flat assembler
Message board for the users of flat assembler.
Index
> Windows > fasm problem? |
Author |
|
smoke 12 Sep 2007, 16:02
Hello everyone,
I have a problem. Yesterday I finished coding a hooking engine (it worked quite okay as far as i remember) and now this morning i assembled it again (the same source) and it didnt work again (I haven't changed a thing..) So I'm asking you .. Is this a fasm issue? and ... has something like this ever happened to you? If yes, how did you solve it? (my code crashes when calling GetThreadContext ... i get ERROR_NOACCESS) Here are the sources (the patch program, the dll that handles the detoured apis and the test file ..) ps: i could paste the code but .. i think its nicer to just download and check it out Thank you in advance...
|
|||||||||||
12 Sep 2007, 16:02 |
|
smoke 12 Sep 2007, 18:38
Well, its my code crashing not fasm .. though .. if i trace through the code everything executes nicely .. but when it comes to that CALL dword ... I get ERROR_NOACCESS .. (call to GetThreadContext)
EDIT: dword aligning the context structure solved the problem |
|||
12 Sep 2007, 18:38 |
|
vid 13 Sep 2007, 09:39
for next time, good way to solve this kind of problems is to keep old versions of executable, and then compare them to new versions, and see what's changed.
|
|||
13 Sep 2007, 09:39 |
|
madmatt 13 Sep 2007, 19:14
I've found one problem with you code so far.
In "hook.asm" where you define your imports, this: Code: kernel, 'kernel32.dll' should be this: Code: kernel32, 'kernel32.dll' And this: Code: import kernel,\ ReadProcessMemory, 'ReadProcessMemory',\ should be: Code: import kernel32,\ ReadProcessMemory, 'ReadProcessMemory',\ That's all i've found so far. |
|||
13 Sep 2007, 19:14 |
|
LocoDelAssembly 13 Sep 2007, 19:59
Why that change is needed?
|
|||
13 Sep 2007, 19:59 |
|
madmatt 13 Sep 2007, 20:58
I've had this problem before and fasm doesn't report an error for it. ALL the import and label text's must match, in this case, kernel32 must be the label in both library and api sections. All I can ask is try it and see if it helps.
|
|||
13 Sep 2007, 20:58 |
|
LocoDelAssembly 13 Sep 2007, 21:15
The Quetannon example has "library kernel,'KERNEL32.DLL',\" and "import kernel,\" and it worked so far. The labels MUST match of course but in the attachment I see that both parts already uses the same label (and you showed that in your previous post).
That is the reason of why I don't understand the change. I'm missing something else? |
|||
13 Sep 2007, 21:15 |
|
madmatt 13 Sep 2007, 21:35
LocoDelAssembly wrote: The Quetannon example has "library kernel,'KERNEL32.DLL',\" and "import kernel,\" and it worked so far. The labels MUST match of course but in the attachment I see that both parts already uses the same label (and you showed that in your previous post). No, your right, I don't think it does. my mistake. I have gotten the file 'hook.asm' to compile to a dll on my fasmw setup. I'll try and get the other code to compile then start debugging and see what I can find. |
|||
13 Sep 2007, 21:35 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.