Hallo,
e.g. with the MFC libraries the snoop option crashes quite often, while without snoop the programm proceeds some more. Digging deeper for the crash in msdev.exe, I saw that a library has exported DATA entries mixed into the codesegment. Our snoop loader only checks for DATA entries in the PE DATA section and so happyly overwrites data. It seems that most exported DATA entries have a decorated name ending in @A or @B and by handling entries with that ending as DATA, the crash with msdev.exe happens at the same place with or without snoop.
Appended patch does this hacky search for DATA entries.
However I like to ask if there are other methods of distinguishing DATA and function references? Could the PE loader perhaps know? Or can we perhaps protect our snoop entries from being read as data and catch those exceptions? Any other idea?
Bye
Changelog: relay32/snoop.c: SNOOP_GetProcAddress Don't snoop on names ending in "@A" and "@B", they seem to be DATA entries. Uwe Bonnes bon@elektron.ikp.physik.tu-darmstadt.de
Free Software: If you contribute nothing, expect nothing -- Index: wine/relay32/snoop.c =================================================================== RCS file: /home/wine/wine/relay32/snoop.c,v retrieving revision 1.45 diff -u -r1.45 snoop.c --- wine/relay32/snoop.c 24 Jul 2001 21:45:24 -0000 1.45 +++ wine/relay32/snoop.c 13 Aug 2001 19:51:42 -0000 @@ -158,7 +158,7 @@ SNOOP_GetProcAddress(HMODULE hmod,LPCSTR name,DWORD ordinal,FARPROC origfun) { SNOOP_DLL *dll = firstdll; SNOOP_FUN *fun; - int j; + int j,len; IMAGE_SECTION_HEADER *pe_seg = PE_SECTIONS(hmod);
if (!TRACE_ON(snoop)) return origfun; @@ -182,7 +182,14 @@ !(pe_seg[j].Characteristics & IMAGE_SCN_CNT_CODE) ) return origfun; - + /* some heuristic to filter out DATA objects + decorated names end like "@A" and "@B" and some more */ + len=strlen(name); + if ((name [len-2] == '@') && ((name[len-1] == 'A') || (name[len-1] == 'B'))) + { + return origfun; + } + while (dll) { if (hmod == dll->hmod) break;