This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: BLODA detection code in latest snapshot
On 2/27/2012 6:53 PM, David Rothenberger wrote:
> On 2/27/2012 4:26 AM, Corinna Vinschen wrote:
>> Of course this is not foolproof. The only filtered system DLLs so
>> far are kernel32.dll, ntdll.dll, mswsock.dll, amd ws2_32.dll. If you
>> playing around with this, and if you find that a core system DLL is
>> reported (like, say, advapi32.dll), then please notify this list, too.
>
> On one of my Windows XP 32 boxes, it is reporting
>
> Potential BLODA detected! Thread function called outside of Cygwin DLL:
> C:\WINDOWS\system32\advapi32.dll
>
> when I ssh to another host. The machine DOES have potential BLODA,
> though: Symantec Endpoint Protection. It's never caused me any problems.
>
> You did say above to report to the list if advapi32.dll is reported, and
> you didn't say not to report it if there is helpful anti-workright
> software on the machine, so, here's your report. Forgive me if I
> misunderstood.
Here's another one, this time on a Win7-64 machine:
Potential BLODA detected! Thread function called outside of Cygwin DLL:
C:\Windows\syswow64\SHLWAPI.dll
I get this when running
% cygstart --hide "$(cygpath -W)/sysnative/msg" $USER test
There's no BLODA on this machine.
--
David Rothenberger ---- daveroth@acm.org
Adler's Distinction:
Language is all that separates us from the lower animals,
and from the bureaucrats.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple