Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

procedure entry point not located in dll

Posted on 1998-12-23
4
Medium Priority
?
364 Views
Last Modified: 2013-12-03
According to microsoft's article about how to create
a .lib file when you do not have the object or source,
I try to use the procedure NtQueryInformationProcess
from ntdll.dll

I built a dummy.cpp:
#include <windows.h>
#include <process.h>
#include "psapi.h"
typedef LONG NTSTATUS;

typedef enum _PROCESSINFOCLASS {
    ProcessBasicInformation,
    ProcessQuotaLimits,
   .
   .
   .
    ProcessPriorityBoost,
    MaxProcessInfoClass
    } PROCESSINFOCLASS;

extern "C" __declspec(dllexport) NTSTATUS NTAPI NtQueryInformationProcess(
    IN HANDLE ProcessHandle,
    IN PROCESSINFOCLASS ProcessInformationClass,
    OUT PVOID ProcessInformation,
    IN ULONG ProcessInformationLength,
    OUT PULONG ReturnLength OPTIONAL
    ) {return (0);}

I compiled it:
cl /c /Ob0 dummy.cpp

I created a lib:
lib /DEF dummy.obj /OUT:ntdll.lib

and built my executable , queryp.cpp:
   retValue = NtQueryInformationProcess( hProcess,           infoEnum,
          pBuffer, cbBuffer, &retLen );

the h file which declares the dll function looks like this:
#ifdef __cplusplus
extern "C" {
#endif

//-----------------------------------------------------------------------------
// Typedefs from NTDDK.H and NTDEF.H that will be needed later
//-----------------------------------------------------------------------------

typedef LONG NTSTATUS;
.
.
.

NTSYSAPI
NTSTATUS
NTAPI
NtQueryInformationProcess(
    IN HANDLE ProcessHandle,
    IN PROCESSINFOCLASS ProcessInformationClass,
    OUT PVOID ProcessInformation,
    IN ULONG ProcessInformationLength,
    OUT PULONG ReturnLength OPTIONAL
    );

#ifdef __cplusplus
}
#endif

everything looks perfect, but when I  run me exe
I get the following error:
The procedure entry point _NtQueryInformationProcess@20
could not be located in the dynamic link library ntdll.dll

What's wrong here ?
HELP!!!

(bye the way - I am trying to study this thing,
so I know the easy way is just to copy the ntdll.lib file
from the DDK, but I want to know why I am wrong so...)

Thanks!
0
Comment
Question by:livni
  • 2
4 Comments
 
LVL 15

Expert Comment

by:Tommy Hui
ID: 1417671
Because the compiler is mangling the function name, _NtQueryInformationProcess@20 really is NOT in the DLL. The name in the DLL is NtQueryInformationProcess. Note there is no underscore and there is no @20 appended to the name. You will need to use a DEF file and add a IMPORTS section for the DLL like

IMPORTS
  _NtQueryInformationProcess@20 = NTDLL.NtQueryInformationProcess


0
 
LVL 2

Author Comment

by:livni
ID: 1417672
Hi Thui -
First I wanna say thanks.
This one got me one step ahead,
but did not solve my problem.

Now my program is linked with the dummy.obj ,
and runs the stub procedure instead of the one from the dll.

If I link without dummy.obj, I get unresolved external refference
__imp__NtQueryInformationProcess@20

GIVE IT ONE MORE SHOT!
0
 
LVL 15

Accepted Solution

by:
NickRepin earned 400 total points
ID: 1417673
Here is the sample.
In your case, specify /EXPORT option for LIB.

// MAKE.CMD
//*************
cl /c /Ob0 /LD dummy.cpp
lib /DEF: /EXPORT:MessageBeep=MessageBeep dummy.obj /OUT:user32.lib
cl test.cpp user32.lib
// DUMMY.CPP
//***********
extern "C" {
   __declspec(dllexport)
   unsigned int __stdcall MessageBeep(unsigned int)
   { return 0; }
}
// TEST.CPP
//*********
extern "C" {
   unsigned int __stdcall MessageBeep(unsigned int);
}

void main(void)
{
   MessageBeep(-1);
}


0
 
LVL 2

Author Comment

by:livni
ID: 1417674
THANKS!

and Thui - Thank you too...
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have ever found yourself doing a repetitive action with the mouse and keyboard, and if you have even a little programming experience, there is a good chance that you can use a text editor to whip together a sort of macro to automate the proce…
Entering time in Microsoft Access can be difficult. An input mask often bothers users more than helping them and won't catch all typing errors. This article shows how to create a textbox for 24-hour time input with full validation politely catching …
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question