pFad - Phonifier reborn

From de7840af70504a4b0ba53fd40ad8b416ca11b5d8 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sun, 21 Sep 2014 14:07:49 +0200 Subject: [PATCH 01/94] Removed trailing whitespaces. --- MemoryModule.c | 48 ++++++++++++++++----------------- doc/readme.txt | 34 +++++++++++------------ example/DllLoader/DllLoader.cpp | 18 ++++++------- example/DllLoader/Makefile | 2 +- example/Makefile | 2 +- 5 files changed, 52 insertions(+), 52 deletions(-) diff --git a/MemoryModule.c b/MemoryModule.c index 0bd2ee1..0e89a7f 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -140,7 +140,7 @@ FinalizeSections(PMEMORYMODULE module) #else #define imageOffset 0 #endif - + // loop through all sections and change access flags for (i=0; iheaders->FileHeader.NumberOfSections; i++, section++) { DWORD protect, oldProtect, size; @@ -185,10 +185,10 @@ FinalizeSections(PMEMORYMODULE module) } static void -ExecuteTLS(PMEMORYMODULE module) +ExecuteTLS(PMEMORYMODULE module) { unsigned char *codeBase = module->codeBase; - + PIMAGE_DATA_DIRECTORY directory = GET_HEADER_DICTIONARY(module, IMAGE_DIRECTORY_ENTRY_TLS); if (directory->VirtualAddress > 0) { PIMAGE_TLS_DIRECTORY tls = (PIMAGE_TLS_DIRECTORY) (codeBase + directory->VirtualAddress); @@ -225,7 +225,7 @@ PerformBaseRelocation(PMEMORYMODULE module, SIZE_T delta) type = *relInfo >> 12; // the lower 12 bits define the offset offset = *relInfo & 0xfff; - + switch (type) { case IMAGE_REL_BASED_ABSOLUTE: @@ -237,7 +237,7 @@ PerformBaseRelocation(PMEMORYMODULE module, SIZE_T delta) patchAddrHL = (DWORD *) (dest + offset); *patchAddrHL += (DWORD) delta; break; - + #ifdef _WIN64 case IMAGE_REL_BASED_DIR64: patchAddr64 = (ULONGLONG *) (dest + offset); @@ -325,7 +325,7 @@ static HCUSTOMMODULE _LoadLibrary(LPCSTR filename, void *userdata) if (result == NULL) { return NULL; } - + return (HCUSTOMMODULE) result; } @@ -389,7 +389,7 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, return NULL; } } - + result = (PMEMORYMODULE)HeapAlloc(GetProcessHeap(), 0, sizeof(MEMORYMODULE)); if (result == NULL) { SetLastError(ERROR_OUTOFMEMORY); @@ -411,7 +411,7 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, old_header->OptionalHeader.SizeOfHeaders, MEM_COMMIT, PAGE_READWRITE); - + // copy PE header to code memcpy(headers, dos_header, old_header->OptionalHeader.SizeOfHeaders); result->headers = (PIMAGE_NT_HEADERS)&((const unsigned char *)(headers))[dos_header->e_lfanew]; @@ -557,7 +557,7 @@ static PIMAGE_RESOURCE_DIRECTORY_ENTRY _MemorySearchResourceEntry( DWORD start; DWORD end; DWORD middle; - + if (!IS_INTRESOURCE(key) && key[0] == TEXT('#')) { // special case: resource id given as string TCHAR *endpos = NULL; @@ -570,7 +570,7 @@ static PIMAGE_RESOURCE_DIRECTORY_ENTRY _MemorySearchResourceEntry( key = MAKEINTRESOURCE(tmpkey); } } - + // entries are stored as ordered list of named entries, // followed by an ordered list of id entries - we can do // a binary search to find faster... @@ -578,7 +578,7 @@ static PIMAGE_RESOURCE_DIRECTORY_ENTRY _MemorySearchResourceEntry( WORD check = (WORD) (POINTER_TYPE) key; start = resources->NumberOfNamedEntries; end = start + resources->NumberOfIdEntries; - + while (end > start) { WORD entryName; middle = (start + end) >> 1; @@ -611,7 +611,7 @@ static PIMAGE_RESOURCE_DIRECTORY_ENTRY _MemorySearchResourceEntry( if (tmp == NULL) { break; } - + searchKey = (char *) tmp; } wcstombs(searchKey, resourceString->NameString, resourceString->Length); @@ -632,8 +632,8 @@ static PIMAGE_RESOURCE_DIRECTORY_ENTRY _MemorySearchResourceEntry( free(searchKey); #endif } - - + + return result; } @@ -652,7 +652,7 @@ HMEMORYRSRC MemoryFindResourceEx(HMEMORYMODULE module, LPCTSTR name, LPCTSTR typ SetLastError(ERROR_RESOURCE_DATA_NOT_FOUND); return NULL; } - + if (language == DEFAULT_LANGUAGE) { // use language from current thread language = LANGIDFROMLCID(GetThreadLocale()); @@ -668,14 +668,14 @@ HMEMORYRSRC MemoryFindResourceEx(HMEMORYMODULE module, LPCTSTR name, LPCTSTR typ SetLastError(ERROR_RESOURCE_TYPE_NOT_FOUND); return NULL; } - + typeResources = (PIMAGE_RESOURCE_DIRECTORY) (codeBase + directory->VirtualAddress + (foundType->OffsetToData & 0x7fffffff)); foundName = _MemorySearchResourceEntry(rootResources, typeResources, name); if (foundName == NULL) { SetLastError(ERROR_RESOURCE_NAME_NOT_FOUND); return NULL; } - + nameResources = (PIMAGE_RESOURCE_DIRECTORY) (codeBase + directory->VirtualAddress + (foundName->OffsetToData & 0x7fffffff)); foundLanguage = _MemorySearchResourceEntry(rootResources, nameResources, (LPCTSTR) (POINTER_TYPE) language); if (foundLanguage == NULL) { @@ -684,17 +684,17 @@ HMEMORYRSRC MemoryFindResourceEx(HMEMORYMODULE module, LPCTSTR name, LPCTSTR typ SetLastError(ERROR_RESOURCE_LANG_NOT_FOUND); return NULL; } - + foundLanguage = (PIMAGE_RESOURCE_DIRECTORY_ENTRY) (nameResources + 1); } - + return (codeBase + directory->VirtualAddress + (foundLanguage->OffsetToData & 0x7fffffff)); } DWORD MemorySizeofResource(HMEMORYMODULE module, HMEMORYRSRC resource) { PIMAGE_RESOURCE_DATA_ENTRY entry = (PIMAGE_RESOURCE_DATA_ENTRY) resource; - + return entry->Size; } @@ -702,7 +702,7 @@ LPVOID MemoryLoadResource(HMEMORYMODULE module, HMEMORYRSRC resource) { unsigned char *codeBase = ((PMEMORYMODULE) module)->codeBase; PIMAGE_RESOURCE_DATA_ENTRY entry = (PIMAGE_RESOURCE_DATA_ENTRY) resource; - + return codeBase + entry->OffsetToData; } @@ -721,13 +721,13 @@ MemoryLoadStringEx(HMEMORYMODULE module, UINT id, LPTSTR buffer, int maxsize, WO if (maxsize == 0) { return 0; } - + resource = MemoryFindResourceEx(module, MAKEINTRESOURCE((id >> 4) + 1), RT_STRING, language); if (resource == NULL) { buffer[0] = 0; return 0; } - + data = MemoryLoadResource(module, resource); id = id & 0x0f; while (id--) { @@ -738,7 +738,7 @@ MemoryLoadStringEx(HMEMORYMODULE module, UINT id, LPTSTR buffer, int maxsize, WO buffer[0] = 0; return 0; } - + size = data->Length; if (size >= (DWORD) maxsize) { size = maxsize; diff --git a/doc/readme.txt b/doc/readme.txt index e528b7a..3d90304 100644 --- a/doc/readme.txt +++ b/doc/readme.txt @@ -60,7 +60,7 @@ stub that normally just displays an error message about the program not being able to be run from DOS mode. Microsoft defines the DOS header as follows:: - + typedef struct _IMAGE_DOS_HEADER { // DOS .EXE header WORD e_magic; // Magic number WORD e_cblp; // Bytes on last page of file @@ -114,14 +114,14 @@ about symbols, etc:: .. _OptionalHeader: -The `OptionalHeader` contains informations about the *logical* format of the library, +The `OptionalHeader` contains informations about the *logical* format of the library, including required OS version, memory requirements and entry points:: typedef struct _IMAGE_OPTIONAL_HEADER { // // Standard fields. // - + WORD Magic; BYTE MajorLinkerVersion; BYTE MinorLinkerVersion; @@ -131,11 +131,11 @@ including required OS version, memory requirements and entry points:: DWORD AddressOfEntryPoint; DWORD BaseOfCode; DWORD BaseOfData; - + // // NT additional fields. // - + DWORD ImageBase; DWORD SectionAlignment; DWORD FileAlignment; @@ -247,25 +247,25 @@ When issuing the API call `LoadLibrary`, Windows basically performs these tasks: 2. Try to allocate a memory block of `PEHeader.OptionalHeader.SizeOfImage` bytes at position `PEHeader.OptionalHeader.ImageBase`. - + 3. Parse section headers and copy sections to their addresses. The destination address for each section, relative to the base of the allocated memory block, is stored in the `VirtualAddress` attribute of the `IMAGE_SECTION_HEADER` structure. - + 4. If the allocated memory block differs from `ImageBase`, various references in the code and/or data sections must be adjusted. This is called *Base relocation*. - + 5. The required imports for the library must be resolved by loading the corresponding libraries. - + 6. The memory regions of the different sections must be protected depending on the section's characteristics. Some sections are marked as *discardable* and therefore can be safely freed at this point. These sections normally contain temporary data that is only needed during the import, like the informations for the base relocation. - + 7. Now the library is loaded completely. It must be notified about this by calling the entry point using the flag `DLL_PROCESS_ATTACH`. @@ -363,7 +363,7 @@ as follows:: // -1 if bound, and real date\time stamp // in IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT (new BIND) // O.W. date/time stamp of DLL bound to (Old BIND) - + DWORD ForwarderChain; // -1 if no forwarders DWORD Name; DWORD FirstThunk; // RVA to IAT (if bound this IAT has actual addresses) @@ -401,10 +401,10 @@ These flags can be one or a combination of IMAGE_SCN_MEM_EXECUTE The section contains data that can be executed. - + IMAGE_SCN_MEM_READ The section contains data that is readable. - + IMAGE_SCN_MEM_WRITE The section contains data that is writeable. @@ -428,7 +428,7 @@ In addition the section flags above, the following can be added: IMAGE_SCN_MEM_DISCARDABLE The data in this section can be freed after the import. Usually this is specified for relocation data. - + IMAGE_SCN_MEM_NOT_CACHED The data in this section must not get cached by Windows. Add the bit flag `PAGE_NOCACHE` to the protection flags above. @@ -444,7 +444,7 @@ to a process. The function at the entry point is defined as :: - + typedef BOOL (WINAPI *DllEntryProc)(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpReserved); So the last code we need to execute is @@ -497,7 +497,7 @@ To free the custom loaded library, perform the steps DllEntryProc entry = (DllEntryProc)(baseAddress + PEHeader->OptionalHeader.AddressOfEntryPoint); (*entry)((HINSTANCE)baseAddress, DLL_PROCESS_ATTACH, 0); - + - Free external libraries used to resolve imports. - Free allocated memory. @@ -510,7 +510,7 @@ MemoryModule is a C-library that can be used to load a DLL from memory. The interface is very similar to the standard methods for loading of libraries:: typedef void *HMEMORYMODULE; - + HMEMORYMODULE MemoryLoadLibrary(const void *); FARPROC MemoryGetProcAddress(HMEMORYMODULE, const char *); void MemoryFreeLibrary(HMEMORYMODULE); diff --git a/example/DllLoader/DllLoader.cpp b/example/DllLoader/DllLoader.cpp index 1afe8a0..3fda631 100644 --- a/example/DllLoader/DllLoader.cpp +++ b/example/DllLoader/DllLoader.cpp @@ -18,24 +18,24 @@ void LoadFromFile(void) DWORD resourceSize; LPVOID resourceData; TCHAR buffer[100]; - + HINSTANCE handle = LoadLibrary(DLL_FILE); if (handle == NULL) return; addNumber = (addNumberProc)GetProcAddress(handle, "addNumbers"); _tprintf(_T("From file: %d\n"), addNumber(1, 2)); - + resourceInfo = FindResource(handle, MAKEINTRESOURCE(VS_VERSION_INFO), RT_VERSION); _tprintf(_T("FindResource returned 0x%p\n"), resourceInfo); - + resourceSize = SizeofResource(handle, resourceInfo); resourceData = LoadResource(handle, resourceInfo); _tprintf(_T("Resource data: %ld bytes at 0x%p\n"), resourceSize, resourceData); - + LoadString(handle, 1, buffer, sizeof(buffer)); _tprintf(_T("String1: %s\n"), buffer); - + LoadString(handle, 20, buffer, sizeof(buffer)); _tprintf(_T("String2: %s\n"), buffer); @@ -53,7 +53,7 @@ void LoadFromMemory(void) DWORD resourceSize; LPVOID resourceData; TCHAR buffer[100]; - + fp = _tfopen(DLL_FILE, _T("rb")); if (fp == NULL) { @@ -80,14 +80,14 @@ void LoadFromMemory(void) resourceInfo = MemoryFindResource(handle, MAKEINTRESOURCE(VS_VERSION_INFO), RT_VERSION); _tprintf(_T("MemoryFindResource returned 0x%p\n"), resourceInfo); - + resourceSize = MemorySizeofResource(handle, resourceInfo); resourceData = MemoryLoadResource(handle, resourceInfo); _tprintf(_T("Memory resource data: %ld bytes at 