stackoom
  简体   繁体   中英

C++ SysCall asm unresolved externals

 原文  2017-01-23 19:58:53       c++/ assembly/ memory/ ntdll

Question

I am trying to call NtReadVirtualMemory via a syscall in asm. I am doing this for a few different reasons but it is not to important. So I define the function like so in my main header file:

extern "C" NTSTATUS SysWPM(HANDLE ProcessHandle, PVOID BaseAddress,
PVOID Buffer, ULONG NumberOfBytesToWrite, PULONG NumberOfBytesWritten);

The parameters I believe are correct

I then created an ASM file in the project. I only know enough about it to try and complete this task because it's a very small part of it. Supposedly you do not need to include this asm file anywhere so I left that. Here it is:

.code

SysWPM proc

    mov r10, rcx
    mov eac, 37h
    syscall
    ret

SysWPM endp

end

Now however when I compile, I get the unresolved external error. I believe this is because I need to define it within this ASM file but I am not sure how to go about doing it. What am I doing wrong/what should I do.

Thought it may be useful to mention I am on Windows 7 and the actual syscall index is 37 as shown in this table:

table

Here is the exact error for those asking:

1>Main.obj : error LNK2019: unresolved external symbol _SysWPM referenced in function _main
1>c:\users\Reece\documents\visual studio 2015\Projects\cs-ext\Debug\cs-ext.exe : fatal error LNK1120: 1 unresolved externals

Still getting the error with the commented solution:

_SysWPM@20 proc

    mov r10, rcx
    mov eax, 37h ;
    syscall
    ret

_SysWPM@20 endp

extern "C" NTSTATUS NTAPI SysWPM(HANDLE ProcessHandle, PVOID BaseAddress,
PVOID Buffer, ULONG NumberOfBytesToWrite, PULONG NumberOfBytesWritten);

1 answers

solution1
 2  2017-01-23 20:13:07

you need declare function in c/c++ as

extern "C" NTSTATUS NTAPI SysWPM(HANDLE ProcessHandle, PVOID BaseAddress,
PVOID Buffer, ULONG NumberOfBytesToWrite, PULONG NumberOfBytesWritten);

this is __stdcall function

and in asm for x86 ( ml /c /Cp code32.asm -> code32.obj )

.686p

.MODEL flat

_TEXT segment

_SysWPM@20 proc
...
ret 20
_SysWPM@20 endp
_TEXT ends
end

for asm x64 ( ml64 /c /Cp code64.asm -> code64.obj )

_TEXT segment 
SysWPM proc

    ...
   ret
SysWPM endp


_TEXT ENDS

END

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question unresolved externals in C++ “1 unresolved externals” C++ C++ unresolved externals XDispatch C++ Unresolved Externals C++ Templating Unresolved Externals Interpreting unresolved externals C++ unresolved externals in C++ DLLs Unresolved externals of creating a static instance in C++ C++ linker errors, unresolved externals C++: Unresolved Externals in MP3 assignment
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM