-
-
[原创]那些年在github上给microsoft提的issues
-
发表于:
2020-10-24 13:49
11948
-
[原创]那些年在github上给microsoft提的issues
以下issues,microsoft都已确认并closed。
1.WDK7-WDK10的例子代码里的simrep工程的ExAllocatePoolWithTag第二个和第三个参数写反了,竟然还编译过去,且运行没啥。
f19K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6E0K9h3y4J5L8%4y4G2k6Y4c8Q4x3V1k6i4K9h3&6V1L8%4N6K6i4K6u0V1k6s2u0A6N6X3g2J5i4K6u0V1M7$3q4E0M7r3I4W2M7#2)9J5c8X3W2K6M7%4g2W2M7#2)9J5c8U0p5&6x3R3`.`.
2.WDK文档里的FwpsStreamInjectAsync0少写个s.
52eK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6y4K9h3y4J5L8%4y4G2k6Y4c8p5L8$3y4K6i4K6u0r3N6$3W2F1k6r3!0%4M7#2)9J5k6r3c8J5K9i4k6W2M7W2)9J5k6r3c8G2j5%4y4Q4x3V1k6A6M7%4y4#2k6i4y4Q4x3V1j5%4x3e0p5`.
3.SDK例子里的iphdrinc工程的注释与函数名不符。
c64K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6E0K9h3y4J5L8%4y4G2k6Y4c8Q4x3V1k6i4K9h3&6V1L8%4N6K6i4K6u0V1j5$3I4S2M7%4y4A6j5#2)9J5k6s2y4S2L8i4m8D9k6i4y4Q4x3V1k6A6M7%4y4#2k6i4y4Q4x3V1j5%4z5l9`.`.
4.SDK例子里的rcvall工程的结构的命名笔误。
b55K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6E0K9h3y4J5L8%4y4G2k6Y4c8Q4x3V1k6i4K9h3&6V1L8%4N6K6i4K6u0V1j5$3I4S2M7%4y4A6j5#2)9J5k6s2y4S2L8i4m8D9k6i4y4Q4x3V1k6A6M7%4y4#2k6i4y4Q4x3V1j5%4z5b7`.`.
5.sysinternals里的procexp和procmon的一些关于WSL的支持不良。
60dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6y4K9h3y4J5L8%4y4G2k6Y4c8p5L8$3y4K6i4K6u0r3M7%4W2K6K9h3&6@1k6i4u0F1j5h3I4K6i4K6u0r3K9i4y4K6N6h3g2K6i4K6u0r3x3U0l9%4
6.MSDN的NtQueryVirtualMemory由Available starting with Windows 10改为Available starting with Windows 2000。
ff5K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6y4K9h3y4J5L8%4y4G2k6Y4c8p5L8$3y4K6i4K6u0r3N6$3W2F1k6r3!0%4M7#2)9J5k6r3c8J5K9i4k6W2M7W2)9J5k6r3c8G2j5%4y4Q4x3X3c8V1k6r3W2Q4x3V1k6A6M7%4y4#2k6i4y4Q4x3V1j5$3x3e0R3`.
7.MSDN的PageProtection由one of该为位与。
14bK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6y4K9h3y4J5L8%4y4G2k6Y4c8p5L8$3y4K6i4K6u0r3N6$3W2F1k6r3!0%4M7#2)9J5k6r3c8J5K9i4k6W2M7W2)9J5k6r3c8G2j5%4y4Q4x3V1k6A6M7%4y4#2k6i4y4Q4x3V1j5I4y4K6x3$3
8.依照MSDN的惯例,PsSetLoadImageNotifyRoutineEx少说一句话:不要忘了调用PsRemoveLoadImageNotifyRoutine。
e0dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6y4K9h3y4J5L8%4y4G2k6Y4c8p5L8$3y4K6i4K6u0r3N6$3W2F1k6r3!0%4M7#2)9J5k6r3c8J5K9i4k6W2M7W2)9J5k6r3c8G2j5%4y4Q4x3X3c8V1k6r3W2Q4x3V1k6A6M7%4y4#2k6i4y4Q4x3V1j5$3z5e0p5`.
9.MSDN的ObUnRegisterCallbacks双重释放BUG(Bugcheck code 0000007E)。
cfbK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6y4K9h3y4J5L8%4y4G2k6Y4c8p5L8$3y4K6i4K6u0r3N6$3W2F1k6r3!0%4M7#2)9J5k6r3c8J5K9i4k6W2M7W2)9J5k6r3c8G2j5%4y4Q4x3X3c8V1k6r3W2Q4x3V1k6A6M7%4y4#2k6i4y4Q4x3V1j5$3z5e0x3`.
微软还用带颜色的字体显示了这段话。
10.sysinternals里的Process Monitor v3.52不支持FILE_INFORMATION_CLASS FileInformationClass这个消息。
a7cK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6y4K9h3y4J5L8%4y4G2k6Y4c8p5L8$3y4K6i4K6u0r3M7%4W2K6K9h3&6@1k6i4u0F1j5h3I4K6i4K6u0r3K9i4y4K6N6h3g2K6i4K6u0r3x3U0b7J5
11.MSDN的RtlLookupElementGenericTable系列函数的IRQL在不是pageable下由IRQL < DISPATCH_LEVEL改为IRQL <= DISPATCH_LEVEL。
b7aK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6y4K9h3y4J5L8%4y4G2k6Y4c8p5L8$3y4K6i4K6u0r3N6$3W2F1k6r3!0%4M7#2)9J5k6r3c8J5K9i4k6W2M7W2)9J5k6r3c8G2j5%4y4Q4x3X3c8V1k6r3W2Q4x3V1k6A6M7%4y4#2k6i4y4Q4x3V1j5K6x3K6V1`.
欲了解更多,请关注8c0K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6C8L8%4g2*7K9s2g2V1L8$3&6Y4
[培训]科锐逆向工程师培训第53期2025年7月8日开班!