0x%p\n"), resourceSize, resourceData); - + MemoryLoadString(handle, 1, buffer, sizeof(buffer)); _tprintf(_T("String1: %s\n"), buffer); - + MemoryLoadString(handle, 20, buffer, sizeof(buffer)); _tprintf(_T("String2: %s\n"), buffer); diff --git a/example/DllLoader/Makefile b/example/DllLoader/Makefile index 92fbd0a..dcfc263 100644 --- a/example/DllLoader/Makefile +++ b/example/DllLoader/Makefile @@ -15,7 +15,7 @@ endif RM = rm CFLAGS = -Wall -g -LDFLAGS = +LDFLAGS = ifdef UNICODE CFLAGS += -DUNICODE -D_UNICODE diff --git a/example/Makefile b/example/Makefile index 2852993..48b8e0b 100644 --- a/example/Makefile +++ b/example/Makefile @@ -10,7 +10,7 @@ $(SUBDIRS): CLEANDIRS = $(SUBDIRS:%=clean-%) clean: $(CLEANDIRS) -$(CLEANDIRS): +$(CLEANDIRS): $(MAKE) -C $(@:clean-%=%) clean .PHONY: subdirs $(INSTALLDIRS) From ce62f60a6e2b007bcd670deb74b3e3bcb62e040d Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sun, 21 Sep 2014 14:09:31 +0200 Subject: [PATCH 02/94] Bump year in copyright. --- MemoryModule.c | 4 ++-- MemoryModule.h | 4 ++-- doc/readme.txt | 2 +- example/SampleDLL/SampleDLL.rc | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/MemoryModule.c b/MemoryModule.c index 0e89a7f..550520e 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -2,7 +2,7 @@ * Memory DLL loading code * Version 0.0.3 * - * Copyright (c) 2004-2013 by Joachim Bauch / mail@joachim-bauch.de + * Copyright (c) 2004-2014 by Joachim Bauch / mail@joachim-bauch.de * http://www.joachim-bauch.de * * The contents of this file are subject to the Mozilla Public License Version @@ -19,7 +19,7 @@ * * The Initial Developer of the Original Code is Joachim Bauch. * - * Portions created by Joachim Bauch are Copyright (C) 2004-2013 + * Portions created by Joachim Bauch are Copyright (C) 2004-2014 * Joachim Bauch. All Rights Reserved. * */ diff --git a/MemoryModule.h b/MemoryModule.h index 7fbb22d..cabb48e 100644 --- a/MemoryModule.h +++ b/MemoryModule.h @@ -2,7 +2,7 @@ * Memory DLL loading code * Version 0.0.3 * - * Copyright (c) 2004-2013 by Joachim Bauch / mail@joachim-bauch.de + * Copyright (c) 2004-2014 by Joachim Bauch / mail@joachim-bauch.de * http://www.joachim-bauch.de * * The contents of this file are subject to the Mozilla Public License Version @@ -19,7 +19,7 @@ * * The Initial Developer of the Original Code is Joachim Bauch. * - * Portions created by Joachim Bauch are Copyright (C) 2004-2013 + * Portions created by Joachim Bauch are Copyright (C) 2004-2014 * Joachim Bauch. All Rights Reserved. * */ diff --git a/doc/readme.txt b/doc/readme.txt index 3d90304..08473df 100644 --- a/doc/readme.txt +++ b/doc/readme.txt @@ -543,4 +543,4 @@ Copyright ========== The MemoryModule library and this tutorial are -Copyright (c) 2004-2013 by Joachim Bauch. +Copyright (c) 2004-2014 by Joachim Bauch. diff --git a/example/SampleDLL/SampleDLL.rc b/example/SampleDLL/SampleDLL.rc index 6f73854..52d538b 100644 --- a/example/SampleDLL/SampleDLL.rc +++ b/example/SampleDLL/SampleDLL.rc @@ -10,7 +10,7 @@ BEGIN VALUE "FileDescription", "SampleDLL" VALUE "FileVersion", "1.0" VALUE "InternalName", "SampleDLL" - VALUE "LegalCopyright", "Copyright (c) 2013 Joachim Bauch" + VALUE "LegalCopyright", "Copyright (c) 2004-2014 Joachim Bauch" VALUE "OriginalFilename", "SampleDLL.dll" VALUE "ProductName", "MemoryModule" VALUE "ProductVersion", "0.0.3" From 8d286f85667d9a9399e72e550fcc6af0a9296cb7 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sun, 21 Sep 2014 14:09:56 +0200 Subject: [PATCH 03/94] Bump version number. --- MemoryModule.c | 2 +- MemoryModule.h | 2 +- example/SampleDLL/SampleDLL.rc | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/MemoryModule.c b/MemoryModule.c index 550520e..7fece47 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -1,6 +1,6 @@ /* * Memory DLL loading code - * Version 0.0.3 + * Version 0.0.4 * * Copyright (c) 2004-2014 by Joachim Bauch / mail@joachim-bauch.de * http://www.joachim-bauch.de diff --git a/MemoryModule.h b/MemoryModule.h index cabb48e..adeacb6 100644 --- a/MemoryModule.h +++ b/MemoryModule.h @@ -1,6 +1,6 @@ /* * Memory DLL loading code - * Version 0.0.3 + * Version 0.0.4 * * Copyright (c) 2004-2014 by Joachim Bauch / mail@joachim-bauch.de * http://www.joachim-bauch.de diff --git a/example/SampleDLL/SampleDLL.rc b/example/SampleDLL/SampleDLL.rc index 52d538b..2fa076b 100644 --- a/example/SampleDLL/SampleDLL.rc +++ b/example/SampleDLL/SampleDLL.rc @@ -13,7 +13,7 @@ BEGIN VALUE "LegalCopyright", "Copyright (c) 2004-2014 Joachim Bauch" VALUE "OriginalFilename", "SampleDLL.dll" VALUE "ProductName", "MemoryModule" - VALUE "ProductVersion", "0.0.3" + VALUE "ProductVersion", "0.0.4" END END From da78edc39bc96fb5653c5489c5a2b3e34166cde7 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sun, 21 Sep 2014 14:14:21 +0200 Subject: [PATCH 04/94] Use markdown readme. --- readme.txt => readme.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) rename readme.txt => readme.md (67%) diff --git a/readme.txt b/readme.md similarity index 67% rename from readme.txt rename to readme.md index b826592..92d823c 100644 --- a/readme.txt +++ b/readme.md @@ -1,5 +1,8 @@ +MemoryModule +============ + The default windows API functions to load external libraries into a program -(LoadLibrary, LoadLibraryEx) only work with files on the filesystem. It's +(`LoadLibrary`, `LoadLibraryEx`) only work with files on the filesystem. It's therefore impossible to load a DLL from memory. But sometimes, you need exactly this functionality (e.g. you don't want to @@ -8,8 +11,8 @@ workarounds for this problems are to write the DLL into a temporary file first and import it from there. When the program terminates, the temporary file gets deleted. -MemoryModule is a library that can be used to load a DLL completely from +`MemoryModule` is a library that can be used to load a DLL completely from memory - without storing on the disk first. -See doc/readme.txt for more informations about the format of a DLL file and +See `doc/readme.txt` for more informations about the format of a DLL file and a tutorial how they can be loaded directly. From bb736dc160c6f70e940701e3f1cd5aea5911b36a Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sun, 21 Sep 2014 14:19:36 +0200 Subject: [PATCH 05/94] Added explicit casts. --- MemoryModule.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/MemoryModule.c b/MemoryModule.c index 7fece47..4fb4655 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -420,7 +420,7 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, result->headers->OptionalHeader.ImageBase = (POINTER_TYPE)code; // copy sections from DLL file block to new memory location - CopySections(data, old_header, result); + CopySections((const unsigned char *) data, old_header, result); // adjust base address of imported data locationDelta = (SIZE_T)(code - old_header->OptionalHeader.ImageBase); @@ -728,7 +728,7 @@ MemoryLoadStringEx(HMEMORYMODULE module, UINT id, LPTSTR buffer, int maxsize, WO return 0; } - data = MemoryLoadResource(module, resource); + data = (PIMAGE_RESOURCE_DIR_STRING_U) MemoryLoadResource(module, resource); id = id & 0x0f; while (id--) { data = (PIMAGE_RESOURCE_DIR_STRING_U) (((char *) data) + (data->Length + 1) * sizeof(WCHAR)); From b8125d0a6560fa68f10677eabe6eaaaa2529c3af Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sun, 21 Sep 2014 14:24:44 +0200 Subject: [PATCH 06/94] Compile everything with "g++" and link statically. --- example/DllLoader/Makefile | 6 +++--- example/SampleDLL/Makefile | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/example/DllLoader/Makefile b/example/DllLoader/Makefile index dcfc263..84c8c68 100644 --- a/example/DllLoader/Makefile +++ b/example/DllLoader/Makefile @@ -4,18 +4,18 @@ ifeq ($(UNAME), Linux) ifndef PLATFORM PLATFORM = i686 endif -CC = $(PLATFORM)-w64-mingw32-gcc +CC = $(PLATFORM)-w64-mingw32-g++ CXX = $(PLATFORM)-w64-mingw32-g++ LINK = $(PLATFORM)-w64-mingw32-ld else -CC = gcc +CC = g++ CXX = g++ LINK = ld endif RM = rm CFLAGS = -Wall -g -LDFLAGS = +LDFLAGS = -static ifdef UNICODE CFLAGS += -DUNICODE -D_UNICODE diff --git a/example/SampleDLL/Makefile b/example/SampleDLL/Makefile index 6ab5629..d5e8085 100644 --- a/example/SampleDLL/Makefile +++ b/example/SampleDLL/Makefile @@ -4,12 +4,12 @@ ifeq ($(UNAME), Linux) ifndef PLATFORM PLATFORM = i686 endif -CC = $(PLATFORM)-w64-mingw32-gcc +CC = $(PLATFORM)-w64-mingw32-g++ CXX = $(PLATFORM)-w64-mingw32-g++ LINK = $(PLATFORM)-w64-mingw32-ld RC = $(PLATFORM)-w64-mingw32-windres else -CC = gcc +CC = g++ CXX = g++ LINK = ld RC = rc From 2d504b533e698b3816d399708b00f99e2fcc53ed Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sun, 21 Sep 2014 17:33:18 +0200 Subject: [PATCH 07/94] Check architecture of library to load. --- MemoryModule.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/MemoryModule.c b/MemoryModule.c index 4fb4655..a7eda08 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -370,6 +370,15 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, return NULL; } +#ifdef _WIN64 + if (old_header->FileHeader.Machine == IMAGE_FILE_MACHINE_I386) { +#else + if (old_header->FileHeader.Machine != IMAGE_FILE_MACHINE_I386) { +#endif + SetLastError(ERROR_BAD_EXE_FORMAT); + return NULL; + } + // reserve memory for image of library // XXX: is it correct to commit the complete memory region at once? // calling DllEntry raises an exception if we don't... From 5a448ce93ab91a5ac9456a456f6568f28a14f2e1 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sun, 21 Sep 2014 18:34:11 +0200 Subject: [PATCH 08/94] Support loading (and running) EXE files (fixes #7). --- MemoryModule.c | 50 +++++++++++++++++------ MemoryModule.h | 19 +++++++-- example/DllLoader/DllLoaderLoader.cpp | 57 +++++++++++++++++++++++++++ example/DllLoader/Makefile | 10 ++++- 4 files changed, 119 insertions(+), 17 deletions(-) create mode 100644 example/DllLoader/DllLoaderLoader.cpp diff --git a/MemoryModule.c b/MemoryModule.c index a7eda08..fcb0081 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -49,20 +49,24 @@ #include "MemoryModule.h" +typedef BOOL (WINAPI *DllEntryProc)(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpReserved); +typedef int (WINAPI *ExeEntryProc)(void); + typedef struct { PIMAGE_NT_HEADERS headers; unsigned char *codeBase; HCUSTOMMODULE *modules; int numModules; int initialized; + int isDLL; + int isRelocated; CustomLoadLibraryFunc loadLibrary; CustomGetProcAddressFunc getProcAddress; CustomFreeLibraryFunc freeLibrary; void *userdata; + ExeEntryProc exeEntry; } MEMORYMODULE, *PMEMORYMODULE; -typedef BOOL (WINAPI *DllEntryProc)(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpReserved); - #define GET_HEADER_DICTIONARY(module, idx) &(module)->headers->OptionalHeader.DataDirectory[idx] #ifdef DEBUG_OUTPUT @@ -202,11 +206,12 @@ ExecuteTLS(PMEMORYMODULE module) } } -static void +static int PerformBaseRelocation(PMEMORYMODULE module, SIZE_T delta) { DWORD i; unsigned char *codeBase = module->codeBase; + int result = 0; PIMAGE_DATA_DIRECTORY directory = GET_HEADER_DICTIONARY(module, IMAGE_DIRECTORY_ENTRY_BASERELOC); if (directory->Size > 0) { @@ -254,7 +259,9 @@ PerformBaseRelocation(PMEMORYMODULE module, SIZE_T delta) // advance to next relocation block relocation = (PIMAGE_BASE_RELOCATION) (((char *) relocation) + relocation->SizeOfBlock); } + result = 1; } + return result; } static int @@ -355,7 +362,6 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, PIMAGE_NT_HEADERS old_header; unsigned char *code, *headers; SIZE_T locationDelta; - DllEntryProc DllEntry; BOOL successfull; dos_header = (PIMAGE_DOS_HEADER)data; @@ -410,6 +416,7 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, result->numModules = 0; result->modules = NULL; result->initialized = 