so i have this simple code to create dialogbox and the question is ....
whats the value for hWnd,wParam,lParam under windows xp 64 bit ?

after i call DialogBoxParamA windows return control to my previously defined dialog box procedure with some arguments located SOMWHERE on the stack like uMsg wParam hWnd and so on their location changed from win32 to win64 so now im not sure where are they located if anyone could clearm me out here would be greate thanks ;)

xor rcx,rcx
call GetModuleHandleA
mov ,eax  
push 0
mov r9,MainDialogBoxProcedure
mov r8,0
mov rdx,1
mov rcx,rax
call DialogBoxParamA
ExitProgram:
mov rcx,0
call ExitProcess
MainDialogBoxProcedure:
push rbp
mov rbp,rsp
mov rax, ;wParam
cmp rax,2 ;WM_DESTROY
jz MainDialogExit
cmp rax,10h ;WM_CLOSE
jz MainDialogExit
cmp rax,110h ;WM_INITDIALOG
jz MainDialogBoxInitDialog
cmp rax,111 ;WM_COMMAND
jz MainDialogBoxCheckUserAction
xor rax,rax
leave
ret

Posted on 2009-08-28 06:30:12 by pxor
Google FTW ;) Especially the article about parameter passing is interesting :)
Posted on 2009-08-28 14:27:32 by ti_mo_n
Hi thanks for reply
rcx = hWnd
edx = wMsg
r8 = wParam + lParam

thats what i need :)
Posted on 2009-08-28 19:01:13 by pxor
According to:
func1(int a, int b, int c, int d, int e); 
// a in RCX, b in RDX, c in R8, d in R9, e pushed on stack

I'd say
rcx = hwnd
rdx = wmsg
r8 = wparam
r9 = lparam
Posted on 2009-08-29 04:53:44 by ti_mo_n
actually  R8D  contain both wParam + lParam high dword of R8 is unused and thats weird ;-)

Posted on 2009-08-29 11:30:35 by pxor