Skip Flushing Instruction Cache on x86

.cargo/config.toml

@@ -0,0 +1,2 @@
+[build]
+target = ['i686-pc-windows-msvc','x86_64-pc-windows-msvc']

.gitignore

@@ -1,3 +1,2 @@
 /target
 Cargo.lock
-.vscode

.vscode/settings.json

@@ -0,0 +1,11 @@
+{
+    "rust-analyzer.checkOnSave.command": "clippy",
+    "[rust]": {
+        "editor.formatOnSave": true
+    },
+    "rust-analyzer.linkedProjects": [
+        "Cargo.toml",
+        "tests/helpers/test_payload/Cargo.toml",
+        "tests/helpers/test_target/Cargo.toml",
+    ]
+}

.vscode/tasks.json

@@ -0,0 +1,23 @@
+{
+  "version": "2.0.0",
+  "tasks": [
+    {
+      "label": "Test on Windows",
+      "type": "shell",
+      "command": "pwsh ./scripts/test.ps1",
+      "problemMatcher": []
+    },
+    {
+      "label": "Clean",
+      "type": "shell",
+      "command": "pwsh ./scripts/clean.ps1",
+      "problemMatcher": []
+    },
+    {
+      "label": "Test on Wine (See Readme)",
+      "type": "shell",
+      "command": "pwsh ./scripts/test-wine.ps1",
+      "problemMatcher": []
+    },
+  ]
+}

README.md

@@ -9,6 +9,11 @@
 A windows dll injection library written in Rust.
 
 ## Supported scenarios
+
+> [!WARNING]
+> Although tests currently pass, some uses of 64-bit into 32-bit may potentially fail on 
+> Linux (WINE) due to [Wine Bug #56362](https://bugs.winehq.org/show_bug.cgi?id=56362).
+
 | Injector Process | Target Process | Supported?                                 |
 | ---------------- | -------------- | ------------------------------------------ |
 | 32-bit           | 32-bit         | Yes                                        |
@@ -42,11 +47,11 @@ syringe.eject(injected_payload).unwrap();
 ## Remote Procedure Calls (RPC)
 This crate supports two mechanisms for rpc. Both only work one-way for calling exported functions in the target process and are only intended for one-time initialization usage. For extended communication a dedicated rpc library should be used.
 
-|                  | `RemotePayloadProcedure`        | `RemoteRawProcedure` |
-| ---------------- | ------------------------------ | ------------------------------------------ |
-| Feature | `rpc-payload` | `rpc-raw` |
-| Argument and Return Requirements | `Serialize + DeserializeOwned` | `Copy`, Argument size has to be smaller than `usize` in target process |
-| Function Definition       | Using macro `payload_procedure!` | Any `extern "system"` or `extern "C"` with `#[no_mangle]` |
+|                                  | `RemotePayloadProcedure`         | `RemoteRawProcedure`                                                   |
+| -------------------------------- | -------------------------------- | ---------------------------------------------------------------------- |
+| Feature                          | `rpc-payload`                    | `rpc-raw`                                                              |
+| Argument and Return Requirements | `Serialize + DeserializeOwned`   | `Copy`, Argument size has to be smaller than `usize` in target process |
+| Function Definition              | Using macro `payload_procedure!` | Any `extern "system"` or `extern "C"` with `#[no_mangle]`              |
 
 ### RemotePayloadProcedure
 A rpc mechanism based on [`bincode`](https://crates.io/crates/bincode).
@@ -119,6 +124,36 @@ syringe.eject(injected_payload).unwrap();
 ## License
 Licensed under MIT license ([LICENSE](https://github.com/OpenByteDev/dll-syringe/blob/master/LICENSE) or http://opensource.org/licenses/MIT)
 
+## Instructions for Contributors
+
+### Prerequisites
+
+You will need the nightly toolchains of Rust and Cargo to build/test this project.
+
+```
+rustup target add x86_64-pc-windows-msvc --toolchain nightly
+rustup target add i686-pc-windows-msvc --toolchain nightly
+```
+
+> [!NOTE]
+> Also applies to developing on Linux, you'll need it for your IDE (i.e. rust-analyzer or RustRover) to work properly.
+
+### Run Tests
+
+Run the `./scripts/test.ps1` script from PowerShell.
+
+### Running Tests on Linux
+
+You'll need `cargo xwin` to build the MSVC targets on Linux:
+
+```
+cargo install cargo-xwin
+```
+
+After that, you can run the tests with `./scripts/test-wine.ps1` PowerShell script.
+(As opposed to `./scripts/test.ps1`)
+
+Make sure you have Wine installed!
+
 ## Attribution
 Inspired by [Reloaded.Injector](https://github.com/Reloaded-Project/Reloaded.Injector) from [Sewer](https://github.com/Sewer56).
-

rust-toolchain.toml

@@ -0,0 +1,2 @@
+[toolchain]
+channel = "nightly"

scripts/clean.ps1

@@ -0,0 +1,11 @@
+# Navigate up one folder from the current script location
+Set-Location "$PSScriptRoot\.."
+cargo clean
+
+Set-Location "./tests/helpers/test_payload"
+cargo clean
+Set-Location "../../.."
+
+Set-Location "./tests/helpers/test_target"
+cargo clean
+Set-Location "../../.."

