Vitaliy Margolen a écrit :
Vitaliy Margolen
changelog: dlls/ntdll/virtual.c Load all dll sections no matter what attributes say
why do you need this ? A+
Saturday, July 2, 2005, 12:33:19 AM, you wrote:
Vitaliy Margolen a écrit :
Vitaliy Margolen
changelog: dlls/ntdll/virtual.c Load all dll sections no matter what attributes say
why do you need this ? A+
I have found a dll that have one section marked as IMAGE_SCN_CNT_UNINITIALIZED_DATA. But dll_init entry is jumping right to the beginning of this section. Which results in immediate segfault.
So native mast be loading this section or this program wouldn't ever run.
I also sent this dll to AJ and he ok'ed the change.
Vitaliy
I have found a dll that have one section marked as IMAGE_SCN_CNT_UNINITIALIZED_DATA. But dll_init entry is jumping right to the beginning of this section. Which results in immediate segfault.
So native mast be loading this section or this program wouldn't ever run.
As an alternative explanation, couldn't the native have loaded it on demand?
Cheers, Kuba Ober
Monday, July 4, 2005, 10:51:30 AM, Kuba Ober wrote:
I have found a dll that have one section marked as IMAGE_SCN_CNT_UNINITIALIZED_DATA. But dll_init entry is jumping right to the beginning of this section. Which results in immediate segfault.
So native mast be loading this section or this program wouldn't ever run.
As an alternative explanation, couldn't the native have loaded it on demand?
Don't think so. When dll is loaded it's being initialized by calling entry point (not sure about resources here). Also how would you load particular dll section on demand before initializing that dll?
Vitaliy
On Wednesday 06 July 2005 00:04, Vitaliy Margolen wrote:
Monday, July 4, 2005, 10:51:30 AM, Kuba Ober wrote:
I have found a dll that have one section marked as IMAGE_SCN_CNT_UNINITIALIZED_DATA. But dll_init entry is jumping right to the beginning of this section. Which results in immediate segfault.
So native mast be loading this section or this program wouldn't ever run.
As an alternative explanation, couldn't the native have loaded it on demand?
Don't think so. When dll is loaded it's being initialized by calling entry point (not sure about resources here). Also how would you load particular dll section on demand before initializing that dll?
Imaginary scenario: couldn't the loader that loads the dll into the virtual address space in the first place also load the "uninitialized" sections if there's a fault on read/execute?
I have no clue how windows really does it, unless it was so simple like the dll initialization code handling the actual loading of sections explicitly like the dynamic .so loader on elf systems does...
Anyway, I'm outta my league here, so I better revert to listen mode :)
Cheers, Kuba
-
Eric Pouech -
Kuba Ober -
Vitaliy Margolen