Posts
  • Satyem

    Variable Argument Functions

    • 0 Comments
    Usually the functions defined in C/C++ take constant number of arguments which are decided while declaring the functions. Sometimes we do need the functions that can accept variable number of arguments, Printf() function is a great example of such functions...
  • Satyem

    Debugging Windows Service

    • 0 Comments
    From Vista onwards all the services run in Session 0, and session 0 has no interaction with desktop, this is named as session isolation and was added for security reason to windows. This brings a problem when we try to debug a service start up from a...
  • Satyem

    Switching between User and Kernel space

    • 0 Comments
    Revising the concept of switching from User to Kernel mode. The different modes processor run into on windows OS. that is kernel mode and user mode. We also say it ring0 and ring3 execution... So there are many places when the OS switches from User Mode...
  • Satyem

    Thread's Stack

    • 0 Comments
    Let’s talk about the thread’s stack today. Each thread has its own user mode and kernel mode stack which grows on demand. When a binary is built, linker inserts the default size for the stack into the PE header of binary. These default settings...
  • Satyem

    User Mode program access kernel mode address

    • 0 Comments
    What happens when a user mode program access the kernel mode address. The access fault happens, let's see how does the flow go in such scenario.. Actually all pages have a protection attribute that tells whether the page is owned by kernel or user...
  • Satyem

    Network connectivity issues diagnosis step by step - Part II.

    • 0 Comments
    In the previous post, we discussed how to make sure if Windows Firewall really dropped incoming packets. If the machine is domain joined then group policies might not allow you to turn off firewall. In that case logging or creating inbound rules should...
  • Satyem

    Where is my exception handler code in the function disassembly?

    • 2 Comments
    This post discusses how compiler actually stores the exception filters and exception handler in the stack required for exception handling mechanism provided by OS. Have a look at the disassembly of following main function and observe that on issuing uf...
  • Satyem

    Windbg loops around First chance and Second chance exceptions

    • 0 Comments
    My program causes an exception and debugger catches it, but the debugger is stuck in loop of first chance and second chance exception. Why isn't it get out of the loop and terminates the program if the exception is not handled? A snip from debugger...
  • Satyem

    Network connectivity issues diagnosis step by step - Part I.

    • 0 Comments
    Many a time we run into network problems between computers in home, offices, labs etc. which sometimes are easy to diagnose and sometimes they are not. I have heard from customers multiple times that they are not able to access some share on the other...
Page 1 of 1 (9 items)