FAST_CWD: adjust the initial search scope
A *very* recent Windows build adds more code to the preamble of RtlGetCurrentDirectory_U() so that the previous heuristic failed to find the call to the locking routine. This only affects the 64-bit version of ntdll, where the 0xe8 byte is now found at offset 40, not the 32-bit version. However, let's just double the area we search for said byte for good measure. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
This commit is contained in:
parent
e0477b4a0b
commit
e5cadbfdcd
|
@ -4034,7 +4034,7 @@ find_fast_cwd_pointer ()
|
||||||
if (!get_dir || !ent_crit)
|
if (!get_dir || !ent_crit)
|
||||||
return NULL;
|
return NULL;
|
||||||
/* Search first relative call instruction in RtlGetCurrentDirectory_U. */
|
/* Search first relative call instruction in RtlGetCurrentDirectory_U. */
|
||||||
const uint8_t *rcall = (const uint8_t *) memchr (get_dir, 0xe8, 40);
|
const uint8_t *rcall = (const uint8_t *) memchr (get_dir, 0xe8, 80);
|
||||||
if (!rcall)
|
if (!rcall)
|
||||||
return NULL;
|
return NULL;
|
||||||
/* Fetch offset from instruction and compute address of called function.
|
/* Fetch offset from instruction and compute address of called function.
|
||||||
|
@ -4133,7 +4133,7 @@ find_fast_cwd_pointer ()
|
||||||
if (!get_dir || !ent_crit)
|
if (!get_dir || !ent_crit)
|
||||||
return NULL;
|
return NULL;
|
||||||
/* Search first relative call instruction in RtlGetCurrentDirectory_U. */
|
/* Search first relative call instruction in RtlGetCurrentDirectory_U. */
|
||||||
const uint8_t *rcall = (const uint8_t *) memchr (get_dir, 0xe8, 32);
|
const uint8_t *rcall = (const uint8_t *) memchr (get_dir, 0xe8, 64);
|
||||||
if (!rcall)
|
if (!rcall)
|
||||||
return NULL;
|
return NULL;
|
||||||
/* Fetch offset from instruction and compute address of called function.
|
/* Fetch offset from instruction and compute address of called function.
|
||||||
|
|
Loading…
Reference in New Issue