qiling icon indicating copy to clipboard operation
qiling copied to clipboard

Published 20 hours ago verified publisher icon qilingframework

Emulate binary with stack canary cause error

Open anaivebird opened this issue 3 years ago • 2 comments

Describe the bug Error when stack canary is used by program unicorn.unicorn.UcError: Invalid memory read (UC_ERR_READ_UNMAPPED)

Sample Code

mov     esi, large gs:14h
mov     [esp+38h], esi

on ida pro:
anonymous3 = __readgsdword(0x14u);

anaivebird avatar Mar 21 '21 18:03 anaivebird

could you provide qiling log or the binary you run?

wtdcode avatar Mar 22 '21 02:03 wtdcode

I'm having an issue I suspect is the same. Invalid memory read from 0x13. I've put in a hook_mem_unmapped()

larsw avatar Jul 14 '22 16:07 larsw

Will you be able to try the latest version of Qiling and see if you still face same issue. There is lots of rework since 2021. Feel free to open a new issue if you have any similar problem.

xwings avatar Oct 06 '22 03:10 xwings