In the program code() - FileAdded routine of the MgLibMakerMinus by Carl Barnes 2020.9.6 this is the code:
IF INSTRING(’.LIB’, UPPER(FileName), 1, 1)
ReadLib()
ELSE
ReadExecutable()
END
This is a problem if the file we are processing is a DLL, but somewhere in the whole path to a file there’s a “LIB” word, like this: C:\test\test.libs\project1\test.dll
The above code treats test.dll as a LIB because of the path, but it should as executable.
I’ve modified the code to:
IF RIGHT(UPPER(FILENAME),4)=’.LIB’
ReadLib()
ELSE
ReadExecutable()
END
So now it processes only files with extension LIB as LIBs. The rest are executables.
2 Likes
Thank you! I have updated GitHub with your change. That same code appears in 2 places.
I also found this similar code that could have similar problems:
lcl.CurrModule = WriteExpQ.module
lcl.instringLoc = instring('.DLL',upper(lcl.CurrModule),1,1)
if ~lcl.instringLoc
lcl.instringLoc = instring('.EXE',upper(lcl.CurrModule),1,1)
end
if lcl.instringLoc
lcl.CurrModule[lcl.instringLoc + 1 : lcl.instringLoc + 3] = 'lib'
end
I changed it to the below code:
lcl.CurrModule = WriteExpQ.module
lcl.LenModName = len(clip(lcl.CurrModule)) !01/02/22 revised as Instring is wrong incase name is xxxx.dll.lib
case upper(sub(lcl.CurrModule, lcl.LenModName-3, 4))
of '.DLL'
orof '.EXE'
lcl.CurrModule[lcl.LenModName - 3 : lcl.LenModName] = '.lib'
end
The Repo for my LibMaker is
1 Like
@MarkGoldberg you may want to check this out
My LibMakerPlus is based on Mark’s MgLibMaker and his code on GitHub does show the same bugs.
Mark worked with me on my version that I used for a CIDC presentation. It does have many new features like search, tagging, WinSxS. The GitHub ReadMe has details.
It has a unique “Subtract” a feature to see differences, e.g. load the 11.1 ClaRun.DLL then Subtract the 11.0 ClaRun.DLL and only what’s new remains. If you load a Windows DLL you can subtract the Clarion Win32.LIB so you have just wat SV has not defined and no duplicate errors.
I’ll tag the following info onto this thread because I didnt know the source code for libmaker existed until recently!
The source code for the clarion libmaker can found in C6\examples\libmaker it includes Groups for the MS (Dos), NE (16bit) and PE (32bit) structures. Today unlike the past, there are plenty of online sources to describe the PE structure eg PE Format - Win32 apps | Microsoft Learn
and plenty of online links to further help with deciphering the structure for anyone wanting to further extend the functionality of these Clarion libmakers.
I particularly like these:
win-internals - 0xRick’s Blog
Understanding this PE format will help with understanding Linux ELF file formats, COM and loading .dot assemblies.
The above info can also get you into the security and so called Red Team hacking territory very quickly, an example being
GitHub - TheWover/donut: Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters with links to things like how to bypass AMSI
How AMSI helps you defend against malware - Win32 apps | Microsoft Learn
Valuable knowledge to help reduce your attack vectors from hackers!