I created this function to check how many computers active on a WLAN, the function is works but it make my software cannot be terminated, anyone know why?
fInet struct
sock dword 0
lpszurl dword 0
fInet ends
.code
fConnectToUrl proc uses esi edi lps:dword,hWnd:dword,lpszHostName:dword,nPort:dword
LOCAL a:sockaddr_in
LOCAL wsadata:WSADATA
invoke WSAStartup,202h,addr wsadata
.if eax!=0
xor eax,eax
dec eax
ret
.endif
assume esi:ptr fInet
mov esi,lps
invoke socket,AF_INET,SOCK_STREAM,0 ; Create a stream socket for internet use
.if eax!=INVALID_SOCKET
mov [esi].sock,eax
invoke WSAAsyncSelect,[esi].sock,hWnd,WM_FSOCKET,FD_CONNECT+FD_READ+FD_CLOSE+FD_WRITE+FD_ACCEPT
.else
invoke MessageBox,hWnd,CADD("Internet connection initialization error"),CADD("Unknown cause"),MB_OK
.endif
push lpszHostName
pop [esi].lpszurl
mov a.sin_family, AF_INET
invoke htons, nPort
mov a.sin_port,ax
invoke gethostbyname, lpszHostName
.if eax==0
invoke PERR
ret
.endif
mov eax,[eax+12]
mov eax,[eax] ; copy the pointer to the actual IP address into eax
mov eax,[eax] ; copy IP address into eax
mov a.sin_addr,eax
invoke connect,[esi].sock,addr a,sizeof a
.if eax==SOCKET_ERROR
invoke WSAGetLastError
;invoke PERR
.endif
assume esi:nothing
ret
fConnectToUrl endp
GetLocalAddress proc uses esi edi ebx lptzAddr:dword
LOCAL fakeBuffer:DWORD
LOCAL lnBuffer:DWORD
LOCAL tempBuffer[128]:BYTE
LOCAL tempItem:LV_ITEM
LOCAL sci:dword
LOCAL wsadata:WSADATA
; Get TCP table in fake buffer of 1 byte. This will cause a
; buffer overflow error, the lnBuffer var will be filled with
; the required amount of memory.
invoke WSAStartup,202h,addr wsadata
.if eax!=0
xor eax,eax
dec eax
ret
.endif
invoke gethostbyname,0
.if eax==0
invoke PERR
ret
.endif
mov eax,[eax+12]
mov eax,[eax]
mov ecx,[eax]
invoke inet_ntoa,ecx
push eax
invoke memfill, lptzAddr,16,0
pop eax
invoke lstrcat,lptzAddr,eax
ret
GetLocalAddress endp
ScanComputer proc uses esi edi hWnd:dword,uMsg:dword,wParam:dword,lParam:dword
LOCAL buff[256]:dword
LOCAL buff2[8]:dword
LOCAL adcnt,off_data:dword
local a:fInet
invoke GetLocalAddress,addr local_addr
invoke mAlloc,(16*256)+4
mov add_table,eax
xor ecx,ecx
loop_check:
push ecx
mov adcnt,ecx
invoke memfill,addr buff,1024,0
invoke lstrcat,addr buff,CADD("192.168.1.")
invoke dw2a,adcnt,addr buff2
invoke lstrcat,addr buff,addr buff2
invoke fConnectToUrl,addr a,hWnd,addr buff,139
invoke Sleep,100
invoke send,a.sock,CADD("Test"),4,0
.if eax!=SOCKET_ERROR
xor edx,edx
mov ecx,add_table
mov eax,[ecx]
mov ecx,16
mul ecx
add eax,4
add eax,add_table
mov ecx,eax
invoke MemCopy,addr buff,ecx,16
mov ecx,add_table
inc dword ptr[ecx]
.endif
invoke closesocket,a.sock
pop ecx
inc ecx
cmp ecx,25
jl loop_check
mov ecx,add_table
add ecx,4
invoke MessageBox,0,ecx,0,0
ret
ScanComputer endp
how to use
invoke ScanComputer,hWnd,0,0,0
toss in a invoke GetErrDescription,0 (is from masm32lib) throughout your code to see if it's being reached, as that's the only way I can see exitprocess not working.
Messagebox on the end of the computerscan function is called so I guess nothing wrong on the scancomputer function, the mistake is somewhere.
are you using invoke ExitProcess,0 to exit? maybe toss the getdescrip call after that.
Hey Onan,
It has very long pauses (about 15 seconds) in the main loop.... I thought this was the crash.... is it not?
I havent tested the code but I can tell you memcopy moves the length into ecx, so it maybe overriding your string, try another register
Quote from: oex on July 22, 2010, 03:42:31 AM
Hey Onan,
It has very long pauses (about 15 seconds) in the main loop.... I thought this was the crash.... is it not?
It was not that long in here, it took about 2 second.
Quote from: E^cube on July 22, 2010, 03:32:26 AM
are you using invoke ExitProcess,0 to exit? maybe toss the getdescrip call after that.
Yeah I used that on the WM_DESTROY, I cant found the getdescrip function.
OK I reduced the checks to 2 from 25 and the application quit ok.... I'm not confident yet that I'm sending the right params I have set:
.data
local_addr dd 0
add_table dd 0
in my test atm
.... It sounds like maybe you have a stray register somewhere and it is infinate looping.... What is the CPU % when it doesnt quit?
invoke MemCopy,addr buff,ecx,16 <---check this, when you call MemCopy it moves 16 into ecx, so it overrrides it
Quote from: E^cube on July 22, 2010, 03:59:50 AM
invoke MemCopy,addr buff,ecx,16 <---check this, when you call MemCopy it moves 16 into ecx, so it overrrides it
I dont believe this matters because ecx isnt used after the function call:
mov ecx, add_table
rather than
mov add_table, ecx
it does matter because what hes passing in ecx isn't being used at all in the function, it's being overridden.
Quote from: E^cube on July 22, 2010, 04:06:37 AM
it does matter because what hes passing in ecx isn't being used at all in the function, it's being overridden.
Where exactly?
MemCopy proc public uses esi edi Source:PTR BYTE,Dest:PTR BYTE,ln:DWORD
cld
mov esi, [Source]
mov edi, [Dest]
mov ecx, [ln]
I do however see a possible issue here:
mov ecx, add_table
mov eax, [ecx]
Quote from: oex on July 22, 2010, 04:11:45 AM
Quote from: E^cube on July 22, 2010, 04:06:37 AM
it does matter because what hes passing in ecx isn't being used at all in the function, it's being overridden.
Where exactly?
MemCopy proc public uses esi edi Source:PTR BYTE,Dest:PTR BYTE,ln:DWORD
cld
mov esi, [Source]
mov edi, [Dest]
mov ecx, [ln] <--- 16 is moved here
invoke MemCopy,addr buff,ecx,16 <----hes passing the destination in ecx
Quote from: E^cube on July 22, 2010, 04:14:34 AM
Quote from: oex on July 22, 2010, 04:11:45 AM
Quote from: E^cube on July 22, 2010, 04:06:37 AM
it does matter because what hes passing in ecx isn't being used at all in the function, it's being overridden.
Where exactly?
MemCopy proc public uses esi edi Source:PTR BYTE,Dest:PTR BYTE,ln:DWORD
cld
mov esi, [Source]
mov edi, [Dest]
mov ecx, [ln] <--- 16 is moved here
invoke MemCopy,addr buff,ecx,16 <----hes passing the destination in ecx
I'm sorry I'm still not seeing it.... ecx is moved to edi before it is destroyed by ln.... it is not used again after that except to be written to.... Do you mean the ecx before MemCopy?
oh woops, haha you're right, sorry it's late here.
:lol np late here also it could just as easily been me
It seems to me the error is somewhere around here:
mov ecx, add_table
mov eax, adcnt; [ecx]
mov ecx, 16
mul ecx
; add eax, 4
but I am still checking what's going onwith this code
what i know about winsock, you could scratch on the back of a matchbook cover - and still have room to do your taxes
but - it looks like you might be using "invoke closesocket,a.sock", even if the socket wasn't opened ? (as in the case of error)
oh - and
mov ecx, add_table
mov eax, [ecx]
mov ecx, 16
mul ecx
could be
mov eax, add_table
mov eax, [eax]
shl eax,4
ecx and edx don't get trashed
Quote from: dedndave on July 22, 2010, 04:33:38 AM
what i know about winsock, you could scratch on the back of a matchbook cover - and still have room to do your taxes
but - it looks like you might be using "invoke closesocket,a.sock", even if the socket wasn't opened ? (as in the case of error)
*I think* this can be resolved:
invoke closesocket,a.sock
.endif
Although further error checking is needed in/after fConnectToUrl.... I'm not sure what PERR does
yah - that's kind of what i was thinking, i thought you needed an "else", first
Quote from: dedndave on July 22, 2010, 04:38:30 AM
yah - that's kind of what i was thinking, i thought you needed an "else", first
No it's opening multiple sockets in a loop.... it wants to close each socket if !Socketerror.... If there is a socket error it's probably that no socket was created in fConnectToUrl
Also a likely cause of not quiting is no WSACleanup function call:
"An application must call the WSACleanup function for every successful time the WSAStartup function is called"
http://msdn.microsoft.com/en-us/library/ms742213(v=VS.85).aspx
I reduced the search to 3 and it quit ok too, I dont know where is my mistake.
PERR is for the error message
PERR PROC uses ebx edi esi ;, _API : DWORD
LOCAL szMsgBuf[500]:BYTE
INVOKE GetLastError
mov ebx, eax
INVOKE FormatMessage, \
FORMAT_MESSAGE_FROM_SYSTEM,\
NULL, \
ebx, \ ;Message Id
LANG_NEUTRAL + SUBLANG_DEFAULT*1024, \ ;Message language
ADDR szMsgBuf, \ ;Buffer to store message
500, \ ;Buffer size
NULL ;No more arguments
INVOKE MessageBox, NULL, ADDR szMsgBuf, NULL, MB_OK
;INVOKE ExitProcess, -1
ret
PERR ENDP
I'm currently rewriting the code.... I'll get it sorted asap, just it's quite late so I'm slow :lol There are a couple of issues (as above) I've found, WSACleanup, the sockets issue Dave identified and the mov eax, [ecx] bit
oh it seems connect wait too long for an inactive IP, anyone know how to set the time out limit?
I done it, I used multiple thread which had 100ms delay each creation so it not accessing the same address at the same time.
I can check how many computers active on a WLAN server, I wonder if I could know their position by calculating the message sent back to me :green