Active computer on a WLAN

Farabi · July 22, 2010, 03:06:25 AM

I created this function to check how many computers active on a WLAN, the function is works but it make my software cannot be terminated, anyone know why?

Code Select


fInet struct
	sock dword 0
	lpszurl dword 0
fInet ends

.code
fConnectToUrl proc uses esi edi lps:dword,hWnd:dword,lpszHostName:dword,nPort:dword
	LOCAL a:sockaddr_in	
	LOCAL wsadata:WSADATA
	
	invoke WSAStartup,202h,addr wsadata
	.if eax!=0
		xor eax,eax
		dec eax
		ret
	.endif
	
	assume esi:ptr fInet
	mov esi,lps
	invoke socket,AF_INET,SOCK_STREAM,0     ; Create a stream socket for internet use 
	.if eax!=INVALID_SOCKET
		
	    mov [esi].sock,eax
		invoke WSAAsyncSelect,[esi].sock,hWnd,WM_FSOCKET,FD_CONNECT+FD_READ+FD_CLOSE+FD_WRITE+FD_ACCEPT
	.else
		invoke MessageBox,hWnd,CADD("Internet connection initialization error"),CADD("Unknown cause"),MB_OK
	.endif
	
	push lpszHostName
	pop [esi].lpszurl
	
	mov a.sin_family, AF_INET 
	invoke htons, nPort
	mov a.sin_port,ax
	invoke gethostbyname, lpszHostName
	.if eax==0
		invoke PERR
		ret
	.endif
	mov eax,[eax+12]
	
	mov eax,[eax]                      ; copy the pointer to the actual IP address into eax 
	mov eax,[eax]                      ; copy IP address into eax 
	mov a.sin_addr,eax 
	
	invoke connect,[esi].sock,addr a,sizeof a 
	.if eax==SOCKET_ERROR
		invoke WSAGetLastError  
		;invoke PERR
	.endif
	
	
	
	assume esi:nothing
	
	ret
fConnectToUrl endp

GetLocalAddress proc uses esi edi ebx lptzAddr:dword
	LOCAL	fakeBuffer:DWORD
	LOCAL	lnBuffer:DWORD
	LOCAL	tempBuffer[128]:BYTE
	LOCAL	tempItem:LV_ITEM
	LOCAL sci:dword	
	LOCAL wsadata:WSADATA
	
	; Get TCP table in fake buffer of 1 byte. This will cause a 
	; buffer overflow error, the lnBuffer var will be filled with
	; the required amount of memory.
	invoke WSAStartup,202h,addr wsadata
	.if eax!=0
		xor eax,eax
		dec eax
		ret
	.endif
	invoke gethostbyname,0
	.if eax==0
		invoke PERR
		ret
	.endif
	mov eax,[eax+12]
	mov eax,[eax]
	mov ecx,[eax] 
	invoke inet_ntoa,ecx
	push eax
	invoke memfill, lptzAddr,16,0
	pop eax
	invoke lstrcat,lptzAddr,eax
	
	ret
GetLocalAddress endp


ScanComputer proc uses esi edi hWnd:dword,uMsg:dword,wParam:dword,lParam:dword
	LOCAL buff[256]:dword
	LOCAL buff2[8]:dword
	LOCAL adcnt,off_data:dword
	local a:fInet 
	
	invoke GetLocalAddress,addr local_addr
	invoke mAlloc,(16*256)+4
	mov add_table,eax

	xor ecx,ecx
	loop_check:
	push ecx
		mov adcnt,ecx
		invoke memfill,addr buff,1024,0
		invoke lstrcat,addr buff,CADD("192.168.1.")
		invoke dw2a,adcnt,addr buff2
		invoke lstrcat,addr buff,addr buff2
		invoke fConnectToUrl,addr a,hWnd,addr buff,139
		invoke Sleep,100
		invoke send,a.sock,CADD("Test"),4,0
		.if eax!=SOCKET_ERROR
			xor edx,edx
			mov ecx,add_table
			mov eax,[ecx]
			mov ecx,16
			mul ecx
			add eax,4
			
			add eax,add_table
			mov ecx,eax
			invoke MemCopy,addr buff,ecx,16
			mov ecx,add_table
			inc dword ptr[ecx]
		.endif
		invoke closesocket,a.sock
	pop ecx
	inc ecx
	cmp ecx,25
	jl loop_check
	
	
	mov ecx,add_table
	add ecx,4
	invoke MessageBox,0,ecx,0,0
	
	ret
ScanComputer endp

how to use

Code Select


invoke ScanComputer,hWnd,0,0,0

ecube · July 22, 2010, 03:18:57 AM

toss in a invoke GetErrDescription,0 (is from masm32lib) throughout your code to see if it's being reached, as that's the only way I can see exitprocess not working.

