Hi guys i#am new in win32asm and iam trying to write my own hexeditor but i hav an problem.
i have an richedit and first i want to paste the pe file in ascii text there but without thi | (pipes or what ever :-))
so i have an streamin proc where i want to read the file and to replace the |.
Here is the source:
StreamInProc proc uses ebx ecx esi hFile:DWORD,pBuffer:DWORD, NumBytes:DWORD, pBytesRead:DWORD
pusha
invoke ReadFile, hFile, pBuffer, NumBytes, pBytesRead, 0
xor eax, eax
xor ebx, ebx
mov ebx, 0
mov esi, pBuffer
.while(ebx < pBytesRead)
;mov eax, <--------------- if i uncomment this source the programm crashes
;<------ just for testing here ----
; .if eax >= 02h
; mov eax, 0fh
; mov , eax
; .endif
;<-------------------------------------
inc ebx
.endw
popa
mov eax, 0
ret
StreamInProc endp
i had paste my streamin proc here and i dont understand why he crash when i uncommet the line i had marked!
Can anybody help me?
Thanks
i have an richedit and first i want to paste the pe file in ascii text there but without thi | (pipes or what ever :-))
so i have an streamin proc where i want to read the file and to replace the |.
Here is the source:
StreamInProc proc uses ebx ecx esi hFile:DWORD,pBuffer:DWORD, NumBytes:DWORD, pBytesRead:DWORD
pusha
invoke ReadFile, hFile, pBuffer, NumBytes, pBytesRead, 0
xor eax, eax
xor ebx, ebx
mov ebx, 0
mov esi, pBuffer
.while(ebx < pBytesRead)
;mov eax, <--------------- if i uncomment this source the programm crashes
;<------ just for testing here ----
; .if eax >= 02h
; mov eax, 0fh
; mov , eax
; .endif
;<-------------------------------------
inc ebx
.endw
popa
mov eax, 0
ret
StreamInProc endp
i had paste my streamin proc here and i dont understand why he crash when i uncommet the line i had marked!
Can anybody help me?
Thanks
Hi Tenshi
You are using eax (4 bytes) to move bytes. Replace eax with al and it should work.
This will not work:
Should be:
KetilO
You are using eax (4 bytes) to move bytes. Replace eax with al and it should work.
This will not work:
pusha
invoke ReadFile, hFile, pBuffer, NumBytes, pBytesRead, 0
.
.
popa
mov eax, 0
ret
Should be:
invoke ReadFile, hFile, pBuffer, NumBytes, pBytesRead, 0
pusha
.
.
popa
xor eax, 1
ret
KetilO
thanks ketilo,
but it crashes anyway....
i have changed my code to
now it crashes at the line:
mov al,
if i use :
move al,
it works
but it crashes anyway....
i have changed my code to
StreamInProc proc uses ebx ecx esi hFile:DWORD,pBuffer:DWORD, NumBytes:DWORD, pBytesRead:DWORD
invoke ReadFile, hFile, pBuffer, NumBytes, pBytesRead, 0
pusha
xor eax, eax
xor ebx, ebx
mov ebx, 0
mov esi, pBuffer
.while(ebx < pBytesRead)
mov al, [esi+ebx]
inc ebx
.endw
popa
xor eax, 1
ret
StreamInProc endp
now it crashes at the line:
mov al,
if i use :
move al,
it works
Because you should not modify the value in ebx. StreamInProc is a callback function. Windows expect values in esp, ebp, esi, edi and ebx to remain the same after it calls the callback function.
THANKS !! :-)
it works!
mhhh but it wasnt ebx value
i have just changed the while loop into
.while(ebx < numbytes)
and it works......confusing :-/
here is the new code and it works fine thnk you very much ketilo !!
it works!
mhhh but it wasnt ebx value
i have just changed the while loop into
.while(ebx < numbytes)
and it works......confusing :-/
here is the new code and it works fine thnk you very much ketilo !!
StreamInProc proc uses ebx esi hFile:DWORD,pBuffer:DWORD, NumBytes:DWORD, pBytesRead:DWORD
invoke ReadFile, hFile, pBuffer, NumBytes, pBytesRead, 0
pusha
xor eax, eax
mov ebx, 0
mov esi, pBuffer
.while(ebx < NumBytes)
mov al, [esi+ebx]
mov al, 0h ;just for testing
mov[esi+ebx], al ;just for testing
inc ebx
.endw
popa
xor eax, 1
ret
StreamInProc endp
Hi Tenshi
Yes, pBytesRead is a pointer. I should have seen that.
Yes, pBytesRead is a pointer. I should have seen that.
StreamInProc proc uses ebx esi hFile:DWORD,pBuffer:DWORD, NumBytes:DWORD, pBytesRead:DWORD
invoke ReadFile, hFile, pBuffer, NumBytes, pBytesRead, 0
pushad
xor ebx,ebx
mov esi, pBuffer
mov ecx,pBytesRead
mov ecx,[ecx];Get number of bytes read
.while(ebx < ecx)
mov al, [esi+ebx]
mov al, 0h ;just for testing
mov [esi+ebx], al ;just for testing
inc ebx
.endw
popad
xor eax, 1
ret
StreamInProc endp
Actually it was an oversight on my part. I missed out the pusha and popa that he added in his code. I am glad that the problem is finallly solved.
I deleted my post, I made the same mistake :) it was not related to this thread. Sorry for being negligent. :stupid:
Have a look at http://www.catch22.org.uk/ and the hexedit stuff... I can't remember if he wrote his own control or used a richedit, but there's good source and good articles about writing a hexeditor. And trust me, you generally do NOT want to use the sucky richedit control...
... And trust me, you generally do NOT want to use the sucky richedit control...
I out right refuse to use the RichEdit control... Its just too generalized to be functionally practical.
Regards,
:NaN:
Well, it's okay if you just want to display some text or write a very simple text editor ala wordpad... but once you need to do other stuff, like syntax coloring, it's moronic.