Thread system error value not preserved when tracing

[HexKitchen]

When tracing an executable, the tracing code interferes with the thread's system error code, which can cause incorrect execution of the traced process.

Example:

#include <iostream>
#include <Windows.h>

int main()
{
    SetLastError(1337);


    std::cout << "Last error: " << GetLastError() << std::endl;
    std::cout << "Last error: " << GetLastError() << std::endl;
}

Output (without tracing):

Last error: 1337
Last error: 1337

Output (with tracing):

...
2024-04-04 20:15:07,773     INFO | Writing trace data of 1025258 bytes...
STDOUT : Last error: 0
STDOUT :
STDOUT : Last error: 0
STDOUT :

[myr-syn]

Hi !
Thank you for your contribution.

We wonder whether this issue might be linked to Frida itself. We also noticed this commit from the 16.2.2 release:

gumjs: Preserve thread’s system error over NativeCallback invocations. Thanks @HexKitchen!

Have you been able to confirm that the problem is now solved without applying this patch?

[HexKitchen]

<!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Aptos; panose-1:2 11 0 4 2 2 2 2 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; font-size:12.0pt; font-family:"Aptos",sans-serif;} a:link, span.MsoHyperlink {mso-style-priority:99; color:blue; text-decoration:underline;} span.EmailStyle20 {mso-style-type:personal-reply; font-family:"Aptos",sans-serif; color:windowtext;} .MsoChpDefault {mso-style-type:export-only; font-size:10.0pt; mso-ligatures:none;} @page WordSection1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;} div.WordSection1 {page:WordSection1;} -->Hi! My testing seemed to indicate that the problems in Frida and Frinet are independent of each other – though, I found both issues in the course of the same investigation. Simon From: myr-syn ***@***.***>Date: Monday, June 3, 2024 at 11:54 AMTo: synacktiv/frinet ***@***.***>Cc: Simon Zuckerbraun ***@***.***>, Author ***@***.***>Subject: Re: [synacktiv/frinet] Thread system error value not preserved when tracing (Issue #5)Hi !Thank you for your contribution.We wonder whether this issue might be linked to Frida itself. We also noticed this commit from the 16.2.2 release:gumjs: Preserve thread’s system error over NativeCallback invocations. Thanks @HexKitchen!Have you been able to confirm that the problem is now solved without applying this patch?—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you authored the thread.Message ID: ***@***.***>

[hexa-synacktiv]

We tested this pull request on arm64 and it broke the tracer for some reason, the pull request was reverted until we understand the problem better.

It is not 100% clear whether the problem was actually due to this commit or some other variable, but we do not have time to test more extensively at the moment. We will potentially re-merge this later after more testing has been done.