Results 1 to 12 of 12

Thread: Identify an address in the source code

  1. #1
    aureliuh
    Guest

    Identify an address in the source code

    Hello to everyone. For a long time I have a problem with debuging my application. Sometimes I get Access Violation and an address. Could anyone tells me if there is any chance to find out the name of the function which generate the access violation or any usefull information to debug my source code?

    Thank you very much
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    If it's your own code, try Numega Devpartner/Boundschecker.

    Alternatively, please wait while we reboot JMI...
    Still here...

  3. #3
    aureliuh
    Guest
    The problem is that the source code are written in borland c++ 6. So I don't think it could help me. Thank you very much anyway. I taught that there is any possibility to include in exe my comments from the source code so I could find the function.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    Naides is Nobody
    Join Date
    Jan 2002
    Location
    Planet Earth
    Posts
    1,647
    Ummhh. . .
    You are describing the vane of the debugging world.
    Question 1: Is the access violation address always the same? or at least within a narrow range?

    Step A: in that case disassemble your app with IDA, search for the address and you may get near the code that generates the exception. IDA will tell you the name of the function.

    If the reported address varies wildly with each crash, chances are the code generating the address is located in the heap ie, it belongs to an object that is created on the fly, at runtime.
    Those bugs are much more challenging.
    What I would do is assign Olly as the "just in time" debugger and when the exception hits, accept the choice of running Olly. Look at the code pattern that generated the error . Then try to locate that code pattern in the disassembly, by going to step A

  5. #5
    Surely if it's your own code, then all you need to do is enable debug output, and you'll be able to get an address for each line of source.

    In either case, running it in Ollydbg should tell you exactly what it threw an exception, and point to the offending code.

  6. #6
    aureliuh
    Guest
    Hmmm.. It sounds very good I will try that. But I have another question..maybe very stupid. How do I link the ollydbg to the source codes? Or just see the address where it crashes and then search for it in debugoutput?

    Thank you
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    Super Moderator
    Join Date
    Dec 2004
    Posts
    1,524
    Blog Entries
    15
    Code:
    \aureliah>type aureliah.c
    #include <stdio.h>
    
    int main (void)
    
    {
            long access=0;
            printf("hello aureliah\n");
            printf("wanna violate access\n");
            printf("%x\n",*(long *)access);
            printf("the above code violates your access\t Didnt it?\n");
            return 0;
    }
    \aureliah>aureliah
    
    
    hello aureliah
    wanna violate access
    
    \aureliah>
    i dont think you could expect anything more than this
    yeah im using bcc v6 is clickety click bpl bloat im using free commandline v 5.5
    Attached Images Attached Images  
    Last edited by blabberer; April 27th, 2007 at 10:35.

  8. #8
    aureliuh
    Guest
    Thank you very much for all! It really helped me! You are great! Thanks again
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  9. #9
    Registered User
    Join Date
    Aug 2005
    Location
    Greece
    Posts
    157
    What you need is http://www.madshi.net/madExceptDescription.htm
    A picture worth 1K words (or .5K DWORDS).

  10. #10
    Look at the code around the address, and see if you can figure out what it's doing (find anything distinctive, like some constants you recognise, etc.) API calls are usually a good place to correlate between the source and the Asm. If all else fails embed variable assignments with unique values like this:
    Code:
    a = 0xdeadbeef;
    ...
    a = 0xcafebabe;
    ...and look for those in the Asm.

    Also, compilers tend to generate code in the order the source file describes. If the exception occurs at an address near the end of the program, then look at the end of the source, and vice versa.

  11. #11
    for stuff like that, I normally ask the compiler to embed assembler and use some distinctive opcodes, such as "or al, al; nop; or al, al". These can be easily searched for by a debugger. The usual reason for this is when I'm trying to figure out and optimise the assembler output of the compiler (and the built in one is usually complete crap compared to the likes of Ollydbg)

  12. #12
    Options - linker - generate MAP file
    Vulnerant omnes, ultima necat.

Similar Threads

  1. Dll source code
    By w_a_r_1 in forum The Newbie Forum
    Replies: 6
    Last Post: July 1st, 2009, 15:07
  2. I want to look at source code
    By mdhakk in forum The Newbie Forum
    Replies: 7
    Last Post: March 19th, 2005, 22:52
  3. RTA 1.20 source code release
    By squidge in forum Tools of Our Trade (TOT) Messageboard
    Replies: 3
    Last Post: December 26th, 2003, 06:56
  4. How can i see the source code of a webpage?
    By KiSCiX in forum Malware Analysis and Unpacking Forum
    Replies: 1
    Last Post: March 13th, 2001, 03:26

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •