I am learning myself to load DLL files at run time and call functions from there.
For a start, I decided to pick mathematical cosf function. After some searching I learned that all mathematical functions can be found in msvcr100.dll. So here is code that I have written:
#include <stdio.h>
#include <Windows.h>
FARPROC getEntry(HMODULE &m, const char* name) {
FARPROC p=GetProcAddress(m, name);
if (!p) {
printf("Error: Entry %s not found\n", name);
printf("Error code: %d\n",GetLastError());
exit(1);
} else
printf("Entry %s loaded\n", name);
return p;
}
int main() {
HMODULE msvcr = LoadLibraryA("msvcr100.dll");
if (!msvcr)
printf("File msvcr100.dll not found\n");
else
printf("msvcr100.dll loaded\n");
FARPROC fun = getEntry(msvcr, "cos");
FARPROC fun2 = getEntry(msvcr, "cosf");
FreeLibrary(msvcr);
return 0;
}
If I run it, I get the following output:
msvcr100.dll loaded
Entry cos loaded
Error: Entry cosf not found
Error code: 127
Why?
Error code 127 stand for ERROR_PROC_NOT_FOUND -- The specified procedure could not be found.
According to Dependency Walker, there is a cosf function inside MSVCR100.DLL. Ordinal number 1349, Entry Point 0xC2750.
The function name does not seem to be mangled.
Both 'cos' and 'cosf' are listed in the run-time library function reference: http://msdn.microsoft.com/en-us/library/ydcbat90.aspx
What am I missing?
If I should use a different dll for cosf -- which one is it?
cos takes doubles, I need a function which takes floats.
Thank you!
From the <math.h> header file:
inline float cosf(_In_ float _X)
{return ((float)cos((double)_X)); }
Or in other words, it is an inline function that actually uses cos(). And thus isn't exported from the DLL.
Related
I am making an application for xbox 360 that will import functions which were exported from a system dll and call them when needed. I thought I did everything right as far as exporting then importing the functions, but it crashes on a single line of code.
I started by defining the functions inside of the system dll as follows:
void (__cdecl *SV_GameSendServerCommand)(int Client, int Type, char *Command) = (void(__cdecl * )(int, int, char * ))0x82254940;
bool (__cdecl *Dvar_GetBool)(char *Dvar) = (bool(__cdecl * )(char * ))0x8229EF58;
I created a .def file to export the functions while assigning their ordinals:
LIBRARY testdll
EXPORTS
SV_GameSendServerCommand #1
Dvar_GetBool #2
I built the system dll and placed the resulting testdll.lib in the folder where my application's source code was. I then placed the following in stdafx.h of that application:
#pragma comment(lib, "testdll.lib")
I prototyped the functions to be imported and used a function called resolveFunct to get the addresses of the imported functions.
void (__cdecl *SV_GameSendServerCommand)(int Client, int Type, char *Command);
bool (__cdecl *Dvar_GetBool)(char *Dvar);
UINT32 resolveFunct(char* modname, UINT32 ord)
{
UINT32 ret=0, ptr2=0;
HANDLE ptr32 = 0;
ret = XexGetModuleHandle(modname, &ptr32);
if(ret == 0)
{
ret = XexGetProcedureAddress(ptr32, ord, &ptr2);
if(ptr2 != 0)
return ptr2;
}
return 0; // function not found
}
When I tried printing the address of the function, it was successful and read 0x91F8BF54. I did this twice, and it printed both times. The proceeding line of code caused my application to crash.
DWORD WINAPI Start(LPVOID)
{
for(;;)
{
if(!LoadedUp)
{
printf("0x%p\n", resolveFunct("testdll.xex",2));
if(Dvar_GetBool == NULL)
{
printf("0x%p\n", resolveFunct("testdll.xex",2));
Dvar_GetBool = (bool(__cdecl*)(char*))resolveFunct("testdll.xex",2);
I don't understand why this line of code causes my program to crash, though. Any answers/suggestions are appreciated. Thanks!
I'm writing a kernel module under Scientific Linux 6.3 x86_64 and I'm looking to use kprobes. In this module, I need access to the first argument of a function on return, so jprobes are out.
I found this very helpful post: Getting function arguments using kprobes
However, when I try accessing regs->rdi inside my probe, the compiler complains with
error: ‘struct pt_regs’ has no member named ‘rdi’
During my module initialization, I run this check with no problems:
#ifndef CONFIG_X86_64
printk(KERN_ALERT "Error: this module only supports x86_64!\n");
return -EINVAL;
#endif
Is there anything else I should be looking at?
uname -r returns 2.6.32-279.14.1.el6.x86_64.debug
Here is a MWE:
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/kprobes.h>
#include <linux/blkdev.h>
static int kprobe_test(struct kprobe *p, struct pt_regs *regs) {
printk(KERN_INFO "rdi: %p\n", regs->rdi);
return 0;
}
static struct kprobe myprobe = {
.pre_handler = NULL,
.post_handler = kprobe_test,
.fault_handler = NULL,
.addr = (kprobe_opcode_t *) generic_make_request,
};
int init_module(void) {
register_kprobe(&myprobe);
return 0;
}
void cleanup_module(void) {
unregister_kprobe(&myprobe);
}
Which results in:
...
/home/user/kmod/kprobe_64_mwe/kprobe_mwe.c:7: error: ‘struct pt_regs’ has no member named ‘rdi’
...
The definition of pt_reg changes when __KERNEL__ is defined. Try using di instead.
