Can't spawn a 32bit process from a .bat file

[ndmitchell]

Given a 32bit binary, I tried with both cat and sleep from http://unxutils.sourceforge.net/, if I create foo.bat:

sleep 0s

Then do fsatrace rwm - -- cmd /c foo.bat it fails with:

Fatal: src/win/inject.c:44: CreateProcessA(0, helper, 0, 0, 0, 0, 0, 0, &si, &pi), err: 8

Going in to the code and somewhat randomly changing things, if I change https://github.com/jacereda/fsatrace/blob/master/src/win/inject.c#L32 to be if (is32 && 0) then it works and seemingly traces correctly.

Looking at the code, perhaps you should be using the 64bit technique if either of yourself or the child is 64bit? Or perhaps you should try the else branch of GetProcAddress and only if that fails try using fsatracehelper?

[jacereda]

I still don't have any windows box to test, but IIRC the 32bit branch is just trying to figure out where will LoadLibraryA be located on a 32-bit process. Maybe that address always has zeros in the upper 32 bits and it's the same on both 32 and 64 bit platforms, in which case the branch would be useless, or maybe there's some new address randomisation scheme in recent windows versions.

[ndmitchell]

I'm investigating and writing some tests now, so hope to have a solution later this evening.

[ndmitchell]

My results are in PR #31.