32bit masm app reading from 64bit registry

ChillyWilly · January 22, 2010, 12:04:39 AM

is it possible? i sent my friend an app that works fine on my 32bit machine, but on his 64bit it errors reading the key

using this

Code Select

GetString proc  lpszKey:DWORD,lpszValueName:DWORD,lpszBuffer:DWORD
LOCAL dwStrLength:DWORD
LOCAL phkResult :DWORD
LOCAL RType:DWORD
LOCAL lpcbData :DWORD
local szbuf[256]:BYTE

invoke RegOpenKeyEx,HKEY_LOCAL_MACHINE,lpszKey,0,KEY_READ,addr phkResult

.if eax==ERROR_SUCCESS
	mov RType,REG_SZ
	mov     lpcbData, 250
	invoke RegQueryValueEx,phkResult,lpszValueName,NULL, addr RType, lpszBuffer,addr lpcbData
	.if eax==ERROR_SUCCESS
	.else
	invoke lstrcat,lpszBuffer,CTEXT("RegKey Does Not Exist")
	.endif

.else
	invoke lstrcat,lpszBuffer,CTEXT("Error Opening RegKey!")
.endif
invoke RegCloseKey, phkResult
ret
GetString endp

Slugsnack · January 22, 2010, 12:51:48 AM

See if this page helps at all :
http://msdn.microsoft.com/en-us/library/ms724072(VS.85).aspx

sinsi · January 22, 2010, 01:22:24 AM

You might also need admin access when using HKEY_LOCAL_MACHINE on vista/win7

ChillyWilly · January 22, 2010, 03:30:32 PM

im using a manifest.xml to prompt for admin access and still nada

dedndave · January 22, 2010, 05:56:13 PM

i think the registry gets virtualized - you have to access it through the a "wow64" hive (or something like that)
so, HKEY_LOCAL_MACHINE becomes wow64\HKEY_LOCAL_MACHINE

i had to do it once - that worked for what i was doing because i was only reading the registry
you may have to jump through hoops if you want to write to it and have it stick after a re-boot

evlncrn8 · January 22, 2010, 08:55:02 PM

actually, its done using a flag in the access rights..

Code Select


KEY_WOW64_32KEY (0x0200)
	

Indicates that an application on 64-bit Windows should operate on the 32-bit registry view. For more information, see Accessing an Alternate Registry View.

This flag must be combined using the OR operator with the other flags in this table that either query or access registry values.

    Windows 2000:  This flag is not supported.

KEY_WOW64_64KEY (0x0100)
	

Indicates that an application on 64-bit Windows should operate on the 64-bit registry view. For more information, see Accessing an Alternate Registry View.

This flag must be combined using the OR operator with the other flags in this table that either query or access registry values.

    Windows 2000:  This flag is not supported.

source : http://msdn.microsoft.com/en-us/library/ms724878%28VS.85%29.aspx

ChillyWilly · January 23, 2010, 09:15:19 PM

testing on win7 home premium 64bit I tried using the samDesired parameter of KEY_WOW64_64KEY
heres the code so you can get a good example of what im trying to achieve

Code Select

.386
.model	flat, stdcall
option	casemap:none

GetString	proto	:DWORD,:DWORD ,:DWORD
CTEXT MACRO y:VARARG
LOCAL sym, dummy
dummy EQU $;; MASM error fix
CONST segment
IFIDNI <y>,<>
sym db 0
ELSE
sym db y,0
ENDIF
CONST ends
EXITM <OFFSET sym>
ENDM

include		windows.inc
include		kernel32.inc
include		user32.inc
include 	advapi32.inc

includelib	user32.lib
includelib	kernel32.lib
includelib 	advapi32.lib

.data
	szKey	    db	"SOFTWARE\Microsoft\Windows NT\CurrentVersion",0

.data?
	buffstuff 	db 1024 dup(?)
	
.code
start:




	invoke GetString,addr szKey,CTEXT("ProductName"),addr buffstuff
	invoke MessageBox, NULL,addr buffstuff,CTEXT('Result'), MB_OK
	invoke ExitProcess,NULL
	
	
GetString proc  lpszKey:DWORD,lpszValueName:DWORD,lpszBuffer:DWORD
LOCAL dwStrLength:DWORD
LOCAL phkResult :DWORD
LOCAL RType:DWORD
LOCAL lpcbData :DWORD
local szbuf[256]:BYTE

invoke RegOpenKeyEx,HKEY_LOCAL_MACHINE,lpszKey,0,KEY_READ or KEY_WOW64_64KEY ,addr phkResult

