尝试链接 C++ 和程序集 (GCC x86) 时未定义的引用
[英]Undefined reference when trying to link C++ and Assembly (GCC x86)
问题描述
So I'm trying to make NTDLL Syscalls using Assembly and linking in my C++ project but every time I compile I get a:(.text+0xf2b): undefined reference to `NtClose@4'
所以我正在尝试使用汇编和链接在我的 C++ 项目中进行 NTDLL Syscall,但每次编译时我都会得到一个:(.text+0xf2b): undefined reference to `NtClose@4'
(Using NtClose as an example, every function I try to call from assembly on C++ I get this) (以 NtClose 为例,每个 function 我尝试从 C++ 上的程序集调用我得到这个)
Syscalls.S:系统调用.S:
.text
.global NtClose
NtClose:
movl $0x3000F, %eax
movl $0x4B307170, %edx
call *%edx
ret $4
Typedef (Syscalls.h):类型定义(Syscalls.h):
EXTERN_C NTSTATUS NTAPI NtClose(IN HANDLE ObjectHandle);
Calling like this (Injection.cpp):像这样调用(Injection.cpp):
NtClose(Thread);
Compiling with:编译:
CC=gcc
CXX=g++
$(ASM_OBJ_FILES): $(OBJ_DIR)/%.o: %.S
$(CC) -c $< -o $@
$(CPP_OBJ_FILES): $(OBJ_DIR)/%.o: %.cpp
$(CXX) $(CXXFLAGS) -c $< -o $@
And linking like this:并像这样链接:
$(OUT): $(OBJ_FILES)
$(CXX) $^ -o $@ $(LNKFLAGS)
Yes I am including Syscalls.h是的,我包括 Syscalls.h
1 个解决方案
解决方案1
0 2022-01-11 11:12:13
NTAPI (in fact all stdcall ) functions are decorated with @N where N stands for number of arguments. NTAPI (实际上所有的stdcall )函数都用@N装饰,其中 N 代表 arguments 的数量。 So you'll need to modify name of function accordingly.因此,您需要相应地修改 function 的名称。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.