Win9x: Changing PM Calls Returns (sorry)

OSR_Community_User · July 2, 2002, 5:13am

Hello everyone,

I’m sorry to post a Win9x problem here but I’m unable to find an
adequate solution to my current problem.

I need to trap Int21h from within Win9x. The first few steps were easy
enough.
Setting up a PM callback routine via Get/Set_PM_Callback etc.

Now, inside my PreCallback routine, I have:
{
Simulate_Iret();
Call_When_VM_Returns(PostPMInt21Callback, 0, 0, &thunkPMCallback);
Build_Int_Stack_Frame(Vec21Seg, Vec21Off);
Begin_Nest_Exec();
ResumeExecMustComplete();
End_Nest_Exec();
}

Now the problem is that how do I manipulate changes.
eg. During an issue of Win32 API GetFileSize(),
(which calls Int21h 4202h) VM returns says, a file
size of 500 bytes. But I want to change the value to
200 bytes instead aka. Win32 GetFileSize() API calls
returns 200 bytes and not 500 bytes.

How do I go about accomplishing this task? I’ve tried
altering the appropriate register values DX:AX inside my
PostPMInt21Callback but it didn’t work.

Any suggestions will be very much appreciated.

PS: I apologise for the off topic thread.

Thanks
-Tan Chee Hui
Snr Engr.
Laboratories for Information and Technology
Tel: 65-6874-8999

OSR_Community_User · July 2, 2002, 5:57am

Probably, you should alter DX:AX in the client reg structure
(Client_Reg_Struc), on entry into the PM callback EBP register points to
this structure.

----- Original Message -----
From: “cheehui”
To: “NT Developers Interest List”
Sent: Tuesday, July 02, 2002 1:18 PM
Subject: [ntdev] Win9x: Changing PM Calls Returns (sorry)

> Hello everyone,
>
> I’m sorry to post a Win9x problem here but I’m unable to find an
> adequate solution to my current problem.
>
> I need to trap Int21h from within Win9x. The first few steps were easy
> enough.
> Setting up a PM callback routine via Get/Set_PM_Callback etc.
>
> Now, inside my PreCallback routine, I have:
> {
> Simulate_Iret();
> Call_When_VM_Returns(PostPMInt21Callback, 0, 0, &thunkPMCallback);
> Build_Int_Stack_Frame(Vec21Seg, Vec21Off);
> Begin_Nest_Exec();
> ResumeExecMustComplete();
> End_Nest_Exec();
> }
>
> Now the problem is that how do I manipulate changes.
> eg. During an issue of Win32 API GetFileSize(),
> (which calls Int21h 4202h) VM returns says, a file
> size of 500 bytes. But I want to change the value to
> 200 bytes instead aka. Win32 GetFileSize() API calls
> returns 200 bytes and not 500 bytes.
>
> How do I go about accomplishing this task? I’ve tried
> altering the appropriate register values DX:AX inside my
> PostPMInt21Callback but it didn’t work.
>
> Any suggestions will be very much appreciated.
>
> PS: I apologise for the off topic thread.
>
> Thanks
> -Tan Chee Hui
> Snr Engr.
> Laboratories for Information and Technology
> Tel: 65-6874-8999
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@nival.com
> To unsubscribe send a blank email to %%email.unsub%%
>

OSR_Community_User · July 2, 2002, 6:18am

Hello Konstantin,

Thanks for the prompt reply. I did alter the PCLIENT_STRUCT
values (all references to registers AX and DX) inside my
PostPMInt21Callback routine and assigned them the “altered”
values but to no avail. My Win32 calling app still got the
“unaltered” values. *sigh*.

I’m feeling I’m missing something important but for the life of me
I can’t figure out what it is.

Best Wishes
-Tan Chee Hui
Snr Engr.
Laboratories for Information and Technology
Tel: 65-6874-8999

----- Original Message -----
From: “Konstantin Manurin”
To: “NT Developers Interest List”
Sent: Tuesday, July 02, 2002 5:50 PM
Subject: [ntdev] Re: Win9x: Changing PM Calls Returns (sorry)

