jumper Posted December 24, 2011 Share Posted December 24, 2011 (edited) ImportPatcherEnable a new executable to load with old DLLs or on an older OS.ImportPatcher.41.7z debugging DLL: IPstub.zip Drugwash's API Parameter Count v1.0.1.0 Features:Analyzes a program's OS subsystem and Import requirements Walks (recurses through) all dependencies (optional) Creates #.log file with detailed results Creates #.ini file for controlling patching step Patches OS subsystem if needed Substitutes for any import modules and functions, missing or not Patches hints for better performance (optional)Hint support disabled pending design review Supports all Portable Executable (PE) files (apps, dll's, ...) Works in four steps: Set parameters [ Analyze ] Edit DLL filename and API strings [ Patch ] Suggested usage:Create a shortcut to ImportPatcher in your Windows SendTo folder Send files to it using the right-click context menu. Notes:All file patching is done on copies. Filenames containing '=' are incompatible with the use of an .ini file. Please rename. If module MSVC*#*.DLL is reported missing, try replacing it with 'MSVC*71*.DLL. History: New in ImportPatcher.41.7z:February 26, 2015 minor changes see post with full details New in ImportPatcher.40.7z:December 20, 2014 Dialog interface see post with screenshot and full details New in ImportPatcher.39.7z (preview alpha): July 6, 2013 Expanded first MessageBox into fuller DialogBox Added export forward patching New in ImportPatcher.38.7z: March 29, 2013 Delay-load processing made optional Added file and data alignment checking Ordinal import fields reversed in log (to match strings) New in IPstub.zip: Jan 19, 2012 stub library for replacing missing DLLs debug build with C source ImportPatcher.37.zip Sep 19, 2012 default option to test for API's with LoadLibrary/GetProcAddress if any DLL or API is missing iterate needed imports even if DLL is missing or has no exports "Target OS" -> "OS Subsystem Version [Ceiling]" nicer formatting of TimeDateStamps and ordinals in log ImportPatcher.35.7z Mar 21, 2012 More robust header parsing UPX compression detection CheckSum zeroed ImportPatcher.34.exe Jan 19, 2012 If no LookupTable (ILT), use AddressTable (IAT) instead When unbinding, reinitialize IAT to match ILT ImportPatcher.33.exe Jan 18, 2012 Full support for VC6-style delay-load imports (va and rva types)! Improved log file format Protection from redundant and looping dependencies 'Unbind broken bindings' reintroduced (default=N) 'Link to copies' non-functional ImportPatcher.32.exe Jan 10, 2012 Much more robust when analyzing: small, truncated, or empty files old 16-bit executables PE32+ (64-bit) files--detected and rejected Reworked error reporting including GetLastError Even-length string names can grow by one when substituting Glitch: still reports as .31 ImportPatcher.31.exe Jan 7, 2012 Retry multiple passes without exiting every pass does full analysis every pass also patches once .ini section [Patch list] exists prompt after every pass to Retry or Cancel (quit) Simplified .ini format Mode parameter removed target OS now in Parameters hint and binding parameters removed Better XP compatibility GetLastError invoked for better debugging ImportPatcher.30.exe Jan 3, 2012 remove 'intructions' [sic] from main section name! check hints even if bound unbind broken bindings truncate replacement name at space move OS to parameters ImportPatcher.29.exe Dec 28, 2011 Clearer prompts at beginning and end of each pass Simpler .ini file with instructions Redirection of any function within a module Redirection of any module to another Supports endless trial-and-error ImportPatcher.28.exe Dec 24, 2011 Initial public release ImportPatcher.27.exe Nov 10, 2011 Sneak previewed on Dec 19, 2011 Produced an analysis log file Edited April 18, 2016 by jumper Unmangle after last two IPB "upgrades" 1 Link to comment Share on other sites More sharing options...
loblo Posted December 26, 2011 Share Posted December 26, 2011 This is one very cool tool which makes it so much easier and faster for replacing functions than using an hex editor. Link to comment Share on other sites More sharing options...
jumper Posted December 27, 2011 Author Share Posted December 27, 2011 (edited) ...I've just tried the Import Patcher on the "signtool.exe" utility from http://www.microsoft.com/download/en/details.aspx?id=8442 (Microsoft Windows SDK for Windows 7 and .NET Framework 4). Image file = GRMSDK_EN_DVD.iso, Path = \Setup\WinSDKTools\cab1.cab, Extract file = WinSDK_signtool_exe_B2E1011D_2F14_488D_A056_C5BD55106409_x86.Executing 'signtool.exe' by itself (with KernelEx 4.5.2) produces the error :The SIGNTOOL.EXE file islinked to missing export MSVCRT.DLL:__uncaught_exception.Executing with Import Patcher gives a bunch of "Importing from module ..." messages, but not the above message. It also produces a file "signtoo#.exe" which has patches but seems to behave the same as "signtool.exe".In addition, a log file is produced, from which the following is an extract : Importing from module: 'msvcrt.dll' __wgetmainargs: 225 != 142 # _cexit: 276 != 173 # _exit: 354 != 215 # _XcptFilter: 106 != 75 # exit: 1167 != 607 # _initterm: 469 != 282 # _amsg_exit: 257 != 162 # fgetpos: 1175 != 615 # __p__commode: 185 != 109 # __p__fmode: 190 != 114 # __set_app_type: 210 != 132 # ??1type_info@@UAE@XZ: 17 != 14 # msvcrt.dll: __uncaught_exception (db) * No match memmove: 1260 != 686 # _unlock: 934 != 495 # __dllonexit: 141 != 88 # _lock: 578 != 329 # _onexit: 747 != 403 # ?terminate@@YAXXZ: 55 != 48 # _controlfp: 295 != 186 # isleadbyte: 1218 != 651 # isupper: 1223 != 656 # _itoa: 561 != 319 # islower: 1219 != 652 # __badioinfo: 133 != 84 # __pioinfo: 207 != 130 # _fileno: 367 != 226 # _lseeki64: 587 != 337 # _write: 1096 != 555 # _isatty: 478 != 287 # ??0exception@@QAE@ABQBD@Z: 9 != 7 # ?what@exception@@UBEPBDXZ: 57 != 50 # ??1exception@@UAE@XZ: 16 != 13 # fwrite: 1201 != 636 # setvbuf: 1287 != 708 # fflush: 1173 != 613 # ungetc: 1341 != 749 # fputc: 1185 != 623 # fgetc: 1174 != 614 # malloc: 1246 != 679 # _callnewh: 274 != 172 # setlocale: 1286 != 707 # msvcrt.dll: ___lc_handle_func (7f) * No match msvcrt.dll: ___lc_codepage_func (7d) * No match msvcrt.dll: ___mb_cur_max_func (80) * No match abort: 1142 != 586 # ungetwc: 1342 != 750 # msvcrt.dll: __pctype_func (ce) * No match __crtLCMapStringA: 138 != 87 # msvcrt.dll: __iob_func (93) * No match __mb_cur_max: 176 != 100 # msvcrt.dll: __crtLCMapStringW (8b) * No match wctomb: 1390 != 778 #Now two questions come to mind :1. Is there a way to pass command line parameters to "signtool.exe" when using the Import Patcher?2. Should the "signtoo#.exe" application run OK (not exhibit the same missing import/export message)?Joe.The SIGNTOOL.EXE file islinked to missing export MSVCRT.DLL:__uncaught_exception.Looks like MS has added a new function to a venerable support file. Substituting another function or stub for '__uncaught_exception' might not be acceptable to the calling app. If not, try locating a version of MSVCRT.DLL that includes this function.Executing with Import Patcher gives a bunch of "Importing from module ..." messages, but not the above message. It also produces a file "signtoo#.exe" which has patches but seems to behave the same as "signtool.exe".ImportPatcher.27 was my last internal build back on Nov 10, 2011, before development took a break. Those are debug messages--I never expected to release that build as a sneak-preview.IP.27 patches the OS version and creates a dependency log that is somewhat readable. The resulting #.exe file will only be loadable if the OS version was the only load error. Also, a *#.* copy of every file that is walked is created, including system DLLs (only useful if you're trying to fragment your HDD!).Try again with IP.28; or better yet, with IP.29 later tonight.1. Is there a way to pass command line parameters to "signtool.exe" when using the Import Patcher?IP.28 reads parameters from an .ini file that can be edited between passes.2. Should the "signtoo#.exe" application run OK (not exhibit the same missing import/export message)?That is the goal. If you supply valid replacement functions, the patched copy should get past the system loader. Edited December 27, 2011 by jumper Link to comment Share on other sites More sharing options...
