Assembly Language for Beginners

(nextflipdebug2) #1

8.11. ORACLE RDBMS


.text:00434C8C pop ebp
.text:00434C8D retn
.text:00434C8D _ksmsplu endp


Constructions likememset (block, 0, size)are often used just to zero memory block. What if we take
a risk, block thememset()call and see what happens?


Let’s runtracerwith the following options: set breakpoint at0x434C7A(the point where the arguments to
memset()are to be passed), so thattracerwill set program counterEIPto the point where the arguments
passed tomemset()are to be cleared (at0x434C8A) It can be said that we just simulate an unconditional
jump from address0x434C7Ato0x434C8A.


tracer -a:oracle.exe bpx=oracle.exe!0x00434C7A,set(eip,0x00434C8A)


(Important: all these addresses are valid only for the win32 version of Oracle RDBMS 11.2)


Indeed, now we can query theX$KSMLRUtable as many times as we want and it is not being cleared
anymore!


Donottrythisathome(”MythBusters”) Do not try this on your production servers.


It is probably not a very useful or desired system behavior, but as an experiment for locating a piece of
code that we need, it perfectly suits our needs!


8.11.3V$TIMERtable in Oracle RDBMS


V$TIMERis anotherfixed viewthat reflects a rapidly changing value:


V$TIMER displays the elapsed time in hundredths of a second. Time is measured since
the beginning of the epoch, which is operating system specific, and wraps around to 0 again
whenever the value overflows four bytes (roughly 497 days).

(From Oracle RDBMS documentation^42 )


It is interesting that the periods are different for Oracle for win32 and for Linux. Will we be able to find
the function that generates this value?


As we can see, this information is finally taken from theX$KSUTMtable.


SQL> select * from V$FIXED_VIEW_DEFINITION where view_name='V$TIMER';


VIEW_NAME


VIEW_DEFINITION


V$TIMER
select HSECS from GV$TIMER where inst_id = USERENV('Instance')


SQL> select * from V$FIXED_VIEW_DEFINITION where view_name='GV$TIMER';


VIEW_NAME


VIEW_DEFINITION


GV$TIMER
select inst_id,ksutmtim from x$ksutm


Now we are stuck in a small problem, there are no references to value generating function(s) in the tables
kqftab/kqftap:


Listing 8.19: Result of oracle tables

kqftab_element.name: [X$KSUTM] ?: [ksutm] 0x1 0x4 0x4 0x0 0xffffc09b 0x3
kqftap_param.name=[ADDR] ?: 0x10917 0x0 0x0 0x0 0x4 0x0 0x0


(^42) http://go.yurichev.com/17088

Free download pdf