homepage Welcome to WebmasterWorld Guest from 54.198.130.203
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Microsoft / Deprecated - Microsoft Windows OS (XP/NT/Vista)
Forum Library, Charter, Moderators: bill

Deprecated - Microsoft Windows OS (XP/NT/Vista) Forum

    
How do I create a hotpatch
Just need to be pointed in the right direction
kaled




msg:4012117
 10:24 am on Oct 23, 2009 (gmt 0)

I have been studying a complex programming problem for a while now. Finally, I have devised a very simple solution, however...

I need to patch two functions in Kernel32.DLL but I need the patch to apply to a single process - this is absolutely essential since it could adversely affect other programs. It seems likely to me that this is possible for development and testing but I have been unable to find useful information on how to create and install any sort of hotpatch.

For my own purposes, I think I may be able to manage using non-standard methods, but a single-process hotpatch would be enormously useful to other programmers that have been wrestling with the same problem (and there are a lot out there).

Since installing hotpatches is a System Admin job, I'm hoping someone can point me in the right direction.

Kaled.

 

incrediBILL




msg:4012550
 3:43 am on Oct 24, 2009 (gmt 0)

Kaled, it's been eons since I've done this but whatever you do you cannot patch the shared version of Kernel32.dll because other apps depend on it that could become unstable and/or the next Windows update will whack it.

What you have to do is create a stub DLL for your functions and then do DLL Injection into the target API.

You can find a good example of DLL Injection [software.intel.com] on Intel's site.

kaled




msg:4012659
 10:40 am on Oct 24, 2009 (gmt 0)

For testing I'm using what I guess is described as "Target Function Modification".

Microsoft released a new technology with later versions of XP (and Vista) that allows DLLs to be patched without restarting. This involved allocating space at the start of every function for a jump to be installed (that much I understand and am using) but also it seems to patch the DLLs themselves (something I don't want to do).

So far, I haven't managed to get my modifications to work (currently baffled) and I can manage without the clever hotpatching technology, but, assuming I can get my code to work, other programmers might find a signed hotpatch solution to this problem very useful.

Kaled.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Microsoft / Deprecated - Microsoft Windows OS (XP/NT/Vista)
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved