2

Imagine a scenario where a program's stack data is corrupt and you need to diagnose the issue. How would you go about manipulating and analyzing the raw stack data without the use of any local variables or function parameters, considering the dynamic nature of memory addresses in the stack and the potential for data overwrites or corruption?

would you consider dumping the contents of the stack to a file or memory dump a useful process in analyzing the raw stack data and identifying any issues present?

raheel0x01
  • 181
  • 6
  • 1
    "How would you go about manipulating and analyzing the raw stack data without the use of any local variables or function parameters," ... without any clue as to what data the stack is supposed to contain, how would anyone be able to troubleshoot possible corruption? – Mega Tonnage Feb 13 '23 at 08:02
  • i know that analyzing raw stack data can be challenging, especially when local variables or function parameters are not available. IMO one solution for this scenario is stack scanning or crawling, which involves recursively traversing the stack by following pointers between stack frames. it may help identify specific values stored at memory addresses on the stack and pinpoint anomalies in the data. (but i am not sure about it, please correct me, I am still researching.) – raheel0x01 Feb 14 '23 at 09:43

0 Answers0