Hi

This is the code I have problem with.
invoke FindRap,lpTemp


FindRap proc FilePointer:dword
LOCAL lpFileAttr:dword
.
.
.
invoke FindFirstFile,addr lpRapFile,addr lpFileAttr
.if eax==INVALID_HANDLE_VALUE
mov eax,FALSE
.else
invoke FindClose,eax
lea eax,lpFileAttr
assume eax:ptr WIN32_FIND_DATA
invoke MessageBox,0,addr [eax].cFileName,0,MB_OK
mov eax,TRUE
.endif
ret
FindRap endp

When I call FindRap process the return address is stored on the stack at esp=6bed78h. Executing the FindRap process is correct. The messagebox shows the correct file name. However, when returning from the FindRap process the returnaddress at esp=6bed78h is changed. It is the call to FindFirstFile function that overwrites the returnaddress. How do I solve this problem?

Regards
Posted on 2003-04-06 11:05:46 by minor28

Hi

This is the code I have problem with.
invoke FindRap,lpTemp


FindRap proc FilePointer:dword
LOCAL lpFileAttr:dword
.
.
.
invoke FindFirstFile,addr lpRapFile,addr lpFileAttr
.if eax==INVALID_HANDLE_VALUE
mov eax,FALSE
.else
invoke FindClose,eax
lea eax,lpFileAttr
assume eax:ptr WIN32_FIND_DATA
invoke MessageBox,0,addr [eax].cFileName,0,MB_OK
mov eax,TRUE
.endif
ret
FindRap endp

When I call FindRap process the return address is stored on the stack at esp=6bed78h. Executing the FindRap process is correct. The messagebox shows the correct file name. However, when returning from the FindRap process the returnaddress at esp=6bed78h is changed. It is the call to FindFirstFile function that overwrites the returnaddress. How do I solve this problem?

Regards



I'm just a newbie so dont take my advices to serious :tongue:

u can mov ,esp and after calling mov esp,
Posted on 2003-04-06 11:35:32 by AceEmbler
Remove the "addr", at least if lpFileAddr contains a pointer. I assume this because it's DWORD size. If you want to store the returned data in lpFileAttr, you need to make it "local lpFileAttr:LPWIN32_FIND_DATA"



invoke FindFirstFile,addr lpRapFile,lpFileAttr
Posted on 2003-04-06 12:28:12 by Qweerdy
The purpose of the messagebox is to confirm the correctness of the code in the FindRap process. The code is correct apart from the return address from the process.

It is the FindFirstFile that overwrites the return address. It is vanished as you can see below.
invoke FindRap,lpTemp

;Here is return address [color=green]011819E9h[/color]
.if eax==TRUE

FindRap proc FilePointer:dword
LOCAL lpFileAttr:dword
;Here at address 011819E9h [color=red]ESP=006BED78h[/color]
;point to returnaddress [color=green]011819E9h[/color]
push ebp
mov ebp,esp
add esp,0FFFFFFFCh
.
.
.
lea eax,lpFileAttr
;Here at address 0118173Dh ESP=006BED70h and
;[color=red]006BED78h[/color]=[color=green]011819E9h[/color]
push eax
push lpRapFile
;Here befor call at address 01181743h ESP=006BED68h and
;[color=red]006BED78h[/color]=[color=blue]011819E9h[/color]
call FindFirstFile
;Here after call at address 01181748h ESP=006BED70h and
;[color=red]006BED78h[/color]=[color=blue]01C2CD2Eh[/color]
.if eax==INVALID_HANDLE_VALUE
mov eax,FALSE
.else
invoke FindClose,eax
lea eax,lpFileAttr
assume eax:ptr WIN32_FIND_DATA
invoke MessageBox,0,addr [eax].cFileName,0,MB_OK
mov eax,TRUE
.endif
leave
;Here at address 01181772h (ret) [color=red]ESP=006BED78h[/color] and
;[color=red]006BED78h[/color]=[color=blue]01C2CD2Eh[/color]
ret 4
FindRap endp

01C2CD2E ??? ;Here wrong return address


Any id?a how to solve this?

Regards
Posted on 2003-04-06 13:54:22 by minor28
Try to substitute:

LOCAL lpFileAttr:dword

with

LOCAL lpFileAttr [80]:dword

and clear eax usage after invoke MessageBox
with assume eax:nothing

Regards,
Lingo
Posted on 2003-04-06 17:20:35 by lingo12
Yes lingo12,

You were right. It is obvious when one know. Of cource you have to reserve enough local space for the WIN32_FIND_DATA structure. I had only reserved one dword.

Thanks for your help.

Regards
Posted on 2003-04-07 10:49:25 by minor28
That's exactly what I said :confused:

Oh well, as long as you get it now...
Posted on 2003-04-07 11:45:32 by Qweerdy
minor, use
LOCAL finddata:WIN32_FIND_DATA
--- and dont call it lpFileAttr. It's more than just file attributes :)
Posted on 2003-04-07 12:26:20 by f0dder
Hi f0dder,

It's done now.

Regards
Posted on 2003-04-07 16:55:58 by minor28