Implemented SEC_IMAGE mappings and shared PE sections (with the help
of Peter Ganten).
diff --git a/loader/pe_image.c b/loader/pe_image.c
index 06dbc1f..cc2a2df 100644
--- a/loader/pe_image.c
+++ b/loader/pe_image.c
@@ -21,17 +21,6 @@
* state MUST be correct since this function can be called with the SAME image
* AGAIN. (Thats recursion for you.) That means MODREF.module and
* NE_MODULE.module32.
- * - Sometimes, we can't use Linux mmap() to mmap() the images directly.
- *
- * The problem is, that there is not direct 1:1 mapping from a diskimage and
- * a memoryimage. The headers at the start are mapped linear, but the sections
- * are not. Older x86 pe binaries are 512 byte aligned in file and 4096 byte
- * aligned in memory. Linux likes them 4096 byte aligned in memory (due to
- * x86 pagesize, this cannot be fixed without a rather large kernel rewrite)
- * and 'blocksize' file-aligned (offsets). Since we have 512/1024/2048 (CDROM)
- * and other byte blocksizes, we can't always do this. We *can* do this for
- * newer pe binaries produced by MSVC 5 and later, since they are also aligned
- * to 4096 byte boundaries on disk.
*/
#include "config.h"
@@ -399,86 +388,85 @@
return 0;
}
-static int calc_vma_size( HMODULE hModule )
+/***********************************************************************
+ * do_relocations
+ *
+ * Apply the relocations to a mapped PE image
+ */
+static int do_relocations( char *base, const IMAGE_NT_HEADERS *nt, const char *filename )
{
- int i,vma_size = 0;
- IMAGE_SECTION_HEADER *pe_seg = PE_SECTIONS(hModule);
+ const IMAGE_DATA_DIRECTORY *dir;
+ const IMAGE_BASE_RELOCATION *rel;
+ int delta = base - (char *)nt->OptionalHeader.ImageBase;
- TRACE("Dump of segment table\n");
- TRACE(" Name VSz Vaddr SzRaw Fileadr *Reloc *Lineum #Reloc #Linum Char\n");
- for (i = 0; i< PE_HEADER(hModule)->FileHeader.NumberOfSections; i++)
+ dir = &nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC];
+ rel = (IMAGE_BASE_RELOCATION *)(base + dir->VirtualAddress);
+
+ WARN("Info: base relocations needed for %s\n", filename);
+ if (!dir->VirtualAddress || !dir->Size)
{
- TRACE("%8s: %4.4lx %8.8lx %8.8lx %8.8lx %8.8lx %8.8lx %4.4x %4.4x %8.8lx\n",
- pe_seg->Name,
- pe_seg->Misc.VirtualSize,
- pe_seg->VirtualAddress,
- pe_seg->SizeOfRawData,
- pe_seg->PointerToRawData,
- pe_seg->PointerToRelocations,
- pe_seg->PointerToLinenumbers,
- pe_seg->NumberOfRelocations,
- pe_seg->NumberOfLinenumbers,
- pe_seg->Characteristics);
- vma_size=max(vma_size, pe_seg->VirtualAddress+pe_seg->SizeOfRawData);
- vma_size=max(vma_size, pe_seg->VirtualAddress+pe_seg->Misc.VirtualSize);
- pe_seg++;
+ if (nt->OptionalHeader.ImageBase == 0x400000)
+ ERR("Standard load address for a Win32 program not available - patched kernel ?\n");
+ ERR( "FATAL: Need to relocate %s, but no relocation records present (%s). Try to run that file directly !\n",
+ filename,
+ (nt->FileHeader.Characteristics&IMAGE_FILE_RELOCS_STRIPPED)?
+ "stripped during link" : "unknown reason" );
+ return 0;
}
- return vma_size;
+
+ /* FIXME: If we need to relocate a system DLL (base > 2GB) we should
+ * really make sure that the *new* base address is also > 2GB.
