Jump to content

PE Tool for creating patches


WildBill

Recommended Posts

My patch for MS10-099 is up :)

It basically adds bunch of overflow checking and wasn't that hard to do. For any MS lurkers, however, please extract my notes (with /x) and look at my comments for PxAfTapiTranslateTapiCallParams because I don't think the patch gets the logic right. I think I corrected it in my 2k patch, but you might want to take a second look at the XP one.

Link to comment
Share on other sites


My patch for MS10-099 is up :)

It basically adds bunch of overflow checking and wasn't that hard to do. For any MS lurkers, however, please extract my notes (with /x) and look at my comments for PxAfTapiTranslateTapiCallParams because I don't think the patch gets the logic right. I think I corrected it in my 2k patch, but you might want to take a second look at the XP one.

Thanks very much WidlBill. :)

You know I guess that BlackWingCat also produced a patch for MS10-099:

http://blog.livedoor.jp/blackwingcat/archives/1371229.html

It's a pity you guys couldn't work in tandem and share the load. Perhaps you do in some way(s) - if so, pardon me.

Link to comment
Share on other sites

I had read the blog entry, but according to the Google translation it looks like there are problems with it (I can read a little Katakana when it's just spelling out English loanwords and I know maybe a dozen Kanji characters, but that isn't enough to read what's really important). With that in mind I decided to start from scratch.

One of the reasons why I always include or post my notes is that I'm hoping it will help him make a JPN version (or anyone else).

Edited by WildBill
Link to comment
Share on other sites

Hi, WildBill.

I try to use PETool 0.0.3

1. The application crashed when opened file twice.

2. I want to know how to move section.

I try to do following way.

* I selected .rdata

* Menu:Sections>Move

* I Input value 0x400

* I selected .text.

* Menu:Sections>Consume Slack.

* Menu:File>Save.

Then binary table was broken.

How I should do right way ?

Link to comment
Share on other sites

Sorry, this is my fault. I should have explained this.

The tool can only safely move certain sections, like resources or relocs. If you move anything else the file won't work because all the relative offsets will be broken. The only thing that moving a section is really useful for is moving the resources and relocs out of the way so you can grow a section that sits before them.

When I need to make room for more code, what I do depends on whether the file has room for more section entries. If it does, I usually select the resources section and do "Insert section before..." to add another code section before it. If there isn't room for another section entry I usually look for two adjacent sections that I can safely combine. For instance, if the code and read-only data sections are next to each other then I combine them to free up a section entry, then I add a code section (usually inserting it before the resources section).

I just posted version 0.0.4 which should fix some bugs and adds one extra feature. It also has some more .map files from the patches I've added.

Edited by WildBill
Link to comment
Share on other sites

I've posted my port of the MS11-002 patch on the master list. This is a patch to MDAC 2.8 SP1, so make sure that you first have that installed before applying it. I'm not at all sure how to test it, so I created a small Access database and tried reading it from within MS Access as well as from a free MDB viewer. I also checked the ODBC control panel applet to make sure that it was working. Everything seems to work fine in a VM and on my laptop so I've decided to post it. My notes are bundled in the executable as usual.

Edited by WildBill
Link to comment
Share on other sites

Hi.

I made a similar application.

PE Maker

It can make easy you make more code space in section or data directory.

and new relocationtables. :)

I tried to add functions VideoportLockBuffer and VideoPortUnlockBuffer in videoprt.sys,

and did it. ( for ATI Catalyst Driver 11.1 on Windows 2000)

Link to comment
Share on other sites

It all depends on the time I have available. There are a bunch of new patches that I have to do this month, and I haven't even started yet (I've been taking a couple of days to speed up SmoothText's skinning engine). Full 32-bit icon support would mainly involve updates to comctl32.dll, if I can get to it.

Link to comment
Share on other sites

My MS11-007 patch is now available. The changes were generally pretty minor, though in one case MS replaced a routine outright (though the overall logic still didn't change all that much). Basically the patch performs some more font validation.

Link to comment
Share on other sites

The patch for MS11-010 is now posted. I've also partially analyzed MS11-006, but before I proceed further with it I'm looking at the others to see if there are any that I can put together quickly. This was one of them. Anyhow, until the next time...

Link to comment
Share on other sites

I've had to remove yesterday's MS11-010 patch as it was causing problems with cmd.exe (the command shell wouldn't close when you tried to get rid of it). Anyone who has installed it should uninstall the patch from Add/Remove Programs. I'll be looking at it today to see if I can isolate the issue.

Link to comment
Share on other sites

Hmm, okay, that fix didn't take too long :yes:

MS11-010 V2 is posted, and this appears to work properly. I had to fix a couple of jumps and deal with some variable swapping that the XP patch was doing. If you still have V1 installed you can just install this on top of it. The version of csrsrv.dll will bump up to 5.0.2195.7368 so you can tell if V2 is installed.

Link to comment
Share on other sites

I honestly wouldn't know. I have a box with 2k Advanced Server on it but I hardly ever use it anymore and I haven't bothered to boot it up to apply any of these patches to it. So far I've only been testing on my 2k Pro laptop. If you have an installation of Pro I suppose you could compare a fully MS-patched Pro with a fully MS-patched Server to see which files differ.

If I ever get the time I really should boot my server box up and do some comparing: unfortunately the patches from this month are going to be a real PITA to port. I don't think there's any way I can get them all done before the next drop in March, but I think I can finish MS11-006 by the end of the week.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...