jumper Posted December 27, 2011 Author Share Posted December 27, 2011 Joe, it's the ini file that matters the most. You should find in it a section per dependency listing the missing functions as follows:missingfunction=YThen you just need to replace the Y by whatever function you want to replace it and rerun the tool which will patch accordingly. (If you want no change for a missing function which is best for what KernelEx already caters for then replace Y by the missing function such as: missingfunction=missingfunction). Good idea, loblo! Upcoming beta29 will now do that for us:[KERNEL32.dll]DecodePointer=DecodePointerEncodePointer=EncodePointer[Missing modules]MSVCR100.dll=MSVCR100.dllIt also adds a similar option for missing modules.For example, this works quite well:[Missing modules]MSVCR100.dll=MSVCR90.dll Link to comment Share on other sites More sharing options...
slhk Posted December 29, 2011 Share Posted December 29, 2011 Hi jumperYour program is very useful, but it is not easy for newbie to understand how to use itCould you provide a step-by-step successful example?Many thanks Link to comment Share on other sites More sharing options...
jumper Posted January 1, 2012 Author Share Posted January 1, 2012 Sorry for the delay, slhk. I've been looking for and finally found a good example.Back on 5/5/2003, I installed Microsoft Active Accessibility which updated COMCTL32.DLL from version 5.00.2614.3500 to 5.00.2614.3600.Version 5.00.2614.3500 is part of IE5.0 and imports bound links from other IE5.0 DLLs.Version 5.00.2614.3600 is part of IE5.0.1 and is bound to other DLLs that didn't get updated, causing loading delays.I copied v3500 to my temp folder and named it COMCTL32aa.DLL.I copied v3600 to my temp folder and named it COMCTL32bb.DLL.I analyzed each of these files in ImportPatcher.29 (by dragging them to a shortcut on my desktop).The .ini file for v3500 shows an empty list under "[Need patching? (do not edit)]" -- this indicates no errors found:COMCTL32a#.ini[ImportPatcher.29 - Intructions];Edit parameters and replacement strings and run ImportPatcher again. <=[Parameters]Mode: (A)nalyze or (P)atch=AWalk dependencies=NLink to copies=YFix function hints=Y[Need patching? (do not edit)]The .log file for v3500 shows good binds with KERNEL32.dll and ADVAPI32.dll, but bad binds with GDI32.dll and USER32.dll. This indicates GDI32.dll and USER32.dll were build to match a different KERNEL32.dll and also need to be fixed.COMCTL32a#.logImportPatcher.29Portable Executable: 'R:\COMCTL32aa.DLL' TimeDateStamp: 3720a1cd SubsystemVersion: 4.0 <= 4.10 Importing from module: 'GDI32.dll' TimeDateStamp: 3ab81436 SubsystemVersion: 4.0 <= 4.10 Old Bind timestamps: 353ec272 != 3ab81436 Importing from module: 'KERNEL32.dll' TimeDateStamp: 371fc2b3 SubsystemVersion: 4.0 <= 4.10 Old Bind timestamps: 371fc2b3 == 371fc2b3 Importing from module: 'USER32.dll' TimeDateStamp: 3adf0611 SubsystemVersion: 4.0 <= 4.10 Old Bind timestamps: 3720a1cd != 3adf0611 Importing from module: 'ADVAPI32.dll' TimeDateStamp: 3720a1cd SubsystemVersion: 4.0 <= 4.10 Old Bind timestamps: 3720a1cd == 3720a1cdThe .ini file for v3600 shows "R:\COMCTL32bb.DLL=Y (function hint)" under "[Need patching? (do not edit)]" -- this indicates that some ordinal link hints need fixing:COMCTL32b#.ini[ImportPatcher.29 - Intructions];Edit parameters and replacement strings and run ImportPatcher again. <=[Parameters]Mode: (A)nalyze or (P)atch=AWalk dependencies=NLink to copies=NFix function hints=Y[Need patching? (do not edit)]R:\COMCTL32bb.DLL=Y (function hint)I edited the Mode parameter to read "Mode: (A)nalyze or (P)atch=P" and reprocessed in ImportPatcher.The .log file then confirmed lots of patched mismatched function ordinal hints:COMCTL32b#.logImportPatcher.29Portable Executable: 'R:\COMCTL32bb.DLL' TimeDateStamp: 372a5251 SubsystemVersion: 4.0 <= 4.10 Importing from module: 'GDI32.dll' TimeDateStamp: 3ab81436 SubsystemVersion: 4.0 <= 4.10 CreateDIBSection: 36 != 142 # GetStockObject: 188 != 297 # StretchDIBits: 313 != 424 # CreateRectRgn: 59 != 165 # SetWindowOrgEx: 307 != 418 # OffsetWindowOrgEx: 224 != 333 # GetDeviceCaps: 142 != 250 # PatBlt: 226 != 335 # SetBkMode: 269 != 378 # RealizePalette: 246 != 355 # SelectPalette: 263 != 372 # CreatePatternBrush: 54 != 160 # CreateBitmap: 25 != 131 # RestoreDC: 255 != 364 # SelectClipRgn: 261 != 370 # SaveDC: 257 != 366 # CombineRgn: 19 != 125 # CreateRectRgnIndirect: 60 != 166 # GetTextColor: 196 != 305 # SetObjectOwner: 289 != 400 # GetPaletteEntries: 178 != 287 # CreateHalftonePalette: 47 != 153 # SetPixelV: 293 != 404 # SetPixel: 291 != 402 # CreateSolidBrush: 64 != 170 # SetDIBColorTable: 274 != 383 # GetDIBColorTable: 140 != 248 # GetBitmapBits: 115 != 223 # SetBrushOrgEx: 271 != 380 # GetDIBits: 