> Probably, you should alter DX:AX in the client reg structure
> (Client_Reg_Struc), on entry into the PM callback EBP register points to
> this structure.
>
> ----- Original Message -----
> From: “cheehui”
> To: “NT Developers Interest List”
> Sent: Tuesday, July 02, 2002 1:18 PM
> Subject: [ntdev] Win9x: Changing PM Calls Returns (sorry)
>
>
> > Hello everyone,
> >
> > I’m sorry to post a Win9x problem here but I’m unable to find an
> > adequate solution to my current problem.
> >
> > I need to trap Int21h from within Win9x. The first few steps were easy
> > enough.
> > Setting up a PM callback routine via Get/Set_PM_Callback etc.
> >
> > Now, inside my PreCallback routine, I have:
> > {
> > Simulate_Iret();
> > Call_When_VM_Returns(PostPMInt21Callback, 0, 0, &thunkPMCallback);
> > Build_Int_Stack_Frame(Vec21Seg, Vec21Off);
> > Begin_Nest_Exec();
> > ResumeExecMustComplete();
> > End_Nest_Exec();
> > }
> >
> > Now the problem is that how do I manipulate changes.
> > eg. During an issue of Win32 API GetFileSize(),
> > (which calls Int21h 4202h) VM returns says, a file
> > size of 500 bytes. But I want to change the value to
> > 200 bytes instead aka. Win32 GetFileSize() API calls
> > returns 200 bytes and not 500 bytes.
> >
> > How do I go about accomplishing this task? I’ve tried
> > altering the appropriate register values DX:AX inside my
> > PostPMInt21Callback but it didn’t work.
> >
> > Any suggestions will be very much appreciated.
> >
> > PS: I apologise for the off topic thread.
> >
> > Thanks
> > -Tan Chee Hui
> > Snr Engr.
> > Laboratories for Information and Technology
> > Tel: 65-6874-8999

OSR_Community_User · July 2, 2002, 11:58am

one alternate solution to your problem is to install pre/post hooks
statically into the int chain… in other words, have one driver that
initializes before IFSMgr install hook “Post” and another that initializes
after IFSMgr install hook “Pre”… then the Int chain will go Pre, IFSMgr,
Post… in a handler set up in this fashion you can directly modify the
CLIENT_STRUCT and the changes will be reflected back to your application…
you can also avoid all of the nested execution api overhead… also, if your
only reason for having the “pre” hook is to set up the “post” callback, then
with this implementation you could avoid the “pre” altogether and only
install a “post”… if you go this route keep in mind that the
IFSMgr_Init_Order constant is wrong in the DDK… the correct value
(obtained by looking into the ifsmgr.vxd binary or in softice) is 0xA0011000
(vs. 0xA0010000 in the DDK)…

we should probably take this off-list since its not NT-related, so email me
privately if you have any more questions.

Thanks,
Jeff Bromberger
Induction Industries, Inc.
www.inductionindustries.com

----- Original Message -----
From: “cheehui”
To: “NT Developers Interest List”
Sent: Tuesday, July 02, 2002 4:18 AM
Subject: [ntdev] Win9x: Changing PM Calls Returns (sorry)

> Hello everyone,
>
> I’m sorry to post a Win9x problem here but I’m unable to find an
> adequate solution to my current problem.
>
> I need to trap Int21h from within Win9x. The first few steps were easy
> enough.
> Setting up a PM callback routine via Get/Set_PM_Callback etc.
>
> Now, inside my PreCallback routine, I have:
> {
> Simulate_Iret();
> Call_When_VM_Returns(PostPMInt21Callback, 0, 0, &thunkPMCallback);
> Build_Int_Stack_Frame(Vec21Seg, Vec21Off);
> Begin_Nest_Exec();
> ResumeExecMustComplete();
> End_Nest_Exec();
> }
>
> Now the problem is that how do I manipulate changes.
> eg. During an issue of Win32 API GetFileSize(),
> (which calls Int21h 4202h) VM returns says, a file
> size of 500 bytes. But I want to change the value to
> 200 bytes instead aka. Win32 GetFileSize() API calls
> returns 200 bytes and not 500 bytes.
>
> How do I go about accomplishing this task? I’ve tried
> altering the appropriate register values DX:AX inside my
> PostPMInt21Callback but it didn’t work.
>
> Any suggestions will be very much appreciated.
>
> PS: I apologise for the off topic thread.
>
> Thanks
> -Tan Chee Hui
> Snr Engr.
> Laboratories for Information and Technology
> Tel: 65-6874-8999
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@inductionindustries.com
> To unsubscribe send a blank email to %%email.unsub%%
>