I have a problem with GetProcAddress

[grimoire]

hi

I tried to remake the source code again, but I had a problem with GetProcAddress, when I try to execute the code before, not loading all the libs, but after with the new code, all the libs are working.

before

'C:\Windows\System32\ntdll.dll' cargado. Símbolos cargados.
'C:\Windows\System32\kernel32.dll' cargado. Símbolos cargados.
'C:\Windows\System32\KernelBase.dll' cargado. Símbolos cargados

after

Code (asm) Select Expand


extrn LoadLibraryA:PROC
extrn ExitProcess:PROC

.data

wsdll db "ws2_32.dll",0
wsaddr dq ?


.code
Start proc
push rbp
mov rbp, rsp
sub rsp, 28h

mov rcx, offset [wsdll]
call LoadLibraryA
mov[wsaddr], rax


xor ecx, ecx
call ExitProcess

mov rsp, rbp
pop rbp

Start endp

End

'C:\Windows\System32\ntdll.dll' cargado. Símbolos cargados.
'C:\Windows\System32\kernel32.dll' cargado. Símbolos cargados.
'C:\Windows\System32\KernelBase.dll' cargado. Símbolos cargados.
'C:\Windows\System32\ws2_32.dll' cargado. Símbolos cargados.
'C:\Windows\System32\msvcrt.dll' cargado. Símbolos cargados.
'C:\Windows\System32\rpcrt4.dll' cargado. Símbolos cargados.
'C:\Windows\System32\nsi.dll' cargado. Símbolos cargados.

but when a I try to use  GetProcAddress, RAX return 0, and the program fail.

can somebody help me?, how fix this?, please

here is the code

Code (asm) Select Expand

extrn LoadLibraryA:PROC
extrn ExitProcess:PROC
extrn GetProcAddress:PROC

.data

wsdll db "ws2_32.dll",0
wsaddr dq ?
WStp db "WSAStartup",0
wtaddr dq ?


.code
Start proc
push rbp
mov rbp, rsp
sub rsp, 28h

mov rcx, offset [wsdll]
call LoadLibraryA
mov[wsaddr], rax

mov rdx, offset[WStp]
mov r8, [wsaddr]
call GetProcAddress
mov[wtaddr], rax


xor ecx, ecx
call ExitProcess

mov rsp, rbp
pop rbp

Start endp

End

regards

[jj2007]

call LoadLibraryA ; is rax non-zero?
...
call GetProcAddress ; is rax non-zero? What does GetLastError report?

[qWord]

Code Select Expand

Start proc

push rbp
mov rbp, rsp
sub rsp, 20h ; <-----

mov rcx, offset [wsdll]
call LoadLibraryA
mov[wsaddr], rax

mov rdx, offset[WStp]
mov rcx,rax ; <-----
call GetProcAddress
mov[wtaddr], rax


xor ecx, ecx
call ExitProcess

mov rsp, rbp      ; <--- dead code
pop rbp           ;

Start endp

Any good reason to not use a import library?

[grimoire]

hi, thanks for the answers

I'm studing asm since 4 weeks ago, my first app was with nasm and MinGW, and the syntaxis is very differente to MASM, so I try to learning MASM, and there are many thing that I don't know how it works, like import library and I try to use it better with direccion and values, that's how am working with nasm, sorry.... I will study more about masm

just one last question, I tried to fix the app, and now I don't receive messages with errors, the compile is succesfull, but it doesn't work, I made a service-client in nasm on 32 bits, and I tried to remake the client on 64 bits, but the connection fail...

can somebody tell me, why the connection fails?

here is the code

-EDIT---

Code (asm) Select Expand


    extrn LoadLibraryA:PROC
    extrn ExitProcess:PROC
    extrn GetProcAddress:PROC
     
    .data
     
    wsdll db "ws2_32.dll",0
    wsaddr dq ?
    WStp db "WSAStartup",0
    wtaddr dq ?
    wsadata db 400 dup (0)
    sock db "socket",0
    sockaddr dq ?
    conn db "connect",0
    conaddr dq ?
    sen db "send",0
    senaddr dq ?
    buf db "hola mundo",0
     
