Changeset 52213 in vbox for trunk/src/VBox/Runtime/common/ldr

Timestamp:

Jul 28, 2014 5:52:58 PM (10 years ago)

Author:

vboxsync

Message:

SUP,IPRT: Implemented forwarder support in RTLdr and cleaned up some the ordinal mess. Resolved imports when doing the process verification/purification runs other than SUPHARDNTVPKIND_CHILD_PURIFICATION. This is necessary since 32-bit windows combine .text with .rdata, and we don't want to overwrite the import table after it has been snapped. Include read-only sections in the verfication runs.

Location:

trunk/src/VBox/Runtime/common/ldr

Files:

• ldr.cpp (modified) (1 diff)
• ldrELFRelocatable.cpp.h (modified) (4 diffs)
• ldrEx.cpp (modified) (3 diffs)
• ldrNative.cpp (modified) (1 diff)
• ldrPE.cpp (modified) (8 diffs)
• ldrkStuff.cpp (modified) (3 diffs)

trunk/src/VBox/Runtime/common/ldr/ldr.cpp

@@ -63 +63 @@
     {
         RTUINTPTR Value = 0;
-        rc = pMod->pOps->pfnGetSymbolEx(pMod, NULL, 0, pszSymbol, &Value);
+        rc = pMod->pOps->pfnGetSymbolEx(pMod, NULL, 0, UINT32_MAX, pszSymbol, &Value);
         if (RT_SUCCESS(rc))
         {

trunk/src/VBox/Runtime/common/ldr/ldrELFRelocatable.cpp.h

@@ -922 +922 @@
 
 
+/**
+ * Worker for pfnGetSymbolEx.
+ */
+static int RTLDRELF_NAME(ReturnSymbol)(PRTLDRMODELF pThis, const Elf_Sym *pSym, Elf_Addr uBaseAddr, PRTUINTPTR pValue)
+{
+    Elf_Addr Value;
+    if (pSym->st_shndx == SHN_ABS)
+        /* absolute symbols are not subject to any relocation. */
+        Value = pSym->st_value;
+    else if (pSym->st_shndx < pThis->Ehdr.e_shnum)
+    {
+        if (pThis->Ehdr.e_type == ET_REL)
+            /* relative to the section. */
+            Value = uBaseAddr + pSym->st_value + pThis->paShdrs[pSym->st_shndx].sh_addr;
+        else /* Fixed up for link address. */
+            Value = uBaseAddr + pSym->st_value - pThis->LinkAddress;
+    }
+    else
+    {
+        AssertMsgFailed(("Arg! pSym->st_shndx=%d\n", pSym->st_shndx));
+        return VERR_BAD_EXE_FORMAT;
+    }
+    AssertMsgReturn(Value == (RTUINTPTR)Value, (FMT_ELF_ADDR "\n", Value), VERR_SYMBOL_VALUE_TOO_BIG);
+    *pValue = (RTUINTPTR)Value;
+    return VINF_SUCCESS;
+}
+
+
 /** @copydoc RTLDROPS::pfnGetSymbolEx */
-static DECLCALLBACK(int) RTLDRELF_NAME(GetSymbolEx)(PRTLDRMODINTERNAL pMod, const void *pvBits, RTUINTPTR BaseAddress, const char *pszSymbol, RTUINTPTR *pValue)
+static DECLCALLBACK(int) RTLDRELF_NAME(GetSymbolEx)(PRTLDRMODINTERNAL pMod, const void *pvBits, RTUINTPTR BaseAddress,
+                                                    uint32_t iOrdinal, const char *pszSymbol, RTUINTPTR *pValue)
 {
     PRTLDRMODELF pModElf = (PRTLDRMODELF)pMod;
@@ -931 +960 @@
      * Validate the input.
      */
-    Elf_Addr BaseAddr = (Elf_Addr)BaseAddress;
-    AssertMsgReturn((RTUINTPTR)BaseAddr == BaseAddress, ("#RTptr", BaseAddress), VERR_IMAGE_BASE_TOO_HIGH);
+    Elf_Addr uBaseAddr = (Elf_Addr)BaseAddress;
+    AssertMsgReturn((RTUINTPTR)uBaseAddr == BaseAddress, ("#RTptr", BaseAddress), VERR_IMAGE_BASE_TOO_HIGH);
 