scripts/test-wine.ps1

@@ -0,0 +1,17 @@
+# Navigate up one folder from the current script location
+Set-Location "$PSScriptRoot\.."
+
+# Testing
+$env:CROSS_SYSROOT = "." # pretend we cross
+
+# Prebuild dummy projects.
+cargo +nightly xwin rustc --manifest-path "tests/helpers/test_target/Cargo.toml" --target i686-pc-windows-msvc --xwin-arch x86 --xwin-cache-dir "target/cache/x86"
+cargo +nightly xwin rustc --manifest-path "tests/helpers/test_payload/Cargo.toml" --target i686-pc-windows-msvc --xwin-arch x86 --xwin-cache-dir "target/cache/x86"
+cargo +nightly xwin rustc --manifest-path "tests/helpers/test_target/Cargo.toml" --target x86_64-pc-windows-msvc --xwin-arch x86_64 --xwin-cache-dir "target/cache/x64"
+cargo +nightly xwin rustc --manifest-path "tests/helpers/test_payload/Cargo.toml" --target x86_64-pc-windows-msvc --xwin-arch x86_64 --xwin-cache-dir "target/cache/x64"
+
+# Windows/MSVC x86
+cargo +nightly xwin test --target i686-pc-windows-msvc --xwin-arch x86 --xwin-cache-dir "target/cache/x86"
+
+# Windows/MSVC x64
+cargo +nightly xwin test --target x86_64-pc-windows-msvc --xwin-arch x86_64 --xwin-cache-dir "target/cache/x64"

scripts/test.ps1

@@ -0,0 +1,8 @@
+# Navigate up one folder from the current script location
+Set-Location "$PSScriptRoot\.."
+
+# Windows/MSVC x86
+cargo test --target i686-pc-windows-msvc -- --nocapture
+
+# Windows/MSVC x64
+cargo test --target x86_64-pc-windows-msvc -- --nocapture

src/process/memory/buffer.rs

@@ -338,6 +338,12 @@ impl<'a> ProcessMemorySlice<'a> {
         }
 
         let mut bytes_written = 0;
+        if buf.is_empty() {
+            // This works around a discrepancy between Wine and actual Windows.
+            // On Wine, a 0 sized write fails, on Windows this suceeds. Will file as bug soon.
+            return Ok(());
+        }
+
         let result = unsafe {
             WriteProcessMemory(
                 self.process.as_raw_handle(),

src/rpc/raw.rs

@@ -165,6 +165,7 @@ where
                 Self::build_call_stub_x64(self.ptr, result.as_ptr().as_ptr(), float_mask).unwrap()
             };
             let code = self.remote_allocator.alloc_and_copy_buf(code.as_slice())?;
+            #[cfg(not(any(target_arch = "x86", target_arch = "x86_64")))]
             code.memory().flush_instruction_cache()?;
 
             Ok(RemoteRawProcedureStub {

src/rpc/rpc_core.rs

@@ -1,5 +1,4 @@
-use iced_x86::{code_asm::*, IcedError};
-
+use iced_x86::code_asm::*;
 use std::{
     ffi::CString,
     mem,
@@ -83,6 +82,7 @@ impl Syringe {
                 .unwrap()
             };
             let function_stub = self.remote_allocator.alloc_and_copy_buf(code.as_slice())?;
+            #[cfg(not(any(target_arch = "x86", target_arch = "x86_64")))]
             function_stub.memory().flush_instruction_cache()?;
 
             Ok(RemoteProcedureStub {

src/syringe.rs

@@ -116,6 +116,28 @@ impl Syringe {
         }
     }
 
+    /// Creates a new syringe for the given suspended target process.
+    pub fn for_suspended_process(process: OwnedProcess) -> Result<Self, io::Error> {
+        let syringe = Self::for_process(process);
+
+        // If we are injecting into a 'suspended' process, then said process is said to not be fully
+        // initialized. This means:
+        // - We can't use `EnumProcessModulesEx` and friends.
+        // - So we can't locate Kernel32.dll in 32-bit process (from 64-bit process)
+        // - And therefore calling LoadLibrary is not possible.
+
+        // Thankfully we can 'initialize' this suspended process without running any end user logic
+        // (e.g. a game's entry point) by creating a dummy method and invoking it.
+        let ret: u8 = 0xC3;
+        let bx = syringe.remote_allocator.alloc_and_copy(&ret)?;
+        syringe.process().run_remote_thread(
+            unsafe { mem::transmute(bx.as_raw_ptr()) },
+            std::ptr::null::<u8>() as *mut u8,
+        )?;
+
+        Ok(syringe)
+    }
+
     /// Returns the target process for this syringe.
     pub fn process(&self) -> BorrowedProcess<'_> {
         self.remote_allocator.process()