3

Closed

Crashed Notepad in Win 8 64-bit

description

I am trying version 2.7 or even 2.6 in Win 8 64-bit to hook draw text APIs (ExtextOutW), the target process is crashed every time.
Closed Feb 15, 2014 at 6:05 AM by spazzarama
Fixed in changeset 73837

comments

ngockimhoang wrote Oct 29, 2013 at 1:17 PM

I have the same problem, I attach EasyHook solution to the target process. When the crash happens, I got this error message "STATUS_STACK_BUFFER_OVERRUN encountered"

wrote Oct 29, 2013 at 1:18 PM

ngockimhoang wrote Oct 29, 2013 at 1:40 PM

This is the assembly when the crash happens.
        return DrawTextW(hDC, lpString, nCount, ref lpRect, uFormat);
00000e4c mov eax,dword ptr [rbp+00000350h]
00000e52 mov dword ptr [rsp+20h],eax
00000e56 mov r9,qword ptr [rbp+00000348h]
00000e5d mov r8d,dword ptr [rbp+00000340h]
00000e64 mov rdx,qword ptr [rbp+00000338h]
00000e6b mov rcx,qword ptr [rbp+00000330h]
00000e72 call FFFFFFFFFFEDBD88
00000e77 mov dword ptr [rbp+0000024Ch],eax [Crash in this line]
00000e7d mov eax,dword ptr [rbp+0000024Ch]
00000e83 mov dword ptr [rbp+0000029Ch],eax
00000e89 jmp 0000000000000E8B

wrote Nov 11, 2013 at 4:15 AM

wrote Feb 6, 2014 at 9:59 PM

wrote Feb 15, 2014 at 5:59 AM

Fixed on changeset 73837

wrote Feb 15, 2014 at 6:05 AM