Runtime Hotpatching

Forum for things that doesn't really have anything to do with hMailServer. Such as php.ini, beer, etc etc.
Post Reply
User avatar
Dravion
Senior user
Senior user
Posts: 1688
Joined: 2015-09-26 11:50
Location: Germany
Contact:

Runtime Hotpatching

Post by Dravion » 2017-06-28 08:16

Recently, i came across about a a nice Feature in the Linux Kernel which is called Kernel Hotpatching. What is it?
It is the patching of the verry lowlevel core Softwarecomponent of the Linux OS without any restart of the entire
OS or even a reload.

I was curious about the possibilites for Windows programs.I found out, Microsoft designed a way to hotpach Program and even the ability to patch other, running Programs or hook into and redirect specific function calls. Ok, i dont want to patch other programs, i just want to patch my own stuff and so i googled arround and found a awsome article and example code from Michael Chourdakis on Codeproject and checked out his recipes and was verry impressed :D

1) Normal, unpatched situation after start test.exe with a Mouse doubleclick
before_patch.jpg

2) Here you can see the patchoptions.I decided to use the DLL-Patch scenario
about_to_patch.jpg
3) Now the patch (from DLLPatch.dll) was applied and the new, updated code was called after patch
after_patch.jpg
Summary:
I only had to build the Test.exe and the DLLPatch.dll Projects in Visual Studio and had to make sure both files are existing in the same folder and it works. The only problem i see, is, this is only a Memory (RAM) thing and can be
made without physical write access to the running program file. In other terms, if you close the program, its unpatched again.How ever, this method is capable patching mission critical processes with the latest patches on the fly, without a restart necessary. It works from Visual Studio 2005 upto Visual Studio 2017 (WinXP,Vista, Win7, Win8,Win10 32/64-Bit) What do you think about it?

Post Reply