0; + result->isDLL = (old_header->FileHeader.Characteristics & IMAGE_FILE_DLL) != 0; result->loadLibrary = loadLibrary; result->getProcAddress = getProcAddress; result->freeLibrary = freeLibrary; @@ -434,7 +441,9 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, // adjust base address of imported data locationDelta = (SIZE_T)(code - old_header->OptionalHeader.ImageBase); if (locationDelta != 0) { - PerformBaseRelocation(result, locationDelta); + result->isRelocated = PerformBaseRelocation(result, locationDelta); + } else { + result->isRelocated = 1; } // load required dlls and adjust function table of imports @@ -451,14 +460,20 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, // get entry point of loaded library if (result->headers->OptionalHeader.AddressOfEntryPoint != 0) { - DllEntry = (DllEntryProc) (code + result->headers->OptionalHeader.AddressOfEntryPoint); - // notify library about attaching to process - successfull = (*DllEntry)((HINSTANCE)code, DLL_PROCESS_ATTACH, 0); - if (!successfull) { - SetLastError(ERROR_DLL_INIT_FAILED); - goto error; + if (result->isDLL) { + DllEntryProc DllEntry = (DllEntryProc) (code + result->headers->OptionalHeader.AddressOfEntryPoint); + // notify library about attaching to process + successfull = (*DllEntry)((HINSTANCE)code, DLL_PROCESS_ATTACH, 0); + if (!successfull) { + SetLastError(ERROR_DLL_INIT_FAILED); + goto error; + } + result->initialized = 1; + } else { + result->exeEntry = (ExeEntryProc) (code + result->headers->OptionalHeader.AddressOfEntryPoint); } - result->initialized = 1; + } else { + result->exeEntry = NULL; } return (HMEMORYMODULE)result; @@ -549,6 +564,17 @@ void MemoryFreeLibrary(HMEMORYMODULE mod) } } +int MemoryCallEntryPoint(HMEMORYMODULE mod) +{ + PMEMORYMODULE module = (PMEMORYMODULE)mod; + + if (module == NULL || module->isDLL || module->exeEntry == NULL || !module->isRelocated) { + return -1; + } + + return module->exeEntry(); +} + #define DEFAULT_LANGUAGE MAKELANGID(LANG_NEUTRAL, SUBLANG_NEUTRAL) HMEMORYRSRC MemoryFindResource(HMEMORYMODULE module, LPCTSTR name, LPCTSTR type) diff --git a/MemoryModule.h b/MemoryModule.h index adeacb6..e2fa2d3 100644 --- a/MemoryModule.h +++ b/MemoryModule.h @@ -44,7 +44,7 @@ typedef FARPROC (*CustomGetProcAddressFunc)(HCUSTOMMODULE, LPCSTR, void *); typedef void (*CustomFreeLibraryFunc)(HCUSTOMMODULE, void *); /** - * Load DLL from memory location. + * Load EXE/DLL from memory location. * * All dependencies are resolved using default LoadLibrary/GetProcAddress * calls through the Windows API. @@ -52,7 +52,7 @@ typedef void (*CustomFreeLibraryFunc)(HCUSTOMMODULE, void *); HMEMORYMODULE MemoryLoadLibrary(const void *); /** - * Load DLL from memory location using custom dependency resolvers. + * Load EXE/DLL from memory location using custom dependency resolvers. * * Dependencies will be resolved using passed callback methods. */ @@ -68,10 +68,23 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *, FARPROC MemoryGetProcAddress(HMEMORYMODULE, LPCSTR); /** - * Free previously loaded DLL. + * Free previously loaded EXE/DLL. */ void MemoryFreeLibrary(HMEMORYMODULE); +/** + * Execute entry point (EXE only). The entry point can only be executed + * if the EXE has been loaded to the correct base address or it could + * be relocated (i.e. relocation information have not been stripped by + * the linker). + * + * Important: calling this function will not return, i.e. once the loaded + * EXE finished running, the process will terminate. + * + * Returns a negative value if the entry point could not be executed. + */ +int MemoryCallEntryPoint(HMEMORYMODULE); + /** * Find the location of a resource with the specified type and name. */ diff --git a/example/DllLoader/DllLoaderLoader.cpp b/example/DllLoader/DllLoaderLoader.cpp new file mode 100644 index 0000000..e49979e --- /dev/null +++ b/example/DllLoader/DllLoaderLoader.cpp @@ -0,0 +1,57 @@ +#define WIN32_LEAN_AND_MEAN + +#include +#include +#include +#include + +#include "../../MemoryModule.h" + +#define EXE_FILE TEXT("DllLoader.exe") + +int RunFromMemory(void) +{ + FILE *fp; + unsigned char *data=NULL; + size_t size; + HMEMORYMODULE handle; + int result = -1; + + fp = _tfopen(EXE_FILE, _T("rb")); + if (fp == NULL) + { + _tprintf(_T("Can't open executable \"%s\"."), EXE_FILE); + goto exit; + } + + fseek(fp, 0, SEEK_END); + size = ftell(fp); + data = (unsigned char *)malloc(size); + fseek(fp, 0, SEEK_SET); + fread(data, 1, size, fp); + fclose(fp); + + handle = MemoryLoadLibrary(data); + if (handle == NULL) + { + _tprintf(_T("Can't load library from memory.\n")); + goto exit; + } + + result = MemoryCallEntryPoint(handle); + if (result < 0) { + _tprintf(_T("Could not execute entry point: %d\n"), result); + } + MemoryFreeLibrary(handle); + +exit: + if (data) + free(data); + return result; +} + +int main(int argc, char* argv[]) +{ + return RunFromMemory(); +} + diff --git a/example/DllLoader/Makefile b/example/DllLoader/Makefile index 84c8c68..65b5382 100644 --- a/example/DllLoader/Makefile +++ b/example/DllLoader/Makefile @@ -22,9 +22,15 @@ CFLAGS += -DUNICODE -D_UNICODE endif OBJ = DllLoader.o ../../MemoryModule.o +OBJ_LOADER = DllLoaderLoader.o ../../MemoryModule.o + +all: DllLoader.exe DllLoaderLoader.exe DllLoader.exe: $(OBJ) - $(CC) $(LDFLAGS) -o DllLoader.exe $(OBJ) + $(CC) $(LDFLAGS) -Wl,--image-base -Wl,0x20000000 -o DllLoader.exe $(OBJ) + +DllLoaderLoader.exe: $(OBJ_LOADER) + $(CC) $(LDFLAGS) -Wl,--image-base -Wl,0x10000000 -o DllLoaderLoader.exe $(OBJ_LOADER) %.o: %.cpp $(CXX) $(CFLAGS) -c $< @@ -33,4 +39,4 @@ DllLoader.exe: $(OBJ) $(CC) $(CFLAGS) -c $< clean: - $(RM) -rf $(OBJ) DllLoader.exe + $(RM) -rf $(OBJ) $(OBJ_LOADER) DllLoader.exe DllLoaderLoader.exe From 1d55f777531bc7df46c70a73b9cf139c2770031f Mon Sep 17 00:00:00 2001 From: Dan Staples Date: Mon, 5 Jan 2015 20:28:02 -0500 Subject: [PATCH 09/94] small fix relating to searching IMAGE_RESOURCE_DIRECTORY_ENTRYs for named resources --- MemoryModule.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MemoryModule.c b/MemoryModule.c index fcb0081..bb43190 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -633,7 +633,7 @@ static PIMAGE_RESOURCE_DIRECTORY_ENTRY _MemorySearchResourceEntry( int searchKeyLength = 0; #endif start = 0; - end = resources->NumberOfIdEntries; + end = resources->NumberOfNamedEntries; while (end > start) { // resource names are always stored using 16bit characters int cmp; From 52b0379749a29a17a4f588443ca6050994c16247 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Fri, 27 Feb 2015 00:05:11 +0100 Subject: [PATCH 10/94] Added travis configuration. --- .travis.yml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .travis.yml diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..67de344 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,19 @@ +env: + - PLATFORM=x86_64 WINE=wine64 + - PLATFORM=i686 WINE=wine + +language: cpp + +cache: + - apt + +before_install: + - sudo apt-get update -qq + - sh -c "if [ '$PLATFORM' = 'i686' ]; then sudo apt-get install -qq wine gcc-mingw-w64-i686 g++-mingw-w64-i686 binutils-mingw-w64-i686 mingw-w64-dev; fi" + - sh -c "if [ '$PLATFORM' = 'x86_64' ]; then sudo apt-get install -qq wine gcc-mingw-w64-x86-64 g++-mingw-w64-x86-64 binutils-mingw-w64-x86-64 mingw-w64-dev; fi" + +script: + - make PLATFORM=$PLATFORM + - cd example/DllLoader + - WINEPREFIX=`pwd`/$WINE WINEPATH=/usr/lib/gcc/$PLATFORM-w64-mingw32/4.6/ $WINE ./DllLoader.exe + - WINEPREFIX=`pwd`/$WINE WINEPATH=/usr/lib/gcc/$PLATFORM-w64-mingw32/4.6/ $WINE ./DllLoaderLoader.exe From 3422b5791c7ebab00b164a5b72c8e74541e0973a Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Fri, 27 Feb 2015 00:20:35 +0100 Subject: [PATCH 11/94] Show build status. --- readme.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/readme.md b/readme.md index 92d823c..ab35ac6 100644 --- a/readme.md +++ b/readme.md @@ -1,6 +1,8 @@ MemoryModule ============ +[![Build Status](https://travis-ci.org/fancycode/MemoryModule.svg?branch=master)](https://travis-ci.org/fancycode/MemoryModule) + The default windows API functions to load external libraries into a program (`LoadLibrary`, `LoadLibraryEx`) only work with files on the filesystem. It's therefore impossible to load a DLL from memory. From b889c72727bb4e613249b2b0902b6dfae76baa99 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Fri, 27 Feb 2015 00:22:03 +0100 Subject: [PATCH 12/94] Bump year in copyright. --- MemoryModule.c | 4 ++-- MemoryModule.h | 4 ++-- doc/readme.txt | 2 +- example/SampleDLL/SampleDLL.rc | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/MemoryModule.c b/MemoryModule.c index fcb0081..3094133 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -2,7 +2,7 @@ * Memory DLL loading code * Version 0.0.4 * - * Copyright (c) 2004-2014 by Joachim Bauch / mail@joachim-bauch.de + * Copyright (c) 2004-2015 by Joachim Bauch / mail@joachim-bauch.de * http://www.joachim-bauch.de * * The contents of this file are subject to the Mozilla Public License Version @@ -19,7 +19,7 @@ * * The Initial Developer of the Original Code is Joachim Bauch. * - * Portions created by Joachim Bauch are Copyright (C) 2004-2014 + * Portions created by Joachim Bauch are Copyright (C) 2004-2015 * Joachim Bauch. All Rights Reserved. * */ diff --git a/MemoryModule.h b/MemoryModule.h index e2fa2d3..9174ad2 100644 --- a/MemoryModule.h +++ b/MemoryModule.h @@ -2,7 +2,7 @@ * Memory DLL loading code * Version 0.0.4 * - * Copyright (c) 2004-2014 by Joachim Bauch / mail@joachim-bauch.de + * Copyright (c) 2004-2015 by Joachim Bauch / mail@joachim-bauch.de * http://www.joachim-bauch.de * * The contents of this file are subject to the Mozilla Public License Version @@ -19,7 +19,7 @@ * * The Initial Developer of the Original Code is Joachim Bauch. * - * Portions created by Joachim Bauch are Copyright (C) 2004-2014 + * Portions created by Joachim Bauch are Copyright (C) 2004-2015 * Joachim Bauch. All Rights Reserved. * */ diff --git a/doc/readme.txt b/doc/readme.txt index 08473df..7e02c1b 100644 --- a/doc/readme.txt +++ b/doc/readme.txt @@ -543,4 +543,4 @@ Copyright ========== The MemoryModule library and this tutorial are -Copyright (c) 2004-2014 by Joachim Bauch. +Copyright (c) 2004-2015 by Joachim Bauch. diff --git a/example/SampleDLL/SampleDLL.rc b/example/SampleDLL/SampleDLL.rc index 2fa076b..5a0da61 100644 --- a/example/SampleDLL/SampleDLL.rc +++ b/example/SampleDLL/SampleDLL.rc @@ -10,7 +10,7 @@ BEGIN VALUE "FileDescription", "SampleDLL" VALUE "FileVersion", "1.0" VALUE "InternalName", "SampleDLL" - VALUE "LegalCopyright", "Copyright (c) 2004-2014 Joachim Bauch" + VALUE "LegalCopyright", "Copyright (c) 2004-2015 Joachim Bauch" VALUE "OriginalFilename", "SampleDLL.dll" VALUE "ProductName", "MemoryModule" VALUE "ProductVersion", "0.0.4" From 808c043fafec8a7d1726cf95d68a5f5c5c4191b0 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Fri, 27 Feb 2015 00:25:57 +0100 Subject: [PATCH 13/94] Fixed indentation. --- MemoryModule.