eric pouech (@epo) commented about dlls/kernel32/toolhelp.c:
&pbi, sizeof(pbi), NULL ))) { - if (ReadProcessMemory( hProcess, &pbi.PebBaseAddress->LdrData, - &pLdrData, sizeof(pLdrData), NULL ) && - ReadProcessMemory( hProcess, - &pLdrData->InLoadOrderModuleList.Flink, - &curr, sizeof(curr), NULL )) + if (!ReadProcessMemory( hProcess, &pbi.PebBaseAddress->LdrData, + &pLdrData, sizeof(pLdrData), NULL ) || + (pLdrData && !ReadProcessMemory( hProcess, &pLdrData->InLoadOrderModuleList.Flink, + &curr, sizeof(curr), NULL ))) + { + goto out; + } + + /* pLdrData is NULL on "old" wow64. Don't fail, just return an empty modules list. */
IIRC, this is likely only the case when the calling process is a 32bit querying 64 bit modules into a 64 bit process so the comment is a bit misleading and as this case doesn't exist on Windows, we can decide which behavior to adopt; I'd suggest to return the same value as on new wow (didn't check if it's an error or an empty list) -- https://gitlab.winehq.org/wine/wine/-/merge_requests/9371#note_124430