1、测试代码:
#include "stdafx.h"
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
int _tmain(int argc, _TCHAR* argv[])
{
char *ptest = NULL;
char ch[] = {"test"};
strcpy_s(ptest,sizeof(ch),ch); //空指针崩溃
return 0;
}
2、转存dmp文件
3、用windbg打开 配置好符号和代码路径
需要windows符号的 在windbg里面添加如下:
Microsoft Public Symbols
Microsoft has a Web site that makes Windows symbols publicly available. You can refer directly to this site in your symbol path in the following manner:
set _NT_SYMBOL_PATH=srv*DownstreamStore*http://msdl.microsoft.com/download/symbols
DownstreamStore must specify a directory on your local computer or network that will be used to cache symbols. This downstream store holds symbols that the debugger has accessed; the vast majority of symbols that have never been accessed remain on the symbol store at Microsoft. This keeps your downstream store relatively small and allows the symbol server to work quickly, only downloading each file once.
To avoid typing this long symbol path, use the .symfix (Set Symbol Store Path) command. The following command appends the public symbol store to your existing symbol path:
.symfix+ DownstreamStore
Note To successfully access Microsoft's public symbol store, you will need a fast internet connection. If your internet connection is only 56 Kps or slower, you should install Windows symbols directly onto your hard drive. For details, see Installing Windows Symbol Files.
For more information about the public symbol store, see the Windows Symbols Web site.
4、打开dmp 输入!analyze -v
FAULTING_IP:
msvcr90!crt_debugger_hook+0
73831661 8325a0d7857300 and dword ptr [msvcr90!_pioinfo+0x100 (7385d7a0)],0
EXCEPTION_RECORD: ffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 73831661 (msvcr90!crt_debugger_hook)
ExceptionCode: 80000003 (Break instruction exception)
ExceptionFlags: 00000000
NumberParameters: 1
Parameter[0]: 00000000
//大概意思就是第一个参数空 所以导致异常。
DEFAULT_BUCKET_ID: WRONG_SYMBOLS
PROCESS_NAME: test_task.exe
ADDITIONAL_DEBUG_TEXT:
Use '!findthebuild' command to search for the target build information.
If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols.
MODULE_NAME: msvcr90
FAULTING_MODULE: 772b0000 ntdll
DEBUG_FLR_IMAGE_TIMESTAMP: 5a7d2648
ERROR_CODE: (NTSTATUS) 0x80000003 - {
EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - <Unable to get error code text>
EXCEPTION_PARAMETER1: 00000000
FAULTING_THREAD: 00001fc8
PRIMARY_PROBLEM_CLASS: WRONG_SYMBOLS
BUGCHECK_STR: APPLICATION_FAULT_WRONG_SYMBOLS
LAST_CONTROL_TRANSFER: from 737f6d36 to 73831661
STACK_TEXT:
WARNING: Stack unwind information not available. Following frames may be wrong.
0102f7f0 737f6d36 00000000 00000000 00000000 msvcr90!crt_debugger_hook
0102f818 00f2102f 00000000 00000005 0102f82c msvcr90!strcpy_s+0x2c
0102f834 00f211ac 00000001 01644c88 01647840 test_task!wmain+0x2f [d:\xx\test_task\test_task\test_task.cpp @ 21]
0102f878 770c8484 00cb1000 770c8460 02ae50ab test_task!__tmainCRTStartup+0x10f [f:\dd\vctools\crt_bld\self_x86\crt\src\crtexe.c @ 583]
0102f88c 77312fea 00cb1000 029cad00 00000000 kernel32!BaseThreadInitThunk+0x24
0102f8d4 77312fba ffffffff 7732ec2b 00000000 ntdll!RtlValidSecurityDescriptor+0x11a
0102f8e4 00000000 00f212f4 00cb1000 00000000 ntdll!RtlValidSecurityDescriptor+0xea
STACK_COMMAND: ~0s; .ecxr ; kb
FOLLOWUP_IP:
msvcr90!crt_debugger_hook+0
73831661 8325a0d7857300 and dword ptr [msvcr90!_pioinfo+0x100 (7385d7a0)],0
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: msvcr90!crt_debugger_hook+0
FOLLOWUP_NAME: MachineOwner
IMAGE_NAME: msvcr90.dll
BUCKET_ID: WRONG_SYMBOLS
FAILURE_BUCKET_ID: WRONG_SYMBOLS_80000003_msvcr90.dll!crt_debugger_hook
WATSON_STAGEONE_URL: http://watson.microsoft.com/StageOne/test_task_exe/0_0_0_0/5b3c6545/msvcr90_dll/9_0_30729_9415/5a7d2648/80000003/00071661.htm?Retriage=1
Followup: MachineOwner
---------
0102f818 00f2102f 00000000 00000005 0102f82c msvcr90!strcpy_s+0x2c
从第三个参数开始 表示strcpy_s三个参数 {ptest,5,"test"}
在命令行输入 da da 0102f82c 可以验证参数 此处只验证第三个参数!别的自行验证!
0:000> da 0102f82c
0102f82c "test"
5、说明strcpy_s第一参数为空,导致拷贝异常崩溃!