+ * Some DLLs really check the MSB of the module handle :-/
+ */
+ if ((nt->OptionalHeader.ImageBase & 0x80000000) && !((DWORD)base & 0x80000000))
+ ERR( "Forced to relocate system DLL (base > 2GB). This is not good.\n" );
+
+ while (rel->VirtualAddress)
+ {
+ char *page = base + rel->VirtualAddress;
+ int i, count = (rel->SizeOfBlock - 8) / sizeof(rel->TypeOffset);
+
+ /* sanity checks */
+ if ((char *)rel + rel->SizeOfBlock > base + dir->VirtualAddress + dir->Size ||
+ page > base + nt->OptionalHeader.SizeOfImage)
+ {
+ ERR_(module)("invalid relocation %p,%lx,%ld at %p,%lx,%lx\n",
+ rel, rel->VirtualAddress, rel->SizeOfBlock,
+ base, dir->VirtualAddress, dir->Size );
+ return 0;
+ }
+
+ TRACE_(module)("%ld relocations for page %lx\n", rel->SizeOfBlock, rel->VirtualAddress);
+
+ /* patching in reverse order */
+ for (i = 0 ; i < count; i++)
+ {
+ int offset = rel->TypeOffset[i] & 0xFFF;
+ int type = rel->TypeOffset[i] >> 12;
+ switch(type)
+ {
+ case IMAGE_REL_BASED_ABSOLUTE:
+ break;
+ case IMAGE_REL_BASED_HIGH:
+ *(short*)(page+offset) += HIWORD(delta);
+ break;
+ case IMAGE_REL_BASED_LOW:
+ *(short*)(page+offset) += LOWORD(delta);
+ break;
+ case IMAGE_REL_BASED_HIGHLOW:
+ *(int*)(page+offset) += delta;
+ /* FIXME: if this is an exported address, fire up enhanced logic */
+ break;
+ default:
+ FIXME_(module)("Unknown/unsupported fixup type %d.\n", type);
+ break;
+ }
+ }
+ rel = (IMAGE_BASE_RELOCATION*)((char*)rel + rel->SizeOfBlock);
+ }
+ return 1;
}
-static void do_relocations( unsigned int load_addr, IMAGE_BASE_RELOCATION *r )
-{
- int delta = load_addr - PE_HEADER(load_addr)->OptionalHeader.ImageBase;
- int hdelta = (delta >> 16) & 0xFFFF;
- int ldelta = delta & 0xFFFF;
-
- if(delta == 0)
- /* Nothing to do */
- return;
- while(r->VirtualAddress)
- {
- char *page = (char*) RVA(r->VirtualAddress);
- int count = (r->SizeOfBlock - 8)/2;
- int i;
- TRACE_(fixup)("%x relocations for page %lx\n",
- count, r->VirtualAddress);
- /* patching in reverse order */
- for(i=0;i<count;i++)
- {
- int offset = r->TypeOffset[i] & 0xFFF;
- int type = r->TypeOffset[i] >> 12;
- TRACE_(fixup)("patching %x type %x\n", offset, type);
- switch(type)
- {
- case IMAGE_REL_BASED_ABSOLUTE: break;
- case IMAGE_REL_BASED_HIGH:
- *(short*)(page+offset) += hdelta;
- break;
- case IMAGE_REL_BASED_LOW:
- *(short*)(page+offset) += ldelta;
- break;
- case IMAGE_REL_BASED_HIGHLOW:
- *(int*)(page+offset) += delta;
- /* FIXME: if this is an exported address, fire up enhanced logic */
- break;
- case IMAGE_REL_BASED_HIGHADJ:
- FIXME("Don't know what to do with IMAGE_REL_BASED_HIGHADJ\n");
- break;
- case IMAGE_REL_BASED_MIPS_JMPADDR:
- FIXME("Is this a MIPS machine ???\n");
- break;
- default:
- FIXME("Unknown fixup type %d.\n", type);
- break;
- }
- }
- r = (IMAGE_BASE_RELOCATION*)((char*)r + r->SizeOfBlock);
- }
-}
-
-
-
-
/**********************************************************************
* PE_LoadImage
@@ -492,246 +480,55 @@
*/
HMODULE PE_LoadImage( HANDLE hFile, LPCSTR filename, DWORD flags )
{
- HMODULE hModule;
- HANDLE mapping;
-
IMAGE_NT_HEADERS *nt;
- IMAGE_SECTION_HEADER *pe_sec;
- IMAGE_DATA_DIRECTORY *dir;
- BY_HANDLE_FILE_INFORMATION bhfi;
- int i, rawsize, lowest_va, vma_size, file_size = 0;
- DWORD load_addr = 0, aoep, reloc = 0;
- struct get_read_fd_request *req = get_req_buffer();
- int unix_handle = -1;
- int page_size = VIRTUAL_GetPageSize();
+ HMODULE hModule;
+ HANDLE mapping;
+ void *base;
- /* Retrieve file size */
- if ( GetFileInformationByHandle( hFile, &bhfi ) )
- file_size = bhfi.nFileSizeLow; /* FIXME: 64 bit */