    .code
    Start proc
    push rbp
    mov rbp, rsp
    sub rsp, 20h
     
    mov rcx, offset [wsdll]
    call LoadLibraryA
    mov[wsaddr], rax
     
    mov rdx, offset[WStp]
    mov rcx, [wsaddr]
    call GetProcAddress
    mov[wtaddr], rax
     
    lea rdx, wsadata
    mov rcx, 2h
    call [wtaddr]
     
    mov rdx, offset[sock]
    mov rcx, [wsaddr]
    call GetProcAddress
    mov[sockaddr], rax
     
    mov r8, 0h
    mov rdx, 1h
    mov rcx, 2h
    call [sockaddr]
    mov[sockaddr], rax
     
    mov rdx, offset[conn]
    mov rcx, [wsaddr]
    call GetProcAddress
    mov[conaddr], rax
     
    mov rsi, 16h
    mov rdi, 0100007FB9220002h
    mov rdx,[sockaddr]
    call[conaddr]
     
    mov rdx, offset[sen]
    mov rcx, [wsaddr]
    call GetProcAddress
    mov[senaddr], rax
     
    mov r9, 0h
    mov r8, 50h
    mov rdx, offset[buf]
    mov rcx,[sockaddr]
    call[senaddr]
     
    mov rsp, rbp
    pop rbp
     
    xor ecx, ecx
    call ExitProcess
     
    Start endp
     
    End

thanks and regards

[qWord]

For the stack-setup of the entry point I would suggest to use:

Code Select Expand

and rsp,-16
sub rsp,4*8
...
call ExitProcess
The connect function needs a pointer to the sockaddr-structure, and not a immediate value. Also check the used registers.
Remarks that MASM (in contrast to other assemblers) automatically dereference data labels - you do not need to use square brackets for most of your variables:

Code Select Expand

    mov rcx, offset wsdll ; square brackets make no sense at this point
    call LoadLibraryA
    mov wsaddr, rax ; wsaddr == [wsaddr]
Square brackets are commonly only used when referencing variables through registers:

Code Select Expand

mov rax,[rdx] ; rdx contains pointer
mov DWORD ptr [rdx+rcx*8],123

For calling the socket functions through an import library (ws2_32.lib), do it the same way as with the function from kernel32.dll: declare the functions as extern and add the lib to the linker call.

[grimoire]

thanks

I've changed the code and the libs that loads are:

Code Select Expand

'Project1.exe' (Win32): 'C:\Users\grimoire\Documents\Visual Studio 2012\Projects\Solution1\x64\Release\Project1.exe' cargado. Símbolos cargados.
'Project1.exe' (Win32): 'C:\Windows\System32\ntdll.dll' cargado. Símbolos cargados.
'Project1.exe' (Win32): 'C:\Windows\System32\kernel32.dll' cargado. Símbolos cargados.
'Project1.exe' (Win32): 'C:\Windows\System32\KernelBase.dll' cargado. Símbolos cargados.
'Project1.exe' (Win32): 'C:\Windows\System32\ws2_32.dll' cargado. Símbolos cargados.
'Project1.exe' (Win32): 'C:\Windows\System32\msvcrt.dll' cargado. Símbolos cargados.
'Project1.exe' (Win32): 'C:\Windows\System32\rpcrt4.dll' cargado. Símbolos cargados.
'Project1.exe' (Win32): 'C:\Windows\System32\nsi.dll' cargado. Símbolos cargados.
'Project1.exe' (Win32): 'C:\Windows\System32\mswsock.dll' cargado. Símbolos cargados.
'Project1.exe' (Win32): 'C:\Windows\System32\user32.dll' cargado. Símbolos cargados.
'Project1.exe' (Win32): 'C:\Windows\System32\gdi32.dll' cargado. Símbolos cargados.
'Project1.exe' (Win32): 'C:\Windows\System32\lpk.dll' cargado. Símbolos cargados.
'Project1.exe' (Win32): 'C:\Windows\System32\usp10.dll' cargado. Símbolos cargados.
'Project1.exe' (Win32): 'C:\Windows\System32\imm32.dll' cargado. Símbolos cargados.
'Project1.exe' (Win32): 'C:\Windows\System32\msctf.dll' cargado. Símbolos cargados.
'Project1.exe' (Win32): 'C:\Windows\System32\WSHTCPIP.DLL' cargado. Símbolos cargados.


