module_entry: Caught error: invalid_read

[ghost]

Hello,

Thank you for producing this tool. I get the following error when running this command:

python -m speakeasy -p 1 -o release.json -t release.exe

I don't an error when running the executable outside the emulator.

[williballenthin]

can you share the source binary? otherwise, it will be difficult to triage why the emulator tried to read invalid data from address 0x140002fec.

[ghost]

encryptdecrypthardcodedkey_release.zip

Thank you for taking a look!

[HongThatCong]

Please tell us which version of Unicorn you are installing

[ghost]

unicorn==1.0.2

[ghost]

update:

I was using the -p arguement to pass command line arguments into the program being emulated. My main did not have any arguments though. So I hard-coded the option to encrypt and removed cin. Although, I get the same error:

python -m speakeasy -o release.json -t release.exe

• exec: module_entry
  0x14000424e: 'KERNEL32.GetSystemTimeAsFileTime(0x12fff88)' -> None
  0x14000425c: 'KERNEL32.GetCurrentThreadId()' -> 0x434
  0x140004268: 'KERNEL32.GetCurrentProcessId()' -> 0x420
  0x140004278: 'KERNEL32.QueryPerformanceCounter(0x12fff90)' -> 0x1
  0x140003ce4: 'api-ms-win-crt-runtime-l1-1-0._initterm_e(0x1400053f0, 0x140005408)' -> 0x0
  0x140003d05: 'api-ms-win-crt-runtime-l1-1-0._initterm(0x1400053d0, 0x1400053e8)' -> 0x0
  0x140003d73: 'api-ms-win-crt-runtime-l1-1-0._get_initial_narrow_environment()' -> 0x48e0
  0x140003d7b: 'api-ms-win-crt-runtime-l1-1-0.__p___argv()' -> 0x4a00
  0x140003d83: 'api-ms-win-crt-runtime-l1-1-0.__p___argc()' -> 0x4a50
  0x140003b4f: 'api-ms-win-crt-heap-l1-1-0.malloc(0x20)' -> 0x4a60
  0x140002e0c: module_entry: Caught error: invalid_read
• Finished emulating
• Saving emulation report to: release.json

[ghost]

Update:

It looks like the issue has to do with using std::cout. Is this a known issue?