You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is actually a much larger issue with the x86 BOFs, regardless of supplied arg values. The problem within msvcrt.dll that your eventlog referenced was occuring on this line in sql.c
Fixed this in a new branch (fix/x86-crash) dedicated to this issue, however, it's not the only x86 specific problem. It also appears that this call to SQLDriverConnect is returning a SQL_INVALID_HANDLE error. Again, this does not affect the x64 BOFs for some reason.
Traced the issue back a bit farther today. Looks like the connection handle (SQLHDBC dbc) is being corrupted between its allocation and when it's passed to the ODBC32$SQLDriverConnect call
How the SQLDriverConnect call looks in API monitor when compiled to query.x86.exe (working)
How the SQLDriverConnect call looks in API monitor when compiled to query.x86.o and run via COFFLoader
The handle is getting successfully allocated by the ODBC32$SQLAllocHandle(SQL_HANDLE_DBC, *env, &dbc); call
Confirmed this code works fine for:
x64 BOF
x64 Exe
x86 EXE
But consistently has this handle corruption behavior for the x86 BOF
Description
Running sql-info or sql-query in a x86 beacon results in a crash.
Steps to reproduce
Start x64 beacon (reproduced with stageless x86 exe).
Watch beacon die and review Application Eventlog for crash.
Test environment
The text was updated successfully, but these errors were encountered: