corkami
corkami copied to clipboard
angea
tinyW7_3264.asm doesn't seem to work anymore
Just to let you know, tinyW7_3264.asm crashes on my Win7 machine.
OS: Windows 7 x64 SP1 (6.1.7601), all updates installed as of 2014-09-06
Crash message:
Unhandled exception at 0x77660c7b (ntdll.dll) in tinyW7_3264.exe: 0xC0000005:
Access violation reading location 0x57682042.
Stack trace:
> ntdll.dll!_LdrpCheckForSecuROMImage@4() + 0x76 bytes
ntdll.dll!_LdrpInitializeProcess@8() + 0x3320e bytes
ntdll.dll!__LdrpInitialize@8() + 0xb4c9 bytes
ntdll.dll!_LdrInitializeThunk@8() + 0x10 bytes
Maybe LdrpCheckForSecuROMImage is some new compatibility shim? Or am I doing
something wrong?
My ntdll.dll is 6.1.7601.18247, md5sum: a2b0924d50f4435fd389499047ce553a
Original issue reported on code.google.com by thecybershadow on 6 Sep 2014 at 12:08
Forgot to mention, tinyW7x64.asm works fine.
Original comment by thecybershadow on 6 Sep 2014 at 12:12
- Added labels: ****
- Removed labels: ****
Here's a fixed version.
Changes:
1. LdrpCheckForSecuROMImage is looking through IMAGE_DIRECTORY_ENTRY_DEBUG. The
directory entry fell square in the middle of the text message, which caused
that ASCII-looking invalid pointer dereference (0x57682042 is 'B hW', minus
0x00400010 that's '2 (W', the fragment from "PE32 (W7"). I resolved this simply
by moving the message after the IMAGE_IMPORT_DESCRIPTOR entries, that way the
debug directory entry overlaps with the nul bytes in the second
IMAGE_IMPORT_DESCRIPTOR.
2. LdrpCheckForSafeDiscImage was doing a strncmp with an address calculated
using IMAGE_OPTIONAL_HEADER.SizeOfHeaders. I filled that in (and adjusted
SizeOfImage, which can't be smaller than SizeOfHeaders apparently).
Original comment by thecybershadow on 6 Sep 2014 at 6:24
- Added labels: ****
- Removed labels: ****
Attachments: