I thinkAndreas Mohr wrote:
>
> Hello all,
>
> a program I tested (VideoSelect.exe) does this:
> Call KERNEL32.746: WriteProcessMemory(7fffffff,78004858,4106b948,00000005,4106b944)
>ret=0a93b7b3 fs=0247
that's what I call a brain damaged program.
WriteProcessMemory(GetCurrentProcess()) is very close to a memcpy... (ok, without the
exception handling part...)
the server, while processing a WriteProcessMemory(pid, ...) on process pid, that :
- either the caller is a debugger debugging pid, or pid is not currently debugged and
the caller
will (temporaly) act as a debugger
- in both cases pid and caller shall be two distinct process
Andi, can you try to, in scheduler/process.c, to add, at the top of
WriteProcessMemory,
something like:
if (process == GetCurrentProcess()) {
memcpy(addr, buffer, size);
*bytes_written = size;
return TRUE;
}
(untested, might not event compile)
A+
--
---------------
Eric Pouech (http://perso.wanadoo.fr/eric.pouech/)
"The future will be better tomorrow", Vice President Dan Quayle
