search

lucasg / Dependencies

A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.
MIT License
8.91k stars 726 forks source link

Crash when clicking on certain dlls #180

Closed misterti closed 3 years ago

misterti commented 3 years ago

v 1.10 Crashes on certain dlls when clicking on main dll to see exported functions. Check attached file.

file.zip

pzhlkj6612 commented 3 years ago

I can provide more details here.


This crash can be reproduced in both v1.10 and CI build from a8de425beb76a087cdbd7982ed8fb3979727a30c .


The file "crpe32.dll" in "file.zip" is a 32-bit dll.

**********************************************************************
 Visual Studio 2019 Developer Command Prompt v16.6.5
 Copyright (c) 2020 Microsoft Corporation
**********************************************************************
[vcvarsall.bat] Environment initialized for: 'x64'

C:\Program Files (x86)\Microsoft Visual Studio\2019\Community>dumpbin /headers "M:\crpe32.dll" | findstr "machine"
             14C machine (x86)
                   32 bit word machine

Crashed on this line:

https://github.com/lucasg/Dependencies/blob/12da79f75e14f238f6279ae9d06318e56c028f1a/DependenciesLib/FindPeModule.cs#L213

Crash details from v1.10 x86 (WoW64) Debug build:

System.NotSupportedException
  HResult=0x80131515
  Message=The given path's format is not supported.
  Source=mscorlib
  StackTrace:
   at System.Security.Permissions.FileIOPermission.EmulateFileIOPermissionChecks(String fullPath)
   at System.Security.Permissions.FileIOPermission.QuickDemand(FileIOPermissionAccess access, String fullPath, Boolean checkForDuplicates, Boolean needFullPath)
   at System.IO.Path.GetFullPath(String path)
   at Dependencies.FindPe.FindPeFromDefault(PE RootPe, String ModuleName, SxsEntries SxsCache, List`1 CustomSearchFolders, String WorkingDirectory) in C:\projects\dependencies\DependenciesLib\FindPeModule.cs:line 213
   at Dependencies.BinaryCache.ResolveModule(PE RootPe, String ModuleName, SxsEntries SxsCache, List`1 CustomSearchFolders, String WorkingDirectory) in C:\projects\dependencies\DependenciesLib\BinaryCache.cs:line 97
   at Dependencies.DependencyWindow.LoadImport(String ModuleName, DisplayModuleInfo CurrentModule, Boolean DelayLoad) in C:\projects\dependencies\DependenciesGui\DependencyWindow.xaml.cs:line 1019
   at Dependencies.DependencyImportList.SetRootImports(List`1 Imports, PhSymbolProvider SymPrv, DependencyWindow Dependencies) in C:\projects\dependencies\DependenciesGui\DependencyImportList.xaml.cs:line 43
   at Dependencies.DependencyWindow.UpdateImportExportLists(DisplayModuleInfo SelectedModule, DisplayModuleInfo Parent) in C:\projects\dependencies\DependenciesGui\DependencyWindow.xaml.cs:line 999
   at Dependencies.DependencyWindow.OnTreeViewSelectedItemChanged(Object sender, RoutedPropertyChangedEventArgs`1 e) in C:\projects\dependencies\DependenciesGui\DependencyWindow.xaml.cs:line 979
   at System.Windows.RoutedPropertyChangedEventArgs`1.InvokeEventHandler(Delegate genericHandler, Object genericTarget)
   at System.Windows.RoutedEventArgs.InvokeHandler(Delegate handler, Object target)
   at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs routedEventArgs)
   at System.Windows.EventRoute.InvokeHandlersImpl(Object source, RoutedEventArgs args, Boolean reRaised)
   at System.Windows.UIElement.RaiseEventImpl(DependencyObject sender, RoutedEventArgs args)
   at System.Windows.UIElement.RaiseEvent(RoutedEventArgs e)
   at System.Windows.Controls.TreeView.OnSelectedItemChanged(RoutedPropertyChangedEventArgs`1 e)
   at System.Windows.Controls.TreeView.ChangeSelection(Object data, TreeViewItem container, Boolean selected)
   at System.Windows.Controls.TreeViewItem.Select(Boolean selected)
   at System.Windows.Controls.TreeViewItem.OnGotFocus(RoutedEventArgs e)
   at System.Windows.UIElement.IsFocused_Changed(DependencyObject d, DependencyPropertyChangedEventArgs e)
   at System.Windows.DependencyObject.OnPropertyChanged(DependencyPropertyChangedEventArgs e)
   at System.Windows.FrameworkElement.OnPropertyChanged(DependencyPropertyChangedEventArgs e)
   at System.Windows.DependencyObject.NotifyPropertyChange(DependencyPropertyChangedEventArgs args)
   at System.Windows.DependencyObject.UpdateEffectiveValue(EntryIndex entryIndex, DependencyProperty dp, PropertyMetadata metadata, EffectiveValueEntry oldEntry, EffectiveValueEntry& newEntry, Boolean coerceWithDeferredReference, Boolean coerceWithCurrentValue, OperationType operationType)
   at System.Windows.DependencyObject.SetValueCommon(DependencyProperty dp, Object value, PropertyMetadata metadata, Boolean coerceWithDeferredReference, Boolean coerceWithCurrentValue, OperationType operationType, Boolean isInternal)
   at System.Windows.DependencyObject.SetValue(DependencyPropertyKey key, Object value)
   at System.Windows.Input.FocusManager.OnFocusedElementChanged(DependencyObject d, DependencyPropertyChangedEventArgs e)
   at System.Windows.DependencyObject.OnPropertyChanged(DependencyPropertyChangedEventArgs e)
   at System.Windows.FrameworkElement.OnPropertyChanged(DependencyPropertyChangedEventArgs e)
   at System.Windows.DependencyObject.NotifyPropertyChange(DependencyPropertyChangedEventArgs args)
   at System.Windows.DependencyObject.UpdateEffectiveValue(EntryIndex entryIndex, DependencyProperty dp, PropertyMetadata metadata, EffectiveValueEntry oldEntry, EffectiveValueEntry& newEntry, Boolean coerceWithDeferredReference, Boolean coerceWithCurrentValue, OperationType operationType)
   at System.Windows.DependencyObject.SetValueCommon(DependencyProperty dp, Object value, PropertyMetadata metadata, Boolean coerceWithDeferredReference, Boolean coerceWithCurrentValue, OperationType operationType, Boolean isInternal)
   at System.Windows.Input.FocusManager.SetFocusedElement(DependencyObject element, IInputElement value)
   at System.Windows.Input.KeyboardNavigation.UpdateFocusedElement(DependencyObject focusTarget)
   at System.Windows.FrameworkElement.OnGotKeyboardFocus(Object sender, KeyboardFocusChangedEventArgs e)
   at System.Windows.Input.KeyboardFocusChangedEventArgs.InvokeEventHandler(Delegate genericHandler, Object genericTarget)
   at System.Windows.RoutedEventArgs.InvokeHandler(Delegate handler, Object target)
   at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs routedEventArgs)
   at System.Windows.EventRoute.InvokeHandlersImpl(Object source, RoutedEventArgs args, Boolean reRaised)
   at System.Windows.UIElement.RaiseEventImpl(DependencyObject sender, RoutedEventArgs args)
   at System.Windows.UIElement.RaiseTrustedEvent(RoutedEventArgs args)
   at System.Windows.UIElement.RaiseEvent(RoutedEventArgs args, Boolean trusted)
   at System.Windows.Input.InputManager.ProcessStagingArea()
   at System.Windows.Input.InputManager.ProcessInput(InputEventArgs input)
   at System.Windows.Input.KeyboardDevice.ChangeFocus(DependencyObject focus, Int32 timestamp)
   at System.Windows.Input.KeyboardDevice.TryChangeFocus(DependencyObject newFocus, IKeyboardInputProvider keyboardInputProvider, Boolean askOld, Boolean askNew, Boolean forceToNullIfFailed)
   at System.Windows.Input.KeyboardDevice.Focus(DependencyObject focus, Boolean askOld, Boolean askNew, Boolean forceToNullIfFailed)
   at System.Windows.Input.KeyboardDevice.Focus(IInputElement element)
   at System.Windows.UIElement.Focus()
   at System.Windows.Controls.TreeViewItem.OnMouseLeftButtonDown(MouseButtonEventArgs e)
   at System.Windows.UIElement.OnMouseLeftButtonDownThunk(Object sender, MouseButtonEventArgs e)
   at System.Windows.Input.MouseButtonEventArgs.InvokeEventHandler(Delegate genericHandler, Object genericTarget)
   at System.Windows.RoutedEventArgs.InvokeHandler(Delegate handler, Object target)
   at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs routedEventArgs)
   at System.Windows.EventRoute.InvokeHandlersImpl(Object source, RoutedEventArgs args, Boolean reRaised)
   at System.Windows.UIElement.ReRaiseEventAs(DependencyObject sender, RoutedEventArgs args, RoutedEvent newEvent)
   at System.Windows.UIElement.OnMouseDownThunk(Object sender, MouseButtonEventArgs e)
   at System.Windows.Input.MouseButtonEventArgs.InvokeEventHandler(Delegate genericHandler, Object genericTarget)
   at System.Windows.RoutedEventArgs.InvokeHandler(Delegate handler, Object target)
   at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs routedEventArgs)
   at System.Windows.EventRoute.InvokeHandlersImpl(Object source, RoutedEventArgs args, Boolean reRaised)
   at System.Windows.UIElement.RaiseEventImpl(DependencyObject sender, RoutedEventArgs args)
   at System.Windows.UIElement.RaiseTrustedEvent(RoutedEventArgs args)
   at System.Windows.UIElement.RaiseEvent(RoutedEventArgs args, Boolean trusted)
   at System.Windows.Input.InputManager.ProcessStagingArea()
   at System.Windows.Input.InputManager.ProcessInput(InputEventArgs input)
   at System.Windows.Input.InputProviderSite.ReportInput(InputReport inputReport)
   at System.Windows.Interop.HwndMouseInputProvider.ReportInput(IntPtr hwnd, InputMode mode, Int32 timestamp, RawMouseActions actions, Int32 x, Int32 y, Int32 wheel)
   at System.Windows.Interop.HwndMouseInputProvider.FilterMessage(IntPtr hwnd, WindowMessage msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
   at System.Windows.Interop.HwndSource.InputFilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
   at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Int32 numArgs, Delegate catchHandler)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(DispatcherPriority priority, TimeSpan timeout, Delegate method, Object args, Int32 numArgs)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(MSG& msg)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(DispatcherFrame frame)
   at System.Windows.Threading.Dispatcher.PushFrame(DispatcherFrame frame)
   at System.Windows.Application.RunDispatcher(Object ignore)
   at System.Windows.Application.RunInternal(Window window)
   at System.Windows.Application.Run(Window window)
   at System.Windows.Application.Run()
   at Dependencies.App.Main()