141 != 249 # SetDIBits: 275 != 384 # OffsetRgn: 222 != 331 # GetCurrentObject: 137 != 245 # ExcludeClipRect: 93 != 200 # RectVisible: 248 != 357 # IntersectClipRect: 213 != 322 # GetClipRgn: 134 != 242 # GetDCOrgEx: 139 != 247 # BitBlt: 9 != 114 # MoveToEx: 220 != 329 # CreatePen: 55 != 161 # Arc: 6 != 111 # Rectangle: 249 != 358 # Ellipse: 76 != 182 # CreatePalette: 53 != 159 # UnrealizeObject: 320 != 431 # StretchBlt: 312 != 423 # TranslateCharsetInfo: 319 != 430 # Polyline: 242 != 351 # CreateBitmapIndirect: 26 != 132 # CreatePolygonRgn: 58 != 164 # CreateRoundRectRgn: 61 != 167 # FrameRgn: 106 != 213 # FillRgn: 102 != 209 # GetCharWidthW: 130 != 238 # GetCharWidthA: 127 != 235 # GetTextExtentPoint32W: 200 != 309 # GetTextCharsetInfo: 195 != 304 # GetTextExtentPointA: 201 != 310 # ExtTextOutW: 100 != 207 # ExtTextOutA: 99 != 206 # GetWindowExtEx: 210 != 319 # GetViewportExtEx: 207 != 316 # ExtSelectClipRgn: 98 != 205 # CreateFontA: 43 != 149 # CreateFontIndirectA: 44 != 150 # EnumFontFamiliesExA: 82 != 189 # GetObjectA: 173 != 282 # GetTextMetricsA: 205 != 314 # GetTextAlign: 192 != 301 # SetTextAlign: 299 != 410 # SetBkColor: 268 != 377 # SetTextColor: 301 != 412 # GetClipBox: 133 != 241 # CreateCompatibleDC: 31 != 137 # CreateCompatibleBitmap: 30 != 136 # SelectObject: 262 != 371 # LineTo: 217 != 326 # GetNearestColor: 171 != 280 # DeleteDC: 67 != 173 # GetPixel: 180 != 289 # DeleteObject: 70 != 176 # GetBkColor: 117 != 225 # Importing from module: 'KERNEL32.dll' TimeDateStamp: 371fc2b3 SubsystemVersion: 4.0 <= 4.10 EnterCriticalSection: 100 != 225 # LeaveCriticalSection: 403 != 552 # SetEvent: 556 != 714 # Sleep: 593 != 758 # InitializeCriticalSection: 379 != 522 # DeleteCriticalSection: 89 != 214 # CreateThread: 80 != 205 # MultiByteToWideChar: 443 != 594 # lstrlenA: 694 != 864 # GetProcAddress: 279 != 419 # ReinitializeCriticalSection: 493 != 644 # GetACP: 181 != 312 # DisableThreadLibraryCalls: 94 != 219 # GetCurrentProcessId: 212 != 347 # GetVersionExA: 335 != 477 # FreeResource: 178 != 309 # GlobalFree: 350 != 493 # GlobalAlloc: 343 != 486 # LockResource: 423 != 574 # LoadResource: 409 != 558 # GetTickCount: 328 != 470 # LocalReAlloc: 417 != 568 # IsBadWritePtr: 392 != 536 # lstrcpyA: 688 != 858 # FreeLibrary: 176 != 307 # MulDiv: 442 != 593 # HeapAlloc: 366 != 509 # HeapFree: 370 != 513 # HeapReAlloc: 372 != 515 # IsBadCodePtr: 386 != 530 # InterlockedExchange: 382 != 526 # lstrcpynA: 691 != 861 # GetThreadLocale: 324 != 465 # GetProcessHeap: 282 != 422 # HeapDestroy: 369 != 512 # HeapCreate: 368 != 511 # HeapSize: 374 != 517 # GetUserDefaultLangID: 333 != 475 # lstrcmpiA: 685 != 855 # GetLocalTime: 248 != 386 # GlobalUnlock: 360 != 503 # GlobalHandle: 353 != 496 # GetUserDefaultLCID: 332 != 474 # lstrcmpA: 682 != 852 # @12 EnumResourceLanguagesW: 106 != 235 # SizeofResource: 592 != 757 # UnMapSLFixArray: 616 != 783 # MapSLFix: 433 != 584 # LocalSize: 419 != 570 # InterlockedDecrement: 381 != 525 # @24 UnhandledExceptionFilter: 617 != 784 # FindResourceA: 160 != 291 # InterlockedIncrement: 384 != 528 # IsDBCSLeadByte: 393 != 537 # WaitForSingleObject: 638 != 807 # CompareStringA: 43 != 166 # GetCurrentThreadId: 214 != 349 # GetLastError: 247 != 385 # IsBadReadPtr: 389 != 533 # MapViewOfFile: 434 != 585 # GetFileSize: 237 != 375 # UnmapViewOfFile: 621 != 788 # IsValidCodePage: 397 != 544 # CreateEventA: 57 != 182 # CreateFileA: 60 != 185 # CreateFileMappingA: 61 != 186 # FindResourceExA: 161 != 292 # GetDateFormatA: 215 != 350 # GetLocaleInfoA: 249 != 387 # GetNumberFormatA: 262 != 402 # GetModuleHandleA: 257 != 397 # GetStringTypeExA: 304 != 445 # GetProfileIntA: 289 != 430 # GetTimeFormatA: 329 != 471 # GlobalAddAtomA: 341 != 484 # LoadLibraryA: 404 != 553 # GlobalReAlloc: 356 != 499 # RtlUnwind: 502 != 657 # CloseHandle: 37 != 160 # GetLocaleInfoW: 250 != 388 # GetSystemDefaultLCID: 307 != 448 # LocalFree: 414 != 565 # LocalAlloc: 410 != 560 # ThunkConnect32: 603 != 769 # SUnMapLS_IP_EBP_12: 515 != 670 # SMapLS_IP_EBP_12: 505 != 660 # SUnMapLS: 514 != 669 # SMapLS: 504 != 659 # FT_Exit24: 127 != 256 # FT_Exit20: 126 != 255 # FT_Thunk: 139 != 268 # lstrlenW: 695 != 865 # WideCharToMultiByte: 642 != 811 # Importing from module: 'USER32.dll' TimeDateStamp: 3adf0611 SubsystemVersion: 4.0 <= 4.10 TrackPopupMenu: 559 != 600 # PtInRect: 436 != 468 # GetFocus: 240 != 257 # GetSysColor: 294 != 316 # RedrawWindow: 438 != 471 # DrawFocusRect: 156 != 164 # IsWindowEnabled: 360 != 392 # EqualRect: 193 != 207 # MapWindowPoints: 394 != 426 # GetParent: 282 != 303 # GetWindowRect: 315 != 339 # EnableWindow: 172 != 181 # SendMessageA: 465 != 503 # GetSystemMetrics: 297 != 319 # SystemParametersInfoA: 549 != 589 # IntersectRect: 337 != 369 # ClientToScreen: 53 != 61 # ReleaseCapture: 452 != 