This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: "Segmentation fault" CygWin tools with code Injection-MS Detours


Christopher,
That's a possible workaround.
I tried to LD_PRELOAD my Microsoft DLL Hook, & it appears to work, cygwin is loaded correctly, & code is not injected but loaded by cygwin. &
Hooks appears working ! that's a great improvement on my issue. So it appears to be the code injection from one process to another one which is doing crashing cygwin tools !


But..... The LD_PRELOAD is only done one time when loading the first instance of bash !
if starting another instance of a cygwin tool under bash, I can see in my traces a createprocess on bash itself before loading the child process.
I suppose bash forking itself before spawning the child process (ls.exe for exemple). & because the forked process is initiliazed by a setjmp/longjmp, the LD_PRELOAD not read in the forked instance (due to entry point moved by the fork() methode of cygwin)...


Am I wrong or right ?
If yes, & if it is possible to correct this special really interresting undocumented CygWin Feature, I think, it will allow me to trace systems Win32 native call (not cygwin call like strace), in all cygwin tools. Then if a cygwin process will spawn a native Win32 process (not a cygwin), I will be able to inject myself inside (if cygwin does not execute specific code like exec fixup in Win32 native processes !!! )


???????????????????????

Thx in advance for your answer,
Louis



On Thu, Aug 11, 2005 at 02:58:58PM +0200, Louis Lecaroz wrote:

Having (if possible  ;)  ) a patch & a standard modification in cygwin to
allow this type of programming will be really great !



Cygwin has its own (currently undocumented) hooking mechanism. Setting the LD_PRELOAD environment variable to the name of a DLL will cause any function in the DLL to override the similarly named cygwin function. It works similarly to linux:

LD_PRELOAD
 A whitespace-separated list of additional, user-specified, ELF shared
 libraries to be loaded before all others.  This can be used to
 selectively override functions in other shared libraries.

except that it uses DLLs rather than "ELF shared libraries".

cgf



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]