but nothing, I feel a little frustrated because in 32 bits works fine using nasm and MinGW, and is almost the same code but I can't do it work in masm64

here is the code again

Code (asm) Select Expand


extrn LoadLibraryA:PROC
extrn ExitProcess:PROC
extrn GetProcAddress:PROC

.data

wsdll db "ws2_32.dll",0
wsaddr dq ?
WStp db "WSAStartup",0
wtaddr dq ?
wsadata db 400 dup (0)
sock db "socket",0
sockaddr dq ?
conn db "connect",0
conaddr dq ?
sen db "send",0
senaddr dq ?
buf db "hola mundo",0

.code
Start proc
push rbp
mov rbp, rsp
and rsp,-16
sub rsp,4*8

mov rcx, offset wsdll
call LoadLibraryA
mov wsaddr, rax

mov rdx, offset WStp
mov rcx, wsaddr
call GetProcAddress
mov wtaddr, rax

lea rdx, wsadata
mov rcx, 2h
call wtaddr

mov rdx, offset sock
mov rcx, wsaddr
call GetProcAddress
mov sockaddr, rax

mov r8, 0h
mov rdx, 1h
mov rcx, 2h
call sockaddr
mov sockaddr, rax

mov rdx, offset conn
mov rcx, wsaddr
call GetProcAddress
mov conaddr, rax

mov r8, 16h
mov rbx, 0100007FB9220002h
push rbx
mov rdx, rsp
mov rcx, sockaddr
call conaddr

mov rdx, offset sen
mov rcx, wsaddr
call GetProcAddress
mov senaddr, rax

mov r9, 0h
mov r8, 50h
mov rdx,offset buf
mov rcx,sockaddr
call senaddr

mov rsp, rbp
pop rbp

xor ecx, ecx
call ExitProcess

Start endp

End

I will try to make another one with libs

thanks again

regards

[qWord]

The PUSH RBX break the stack alignment. You should take a look here. There is also no need to setup a stack frame (PUSH RBP,...)
It seems like that x64 is currently beyond your capabilities...

Code Select Expand

option casemap:none

extern ExitProcess:PROC
extern WSAStartup:PROC
extern socket:PROC
extern connect:PROC
extern send:PROC

WSADATA STRUCT 8
    wVersion        WORD    ?
    wHighVersion    WORD    ?
    iMaxSockets     WORD    ?
    iMaxUdpDg       WORD    ?
    lpVendorInfo    QWORD   ?
    szDescription   SBYTE   257 dup (?)
    szSystemStatus  SBYTE   129 dup (?)
WSADATA ENDS

sockaddr STRUCT
    sa_family   SWORD   ?
    sa_port     WORD    ?
    sa_addr     DWORD   ?
                BYTE 8 dup (?)
sockaddr ENDS

.const
    align 8
    address     sockaddr <2, 0B922h, 0100007Fh>
    sz1         BYTE "hola mundo",0
.data?
    align 8
    Socket  QWORD ?
    wsadata WSADATA <>
.code
main proc
    and rsp,-16
    sub rsp,4*8

    lea rdx, wsadata
    mov rcx, 2h
    call WSAStartup
   
    mov r8, 0h
    mov rdx, 1h
    mov rcx, 2h
    call socket
    mov Socket, rax
   
    mov r8, 16h
    lea rdx, address
    mov rcx, Socket
    call connect
   
    mov r9, 0h
    mov r8, SIZEOF sz1
    mov rdx, offset sz1
    mov rcx, Socket
    call send
   
    xor ecx, ecx
    call ExitProcess

main endp
End

[grimoire]

It seems like that x64 is currently beyond your capabilities...

I think so... well, thank you so much for the help

And I won't give up, I will try and try again.  ;)

best regards  :t

[japheth]

And I won't give up, I will try and try again.  ;)

What about using a debugger? The 64-bit WinDbg works with Masm64. All you have to do is:

- assemble with -Zi
- link with /DEBUG
- start WinDbg: WinDbg <your_app>

and inside WinDbg, enter "g main"

[grimoire]

thanks japheth for the answer

------------

it works!   :t

Code (asm) Select Expand



.data
in_addr dq 0100007FB9220002h

.code

mov r8, 10h
mov rdx, offset in_addr
mov rcx, sockaddr
call conaddr

jeje