News:

Masm32 SDK description, downloads and other helpful links
Message to All Guests
NB: Posting URL's See here: Posted URL Change

Main Menu

Process32FirstW problem

Started by ragdog, September 23, 2012, 07:45:24 PM

Previous topic - Next topic

ragdog

Hi @all

I have a problem with Process32FirstW it returns ervery 0
with Process32FirstA have i no problems why?


I have google about it and not anything found

LOCAL ProcessInformation:PROCESSENTRY32
LOCAL hSnapShot:DWORD


    mov ProcessInformation.dwSize,sizeof PROCESSENTRY32
invoke CreateToolhelp32Snapshot,TH32CS_SNAPALL,NULL
mov hSnapShot,eax
invoke Process32FirstW,hSnapShot,addr ProcessInformation

.if eax==TRUE
invoke MessageBox,0,CTEXT ("TRUE"),0,MB_OK
.endif

jj2007

http://social.msdn.microsoft.com/Forums/en-US/vcmfcatl/thread/a8ed898f-1242-4c82-b29a-84433059b504/

ragdog

I have solved it i must use Unicode structur


IFDEF __UNICODE__
MODULEENTRY32 equ MODULEENTRY32W
PROCESSENTRY32 equ PROCESSENTRY32W
ELSE
MODULEENTRY32 equ MODULEENTRY32A
PROCESSENTRY32 equ PROCESSENTRY32A
ENDIF ; !UNICODE



PROCESSENTRY32W STRUCT
dwSize DWORD ?
cntUsage DWORD ?
th32ProcessID DWORD ? ; this process
th32DefaultHeapID DWORD ?
th32ModuleID DWORD ? ; associated exe
cntThreads DWORD ?
th32ParentProcessID DWORD ? ; this process's parent process
pcPriClassBase DWORD ? ; Base priority of process's threads
dwFlags DWORD ?
szExeFile dw MAX_PATH dup (?)
PROCESSENTRY32W ENDS

PROCESSENTRY32A STRUCT
    dwSize              DWORD ?
    cntUsage            DWORD ?
    th32ProcessID       DWORD ?
    th32DefaultHeapID   DWORD ?
    th32ModuleID        DWORD ?
    cntThreads          DWORD ?
    th32ParentProcessID DWORD ?
    pcPriClassBase      DWORD ?
    dwFlags             DWORD ?
    szExeFile           db MAX_PATH dup(?)
PROCESSENTRY32A ENDS

MODULEENTRY32W STRUCT
dwSize DWORD ?
th32ModuleID DWORD ? ; This module
th32ProcessID DWORD ? ; owning process
GlblcntUsage DWORD ? ; Global usage count on the module
ProccntUsage DWORD ? ; Module usage count in th32ProcessID's context
modBaseAddr DWORD ? ; Base address of module in th32ProcessID's context
modBaseSize DWORD ? ; Size in bytes of module starting at modBaseAddr
hModule DWORD ? ; The hModule of this module in th32ProcessID's context
szModule dw MAX_MODULE_NAME32+1 dup (?)
szExePath dw MAX_PATH dup (?)
MODULEENTRY32W ENDS

MODULEENTRY32A STRUCT
    dwSize          DWORD ?
    th32ModuleID    DWORD ?
    th32ProcessID   DWORD ?
    GlblcntUsage    DWORD ?
    ProccntUsage    DWORD ?
    modBaseAddr     DWORD ?
    modBaseSize     DWORD ?
    hModule         DWORD ?
    szModule        db MAX_MODULE_NAME32+1 dup(?)
    szExePath       db MAX_PATH dup(?)
MODULEENTRY32A ENDS


To Hutch can you this add to the windows.inc?




hutch--

Try reading Ramon Sala's post in the MASM32 sub forum, he has addressed it with replacements.

ragdog

What for a sub forum from ramon?

I have it figured out to use Process32 and Module32 apis and structs for Ansii and unicode build

And works perfect :t


IFDEF __UNICODE__
  Process32First equ <Process32FirstW>
ENDIF

IFDEF __UNICODE__
  Process32Next  equ <Process32NextW>
ENDIF
Process32First PROTO :DWORD,:DWORD
Process32FirstW PROTO :DWORD,:DWORD
Process32Next PROTO :DWORD,:DWORD
Process32NextW PROTO :DWORD,:DWORD


IFDEF __UNICODE__
  Module32First equ <Module32FirstW>
ENDIF

IFDEF __UNICODE__
  Module32Next  equ <Module32NextW>
ENDIF
Module32First PROTO STDCALL :DWORD,:DWORD
Module32FirstW PROTO STDCALL :DWORD,:DWORD

Module32Next PROTO STDCALL :DWORD,:DWORD
Module32NextW PROTO STDCALL :DWORD,:DWORD

IFDEF __UNICODE__
PROCESSENTRY32 equ PROCESSENTRY32W
ELSE
PROCESSENTRY32 equ PROCESSENTRY32A
ENDIF ; !UNICODE

IFDEF __UNICODE__
MODULEENTRY32 equ MODULEENTRY32W
ELSE
MODULEENTRY32 equ MODULEENTRY32A
ENDIF ; !UNICODE

PROCESSENTRY32W STRUCT
dwSize DWORD ?
cntUsage DWORD ?
th32ProcessID DWORD ? ; this process
th32DefaultHeapID DWORD ?
th32ModuleID DWORD ? ; associated exe
cntThreads DWORD ?
th32ParentProcessID DWORD ? ; this process's parent process
pcPriClassBase DWORD ? ; Base priority of process's threads
dwFlags DWORD ?
szExeFile dw MAX_PATH dup (?)
PROCESSENTRY32W ENDS

