[solved]Why DLL not working without WINAPI?

Index > Windows > [solved]Why DLL not working without WINAPI?

Author

Thread

CrawlUp

Joined: 23 May 2017
Posts: 8
Location: the USSR

CrawlUp 23 May 2017, 05:57

I'm a newbie. I create a DLL library and if my function does not have a call WINAPI, the library does not want to load into my program.

This is a working DLL--

Code:

 format PE GUI 4.0 DLL
entry DllEntryPoint

include 'win32a.inc'
;__________________________________________________________
section '.code' code readable executable

proc DllEntryPoint hinstDLL,fdwReason,lpvReserved
        mov     eax,TRUE
        ret
endp

proc myFunction
     invoke MessageBox,0,str_dll,head_dll,MB_OK
ret
endp


;_________________________________________________________
section '.data' data readable writeable
str_dll       db  'DLL is working',0
head_dll      db  'My dll',0

;__________________________________________________________
section '.idata' import data readable writeable

  library    user,'USER32.DLL'
  import     user, MessageBox,'MessageBoxA'
;_________________________________________________________
section '.edata' export data readable

  export 'new.DLL', myFunction,'myFunction'

;_________________________________________________________
section '.reloc' fixups data readable discardable

This is not working code--

Code:

 format PE GUI 4.0 DLL
entry DllEntryPoint

include 'win32a.inc'
;__________________________________________________________
section '.code' code readable executable

proc DllEntryPoint hinstDLL,fdwReason,lpvReserved
        mov     eax,TRUE
        ret
endp

proc myFunction
     mov eax, edx
     ;Any code without WINAPI calls
     ;.....
ret
endp




;_________________________________________________________
section '.edata' export data readable

  export 'new.DLL', myFunction,'myFunction'

;_________________________________________________________
section '.reloc' fixups data readable discardable

My program use DLL library-

Code:

format PE GUI 4.0
entry start

include 'win32a.inc'

section '.text' code readable executable

  start:

        invoke  myFunction
        invoke  ExitProcess,0


;______________________________________________________________________
section '.idata' import data readable writeable

  library kernel,'KERNEL32.DLL',\
          newdll,'new.DLL'

  import kernel, ExitProcess,'ExitProcess'

  import newdll, myFunction,'myFunction'

Translate: new.dll either not designed to run under Windows or contains an error......bla..bla...bla..

Description:
Filesize:	28.91 KB
Viewed:	5718 Time(s)

Last edited by CrawlUp on 23 May 2017, 15:59; edited 2 times in total

23 May 2017, 05:57

Grom PE

Joined: 13 Mar 2008
Posts: 114
Location: i@grompe.org.ru

Grom PE 23 May 2017, 07:56

The problem is actually the declared but empty relocation section.

If you forcre it to generate at least one relocation, by adding

Code:

dummy: mov eax, dummy

anywhere in code section, it will work.

23 May 2017, 07:56

revolution
When all else fails, read the source

Joined: 24 Aug 2004
Posts: 20632
Location: In your JS exploiting you and your system

revolution 23 May 2017, 09:32

If you don't want to pollute your code with dummy instructions you can populate the relocation data with this:

Code:

data        fixups
            dd 0,8
end         data

You can put that anywhere in your code, you don't need an extra section for it. And you will have to remove the 'fixups' flag from any existing section because you can't have two fixuos locations.

23 May 2017, 09:32

Tomasz Grysztar

Joined: 16 Jun 2003
Posts: 8403
Location: Kraków, Poland

Tomasz Grysztar 23 May 2017, 10:57

There is also a different way to avoid creation of an empty section when the relocation directory is empty - you can put the fixups inside a section that already contains some other data:

Code:

section '.rdata' data readable

  data export
    export 'new.DLL', myFunction,'myFunction'
  end data

  data fixups
  end data

This works well in modern Windows, but it had not been working in Windows 9x line. But I'd guess that's not a serious problem nowadays.

23 May 2017, 10:57

CrawlUp

Joined: 23 May 2017
Posts: 8
Location: the USSR

CrawlUp 23 May 2017, 10:58

Quote:

data fixups
dd 0,8
end data

It works well

Code:

 
format PE GUI 4.0 DLL
entry DllEntryPoint

include 'win32a.inc'
;__________________________________________________________
section '.code' code readable executable



proc DllEntryPoint hinstDLL,fdwReason,lpvReserved
        mov     eax,TRUE
        ret
endp

proc myFunction

ret
endp



;_________________________________________________________
section '.edata' export data readable

  export 'new.DLL', myFunction,'myFunction'

;_________________________________________________________
section '.reloc' fixups data readable discardable

       dd 0,8    ;But it's completely unclear why this is needed

dd 0,8 ; But it's completely unclear why this is needed

Quote:

dummy: mov eax, dummy

This does not work in more than one place code

23 May 2017, 10:58

CrawlUp

Joined: 23 May 2017
Posts: 8
Location: the USSR

CrawlUp 23 May 2017, 11:11

Thank you all for your help. I will read the link.

23 May 2017, 11:11

< Last Thread | Next Thread >

Forum Rules:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum