News:

Masm32 SDK description, downloads and other helpful links
Message to All Guests

Main Menu

Pointer Problem

Started by Zen, July 07, 2016, 09:01:53 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Zen

July 07, 2016, 09:01:53 AM
This one has got me mystified. I'm writing a program, and I'm writing out data to a Log File as a check.
I have launched ProcessExplorer while my application is functioning, just for thrills.
Anyway, a number of DLLs are loaded during the code execution (it has some COM stuff happening), and, I have written out the value of an Interface pointer to my Log File (in decimal). Then, I have de-referenced the pointer value, and printed out the de-referenced pointer value to the Log File (also, in decimal).
I then converted both pointer values to hexadecimal and compare them to the base load address of every loaded DLL that ProcessExplorer is showing me (which are also in hexadecimal). I have calculated the address range of every loaded DLL, by adding the base load address to the size of the DLL (both in decimal), and converting back to hexadecimal. So, I have what I think are the lower address bound and the upper address bound of every loaded DLL in my process's virtual address space. :bgrin:
I am  shocked (and, incredibly annoyed) to find that neither pointer value fit into the calculated range between the base load address and end of the loaded DLL (based on the size of the loaded file),...of any of the DLLs. In fact, they're not even close,...
...And, the REALLY WEIRD THING is that, right after writing out the pointer value to my Log File (in my source code file), I use the interface pointer to call a COM method, and the application doesn't crash,...Aarrgghh !!!

What am I doing wrong ??? :dazzled:
[I could post some code, but, it's trivial stuff,...and, it seems like such a simple problem.]

...It's probably extraterrestrials,...:dazzled:

Siekmanski

#1
July 07, 2016, 09:52:10 AM
Extraterrestrials often use a pointer to a pointer.  :biggrin:
Creative coders use backward thinking techniques as a strategy.

MichaelW

#2
July 07, 2016, 11:00:29 PM
Well Microsoft, here's another nice mess you've gotten us into.

Zen

#3
July 08, 2016, 04:11:35 AM
SIEKMANSKI,
Quote from: SIEKMANSKI...Extraterrestrials often use a pointer to a pointer....:biggrin:
...Amazing, it's like you're a world renown expert on extraterrestrials...but, how did the DANG extraterrestrials know it was my pointer ??? Oh,...yeah,...they knew even before I knew,...:dazzled:

...And,...MICHAELW,...Yeah,...good guess,...it's probably something like that,...thanks,...:bgrin:

Quote from: Address Space Layout Randomization...The locations of the heap, stack, Process Environment Block, and Thread Environment Block are also randomized,...

...So, the obvious question,...how does Windows De-Randomize the Address Space Layout ??? I've written code that accesses and reads fields from the Thread Environment Block, and, it works just as advertised.
...And, another obvious question,...how can I determine where the interface is, that the pointer points to ??? This was really the purpose of the whole exercise,...I want to determine the offset from the beginning of the interface vtable to one of addresses of one of the methods,...
:dazzled: Or, maybe,...I'm just along for the ride,...:dazzled:
Print
Go Up Pages1
User actions