Stubs

[Astro]

Hi,

I'm stuck. I've got this so far:

My C++ DLL:

Code Select Expand

#include <windows.h>

bool CheckForDevice()
{
HANDLE hDevice;
memset(&hDevice,0,sizeof(hDevice));

hDevice = CreateFile("\\\\.\\USB#...(REMOVED)...", 0, 1, NULL, OPEN_EXISTING, 0, NULL);

if(hDevice == INVALID_HANDLE_VALUE)
{
CloseHandle(hDevice);

/*HANDLE ProcessToken;
TOKEN_PRIVILEGES pTokenStruct;

OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &ProcessToken);
LookupPrivilegeValue(NULL, SE_SHUTDOWN_NAME, &pTokenStruct.Privileges[0].Luid);
pTokenStruct.PrivilegeCount = 1;
pTokenStruct.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(ProcessToken, FALSE, &pTokenStruct, 0, (PTOKEN_PRIVILEGES) NULL, 0); */

//InitiateSystemShutdown(NULL, NULL, 0, TRUE, FALSE);
//CloseHandle(ProcessToken);
return false;
}
else
{
CloseHandle(hDevice);
return true;
}
}

My assembler stub DLL (snippet):

Code Select Expand

.code
DLL db "CheckDevice2.dll",0

IsDevice proc
LOCAL handle dd ?
LOCAL func db "CheckForDevice",0

; call LoadLibrary and get handle to module
push DLL
call LoadLibrary
mov handle,eax

; get the address of the procedure in the module
push func
push handle
call GetProcAddress

; stuck here.

IsDevice endp

How do I actually call the procedure in my real DLL?

I haven't tried to build this code yet, so not sure if my LOCALs will work either.

Best regards,
Astro.

[Astro]

D'oh!!  :cheekygreen:

Code Select Expand

call eax

?

Best regards,
Astro.

[Astro]

IT works. Here is the completed code.

CheckForDevice in CheckDevice2.dll returns a boolean and takes no arguments.

Code Select Expand

.386
.model flat,stdcall
option casemap:none

include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib

.data?
handle dd ?

.code
DLL db "CheckDevice2.dll",0
func1 db "CheckForDevice",0

DllEntry proc hInstDLL:DWORD, reason:DWORD, reserved1:DWORD
cmp reason,1h ;DLL_PROCESS_ATTACH
jnz DLL_DETACH

push offset DLL
call LoadLibrary

test eax,eax ; If NULL, DLL did not load!
jz NH ; test should be non-zero, ZF==0

mov handle,eax

mov eax,1h
ret 0Ch
       
DLL_DETACH:
push handle
call FreeLibrary
ret 0Ch
NH:
mov eax,0h
ret 0Ch
DllEntry Endp

CheckForDevice proc
push offset func1
push handle
call GetProcAddress
call eax
ret
CheckForDevice endp

End DllEntry

QED.

Not bad for starting x86 assembly programming 9 days ago.  :8) :U

Best regards,
Astro.

[Slugsnack]

glad you got it working but you should not do heavy work in the entry point of a dll.. including loading a library

http://msdn.microsoft.com/en-us/library/ms682583(VS.85).aspx

The entry-point function should perform only simple initialization or termination tasks. It must not call the LoadLibrary or LoadLibraryEx function (or a function that calls these functions), because this may create dependency loops in the DLL load order. This can result in a DLL being used before the system has executed its initialization code. Similarly, the entry-point function must not call the FreeLibrary function (or a function that calls FreeLibrary) during process termination, because this can result in a DLL being used after the system has executed its termination code.

same with dll detach. that is the value when the dll is detaching, you can let the system do it. it is ALREADY the result of freelibrary or some variant of it, there is no need to call it again

[Astro]

Hmm.

How would it be done then? In every procedure?

Best regards,
Astro.

[Slugsnack]

well.. i'm not QUITE sure what you're doing. am i correct in saying that you have a dll checkdevice2.dll which has in it a function checkdevice which you want to make available for calling if the dll is mapped into a process' memory space ? if yes, then there is no need to call loadlibrary again. the entry point is accessed as a result of a loadlibrary/ex call with that dll's name as the parameter

just return true from your dllmain

the same is true with your freelibrary call. it is a result of a freelibrary call already.. it's like some thread has called freelibrary or a variant of it like freelibraryandexitthread and the system is telling your dll SOMEONE WANTS TO FREE THIS DLL ANYTHING YOU WANT TO DO BEFORE WE PROCEED ?! and you're like.. YEAH IF YOU COULD FREE THIS DLL IT'D BE GREAT !

[Astro]

Hi,

Yes, I have a DLL called "CheckDevice2.dll".

Best regards,
Astro.