Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

redirect more of ntdll for more transparent private libraries #235

Open
derekbruening opened this issue Nov 27, 2014 · 6 comments
Open

redirect more of ntdll for more transparent private libraries #235

derekbruening opened this issue Nov 27, 2014 · 6 comments
Labels
Migrated OpSys-Windows Priority-Medium

Comments

@derekbruening
Copy link
Contributor

From [email protected] on November 25, 2009 22:56:25

Since we can't easily have a 2nd copy of ntdll, our 2nd copy of kernel32,
etc. use the same ntdll as the app. We then have to redirect ntdll imports
that use shared resources and could interfere with the app. There is a LOT
of stuff to emulate to really be transparent: we're going to add it
incrementally as needed, now that we have the infrastructure.

I've already added the core Rtl_Heap routines. We should focus next on
the Ldr_ routines. We'll redirect any additional routines as transparency
issues come up.

Original issue: http://code.google.com/p/dynamorio/issues/detail?id=235
@derekbruening
Copy link
Contributor Author

From [email protected] on May 25, 2010 20:56:04

r343 adds redirection of LoadLibraryA to prevent dbghelp.dll from using the app's
kernel32.dll

@derekbruening
Copy link
Contributor Author

From [email protected] on August 20, 2010 16:10:29

r411 fixes Dr. Memory issue #25 where fls data isolation breaks on a reset r411 also fixes a deadlock by intercepting RtlLockHeap and RtlUnlockHeap (called by kernel32!LocalFree) from private libs and turning them into nops for base heap

@derekbruening
Copy link
Contributor Author

From [email protected] on June 06, 2011 02:07:03

pasting in original list for this issue from issue #157 :

  • in particular, redirect Ldr*
  • redirect more Rtl*Heap routines + redirect for other than peb->ProcessHeap
  • redirect Rtl routines that call Rtl*Heap routines directly?
    see notes inside redirect_RtlReAllocateHeap()
  • we'll redirect any additional routines as transparency issues come up
  • handle a duplicate user32: for now giving up and using app's user32 under
    the assumption that clients using user32 are only doing so b/c it was
    pulled in for one or two small routines (e.g., on win2k
    dbghelp->version->lz32->user32) that don't allocate (much) memory or take
    other global actions. a duplicate user32 registers callbacks
    (KiUserCallbackDispatcher called USER32!__fnINOUTLPPOINT5 on calc) that
    the app then executes, which cause problems.
  • try to load duplicate ntdll: has some complexities but may end up being
    the simplest solution to a lot of these issues
  • add tests of clients (xref issue build: convert suite/ to cmake and ctest #65) that use dbghelp.dll and other libs

@derekbruening
Copy link
Contributor Author

From [email protected] on June 07, 2011 06:19:42

  • the shared user32 today doesn't handle dynamically loaded user32

@derekbruening
Copy link
Contributor Author

From [email protected] on November 07, 2012 15:06:53

xref https://code.google.com/p/drmemory/issues/detail?id=1066 where chrome hooks on native ntdll affect priv libs

@derekbruening
Copy link
Contributor Author

From [email protected] on October 23, 2013 11:55:48

I split the user32.dll issues out into issue #1299

This was referenced Nov 27, 2014
Closed
Open
Closed
Closed
Closed
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Migrated OpSys-Windows Priority-Medium
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@derekbruening