Hey all :) I have a problem my src pointer of memcpy is pointing wrong.
unsigned char* lpBuffer is a buffer that contains my bytes, i checked with olly.
The code:
IMAGE_DOS_HEADER iDOSh;
memcpy(&iDOSh,lpBuffer,sizeof(iDOSh));
The problem is that lpBuffer points wrong, output from debugger is
dest = 002859E8 RIGHT
src = 000001D8 FALSE
src is pointing invalid :( i have no idea why
Thanks for reading
Why do you check with ollydbg but not something more convenient?? Trace your steps in your IDE. A pointer's value can't change become invalid when you pass it to memcpy function (because it's passed by value), so it means it has been invalid right before that memcpy call.
Unfortunately your code covers only that obvious memcpy call where "nothing can go wrong".
Also to mention, that strange 0x00000YY value for your pointer actually signs that something went wrong and probably you have invalid type cast somewhere in your code (or something like that).
Check the value of lpBuffer immediately before you call memcpy and again immediately afterwards. Does it change?
If it changes, the only thing that could have changed the value in lpBuffer is the memcpy, which means that you are overwriting it in the call (i.e. it's not doing what you think it's doing ... double check your parameters).
My guess, though, looking at your code is that is probably not changing in the call to memcpy. That is, if checking the value of lpBuffer immediately before and after shows it to be unchanged, you are inadvertantly changing it prior to calling memcpy. You'll need to track that change down.
I think you are debugging in assembly calling C functions and trying to trace that with ollydbg (I just looked up what it is and based this assumption on their feature list). This is very difficult to do.
I suggest that you do:
...
void print_ptr(void * p) {
fprintf(stderr, "%p\n", p);
}
...
IMAGE_DOS_HEADER iDOSh;
print_ptr(lpBuffer);
memcpy(&iDOSh,lpBuffer,sizeof(iDOSh));
print_ptr(lpBuffer);
If you aren't actually able to print things that will be ok. Just make the functions extern to the file with the memcpy in question and it will force the compiler to load the value into the location which holds the first parameter. You should be able to observe this in your debugger.
The likelihood the memcpy (from any reasonable C library) is actually doing something wrong is very very low.
If I had to guess what is going wrong it would be that lpBuffer is not actually supposed to be a void * but a linker label for a memory location. In that case you might should try declaring it as:
extern char lpBuffer[];
and do your memcpy as
memcpy(&iDOSh,lpBuffer,sizeof(iDOSh));
or
extern IMAGE_DOS_HEADER lpBuffer;
and do your memcpy as
memcpy(&iDOSh,&lpBuffer,sizeof(iDOSh));