I think it's actually the second case you mentioned. I'm pasting an excerpt from 'objdump -x' of the dll. The issue happens with bgm.dll from the game "Hotline Miami".
Regards and sorry for the long paste below, Alessandro Pignotti -----------------------------------------------
bgm.dll: formato del file pei-i386 bgm.dll architettura: i386, flag 0x00000103: HAS_RELOC, EXEC_P, D_PAGED indirizzo di partenza 0x6d741000
Characteristics 0x230e executable line numbers stripped symbols stripped 32 bit words debugging information removed DLL
PE File Base Relocations (interpreted .reloc section contents)
Virtual Address: 00001000 Chunk size 268 (0x10c) Number of fixups 130 ... Virtual Address: 00002000 Chunk size 296 (0x128) Number of fixups 144 ... Virtual Address: 00003000 Chunk size 336 (0x150) Number of fixups 164 ... Virtual Address: 00004000 Chunk size 296 (0x128) Number of fixups 144 ... Virtual Address: 00005000 Chunk size 112 (0x70) Number of fixups 52 ... Virtual Address: 00006000 Chunk size 12 (0xc) Number of fixups 2 ... Virtual Address: 00007000 Chunk size 228 (0xe4) Number of fixups 110 ... Virtual Address: 00008000 Chunk size 356 (0x164) Number of fixups 174 ... Virtual Address: 00001000 Chunk size 268 (0x10c) Number of fixups 130 ... Virtual Address: 00002000 Chunk size 296 (0x128) Number of fixups 144 ... Virtual Address: 00003000 Chunk size 336 (0x150) Number of fixups 164 ... Virtual Address: 00004000 Chunk size 296 (0x128) Number of fixups 144 ... Virtual Address: 00005000 Chunk size 112 (0x70) Number of fixups 52 ... Virtual Address: 00006000 Chunk size 12 (0xc) Number of fixups 2 ... Virtual Address: 00007000 Chunk size 228 (0xe4) Number of fixups 110 ... Virtual Address: 00008000 Chunk size 356 (0x164) Number of fixups 174 ...
On 16 May 2013, at 16:34, Jonas Maebe wrote:
On 15 May 2013, at 16:31, Alessandro Pignotti wrote:
Packaged with a game, I found a peculiar DLL which has duplicate blocks in the relocation table. I mean that the same pages are relocated twice and this of course breaks the DLL. I'm not sure about what could be a right way to support such (broken) DLLs. A possibility would be to keep track of already relocated pages and skip them if needed. Suggestions are welcome.
I've just asked a colleague of mine about this and according to him it's perfectly legal in Windows to have multiple relocation blocks for the same section, in which case Windows will also fixup everything twice. So simply ignoring such relocations is normally wrong. Which dll from which game is this?
Addendum: he just realised that you may be talking about multiple base relocation arrays for a single page (arrays that contain the offsets of the instructions that need fixing up), which would indeed be strange. Still, it would be interesting to know which dll it is.
Thanks,
Jonas