From be6568111d709ac1c64fb70aeecf1ffc4a217c9a Mon Sep 17 00:00:00 2001 From: hMihaiDavid Date: Sat, 31 Dec 2016 18:21:26 +0100 Subject: [PATCH 1/3] flush instruction cache after performing relocations Flush instruction cache to avoid executing stale code after performing relocations. According to MSDN: "Applications should call FlushInstructionCache if they generate or modify code in memory. The CPU cannot detect the change, and may execute the old code it cached.". After performing relocation we have modified executable code, so if we don't flush the cache maybe the old code without relocation is executed instead. So far the code has woked without flushing instruction cache but it's better to be safe. https://msdn.microsoft.com/en-us/library/windows/desktop/ms679350(v=vs.85).aspx --- MemoryModule.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/MemoryModule.c b/MemoryModule.c index cf38388..6d85632 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -645,6 +645,9 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, size_t size, } else { result->isRelocated = TRUE; } + + // flush instruction cache to avoid executing stale code after performing relocations + FlushInstructionCache((HANDLE)-1, NULL, 0); // load required dlls and adjust function table of imports if (!BuildImportTable(result)) { From 124759bbe71f65753fe5c8ff36078f25d8ec35f5 Mon Sep 17 00:00:00 2001 From: hMihaiDavid Date: Wed, 4 Jan 2017 15:23:59 +0100 Subject: [PATCH 2/3] flush instruction cache of each base relocation block --- MemoryModule.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/MemoryModule.c b/MemoryModule.c index 6d85632..d345781 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -392,6 +392,8 @@ PerformBaseRelocation(PMEMORYMODULE module, ptrdiff_t delta) } } + // flush instruction cache to avoid executing stale code after performing relocations + FlushInstructionCache(GetCurrentProcess(), (LPCVOID) dest, module->pageSize); // advance to next relocation block relocation = (PIMAGE_BASE_RELOCATION) OffsetPointer(relocation, relocation->SizeOfBlock); } @@ -645,9 +647,6 @@ HMEMORYMODULE MemoryLoadLibraryEx(const void *data, size_t size, } else { result->isRelocated = TRUE; } - - // flush instruction cache to avoid executing stale code after performing relocations - FlushInstructionCache((HANDLE)-1, NULL, 0); // load required dlls and adjust function table of imports if (!BuildImportTable(result)) { From 61b21403c8500bcc80d0419c1f062676fedc9f9b Mon Sep 17 00:00:00 2001 From: hMihaiDavid Date: Wed, 4 Jan 2017 15:28:34 +0100 Subject: [PATCH 3/3] Update MemoryModule.c --- MemoryModule.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/MemoryModule.c b/MemoryModule.c index d345781..403b2af 100644 --- a/MemoryModule.c +++ b/MemoryModule.c @@ -392,8 +392,8 @@ PerformBaseRelocation(PMEMORYMODULE module, ptrdiff_t delta) } } - // flush instruction cache to avoid executing stale code after performing relocations - FlushInstructionCache(GetCurrentProcess(), (LPCVOID) dest, module->pageSize); + // flush instruction cache to avoid executing stale code after performing relocations + FlushInstructionCache(GetCurrentProcess(), (LPCVOID) dest, module->pageSize); // advance to next relocation block relocation = (PIMAGE_BASE_RELOCATION) OffsetPointer(relocation, relocation->SizeOfBlock); }