flat assembler
Message board for the users of flat assembler.

Index > Windows > bug in kernel?

Author
Thread Post new topic Reply to topic
b1528932



Joined: 21 May 2010
Posts: 287
b1528932 19 Aug 2010, 20:58
ive been looking around ntoskrnl.exe file, and ive found a bug.

import table is inside discardable seciton (INIT).
is t supposed to be this way?

afaik discardable section is freed after image is loaded into memory, so any later access to iat will result in page fault.
Post 19 Aug 2010, 20:58
View user's profile Send private message Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4624
Location: Argentina
LocoDelAssembly 19 Aug 2010, 21:14
Check if the POINTERS to functions are actually located there too. You'll probably find that only the function names are in the INIT section.

You may want to see http://board.flatassembler.net/topic.php?t=10989 , something near to this was discussed.
Post 19 Aug 2010, 21:14
View user's profile Send private message Reply with quote
b1528932



Joined: 21 May 2010
Posts: 287
b1528932 19 Aug 2010, 22:13
yes ur right, their are in another section.

but its not writeable, i guess it doesnt matter.
Post 19 Aug 2010, 22:13
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.