Page 1 of 1
[solved]Why are the execution results in the procedure inconsistent with the results in the non-procedure ?
Posted: Sat Feb 03, 2024 1:03 pm
by Zero Ray
Code: Select all
EnableExplicit
Structure BootOrder
BootOrderList.l[128]
EndStructure
Prototype.l ProtoNtQueryBootEntryOrder(Ids.l, Count.l)
Global NtQueryBootEntryOrder.ProtoNtQueryBootEntryOrder
If OpenLibrary(0, "ntdll.dll")
NtQueryBootEntryOrder = GetFunction(0, "NtQueryBootEntryOrder")
EndIf
Procedure Test()
Protected BootOrder.BootOrder, Ids.l, Count.l, tmp.b, State.i
Count = SizeOf(BootOrder)
RtlAdjustPrivilege_(22, 1, 0, @tmp)
State = NtQueryBootEntryOrder(@BootOrder, @Count)
RtlAdjustPrivilege_(22, 0, 0, @tmp)
ProcedureReturn State
EndProcedure
Debug Test()
Define BootOrder.BootOrder, Ids.l, Count.l, tmp.b, State.i
Count = SizeOf(BootOrder)
RtlAdjustPrivilege_(22, 1, 0, @tmp)
State = NtQueryBootEntryOrder(@BootOrder, @Count)
RtlAdjustPrivilege_(22, 0, 0, @tmp)
Debug State
Why are the execution results in the procedure inconsistent with the results in the non-procedure ?
Re: Why are the execution results in the procedure inconsistent with the results in the non-procedure ?
Posted: Sat Feb 03, 2024 1:45 pm
by mk-soft
A Boolean ist not a Byte -> tmp.b -> tmp.i
Re: Why are the execution results in the procedure inconsistent with the results in the non-procedure ?
Posted: Sat Feb 03, 2024 1:50 pm
by Zero Ray
mk-soft wrote: Sat Feb 03, 2024 1:45 pm
A Boolean ist not a Byte -> tmp.b -> tmp.i
After correcting it to tmp.i, the result is still the same
Re: Why are the execution results in the procedure inconsistent with the results in the non-procedure ?
Posted: Sat Feb 03, 2024 2:09 pm
by mk-soft
Here both result a same.
What OS and PB Version.
Re: Why are the execution results in the procedure inconsistent with the results in the non-procedure ?
Posted: Sat Feb 03, 2024 2:45 pm
by Zero Ray
mk-soft wrote: Sat Feb 03, 2024 2:09 pm
Here both result a same.
What OS and PB Version.
Windows 8.1 x64 And PureBasic 6.04 LTS x64
Re: Why are the execution results in the procedure inconsistent with the results in the non-procedure ?
Posted: Sat Feb 03, 2024 3:06 pm
by fryquez
NT API functions require *buffers to aligned by 16 Bytes on x64.
Re: Why are the execution results in the procedure inconsistent with the results in the non-procedure ?
Posted: Sat Feb 03, 2024 3:18 pm
by breeze4me
The value of the "Count" variable seems to be the number of entries, not the memory size.
And some variable types are incorrect.
Run it as an administrator.
Code: Select all
EnableExplicit
Structure BootOrder
BootOrderList.l[128]
EndStructure
Prototype.l ProtoNtQueryBootEntryOrder(*Ids, *Count)
Global NtQueryBootEntryOrder.ProtoNtQueryBootEntryOrder
If OpenLibrary(0, "ntdll.dll")
NtQueryBootEntryOrder = GetFunction(0, "NtQueryBootEntryOrder")
EndIf
Procedure.l Test()
Protected BootOrder.BootOrder, Count.l, tmp.i, State.l
;Count = SizeOf(BootOrder)
Count = 128 ;OK on my PC.
RtlAdjustPrivilege_(22, 1, 0, @tmp)
State = NtQueryBootEntryOrder(@BootOrder, @Count)
Debug "Count: " + Count
RtlAdjustPrivilege_(22, 0, 0, @tmp)
ProcedureReturn State
EndProcedure
Debug "Result: " + Test()
Define BootOrder.BootOrder, Count.l, tmp.i, State.l
;Count = SizeOf(BootOrder)
Count = 128
RtlAdjustPrivilege_(22, 1, 0, @tmp)
State = NtQueryBootEntryOrder(@BootOrder, @Count)
Debug "Count: " + Count
RtlAdjustPrivilege_(22, 0, 0, @tmp)
Debug "Result: " + State
Re: Why are the execution results in the procedure inconsistent with the results in the non-procedure ?
Posted: Sun Feb 04, 2024 2:42 am
by Zero Ray
breeze4me wrote: Sat Feb 03, 2024 3:18 pm
The value of the "Count" variable seems to be the number of entries, not the memory size.
And some variable types are incorrect.
Run it as an administrator.
Code: Select all
EnableExplicit
Structure BootOrder
BootOrderList.l[128]
EndStructure
Prototype.l ProtoNtQueryBootEntryOrder(*Ids, *Count)
Global NtQueryBootEntryOrder.ProtoNtQueryBootEntryOrder
If OpenLibrary(0, "ntdll.dll")
NtQueryBootEntryOrder = GetFunction(0, "NtQueryBootEntryOrder")
EndIf
Procedure.l Test()
Protected BootOrder.BootOrder, Count.l, tmp.i, State.l
;Count = SizeOf(BootOrder)
Count = 128 ;OK on my PC.
RtlAdjustPrivilege_(22, 1, 0, @tmp)
State = NtQueryBootEntryOrder(@BootOrder, @Count)
Debug "Count: " + Count
RtlAdjustPrivilege_(22, 0, 0, @tmp)
ProcedureReturn State
EndProcedure
Debug "Result: " + Test()
Define BootOrder.BootOrder, Count.l, tmp.i, State.l
;Count = SizeOf(BootOrder)
Count = 128
RtlAdjustPrivilege_(22, 1, 0, @tmp)
State = NtQueryBootEntryOrder(@BootOrder, @Count)
Debug "Count: " + Count
RtlAdjustPrivilege_(22, 0, 0, @tmp)
Debug "Result: " + State
It worked, thank you very much!