The Big List of Dodgy Apps
Dave Korn
dave.korn@artimi.com
Tue Mar 20 18:59:00 GMT 2007
On 20 March 2007 18:45, Brian Dessent wrote:
> Dave Korn wrote:
>
>>> I would think it was possible to have cygcheck do something like
>>> sysinternals' process explorer does to get the DLL list, but to do it
>>> only on itself - essentially asking the question "to which DLLs am I
>>> linked?" The expected DLLs can be eliminated from all enquiries. If
>>> the fingerprint of a known offender is detected, it can be reported as
>>> such. Anything else can be reported as a "potential problem".
>>
>> This seems a reasonably good idea. I was thinking at one point of
>> adding it to the cygwin crashdump routines invoked after fork() errors.
>
> It won't work to check "to which DLLs am I linked", at least not in the
> way of inspecting the PE headers of the file on disk. The injecting is
> dynamic, through system hook functions, so you have to use the
> DebugHlp/ImageHlp libraries to inspect the process space, IIRC.
Yes, that's what I meant too; I was skipping over the minor inaccuracy in
Phil's terminology because I'm sure that's what he intended.
cheers,
DaveK
--
Can't think of a witty .sigline today....
More information about the Cygwin-talk
mailing list