Conversion from C++ to Delphi

randydom · Hält's aus hier Beiträge: 8

Could someone helps me in porting this C++ function into Delphi?

sys is a class named TSystem.

SharedMem is a class named TVirtualMemory

markieren

C#-Quelltext

1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:

int Process::FixApi(dword FileHandler,image_import_descriptor* Imports,dword dllbase){
    image_import_by_name** names;                
    dword* pointers;                                                          
    if (Imports->original_first_thunk!=0){
       names=(image_import_by_name**)Imports->original_first_thunk;                                               
    }else{
          names=(image_import_by_name**)Imports->first_thunk;
    };
    names=(image_import_by_name**)((dword)names+FileHandler);
    pointers=(dword*)(Imports->first_thunk + FileHandler);
    if (Imports->first_thunk==0)return 0;                                          
    for (int i=0;i<200;i++){
        if (names[i]==0)break;
        if(!((dword)(names[i]->name+FileHandler) & 0x80000000)){
            dword s=(dword)names[i]->name;
            dword ptr=sys->GetAPI((char*)(s+FileHandler),dllbase);
            dword n=this->SharedMem->get_virtual_pointer(ptr);
            if (n!=0){
               ptr=n;
            }
            memcpy(&pointers[i],&ptr,4);
        }
    };
};

Delphi-Laie · Verfasst: Sa 07.01.12 16:14

Wie wäre es denn auf Deutsch? Schließlich ist das hier ein deutschsprachiges Forum!

jaenicke · Verfasst: Sa 07.01.12 18:29

Delphi-Laie hat folgendes geschrieben :

Wie wäre es denn auf Deutsch? Schließlich ist das hier ein deutschsprachiges Forum!

Not everybody in the world does speak German, so I don't see the problem if someone asks in English. Nearly every developer will understand it. :nixweiss:

randydom hat folgendes geschrieben :

Could someone helps me in porting this C++ function into Delphi?

It would be helpful to know what you need the code for. Do you need a 1:1 translation or do you need a code that does the job?

Without the context I don't see what the code is supposed to do exactly.

randydom · Hält's aus hier Beiträge: 8

sorry Delphi-Laie because i don't speak German ( sorry again ).

thank you jaenicke .

i did this attempt :

markieren

Delphi-Quelltext

1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:

function FixApi(FileHandler: dword;
  Imports: Pimage_import_descriptor; dllbase: dword): Integer;
var
names:^image_import_by_name;
pointers:Pdword;
i:integer;
s,ptr,n:dword;
begin
if Imports^.original_first_thunk<>0 then
names:=Pointer(Imports^.original_first_thunk)
else
names:=Pointer(Imports^.first_thunk);

names:=Pointer(dword(names)+FileHandler);
pointers:=Pdword(Imports^.first_thunk+FileHandler);
if (Imports^.first_thunk=0)then result:=0;

for i:=0 to 200 do
begin
{
// i didn't get it 
if (names[i]==0)break;
if(!((dword)(names[i]->name+FileHandler) & 0x80000000)){
dword s=(dword)names[i]->name;
}
ptr:=sys.GetAPI(PChar(s+FileHandler),dllbase);
n:=SharedMem.get_virtual_pointer(ptr);
if n<>0 then
ptr:=n;

CopyMemory(@pointers[i],@ptr,4);

end;
end;

Zitat:

Without the context I don't see what the code is supposed to do exactly

The code is stripped from a machine emulator.

many thanks

Delphi-Laie · Verfasst: Sa 07.01.12 18:42

Dann sollte man aber wenigstens sich kurz dazu äußern, warum man zu der Gastfreundlichkeit, sich in der Sprache des Gastgebers äußern zu können, nicht imstande ist. Soviel Anstand sollte schon sein.

Übrigens, Ankunftsgruß, Bitte und Danke gibt es auch im Englischen, was ich oben auch vermisse.

Ich verstehe Englisch durchaus, werde aber einen Teufel tun, mich auch noch innerhalb meines Sprachraumes in eine Fremdsprache verbiegen zu lassen.

jaenicke · Verfasst: Sa 07.01.12 19:08

randydom hat folgendes geschrieben :

markieren

Delphi-Quelltext

1:
2:
3:
4:
5:
6:
7:
8:

for i:=0 to 200 do
begin
{
// i didn't get it 
if (names[i]==0)break;
if(!((dword)(names[i]->name+FileHandler) & 0x80000000)){
dword s=(dword)names[i]->name;
}

Well, in Delphi you don't have the possibility to use the pointer "names" as an array implicitly. The easiest way is just to increase the pointer after each loop. This way you just jump to the next entry and that's all you need.

