StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PODLLHook - GZip decompression of a string
primarykey
Id
1450795
data
AcceptedAnswerId
1450974
AnswerCount
1
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2009-09-20T11:05:57.427
FavoriteCount
0
LastActivityDate
2009-09-20T13:03:17.160
LastEditDate
2009-09-20T11:09:14.177
LastEditorUserId
16076
OwnerUserId
172844
ParentId
0
PostTypeId
1
Score
0
ViewCount
274
LastEditorDisplayName
text
Body
I am injecting a dll into firefox (browser) and hooking WSARecv. The problem is, that the data-buffer is Gzip-compressed. I already tried hooking the send() function and removing the "Accept-Encoding: gzip,deflate", but many webservers won't understand this. So I tried to stick with decompressing the buffer, changing some stuff and compressing it again. Therefore I linked the zlib.dll and zlib.lib into my DLL and wrote a small wrapper class: <pre><code>int CGZip::DecompressString(char* src, int srcLen, char** destination, int* destLen) { //Define the source, destination, source length, and destination length char *dest= new char[(unsigned int)destLen]; //Decompress the string in src and place it in dest int result=uncompress((unsigned char *)dest,(uLongf*)destLen,(const unsigned char *)src,srcLen); //Return the results of the decompression *destination = dest; return(result); } </code></pre> But when I include the decompression into the hooked WSARecv my dll won't get loaded anymore (no DLL_PROCESS_ATTACH is called). When I remove the following 5 lines the dll gets loaded again. <pre><code>szUncompressed = (char*)malloc((size_t)lpBuffers->len * 100); CGZip *ziphandler = new CGZip(); ziphandler->DecompressString(lpBuffers->buf, lpBuffers->len, &szUncompressed, &iUncompressedLength); szUncompressed[iUncompressedLength] = '\0'; </code></pre> Any idea why the DLL isn't loading anymore, or how I can easily decompress and compress the data buffer? Thanks in advance : )
Tags
<browser><gzip><hook>
Title
DLLHook - GZip decompression of a string
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USMitch Wheat
UserOwnerUserId
1. USmaxedmelon
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. This table or related slice is empty.
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.