locked
Program crashes RRS feed

  • Question

  • Here is the code which tries to check the PE structure , but crashes with no clue where i went wrong

    #include <stdio.h>
    #include <windows.h>

    int main(int argc,char** argv)
    {
    HANDLE hFile;
    HANDLE hFileMapping;
    LPVOID pFileView;
    IMAGE_DOS_HEADER *pDosHeader;
    hFile=CreateFile(_T("c:\\sample.exe"),GENERIC_READ,FILE_SHARE_READ,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,NULL);
    if (hFile==INVALID_HANDLE_VALUE)
    {
        printf("INVALID HANDLE /n");
        exit(1);
    }
    hFileMapping=CreateFileMapping(hFile,NULL,0,0,0,NULL);

    pFileView=MapViewOfFile(hFileMapping,FILE_MAP_READ,0,0,200);

    pDosHeader=(IMAGE_DOS_HEADER*)pFileView;

    if(pDosHeader->e_magic='ZM')
    {
    printf("this has valid dos header/n");
    }

    }

    Saturday, February 9, 2008 7:24 PM

Answers

  • I see three problems:

     

    1. You are not checking the return value of CreateFileMapping(). It could be that hFileMapping is INVALID_HANDLE_VALUE and you need to call GetLastError().
    2. You are not checking the return value of MapViewOfFile(). If it returns NULL the next line will crash your program.
    3. Change pDosHeader->e_magic= to pDosHeader->e_magic==.

    Brian

    Sunday, February 10, 2008 12:04 AM

All replies

  • I see three problems:

     

    1. You are not checking the return value of CreateFileMapping(). It could be that hFileMapping is INVALID_HANDLE_VALUE and you need to call GetLastError().
    2. You are not checking the return value of MapViewOfFile(). If it returns NULL the next line will crash your program.
    3. Change pDosHeader->e_magic= to pDosHeader->e_magic==.

    Brian

    Sunday, February 10, 2008 12:04 AM
  • For one, you only have a single = in your if statement "if(pDoxHeader->e_magic = 'ZM')"

    I'm sure you probably wanted a double equals '=='

    Can you give us more information about the error message or crash?

    Sunday, February 10, 2008 12:17 AM
  • i made the changes

    1) checking the handler returned by MapviewofFile
    2)  == in pDosHeader->emagic

    now i am getting invalid handle returned from MapViewofFile

    changed the createfilemapping to
     DWORD flProtect, as PAGE_READONLY

    now its fixed
    Sunday, February 10, 2008 3:52 PM