User forums > Help
Crash when executing a piece of code in C::B (not in another IDE or at runtime)
skirby:
Hello,
Is somebody could tell me what is wrong in my piece of code?
--- Quote ---#include <windows.h>
#include <stdio.h>
void f1(void) {
MessageBox(0, "f1", "", 0);
}
void f2(void) {
MessageBox(0, "f2", "", 0);
}
int main(void)
{
char *mem;
int len;
int i;
len = (int)(&f2 - &f1);
printf("len : %d\n", len);
mem = (char*)malloc(len * sizeof(char));
////// BLOCK 1
// Put these lines in comment and uncomment the last call to func() just after the system("PAUSE"); => All is ok
CopyMemory(mem, (void*)&f1, len);
// for (i = 0; i < len; i++) {
// printf("%X ", (unsigned char)mem);
// }
//********************************************
printf("\n");
free(mem);
//////////////////////////////////
char *seh;
seh = (char*)VirtualAlloc(0, 0x10000, MEM_COMMIT, PAGE_READWRITE);
*seh = 0xC3; // RET instruction (opcode)
PDWORD OLDProtect;
VirtualProtect(seh, 0x00000010, PAGE_EXECUTE_READ | PAGE_GUARD, OLDProtect);
FARPROC func;
func = (FARPROC)f1;
func();
func = (FARPROC)seh;
system("PAUSE");
////// BLOCK 2
func(); // put this line in comment and uncomment the block above => all is ok
//////////////////////////////////
system("PAUSE");
return 0;
}
--- End quote ---
If you uncomment the BLOCK 1 and 2 You have an error message when you execute this piece of code directly from C::B
There is no error message at runtime (directly from the .exe)
To make it works, "simply" comment the BLOCK 1 or 2 and it works.
I test it under PellesC IDE and there is no problem.
So, I don't know if the bug is due to C::B.
For information I always use the last nightly build (currently the 07/03/2006).
I am on Windows 2000 sp4 with 2 Go RAM.
I hope you could help me.
Thakns and have a nice day.
thomas:
--- Code: ---CopyMemory(mem, (void*)&f1, len);
--- End code ---
This code is inherently evil. Please don't blame us if it bites your butt :)
skirby:
I don't understand why this code is inherently evil.
In fact, I would like to know why I got an error message when I run my code into C::B and not under PellesC.
More, I do not have any message if I run my executable directly.
Otherwise, what will be the best to do what I want to do.
Do you have an idea which could explain my problem.
thomas:
--- Code: ---CopyMemory(mem, (void*)&f1, len);
--- End code ---
&f1 is an address that points to executable code. Doing any such thing as using CopyMemory on such an address alone gives me the creeps.
--- Code: ---printf("%X ", (unsigned char)mem)
--- End code ---
Looking a bit closer at it, you cast char* to unsigned char (note the pointer) which you print out len times. Not only do you print out the address instead of the memory (which I suspect was what you intended), but printf with %X expects int, too...
All in all, the code is just scary, sorry. :)
Copying around executable memory and fiddling with pointers and differently-sized variables in such a manner is the devil's code. If you don't shoot your foot that way today, you sure will tomorrow.
skirby:
--- Quote from: thomas on July 04, 2006, 03:16:24 pm ---
--- Code: ---CopyMemory(mem, (void*)&f1, len);
--- End code ---
&f1 is an address that points to executable code. Doing any such thing as using CopyMemory on such an address alone gives me the creeps.
--- End quote ---
In fact, I would like to access my function at runtime in order to detect if a breakpoint (INT 3) has been placed.
I need to detect any 0xCC opcode in the function that's why I have written this piece of code.
What is the best way ?
CopyMemory or ReadProcessMemory ?
--- Quote from: thomas on July 04, 2006, 03:16:24 pm ---
--- Code: ---printf("%X ", (unsigned char)mem)
--- End code ---
Looking a bit closer at it, you cast char* to unsigned char (note the pointer) which you print out len times. Not only do you print out the address instead of the memory (which I suspect was what you intended), but printf with %X expects int, too...
--- End quote ---
It is a mistake. In my original source code I don't have this problem.
I have printf("%X ", (unsigned char)mem[ i ]); and it works very well.
In fact, the forum interpretes [ i ] characters like italic.
--- Quote from: thomas on July 04, 2006, 03:16:24 pm ---All in all, the code is just scary, sorry. :)
Copying around executable memory and fiddling with pointers and differently-sized variables in such a manner is the devil's code. If you don't shoot your foot that way today, you sure will tomorrow.
--- End quote ---
I have remove PAGE_GUARD in the VirtualProtect function and now it works perfectly.
To finish, do you think my code is so ugly?
What is the best way to access executable code at runtime ?
But, I really would like to understand why I have had an error message with C::B and no error message when executing direclty the exe file.
I don't like not to understand something.
Thanks and have a nice day.
Navigation
[0] Message Index
[#] Next page
Go to full version