Page 1 of 1

Solutions & remedies

Posted: Fri Apr 18, 2008 9:37 pm
by CGSoftLabs
Hope this will help some other people :)

While switching eXPressor's sourcecode from vc6 to vc8 I came across a number of problems; one of them was that vc8 linker won't let us merge anymore all sections in one as we want, he sticks IAT at the very beginning of first section; and since my source code relies on that I was forced to find a hack in order to skip recoding which in the particularly case of building stubs is very hard due limited debugging options.

In my stubs I do modifications for some global vars after building; since now I don't have my vars at the beginning of the firsts section I have 2 alternatives:

1.Enable /MAP file and build a simple parser to retrieve variables and functions VA. once I have VA I know where to apply the patch.

2.Find a hack and use the old method: structures stored inside specific PE directories like below:

Code: Select all

#pragma data_seg ( ".A$A" )
DWORD dwVal1 = 1;
DWORD dwVAl2 = 2;
//...etc
#pragma data_seg()[/quote]

Now I know for sure that those vars are placed at the beginning of section .A and you can access them later via section[.A].VirtualAddress.

The linker will always put teh IAT table (which lies in .idata$5) at the very beginning of teh first section which normally starts at 0x1000, and since I merge all my stub sections in .A I have problems modifying my globals.  I found a hack to force having global variables at the very beginning of first section for easy access (we don't even need the /MAP file); in the code above, replace ".A$A" with ".idata$5"