     /*
@@ -944 +973 @@
      * Calc all kinds of pointers before we start iterating the symbol table.
      */
-    const char         *pStr  = pModElf->pStr;
     const Elf_Sym     *paSyms = pModElf->paSyms;
     unsigned            cSyms = pModElf->cSyms;
-    for (unsigned iSym = 1; iSym < cSyms; iSym++)
-    {
-        /* Undefined symbols are not exports, they are imports. */
-        if (    paSyms[iSym].st_shndx != SHN_UNDEF
-            &&  (   ELF_ST_BIND(paSyms[iSym].st_info) == STB_GLOBAL
-                 || ELF_ST_BIND(paSyms[iSym].st_info) == STB_WEAK))
-        {
-            /* Validate the name string and try match with it. */
-            if (paSyms[iSym].st_name < pModElf->cbStr)
-            {
-                if (!strcmp(pszSymbol, pStr + paSyms[iSym].st_name))
+    if (iOrdinal == UINT32_MAX)
+    {
+        const char     *pStr  = pModElf->pStr;
+        for (unsigned iSym = 1; iSym < cSyms; iSym++)
+        {
+            /* Undefined symbols are not exports, they are imports. */
+            if (    paSyms[iSym].st_shndx != SHN_UNDEF
+                &&  (   ELF_ST_BIND(paSyms[iSym].st_info) == STB_GLOBAL
+                     || ELF_ST_BIND(paSyms[iSym].st_info) == STB_WEAK))
+            {
+                /* Validate the name string and try match with it. */
+                if (paSyms[iSym].st_name < pModElf->cbStr)
                 {
-                    /* matched! */
-                    Elf_Addr Value;
-                    if (paSyms[iSym].st_shndx == SHN_ABS)
-                        /* absolute symbols are not subject to any relocation. */
-                        Value = paSyms[iSym].st_value;
-                    else if (paSyms[iSym].st_shndx < pModElf->Ehdr.e_shnum)
+                    if (!strcmp(pszSymbol, pStr + paSyms[iSym].st_name))
                     {
-                        if (pModElf->Ehdr.e_type == ET_REL)
-                            /* relative to the section. */
-                            Value = BaseAddr + paSyms[iSym].st_value + pModElf->paShdrs[paSyms[iSym].st_shndx].sh_addr;
-                        else /* Fixed up for link address. */
-                            Value = BaseAddr + paSyms[iSym].st_value - pModElf->LinkAddress;
+                        /* matched! */
+                        return RTLDRELF_NAME(ReturnSymbol)(pModElf, &paSyms[iSym], uBaseAddr, pValue);
                     }
-                    else
-                    {
-                        AssertMsgFailed(("Arg. paSyms[iSym].st_shndx=%d\n", paSyms[iSym].st_shndx));
-                        return VERR_BAD_EXE_FORMAT;
-                    }
-                    AssertMsgReturn(Value == (RTUINTPTR)Value, (FMT_ELF_ADDR "\n", Value), VERR_SYMBOL_VALUE_TOO_BIG);
-                    *pValue = (RTUINTPTR)Value;
-                    return VINF_SUCCESS;
                 }
-            }
-            else
-            {
-                AssertMsgFailed(("String outside string table! iSym=%d paSyms[iSym].st_name=%#x\n", iSym, paSyms[iSym].st_name));
-                return VERR_LDRELF_INVALID_SYMBOL_NAME_OFFSET;
-            }
-        }
+                else
+                {
+                    AssertMsgFailed(("String outside string table! iSym=%d paSyms[iSym].st_name=%#x\n", iSym, paSyms[iSym].st_name));
+                    return VERR_LDRELF_INVALID_SYMBOL_NAME_OFFSET;
+                }
+            }
+        }
+    }
+    else if (iOrdinal < cSyms)
+    {
+        if (    paSyms[iOrdinal].st_shndx != SHN_UNDEF
+            &&  (   ELF_ST_BIND(paSyms[iOrdinal].st_info) == STB_GLOBAL
+                 || ELF_ST_BIND(paSyms[iOrdinal].st_info) == STB_WEAK))
+            return RTLDRELF_NAME(ReturnSymbol)(pModElf, &paSyms[iOrdinal], uBaseAddr, pValue);
     }
 
