[Bug 13915] Oblivon Script Extender (OBSE) fails to start ("privileged instruction")
wine-bugs at winehq.org
wine-bugs at winehq.org
Fri Aug 20 11:51:36 CDT 2010
http://bugs.winehq.org/show_bug.cgi?id=13915
--- Comment #43 from Myk Taylor <myk002 at yahoo.com> 2010-08-20 11:51:34 ---
It appears the the crash is happening in the thread created by
HANDLE thread = CreateRemoteThread(process, NULL, 0,
(LPTHREAD_START_ROUTINE)hookBase, (void *)(hookBase + 5), 0,
NULL);
in the DoInjectDLL function. Sometimes I get a page fault on a valid address,
sometimes on NULL, and sometimes it works perfectly, which kinda indicates a
race condition somewhere.
One of the following lines is going wonky:
HANDLE process = OpenProcess( PROCESS_CREATE_THREAD |
PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE |
PROCESS_VM_READ, FALSE, info->dwProcessId);
UInt32 hookBase = (UInt32)VirtualAllocEx(process, NULL, 8192, MEM_COMMIT,
PAGE_EXECUTE_READWRITE);
UInt32 loadLibraryAAddr =
(UInt32)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
WriteProcessMemory(process, (LPVOID)(hookBase + 5), dllPath, strlen(dllPath) +
1, &bytesWritten);
WriteProcessMemory(process, (LPVOID)(hookBase), hookCode, sizeof(hookCode),
&bytesWritten);
HANDLE thread = CreateRemoteThread(process, NULL, 0,
(LPTHREAD_START_ROUTINE)hookBase, (void *)(hookBase + 5), 0, NULL);
Of course, it could just be that this line is not actually created a suspended
process:
bool result = CreateProcess(
procName,
NULL, // no args
NULL, // default process security
NULL, // default thread security
TRUE, // don't inherit handles
CREATE_SUSPENDED,
NULL, // no new environment
NULL, // no new cwd
&startupInfo, &procInfo) != 0;
which would invalidate the assumptions in DoInjectDLL...
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the wine-bugs
mailing list