How can I catch a memory exception?

Question

I'm having an issue catching an exception , this is the error:

Unhandled exception at 0x01034BB1 in Hello.exe: 0xC0000005: Access violation reading location 0x02343DA2.

This is my code:

bool VerifyAddress(HANDLE hwnd, DWORD dwAddress, char* bMask, char *szMask )
{
    PBYTE *pTemp = { 0 };

    for ( int i = 0; *szMask; ++szMask, ++bMask, ++i )
    {

        try {
            if ( !ReadProcessMemory( hwnd, reinterpret_cast<LPCVOID>(dwAddress + i), &pTemp, sizeof(pTemp), 0 ) ){
                failedRPM++;
                return false;
            }
        } catch(...) {
            failedRPM++;
            return false;
        }

        if ( *szMask == 'x' && reinterpret_cast<char*>(pTemp) != reinterpret_cast<char*>(*bMask)){
            failedMask++;
            return false;
        }
    }
    return true;
}

DWORD FindPattern(HANDLE hwnd, char* bMask, char *szMask )
{
    for ( DWORD dwCurrentAddress = 0x015A1DB4; dwCurrentAddress < 0x7FFFFFF; dwCurrentAddress++ ){
        if ( VerifyAddress( hwnd, dwCurrentAddress, bMask, szMask )) {
            return dwCurrentAddress;
        }
    }
    return 0x0;
}

I have just a question: why the catch is not catching?

Which compiler are you using? Access violations are structured exceptions (not C++ exceptions), with Microsoft Visual Studio you need to turn on structured exception handling. See: https://msdn.microsoft.com/en-us/library/windows/desktop/ms680657(v=vs.85).aspx and https://msdn.microsoft.com/en-us/library/1deeycx5.aspx — Richard Critten, Sep 11 '15 at 17:01
I've never used `ReadProcessMemory` but from the looks of it... do you have access to `reinterpret_cast(dwAddress + i)` for `sizeof(pTemp)`? Also, is `hwnd` a valid process handle? — RyanP, Sep 11 '15 at 17:01
I would try the `/EHa` as the exception handling model. See https://msdn.microsoft.com/en-us/library/1deeycx5.aspx for more details. — R Sahu, Sep 11 '15 at 17:03
I think it's a mistake to map structured exceptions to C++ exceptions; the semantics are fundamentally different.. In this MS-specific code you can use the MS-specific syntax to handle the structured exception appropriately. — Alan Stokes, Sep 11 '15 at 17:58
possible duplicate of [C++, \_\_try and try/catch/finally](http://stackoverflow.com/questions/7049502/c-try-and-try-catch-finally) — Zan Lynx, Sep 11 '15 at 18:05
`pTemp` is probably on the stack and has trashed the stack, and that's why it's not catching. The name suggests that it is already a pointer, so you shouldn't be using the `&pTemp` but just `pTemp`. Can you show the code where `pTemp` is declared and initialized too? — Ben, Sep 11 '15 at 18:45
Ah, that means that that I do not have read access to that address ? @RyanP — John S., Sep 11 '15 at 19:53
Literally answering your question, why your `catch(...)` clause doesn't catch SEH exceptions: You are using Visual Studio 2005 or above. Switching to Visual Studio 2003 is one solution. Fixing the bug is another solution. There seems to be a consensus that the former solution isn't, while the latter is. — IInspectable, Sep 11 '15 at 20:14
Thank you, sorry. I updated the code, could you help me? Thanks! — John S., Sep 11 '15 at 20:22

score 2 · Answer 1 · answered Sep 11 '15 at 18:31

2

This isn't a C++ exception that you can catch, it's accessing invalid memory. There's no guarantee that the process is in a sane state for catching anything.

In your particular case, something's probably wrong with pTemp, maybe it's a constant. Show us the code.

answered Sep 11 '15 at 18:31

David Schwartz

179,497
17
214
278

pTemp is probably on the stack and has trashed the stack, and that's why it's not catching... – Ben Sep 11 '15 at 18:44
I edited my coded , now it's complete, thank you for your helping. Can you now help me? – John S. Sep 11 '15 at 20:23
I'd need to see how FindPattern is called. – David Schwartz Sep 12 '15 at 04:23

score 2 · Answer 2 · answered Sep 11 '15 at 19:43

You can catch SEH exceptions using a try-except Statement. The __try and __except keywords are specific to Microsoft's compilers.

There are a few considerations, though:

You cannot mix C++ and SEH exception handling. The result would be undefined.
Improperly handling SEH exceptions can jeopardize process integrity.
SEH exception handlers should only be used in very rare cases. In your specific case it will probably hide a bug lingering elsewhere.

With that out of the way, you should probably analyze the issue, and fix the bug. You can use Application Verifier to easily catch memory corruption bugs. You can also set up Visual Studio's debugger to break, when an SEH exception is raised (Debug -> Windows -> Exception Settings: Win32 Exceptions).

Nice detailedanswer. Anyway, I edited my coded, now it's complete, thank you for your helping. Can you now help me? — John S., Sep 11 '15 at 20:23

How can I catch a memory exception?

2 Answers2

Linked