Hi gurus,

Recently when i tried to find a bug in a program.
I got two versions of the same program.
With one of the program i am getting error and with the other
i am not getting any error.

How can i found out difference between the two files.

will u people do ...normal address range checking..or anything else..

please redirect me to some points ..where i can read and learn...

Thanks in advance for your help...!!
thanks

currently there is a thread on "the other board": http://board.win32asmcommunity.net/showthread.php?s=&threadid=19149 on the same subject.

you can also use the standard stuff that comes with windowsxp: system32\fc.exe compares two files, with /b it compares binary

Hi

Try this link

hxxp://www.respublica.fr/topcracks/x-brain27.zip

If that aint available search for x-brain

A very simple file compare program

/hobferret

Total Commander has a nice compare built-in, same for almost any hexeditor (I'm using Hex Workshop).

I really like the "Synchronize & compare" feature of WinHex for this, it's the best I've seen.

hi,
actually i dont want to do normal byte-by-byte comparison..
i wants to know..where the program is changing..
i am doing compaison between various file sized files.
thanks

Hi..
decompile them (disassemble) identify the buggy thing ,then try to find the same piece of code (patter or signature search) in the 'good' one.
thats all... i think hier is it no oder way to 'compare' apples with mellons..
greetz monguz

You need to state your problem with more details.
I have little idea of what you are trying to acomplish here.

Reading in between lines it seems that you are dealing with two VERSIONS of a program, one that is crashing and another that is not. . . Right?

Concentrate on the crashing one. Learn to interpret the error messages, which usually points in the general direction of the misfunctional code.

Also be aware that the error may not be produced by the main .exe file itself but one of the import modules
You may be up to a serius disassemble-debug project

Hi,

I am going to guess and say bad rebuild of dump.

Woodmann

ExamDiff Pro (http://www.prestosoft.com/ps.asp?page=edp_examdiffpro ("http://www.prestosoft.com/ps.asp?page=edp_examdiffpro")) is better

I am going to guess and say that he's after the holy grail of auto vulnerability identification, comparing a vulnerable and a fixed version of a program...

And nice tip about that program disavowed. Cool that is handles inserted portions like that, but the big problem with e.g. absolute addresses in code remains, still making it very hard to find the relevant changes between two different builds of a certain software. It would be really cool and useful with a program that could identify and handle inserted chunks like that while still ignoring changed absolute addresses in otherwise identical code and such. Anyway ever heard about a tool like that?

i don't know of any publicly available tool to do that. the easiest way to make such a tool would probably be with an idc script. probably wouldn't take more than a few hours to make.

bit late, but Araxis Merge is a great diff tool IMO. I use it all the time, for coding as well.