News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

strings andd procedures -> problem

Started by patryk_z_wawy, July 25, 2009, 01:09:02 AM

Previous topic - Next topic

patryk_z_wawy

Hi everyone,

The problem is connected with the following code:


private void button2_Click(object sender, EventArgs e)
{
   System.Text.ASCIIEncoding e = new System.Text.ASCIIEncoding();

   byte[] string1 = e.GetBytes(textBox2.Text);
 
   engine.hide(string1);
}


And :


hide PROC in1: PTR DWORD,

   INVOKE CreateFile,
      in1, GENERIC_READ, 0, NULL,
      OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL


...

Unfortunately, CreateFile returns FFFFFFFF in eax register what probably means an error.
Moreover, I get 4 in ecx when I check size of text when in fact it has 10

That's why I use the following code to test rest of my program:


.DATA
   in1 BYTE "file.jpg",0

...

hide PROC

   INVOKE CreateFile,
      in1, GENERIC_READ, 0, NULL,
      OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL

...

Now, I get 10 in ecx and CreateFile works fine.

How should  I pass both strings to 'hide procedure' such that I would get results like in the second case?
I suppose that in the first case I work with pointers to strings and this is the source of the problem.

Thanks in advance!

fearless

In the first example:

INVOKE CreateFile, ADDR fileName,...

your proc declaration is:

hide PROC fileName: PTR DWORD

so you dont need the ADDR part for fileName, just specify the parameter instead:

INVOKE CreateFile, fileName, GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL

Thats why in the 2nd example it worked as you were refering to the Addr of a global variable you declared in the .DATA section:

.DATA
   fileName BYTE "file.bmp",0


To get the size of the text in the file, you can use GetFileSize (or SetFilePointer) to fetch the file size and therefore the size of the data you are working with. If its just text and only text, terminated with a null 0 byte character, then you can use the win32 lstrlen function or from the masm32 library you can use the szLen function. Using SIZEOF for the parameter will only return the size of the parameter, in this case a dword value which is 4 bytes long. So best use szLen or lstrlen to determine on the fly the length of the text string. Of course if you want to determine the size of the string once it has been read into a buffer from a file then the ReadFile function will help you in this regard, or you could use a .ini file to store the text in and use GetPrivateProfileString function to read in the text string to memory.
ƒearless

patryk_z_wawy

#2
thanks for reply.

unfortunately, I have problems with CreateFile because it still returns FFFFFFFF in eax register.
Now, my hide function begins with

INVOKE CreateFile, in1, GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL

Is it problem of null character at the end of a string or something else? How to solve this problem?

dedndave

fileName is used as a label in the DATA segment
pick a different name for the global on the proc - let's call it lpFileNme - that way, it's unique, and we know it's a pointer
also, when opening a file for read-only, use FILE_SHARE_READ so that other programs may open it as well

.
.
.
        .DATA

FileNme db 'file.bmp',0

        .CODE
.
.
.
        INVOKE  hide,
                ADDR FileNme
.
.
.
hide    PROC    lpFileNme:DWORD

        INVOKE  CreateFile,
                lpFileNme,
                GENERIC_READ,
                FILE_SHARE_READ,
                NULL,
                OPEN_EXISTING,
                FILE_ATTRIBUTE_NORMAL,
                NULL
.
.
.

patryk_z_wawy

#4
My problem is different. It occures when I execute my hide function
It doesn't concern 'labels', because when I want to use argument from procedure I put this fragment in comments:

; in1 db 'file.jpg',0

So, I still don't know what's going on with CreateFile error.

MichaelW

0FFFFFFFFh is -1, indicating that the function failed.

#define INVALID_HANDLE_VALUE ((HANDLE)(LONG_PTR)-1)

Try calling GetLastError to get the error code value.
eschew obfuscation

patryk_z_wawy

#6
0FFFFFFFFh is -1, indicating that the function failed.

#define INVALID_HANDLE_VALUE ((HANDLE)(LONG_PTR)-1)

Try calling GetLastError to get the error code value.

The error message informs that can't find specified file. Probably, something wrong is with passed string.
I can only guess that it is something connected with null character.

So, my problem is still unsolved. Any ideas?

GregL

Mikhail,

I would use


hide PROC lpszFileName:PTR BYTE, lpszText:PTR BYTE

   INVOKE lstrlen, lpszText
   mov ecx, eax

   INVOKE CreateFile, lpszFileName, GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL
   ...



Make sure str and str2 are pointers, Byte arrays are not automatically pointers in C#.  I think you'll need to use 'unsafe' code and pointers.  This may give you some ideas:  How to: Use the Windows ReadFile Function (C# Programming Guide)

Also, I'm pretty sure TEXT is a reserved word in MASM.


dedndave

_TEXT is a C standard code segment name

GregL

dedndave,

Yeah, I guess it is _TEXT.  Should have looked it up.  :red


dedndave

might also be FAR_TEXT
or WHATEVER_TEXT
still, not good to use words like that - lol
i try to make label names so they won't match not only the assembler, but also the API structure data names
i also try not to make them come out funny or swears - lol

GayData dw 0
SomeShit dw 1

i noticed in the registry, ms uses:

SubVersion

oh well - nobody is perfect

patryk_z_wawy

#11
Didn't help

fearless

I would follow dedndave's example for defining the hide function:

hide    PROC    lpFileNme:DWORD

        INVOKE  CreateFile,
                lpFileNme,
                GENERIC_READ,
                FILE_SHARE_READ,
                NULL,
                OPEN_EXISTING,
                FILE_ATTRIBUTE_NORMAL,
                NULL


Then figure out how to pass the information to the hide function from c#. Its probably a pointer thing for c#. As you want to pass the dword value of the start location of the filename string to the hide function. As the DLL will get mapped to the same user memory space as the main exe then your programs will have no problem 'seeing' the data for filename. Dont know anything about c# so cant help you on how to pass the pointer to the filename variable, but thats where i would look for a solution.

If you test the hide function via asm like in dedndaves example you will know that works as its supposed to, its just the call from c# that needs to be adjusted.
ƒearless

dedndave

temporarily add some code to help you figure out what is going on
notice that GetLastError is invoked immediately after the function call that produces the error
if you call any other functions prior to GetLastError, the information may be destroyed

hide PROC fileNames: PTR BYTE,
   pText: PTR BYTE

   INVOKE lstrlen, pText
   mov textSize, ax
mov eax,fileNames            ;temporary code
print uhex$(eax),13,10       ;temporary code
   INVOKE CreateFile,
fileNames, GENERIC_READ, 0, NULL,
OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL
cmp eax,-1                   ;temporary code
jnz Contin                   ;temporary code
invoke GetLastError          ;temporary code
print uhex$(eax),13,10       ;temporary code
Contin:

patryk_z_wawy

#14
Didn't help