Farabi · July 22, 2010, 03:24:12 AM

Messagebox on the end of the computerscan function is called so I guess nothing wrong on the scancomputer function, the mistake is somewhere.

ecube · July 22, 2010, 03:32:26 AM

are you using invoke ExitProcess,0 to exit? maybe toss the getdescrip call after that.

oex · July 22, 2010, 03:42:31 AM

Hey Onan,

It has very long pauses (about 15 seconds) in the main loop.... I thought this was the crash.... is it not?

ecube · July 22, 2010, 03:45:38 AM

I havent tested the code but I can tell you memcopy moves the length into ecx, so it maybe overriding your string, try another register

Farabi · July 22, 2010, 03:52:29 AM

Quote from: oex on July 22, 2010, 03:42:31 AM
Hey Onan,

It has very long pauses (about 15 seconds) in the main loop.... I thought this was the crash.... is it not?

It was not that long in here, it took about 2 second.

Farabi · July 22, 2010, 03:53:26 AM

Quote from: E^cube on July 22, 2010, 03:32:26 AM
are you using invoke ExitProcess,0 to exit? maybe toss the getdescrip call after that.

Yeah I used that on the WM_DESTROY, I cant found the getdescrip function.

oex · July 22, 2010, 03:55:33 AM

OK I reduced the checks to 2 from 25 and the application quit ok.... I'm not confident yet that I'm sending the right params I have set:

.data

local_addr dd 0
add_table dd 0

in my test atm

.... It sounds like maybe you have a stray register somewhere and it is infinate looping.... What is the CPU % when it doesnt quit?

ecube · July 22, 2010, 03:59:50 AM

Code Select


invoke MemCopy,addr buff,ecx,16  <---check this, when you call MemCopy it moves 16 into ecx, so it overrrides it

oex · July 22, 2010, 04:02:39 AM

Quote from: E^cube on July 22, 2010, 03:59:50 AM
Code Select Expand
invoke MemCopy,addr buff,ecx,16 <---check this, when you call MemCopy it moves 16 into ecx, so it overrrides it

I dont believe this matters because ecx isnt used after the function call:
mov ecx, add_table
rather than
mov add_table, ecx

ecube · July 22, 2010, 04:06:37 AM

it does matter because what hes passing in ecx isn't being used at all in the function, it's being overridden.

oex · July 22, 2010, 04:11:45 AM

Quote from: E^cube on July 22, 2010, 04:06:37 AM
it does matter because what hes passing in ecx isn't being used at all in the function, it's being overridden.

Where exactly?

MemCopy proc public uses esi edi Source:PTR BYTE,Dest:PTR BYTE,ln:DWORD
cld
mov esi, [Source]
mov edi, [Dest]
mov ecx, [ln]

I do however see a possible issue here:

mov ecx, add_table
mov eax, [ecx]

ecube · July 22, 2010, 04:14:34 AM

Quote from: oex on July 22, 2010, 04:11:45 AM
Quote from: E^cube on July 22, 2010, 04:06:37 AM
it does matter because what hes passing in ecx isn't being used at all in the function, it's being overridden.

Where exactly?

MemCopy proc public uses esi edi Source:PTR BYTE,Dest:PTR BYTE,ln:DWORD
cld
mov esi, [Source]
mov edi, [Dest]
mov ecx, [ln] <--- 16 is moved here

invoke MemCopy,addr buff,ecx,16 <----hes passing the destination in ecx

oex · July 22, 2010, 04:15:52 AM

Quote from: E^cube on July 22, 2010, 04:14:34 AM
Quote from: oex on July 22, 2010, 04:11:45 AM
Quote from: E^cube on July 22, 2010, 04:06:37 AM
it does matter because what hes passing in ecx isn't being used at all in the function, it's being overridden.

Where exactly?

MemCopy proc public uses esi edi Source:PTR BYTE,Dest:PTR BYTE,ln:DWORD
cld
mov esi, [Source]
mov edi, [Dest]
mov ecx, [ln] <--- 16 is moved here

invoke MemCopy,addr buff,ecx,16 <----hes passing the destination in ecx

I'm sorry I'm still not seeing it.... ecx is moved to edi before it is destroyed by ln.... it is not used again after that except to be written to.... Do you mean the ecx before MemCopy?

News:

Active computer on a WLAN

ecube

ecube

ecube

ecube

ecube

ecube