Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Suppose I have a function called “Overflow” in a DLL called “Overflow.dll” but I don’t have its PDBs.
I know I can get the address it starts in with “GetProcAddress”, but can I get somehow the address where it ends or its size?
(C++ in windows)
The reason I ask this is that I have an address and I want to know if it is inside my specific function. So I assume (and please correct me if I’m wrong) that the address is in my function if:
StartAddress <= My Address <= EndAddress
thanks 🙂
I’m “correcting”. The issue is that it’s extremely unlikely that your function has no function calls inside of itself. For example, the position could be inside of a
printfcall called by your function, but the instruction pointer would not be in your function itself.You could implement a parser for x86 instructions that looks for the return instruction to find the end address, assuming you know there is only one return in the function. If you don’t know that there’s only one return, then you need the PDBs.