[英]Access violation error with memcpy
unsigned char hexData[14] = {
0x31, 0xC0, 0xBB, 0x42, 0x24, 0x80, 0x7C, 0x66,
0xB8, 0x88, 0x13, 0x50, 0xFF, 0xD3
};
void dummy(){}
int main()
{
void *code_ptr = &dummy;
PDWORD OP;
__asm
{
call code_ptr
add code_ptr,10h
}
VirtualProtect(code_ptr, 14, PAGE_EXECUTE_WRITECOPY, OP);
memcpy(code_ptr, hexData, 14);
.
.
.
and in disassembly 并在拆卸中
_LoadLibraryA@4:
003C11E0 jmp _LoadLibraryA@4 (03C1430h)
dummy:
003C11E5 jmp dummy (03C1A80h)
_printf:
003C11EA jmp _printf (03C1436h)
_VirtualProtect@16:
003C11EF jmp _VirtualProtect@16 (03C143Ch)
003C11F4 int 3
003C11F5 int 3
003C11F6 int 3
003C11F7 int 3
so it seems i can copy something 15 blocks after 003C11E5 所以看来我可以在003C11E5之后复制15个块
but when i do that i get access Access violation error 但是当我这样做时,我得到访问访问冲突错误
I tried using VirtualAlloc like 我尝试使用VirtualAlloc像
void *code_ptr = &dummy;
code_ptr = VirtualAlloc(NULL, 14, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
memcpy(code_ptr, hexData, 14);
__asm
{
call code_ptr
}
and i got that error again 然后我又得到了那个错误
int (*func)();
func = (int (*)()) code;
(int)(*func)();
that not working either 那也不起作用
my IDE is VS2013 and my OS is win8.1 我的IDE是VS2013,我的操作系统是win8.1
I would appreciate any ideas 我将不胜感激
Well, OP
is an uninitialized pointer. 好吧,
OP
是一个未初始化的指针。 You cannot pass that to VirtualProtect
. 您不能将其传递给
VirtualProtect
。 Instead of 代替
PDWORD OP;
you need: 你需要:
DWORD OldProtect;
And then pass &OldProtect
to VirtualProtect
. 然后将
&OldProtect
传递给VirtualProtect
。
VirtualProtect(code_ptr, 14, PAGE_EXECUTE_WRITECOPY, &OldProtect);
You existing code fails on the call to VirtualProtect
. 您现有的代码在调用
VirtualProtect
失败。 You don't check for errors and so continue regardless. 您无需检查错误,因此无论如何都可以继续。 Then the call to
memcpy
fails with a general protection fault, because the memory is read only. 然后,由于内存是只读的,因此对
memcpy
的调用失败,并出现一般保护错误。
Even if you fix your code, I doubt that it will work though. 即使您修复了代码,我仍然怀疑它是否会起作用。 I see no reason for
dummy
to be 14 bytes long. 我认为没有理由将
dummy
设为14个字节长。 You are relying on luck and wishful thinking. 您依靠运气和一厢情愿。 So you will probably overwrite the code that you are executing.
因此,您可能会覆盖正在执行的代码。
If you want 14 bytes of memory to write your code to, call VirtualAlloc
. 如果您希望将14个字节的内存写入代码,请调用
VirtualAlloc
。 That way you can be certain of success. 这样,您可以确定成功。
As a piece of general advice, you will need to get into the habit of checking return values for errors. 作为一般建议,您将需要养成检查返回值是否有错误的习惯。 You call
VirtualProtect
and ignore the return value. 您调用
VirtualProtect
并忽略返回值。 How do you know that your call to VirtualProtect
was successful? 您如何知道对
VirtualProtect
的调用成功?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.