Thread: Problem with referenced strings in Olly.
View Single Post
  #4  
Old 05-08-2006, 09:35
TQN TQN is offline
VIP
  
Join Date: Apr 2003
Location: Vietnam
Posts: 358
Rept. Given: 143
Rept. Rcvd 24 Times in 13 Posts
Thanks Given: 196
Thanks Rcvd at 168 Times in 51 Posts
TQN Reputation: 24
No, not a bug of OllyDbg. VC++ 8 optimize code by breaking the string "Hit any key to continue" to an array of dword, and move every dword to local buffer, work with this local buffer. It not directly access to the address of char done[100] in the readonly section (rdata).
Code:
.text:004012C0
.text:004012C0 main    proc near                       ; CODE XREF: start-14Ep
.text:004012C0
.text:004012C0 localBuffer= byte ptr -68h
.text:004012C0 stackMask= dword ptr -4
.text:004012C0
.text:004012C0         sub     esp, 68h
.text:004012C3         mov     eax, g_dwCookie
.text:004012C8         xor     eax, esp
.text:004012CA         mov     [esp+68h+stackMask], eax
.text:004012CE         mov     eax, dword ptr ds:szHitanykeytocontinue ; "Hit any key to continue"
.text:004012D3         mov     ecx, dword ptr ds:szHitanykeytocontinue+4
.text:004012D9         mov     edx, dword ptr ds:szHitanykeytocontinue+8
.text:004012DF         mov     dword ptr [esp+68h+localBuffer], eax
.text:004012E2         mov     eax, dword ptr ds:szHitanykeytocontinue+0Ch
.text:004012E7         push    4Ch                     ; size_t
.text:004012E9         mov     dword ptr [esp+6Ch+localBuffer+0Ch], eax
.text:004012ED         mov     dword ptr [esp+6Ch+localBuffer+4], ecx
.text:004012F1         mov     ecx, dword ptr ds:szHitanykeytocontinue+10h
.text:004012F7         mov     dword ptr [esp+6Ch+localBuffer+8], edx
.text:004012FB         mov     edx, dword ptr ds:szHitanykeytocontinue+14h
.text:00401301         lea     eax, [esp+6Ch+localBuffer+18h]
.text:00401305         push    0                       ; int
.text:00401307         push    eax                     ; void *
.text:00401308         mov     dword ptr [esp+74h+localBuffer+10h], ecx
.text:0040130C         mov     dword ptr [esp+74h+localBuffer+14h], edx
.text:00401310         call    memset
.text:00401310
.text:00401315         mov     ecx, ds:std::basic_ostream<char,std::char_traits<char>> std::cout
.text:0040131B         push    offset szThiswillbegone ; "\"This will be gone\"\n"
.text:00401320         push    ecx
.text:00401321         call    cout
.text:00401321
.text:00401326         mov     eax, ds:std::basic_ostream<char,std::char_traits<char>> std::cout
.text:0040132B         lea     edx, [esp+7Ch+localBuffer]
.text:0040132F         push    edx
.text:00401330         push    eax
.text:00401331         call    cout
.text:00401331
.text:00401336         push    offset szPAUSE          ; "PAUSE"
.text:0040133B         call    ds:system
.text:0040133B
.text:00401341         mov     ecx, [esp+88h+stackMask]
.text:00401348         add     esp, 20h
.text:0040134B         xor     ecx, esp
.text:0040134D         xor     eax, eax
.text:0040134F         call    stack_check
.text:0040134F
.text:00401354         add     esp, 68h
.text:00401357         retn
.text:00401357
.text:00401357 main    endp
.text:00401357
...........................
.rdata:0040213C szHitanykeytocontinue db 'Hit any key to continue',0 ; DATA XREF: main+Er
.rdata:0040213C                                         ; main+13r main+19r
.rdata:0040213C                                         ; main+22r
Regards,
Last edited by TQN; 05-08-2006 at 09:38.
Reply With Quote