Jump to content

Browsing the web on 98/ME in 2019 and beyond


Destro

Recommended Posts


~?Aiko?Chan?~; I assume you mean the character code is not showing the character (glyph in a font). My received emails had some glyphs not shown. This can be a wrong character like a rectangle/box or it could be the character code as with your K-Meleon Html5Test picture. I installed more fonts to fix this but Marlett is different with later OSs than XP, so if the email or web page uses characters from Marlett for example, then the characters or glyphs might be displayed as boxes. If you are missing the font then it would display the character code but not the glyph unless the out of memory idea I had said happens. BabelPad is supposed the be a font editor and perhaps a new font can be produced or edited. I only know of Marlett that does not work in ME as I have updated ones from win10 as well. TTCs don't work as well though I am not sure as some were included with unofficial service pack but without the SP (not sure with SP) then boot logged text says failed. So we miss out some symbols from Cambria.ttc. Some fonts to consider updating would be symbol.ttf, webdings.ttf, wingding.ttf and seguisym.ttf.

If charmap.exe is used as I explained 2/3 down on page 4 then KEX NT40 settings need to be set and msvcr80 is in use not mscvr90 on HDD I am using at the moment.

Edited by Goodmaneuver
Link to comment
Share on other sites

@Goodmaneuver, I'm using JRE 7 update 76 without any psapi hack, this might well be obsolete with newer KernelEx, I had completely forgotten about it.

Edited by loblo
Link to comment
Share on other sites

20 hours ago, Goodmaneuver said:

~?Aiko?Chan?~; I assume you mean the character code is not showing the character (glyph in a font). My received emails had some glyphs not shown. This can be a wrong character like a rectangle/box or it could be the character code as with your K-Meleon Html5Test picture. I installed more fonts to fix this but Marlett is different with later OSs than XP, so if the email or web page uses characters from Marlett for example, then the characters or glyphs might be displayed as boxes. If you are missing the font then it would display the character code but not the glyph unless the out of memory idea I had said happens. BabelPad is supposed the be a font editor and perhaps a new font can be produced or edited. I only know of Marlett that does not work in ME as I have updated ones from win10 as well. TTCs don't work as well though I am not sure as some were included with unofficial service pack but without the SP (not sure with SP) then boot logged text says failed. So we miss out some symbols from Cambria.ttc. Some fonts to consider updating would be symbol.ttf, webdings.ttf, wingding.ttf and seguisym.ttf.

If charmap.exe is used as I explained 2/3 down on page 4 then KEX NT40 settings need to be set and msvcr80 is in use not mscvr90 on HDD I am using at the moment.

BabelPad is not a font editor, it's an (advanced) unicode text editor.

 

You can't use TTC fonts but you can split them into TTF fonts which you can then use, TTC being several TTF fonts merged into one file. Several tools let you do that. Check out TTCTools, UniteTTC, FTMaster or FontForge.
 

Link to comment
Share on other sites

  • 2 weeks later...
On 5/9/2019 at 1:29 AM, jumper said:

The crash is because LoadLibraryA is called with a null pointer instead of a filename string, resulting in the page fault in LoadLibraryExA.

I'd like to know where do LoadLibraryEx called with NULL.

Link to comment
Share on other sites

The OllyDbg screencap shows the NULL pointer in EAX came from the first parameter.

The code wants to check the first two bytes (WORD) of the input string for the disk designator sequence: "\\" (5C5C).

Location of crash is in LoadLibraryExA_fix because LoadLibraryA_fix is:
  return LoadLibraryExA_fix (pLibFileNameA, 0, 0);


Also, this is the last line in KM_ApiLog.txt:
4 fff78645   [XUL.DLL]02c0323a:LoadLibraryA(bfa4bb8c)

bfa4bb8c is in Kexbases.dll (version 4.5.2016.20), so Kex wrapper of LoadLibraryA is called from XUL.DLL with return address of 02c0323a. Crash happens before LoadLibraryA returns.

Kexbases.dll (version 4.5.2016.21) now contains a NULL-pointer check to prevent such a crash.

(Note: over-explained in places for the benefit of non-programmers trying to learn.)

Link to comment
Share on other sites

Debuggers must attach after KernelEx has loaded the app or plugin:

In Ollydbg: File > Attach
In VC5/6: Build > Start Debug > Attach to Process..."

In Ollydbg: Options > Just-in-time debugging
In VC5/6: Tools > Options > Debug > Just-in-time debugging

Debuggers can also be manually configured in Win.ini or HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion to attach upon crash:

[AeDebug]
Auto=0
Debugger=C:\OllyDbg\OLLYDBG.EXE -AEDEBUG %ld %ld
;Debugger=C:\DevStudio\SharedIDE\BIN\msdev.exe -p %ld -e %ld
;Debugger="C:\Program Files\finesse.exe" -v -p %u -e %u


Link to comment
Share on other sites

roytam1 is a legend.  if anyone can get newmoon 26 running on 98se he can.

If he actually got that running 98se would be a viable operating system in 2019.

Edited by Destro
Link to comment
Share on other sites

19 hours ago, jumper said:

Debuggers must attach after KernelEx has loaded the app or plugin:

In Ollydbg: File > Attach
In VC5/6: Build > Start Debug > Attach to Process..."

In Ollydbg: Options > Just-in-time debugging
In VC5/6: Tools > Options > Debug > Just-in-time debugging

Debuggers can also be manually configured in Win.ini or HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion to attach upon crash:

[AeDebug]
Auto=0
Debugger=C:\OllyDbg\OLLYDBG.EXE -AEDEBUG %ld %ld
;Debugger=C:\DevStudio\SharedIDE\BIN\msdev.exe -p %ld -e %ld
;Debugger="C:\Program Files\finesse.exe" -v -p %u -e %u


 

alright there is "Debug" button in invalid page fault dialog now, and I got this:

NmRKIyB.png

Link to comment
Share on other sites

I've never used OllyDbg, but try scrolling the Call stack window down until Called from shows the most recent call from a non-system DLL. Maximizing the Call stack window would give the best big picture.

Edited by jumper
typo
Link to comment
Share on other sites

4 hours ago, jumper said:

I've never used OllyDbg, but try scrolling the Call stack window down until Called from shows the most recent call from a non-system DLL. Maximizing the Call stack window would give the best big picture.
 

as you see, the call stack has been already reached the end.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...