file sizes

[six_L]

Hello,all
[dwData]=5544AABB

Code Select Expand

;==================
invoke CreateFileMapping,hfile,NULL,PAGE_READONLY,0,0,NULL
mov hMapFile,eax
invoke MapViewOfFile,hMapFile,FILE_MAP_READ,0,0,0
mov pMemory,eax

invoke GetFileSize, hfile, NULL
mov dwFileSize, eax

invoke ReadFile,hfile,pMemory,dwFileSize,addr dwbytesread,0
invoke SetFilePointer,hfile,4,0,FILE_END

invoke WriteFile,hfile,addr dwData,4,addr dwbytesread,0
;==================
i want to write "5544AABB" into the end of a file. after written, the file sizes has been changed.

[Tedd]

No need to memory-map the file.
Open it, set the file pointer to the end of the file, write the data, close it.

[TNick]

Anyway, invoke SetFilePointer,hfile,4,0,FILE_END will set the file pointer 4 bytes after the end of file. To set file pointer to the end of the file, just use:

invoke SetFilePointer,hfile,0,0,FILE_END

[P1]

i want to write "5544AABB" into the end of a file. after written, the file sizes has been changed.

Why do you want to modify a file buffer tail without showing a file size change?

Regards,  P1  :8)

[six_L]

Thanks you. Tedd,TNick,P1

invoke SetFilePointer,hfile,0,0,FILE_END

Code Select Expand

invoke SetFilePointer,hfile,dwFileSize-4,0,FILE_BEGIN
can't work rightly.

|------------------------------|---------------|
FILE_BEGIN               5544AABB  FILE_END

Why do you want to modify a file buffer tail without showing a file size change?

This is a flag.

[P1]

This is a flag.

A small database, could do the same thing without the risk of corrupting the file or triggering a CRC change.  And when you don't have any "spare" room in the file tail buffer.

Regards,  P1  :8)

[six_L]

Hey,P1
Thanks.
That [dwData] is just the crc32 value of file.
ofcourse, the end position isn't good to be set. the data shoud be written into PE header somewhere.
at the end of all PE files, its data is "00".
how do i can write the value at the end without increasing the file sizes?

[P1]

PE Headers already have checksums for the header and for the file as a whole.

One other problem with marking current files is that you will not be able to mark any file that is in use.  And all those techniques involved.  And I suppose having the original file dates restored was in the plans as well.  Then you have the internal Microsoft file checking to work around.

Beside using an system, hidden file to database this info in, check into NTFS alternate streams.  I know this is not acceptable for DOS file systems, so back to the database idea.

Beside of a couple of copy protection schemes and PE encryptors, that I know of, mostly viruses modify PE files.  You have alternated between flags and CRC in explaining what you want.  Maybe you can explain better what your software does?   And a disregard for file types other than executables. 

If you are legitimate, you can find a safe and more secure way of doing this without going into and modifing the file.  If I am not mistaken, would voilate most EULAs for File Altering, especially .exe files.

Regards,  P1  :8)

[six_L]

Hey,P1

Maybe you can explain better what your software does?

i'm glad to be guided by some professional coders. if you would not help me,please don't ask such question. i'm really comfortless.
frist, i'm fan without doing any software, only learning.
second,i have not any ability to do any software.
three, i know nothing about this, so how do i tell you what the code will do?

best regards

[rags]

Six_L

Hey,P1

Maybe you can explain better what your software does?

i'm glad to be guided by some professional coders. if you would not help me,please don't ask such question. i'm really comfortless.

I think P1 was asking a fair question, wanting to know what it was that your software did, given the fact that you are apparantly trying to learn how to write a program that appends data to an existing file without wanting to change its file size.
Also, this statement makes absulutely no sense, at least to me anyway:

three, i know nothing about this, so how do i tell you what the code will do?

How do you not have a clue of what a program does, or should do , that you are attempting to write?
Rags

[six_L]

Hey,rags
i'v a different feeling between you.
i think:
1. he assumed i'm doing that with "Legality of content is not a negotiable matter in the forum. Assembler programming is mainstream programming and is primarily used by professional programmers who require the performance in specialised areas. Low level coding is both allowed and encouraged but there will be no viral or trojan technology allowed including technical data under the guise of AV technology, no cracking and similar activities in the guise of "Reverse Engineering", no hacking techniques or related technology and no support or help with or reference to pirated software. There will also be no links to pages that support or display any of these or any other illegal areas of coding."
2. in my frist post, i explained apparently the code goal was too clear to do any more. that's "i want to write "5544AABB" into the end of a file." but he asked it again and agin. is it really sense?
3.

"How do you not have a clue of what a program does, or should do , that you are attempting to write?".

i want to write the value at the file's end without increasing the file sizes. if the code did it, that's all, no anymore, no future, it's over.
so what's i tell him it will do?

thanks you for the response.
best regards.

[MichaelW]

Six_L,

Of the practically infinite number of things that you could be doing/learning, why are you focusing on programming techniques that are typically used to do bad things? And how much mileage do you expect to get out of your doubletalk replies? Despite the language barrier here, I think you understand the questions that you are being asked, and you are trying to avoid answering. In my view, if you cannot provide a legitimate, and reasonable, justification for doing what you are trying to do here, then you should not be doing it, and we should not be helping you do it.

[Mark Jones]

i want to write the value at the file's end without increasing the file sizes.

What legitimate reason could you possibly have for wanting to do this?

BTW, "5544AABB" doesn't turn up anything on Google. But "BBAA4455" does, some porn thing in an un-translatable language.

[six_L]

Hey,Mark Jones

BTW, "5544AABB" doesn't turn up anything on Google. But "BBAA4455" does, some porn thing in an un-translatable language.

are you interesting? :U
that's a key to bring you into where some porn thing in an un-translatable language. :green2
do you want to know the path? :snooty:

[P1]

For my part in this, a code request void of purpose, then any technique that accomplishes the task is valid.  But we have a code request that insists that a certain technique be used without answer of purpose.

Topic Locked.

PM a moderate with the appropiate reasons to unlock.

I deal with security issues on a daily basis.  I see new viruses where they are coded to protect the other file's presence in the OS.  I error on the side of safety first. 

My dilemma is are you a smart virus writer or a inexperienced programmer?  Because smart virus writers pose as inexperienced programmer to get help.  True enough inexperienced programmers sometimes can not explain certain things, but they usually know what they want and why it's important.  So if you leave out the why you want it done, then I logically need to conclude the worst.  Because the inexperienced programmers are just trying to get it done, so the method becomes unimportant.  Method seems to be always important to smart virus writers, for they know what they want to do, which betrays their intentions of their want.

If per chance, you are under a CDA, then you are out of luck here.  We will not help you violate your agreement.

Regards,  P1  :8)