February 2, 2006

Again a new version of dbghelp.dll... again a new bug...

If the WinDbg-Team releases a new version (v6.6.03.5), we all need to shiver about possible new bugs… and after running my stackwalker, which is completely based on dbghelp.dll (which is part of windbg), it does not display the module-infos correctly… so the search for the reason starts again…

After creating a small repro-code the problem seems to be inside SymGetModuleInfo64
Here is the repro-code:

  #include <atlbase.h>

  #include <atlconv.h>
  #include <windows.h>
  #include <tchar.h>
  #include <assert.h>
  #include <tlhelp32.h>
  #include <dbghelp.h>
  #pragma comment(lib, "dbghelp.lib")

  int _tmain()
  {
    HANDLE hProc = GetCurrentProcess();
    BOOL bRet = SymInitialize(hProc, "F:\Test\CPP_Console\Debug", FALSE);
    assert(bRet != FALSE);
    HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, GetCurrentProcessId());
    assert(hSnap != INVALID_HANDLE_VALUE);

    MODULEENTRY32 exeMod;
    exeMod.dwSize = sizeof(exeMod);
    bRet = Module32First(hSnap, &exeMod);
    assert(bRet != FALSE);
    CloseHandle(hSnap);

    DWORD64 baseAddr = SymLoadModule64(hProc, NULL,
      CT2CA(exeMod.szExePath), CT2CA(exeMod.szModule),
      (DWORD64) exeMod.modBaseAddr, exeMod.modBaseSize);
    assert(baseAddr != 0);
    IMAGEHLP_MODULE64 modInfo;
    ZeroMemory(&modInfo, sizeof(modInfo));
    modInfo.SizeOfStruct = sizeof(modInfo);
    bRet = SymGetModuleInfo64(hProc, baseAddr, &modInfo);
    assert(bRet != FALSE);
    SymCleanup(hProc);
    return 0;
  }

Currently I can´t recommend to use the new dbghelp.dll…

It gets even worser! The function also overwrites memory… just replace the “modInfo” parameter with a dynamically allocated struct, so the CRT can check if someone wrote after the allocated area… then you will get Heap block at 00AB2F80 modified at 00AB31F4 past requested size of 26c

  IMAGEHLP_MODULE64 *modInfo = new IMAGEHLP_MODULE64;
  ZeroMemory(modInfo, sizeof(IMAGEHLP_MODULE64));
  modInfo->SizeOfStruct = sizeof(IMAGEHLP_MODULE64);
  bRet = SymGetModuleInfo64(hProc, baseAddr, modInfo);
  delete modInfo;

My conslusion: Please do not use the new dbghelp.dll!!!


Posted 1 year, 11 months ago on February 2, 2006
The trackback url for this post is http://blog.kalmbachnet.de/bblog/trackback.php/67/
Re: Again a new version of dbghelp.dll... again a new bug...
It seems that this is a BETA version!!! Please read "redist.txt"! See also: http://groups.google.de/group/microsoft.public.windbg/msg/53bec66b3d32c150
Posted 1 year, 11 months ago by Jochen Kalmbach • • wwwReply
Comment Trackback URL : http://blog.kalmbachnet.de/bblog/trackback.php/67/370/
Re: Again a new version of dbghelp.dll... again a new bug...
Jochen, I would like to thank you for your efforts! With almost every new release DbgHelp developers forget about backward compatibility, and every time there is you who forces them to fix bugs and ensure that old code still works. Good luck!
Posted 1 year, 11 months ago by Oleg Starodumov • • wwwReply
Comment Trackback URL : http://blog.kalmbachnet.de/bblog/trackback.php/67/371/

Comments have now been turned off for this post