c++ - Create std::string inside debugger -


i'm debugging x86 program (written in c++ / vs2012 / statically linked) in windbg , have object files. point of interest function:

static bool isvalidtoken(const std::string& token)

this function receives string token validate client.

i want able test inside debugger, have create std::string command: .call isvalidtoken(<addr_of_string>).

dumping , manipulating std::string inside windbg relatively easy, possible create it?

i'm able hijack other strings , change can test, crashes program sometimes. i'm trying find static constructor class it's hard because it's heavily based on templates.

by debugging test program in visual studio (suggested @cdonts in comments) find constructor prototype std::string. shown in command follows.

back windbg issued following command find symbols signature (note * used wildcard replace spaces):

0:047> x manager!std::basic_string<char,std::char_traits<char>,std::allocator<char>*>::basic_string<char,std::char_traits<char>,std::allocator<char>*>

found following constructors:

6e36bf96 manager!std::basic_string<...prototype...> (char *, char *) 6e67fa65 manager!std::basic_string<...prototype...> (class std::basic_string<...prototype...> *, int, int) 6d519218 manager!std::basic_string<...prototype...> (class std::_string_const_iterator<...prototype...>) 6d54c745 manager!std::basic_string<...prototype...> (char *, unsigned int) 6d0c2666 manager!std::basic_string<...prototype...> (char *) 6d1f2a43 manager!std::basic_string<...prototype...> (class std::basic_string<...prototype...> *) 6d151eb8 manager!std::basic_string<...prototype...> (class std::basic_string<...prototype...> *)

i ommited parts of prototypes, 1 interests is:

6d0c2666 manager!std::basic_string<...prototype...> (char *)

this 1 takes char * argument. used initialize newly created string, , it's easy provide. so, steps job are:

  1. allocate memory object ( std::string ). use 1000 because it's minimum allocation size:

    0:047> .dvalloc 1000 allocated 1000 bytes starting @ 03fe0000

  2. allocate buffer char * parameter:

    0:047> .dvalloc 1000 allocated 1000 bytes starting @ 03ff0000

    we can initialize buffer with:

    0:047> ea 0x03ff0000 "my string here"

  3. place .call command passing 2 parameters: first 1 address of memory allocated object itself, happens this argument, because funcion uses thiscall calling convention (windbg knows , places in ecx). second 1 char * parameter constructor:

    0:048> .call 6d0c2666(0x03fe0000, 0x03ff0000) thread set call, 'g' execute. warning: can have serious side-effects, including deadlocks , corruption of debuggee.  0:048> g

after have std::string object (at 0x03fe0000) work with, containing text "my string here".


Comments

Post a Comment

Popular posts from this blog

java - pagination of xlsx file to XSSFworkbook using apache POI -

right in code, reading xlsx file, xssfworkbook, , writing database. but, when size of xlsx file increases, causes outofmemory error. can not increase server size, or divide xlsx file pieces. tried loading workbook using file (instead of inputstream), didn't either. i looking way read 10k rows @ time (instead of entire file @ once) , iteratively write workbook , database. is there way apache poi? poi contains called "eventmodel" designed purpose. it's mentioned in faq : the ss eventmodel package api reading excel files without loading whole spreadsheet memory. require more knowledge on part of user, reduces memory consumption more tenfold. based on awt event model in combination sax. if need read-only access, best way it. however, may want double check first if issue somewhere else. check out this item : i think poi using memory! can do? 1 comes quite lot, reason isn't might think. so, first thing check - what's source of prob...
Read more

Unlimited choices in BASH case statement -

consider simple bash snippet: case $option in 1) image=${options[0]%.tar} ;; 2) image=${options[1]%.tar} ;; 3) image=${options[2]%.tar} ;; 4) image=${options[3]%.tar} ;; *) echo "invalid option" exit 1 esac in real script numbers goes 30. makes pretty long. can somehow specify cases variable? something this: case $option in $i) image=${options[$(($i-1))]%.tar} any pointer appreciated. you can match against multiple patterns in single clause: case $option in 1|2|3: echo "$option one, 2 or three" ;; esac if still typing you, can use simple pattern matching: case $option in # following matches # - single-digit numbers 0-9 # - two-digit numbers starting either 1 or 2 # - number 30 [0-9]|[12][0-9]|30) image=${options[$(($option-1))]%.tar} ;; *) echo "invalid option" 1>&2 exit 1 esac
Read more

apache - How do I stop my index.php being run twice for every user -

we've got webapp initial html served using apache , php. i noticed index.php being run twice every request. seems caused / effected rewrite rules in our .htaccess - rewritecond %{http_host} ^(www\.|hotels\.)ourdomain\.com$ [nc,or] rewritecond %{server_name} ^(www\.|hotels\.)ourdomain\.com$ [nc] rewriterule (.*) http://ourdomain.com/$1 [r=301] rewriterule ^hotels/([^/]+)/?\??(.*)$ ?d=$1&$2 [qsa] the final rule moving parameter url path query string. i.e. http://ourdomain.com/hotels/vegas?someparam=1 becomes http://ourdomain.com?d=vegas&someparam=1 if go directly query string version index.php run once. if use url redirected, index.php run twice (i'm checking adding error_log('end of index.php') file). so example going http://ourdomain.com/hotels/paris hits file twice http://ourdomain.com?d=paris hits once. i've seen this question , had @ blog mentioned , , can't find empty string url's (i've tried using yslow process). ...
Read more