Home » Forums » MAIN » PE File

PE File
i am a beginner in the PE( portable executable format,winxp). I have a doubt.suppose we are declaring a global variable in a dll and to access that variable we need to have an address
mov eax,
but this address depends , in which position of virtual address space the dll get loaded..
so how they are managing this situtaion?
Posted on 2011-07-04 23:39:30 by harikrishnanm
Re: PE File
you would use GetProcAddress to get the address (assuming its exported) from the dll... where the windows pe loader would use the reloc's to obtain the right address for you..

other (unsafe) approaches would be to use LoadLibrary to load the dll (if it is loaded already use GetModuleHandle) to get the base address, and then add on the displacement to calculate the real address at runtime
Posted on 2011-07-05 02:00:08 by evlncrn8
Re: PE File
Assuming you created the DLL, why not just add a function to return the variable's address?

bits 32

section .data

	someVar	DD 1234

section .text

global getVar
global DllMain

getVar:
	mov eax, someVar
	ret

DllMain:
	mov eax, 1
	ret 12


bits 32

	extern getVar
	extern wsprintfA
	extern MessageBoxA
	extern ExitProcess
	global Start

section .data

	strCaption:	DB "DLL Example.", 13, 10, 0
	strFormat:	DB "%d", 13, 10, 0
	strBuffer: 	TIMES 512 DB 0

section .text

Start:
	call getVar
	push dword 
	push dword strFormat
	push dword strBuffer
	call wsprintfA
	add esp, 12


	push dword 0 ; MK_OK
	push dword strCaption
	push dword strBuffer
	push dword 0 ; HWND(NULL)
	call MessageBoxA

	push dword 0
	call ExitProcess



nasm -f win32 baka.asm
nasm -f win32 dlltest.asm
golink /dll /export:getVar /entry:DllMain baka.obj
golink /entry:Start dlltest.obj kernel32.dll user32.dll baka.dll
Posted on 2011-07-06 01:36:04 by Synfire