+ TRACE_(module)( "loading %s\n", filename );
- /* Map the PE file somewhere */
- mapping = CreateFileMappingA( hFile, NULL, PAGE_READONLY | SEC_COMMIT,
- 0, 0, NULL );
- if (!mapping)
- {
- WARN("CreateFileMapping error %ld\n", GetLastError() );
- return 0;
- }
- hModule = (HMODULE)MapViewOfFile( mapping, FILE_MAP_READ, 0, 0, 0 );
+ mapping = CreateFileMappingA( hFile, NULL, SEC_IMAGE, 0, 0, NULL );
+ base = MapViewOfFile( mapping, FILE_MAP_READ, 0, 0, 0 );
CloseHandle( mapping );
- if (!hModule)
- {
- WARN("MapViewOfFile error %ld\n", GetLastError() );
- return 0;
- }
- if ( *(WORD*)hModule !=IMAGE_DOS_SIGNATURE)
- {
- WARN("%s image doesn't have DOS signature, but 0x%04x\n", filename,*(WORD*)hModule);
- SetLastError( ERROR_BAD_EXE_FORMAT );
- goto error;
- }
+ if (!base) return 0;
+
+ hModule = (HMODULE)base;
+ if (flags & LOAD_LIBRARY_AS_DATAFILE) return hModule; /* nothing else to do */
+
+ /* perform base relocation, if necessary */
nt = PE_HEADER( hModule );
-
- /* Check signature */
- if ( nt->Signature != IMAGE_NT_SIGNATURE )
+ if (hModule != nt->OptionalHeader.ImageBase)
{
- WARN("%s image doesn't have PE signature, but 0x%08lx\n", filename, nt->Signature );
- SetLastError( ERROR_BAD_EXE_FORMAT );
- goto error;
- }
-
- /* Check architecture */
- if ( nt->FileHeader.Machine != IMAGE_FILE_MACHINE_I386 )
- {
- MESSAGE("Trying to load PE image for unsupported architecture (");
- switch (nt->FileHeader.Machine)
+ if (!do_relocations( base, nt, filename ))
{
- case IMAGE_FILE_MACHINE_UNKNOWN: MESSAGE("Unknown"); break;
- case IMAGE_FILE_MACHINE_I860: MESSAGE("I860"); break;
- case IMAGE_FILE_MACHINE_R3000: MESSAGE("R3000"); break;
- case IMAGE_FILE_MACHINE_R4000: MESSAGE("R4000"); break;
- case IMAGE_FILE_MACHINE_R10000: MESSAGE("R10000"); break;
- case IMAGE_FILE_MACHINE_ALPHA: MESSAGE("Alpha"); break;
- case IMAGE_FILE_MACHINE_POWERPC: MESSAGE("PowerPC"); break;
- default: MESSAGE("Unknown-%04x", nt->FileHeader.Machine); break;
- }
- MESSAGE(")\n");
- SetLastError( ERROR_BAD_EXE_FORMAT );
- goto error;
- }
-
- /* Find out how large this executeable should be */
- pe_sec = PE_SECTIONS( hModule );
- rawsize = 0; lowest_va = 0x10000;
- for (i = 0; i < nt->FileHeader.NumberOfSections; i++)
- {
- if (lowest_va > pe_sec[i].VirtualAddress)
- lowest_va = pe_sec[i].VirtualAddress;
- if (pe_sec[i].Characteristics & IMAGE_SCN_CNT_UNINITIALIZED_DATA)
- continue;
- if (pe_sec[i].PointerToRawData+pe_sec[i].SizeOfRawData > rawsize)
- rawsize = pe_sec[i].PointerToRawData+pe_sec[i].SizeOfRawData;
- }
-
- /* Check file size */
- if ( file_size && file_size < rawsize )
- {
- ERR("PE module is too small (header: %d, filesize: %d), "
- "probably truncated download?\n",
- rawsize, file_size );
- SetLastError( ERROR_BAD_EXE_FORMAT );
- goto error;
- }
-
- /* Check entrypoint address */
- aoep = nt->OptionalHeader.AddressOfEntryPoint;
- if (aoep && (aoep < lowest_va))
- MESSAGE("VIRUS WARNING: '%s' has an invalid entrypoint (0x%08lx) "
- "below the first virtual address (0x%08x) "
- "(possibly infected by Tchernobyl/SpaceFiller virus)!\n",
- filename, aoep, lowest_va );
-
-
-#if 0
- /* FIXME: Hack! While we don't really support shared sections yet,
- * this checks for those special cases where the whole DLL
- * consists only of shared sections and is mapped into the
- * shared address space > 2GB. In this case, we assume that
- * the module got mapped at its base address. Thus we simply
- * check whether the module has actually been mapped there
- * and use it, if so. This is needed to get Win95 USER32.DLL
- * to work (until we support shared sections properly).
