https://bugs.winehq.org/show_bug.cgi?id=49946
Bug ID: 49946 Summary: Themida-packed application crashing on multi-hop import forward Product: Wine Version: 5.18 Hardware: x86 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: oleaut32 Assignee: wine-bugs@winehq.org Reporter: heisenberg@croosade.com Regression SHA1: f26b1f0392714891bbd8c603de072818cc65e45f Distribution: ArchLinux
I'm dealing with a packed application that imports functions from oleaut32.dll. Specifically, it uses GetErrorInfo and SetErrorInfo.
In the commit mentioned in this issue, SetErrorInfo was moved from ole32.dll into combase.dll. This is fine, because Microsoft did the same in NT 6. However Wine now has the situation that we have a forward chain of oleaut32.SetErrorInfo -> ole32.SetErrorInfo -> combase.SetErrorInfo. I believe the packer that was applied to the application I'm trying to run cannot deal with this situation. The first hop goes fine, however for the next one, the actual function address is not resolved. It ends up literally jumping into the "combase.SetErrorInfo" string, which of course causes the program to crash unrecoverably.
The application was running fine up until Wine 5.15. Wine 5.16 was the first version that incorporated the function move commits, and I've been experiencing this crash ever since.
As a workaround, I tried recompiling oleaut32 with the forwards in oleaut32.spec replaced to directly point to combase instead of hopping through ole32 first. This immediately fixed the crash. Apart from SetErrorInfo this should also affect GetErrorInfo and CreateErrorInfo since they have the same chain now. I'm not submitting a patch because I'm not sure if simply changing them this way may have other side effects.