Reputation: 1
x86 syscalls access violation writing location
I'm working on a small project aiming to grab syscall ids from ntdlls exports then doing some shenanigans to map the arguments properly to call it. It seems I'm doing everything correctly however I'm getting an unhandled exception in my asm.
source code:
mov edx , ecx
pop ecx
pop eax
mov DWORD PTR [esp] , ecx ; Access violation writing location 0x0000F8B8.
mov eax , DWORD PTR [esp+18h]
code from disassembly:
mov dx,cx
pop cx
pop ax
mov word ptr [si],cx ; Access violation writing location 0x0000F8B8.
and al,67h
mov ax,word ptr [esp+18h]
EAX = 00007B00 EBX = 00000000 ECX = 001F59F5 EDX = 43D2FFFF ESI = 43D2F8B8
EDI = 43D2F450 EIP = 7B010CAD ESP = 43D2F33C EBP = 43D2F450 EFL = 00010246
Upvotes: 0
Views: 205
Answers (1)
Reputation: 2598
For some reason, your disassembly appears to have 16-bit instructions (using 16-bit registers like cx, ax, etc.) The offending instruction accesses memory at [si]. The value of si is the bottom 2 bytes of esi, which would lead to a sub-0x10000 value like 0x0000F9A8. Truncating off the top half of the address is probably what caused the error. I'm not sure what you're using to assemble, but try checking its command line options to make sure you haven't set a 16-bit flag or something.
Upvotes: 2
Related Questions
- Error in assembly x86: Access violation writing location 0x0081D45C
- Access violation writing location error using arrays in x86 assembly c++
- Access violation writing location 0x0133585B Error
- impossible combination of address sizes and invalid effective address on simple operation
- x86 Assembly "Access violation executing location 0x00000000"
- MASM: Access Violation Writing Location
- Access violation writing location is occuring in Assembly
- Access Write Violation When Accessing the Value of a Register in assembly x86
- x86 assembly procedure crashes, possibly overlooking simple error
- Passing Values into Memory location Access Violation in Assembly