kernel32: Replace Peb->BeingDebugged check by CheckRemoteDebuggerPresent().

Sebastian Lackner sebastian at fds-team.de
Fri Feb 10 10:21:32 CST 2017


From: Dmitry Timoshkov <dmitry at baikal.ru>

misctool.dll from AmiBroker intentionally sets PEB->BeingDebugged
to a random value returned by RDTSC instruction on PROCESS_ATTACH.

Signed-off-by: Dmitry Timoshkov <dmitry at baikal.ru>
Signed-off-by: Sebastian Lackner <sebastian at fds-team.de>
---
 dlls/kernel32/process.c |    6 +++++-
 include/winbase.h       |    1 +
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/dlls/kernel32/process.c b/dlls/kernel32/process.c
index 0cb3d9bdcb7..70c38ebdf0d 100644
--- a/dlls/kernel32/process.c
+++ b/dlls/kernel32/process.c
@@ -1085,6 +1085,7 @@ static inline DWORD call_process_entry( PEB *peb, LPTHREAD_START_ROUTINE entry )
  */
 static DWORD WINAPI start_process( LPTHREAD_START_ROUTINE entry )
 {
+    BOOL being_debugged;
     PEB *peb = NtCurrentTeb()->Peb;
 
     if (!entry)
@@ -1098,8 +1099,11 @@ static DWORD WINAPI start_process( LPTHREAD_START_ROUTINE entry )
         DPRINTF( "%04x:Starting process %s (entryproc=%p)\n", GetCurrentThreadId(),
                  debugstr_w(peb->ProcessParameters->ImagePathName.Buffer), entry );
 
+    if (!CheckRemoteDebuggerPresent( GetCurrentProcess(), &being_debugged ))
+        being_debugged = FALSE;
+
     SetLastError( 0 );  /* clear error code */
-    if (peb->BeingDebugged) DbgBreakPoint();
+    if (being_debugged) DbgBreakPoint();
     return call_process_entry( peb, entry );
 }
 
diff --git a/include/winbase.h b/include/winbase.h
index bf14d790f43..664c7b51b47 100644
--- a/include/winbase.h
+++ b/include/winbase.h
@@ -1737,6 +1737,7 @@ WINBASEAPI BOOL        WINAPI CancelTimerQueueTimer(HANDLE,HANDLE);
 WINBASEAPI BOOL        WINAPI CancelWaitableTimer(HANDLE);
 WINBASEAPI BOOL        WINAPI CheckNameLegalDOS8Dot3A(const char*,char*,DWORD,BOOL*,BOOL*);
 WINBASEAPI BOOL        WINAPI CheckNameLegalDOS8Dot3W(const WCHAR*, char*,DWORD,BOOL*,BOOL*);
+WINBASEAPI BOOL        WINAPI CheckRemoteDebuggerPresent(HANDLE,BOOL*);
 WINBASEAPI BOOL        WINAPI ChangeTimerQueueTimer(HANDLE,HANDLE,ULONG,ULONG);
 WINADVAPI  BOOL        WINAPI CheckTokenMembership(HANDLE,PSID,PBOOL);
 WINBASEAPI BOOL        WINAPI ClearCommBreak(HANDLE);
-- 
2.11.0



More information about the wine-patches mailing list