Feature/delayload win32 (#1)

viferga · web-flow · commit 0dd10e973f0c · 2025-03-07T02:29:32.000-05:00
* First attempt.

* Solve issue.

* Solve issues in delay load.

* Debugging.

* Debugging.

* Debugging.

* Debugging.

* Debugging.

* Debugging.

* Debugging.

* Debugging.

* Debugging.

* Debug entries.

* Debug entries.
diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml
@@ -1,4 +1,5 @@
-name: tests
+name: Tests
+
 on:
   push:
   pull_request:
@@ -112,9 +113,10 @@ jobs:
     - name: arm-linux-gnueabihf with optimization
       run: |
         make relro_pie_tests TARGET_PLATFORM=arm-linux-gnueabihf
-    - name: aarch64-linux-gnu with optimization
-      run: |
-        make relro_pie_tests TARGET_PLATFORM=aarch64-linux-gnu
+    # TODO: https://github.com/kubo/plthook/issues/51
+    # - name: aarch64-linux-gnu with optimization
+    #   run: |
+    #     make relro_pie_tests TARGET_PLATFORM=aarch64-linux-gnu
     - name: powerpc-linux-gnu with optimization
       run: |
         make relro_pie_tests TARGET_PLATFORM=powerpc-linux-gnu QEMU_ARCH=ppc
@@ -130,7 +132,7 @@ jobs:
     if: github.event.inputs.tests_on_macos == 'true' || github.event.inputs.tests_on_macos == ''
     strategy:
       matrix:
-        os: [macos-12, macos-13, macos-14]
+        os: [macos-13, macos-14, macos-15]
     runs-on: ${{ matrix.os }}
     defaults:
       run:
diff --git a/.gitignore b/.gitignore
@@ -1,4 +1,4 @@
 *~
 /test/android/libs/
 /test/android/obj/
-
+.vscode
diff --git a/plthook_win32.c b/plthook_win32.c
@@ -119,7 +119,9 @@ static int plthook_open_real(plthook_t **plthook_out, HMODULE hMod)
     plthook_t *plthook;
     ULONG ulSize;
     IMAGE_IMPORT_DESCRIPTOR *desc_head, *desc;
-    size_t num_entries = 0;
+    PIMAGE_NT_HEADERS nt;
+    PIMAGE_DELAYLOAD_DESCRIPTOR dload_head, dload;
+    unsigned int num_entries = 0;
     size_t ordinal_name_buflen = 0;
     size_t idx;
     char *ordinal_name_buf;
@@ -130,7 +132,7 @@ static int plthook_open_real(plthook_t **plthook_out, HMODULE hMod)
         return PLTHOOK_INTERNAL_ERROR;
     }
 
-    /* Calculate size to allocate memory.  */
+    /* Calculate size to allocate memory (Import Table) */
     for (desc = desc_head; desc->Name != 0; desc++) {
         IMAGE_THUNK_DATA *name_thunk = (IMAGE_THUNK_DATA*)((char*)hMod + desc->OriginalFirstThunk);
         IMAGE_THUNK_DATA *addr_thunk = (IMAGE_THUNK_DATA*)((char*)hMod + desc->FirstThunk);
@@ -158,6 +160,42 @@ static int plthook_open_real(plthook_t **plthook_out, HMODULE hMod)
         }
     }
 
