On Mon Jul 21 08:52:01 2025 +0000, Zhiyi Zhang wrote:
It will be a lot more work. First, we need to pack variable-length data into e_lfanew for every DLL/EXE(output_pe_file(),output_module16, etc). Then we need to change this signature parsing to support variable-length data(winedump, dbghelp, build_module() in NTDLL, ntdll DLL loader, setupapi fakedll support). There will probably be alignment issues to be handled. Also, increasing e_lfanew might increase the chance of anti-virus software misdetecting wine DLLs as malware. Overall, I don't think it's worth it to extend the built-in signature check for this. It's not like we have many DLLs with the same name.
Hi Nikolay, I'd like to take this further. Is the loader change the only thing blocking this MR? Extending the builtin signature check works, but I am not sure it will be accepted upstream. Another way is to add a resource like OriginalFilename. But parsing resources in the unix loader will be a pain as well. @julliard, do you think there are better solutions? do you think the loader changes in the MR is acceptable?