487 # GetCapture: 207 != 223 # WaitMessage: 586 != 635 # TranslateMessage: 565 != 606 # SetCapture: 474 != 512 # GetSysColorBrush: 295 != 317 # GetMessageTime: 274 != 294 # MessageBeep: 396 != 428 # UnionRect: 568 != 610 # ScrollWindowEx: 462 != 497 # GetDoubleClickTime: 239 != 256 # SetRectEmpty: 511 != 550 # ScreenToClient: 459 != 494 # GetMessagePos: 273 != 293 # GetDlgItem: 235 != 252 # CopyRect: 63 != 71 # SetCursor: 482 != 520 # DrawIcon: 159 != 167 # EnableScrollBar: 171 != 180 # SetScrollInfo: 512 != 551 # GetScrollInfo: 289 != 311 # GetWindowDC: 310 != 332 # GetCursorPos: 229 != 246 # DrawFrameControl: 158 != 166 # InvertRect: 340 != 372 # IsRectEmpty: 358 != 390 # GetScrollPos: 290 != 312 # GetScrollRange: 291 != 313 # ShowScrollBar: 541 != 581 # IsWindowVisible: 362 != 394 # SetScrollPos: 513 != 552 # SetScrollRange: 514 != 553 # IsZoomed: 363 != 395 # GetDesktopWindow: 232 != 249 # GetAsyncKeyState: 206 != 222 # DrawEdge: 155 != 163 # DestroyWindow: 134 != 142 # ShowCaret: 538 != 578 # SetCaretPos: 476 != 514 # HideCaret: 325 != 350 # GetKeyState: 250 != 268 # DestroyCaret: 130 != 138 # CreateCaret: 67 != 75 # DestroyIcon: 132 != 140 # GetIconInfo: 243 != 261 # CreateIconIndirect: 78 != 86 # DrawIconEx: 160 != 168 # CopyImage: 62 != 70 # CopyIcon: 61 != 69 # GetDCEx: 231 != 248 # wsprintfA: 595 != 645 # ShowWindow: 542 != 582 # SetWindowRgn: 530 != 570 # IsChild: 349 != 381 # GetShellWindow: 292 != 314 # GetKeyboardLayout: 251 != 269 # SetKeyboardState: 494 != 532 # GetKeyboardState: 255 != 273 # DestroyCursor: 131 != 139 # GetUpdateRgn: 304 != 326 # GetUpdateRect: 303 != 325 # GetWindowRgn: 316 != 340 # ValidateRect: 578 != 624 # SetCursorPos: 483 != 521 # LockWindowUpdate: 386 != 418 # GetMenuItemID: 264 != 284 # GetMenuItemCount: 263 != 283 # GetSubMenu: 293 != 315 # GetSystemMenu: 296 != 318 # CheckMenuItem: 47 != 55 # SetMenu: 497 != 535 # GetMenuState: 268 != 288 # SubtractRect: 544 != 584 # CreatePopupMenu: 82 != 90 # DestroyMenu: 133 != 141 # AdjustWindowRect: 1 != 2 # IsWindow: 359 != 391 # MoveWindow: 409 != 441 # GetWindowThreadProcessId: 321 != 345 # GetWindow: 308 != 330 # MapDialogRect: 389 != 421 # SetForegroundWindow: 492 != 530 # GetNextDlgTabItem: 279 != 300 # DeferWindowPos: 127 != 135 # EndDeferWindowPos: 173 != 182 # BeginDeferWindowPos: 8 != 11 # SetWindowTextA: 531 != 571 # SetActiveWindow: 473 != 511 # GetActiveWindow: 204 != 219 # PostQuitMessage: 433 != 465 # CreateDialogIndirectParamA: 71 != 79 # SetParent: 506 != 544 # CreateWindowExA: 83 != 91 # CharNextA: 30 != 38 # FrameRect: 202 != 217 # ChildWindowFromPoint: 50 != 58 # EndDialog: 174 != 183 # EnumChildWindows: 177 != 187 # GetWindowLongA: 312 != 334 # GetCursor: 227 != 244 # GetForegroundWindow: 241 != 258 # GetMenu: 258 != 277 # InvalidateRgn: 339 != 371 # WindowFromPoint: 591 != 640 # DrawTextExA: 165 != 174 # AppendMenuA: 4 != 7 # CallMsgFilterA: 14 != 20 # CallWindowProcA: 17 != 23 # DefWindowProcA: 125 != 133 # DispatchMessageA: 139 != 147 # FindWindowA: 197 != 211 # GetClassInfoA: 210 != 226 # GetClassNameA: 216 != 232 # GetKeyNameTextA: 248 != 266 # GetMenuItemInfoA: 265 != 285 # GetMessageA: 271 != 291 # GetPropA: 285 != 307 # GetWindowTextA: 317 != 341 # GrayStringA: 323 != 347 # IsDialogMessageA: 352 != 384 # LoadCursorA: 369 != 401 # LoadIconA: 373 != 405 # LoadImageA: 375 != 407 # MapVirtualKeyA: 390 != 422 # PeekMessageA: 428 != 460 # PostMessageA: 431 != 463 # RegisterClassA: 439 != 472 # RegisterWindowMessageA: 450 != 485 # RemovePropA: 455 != 490 # GetWindowTextLengthA: 318 != 342 # SendNotifyMessageA: 471 != 509 # SetDlgItemTextA: 488 != 526 # SetPropA: 508 != 547 # SetWindowLongA: 526 != 566 # WinHelpA: 587 != 636 # DialogBoxIndirectParamA: 135 != 143 # SetFocus: 491 != 529 # GetDlgCtrlID: 234 != 251 # InflateRect: 329 != 361 # BeginPaint: 9 != 12 # EndPaint: 175 != 185 # FillRect: 196 != 210 # UpdateWindow: 575 != 618 # SetTimer: 520 != 559 # KillTimer: 364 != 396 # SetRect: 510 != 549 # GetDC: 230 != 247 # ReleaseDC: 453 != 488 # GetClientRect: 219 != 235 # InvalidateRect: 338 != 370 # SetWindowPos: 529 != 569 # AdjustWindowRectEx: 2 != 3 # OffsetRect: 418 != 450 # Importing from module: 'ADVAPI32.dll' TimeDateStamp: 3720a1cd SubsystemVersion: 4.0 <= 4.10 RegCreateKeyA: 153 != 219 # RegCreateKeyExA: 154 != 220 # RegCloseKey: 150 != 216 # RegSetValueExA: 193 != 259 # RegQueryValueExA: 181 != 247 # RegQueryValueA: 180 != 246 # RegOpenKeyExA: 173 != 239 # RegOpenKeyA: 172 != 238 #To confirm the problems had been fixed, I renamed to COMCTL32b#.DLL file to COMCTL32.DLL and reanalyzed:COMCTL3#.ini[ImportPatcher.29 - Intructions];Edit parameters and replacement strings and run ImportPatcher again. <=[Parameters]Mode: (A)nalyze or (P)atch=AWalk dependencies=NLink to copies=YFix function