Thread Injection + Cygwin problems

[Christopher Faylor]

On Mon, Jun 19, 2006 at 06:11:57PM -0500, mwoehlke wrote:
>Kaveh Goudarzi wrote:
>>I've written a program to detect the invocation of processes and then
>>inject them with a remote thread in the hope of getting the cmdLine/cwd
>>and environment variables of the running process.
>[snip]
>>I'm not sure how to approach the problem so any advice would be greatly
>>appreciated.
>>
>>Is there an obvious reason why attempting to invoke cygwin calls such
>>as getenv() in an injected thread might result in crashes?  I've also
>>tried cygwin_internal(CW_SYNC_WINENV) with the same result.  I'm
>>running Windows XP and have tried the 20060614 snapshot with the same
>>result.
>
>There are known problems with thread injection and Cygwin.  Are you
>using the latest cygwin.dll snapshot?

He said he was running the latest version of the snapshot (I put back
the part that you snipped above).

The problem may be due to the fact that the injected thread doesn't have
a cygtls area.  If the thread is injected prior to the completion of
cygwin's initialization or if it somehow bypasses the DLL_THREAD_ATTACH
phase of the initialization (which was one problem that I had to deal
with in the dreaded "cygwin loops forever" problem) then there will be
no cygtls area and using cygwin functions will be problematic.

The fix in the snapshots more-or-less assumes that any injected thread
is not going to try to use cygwin functions so, as of right now, it
may not be possible to do what the OP wanted.

cgf

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/