Fixing support for inject_x64 injection inside WOW64 processes (!4989) · Merge requests · DynamoRIO / dynamorio

Merged Nofix requested to merge github/fork/N0fix/master into master Jul 01, 2021

Those changes fixes support for inject_x64 injection on WoW64 processes, which allows support for mixed mode code, see this

Note that allocation of vmheap fails upon initializing dynamoRIO 64 on WoW64 processes. Thus, we need to pass -reachable_heap to avoid having to make this allocation.

We still need to have a proper support on drrun64 to inject natively without having to use create_process.exe.

Example command line that works :

bin64\drrun.exe -reachable_heap -inject_x64 -c .\clientdll.dll -- bin64\create_process.exe .\helloworld32.exe

As we need to specify reachable_heap I am afraid that win32.mixedmode test will be needing some tweaks.

Changes features :

Saving eax register that holds routine address for RtlUserThreadStart before mode switch, and restore it on mode switch
Fixing far jmp to switch to x64 mode on injection
Fixing env variable argument propagation

EDIT

-reachable_heap should not be required anymore since vmheap injection issues has been fixed in this commit.