D / B bit down and expand the experiment and summary

Others 2020-02-26 00:37:11 views: null

Windows kernel analysis index directory : https: //www.cnblogs.com/onetrainee/p/11675224.html

D / B bit down and expand the experiment and summary

A presentation, D / B bit

  D / B bits for the code segment, when it is D bits, when the data segment which is a B-site.

  For code segments, which will affect the addressing mode, the influence of the hard-coded prefix instruction; the data segment that represents a segment length, when the B bit is 0, indicating that the segment is a 16-bit segment, which at this time is inactive natural G of.

Second, there is an upward expansion and expanding downwardly (this is closely related to B-bit code segment) segment attribute code.

  Expanding upward [base, base + limit] is valid, the remaining void; expand down [base, base + limit] is invalid, the remaining effective.

   

Third, to expand upward and downward expansion experiment

To prove this theory, we carried out an experiment.

1. Source:

. 1 #include " the stdafx.h " 
2  
. 3  char g_buf [] = { 125 , 124 , 123 , 121 };
 . 4  int main ( int argc, char * the argv [])
 . 5  {
 . 6          the printf ( " address of the global variable is: 0x% p, please fill in the data segment descriptor 48 \ R & lt \ n- " , & g_buf);
 . 7          getchar ();
 . 8          char l_var = 0 ;
 . 9          char u_aa = 0 ;
 10         the __asm
 . 11          {
 12 is                  MOV AX, 0x48 
13 is                  MOV DS, AX
 14                  MOV Al, byte PTR DS: [ 0 ]
 15                  MOV Cl, byte PTR DS: [ . 1 ]
 16                  MOV u_aa, Cl
 . 17                  MOV l_var, Al
 18 is                  MOV AX, 0x23 
. 19                  MOV DS, AX
 20 is          }
 21 is          the printf ( " local variable values:% D% D \ R & lt \ n- " , l_var, u_aa);
 22 is         getchar();
23         return 0;
24 }

2. Experimental ideas

We according to the address configuration descriptor, the default expand upwards, if changed at this time to expand downward, then access the array certainly be wrong (is set to inaccessible).

3. The code segment template

We look for the code segment template 00cff300`0000ffff corresponding bit according ds

4. Run the program, view the address of the array is constructed descriptor

 00cff300`0000ffff -> 00cff342`5A30ffff (expand upward) -> 00cff742`5A30ffff (downward expansion)

5. Use windbg expand downward into the fill structure descriptor offset 0x48, and continue the program, display access exceptions, and to expand upward access exception descriptor does not appear

 

 

 

 

 

 

 

Guess you like

Origin www.cnblogs.com/onetrainee/p/12364694.html
Recommended
Ranking
[Algorithm] greedy _ program scheduling issues
Spring 控制反转(IOC)
Data structure-6.6 figure
Indicates that the class or member method has abstract properties
Huawei v5 server installed Linux operating system
Postgresql source code analysis - creating ordinary tables
Chapter 10 Evaluation Classification Results
Cloud service Ubuntu 20.04 version uses Nginx to deploy static web pages
Java Exercise 17.1
Solve the problem that git cannot automatically push submission in IDEA Push failed: Failed with error: Could not read from remote repository.
Daily
More
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)

Code World

© 2018 codetd.com