I'm trying to block the back space key until certain section of a relatively large file are brought into full edit capacity with EM_REPLACESEL. Her is my futile attempt at just blocking the key by replacing wParam but I guess I can't replace wParam:

EditWndProc PROC hEdit:DWORD,uMsg:DWORD,wParam:DWORD,lParam:DWORD

.if uMsg==WM_KEYDOWN
mov eax,wParam
push eax
invoke SetFocus,hwndEdit
pop eax
cmp eax,08h
jnz others
;mov regXXX,eax
;call DisplayregXXX
mov eax,41h
mov wParam,eax


Thanks
Posted on 2004-02-12 12:13:17 by mrgone
You might think about subclassing the edit control and waiting for the WM_CHAR:

PwdProc FRAME hwnd,uMsg,wParam,lParam

LOCAL junk :D

cmp D[uMsg],WM_CHAR
jne >.EXIT
invoke GetWindowLong,[hwnd],GWL_USERDATA
or eax,eax
jz >.EXIT
mov D[junk],0
invoke SetWindowText,[hwnd],OFFSET junk
invoke SetWindowLong,[hwnd],GWL_USERDATA,FALSE
.EXIT

invoke CallWindowProc, [PWProc], [hwnd], [uMsg], [wParam], [lParam]
RET
ENDF


This subclass checks the GWL_USERDATA to see if it is TRUE and if it is it will erase the edit control on any key press. To block a key just ret without calling the old window proc. I use this one when the user types in the password edit box and it already contains an encrypted password but the concept is the same.
Posted on 2004-02-12 12:45:18 by donkey
It's already subclassed and if I just "ret" I can't check other keys I need to process. Besides doesn't the character uMsg get passed back to OldWndProc anyway? I want to check a parameter for a true condx before I allow the backspace to work.
Posted on 2004-02-12 12:56:09 by mrgone
Hi mrgone,

The idea is to only just ret under certain circumstances. You can check the key to see if it is a backspace key and if it is then check the flag or whatever. If the flag is set then ret.

PwdProc FRAME hwnd,uMsg,wParam,lParam

LOCAL junk :D

cmp D[uMsg],WM_CHAR
jne >.EXIT
cmp D[wParam],VK_DELETE
jne >.EXIT
cmp D[MyFlag],TRUE
jne >.EXIT
xor eax,eax
ret
.EXIT

invoke CallWindowProc, [PWProc], [hwnd], [uMsg], [wParam], [lParam]
RET
ENDF
Posted on 2004-02-12 13:20:21 by donkey
I'll give it a wirl. I didn't understand those VK_ codes. Iczelion used one too in Tut 20 but I can't decipher that HLA stuff. Thanks again Donkey:alright:
Posted on 2004-02-12 13:31:34 by mrgone
doesn't block backspace key.
Posted on 2004-02-13 19:04:06 by mrgone
VK_BACK instead of VK_DELETE then, why not try experimenting?
and the VK_ stuff isnt HLA, they're simply equates, study the windows.inc

VK_BACK = 08h for example
Posted on 2004-02-13 23:48:47 by evlncrn8
It looks like I can block characters ok just not the "backspace". You see that one is crucial because if the file is larger than EM_SETLIMIT which is max 32K if you backspace the graphic window will remove the byte and shift the characters succeeding the back spaced charcter to the previous addresses in the file. What I am doing is moving a chunk of the file to the front of the file with EM_REPLACESEL and then I want to allow backspace but not before I do this.
So I'm still at the very start. How do I block the backspace from performing this function. It appears that the back space is passes from the subclassed window to the OldProcess msg parameter which is the main window and it will associate the backspace key with this function. Apparently lparam and wParam are just copies of a parameter that Windows uses. I tried sending "WM_UNDO" but I think it waits for program to cycle around and back through control block which is too late because the damage has already been done.
Posted on 2004-02-14 01:03:26 by mrgone
Hi mrgone,

If you cannot get the key through WM_CHAR then it is not translated, just use WM_KEYDOWN instead.

cmp D[uMsg],WM_KEYDOWN

cmp W[wParam]==VK_BACK
jne >.EXIT
cmp D[MyFlag],TRUE
jne >.EXIT
xor eax,eax
ret
Posted on 2004-02-14 01:21:28 by donkey
Are you saying just return? I tried that and it doen't work. It still shifts my characters back in the graphic. Let me package this thing up and post it and if you will Donkey see if you can figure this out.
Posted on 2004-02-14 01:36:48 by mrgone
You'll see the code right under dotted line toward end of file. I'm using MASM. If I can knock this out than I only have a fews days more work on the driver to make this into a full memory editor. Appreciate the help.
Posted on 2004-02-14 01:48:57 by mrgone
Hi mrgone,

The app just GPF's on my system, I am a bit busy and can't really take the time to figure out why right now. I somehow lost all the copies of the source for HTTPUpdate so I am rewritting it tonight, no big hassle but a pain in the A** anyway. At least I have all of the problems worked out and I should be able to make it even more stable than it was originally. Luckily Update Manager was backed up so that is intact, it's several thousand lines, HTTPUpdate was only about 700 lines of code.
Posted on 2004-02-14 01:58:29 by donkey
I'll take a look at your program. By the way what is GPF dare I ask?

Just looked at it. Wow! That's nice work man :alright:
Posted on 2004-02-14 02:05:10 by mrgone
Thanks !

General Protection fault Probably writing to or reading from memory you are not allowed to, some pointer set to 0 or something like that.
Posted on 2004-02-14 02:13:35 by donkey
Some times it will if you open really large files with it but that's not it's use anway. It's just the user interface to a driver that reads and will soon write memory in W2K and XP. I just used it to look in your file. Look familiar Edgar?

