[Bug 40800] Montezuma's Return crash on startup.

Mon Oct 31 04:10:18 CDT 2016

https://bugs.winehq.org/show_bug.cgi?id=40800

Dmitry Timoshkov <dmitry at baikal.ru> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |NEW
     Ever confirmed|0                           |1

--- Comment #4 from Dmitry Timoshkov <dmitry at baikal.ru> ---
The application contains a custom imports resolver which gets called at
the start of the execution. Since the IAT (the imports table) has been
already processed by the PE loader custom imports resolver tries to access
the addresses calculated from the PE import thunks and that leads to an
access violation because the relative virtual addresses there have been
already replaced by real addresses of the imported APIs.

There is an interesting detail about the process: the application uses
ReadProcessMemory() in order to read the IAT before resolving its contents
(instead of a straight memcpy() or accessing the IAT directly in memory),
perhaps win9x returns original mapped PE file contents in that case, making
this technique work.

Probably it's possible to add a hack to ReadProcessMemory() to read
the mapped file contents in order to emulate win9x behaviour, but I'd
suggest to try writing a simple test app to confirm my theory first.

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.