yoshimitsu 21 Dec 2011, 22:25
I can't seem to get a 64bit dll working..

for example:
I simply copied the code out of this thread.
Windows refuses to load the dll, though, with the message that's it's not a correct image..
Your code has a bug

LocoDelAssembly 22 Dec 2011, 14:37
mmmh, I'm having problems as well. I just tried converting the DLL example to 64-bit, but I get this message
Windows 7 wrote:
C:\Users\Hernan\Desktop\DLL\ERRORMSG.DLL is either not designed to run on Windows or it contains an error. Try installing the program again using the original installation media or contact your system administrator or the software vendor for support.

Here is the code, what's wrong here?

; DLL creation example

format PE64 GUI 5.0 DLL
entry DllEntryPoint

include 'win64a.inc'

section '.text' code readable executable

proc DllEntryPoint hinstDLL,fdwReason,lpvReserved
        mov     eax,TRUE

; VOID ShowErrorMessage(HWND hWnd,DWORD dwError);

proc ShowErrorMessage hWnd,dwError
  local lpBuffer:DWORD

        mov     [hWnd], rcx
        mov     [dwError], rdx

        lea     rax,[lpBuffer]
        invoke  MessageBox,[hWnd],[lpBuffer],NULL,MB_ICONERROR+MB_OK
        invoke  LocalFree,[lpBuffer]

; VOID ShowLastError(HWND hWnd);

proc ShowLastError hWnd

        mov     [hWnd], rcx

        invoke  GetLastError
        stdcall ShowErrorMessage,[hWnd],eax

section '.idata' import data readable writeable

  library kernel,'KERNEL32.DLL',\

  import kernel,\

  import user,\

section '.edata' export data readable

  export 'ERRORMSG.DLL',\

section '.reloc' fixups data discardable    
format PE64 GUI 5.0
entry start

include 'win64a.inc'

section '.text' code readable executable

        invoke  ShowLastError,HWND_DESKTOP
        invoke  ExitProcess,0

section '.idata' import data readable writeable

  library kernel,'KERNEL32.DLL',\

  import kernel,\

  import errormsg,\
Tomasz Grysztar

Tomasz Grysztar 22 Dec 2011, 14:56

Quick fix: use "data fixups" instead of separate section for relocations.

Also: you forgot to align the stack at entry point ("sub rsp,8" should do the job).
When all else fails, read the source

revolution 22 Dec 2011, 15:23
See also here. Might be useful info.
yoshimitsu 22 Dec 2011, 16:37
since addressing is RIP relative in x64, in which case would I even need fixups?
Is it possible to skip them entirely?
I recall that a dll without a relocation entry refuses to load on x86

side question:
why exactly is something like "lea rax,[ExitProcess+rax]" invalid and what's a good workaround?
(lea rcx,[ExitProcess]
lea rax,[rax+rcx]?)
Tomasz Grysztar

Tomasz Grysztar 22 Dec 2011, 17:02
yoshimitsu wrote:
why exactly is something like "lea rax,[ExitProcess+rax]" invalid and what's a good workaround?
This could be invalid only when ExitProcess was relocatable 64-bit address and to specify such value you would need 8-byte immediate, while displacement in [reg+imm] addressing is at most 32-bit signed value. So possible workarounds would be:
mov rcx,ExitProcess ; generates 64-bit relocation
add rax,rcx    
lea rcx,[ExitProcess] ; uses RIP-relative addressing, doesn't need relocation
add rax,rcx    

Second variant has shorter opcode and is PIC (doesn't need fixups), so it's better.

However with PE format you generally should not have this problem, as it is possible to have 32-bit VA relocation there. Perhaps you are using some quite old fasm version which was not able to generate such fixup?