0000AFA0 30 2E 20 56 65 72 73 69-6F 6E 00 31 2E 20 44 61 0. Version.1. Da
0000AFB0 74 65 00 32 2E 20 49 66-20 65 78 69 73 74 00 33 te.2. If exist.3
0000AFC0 2E 20 49 66 20 6E 6F 74-20 65 78 69 73 74 00 34 . If not exist.4
0000AFD0 2E 20 41 6C 77 61 79 73-00 35 2E 20 4D 65 72 67 . Always.5. Merg
0000AFE0 65 20 74 6F 20 72 65 67-00 00 53 65 6C 65 63 74 e to reg..Select
0000AFF0 00 53 61 76 65 00 4F 70-65 6E 00 42 75 69 6C 64 .Save.Open.Build
0000B000 00 41 62 6F 75 74 00 43-6C 65 61 72 00 4F 70 74 .About.Clear.Opt
0000B010 69 6F 6E 73 00 46 74 70-00 00 55 70 64 61 74 65 ions.Ftp..Update
0000B020 20 70 72 6F 6A 65 63 74-20 66 69 6C 65 73 20 28 project files (
0000B030 2A 2E 75 64 70 29 00 2A-2E 75 64 70 00 00 55 44 *.udp).*.udp..UD
0000B040 50 00 53 61 76 65 20 75-70 64 61 74 65 20 70 72 P.Save update pr
0000B050 6F 6A 65 63 74 20 66 69-6C 65 00 4C 6F 61 64 20 oject file.Load
0000B060 70 72 6F 6A 65 63 74 20-66 69 6C 65 00 75 70 64 project file.upd
0000B070 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
0000B080 2E 7A 6C 62 00 00 00 00-00 00 00 00 00 00 00 00 .zlb............
0000B090 00 00 00 00 55 70 64 61-74 65 20 73 63 72 69 70 ....Update scrip
0000B0A0 74 20 28 2A 2E 75 64 73-29 00 2A 2E 75 64 73 00 t (*.uds).*.uds.
0000B0B0 00 55 44 53 00 53 61 76-65 20 75 70 64 61 74 65 .UDS.Save update
0000B0C0 20 73 63 72 69 70 74 00-64 6F 6E 6B 65 79 40 76 script.donkey@v
0000B0D0 69 73 75 61 6C 61 73 73-65 6D 62 6C 65 72 2E 63 isualassembler.c
0000B0E0 6F 6D 00 68 74 74 70 3A-2F 2F 64 6F 6E 6B 65 79 om.http://donkey
0000B0F0 2E 76 69 73 75 61 6C 61-73 73 65 6D 62 6C 65 72 .visualassembler
0000B100 2E 63 6F 6D 00 54 68 65-72 65 20 69 73 20 75 6E .com.There is un
0000B110 73 61 76 65 64 20 64 61-74 61 0D 0A 57 6F 75 6C saved data..Woul
0000B120 64 20 79 6F 75 20 6C 69-6B 65 20 74 6F 20 73 61 d you like to sa
0000B130 76 65 20 69 74 20 3F 00-43 6F 70 79 72 69 67 68 ve it ?.Copyrigh
0000B140 74 20 A9 20 32 30 30 34-20 45 64 67 61 72 20 48 t . 2004 Edgar H
0000B150 61 6E 73 65 6E 20 28 44-6F 6E 6B 65 79 29 0D 0A ansen (Donkey)..
0000B160 0D 0A 54 68 69 73 20 70-72 6F 67 72 61 6D 20 69 ..This program i
0000B170 73 20 66 72 65 65 20 66-6F 72 20 61 6E 79 20 75 s free for any u
0000B180 73 65 20 61 73 20 6C 6F-6E 67 20 61 73 20 74 68 se as long as th
0000B190 65 20 6F 72 69 67 69 6E-20 6F 66 20 74 68 65 20 e origin of the
0000B1A0 70 72 6F 67 72 61 6D 20-69 73 20 6E 6F 74 20 6D program is not m
0000B1B0 69 73 72 65 70 72 65 73-65 6E 74 65 64 2E 20 49 isrepresented. I
0000B1C0 74 20 63 61 6E 20 62 65-20 64 69 73 74 72 69 62 t can be distrib
0000B1D0 75 74 65 64 20 77 69 74-68 20 61 6E 79 20 70 61 uted with any pa
0000B1E0 63 6B 61 67 65 20 69 6E-63 6C 75 64 69 6E 67 20 ckage including
0000B1F0 63 6F 6D 6D 65 72 63 69-61 6C 20 73 6F 66 74 77 commercial softw
0000B200 61 72 65 20 77 69 74 68-6F 75 74 20 72 65 71 75 are without requ
0000B210 69 72 69 6E 67 20 70 65-72 6D 69 73 73 69 6F 6E iring permission
0000B220 20 0D 0A 0D 0A 54 68 69-73 20 70 72 6F 67 72 61 ....This progra
0000B230 6D 20 69 73 20 64 69 73-74 72 69 62 75 74 65 64 m is distributed
0000B240 20 61 73 20 66 72 65 65-77 61 72 65 20 61 6E 64 as freeware and
0000B250 20 20 57 49 54 48 4F 55-54 20 41 4E 59 20 57 41 WITHOUT ANY WA
0000B260 52 52 41 4E 54 59 20 69-6E 63 6C 75 64 69 6E 67 RRANTY including
0000B270 20 74 68 65 20 69 6D 70-6C 69 65 64 20 77 61 72 the implied war
0000B280 72 61 6E 74 79 20 6F 66-20 4D 45 52 43 48 41 4E ranty of MERCHAN
0000B290 54 41 42 49 4C 49 54 59-20 6F 72 20 46 49 54 4E TABILITY or FITN
0000B2A0 45 53 53 20 46 4F 52 20-41 20 50 41 52 54 49 43 ESS FOR A PARTIC
0000B2B0 55 4C 41 52 20 50 55 52-50 4F 53 45 0D 0A 0D 0A ULAR PURPOSE....
0000B2C0 5A 4C 69 62 20 43 6F 6D-70 72 65 73 73 69 6F 6E ZLib Compression
0000B2D0 20 4C 69 62 72 61 72 79-20 31 2E 31 2E 34 0D 0A Library 1.1.4..
0000B2E0 43 6F 70 79 72 69 67 68-74 20 A9 20 31 39 39 35 Copyright . 1995
0000B2F0 2D 32 30 30 32 20 4A 65-61 6E 2D 6C 6F 75 70 20 -2002 Jean-loup
0000B300 47 61 69 6C 6C 79 20 61-6E 64 20 4D 61 72 6B 20 Gailly and Mark
0000B310 41 64 6C 65 72 0D 0A 50-65 72 6D 69 73 73 69 6F Adler..Permissio
0000B320 6E 20 69 73 20 67 72 61-6E 74 65 64 20 74 6F 20 n is granted to
0000B330 61 6E 79 6F 6E 65 20 74-6F 20 75 73 65 20 74 68 anyone to use th
0000B340 69 73 20 73 6F 66 74 77-61 72 65 20 66 6F 72 20 is software for
0000B350 61 6E 79 20 70 75 72 70-6F 73 65 2C 20 69 6E 63 any purpose, inc
0000B360 6C 75 64 69 6E 67 20 63-6F 6D 6D 65 72 63 69 61 luding commercia
0000B370 6C 20 61 70 70 6C 69 63-61 74 69 6F 6E 73 2C 20 l applications,
0000B380 61 6E 64 20 74 6F 20 61-6C 74 65 72 20 69 74 20 and to alter it
0000B390 61 6E 64 20 72 65 64 69-73 74 72 69 62 75 74 65 and redistribute
0000B3A0 20 69 74 20 66 72 65 65-6C 79 2C 20 73 75 62 6A it freely, subj
0000B3B0 65 63 74 20 74 6F 20 74-68 65 20 66 6F 6C 6C 6F ect to the follo
0000B3C0 77 69 6E 67 20 72 65 73-74 72 69 63 74 69 6F 6E wing restriction
0000B3D0 73 3A 0D 0A 0D 0A 31 2E-20 54 68 65 20 6F 72 69 s:....1. The ori
0000B3E0 67 69 6E 20 6F 66 20 74-68 69 73 20 73 6F 66 74 gin of this soft
0000B3F0 77 61 72 65 20 6D 75 73-74 20 6E 6F 74 20 62 65 ware must not be
0000B400 20 6D 69 73 72 65 70 72-65 73 65 6E 74 65 64 20 misrepresented
0000B410 79 6F 75 20 6D 75 73 74-20 6E 6F 74 20 63 6C 61 you must not cla
0000B420 69 6D 20 74 68 61 74 20-79 6F 75 20 77 72 6F 74 im that you wrot
0000B430 65 20 74 68 65 20 6F 72-69 67 69 6E 61 6C 20 73 e the original s
0000B440 6F 66 74 77 61 72 65 2E-20 49 66 20 79 6F 75 20 oftware. If you
0000B450 75 73 65 20 74 68 69 73-20 73 6F 66 74 77 61 72 use this softwar
0000B460 65 20 69 6E 20 61 20 70-72 6F 64 75 63 74 2C 20 e in a product,
0000B470 61 6E 20 61 63 6B 6E 6F-77 6C 65 64 67 6D 65 6E an acknowledgmen
0000B480 74 20 69 6E 20 74 68 65-20 70 72 6F 64 75 63 74 t in the product
0000B490 20 64 6F 63 75 6D 65 6E-74 61 74 69 6F 6E 20 77 documentation w
0000B4A0 6F 75 6C 64 20 62 65 20-61 70 70 72 65 63 69 61 ould be apprecia
0000B4B0 74 65 64 20 62 75 74 20-69 73 20 6E 6F 74 20 72 ted but is not r
0000B4C0 65 71 75 69 72 65 64 2E-0D 0A 0D 0A 32 2E 20 41 equired.....2. A
0000B4D0 6C 74 65 72 65 64 20 73-6F 75 72 63 65 20 76 65 ltered source ve
0000B4E0 72 73 69 6F 6E 73 20 6D-75 73 74 20 62 65 20 70 rsions must be p
0000B4F0 6C 61 69 6E 6C 79 20 6D-61 72 6B 65 64 20 61 73 lainly marked as
0000B500 20 73 75 63 68 2C 20 61-6E 64 20 6D 75 73 74 20 such, and must
0000B510 6E 6F 74 20 62 65 20 6D-69 73 72 65 70 72 65 73 not be misrepres
0000B520 65 6E 74 65 64 20 61 73-20 62 65 69 6E 67 20 74 ented as being t
0000B530 68 65 20 6F 72 69 67 69-6E 61 6C 20 73 6F 66 74 he original soft
0000B540 77 61 72 65 2E 0D 0A 0D-0A 33 2E 20 54 68 69 73 ware.....3. This
0000B550 20 6E 6F 74 69 63 65 20-6D 61 79 20 6E 6F 74 20 notice may not
0000B560 62 65 20 72 65 6D 6F 76-65 64 20 6F 72 20 61 6C be removed or al
0000B570 74 65 72 65 64 20 66 72-6F 6D 20 61 6E 79 20 73 tered from any s
0000B580 6F 75 72 63 65 20 64 69-73 74 72 69 62 75 74 69 ource distributi
0000B590 6F 6E 2E 0D 0A 0D 0A 54-72 65 65 56 69 65 77 44 on.....TreeViewD
0000B5A0 69 72 20 43 6F 70 79 72-69 67 68 74 20 A9 20 32 ir Copyright . 2
0000B5B0 30 30 33 20 4B 65 74 69-6C 20 4F 6C 73 65 6E 0D 003 Ketil Olsen.
0000B5C0 0A 52 65 6C 65 61 73 65-64 20 74 6F 20 74 68 65 .Released to the
0000B5D0 20 70 75 62 6C 69 63 20-64 6F 6D 61 69 6E 0D 0A public domain..
0000B5E0 0D 0A 41 6C 73 6F 20 73-70 65 63 69 61 6C 20 74 ..Also special t
0000B5F0 68 61 6E 6B 73 20 74 6F-20 4D 69 63 68 61 65 6C hanks to Michael
0000B600 57 20 61 6E 64 20 65 76-65 72 79 6F 6E 65 20 61 W and everyone a
0000B610 74 20 6D 61 73 6D 33 32-66 6F 72 75 6D 2E 63 6F t masm32forum.co
0000B620 6D 00 53 65 6C 65 63 74-20 61 20 66 6F 6C 64 65 m.Select a folde
0000B630 72 00 41 6C 6C 20 70 61-74 68 73 20 77 69 6C 6C r.All paths will
0000B640 20 62 65 20 72 65 6C 61-74 69 76 65 20 74 6F 20 be relative to
0000B650 74 68 65 20 74 6F 70 20-72 6F 6F 74 20 69 6E 20 the top root in
0000B660 74 68 65 20 74 72 65 65-76 69 65 77 00 46 69 6C the treeview.Fil
0000B670 65 20 4E 61 6D 65 00 56-65 72 73 69 6F 6E 00 53 e Name.Version.S
0000B680 69 7A 65 00 4D 6F 64 69-66 69 65 64 00 55 70 64 ize.Modified.Upd
0000B690 61 74 65 20 4B 65 79 00-00 00 00 00 00 00 00 00 ate Key.........
Posted on 2004-02-14 02:35:40 by mrgone
I had tried to open a 962 byte text file...

0040169F   E8 10090000      CALL <JMP.&kernel32.MapViewOfFile>

004016A4 A3 DC424000 MOV DWORD PTR DS:[4042DC],EAX
004016A9 E8 BE080000 CALL <JMP.&kernel32.GetCurrentProcessId>
004016AE A3 C3324000 MOV DWORD PTR DS:[4032C3],EAX
004016B3 8B35 DC424000 MOV ESI,DWORD PTR DS:[4042DC]
004016B9 8986 F8810000 MOV DWORD PTR DS:[ESI+81F8],EAX <<<[b]ERROR WAS HERE[/b]
004016BF 8B35 DC424000 MOV ESI,DWORD PTR DS:[4042DC]
004016C5 8B06 MOV EAX,DWORD PTR DS:[ESI]
004016C7 A3 EA314000 MOV DWORD PTR DS:[4031EA],EAX
004016CC A1 57324000 MOV EAX,DWORD PTR DS:[403257]
004016D1 A3 EA314000 MOV DWORD PTR DS:[4031EA],EAX
004016D6 A1 57324000 MOV EAX,DWORD PTR DS:[403257]
004016DB 3D EB376033 CMP EAX,336037EB
004016E0 74 53 JE SHORT MEMVEIW2.00401735
004016E2 FF35 4B324000 PUSH DWORD PTR DS:[40324B]
004016E8 6A 40 PUSH 40
004016EA E8 95080000 CALL <JMP.&kernel32.GlobalAlloc>
004016EF A3 4F324000 MOV DWORD PTR DS:[40324F],EAX
004016F4 50 PUSH EAX
004016F5 E8 96080000 CALL <JMP.&kernel32.GlobalLock>