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/MemoryModule.c b/MemoryModule.c index 160eb31..83d2391 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -67,7 +67,7 @@ typedef struct { ExeEntryProc exeEntry; } MEMORYMODULE, *PMEMORYMODULE; -#define GET_HEADER_DICTIONARY(module, idx) &(module)->headers->OptionalHeader.DataDirectory[idx] +#define GET_HEADER_DICTIONARY(module, idx) &(module)->headers->OptionalHeader.DataDirectory[idx] #ifdef DEBUG_OUTPUT static void @@ -637,7 +637,7 @@ static PIMAGE_RESOURCE_DIRECTORY_ENTRY _MemorySearchResourceEntry( while (end > start) { // resource names are always stored using 16bit characters int cmp; - PIMAGE_RESOURCE_DIR_STRING_U resourceString; + PIMAGE_RESOURCE_DIR_STRING_U resourceString; middle = (start + end) >> 1; resourceString = (PIMAGE_RESOURCE_DIR_STRING_U) (((char *) root) + (entries[middle].Name & 0x7FFFFFFF)); #if !defined(UNICODE) @@ -750,9 +750,9 @@ MemoryLoadString(HMEMORYMODULE module, UINT id, LPTSTR buffer, int maxsize) int MemoryLoadStringEx(HMEMORYMODULE module, UINT id, LPTSTR buffer, int maxsize, WORD language) { - HMEMORYRSRC resource; - PIMAGE_RESOURCE_DIR_STRING_U data; - DWORD size; + HMEMORYRSRC resource; + PIMAGE_RESOURCE_DIR_STRING_U data; + DWORD size; if (maxsize == 0) { return 0; } From 6212358a24a597a6b6405567d32aabb157039fef Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Fri, 27 Feb 2015 00:34:28 +0100 Subject: [PATCH 14/94] Use function from tchar.h instead of #ifdef. --- MemoryModule.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/MemoryModule.c b/MemoryModule.c index 83d2391..602c505 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -596,11 +596,7 @@ static PIMAGE_RESOURCE_DIRECTORY_ENTRY _MemorySearchResourceEntry( if (!IS_INTRESOURCE(key) && key[0] == TEXT('#')) { // special case: resource id given as string TCHAR *endpos = NULL; -#if defined(UNICODE) - long int tmpkey = (WORD) wcstol((TCHAR *) &key[1], &endpos, 10); -#else - long int tmpkey = (WORD) strtol((TCHAR *) &key[1], &endpos, 10); -#endif + long int tmpkey = (WORD) _tcstol((TCHAR *) &key[1], &endpos, 10); if (tmpkey <= 0xffff && lstrlen(endpos) == 0) { key = MAKEINTRESOURCE(tmpkey); } From dacdbaba9a88d05a8d7dc840adcc74c3d5d8ed77 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Fri, 27 Feb 2015 00:39:16 +0100 Subject: [PATCH 15/94] Deny loading any other architecture than 64bit if compiled for 64bit. --- MemoryModule.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MemoryModule.c b/MemoryModule.c index 602c505..6a661bc 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -377,7 +377,7 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, } #ifdef _WIN64 - if (old_header->FileHeader.Machine == IMAGE_FILE_MACHINE_I386) { + if (old_header->FileHeader.Machine != IMAGE_FILE_MACHINE_AMD64) { #else if (old_header->FileHeader.Machine != IMAGE_FILE_MACHINE_I386) { #endif From 625aa470359b2e86d30c6670278658de3ea01729 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Fri, 27 Feb 2015 00:46:34 +0100 Subject: [PATCH 16/94] Use "uintptr_t" instead of custom type. --- MemoryModule.c | 29 ++++++++++++----------------- 1 file changed, 12 insertions(+), 17 deletions(-) diff --git a/MemoryModule.c b/MemoryModule.c index 6a661bc..9e99535 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -29,14 +29,9 @@ #pragma warning( disable : 4311 4312 ) #endif -#ifdef _WIN64 -#define POINTER_TYPE ULONGLONG -#else -#define POINTER_TYPE DWORD -#endif - #include #include +#include #include #ifdef DEBUG_OUTPUT #include @@ -103,7 +98,7 @@ CopySections(const unsigned char *data, PIMAGE_NT_HEADERS old_headers, PMEMORYMO MEM_COMMIT, PAGE_READWRITE); - section->Misc.PhysicalAddress = (DWORD) (POINTER_TYPE) dest; + section->Misc.PhysicalAddress = (DWORD) (uintptr_t) dest; memset(dest, 0, size); } @@ -117,7 +112,7 @@ CopySections(const unsigned char *data, PIMAGE_NT_HEADERS old_headers, PMEMORYMO MEM_COMMIT, PAGE_READWRITE); memcpy(dest, data + section->PointerToRawData, section->SizeOfRawData); - section->Misc.PhysicalAddress = (DWORD) (POINTER_TYPE) dest; + section->Misc.PhysicalAddress = (DWORD) (uintptr_t) dest; } } @@ -140,7 +135,7 @@ FinalizeSections(PMEMORYMODULE module) int i; PIMAGE_SECTION_HEADER section = IMAGE_FIRST_SECTION(module->headers); #ifdef _WIN64 - POINTER_TYPE imageOffset = (module->headers->OptionalHeader.ImageBase & 0xffffffff00000000); + uintptr_t imageOffset = (module->headers->OptionalHeader.ImageBase & 0xffffffff00000000); #else #define imageOffset 0 #endif @@ -154,7 +149,7 @@ FinalizeSections(PMEMORYMODULE module) if (section->Characteristics & IMAGE_SCN_MEM_DISCARDABLE) { // section is not needed any more and can safely be freed - VirtualFree((LPVOID)((POINTER_TYPE)section->Misc.PhysicalAddress | imageOffset), section->SizeOfRawData, MEM_DECOMMIT); + VirtualFree((LPVOID)((uintptr_t)section->Misc.PhysicalAddress | imageOffset), section->SizeOfRawData, MEM_DECOMMIT); continue; } @@ -176,7 +171,7 @@ FinalizeSections(PMEMORYMODULE module) if (size > 0) { // change memory access flags - if (VirtualProtect((LPVOID)((POINTER_TYPE)section->Misc.PhysicalAddress | imageOffset), size, protect, &oldProtect) == 0) + if (VirtualProtect((LPVOID)((uintptr_t)section->Misc.PhysicalAddress | imageOffset), size, protect, &oldProtect) == 0) #ifdef DEBUG_OUTPUT OutputLastError("Error protecting memory page") #endif @@ -275,7 +270,7 @@ BuildImportTable(PMEMORYMODULE module) if (directory->Size > 0) { PIMAGE_IMPORT_DESCRIPTOR importDesc = (PIMAGE_IMPORT_DESCRIPTOR) (codeBase + directory->VirtualAddress); for (; !IsBadReadPtr(importDesc, sizeof(IMAGE_IMPORT_DESCRIPTOR)) && importDesc->Name; importDesc++) { - POINTER_TYPE *thunkRef; + uintptr_t *thunkRef; FARPROC *funcRef; HCUSTOMMODULE handle = module->loadLibrary((LPCSTR) (codeBase + importDesc->Name), module->userdata); if (handle == NULL) { @@ -295,11 +290,11 @@ BuildImportTable(PMEMORYMODULE module) module->modules[module->numModules++] = handle; if (importDesc->OriginalFirstThunk) { - thunkRef = (POINTER_TYPE *) (codeBase + importDesc->OriginalFirstThunk); + thunkRef = (uintptr_t *) (codeBase + importDesc->OriginalFirstThunk); funcRef = (FARPROC *) (codeBase + importDesc->FirstThunk); } else { // no hint table - thunkRef = (POINTER_TYPE *) (codeBase + importDesc->FirstThunk); + thunkRef = (uintptr_t *) (codeBase + importDesc->FirstThunk); funcRef = (FARPROC *) (codeBase + importDesc->FirstThunk); } for (; *thunkRef; thunkRef++, funcRef++) { @@ -433,7 +428,7 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, result->headers = (PIMAGE_NT_HEADERS)&((const unsigned char *)(headers))[dos_header->e_lfanew]; // update position - result->headers->OptionalHeader.ImageBase = (POINTER_TYPE)code; + result->headers->OptionalHeader.ImageBase = (uintptr_t)code; // copy sections from DLL file block to new memory location CopySections((const unsigned char *) data, old_header, result); @@ -606,7 +601,7 @@ static PIMAGE_RESOURCE_DIRECTORY_ENTRY _MemorySearchResourceEntry( // followed by an ordered list of id entries - we can do // a binary search to find faster... if (IS_INTRESOURCE(key)) { - WORD check = (WORD) (POINTER_TYPE) key; + WORD check = (WORD) (uintptr_t) key; start = resources->NumberOfNamedEntries; end = start + resources->NumberOfIdEntries; @@ -708,7 +703,7 @@ HMEMORYRSRC MemoryFindResourceEx(HMEMORYMODULE module, LPCTSTR name, LPCTSTR typ } nameResources = (PIMAGE_RESOURCE_DIRECTORY) (codeBase + directory->VirtualAddress + (foundName->OffsetToData & 0x7fffffff)); - foundLanguage = _MemorySearchResourceEntry(rootResources, nameResources, (LPCTSTR) (POINTER_TYPE) language); + foundLanguage = _MemorySearchResourceEntry(rootResources, nameResources, (LPCTSTR) (uintptr_t) language); if (foundLanguage == NULL) { // requested language not found, use first available if (nameResources->NumberOfIdEntries == 0) { From 4c08d8eb92abd37108315433b00e9338c090c72c Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Fri, 27 Feb 2015 00:54:48 +0100 Subject: [PATCH 17/94] Also build UNICODE versions. --- .travis.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 67de344..0de8cba 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,6 +1,8 @@ env: - PLATFORM=x86_64 WINE=wine64 - PLATFORM=i686 WINE=wine + - UNICODE= + - UNICODE=1 language: cpp @@ -13,7 +15,7 @@ before_install: - sh -c "if [ '$PLATFORM' = 'x86_64' ]; then sudo apt-get install -qq wine gcc-mingw-w64-x86-64 g++-mingw-w64-x86-64 binutils-mingw-w64-x86-64 mingw-w64-dev; fi" script: - - make PLATFORM=$PLATFORM + - make PLATFORM=$PLATFORM UNICODE=$UNICODE - cd example/DllLoader - WINEPREFIX=`pwd`/$WINE WINEPATH=/usr/lib/gcc/$PLATFORM-w64-mingw32/4.6/ $WINE ./DllLoader.exe - WINEPREFIX=`pwd`/$WINE WINEPATH=/usr/lib/gcc/$PLATFORM-w64-mingw32/4.6/ $WINE ./DllLoaderLoader.exe From dd5e818dfc57253d59c4ec0dd569fb4a29cd346e Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Fri, 27 Feb 2015 00:56:39 +0100 Subject: [PATCH 18/94] Need to specify build matrix differently. --- .travis.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index 0de8cba..2af19ce 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,8 +1,8 @@ env: - - PLATFORM=x86_64 WINE=wine64 - - PLATFORM=i686 WINE=wine - - UNICODE= - - UNICODE=1 + - PLATFORM=x86_64 WINE=wine64 UNICODE= + - PLATFORM=i686 WINE=wine UNICODE= + - PLATFORM=x86_64 WINE=wine64 UNICODE=1 + - PLATFORM=i686 WINE=wine UNICODE=1 language: cpp From 927bd2a9f01b60be27e06b46d6bfc188a7ffef58 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Fri, 27 Feb 2015 01:34:33 +0100 Subject: [PATCH 19/94] Link using "g++" to get reloc information. --- example/SampleDLL/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/example/SampleDLL/Makefile b/example/SampleDLL/Makefile index d5e8085..ce3f65b 100644 --- a/example/SampleDLL/Makefile +++ b/example/SampleDLL/Makefile @@ -6,7 +6,7 @@ PLATFORM = i686 endif CC = $(PLATFORM)-w64-mingw32-g++ CXX = $(PLATFORM)-w64-mingw32-g++ -LINK = $(PLATFORM)-w64-mingw32-ld +LINK = $(PLATFORM)-w64-mingw32-g++ RC = $(PLATFORM)-w64-mingw32-windres else CC = g++ From aa6b93bab43430c91da8201ae18569a646b9e192 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sat, 28 Feb 2015 23:01:44 +0100 Subject: [PATCH 20/94] Support section alignments that are smaller than the memory page size (fixes #20/#21). --- MemoryModule.c | 146 ++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 113 insertions(+), 33 deletions(-) diff --git a/MemoryModule.c b/MemoryModule.c index 9e99535..d5e071e 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -60,9 +60,19 @@ typedef struct { CustomFreeLibraryFunc freeLibrary; void *userdata; ExeEntryProc exeEntry; + DWORD pageSize; } MEMORYMODULE, *PMEMORYMODULE; +typedef struct { + LPVOID address; + LPVOID alignedAddress; + DWORD size; + DWORD characteristics; + BOOL last; +} SECTIONFINALIZEDATA, *PSECTIONFINALIZEDATA; + #define GET_HEADER_DICTIONARY(module, idx) &(module)->headers->OptionalHeader.DataDirectory[idx] +#define ALIGN_DOWN(address, alignment) (LPVOID)((uintptr_t)(address) & ~((alignment) - 1)) #ifdef DEBUG_OUTPUT static void @@ -98,6 +108,9 @@ CopySections(const unsigned char *data, PIMAGE_NT_HEADERS old_headers, PMEMORYMO MEM_COMMIT, PAGE_READWRITE); + // Always use position from file to support alignments smaller + // than page size. + dest = codeBase + section->VirtualAddress; section->Misc.PhysicalAddress = (DWORD) (uintptr_t) dest; memset(dest, 0, size); } @@ -111,6 +124,10 @@ CopySections(const unsigned char *data, PIMAGE_NT_HEADERS old_headers, PMEMORYMO section->SizeOfRawData, MEM_COMMIT, PAGE_READWRITE); + + // Always use position from file to support alignments smaller + // than page size. + dest = codeBase + section->VirtualAddress; memcpy(dest, data + section->PointerToRawData, section->SizeOfRawData); section->Misc.PhysicalAddress = (DWORD) (uintptr_t) dest; } @@ -129,6 +146,63 @@ static int ProtectionFlags[2][2][2] = { }, }; +static DWORD +GetRealSectionSize(PMEMORYMODULE module, PIMAGE_SECTION_HEADER section) { + DWORD size = section->SizeOfRawData; + if (size == 0) { + if (section->Characteristics & IMAGE_SCN_CNT_INITIALIZED_DATA) { + size = module->headers->OptionalHeader.SizeOfInitializedData; + } else if (section->Characteristics & IMAGE_SCN_CNT_UNINITIALIZED_DATA) { + size = module->headers->OptionalHeader.SizeOfUninitializedData; + } + } + return size; +} + +static BOOL +FinalizeSection(PMEMORYMODULE module, PSECTIONFINALIZEDATA sectionData) { + DWORD protect, oldProtect; + int