调试达人来看。
贪食蛇男 2011-06-25 10:43:42 抓取 dump 文件经分析,栈是这样的:
00043428 1001b7ee 00043440 10036e52 00043470 docsafe!_woutput+0x10
00043460 10006d19 00043488 10036e50 00000108 docsafe!swprintf+0x2e
000436a0 1000adaa 00000003 80000000 80000000 docsafe!GetBTmpF+0x59 [D:\cis7encrypt\Encrypt\hooktool_morefun\_win32.cpp @ 3524]
*** ERROR: Symbol file could not be found. Defaulted to export symbols for HaxFile.dll -
00044040 00f45f4d 0013cedc 80000000 00000001 docsafe!GXXX_CreateFileW+0x9fa [D:\cis7encrypt\Encrypt\hooktool_morefun\_win32.cpp @ 7381]
WARNING: Stack unwind information not available. Following frames may be wrong.
0013cedc 0044005c 0063006f 006d0075 006e0065 HaxFile!RefreshSerial+0xad
003a0043 e1081800 432eb0bb 010001e1 7370a800 <Unloaded_ion.dll>+0x44005b
003a0047 432eb0bb 010001e1 7370a800 452830e1 0xe1081800
003a004b 010001e1 7370a800 452830e1 010003e1 <Unloaded_ion.dll>+0x432eb0ba
003a004f 7370a800 452830e1 010003e1 e1094000 <Unloaded_ion.dll>+0x10001e0
003a0053 452830e1 010003e1 e1094000 432eb0bb 0x7370a800
003a0057 010003e1 e1094000 432eb0bb 010001e1 <Unloaded_ion.dll>+0x452830e0
003a005b e1094000 432eb0bb 010001e1 486c0800 <Unloaded_ion.dll>+0x10003e0
003a005f 432eb0bb 010001e1 486c0800 452830e1 0xe1094000
003a0063 010001e1 486c0800 452830e1 010003e1 <Unloaded_ion.dll>+0x432eb0ba
003a0067 486c0800 452830e1 010003e1 e10a8800 <Unloaded_ion.dll>+0x10001e0
003a006b 452830e1 010003e1 e10a8800 432eb0bb 0x486c0800
003a006f 010003e1 e10a8800 432eb0bb 010001e1 <Unloaded_ion.dll>+0x452830e0
003a0073 e10a8800 432eb0bb 010001e1 4df18800 <Unloaded_ion.dll>+0x10003e0
003a0077 432eb0bb 010001e1 4df18800 452830e1 0xe10a8800
003a007b 010001e1 4df18800 452830e1 010003e1 <Unloaded_ion.dll>+0x432eb0ba
003a007f 4df18800 452830e1 010003e1 e306e800 <Unloaded_ion.dll>+0x10001e0
003a0083 452830e1 010003e1 e306e800 432eb0bb 0x4df18800
003a0087 010003e1 e306e800 432eb0bb 010001e1 <Unloaded_ion.dll>+0x452830e0
003a008b e306e800 432eb0bb 010001e1 76618800 <Unloaded_ion.dll>+0x10003e0
003a008f 432eb0bb 010001e1 76618800 452830e1 0xe306e800
003a0093 010001e1 76618800 452830e1 010003e1 <Unloaded_ion.dll>+0x432eb0ba
003a0097 76618800 452830e1 010003e1 e3081800 <Unloaded_ion.dll>+0x10001e0
003a009b 452830e1 010003e1 e3081800 432eb0bb 0x76618800
003a009f 010003e1 e3081800 432eb0bb 010001e1 <Unloaded_ion.dll>+0x452830e0
003a00a3 e3081800 432eb0bb 010001e1 43919000 <Unloaded_ion.dll>+0x10003e0
003a00a7 432eb0bb 010001e1 43919000 452830e1 0xe3081800
003a00ab 010001e1 43919000 452830e1 010003e1 <Unloaded_ion.dll>+0x432eb0ba
003a00af 43919000 452830e1 010003e1 e3094000 <Unloaded_ion.dll>+0x10001e0
003a00b3 452830e1 010003e1 e3094000 432eb0bb <Unloaded_ion.dll>+0x43918fff
003a00b7 010003e1 e3094000 432eb0bb 010001e1 <Unloaded_ion.dll>+0x452830e0
......
003a01fb 020001e1 44cd4800 452830e1 010003e1 shell32!_pRawDllMain <PERF> (shell32+0x5da0bc)
003a01ff 44cd4800 452830e1 010003e1 1c081800 <Unloaded_ion.dll>+0x20001e0
003a0203 452830e1 010003e1 1c081800 7db6a0bc <Unloaded_ion.dll>+0x44cd47ff
003a0207 010003e1 1c081800 7db6a0bc 010001e1 <Unloaded_ion.dll>+0x452830e0
003a020b 1c081800 7db6a0bc 010001e1 4cf12800 <Unloaded_ion.dll>+0x10003e0
003a020f 7db6a0bc 010001e1 4cf12800 452830e1 <Unloaded_ion.dll>+0x1c0817ff
003a0213 010001e1 4cf12800 452830e1 010003e1 shell32!_pRawDllMain <PERF> (shell32+0x5da0bc)
003a0217 4cf12800 452830e1 010003e1 1c094000 <Unloaded_ion.dll>+0x10001e0
003a021b 452830e1 010003e1 1c094000 7db6a0bc 0x4cf12800
003a021f 010003e1 1c094000 7db6a0bc 010001e1 <Unloaded_ion.dll>+0x452830e0
003a0223 1c094000 7db6a0bc 010001e1 49212800 <Unloaded_ion.dll>+0x10003e0
003a0227 7db6a0bc 010001e1 49212800 452830e1 <Unloaded_ion.dll>+0x1c093fff
003a022b 010001e1 49212800 452830e1 010003e1 shell32!_pRawDllMain <PERF> (shell32+0x5da0bc)
报 Stack Overflow ,看来是递归之类导致的栈溢出?
shell32!_pRawDllMain 是做什么的?
这是从客户机器上抓的 dump 文件,我这边没有所谓的 Unloaded_ion.dll。
栈在 unloaded_ion.dll 里太深了,最后竟然出来了,跑到我的DLL里,并在我的DLL里正常压栈导致栈溢出?
求调试达人讲解