Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix breakpointexception problem #326

Merged
merged 1 commit into from
Dec 13, 2023
Merged

Fix breakpointexception problem #326

merged 1 commit into from
Dec 13, 2023

Conversation

xmaple555
Copy link
Member

Description

bp ntopenprocess
!epthook ntopenprocess
event d 0
g

would cause debugger to get stuck. The reason is that DebuggingCallbackHandleBreakpointException doesn't handle 0xcc if there is an event at the rip address.

BTW, is it always safe to read RIP's byte without checking whether is valid in IdtEmulationHandleExceptionAndNmi ?

@SinaKarvandi SinaKarvandi merged commit 1d38730 into HyperDbg:dev Dec 13, 2023
3 checks passed
@SinaKarvandi
Copy link
Member

SinaKarvandi commented Dec 19, 2023
edited

Sorry, I didn't see the question.

BTW, is it always safe to read RIP's byte without checking whether it is valid in IdtEmulationHandleExceptionAndNmi ?

Yes, it is. Generally, we shouldn't read the memory directly from VMX-root mode. However, reading using HyperDbg memory routines like MemoryMapperReadMemorySafeOnTargetProcess is always safe and won't crash the system even if the target address is invalid.

@SinaKarvandi SinaKarvandi mentioned this pull request Dec 19, 2023
Merged
SinaKarvandi added a commit that referenced this pull request Dec 19, 2023
@SinaKarvandi
v0.7.1
59d224e 
## [0.7.1.0] - 2023-12-20
New release of the HyperDbg Debugger.

### Changed
- Fix the single core broadcasting events issue ([link](ab95cd7))
- Evaluate the '.pagin' ranges as expressions ([link](ab95cd7))
- Add hexadecimal escape sequence as string parameter for string functions ([link](60fbec6))
- Add hexadecimal escape sequence as wstring parameter for wstring functions ([link](e6dbc3f))
- Fix breakpoint and the '!epthook' problems in the same address ([link](#326))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@xmaple555 @SinaKarvandi