Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account



Photo

PE Tool for creating patches

- - - - -

  • Please log in to reply
675 replies to this topic

#76
WildBill

WildBill

    Senior Member

  • Developer
  • 697 posts
  • Joined 09-August 05
  • OS:none specified
  • Country: Country Flag
My patch for MS10-099 is up :)

It basically adds bunch of overflow checking and wasn't that hard to do. For any MS lurkers, however, please extract my notes (with /x) and look at my comments for PxAfTapiTranslateTapiCallParams because I don't think the patch gets the logic right. I think I corrected it in my 2k patch, but you might want to take a second look at the XP one.


How to remove advertisement from MSFN

#77
bristols

bristols

    Advanced Member

  • Member
  • PipPipPip
  • 451 posts
  • Joined 24-September 05
  • OS:none specified
  • Country: Country Flag

My patch for MS10-099 is up :)

It basically adds bunch of overflow checking and wasn't that hard to do. For any MS lurkers, however, please extract my notes (with /x) and look at my comments for PxAfTapiTranslateTapiCallParams because I don't think the patch gets the logic right. I think I corrected it in my 2k patch, but you might want to take a second look at the XP one.


Thanks very much WidlBill. :)

You know I guess that BlackWingCat also produced a patch for MS10-099:

http://blog.livedoor...es/1371229.html

It's a pity you guys couldn't work in tandem and share the load. Perhaps you do in some way(s) - if so, pardon me.

#78
WildBill

WildBill

    Senior Member

  • Developer
  • 697 posts
  • Joined 09-August 05
  • OS:none specified
  • Country: Country Flag
I had read the blog entry, but according to the Google translation it looks like there are problems with it (I can read a little Katakana when it's just spelling out English loanwords and I know maybe a dozen Kanji characters, but that isn't enough to read what's really important). With that in mind I decided to start from scratch.

One of the reasons why I always include or post my notes is that I'm hoping it will help him make a JPN version (or anyone else).

Edited by WildBill, 31 January 2011 - 09:14 PM.


#79
blackwingcat

blackwingcat

    Friend of MSFN

  • Member
  • PipPipPipPipPip
  • 799 posts
  • Joined 31-May 08
  • OS:Windows 2000 Professional
  • Country: Country Flag
Hi, WildBill.

I try to use PETool 0.0.3

1. The application crashed when opened file twice.

2. I want to know how to move section.
I try to do following way.

* I selected .rdata
* Menu:Sections>Move
* I Input value 0x400
* I selected .text.
* Menu:Sections>Consume Slack.
* Menu:File>Save.

Then binary table was broken.

How I should do right way ?
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
BlackWingCat =^^=
http://blog.livedoor.jp/blackwingcat/
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

#80
WildBill

WildBill

    Senior Member

  • Developer
  • 697 posts
  • Joined 09-August 05
  • OS:none specified
  • Country: Country Flag
Sorry, this is my fault. I should have explained this.

The tool can only safely move certain sections, like resources or relocs. If you move anything else the file won't work because all the relative offsets will be broken. The only thing that moving a section is really useful for is moving the resources and relocs out of the way so you can grow a section that sits before them.

When I need to make room for more code, what I do depends on whether the file has room for more section entries. If it does, I usually select the resources section and do "Insert section before..." to add another code section before it. If there isn't room for another section entry I usually look for two adjacent sections that I can safely combine. For instance, if the code and read-only data sections are next to each other then I combine them to free up a section entry, then I add a code section (usually inserting it before the resources section).

I just posted version 0.0.4 which should fix some bugs and adds one extra feature. It also has some more .map files from the patches I've added.

Edited by WildBill, 03 February 2011 - 10:20 PM.


#81
WildBill

WildBill

    Senior Member

  • Developer
  • 697 posts
  • Joined 09-August 05
  • OS:none specified
  • Country: Country Flag
I've posted my port of the MS11-002 patch on the master list. This is a patch to MDAC 2.8 SP1, so make sure that you first have that installed before applying it. I'm not at all sure how to test it, so I created a small Access database and tried reading it from within MS Access as well as from a free MDB viewer. I also checked the ODBC control panel applet to make sure that it was working. Everything seems to work fine in a VM and on my laptop so I've decided to post it. My notes are bundled in the executable as usual.

