0

Ollydbgを介してチェックされた文字列の最後の文字にヌルバイトを入れているときに、以下のコードで「書き込み中のアクセス違反」エラーが発生します。誰かがこれを整理するのを手伝ってくれますか、ありがとう

[SECTION .text]

global _start

_start:

jmp short       stuff  
code:

pop             esi
xor             eax,eax          
mov byte        [esi + 17],al   ; put a null byte byte on [esi + 17]  

stuff:
call            code
db              'This is my string#'
4

2 に答える 2

2

You're running a self-modifying code: depending on the platform, it may work or not. In protected mode, it will not work, because the code segment is read-only (it would work perfectly in DOS on a 386)

You must put the strings in the data segment, or instruct the linker to place a "writeable" tag in the .text segment (something like: /SECTION:.text,EWR).

This last method is frowned upon, because (a) it is poor coding practice, (b) it is used by so-called "polymorphic" virus engines, and disapproved by antivirus software, (c) may interfere with virtualized environment operations, finally (d) may not work, apparently at random, with some hardware configurations due to processor prefetch.

Unless you have a really pressing reason to do so, I'd suggest declaring a data segment and place your string there.

于 2012-10-11T10:45:26.397 に答える
1

Very often sections/segments designated for code are executable and read-only, that is, writing to them is not going to work.

You need to place your string in a data section, e.g. .data.

Also you probably want to divert execution after mov byte [esi + 17],al to some location other than stuff:, otherwise your program will enter an infinite loop.

于 2012-10-11T10:38:02.513 に答える