hints=Y[Need patching? (do not edit)]Nothing needs patching and:COMCTL3#.logImportPatcher.29Portable Executable: 'R:\COMCTL32.DLL' TimeDateStamp: 372a5251 SubsystemVersion: 4.0 <= 4.10 Importing from module: 'GDI32.dll' TimeDateStamp: 3ab81436 SubsystemVersion: 4.0 <= 4.10 CreateDIBSection: 142 = 142 GetStockObject: 297 = 297 StretchDIBits: 424 = 424 CreateRectRgn: 165 = 165 SetWindowOrgEx: 418 = 418 OffsetWindowOrgEx: 333 = 333 GetDeviceCaps: 250 = 250 PatBlt: 335 = 335 SetBkMode: 378 = 378 RealizePalette: 355 = 355 SelectPalette: 372 = 372 CreatePatternBrush: 160 = 160 CreateBitmap: 131 = 131 RestoreDC: 364 = 364 SelectClipRgn: 370 = 370 SaveDC: 366 = 366 CombineRgn: 125 = 125 CreateRectRgnIndirect: 166 = 166 GetTextColor: 305 = 305 SetObjectOwner: 400 = 400 GetPaletteEntries: 287 = 287 CreateHalftonePalette: 153 = 153 SetPixelV: 404 = 404 SetPixel: 402 = 402 CreateSolidBrush: 170 = 170 SetDIBColorTable: 383 = 383 GetDIBColorTable: 248 = 248 GetBitmapBits: 223 = 223 SetBrushOrgEx: 380 = 380 GetDIBits: 249 = 249 SetDIBits: 384 = 384 OffsetRgn: 331 = 331 GetCurrentObject: 245 = 245 ExcludeClipRect: 200 = 200 RectVisible: 357 = 357 IntersectClipRect: 322 = 322 GetClipRgn: 242 = 242 GetDCOrgEx: 247 = 247 BitBlt: 114 = 114 MoveToEx: 329 = 329 CreatePen: 161 = 161 Arc: 111 = 111 Rectangle: 358 = 358 Ellipse: 182 = 182 CreatePalette: 159 = 159 UnrealizeObject: 431 = 431 StretchBlt: 423 = 423 TranslateCharsetInfo: 430 = 430 Polyline: 351 = 351 CreateBitmapIndirect: 132 = 132 CreatePolygonRgn: 164 = 164 CreateRoundRectRgn: 167 = 167 FrameRgn: 213 = 213 FillRgn: 209 = 209 GetCharWidthW: 238 = 238 GetCharWidthA: 235 = 235 GetTextExtentPoint32W: 309 = 309 GetTextCharsetInfo: 304 = 304 GetTextExtentPointA: 310 = 310 ExtTextOutW: 207 = 207 ExtTextOutA: 206 = 206 GetWindowExtEx: 319 = 319 GetViewportExtEx: 316 = 316 ExtSelectClipRgn: 205 = 205 CreateFontA: 149 = 149 CreateFontIndirectA: 150 = 150 EnumFontFamiliesExA: 189 = 189 GetObjectA: 282 = 282 GetTextMetricsA: 314 = 314 GetTextAlign: 301 = 301 SetTextAlign: 410 = 410 SetBkColor: 377 = 377 SetTextColor: 412 = 412 GetClipBox: 241 = 241 CreateCompatibleDC: 137 = 137 CreateCompatibleBitmap: 136 = 136 SelectObject: 371 = 371 LineTo: 326 = 326 GetNearestColor: 280 = 280 DeleteDC: 173 = 173 GetPixel: 289 = 289 DeleteObject: 176 = 176 GetBkColor: 225 = 225 Importing from module: 'KERNEL32.dll' TimeDateStamp: 371fc2b3 SubsystemVersion: 4.0 <= 4.10 EnterCriticalSection: 225 = 225 LeaveCriticalSection: 552 = 552 SetEvent: 714 = 714 Sleep: 758 = 758 InitializeCriticalSection: 522 = 522 DeleteCriticalSection: 214 = 214 CreateThread: 205 = 205 MultiByteToWideChar: 594 = 594 lstrlenA: 864 = 864 GetProcAddress: 419 = 419 ReinitializeCriticalSection: 644 = 644 GetACP: 312 = 312 DisableThreadLibraryCalls: 219 = 219 GetCurrentProcessId: 347 = 347 GetVersionExA: 477 = 477 FreeResource: 309 = 309 GlobalFree: 493 = 493 GlobalAlloc: 486 = 486 LockResource: 574 = 574 LoadResource: 558 = 558 GetTickCount: 470 = 470 LocalReAlloc: 568 = 568 IsBadWritePtr: 536 = 536 lstrcpyA: 858 = 858 FreeLibrary: 307 = 307 MulDiv: 593 = 593 HeapAlloc: 509 = 509 HeapFree: 513 = 513 HeapReAlloc: 515 = 515 IsBadCodePtr: 530 = 530 InterlockedExchange: 526 = 526 lstrcpynA: 861 = 861 GetThreadLocale: 465 = 465 GetProcessHeap: 422 = 422 HeapDestroy: 512 = 512 HeapCreate: 511 = 511 HeapSize: 517 = 517 GetUserDefaultLangID: 475 = 475 lstrcmpiA: 855 = 855 GetLocalTime: 386 = 386 GlobalUnlock: 503 = 503 GlobalHandle: 496 = 496 GetUserDefaultLCID: 474 = 474 lstrcmpA: 852 = 852 @12 EnumResourceLanguagesW: 235 = 235 SizeofResource: 757 = 757 UnMapSLFixArray: 783 = 783 MapSLFix: 584 = 584 LocalSize: 570 = 570 InterlockedDecrement: 525 = 525 @24 UnhandledExceptionFilter: 784 = 784 FindResourceA: 291 = 291 InterlockedIncrement: 528 = 528 IsDBCSLeadByte: 537 = 537 WaitForSingleObject: 807 = 807 CompareStringA: 166 = 166 GetCurrentThreadId: 349 = 349 GetLastError: 385 = 385 IsBadReadPtr: 533 = 533 MapViewOfFile: 585 = 585 GetFileSize: 375 = 375 UnmapViewOfFile: 788 = 788 IsValidCodePage: 544 = 544 CreateEventA: 182 = 182 CreateFileA: 185 = 185 CreateFileMappingA: 186 = 186 FindResourceExA: 292 = 292 GetDateFormatA: 350 = 350 GetLocaleInfoA: 387 = 387 GetNumberFormatA: 402 = 402 GetModuleHandleA: 397 = 397 GetStringTypeExA: 445 = 445 GetProfileIntA: 430 = 430 GetTimeFormatA: 471 = 471 GlobalAddAtomA: 484 = 484 LoadLibraryA: 553 = 553 GlobalReAlloc: 499 = 499 RtlUnwind: 657 = 657 CloseHandle: 160 = 160 GetLocaleInfoW: 388 = 388 GetSystemDefaultLCID: 448 = 448 LocalFree: 565 = 565 LocalAlloc: 560 = 560 ThunkConnect32: 769 = 769 SUnMapLS_IP_EBP_12: 670 = 670 SMapLS_IP_EBP_12: 660 = 660 SUnMapLS: 669 = 669 SMapLS: 659 = 659 FT_Exit24: 256 = 256 FT_Exit20: 255 = 255 FT_Thunk: 268 = 268 lstrlenW: 865 = 865 