memmod: register exception handler tables

Otherwise recent WDK binaries fail on ARM64, where an exception handler
is used for trapping an illegal instruction when ARMv8.1 atomics are
being tested for functionality.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld 2021-08-05 14:56:48 +02:00
parent bad6caeb82
commit 3957e9b9dd
2 changed files with 19 additions and 0 deletions

View File

@ -159,6 +159,16 @@ func (module *Module) finalizeSection(sectionData *sectionFinalizeData) error {
return nil
}
var rtlAddFunctionTable = windows.NewLazySystemDLL("ntdll.dll").NewProc("RtlAddFunctionTable")
func (module *Module) registerExceptionHandlers() {
directory := module.headerDirectory(IMAGE_DIRECTORY_ENTRY_EXCEPTION)
if directory.Size == 0 || directory.VirtualAddress == 0 {
return
}
rtlAddFunctionTable.Call(module.codeBase+uintptr(directory.VirtualAddress), uintptr(directory.Size)/unsafe.Sizeof(IMAGE_RUNTIME_FUNCTION_ENTRY{}), module.codeBase)
}
func (module *Module) finalizeSections() error {
sections := module.headers.Sections()
imageOffset := module.headers.OptionalHeader.imageOffset()
@ -500,6 +510,9 @@ func LoadLibrary(data []byte) (module *Module, err error) {
return
}
// Register exception tables, if they exist.
module.registerExceptionHandlers()
// TLS callbacks are executed BEFORE the main loading.
module.executeTLS()

View File

@ -370,6 +370,12 @@ const (
IMAGE_GUARD_CF_FUNCTION_TABLE_SIZE_SHIFT = 28
)
type IMAGE_RUNTIME_FUNCTION_ENTRY struct {
BeginAddress uint32
EndAddress uint32
UnwindInfoAddress uint32
}
const (
DLL_PROCESS_ATTACH = 1
DLL_THREAD_ATTACH = 2