Page 3 of 3
Posted: Thu Aug 11, 2005 6:07 pm
by Kale
thefool wrote:probably. but is that really a good thing here? i mean, sometimes it is used wisely, sometimes not
Its never wise to overflow a buffer! You could be writing over data that could be important, e.g. OS stuff.
Posted: Thu Aug 11, 2005 6:15 pm
by Paul
I'm not sure what you are finding so confusing?
We defined the max buffer size with "size.l=512"
The memory address of the buffer is returned in our other variable.
The API command we are calling does the rest of the work.
Posted: Thu Aug 11, 2005 6:28 pm
by Kale
Paul wrote:I'm not sure what you are finding so confusing?
We defined the max buffer size with "size.l=512"
The memory address of the buffer is returned in our other variable.
The API command we are calling does the rest of the work.
Yes but where is the buffer, what points to it?
CurDir.l is a long with a value of 0
ptrDir.l is a long pointing to CurDir
i still don't see where the string is going?
Code: Select all
GetCurrentDirectory=GetProcAddress_(module,"GetCurrentDirectoryA")
size.l=512
CurDir.l= 0
ptrDir.l = @CurDir
!PUSH [v_ptrDir]
!PUSH [v_size]
!CALL [v_GetCurrentDirectory]
Debug PeekS(@CurDir)
in this code you are peeking a string at the address of CurDir.l, which is a long not a string
will debug the value 606915
will debug garbage
Posted: Thu Aug 11, 2005 6:32 pm
by Kale
Now i am home i can run these examples:
This produces a buffer overflow and crashes the process will have to be killed via the IDE. Because a string is being stuffed into a bufer only 4 bytes long.
Code: Select all
module=LoadLibrary_("kernel32.dll")
If module
GetCurrentDirectory=GetProcAddress_(module,"GetCurrentDirectoryA")
size.l=512
CurDir.l= 0
ptrDir.l = @CurDir
!PUSH [v_ptrDir]
!PUSH [v_size]
!CALL [v_GetCurrentDirectory]
Debug PeekS(@CurDir)
FreeLibrary_(module)
EndIf
this is the correct way:
Code: Select all
module=LoadLibrary_("kernel32.dll")
If module
GetCurrentDirectory=GetProcAddress_(module,"GetCurrentDirectoryA")
size.l=512
CurDir.s= ""
ptrDir.l = @CurDir
!PUSH [v_ptrDir]
!PUSH [v_size]
!CALL [v_GetCurrentDirectory]
Debug PeekS(ptrDir)
FreeLibrary_(module)
EndIf
Posted: Thu Aug 11, 2005 6:53 pm
by Paul
I posted 2 different versions.
Do what you want with it, doesn't really matter to me.
Posted: Thu Aug 11, 2005 7:14 pm
by Max.
Paul wrote:I posted 2 different versions, both of which work fine here.
You say it crashes with a buffer overflow but I cannot reproduce your problem. Both code do the same thing.
If you do not understand how it works, I'm sorry but there is nothing more I can help you with. I cannot explain it any better since I am a programmer, not a teacher.
I think I know what confuses Kale and yep, I think he is right.
You pass a pointer to a long instead of a pointer of a string, which can work but also can't.
Code: Select all
module=LoadLibrary_("kernel32.dll")
If module
GetCurrentDirectory=GetProcAddress_(module,"GetCurrentDirectoryA")
size.l=65000
CurDir.l= 0
ptrDir.l = @CurDir
a = 1
b = 2
c = 3
d = 4
e = 5
f = 6
!PUSH [v_ptrDir]
!PUSH [v_size]
!CALL [v_GetCurrentDirectory]
Debug PeekS(@CurDir)
Debug a
Debug b
Debug c
Debug d
Debug e
Debug f
FreeLibrary_(module)
EndIf
Posted: Thu Aug 11, 2005 7:39 pm
by thefool
as on kales machine it crashes here too. however it DOES show the place where it is then crashes :S
Posted: Thu Aug 11, 2005 10:27 pm
by Kale
Sorry i didn't mean to sound like an arse, but i though you had shown me a undocumented feature of PB on dynamic types but once i ran the examples it was clear the first example was wrong. No big deal though it just did my head in for a bit not knowing if i was wrong or going mad or summits.
Posted: Fri Aug 12, 2005 3:26 pm
by thefool
it was going MAD i tell you!
Re: Using DLLs with WinAPI
Posted: Sun May 06, 2018 3:32 am
by Poplar
Code updated For 5.62
Code: Select all
hMod = GetModuleHandle_("kernel32.dll")
If hMod
GetCurrentDirectory = GetProcAddress_(hMod, UTF8("GetCurrentDirectoryW"))
size.l=512
CurDir.s= Space(#MAX_PATH)
ptrDir.l = @CurDir
!PUSH [v_ptrDir]
!PUSH [v_size]
!CALL [v_GetCurrentDirectory]
Debug PeekS(ptrDir)
CloseHandle_(hMod)
EndIf
Re: Using DLLs with WinAPI
Posted: Sun May 06, 2018 8:36 am
by chi
If you use UTF8(), you also need to free the memory yourself (like Fred mentioned in another thread)!
Also, GetModuleHandle_() is freed with FreeLibrary_() and not with CloseHandle_()...
Code: Select all
hMod = GetModuleHandle_("kernel32.dll")
If hMod
*utf8 = UTF8("GetCurrentDirectoryW")
GetCurrentDirectory = GetProcAddress_(hMod, *utf8)
path${#MAX_PATH}
!PUSH v_path$
!PUSH 260 ;#MAX_PATH
!CALL [v_GetCurrentDirectory]
Debug path$
FreeMemory(*utf8)
FreeLibrary_(hMod)
EndIf