{"id":97656,"date":"2017-12-27T07:00:00","date_gmt":"2017-12-27T22:00:00","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/oldnewthing\/?p=97656"},"modified":"2019-03-13T01:21:29","modified_gmt":"2019-03-13T08:21:29","slug":"20171227-00","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/oldnewthing\/20171227-00\/?p=97656","title":{"rendered":"Why do I have to pass a valid page protection value to VirtualAlloc even if it ignores it?"},"content":{"rendered":"<p>The <code>Virtual&shy;Alloc<\/code> function accepts a <code>flProtect<\/code> value, and even though the value is not used by <code>MEM_<\/code><code>RESET<\/code> or <code>MEM_<\/code><code>RESET_<\/code><code>UNDO<\/code>, you still have to pass a valid value. (The documentation suggests <code>PAGE_<\/code><code>NO&shy;ACCESS<\/code>.) <\/p>\n<p>Why do you have to pass a valid value even if the system doesn&#8217;t use it? <\/p>\n<p>This is an artifact of how the front-end parameter validation is done. The <code>Virtual&shy;Alloc<\/code> function does parameter validation by checking each parameter individually to confirm that the value is among the valid values. <\/p>\n<p>For <code>flAllocationType<\/code> the code makes sure that a valid combination of flags is passed. <\/p>\n<p>For <code>flProtect<\/code>, the code makes sure that the page protection value is one of the valid values. <\/p>\n<p>This validation is not contextual, however. When the <code>Virtual&shy;Alloc<\/code> function validates the <code>flProtect<\/code> parameter, it doesn&#8217;t take the <code>flAllocationType<\/code> into account. <\/p>\n<p>After the front-end validation is done, the code starts breaking down the cases and performs additional validation as necessary. <\/p>\n<p>But what you don&#8217;t see is a parameter validation short-circuit. <\/p>\n<p>So by the time the code realizes that it&#8217;s in a case where the <code>flProtect<\/code> value is not used, it has already validated it. <\/p>\n<p>So make sure your parameters are valid, even if you&#8217;re calling the function in a way where the parameter is not used. <\/p>\n<p><b>Bonus chatter<\/b>: You would think that the <code>flProtect<\/code> would not be used when reserving address space with <code>MEM_<\/code><code>RESERVE<\/code>, but you&#8217;d be wrong. If reserving regular address space, then the protection should be <code>PAGE_<\/code><code>NO&shy;ACCESS<\/code>. This first rule isn&#8217;t surprising. If you are reserving the space but haven&#8217;t allocated anything yet, then naturally you don&#8217;t have access to anything there, since there&#8217;s nothing there to access. <\/p>\n<p>The odd bit is that if you are reserving address space for Address Windowing Extensions (AWE), then your allocation type is <code>MEM_<\/code><code>RESERVE | MEM_<\/code><code>PHYSICAL<\/code>, and the protection must be <code>PAGE_<\/code><code>READ&shy;WRITE<\/code>. Yes, there&#8217;s no memory there yet, but you still have read\/write access to it. (I don&#8217;t know what that means either, but that&#8217;s the rule.) <\/p>\n","protected":false},"excerpt":{"rendered":"<p>It ignores it, after it validates it.<\/p>\n","protected":false},"author":1069,"featured_media":111744,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[25],"class_list":["post-97656","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-oldnewthing","tag-code"],"acf":[],"blog_post_summary":"<p>It ignores it, after it validates it.<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/97656","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/users\/1069"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/comments?post=97656"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/97656\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media\/111744"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media?parent=97656"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/categories?post=97656"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/tags?post=97656"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}