Bumps [tar](https://github.com/isaacs/node-tar) from 7.5.1 to 7.5.2.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d9ea73a9b3"><code>d9ea73a</code></a>
7.5.2</li>
<li><a
href="5e1a8e6386"><code>5e1a8e6</code></a>
Fix sync tar.list when file size reduces while reading</li>
<li><a
href="0fbeaeddf5"><code>0fbeaed</code></a>
formatting</li>
<li><a
href="2dbacfe339"><code>2dbacfe</code></a>
add types for make-tar util</li>
<li><a
href="c5865d3120"><code>c5865d3</code></a>
remove unused taprc file</li>
<li><a
href="bdb38096af"><code>bdb3809</code></a>
header: only read from ustar block if not specified in Pax</li>
<li><a
href="d094cd7b71"><code>d094cd7</code></a>
BlueOak-1.0.0</li>
<li><a
href="4a6ae729bf"><code>4a6ae72</code></a>
Verify invulnerability to tarmageddon attack</li>
<li>See full diff in <a
href="https://github.com/isaacs/node-tar/compare/v7.5.1...v7.5.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/momo5502/sogen/network/alerts).
</details>
Minor change to allow minidump load to work with pages with copy
permission set.
File was probing memory via VirtualQuery incrementally, previously this
ran forever as Sogen doesn't replicate Windows behaviour.
Added exclusive allocation end boundary so that allocation / info check
on last page of user space VA works. Modified
memory_manager::find_free_allocation_base and
memory_manager::get_region_info to use exclusive boundary.
Added check to NtQueryVirtualMemory - now correctly returns
STATUS_INVALID_PARAMETER when run against memory outside of user space
VA. Kernel modules should use ZwQueryVirtualMemory not the user land
API.
This PR does a number of fixes and enhancements:
- [Added FileFsAttributeInformation fs info
class](c0fd8ebf51)
- [Added FileIsRemoteDeviceInformation file info
class](c8a18cf61c)
- [Added FileIdInformation file info
class](2c82277b5e)
- [Implemented NtUserEnumDisplaySettings
syscall](54ebbe27c2)
- [Fixed the DISPLAY_DEVICEW
value](4fbd65a302),
the old one had `StateFlags` set to 0 but that's incorrect since at
least one display needs to be the primary display.
- [Added support for SHA256 in
KSecDD](0d06e6822a)
- [Initialized StaticUnicodeString in
TEB](1c89c4e3b3),
this was necessary to get `RtlAnsiStringToUnicodeString` working.
- [Added '\??\pipe\' prefix to
is_named_pipe_path](d20da12052)
- [Stubbed
NtSetSecurityObject](c07f541528)
- [Don't request 'file_size' for
directories](46b97fd91c),
because this causes an exception in Linux.
- [Optimized
module_manager::get_module](83aa3b663a),
this seems to increase the emulator's speed by around 10%.
This PR introduces an abstraction for ALPC ports to make them easier to
manage in the future, and implements the DNS resolver port, at least
enough to get host address queries working.
There's a lot of code in this PR that I'm not very confident about, so
don't hesitate on the feedback 😄
<img width="1377" height="624" alt="image"
src="https://github.com/user-attachments/assets/4d56b84d-4b87-42ed-9bfa-be04dbbf3735"
/>
# Major Features Implemented
**Core WOW64 Architecture**
1. Full TEB, PEB, and Windows structure implementations for 32-bit
processes
2. Proper thread context switching with 32-bit stack allocation
3. Configurable memory allocation with 32-bit/64-bit address space
handling
4. Automatic WOW64 process identification and handling
5. Heaven's Gate Implementation for handling exceptions
**Enhanced Emulation Features**
1. Fixed GDT setup and segment management for WOW64
2. Multi-architecture PE loading with proper import resolution
3. Segment-aware disassembly with WOW64 debugging capabilities
**Testing & Validation**
**32-bit Test Sample**: Minimal "hello" executable with full ASM source
# TODO
Needs more testing, currently in very early stages.
This PR introduces several enhancements, mainly to the file system
syscalls:
- Implements file renaming via `NtSetInformationFile` by adding a
deferred rename mechanism to `file_handle`. The rename operation occurs
when the file handle is closed.
- Adds support for the `RootDirectory` parameter in
`NtQueryAttributesFile` to handle relative file paths.
- Adds support for opening the console output device (`\\??\\CONOUT$`).
- Stubs out the `NtLockVirtualMemory` syscall.
- Fixes an incorrect assertion in `socket_wrapper` that could fire on
`recvfrom` errors.
In `ntdll!RtlGetSystemTimePrecise`, `kusd.SystemTime` is queried first,
and QPC offset (`QPC() - kusd.BaselineSystemTimeQpc`) is added if it's
larger than 0.
Setting `kusd.BaselineSystemTimeQpc` to `UINT64_MAX` avoids the
adjustment, so incorrect adjustments won't happen.
Alternatively, We can update `kusd.BaselineSystemTimeQpc` to be the QPC
value just when `kusd.SystemTime` changes, but that's not possible,
because we cannot monitor `kusd.SystemTime` for change.
----------
Notes
1. With current values, this misalignment happens only when the system
is up for a long time.
2. Should I leave the comment there, or we can remove it and `git blame`
later instead?
In `ntdll!RtlGetSystemTimePrecise`, `kusd.SystemTime` is queried first, and QPC offset (`QPC() - kusd.BaselineSystemTimeQpc`) is added if it's larger than 0.
Setting `kusd.BaselineSystemTimeQpc` to `UINT64_MAX` avoids the adjustment, so incorrect adjustments won't happen.
Alternatively, We can update `kusd.BaselineSystemTimeQpc` to be the QPC value just when `kusd.SystemTime` changes, but that's not possible, because we cannot monitor `kusd.SystemTime` for change.
