Problem calling a function located in a dll of mine

[warz]

I have created a dll with one function in it as of right now. In my main application, I try to call this function but my application crashes during run-time. Here's the code to my dll:

Code Select Expand


#include <windows.h>
#include <stdlib.h>

void __stdcall PrintText(char *text);

BOOL WINAPI DllMain(HINSTANCE hInstance, DWORD dwReason, LPVOID lpReserved) {
    switch (dwReason) {
        case DLL_PROCESS_ATTACH:
            break;
        case DLL_PROCESS_DETACH:
            break;
        default:
            break;
    }

return TRUE;
}

void __stdcall PrintText(char *text) {
const DWORD function_address = 0x004E5D80;

__asm {
mov edx, 00 // x value
mov ecx, 00 // y value
push text // our message
mov BYTE PTR DS:[0x6CB51D], 00 // format string
mov WORD PTR DS:[0x6CB544], 00 // Xmin
mov WORD PTR DS:[0x6CB548], 276 // Xmax
mov WORD PTR DS:[0x6CB546], 00 // Ymin
call function_address
}
}


and here is the code to my thread that attempts to call this function from this dll:

Code Select Expand


void CALLBACK dllThread(void) {
printf("BWLoader has entered the injected dll thread...\n");

HINSTANCE dllHandle = LoadLibrary("bwlib.dll");
FARPROC dllFunc_PrintText = GetProcAddress(HMODULE(dllHandle), "PrintText");

typedef void (__stdcall * BWLFUNC)(char *text);
BWLFUNC PrintText = BWLFUNC(dllFunc_PrintText);

while(1) {
PrintText("leeeeeeeeeet");
}

FreeLibrary(dllHandle);
}


It crashes when it enters the while loop - so obviously when it calls the function. Anyone know why?

[raylu]

Wait...why do you have it in the while loop at all? What happens when you take it out so that it doens't loop infinitely?

[warz]

Well, what this is is a function that's supposed to call brood war's print text function. The while loop is there because I have not patched brood war yet so that when the screen refreshes my text stays. The while loop simply prints the text over and over so I can see if my function works - atleast, before I move on the patching it.

[Adron]

Give some more detail on the crash...

[Kp]

I don't see any indication that you're exporting PrintText from the DLL.  If you aren't, then GetProcAddress will fail and return NULL.  Since you're not checking its return code before using it, that would cause a crash.

[warz]

Well, I've changed my methods of doing this. I no longer attempt to communicate with my injected dll from my injecting application. I just injected the dll, then patch memory addresses to call my function.

Anywho, I've run into another problem. I'm trying to pass the address of a function of mine, within the injected dll, to another function in the same dll. The function accepting the address of the other function needs to receive the address of the other function as a dword. Now, I know I can do the following..

Code Select Expand


reinterpret_cast<dword>(&my_function)
[/code[

but, I'm not sure if sizeof(dword) == size of a function pointer. Is there a better method of passing the address of my function as a dword?

[K]

In this case, yes, a pointer is 32bits.  You can then cast it back to the appropriate type of pointer.

Keep in mind you can't pass a pointer to a member function like this.

[MyndFyre]

Isn't there a Windows data type called INT_PTR that is always the size of the hardware pointer?