Wednesday, October 20, 2010

All is Fair in Love and Debugging

lol, hacks. I was needing to make sure that a function was only being called from two unique places. Since it was an operator, RMB > Find All References in Visual Studio wouldn't work so I just grabbed the first two unique return addresses and broke if it wasn't either of those.
//Make sure there are only two calling functions:
unsigned lEIP = 0;

//return address is [EBP + 4]
__asm
{
  mov ecx, [ebp + 4]
  mov [lEIP], ecx
}

static unsigned lFirstEIP = lEIP;

if(lFirstEIP != lEIP)
{
  //There should only be two functions that call this:
  static unsigned lSecondEIP = lEIP;

  if(lEIP != lFirstEIP && lEIP != lSecondEIP)
    __debugbreak();
}

Just goes to show that it doesn't matter what types of hacks you do while debugging. Do anything it takes to get the information you need. In debugging, there's no such thing as a bad hack :)

EDIT:
Oh yeah, and I also found out a while ago about the _ReturnAddress() intrinsic and StackWalk64(). These are MUCH more reliable tools to acquire this information.
Posted by Zak Whaley at 1:02 PM

1 comment:

  1. Zak WhaleyOctober 20, 2010 at 8:16 PM

    Haha, Ramon just made me realize that for what I was needing all I had to do was change the name of the function and see where it didn't compile.

    Oh well, it was the first idea I had to debug the situation. At least the intent of the post remains.

    ReplyDelete

Subscribe to: Post Comments (Atom)