[PATCH] Big List Of Dodgy Apps for cygcheck.

Dave Korn dave.korn@artimi.com
Mon Jul 30 07:09:00 GMT 2007

    Morning all,

  This is the first cut of the dodgy apps detection feature for cygcheck.

  The output is generated as part of the -s report.  Adding -v makes it give
full detail about exactly what it detected that makes it think a particular
dodgy app is installed.

  It use NT native API calls, I haven't attempted to retain 9x back-compat.

  It only implements detection for a couple of items so far, because I don't
have 99% of these dodgy apps and don't know how to detect them!  Adding
detection for more applications will be taken care of in forthcoming
incremental patches once I can find the information.

  I needed some new definitions in ntdll.h in order to lookup loaded module
info, so I imported a couple of chunks from wine's winternl.h header file.
I've added far more of the system information classes than are actually
needed, but it won't do any harm, and I've crosschecked all the definitions
against Nebbett while I was doing it.  Wine differed from Nebbett (and from
Cygwin's original ntdll.h) in a couple of places; I've audited those and
Cygwin and Nebbett are right, so I've used their definitions where Wine's

  I haven't documented this anywhere; it seems unnecessary to me, since it is
already covered by what the definition of the "-s" option does; it's just more
"system information", and doesn't need to be specially mentioned.  A possible
future enhancement would be an option to download an updated list of dodgy
apps from the cygwin website.  That, of course, *would* require some docs.

  I Can Has Code Reviewz Plz?  kthxbye!


2007-07-30  Dave Korn  <dave.korn@artimi.com>

	* ntdll.h (SYSTEM_INFORMATION_CLASS):  Imported latest definitions
	from wine's winternl.h, with a couple of hand-edits based on Nebbett.
	(MAXIMUM_FILENAME_LENGTH):  Likewise imported constant definition.


2007-07-30  Dave Korn  <dave.korn@artimi.com>

	* Makefile.in (cygcheck.exe):  Add bloda.o as prerequisite, adjusting
	dependency-filtering $(wordlist ...) call appropriately.  Link ntdll.
	(bloda.o):  New rule to build bloda.o
	* cygcheck.cc (dump_sysinfo):  Call bloda function dump_dodgy_apps().
	* bloda.cc:  New file implements detection of applications from the
	Big List Of Dodgy Apps.

Can't think of a witty .sigline today....
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cygcheck-bloda-patch.diff
Type: application/octet-stream
Size: 20318 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin-developers/attachments/20070730/65bbea7e/attachment.obj>

More information about the Cygwin-developers mailing list