This project is read-only.
2

Closed

WinSock hooking and WSAGetLastError problem

description

Hi,
 

 
I am trying to hook connect function ofWinSock 2 (ws2_32.dll) and I was successful, but there is a big problem here.
 
All modern browsers use not-blocking connections and when using connect function on a not-blocking connection, it will raise error 10035 mean that this operation can't complete immediately and you need to check later and see if we are connected or not. This
is a normal behavior and this error is not really an error. Something like an info or warning.
 
Most of browsers expect this error and if we don't have this error they will kill the connection. The problem is here that
WSAGetLastError is thread related so if you run connect function on an other thread you can't read related error. And it seems that EasyHook will run in an other thread separated from calling thread, so when I try to route this function by
calling original connect from my hook, any error generated is inaccessible for calling thread. (Only I can access it from hook, not application it-self)
 
So IE, Chrome and Firefox that expect error 10035 will face with error 0 (no error) because connection made in EasyHook thread not there, I don't know if EasyHook can solve this types of problems. Seems little hard to solve. What i think is, Is there any
way to run a block of code in calling thread (application it-self)?! So i can set error myself using
WSASetLastError on that thread?! This will force anyWSAGetLastError
call after that to return my last submitted error code.
 
Currently I can hook WSAGetLastError too, but this makes another problems because EasyHook's thread also have no access to calling thread's errors. Errors that may come from other methods (other than connect method). The only way I can think
of currently is to hook all ws2_32.dll methods which is hard.
 
Any help is appreciated

file attachments

Closed Aug 24, 2015 at 1:28 AM by spazzarama
External issue

comments

DarkSoroush wrote Aug 21, 2012 at 8:57 AM

If it is not thread, so what is it?!
I have no idea! Why errors are not accessible from calling thread then!
Do you want me to upload an example?! Let you test it by your-self?!

It works fine in Safari, Opera, IDM.
But IE,Firefox and Chrome (90% of user's browsers?! :D) give me error.

tnx for support.

spazzarama wrote Aug 22, 2012 at 11:41 AM

Providing some code as a test case would be very helpful thankyou.

wrote Aug 22, 2012 at 5:28 PM

wrote Aug 22, 2012 at 5:42 PM

DarkSoroush wrote Aug 22, 2012 at 5:42 PM

Hi,

This is an example, I wrote what i did and what i got by hooking WSAGetLastError and WSASetLastError too. Almost no success. Any way. Here is example code. Please test it by different browsers. To become convinced if WSAGetLastError is actual problem, I ask you to run Chrome by this argument:
--enable-logging --v=1
Then in parent directory of chrome's user data directory:
http://dev.chromium.org/user-experience/user-data-directory
You will find "chrome_debug.log".
Run hook and open a page. Then check this file. You can clearly see this line:
ERROR:tcp_client_socket_win.cc(506)] connect failed: 0
And based of this file:
http://code.ohloh.net/file?fid=Z82z_YkGXfuWGTHdakktqYyCGcg&cid=0W4KUpSYxGo&s=&browser=Default#L0
Line 514 (As code is diff and my chrome is not updated or maybe they are in alpha or something):
int os_error = WSAGetLastError();
if (os_error != WSAEWOULDBLOCK) {
  LOG(ERROR) << "connect failed: " << os_error;
WSAEWOULDBLOCK is 10035! and it show that chrome error is cuz of not getting 10035 as error. It receives 0 mean no error (As mentioned in log)

Thanks

DarkSoroush wrote Sep 1, 2012 at 4:09 PM

any news?!

spazzarama wrote Sep 5, 2012 at 11:17 AM

Not yet - I've been fairly busy with work. Won't get a chance to look at this until October.

DarkSoroush wrote Jan 11, 2013 at 6:06 PM

Hi,
Happy new year.
Any thing new about this issue?!

wrote Feb 22, 2013 at 1:15 AM

wrote Jun 14, 2013 at 3:22 PM

revel8n wrote Jun 14, 2013 at 3:22 PM

Since this was something i was going to need int he future as well, i decided to look into it. This is technically not an issue with EasyHook. After some investigation i cam across some history of the WSASetLastError and WSAGetLastError functions. They are mainly provided for backwards compatibility with 16-bit applications. As such in most cases on 32-bit and later systems these are simply redirects to SetLastError and GetLastError. Hooking SetLastError and remembering to call the library function seems to have helped get around this and firefox will at least connect to pages happily.

i have attached the last file i used to test. There may still be some remaining hooks i did not comment out sine i just did a lot of cut and paste to quickly test this.

Thanks for the sample, as i was looking for a good way to initially test EasyHook for this purpose.

wrote Aug 24, 2015 at 1:28 AM