GiulianoB
asked on
Exported functions from injected DLL
I am injecting a DLL into another EXE process. The other EXE process has other DLL's loaded into it.
What I want to do is use the exported functions of the other DLL's. The other DLL doesn't have actual function names but I do have the cardinal name of the function.
Here is an example of a function from the DLL. This is the GetTextWidth function:
type
TGetTextWidth=function(tex
var
GetTextWidth: TGetTextWidth;
myint: integer;
begin
hmod:=GetModuleHandle('EXT
@GetTextWidth:=GetProcAddr
myint:=GetTextWidth('test'
for some reason the value returned is always "504". I believe this is the address or offset to the value but it is Definetly not the correct value. (I haven't tried booting my computer to see if it changes).
Another note:the DLL is made in C++. The function GetTextWidth goes like this : int __fastcall, (wchar_t * wText)
I need to know if I am declaring the function wrong or calling it wrong. Any help is appreciated and will get some points. Thanks!
What I want to do is use the exported functions of the other DLL's. The other DLL doesn't have actual function names but I do have the cardinal name of the function.
Here is an example of a function from the DLL. This is the GetTextWidth function:
type
TGetTextWidth=function(tex
var
GetTextWidth: TGetTextWidth;
myint: integer;
begin
hmod:=GetModuleHandle('EXT
@GetTextWidth:=GetProcAddr
myint:=GetTextWidth('test'
for some reason the value returned is always "504". I believe this is the address or offset to the value but it is Definetly not the correct value. (I haven't tried booting my computer to see if it changes).
Another note:the DLL is made in C++. The function GetTextWidth goes like this : int __fastcall, (wchar_t * wText)
I need to know if I am declaring the function wrong or calling it wrong. Any help is appreciated and will get some points. Thanks!
ASKER
that didn't make a difference. Am I calling GetProcAddress correctly to get an ordinal function ?
Looks alright to me.
Try using this:
var strVar;
begin
madDisAsm.ParseFunction(@G
Then save that strVar into a text file and post it here. Maybe we can see what's wrong then.
Try using this:
var strVar;
begin
madDisAsm.ParseFunction(@G
Then save that strVar into a text file and post it here. Maybe we can see what's wrong then.
ASKER
what type is strVar ?
ASKER
6f8aa2a0 public #10121: ; function entry point
6f8aa2a0 push ebx
6f8aa2a1 push ebp
6f8aa2a2 push esi
6f8aa2a3 push edi
6f8aa2a4 mov esi, ecx
6f8aa2a6 call dword ptr [$6f8ba06c] ; ?strlen@Unicode@@SIHPBU1@@
6f8aa2a6
6f8aa2ac xor edi, edi
6f8aa2ae xor ebx, ebx
6f8aa2b0 cmp [esi], di
6f8aa2b3 mov ebp, eax
6f8aa2b5 jz loc_6f8aa2db
6f8aa2b5
6f8aa2b7 loc_6f8aa2b7:
6f8aa2b7 cmp edi, ebp
6f8aa2b9 jge loc_6f8aa2db
6f8aa2b9
6f8aa2bb mov cx, [esi]
6f8aa2be cmp cx, $a
6f8aa2c2 jz loc_6f8aa2d1
6f8aa2c2
6f8aa2c4 call dword ptr [$6f8fe20c]
6f8aa2c4
6f8aa2ca xor ecx, ecx
6f8aa2cc mov cl, [eax+3]
6f8aa2cf add ebx, ecx
6f8aa2d1
6f8aa2d1 loc_6f8aa2d1:
6f8aa2d1 add esi, 2
6f8aa2d4 inc edi
6f8aa2d5 cmp word ptr [esi], 0
6f8aa2d9 jnz loc_6f8aa2b7
6f8aa2d9
6f8aa2db loc_6f8aa2db:
6f8aa2db pop edi
6f8aa2dc pop esi
6f8aa2dd mov eax, ebx
6f8aa2df pop ebp
6f8aa2e0 pop ebx
6f8aa2e1 ret
6f8aa2a0 push ebx
6f8aa2a1 push ebp
6f8aa2a2 push esi
6f8aa2a3 push edi
6f8aa2a4 mov esi, ecx
6f8aa2a6 call dword ptr [$6f8ba06c] ; ?strlen@Unicode@@SIHPBU1@@
6f8aa2a6
6f8aa2ac xor edi, edi
6f8aa2ae xor ebx, ebx
6f8aa2b0 cmp [esi], di
6f8aa2b3 mov ebp, eax
6f8aa2b5 jz loc_6f8aa2db
6f8aa2b5
6f8aa2b7 loc_6f8aa2b7:
6f8aa2b7 cmp edi, ebp
6f8aa2b9 jge loc_6f8aa2db
6f8aa2b9
6f8aa2bb mov cx, [esi]
6f8aa2be cmp cx, $a
6f8aa2c2 jz loc_6f8aa2d1
6f8aa2c2
6f8aa2c4 call dword ptr [$6f8fe20c]
6f8aa2c4
6f8aa2ca xor ecx, ecx
6f8aa2cc mov cl, [eax+3]
6f8aa2cf add ebx, ecx
6f8aa2d1
6f8aa2d1 loc_6f8aa2d1:
6f8aa2d1 add esi, 2
6f8aa2d4 inc edi
6f8aa2d5 cmp word ptr [esi], 0
6f8aa2d9 jnz loc_6f8aa2b7
6f8aa2d9
6f8aa2db loc_6f8aa2db:
6f8aa2db pop edi
6f8aa2dc pop esi
6f8aa2dd mov eax, ebx
6f8aa2df pop ebp
6f8aa2e0 pop ebx
6f8aa2e1 ret
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Wow! You never seize to amaze me Madshi ^_^
Looking at the ASM code my only guess is that we want to store the parameter in ECX so the first two pushes, you put the dummy ints for them.
is that right ?
Looking at the ASM code my only guess is that we want to store the parameter in ECX so the first two pushes, you put the dummy ints for them.
is that right ?
ASKER
btw: Delphi doesn't have any way to do fastcalls ?
>> is that right ?
Yes.
>> btw: Delphi doesn't have any way to do fastcalls ?
Not directly. But seemingly you can simulate it with those dummy parameters.
Yes.
>> btw: Delphi doesn't have any way to do fastcalls ?
Not directly. But seemingly you can simulate it with those dummy parameters.
type TGetTextWidth=function(tex
C++ doesn't know Delphi's "wideString" type.