@@ -1394 +1414 @@
     RTLDRELF_NAME(Relocate),
     RTLDRELF_NAME(GetSymbolEx),
+    NULL /*pfnQueryForwarderInfo*/,
     RTLDRELF_NAME(EnumDbgInfo),
     RTLDRELF_NAME(EnumSegments),

trunk/src/VBox/Runtime/common/ldr/ldrEx.cpp

@@ -288 +288 @@
 
 
-/**
- * Gets the address of a named exported symbol.
- *
- * This function differs from the plain one in that it can deal with
- * both GC and HC address sizes, and that it can calculate the symbol
- * value relative to any given base address.
- *
- * @returns iprt status code.
- * @param   hLdrMod         The loader module handle.
- * @param   pvBits          Optional pointer to the loaded image.
- *                          Set this to NULL if no RTLdrGetBits() processed image bits are available.
- *                          Not supported for RTLdrLoad() images and must be NULL.
- * @param   BaseAddress     Image load address.
- *                          Not supported for RTLdrLoad() images and must be 0.
- * @param   pszSymbol       Symbol name.
- * @param   pValue          Where to store the symbol value.
- */
-RTDECL(int) RTLdrGetSymbolEx(RTLDRMOD hLdrMod, const void *pvBits, RTLDRADDR BaseAddress, const char *pszSymbol,
-                             PRTLDRADDR pValue)
-{
-    LogFlow(("RTLdrGetSymbolEx: hLdrMod=%RTldrm pvBits=%p BaseAddress=%RTptr pszSymbol=%p:{%s} pValue\n",
-             hLdrMod, pvBits, BaseAddress, pszSymbol, pszSymbol, pValue));
-
-    /*
-     * Validate input.
-     */
-    AssertMsgReturn(rtldrIsValid(hLdrMod), ("hLdrMod=%p\n", hLdrMod), VERR_INVALID_HANDLE);
-    AssertMsgReturn(!pvBits || VALID_PTR(pvBits), ("pvBits=%p\n", pvBits), VERR_INVALID_PARAMETER);
-    AssertMsgReturn(pszSymbol, ("pszSymbol=%p\n", pszSymbol), VERR_INVALID_PARAMETER);
-    AssertMsgReturn(VALID_PTR(pValue), ("pValue=%p\n", pvBits), VERR_INVALID_PARAMETER);
-    PRTLDRMODINTERNAL pMod = (PRTLDRMODINTERNAL)hLdrMod;
-    //AssertMsgReturn(pMod->eState == LDR_STATE_OPENED, ("eState=%d\n", pMod->eState), VERR_WRONG_ORDER);
+RTDECL(int) RTLdrGetSymbolEx(RTLDRMOD hLdrMod, const void *pvBits, RTLDRADDR BaseAddress,
+                             uint32_t iOrdinal, const char *pszSymbol, PRTLDRADDR pValue)
+{
+    LogFlow(("RTLdrGetSymbolEx: hLdrMod=%RTldrm pvBits=%p BaseAddress=%RTptr iOrdinal=%#x pszSymbol=%p:{%s} pValue\n",
+             hLdrMod, pvBits, BaseAddress, iOrdinal, pszSymbol, pszSymbol, pValue));
+
+    /*
+     * Validate input.
+     */
+    AssertMsgReturn(rtldrIsValid(hLdrMod), ("hLdrMod=%p\n", hLdrMod), VERR_INVALID_HANDLE);
+    AssertPtrNullReturn(pvBits, VERR_INVALID_POINTER);
+    AssertPtrNullReturn(pszSymbol, VERR_INVALID_POINTER);
+    AssertReturn(pszSymbol || iOrdinal != UINT32_MAX, VERR_INVALID_PARAMETER);
+    AssertPtrReturn(pValue, VERR_INVALID_POINTER);
+    PRTLDRMODINTERNAL pMod = (PRTLDRMODINTERNAL)hLdrMod;
 
