Crash in MemoryLoadLibraryEx(): 0xC0000005: Access violation reading location 0x00000000. #31
Description
I'm using the latest version of MemoryModule (f02a8e6).
To reproduce, replace SampleDLL.cpp with:
class Callable
{
public:
virtual int call() { return 0; }
};
Callable * GetCallable()
{
static Callable callable;
return &callable;
}
int i = GetCallable()->call();(this should be valid C++ code as far as I'm aware)
and DllLoader.cpp with:
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <tchar.h>
#include <stdio.h>
#include <malloc.h>
#include "../../MemoryModule.h"
#define DLL_FILE TEXT("..\\SampleDLL\\SampleDLL.dll")
void LoadFromFile(void)
{
HINSTANCE handle = LoadLibrary(DLL_FILE);
if (handle == NULL)
return;
FreeLibrary(handle);
}
void LoadFromMemory(void)
{
FILE *fp;
unsigned char *data=NULL;
size_t size;
HMEMORYMODULE handle;
fp = _tfopen(DLL_FILE, _T("rb"));
if (fp == NULL)
{
_tprintf(_T("Can't open DLL file \"%s\"."), DLL_FILE);
goto exit;
}
fseek(fp, 0, SEEK_END);
size = ftell(fp);
data = (unsigned char *)malloc(size);
fseek(fp, 0, SEEK_SET);
fread(data, 1, size, fp);
fclose(fp);
handle = MemoryLoadLibrary(data);
if (handle == NULL)
{
_tprintf(_T("Can't load library from memory.\n"));
goto exit;
}
MemoryFreeLibrary(handle);
exit:
if (data)
free(data);
}
int main(int argc, char* argv[])
{
//LoadFromFile();
LoadFromMemory();
return 0;
}If LoadFromFile() is run, the program exits with 0.
However, if LoadFromMemory() is run, it crashes with:
Exception thrown at 0x0008146E in DllLoader.exe: 0xC0000005: Access violation reading location 0x00000000.
Stacktrace:
0008146e() Unknown
[Frames below may be incorrect and/or missing]
ucrtbased.dll!__initterm�() Unknown
00082d41() Unknown
00082be9() Unknown
00082fbd() Unknown
000831df() Unknown
> DllLoader.exe!MemoryLoadLibraryEx(const void * data, void * (const char *, void *) * loadLibrary, int (...) * (void *, const char *, void *) * getProcAddress, void (void *, void *) * freeLibrary, void * userdata) Line 560 C
DllLoader.exe!MemoryLoadLibrary(const void * data) Line 433 C
DllLoader.exe!LoadFromMemory() Line 42 C++
DllLoader.exe!main(int argc, char * * argv) Line 60 C++
DllLoader.exe!invoke_main() Line 74 C++
DllLoader.exe!__scrt_common_main_seh() Line 264 C++
DllLoader.exe!__scrt_common_main() Line 309 C++
DllLoader.exe!mainCRTStartup() Line 17 C++
kernel32.dll!@BaseThreadInitThunk@12�() Unknown
ntdll.dll!___RtlUserThreadStart@8�() Unknown
ntdll.dll!__RtlUserThreadStart@8�() Unknown
Line 560 in MemoryModule.c:
// notify library about attaching to process
BOOL successfull = (*DllEntry)((HINSTANCE)code, DLL_PROCESS_ATTACH, 0);Strangely enough, if both LoadFromLibrary() and LoadFromMemory() are run (and in that order!), there is no crash.