base addresses of kernel32
Andrey Turkin
andrey.turkin at gmail.com
Sun Jul 4 13:47:52 CDT 2010
On Sunday 04 July 2010 22:31:49 Dan Kegel wrote:
> >> the Makefile has:
> >> EXTRADLLFLAGS = -Wb,-F,KERNEL32.dll -Wl,--image-base,0x7b800000
> >
> >Is there a good reason for this? Otherwise, this opens a security
> >vulnerability in Wine that does not exist in Windows....
>
> This is the way Windows worked before Vista.
> (Does Vista actually randomize where even ntdll is?)
>
> BTW our CreateRemoteThread conformance test checks whether
> the module has been loaded at a different address, and skips if it
> has...
http://www.nynaeve.net/?p=198 has a pretty good explanation why certain DLLs
must be loaded at same address; one example why Wine should care is to satisfy
programs injecting code in different processes.
More information about the wine-devel
mailing list