PROT_EXEC mmap/mprotect, i386 PAE + NX broken, x86-64 2.6.17-rc2
Jesse Allen
the3dfxdude at gmail.com
Sat Apr 22 12:38:14 CDT 2006
On 4/22/06, Marcus Meissner <marcus at jet.franken.de> wrote:
> >
> > Certainly, find it here (261K):
> >
> > http://devzero.co.uk/~alistair/wine/dump.log
>
> This is the section with the entry point in:
>
> 04 .iyhivx VirtSize: 548864 VirtAddr: 401408 0x00062000
> raw data offs: 356352 raw data size: 548864
> relocation offs: 0 relocations: 0
> line # offs: 0 line #'s: 0
> characteristics: 0xc0000040
> INITIALIZED_DATA MEM_READ MEM_WRITE
>
> It is missing the "MEM_EXECUTE" flag.
>
> Try this patch:
>
> Index: dlls/ntdll/virtual.c
> ===================================================================
> RCS file: /home/wine/wine/dlls/ntdll/virtual.c,v
> retrieving revision 1.88
> diff -u -r1.88 virtual.c
> --- dlls/ntdll/virtual.c 8 Apr 2006 18:13:41 -0000 1.88
> +++ dlls/ntdll/virtual.c 22 Apr 2006 12:53:46 -0000
> @@ -1072,6 +1072,12 @@
> if (sec->Characteristics & IMAGE_SCN_MEM_READ) vprot |= VPROT_READ;
> if (sec->Characteristics & IMAGE_SCN_MEM_WRITE) vprot |= VPROT_READ|VPROT_WRITECOPY;
> if (sec->Characteristics & IMAGE_SCN_MEM_EXECUTE) vprot |= VPROT_EXEC;
> +
> + /* Dumb game crack let the AOEP point into a data section. Adjust. */
> + if ( (nt->OptionalHeader.AddressOfEntryPoint >= sec->VirtualAddress) &&
> + (nt->OptionalHeader.AddressOfEntryPoint < sec->VirtualAddress + size)
> + )
> + vprot |= VPROT_EXEC;
> VIRTUAL_SetProt( view, ptr + sec->VirtualAddress, size, vprot );
> }
>
>
> Ciao, Marcus
>
>
>
Here's the unmodified executable:
ftp://resnet.dnip.net/dump.txt
It has MEM_EXECUTE correctly set. I think that loader should be
considered buggy.
Jesse
More information about the wine-devel
mailing list