- 注册时间
- 2011-8-8
- 最后登录
- 1970-1-1
该用户从未签到
|
大牛直接无视好了
网上关于设置字符串断点的文章不多,但是这个又是一个非常实用的功能。
拍砖请轻轻的
VCDebug
VCDebug 微软VS自带调试器套件,对字符串断点的支持依然强大。
VC支持在断点条件中使用字符串比较函数。
ASCII字符集字符串断点设置方法:- strcmp(pzString, "DDLX_CHAR") == 0
- stricmp(pzString, "DDLX_char") == 0
- strncmp(pzString, "DDLX", 4) == 0
- strnicmp(pzString, "ddlx", 4) == 0
- wcscmp(pzWString, L"DDLX_WCHAR") == 0
- wcsicmp(pzWString, L"DDLX_wchar") == 0
- wcsncmp(pzWString, L"DDLX", 4) == 0
- wcsnicmp(pzWString, L"ddlx", 4) == 0
OllyDbg的字符串调试也很好用
使用快捷键:Shift+F2设置条件断点,在条件中输入。
ASCII字符集字符串设置方法:- STRING [eax] == "DDLX_CHAR"
- STRING [eax] == "DDLX_char" //不区分大小写
- STRING [eax] == "DDLX" //不区分文本长度
- UNICODE [eax] == "DDLX_WCHAR"
- UNICODE [eax] == "DDLX_wchar" //不区分大小写
- UNICODE [eax] == "DDLX" //不区分文本长度
ASCII字符集字符串断点设置方法:- //全字符串匹配,区分大小写
- bp 0041141d "r @$t1 = eax; as /ma ${/v:pzString} $t1;.if ($scmp("${pzString}","DDLX_CHAR")==0) {} .else {gc}"
- //全字符串匹配,不区分大小写
- bp 0041141d "r @$t1 = eax; as /ma ${/v:pzString} $t1;.if ($sicmp("${pzString}","DDLX_char")==0) {} .else {gc}"
- //字符串模糊匹配,*表示0-?个模糊字符
- bp 0041141d "r @$t1 = eax; as /ma ${/v:pzString} $t1;.if ($spat("${pzString}","DDLX*")==0) {} .else {gc}"
- unicode 就是 /mu, 比如 as /mu ${/v:dllName} poi(esp+4)
|
|
发表于 2013-8-27 12:23:02