I'm missing something obvious I'm sure.
Library code:
.386
.model flat,stdcall
.code
CheckForDevice proc
CheckForDevice endp
end
LIBRARY CheckDevice2
EXPORTS
CheckForDevice,@1
Stub DLL Code:
.386
.model flat,stdcall
include CheckDevice2.lib
.code
DllEntry proc hInstDLL:DWORD, reason:DWORD, reserved1:DWORD
mov eax,1h
ret
DllEntry Endp
end DllEntry
LIBRARY CheckDevice
EXPORTS
CheckForDevice=CheckDevice2.CheckForDevice,@1
Error:
Building...
Microsoft (R) Macro Assembler Version 6.14.8444
Copyright (C) Microsoft Corp 1981-1997. All rights reserved.
Assembling: checkdevice.asm
CheckDevice2.lib(1) : error A2008: syntax error : !
CheckDevice2.lib(2) : error A2044: invalid character in file
CheckDevice2.lib(3) : error A2044: invalid character in file
CheckDevice2.lib(4) : error A2044: invalid character in file
...
CheckDevice2.lib(100) : error A2044: invalid character in file
CheckDevice2.lib(101) : fatal error A1012: error count exceeds 100; stopping assembly
Microsoft (R) Incremental Linker Version 5.12.8078
Copyright (C) Microsoft Corp 1992-1998. All rights reserved.
LINK : fatal error LNK1181: cannot open input file "checkdevice.obj"
Best regards,
Astro.
Try includelib
EDIT: Weird - that actually made no difference. :eek
includelib doesn't change anything. Something happened to the LIB.
I hadn't noticed I wrote 'include' instead of 'includelib' though - thanks! I also removed it which didn't affect the error, but now it is working and I have no idea why.
Best regards,
Astro.
I'm attempting to do this, but it fails with a memory access violation.
http://www.milw0rm.com/papers/105
See the end of this message for details on invoking
just-in-time (JIT) debugging instead of this dialog box.
************** Exception Text **************
System.AccessViolationException: Attempted to read or write protected memory.
...so it appears the DLL is loading, but then an error is occuring, I presume when it calls the function.
Anyone done anything like this and got it working?
EXE -> This stub DLL -> redirect via the export -> Real DLL
It would appear that it should be possible to forward functions this way.
Best regards,
Astro.
According to OllyDbg:
* ERROR_INVALID_WINDOW_HANDLE (00000578)
* The memory is not readable
Best regards,
Astro.
I re-wrote the original DLL - same problem. :(
Best regards,
Astro.
I see two bad things
Quote
DllEntry proc hInstance:HINSTANCE, reason:DWORD, reserved1:DWORD
.if reason==DLL_PROCESS_ATTACH
invoke DisableThreadLibraryCalls,hInstance
invoke MessageBox,NULL,addr LoadMsg,addr AppName,MB_OK
.elseif reason==DLL_PROCESS_DETACH
invoke MessageBox,NULL,addr UnloadMsg,addr AppName,MB_OK
.elseif reason==DLL_THREAD_ATTACH
invoke MessageBox,NULL,addr ThreadCreated,addr AppName,MB_OK
.else ; DLL_THREAD_DETACH
invoke MessageBox,NULL,addr ThreadDestroyed,addr AppName,MB_OK
.endif
mov eax,TRUE
ret
DllEntry Endp
;-----------------------
proc here
End DllEntry
Quote
LIBRARY CheckDevice
EXPORTS
CheckForDevice ;only proc here with PRIVATE
QuoteCheckForDevice ;only proc here with PRIVATE
...so forwarding exports are not supported, even though it builds OK?
I'm attempting to set up a forwarding export. Please see my other thread.
Best regards,
Astro.
What did you call a "forwarding export" ?
LIBRARY CheckDevice
EXPORTS
CheckForDevice=CheckDevice2.CheckForDevice,@1
The line:
CheckForDevice=CheckDevice2.CheckForDevice,@1
Is a forwarding export.
