Re: How do I link to C Library functions in windows?

"bwaichu@xxxxxxxxx" <spamtrap@xxxxxxxxxx> wrote:
...
Nevertheless, I'm trying to figure out how the CreateFile and
WriteFile API works.

I import it like:

import CreateFileA kernel32.dll ; how do I know if I need to tag an A
to the end?

Any Win32 API that takes or returns a string will have an A and a W
variant.

Now, do I need to setup the stack like I do in BSD? My printf
program worked without it, but I'm not sure if that is correct.

What do you mean by "setup the stack"? For a Win32 process, the stack is
set up before your main gets called.

push dword 80h ; normal file operation

That's FILE_READ_ATTRIBUTES, but that won't allow you read or write access
to the file. To read the file, you need 00120089h; to write the file, you
need 00120116h.

The file handle should be put in eax, which I can use later to write,
read, or close to depending how I set the above parameters. Now,
should the above generate a file, or do I need to write to the file?

It depends on the 5th parameter. Your example was CREATE_ALWAYS, which
creates the file as 0 bytes. OPEN_ALWAYS and OPEN_EXISTING opens it for
reading but doesn't create it.

I run the program, and I do not even see any empty file. How do I
check for errors in assembly? eax should return something. Is there
an equivalent of errno?

You need to check the APIs in MSDN. If CreateFile returns
INVALID_HANDLE_VALUE, which is -1, then you call GetLastError will return
an error code.

I also need a way to step through the
execution, so I can see how the registers change.

Right, you need a debugger. OllyDbg is a good one, or you can use
Microsoft's windbg.

I should be able to close the file handle by:

push eax ; which I should save to the stack
call [CloseHandle]

Right.
--
Tim Roberts, timr@xxxxxxxxx
Providenza & Boekelheide, Inc.

.

Relevant Pages

  • Re: Flush SMB Cache on Windows Vista?
    ... when client tries to open that file on server machine (via CreateFile API) - the same pathname is used - which is incorrect of course because you need UNC name here. ... the cache information has not been updated.) ...
    (microsoft.public.win32.programmer.networks)
  • Re: C Stack Corruption?
    ... and it seems that I'm getting some stack ... >corruption after any API call. ... It accepts a call from one compiler module, ... >values after any IBM API call. ...
    (comp.lang.c)
  • Re: A buffer mapped to a file?
    ... You could try a named pipe, if the program really just calls CreateFile and reads or write to the resulting handle, but as soon as a program tries to do something like query file size, set file pointer, or soforth, that will break. ... Basically I have a buffer of data and need to feed it into an API ... that are within the filesystem namespace and will the ReadFileAPI ...
    (microsoft.public.win32.programmer.kernel)
  • Re: [RFC][PATCH 0/6] mm, highmem: kmap_atomic rework
    ... static slot based. ... course its a big massive patch changing a widely used API. ... We don't have any checks in there for the stack overflowing? ...
    (Linux-Kernel)
  • Re: hpgcc3 API
    ... Will the new API allow a C program to store a value into a calculator ... E.g. if I put 123 on the stack and run this program, ... IERR to the stack and have your wrapper save it to IERR? ...
    (comp.sys.hp48)