Translate C function pointer to assem
Function pointer to HeapCreate (C code)--------------------------------------------------
131: (void*)Getfp = &HeapCreate;
0040134D mov eax,dword ptr
00401350 mov ecx,dword ptr [__imp__HeapCreate@12 (0042a1b0)]
00401356 mov dword ptr ,ecx
Getfp = 77e8800c
Dumpbin:
800c HeapCreate <-export
MASM:-------------------------------------------------------------------------------------
ModHandle db "kernel32", 0
heapcreate db "HeapCreate", 0 <name of function I want address for in kernel32.dll
K32handle DWORD ?
invoke GetModuleHandle, ADDR ModHandle
after return eax = 77e80000 <DLL entry?
mov K32handle, eax
invoke GetProcAddress, K32handle, ADDR heapcreate
eax is always error code
These do not work either:-----------------------------------------------------------------
1:
mov eax, HeapCreate
mov faddr, eax
2:
lea eax, HeapCreate
mov faddr, eax
3:
mov eax, dword ptr HeapCreate
mov faddr, eax
4:
lea eax, dword ptr HeapCreate
mov faddr, eax
They give me the address into the jumptable, but the jumptable pointer never resolves to 77e8800c
It only resolves correctly to 77e8800c if I use invoke, or call HeapCreate. The above 4 will
give me the exact same jump table address as invoke but resolve to a different address. I will be
to explaine what I'm trying to do, it's not trying to avoid the jump table. Having faddr = 77e8800c
will probably be the simplest. So what I think I need is the proper way to use this in MASM:
00401350 mov ecx,dword ptr [__imp__HeapCreate@12 (0042a1b0)]
MSDN does not seem to have any info on __imP__, but I'll say it probably means implicit.
Thanks.
Function pointer to HeapCreate (C code)--------------------------------------------------
131: (void*)Getfp = &HeapCreate;
0040134D mov eax,dword ptr
00401350 mov ecx,dword ptr [__imp__HeapCreate@12 (0042a1b0)]
00401356 mov dword ptr ,ecx
Getfp = 77e8800c
Dumpbin:
800c HeapCreate <-export
MASM:-------------------------------------------------------------------------------------
ModHandle db "kernel32", 0
heapcreate db "HeapCreate", 0 <name of function I want address for in kernel32.dll
K32handle DWORD ?
invoke GetModuleHandle, ADDR ModHandle
after return eax = 77e80000 <DLL entry?
mov K32handle, eax
invoke GetProcAddress, K32handle, ADDR heapcreate
eax is always error code
These do not work either:-----------------------------------------------------------------
1:
mov eax, HeapCreate
mov faddr, eax
2:
lea eax, HeapCreate
mov faddr, eax
3:
mov eax, dword ptr HeapCreate
mov faddr, eax
4:
lea eax, dword ptr HeapCreate
mov faddr, eax
They give me the address into the jumptable, but the jumptable pointer never resolves to 77e8800c
It only resolves correctly to 77e8800c if I use invoke, or call HeapCreate. The above 4 will
give me the exact same jump table address as invoke but resolve to a different address. I will be
to explaine what I'm trying to do, it's not trying to avoid the jump table. Having faddr = 77e8800c
will probably be the simplest. So what I think I need is the proper way to use this in MASM:
00401350 mov ecx,dword ptr [__imp__HeapCreate@12 (0042a1b0)]
MSDN does not seem to have any info on __imP__, but I'll say it probably means implicit.
Thanks.
Try
mov eax, procname - 1
inc eax
Let me know if you find a better way.
mov eax, procname - 1
inc eax
Let me know if you find a better way.
Never seen this line before?
Mirno
mov wc.lpfnWndProc, OffSet MainProc
Mirno
When importing functions from a DLL with implicit linking, standard
import libraries use "__imp__functionname" to name the dword in
the Import Table that holds the address of the import. Thus,
Will terminate your program.
When you do
you get to the following code:
If you want to store a pointer to HeapAlloc in "funcptr", there's
(basically) two ways to do it in asm:
or
import libraries use "__imp__functionname" to name the dword in
the Import Table that holds the address of the import. Thus,
push 0
call dword ptr [__imp__ExitProcess]
Will terminate your program.
When you do
call ExitProcess
you get to the following code:
ExitProcess: jmp dword ptr [__imp__ExitProcess]
If you want to store a pointer to HeapAlloc in "funcptr", there's
(basically) two ways to do it in asm:
mov [funcptr], offset HeapAlloc
or
mov eax, [__imp__HeapAlloc]
mov [funcptr], eax
Try
mov eax, procname - 1
inc eax
Let me know if you find a better way.
I prototyped what I want to do in C++ first. For some reason I needed to subtract 1 from one of the addresses. I didn't make the connection moving to assembly. I looked at my code and said"Why would I want to subtract 1 from an address". I'll try at home, and maybe then I'll know. Thanks.
Fodder, thanks for your explanation about "__imp__(proc)". I have the above way, but I'll try yours first. It looks cleaner.
You need to subtract one from the addresses? WEIRD! :).
Oh by the way, __imp is for import, not implicit :).
Oh by the way, __imp is for import, not implicit :).
I am using this "method" for functionpointers to my own procs in example when registering window classes.
I know it first seems to be a bit stupid that modifing and later correcting the address gives you the correct address - not the entry in the jumptable. I never tried it with pointers to imported functions. However, F0dders way looks much better ;).
I know it first seems to be a bit stupid that modifing and later correcting the address gives you the correct address - not the entry in the jumptable. I never tried it with pointers to imported functions. However, F0dders way looks much better ;).
Fodder, I tried your way:
mov eax, [__imp__HeapAlloc]
mov , eax
But when compiling, __imp__HeapCreate, is flagged as an undefined symbol.
I tried adding it to kernel32.inc(I'm using the latest MASM package)
Then the error changes to:
__imp__HeapCreate@12 is an undifined symbol.
Changing it in the include file to __imp__heapcreate@12 give the same error.
So where is __imp__HeapCreate defined? How to include/use? Was this not included in the MASM32 libs?
mov eax, [__imp__HeapAlloc]
mov , eax
But when compiling, __imp__HeapCreate, is flagged as an undefined symbol.
I tried adding it to kernel32.inc(I'm using the latest MASM package)
__imp__HeapCreate PROTO :DWORD,:DWORD,:DWORDThen the error changes to:
__imp__HeapCreate@12 is an undifined symbol.
Changing it in the include file to __imp__heapcreate@12 give the same error.
So where is __imp__HeapCreate defined? How to include/use? Was this not included in the MASM32 libs?
__imp__heapcreate = dword, it's not a proc. So you need to do
something like
Or whatever :).
The symbol itself resides in the import .lib files.
something like
extern __imp__headcreate:DWORD
Or whatever :).
The symbol itself resides in the import .lib files.
Sound like you don't really know for sure either.:grin:
I try your syntax (extern ....). Yeah, it's not really a proc, I think it is just the address or address offset of the proc in the dll. Relocation.
I try your syntax (extern ....). Yeah, it's not really a proc, I think it is just the address or address offset of the proc in the dll. Relocation.
It *is* a dword, that holds the address of the proc in the DLL.