If you do so you can just use names^ instead of names[i]. Then we have this expression: names[i]->name+FileHandler
What is done in C++ is: take the first character of name as ordinal value ans add it to FileHandler. So in Delphi (dependend on your definition of image_import_by_name use the first index for the name array, 0 or 1):

markieren

Delphi-Quelltext

1:	Ord(names^.name[1]) + FileHandler

The bitwise and operator & in C++ is in Delphi just and. You can compare the result against 0 as you want to know whether the expression is false in C++ and false is 0.

This should be all I think. ;-)

Christian S. · Beiträge: 20451 Erhaltene Danke: 2264 Win 10 C# (VS 2019)

Delphi-Laie hat folgendes geschrieben :

Ich verstehe Englisch durchaus, werde aber einen Teufel tun, mich auch noch innerhalb meines Sprachraumes in eine Fremdsprache verbiegen zu lassen.

Es zwingt Dich niemand, auf Englisch zu schreiben.

In diesem Forum sind englischsprachige User ausdrücklich willkommen. Wenn Du mit solchen Postings nicht klar kommst, ignoriere sie bitte einfach. Eine Diskussion darüber ist in diesem Thread fehl am Platze, ich bitte daher drum, beim Thema zu bleiben.

@randydom: Feel free to continue posting in english. That's absolutely no problem for us!

_________________
Zwei Worte werden Dir im Leben viele Türen öffnen - "ziehen" und "drücken".

randydom · Hält's aus hier Beiträge: 8

thank you jaenicke ;

and this how can i read it , because normally its result is a boolean value .

markieren

C#-Quelltext

1:
2:
3:

if(!((dword)(names[i]->name+FileHandler) & 0x80000000)){
dword s=(dword)names[i]->name;
}

@Christian S : thank you .

@Delphi-Laie : again i'm really sorry .

jaenicke · Verfasst: Sa 07.01.12 20:03

randydom hat folgendes geschrieben :

and this how can i read it , because normally its result is a boolean value .

markieren

C#-Quelltext

1:
2:
3:

if(!((dword)(names[i]->name+FileHandler) & 0x80000000)){
dword s=(dword)names[i]->name;
}

As I said / meant :mrgreen:

markieren

Delphi-Quelltext

1:
2:

if (Ord(names^.name[0]) + FileHandler) and $80000000 = 0 then
  s := Ord(names^.name[0]);

// EDIT:
And again: Use 0 or 1 as index according to your definition of name.

Martok · Verfasst: Sa 07.01.12 20:16

jaenicke hat folgendes geschrieben :

As I said / meant :mrgreen:

markieren

Delphi-Quelltext

1:
2:

if (Ord(names^.name[0]) + FileHandler) and $80000000 = 0 then
  s := Ord(names^.name[0]);

Are you sure this (using Ord) would actually compile? Coincidentally, I tried the exact same thing yesterday and it did not: I had to use a cast to an actual type (in this case DWORD or Cardinal {which are the same}) for it to work.

_________________
"The phoenix's price isn't inevitable. It's not part of some deep balance built into the universe. It's just the parts of the game where you haven't figured out yet how to cheat."

jaenicke · Verfasst: Sa 07.01.12 20:27

Yes, I am absolutely sure. ;-)

mandras · Verfasst: So 08.01.12 11:44

markieren

Delphi-Quelltext

1:	if(!((dword)(names[i]->name+FileHandler) & 0x80000000))

does the following:
take entry [i] of names, then there look in "field" name at the 4 bytes at position <filehandler>,
use them as DWORD (32Bit-integer) and test if highest bit is set.

