From c89f5ca665bdab39cdc695c171e0eedd6baf03e8 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Thu, 29 Jul 2021 01:01:46 +0200 Subject: memmod: disable protected delayed load for now Probably a bad idea, but we don't currently support it, and those huge windows.NewCallback trampolines make juicer targets anyway. Signed-off-by: Jason A. Donenfeld --- tun/wintun/memmod/memmod_windows.go | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'tun/wintun/memmod/memmod_windows.go') diff --git a/tun/wintun/memmod/memmod_windows.go b/tun/wintun/memmod/memmod_windows.go index c75de5a..6eb022d 100644 --- a/tun/wintun/memmod/memmod_windows.go +++ b/tun/wintun/memmod/memmod_windows.go @@ -41,12 +41,12 @@ func (module *Module) headerDirectory(idx int) *IMAGE_DATA_DIRECTORY { return &module.headers.OptionalHeader.DataDirectory[idx] } -func (module *Module) copySections(address uintptr, size uintptr, old_headers *IMAGE_NT_HEADERS) error { +func (module *Module) copySections(address uintptr, size uintptr, oldHeaders *IMAGE_NT_HEADERS) error { sections := module.headers.Sections() for i := range sections { if sections[i].SizeOfRawData == 0 { // Section doesn't contain data in the dll itself, but may define uninitialized data. - sectionSize := old_headers.OptionalHeader.SectionAlignment + sectionSize := oldHeaders.OptionalHeader.SectionAlignment if sectionSize == 0 { continue } @@ -491,6 +491,15 @@ func LoadLibrary(data []byte) (module *Module, err error) { return } + // Disable protected delayed load for now. TODO: We should support this properly at some point. + if IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG < module.headers.OptionalHeader.NumberOfRvaAndSizes { + directory := module.headerDirectory(IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG) + if directory.Size != 0 && directory.VirtualAddress != 0 { + loadConfig := (*IMAGE_LOAD_CONFIG_DIRECTORY)(a2p(module.codeBase + uintptr(directory.VirtualAddress))) + loadConfig.GuardFlags &^= IMAGE_GUARD_PROTECT_DELAYLOAD_IAT + } + } + // Mark memory pages depending on section headers and release sections that are marked as "discardable". err = module.finalizeSections() if err != nil { -- cgit v1.2.3