Edited by WildBill, 06 February 2011 - 04:14 PM.


#82
blackwingcat

blackwingcat

    Friend of MSFN

  • Member
  • PipPipPipPipPip
  • 799 posts
  • Joined 31-May 08
  • OS:Windows 2000 Professional
  • Country: Country Flag
Hi.

I made a similar application.
PE Maker

It can make easy you make more code space in section or data directory.
and new relocationtables. :)

I tried to add functions VideoportLockBuffer and VideoPortUnlockBuffer in videoprt.sys,
and did it. ( for ATI Catalyst Driver 11.1 on Windows 2000)
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
BlackWingCat =^^=
http://blog.livedoor.jp/blackwingcat/
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

#83
Dave.Net

Dave.Net

    Member

  • Member
  • PipPip
  • 139 posts
  • Joined 17-July 05
Hi WildBill,

Can we expect full 32-bit icon support any time soon?

#84
WildBill

WildBill

    Senior Member

  • Developer
  • 697 posts
  • Joined 09-August 05
  • OS:none specified
  • Country: Country Flag
It all depends on the time I have available. There are a bunch of new patches that I have to do this month, and I haven't even started yet (I've been taking a couple of days to speed up SmoothText's skinning engine). Full 32-bit icon support would mainly involve updates to comctl32.dll, if I can get to it.

#85
WildBill

WildBill

    Senior Member

  • Developer
  • 697 posts
  • Joined 09-August 05
  • OS:none specified
  • Country: Country Flag
My MS11-007 patch is now available. The changes were generally pretty minor, though in one case MS replaced a routine outright (though the overall logic still didn't change all that much). Basically the patch performs some more font validation.

#86
WildBill

WildBill

    Senior Member

  • Developer
  • 697 posts
  • Joined 09-August 05
  • OS:none specified
  • Country: Country Flag
The patch for MS11-010 is now posted. I've also partially analyzed MS11-006, but before I proceed further with it I'm looking at the others to see if there are any that I can put together quickly. This was one of them. Anyhow, until the next time...

#87
WildBill

WildBill

    Senior Member

  • Developer
  • 697 posts
  • Joined 09-August 05
  • OS:none specified
  • Country: Country Flag
I've had to remove yesterday's MS11-010 patch as it was causing problems with cmd.exe (the command shell wouldn't close when you tried to get rid of it). Anyone who has installed it should uninstall the patch from Add/Remove Programs. I'll be looking at it today to see if I can isolate the issue.

#88
WildBill

WildBill

    Senior Member

  • Developer
  • 697 posts
  • Joined 09-August 05
  • OS:none specified
  • Country: Country Flag
Hmm, okay, that fix didn't take too long :yes:

MS11-010 V2 is posted, and this appears to work properly. I had to fix a couple of jumps and deal with some variable swapping that the XP patch was doing. If you still have V1 installed you can just install this on top of it. The version of csrsrv.dll will bump up to 5.0.2195.7368 so you can tell if V2 is installed.

#89
tomasz86

tomasz86

    www.windows2000.tk

  • Member
  • PipPipPipPipPipPipPipPip
  • 2,528 posts
  • Joined 27-November 10
  • OS:none specified
  • Country: Country Flag
WildBill,

is it O.K. to apply your patches to a datacenter server version of Windows 2000?

Edited by tomasz86, 20 February 2011 - 08:56 PM.

post-47483-1123010975.png


#90
WildBill

WildBill

    Senior Member

  • Developer
  • 697 posts
  • Joined 09-August 05
  • OS:none specified
  • Country: Country Flag
I honestly wouldn't know. I have a box with 2k Advanced Server on it but I hardly ever use it anymore and I haven't bothered to boot it up to apply any of these patches to it. So far I've only been testing on my 2k Pro laptop. If you have an installation of Pro I suppose you could compare a fully MS-patched Pro with a fully MS-patched Server to see which files differ.

