GlobalAddAtom Bug Solved (I guess it's a "feature")
From: Alex Ionescu [397670] (nospamalex_at_nospamrelsoft.net)
Date: 03/29/04
- Next message: Eugene Gershnik: "Re: Named Pipes in Visual Basic .NET"
- Previous message: Eugene Gershnik: "Re: Getting a list of logged on users and hosts"
- Next in thread: Tom Stewart: "Re: GlobalAddAtom Bug Solved (I guess it's a "feature")"
- Reply: Tom Stewart: "Re: GlobalAddAtom Bug Solved (I guess it's a "feature")"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 29 Mar 2004 01:22:51 -0500
Hi Everyone,
I'm reposting an issue I had with GlobalAddAtom not functionning due to what
I believed to be a Kernel Bug.
To recapitulate, the following "code" returns 0 in AX:
400100: "hello"
entrypoint: push 400100
call GlobalAddAtom
<AX is now 0...>
ret
However, the following code:
400100: "hello"
entrypoint: push 400100
call GlobalAddAtomA
<AX is now a valid AtomID>
push 0
push 0
push 0
push 0
call MessageBoxA
ret
Works perfect, because the ATOM is created and the ID in the 16-bits of
AX...
After eliminating any possibilites of bugs in my code (I even tried creating
the string in the stack instead of using an offset in the exe), I loaded up
the kernel debugger and walked through the code.
First of all, the NTSTATUS error is "ACCESS DENIED"...but this is actually
caused by a "STATUS_NOT_FOUND" caused by ReferenceWindowStation in
WIN32K.SYS. At this point, EPROCESS of my process is in EAX, and a call to
PsGetProcessWin32Process is made, which reads the proper offset to
W32PROCESS from the EPROCESS Structure. Then, a call is made to
PsGetThreadWin32Thread, which reads the Win32Thread offset from the ETHREAD
structure. This is 0 in the first exe, and everything else fails after that.
In the second case, it's a valid WIN32THREAD structure...
Now my wild guess here was that MessageBoxA loads user32.dll, which is
somehow necessary to create a WIN32THREAD structure that the Win32 GUI
Subsystem can recognize. Lo and behold, LoadLibrary user32.dll added in
front of the call fixes everything.
I'm mainly posting this for two reasons...
1) To provide an answer to my question, if anyone else ever happened to have
read it earlier.
2) To ask for some clarification on the issue. I guess the official response
would be "it's a feature, not a bug" and I can understand that...but I
haven't found any place in the SDK that says this function needs user32.dll
to be intialized, so what gives?
Best regards,
Alex Ionescu
Relsoft Technologies
- Next message: Eugene Gershnik: "Re: Named Pipes in Visual Basic .NET"
- Previous message: Eugene Gershnik: "Re: Getting a list of logged on users and hosts"
- Next in thread: Tom Stewart: "Re: GlobalAddAtom Bug Solved (I guess it's a "feature")"
- Reply: Tom Stewart: "Re: GlobalAddAtom Bug Solved (I guess it's a "feature")"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
