[PATCH 2/3] ntdll: Leave some space around DbgBreakPoint and DbgUserBreakPoint.

Rémi Bernon rbernon at codeweavers.com
Tue Jun 23 03:18:53 CDT 2020 

On 2020-06-22 23:27, Rémi Bernon wrote:
> CoD: Black Ops 3 and CoD: WWII modify these (and several others) and
> expect to have enough space for a few instructions.
> 
> It then verifies later that the patches are still in place, and
> terminates if the byte sequence do not match. Having small symbols can
> make the patches to overlap and the check to fail.
> 
> Signed-off-by: Rémi Bernon <rbernon at codeweavers.com>
> ---
>   dlls/ntdll/signal_arm64.c  | 4 ++--
>   dlls/ntdll/signal_i386.c   | 4 ++--
>   dlls/ntdll/signal_x86_64.c | 4 ++--
>   3 files changed, 6 insertions(+), 6 deletions(-)
> 
> diff --git a/dlls/ntdll/signal_arm64.c b/dlls/ntdll/signal_arm64.c
> index 0159888f7ab..10cbb7c131a 100644
> --- a/dlls/ntdll/signal_arm64.c
> +++ b/dlls/ntdll/signal_arm64.c
> @@ -1358,12 +1358,12 @@ USHORT WINAPI RtlCaptureStackBackTrace( ULONG skip, ULONG count, PVOID *buffer,
>   /**********************************************************************
>    *              DbgBreakPoint   (NTDLL.@)
>    */
> -__ASM_STDCALL_FUNC( DbgBreakPoint, 0, "brk #0; ret")
> +__ASM_STDCALL_FUNC( DbgBreakPoint, 0, "brk #0; ret\n\t.nops 16")
>   
>   /**********************************************************************
>    *              DbgUserBreakPoint   (NTDLL.@)
>    */
> -__ASM_STDCALL_FUNC( DbgUserBreakPoint, 0, "brk #0; ret")
> +__ASM_STDCALL_FUNC( DbgUserBreakPoint, 0, "brk #0; ret\n\t.nops 16")
>   
>   /**********************************************************************
>    *           NtCurrentTeb   (NTDLL.@)
> diff --git a/dlls/ntdll/signal_i386.c b/dlls/ntdll/signal_i386.c
> index 21cc1b3ead4..e050b87257d 100644
> --- a/dlls/ntdll/signal_i386.c
> +++ b/dlls/ntdll/signal_i386.c
> @@ -565,12 +565,12 @@ USHORT WINAPI RtlCaptureStackBackTrace( ULONG skip, ULONG count, PVOID *buffer,
>   /**********************************************************************
>    *		DbgBreakPoint   (NTDLL.@)
>    */
> -__ASM_STDCALL_FUNC( DbgBreakPoint, 0, "int $3; ret")
> +__ASM_STDCALL_FUNC( DbgBreakPoint, 0, "int $3; ret\n\t.nops 16")
>   
>   /**********************************************************************
>    *		DbgUserBreakPoint   (NTDLL.@)
>    */
> -__ASM_STDCALL_FUNC( DbgUserBreakPoint, 0, "int $3; ret")
> +__ASM_STDCALL_FUNC( DbgUserBreakPoint, 0, "int $3; ret\n\t.nops 16")
>   
>   /**********************************************************************
>    *           NtCurrentTeb   (NTDLL.@)
> diff --git a/dlls/ntdll/signal_x86_64.c b/dlls/ntdll/signal_x86_64.c
> index 52f7b73f8bf..3bae66be188 100644
> --- a/dlls/ntdll/signal_x86_64.c
> +++ b/dlls/ntdll/signal_x86_64.c
> @@ -2751,11 +2751,11 @@ USHORT WINAPI RtlCaptureStackBackTrace( ULONG skip, ULONG count, PVOID *buffer,
>   /**********************************************************************
>    *		DbgBreakPoint   (NTDLL.@)
>    */
> -__ASM_STDCALL_FUNC( DbgBreakPoint, 0, "int $3; ret")
> +__ASM_STDCALL_FUNC( DbgBreakPoint, 0, "int $3; ret\n\t.nops 64")
>   
>   /**********************************************************************
>    *		DbgUserBreakPoint   (NTDLL.@)
>    */
> -__ASM_STDCALL_FUNC( DbgUserBreakPoint, 0, "int $3; ret")
> +__ASM_STDCALL_FUNC( DbgUserBreakPoint, 0, "int $3; ret\n\t.nops 64")
>   
>   #endif  /* __x86_64__ */
> 

So apparently old binutils like what's used in default Proton build 
doesn't know about .nops, I guess it could be .fill, or possibly .align 
before and after the int.
-- 
Rémi Bernon <rbernon at codeweavers.com>

More information about the wine-devel mailing list