Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: C++ Win32 ASM
Hello guys,
I have problem with reading or writing files in C++ and MASM32. The problem is when calling the ReadFile or WriteFile the program give an exception saying "Access violation at address 0000".
 
This is the code in MASM32:
 
        LOCAL	Kernel32:DWORD
	LOCAL	CreateFileA:DWORD
	LOCAL	GetFileSize:DWORD
	LOCAL	ReadFile:DWORD
	LOCAL	pBytesRead:DWORD
	LOCAL	BytesToRead:DWORD
	LOCAL	hFile:DWORD
 
	;-----------------------------------------
	;Getting Kernel Imagebase
	;-----------------------------------------
	;kernel32.dll = 2511EF2C
	PUSH	02511EF2Ch
	CALL	find_dll
	
	MOV	Kernel32, EAX
 
	;-----------------------------------------
	;Find required APIs
	;-----------------------------------------
	;CreateFileA = 0CF2006EAh, GetFileSize = 06D61AB47h, ReadFile = 024EF6F37h, WriteFile = 0317EB0D7h
	
	PUSH	0CF2006EAh
	PUSH	Kernel32
	CALL	find_api
 
	MOV	CreateFileA, EAX
 
	PUSH	06D61AB47h
	PUSH	Kernel32
	CALL	find_api
 
	MOV	GetFileSize, EAX
 
	PUSH	024EF6F37h
	PUSH	Kernel32
	CALL	find_api
 
	MOV		ReadFile, EAX
 
	PUSH	NULL                                ; /hTemplateFile = NULL
	PUSH	FILE_ATTRIBUTE_NORMAL               ; |Attributes = FILE_ATTRIBUTE_NORMAL
	PUSH	OPEN_EXISTING                       ; |Mode = OPEN_EXISTING
	PUSH	0                                   ; |pSecurity = NULL
	PUSH	FILE_SHARE_READ + FILE_SHARE_WRITE  ; |ShareMode = FILE_SHARE_READ|FILE_SHARE_WRITE
	PUSH	GENERIC_ALL             ; |Access = GENERIC_ALL
	PUSH	FileName                ; |FileName = "*.exe"
	CALL	CreateFileA		; \CreateFileA
 
	MOV	hFile,EAX
 
	PUSH	0                       ; /pFileSizeHigh = NULL
	PUSH	hFile                   ; |hFile
	CALL	GetFileSize		; \GetFileSize
 
	CMP	EAX, 0h
	JZ	Exit
 
	MOV	BytesToRead, 10h
 
	PUSH	0			; /pOverlapped = NULL
        PUSH	pBytesRead		; |pBytesRead = ?
	PUSH	BytesToRead		; |BytesToRead
	PUSH	OFFSET Buffer		; |Buffer
	PUSH	hFile			; |hFile
	CALL	ReadFile		; \ReadFile
Exit:
 
In C:
 
HANDLE	hFile;
	LPCVOID	Buffer = "Hello";	
	DWORD	BytesWritten = 0;
 
	hFile =	CreateFile("rw.txt",FILE_APPEND_DATA, FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
 
	if(!WriteFile(hFile, Buffer, 5, &BytesWritten, NULL))
		MessageBox(NULL, "Can not write!", "Error", MB_OK);
 
	CloseHandle(hFile);
 
When debug it in Ollydbg it stops right here:
 
757F85EA   8907             MOV DWORD PTR DS:[EDI],EAX
EDI = 00000000
EAX = 00000055
 
And give me the error (described above) because EDI is 000000.
 
Why this error occurred and what is the solution to fix the problem?
Posted 5-May-13 2:36am
Edited 6-May-13 0:35am
v3
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 3

Try to use something like:
    
TCHAR Buffer[256] = "Hello";
    ....
    hFile = CreateFile("rw.txt", GENERIC_WRITE, 0, NULL,CREATE_ALWAYS, 
                       FILE_ATTRIBUTE_NORMAL, NULL);
 
    if (hFile == INVALID_HANDLE_VALUE) {
        printf("ERROR %x \n",GetLastError());
        return 2;
    }
    
 
 
   if(WriteFile(hFile, Buffer, 256, NULL, NULL ))
   {
   }
   else
   {
     printf("ERROR %x \n",GetLastError());
   }
  Permalink  
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

i guess you havent open an file. Did you check the return codes of the API.
 