WideCharToMultiByte: 811 = 811 Importing from module: 'USER32.dll' TimeDateStamp: 3adf0611 SubsystemVersion: 4.0 <= 4.10 TrackPopupMenu: 600 = 600 PtInRect: 468 = 468 GetFocus: 257 = 257 GetSysColor: 316 = 316 RedrawWindow: 471 = 471 DrawFocusRect: 164 = 164 IsWindowEnabled: 392 = 392 EqualRect: 207 = 207 MapWindowPoints: 426 = 426 GetParent: 303 = 303 GetWindowRect: 339 = 339 EnableWindow: 181 = 181 SendMessageA: 503 = 503 GetSystemMetrics: 319 = 319 SystemParametersInfoA: 589 = 589 IntersectRect: 369 = 369 ClientToScreen: 61 = 61 ReleaseCapture: 487 = 487 GetCapture: 223 = 223 WaitMessage: 635 = 635 TranslateMessage: 606 = 606 SetCapture: 512 = 512 GetSysColorBrush: 317 = 317 GetMessageTime: 294 = 294 MessageBeep: 428 = 428 UnionRect: 610 = 610 ScrollWindowEx: 497 = 497 GetDoubleClickTime: 256 = 256 SetRectEmpty: 550 = 550 ScreenToClient: 494 = 494 GetMessagePos: 293 = 293 GetDlgItem: 252 = 252 CopyRect: 71 = 71 SetCursor: 520 = 520 DrawIcon: 167 = 167 EnableScrollBar: 180 = 180 SetScrollInfo: 551 = 551 GetScrollInfo: 311 = 311 GetWindowDC: 332 = 332 GetCursorPos: 246 = 246 DrawFrameControl: 166 = 166 InvertRect: 372 = 372 IsRectEmpty: 390 = 390 GetScrollPos: 312 = 312 GetScrollRange: 313 = 313 ShowScrollBar: 581 = 581 IsWindowVisible: 394 = 394 SetScrollPos: 552 = 552 SetScrollRange: 553 = 553 IsZoomed: 395 = 395 GetDesktopWindow: 249 = 249 GetAsyncKeyState: 222 = 222 DrawEdge: 163 = 163 DestroyWindow: 142 = 142 ShowCaret: 578 = 578 SetCaretPos: 514 = 514 HideCaret: 350 = 350 GetKeyState: 268 = 268 DestroyCaret: 138 = 138 CreateCaret: 75 = 75 DestroyIcon: 140 = 140 GetIconInfo: 261 = 261 CreateIconIndirect: 86 = 86 DrawIconEx: 168 = 168 CopyImage: 70 = 70 CopyIcon: 69 = 69 GetDCEx: 248 = 248 wsprintfA: 645 = 645 ShowWindow: 582 = 582 SetWindowRgn: 570 = 570 IsChild: 381 = 381 GetShellWindow: 314 = 314 GetKeyboardLayout: 269 = 269 SetKeyboardState: 532 = 532 GetKeyboardState: 273 = 273 DestroyCursor: 139 = 139 GetUpdateRgn: 326 = 326 GetUpdateRect: 325 = 325 GetWindowRgn: 340 = 340 ValidateRect: 624 = 624 SetCursorPos: 521 = 521 LockWindowUpdate: 418 = 418 GetMenuItemID: 284 = 284 GetMenuItemCount: 283 = 283 GetSubMenu: 315 = 315 GetSystemMenu: 318 = 318 CheckMenuItem: 55 = 55 SetMenu: 535 = 535 GetMenuState: 288 = 288 SubtractRect: 584 = 584 CreatePopupMenu: 90 = 90 DestroyMenu: 141 = 141 AdjustWindowRect: 2 = 2 IsWindow: 391 = 391 MoveWindow: 441 = 441 GetWindowThreadProcessId: 345 = 345 GetWindow: 330 = 330 MapDialogRect: 421 = 421 SetForegroundWindow: 530 = 530 GetNextDlgTabItem: 300 = 300 DeferWindowPos: 135 = 135 EndDeferWindowPos: 182 = 182 BeginDeferWindowPos: 11 = 11 SetWindowTextA: 571 = 571 SetActiveWindow: 511 = 511 GetActiveWindow: 219 = 219 PostQuitMessage: 465 = 465 CreateDialogIndirectParamA: 79 = 79 SetParent: 544 = 544 CreateWindowExA: 91 = 91 CharNextA: 38 = 38 FrameRect: 217 = 217 ChildWindowFromPoint: 58 = 58 EndDialog: 183 = 183 EnumChildWindows: 187 = 187 GetWindowLongA: 334 = 334 GetCursor: 244 = 244 GetForegroundWindow: 258 = 258 GetMenu: 277 = 277 InvalidateRgn: 371 = 371 WindowFromPoint: 640 = 640 DrawTextExA: 174 = 174 AppendMenuA: 7 = 7 CallMsgFilterA: 20 = 20 CallWindowProcA: 23 = 23 DefWindowProcA: 133 = 133 DispatchMessageA: 147 = 147 FindWindowA: 211 = 211 GetClassInfoA: 226 = 226 GetClassNameA: 232 = 232 GetKeyNameTextA: 266 = 266 GetMenuItemInfoA: 285 = 285 GetMessageA: 291 = 291 GetPropA: 307 = 307 GetWindowTextA: 341 = 341 GrayStringA: 347 = 347 IsDialogMessageA: 384 = 384 LoadCursorA: 401 = 401 LoadIconA: 405 = 405 LoadImageA: 407 = 407 MapVirtualKeyA: 422 = 422 PeekMessageA: 460 = 460 PostMessageA: 463 = 463 RegisterClassA: 472 = 472 RegisterWindowMessageA: 485 = 485 RemovePropA: 490 = 490 GetWindowTextLengthA: 342 = 342 SendNotifyMessageA: 509 = 509 SetDlgItemTextA: 526 = 526 SetPropA: 547 = 547 SetWindowLongA: 566 = 566 WinHelpA: 636 = 636 DialogBoxIndirectParamA: 143 = 143 SetFocus: 529 = 529 GetDlgCtrlID: 251 = 251 InflateRect: 361 = 361 BeginPaint: 12 = 12 EndPaint: 185 = 185 FillRect: 210 = 210 UpdateWindow: 618 = 618 SetTimer: 559 = 559 KillTimer: 396 = 396 SetRect: 549 = 549 GetDC: 247 = 247 ReleaseDC: 488 = 488 GetClientRect: 235 = 235 InvalidateRect: 370 = 370 SetWindowPos: 569 = 569 AdjustWindowRectEx: 3 = 3 OffsetRect: 450 = 450 Importing from module: 'ADVAPI32.dll' TimeDateStamp: 3720a1cd SubsystemVersion: 4.0 <= 4.10 RegCreateKeyA: 219 = 219 RegCreateKeyExA: 220 = 220 RegCloseKey: 216 = 216 RegSetValueExA: 259 = 259 RegQueryValueExA: 247 = 247 RegQueryValueA: 246 = 246 RegOpenKeyExA: 239 = 239 RegOpenKeyA: 238 = 238 all ordinal hints match actual function ordinals!The last step was to backup the original v3600 in Windows\System and replace it with the newly patched COMCTL32.DLL. Link to comment Share on other sites More sharing options...
