ImportPatcher.41 - Find and fix dependency problems

[jumper]

Great job getting Altium Designer Viewer to install and launch.

I see that you are leaving the user32.UpdateLayeredWindow replacement for KernelEx to handle:

[user32.dll]
UpdateLayeredWindow=

KernelEx only provides full functionality for a few functions. Most of its support consists of error stubs and minimal functionality to address specific issues in this or that app in response to a direct request. There does appear to be a full implementation for UpdateLayeredWindow, however.

Most apps (including mine ) don't check every last error code. When an app crashes, it generally means that something critical has already failed (before the actual crash) and the app isn't going to be able to proceed anyway. It could check return codes for errors and display a friendly failure message, or it can not check and then (possibly) crash. Ironically, the system crash dialog often contains much better debugging information than the friendly messages!

Many an XP app that claimed 9x compatibility has crashed on me in a similar fashion. Getting many of these apps to actually run without crashing will probably require much debugging and discussion in a new topic thread....

[jds]

Great job getting Altium Designer Viewer to install and launch.

Yeah, so close and yet ...

I get the impression that NT has more internal traps for errors that are silently dealt with than does W9X. So coding errors (hey, even compiler errors!) go unnoticed. Maybe that's it, or maybe there are a few holes or bugs in what KernelEx is providing, I don't really know.

Joe.

[jumper]

ImportPatcher status update:

IP.35 needed several rewrites before it became stable, but now the PE header parsing code is more robust than ever. It detects UPX-compressed files and doesn't attempt to parse the invalid delay-import entries.

Three types of dependencies are still not supported: import forwarders, export forwarders, and dynamic delay-loads. I've been learning a lot about export forwarders lately and if import forwarders work the same way, both of these should be relatively simple to implement.

Dependency Walker uses a profiling method to find dynamic delay-loads. A future IP could add a 'Profile' option to the summary MessageBox if there is a GetProcAddress dependency. If 'Profile' is selected, it would hook GetProcAddress and launch the app.

Another possibility would be to search the code section for calls to GetProcAddress and grab the addresses of the function name strings. Search again for LoadLibrary and grab those DLL name strings, then cross reference functions and DLLs.

[jumper]

After two months of delays , ImportPatcher.35 is finally posted.

I added CheckSum zeroing so Dependency Walker would stop complaining about the invalid checksums.

[Drugwash]

I mocked up a simple tool that returns the number of parameters for an API name given as command-line parameter.

Alternatively, a direct launch will display the whole list of known APIs to browse through.

The application contains the API list published in this post ; it extracts and uses it as default if there's no other.

Hopefully it may be of help to someone; however, no guarantees or warranties are implied. It's free software.

Sources are included in the 7-zip package.

[EDIT]

Updated to version 1.0.1.0 (change log included in the package)

Download API Parameter Count v1.0.1.0

Edited March 24, 2012 by Drugwash

[jumper]

I mocked up a simple tool that returns the number of parameters for an API name given as command-line parameter...Hopefully it may be of help to someone....

Thanks, Drugwash. Good work. I rate it two thumbs up:

I see the update now alphabetizes and can also sort by parameter count. Also ~450 duplicates have been removed from the list!

I've added a link to your post (#80) in the header of post #1, and also a mention in the topic subtitle.

[Drugwash]

You're welcome! It wasn't much of a challenge, anyway; currently I'm working on parsing the headers in PSDK2003 and building a constant database for use in AHK. Found over 67850 so far, but the parsing code is still buggy. I'd be glad to find someone with a more recent PSDK installed (ideally one that includes Vista/7 or even 8's headers), to pass them the parsing script and retrieve an updated list of constants. When I fix it, that is.

I haven't yet looked at your code, but I can't stop asking myself how would it know what are the allowed return values & value types for each API function it patches... unless I misunderstood its usage.

If you need any other tool, don't hesitate to ask - I'll try to rise up to the challenge the best I can.

[jumper]

I haven't yet looked at your code, but I can't stop asking myself how would it know what are the allowed return values & value types for each API function it patches... unless I misunderstood its usage.

ImportPatcher lets us replace any DLL or function name string with any other string that will fit. It then checks to see if those DLLs and functions exist, but doesn't do any return value or type checking--that is up to the user to research (or guess!) which stub is the best to use.

Matching the number of parameters is important for preventing stack corruption. Return value is important because it can signify success or failure; the actual type doesn't matter if the raw value is correct.

Ideally, the user would research each function to be replaced at MSDN before selecting (or writing) a stub with the best characteristics. I think guestimation and trial-and-error are the methods that often get used instead.

[Drugwash]

Oh well, I had a funny feeling I won't be taking care of the garden this year either... Since it's closely related to my own needs, I may be taking on the task of building an as-updated-as-possible API database, complete with library location, parameter count & type and - most important - return value & type. As a mini-MSDN.

The return value is indeed very important, not only in terms of success/failure indication, but in certain situation may have to represent a pointer to a string or worse: a pointer to a pointer.

