try to find john robbins book he has some nice details about debugging applications in his book
or find his bugslayer column in msdn and read through those articles
many of them come with precompiled binary as well as source code
or if you really would prefer to read all the murky details untar the gdb
source codes and look through the code (massive 17 mb dense c code)
but worth having a peek
a memory break point works by the way of setting permissions to a virtual page
if you look at VirtualAlloc() VirtualQuery() VirtualProtect() apis you can see
you can set various permissions like read,write ,execute, read write
read execute ,write execute etc etc
now if you set a permission like read execute then when ever a write access
occurs the processer or os triggers a exception
and ollydbg which is waiting for the debug event catches it
checks if the access violation is because of a break point set
and if yes it breaks
hope it was understandble explanation
|