Software developers occasionally discover minor errors in previously released programs. Furthermore, incompatibilities between an old program and a new operating system arise when a user updates an operating system. New computer hardware can also result in the discovery of errors in software designed to run on a previously existing hardware platform. Recalling entire programs can be very costly and impractical in cases where the error is relatively minor and/or the number of distributed programs is relatively large. In such instances downloadable software patches offer a practical tool for inserting replacement instructions or data enabling the software to operating properly.
Previously, if a software developer, user or other party identified an incompatibility between a computer program and the Microsoft Windows operating system, then the developer distributed a permanent patch (one that is actually stored in an updated version of the computer program) for insertion into the computer program to remedy the incompatibility. Software developers utilize permanent patches to remedy universal errors in a program (i.e., errors generally associated with all uses of the program). Such permanent patches must be compatible with other existing programs. Otherwise, the patch may create new errors requiring further patches.
A computer program must also permit changes to its original code to incorporate a permanent patch. A number of computer-based video games include anti-tampering mechanisms preventing changes to either the computer instructions or data. The anti-tampering mechanisms ensure proper use and operation of the programs, but they also prevent applying permanent software patches. Since a permanent patch necessitates changing a computer program's code, software with anti-tampering mechanisms are unlikely to allow even relatively minor permanent software patches. In such instances, installing a software patch requires disabling the anti-tampering mechanisms of a computer program. Thus, when faced with a need to make even minor changes to a tamper-protected program, developers either issue entire new copies of a program in an updated form or disable the anti-tampering mechanisms.
Certain program patches are incorporated into operating system application program interfaces (APIs) rather than the program itself. Anti-tampering mechanisms are unlikely to detect changes to the APIs. For example, many programs include a “get version” operating system command/API enabling applications to determine the version of an operating system installed upon a computer system upon which the applications execute. A computer program executing on a computer running a new version of an operating system will determine that the version of the operating system is unknown. The computer program registers an error condition and prevents further program execution. However, in many instances a computer program's operation is unaffected by changes present in the new operating system, and a simple incompatibility is eliminated by installing a patch in the API causing issuance of an expected (prior) version identification when the program executes the “get version” command. Such a fix does not require modifications to the computer program itself, and therefore anti-tampering safeguards are unaffected by the patch.
A potentially difficult task encountered when attempting to implement the aforementioned patch strategy involving API substitution is recognizing applications that need patches and then inserting and/or substituting the code at the required points of the application in a manner that does not interfere with the expected operation of the executable program. It is insufficient to merely create the intended patch. Some mechanism must be incorporated to allow a patch utility associated with the operating system, or other program controlling execution of an application, to identify the application as a candidate for incorporating patch code with virtually perfect accuracy. Even a single false positive identification by the patch utility is unacceptable. Lupu et al. U.S. application Ser. No. 09/513,016, filed on Feb. 25, 2000, entitled: “Fixing Incompatible Applications By Providing Stubs For APIs; and Lupu et al. U.S. application Ser. No. 09/544,512, filed on Apr. 6, 2000, entitled: “Fixing Incompatible Applications Using A Light Debugger,” disclose a program modification system wherein modification candidate programs are identified within a general computer system registry. The registry is searched until a candidate executable program entry matching a selected executable program is located. In the case where an executable program does not have a corresponding patch stored on the computer system, the search mechanism traverses the registry until the absence of a corresponding entry is confirmed. If a matching entry is located in the general registry, then a corresponding hook DLL identified by the matching registry entry is read from a file located elsewhere in a computing system. The hook DLL in turn includes hook API structures that reference patch functions inserted in place of function calls within identified DLLs of the selected executable program.