[wdmaudiodev] Win 6.x: PortCls interprets IDmaChannel interface as its own CDmaChannel object

• From: Eugene Muzychenko <eugene@xxxxxxxxxxxxxx>
• To: wdmaudiodev@xxxxxxxxxxxxx
• Date: Sat, 12 May 2012 21:53:27 +0700

Hello!

Found yet another bug in PortCls (Vista & Win7 up to SP1) WavePci
port. In Win 6.x, PortCls has GetMaxMapRegisters function called from
CPortPinWavePci::Init. GetMaxMapRegisters accepts CDmaChannel object
pointer and retrieves m_MaxMapRegisters field value. But
CPortPinWavePci::Init calls this function with a pointer to
IDmaChannel interface returned by IMiniportWavePci::NewStream.

All is OK if IDmaChannel interface represents the CDmaChannel object
created by IPortWavePci::NewMasterDmaChannel. But if miniport driver
implements its own IDmaChannel interface (my driver does that),
GetMaxMapRegisters accesses an arbitrary address and gets an arbitrary
value or generates a page fault.

Regards,
Eugene


******************

WDMAUDIODEV addresses:
Post message: mailto:wdmaudiodev@xxxxxxxxxxxxx
Subscribe:    mailto:wdmaudiodev-request@xxxxxxxxxxxxx?subject=subscribe
Unsubscribe:  mailto:wdmaudiodev-request@xxxxxxxxxxxxx?subject=unsubscribe
Moderator:    mailto:wdmaudiodev-moderators@xxxxxxxxxxxxx

URL to WDMAUDIODEV page:
http://www.wdmaudiodev.com/

Other related posts:

• » [wdmaudiodev] Win 6.x: PortCls interprets IDmaChannel interface as its own CDmaChannel object - Eugene Muzychenko

1. Home
2. wdmaudiodev
3. Archive
4. 05-2012

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---