[Bug 24488] New: Kernel32 / Ntdll bug. Injecting code into sub process fails in Wine.
http://bugs.winehq.org/show_bug.cgi?id=24488 Summary: Kernel32 / Ntdll bug. Injecting code into sub process fails in Wine. Product: Wine Version: unspecified Platform: x86 OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown AssignedTo: wine-bugs(a)winehq.org ReportedBy: ron.novy(a)yahoo.com Created an attachment (id=30900) --> (http://bugs.winehq.org/attachment.cgi?id=30900) doFork or code 'injection' test. Wine fails when injecting code into a process created in suspend mode. When trying to access a created process' memory Wine simply does not allow it to be unmapped, written to or even change the process' memory protections. The test case I've attached works on 32bit and 64bit windows systems without changing protections on the target process' memory. An explanation on how it should work is in the Readme.txt file. A possible fix would be to allow writing to memory of a process started in suspend mode, but not on a process that is running. This should allow the code to be copied or 'injected' into the suspended process. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24488 Austin English <austinenglish(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download, testcase -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24488 Dmitry Timoshkov <dmitry(a)codeweavers.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Kernel32 / Ntdll bug. |Injecting code into sub |Injecting code into sub |process fails |process fails in Wine. | --- Comment #1 from Dmitry Timoshkov <dmitry(a)codeweavers.com> 2010-09-22 01:22:29 CDT --- Please specify the Wine version you are using (in the Version field above). What applications are affected by this? -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24488 Ron <ron.novy(a)yahoo.com> changed: What |Removed |Added ---------------------------------------------------------------------------- OS/Version|Linux |All --- Comment #2 from Ron <ron.novy(a)yahoo.com> 2010-09-24 21:57:59 CDT --- (In reply to comment #1)
Please specify the Wine version you are using (in the Version field above).
What applications are affected by this?
Unsure of the version. This issue was reported by a user of the application. We attempted to debug with the user, but the app kept failing in the same place. The code is part of the stub to a packer/unpacker application. This technique was chosen over others because what it allows the unpacker to do. I don't believe there are any current applications affected. The code has not been released except for beta testing. We are currently working on a way to work around this, but we would prefer not to have to make compromises here. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24488 Dmitry Timoshkov <dmitry(a)codeweavers.com> changed: What |Removed |Added ---------------------------------------------------------------------------- OS/Version|All |Linux -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24488 --- Comment #3 from butraxz(a)gmail.com 2013-02-03 10:06:37 CST --- No update for two and half years and download is not available. Is this still an issue in 1.5.23 or higher ? Or should this be closed as abandoned ? -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24488 Ron <ron.novy(a)yahoo.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution| |ABANDONED --- Comment #4 from Ron <ron.novy(a)yahoo.com> 2013-02-03 18:29:11 CST --- Abandoned. It may still work on some 32-bit Windows systems but I'm pretty certain its a security flaw. It was being used to implement a software security feature but it does not work on more modern systems so it was eventually abandoned all together. Would have been nice but could have been dangerous as well. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24488 Ken Sharp <kennybobs(a)o2.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #5 from Ken Sharp <kennybobs(a)o2.co.uk> 2013-03-03 06:34:30 CST --- Closing bugs marked as abandoned. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
participants (1)
-
wine-bugs@winehq.org