snify Posted December 4, 2009 Share Posted December 4, 2009 Hey Guys out there, I have a big problem. I wrote a EOF Function, that reads EOF Data from a file. Anyway I sent to a friend he should test it on windows7. But the function crashes on Windows7 X64. But why? Can someone Fix/help me? Greetz Snify. expandcollapse popupFunc READEOF ($sModule) Local $iLoaded Local $a_hCall = DllCall("kernel32.dll", "hwnd", "GetModuleHandleW", "wstr", $sModule) If @error Then Return SetError(1, 0, "") EndIf Local $pPointer = $a_hCall[0] If Not $a_hCall[0] Then $a_hCall = DllCall("kernel32.dll", "hwnd", "LoadLibraryExW", "wstr", $sModule, "hwnd", 0, "int", 34) If @error Or Not $a_hCall[0] Then Return SetError(2, 0, "") EndIf $iLoaded = 1 $pPointer = $a_hCall[0] - 1 EndIf Local $hModule = $a_hCall[0] Local $tIMAGE_DOS_HEADER = DllStructCreate("char Magic[2];" & _ "ushort BytesOnLastPage;" & _ "ushort Pages;" & _ "ushort Relocations;" & _ "ushort SizeofHeader;" & _ "ushort MinimumExtra;" & _ "ushort MaximumExtra;" & _ "ushort SS;" & _ "ushort SP;" & _ "ushort Checksum;" & _ "ushort IP;" & _ "ushort CS;" & _ "ushort Relocation;" & _ "ushort Overlay;" & _ "char Reserved[8];" & _ "ushort OEMIdentifier;" & _ "ushort OEMInformation;" & _ "char Reserved2[20];" & _ "dword AddressOfNewExeHeader", _ $pPointer) $pPointer += DllStructGetData($tIMAGE_DOS_HEADER, "AddressOfNewExeHeader") Local $tIMAGE_NT_SIGNATURE = DllStructCreate("dword Signature", $pPointer) If Not (DllStructGetData($tIMAGE_NT_SIGNATURE, "Signature") = 17744) Then If $iLoaded Then Local $a_iCall = DllCall("kernel32.dll", "int", "FreeLibrary", "hwnd", $hModule) EndIf Return SetError(3, 0, "") EndIf $pPointer += 4 Local $tIMAGE_FILE_HEADER = DllStructCreate("ushort Machine;" & _ "ushort NumberOfSections;" & _ "dword TimeDateStamp;" & _ "dword PointerToSymbolTable;" & _ "dword NumberOfSymbols;" & _ "ushort SizeOfOptionalHeader;" & _ "ushort Characteristics", _ $pPointer) Local $iNumberOfSections = DllStructGetData($tIMAGE_FILE_HEADER, "NumberOfSections") $pPointer += 20 Local $tIMAGE_OPTIONAL_HEADER = DllStructCreate("ushort Magic;" & _ "ubyte MajorLinkerVersion;" & _ "ubyte MinorLinkerVersion;" & _ "dword SizeOfCode;" & _ "dword SizeOfInitializedData;" & _ "dword SizeOfUninitializedData;" & _ "dword AddressOfEntryPoint;" & _ "dword BaseOfCode;" & _ "dword BaseOfData;" & _ "dword ImageBase;" & _ "dword SectionAlignment;" & _ "dword FileAlignment;" & _ "ushort MajorOperatingSystemVersion;" & _ "ushort MinorOperatingSystemVersion;" & _ "ushort MajorImageVersion;" & _ "ushort MinorImageVersion;" & _ "ushort MajorSubsystemVersion;" & _ "ushort MinorSubsystemVersion;" & _ "dword Win32VersionValue;" & _ "dword SizeOfImage;" & _ "dword SizeOfHeaders;" & _ "dword CheckSum;" & _ "ushort Subsystem;" & _ "ushort DllCharacteristics;" & _ "dword SizeOfStackReserve;" & _ "dword SizeOfStackCommit;" & _ "dword SizeOfHeapReserve;" & _ "dword SizeOfHeapCommit;" & _ "dword LoaderFlags;" & _ "dword NumberOfRvaAndSizes", _ $pPointer) $pPointer += 96 Local $tIMAGE_DIRECTORY_ENTRY_EXPORT = DllStructCreate("dword VirtualAddress;" & _ "dword Size", _ $pPointer) $pPointer += 8 Local $tIMAGE_DIRECTORY_ENTRY_IMPORT = DllStructCreate("dword VirtualAddress;" & _ "dword Size", _ $pPointer) $pPointer += 8 Local $tIMAGE_DIRECTORY_ENTRY_RESOURCE = DllStructCreate("dword VirtualAddress;" & _ "dword Size", _ $pPointer) $pPointer += 8 Local $tIMAGE_DIRECTORY_ENTRY_EXCEPTION = DllStructCreate("dword VirtualAddress;" & _ "dword Size", _ $pPointer) $pPointer += 8 Local $tIMAGE_DIRECTORY_ENTRY_SECURITY = DllStructCreate("dword VirtualAddress;" & _ "dword Size", _ $pPointer) $pPointer += 8 Local $tIMAGE_DIRECTORY_ENTRY_BASERELOC = DllStructCreate("dword VirtualAddress;" & _ "dword Size", _ $pPointer) $pPointer += 8 Local $tIMAGE_DIRECTORY_ENTRY_DEBUG = DllStructCreate("dword VirtualAddress;" & _ "dword Size", _ $pPointer) $pPointer += 8 Local $tIMAGE_DIRECTORY_ENTRY_COPYRIGHT = DllStructCreate("dword VirtualAddress;" & _ "dword Size", _ $pPointer) $pPointer += 8 Local $tIMAGE_DIRECTORY_ENTRY_GLOBALPTR = DllStructCreate("dword VirtualAddress;" & _ "dword Size", _ $pPointer) $pPointer += 8 Local $tIMAGE_DIRECTORY_ENTRY_TLS = DllStructCreate("dword VirtualAddress;" & _ "dword Size", _ $pPointer) $pPointer += 8 Local $tIMAGE_DIRECTORY_ENTRY_LOAD_CONFIG = DllStructCreate("dword VirtualAddress;" & _ "dword Size", _ $pPointer) $pPointer += 8 $pPointer += 40 Local $tIMAGE_SECTION_HEADER For $i = 1 To $iNumberOfSections $tIMAGE_SECTION_HEADER = DllStructCreate("char Name[8];" & _ "dword UnionOfData;" & _ "dword VirtualAddress;" & _ "dword SizeOfRawData;" & _ "dword PointerToRawData;" & _ "dword PointerToRelocations;" & _ "dword PointerToLinenumbers;" & _ "ushort NumberOfRelocations;" & _ "ushort NumberOfLinenumbers;" & _ "dword Characteristics", _ $pPointer) if $i = $iNumberOfSections Then Dim $array[2] $array[0] = Hex(DllStructGetData($tIMAGE_SECTION_HEADER, "PointerToRawData")) $array[1] = DllStructGetData($tIMAGE_SECTION_HEADER, "SizeOfRawData") $FilePath = $sModule $Offset = Dec($array[0]) + $array[1] $Length = FileGetSize ($sModule) - $Offset Local $Buffer, $ptr, $fLen, $hFile, $Result, $Read, $err, $Pos If Not FileExists($FilePath) Then Return SetError(1, @error, 0) $fLen = FileGetSize($FilePath) If $Offset > $fLen Then Return SetError(2, @error, 0) If $fLen < $Offset + $Length Then Return SetError(3, @error, 0) $Buffer = DllStructCreate("byte[" & $Length & "]") $ptr = DllStructGetPtr($Buffer) $hFile = _WinAPI_CreateFile($FilePath, 2, 2, 0) If $hFile = 0 Then Return SetError(5, @error, 0) $Pos = $Offset $Result = _WinAPI_SetFilePointer($hFile, $Pos) $err = @error If $Result = 0xFFFFFFFF Then _WinAPI_CloseHandle($hFile) Return SetError(6, $err, 0) EndIf $Read = 0 $Result = _WinAPI_ReadFile($hFile, $ptr, $Length, $Read) $err = @error If Not $Result Then _WinAPI_CloseHandle($hFile) Return SetError(7, $err, 0) EndIf _WinAPI_CloseHandle($hFile) If Not $Result Then Return SetError(8, @error, 0) $Result = DllStructGetData($Buffer, 1) DllCall("kernel32.dll", "int", "FreeLibrary", "hwnd", $hModule) Return $Result EndIf $pPointer += 40 Next EndFunc PS.: It works fine on XP but not Vista or Win7 Link to comment Share on other sites More sharing options...
trancexx Posted December 4, 2009 Share Posted December 4, 2009 There is a reason why I used specific loading technique in a function you are using. Though you may be using older function (there should be better posted somewhere). It's a PE loader thing. You skipped one important step while loading the module. All you actually need to do is replace: If Not $a_hCall[0] Then $a_hCall = DllCall("kernel32.dll", "hwnd", "LoadLibraryExW", "wstr", $sModule, "hwnd", 0, "int", 34) If @error Or Not $a_hCall[0] Then Return SetError(2, 0, "") EndIf $iLoaded = 1 $pPointer = $a_hCall[0] - 1 EndIf with: If Not $a_hCall[0] Then $a_hCall = DllCall("kernel32.dll", "hwnd", "LoadLibraryExW", "wstr", $sModule, "hwnd", 0, "int", 1) If @error Or Not $a_hCall[0] Then Return SetError(2, 0, "") EndIf $iLoaded = 1 $pPointer = $a_hCall[0] EndIf That would be my guess after a quick look. ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
snify Posted December 4, 2009 Author Share Posted December 4, 2009 OMG Thank you sooooo much It works now very well. (and you helped me again and again) Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now