Adding protections in map_image

Robert Baruch autophile at starband.net
Sat Dec 15 18:32:50 CST 2001 

Alexandre Julliard wrote:

> Robert Baruch <autophile at starband.net> writes:
> 
> 
>>MapViewOfFileEx is called by MapViewOfFile, DPLAYX_ConstructData,
>>HEAP_CreateSystemHeap, and VXD_Win32s. At this point my eyes began to
>>glaze over. But I forged on with looking MapViewOfFile. GAAAH! That
>>function is referenced in no less than sixteen places!
>>
> 
> But none of these are used to map executable images. The only place we
> do that is from PE_LoadImage, so this is the only call that needs to
> set the protections.


Bummer:

MODULE_LoadLibraryExA calls PE_LoadLibraryExA, which first calls 
PE_LoadImage (which sets protections) and then PE_CreateModule, which 
calls PE_fixup_imports, which causes a protection violation (see trace 
below)!

PE_CreateModule is also called from ELF_LoadLibraryExA, load_library, 
and from start_process.

Maybe the right place to set protections is at the end of PE_CreateModule.

--Rob


trace:module:GetModuleFileNameA J:\targ2001\data\tar2001.exe
trace:module:MODULE_LoadLibraryExA Already loaded module 'USER32.dll' at 
0x40670000, count=3
trace:win32:PE_fixup_imports Microsoft style imports used
trace:win32:PE_fixup_imports --- MessageBoxA USER32.dll.390
trace:win32:MODULE_GetProcAddress (40670000,MessageBoxA)
trace:win32:PE_FindExportedFunction (MessageBoxA)
trace:seh:EXC_RtlRaiseException code=c0000005 flags=0
First chance exception: page fault on write access to 0x75b6903c in 
32-bit code (0x40091b8f).
...
=>0 0x40091b8f (PE_fixup_imports+0x2af(wm=0x40382a68) [pe_image.c:353] 
in libntdll.so) (ebp=405b6a34)
   1 0x40092582 (PE_CreateModule+0x292(hModule=0x75b30000, 
filename=0x403828a8, flags=0x0, hFile=0x30, bu
iltin=0x0) [pe_image.c:717] in libntdll.so) (ebp=405b6ac0)
   2 0x400926d2 (PE_LoadLibraryExA+0x62(name=0x403828a8, flags=0x0) 
[pe_image.c:792] in libntdll.so) (ebp
=405b6ae8)
   3 0x400907fd (MODULE_LoadLibraryExA+0x42d(libname=0x7ffd9cfe, 
hfile=0x0, flags=0x0, name=0x7ffd9cfe, n
ame=0x7ffd9cfe, name=0x7ffd9cfe) [module.c:1477] in libntdll.so) 
(ebp=405b6b2c)

More information about the wine-devel mailing list