executable; + int readable; + int writeable; + + if (sectionData->size == 0) { + return TRUE; + } + + if (sectionData->characteristics & IMAGE_SCN_MEM_DISCARDABLE) { + // section is not needed any more and can safely be freed + if (sectionData->address == sectionData->alignedAddress && + (sectionData->last || + module->headers->OptionalHeader.SectionAlignment == module->pageSize || + (sectionData->size % module->pageSize) == 0) + ) { + // Only allowed to decommit whole pages + VirtualFree(sectionData->address, sectionData->size, MEM_DECOMMIT); + } + return TRUE; + } + + // determine protection flags based on characteristics + executable = (sectionData->characteristics & IMAGE_SCN_MEM_EXECUTE) != 0; + readable = (sectionData->characteristics & IMAGE_SCN_MEM_READ) != 0; + writeable = (sectionData->characteristics & IMAGE_SCN_MEM_WRITE) != 0; + protect = ProtectionFlags[executable][readable][writeable]; + if (sectionData->characteristics & IMAGE_SCN_MEM_NOT_CACHED) { + protect |= PAGE_NOCACHE; + } + + // change memory access flags + if (VirtualProtect(sectionData->address, sectionData->size, protect, &oldProtect) == 0) { +#ifdef DEBUG_OUTPUT + OutputLastError("Error protecting memory page") +#endif + return FALSE; + } + + return TRUE; +} + static void FinalizeSections(PMEMORYMODULE module) { @@ -139,45 +213,41 @@ FinalizeSections(PMEMORYMODULE module) #else #define imageOffset 0 #endif + SECTIONFINALIZEDATA sectionData; + sectionData.address = (LPVOID)((uintptr_t)section->Misc.PhysicalAddress | imageOffset); + sectionData.alignedAddress = ALIGN_DOWN(sectionData.address, module->pageSize); + sectionData.size = GetRealSectionSize(module, section); + sectionData.characteristics = section->Characteristics; + sectionData.last = FALSE; + section++; // loop through all sections and change access flags - for (i=0; iheaders->FileHeader.NumberOfSections; i++, section++) { - DWORD protect, oldProtect, size; - int executable = (section->Characteristics & IMAGE_SCN_MEM_EXECUTE) != 0; - int readable = (section->Characteristics & IMAGE_SCN_MEM_READ) != 0; - int writeable = (section->Characteristics & IMAGE_SCN_MEM_WRITE) != 0; - - if (section->Characteristics & IMAGE_SCN_MEM_DISCARDABLE) { - // section is not needed any more and can safely be freed - VirtualFree((LPVOID)((uintptr_t)section->Misc.PhysicalAddress | imageOffset), section->SizeOfRawData, MEM_DECOMMIT); - continue; - } - - // determine protection flags based on characteristics - protect = ProtectionFlags[executable][readable][writeable]; - if (section->Characteristics & IMAGE_SCN_MEM_NOT_CACHED) { - protect |= PAGE_NOCACHE; - } - - // determine size of region - size = section->SizeOfRawData; - if (size == 0) { - if (section->Characteristics & IMAGE_SCN_CNT_INITIALIZED_DATA) { - size = module->headers->OptionalHeader.SizeOfInitializedData; - } else if (section->Characteristics & IMAGE_SCN_CNT_UNINITIALIZED_DATA) { - size = module->headers->OptionalHeader.SizeOfUninitializedData; + for (i=1; iheaders->FileHeader.NumberOfSections; i++, section++) { + LPVOID sectionAddress = (LPVOID)((uintptr_t)section->Misc.PhysicalAddress | imageOffset); + LPVOID alignedAddress = ALIGN_DOWN(sectionAddress, module->pageSize); + DWORD sectionSize = GetRealSectionSize(module, section); + // Combine access flags of all sections that share a page + // TODO(fancycode): We currently share flags of a trailing large section + // with the page of a first small section. This should be optimized. + if (sectionData.alignedAddress == alignedAddress || (uintptr_t) sectionData.address + sectionData.size > (uintptr_t) alignedAddress) { + // Section shares page with previous + if ((section->Characteristics & IMAGE_SCN_MEM_DISCARDABLE) == 0 || (sectionData.characteristics & IMAGE_SCN_MEM_DISCARDABLE) == 0) { + sectionData.characteristics = (sectionData.characteristics | section->Characteristics) & ~IMAGE_SCN_MEM_DISCARDABLE; + } else { + sectionData.characteristics |= section->Characteristics; } + sectionData.size = (((uintptr_t)sectionAddress) + sectionSize) - (uintptr_t) sectionData.address; + continue; } - if (size > 0) { - // change memory access flags - if (VirtualProtect((LPVOID)((uintptr_t)section->Misc.PhysicalAddress | imageOffset), size, protect, &oldProtect) == 0) -#ifdef DEBUG_OUTPUT - OutputLastError("Error protecting memory page") -#endif - ; - } + FinalizeSection(module, §ionData); + sectionData.address = sectionAddress; + sectionData.alignedAddress = alignedAddress; + sectionData.size = sectionSize; + sectionData.characteristics = section->Characteristics; } + sectionData.last = TRUE; + FinalizeSection(module, §ionData); #ifndef _WIN64 #undef imageOffset #endif @@ -358,6 +428,7 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, unsigned char *code, *headers; SIZE_T locationDelta; BOOL successfull; + SYSTEM_INFO sysInfo; dos_header = (PIMAGE_DOS_HEADER)data; if (dos_header->e_magic != IMAGE_DOS_SIGNATURE) { @@ -380,6 +451,12 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, return NULL; } + if (old_header->OptionalHeader.SectionAlignment & 1) { + // Only support section alignments that are a multiple of 2 + SetLastError(ERROR_BAD_EXE_FORMAT); + return NULL; + } + // reserve memory for image of library // XXX: is it correct to commit the complete memory region at once? // calling DllEntry raises an exception if we don't... @@ -417,6 +494,9 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, result->freeLibrary = freeLibrary; result->userdata = userdata; + GetNativeSystemInfo(&sysInfo); + result->pageSize = sysInfo.dwPageSize; + // commit memory for headers headers = (unsigned char *)VirtualAlloc(code, old_header->OptionalHeader.SizeOfHeaders, From d321abf8fa72bd1b768cb5f9bcf8150b04cb7cec Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sat, 28 Feb 2015 23:59:06 +0100 Subject: [PATCH 21/94] Added more error handling, changed boolean variables to "BOOL", bail our early from functions where possible. --- MemoryModule.c | 287 +++++++++++++++++++++++++++---------------------- 1 file changed, 156 insertions(+), 131 deletions(-) diff --git a/MemoryModule.c b/MemoryModule.c index d5e071e..658ed92 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -52,9 +52,9 @@ typedef struct { unsigned char *codeBase; HCUSTOMMODULE *modules; int numModules; - int initialized; - int isDLL; - int isRelocated; + BOOL initialized; + BOOL isDLL; + BOOL isRelocated; CustomLoadLibraryFunc loadLibrary; CustomGetProcAddressFunc getProcAddress; CustomFreeLibraryFunc freeLibrary; @@ -90,7 +90,7 @@ OutputLastError(const char *msg) } #endif -static void +static BOOL CopySections(const unsigned char *data, PIMAGE_NT_HEADERS old_headers, PMEMORYMODULE module) { int i, size; @@ -107,6 +107,9 @@ CopySections(const unsigned char *data, PIMAGE_NT_HEADERS old_headers, PMEMORYMO size, MEM_COMMIT, PAGE_READWRITE); + if (dest == NULL) { + return FALSE; + } // Always use position from file to support alignments smaller // than page size. @@ -124,6 +127,9 @@ CopySections(const unsigned char *data, PIMAGE_NT_HEADERS old_headers, PMEMORYMO section->SizeOfRawData, MEM_COMMIT, PAGE_READWRITE); + if (dest == NULL) { + return FALSE; + } // Always use position from file to support alignments smaller // than page size. @@ -131,6 +137,8 @@ CopySections(const unsigned char *data, PIMAGE_NT_HEADERS old_headers, PMEMORYMO memcpy(dest, data + section->PointerToRawData, section->SizeOfRawData); section->Misc.PhysicalAddress = (DWORD) (uintptr_t) dest; } + + return TRUE; } // Protection flags for memory pages (Executable, Readable, Writeable) @@ -162,9 +170,9 @@ GetRealSectionSize(PMEMORYMODULE module, PIMAGE_SECTION_HEADER section) { static BOOL FinalizeSection(PMEMORYMODULE module, PSECTIONFINALIZEDATA sectionData) { DWORD protect, oldProtect; - int executable; - int readable; - int writeable; + BOOL executable; + BOOL readable; + BOOL writeable; if (sectionData->size == 0) { return TRUE; @@ -203,7 +211,7 @@ FinalizeSection(PMEMORYMODULE module, PSECTIONFINALIZEDATA sectionData) { return TRUE; } -static void +static BOOL FinalizeSections(PMEMORYMODULE module) { int i; @@ -240,152 +248,164 @@ FinalizeSections(PMEMORYMODULE module) continue; } - FinalizeSection(module, §ionData); + if (!FinalizeSection(module, §ionData)) { + return FALSE; + } sectionData.address = sectionAddress; sectionData.alignedAddress = alignedAddress; sectionData.size = sectionSize; sectionData.characteristics = section->Characteristics; } sectionData.last = TRUE; - FinalizeSection(module, §ionData); + if (!FinalizeSection(module, §ionData)) { + return FALSE; + } #ifndef _WIN64 #undef imageOffset #endif + return TRUE; } -static void +static BOOL ExecuteTLS(PMEMORYMODULE module) { unsigned char *codeBase = module->codeBase; PIMAGE_DATA_DIRECTORY directory = GET_HEADER_DICTIONARY(module, IMAGE_DIRECTORY_ENTRY_TLS); - if (directory->VirtualAddress > 0) { - PIMAGE_TLS_DIRECTORY tls = (PIMAGE_TLS_DIRECTORY) (codeBase + directory->VirtualAddress); - PIMAGE_TLS_CALLBACK* callback = (PIMAGE_TLS_CALLBACK *) tls->AddressOfCallBacks; - if (callback) { - while (*callback) { - (*callback)((LPVOID) codeBase, DLL_PROCESS_ATTACH, NULL); - callback++; - } + if (directory->VirtualAddress == 0) { + return TRUE; + } + + PIMAGE_TLS_DIRECTORY tls = (PIMAGE_TLS_DIRECTORY) (codeBase + directory->VirtualAddress); + PIMAGE_TLS_CALLBACK* callback = (PIMAGE_TLS_CALLBACK *) tls->AddressOfCallBacks; + if (callback) { + while (*callback) { + (*callback)((LPVOID) codeBase, DLL_PROCESS_ATTACH, NULL); + callback++; } } + return TRUE; } -static int +static BOOL PerformBaseRelocation(PMEMORYMODULE module, SIZE_T delta) { - DWORD i; unsigned char *codeBase = module->codeBase; - int result = 0; + PIMAGE_BASE_RELOCATION relocation; PIMAGE_DATA_DIRECTORY directory = GET_HEADER_DICTIONARY(module, IMAGE_DIRECTORY_ENTRY_BASERELOC); - if (directory->Size > 0) { - PIMAGE_BASE_RELOCATION relocation = (PIMAGE_BASE_RELOCATION) (codeBase + directory->VirtualAddress); - for (; relocation->VirtualAddress > 0; ) { - unsigned char *dest = codeBase + relocation->VirtualAddress; - unsigned short *relInfo = (unsigned short *)((unsigned char *)relocation + IMAGE_SIZEOF_BASE_RELOCATION); - for (i=0; i<((relocation->SizeOfBlock-IMAGE_SIZEOF_BASE_RELOCATION) / 2); i++, relInfo++) { - DWORD *patchAddrHL; + if (directory->Size == 0) { + return (delta == 0); + } + + relocation = (PIMAGE_BASE_RELOCATION) (codeBase + directory->VirtualAddress); + for (; relocation->VirtualAddress > 0; ) { + DWORD i; + unsigned char *dest = codeBase + relocation->VirtualAddress; + unsigned short *relInfo = (unsigned short *)((unsigned char *)relocation + IMAGE_SIZEOF_BASE_RELOCATION); + for (i=0; i<((relocation->SizeOfBlock-IMAGE_SIZEOF_BASE_RELOCATION) / 2); i++, relInfo++) { + DWORD *patchAddrHL; #ifdef _WIN64 - ULONGLONG *patchAddr64; + ULONGLONG *patchAddr64; #endif - int type, offset; + int type, offset; - // the upper 4 bits define the type of relocation - type = *relInfo >> 12; - // the lower 12 bits define the offset - offset = *relInfo & 0xfff; + // the upper 4 bits define the type of relocation + type = *relInfo >> 12; + // the lower 12 bits define the offset + offset = *relInfo & 0xfff; - switch (type) - { - case IMAGE_REL_BASED_ABSOLUTE: - // skip relocation - break; + switch (type) + { + case IMAGE_REL_BASED_ABSOLUTE: + // skip relocation + break; - case IMAGE_REL_BASED_HIGHLOW: - // change complete 32 bit address - patchAddrHL = (DWORD *) (dest + offset); - *patchAddrHL += (DWORD) delta; - break; + case IMAGE_REL_BASED_HIGHLOW: + // change complete 32 bit address + patchAddrHL = (DWORD *) (dest + offset); + *patchAddrHL += (DWORD) delta; + break; #ifdef _WIN64 - case IMAGE_REL_BASED_DIR64: - patchAddr64 = (ULONGLONG *) (dest + offset); - *patchAddr64 += (ULONGLONG) delta; - break; + case IMAGE_REL_BASED_DIR64: + patchAddr64 = (ULONGLONG *) (dest + offset); + *patchAddr64 += (ULONGLONG) delta; + break; #endif - default: - //printf("Unknown relocation: %d\n", type); - break; - } + default: + //printf("Unknown relocation: %d\n", type); + break; } - - // advance to next relocation block - relocation = (PIMAGE_BASE_RELOCATION) (((char *) relocation) + relocation->SizeOfBlock); } - result = 1; + + // advance to next relocation block + relocation = (PIMAGE_BASE_RELOCATION) (((char *) relocation) + relocation->SizeOfBlock); } - return result; + return TRUE; } -static int +static BOOL BuildImportTable(PMEMORYMODULE module) { - int result=1; unsigned char *codeBase = module->codeBase; - HCUSTOMMODULE *tmp; + PIMAGE_IMPORT_DESCRIPTOR importDesc; + BOOL result = TRUE; PIMAGE_DATA_DIRECTORY directory = GET_HEADER_DICTIONARY(module, IMAGE_DIRECTORY_ENTRY_IMPORT); - if (directory->Size > 0) { - PIMAGE_IMPORT_DESCRIPTOR importDesc = (PIMAGE_IMPORT_DESCRIPTOR) (codeBase + directory->VirtualAddress); - for (; !IsBadReadPtr(importDesc, sizeof(IMAGE_IMPORT_DESCRIPTOR)) && importDesc->Name; importDesc++) { - uintptr_t *thunkRef; - FARPROC *funcRef; - HCUSTOMMODULE handle = module->loadLibrary((LPCSTR) (codeBase + importDesc->Name), module->userdata); - if (handle == NULL) { - SetLastError(ERROR_MOD_NOT_FOUND); - result = 0; - break; - } + if (directory->Size == 0) { + return TRUE; + } - tmp = (HCUSTOMMODULE *) realloc(module->modules, (module->numModules+1)*(sizeof(HCUSTOMMODULE))); - if (tmp == NULL) { - module->freeLibrary(handle, module->userdata); - SetLastError(ERROR_OUTOFMEMORY); - result = 0; - break; - } - module->modules = tmp; + importDesc = (PIMAGE_IMPORT_DESCRIPTOR) (codeBase + directory->VirtualAddress); + for (; !IsBadReadPtr(importDesc, sizeof(IMAGE_IMPORT_DESCRIPTOR)) && importDesc->Name; importDesc++) { + uintptr_t *thunkRef; + FARPROC *funcRef; + HCUSTOMMODULE *tmp; + HCUSTOMMODULE handle = module->loadLibrary((LPCSTR) (codeBase + importDesc->Name), module->userdata); + if (handle == NULL) { + SetLastError(ERROR_MOD_NOT_FOUND); + result = FALSE; + break; + } - module->modules[module->numModules++] = handle; - if (importDesc->OriginalFirstThunk) { - thunkRef = (uintptr_t *) (codeBase + importDesc->OriginalFirstThunk); - funcRef = (FARPROC *) (codeBase + importDesc->FirstThunk); + tmp = (HCUSTOMMODULE *) realloc(module->modules, (module->numModules+1)*(sizeof(HCUSTOMMODULE))); + if (tmp == NULL) { + module->freeLibrary(handle, module->userdata); + SetLastError(ERROR_OUTOFMEMORY); + result = FALSE; + break; + } + module->modules = tmp; + + module->modules[module->numModules++] = handle; + if (importDesc->OriginalFirstThunk) { + thunkRef = (uintptr_t *) (codeBase + importDesc->OriginalFirstThunk); + funcRef = (FARPROC *) (codeBase + importDesc->FirstThunk); + } else { + // no hint table + thunkRef = (uintptr_t *) (codeBase + importDesc->FirstThunk); + funcRef = (FARPROC *) (codeBase + importDesc->FirstThunk); + } + for (; *thunkRef; thunkRef++, funcRef++) { + if (IMAGE_SNAP_BY_ORDINAL(*thunkRef)) { + *funcRef = module->getProcAddress(handle, (LPCSTR)IMAGE_ORDINAL(*thunkRef), module->userdata); } else { - // no hint table - thunkRef = (uintptr_t *) (codeBase + importDesc->FirstThunk); - funcRef = (FARPROC *) (codeBase + importDesc->FirstThunk); - } - for (; *thunkRef; thunkRef++, funcRef++) { - if (IMAGE_SNAP_BY_ORDINAL(*thunkRef)) { - *funcRef = module->getProcAddress(handle, (LPCSTR)IMAGE_ORDINAL(*thunkRef), module->userdata); - } else { - PIMAGE_IMPORT_BY_NAME thunkData = (PIMAGE_IMPORT_BY_NAME) (codeBase + (*thunkRef)); - *funcRef = module->getProcAddress(handle, (LPCSTR)&thunkData->Name, module->userdata); - } - if (*funcRef == 0) { - result = 0; - break; - } + PIMAGE_IMPORT_BY_NAME thunkData = (PIMAGE_IMPORT_BY_NAME) (codeBase + (*thunkRef)); + *funcRef = module->getProcAddress(handle, (LPCSTR)&thunkData->Name, module->userdata); } - - if (!result) { - module->freeLibrary(handle, module->userdata); - SetLastError(ERROR_PROC_NOT_FOUND); + if (*funcRef == 0) { + result = FALSE; break; } } + + if (!result) { + module->freeLibrary(handle, module->userdata); + SetLastError(ERROR_PROC_NOT_FOUND); + break; + } } return result; @@ -427,7 +447,6 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, PIMAGE_NT_HEADERS old_header; unsigned char *code, *headers; SIZE_T locationDelta; - BOOL successfull; SYSTEM_INFO sysInfo; dos_header = (PIMAGE_DOS_HEADER)data; @@ -487,7 +506,7 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, result->codeBase = code; result->numModules = 0; result->modules = NULL; - result->initialized = 0; + result->initialized = FALSE; result->isDLL = (old_header->FileHeader.Characteristics & IMAGE_FILE_DLL) != 0; result->loadLibrary = loadLibrary; result->getProcAddress = getProcAddress; @@ -511,14 +530,16 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, result->headers->OptionalHeader.ImageBase = (uintptr_t)code; // copy sections from DLL file block to new memory location - CopySections((const unsigned char *) data, old_header, result); + if (!CopySections((const unsigned char *) data, old_header, result)) { + goto error; + } // adjust base address of imported data locationDelta = (SIZE_T)(code - old_header->OptionalHeader.ImageBase); if (locationDelta != 0) { result->isRelocated = PerformBaseRelocation(result, locationDelta); } else { - result->isRelocated = 1; + result->isRelocated = TRUE; } // load required dlls and adjust function table of imports @@ -528,22 +549,26 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, // mark memory pages depending on section headers and release // sections that are marked as "discardable" - FinalizeSections(result); + if (!FinalizeSections(result)) { + goto error; + } // TLS callbacks are executed BEFORE the main loading - ExecuteTLS(result); + if (!ExecuteTLS(result)) { + goto error; + } // get entry point of loaded library if (result->headers->OptionalHeader.AddressOfEntryPoint != 0) { if (result->isDLL) { DllEntryProc DllEntry = (DllEntryProc) (code + result->headers->OptionalHeader.AddressOfEntryPoint); // notify library about attaching to process - successfull = (*DllEntry)((HINSTANCE)code, DLL_PROCESS_ATTACH, 0); + BOOL successfull = (*DllEntry)((HINSTANCE)code, DLL_PROCESS_ATTACH, 0); if (!successfull) { SetLastError(ERROR_DLL_INIT_FAILED); goto error; } - result->initialized = 1; + result->initialized = TRUE; } else { result->exeEntry = (ExeEntryProc) (code + result->headers->OptionalHeader.AddressOfEntryPoint); } @@ -611,32 +636,32 @@ void MemoryFreeLibrary(HMEMORYMODULE mod) int i; PMEMORYMODULE module = (PMEMORYMODULE)mod; - if (module != NULL) { - if (module->initialized != 0) { - // notify library about detaching from process - DllEntryProc DllEntry = (DllEntryProc) (module->codeBase + module->headers->OptionalHeader.AddressOfEntryPoint); - (*DllEntry)((HINSTANCE)module->codeBase, DLL_PROCESS_DETACH, 0); - module->initialized = 0; - } + if (module == NULL) { + return; + } + if (module->initialized) { + // notify library about detaching from process + DllEntryProc DllEntry = (DllEntryProc) (module->codeBase + module->headers->OptionalHeader.AddressOfEntryPoint); + (*DllEntry)((HINSTANCE)module->codeBase, DLL_PROCESS_DETACH, 0); + } - if (module->modules != NULL) { - // free previously opened libraries - for (i=0; inumModules; i++) { - if (module->modules[i] != NULL) { - module->freeLibrary(module->modules[i], module->userdata); - } + if (module->modules != NULL) { + // free previously opened libraries + for (i=0; inumModules; i++) { + if (module->modules[i] != NULL) { + module->freeLibrary(module->modules[i], module->userdata); } - - free(module->modules); } - if (module->codeBase != NULL) { - // release memory of library - VirtualFree(module->codeBase, 0, MEM_RELEASE); - } + free(module->modules); + } - HeapFree(GetProcessHeap(), 0, module); + if (module->codeBase != NULL) { + // release memory of library + VirtualFree(module->codeBase, 0, MEM_RELEASE); } + + HeapFree(GetProcessHeap(), 0, module); } int MemoryCallEntryPoint(HMEMORYMODULE mod) From 463447c1ed66359b91d3a6db16aa4f32bb1d5406 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sun, 1 Mar 2015 00:04:38 +0100 Subject: [PATCH 22/94] Reduced scope of variable. --- MemoryModule.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MemoryModule.c b/MemoryModule.c index 658ed92..fb17040 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -633,7 +633,6 @@ FARPROC MemoryGetProcAddress(HMEMORYMODULE module, LPCSTR name) void MemoryFreeLibrary(HMEMORYMODULE mod) { - int i; PMEMORYMODULE module = (PMEMORYMODULE)mod; if (module == NULL) { @@ -647,6 +646,7 @@ void MemoryFreeLibrary(HMEMORYMODULE mod) if (module->modules != NULL) { // free previously opened libraries + int i; for (i=0; inumModules; i++) { if (module->modules[i] != NULL) { module->freeLibrary(module->modules[i], module->userdata); From 36574a5638f6b6ff7ec138003a2e3ef4710495db Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sun, 1 Mar 2015 00:32:38 +0100 Subject: [PATCH 23/94] Handle case where resource to load is NULL. --- MemoryModule.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/MemoryModule.c b/MemoryModule.c index fb17040..8a348a1 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -825,6 +825,9 @@ HMEMORYRSRC MemoryFindResourceEx(HMEMORYMODULE module, LPCTSTR name, LPCTSTR typ DWORD MemorySizeofResource(HMEMORYMODULE module, HMEMORYRSRC resource) { PIMAGE_RESOURCE_DATA_ENTRY entry = (PIMAGE_RESOURCE_DATA_ENTRY) resource; + if (entry == NULL) { + return 0; + } return entry->Size; } @@ -833,6 +836,9 @@ LPVOID MemoryLoadResource(HMEMORYMODULE module, HMEMORYRSRC resource) { unsigned char *codeBase = ((PMEMORYMODULE) module)->codeBase; PIMAGE_RESOURCE_DATA_ENTRY entry = (PIMAGE_RESOURCE_DATA_ENTRY) resource; + if (entry == NULL) { + return NULL; + } return codeBase + entry->OffsetToData; } From 2da44d00e984e514965ab6d8b37d1e47635e89a5 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sun, 1 Mar 2015 01:04:17 +0100 Subject: [PATCH 24/94] Run more tests with sample DLLs. --- .gitignore | 2 ++ .travis.yml | 1 + Makefile | 7 ++-- tests/LoadDll.cpp | 88 +++++++++++++++++++++++++++++++++++++++++++++ tests/Makefile | 82 ++++++++++++++++++++++++++++++++++++++++++ tests/SampleDLL.cpp | 10 ++++++ tests/SampleDLL.h | 11 ++++++ tests/SampleDLL.rc | 34 ++++++++++++++++++ tests/runtests.sh | 20 +++++++++++ 9 files changed, 253 insertions(+), 2 deletions(-) create mode 100644 tests/LoadDll.cpp create mode 100644 tests/Makefile create mode 100644 tests/SampleDLL.cpp create mode 100644 tests/SampleDLL.h create mode 100644 tests/SampleDLL.rc create mode 100755 tests/runtests.sh diff --git a/.gitignore b/.gitignore index 8cc774f..6c07d24 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ *.o *.obj *.exe +tests/*.dll +tests/*.res diff --git a/.travis.yml b/.travis.yml index 2af19ce..9182c08 100644 --- a/.travis.yml +++ b/.travis.yml @@ -19,3 +19,4 @@ script: - cd example/DllLoader - WINEPREFIX=`pwd`/$WINE WINEPATH=/usr/lib/gcc/$PLATFORM-w64-mingw32/4.6/ $WINE ./DllLoader.exe - WINEPREFIX=`pwd`/$WINE WINEPATH=/usr/lib/gcc/$PLATFORM-w64-mingw32/4.6/ $WINE ./DllLoaderLoader.exe + - make test PLATFORM=$PLATFORM UNICODE=$UNICODE diff --git a/Makefile b/Makefile index d41c588..590c6e6 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -SUBDIRS = example +SUBDIRS = example tests .PHONY: subdirs $(SUBDIRS) @@ -13,5 +13,8 @@ clean: $(CLEANDIRS) $(CLEANDIRS): $(MAKE) -C $(@:clean-%=%) clean +test: + $(MAKE) -C tests test + .PHONY: subdirs $(INSTALLDIRS) -.PHONY: clean +.PHONY: clean test diff --git a/tests/LoadDll.cpp b/tests/LoadDll.cpp new file mode 100644 index 0000000..b5074a7 --- /dev/null +++ b/tests/LoadDll.cpp @@ -0,0 +1,88 @@ +#define WIN32_LEAN_AND_MEAN + +#include +#include +#include +#include + +#include "../MemoryModule.h" + +typedef int (*addNumberProc)(int, int); + +BOOL LoadFromMemory(char *filename) +{ + FILE *fp; + unsigned char *data=NULL; + size_t size; + HMEMORYMODULE handle; + addNumberProc addNumber; + HMEMORYRSRC resourceInfo; + DWORD resourceSize; + LPVOID resourceData; + TCHAR buffer[100]; + BOOL result = TRUE; + + fp = fopen(filename, "rb"); + if (fp == NULL) + { + printf("Can't open DLL file \"%s\".", filename); + result = FALSE; + goto exit; + } + + fseek(fp, 0, SEEK_END); + size = ftell(fp); + data = (unsigned char *)malloc(size); + fseek(fp, 0, SEEK_SET); + fread(data, 1, size, fp); + fclose(fp); + + handle = MemoryLoadLibrary(data); + if (handle == NULL) + { + _tprintf(_T("Can't load library from memory.