randydom · Hält's aus hier Beiträge: 8

many thanks for you all , but i still need some little help with this :

markieren

C#-Quelltext

1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:

dword LoadAndVerifyPE(string filename) {
    long unsigned int size    = 0;
    FileMapping     * rawdata = OpenFile(filename.c_str());
    if (rawdata == 0) {
        return 0;
    }
    image_header         * FileHeader;
    dword                  FileHandler, PEHeaderPtr;
    image_section_header * ImgSecH;
    dword                  imagebase;
    FileHandler = rawdata->BaseAddress;
    if (!(*((short *) FileHandler) == 0x5a4d)) {
        return 0;
    }
    PEHeaderPtr = ((dos_header *) FileHandler)->e_lfanew + FileHandler;
    if (!(*((short *) PEHeaderPtr) == 0x4550)) {
        return 0;
    }
    FileHeader= (image_header *) PEHeaderPtr;

i did this in Delphi :

markieren

Delphi-Quelltext

1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:

function LoadAndVerifyPE(filename: string):Integer;
var
rawdata: pFileMapping;
FileHeader: pimage_header;
FileHandler: dword;
data: pimage_section_header;
imagebase: dword;
sections: pimage_section_header;
aligned_ptr: dword;
src: dword;
dest: dword;
BaseAddress_:Pointer;
PEHeaderPtr:dword;
begin
  size:=0;
  Result:=0;
//***************************************** from here 
rawdata:=OpenFile_(PChar(filename));//--> OpenFile_() function is successfully declared and used 
if (rawdata=nil)Then
       Result:= 0;
FileHandler:= rawdata.BaseAddress^;
//***************************************** to here all goes well

// but from here ...??????
if (FileHandler<>$5a4d) then result:=0;
PEHeaderPtr:=pDos_header(FileHandler)^.e_lfanew+FileHandler;
if PEHeaderPtr<>$4550 then result:=0;
FileHeader:=pimage_header(PEHeaderPtr);

What about this :

markieren

Delphi-Quelltext

1:
2:
3:
4:

if (FileHandler<>$5a4d) then result:=0;
PEHeaderPtr:=pDos_header(FileHandler)^.e_lfanew+FileHandler;
if PEHeaderPtr<>$4550 then result:=0;
FileHeader:=pimage_header(PEHeaderPtr);

jaenicke · Verfasst: Di 10.01.12 15:03

You have to call Exit in addition to setting result to zero, 'cause in Delphi you do not exit the function when assigning the result.

In newer versions of Delphi you can just write Exit(0); instead of result := 0;. Before about Delphi 2009 you have to assign 0 to result and call Exit afterwards.

randydom · Hält's aus hier Beiträge: 8

jaenicke hat folgendes geschrieben :

You have to call Exit in addition to setting result to zero, 'cause in Delphi you do not exit the function when assigning the result.

In newer versions of Delphi you can just write Exit(0); instead of result := 0;. Before about Delphi 2009 you have to assign 0 to result and call Exit afterwards.

@ jaenicke thank you for this valuable information .

just a help about this :

markieren

C#-Quelltext

1:
2:
3:
4:
5:
6:
7:
8:

if (!(*((short *) FileHandler) == 0x5a4d)) {
        return 0;
    }
    PEHeaderPtr = ((dos_header *) FileHandler)->e_lfanew + FileHandler;
    if (!(*((short *) PEHeaderPtr) == 0x4550)) {
        return 0;
    }
    FileHeader= (image_header *) PEHeaderPtr;

jaenicke · Verfasst: Di 10.01.12 15:37

randydom hat folgendes geschrieben :

just a help about this :

Your code looked quite good. I thought you just had to correct the translation of return. :?:

If it does not work, what does happen?

randydom · Hält's aus hier Beiträge: 8

Ok jaenicke look at this

markieren

Delphi-Quelltext

1:
2:
3:
4:

if (FileHandler<>$5a4d) then result:=0;
PEHeaderPtr:=pDos_header(FileHandler)^.e_lfanew+FileHandler;
if PEHeaderPtr<>$4550 then result:=0;
FileHeader:=pimage_header(PEHeaderPtr);

i get an exception near :

markieren

Delphi-Quelltext

1:	PEHeaderPtr:=pDos_header(FileHandler)^.e_lfanew+FileHandler;

i think the problem is when assigning FileHandler(FileHandler=dword) to pDos_header and the result is PEHeaderPtr(PEHeaderPtr=dword).

Or if possible can you re-convert this code :

markieren

C#-Quelltext

1:
2:
3:
4:
5:

PEHeaderPtr = ((dos_header *) FileHandler)->e_lfanew + FileHandler;
    if (!(*((short *) PEHeaderPtr) == 0x4550)) {
        return 0;
    }
    FileHeader= (image_header *) PEHeaderPtr;

	Mitgliederliste
	Gruppen
	Das Team
	Richtlinien
	Synonyme