-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathFile_ReadFileToMemoryW.asm
129 lines (112 loc) · 4.05 KB
/
File_ReadFileToMemoryW.asm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
;==============================================================================
;
; UASM64 Library
;
; https://github.com/mrfearless/UASM64-Library
;
;==============================================================================
.686
.MMX
.XMM
.x64
option casemap : none
IF @Platform EQ 1
option win64 : 11
ENDIF
option frame : auto
;CreateFileW PROTO lpFileName:QWORD, dwDesiredAccess:DWORD, dwShareMode:DWORD, lpSecurityAttributes:QWORD, dwCreationDisposition:DWORD, dwFlagsAndAttributes:DWORD, hTemplateFile:QWORD
;GetFileSize PROTO hFile:QWORD, lpFileSizeHigh:QWORD
;GlobalAlloc PROTO uFlags:DWORD, dwBytes:QWORD
;ReadFile PROTO hFile:QWORD, lpBuffer:QWORD, nNumberOfBytesToRead:DWORD, lpNumberOfBytesRead:QWORD, lpOverlapped:QWORD
;CloseHandle PROTO hObject:QWORD
;
;IFNDEF INVALID_HANDLE_VALUE
;INVALID_HANDLE_VALUE EQU -1
;ENDIF
;IFNDEF GENERIC_READ
;GENERIC_READ EQU 80000000h
;ENDIF
;IFNDEF FILE_SHARE_READ
;FILE_SHARE_READ EQU 00000001h
;ENDIF
;IFNDEF OPEN_EXISTING
;OPEN_EXISTING EQU 3
;ENDIF
;IFNDEF GMEM_FIXED
;GMEM_FIXED EQU 0000h
;ENDIF
;IFNDEF GMEM_ZEROINIT
;GMEM_ZEROINIT EQU 0040h
;ENDIF
;includelib kernel32.lib
include UASM64.inc
.CODE
UASM64_ALIGN
;------------------------------------------------------------------------------
; File_ReadFileToMemoryW
;
; Reads a disk file into memory and returns the address and length in two QWORD
; variables. This is the Unicode version of File_ReadFileToMemory,
; File_ReadFileToMemoryA is the Ansi version.
;
; Parameters:
;
; * lpszFilename - The zero terminated file name to open and read into memory.
;
; * lpqwMemory - The address of the QWORD variable that receives the starting
; address of the buffer, for the file contents.
;
; * lpqwMemoryLength - The address of the QWORD variable that receives the
; number of bytes written to the memory buffer.
;
; Returns:
;
; The return value is zero on error, otherwise non-zero.
;
; Notes:
;
; The memory address written to lpqwMemory must be deallocated using the
; GlobalFree function, once the memory buffer is no longer required.
;
; This function as based on the MASM32 Library function: read_disk_fileW
;
; See Also:
;
; File_ReadFileToMemoryA, File_WriteMemoryToFileA, File_WriteMemoryToFileW, File_OpenW, File_Read, File_FileSize, File_Close, Memory_Alloc
;
;------------------------------------------------------------------------------
File_ReadFileToMemoryW PROC FRAME USES RCX lpszFilename:QWORD, lpqwMemory:QWORD, lpqwMemoryLength:QWORD
LOCAL hFile:QWORD
LOCAL fl:QWORD
LOCAL hMem:QWORD
LOCAL bytesRead:QWORD
Invoke File_OpenW, lpszFilename
;Invoke CreateFileW, lpszFilename, GENERIC_READ, FILE_SHARE_READ, 0, OPEN_EXISTING, 0, 0
mov hFile, rax
cmp hFile, -1 ; INVALID_HANDLE_VALUE
jne @F
xor rax, rax ; return zero on error
ret
@@:
;Invoke GetFileSizeEx, hFile, Addr fl
Invoke File_FileSize, hFile
;Invoke GetFileSize, hFile, 0
mov fl, rax ; get the file length,
add fl, 32 ; add some spare bytes
Invoke Memory_Alloc, rax
;Invoke GlobalAlloc, GMEM_FIXED or GMEM_ZEROINIT, rax
mov hMem, rax ; alloc(fl) allocate a buffer of that size
Invoke File_Read, hFile, hMem, fl
;Invoke ReadFile, hFile, hMem, dword ptr fl, Addr bytesRead, 0; read file into buffer
Invoke File_Close, hFile
;Invoke CloseHandle, hFile ; close the handle
mov rax, lpqwMemory ; write memory address to
mov rcx, hMem ; address of variable
mov [rax], rcx ; passed on the stack
mov rax, lpqwMemoryLength ; write byte count to
mov rcx, bytesRead ; address of variable
mov [rax], rcx ; passed on the stack
mov rax, 1 ; non zero value returned on success
ret
File_ReadFileToMemoryW ENDP
END