     /*
@@ -326 +309 @@
     int rc;
     if (pMod->pOps->pfnGetSymbolEx)
-        rc = pMod->pOps->pfnGetSymbolEx(pMod, pvBits, BaseAddress, pszSymbol, pValue);
-    else if (!BaseAddress && !pvBits)
+        rc = pMod->pOps->pfnGetSymbolEx(pMod, pvBits, BaseAddress, iOrdinal, pszSymbol, pValue);
+    else if (!BaseAddress && !pvBits && iOrdinal == UINT32_MAX)
     {
         void *pvValue;
@@ -340 +323 @@
 }
 RT_EXPORT_SYMBOL(RTLdrGetSymbolEx);
+
+
+RTDECL(int) RTLdrQueryForwarderInfo(RTLDRMOD hLdrMod, const void *pvBits, uint32_t iOrdinal, const char *pszSymbol,
+                                    PRTLDRIMPORTINFO pInfo, size_t cbInfo)
+{
+    LogFlow(("RTLdrQueryForwarderInfo: hLdrMod=%RTldrm pvBits=%p iOrdinal=%#x pszSymbol=%p:{%s} pInfo=%p cbInfo=%zu\n",
+             hLdrMod, pvBits, iOrdinal, pszSymbol, pszSymbol, pInfo, cbInfo));
+
+    /*
+     * Validate input.
+     */
+    AssertMsgReturn(rtldrIsValid(hLdrMod), ("hLdrMod=%p\n", hLdrMod), VERR_INVALID_HANDLE);
+    AssertPtrNullReturn(pvBits, VERR_INVALID_POINTER);
+    AssertMsgReturn(pszSymbol, ("pszSymbol=%p\n", pszSymbol), VERR_INVALID_PARAMETER);
+    AssertPtrReturn(pInfo, VERR_INVALID_PARAMETER);
+    AssertReturn(cbInfo >= sizeof(*pInfo), VERR_INVALID_PARAMETER);
+    PRTLDRMODINTERNAL pMod = (PRTLDRMODINTERNAL)hLdrMod;
+
+    /*
+     * Do it.
+     */
+    int rc;
+    if (pMod->pOps->pfnQueryForwarderInfo)
+    {
+        rc = pMod->pOps->pfnQueryForwarderInfo(pMod, pvBits, iOrdinal, pszSymbol, pInfo, cbInfo);
+        if (RT_SUCCESS(rc))
+            LogFlow(("RTLdrQueryForwarderInfo: returns %Rrc pInfo={%#x,%#x,%s,%s}\n", rc,
+                     pInfo->iSelfOrdinal, pInfo->iOrdinal, pInfo->pszSymbol, pInfo->szModule));
+        else
+            LogFlow(("RTLdrQueryForwarderInfo: returns %Rrc\n", rc));
+    }
+    else
+    {
+        LogFlow(("RTLdrQueryForwarderInfo: returns VERR_NOT_SUPPORTED\n"));
+        rc = VERR_NOT_SUPPORTED;
+    }
+    return rc;
+
+}
+RT_EXPORT_SYMBOL(RTLdrQueryForwarderInfo);
 
