[Bug 46251] New: some (all?) crinkler compressed executables crash because they parse in-memory DLL export tables
wine-bugs at winehq.org
wine-bugs at winehq.org
Thu Dec 6 12:48:02 CST 2018
https://bugs.winehq.org/show_bug.cgi?id=46251
Bug ID: 46251
Summary: some (all?) crinkler compressed executables crash
because they parse in-memory DLL export tables
Product: Wine
Version: 3.21
Hardware: x86
OS: Linux
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: kernel32
Assignee: wine-bugs at winehq.org
Reporter: p2 at psychaos.be
Distribution: ---
Created attachment 62950
--> https://bugs.winehq.org/attachment.cgi?id=62950
crash dump and disassembly of decompressor and symbol resolver
Some crinkler compressed executables crash when building the imported symbol
table. The routine which does this relies on parsing the in-memory copy of
KERNEL32.DLL first to retrieve the address for LoadModuleA. This is later used
to load other DLLs. Symbol name matching is done using a hash function. The
executable only stores the hashes of the symbols it wants to import. For each
symbol has in the executable, the symbol resolver routine iterates over all
exported symbol names of the DLL and stores the symbol address if the hashes
match.
The symbol resolver routine crashes because it seems the in-memory copy of
KERNEL32.DLL does not have a exported symbol names table.
Attached:
winhello_asm.txt: the crash dump and a dissassembly of both the decompressor
and the symbol resolver.
winhello.zip: source code for the trivial program, obj file, normally linked
executable (winhello.exe), crinkler linked executable (winhello_cr.exe)_and the
msvcrt.lib as recommended by the crinkler manual. Toolchain used was VS2013
community edition.
crinker can be found here: http://crinkler.net/
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list