This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: BLODA detection code in latest snapshot

On Feb 27 18:53, David Rothenberger wrote:
> On 2/27/2012 4:26 AM, Corinna Vinschen wrote:
> >   Of course this is not foolproof.  The only filtered system DLLs so
> >   far are kernel32.dll, ntdll.dll, mswsock.dll, amd ws2_32.dll.  If you
> >   playing around with this, and if you find that a core system DLL is
> >   reported (like, say, advapi32.dll), then please notify this list, too.
> On one of my Windows XP 32 boxes, it is reporting
> Potential BLODA detected!  Thread function called outside of Cygwin DLL:
>   C:\WINDOWS\system32\advapi32.dll
> when I ssh to another host. The machine DOES have potential BLODA,
> though: Symantec Endpoint Protection. It's never caused me any problems.

Weird!  I can't reproduce this on my XP box so I have to assume
this is a result of SEPs influence.  Hmm.  That's a bit disappointing.
How on earth can SEP call a thread function in advapi32?  I don't
think any of them are documented...

> you didn't say not to report it if there is helpful anti-workright
> software on the machine, so, here's your report. Forgive me if I
> misunderstood.

Oh.  In my last paragraph I wrote:

>> Of course I'd be interested in your experience with this and in any
>> BLODA message you get by setting CYGWIN=detect_bloda.

Sorry if that wasn't clear enough.


Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

Problem reports:
Unsubscribe info:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]