 

trunk/src/VBox/Runtime/common/ldr/ldrNative.cpp

@@ -75 +75 @@
     NULL,
     NULL,
+    NULL /*pfnQueryForwarderInfo*/,
     NULL,
     NULL,

trunk/src/VBox/Runtime/common/ldr/ldrPE.cpp

@@ -897 +897 @@
 
 
-/** @copydoc RTLDROPS::pfnGetSymbolEx. */
-static DECLCALLBACK(int) rtldrPEGetSymbolEx(PRTLDRMODINTERNAL pMod, const void *pvBits, RTUINTPTR BaseAddress, const char *pszSymbol, RTUINTPTR *pValue)
-{
-    PRTLDRMODPE pModPe = (PRTLDRMODPE)pMod;
-
+/**
+ * Internal worker for pfnGetSymbolEx and pfnQueryForwarderInfo.
+ *
+ * @returns IPRT status code.
+ * @param   pModPe              The PE module instance.
+ * @param   iOrdinal            The symbol ordinal, UINT32_MAX if named symbol.
+ * @param   pszSymbol           The symbol name.
+ * @param   ppvBits             The image bits pointer (input/output).
+ * @param   puRvaExport         Where to return the symbol RVA.
+ * @param   puOrdinal           Where to return the ordinal number. Optional.
+ */
+static int rtLdrPE_ExportToRva(PRTLDRMODPE pModPe, uint32_t iOrdinal, const char *pszSymbol,
+                               const void **ppvBits, uint32_t *puRvaExport, uint32_t *puOrdinal)
+{
     /*
      * Check if there is actually anything to work on.
@@ -912 +921 @@
      * No bits supplied? Do we need to read the bits?
      */
+    void const *pvBits = *ppvBits;
     if (!pvBits)
     {
@@ -920 +930 @@
                 return rc;
         }
-        pvBits = pModPe->pvBits;
+        *ppvBits = pvBits = pModPe->pvBits;
     }
 