Try it first in C and "show your code" Wink | ;-)
  Permalink  
Comments
Rasool_Ahmed at 6-May-13 3:16am
   
I forgot to tell you that the writefile succeeded, the file have data after calling writefile but stops on that exception. I tried on C too and the problem is same. here is the code of the C:
HANDLE hFile;
LPCVOID Buffer = "Hello";
DWORD BytesWritten = 0;
 
hFile = CreateFile("rw.txt",FILE_APPEND_DATA, FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
 
if(WriteFile(hFile, Buffer, 5, &BytesWritten, NULL))
MessageBox(NULL, "Can not write!", "Error", MB_OK);
 
CloseHandle(hFile);
Volynsky Alex at 6-May-13 3:47am
   
An access violation at anywhere near adress '00000000' indicates a null pointer access. You're using something before it's ever been created....
Rasool_Ahmed at 6-May-13 3:57am
   
May be the problem in BytesWritten!!! what you think?
KarstenK at 6-May-13 4:05am
   
NO WAY.
 
The problem ist your buggy code ;-)
Rasool_Ahmed at 6-May-13 4:07am
   
OllyDbg shows me that EDI is NULL, why is that??
 
I searched alot in google but nothing found.
KarstenK at 6-May-13 4:13am
   
I read this PUSH FileName ; |FileName = "*.exe"
 
:mad:
 
Before you have written clear code in C it is useless to ask me again.
 
"Have a lot of fun" ;-)
Rasool_Ahmed at 6-May-13 4:20am
   
What you mean??
Please explain to me if you have.
Volynsky Alex at 6-May-13 4:33am
   
Maybe try to do initialization the variable, i.e. :
DWORD BytesWritten = 0;
Volynsky Alex at 6-May-13 5:08am
   
Sorry,
I did not notice that you already did initialization
Rasool_Ahmed at 6-May-13 4:08am
   
This is rare.
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 2

at first i would use a complete path for opening the file and think about all flags.
 
What is the value of BytesWritten?
 
AND CHECK ALL API-RETURN VALUES Mad | :mad:
  Permalink  
Comments
Rasool_Ahmed at 6-May-13 4:17am
   
The function won't return value because it stops before done its work.
KarstenK at 6-May-13 4:29am
   
If this code isnt returning, so the error is in the input values :mad:
 
Is it your first piece of code you are writing?
Rasool_Ahmed at 6-May-13 5:07am
   
your saying is like Volynsky Alex saied. I will try and if I found the solution I will post it here. Thanx KarstenK
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 4

I finally found the problem, the problem was me Smile | :)
The problem is when I call WriteFile or ReadFile the function will write on BytesRead or BytesWritten which means that I must give the effective address of the variable.
In MASM32:
 
        PUSH	0			; /pOverlapped = NULL
        PUSH	pBytesRead		; |pBytesRead = ? //I gave the value of pBytesRead which is NULL
	PUSH	BytesToRead		; |BytesToRead
	PUSH	OFFSET Buffer		; |Buffer
	PUSH	hFile			; |hFile
	CALL	ReadFile		; \ReadFile
The correct code is:
        PUSH	0			; /pOverlapped = NULL
        LEA	EAX, pBytesRead
        PUSH	EAX		        ;|pBytesRead = ?
        PUSH	BytesToRead		; |BytesToRead
	PUSH	OFFSET Buffer		; |Buffer
	PUSH	hFile			; |hFile
	CALL	ReadFile		; \ReadFile
 
In C code:
HANDLE  hFile;
    LPCVOID Buffer = "Hello";
    DWORD   BytesWritten = 0;
 
    hFile = CreateFile("rw.txt",FILE_APPEND_DATA, FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
 
    if(!WriteFile(hFile, Buffer, 5, &BytesWritten, NULL))
        MessageBox(NULL, "Can not write!", "Error", MB_OK);
 
    CloseHandle(hFile)
  Permalink  
v3

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 OriginalGriff 6,569
1 Sergey Alexandrovich Kryukov 6,168
2 DamithSL 5,228
3 Manas Bhardwaj 4,717
4 Maciej Los 4,150


Advertise | Privacy | Mobile
Web03 | 2.8.1411022.1 | Last Updated 7 May 2013
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100