QT load .dll but not calling resolve returns false



  • Hello,

    I'm trying to call a .dll and then reslove the functions so that i can use them in my application

    I started by type def the function

    typedef void (*SetKey_func)(const char *, const char *, const char *, const char *);
    

    Then I used QT to load the .dll

    Crypt::Crypt(QObject *parent) : QObject(parent)
    {
    }
    
    Crypt::~Crypt()
    {
    
    }
    
    void Crypt::LoadCrypt()
    {
    
            QString file = QCoreApplication::applicationDirPath() + "/RockBase.dll";
    
            library.setFileName(file);
            library.load();
    
            if( !library.isLoaded() )
            {
                //file not loaded
                return;
            }
            else
            {
                // file loaded
             }
    }
    

    After I load the .dll i call the DecSetKey() function to create the key inside the .dll

    void Crypt::DecSetKey()
    {
    
        quint8 decKey1[] = { 0x7D, 0x44, 0x01, 0x00, 0x83, 0xEC, 0x24, 0x83, 0x25, 0xB8, 0x8C, 0x4A, 0x0D, 0x56, 0x8B, 0x75 };
        quint8 decKey2[] = { 0x1C, 0x8D, 0x1C, 0x57, 0x50, 0xCE, 0xE8, 0x6F, 0x85, 0xFE, 0xFF, 0x8B };
        quint8 decKey3[] = { 0x76, 0x0C, 0x50, 0x45, 0x14, 0x83, 0x65, 0xFC, 0x56, 0x50, 0x7D, 0xD1, 0x74, 0x03, 0xB8, 0x43 };
        quint8 decKey4[] = { 0x8B, 0x47, 0xDD, 0x6A, 0xE8, 0x14, 0x83, 0xC4, 0xBC, 0xF3, 0x7F, 0x75 };
    
        SetKey_func s_d_func = (SetKey_func)library.resolve( "?SetKey@CCrypto@RockBase@@QAEXPBD000@Z" );
        if( s_d_func )
        {
            //Successful loading of Decrypt CCrypto::SetKey function
            s_d_func( 0, (const char*)decKey1, 0, 0 );
            s_d_func((const char*)decKey2, 0, 0, 0);
            s_d_func(0, (const char*)decKey3, 0, 0);
            s_d_func((const char*)decKey4, 0, 0, 0);
        }
        else
        {
            //Unable to load Decrypt CCrypto::SetKey function.
        }
    }
    

    So inside my other class i call the function from crypt class...

    void patch::decdata()
    {
            Crypt *cryptinstance = new Crypt(this);
            cryptinstance->DecSetKey();
    }
    

    When I call DecSetKet it returns Unable to load Decrypt CCrypto::SetKey function

    What am i doing wrong?


  • Qt Champions 2016

    Firstly, are you sure such symbol exists to begin with?

    Secondly, this is what you're trying to resolve:

    public: void __thiscall RockBase::CCrypto::SetKey(const char *,const char *,const char*, const char *)
    

    How are you expecting to cast a __thiscall to __cdecl? It's a method, you need an object for it.

    And lastly, why don't you just link your library as regular people do and leave the loader to worry about resolving?



  • There's no lib and no header. If i load it inside the loadcrypt it seems to work fine.

    The function disembled looks like this..

    public: void  thiscall RockBase::CCrypto::SetKey(RockBase this*, const char *,const char *,const char*, const char *);
    

    Can i just do this?

    //header
      extern "C"
      {
       __declspec(dllexport) void __stdcall RockBase::CCrypto::SetKey(const char *,const char *,const char*, const char *)
      }
    
      //cpp
      void __stdcall RockBase::CCrypto::SetKey(const char *,const char *,const char*, const char *)
      {
       // do my code here
      }
    

    should it be

    __declspec(dllexport) void __stdcall SetKey(const char *,const char *,const char*, const char *)
    

    or

    __declspec(dllexport) void __stdcall RockBase::CCrypto::SetKey(const char *,const char *,const char*, const char *)
    

  • Qt Champions 2016

    @Sunfluxgames said in QT load .dll but not calling resolve returns false:

    There's no lib and no header.

    You should obtain them from the vendor of that library.

    Can i just do this?

    Nope.

    should it be.

    Nope. It should be:

    class CCrypto
    {
    // more stuff
    public:
        void SetKey(const char *,const char *,const char*, const char *);
    // more stuff
    };
    

    And you'd cast it as:

    void * resolvedAddress = library.resolve("?symbolNameGoesHere@@@");
    
    void (CCrypto::*SetKey)(const char *,const char *,const char*, const char *);
    SetKey = reinterpret_cast<void (CCrypto::*)(const char *,const char *,const char*, const char *)>(resolvedAddress);
    

    And finally you'd use it (after having a CCrypto object) like this:

    CCrypto * crypto; //< From wherever that object comes
    (crypto->*SetKey)("argument", "argument", "argument", "argument");
    

    My advice: Just obtain a header file and a lib file from the vendor of that library ...