If I ever get the time I really should boot my server box up and do some comparing: unfortunately the patches from this month are going to be a real PITA to port. I don't think there's any way I can get them all done before the next drop in March, but I think I can finish MS11-006 by the end of the week.

#91
PROBLEMCHYLD

PROBLEMCHYLD

    The Resurrector for old Windows OS

  • Member
  • PipPipPipPipPipPipPipPip
  • 2,534 posts
  • Joined 07-October 05
  • OS:98SE
  • Country: Country Flag
I have applied all WildBill patches to Windows 2000 Server and all is fine.

Believe God is the Alpha and Omega.
Believe Jesus Christ died for our sins.
Repent for your sins now or there will be
BLOOD

The Path to God


U98SESP3 03-11-2013


#92
tomasz86

tomasz86

    www.windows2000.tk

  • Member
  • PipPipPipPipPipPipPipPip
  • 2,528 posts
  • Joined 27-November 10
  • OS:none specified
  • Country: Country Flag
Thank you for your reply :) Originally I was translating these hotfixes into Polish but it just took too much time to do it, and also something went wrong with one of the patches (I'm not sure which one but suspect it to be one of the font patches) which caused some of the system dialogs to change into Chinese :huh: I tried to translate them one more time but the same thing happened. I still don't know which one caused this.

Anyway, as it is just too much pain to translate all those hotfixes I have decided to install an English version of Win2k Server with integrated English hotifxes and use a MUI Pack to have it in Polish.

Thank you WildBill for your hard work and I'm looking forward for new patches :)

Edited by tomasz86, 26 February 2011 - 01:59 AM.

post-47483-1123010975.png


#93
WildBill

WildBill

    Senior Member

  • Developer
  • 697 posts
  • Joined 09-August 05
  • OS:none specified
  • Country: Country Flag
You're welcome :hello:

You'd probably have to install each patch one at a time to find out which one is changing the language. My guess is that it's one of the font patches, but the font patches only affect the PostScript driver. I don't see how that would change your system dialogs unless you're using PS fonts. Another possibility might be that your text is longer than the English text and is overwriting something else?

In other news, I just spent the last week analyzing MS11-006 and mapping the 2k code in shelll32.dll and shimgvw.dll. After all this I've concluded that the patch doesn't apply to 2k -- the code in question doesn't exist in the 2k versions. While I wish I could get that week back, at least now I have those files almost completely mapped out so any further changes to them should be easy to track down. At least that attack vector apparently doesn't affect us...

#94
bristols

bristols

    Advanced Member

  • Member
  • PipPipPip
  • 451 posts
  • Joined 24-September 05
  • OS:none specified
  • Country: Country Flag
@WildBill:

I've listed your current 'unofficial updates' at Windows 2000 SP4 Updates for HFSLIP page. Members here reported no problems so far with slipstreaming your updates. Hope you don't mind.

Keep up the good work! :thumbup

Edit: updated the URL for the Windows 2000 Post-SP4 Updates for HFSLIP page.

Edited by bristols, 14 September 2012 - 10:12 AM.


#95
WildBill

WildBill

    Senior Member

  • Developer
  • 697 posts
  • Joined 09-August 05
  • OS:none specified
  • Country: Country Flag
Thanks :D I don't mind having the patches be a little more visible for people -- I've been concerned that only people here knew about them. Another nagging concern is that at some point we could use a rollup patch, but I have no idea how to make one.

