The Big List of Dodgy Apps
Christopher Faylor
cgf-use-the-mailinglist-please@cygwin.com
Tue Mar 20 20:22:00 GMT 2007
On Tue, Mar 20, 2007 at 11:45:22AM -0700, Brian Dessent wrote:
>Dave Korn wrote:
>
>> > I would think it was possible to have cygcheck do something like
>> > sysinternals' process explorer does to get the DLL list, but to do it
>> > only on itself - essentially asking the question "to which DLLs am I
>> > linked?" The expected DLLs can be eliminated from all enquiries. If
>> > the fingerprint of a known offender is detected, it can be reported as
>> > such. Anything else can be reported as a "potential problem".
>>
>> This seems a reasonably good idea. I was thinking at one point of adding it
>> to the cygwin crashdump routines invoked after fork() errors.
>
>It won't work to check "to which DLLs am I linked", at least not in the
>way of inspecting the PE headers of the file on disk. The injecting is
>dynamic, through system hook functions, so you have to use the
>DebugHlp/ImageHlp libraries to inspect the process space, IIRC.
There is already some code in the Cygwin DLL which does this, or comes
close to doing this, in fact: hookapi.cc.
cgf
More information about the Cygwin-talk
mailing list