After reserving and committing a page in a client process with the following code:
LPBYTE p = (LPBYTE) VirtualAllocEx(hClientProc, NULL, 0x1000, MEM_COMMIT, PAGE_READWRITE);
You cannot simply write to *p with the following code:
You cannot write to *p directly because the address in the client process's virtual memory is not directly accessible. To read/write to the memory pointed by the pointer returned, use ReadProcessMemory and WriteProcessMemory. For example:
WriteProcessMemory(hClientProc, p, &whatever, 1, &cbReturned);
The following flProtect flags are not supported:
- PAGE_WRITECOPY
- PAGE_EXECUTE_WRITECOPY
VirtualAlloc can perform the following operations:
- Commit a region of pages reserved by a previous call to the VirtualAlloc function.
- Reserve a region of free pages.
- Reserve and commit a region of free pages.
You can use VirtualAlloc to reserve a block of pages and then make additional calls to VirtualAlloc to commit individual pages from the reserved block. This enables a process to reserve a range of its virtual address space without consuming physical storage until it is needed.
Each page in the virtual address space of the process is in one of three states:
- Free, in which the page is not committed or reserved and is not accessible to the process. VirtualAlloc can reserve, or simultaneously reserve and commit, a free page.
- Reserved, in which the range of addresses cannot be used by other allocation functions, but the page is not accessible and has no physical storage associated with it. VirtualAlloc can commit a reserved page, but it cannot reserve it a second time. The VirtualFree function can release a reserved page, making it a free page.
- Committed, in which physical storage is allocated for the page, and access is controlled by a protection code.
The system initializes and loads each committed page into physical memory only at the first attempt to read or write to that page. When the process terminates, the system releases the storage for committed pages.
VirtualAlloc can commit an already committed page. This means you can commit a range of pages, regardless of whether they have been committed, and the function will not fail.
VirtualFree can decommit a committed page, releasing the page's storage, or it can simultaneously decommit and release a committed page.
If the lpAddress parameter is not NULL, the function uses the lpAddress and dwSize parameters to compute the region of pages to be allocated.
The current state of the entire range of pages must be compatible with the type of allocation specified by the flAllocationType parameter. Otherwise, the function fails and no pages are allocated. This compatibility requirement does not preclude committing an already committed page.
Before Windows Embedded CE 6.0 , if you call VirtualAlloc with dwSize >= 2 MB, flAllocationType set to MEM_RESERVE, and flProtect set to PAGE_NOACCESS, it automatically reserves memory at the shared memory region. This preserves per-process virtual memory.
.gif) Security Note: |
|---|
| Memory in a shared memory region is readable and writable by other processes on the system. You must not store confidential information in those regions, and must validate any data read out of them. |