What is causing the read error?

D

Denis Goncharenko2018-05-31 14:12:26

C++ / C#

Denis Goncharenko, 2018-05-31 14:12:26

The code:

unsigned char source[] = { ... };
    int sourceSize = sizeof(source);
    DWORD old_protect;
    VirtualProtect(&source, sourceSize, PAGE_EXECUTE_READWRITE, &old_protect);
    void(*f)() = (void(*)()) &source;
    f();

Problem:

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

M

Mercury13, 2018-05-31
@Mercury13

You compile the function to binary and call it in place. So there are questions.
1. Did the functions provide the correct calling convention?
It seems to me that with such manual compilation it is easier to work with the PASCAL or STDCALL convention - well, the jester knows it.
2. VirtualProtect works with entire pages. So on a piece of memory from the data segment (well, or from the stack, I don’t see the full code), at best it will fail, at worst it will do nothing. Check if there was an error.
3. The first parameter must be source, not &source.

P

Pavel Kaptur, 2018-05-31
@drem1lin

In addition to Mercury13, the penultimate line should be void(*f)() = (void(*)()) source;
In general, it is better to select a separate page, copy the shell there, and then call