32bit masm app reading from 64bit registry

[ChillyWilly]

Code Select Expand

DednDave OS Info Dump Ver 2.03

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion]
"ProductName"="Windows 7 Home Premium"
"CurrentVersion"="6.1"
"CurrentBuildNumber"="7600"
"SubVersionNumber"=(Value not found)
"CSDVersion"=(Value not found)
"BuildLab"="7600.win7_rtm.090713-1255"
"ProductId"=(Value not found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center]
"Ident"="6.0"

OSVERSIONINFOEX Structure:

       Version.Build: 6.1.7600
         Platform ID: Win32 on Windows NT
         CSD Version:
Service Pack Version: 0.0
          Suite Mask: 0000001100000000
        Product Type: Windows 2000 Pro/XP/Vista Workstation

Press any key to exit

[dedndave]

well - i think i wrote that code about the same time the win 7 beta came out
so - things have obviously changed a bit - lol
for my purposes, i only needed the product ID to differentiate some of the oddball XP's (like XP gold, XP gamers edition, etc)
at the time, i was looking for a way to seperate XP media center editions, but i found that "Ident" key that you see

[dacid]

any success?

[ChillyWilly]

how come I cant read this registry value?
the other string values in that key can be read  :'(

Code Select Expand


.386
.model flat, stdcall
option casemap:none

GetString proto :DWORD,:DWORD ,:DWORD
CTEXT MACRO y:VARARG
LOCAL sym, dummy
dummy EQU $;; MASM error fix
CONST segment
IFIDNI <y>,<>
sym db 0
ELSE
sym db y,0
ENDIF
CONST ends
EXITM <OFFSET sym>
ENDM

include windows.inc
include kernel32.inc
include user32.inc
include advapi32.inc

includelib user32.lib
includelib kernel32.lib
includelib advapi32.lib

.data


.data?
buffstuff db 1024 dup(?)

.code
start:
invoke GetString,CTEXT("SOFTWARE\Microsoft\Windows NT\CurrentVersion"),CTEXT("DigitalProductId"),addr buffstuff
invoke MessageBox, NULL,addr buffstuff,CTEXT('Result'), MB_OK
invoke ExitProcess,NULL


ShowErrorMessage proc hWnd,dwError
  local lpBuffer:DWORD
lea eax,[lpBuffer]
invoke FormatMessage,FORMAT_MESSAGE_ALLOCATE_BUFFER+FORMAT_MESSAGE_FROM_SYSTEM,0,[dwError],LANG_NEUTRAL,eax,0,0
invoke MessageBox,[hWnd],[lpBuffer],NULL,MB_ICONERROR+MB_OK
invoke LocalFree,[lpBuffer]
ret
ShowErrorMessage endp

GetString proc  lpszKey:DWORD,lpszValueName:DWORD,lpszBuffer:DWORD
LOCAL dwStrLength:DWORD
LOCAL phkResult :DWORD
LOCAL RType:DWORD
LOCAL lpcbData :DWORD
local szbuf[256]:BYTE

invoke RegOpenKeyEx,HKEY_LOCAL_MACHINE,lpszKey,0,KEY_QUERY_VALUE ,addr phkResult

.if eax==ERROR_SUCCESS
mov RType,REG_BINARY
mov     lpcbData, 250
invoke RegQueryValueEx,phkResult,lpszValueName,NULL, addr RType, lpszBuffer,addr lpcbData
.if eax==ERROR_SUCCESS
.else
invoke lstrcat,lpszBuffer,CTEXT("RegKey Does Not Exist")
.endif

.else
    invoke ShowErrorMessage,0,eax
invoke lstrcat,lpszBuffer,CTEXT("Error Opening RegKey!")
.endif
invoke RegCloseKey, phkResult
ret
GetString endp
end start


[ChillyWilly]

noone knows? theres gotta be someone here with a 64bit cpu that better at coding than me  :dazzled:

[Gunner]

It shows the value fine here... it shows the first hex value of that binary reg value on my Win7 32bit is a4, after a4 are a few NULLs so that is the ONLY character messages box shows.... You are going to have to parse that value and get what is after the nulls... it is REG_BINARY NOT REG_SZ which to me means the there are going to be NULLs in the value..

Is the format the same across os's?  don't know... here is how mine starts:

A4 00 00 00 03 00 00 00 00 DigitalProductId HERE

does the 3 mean there are 3 nulls before the DigitalProductId don't know, you are going to have to figure out how to parse the buffer to grab the DigitalProductId

[diablo2oo2]

its a bug in the windows.inc
correct:
KEY_WOW64_32KEY                  equ 0200h
KEY_WOW64_64KEY                  equ 0100h
KEY_WOW64_RES                    equ 0300h

wrong:
KEY_WOW64_32KEY                  equ 0200
KEY_WOW64_64KEY                  equ 0100
KEY_WOW64_RES                    equ 0300

[dedndave]

nice catch, diablo
should post in the masm32 project forum, windows.inc thread