VirtualProtectFromApp function (memoryapi.h)
Changes the protection on a region of committed pages in the virtual address space of the calling process.
Syntax
BOOL VirtualProtectFromApp(
[in] PVOID Address,
[in] SIZE_T Size,
[in] ULONG NewProtection,
[out] PULONG OldProtection
);
Parameters
[in] Address
A pointer an address that describes the starting page of the region of pages whose access protection attributes are to be changed.
All pages in the specified region must be within the same reserved region allocated when calling the VirtualAlloc, VirtualAllocFromApp, or VirtualAllocEx function using MEM_RESERVE. The pages cannot span adjacent reserved regions that were allocated by separate calls to VirtualAlloc, VirtualAllocFromApp, or VirtualAllocEx using MEM_RESERVE.
[in] Size
The size of the region whose access protection attributes are to be changed, in bytes. The region of
affected pages includes all pages containing one or more bytes in the range from the
Address parameter to
(Address+Size)
. This means that a 2-byte range
straddling a page boundary causes the protection attributes of both pages to be changed.
[in] NewProtection
The memory protection option. This parameter can be one of the memory protection constants.
For mapped views, this value must be compatible with the access protection specified when the view was mapped (see MapViewOfFile, MapViewOfFileEx, and MapViewOfFileExNuma).
The following constants generate an error:
- PAGE_EXECUTE_READWRITE
- PAGE_EXECUTE_WRITECOPY
- PAGE_EXECUTE
- PAGE_EXECUTE_READ
[out] OldProtection
A pointer to a variable that receives the previous access protection value of the first page in the specified region of pages. If this parameter is NULL or does not point to a valid variable, the function fails.
Return value
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error information, call GetLastError.
Remarks
You can call VirtualProtectFromApp from Windows Store apps with just-in-time (JIT) capabilities to use JIT functionality. The app must include the codeGeneration capability in the app manifest file to use JIT capabilities.
You can set the access protection value on committed pages only. If the state of any page in the specified region is not committed, the function fails and returns without modifying the access protection of any pages in the specified region.
The PAGE_GUARD protection modifier establishes guard pages. Guard pages act as one-shot access alarms. For more information, see Creating Guard Pages.
It is best to avoid using VirtualProtectFromApp to change page protections on memory blocks allocated by GlobalAlloc, HeapAlloc, or LocalAlloc, because multiple memory blocks can exist on a single page. The heap manager assumes that all pages in the heap grant at least read and write access.
VirtualProtectFromApp allows you to mark pages as executable, but does not allow you to set both write and execute permissions at the same time.
When protecting a region that will be executable, the calling program bears responsibility for ensuring cache coherency via an appropriate call to FlushInstructionCache once the code has been set in place. Otherwise attempts to execute code out of the newly executable region may produce unpredictable results.
Requirements
Requirement | Value |
---|---|
Minimum supported client | Windows 10 [desktop apps | UWP apps] |
Minimum supported server | Windows Server 2016 [desktop apps | UWP apps] |
Target Platform | Windows |
Header | memoryapi.h (include Windows.h) |
Library | WindowsApp.lib |
DLL | Kernel32.dll |