https://bugs.winehq.org/show_bug.cgi?id=44658
Bug ID: 44658 Summary: Custom Win7+ APIset lookup/resolver tool relies on presence of 'ApiSetMap' field in PEB Product: Wine Version: 3.3 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: ntdll Assignee: wine-bugs@winehq.org Reporter: focht@gmx.net Distribution: ---
Hello folks,
to track the following Wine-Staging patchset just for the memes ;-)
https://github.com/wine-staging/wine-staging/tree/master/patches/ntdll-ApiSe...
Tracing the origin to Wine-Staging issue tracker:
https://dev.wine-staging.com/patches/91/
--- quote --- I found an application which tries to enumerate the loaded apisets by using the PEB. This patch adds a dummy struct so that the application does no longer crash. The definition should match the one for Win 7/8. As usual Microsoft changed the format in newer windows versions again ;-). --- quote ---
Ohhhh-kay?
I found some useful information at Geoff Chappell's site:
https://www.geoffchappell.com/studies/windows/win32/apisetschema/index.htm
https://www.geoffchappell.com/studies/windows/win32/ntdll/structs/peb/index....
Nice illustration:
https://www.cylance.com/en_us/blog/universal-unhooking-blinding-security-sof... (in 'API Set Schema' section)
An example application which makes use of this (source only):
https://gist.github.com/lucasg/9aa464b95b4b7344cb0cddbdb4214b25#file-apisetl...
It also has a small test suite.
$ wine --version wine-3.3
Regards