ntdll: Stub system service requests in i386 mode (Int 2E, SYSENTER, SYSCALL)
Paul Chitescu
paulc at voip.null.ro
Tue Jul 6 12:55:34 CDT 2010
Changelog:
ntdll: Stub system service requests in i386 mode (Int 2E, SYSENTER, SYSCALL)
Some system checkers, antiviruses and protections make direct system service
requests bypassing the Nt... entry points. Oh, and probably some viruses too.
On Linux (at least) SYSCALL is used by the system so we won't have a chance to
see it, it crashes the application.
No idea if this mechanism is used on other architectures and what is the call
convention there.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ntdll_i386_system_service.patch
Type: text/x-patch
Size: 2345 bytes
Desc: not available
URL: <http://www.winehq.org/pipermail/wine-patches/attachments/20100706/ab773d59/attachment.bin>
More information about the wine-patches
mailing list