| Author | Message | Time |
|---|---|---|
| Eibro | I'm trying to set a conditional breakpoint on LoadLibraryA, where esp+4 is a string. Windbg documentation leads me to believe you can do this: bp LoadLibraryA "j ($spat(poi(esp+4), "IX86*")) ''; 'g' " But i'm getting a syntax error. I want break on LoadLibraryA if (char*)(esp+4) == "IX86*", is this possible? | June 15, 2004, 1:48 AM |
| Stwong | You're trying bp LoadLibraryA "j ($spat(poi(esp+4), "IX86*")) ''; 'g' " ? Try it with escaped ""'s inside the commandstring, may work better. bp LoadLibraryA "j ($spat(poi(esp+4), \"IX86*\")) ''; 'g' " Onto the next issue: You have 5 ""'s in that line. bp LoadLibraryA "j ($spat(poi(esp+4), \"IX86*\")) '; 'g' " The above may work a little better. | August 17, 2004, 5:19 AM |
| Skywing | Try this: bp kernel32!LoadLibraryA "j dwo(esp+4) == 36385849 'k' ; 'g' " Assuming you are using MASM syntax, of course. | August 17, 2004, 2:49 PM |
| Stwong | That may work even better. I was just looking at what might cause a syntax error, forgot to mention that I had no idea what the conditions for the J were meant to be. | August 17, 2004, 2:59 PM |