Things get complicated when the original API would return a pointer to a POINT, RECT, COLORREF or more complex structure. But that's already too much to dig for - we may as well build the API replacements from scratch, as is the case with KernelEx. B)

[jds]

Great job getting Altium Designer Viewer to install and launch.

Yeah, so close and yet ...

I get the impression that NT has more internal traps for errors that are silently dealt with than does W9X. So coding errors (hey, even compiler errors!) go unnoticed. Maybe that's it, or maybe there are a few holes or bugs in what KernelEx is providing, I don't really know.

Well, I have progress to report, of sorts.

In investigating this error, I encountered some test results at WineHQ with different versions of Altium Viewer (albeit with different versions of Wine). This suggested that versions up to 6.8 were well behaved, whereas the more recent versions, weren't. So I did a search of some backups and found a copy of version 6.3.0.6886 and installed this, as described earlier (the MSI LaunchCondition was a bit different, but fairly obvious).

It works! However there's a catch. Previous versions of Altium Viewer require a registration key and activation. Unfortunately, the system Altium have for generating such registration keys no longer works for version 6, so I had to get help from Altium Support to get a suitable registration key generated. Then it all worked!

Unfortunately, Viewer 6 is no longer supported by Altium, so unless you're a good customer, they won't normally be willing to manually generate a registration key for it. However, this does show that Altium Viewer is viable on W98, version 6.3 works, and more recent versions perhaps just require one or two API functions to be fixed up for them to work too.

Ideally, the user would research each function to be replaced at MSDN before selecting (or writing) a stub with the best characteristics. I think guestimation and trial-and-error are the methods that often get used instead.

I can't agree more. I did such research before selecting the two IPStub functions to use with Altium Viewer, there's enough that can go wrong to trust trial and error.

Joe.

Edited March 30, 2012 by jds

[jds]

Installing "SAP GUI for Java (Win32) 7.10r5" on W98/KernelEx :

Here is a very brief description of the special steps needed to install "SAP GUI for Java (Win32) 7.10r5" on W98/KernelEx, with the help of "Import Patcher" and 'IPStub.dll' ...

0) Prerequisites

Well, these are the official prerequisites :

Hardware

CPU: Intel PentiumIII with 800 MHz

RAM: 512 MB (Vista 1 GB)

Software

Windows XP 32bit or Windows Vista 32bit (Business, Ultimate und Enterprise Edition)

Visual C++ Libraries VS 2005 SP1(x86)

This package (VCredist_x86.msi) is available in the bin directory of the SAP GUI for Java installation or at the same locations where the installers of SAP GUI for Java are located for download.

Sun Java Runtime Environment 5.0 (32-bit) from http://java.sun.com/j2se/1.5.0/index.jsp or 6.0 (32-bit) from http://java.sun.com/javase/6/

The other prerequisite is a copy of the "SAP GUI for Java" (Win32 version) installation package, once readily available via FTP from SAP, now you need to register and navigate their convoluted web site to get it. The version used here was 'PlatinGUI-Win32-710r5.jar', however, only the most current version is generally available from SAP, which may or may not work as below. Note that version 7.10 is the minimum required to access current SAP systems.

1) Create directory structures on your W98 partition

C:\Users

C:\Users\YourUserName

C:\Users\YourUserName\Local

C:\Users\YourUserName\Local\Temp

C:\Users\YourUserName\Roaming

C:\WINDOWS\SAP Clients

C:\WINDOWS\SAPGUI

C:\WINDOWS\SAPGUI\work

2) Add "Volatile-Environment" Registry Entries

---snip---

REGEDIT4

[HKEY_CURRENT_USER\Volatile Environment]

"LOGONSERVER"="\\\\SERVERNAME"

"USERDNSDOMAIN"="Your.Domain.Suffix"

"USERDOMAIN"="YOURDOMAIN"

"USERNAME"="YourUserName"

"USERPROFILE"="C:\\Users\\YourUserName"

"HOMEPATH"="\\Users\\YourUserName"

"HOMEDRIVE"="C:"

"APPDATA"="C:\\Users\\YourUserName\\AppData\\Roaming"

"LOCALAPPDATA"="C:\\Users\\YourUserName\\AppData\\Local"

---snip---

3) Obtain REG.EXE

Extract with 7-Zip from 'sp4supporttools.exe' from :

http://www.microsoft.com/download/en/confirmation.aspx?id=18614

Copy to %windir%

4) Obtain CMD.EXE

WIN95CMD.EXE (originally from October 2000 Platform SDK) :

http://web.archive.org/web/20040603061357/http://www.neuro.gatech.edu/users/cwilson/cygutils/unversioned/consize/Win95Cmd.exe

Possible alternative is CMD.EXE from ReactOS 0.3.1 or earlier.

