Open NickSampanis opened 6 years ago
A small bug, that leads to out of bound memory access. Crashes when I use windbg with gflags.
kdclient64!memcpy+0x250: 000007fe`dc2642f0 488b440af8 mov rax,qword ptr [rdx+rcx-8] ds:00000000`36c19040=????????????????
backtrace
~kv dclient64!memcpy+0x250 [f:\dd\vctools\crt_bld\SELF_64_amd64\crt\src\amd64\memcpy.asm @ 344] 00000000`37ddf890 000007fe`dc25b5d6 : 00000000`34ab6cf0 000007fe`dc276e88 00000000`34ab6cf0 00000000`37ddfa70 : kdclient64!SessionNameFromVMWareCmdLineW+0x187 [e:\projects\sysprogs-github\virtualkd\kdclient\patchapi.cpp @ 159] 00000000`37ddf920 000007fe`dc254b91 : 00000000`37ddfa70 00000000`00000001 00000000`00000000 00000000`00000000 : kdclient64!SessionNameFromVMCmdLineW+0x1a6 [e:\projects\sysprogs-github\virtualkd\kdclient\patchapi.cpp @ 180] 00000000`37ddf9c0 00000000`773759cd : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kdclient64!PatcherThreadMain+0x101 [e:\projects\sysprogs-github\virtualkd\kdclient\kdclient.cpp @ 106]
The root cause of the bug is that you accidentally use sizeof(wchat_t *) instead of sizeof(wchat_t )
A small bug, that leads to out of bound memory access. Crashes when I use windbg with gflags.
backtrace
The root cause of the bug is that you accidentally use sizeof(wchat_t *) instead of sizeof(wchat_t )