i'm trying to read a dword from a file:

invoke ReadFile,hMapFile,pMemory,4,ADDR Position,NULL
invoke MessageBox,hWnd,pMemory,pMemory,MB_OK

this should give me the first 4 bytes from the file to the messagebox, but it shows me the whole file and not only the first 4 bytes.

How can i read just 4 bytes ? :confused:
Posted on 2003-07-16 06:57:44 by Knighty


.data
fname db "C:\test.txt",0
buffer db 50 dup(0)
buffer2 db 20 dup(0)
hFile dd 0
numRead dd 0
pFormat db "first 4 bytes of a file: %s",0
done db "done",0
.code
start:
Invoke CreateFile,ADDR fname,GENERIC_READ,0,0,OPEN_EXISTING,0,0
.if EAX != INVALID_HANDLE_VALUE
MOV hFile,EAX
Invoke ReadFile,hFile,ADDR buffer,4,ADDR numRead,0
Invoke wsprintf,ADDR buffer2,ADDR pFormat,ADDR buffer
Invoke MessageBox,0,ADDR buffer2,ADDR fname,MB_OK
Invoke CloseHandle,hFile
.endif
Invoke MessageBox,0,ADDR done,ADDR done,MB_OK
invoke ExitProcess,0
end start
Posted on 2003-07-16 07:57:38 by Azrim
thanks
Posted on 2003-07-16 12:54:56 by Knighty
You should be aware that when you read a DWORD from a file it is actually an Intel DWORD and the byte order is reversed, you can use it directly in any DWORD function but if you want to use it byte by byte you have to reverse the byte order to BigEndian (Motorola) format using BSWAP.
Posted on 2003-07-16 13:40:40 by donkey
the example above works for me :)
now i'm trying to get this to work with Memory Mapped Files (Iczelion's Tut 13)
but it gives me always more then the 4 bytes


invoke CreateFile,ADDR buffer,\
GENERIC_READ ,\
0,\
NULL,OPEN_EXISTING,FILE_ATTRIBUTE_ARCHIVE,\
NULL
mov hFileRead,eax
invoke CreateFileMapping,hFileRead,NULL,PAGE_READONLY,0,0,NULL
mov hMapFile,eax
invoke MapViewOfFile,hMapFile,FILE_MAP_READ,0,0,0
mov pMemory,eax
mov eax, dword ptr [pMemory] ;this should copy the first dword from the file to eax
Invoke wsprintf,ADDR buffer2,ADDR pFormat,eax
Invoke MessageBox,0,ADDR buffer2,ADDR AppName,MB_OK ;but here it shows me the whole file

buffer has the filename in it
buffer2 db 20 dup(0)
pFormat db "first 4 bytes of a file: %s",0
Posted on 2003-07-16 17:40:14 by Knighty
You cannot have more than the 4 bytes in eax, that is not possible since the register is only 4 bytes wide. I don't undserstand what you're going for here. The file once mapped to memory is accessed like any other memory so you have only to mov data to and from it. when you are trying to dereference a memory address you should use a register i.e.

mov esi,pMemory
mov eax,
Posted on 2003-07-16 17:46:33 by donkey
BTW as far as I know %s is used to signify a string, it requires an offset not a value it will print the string starting at the address contained in eax. You should be using one that requires a value to be passed like %ud or copy the bytes to a buffer and zero terminate it then pass the offset of the buffer.
Posted on 2003-07-16 17:54:33 by donkey
ok thx donkey, thats clear now

just one last question: how can i copy the bytes to a buffer ?

i tried:


.data
buff db 3 dup (0)

.code
mov esi,pMemory
mov buff,[esi]


but thats wrong
Posted on 2003-07-16 20:39:37 by Knighty
Well here is easy easy:



.data
buff db 3 dup (0)

.code
mov esi,pMemory
mov edi,OFFSET buff
mov ecx,3
rep movsb
Posted on 2003-07-16 20:57:12 by RobotBob
You know that a DWORD is 4 bytes long right ? You must allocate that many bytes and move that many:

.data
buff db 5 dup (0)

.code
mov esi,pMemory
mov edi,OFFSET buff
mov ecx,4
rep movsb
mov ,BYTE PTR 0 : write the null terminator
Posted on 2003-07-16 21:29:18 by donkey
"You know that a DWORD is 4 bytes long right ? "
is that for me or Knighty? I just copied his example.

I don't believe this is needed:
mov ,BYTE PTR 0 : write the null terminator

since you:
buff db 5 dup (0)

last one is 0 anyway. Since he is only copying a dword.
Posted on 2003-07-16 22:55:05 by RobotBob
yeah thats it :) thank you guys for your effort
Posted on 2003-07-17 13:41:21 by Knighty

"You know that a DWORD is 4 bytes long right ? "
is that for me or Knighty? I just copied his example.

I don't believe this is needed:
mov ,BYTE PTR 0 : write the null terminator

since you:
buff db 5 dup (0)

last one is 0 anyway. Since he is only copying a dword.

No RobotBob, ofcourse that wasn't meant for you. I only put in the expressed write of the null terminator to demonstrate that it was important if the code was altered or expanded.
Posted on 2003-07-17 14:18:07 by donkey
Oh :grin:
Posted on 2003-07-17 19:27:46 by RobotBob