VirtualAllocEx and MEM_COMMIT without MEM_RESERVE

I'm reviewing the example at http://www.codeproject.com/threads/winspy.asp#section_2 (the third code example within the second section of that webpage). The purpose of the example is to allocate memory in another process' VM space, which can then have a string written to it.

...
pLibRemote = ::VirtualAllocEx( hProcess, NULL, sizeof(szLibPath),
                               MEM_COMMIT, PAGE_READWRITE );
::WriteProcessMemory( hProcess, pLibRemote, (void*)szLibPath,
                      sizeof(szLibPath), NULL );
...

Specifically, I'm wondering why the example works without having to specify MEM_COMMIT | MEM_RESERVE. The VirtualAllocEx documentation states that calling MEM_COMMIT without having reserved first will cause problems. But the code in the example doesn't seem to reserve first.

I'm probably missing something simple.
LVL 4
jimstarAsked:
Who is Participating?
 
jkrConnect With a Mentor Commented:
Actually I was wrong. They are loading the DLL after that. But also, the docs above have been changed, the originals state different things:

Flag
MEM_COMMIT

Meaning
The function allocates actual physical storage in memory or in the paging file on disk for the specified region of memory pages. The function initializes the memory to zero.  
 An attempt to commit a memory page that is already committed does not cause the function to fail. This means that you can commit a range of pages without first determining the current commitment state of each page.
*If a memory page is not yet reserved, setting this flag causes the function to both reserve and commit the memory page.*

(taken from the VC6 docs)

The last sentence IMO makes the behaviour clear, and that's what I also thought it had been like.
0
 
jkrCommented:
It works because the pages (data segment in the remore DLL) are already commited. They aren't adding new pages, they are altering already committed ones. The docs also state "An attempt to commit a page that is already committed does not cause the function to fail. This means that you can commit pages without first determining the current commitment state of each page." (http://msdn2.microsoft.com/en-us/library/aa366890.aspx)
0
 
jimstarAuthor Commented:
>> It works because the pages (data segment in the remore DLL) are already commited. They aren't adding new pages, they are altering already committed ones.

Managing memory allocation outside of malloc/free is still pretty new to me. Could you maybe describe this a little more? I'm having trouble understanding - does VirtualAllocEx always return memory that has been reserved/committed (I'm also new to reserving/committing, so perhaps I'm misunderstanding this too).

I was under the impression that VirtualAllocEx would allocate new memory in the target process. From what you're saying, that's not always the case?

Thanks for the info and patience!
0
 
jimstarAuthor Commented:
Thanks for the clarification. It's weird that the more recent docs on msdn.microsoft.com (built on 9/2007) state that it will fail if you try to commit without reserving (and that you must specify both MEM_RESERVE and MEM_COMMIT). I wonder if they're changing the behavior, or if it's an oversight. It seems like the two doc versions describe different functionality that isn't backwards compatible.

=== http://msdn2.microsoft.com/en-us/library/aa366890.aspx ==

MEM_COMMIT
0x1000
 Allocates physical storage in memory or in the paging file on disk for the specified reserved memory pages. The function initializes the memory to zero.

**To reserve and commit pages in one step, call VirtualAllocEx with MEM_COMMIT | MEM_RESERVE.

**The function fails if you attempt to commit a page that has not been reserved. The resulting error code is ERROR_INVALID_ADDRESS.

An attempt to commit a page that is already committed does not cause the function to fail. This means that you can commit pages without first determining the current commitment state of each page.
 
0
 
jkrCommented:
Well, I guess that this new behaviour is required for Vista (or improves performance there) and they are trying to make people do it that way now...
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.