- */
-
- if ( nt->OptionalHeader.ImageBase & 0x80000000 )
- {
- HMODULE sharedMod = (HMODULE)nt->OptionalHeader.ImageBase;
- IMAGE_NT_HEADERS *sharedNt = (PIMAGE_NT_HEADERS)
- ( (LPBYTE)sharedMod + ((LPBYTE)nt - (LPBYTE)hModule) );
-
- /* Well, this check is not really comprehensive,
- but should be good enough for now ... */
- if ( !IsBadReadPtr( (LPBYTE)sharedMod, sizeof(IMAGE_DOS_HEADER) )
- && memcmp( (LPBYTE)sharedMod, (LPBYTE)hModule, sizeof(IMAGE_DOS_HEADER) ) == 0
- && !IsBadReadPtr( sharedNt, sizeof(IMAGE_NT_HEADERS) )
- && memcmp( sharedNt, nt, sizeof(IMAGE_NT_HEADERS) ) == 0 )
- {
- UnmapViewOfFile( (LPVOID)hModule );
- return sharedMod;
- }
- }
-#endif
-
- /* Allocate memory for module */
- load_addr = nt->OptionalHeader.ImageBase;
- vma_size = calc_vma_size( hModule );
-
- load_addr = (DWORD)VirtualAlloc( (void*)load_addr, vma_size,
- MEM_RESERVE | MEM_COMMIT,
- PAGE_EXECUTE_READWRITE );
- if (!load_addr)
- {
- load_addr = (DWORD)VirtualAlloc( NULL, vma_size,
- MEM_RESERVE | MEM_COMMIT,
- PAGE_EXECUTE_READWRITE );
- if (!load_addr)
- {
- FIXME_(win32)(
- "FATAL: Couldn't load module %s (out of memory, %d needed)!\n", filename, vma_size);
- goto error;
- }
- }
-
- if (load_addr != nt->OptionalHeader.ImageBase && !(flags & LOAD_LIBRARY_AS_DATAFILE))
- {
- /* We need to perform base relocations */
- WARN("Info: base relocations needed for %s\n", filename);
- dir = nt->OptionalHeader.DataDirectory+IMAGE_DIRECTORY_ENTRY_BASERELOC;
- if (dir->Size)
- reloc = dir->VirtualAddress;
- else
- {
- if (nt->OptionalHeader.ImageBase == 0x400000)
- ERR("Standard load address for a Win32 program not available - patched kernel ?\n");
- FIXME( "FATAL: Need to relocate %s, but no relocation records present (%s). Try to run that file directly !\n",
- filename,
- (nt->FileHeader.Characteristics&IMAGE_FILE_RELOCS_STRIPPED)?
- "stripped during link" : "unknown reason" );
+ UnmapViewOfFile( base );
SetLastError( ERROR_BAD_EXE_FORMAT );
- goto error;
+ return 0;
}
-
- /* FIXME: If we need to relocate a system DLL (base > 2GB) we should
- * really make sure that the *new* base address is also > 2GB.
