strcmp() in plthook_replace() causes segfault on Windows

kubo / plthook

Hook function calls by replacing PLT(Procedure Linkage Table) entries.

762 stars 156 forks source link

strcmp() in plthook_replace() causes segfault on Windows #7

Closed UberLambda closed 6 years ago

UberLambda commented 6 years ago

The strcmp() at plthook_win32.c:241 sometimes causes a segmentation fault. This is because names of entries in plthook->entries are sometimes null (such as for some entries in "Shell32.dll" on my Windows 10 install).

A simple workaround is to replace plthook_win32.c:241 from

plthook->entries[idx].name = name;

plthook->entries[idx].name = name ? name : "(null)";

kubo commented 6 years ago

Thanks for the pointing! I'll check it later.

kubo commented 6 years ago

The functions whose names are null are exported functions from a DLL by ordinal. I fixed it. Thanks again for reporting it.

UberLambda commented 6 years ago

Thank you for the fix!