slhk Posted January 3, 2012 Share Posted January 3, 2012 jumper, thanks for the detailed explanation. All is clear now Link to comment Share on other sites More sharing options...
jds Posted January 4, 2012 Share Posted January 4, 2012 This is one very cool tool which makes it so much easier and faster for replacing functions than using an hex editor. It's quite amazing, really! Looks like MS has added a new function to a venerable support file. Substituting another function or stub for '__uncaught_exception' might {not} be acceptable to the calling app. If not, try locating a version of MSVCRT.DLL that includes this function.Well, I found a version "7.0.6002.18005 (lh_sp2rtm.090410-1830)" on a Vista machine, dated 2009/4/11. However, although this version only reported "[Need patching? ... msvcrt.dll=Y (OS subsystem)" in ImportPatcher (with 'Walk dependencies=N'), after being patched for the OS subsystem, it looked like a descent into DLL dependency hell.Also, a *#.* copy of every file that is walked is created, including system DLLs (only useful if you're trying to fragment your HDD!).Does this relate to the "Link to copies=Y/N" option in the INI file? Would this also require "Walk dependencies=Y"?1. Is there a way to pass command line parameters to "signtool.exe" when using the Import Patcher?IP.28 reads parameters from an .ini file that can be edited between passes.I think that ImportPatcher.27 gave the impression that it would load and execute a file, while satisfying missing dependencies. Since that doesn't seem to be the case, my earlier question was null and void.Joe. Link to comment Share on other sites More sharing options...
jumper Posted January 4, 2012 Author Share Posted January 4, 2012 Since writing the COMCTL32.DLL example the other day, the patched COMCTL32.DLL has been running on my system with no problems.>It's quite amazing, really!Thanks, but it's really just an exercise in learning how to parse the various header structures in the Portable Executable file format. Documentation and guides are hard to find and incomplete, but I keep stumbling onto more of them each week!IP.30 is undergoing final testing and includes unbinding of broken links.On the drawing board for function substitution is redirection to another module: [uSER32.dll] _missing=KERNEL32.SetLastErrorand possibly module insertion: [uSER32.dll] _missing=stubs.T16>Substituting another function or stub for '__uncaught_exception' might {not} be acceptable to the calling app. If not, ...I could have written "might or might not be", but chose to simplify and wrote "might be". When dealing in fuzzy logic, "not" sometimes becomes optional or even meaningless! >>Also, a *#.* copy of every file that is walked is created, including system DLLs (only useful if you're trying to fragment your HDD!).>Does this relate to the "Link to copies=Y/N" option in the INI file? Would this also require "Walk dependencies=Y"?No and Yes! IP.27 would open for R/W a copy of every file it analyzed (whether walking dep's or not) so that it could analyze and patch in one pass. Unfortunately, it didn't delete unneeded copies. Copying every file also made it slow (and loud)."Link to copies=Y/N" determines whether an app or dll references the original or patched dependency. Naming this option to something understandable has been problematic! Y = patch reference to refer to patched copy of dependency needed if dependencies are patched and the (patched) app is to be directly executable N = continue to refer to originalneeded if patched files are intended to be installed over originalsFor patched system files an installer is needed (or the file must be copies by hand in DOS). Creation of an .inf will also be tied to this option some time soon!>>>1. Is there a way to pass command line parameters to "signtool.exe" when using the Import Patcher?>>IP.28 reads parameters from an .ini file that can be edited between passes.>I think that ImportPatcher.27 gave the impression that it would load and execute a file, while satisfying missing dependencies. Since that doesn't seem to be the case, my earlier question was null and void.I misread the question about command line parameters, but now understand. Executing the patched app is a possible future feature and parameter passing would be an important design issue. Perhaps a "[Parameters] App command line parameters=" line in the .ini? Link to comment Share on other sites More sharing options...
jumper Posted January 5, 2012 Author Share Posted January 5, 2012 Looks like MS has added a new function to a venerable support file. Substituting another function or stub for '__uncaught_exception' might {not} be acceptable to the calling app. If not, try locating a version of MSVCRT.DLL that includes this function.Well, I found a version "7.0.6002.18005 (lh_sp2rtm.090410-1830)" on a Vista machine, dated 2009/4/11. However, although this version only reported "[Need patching? ... msvcrt.dll=Y (OS subsystem)" in ImportPatcher (with 'Walk dependencies=N'), after being patched for the OS subsystem, it looked like a descent into DLL dependency hell....I've just tried the Import Patcher on the "signtool.exe" utility from http://www.microsoft.com/download/en/details.aspx?id=8442 (Microsoft Windows SDK for Windows 7 and .NET Framework 4). Image file = GRMSDK_EN_DVD.iso, Path = \Setup\WinSDKTools\cab1.cab, Extract file = WinSDK_signtool_exe_B2E1011D_2F14_488D_A056_C5BD55106409_x86....Executing 'signtool.exe' by itself (with KernelEx 4.5.2) produces the error :The SIGNTOOL.EXE file islinked to missing export MSVCRT.DLL:__uncaught_exception.... Importing from module: 'msvcrt.dll' msvcrt.dll: __uncaught_exception (db) * No match msvcrt.dll: ___lc_handle_func (7f) * No match msvcrt.dll: ___lc_codepage_func (7d) * No match msvcrt.dll: ___mb_cur_max_func (80) * No match msvcrt.dll: __pctype_func (ce) * No match msvcrt.dll: __iob_func (93) * No match msvcrt.dll: __crtLCMapStringW (8b) * No matchAll seven of those functions are supported in MSVCR90.dll in the package VC_R_9X.EXE at MDGX.If (anyone is) not running KernelEx, patch MSVCR90.dll with this function replacement:[KERNEL32.dll]GetSystemWindowsDirectoryW=GetWindowsDirectoryWPut MSVCR90.dll in the same folder as signtool.exe or in <windows> or <system>.Then add to signtoo#.ini:[Missing modules]msvcrt.dll=MSVCR90.dllmsvcrt.dll=MSVCR9#.dll ;or this if you don't rename after patchingThis should fix the MSVCRT.DLL issues. If signtool has futher dependency problems, post the full .ini file this time (in a 'spoiler' box if large).* Note: ImportPatcher.29 and .30 syntax (may change in other versions) * Link to comment Share on other sites More sharing options...
