stackoom
  简体   繁体   中英

Buffer Overflow in C++ while reading virtual memory

 原文  2017-01-27 11:03:34       c++/ debugging/ virtual-memory

Question

I've got a program which is reading processes virtual memory and some registers for some data, then making amendments to it.

Here I pass the contents of eax register to my function (this seems to work fine, but I thought it might demonstrate what types of data are being involved) 

    case EXCEPTION_SINGLE_STEP:   // EXCEPTION_SINGLE_STEP = 0x80000004
                    bl_flag = TRUE;
                    memset((void *)&context, 0, 0x2CC);
                    context.ContextFlags = 0x10017;
                    thread = OpenThread(0x1FFFFF, 0, debug_event.dwThreadId);
                    GetThreadContext(thread, &context);
                    context.Eip = context.Eip + 1;

//                  sub_FD4BF0((HANDLE)(*((DWORD *)(lpThreadParameter))), context.Eax);
                    StringToHtml((HANDLE)(dwArray[0]), context.Eax);

                    SetThreadContext(thread, &context);
                    CloseHandle(thread);
                    break;



void StringToHtml(HANDLE hProcess, DWORD address)
{
    WCHAR buff[0x100];
    WCHAR html[0x100];
    DWORD oldProt = 0, real = 0;
    int len = 0;

    VirtualProtectEx(hProcess, (LPVOID)address, 0x200, PAGE_READWRITE, &oldProt);
    ReadProcessMemory(hProcess, (LPCVOID)address, (LPVOID)buff, 0x200, &real);

    len = wcslen(buff);
    int k = 0, j = 0;

    wprintf(L"Found out chat string : \"%s\" \n", buff);

    for (int pp = 0; pp < 0x100; pp++)
        html[pp] = NULL;   
    while(j < len)
    {

        if (buff[j] == L'&')
        {
            if (wcsncmp((const WCHAR *)(buff + j + 1), L"lt;", 3) == 0)
            {
                //html[k] = L'<';
                html[k] = L'<font color="#00FF10">';
                k++;
                j = j + 4;
                continue;
            }

I am aware this is an incomplete function snippet. However the issue is arriving at my for loop here. 

for (int pp = 0; pp < 0x100; pp++)

If i enter more than 256 characters (I at first thought this would be enough) then it crashes. I have clearly missed something obvious as I tried doing pp < len which I thought would use the buffer size, however, I still get the same crash.

How can I read the total size of the string entered in the chat into the loop and make it iterate over the WHOLE thing. Or at the very least catch this error?

1 answers

solution1
 0 ACCPTED  2017-01-27 11:12:12

Did you change the size of html and buffer according to the max of your for loop? Maybe that is already the solution.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question C++ Buffer Overflow Buffer Overflow Error while using Iterators in C++ reading buffer C++ Intentional Buffer overflow in c++ buffer overflow in c++ [on hold] Is there a buffer overflow helloworld for c++? c++ use a buffer in memory instead reading directly a file Segmentation fault while reading Memory in C++ Clearing buffer while reading in binary data from a server in C++ Reading buffer C/C++
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM