I compiled 17.7.3 gadget for Windows x64, yet undetermined conditions cause this crash:
rax=00007ff55eee0010 rbx=000001a250e2ed90 rcx=00007ff55eee0010
rdx=00007ff55eefb610 rsi=000001a24f8d0120 rdi=0000000000000db0
rip=00007ffc0d00675a rsp=00000040783ff548 rbp=00000040783ff680
r8=00000000fffe4a00 r9=00007ff55eee0010 r10=00007ffc0bfc0000
r11=00007ffc0d006827 r12=0000000000000db0 r13=000001a24f7ca868
r14=0000000000000000 r15=000001a24f7cbd80
iopl=0 nv up ei pl zr na po nc
cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010246
frida!memcpy+0x46a:
0033:00007ffc`0d00675a f3420f6f6c02f0 movdqu xmm5,xmmword ptr [rdx+r8-10h] ds:002b:00007ff6`5eee0000=????????????????????????????????
xmm5=000001a255e959a0 00007ffc0c0a47f1
Backtrace:
# Child-SP RetAddr Call Site
00 00000040`783ff548 00007ffc`0c1badd9 frida!memcpy+0x46a [D:\a\_work\1\s\src\vctools\crt\vcruntime\src\string\amd64\memcpy.asm @ 549]
01 00000040`783ff550 00007ffc`0c0e92b7 frida!g_array_remove_range+0x75 [D:\a\frida\frida\deps\src\glib\glib\garray.c @ 832]
02 00000040`783ff580 00007ffc`0c1ac82b frida!gum_quick_js_event_sink_drain+0x77 [C:\Users\Administrator\Desktop\frida_17_7_3\subprojects\frida-gum\bindings\gumjs\gumquickeventsink.c @ 301]
03 00000040`783ff710 00007ffc`0c1adf73 frida!g_timeout_dispatch+0x27 [D:\a\frida\frida\deps\src\glib\glib\gmain.c @ 5353]
04 00000040`783ff740 00007ffc`0c1ad0f0 frida!g_main_dispatch+0xf3 [D:\a\frida\frida\deps\src\glib\glib\gmain.c @ 3571]
05 00000040`783ff7a0 00007ffc`0c1ad41e frida!g_main_context_dispatch+0x20 [D:\a\frida\frida\deps\src\glib\glib\gmain.c @ 4294]
06 00000040`783ff7d0 00007ffc`0c1ae18b frida!g_main_context_iterate+0x14a [D:\a\frida\frida\deps\src\glib\glib\gmain.c @ 4367]
07 00000040`783ff830 00007ffc`0c0760fb frida!g_main_loop_run+0xb7 [D:\a\frida\frida\deps\src\glib\glib\gmain.c @ 4564]
08 00000040`783ff860 00007ffc`0c1a7d47 frida!gum_script_scheduler_run_js_loop+0x1b [C:\Users\Administrator\Desktop\frida_17_7_3\subprojects\frida-gum\bindings\gumjs\gumscriptscheduler.c @ 212]
09 00000040`783ff890 00007ffc`0c1a8ad6 frida!g_thread_proxy+0x53 [D:\a\frida\frida\deps\src\glib\glib\gthread.c @ 1055]
0a 00000040`783ff8c0 00007ffc`0cf8c097 frida!g_thread_win32_proxy+0xa [D:\a\frida\frida\deps\src\glib\glib\gthread-win32.c @ 496]
0b 00000040`783ff8f0 00007ffc`5fb5e8d7 frida!thread_start<unsigned int (__cdecl*)(void *),1>+0x4f [minkernel\crts\ucrt\src\appcrt\startup\thread.cpp @ 97]
0c 00000040`783ff920 00007ffc`605ec40c KERNEL32!BaseThreadInitThunk+0x17
0d 00000040`783ff950 00000000`00000000 ntdll!RtlUserThreadStart+0x2c
At first glance memcpy is invoked with a large size causing the overread of the source buffer.
I compiled 17.7.3 gadget for Windows x64, yet undetermined conditions cause this crash:
Backtrace:
At first glance memcpy is invoked with a large size causing the overread of the source buffer.