What it does (should do) is cause the system to load the library referenced before the '.' then call the function after the '.' contained in the library referenced in the export, instead of looking for it in *this* library.
Kernel32.dll re-directs some functions to NTDLL.dll without issues, so I'm wondering why my redirect isn't working.
Can we continue this in the other thread (http://www.masm32.com/board/index.php?topic=11924.0) please? I started another thread to keep the two issues separate.
The original problem in this thread is FIXED.
Best regards,
Astro.
Explain is here with bad syntax
http://msdn.microsoft.com/en-us/magazine/cc301808.aspx
QuoteExport Forwarding
A particularly slick feature of exports is the ability to "forward" an export to another DLL. For example, in Windows NT®, Windows® 2000, and Windows XP, the KERNEL32 HeapAlloc function is forwarded to the RtlAllocHeap function exported by NTDLL. Forwarding is performed at link time by a special syntax in the EXPORTS section of the .DEF file. Using HeapAlloc as an example, KERNEL32's DEF file would contain:
EXPORTS
•••
HeapAlloc = NTDLL.RtlAllocHeap
How can you tell if a function is forwarded rather than exported normally? It's somewhat tricky. Normally, the EAT contains the RVA of the exported symbol. However, if the function's RVA is inside the exports section (as given by the VirtualAddress and Size fields in the DataDirectory), the symbol is forwarded.
When a symbol is forwarded, its RVA obviously can't be a code or data address in the current module. Instead, the RVA points to an ASCII string of the DLL and symbol name to which it is forwarded. In the prior example, it would be NTDLL.RtlAllocHeap.
:U
This is what I'm trying to use, but it doesn't work, although the output of dumpbin is correct.
Best regards,
Astro.
I try with success this two
Quote
CheckForDevice=CheckDevice2.CheckForDevice,@1
HeapAlloc = NTDLL.RtlAllocHeap,@2
My build environment is masm32
Here is what say dumpbin about that
Quote
ordinal hint RVA name
1 0 CheckForDevice (forwarded to CheckDevice2.CheckForDevice,@1)
2 1 HeapAlloc (forwarded to NTDLL.RtlAllocHeap,@2)
3 2 0000100A TestHello = @ILT+5(_TestHello@4)
Hi Astro,
This might help you :
Creating a DLL with forwarded functions (http://www.masm32.com/board/index.php?topic=5838.0)
Quote from: ToutEnMasm on July 23, 2009, 05:07:20 PM
I try with success this two
Quote
CheckForDevice=CheckDevice2.CheckForDevice,@1
HeapAlloc = NTDLL.RtlAllocHeap,@2
My build environment is masm32
* What did you put in the .asm file?
* How did you build the project?
I've been experimenting with exporting ordinals all afternoon and it kept refusing NONAME - why is it working now??!! :eek :eek :eek
I don't have prototypes for the ordinal functions in msgina.dll. Any suggestions?
Thanks for the link - reading now.
Best regards,
Astro.
:eek :eek
AARRRRRGGGGHHHHH!!!!!!! Why didn't that work earlier???!!!!!! :eek
Stub:
.386
.model flat,stdcall
.code
DllEntry proc hInstDLL:DWORD, reason:DWORD, reserved1:DWORD
mov eax,1h
ret 0Ch
DllEntry endp
CheckForDevice proc
CheckForDevice endp
end DllEntry
Exports:
LIBRARY CheckDevice
EXPORTS
CheckForDevice=CheckDevice2.CheckForDevice
EDIT: GAH! The combination I didn't try was the exports AND the empty function!!! :eek
Best regards,
Astro.
:cheekygreen:
Thanks for the help!! Got it working now. :8)
Best regards,
Astro.
Seems you can also re-direct using ordinals.
I created the "real" DLL using ordinals only (NONAME), then created the stub using the following:
LIBRARY CheckDevice
EXPORTS
CheckForDevice=CheckDevice2.#1
where #1 is the ordinal.
Best regards,
Astro.
I created the real GINA.dll stub using only exports, put it into a VM and it worked first time!! :dance:
Best regards,
Astro.