Alexandre Julliard : winedump: Added detection of Wine fake dlls.
Alexandre Julliard
julliard at wine.codeweavers.com
Tue Apr 11 07:43:09 CDT 2006
Module: wine
Branch: refs/heads/master
Commit: 1e160c84189360173339238adaf54b87206a7293
URL: http://source.winehq.org/git/?p=wine.git;a=commit;h=1e160c84189360173339238adaf54b87206a7293
Author: Alexandre Julliard <julliard at winehq.org>
Date: Tue Apr 11 12:30:09 2006 +0200
winedump: Added detection of Wine fake dlls.
Also pass the real start of the file to the dump functions, instead of
having the generic code care about the specifics of the individual
file formats.
---
tools/winedump/dump.c | 11 ++++-------
tools/winedump/pe.c | 22 ++++++++++++++++++++--
2 files changed, 24 insertions(+), 9 deletions(-)
diff --git a/tools/winedump/dump.c b/tools/winedump/dump.c
index 91f4b0b..bb8af6d 100644
--- a/tools/winedump/dump.c
+++ b/tools/winedump/dump.c
@@ -161,7 +161,7 @@ static void do_dump( enum FileSig sig, v
pe_dump(pmt);
}
-static enum FileSig check_headers(void** pmt)
+static enum FileSig check_headers(void)
{
WORD* pw;
DWORD* pdw;
@@ -171,13 +171,12 @@ static enum FileSig check_headers(void**
pw = PRD(0, sizeof(WORD));
if (!pw) {printf("Can't get main signature, aborting\n"); return 0;}
- *pmt = NULL;
switch (*pw)
{
case IMAGE_DOS_SIGNATURE:
sig = SIG_DOS;
dh = PRD(0, sizeof(IMAGE_DOS_HEADER));
- if (dh && dh->e_lfanew >= sizeof(*dh)) /* reasonable DOS header ? */
+ if (dh)
{
/* the signature is the first DWORD */
pdw = PRD(dh->e_lfanew, sizeof(DWORD));
@@ -185,7 +184,6 @@ static enum FileSig check_headers(void**
{
if (*pdw == IMAGE_NT_SIGNATURE)
{
- *pmt = PRD(dh->e_lfanew, sizeof(DWORD)+sizeof(IMAGE_FILE_HEADER));
sig = SIG_PE;
}
else if (*(WORD *)pdw == IMAGE_OS2_SIGNATURE)
@@ -231,7 +229,6 @@ int dump_analysis(const char* name, void
enum FileSig effective_sig;
int ret = 1;
struct stat s;
- void* pmt;
setbuf(stdout, NULL);
@@ -249,7 +246,7 @@ int dump_analysis(const char* name, void
if ((unsigned long)read( fd, dump_base, dump_total_len ) != dump_total_len) fatal( "Cannot read file" );
}
- effective_sig = check_headers(&pmt);
+ effective_sig = check_headers();
if (effective_sig == SIG_UNKNOWN)
{
@@ -266,7 +263,7 @@ int dump_analysis(const char* name, void
case SIG_NE:
case SIG_LE:
printf("Contents of \"%s\": %ld bytes\n\n", name, dump_total_len);
- (*fn)(effective_sig, pmt);
+ (*fn)(effective_sig, dump_base);
break;
case SIG_DBG:
dump_separate_dbg();
diff --git a/tools/winedump/pe.c b/tools/winedump/pe.c
index eb70faa..e8ae596 100644
--- a/tools/winedump/pe.c
+++ b/tools/winedump/pe.c
@@ -87,6 +87,22 @@ static void* RVA(unsigned long rva, unsi
return NULL;
}
+static IMAGE_NT_HEADERS32 *get_nt_header( void *pmt )
+{
+ IMAGE_DOS_HEADER *dos = pmt;
+ return (IMAGE_NT_HEADERS32 *)((BYTE *)dos + dos->e_lfanew);
+}
+
+static int is_fake_dll( const void *base )
+{
+ static const char fakedll_signature[] = "Wine placeholder DLL";
+ const IMAGE_DOS_HEADER *dos = base;
+
+ if (dos->e_lfanew >= sizeof(*dos) + sizeof(fakedll_signature) &&
+ !memcmp( dos + 1, fakedll_signature, sizeof(fakedll_signature) )) return TRUE;
+ return FALSE;
+}
+
static void *get_dir_and_size(unsigned int idx, unsigned int *size)
{
if(PE_nt_headers->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC)
@@ -1063,7 +1079,9 @@ void pe_dump(void* pmt)
{
int all = (globals.dumpsect != NULL) && strcmp(globals.dumpsect, "ALL") == 0;
- PE_nt_headers = pmt;
+ PE_nt_headers = get_nt_header(pmt);
+ if (is_fake_dll(pmt)) printf( "*** This is a Wine fake DLL ***\n\n" );
+
if (globals.do_dumpheader)
{
dump_pe_header();
@@ -1145,7 +1163,7 @@ static void do_grab_sym( enum FileSig si
const char* ptr;
DWORD* map;
- PE_nt_headers = pmt;
+ PE_nt_headers = get_nt_header(pmt);
if (!(exportDir = get_dir(IMAGE_FILE_EXPORT_DIRECTORY))) return;
pName = RVA(exportDir->AddressOfNames, exportDir->NumberOfNames * sizeof(DWORD));
More information about the wine-cvs
mailing list