Pyrae
April 2nd, 2002, 11:25
Hi there,
I've got a question concerning conditional breakpoints in softice:
As you know, there are quite some useful API functions that get called very often in a programs initialization phase(RegQueryValueExA, GetPrivateProfileStringA etc.).
Instead of using the bpcount trigger with a guessed value just below the right call, I'd like to make the bp depend on the value of a function parameter (i.e. ValueName to be read, Key to be opened etc.). Of course I know the the order of parameters (from the Win32 API docs) and read the whole SoftICE user guide, but that didn't make me any smarter yet.
I always guessed referring to the stack must be something like
bpx RegQueryValueExa if esp-14=='Info' (where "Info" is the value name),
but I didn't succeed so far...
Any info would be very much appreciated.
P.S.
Your forum rocks, Woodmann. Never seen a board with so many advanced reverser's on...
I've got a question concerning conditional breakpoints in softice:
As you know, there are quite some useful API functions that get called very often in a programs initialization phase(RegQueryValueExA, GetPrivateProfileStringA etc.).
Instead of using the bpcount trigger with a guessed value just below the right call, I'd like to make the bp depend on the value of a function parameter (i.e. ValueName to be read, Key to be opened etc.). Of course I know the the order of parameters (from the Win32 API docs) and read the whole SoftICE user guide, but that didn't make me any smarter yet.
I always guessed referring to the stack must be something like
bpx RegQueryValueExa if esp-14=='Info' (where "Info" is the value name),
but I didn't succeed so far...
Any info would be very much appreciated.
P.S.
Your forum rocks, Woodmann. Never seen a board with so many advanced reverser's on...