Valve/Proton
1
0
Fork 0
mirror of https://github.com/ValveSoftware/Proton.git synced 2025-03-15 15:00:19 +03:00
Code Issues Packages Projects Releases Wiki Activity

fixup! lsteamclient: Get memory for SteamClient interface within native steamclient.dll loader range.

Browse Source 
CW-Bug-Id: #19613
This commit is contained in:
Paul Gofman 2021-11-05 17:30:45 +03:00
parent 89b2c527d0
commit 35c88c28d2
1 changed files with 30 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
lsteamclient/steamclient_main.c
View File

@ -233,9 +233,17 @@ void steamclient_free_stringlist(const char **out)
} }
} }
static BYTE *alloc_start, *alloc_end;
static BOOL allocated_from_steamclient_dll( void *ptr )
{
return (BYTE *)ptr >= alloc_start && (BYTE *)ptr < alloc_end;
}
static void *get_mem_from_steamclient_dll(size_t size, unsigned int version) static void *get_mem_from_steamclient_dll(size_t size, unsigned int version)
{ {
static BYTE * const error_ptr = (BYTE *)~(ULONG_PTR)0; static BYTE * const error_ptr = (BYTE *)~(ULONG_PTR)0;
static const unsigned int magic = 0x53ba947a;
static struct static struct
{ {
unsigned int version; unsigned int version;
@ -244,7 +252,7 @@ static void *get_mem_from_steamclient_dll(size_t size, unsigned int version)
} }
allocated[32]; allocated[32];
static unsigned int allocated_count; static unsigned int allocated_count;
static BYTE *alloc_base, *alloc_end; static BYTE *alloc_base;
unsigned int i; unsigned int i;
if (alloc_base == error_ptr) if (alloc_base == error_ptr)
@ -253,6 +261,13 @@ static void *get_mem_from_steamclient_dll(size_t size, unsigned int version)
return NULL; return NULL;
} }
if (alloc_base && (IsBadReadPtr(alloc_start, sizeof(magic)) || *(unsigned int *)alloc_start != magic))
{
TRACE("steamclient.dll reloaded.\n");
alloc_base = alloc_start = alloc_end = NULL;
allocated_count = 0;
}
for (i = 0; i < allocated_count; ++i) for (i = 0; i < allocated_count; ++i)
{ {
if (allocated[i].version == version) if (allocated[i].version == version)
@ -296,9 +311,17 @@ static void *get_mem_from_steamclient_dll(size_t size, unsigned int version)
{ {
if (!memcmp(sec[i].Name, ".data", 5)) if (!memcmp(sec[i].Name, ".data", 5))
{ {
alloc_base = (BYTE *)mod + sec[i].VirtualAddress; alloc_start = alloc_base = (BYTE *)mod + sec[i].VirtualAddress;
alloc_end = alloc_base + sec[i].SizeOfRawData; alloc_end = alloc_base + sec[i].SizeOfRawData;
if (alloc_end - alloc_start < sizeof(magic))
{
ERR(".data section is too small.\n");
alloc_base = error_ptr;
return NULL;
}
TRACE("Found .data section, start %p, end %p.\n", alloc_base, alloc_end); TRACE("Found .data section, start %p, end %p.\n", alloc_base, alloc_end);
*(unsigned int *)alloc_base = magic;
alloc_base += sizeof(unsigned int);
break; break;
} }
} }
@ -533,13 +556,16 @@ void *create_win_interface(const char *name, void *linux_side)
{ {
if (!strcmp(name, constructors[i].iface_version)) if (!strcmp(name, constructors[i].iface_version))
{ {
ret = constructors[i].ctor(linux_side);
if (allocated_from_steamclient_dll(ret))
break;
e = HeapAlloc(GetProcessHeap(), 0, sizeof(*e)); e = HeapAlloc(GetProcessHeap(), 0, sizeof(*e));
e->name = constructors[i].iface_version; e->name = constructors[i].iface_version;
e->linux_side = linux_side; e->linux_side = linux_side;
e->interface = constructors[i].ctor(linux_side); e->interface = ret;
list_add_tail(&steamclient_interfaces, &e->entry); list_add_tail(&steamclient_interfaces, &e->entry);
ret = e->interface;
break; break;
} }
} }