     PIMAGE_EXPORT_DIRECTORY pExpDir = PE_RVA2TYPE(pvBits, pModPe->ExportDir.VirtualAddress, PIMAGE_EXPORT_DIRECTORY);
     int                     iExpOrdinal = 0;    /* index into address table. */
-    if ((uintptr_t)pszSymbol <= 0xffff)
+    if (iOrdinal != UINT32_MAX)
     {
         /*
          * Find ordinal export: Simple table lookup.
          */
-        unsigned uOrdinal = (uintptr_t)pszSymbol & 0xffff;
-        if (    uOrdinal >= pExpDir->Base + RT_MAX(pExpDir->NumberOfNames, pExpDir->NumberOfFunctions)
-            ||  uOrdinal < pExpDir->Base)
+        if (    iOrdinal >= pExpDir->Base + RT_MAX(pExpDir->NumberOfNames, pExpDir->NumberOfFunctions)
+            ||  iOrdinal < pExpDir->Base)
             return VERR_SYMBOL_NOT_FOUND;
-        iExpOrdinal = uOrdinal - pExpDir->Base;
+        iExpOrdinal = iOrdinal - pExpDir->Base;
     }
     else
@@ -951 +960 @@
             if (iStart > iEnd)
             {
-            #ifdef RT_STRICT
+#ifdef RT_STRICT
                 /* do a linear search just to verify the correctness of the above algorithm */
                 for (unsigned i = 0; i < pExpDir->NumberOfNames; i++)
@@ -960 +969 @@
                               ("bug in binary export search!!!\n"));
                 }
-            #endif
+#endif
                 return VERR_SYMBOL_NOT_FOUND;
             }
@@ -982 +991 @@
      * Found export (iExpOrdinal).
      */
-    uint32_t *  paAddress = PE_RVA2TYPE(pvBits, pExpDir->AddressOfFunctions, uint32_t *);
-    unsigned    uRVAExport = paAddress[iExpOrdinal];
-
-    if (    uRVAExport > pModPe->ExportDir.VirtualAddress
-        &&  uRVAExport < pModPe->ExportDir.VirtualAddress + pModPe->ExportDir.Size)
-    {
-        /* Resolve forwarder. */
-        AssertMsgFailed(("Forwarders are not supported!\n"));
-        return VERR_SYMBOL_NOT_FOUND;
-    }
-
-    /* Get plain export address */
-    *pValue = PE_RVA2TYPE(BaseAddress, uRVAExport, RTUINTPTR);
-
+    uint32_t *paAddress = PE_RVA2TYPE(pvBits, pExpDir->AddressOfFunctions, uint32_t *);
+    *puRvaExport = paAddress[iExpOrdinal];
+    if (puOrdinal)
+        *puOrdinal = iExpOrdinal;
     return VINF_SUCCESS;
+}
+
+
+/** @copydoc RTLDROPS::pfnGetSymbolEx. */
+static DECLCALLBACK(int) rtldrPEGetSymbolEx(PRTLDRMODINTERNAL pMod, const void *pvBits, RTUINTPTR BaseAddress,
+                                            uint32_t iOrdinal, const char *pszSymbol, RTUINTPTR *pValue)
+{
+    PRTLDRMODPE pThis = (PRTLDRMODPE)pMod;
+    uint32_t uRvaExport;
+    int rc = rtLdrPE_ExportToRva(pThis, iOrdinal, pszSymbol, &pvBits, &uRvaExport, NULL);
+    if (RT_SUCCESS(rc))
+    {
+
+        uint32_t offForwarder = uRvaExport - pThis->ExportDir.VirtualAddress;
+        if (offForwarder >= pThis->ExportDir.Size)
+            /* Get plain export address */
+            *pValue = PE_RVA2TYPE(BaseAddress, uRvaExport, RTUINTPTR);
+        else
+        {
+            /* Return the approximate length of the forwarder buffer. */
+            const char *pszForwarder = PE_RVA2TYPE(pvBits, uRvaExport, const char *);
+            *pValue = sizeof(RTLDRIMPORTINFO) + RTStrNLen(pszForwarder, offForwarder - pThis->ExportDir.Size);
+            rc = VERR_LDR_FORWARDER;
+        }
+    }
+    return rc;
+}
+
+
+/** @copydoc RTLDROPS::pfnQueryForwarderInfo. */
+static DECLCALLBACK(int) rtldrPE_QueryForwarderInfo(PRTLDRMODINTERNAL pMod, const void *pvBits,  uint32_t iOrdinal,
+                                                    const char *pszSymbol, PRTLDRIMPORTINFO pInfo, size_t cbInfo)
+{
+    AssertReturn(cbInfo >= sizeof(*pInfo), VERR_INVALID_PARAMETER);
+
+    PRTLDRMODPE pThis = (PRTLDRMODPE)pMod;
+    uint32_t uRvaExport;
+    int rc = rtLdrPE_ExportToRva(pThis, iOrdinal, pszSymbol, &pvBits, &uRvaExport, &iOrdinal);
+    if (RT_SUCCESS(rc))
+    {
+        uint32_t offForwarder = uRvaExport - pThis->ExportDir.VirtualAddress;
+        if (offForwarder < pThis->ExportDir.Size)
+        {
+            const char *pszForwarder = PE_RVA2TYPE(pvBits, uRvaExport, const char *);
+
+            /*
+             * Parse and validate the string.  We must make sure it's valid
+             * UTF-8, so we restrict it to ASCII.
+             */
+            const char *pszEnd = RTStrEnd(pszForwarder, offForwarder - pThis->ExportDir.Size);
+            if (pszEnd)
+            {
+                /* The module name. */
+                char ch;
+                uint32_t off = 0;
+                while ((ch = pszForwarder[off]) != '.' && ch != '\0')
+                {
+                    if (RT_UNLIKELY((uint8_t)ch >= 0x80))
+                        return VERR_LDR_BAD_FORWARDER;
+                    off++;
+                }
+                if (RT_UNLIKELY(ch != '.'))
+                    return VERR_LDR_BAD_FORWARDER;
+                uint32_t const offDot = off;
+                off++;
+
+                /* The function name or ordinal number. Ordinals starts with a hash. */
+                uint32_t iImpOrdinal;
+                if (pszForwarder[off] != '#')
+                {
+                    iImpOrdinal = UINT32_MAX;
+                    while ((ch = pszForwarder[off]) != '\0')
+                    {
+                        if (RT_UNLIKELY((uint8_t)ch >= 0x80))
+                            return VERR_LDR_BAD_FORWARDER;
+                        off++;
+                    }
+                    if (RT_UNLIKELY(off == offDot + 1))
+                        return VERR_LDR_BAD_FORWARDER;
+                }
+                else
+                {
+                    rc = RTStrToUInt32Full(&pszForwarder[off + 1], 10, &iImpOrdinal);
+                    if (RT_UNLIKELY(rc != VINF_SUCCESS || iImpOrdinal > UINT16_MAX))
+                        return VERR_LDR_BAD_FORWARDER;
+                }
+
+                /*
+                 * Enough buffer?
+                 */
+                uint32_t cbNeeded = RT_OFFSETOF(RTLDRIMPORTINFO, szModule[iImpOrdinal != UINT32_MAX ? offDot + 1 : off + 1]);
+                if (cbNeeded > cbInfo)
+                    return VERR_BUFFER_OVERFLOW;
+
+                /*
+                 * Fill in the return buffer.
+                 */
+                pInfo->iSelfOrdinal = iOrdinal;
+                pInfo->iOrdinal     = iImpOrdinal;
+                if (iImpOrdinal == UINT32_MAX)
+                {
+                    pInfo->pszSymbol = &pInfo->szModule[offDot + 1];
+                    memcpy(&pInfo->szModule[0], pszForwarder, off + 1);
+                }
+                else
+                {
+                    pInfo->pszSymbol = NULL;
+                    memcpy(&pInfo->szModule[0], pszForwarder, offDot);
+                }
+                pInfo->szModule[offDot] = '\0';
+                rc = VINF_SUCCESS;
+            }
+            else
+                rc = VERR_LDR_BAD_FORWARDER;
+        }
+        else
+            rc = VERR_LDR_NOT_FORWARDER;
+    }
+    return rc;
 }
 