Access violation when writing to [012781F8]
Posted on 2004-02-14 03:38:01 by donkey
yes it crashes here too opening your memview.asm file

it crashes on this line
mov dword ptr ,eax wher esi is your pMemory

its the return from map view of file
If the function succeeds, the return value is the starting address of the mapped view.

004016B9 . 8986 F8810000 MOV DWORD PTR DS:,EAX

so review what you are trying to do with this piece of code and upload non crashing source
mov esi,pMemory
mov dword ptr ,eax
mov esi,pMemory
mov eax,dword ptr
mov regXXX,eax
;call DisplayregXXX
mov eax,Signature
mov regXXX,eax
;call DisplayregXXX


well since the map has 6ff0 i tried to put 6fe0 in place of 81f8
this access violation goes of but
it access violates here now
0040170B . B9 00800000 MOV ECX,8000
00401710 . 06 PUSH ES
00401711 . 1E PUSH DS
00401712 . 07 POP ES ; Modification of segment register
00401713 . FC CLD
00401714 . F3:A4 REP MOVS BYTE PTR ES:,BYTE PTR DS:[>

from where you set those 8000 81f8 etc when you are playing with a handle returned from mapview of file
Posted on 2004-02-14 04:17:44 by bluffer
My question if the variable at DS:[4042DC] holds the base address for the mapped file, why is he moving EAX into DS:[4042DC]+81F8.

He does essentially this:

mov esi,
mov ,eax


I am having trouble understanding why, obviously it will generate a write error on files under 81F8 (~33K) in size and will corrupt those that are larger.


Yup I checked it, it is corrupting the files that it opens by overwritting parts of the file, you really gotta fix that one mrgone, you can verify this by looking at offset 81f8 in both the original and one you have opened with the software
Posted on 2004-02-14 08:51:06 by donkey
since this was crashing when i am opening a small file i thought ill open a big file and see if i could help but it still crashes

only difference is the venue has changed

it crashes here now when i open that file and press

tts

00401DE8 . F3:A4 REP MOVS BYTE PTR ES:, BYTE PTR DS:

your corresponding source
shiftup:
invoke SendMessage,hwndEdit,WM_GETTEXT,MEMSIZE-1,lock2
call Update
push eax
push edi
push esi
mov eax,pMemory
mov esi,eax
add eax,08000h
mov edi,eax
mov ecx,1900h
push es
push ds
pop es
cld
rep movsb
mov eax,pMemory
mov edi,eax
add eax,0a000h
mov esi,eax
mov ecx,1900h
cld
rep movsb



it jumps here from

mov esi,pMemory
add esi,081D0h
cmp byte ptr ,45h ; from Editmem
jnz shiftup

there are lot of issues it seems
Posted on 2004-02-14 12:31:00 by bluffer
I'm sorry it was sleepy time over here.

You see the file is designed to operate with the inclosed file "Share". There is parameter passing going on is the upper section of that file between the driver and code in the user mode. So it has flags and not intended as a general purpose hex dumper. You'll see it back here soon when I complete the driver.

The question I have is there are a few key commands:

Shift "E" brings the first > 1000h bytes to the fronbt of file for edit operation then "s" puts it back.
The "=" brings above 8000h to front of file for editing and "s" to bring it back.

Those are some of the commands. I reallize it's rather sloppy and nothing like Donkey's APPs. It's just something to support the driver.

I don't want any editing in the file until these key commands are activated. For instance when you first open the file. The problem is I cannot block the backspace function and it can corrupt the file if file is not re-loaded emmediately after. I may have to use a message box to prompt the user to reload if they do this by accident. You can see where it is subclassed underneath dashed line near end of file and It is the very first instructions under dashed line where I try to defeat the backspace but nothing seems to work.
Posted on 2004-02-14 14:03:38 by mrgone