bp WSecKrl!GetFileNameFromPID+0x199 “;as /mu ${/v:FileName} pFileName;.echo;.printf"FileName:%ma",${FileName};.echo;g”
why always print Garbled
Thanks!!!
liu jing
bp WSecKrl!GetFileNameFromPID+0x199 “;as /mu ${/v:FileName} pFileName;.echo;.printf"FileName:%ma",${FileName};.echo;g”
why always print Garbled
Thanks!!!
liu jing
A few problems that I see:
What’s the /v here: ${/v:FileName}? I don’t see that described in the
docs
printf"FileName:%ma", - %ma is for ASCII, %mu is for UNICODE
${FileName} - printf wants a virtual address, I think you’re passing a
string here.
You might want to just try doing something simpler like this:
“.echo;.printf"FileName:%mu",pFileName;.echo;g”
And see if that works.
-scott
–
Scott Noone
Consulting Associate
OSR Open Systems Resources, Inc.
http://www.osronline.com
<crazy2000_liu> wrote in message news:xxxxx@windbg…
> bp WSecKrl!GetFileNameFromPID+0x199 “;as /mu ${/v:FileName}
> pFileName;.echo;.printf"FileName:%ma",${FileName};.echo;g”
>
> why always print Garbled
>
> Thanks!!!
> liu jing
>
>
></crazy2000_liu>
This is I write code:
bp WSecKrl!GetFileNameFromPID+0x199 “echo;.printf"FileName:%ma", pFileName;.echo;g”
or
bp WSecKrl!GetFileNameFromPID+0x199 “echo;.printf"FileName:%ma", poi(pFileName);.echo;g”
fullPathName type is PCHAR*
print result is:
FileName:??
FileName:??
FileName:??
FileName:i?
FileName:i?
FileName:Y?
FileName:?%
FileName:??
why ???
thank you
This is I write code:
bp WSecKrl!GetFileNameFromPID+0x199 “echo;.printf"FileName:%ma",
pFileName;.echo;g”
or
bp WSecKrl!GetFileNameFromPID+0x199 “echo;.printf"FileName:%ma",
poi(pFileName);.echo;g”
pFileNametype is PCHAR*
print result is:
FileName:??
FileName:??
FileName:??
FileName:i?
FileName:i?
FileName:Y?
FileName:?%
FileName:??
why ???
thank you
It looks like it might be UNICODE.
Is it PCHAR or PCHAR *?
Good luck,
mm