[Bug 9685] Punkbuster removes me from game for UNKNOWN WINDOWS API FUNCTION [131124]

wine-bugs at winehq.org wine-bugs at winehq.org
Sat Sep 29 16:50:50 CDT 2007 

http://bugs.winehq.org/show_bug.cgi?id=9685





--- Comment #46 from Anastasius Focht <focht at gmx.net>  2007-09-29 16:50:49 ---
Created an attachment (id=8295)
 --> (http://bugs.winehq.org/attachment.cgi?id=8295)
patch to prevent kernel driver entry point called in LoadLibrary

Hello,

seems some progress has been made last time I visited ;-)

The crash is due to driver entry point being called when winedevice loads the
kernel driver using LoadLibrary().
This is incorrect, although the dll export/import stuff is the same, the entry
point of a kernel driver is special (parameters/signature) and is only to be
called at a certain place within winedevice.

To make minimal intrusive changes, the optional NT headers subsystem flag is
evaluated in "dlls/ntdll/loader.c:alloc_module()" to detect native exectuables.
In that case the entry point field of loaders module structure is not set to
executable entry point.
This prevents accidental calls of entry point during dll events
(attach/detach).

--- snip dlls/ntdll/loader.c ---
static WINE_MODREF *alloc_module( HMODULE hModule, LPCWSTR filename )
{
...
    /* do not setup entry point if kernel driver */
    if( !(nt->OptionalHeader.Subsystem & IMAGE_SUBSYSTEM_NATIVE) &&
         (nt->FileHeader.Characteristics & IMAGE_FILE_DLL))
    {
        wm->ldr.Flags |= LDR_IMAGE_IS_DLL;
        if (nt->OptionalHeader.AddressOfEntryPoint)
            wm->ldr.EntryPoint = (char *)hModule +
nt->OptionalHeader.AddressOfEntryPoint;
    }

...
}
--- snip dlls/ntdll/loader.c ---

Although native executables can have "dll" characteristic flags set too, I
omitted the "wm->ldr.Flags |= LDR_IMAGE_IS_DLL" on purpose to prevent snooping.
It doesnt make sense to snoop on native kmode drivers.

For the uninitiated reader: don't mix "native" with wine's concept of "native"
vs. "builtin" libraries - windows native subsystem executables are a completely
different beast. ;-)

Regards


-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the wine-bugs mailing list