运行时错误从FarProc到使用Varargs的功能指针
我正在研究一个不再保存或加载文件的旧程序。当在DLL中四处寻找一个起点时,我注意到默认情况下有一些残疾人的记录功能,但仍应工作。使用代理DLL,我通过调用来自真实DLL的正确函数来激活日志记录。但是,我一直坚持使用实际的记录函数,因为每当我接近使用它们时,程序都会带有错误0xc000000142。所有涉及的二进制文件均为32位。
这是我在代理dll中所做的事情:
// undname ?ForceDebugLog@@YAXXZ = void __cdecl ForceDebugLog(void)
typedef void (*FDLAddr_t)(void);
FDLAddr_t ForceDebugLog;
// undname ?LogInfo@@YAXPBDZZ = void __cdecl LogInfo(char const *,...)
typedef void (*LIAddr_t)(char const *, ...);
LIAddr_t LogInfo;
// called on DLL_PROCESS_ATTACH
void setupFuncs() {
HMODULE trueDll= GetModuleHandleA(".\\realDll.dll");
ForceDebugLog = (FDLAddr_t)GetProcAddress(realDll, "?ForceDebugLog@@YAXXZ");
// LogInfo = (LIAddr_t)GetProcAddress(realDll, "?LogInfo@@YAXPBDZZ");
}
现在,我可以做codedebuglog(),并且启用了记录。但是,一旦我输入loginfo行,该程序在启动时崩溃,Windows显示错误0xc000000142。
进一步的实验表明,getProcaddress在DLL中返回loginfo的地址,即这是正确的。另外,如果loginfo是farproc,一切都可以。一旦将铸件添加到liaddr_t中,错误就会返回。
我该如何解决这个问题?我需要采取不同的方法来使用varargs的功能?如果这是必须使用C ++结构来解决的问题,那也很好。
I'm working on an old program that doesn't save or load its files anymore. While looking around in a DLL for a place to start, I noticed that there is some logging functionality that is disabled by default but should still work. Using a proxy DLL, I managed to activate logging by calling the right functions from the real DLL. However, I got stuck at using the actual logging functions, as the program crashes with Error 0xc0000142 whenever I get close to using them. All binaries involved are 32 bit.
Here's what I'm doing in my proxy DLL:
// undname ?ForceDebugLog@@YAXXZ = void __cdecl ForceDebugLog(void)
typedef void (*FDLAddr_t)(void);
FDLAddr_t ForceDebugLog;
// undname ?LogInfo@@YAXPBDZZ = void __cdecl LogInfo(char const *,...)
typedef void (*LIAddr_t)(char const *, ...);
LIAddr_t LogInfo;
// called on DLL_PROCESS_ATTACH
void setupFuncs() {
HMODULE trueDll= GetModuleHandleA(".\\realDll.dll");
ForceDebugLog = (FDLAddr_t)GetProcAddress(realDll, "?ForceDebugLog@@YAXXZ");
// LogInfo = (LIAddr_t)GetProcAddress(realDll, "?LogInfo@@YAXPBDZZ");
}
Now, I can just do ForceDebugLog() and logging gets enabled. However, as soon as I uncomment the LogInfo line, the program crashes on startup with Windows showing the error 0xc0000142.
Further experimentation shows that GetProcAddress returns the address of LogInfo in the DLL, i.e. this is working correctly. Also, everything works if LogInfo was a FARPROC. As soon as I add the cast to LIAddr_t, the error comes back.
How can I work around this issue? Do I need to take a different approach for functions with varargs? If this is a problem that has to be solved using C++ constructs, that's fine too.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
对于浪费每个人的时间,我深表歉意。
在吉德拉(Ghidra)看我的DLL时,我注意到我的代码中没有任何定义的字符串。事实证明,一些早期实验的旧对象文件意外链接到DLL。其中一个实验是
loginfo的重新实现,该实验导致编译器/链接器产生不正确的结果而不会引发错误或警告(除非/WD5045抑制了它,否则我非常怀疑)。这具有副作用,我现在必须重新修复makefile。哦,欢乐。
I apologise for the waste of everyone's time.
While looking at my DLL in ghidra, I noticed that there were some strings defined that appeared nowhere in my code. As it turns out, some old object files from earlier experiments were accidentally linked into the DLL. One of the experiments was a reimplementation of
LogInfowhich caused the compiler/linker to produce an incorrect result without throwing an error or warning (unless /wd5045 suppresses it, which I highly doubt).This has the side effect that I now have to rework my makefile. Oh joy.