The following code (pasted last), taken mostly from here, is a very simple kernel module which acts as a keylogger. I can get it to compile and produce a .ko just fine, but when I try to load it, I get the following errors in dmesg:
[ 790.833828] keylogger: Unknown symbol unregister_keyboard_notifier (err 0)
[ 790.833846] keylogger: Unknown symbol register_keyboard_notifier (err 0)
I did not build my kernel from source, but am using the stock kernel provided with archlinux. I did install the kernel-headers package to get the module to compile, however.
So my question is: Are these two symbols really not found in my installed kernel? And if they are, why aren't they linking(?) correctly?
I can find evidence that the symbols are present. Firstly, I can see the symbols in /proc/kallsyms. Also, when I do nm /usr/src/vmlinux I can also see these two symbols. Are they not the same?
Module code:
#include <linux/module.h> /* Needed by all modules */
#include <linux/keyboard.h>
EXPORT_SYMBOL_NOVERS(unregister_keyboard_notifier);
EXPORT_SYMBOL_NOVERS(register_keyboard_notifier);
int hello_notify(struct notifier_block *nblock, unsigned long code, void *_param) {
struct keyboard_notifier_param *param = _param;
struct vc_data *vc = param->vc;
int ret = NOTIFY_OK;
if (code == KBD_KEYCODE) {
printk(KERN_DEBUG "KEYLOGGER %i %s\n", param->value, (param->down ? "down" : "up"));
}
}
static struct notifier_block nb = {
.notifier_call = hello_notify
};
static int hello_init(void)
{
register_keyboard_notifier(&nb);
return 0;
}
static void hello_release(void)
{
unregister_keyboard_notifier(&nb);
}
module_init(hello_init);
module_exit(hello_release);
I needed to add the following to my module source:
MODULE_LICENSE("GPL");
I ahve the following piece of code. I get a correctly filled vector. But I am unable to print or use the vector contents which are file names from a directory. As soon as I do enter the first iteration. Everything gets lost. What am I doing wrong?
wprintf - This works OK
wcout-- here is where everything ends up corrupted
#include <windows.h>
#include <sstream>
#include <string>
#include <vector>
#include<iostream>
void GetAllFiles(vector<LPCWSTR>&, wstring);
using namespace std;
void main (void)
{
vector<LPCWSTR> files(0);
wstring path = L"Datasets\\Persons\\";
wstring ext = L"*.*";
wstring fullPath = path+ext;
GetAllFiles(files,fullPath);
for (unsigned i=0; i<files.size() ; i++)
{
try
{
wcout<<"::\n"<<files[i];
}
catch(exception &ex)
{
cout<<"Error:"<<ex.what();
}
}
}
void GetAllFiles(vector<LPCWSTR>& fileNames,wstring dir)
{
WIN32_FIND_DATA search_data;
memset(&search_data, 0, sizeof(WIN32_FIND_DATA));
HANDLE handle = FindFirstFile(dir.c_str(),&search_data);
while(handle != INVALID_HANDLE_VALUE)
{
wprintf(L"Found file: %s\r\n", search_data.cFileName);
fileNames.push_back(search_data.cFileName);
if(FindNextFile(handle, &search_data) == FALSE)
break;
}
}
I have attached a screen shots of the output.
search_data.cFileName is a pointer to memory controlled by the FindFirstFile/FindNextFile iterator interface; you cannot store this pointer value as the pointed-to memory could change from iteration to iteration (or even be freed after the iteration completes).
Instead, you must make a copy of the string to put in your vector, e.g. using wcsdup. Even better, define your vector as a vector<wstring>, so that push_back(search_data.cFileName); creates a wstring with the contents of search_data.cFileName.
Probably that's happening because you pass local variable to push_back(). I'm not sure here, but what could happen here:
push_back expects object of type LPCWSTR, while you passing char* instead. I don't know, how this conversion is done, but probably the pointer is just copied, and the value of this pointer becomes invalid whenyou return from the function - try explicit copying the strings before passing them to push_back.
I'm creating c++ game server. The server creates many objects monster, and every monster should have its thread with specific function.
I get error :
error C2064: term does not evaluate to a function taking 0 arguments
thread.hpp(60) : while compiling class template member function 'void
boost::detail::thread_data<F>::run(void)'
monster.cpp:
#include "monster.h"
monster::monster(string temp_mob_name)
{
//New login monster
mob_name = temp_mob_name;
x=rand() % 1000;
y=rand() % 1000;
boost::thread make_thread(&monster::mob_engine);
}
monster::~monster()
{
//Destructor
}
void monster::mob_engine()
{
while(true)
{
Sleep(100);
cout<< "Monster name"<<mob_name<<endl;
}
}
monster.h:
#ifndef _H_MONSTER_
#define _H_MONSTER_
//Additional include dependancies
#include <iostream>
#include <string>
#include "boost/thread.hpp"
using namespace std;
class monster
{
public:
//Functions
monster(string temp_mob_name);
~monster();
//Custom defined functions
void mob_engine();
int x;
int y;
};
//Include protection
#endif
mob_engine is a non-static member function, so it has an implicit this argument.
Try this:
boost::thread make_thread(boost::bind(&monster::mob_engine, this));
According to this similar question boost:thread - compiler error you can even avoid using bind by simply writing:
boost::thread make_thread(&monster::mob_engine, this);
Also, you will probably want to declare a boost::thread member variable to keep a reference to the thread.