I've partially analyzed the IE MS11-003 patch, and it looks like it will be a real chore to port. MS added a field to some classes and this caused ripple effects in all of their child classes such that there are a LOT of small changes in mshtml.dll (the only file that actually changed). I think a port is possible but I'm going to have to be very methodical in building it. Tonight I decided to take a break and started looking into enhancing comctl32.dll to finish 32-bit icon support. So far I'm adding some utility routines that I'll need and documenting changes that I'll eventually have to make to hook them in. I'm hoping that it won't be too hard to do. If I can finish the icon upgrade I'll probably bundle it with MS11-012 since the first part of the icon upgrade included patches to win32k.sys -- in fact, if I go that route, I'll also include the latest user32.dll in the patch even though it didn't change this month, because all three files (win32k.sys, user32.dll, comctl32.dll) will constitute a matched set at that point.

The more I think about it, I'll probably see if I can knock out MS11-012 and possibly some of the easier patches before going back to MS11-003 (I've performed a partial analysis of all of them). I understand the nature of most of the MS11-003 changes as they're not particularly complex, but there are so many that I need to think a little more about how to efficiently port it.

#96
tomasz86

tomasz86

    www.windows2000.tk

  • Member
  • PipPipPipPipPipPipPipPip
  • 2,528 posts
  • Joined 27-November 10
  • OS:none specified
  • Country: Country Flag
The problem with the fonts changing into Chinese is that in only happened in this dialog (http://www.townofstr...k no-exit 4.jpg). The 'End task' and 'Cancel' buttons changed into Chinese. I would check these dialogues but I need to know exactly in which of the system files they are present. Does anyone know which system file is responsible for it?

post-47483-1123010975.png


#97
WildBill

WildBill

    Senior Member

  • Developer
  • 697 posts
  • Joined 09-August 05
  • OS:none specified
  • Country: Country Flag
That dialog is in winsrv.dll. which was changed in MS10-069 (KB2121546).

#98
tomasz86

tomasz86

    www.windows2000.tk

  • Member
  • PipPipPipPipPipPipPipPip
  • 2,528 posts
  • Joined 27-November 10
  • OS:none specified
  • Country: Country Flag
THANKS A LOT!!! :thumbup

Dialogues were corrupted.

(EDIT)

This problem seems to be related to the fact that I use different language in regional options for displaying non-unicode text. If I set it to Polish (in Polish Win2k) the dialogues show correctly. If I set it to Korean they appear as corrupted (ex. when opened in PE Explorer). Still the other system dialogues doesn't show any errors so why only these ones are problematic? :unsure:

Edited by tomasz86, 02 March 2011 - 07:37 AM.

post-47483-1123010975.png


#99
WildBill

WildBill

    Senior Member

  • Developer
  • 697 posts
  • Joined 09-August 05
  • OS:none specified
  • Country: Country Flag
Just a little update...

I've been trying to finish native 32-bit icon support and it's almost there. I still have at least one more routine to upgrade and one of my own to enhance a little more and then I need to see about improving the look of disabled icons similar to the way that Daedalus does. It won't support all 256 potential raster operations when using an alpha-blended image list, but the normal ones should work when I'm done. Even Daedalus didn't support every possible raster op, so it should be a wash. The plan is to bundle this with the latest win32k patch (which I haven't done yet, but I've done the first analysis pass on it).

If I wanted to try to support every possible raster op (all 256 of them) I theoretically could, but it would take quite a while and I don't see the benefit unless we run into an app that uses an obscure one. I have Yuan's Windows Graphics Programming book (the really huge one) that gives a complete explanation on how raster op codes are parsed so I have all the information for it, but it would be anything but easy nonetheless (remember, I'd have to write it all in assembly).

Edited by WildBill, 10 March 2011 - 12:10 AM.


#100
tomasz86

tomasz86

    www.windows2000.tk

  • Member
  • PipPipPipPipPipPipPipPip
  • 2,528 posts
  • Joined 27-November 10
  • OS:none specified
  • Country: Country Flag
WildBill,

I've just finished translating all your hotfixes into Polish. Good work and waiting for more. :whistle:

I also finally managed to fix the font display problem related to MS10-069. It was caused by ResHack which I used for translating. I remade it using PE Explorer and everything seems to be fine. ResHack doesn't support Unicode and although I had everything set to Polish in Windows, it still messed the Polish fonts up.

post-47483-1123010975.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users