@@ -2542 +2660 @@
         rtldrPERelocate,
         rtldrPEGetSymbolEx,
+        rtldrPE_QueryForwarderInfo,
         rtldrPE_EnumDbgInfo,
         rtldrPE_EnumSegments,
@@ -2575 +2694 @@
         rtldrPERelocate,
         rtldrPEGetSymbolEx,
+        rtldrPE_QueryForwarderInfo,
         rtldrPE_EnumDbgInfo,
         rtldrPE_EnumSegments,

trunk/src/VBox/Runtime/common/ldr/ldrkStuff.cpp

@@ -561 +561 @@
 /** @copydoc RTLDROPS::pfnGetSymbolEx */
 static DECLCALLBACK(int) rtkldr_GetSymbolEx(PRTLDRMODINTERNAL pMod, const void *pvBits, RTUINTPTR BaseAddress,
-                                            const char *pszSymbol, RTUINTPTR *pValue)
+                                            uint32_t iOrdinal, const char *pszSymbol, RTUINTPTR *pValue)
 {
     PKLDRMOD pModkLdr = ((PRTLDRMODKLDR)pMod)->pMod;
@@ -581 +581 @@
 
     int rc = kLdrModQuerySymbol(pModkLdr, pvBits, BaseAddress,
-                                NIL_KLDRMOD_SYM_ORDINAL, pszSymbol, strlen(pszSymbol), NULL,
-                                NULL, NULL, &uValue, NULL);
+                                iOrdinal == UINT32_MAX ? NIL_KLDRMOD_SYM_ORDINAL : iOrdinal,
+                                pszSymbol, strlen(pszSymbol), NULL,
+                                NULL, NULL,
+                                &uValue, NULL);
     if (!rc)
     {
@@ -873 +875 @@
     rtkldr_Relocate,
     rtkldr_GetSymbolEx,
+    NULL /*pfnQueryForwarderInfo*/,
     rtkldr_EnumDbgInfo,
     rtkldr_EnumSegments,