Library Problem

[Astro]

I'm missing something obvious I'm sure.

Library code:

Code Select Expand

.386
.model flat,stdcall

.code

CheckForDevice proc
CheckForDevice endp

end

Code Select Expand

LIBRARY CheckDevice2
EXPORTS
CheckForDevice,@1



Stub DLL Code:

Code Select Expand

.386
.model flat,stdcall

include CheckDevice2.lib

.code

DllEntry proc hInstDLL:DWORD, reason:DWORD, reserved1:DWORD
        mov  eax,1h
        ret
DllEntry Endp

end DllEntry

Code Select Expand

LIBRARY CheckDevice
EXPORTS
CheckForDevice=CheckDevice2.CheckForDevice,@1


Error:

Code Select Expand

Building...
Microsoft (R) Macro Assembler Version 6.14.8444
Copyright (C) Microsoft Corp 1981-1997.  All rights reserved.

Assembling: checkdevice.asm
CheckDevice2.lib(1) : error A2008: syntax error : !
CheckDevice2.lib(2) : error A2044: invalid character in file
CheckDevice2.lib(3) : error A2044: invalid character in file
CheckDevice2.lib(4) : error A2044: invalid character in file
...
CheckDevice2.lib(100) : error A2044: invalid character in file
CheckDevice2.lib(101) : fatal error A1012: error count exceeds 100; stopping assembly
Microsoft (R) Incremental Linker Version 5.12.8078
Copyright (C) Microsoft Corp 1992-1998. All rights reserved.

LINK : fatal error LNK1181: cannot open input file "checkdevice.obj"

Best regards,
Astro.

[jj2007]

Try includelib

[Astro]

EDIT: Weird - that actually made no difference.  :eek

includelib doesn't change anything. Something happened to the LIB.

I hadn't noticed I wrote 'include' instead of 'includelib' though - thanks! I also removed it which didn't affect the error, but now it is working and I have no idea why.

Best regards,
Astro.

[Astro]

I'm attempting to do this, but it fails with a memory access violation.

http://www.milw0rm.com/papers/105

Code Select Expand

See the end of this message for details on invoking
just-in-time (JIT) debugging instead of this dialog box.

************** Exception Text **************
System.AccessViolationException: Attempted to read or write protected memory.

...so it appears the DLL is loading, but then an error is occuring, I presume when it calls the function.

Anyone done anything like this and got it working?

EXE -> This stub DLL -> redirect via the export -> Real DLL

It would appear that it should be possible to forward functions this way.

Best regards,
Astro.

[Astro]

According to OllyDbg:

* ERROR_INVALID_WINDOW_HANDLE (00000578)
* The memory is not readable

Best regards,
Astro.

[Astro]

I re-wrote the original DLL - same problem.  :(

Best regards,
Astro.

[ToutEnMasm]

I see two bad things

DllEntry proc hInstance:HINSTANCE, reason:DWORD, reserved1:DWORD
   .if reason==DLL_PROCESS_ATTACH
      invoke DisableThreadLibraryCalls,hInstance
      invoke MessageBox,NULL,addr LoadMsg,addr AppName,MB_OK
   .elseif reason==DLL_PROCESS_DETACH
      invoke MessageBox,NULL,addr UnloadMsg,addr AppName,MB_OK
   .elseif reason==DLL_THREAD_ATTACH
      invoke MessageBox,NULL,addr ThreadCreated,addr AppName,MB_OK
   .else        ; DLL_THREAD_DETACH
      invoke MessageBox,NULL,addr ThreadDestroyed,addr AppName,MB_OK
   .endif
   mov  eax,TRUE
   ret
DllEntry Endp

;-----------------------
proc here
End DllEntry

LIBRARY CheckDevice
EXPORTS
CheckForDevice ;only proc here with PRIVATE

[Astro]

CheckForDevice ;only proc here with PRIVATE

...so forwarding exports are not supported, even though it builds OK?

I'm attempting to set up a forwarding export. Please see my other thread.

Best regards,
Astro.

[ToutEnMasm]

What did you call a "forwarding export" ?

[Astro]

Code Select Expand

LIBRARY CheckDevice
EXPORTS
CheckForDevice=CheckDevice2.CheckForDevice,@1

The line:

Code Select Expand

CheckForDevice=CheckDevice2.CheckForDevice,@1
Is a forwarding export.

What it does (should do) is cause the system to load the library referenced before the '.' then call the function after the '.' contained in the library referenced in the export, instead of looking for it in *this* library.

Kernel32.dll re-directs some functions to NTDLL.dll without issues, so I'm wondering why my redirect isn't working.

Can we continue this in the other thread please? I started another thread to keep the two issues separate.

The original problem in this thread is FIXED.

Best regards,
Astro.

[ToutEnMasm]

Explain is here with bad syntax
http://msdn.microsoft.com/en-us/magazine/cc301808.aspx

[Astro]

Export Forwarding
      A particularly slick feature of exports is the ability to "forward" an export to another DLL. For example, in Windows NT®, Windows® 2000, and Windows XP, the KERNEL32 HeapAlloc function is forwarded to the RtlAllocHeap function exported by NTDLL. Forwarding is performed at link time by a special syntax in the EXPORTS section of the .DEF file. Using HeapAlloc as an example, KERNEL32's DEF file would contain:

   EXPORTS
   •••
   HeapAlloc = NTDLL.RtlAllocHeap

      How can you tell if a function is forwarded rather than exported normally? It's somewhat tricky. Normally, the EAT contains the RVA of the exported symbol. However, if the function's RVA is inside the exports section (as given by the VirtualAddress and Size fields in the DataDirectory), the symbol is forwarded.
      When a symbol is forwarded, its RVA obviously can't be a code or data address in the current module. Instead, the RVA points to an ASCII string of the DLL and symbol name to which it is forwarded. In the prior example, it would be NTDLL.RtlAllocHeap.

:U

This is what I'm trying to use, but it doesn't work, although the output of dumpbin is correct.

Best regards,
Astro.

[ToutEnMasm]

I try with success this two

CheckForDevice=CheckDevice2.CheckForDevice,@1
HeapAlloc = NTDLL.RtlAllocHeap,@2

My build environment is masm32

[ToutEnMasm]

Here is what say dumpbin about that

    ordinal hint RVA      name

          1    0          CheckForDevice (forwarded to CheckDevice2.CheckForDevice,@1)
          2    1          HeapAlloc (forwarded to NTDLL.RtlAllocHeap,@2)
          3    2 0000100A TestHello = @ILT+5(_TestHello@4)

[Vortex]

Hi Astro,

This might help you :

Creating a DLL with forwarded functions