
 EXT ULONG PhCsHighlightingDuration;

SystemInformer/ksisup.c

@@ -201,7 +201,7 @@ VOID PhShowKsiStatus(
 {
     KPH_PROCESS_STATE processState;
 
-    if (!PhGetIntegerSetting(L"KsiEnableWarnings") || PhStartupParameters.PhSvc)
+    if (!PhEnableKsiWarnings || PhStartupParameters.PhSvc)
         return;
 
     processState = KphGetCurrentProcessState();
@@ -254,6 +254,7 @@ VOID PhShowKsiStatus(
             PhGetString(infoString)
             ))
         {
+            PhEnableKsiWarnings = FALSE;
             PhSetIntegerSetting(L"KsiEnableWarnings", FALSE);
         }
 
@@ -279,7 +280,7 @@ VOID PhpShowKsiMessage(
     PPH_STRING messageString;
     ULONG processState;
 
-    if (!Force && !PhGetIntegerSetting(L"KsiEnableWarnings") || PhStartupParameters.PhSvc)
+    if (!Force && !PhEnableKsiWarnings || PhStartupParameters.PhSvc)
         return;
 
     versionString = PhGetApplicationVersionString(FALSE);
@@ -351,7 +352,7 @@ VOID PhpShowKsiMessage(
         PhAppendStringBuilder2(&stringBuilder, L"\r\n");
     }
 
-    if (Force && !PhGetIntegerSetting(L"KsiEnableWarnings"))
+    if (Force && !PhEnableKsiWarnings)
     {
         PhAppendStringBuilder2(&stringBuilder, L"Driver warnings are disabled.");
         PhAppendStringBuilder2(&stringBuilder, L"\r\n");
@@ -384,6 +385,7 @@ VOID PhpShowKsiMessage(
             PhGetString(messageString)
             ))
         {
+            PhEnableKsiWarnings = FALSE;
             PhSetIntegerSetting(L"KsiEnableWarnings", FALSE);
         }
     }

SystemInformer/main.c

@@ -173,10 +173,8 @@ INT WINAPI wWinMain(
         }
     }
 
-    if (PhGetIntegerSetting(L"KsiEnable") &&
-        !PhStartupParameters.NoKph &&
-        !PhStartupParameters.ShowOptions &&
-        !PhIsExecutingInWow64())
+    if (PhEnableKsiSupport &&
+        !PhStartupParameters.ShowOptions)
     {
         PhInitializeKsi();
     }
@@ -252,9 +250,7 @@ INT WINAPI wWinMain(
         PhSetProcessPriority(NtCurrentProcess(), priorityClass);
     }
 
-    if (PhGetIntegerSetting(L"KsiEnable") &&
-        !PhStartupParameters.NoKph &&
-        !PhIsExecutingInWow64())
+    if (PhEnableKsiSupport)
     {
         PhShowKsiStatus();
     }
@@ -273,9 +269,7 @@ INT WINAPI wWinMain(
 
     PhEnableTerminationPolicy(FALSE);
 
-    if (PhGetIntegerSetting(L"KsiEnable") &&
-        !PhStartupParameters.NoKph &&
-        !PhIsExecutingInWow64())
+    if (PhEnableKsiSupport)
     {
         PhCleanupKsi();
     }
@@ -1206,6 +1200,8 @@ VOID PhpInitializeSettings(
     PhEnableServiceNonPoll = !!PhGetIntegerSetting(L"EnableServiceNonPoll");
     PhEnableServiceNonPollNotify = !!PhGetIntegerSetting(L"EnableServiceNonPollNotify");
     PhServiceNonPollFlushInterval = PhGetIntegerSetting(L"NonPollFlushInterval");
+    PhEnableKsiSupport = !!PhGetIntegerSetting(L"KsiEnable") && !PhStartupParameters.NoKph && !PhIsExecutingInWow64();
+    PhEnableKsiWarnings = !!PhGetIntegerSetting(L"KsiEnableWarnings");
 
     if (PhGetIntegerSetting(L"SampleCountAutomatic"))
     {

phlib/mapldr.c

@@ -1279,6 +1279,8 @@ VOID PhLoaderEntryGrantSuppressedCall(
             PhLoaderEntryCacheHashtable = PhCreateSimpleHashtable(10);
             PhGuardGrantSuppressedCallAccess(NtCurrentProcess(), NtSetInformationVirtualMemory_Import());
         }
+
+        return;
     }
 
     if (PhLoaderEntryCacheHashtable && !PhFindItemSimpleHashtable(PhLoaderEntryCacheHashtable, ExportAddress))

phlib/native.c

@@ -17950,6 +17950,11 @@ NTSTATUS PhGuardGrantSuppressedCallAccess(
     CFG_CALL_TARGET_LIST_INFORMATION cfgCallTargetListInfo;
     ULONG numberOfEntriesProcessed = 0;
 
+    if (!NtSetInformationVirtualMemory_Import())
+        return STATUS_PROCEDURE_NOT_FOUND;
+    if (VirtualAddress == (PVOID)MAXULONG_PTR)
+        return STATUS_SUCCESS;
+
     memset(&cfgCallTargetRangeInfo, 0, sizeof(MEMORY_RANGE_ENTRY));
     cfgCallTargetRangeInfo.VirtualAddress = PAGE_ALIGN(VirtualAddress);
     cfgCallTargetRangeInfo.NumberOfBytes = PAGE_SIZE;
@@ -17964,7 +17969,7 @@ NTSTATUS PhGuardGrantSuppressedCallAccess(
     cfgCallTargetListInfo.NumberOfEntriesProcessed = &numberOfEntriesProcessed;
     cfgCallTargetListInfo.CallTargetInfo = &cfgCallTargetInfo;
 
-    status = NtSetInformationVirtualMemory(
+    status = NtSetInformationVirtualMemory_Import()(
         ProcessHandle,
         VmCfgCallTargetInformation,
         1,
@@ -17991,6 +17996,9 @@ NTSTATUS PhDisableXfgOnTarget(
     CFG_CALL_TARGET_LIST_INFORMATION cfgCallTargetListInfo;
     ULONG numberOfEntriesProcessed = 0;
 
+    if (!NtSetInformationVirtualMemory_Import())
+        return STATUS_PROCEDURE_NOT_FOUND;
+
     memset(&cfgCallTargetRangeInfo, 0, sizeof(MEMORY_RANGE_ENTRY));
     cfgCallTargetRangeInfo.VirtualAddress = PAGE_ALIGN(VirtualAddress);
     cfgCallTargetRangeInfo.NumberOfBytes = PAGE_SIZE;
@@ -18005,7 +18013,7 @@ NTSTATUS PhDisableXfgOnTarget(
     cfgCallTargetListInfo.NumberOfEntriesProcessed = &numberOfEntriesProcessed;
     cfgCallTargetListInfo.CallTargetInfo = &cfgCallTargetInfo;
 
-    status = NtSetInformationVirtualMemory(
+    status = NtSetInformationVirtualMemory_Import()(
         ProcessHandle,
         VmCfgCallTargetInformation,
         1,