On Thu, 13 Feb 2025, LIU Hao wrote:
A writeable IAT is a conspicuous target for code injection.
If MSVC makes it read-only, LLD makes it read-only, and there have been few
issues with MSVC in practice (see the Old New Thing article), then there's no
reason for us to not do that; do you agree?
Yes, the IAT should be read-only, I agree on that.
But the delay load imports should not be part of that data structure, it
should be elsewhere, where it is read-write from the start, without
needing to change permissions on the fly.
If you add "delayimp.lib -link -delayload:user32.dll" to your example and
compile it (and change the printfs to print __imp_MessageBoxW instead of
*__imp_MessageBoxW), you'll see that it runs fine without faulting when
built with MSVC. (I can't seem to pass -link parameters on compiler
explorer though.)
// Martin
_______________________________________________
Mingw-w64-public mailing list
Mingw-w64-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mingw-w64-public
