The MASM Forum Archive 2004 to 2012

Having probs understanding GlobalAlloc.

Here is my entire program:



00401000 >/$ 6A 64          PUSH 64                                  ; /MemSize = 64 (100.)
00401002  |. 6A 00          PUSH 0                                   ; |Flags = GMEM_FIXED
00401004  |. E8 13000000    CALL <JMP.&kernel32.GlobalAlloc>         ; \GlobalAlloc
00401009  |. 6A 00          PUSH 0                                   ; /ExitCode = 0
0040100B  \. E8 06000000    CALL <JMP.&kernel32.ExitProcess>         ; \ExitProcess
00401010   .-FF25 0C204000  JMP DWORD PTR DS:[<&user32.wsprintfA>]   ;  user32.wsprintfA
00401016   .-FF25 04204000  JMP DWORD PTR DS:[<&kernel32.ExitProcess>;  KERNEL32.ExitProcess
0040101C   $-FF25 00204000  JMP DWORD PTR DS:[<&kernel32.GlobalAlloc>;  KERNEL32.GlobalAlloc



Supposedly EAX should return a "pointer" to my new memory address for my variable.

Here is how my registers look like when I break on 00401004:



EAX 00132DA0
ECX 0012FFE0
EDX 00130608
EBX 7FFDF000
ESP 0012FFC4
EBP 0012FFF0
ESI 00000000
EDI 00000000
EIP 00401009 glob.00401009



so, is EAX 00132DA0 my memory address for my new variable?

You better break on 00401009 instead and yes since GMEM_MOVEABLE isn't specified eax will contains the allocated block of memory (or 0 if it can't be allocated).

Yes I think so. What is wrong with it?

Quote from: hitchhikr on April 02, 2005, 04:24:25 AM
You better break on 00401009 instead and yes since GMEM_MOVEABLE isn't specified eax will contains the allocated block of memory (or 0 if it can't be allocated).

Didn't he do that? eip = 00401009

Hi,
  Use GPTR as the flag. it is GMEM_FIXED+GMEM_ZEROINIT. Then you get direct pointer to mem. If you use GMEM_MOVEABLE or GHND(GMEM_MOVEABLE+GMEM_ZEROINIT), you have to use GlobalLock first with the handle to get the pointer.

Thomas

Giovanni,

It depends on how you call GlobalAlloc(), if its with the FIXED flag, you get the direct pointer to the memory returned but if you use other styles, you get a handle and you need to use GlobalLock() to get the pointer.

It looks like you're using OllyDbg... break AFTER the GlobalAlloc call (00401009) and read EAX. If EAX is say 00132A98, that is where 100 bytes of memory is reserved. If GPTR is used, (00132A98 - 00132AFC) should be all zeroes. Don't forget to use GlobalFree afterwards to free that memory!

damn i have not been freeing the memory. is that causing some problems with my system? I have run the small prog a dozen times.

Also, as far as my problem I did figure out that this works:



MOV DWORD PTR [eax], 10    ; Move 10 to my new memory address



Thing is... how do I find out the SIZE of the data I just moved to the new address, so I know where to store the NEXT piece of data?

A dword is 4 bytes so basically the next slot will be 132DA4, there's a description of the differents sizes you can use in masm32.hlp.