Comments (6)
Are you running without page heap? If so, you won't see proper results. I'll update the documentation to mention this explicitly. You can use pageheap.cmd to turn it on.
from bugid.
Derp. OK, I just manually turned on pageheap with +02109870 for the test binary. The UAF now "works", but I am seeing more failures:
EDIT: are these failures? If not it's confusing output ;)
c:\BugId-master>Tests.py
* Starting tests...
cdb:stderr>R6025
cdb:stderr>- pure virtual function call
- AccessViolation READ 1 =AMD64=> AVR:NULL+X
=> A34E AVR:NULL+ODD Tests_x64.exe!wmain (Access violation while reading memory at 0x1 using a NULL ptr)
c:\BugId-master>Tests.py
* Starting tests...
cdb:stderr>R6025
cdb:stderr>- pure virtual function call
- AccessViolation READ FFFFFFFFFFFFFFFF =AMD64=> AVR:NULL-X
=> A34E AVR:NULL-ODD Tests_x64.exe!wmain (Access violation while reading memory at 0xFFFFFFFFFFFFFFFF using a NULL ptr)
from bugid.
That's my bad: I made some changes to the code to replace +/-X with +/-ODD/EVEN and forgot to include the update to the tests in my commit. It's already fixed, but I haven't uploaded the code and won't be able to do so until next week....
You can manually replace +X with +ODD/+EVEN as needed in tests.py or wait for my commit next week... Sorry about that :S
from bugid.
Confirm - replaced all -X with -ODD and I get a clean pass. Thanks for the help! I will leave this open in case anyone else hits it...
from bugid.
... And as reminder for me to commit this :) thank you for the feedback,
much appreciated!
On Sep 22, 2015 11:11 AM, "Ben Nagy" [email protected] wrote:
Confirm - replaced all -X with -ODD and I get a clean pass. Thanks for the
help! I will leave this open in case anyone else hits it...—
Reply to this email directly or view it on GitHub
#2 (comment).
from bugid.
I've updated the documentation to explain the use of pageheap.cmd and gflags.exe. I've also uploaded the fix for the +X/+ODD/+EVEN bug.
The tests.py output leaves some things to be desired and not all tests are working as expected yet. I hope to improve it over time. (Yes, those were errors)
from bugid.
Related Issues (20)
- cdb.exe `lmov` command may hang and should be replaced with Python code to collect the information directly. HOT 6
- BugId gets stuck when a sub process terminate HOT 2
- unsupported operand type(s) for <<: 'list' and 'int' HOT 2
- Undefined variable sFastFailCodeDescription. HOT 1
- NameError("name 'u0NumberOfRepeats' is not defined") HOT 2
- Why is including the offset beyond buffer in the bug id needed? HOT 2
- Unrecognised instruction disassembly line HOT 10
- mDebugOutput must use `inspect.signature` instread of `inspect.getargspec` HOT 3
- Handle non-internal, non-product modules better HOT 4
- BugId fails with error: "Command output does not start with marker b'=<[{START}]>=': b'*** ERROR: Sy'" HOT 11
- Fatal exceptions.AttributeError Exception HOT 4
- BugId fails with error: "No module for cdb id 'ntdll'" HOT 6
- BugId fails with error: "Numeric expression missing" HOT 1
- Question: Why does a process need to be suspended before bugid can attach to it? HOT 1
- BugId occasionally hangs when a child process is invoked
- stat: path should be string, bytes, os.PathLike or integer, not NoneType HOT 4
- BugId as a JIT Debugger not working HOT 3
- BugId fails with error: Unrecognized !heap output HOT 3
- BugId fails with Assertion: uAddress is not a valid 32-bit pointer!
- BugId fails with error: "NoneType instance has no attribute bAllocated" HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bugid.