Text only | Text with Images

The MASM Forum

General => The Workshop => Topic started by: jj2007 on May 29, 2012, 05:58:19 PM

Title: LockResource
Post by: jj2007 on May 29, 2012, 05:58:19 PM
Guess what? This works!

Code Select
include \masm32\include\masm32rt.inc

.code
start: invoke LockResource, 12345678h
print hex$(eax)
exit

end start


At least, it works on Win XP and Win 7. I wonder if older versions produce something else ::)

Under the hood, you can admire the immense improvements of Win7 over WinXP :biggrin:

LockResource      8BFF             mov edi, edi      ; See TheOldNewThing on hot patches (http://blogs.msdn.com/b/oldnewthing/archive/2011/09/21/10214405.aspx)
75C302DB          55               push ebp
75C302DC          8BEC             mov ebp, esp
75C302DE          5D               pop ebp
75C302DF          EB 05            jmp short 75C302E6                                                ; Jump to KERNELBASE.LockResource
75C302E1          90               nop
75C302E2          90               nop
75C302E3          90               nop
75C302E4          90               nop
75C302E5          90               nop
75C302E6          FF25 2C1BBF75    jmp near [75BF1B2C] aka &API-MS-Win-Core-LibraryLoader-L.LockResource
... ^ ^ ^ Win XP does not have the part above ^ ^ ^ ...
LockResource      8BFF             mov edi, edi   ; the address in [75BF1B2C]
758A8D47          55               push ebp
758A8D48          8BEC             mov ebp, esp
758A8D4A          8B45 08          mov eax, [ebp+8]  <<<<<<<<<< now guess what you will get in eax?
758A8D4D          5D               pop ebp
758A8D4E          C2 0400          retn 4
Title: Re: LockResource
Post by: hutch-- on May 29, 2012, 06:29:28 PM
 :biggrin:

Do I detect a note of sarcasm here ?  :P
Text only | Text with Images