20 December 2012

header file and library(dll) yg perlu utk compile C

Masih keliru berkenaan header file dan library(samada dll atau libfoo.a) yang perlu ketika nak compile aturcara c

Di bawah adalah diskusi yg disedut dari http://mingw-users.1079350.n2.nabble.com/Win-API-documentation-td7302962.html.

-------- mail n -------------------------------------------------------
> For instance, the SafeArrayCreate function described at:
>
> http://msdn.microsoft.com/en-us/library/windows/desktop/ms221234%28v=vs.85%29.aspx
>
> Is that part of the core windows API?

Yes. If you read the document at that URI, it tells you which headers
to #include, which libraries with which to link, and which DLLs are
required at run time. So...

1) Check that MinGW provides the required header(s), (in c:\mingw\include
for a standard installation).

2) Check that the symbols you need to reference are defined, and that
functions you wish to call are declared, in the appropriate MinGW header;
(some are incomplete, due to inadequate documentation from Microsoft).

3) Check that MinGW provides the requisite libraries; (where Microsoft say
to use foo.lib, you look for libfoo.a or libfoo.dll.a, in c:\mingw\lib).

4) Check that the *system* provides the requisite DLLs; (most often, you
will find them in c:\windows\system32).

If all four checks pass, you should be able to use that API, without recourse
to any other resource.


----- mail n+1 -------------------------------------------------------------
> 3) Check that MinGW provides the requisite libraries; (where Microsoft say
> to use foo.lib, you look for libfoo.a or libfoo.dll.a, in c:\mingw\lib).

As an aside, isn't it true that current versions of the GNU linker can
link directly against the DLL, even if the import library libfoo.dll.a
is not available?


------mail n + 2 ---------------------------------------------------------------------
It is. You need to add the directory with .dll files to the linker path.

19 December 2012

Tracing

Tracing dalam ImmunityDebugger/Ollydbg
- boleh rewind semula context(register)
- tapi value dalam stack tak di simpan(stack view(stack border) akan berubah, tapi data dalam stack([esp]) tak ditunjukkan perubahan)

guna key:   -  dan +


Special Tracing
Untuk Start Tracing:
     Menu: Right-click ->  Run Trace -> Add Selection

Untuk Display Tracing:
     Menu: View -> Run Trace




entry point MingW vs VS2008

MingW
Kompiler MingW akan tulis 2 fungsi utk entrypoint, walaupun hanya guna satu utk setiap aplikasi.
Jika jenis console, entrypoint adalah pada fungsi  mainCRTStartup.
Jika ada gui(ada windows), entrypoint-nya adalah fungsi _WinMainCRTStartup.

Kedua-dua fungsi tersebut ada pada setiap exe, cuma maklumat pada PE header akan tentukan mana satu yang akan digunakan.



Graf di atas dihasilkan guna IDA (Menu View-> Graphs -> Xref to).
_main adalah fungsi main yang ditulis oleh coder. Sebelum itu terdapat fungsi ___mingw_CRTStartup yang menjadi perantara antara fungsi entrypoint dan _main.


Visual Studio 2008
Project template guna  "Win32 Console Application"

Dari IDA, dapat diketahui, function __tmainCRTStartup() akan panggil _main()(main function yg ditulis oleh coder). Walaubagaimanapun, entrypoint sebenar bukan __tmainCRTStartup(), tetapi adalah wmainCRTStartup().
Features graph pada IDA tak tunjuk wmainCRTStartup() mungkin disebabkan arahan jmp(bukan call) yg digunakan utk masuk __tmainCRTStartup() spt yg ditunjukkan pada address 0x4012C7 pada gambar berikut.

18 December 2012

nota peringatan berkenaan SDK



This might sound weird to you, but you didn't need to download any separate Windows SDK to develop for Windows, because Visual Studio, and MingW/GCC, and others, already commonly include all that most people would need. (Some people would say, that Visual Studio and other tools, ship with their own version of the SDK, but I think that's merely confusing the issue further.)

You need Visual Studio first. And maybe, some day later, you might want to add the Windows SDK add on to it, but it is not intended to be used by itself, or in combination with GCC. Basically, some of the SDK content duplicates stuff that is already included in Visual C++ and Visual Studio and some of it is additional tools like WinDbg.

Let me explain. The Windows SDK is indeed, useful for doing certain things in Windows that beginners are unlikely to need to do. For example, if you need to integrate with some specialized APIs, the Windows SDK contains a lot of documentation, examples, and a more complete set of header files that weren't included in Visual Studio because they're less frequently used APIs. The core API headers and documentation for Windows are already in Visual Studio, so technically, Visual Studio already contains the core SDK, and the so called SDK is an "auxiliary SDK", or a "low level SDK for purists, advanced users, and certain kinds of systems or native-level programming", but not needed, for most typical end-user applications development.

But if you want to learn Win32 native programming using C or C++, or you just want to write native Windows applications you PROBABLY don't need anything that comes in the SDK, and even then you need Visual Studio first, and the SDK second. Let me explain:


Many tools that let you write pure native Windows applications, provide higher level APIs, including Visual Studio, which gives you MFC or ATL. None of those tools need the SDK to work. The SDK, so called, is more of a "extra crap that we don't ship with visual studio because hardly anybody needs it", which Microsoft abbreviated to SDK. I know. Weird.


You don't need the SDK at all if you intend to use GCC. If you want to write an application for Windows in bare C or bare C++, you can just install mingw if you insist on using gcc and working from the command line.


The normal way to write native applications is to use the free Microsoft Visual C++ Express edition, and you can use it to write either C or C++ apps, and it includes the header files and libraries you need to write almost any native windows application feature you need, without any need for the SDK. Visual Studio is a nice modern IDE, and lots of convenient cool features like code completion and so on. The SDK you downloaded doesn't contain any of that.


Anything you do need to know about the raw Win32 APIs you can learn using the Web format of the MSDN documentation, or the help in Visual Studio. The basic Windows APIs like WinCreateWindow, are documented already in the Visual Studio help and MSDN help, and you don't need the SDK docs for most of the core windows APIs.

If you're just getting started, can I suggest you should just go get the free (but not open source) Visual Studio 2010 Express. That's the recommended way to get started, not the SDK.

I'm quite sure that the Windows 7 SDK that you downloaded is not intended for use with GCC anyways, and if you need a version of windows header files that work with a Gnu C/C++ compiler, any basic Win32 APIs like GDI and the basic Windowing API stuff is already bundled in mingw version of gcc.

You might also want to know about the DDK, which is like the SDK but which is oriented towards Device Driver and native NT-mode development.