Mail Archives: cygwin/2020/07/05/12:43:58

Jon Turney <jon DOT turney AT dronecode DOT org DOT uk> · Sun, 5 Jul 2020 17:43:04 +0100

On 03/07/2020 20:34, Corinna Vinschen wrote:
>>
>> The problem is in the opposite direction.
>>
>> We have the actual base address the DLL was loaded at in the process being
>> dumped, and it's filename, from the LOAD_DLL_DEBUG_EVENT event.
>>
>> (To my amazement) we then read that DLL using bfd, and examine it for
>> sections with the 'CODE' or 'DEBUGGING' flags, the address ranges
>> corresponding to which we believe we want to exclude from the dump.
>>
>> Unfortunately, these addresses are based on the ImageBase in the PE header.
>>
>> If that's different to the actual base address the PE was loaded at, we need
>> to adjust these addresses appropriately.  But libbfd doesn't appear to
>> provide a public interface to get at the ImageBase.
> 
> Ok, but you have the filename, so you can map the file and read it's
> header and thus imagebase.  Still not nice, sure... but it would work
> without guessing, I guess? :)

So, I misread this as "look in the header that's already mapped by the 
Windows loader", but it seems that the ImageBase in that has been 
modified to the actual load address (not that there are any guarantee 
about it even existing).

I'm really struggling to see all this complexity as actually needed, 
though. See follow up patches which just remove it all.
--
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

X-Recipient:	archive-cygwin AT delorie DOT com
X-Original-To:	cygwin AT cygwin DOT com
Delivered-To:	cygwin AT cygwin DOT com
DMARC-Filter:	OpenDMARC Filter v1.3.2 sourceware.org 7E6673858D38
Authentication-Results:	sourceware.org; dmarc=none (p=none dis=none)
	header.from=dronecode.org.uk
Authentication-Results:	sourceware.org;
	spf=none smtp.mailfrom=jon DOT turney AT dronecode DOT org DOT uk
Authentication-Results:	btinternet.com;
	auth=pass (PLAIN) smtp.auth=jonturney AT btinternet DOT com
X-Originating-IP:	[31.51.206.31]
X-OWM-Source-IP:	31.51.206.31 (GB)
X-OWM-Env-Sender:	jonturney AT btinternet DOT com
X-VadeSecure-score:	verdict=clean score=0/300, class=clean
X-RazorGate-Vade:	gggruggvucftvghtrhhoucdtuddrgeduiedruddugddutdeiucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuueftkffvkffujffvgffngfevqffopdfqfgfvnecuuegrihhlohhuthemuceftddunecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpefuvfhfhffkffgfgggjtgfgsehtjeertddtfeejnecuhfhrohhmpeflohhnucfvuhhrnhgvhicuoehjohhnrdhtuhhrnhgvhiesughrohhnvggtohguvgdrohhrghdruhhkqeenucggtffrrghtthgvrhhnpeeguefhkedvfeeigefhhedtjeehieegtdehhffhheffgfehheegtdffleejteeuueenucfkphepfedurdehuddrvddtiedrfedunecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehhvghloheplgduledvrdduieekrddurdduuddungdpihhnvghtpeefuddrhedurddvtdeirdefuddpmhgrihhlfhhrohhmpeeojhhonhdrthhurhhnvgihsegurhhonhgvtghouggvrdhorhhgrdhukhequceuqfffjgepkeeukffvoffkoffgpdhrtghpthhtohepoegthihgfihinhestgihghifihhnrdgtohhmqe
X-RazorGate-Vade-Verdict:	clean 0
X-RazorGate-Vade-Classification:	clean
Subject:	Re: [PATCH 8/8] Cygwin: Consider DLL rebasing when computing dumper
	exclusions
To:	The Cygwin Mailing List <cygwin AT cygwin DOT com>
References:	<20200701212529 DOT 13998-1-jon DOT turney AT dronecode DOT org DOT uk>
	<20200701212529 DOT 13998-9-jon DOT turney AT dronecode DOT org DOT uk>
	<20200702074317 DOT GM3499 AT calimero DOT vinschen DOT de>
	<20200702074857 DOT GP3499 AT calimero DOT vinschen DOT de>
	<9b0e3ddf-2fdd-990a-00f4-22939e21fa2b AT dronecode DOT org DOT uk>
	<20200703193436 DOT GC3499 AT calimero DOT vinschen DOT de>
From:	Jon Turney <jon DOT turney AT dronecode DOT org DOT uk>
Message-ID:	<562a2148-355d-8351-3451-b1549aa81062@dronecode.org.uk>
Date:	Sun, 5 Jul 2020 17:43:04 +0100
User-Agent:	Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101
	Thunderbird/68.10.0
MIME-Version:	1.0
In-Reply-To:	<20200703193436.GC3499@calimero.vinschen.de>
X-Spam-Status:	No, score=-4.8 required=5.0 tests=BAYES_00, FORGED_SPF_HELO,
	KAM_DMARC_STATUS, KAM_LAZY_DOMAIN_SECURITY, RCVD_IN_DNSWL_LOW,
	RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_PASS, SPF_NONE,
	TXREP autolearn=no autolearn_force=no version=3.4.2
X-Spam-Checker-Version:	SpamAssassin 3.4.2 (2018-09-13) on
	server2.sourceware.org
X-BeenThere:	cygwin AT cygwin DOT com
X-Mailman-Version:	2.1.29
List-Id:	General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe:	<http://cygwin.com/mailman/options/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive:	<https://cygwin.com/pipermail/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe:	<http://cygwin.com/mailman/listinfo/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
Errors-To:	cygwin-bounces AT cygwin DOT com
Sender:	"Cygwin" <cygwin-bounces AT cygwin DOT com>

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019