livni
asked on
procedure entry point not located in dll
According to microsoft's article about how to create
a .lib file when you do not have the object or source,
I try to use the procedure NtQueryInformationProcess
from ntdll.dll
I built a dummy.cpp:
#include <windows.h>
#include <process.h>
#include "psapi.h"
typedef LONG NTSTATUS;
typedef enum _PROCESSINFOCLASS {
ProcessBasicInformation,
ProcessQuotaLimits,
.
.
.
ProcessPriorityBoost,
MaxProcessInfoClass
} PROCESSINFOCLASS;
extern "C" __declspec(dllexport) NTSTATUS NTAPI NtQueryInformationProcess(
IN HANDLE ProcessHandle,
IN PROCESSINFOCLASS ProcessInformationClass,
OUT PVOID ProcessInformation,
IN ULONG ProcessInformationLength,
OUT PULONG ReturnLength OPTIONAL
) {return (0);}
I compiled it:
cl /c /Ob0 dummy.cpp
I created a lib:
lib /DEF dummy.obj /OUT:ntdll.lib
and built my executable , queryp.cpp:
retValue = NtQueryInformationProcess(
pBuffer, cbBuffer, &retLen );
the h file which declares the dll function looks like this:
#ifdef __cplusplus
extern "C" {
#endif
//------------------------
// Typedefs from NTDDK.H and NTDEF.H that will be needed later
//------------------------
typedef LONG NTSTATUS;
.
.
.
NTSYSAPI
NTSTATUS
NTAPI
NtQueryInformationProcess(
IN HANDLE ProcessHandle,
IN PROCESSINFOCLASS ProcessInformationClass,
OUT PVOID ProcessInformation,
IN ULONG ProcessInformationLength,
OUT PULONG ReturnLength OPTIONAL
);
#ifdef __cplusplus
}
#endif
everything looks perfect, but when I run me exe
I get the following error:
The procedure entry point _NtQueryInformationProcess
could not be located in the dynamic link library ntdll.dll
What's wrong here ?
HELP!!!
(bye the way - I am trying to study this thing,
so I know the easy way is just to copy the ntdll.lib file
from the DDK, but I want to know why I am wrong so...)
Thanks!
a .lib file when you do not have the object or source,
I try to use the procedure NtQueryInformationProcess
from ntdll.dll
I built a dummy.cpp:
#include <windows.h>
#include <process.h>
#include "psapi.h"
typedef LONG NTSTATUS;
typedef enum _PROCESSINFOCLASS {
ProcessBasicInformation,
ProcessQuotaLimits,
.
.
.
ProcessPriorityBoost,
MaxProcessInfoClass
} PROCESSINFOCLASS;
extern "C" __declspec(dllexport) NTSTATUS NTAPI NtQueryInformationProcess(
IN HANDLE ProcessHandle,
IN PROCESSINFOCLASS ProcessInformationClass,
OUT PVOID ProcessInformation,
IN ULONG ProcessInformationLength,
OUT PULONG ReturnLength OPTIONAL
) {return (0);}
I compiled it:
cl /c /Ob0 dummy.cpp
I created a lib:
lib /DEF dummy.obj /OUT:ntdll.lib
and built my executable , queryp.cpp:
retValue = NtQueryInformationProcess(
pBuffer, cbBuffer, &retLen );
the h file which declares the dll function looks like this:
#ifdef __cplusplus
extern "C" {
#endif
//------------------------
// Typedefs from NTDDK.H and NTDEF.H that will be needed later
//------------------------
typedef LONG NTSTATUS;
.
.
.
NTSYSAPI
NTSTATUS
NTAPI
NtQueryInformationProcess(
IN HANDLE ProcessHandle,
IN PROCESSINFOCLASS ProcessInformationClass,
OUT PVOID ProcessInformation,
IN ULONG ProcessInformationLength,
OUT PULONG ReturnLength OPTIONAL
);
#ifdef __cplusplus
}
#endif
everything looks perfect, but when I run me exe
I get the following error:
The procedure entry point _NtQueryInformationProcess
could not be located in the dynamic link library ntdll.dll
What's wrong here ?
HELP!!!
(bye the way - I am trying to study this thing,
so I know the easy way is just to copy the ntdll.lib file
from the DDK, but I want to know why I am wrong so...)
Thanks!
ASKER
Hi Thui -
First I wanna say thanks.
This one got me one step ahead,
but did not solve my problem.
Now my program is linked with the dummy.obj ,
and runs the stub procedure instead of the one from the dll.
If I link without dummy.obj, I get unresolved external refference
__imp__NtQueryInformationP
GIVE IT ONE MORE SHOT!
First I wanna say thanks.
This one got me one step ahead,
but did not solve my problem.
Now my program is linked with the dummy.obj ,
and runs the stub procedure instead of the one from the dll.
If I link without dummy.obj, I get unresolved external refference
__imp__NtQueryInformationP
GIVE IT ONE MORE SHOT!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
THANKS!
and Thui - Thank you too...
and Thui - Thank you too...
IMPORTS
_NtQueryInformationProcess