dencorso Posted January 5, 2012 Share Posted January 5, 2012 jumper, would you be so kind as to make ImportPatcher compatible also with XP and 2k?I can envisage many uses for it on these two OSes, too.However, it always hangs and never finishes, when I try to use it on XP SP3.If set to Analyse, it hangs silently, after producing the ini and the log (I have to kill it, to terminate it).If set to Patch, it hangs before actually patching anything, and I get a box with an exclamation point saying: "Debug: CreateFileMapping"... my only option is to click OK, and whe I do it, the box closes, then reappears, keeping on this forever (so I have to kill it, to terminate it).If run from Dependency Walker with the problem file as the only command-line argument, it analyses the file (for a real lonng time), then, after producing the ini and the log, terminates with failure. The last lines of DW profiling are the following:00:55:39.171: First chance exception 0xC00000FD (Stack Overflow) occurred in "n:\IMPORTPATCHER.29.EXE" at address 0x00401009 by thread 1.00:55:39.187: Second chance exception 0xC00000FD (Stack Overflow) occurred in "n:\IMPORTPATCHER.29.EXE" at address 0x00401009 by thread 1.00:55:39.234: Exited "n:\IMPORTPATCHER.29.EXE" (process 0xA8C) with code -1073741571 (0xC00000FD) by thread 1.00:00:00.062: Entrypoint reached. All implicit modules have been loaded.BTW, you rock! Thanks a lot for ImportPatcher! Link to comment Share on other sites More sharing options...
jds Posted January 6, 2012 Share Posted January 6, 2012 If (anyone is) not running KernelEx, patch MSVCR90.dll with this function replacement ...Well, I'm kinda dependent on KernelEx these days ...Anyway, I managed to get another (fairly recent) version of "signtool.exe" that doesn't have strange requirements for 'msvcrt.dll'. It's version "4.00 (longhorn_rtm.080108-2300)", obtained from the W2008 & dotNet3.5 SDK (6.0.6001.18000.367-KRMSDK_EN.iso). The file is "\Setup\WinSDKTools-WinSDKTools-common.0.cab", from which is extracted the file "signtool_exe.B68FF751_0B1A_4F33_B044_1871CB4B13CC". Also required is the "capicom.dll" file, extracted as "capicom_dll.970E4F94_546F_49F3_BF1F_18BE6B938B02".This version of "signtool.exe" seems to run OK with KernelEx. (ImportPatcher shows mismatched hints for many DLL functions, but performance isn't important for this application.)Joe. Link to comment Share on other sites More sharing options...
jumper Posted January 6, 2012 Author Share Posted January 6, 2012 (edited) On 1/5/2012 at 3:52 PM, dencorso said: jumper, would you be so kind as to make ImportPatcher compatible also with XP and 2k? I can envisage many uses for it on these two OSes, too. I'll try, but I don't have any OS later than SE to test on. Good error reporting like you provided here will be important. Quote However, it always hangs and never finishes, when I try to use it on XP SP3. If set to Analyse, it hangs silently, after producing the ini and the log (I have to kill it, to terminate it). My WinMainCRTStartup function simply returned without calling exit or ExitProcess. This works in SE; apparently not in 2K+. I've added ExitProcess now. Quote If set to Patch, it hangs before actually patching anything, and I get a box with an exclamation point saying: "Debug: CreateFileMapping"... my only option is to click OK, and whe I do it, the box closes, then reappears, keeping on this forever (so I have to kill it, to terminate it). The Debug message is mine and indicates that CreateFileMapping (part of the file-mapping sequence of calls) failed. I have located and fixed a minor (SE didn't mind) error in one of the protection flags. I'll also add GetLastCallError support to the error reporting. Despite forcing CreateFileMapping to fail when in patch mode, I was unable to reproduce the error loop. I'm testing IP.31 builds now and much code has been cleaned up since IP.29. I'll trace the old code in my best simulator (sleep on it) in a few minutes.... Quote If run from Dependency Walker with the problem file as the only command-line argument, it analyses the file (for a real lonng time), then, after producing the ini and the log, terminates with failure. The last lines of DW profiling are the following: 00:55:39.171: First chance exception 0xC00000FD (Stack Overflow) occurred in "n:\IMPORTPATCHER.29.EXE" at address 0x00401009 by thread 1. 00:55:39.187: Second chance exception 0xC00000FD (Stack Overflow) occurred in "n:\IMPORTPATCHER.29.EXE" at address 0x00401009 by thread 1. 00:55:39.234: Exited "n:\IMPORTPATCHER.29.EXE" (process 0xA8C) with code -1073741571 (0xC00000FD) by thread 1. 00:00:00.062: Entrypoint reached. All implicit modules have been loaded. BTW, you rock! Thanks a lot for ImportPatcher! ImportPatcher is currently designed to function recursively. A stack overflow is the expected result of a runaway loop. The slow speed is likely the result of DW managing a huge amount of text in the log window. A (hitherto) undocumented feature of ImportPatcher is that the text of all message boxes, log file entries, and any error messages are also passed to OutputDebugMessage(). Running IP in a debug environment such as DW allows viewing of these messages. If IP is looping endlessly (until the stack overflows) the DW log window should be filling will huge amounts of text. Edited January 4, 2021 by jumper GetLastCall corrected to GetLastError Link to comment Share on other sites More sharing options...
jumper Posted January 6, 2012 Author Share Posted January 6, 2012 Anyway, I managed to get another (fairly recent) version of "signtool.exe" that doesn't have strange requirements for 'msvcrt.dll'. It's version "4.00 (longhorn_rtm.080108-2300)", obtained from the W2008 & dotNet3.5 SDK (6.0.6001.18000.367-KRMSDK_EN.iso). ...This version of "signtool.exe" seems to run OK with KernelEx. (ImportPatcher shows mismatched hints for many DLL functions, but performance isn't important for this application.)The previous version was dotNet4.0--even more recent. Because KernelEx won't always be up-to-date with the latest demands of new software, it would be nice to know if ImportPatcher can help fill the void. To that end, it would be great if you could test the dotNet4.0 version with the msvcrt->msvcr90 replacement I proposed. This might also really help out those who don't use KernelEx.TIA, jumper. Link to comment Share on other sites More sharing options...
jds Posted January 6, 2012 Share Posted January 6, 2012 Anyway, I managed to get another (fairly recent) version of "signtool.exe" that doesn't have strange requirements for 'msvcrt.dll'. It's version "4.00 (longhorn_rtm.080108-2300)", obtained from the W2008 & dotNet3.5 SDK (6.0.6001.18000.367-KRMSDK_EN.iso). ...This version of "signtool.exe" seems to run OK with KernelEx. (ImportPatcher shows mismatched hints for many DLL functions, but performance isn't important for this application.)The previous version was dotNet4.0--even more recent. Because KernelEx won't always be up-to-date with the latest demands of new software, it would be nice to know if ImportPatcher can help fill the void. To that end, it would be great if you could test the dotNet4.0 version with the msvcrt->msvcr90 replacement I proposed. This might also really help out those who don't use KernelEx.TIA, jumper.Sure, but I won't get a chance to try this until Monday.Since I do use/rely on KernelEx, for the purposes of this experiment, I presume the following will be sufficient :* In "signtoo#.ini", I'll add :[Missing modules]msvcrt.dll=MSVCR90.dllJoe. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now