PROCESSENTRY32A STRUCT
    dwSize              DWORD ?
    cntUsage            DWORD ?
    th32ProcessID       DWORD ?
    th32DefaultHeapID   DWORD ?
    th32ModuleID        DWORD ?
    cntThreads          DWORD ?
    th32ParentProcessID DWORD ?
    pcPriClassBase      DWORD ?
    dwFlags             DWORD ?
    szExeFile           db MAX_PATH dup(?)
PROCESSENTRY32A ENDS

MODULEENTRY32W STRUCT
dwSize DWORD ?
th32ModuleID DWORD ? ; This module
th32ProcessID DWORD ? ; owning process
GlblcntUsage DWORD ? ; Global usage count on the module
ProccntUsage DWORD ? ; Module usage count in th32ProcessID's context
modBaseAddr DWORD ? ; Base address of module in th32ProcessID's context
modBaseSize DWORD ? ; Size in bytes of module starting at modBaseAddr
hModule DWORD ? ; The hModule of this module in th32ProcessID's context
szModule dw MAX_MODULE_NAME32+1 dup (?)
szExePath dw MAX_PATH dup (?)
MODULEENTRY32W ENDS

MODULEENTRY32A STRUCT
    dwSize          DWORD ?
    th32ModuleID    DWORD ?
    th32ProcessID   DWORD ?
    GlblcntUsage    DWORD ?
    ProccntUsage    DWORD ?
    modBaseAddr     DWORD ?
    modBaseSize     DWORD ?
    hModule         DWORD ?
    szModule        db MAX_MODULE_NAME32+1 dup(?)
    szExePath       db MAX_PATH dup(?)
MODULEENTRY32A ENDS



TouEnMasm

#6
Not a bug but a problem of define with masm.
The usual way to define ansi and unicode function is to add a A or a W at the end of the function.
Here it's not the case,there is only Process32First and Process32FirstW.
Like that There is a problem with masm.

Quote
Process32NextW PROTO :DWORD ,:DWORD
Process32First PROTO :DWORD ,:DWORD
IFDEF UNICODE
Process32First   equ   < Process32FirstW>
ENDIF
When use of unicode you got error "A2005:symbol redefinition Process32First "
This don't happen with the c++.
To avoid this:
Quote
Process32NextW PROTO :DWORD ,:DWORD
IFDEF UNICODE
Process32First   equ   < Process32FirstW>
ELSE
Process32First PROTO :DWORD ,:DWORD
ENDIF
The Process32First prototype is only define in ansi version.
As this , there is no more problem and you can switch from ansi to unicode,the both work.
Later:
The masm32 lib haven't _Process32First@8
Quote
                  _Process32First@8      ;only in sdk windows lib kernel32.lib
                  _Process32FirstW@8
                  _Process32Next@8
                  _Process32NextW@8


Fa is a musical note to play with CL


ragdog

@Dave

My last post Definition works fine to build ansi and unicode  :t
http://masm32.com/board/index.php?topic=716.msg5998#msg5998

hutch--

I still fail to see what all the noise is about, Ramon Sala reported the problem some time ago then subsequently posted a solution to rebuilding the library. All of this noise is something like re-inventing the wheel, its already been done.

rsala

Hi all,

(Hutch: Thanks)

In the link below there is a downloadable zip (kernel32.zip) fixing the problem. Just replace the kernel32.inc and kernel32.lib from Masm32 corresponding folders with those coming in the mentioned zip file.

http://masm32.com/board/index.php?topic=506.0

Regards,

Ramon
EC coder

ragdog

Thanks to all

But now have i the next question why have Module32FirstW
MODULEENTRY32W.szModule not a russian file name

Here is my Project

Start "Тест Программа.exe" and run bdrt.exe for list processes

it print only  "C:\Radasm3\Masm\Projects\bdrt\???? ?????????.exe"

Why?

Greets,

jj2007

Quote from: ragdog on September 28, 2012, 11:03:00 PM
Start "Тест Программа.exe" and run bdrt.exe for list processes

it print only  "C:\Radasm3\Masm\Projects\bdrt\???? ?????????.exe"

Looks like you are printing an ANSI string that once was a Unicode string. Check at which point the "wrong" conversion took place. Or write it to a file, zip it and post it here.

ragdog

Sorry i forgot to upload my project :badgrin:


jj2007

Olly says this:


0012F950  3F 00 3F 00|3F 00 3F 00|3F 00 20 00|3F 00 3F 00| ? ? ? ? ?   ? ?
0012F960  3F 00 3F 00|3F 00 3F 00|3F 00 3F 00|3F 00 3F 00| ? ? ? ? ? ? ? ?
0012F970  2E 00 65 00|78 00 65 00|00 00 00 00|00 00 00 00| . e x e


So Module32FirstW creates crippled Unicode.