Adding protections in map_image
Robert Baruch
autophile at starband.net
Sat Dec 15 18:32:50 CST 2001
Alexandre Julliard wrote:
> Robert Baruch <autophile at starband.net> writes:
>
>
>>MapViewOfFileEx is called by MapViewOfFile, DPLAYX_ConstructData,
>>HEAP_CreateSystemHeap, and VXD_Win32s. At this point my eyes began to
>>glaze over. But I forged on with looking MapViewOfFile. GAAAH! That
>>function is referenced in no less than sixteen places!
>>
>
> But none of these are used to map executable images. The only place we
> do that is from PE_LoadImage, so this is the only call that needs to
> set the protections.
Bummer:
MODULE_LoadLibraryExA calls PE_LoadLibraryExA, which first calls
PE_LoadImage (which sets protections) and then PE_CreateModule, which
calls PE_fixup_imports, which causes a protection violation (see trace
below)!
PE_CreateModule is also called from ELF_LoadLibraryExA, load_library,
and from start_process.
Maybe the right place to set protections is at the end of PE_CreateModule.
--Rob
trace:module:GetModuleFileNameA J:\targ2001\data\tar2001.exe
trace:module:MODULE_LoadLibraryExA Already loaded module 'USER32.dll' at
0x40670000, count=3
trace:win32:PE_fixup_imports Microsoft style imports used
trace:win32:PE_fixup_imports --- MessageBoxA USER32.dll.390
trace:win32:MODULE_GetProcAddress (40670000,MessageBoxA)
trace:win32:PE_FindExportedFunction (MessageBoxA)
trace:seh:EXC_RtlRaiseException code=c0000005 flags=0
First chance exception: page fault on write access to 0x75b6903c in
32-bit code (0x40091b8f).
...
=>0 0x40091b8f (PE_fixup_imports+0x2af(wm=0x40382a68) [pe_image.c:353]
in libntdll.so) (ebp=405b6a34)
1 0x40092582 (PE_CreateModule+0x292(hModule=0x75b30000,
filename=0x403828a8, flags=0x0, hFile=0x30, bu
iltin=0x0) [pe_image.c:717] in libntdll.so) (ebp=405b6ac0)
2 0x400926d2 (PE_LoadLibraryExA+0x62(name=0x403828a8, flags=0x0)
[pe_image.c:792] in libntdll.so) (ebp
=405b6ae8)
3 0x400907fd (MODULE_LoadLibraryExA+0x42d(libname=0x7ffd9cfe,
hfile=0x0, flags=0x0, name=0x7ffd9cfe, n
ame=0x7ffd9cfe, name=0x7ffd9cfe) [module.c:1477] in libntdll.so)
(ebp=405b6b2c)
More information about the wine-devel
mailing list