flat assembler
Message board for the users of flat assembler.

Index > Windows > stack reserve,commit

Author
Thread Post new topic Reply to topic
hopcode



Joined: 04 Mar 2008
Posts: 563
Location: Germany
hopcode
The following should create a process with a thread,
the stack should grow automatically because the sistem shift the page guard (raising a catchable exception) til up to the last-1 page that is reserved. After being reached that last reserved page it should raise a catchable EXCEPTION_STACK_ OVERFLOW. It crashes instead. Do someone know why on Vista 64 SP2 ?

Code:
 format  PE console
 entry start
 stack 10000h,1000h

start:
 sub esp,1000h
 mov dword[esp],1
 add esp,1000h
 sub esp,1001h
 mov dword[esp],1
 add esp,1001h
 sub esp,4000h
 mov dword[esp],1           ;<--- from here crash for violation
 add esp,4000h
 sub esp,5000h
 mov dword[esp],1
 add esp,5000h
 sub esp,8000h
 mov dword[esp],1
 add esp,8000h
 ret
    

Thanks,
hopcode
Post 27 Jan 2010, 03:12
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17476
Location: In your JS exploiting you and your system
revolution
hopcode: You can't grow your stack at more than 4k (0x1000) steps. The paging mechanism only sets a guard page at the page immediately below the current page. So if you skip a page then you get an access violation.

Also if you overflow the stack the Windows error handler can't get memory to allocate for itself and will die due to lack of memory, thus your app will simply disappear from the task list with no warning.
Post 27 Jan 2010, 03:31
View user's profile Send private message Visit poster's website Reply with quote
hopcode



Joined: 04 Mar 2008
Posts: 563
Location: Germany
hopcode
Yes, it is just as you say (and the manuals stated it).
In fact my question seems pointless because we (Windows users) are used to this wise mechanism.
Post 27 Jan 2010, 14:08
View user's profile Send private message Visit poster's website Reply with quote
baldr



Joined: 19 Mar 2008
Posts: 1651
baldr
revolution wrote:
hopcode: You can't grow your stack at more than 4k (0x1000) steps. The paging mechanism only sets a guard page at the page immediately below the current page. So if you skip a page then you get an access violation.
Yes and no. VirtualAlloc is your friend, you can manually commit needed range and set guard page (rather that generate several #PFs just to accomplish the same task, though latter method is less OS-specific).
hopcode wrote:
In fact my question seems pointless because we (Windows users) are used to this wise mechanism.
I doubt it's wiseness. Allocation works (almost) seamless, what about deallocation? Win32 implementation is one stack-hungry monster (look at MessageBoxW->MessageBoxExW->MessageBoxTimeoutW->MessageBoxWorker call chain, all parameters copying, easily eats at least two pages). Manual decommit can be done, though it's risky. Windows CE appears to have this functionality built-in.
Post 28 Jan 2010, 13:10
View user's profile Send private message Reply with quote
hopcode



Joined: 04 Mar 2008
Posts: 563
Location: Germany
hopcode
baldr wrote:
Yes and no. VirtualAlloc...

Right! (i wanted to be not so nitpicking! Cool ) anyway, i use already that functionality in my ide. reserve/commit -> decommit etc, avoiding handling SEH or setting a guard page flag,
baldr wrote:
...though it's risky...

Very Happy

Cheers,
hopcode
Post 28 Jan 2010, 15:35
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.