Greetings...

My problem is how to get pointers on functions under win98.
I m using MASM32... is anyway how to get functions from krnl386.exe, user.exe, gdi.exe ?

thank you for answer..
Posted on 2001-09-01 04:18:28 by Marty
Marty,

GetProcAddress() will get the address of any API call you like. Just use LoadLibrary() to get the handle of the library and you can get its address with the other API.

Regards,

hutch@pbq.com.au
Posted on 2001-09-01 05:26:54 by hutch--
Be aware that loading too much times the same DLL may produce strange results
(including hangs under 95 Family).

As 'Kernel' and 'User', for example, are by chance already loaded by
your runing App, you first have to try to get it without re-loading:

> api 'KERNEL32.GetModuleHandleA' D?DllNamePointer
>
> If eax e &NULL
> api 'KERNEL32.LoadLibraryA' D?DllNamePointer
> End_If
>
> mov D?DllHandle eax
> ...
> ...
> api 'KERNEL32.GetProcAddress' D?DllHandle D?FunctionNamePointer


Doing it this way free you to have to 'FreeLibrary' the DLL(s) by yourself
(Done by the system on closure), if your app is a bit too complicated for
managing this by hand.


Betov.
Posted on 2001-09-01 06:38:44 by Betov
Thanks...

But it isnt right way for my problem...

LoadModule, GetProcAddress...etc API function..
It works only on 32 bit dll like as kernel32, user32, gdi32
....
but, I think..Load different function from krnl386.exe, user.exe, gdi.exe..
These functions are 16 bit.. It is immpossible to load by this functions write above..

For example.. krnl386.exe has many different functions, which arent linkable..in module kernel32.dll isnt pointer on this functions..

So, how can I link that ??? I dont know.. :(
Posted on 2001-09-01 14:33:12 by Marty
Marty,

1.copy KERNEL32.dll from your Win\System directory
2.d/l eXeScope from:
http://download.vector.co.jp/pack/win95/util/bin/patch/exesc610.lzh
3. Decompress it and start EXESCOPE.EXE
4. Open copy of Kernel32.dll file with File/Open option
5. Click Export/KERNEL32.dll
6. You will see in the ListView Control all functions from KERNEL32.dll
by Ordinal, Address, Name

Is it what you want?

You can use GetProcAddress and call eax for EVERY function from dll
by Name or by Ordinal..
You don't need to link the functions in your exe file!
You can't link the function if it hasn't a name too...
You can use it with GetProcAddress with lpProcName->by Ordinal parameter
if you know the Ordinal number.
Plz read MSDN about the usage of GetProcAddress.

Now, what about 16 bits krnl386.exe, user.exe, gdi.exe..

1.copy krnl386.exel from your Win\System directory
2. Open copy of krnl386.exe file with File/Open option
3. Click Non-resident
4. plz read MSDN Porting 16-Bit Code to 32-Bit Windows
Posted on 2001-09-02 02:40:30 by buliaNaza
You need to call LoadLibrary16, GetProcAddress16 and FreeLibrary16. These functions are exported by ordinal in kernel32.dll. You can't load them with LoadLibrary (see Windows 95 programming secrets). You have to use a special lib file. Use lib.exe to create it from the kernel16.def file (with lib /machine:ix86 /def:kernel16.txt)

In your code, add the lines :

INCLUDELIB \masm32\lib\kernel16.lib

FreeLibrary16 PROTO :DWORD
GetProcAddress16 PROTO :DWORD,:DWORD
LoadLibrary16 PROTO :DWORD
Posted on 2001-09-02 05:04:52 by Dr. Manhattan
Karim,

as far as I know these "16" functions (LoadLibrary16, FreeLibrary16,...) only work from inside a 32-Bit dll been loaded from a 16-bit app (called "generic" thunk"). To call functions in 16-bit dlls in Win9x from 32Bit apps you have to use "flat thunks". So to call "GetModuleHandle" from krnl386.exe control flow will be:

- your 32bit app calling
- your "flat thunk" 32bit dll calling
- your "flat thunk" 16bit dll calling
- GetModuleHandle() in krnl386.exe

So the question will always be: Is it really needed?

japheth
Posted on 2001-09-02 06:11:54 by japheth
buliaNaza,

This soft is GREAT.. it gives me all functions.. but how could I load it ? huh..:grin:
I loaded krnl386.exe and saw numbers and adress of these functions.. so I m not able to load it ..
Have you any Idea ? ...thanks :alright:

japheth,

You are totaly right.. FT_Thunks are used by windows to loading 16 bit dlls.. Have you knowledge of using it ??
I tried it... ErrorMessages were result.. :confused:
If you have something.. I m big Ear :)

thanks boys
Posted on 2001-09-02 17:17:40 by Marty