.if eax==ERROR_SUCCESS
	mov RType,REG_SZ
	mov     lpcbData, 250
	invoke RegQueryValueEx,phkResult,lpszValueName,NULL, addr RType, lpszBuffer,addr lpcbData
	.if eax==ERROR_SUCCESS
	.else
	invoke lstrcat,lpszBuffer,CTEXT("RegKey Does Not Exist")
	.endif

.else
	invoke lstrcat,lpszBuffer,CTEXT("Error Opening RegKey!")
.endif
invoke RegCloseKey, phkResult
ret
GetString endp
end start

Gunner · January 23, 2010, 09:40:09 PM

Chilly, in response to http://www.masm32.com/board/index.php?topic=13209.0

here is the code I used for that

Code Select

EnumExtensions32 proc uses ebx edi esi
LOCAL	FileExt[50]:BYTE
LOCAL	lpcBuffer:DWORD
LOCAL 	FTime:FILETIME
LOCAL   hKey:DWORD

    invoke  RegOpenKeyEx, HKEY_CLASSES_ROOT, NULL, NULL,KEY_ENUMERATE_SUB_KEYS or KEY_WOW64_32KEY, addr hKey
	xor 	ebx, ebx
	inc	ebx				; Skip * key
	xor	edi, edi
	GetNextExtension:
		lea	esi, FileExt
		push	NULL
		push	50
		push	esi
		call	memfill

		mov	lpcBuffer, 50
		
		; Enumerate each key in HCR
		lea	eax, FTime
		push	eax
		push	NULL
		push	NULL
		push	NULL
		lea	ecx, lpcBuffer
		push	ecx
		push	esi
		push	ebx
		push	hKey
		call	RegEnumKeyEx
		cmp	eax, ERROR_NO_MORE_ITEMS
		je	EnumDone
		
		; Get only extensions
		mov	al, byte ptr [esi]
		cmp     al, '.'
		;jne	NextExt
		jne	EnumDone
		
		; Make sure not a .??_ file
		mov	al, byte ptr [esi + 3]
		cmp     al, '_'
		je	NextExt
		
		
		NextExt:		
		inc	ebx
		jmp	GetNextExtension
		
		EnumDone:
				lea	esi, FileExt
		push	NULL
		push	50
		push	esi
		call	memfill

        push    esi
        push    ebx
        call    dwtoa
        
        push    0
        push    offset szMainCaption1
        push    esi
        push    0
        call    MessageBox

		ret
EnumExtensions32 endp

I do a lot of Registry access with many of my programs, I will take a closer look at your code in a bit to see if I notice anything

ChillyWilly · January 23, 2010, 10:29:01 PM

RegOpenKeyEx seems to be failing

if im doing formatmessage right it seems to be returning "access is denied" even though app is running as admin

change my .else to this:

Code Select

.else
invoke ShowErrorMessage,0,eax
invoke lstrcat,lpszBuffer,CTEXT("Error Opening RegKey!")
.endif



ShowErrorMessage hWnd,dwError
  local lpBuffer:DWORD
	lea	eax,[lpBuffer]
	invoke	FormatMessage,FORMAT_MESSAGE_ALLOCATE_BUFFER+FORMAT_MESSAGE_FROM_SYSTEM,0,[dwError],LANG_NEUTRAL,eax,0,0
	invoke	MessageBox,[hWnd],[lpBuffer],NULL,MB_ICONERROR+MB_OK
	invoke	LocalFree,[lpBuffer]
	ret
ShowErrorMessage endp

dedndave · January 24, 2010, 03:59:22 AM

it may be the stack alignment - there is concurrently another thread on that issue

ChillyWilly · January 25, 2010, 04:51:46 PM

whats the link to the other thread

dedndave · January 25, 2010, 06:39:31 PM

http://www.masm32.com/board/index.php?topic=13186.msg102596#msg102596

GregL · January 25, 2010, 07:12:34 PM

The stack alignment issue in the other thread pertains to 64-bit programs.

tofu-sensei · January 25, 2010, 08:13:42 PM

Quote from: ChillyWilly on January 23, 2010, 09:15:19 PM
testing on win7 home premium 64bit I tried using the samDesired parameter of KEY_WOW64_64KEY
heres the code so you can get a good example of what im trying to achieve

this is working just fine for me if i remove the KEY_WOW64_64KEY flag...

sinsi · January 28, 2010, 09:25:50 AM

>this is working just fine for me if i remove the KEY_WOW64_64KEY flag

Same here, even without admin.

News:

32bit masm app reading from 64bit registry