  This exception was originally thrown at this call stack:
    [External Code]
    Dependencies.FindPe.FindPeFromDefault(Dependencies.ClrPh.PE, string, Dependencies.SxsEntries, System.Collections.Generic.List<string>, string) in FindPeModule.cs
    Dependencies.BinaryCache.ResolveModule(Dependencies.ClrPh.PE, string, Dependencies.SxsEntries, System.Collections.Generic.List<string>, string) in BinaryCache.cs
    Dependencies.DependencyWindow.LoadImport(string, Dependencies.DisplayModuleInfo, bool) in DependencyWindow.xaml.cs
    Dependencies.DependencyImportList.SetRootImports(System.Collections.Generic.List<Dependencies.ClrPh.PeImportDll>, PhSymbolProvider, Dependencies.DependencyWindow) in DependencyImportList.xaml.cs
    Dependencies.DependencyWindow.UpdateImportExportLists(Dependencies.DisplayModuleInfo, Dependencies.DisplayModuleInfo) in DependencyWindow.xaml.cs
    Dependencies.DependencyWindow.OnTreeViewSelectedItemChanged(object, System.Windows.RoutedPropertyChangedEventArgs<object>) in DependencyWindow.xaml.cs
    [External Code]

Autos:

Name Value Type
FoundPePath null string
ModuleName "## PeImportDll error: Invalid DllName ##.dll" string
ModuleSearchStrategy.Environment Environment Dependencies.ModuleSearchStrategy
lucasg commented 3 years ago

ok it's a PE parsing bug, imports are in a weird state. I'll have to find the root cause tho

lucasg commented 3 years ago

ok, fixed it : https://github.com/lucasg/Dependencies/commit/6017a93cae7444a53b4cc31354df79297601442c

it is actually a backport of this bugfix from processhacker's codebase : https://github.com/processhacker/processhacker/commit/3ca832adfeb7fcacd1c9f2edb43cdfe883d18974

pzhlkj6612 commented 3 years ago

Hi. 6017a93cae7444a53b4cc31354df79297601442c does not seem to work.

Crashed on this line:

https://github.com/lucasg/Dependencies/blob/6017a93cae7444a53b4cc31354df79297601442c/DependenciesGui/DependencyModuleList.xaml.cs#L33

Crash details from Debug build:

System.NullReferenceException
  HResult=0x80004003
  Message=Object Reference Not Set to an instance of an object.
  Source=DependenciesGui
  StackTrace:
   at Dependencies.ModuleCacheKey.GetHashCode() in C:\projects\dependencies\DependenciesGui\DependencyModuleList.xaml.cs:line 33

Autos:

  Name Value Type
  Filepath null string
  Flags DelayLoad | NotFound ModuleFlag
  Name "ext-ms-win-oobe-query-l1-1-0.dll" string
this {Dependencies.ModuleCacheKey} Dependencies.ModuleCacheKey
lucasg commented 3 years ago

thanks, fixed in e5aae682fec5f124142f8cb6c082a1fc17e2db3a

pzhlkj6612 commented 3 years ago

Hi.

I cannot test e5aae682fec5f124142f8cb6c082a1fc17e2db3a since I didn't have a complete dev environment. So I tested the Debug build of b19e49d42b5ec3c4ea06e5da516f646f4e0a6459 from CI and it works fine. Thank you @lucasg !

Well, I just realized that the crash in 6017a93cae7444a53b4cc31354df79297601442c does not seem to be related to the BUG reported in this issue. It should be in a separate issue. I'm sorry for that.