[Bug 45550] League of Legends 8.15+ anticheat fails due to incorrect implementation of NtQuerySystemInformation (SystemModuleInformation)
wine-bugs at winehq.org
wine-bugs at winehq.org
Sat Aug 4 11:34:08 CDT 2018
https://bugs.winehq.org/show_bug.cgi?id=45550
Zebediah Figura <z.figura12 at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|League of Legends 8.15+ |League of Legends 8.15+
|crashes due to incorrect |anticheat fails due to
|implementation of |incorrect implementation of
|LdrQueryProcessModules |NtQuerySystemInformation(Sy
| |stemModuleInformation)
--- Comment #40 from Zebediah Figura <z.figura12 at gmail.com> ---
(In reply to Andrew Wesie from comment #39)
> (In reply to Zebediah Figura from comment #38)
> > How do you come by this conclusion? When running a simple test I only see
> > user-space DLLs listed.
>
> I modified the ntdll info test to print the output of
> NtQuerySystemInformation(SystemModuleInformation, ...). The implementation
> of this on Wine calls LdrQueryProcessModuleInformation. It may be the case
> that what is wrong is the fact that SystemModuleInformation calls
> LdrQueryProcessModuleInformation.
>
> Testing on Windows XP and Windows 10, I only see kernel modules listed from
> the output of NtQuerySystemInformation(SystemModuleInformation, ...).
>
> If your testing shows that LdrQueryProcessModuleInformation is correct, then
> a better patch would be to make NtQuerySystemInformation not call
> LdrQueryProcessModuleInformation.
Yep, it looks like it. (Interestingly SystemModuleInformation does actually
yield a large number of user-space DLLs, but they're clearly not the DLLs that
are loaded into the process in question.)
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list