Copy to %windir%

5) Pipe Work-around for WIN95CMD.EXE (Charles Dye)

---snip---

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor]

"AutoRun"="set comspec=C:\\windows\\cmd.exe"

"CompletionChar"=dword:00000009

---snip---

6) Update in %windir%\SYSTEM :

IMAGEHLP.DLL 5.1.2600.2180 (Readily available)

dbghelp.dll 6.0.0017.0 (Available in 'WinAVR' or 'RealPlayer')

7) Install the JAR package

8) Patch 'JPlatin.dll' with "Import Patcher" & 'IPStub.dll'

---snip---

[importPatcher.34]

;Edit parameters and replacement strings, then Retry or run again to patch. <=

[Parameters]

Walk dependencies=N

Link to copies=N

Unbind broken bindings=N

Target OS=4.10

[DLL substitutions]

Netapi32.dll=IPStub.dll

[KERNEL32.dll]

OpenThread=

[ADVAPI32.dll]

ConvertStringSecurityDescriptorToSecurityDescriptorA=

[iPStub.dll]

NetUserEnum=o8

Netbios=f1

[Patch list]

JPlatin.dll=DLLs, Functions

---snip---

9) Here's the batch file to invoke SAP GUI :

---snip---

javaw.exe -Xmx256M -cp "C:\PROGRA~1\SAP Clients\SAPGUI for Java 7.10rev5\jar\GuiStartS.jar";"C:\PROGRA~1\SAP Clients\SAPGUI for Java 7.10rev5\jar\platincoreS.jar" %PLATIN_JVMOPT% com.sap.platin.Gui %1 %2 %3 %4 %5 %6 %7 %8 %9

---snip---

Phew! Well, that's pretty much it!

Joe.

Edited April 17, 2012 by jds

[jumper]

Here's a new stub file designed just for NetApi32.dll issues:

• 
  NetApiEx.dll -

NetApiEx.zip

Contains stubs for all missing NetApi32 functions reported anywhere on the web:

• 
  NetApiBufferFree
  NetFileGetInfo
  NetGetDCName
  NetLocalGroupAddMembers
  NetServerEnum
  NetShareGetInfo
  NetUseAdd
  NetUseGetInfo
  NetUserDel
  NetUserEnum
  NetUserGetInfo
  NetUserGetLocalGroups
  NetWkstaGetInfo

All stubs support the proper number of parameters and return ERROR_INVALID_FUNCTION (1).

Four ways to use NetApiEx.dll:

1. Place in app or %system% folder and use ImportPatcher to redirect app to it. (for testing mainly)
   
2. Rename to NetApi32.dll and place in app folder. (local usage; must not be listed in KnownDLLs)
   
3. Rename to NetApi32.dll and place in %system% folder after renaming original to NetApi00.dll
   
4. Place in %KernelEx%, add to 'contents' list in Core.ini, and use as a new KernelEx extension:
   contents=std,kexbases,kexbasen,NetApiEx
   

Yes, you read that right -- NetApiEx contains a KernelEx api_table structure and exports a "get_api_table" function so KernelEx can use it in the same way as kexbasen and kexbases.

In fact, NetApiEx is a hybrid. Unlike kexbasen and kexbases which only export get_api_table, it also exports the API functions. This allows it to work without KernelEx ala methods one, two, and three.

NetApiEx can be used (in conjunction with NetApi00) as a direct replacement for NetApi32 in %system% (method three) because it also contains an export-forwarder for Netbios, the one native API. Method three will work both with and without KernelEx.

Because Net* functions other than Netbios are NT functions, it is very likely that any app needing NetApiEx will also need KernelEx to handle other issues. Hence the appeal of method four.

[loblo]

Hi jumper, the netbios forwarder thing doesn't seem to actually work here. If I check with dependency walker, it appears OK but upon trying to start the program it fails with a message saying the blahblah file is linked to missing export NETAPI32.DLL:Netbios.

Also, the NetMessageBufferSend function isn't available in your dll.

I've got that 3DVIA Printscreen program (for capturing 3D models from opengl and directx applications) that's got a dll requiring both NetMessageBufferSend and Netbios from netapi32 and it works absolutely fine with a netapi32 I made myself a while ago and that has both functions as dummies but it fails with yours for the reasons I mentioned above.

Edited April 18, 2012 by loblo

[jumper]

Loblo, you didn't mention which method(s) you tested. I not sure which method is failing or in what mode the dll is having trouble.

Here is an updated file with both NetMessageBufferSend and Netbios stubbed. Since this makes it a superset of your stub file, it should work using the same method (2?). Method 4 is where I could use help testing and some feedback.

Thanks for testing!

NetApiEx2.zip

[loblo]

This one is working OK but it's not so different than mine since netbios is stubbed and not forwarded.

For testing the other one I used a mixture of method 2 and 3 which is to say I did rename your dll to netapi32.dll and did put in the application folder and I also copied to it the original netapi32.dll from the system folder (renamed as NetApi00.dll of course) which theoretically should have been working for the netbios function if I am not mistaken.

Have you succesfully tested a netbios function forwarding and if so can you tell on which program so I can try it out myself?

Edited April 19, 2012 by loblo