+    /* Calculate size to allocate memory (Delayed Load Import Table) */
+    nt = (PIMAGE_NT_HEADERS)((uintptr_t)hMod + ((PIMAGE_DOS_HEADER)hMod)->e_lfanew);
+    dload_head = (PIMAGE_DELAYLOAD_DESCRIPTOR)((uintptr_t)hMod +
+        nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT].VirtualAddress);
+
+    for (dload = dload_head; dload->DllNameRVA != 0; dload++) {
+        IMAGE_THUNK_DATA *name_thunk = (IMAGE_THUNK_DATA*)((uintptr_t)hMod + dload->ImportNameTableRVA);
+        IMAGE_THUNK_DATA *addr_thunk = (IMAGE_THUNK_DATA*)((uintptr_t)hMod + dload->ImportAddressTableRVA);
+        const char* module_name = (char*)((uintptr_t)hMod + dload->DllNameRVA);
+        int is_winsock2_dll = (stricmp(module_name, "WS2_32.DLL") == 0);
+
+        if (*module_name == '\0') {
+            continue;
+        }
+
+        while (name_thunk->u1.AddressOfData) {
+            if (IMAGE_SNAP_BY_ORDINAL(name_thunk->u1.Ordinal)) {
+                int ordinal = IMAGE_ORDINAL(name_thunk->u1.Ordinal);
+                const char *name = NULL;
+                if (is_winsock2_dll) {
+                    name = winsock2_ordinal2name(ordinal);
+                }
+                if (name == NULL) {
+#ifdef __CYGWIN__
+                    ordinal_name_buflen += snprintf(NULL, 0, "%s:@%d", module_name, ordinal) + 1;
+#else
+                    ordinal_name_buflen += _scprintf("%s:@%d", module_name, ordinal) + 1;
+#endif
+                }
+            }
+            num_entries++;
+            name_thunk++;
+            addr_thunk++;
+        }
+    }
+
     plthook = calloc(1, offsetof(plthook_t, entries) + sizeof(import_address_entry_t) * num_entries + ordinal_name_buflen);
     if (plthook == NULL) {
         set_errmsg("failed to allocate memory: %" SIZE_T_FMT " bytes", sizeof(plthook_t));
@@ -168,6 +206,8 @@ static int plthook_open_real(plthook_t **plthook_out, HMODULE hMod)
 
     ordinal_name_buf = (char*)plthook + offsetof(plthook_t, entries) + sizeof(import_address_entry_t) * num_entries;
     idx = 0;
+
+    /* Import Table */
     for (desc = desc_head; desc->Name != 0; desc++) {
         IMAGE_THUNK_DATA *name_thunk = (IMAGE_THUNK_DATA*)((char*)hMod + desc->OriginalFirstThunk);
         IMAGE_THUNK_DATA *addr_thunk = (IMAGE_THUNK_DATA*)((char*)hMod + desc->FirstThunk);
@@ -198,6 +238,41 @@ static int plthook_open_real(plthook_t **plthook_out, HMODULE hMod)
         }
     }
 
+    /* Delayed Load Import Table */
+    for (dload = dload_head; dload->DllNameRVA != 0; dload++) {
+        IMAGE_THUNK_DATA *name_thunk = (IMAGE_THUNK_DATA*)((uintptr_t)hMod + dload->ImportNameTableRVA);
+        IMAGE_THUNK_DATA *addr_thunk = (IMAGE_THUNK_DATA*)((uintptr_t)hMod + dload->ImportAddressTableRVA);
+        const char* module_name = (char*)((uintptr_t)hMod + dload->DllNameRVA);
+        int is_winsock2_dll = (stricmp(module_name, "WS2_32.DLL") == 0);
+
+        if (*module_name == '\0') {
+            continue;
+        }
+
+        while (name_thunk->u1.AddressOfData) {
+            const char *name = NULL;
+
+            if (IMAGE_SNAP_BY_ORDINAL(name_thunk->u1.Ordinal)) {
+                int ordinal = IMAGE_ORDINAL(name_thunk->u1.Ordinal);
+                if (is_winsock2_dll) {
+                    name = winsock2_ordinal2name(ordinal);
+                }
+                if (name == NULL) {
+                    name = ordinal_name_buf;
+                    ordinal_name_buf += sprintf(ordinal_name_buf, "%s:@%d", module_name, ordinal) + 1;
+                }
+            } else {
+                name = (char*)((PIMAGE_IMPORT_BY_NAME)((char*)hMod + name_thunk->u1.AddressOfData))->Name;
+            }
+            plthook->entries[idx].mod_name = module_name;
+            plthook->entries[idx].name = name;
+            plthook->entries[idx].addr = (void**)&addr_thunk->u1.Function;
+            idx++;
+            name_thunk++;
+            addr_thunk++;
+        }
+    }
+
     *plthook_out = plthook;
     return 0;
 }