\n")); + result = FALSE; + goto exit; + } + + addNumber = (addNumberProc)MemoryGetProcAddress(handle, "addNumbers"); + _tprintf(_T("From memory: %d\n"), addNumber(1, 2)); + + resourceInfo = MemoryFindResource(handle, MAKEINTRESOURCE(VS_VERSION_INFO), RT_VERSION); + _tprintf(_T("MemoryFindResource returned 0x%p\n"), resourceInfo); + + if (resourceInfo != NULL) { + resourceSize = MemorySizeofResource(handle, resourceInfo); + resourceData = MemoryLoadResource(handle, resourceInfo); + _tprintf(_T("Memory resource data: %ld bytes at 0x%p\n"), resourceSize, resourceData); + + MemoryLoadString(handle, 1, buffer, sizeof(buffer)); + _tprintf(_T("String1: %s\n"), buffer); + + MemoryLoadString(handle, 20, buffer, sizeof(buffer)); + _tprintf(_T("String2: %s\n"), buffer); + } else { + result = FALSE; + } + + MemoryFreeLibrary(handle); + +exit: + if (data) + free(data); + return result; +} + +int main(int argc, char* argv[]) +{ + if (argc < 2) { + fprintf(stderr, "USAGE: %s \n", argv[0]); + return 1; + } + + if (!LoadFromMemory(argv[1])) { + return 2; + } + + return 0; +} diff --git a/tests/Makefile b/tests/Makefile new file mode 100644 index 0000000..aafc6db --- /dev/null +++ b/tests/Makefile @@ -0,0 +1,82 @@ +UNAME := $(shell uname) + +ifeq ($(UNAME), Linux) +ifndef PLATFORM +PLATFORM = i686 +endif +CC = $(PLATFORM)-w64-mingw32-g++ +CXX = $(PLATFORM)-w64-mingw32-g++ +LD = $(PLATFORM)-w64-mingw32-ld +RC = $(PLATFORM)-w64-mingw32-windres +else +CC = g++ +CXX = g++ +LD = ld +RC = rc +endif + +RM = rm +CFLAGS = -Wall -g +LDFLAGS = +RCFLAGS = -O coff + +ifdef UNICODE +CFLAGS += -DUNICODE -D_UNICODE +endif + +CFLAGS_DLL = -DSAMPLEDLL_EXPORTS +CFLAGS_EXE = +LDFLAGS_DLL = -shared +LDFLAGS_EXE = -static + +TEST_DLLS = \ + test-align-128.dll \ + test-align-256.dll \ + test-align-512.dll \ + test-align-768.dll \ + test-align-1024.dll \ + test-align-2048.dll \ + test-align-3072.dll \ + test-align-4096.dll \ + test-align-100.dll \ + test-align-200.dll \ + test-align-300.dll \ + test-align-400.dll \ + test-align-500.dll \ + test-align-600.dll \ + test-align-800.dll \ + test-align-900.dll \ + test-align-1000.dll \ + test-relocate.dll \ + +LOADDLL_OBJ = LoadDll.o ../MemoryModule.o +DLL_OBJ = SampleDLL.o SampleDLL.res + +all: LoadDll.exe $(TEST_DLLS) + +LoadDll.exe: $(LOADDLL_OBJ) + $(CC) $(LDFLAGS_EXE) $(LDFLAGS) -Wl,--image-base -Wl,0x20000000 -o LoadDll.exe $(LOADDLL_OBJ) + +LoadDll.o: LoadDll.cpp + $(CXX) $(CFLAGS) $(CFLAGS_EXE) -c $< + +test-align-%.dll: $(DLL_OBJ) + $(LD) $(LDFLAGS_DLL) $(LDFLAGS) --file-alignment $* --section-alignment $* -o $@ $(DLL_OBJ) + +test-relocate.dll: $(DLL_OBJ) + $(CXX) $(LDFLAGS_DLL) $(LDFLAGS) -Wl,--image-base -Wl,0x20000000 -o $@ $(DLL_OBJ) + +%.o: %.cpp + $(CXX) $(CFLAGS) $(CFLAGS_DLL) -c $< + +%.o: %.cc + $(CC) $(CFLAGS) $(CFLAGS_DLL) -c $< + +%.res: %.rc + $(RC) $(RCFLAGS) -o $*.res $< + +clean: + $(RM) -rf LoadDll.exe $(TEST_DLLS) $(LOADDLL_OBJ) $(DLL_OBJ) + +test: all + ./runtests.sh $(PLATFORM) "$(TEST_DLLS)" diff --git a/tests/SampleDLL.cpp b/tests/SampleDLL.cpp new file mode 100644 index 0000000..7bf03ef --- /dev/null +++ b/tests/SampleDLL.cpp @@ -0,0 +1,10 @@ +#include "SampleDLL.h" + +extern "C" { + +SAMPLEDLL_API int addNumbers(int a, int b) +{ + return a + b; +} + +} diff --git a/tests/SampleDLL.h b/tests/SampleDLL.h new file mode 100644 index 0000000..2662c3c --- /dev/null +++ b/tests/SampleDLL.h @@ -0,0 +1,11 @@ +extern "C" { + +#ifdef SAMPLEDLL_EXPORTS +#define SAMPLEDLL_API __declspec(dllexport) +#else +#define SAMPLEDLL_API __declspec(dllimport) +#endif + +SAMPLEDLL_API int addNumbers(int a, int b); + +} diff --git a/tests/SampleDLL.rc b/tests/SampleDLL.rc new file mode 100644 index 0000000..5a0da61 --- /dev/null +++ b/tests/SampleDLL.rc @@ -0,0 +1,34 @@ +1 VERSIONINFO +FILEVERSION 1,0,0,0 +PRODUCTVERSION 1,0,0,0 +BEGIN + BLOCK "StringFileInfo" + BEGIN + BLOCK "040904E4" + BEGIN + VALUE "CompanyName", "fancy.code" + VALUE "FileDescription", "SampleDLL" + VALUE "FileVersion", "1.0" + VALUE "InternalName", "SampleDLL" + VALUE "LegalCopyright", "Copyright (c) 2004-2015 Joachim Bauch" + VALUE "OriginalFilename", "SampleDLL.dll" + VALUE "ProductName", "MemoryModule" + VALUE "ProductVersion", "0.0.4" + END + END + + BLOCK "VarFileInfo" + BEGIN + VALUE "Translation", 0x409, 1252 + END +END + + +#define IDS_HELLO 1 +#define IDS_WORLD 20 + +STRINGTABLE +{ + IDS_HELLO, "Hello" + IDS_WORLD, "World!" +} diff --git a/tests/runtests.sh b/tests/runtests.sh new file mode 100755 index 0000000..f998f13 --- /dev/null +++ b/tests/runtests.sh @@ -0,0 +1,20 @@ +#!/bin/bash +if [ "$1" = "x86_64" ]; then + export WINEPREFIX=${HOME}/.wine64/ +else + export WINEPREFIX=${HOME}/.wine/ +fi + +read -a TEST_DLLS <<< $2 + +for filename in "${TEST_DLLS[@]}" +do + : + echo "Testing $filename" + ./LoadDll.exe $filename + if [ "$?" != "0" ]; then + exit 1 + fi +done + +echo "${#TEST_DLLS[@]} tests completed successfully" From 31cbe89bfe9a007ffbdaba87435be30269bacad5 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sun, 1 Mar 2015 01:08:48 +0100 Subject: [PATCH 25/94] Run tests before checking samples manually. --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 9182c08..108523e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,7 +16,7 @@ before_install: script: - make PLATFORM=$PLATFORM UNICODE=$UNICODE + - make test PLATFORM=$PLATFORM UNICODE=$UNICODE - cd example/DllLoader - WINEPREFIX=`pwd`/$WINE WINEPATH=/usr/lib/gcc/$PLATFORM-w64-mingw32/4.6/ $WINE ./DllLoader.exe - WINEPREFIX=`pwd`/$WINE WINEPATH=/usr/lib/gcc/$PLATFORM-w64-mingw32/4.6/ $WINE ./DllLoaderLoader.exe - - make test PLATFORM=$PLATFORM UNICODE=$UNICODE From d9dc0b02709ae1fff65e7d0183a7d8fe17965272 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sun, 1 Mar 2015 01:16:33 +0100 Subject: [PATCH 26/94] Setup additional environment flags for wine. --- tests/runtests.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/tests/runtests.sh b/tests/runtests.sh index f998f13..57d70c6 100755 --- a/tests/runtests.sh +++ b/tests/runtests.sh @@ -1,9 +1,13 @@ #!/bin/bash -if [ "$1" = "x86_64" ]; then +PLATFORM=$1 +if [ "${PLATFORM}" = "x86_64" ]; then export WINEPREFIX=${HOME}/.wine64/ + WINE=wine64 else export WINEPREFIX=${HOME}/.wine/ + WINE=wine fi +export WINEPATH=/usr/lib/gcc/${PLATFORM}-w64-mingw32/4.6/ read -a TEST_DLLS <<< $2 @@ -11,7 +15,7 @@ for filename in "${TEST_DLLS[@]}" do : echo "Testing $filename" - ./LoadDll.exe $filename + ${WINE} ./LoadDll.exe $filename if [ "$?" != "0" ]; then exit 1 fi From dc173cad6ddb7d3afe91b5f3d7b80be1d76df24c Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sun, 1 Mar 2015 01:57:11 +0100 Subject: [PATCH 27/94] Disable alignment of 1000 bytes for now, failing in Travis. --- tests/Makefile | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/Makefile b/tests/Makefile index aafc6db..f167a72 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -46,7 +46,6 @@ TEST_DLLS = \ test-align-600.dll \ test-align-800.dll \ test-align-900.dll \ - test-align-1000.dll \ test-relocate.dll \ LOADDLL_OBJ = LoadDll.o ../MemoryModule.o From 89e02fcd9edc6bfb82890757d4269d3fb5ec2186 Mon Sep 17 00:00:00 2001 From: Fr0sT-Brutal Date: Thu, 12 Mar 2015 20:11:05 +0300 Subject: [PATCH 28/94] Zero the memory allocated in the heap Using HEAP_ZERO_MEMORY parameter of HeapAlloc function we can fill all the struct contents with zeros thus removing possible bugs with uninitialized members and slightly shortening/speeding up the code --- MemoryModule.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/MemoryModule.c b/MemoryModule.c index 8a348a1..682b95d 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -496,7 +496,7 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, } } - result = (PMEMORYMODULE)HeapAlloc(GetProcessHeap(), 0, sizeof(MEMORYMODULE)); + result = (PMEMORYMODULE)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(MEMORYMODULE)); if (result == NULL) { SetLastError(ERROR_OUTOFMEMORY); VirtualFree(code, 0, MEM_RELEASE); @@ -504,9 +504,6 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, } result->codeBase = code; - result->numModules = 0; - result->modules = NULL; - result->initialized = FALSE; result->isDLL = (old_header->FileHeader.Characteristics & IMAGE_FILE_DLL) != 0; result->loadLibrary = loadLibrary; result->getProcAddress = getProcAddress; From 82b11d57db127296eafc9029446d44c6c2b67772 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Fri, 13 Mar 2015 16:56:02 +0100 Subject: [PATCH 29/94] Call "VirtualFree" before setting error (fixes #23). --- MemoryModule.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MemoryModule.c b/MemoryModule.c index 682b95d..2efb4f3 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -498,8 +498,8 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, result = (PMEMORYMODULE)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(MEMORYMODULE)); if (result == NULL) { - SetLastError(ERROR_OUTOFMEMORY); VirtualFree(code, 0, MEM_RELEASE); + SetLastError(ERROR_OUTOFMEMORY); return NULL; } From 48d3c5a7f6406b92b2cf8cf76bb6edcdd88e91b9 Mon Sep 17 00:00:00 2001 From: CoolOppo Date: Mon, 6 Apr 2015 15:39:48 -0400 Subject: [PATCH 30/94] Rename readme.txt to readme.rst Makes GitHub actually render the file correctly :unamused: --- doc/{readme.txt => readme.rst} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename doc/{readme.txt => readme.rst} (100%) diff --git a/doc/readme.txt b/doc/readme.rst similarity index 100% rename from doc/readme.txt rename to doc/readme.rst From 6276f4426dd6ff25c991fa33ab7140335a327e8b Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Fri, 21 Aug 2015 22:18:35 +0200 Subject: [PATCH 31/94] Support imports by ordinal value. Code based on pull-request #28. --- MemoryModule.c | 40 +++++++++++++++++++++++++--------------- MemoryModule.h | 3 ++- tests/LoadDll.cpp | 23 +++++++++++++++++++++++ 3 files changed, 50 insertions(+), 16 deletions(-) diff --git a/MemoryModule.c b/MemoryModule.c index 2efb4f3..ba8f7b1 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -584,9 +584,7 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, FARPROC MemoryGetProcAddress(HMEMORYMODULE module, LPCSTR name) { unsigned char *codeBase = ((PMEMORYMODULE)module)->codeBase; - int idx=-1; - DWORD i, *nameRef; - WORD *ordinal; + int idx; PIMAGE_EXPORT_DIRECTORY exports; PIMAGE_DATA_DIRECTORY directory = GET_HEADER_DICTIONARY((PMEMORYMODULE)module, IMAGE_DIRECTORY_ENTRY_EXPORT); if (directory->Size == 0) { @@ -602,20 +600,32 @@ FARPROC MemoryGetProcAddress(HMEMORYMODULE module, LPCSTR name) return NULL; } - // search function name in list of exported names - nameRef = (DWORD *) (codeBase + exports->AddressOfNames); - ordinal = (WORD *) (codeBase + exports->AddressOfNameOrdinals); - for (i=0; iNumberOfNames; i++, nameRef++, ordinal++) { - if (_stricmp(name, (const char *) (codeBase + (*nameRef))) == 0) { - idx = *ordinal; - break; + if (HIWORD(name) == 0) { + // load function by ordinal value + if (LOWORD(name) < exports->Base) { + SetLastError(ERROR_PROC_NOT_FOUND); + return NULL; } - } - if (idx == -1) { - // exported symbol not found - SetLastError(ERROR_PROC_NOT_FOUND); - return NULL; + idx = LOWORD(name) - exports->Base; + } else { + // search function name in list of exported names + DWORD i; + DWORD *nameRef = (DWORD *) (codeBase + exports->AddressOfNames); + WORD *ordinal = (WORD *) (codeBase + exports->AddressOfNameOrdinals); + idx = -1; + for (i=0; iNumberOfNames; i++, nameRef++, ordinal++) { + if (_stricmp(name, (const char *) (codeBase + (*nameRef))) == 0) { + idx = *ordinal; + break; + } + } + + if (idx == -1) { + // exported symbol not found + SetLastError(ERROR_PROC_NOT_FOUND); + return NULL; + } } if ((DWORD)idx > exports->NumberOfFunctions) { diff --git a/MemoryModule.h b/MemoryModule.h index 9174ad2..c19255c 100644 --- a/MemoryModule.h +++ b/MemoryModule.h @@ -63,7 +63,8 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *, void *); /** - * Get address of exported method. + * Get address of exported method. Supports loading both by name and by + * ordinal value. */ FARPROC MemoryGetProcAddress(HMEMORYMODULE, LPCSTR); diff --git a/tests/LoadDll.cpp b/tests/LoadDll.cpp index b5074a7..7bf54c8 100644 --- a/tests/LoadDll.cpp +++ b/tests/LoadDll.cpp @@ -16,6 +16,7 @@ BOOL LoadFromMemory(char *filename) size_t size; HMEMORYMODULE handle; addNumberProc addNumber; + addNumberProc addNumber2; HMEMORYRSRC resourceInfo; DWORD resourceSize; LPVOID resourceData; @@ -45,9 +46,31 @@ BOOL LoadFromMemory(char *filename) goto exit; } + addNumber = (addNumberProc)MemoryGetProcAddress(handle, NULL); + if (addNumber != NULL) { + _tprintf(_T("MemoryGetProcAddress(NULL) returned %p\n"), addNumber); + result = FALSE; + goto exit; + } + + addNumber = (addNumberProc)MemoryGetProcAddress(handle, reinterpret_cast(0xff)); + if (addNumber != NULL) { + _tprintf(_T("MemoryGetProcAddress(0xff) returned %p\n"), addNumber); + result = FALSE; + goto exit; + } + addNumber = (addNumberProc)MemoryGetProcAddress(handle, "addNumbers"); _tprintf(_T("From memory: %d\n"), addNumber(1, 2)); + // the DLL only exports one function, try to load by ordinal value + addNumber2 = (addNumberProc)MemoryGetProcAddress(handle, reinterpret_cast(0x01)); + if (addNumber != addNumber2) { + _tprintf(_T("MemoryGetProcAddress(0x01) returned %p (expected %p)\n"), addNumber2, addNumber); + result = FALSE; + goto exit; + } + resourceInfo = MemoryFindResource(handle, MAKEINTRESOURCE(VS_VERSION_INFO), RT_VERSION); _tprintf(_T("MemoryFindResource returned 0x%p\n"), resourceInfo); From 83899ac7f79359131dbffb1c170c4e33919cf1fc Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Fri, 21 Aug 2015 22:26:50 +0200 Subject: [PATCH 32/94] Use DWORD directly to avoid cast. --- MemoryModule.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/MemoryModule.c b/MemoryModule.c index ba8f7b1..b4fc5cc 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -584,7 +584,7 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, FARPROC MemoryGetProcAddress(HMEMORYMODULE module, LPCSTR name) { unsigned char *codeBase = ((PMEMORYMODULE)module)->codeBase; - int idx; + DWORD idx; PIMAGE_EXPORT_DIRECTORY exports; PIMAGE_DATA_DIRECTORY directory = GET_HEADER_DICTIONARY((PMEMORYMODULE)module, IMAGE_DIRECTORY_ENTRY_EXPORT); if (directory->Size == 0) { @@ -613,22 +613,23 @@ FARPROC MemoryGetProcAddress(HMEMORYMODULE module, LPCSTR name) DWORD i; DWORD *nameRef = (DWORD *) (codeBase + exports->AddressOfNames); WORD *ordinal = (WORD *) (codeBase + exports->AddressOfNameOrdinals); - idx = -1; + BOOL found = FALSE; for (i=0; iNumberOfNames; i++, nameRef++, ordinal++) { if (_stricmp(name, (const char *) (codeBase + (*nameRef))) == 0) { idx = *ordinal; + found = TRUE; break; } } - if (idx == -1) { + if (!found) { // exported symbol not found SetLastError(ERROR_PROC_NOT_FOUND); return NULL; } } - if ((DWORD)idx > exports->NumberOfFunctions) { + if (idx > exports->NumberOfFunctions) { // name <-> ordinal number don't match SetLastError(ERROR_PROC_NOT_FOUND); return NULL; From db9c2389f2e2a083e8d6071f02ef6f0433782ec0 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Fri, 21 Aug 2015 23:56:49 +0200 Subject: [PATCH 33/94] Fix compilation of tests with UNICODE defined. --- tests/LoadDll.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/LoadDll.cpp b/tests/LoadDll.cpp index 7bf54c8..4413f48 100644 --- a/tests/LoadDll.cpp +++ b/tests/LoadDll.cpp @@ -53,7 +53,7 @@ BOOL LoadFromMemory(char *filename) goto exit; } - addNumber = (addNumberProc)MemoryGetProcAddress(handle, reinterpret_cast(0xff)); + addNumber = (addNumberProc)MemoryGetProcAddress(handle, reinterpret_cast(0xff)); if (addNumber != NULL) { _tprintf(_T("MemoryGetProcAddress(0xff) returned %p\n"), addNumber); result = FALSE; @@ -64,7 +64,7 @@ BOOL LoadFromMemory(char *filename) _tprintf(_T("From memory: %d\n"), addNumber(1, 2)); // the DLL only exports one function, try to load by ordinal value - addNumber2 = (addNumberProc)MemoryGetProcAddress(handle, reinterpret_cast(0x01)); + addNumber2 = (addNumberProc)MemoryGetProcAddress(handle, reinterpret_cast(0x01)); if (addNumber != addNumber2) { _tprintf(_T("MemoryGetProcAddress(0x01) returned %p (expected %p)\n"), addNumber2, addNumber); result = FALSE; From 78330cd2f1ceb61829d40d9e137e571070242146 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Fri, 21 Aug 2015 23:59:29 +0200 Subject: [PATCH 34/94] Simplify package installation. --- .travis.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 108523e..7d08b80 100644 --- a/.travis.yml +++ b/.travis.yml @@ -11,8 +11,7 @@ cache: before_install: - sudo apt-get update -qq - - sh -c "if [ '$PLATFORM' = 'i686' ]; then sudo apt-get install -qq wine gcc-mingw-w64-i686 g++-mingw-w64-i686 binutils-mingw-w64-i686 mingw-w64-dev; fi" - - sh -c "if [ '$PLATFORM' = 'x86_64' ]; then sudo apt-get install -qq wine gcc-mingw-w64-x86-64 g++-mingw-w64-x86-64 binutils-mingw-w64-x86-64 mingw-w64-dev; fi" + - sudo apt-get install -qq wine gcc-mingw-w64-$PLATFORM g++-mingw-w64-$PLATFORM binutils-mingw-w64-$PLATFORM mingw-w64-dev script: - make PLATFORM=$PLATFORM UNICODE=$UNICODE From 5a0c512885b944c13b47423485e6abb94519f958 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sat, 22 Aug 2015 00:02:25 +0200 Subject: [PATCH 35/94] Revert 78330cd2f1ceb61829d40d9e137e571070242146, package names don't match platform. --- .travis.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 7d08b80..108523e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -11,7 +11,8 @@ cache: before_install: - sudo apt-get update -qq - - sudo apt-get install -qq wine gcc-mingw-w64-$PLATFORM g++-mingw-w64-$PLATFORM binutils-mingw-w64-$PLATFORM mingw-w64-dev + - sh -c "if [ '$PLATFORM' = 'i686' ]; then sudo apt-get install -qq wine gcc-mingw-w64-i686 g++-mingw-w64-i686 binutils-mingw-w64-i686 mingw-w64-dev; fi" + - sh -c "if [ '$PLATFORM' = 'x86_64' ]; then sudo apt-get install -qq wine gcc-mingw-w64-x86-64 g++-mingw-w64-x86-64 binutils-mingw-w64-x86-64 mingw-w64-dev; fi" script: - make PLATFORM=$PLATFORM UNICODE=$UNICODE From 70c497701952c9557c4c268709f07658fd11f4aa Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sat, 22 Aug 2015 00:10:01 +0200 Subject: [PATCH 36/94] Switch to container-based infrastructure. --- .travis.yml | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index 108523e..629c752 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,3 +1,5 @@ +sudo: false + env: - PLATFORM=x86_64 WINE=wine64 UNICODE= - PLATFORM=i686 WINE=wine UNICODE= @@ -8,11 +10,19 @@ language: cpp cache: - apt + - ccache -before_install: - - sudo apt-get update -qq - - sh -c "if [ '$PLATFORM' = 'i686' ]; then sudo apt-get install -qq wine gcc-mingw-w64-i686 g++-mingw-w64-i686 binutils-mingw-w64-i686 mingw-w64-dev; fi" - - sh -c "if [ '$PLATFORM' = 'x86_64' ]; then sudo apt-get install -qq wine gcc-mingw-w64-x86-64 g++-mingw-w64-x86-64 binutils-mingw-w64-x86-64 mingw-w64-dev; fi" +addons: + apt: + packages: + - binutils-mingw-w64-i686 + - binutils-mingw-w64-x86-64 + - mingw-w64-dev + - g++-mingw-w64-i686 + - g++-mingw-w64-x86-64 + - gcc-mingw-w64-i686 + - gcc-mingw-w64-x86-64 + - wine script: - make PLATFORM=$PLATFORM UNICODE=$UNICODE From 8c3d253325ed718ef5d26a25964a4cd2e24b4ba3 Mon Sep 17 00:00:00 2001 From: Joachim Bauch Date: Sat, 22 Aug 2015 00:32:13 +0200 Subject: [PATCH 37/94] Support building with cmake. --- .travis.yml | 21 ++++++++++----- CMakeLists.txt | 45 ++++++++++++++++++++++++++++++++ example/CMakeLists.txt | 2 ++ example/DllLoader/CMakeLists.txt | 26 ++++++++++++++++++ example/SampleDLL/CMakeLists.txt | 12 +++++++++ 5 files changed, 100 insertions(+), 6 deletions(-) create mode 100644 CMakeLists.txt create mode 100644 example/CMakeLists.txt create mode 100644 example/DllLoader/CMakeLists.txt create mode 100644 example/SampleDLL/CMakeLists.txt diff --git a/.travis.yml b/.travis.yml index 629c752..e9dcb84 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,10 +1,14 @@ sudo: false env: - - PLATFORM=x86_64 WINE=wine64 UNICODE= - - PLATFORM=i686 WINE=wine UNICODE= - - PLATFORM=x86_64 WINE=wine64 UNICODE=1 - - PLATFORM=i686 WINE=wine UNICODE=1 + - PLATFORM=x86_64 WINE=wine64 UNICODE= CMAKE= + - PLATFORM=i686 WINE=wine UNICODE= CMAKE= + - PLATFORM=x86_64 WINE=wine64 UNICODE=1 CMAKE= + - PLATFORM=i686 WINE=wine UNICODE=1 CMAKE= + - PLATFORM=x86_64 WINE=wine64 UNICODE= CMAKE=1 + - PLATFORM=i686 WINE=wine UNICODE= CMAKE=1 + - PLATFORM=x86_64 WINE=wine64 UNICODE=1 CMAKE=1 + - PLATFORM=i686 WINE=wine UNICODE=1 CMAKE=1 language: cpp @@ -17,6 +21,7 @@ addons: packages: - binutils-mingw-w64-i686 - binutils-mingw-w64-x86-64 + - cmake - mingw-w64-dev - g++-mingw-w64-i686 - g++-mingw-w64-x86-64 @@ -24,9 +29,13 @@ addons: - gcc-mingw-w64-x86-64 - wine +before_script: + - if [ ! -z "$CMAKE" ]; then cmake -DPLATFORM=$PLATFORM -D UNICODE=$UNICODE -H. -B.; fi + script: - - make PLATFORM=$PLATFORM UNICODE=$UNICODE - - make test PLATFORM=$PLATFORM UNICODE=$UNICODE + - if [ -z "$CMAKE" ]; then make PLATFORM=$PLATFORM UNICODE=$UNICODE; fi + - if [ -z "$CMAKE" ]; then make test PLATFORM=$PLATFORM UNICODE=$UNICODE; fi + - if [ ! -z "$CMAKE" ]; then cmake --build .; fi - cd example/DllLoader - WINEPREFIX=`pwd`/$WINE WINEPATH=/usr/lib/gcc/$PLATFORM-w64-mingw32/4.6/ $WINE ./DllLoader.exe - WINEPREFIX=`pwd`/$WINE WINEPATH=/usr/lib/gcc/$PLATFORM-w64-mingw32/4.6/ $WINE ./DllLoaderLoader.exe diff --git a/CMakeLists.txt b/CMakeLists.txt new file mode 100644 index 0000000..52aed26 --- /dev/null +++ b/CMakeLists.txt @@ -0,0 +1,45 @@ +project (MemoryModule) +cmake_minimum_required (VERSION 2.8.7) + +set (PLATFORM "x86_64" CACHE STRING "Platform to compile for") +message (STATUS "Compile for ${PLATFORM} platform") + +if (NOT MSVC) + set (CMAKE_SYSTEM_NAME Windows) + set (CMAKE_POSITION_INDEPENDENT_CODE False) + + set (COMPILER_PREFIX "${PLATFORM}-w64-mingw32") + set (CMAKE_C_COMPILER "${COMPILER_PREFIX}-gcc") + set (CMAKE_CXX_COMPILER "${COMPILER_PREFIX}-g++") + set (CMAKE_RC_COMPILER "${COMPILER_PREFIX}-windres") + set (CMAKE_AR "${COMPILER_PREFIX}-ar") + set (CMAKE_RANLIB "${COMPILER_PREFIX}-ranlib") + + set (CMAKE_FIND_ROOT_PATH_MODE_PROGRAM NEVER) + set (CMAKE_FIND_ROOT_PATH_MODE_LIBRARY ONLY) + set (CMAKE_FIND_ROOT_PATH_MODE_INCLUDE ONLY) + + set (CMAKE_SHARED_LIBRARY_LINK_C_FLAGS "") + set (CMAKE_SHARED_LIBRARY_LINK_CXX_FLAGS "") + + set (CMAKE_RC_COMPILE_OBJECT "${CMAKE_RC_COMPILER} -O coff -I${CMAKE_CURRENT_SOURCE_DIR}

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.