- * Some DLLs really check the MSB of the module handle :-/
- */
- if ((nt->OptionalHeader.ImageBase & 0x80000000) && !(load_addr & 0x80000000))
- ERR( "Forced to relocate system DLL (base > 2GB). This is not good.\n" );
}
- TRACE("Load addr is %lx (base %lx), range %x\n",
- load_addr, nt->OptionalHeader.ImageBase, vma_size );
- TRACE_(segment)("Loading %s at %lx, range %x\n",
- filename, load_addr, vma_size );
+ /* virus check */
- req->handle = hFile;
- server_call_fd( REQ_GET_READ_FD, -1, &unix_handle );
- if (unix_handle == -1) goto error;
-
- /* Map the header */
- if (FILE_dommap( unix_handle, (void *)load_addr, 0, nt->OptionalHeader.SizeOfHeaders,
- 0, 0, PROT_EXEC | PROT_WRITE | PROT_READ,
- MAP_PRIVATE | MAP_FIXED ) != (void*)load_addr)
+ if (nt->OptionalHeader.AddressOfEntryPoint)
{
- ERR_(win32)( "Critical Error: failed to map PE header to necessary address.\n");
- goto error;
+ int i;
+ IMAGE_SECTION_HEADER *sec = (IMAGE_SECTION_HEADER*)((char*)&nt->OptionalHeader +
+ nt->FileHeader.SizeOfOptionalHeader);
+ for (i = 0; i < nt->FileHeader.NumberOfSections; i++, sec++)
+ {
+ if (nt->OptionalHeader.AddressOfEntryPoint < sec->VirtualAddress)
+ continue;
+ if (nt->OptionalHeader.AddressOfEntryPoint < sec->VirtualAddress+sec->Misc.VirtualSize)
+ break;
+ }
+ if (i == nt->FileHeader.NumberOfSections)
+ MESSAGE("VIRUS WARNING: PE module has an invalid entrypoint (0x%08lx) "
+ "outside all sections (possibly infected by Tchernobyl/SpaceFiller virus)!\n",
+ nt->OptionalHeader.AddressOfEntryPoint );
}
- /* Copy sections into module image */
- pe_sec = PE_SECTIONS( hModule );
- for (i = 0; i < nt->FileHeader.NumberOfSections; i++, pe_sec++)
- {
- if (!pe_sec->SizeOfRawData || !pe_sec->PointerToRawData) continue;
- TRACE("%s: mmaping section %s at %p off %lx size %lx/%lx\n",
- filename, pe_sec->Name, (void*)RVA(pe_sec->VirtualAddress),
- pe_sec->PointerToRawData, pe_sec->SizeOfRawData, pe_sec->Misc.VirtualSize );
- if (FILE_dommap( unix_handle, (void*)RVA(pe_sec->VirtualAddress),
- 0, pe_sec->SizeOfRawData, 0, pe_sec->PointerToRawData,
- PROT_EXEC | PROT_WRITE | PROT_READ,
- MAP_PRIVATE | MAP_FIXED ) != (void*)RVA(pe_sec->VirtualAddress))
- {
- /* We failed to map to the right place (huh?) */
- ERR_(win32)( "Critical Error: failed to map PE section to necessary address.\n");
- goto error;
- }
- if ((pe_sec->SizeOfRawData < pe_sec->Misc.VirtualSize) &&
- (pe_sec->SizeOfRawData & (page_size-1)))
- {
- DWORD end = (pe_sec->SizeOfRawData & ~(page_size-1)) + page_size;
- if (end > pe_sec->Misc.VirtualSize) end = pe_sec->Misc.VirtualSize;
- TRACE("clearing %p - %p\n",
- RVA(pe_sec->VirtualAddress) + pe_sec->SizeOfRawData,
- RVA(pe_sec->VirtualAddress) + end );
- memset( (char*)RVA(pe_sec->VirtualAddress) + pe_sec->SizeOfRawData, 0,
- end - pe_sec->SizeOfRawData );
- }
- }
-
- /* Perform base relocation, if necessary */
- if ( reloc )
- do_relocations( load_addr, (IMAGE_BASE_RELOCATION *)RVA(reloc) );
-
- /* We don't need the orignal mapping any more */
- UnmapViewOfFile( (LPVOID)hModule );
- close( unix_handle );
- return (HMODULE)load_addr;
-
-error:
- if (unix_handle != -1) close( unix_handle );
- if (load_addr) VirtualFree( (LPVOID)load_addr, 0, MEM_RELEASE );
- UnmapViewOfFile( (LPVOID)hModule );
- return 0;
+ return hModule;
}
/**********************************************************************
