flat assembler
Message board for the users of flat assembler.

Index > Main > Program fails on invoke ExitProcess, 0

Author
Thread Post new topic Reply to topic
DSblizzard



Joined: 23 Oct 2019
Posts: 15
Location: Ryazan, Russia
DSblizzard 02 Dec 2019, 18:56
Program executes all instructions before
Code:
invoke ExitProcess, 0    

but on this command fails. Is it definitely bug in fasm, or it can be something on my side? Program is ~3500 lines, so I'm lazy to locate bug more precisely.
Post 02 Dec 2019, 18:56
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20212
Location: In your JS exploiting you and your system
revolution 02 Dec 2019, 19:40
In theory ExitProcess cannot fail. It should close the program and all open resources without ever returning.

But what do you mean by "fails"? Crashes? Won't close? Something else?

Try to cut down your code to the minimal code that produces the failure. Post your code here and we might be able to help.
Post 02 Dec 2019, 19:40
View user's profile Send private message Visit poster's website Reply with quote
DSblizzard



Joined: 23 Oct 2019
Posts: 15
Location: Ryazan, Russia
DSblizzard 02 Dec 2019, 20:01
Windows message box "Прекращена работа программы 1.exe" ("The program 1.exe stopped" or something like this)
Details: (sorry, in Russian)
Сигнатура проблемы:
Имя события проблемы: APPCRASH
Имя приложения: 1.exe
Версия приложения: 0.0.0.0
Отметка времени приложения: 5de55d1c
Имя модуля с ошибкой: ntdll.dll
Версия модуля с ошибкой: 6.1.7601.23915
Отметка времени модуля с ошибкой: 59b94ee4
Код исключения: c0000005
Смещение исключения: 000000000004e664
Версия ОС: 6.1.7601.2.1.0.256.48
Код языка: 1049
Дополнительные сведения 1: b31c
Дополнительные сведения 2: b31cfdaf05d416b0a7d396d7b4049a84
Дополнительные сведения 3: 90e7
Дополнительные сведения 4: 90e75a2f5888e05373d1c95572b47705
Post 02 Dec 2019, 20:01
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20212
Location: In your JS exploiting you and your system
revolution 02 Dec 2019, 20:28
That is a crash.

So you might have corrupted your import section and the pointer to ExitProcess leads to an unknown place.
Post 02 Dec 2019, 20:28
View user's profile Send private message Visit poster's website Reply with quote
DSblizzard



Joined: 23 Oct 2019
Posts: 15
Location: Ryazan, Russia
DSblizzard 03 Dec 2019, 08:33
I printed values of ExitProcess and [ExitProcess] after entry point of program and just before "invoke ExitProcess, 0". They are preserved. But ExitProcess is different from its value in "empty" program.
Post 03 Dec 2019, 08:33
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20212
Location: In your JS exploiting you and your system
revolution 03 Dec 2019, 08:43
Because of ASLR you can get different values for the API calls.

Are you sure it is ExitProcess? That would be very unlikely IMO. Perhaps you have another problem.
Post 03 Dec 2019, 08:43
View user's profile Send private message Visit poster's website Reply with quote
DimonSoft



Joined: 03 Mar 2010
Posts: 1228
Location: Belarus
DimonSoft 03 Dec 2019, 09:31
Heap corruption?
Post 03 Dec 2019, 09:31
View user's profile Send private message Visit poster's website Reply with quote
edfed



Joined: 20 Feb 2006
Posts: 4330
Location: Now
edfed 03 Dec 2019, 10:14
try it with ollydbg or ida
Post 03 Dec 2019, 10:14
View user's profile Send private message Visit poster's website Reply with quote
DSblizzard



Joined: 23 Oct 2019
Posts: 15
Location: Ryazan, Russia
DSblizzard 03 Dec 2019, 11:38
Thank you all, especially DimonSoft. I reduced program, then printed addresses in all mov [], ... commands, and finally spot the problem: in malloc size was assumed 8 bytes but really it was 16 - type and value.
Post 03 Dec 2019, 11:38
View user's profile Send private message Reply with quote
guignol



Joined: 06 Dec 2008
Posts: 763
guignol 04 Dec 2019, 09:51
reminds of a waitress in a diner
Post 04 Dec 2019, 09:51
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.