Log in

View Full Version : LOCK prefix is not allowed ?

NMI
November 8th, 2009, 03:22
hi every1.
i write vulnerable program with stack overflow . i use Olly JIT .
but my program get access Violation on ( LOCK prefix is not allowed).
what is it?
the instruction : lock JMP DWORD PTR DS:[EDX] : LOCK prefix is not allowed
Indy
November 8th, 2009, 04:50
Intel® 64 and IA-32 Architectures Software Developer’s Manual Volume 3A System Programming Guide, 7.1.2.2:
Quote:
To explicitly force the LOCK semantics, software can use the LOCK prefix with the
following instructions when they are used to modify a memory location. An invalid-
opcode exception (#UD) is generated when the LOCK prefix is used with any other
instruction or when no write operation is made to memory (that is, when the destina-
tion operand is in a register).
• The bit test and modify instructions (BTS, BTR, and BTC).
• The exchange instructions (XADD, CMPXCHG, and CMPXCHG8B).
• The LOCK prefix is automatically assumed for XCHG instruction.
• The following single-operand arithmetic and logical instructions: INC, DEC, NOT,
and NEG.
• The following two-operand arithmetic and logical instructions: ADD, ADC, SUB,
SBB, AND, OR, and XOR.

If you perform branching with the prefix PREFIX_LOCK(0xF0), CPU generates a # UD, then ISR KiTrap06 process it and return code STATUS_INVALID_LOCK_SEQUENCE.
Set a breakpoint to Olly on ntdll!KiUserExceptionDispatcher, you'll have a reason for the error and the full context of the flow.
NMI
November 8th, 2009, 06:25
it means that my shellcode is in wrong place?
evlncrn8
November 8th, 2009, 06:55
it means you shouldn't be using lock jmp..