[notissue] Return back a ripped functionality #9
Comments
|
That should be doable relatively easy and sounds indeed useful. |
|
I realize that this does not contribute anything to the progression of the issue, so I apologize in advance, but I'm curious: if this should be easily doable @DavidXanatos, do you have any idea why the development team would have removed it? |
|
BSA is Workign again: https://www.wilderssecurity.com/threads/buster-sandbox-analyzer.428538/page-2#post-2920470 @DavidBerdik I can't tell you how they broke it as the old sources are not public, it does not make sense to me to change something from working to broken on purpose, perhaps it was a total rework to Fix some other issue they head and the new code worked for Sandboxie itself, but no longer for other cases. When fixing LOG_API.dll, aside the SetTimer issue, I ran into CreateProcessW resulting in a crash further down in windows and SetSecurityInfo which just maneuvered itself into an endless loop of calling itself. At that point I decided screw it, and just grabbed a well tested hooking library that does the job properly. Why CreateProcessW failed I have no idea, sbie is not even hooking it, just some internal function that is down the line invoked by it, SetSecurityInfo is a different story Sbie hooks it and without digging into what exactly went wrong there I'd just speculate that the new hooking mechanism from Sbie doesn't properly handle when a function is hooked twice, something along the lines of overwriting the trampoline to the original function with one to the other hooking function.... Now I wonder if its a good idea to use that hooking lib also for sandboxie, might be worth testing that out. Anyhow since the BSA issue is now fixed I'll close it. |
|
@DavidXanatos Interesting! Thank you for the detailed explanation! |
Hope this will go into a Project' Task.
At the 3.x epoch there was a very useful functions used to inject dlls like AntiDel and some runtime monitoring. And BSA addon based on these features. Unfortunately these functions were trashed out and we're definitely need them back.
The text was updated successfully, but these errors were encountered: