69ebac7ad6
When ntdll was added to the list of of "interesting DLLs" list (ind58230b9dc), the intention was not to intercept the "mini CRT" functions it exports. OverrideFunction would only intercept the *first* function it found when searching the list of DLLs, and ntdll was put last in that list. However, after42cdfbcf3e, OverrideFunction intercepts *all* matching functions in those DLLs. As a side-effect, the runtime would now intercept functions like memset etc. also in ntdll. This causes a problem when ntdll-internal functions like RtlDispatchException call the intercepted memset, which tries to inspect uncommitted shadow memory, raising an exception, and getting stuck in that loop until the stack overflows. Since we never intended to intercept ntdll's memset etc., the simplest fix seems to be to actively ignore ntdll when intercepting those functions. Fixes #114793
48 KiB
48 KiB