  • The vender/company doesn't exist. (reverse engineering) So getting the lib or header for that is out of the question. I did hack a lib/header together with those functions and faked the .dll call and put the main .dll inside that folder and it seem to work but this was based off a C++ console project not a QT project.

    Dont understand a few things?

    why (crypto->*SetKey) around this? * is a call pointer to method?

    CCrypto * crypto; //< From wherever that object comes // mine comes from Qobject wouldnt you need to create a new on heap


  • Moderators

    @Sunfluxgames said in QT load .dll but not calling resolve returns false:

    it seem to work but this was based off a C++ console project not a QT project

    Qt is a C++ framework, you can use your previous C++ solution if it works.


  • Qt Champions 2016

    @Sunfluxgames said in QT load .dll but not calling resolve returns false:

    So getting the lib or header for that is out of the question. I did hack a lib/header together with those functions and faked the .dll call and put the main .dll inside that folder and it seem to work but this was based off a C++ console project not a QT project.

    Qt is C++ library, as @jsulm said, so there's nothing different to do.

    why (crypto->*SetKey) around this? * is a call pointer to method?

    Yes, ->* is pointer-to-member call. Because the you get a method address (as it's a __thiscall) and you need to bind an object to actually call the function.

    CCrypto * crypto; //< From wherever that object comes // mine comes from Qobject wouldnt you need to create a new on heap

    Heap or stack doesn't matter here. The thing is you need to have an initialized object from the type Crypto, which from your description I don't see how you will obtain. The problem is you need to know how big the object is, so to allocate enough memory, then manually call the constructor (resolved as in the above example) and finally call the destructor (again manually) and free your memory whenever you've finished with the object. It's a tad more complicated than calling a simple C-style function and without a header you have to do a some digging through the library's assembly to determine how large is each class's instance so to know what to put in the fake-header.



  • so the function looks like this inside the .dll

    /*
    visual studio c++ 6.0 (.dll)
    ; Exported entry 119. ?SetKey@CRockCrypto@RockBase@@QAEXPBD000@Z
     
     
    ; Attributes: bp-based frame
     
    ; void __thiscall RockBase::CRockCrypto::SetKey(RockBase::CRockCrypto *this, const char *, const char *, const char *, const char *)
    public ?SetKey@CRockCrypto@RockBase@@QAEXPBD000@Z
    ?SetKey@CRockCrypto@RockBase@@QAEXPBD000@Z proc near
     
     
    */
    

    Since QT can only call C type dll export functions i used win api to do this..

    void Crypt::LoadCrypt()
    {
        QString file = QCoreApplication::applicationDirPath() + "/RockBase.dll";
        LPCWSTR current_locale_file = (const wchar_t*) file.utf16();
     
        hGetProcIDDLL = LoadLibrary(current_locale_file);
        if (!hGetProcIDDLL)
        {
            //Error loading  RockBase.dll
            return;
        }
        else
        {
            //Successful loading of RockBase.dll file.
        }
     
        DecSetKey();
    }
    
        void Crypt::DecSetKey()
        {
            typedef void (__thiscall *SetKey_func)(void* thisPtr, const char *, const char *, const char *, const char *);
         
            quint8 decKey1[] = { 0x7D, 0x44, 0x01, 0x00, 0x83, 0xEC, 0x24, 0x83, 0x25, 0xB8, 0x8C, 0x4A, 0x0D, 0x56, 0x8B, 0x75 };
            quint8 decKey2[] = { 0x1C, 0x8D, 0x1C, 0x57, 0x50, 0xCE, 0xE8, 0x6F, 0x85, 0xFE, 0xFF, 0x8B };
            quint8 decKey3[] = { 0x76, 0x0C, 0x50, 0x45, 0x14, 0x83, 0x65, 0xFC, 0x56, 0x50, 0x7D, 0xD1, 0x74, 0x03, 0xB8, 0x43 };
            quint8 decKey4[] = { 0x8B, 0x47, 0xDD, 0x6A, 0xE8, 0x14, 0x83, 0xC4, 0xBC, 0xF3, 0x7F, 0x75 };
         
            SetKey_func SetKey = (SetKey_func)GetProcAddress(hGetProcIDDLL, "?SetKey@CRockCrypto@RockBase@@QAEXPBD000@Z");
            if (!SetKey)
            {
                //Unable to load CRockCrypto::SetKey function.
                return;
            }
            else
            {
                SetKey( 0, (const char*)decKey1, 0, 0 );
                SetKey((const char*)decKey2, 0, 0, 0);
                SetKey(0, (const char*)decKey3, 0, 0);
                SetKey((const char*)decKey4, 0, 0, 0);;
                //Successful loading of CRockCrypto::SetKey function."));
            }
    

    so my only issue would be getting the class instance ptr. Then allocating enough memory and free it?

    How would i go about doing this..

    A dummy .cpp .h file would look like this..

    // HEADER
    class CLASS_EXPORT RockBase
    {
    public:
    	RockBase();
    	~RockBase();
    
    public:
    	class CLASS_EXPORT CRockCrypto 
    {
    	public:
    		CRockCrypto(void);
    		virtual ~CRockCrypto(void);
    	public:
    		void SetKey(RockBase::CRockCrypto *this, const char *, const char *, const char *, const char *);
    	};
    };
    
    ///CPP
    RockBase::RockBase()
    {
    }
    
    RockBase::~RockBase()
    {
    }
    
    RockBase::CRockCrypto::CRockCrypto(void)
    {
    
    }
    RockBase::CRockCrypto::~CRockCrypto(void)
    {
    
    }
    
    void RockBase::CRockCrypto::SetKey(const char *, const char *, const char *, const char *)
    {
    }
    

    Would be my guess...


  • Moderators

    @Sunfluxgames said in QT load .dll but not calling resolve returns false:

    Since QT can only call C type dll export functions

    You should really use correct wording. The sentence above just doesn't make sense: Qt is not calling anything here. Qt is not a programming language and it is not a compiler. What you are using is C++. What you are doing can be done in a plain C++ program without Qt at all. It has nothing to do with Qt.



  • Yea i'm sorry about my wording. My wording isn't my strong suit.

    QLibrary Class

    The symbol must be exported as a C function from the library. This means that the function must be wrapped in an extern "C" if the library is compiled with a C++ compiler. On Windows you must also explicitly export the function from the DLL using the __declspec(dllexport) compiler directive.
    
    Note: In Symbian resolving with symbol names works only if the loaded library was built as STDDLL. Otherwise, the ordinals must be used.
    

    My library was complied in C++ so this means QLibrary is out of the question. I used win api LoadLibrary and GetProcAddress to grab the address and then create a function to be able to call the arguments of that class dll.

    So as far as i can see I am missing the class instance pointer and creating enough memory to store and free it? This is my first time using a .dll so I am trying as many options as i can think of.

    Normally I would just reverse the .dll and built my own class and functions do to the same as a .dll and not have to use it.

    I have a C++ application (VS) not using QT that it works fine on. But porting it over to QT framework doesn't let it work the same way.


  • Qt Champions 2016

    @Sunfluxgames said in QT load .dll but not calling resolve returns false:

    I have a C++ application (VS) not using QT that it works fine on. But porting it over to QT framework doesn't let it work the same way.

    @jsulm's point is that if you have it working with a console application there's nothing special to do. Qt is a library as any other! I have this creeping suspicion, though, that you don't fully realize what is expected to do to make such a method call, so I'm not completely convinced if this console application is really working, no offence.

    Let me ask you this, how do you get an object of type CRockCrypto in your console application if you don't have a proper header?



  • So I start by creating a DYNAMIC LINK LIBRARY.

    rockbase.h

    #pragma once
    
    #ifdef ROCKBASE_EXPORTS
    	#define CLASS_EXPORT __declspec(dllexport)
    #else
    	#define CLASS_EXPORT
    #endif
    
    
    class CLASS_EXPORT RockBase
    {
    public:
    	RockBase();
    	~RockBase();
    
    public:
    	class CLASS_EXPORT CRockCrypto
     {
    	public:
    		CRockCrypto(void);
    		virtual ~CRockCrypto(void);
    	public:
    		void SetKey(const char *, const char *, const char *, const char *);
    		DWORD dwReserved[10];
    	};
    };
    

    rockbase.cpp

    #include "RockBase.h"
    
    RockBase::RockBase()
    {
    }
    
    
    RockBase::~RockBase()
    {
    }
    
    RockBase::CRockCrypto::CRockCrypto(void)
    {
    
    }
    RockBase::CRockCrypto::~CRockCrypto(void)
    {
    
    }
    
    void RockBase::CRockCrypto::SetKey(const char *, const char *, const char *, const char *)
    {
    }
    

    In my main project...

    client.cpp

    #include "Client.h"
    
    RockBase::CRockCrypto* m_pDeCrypt[4] = { 0, 0, 0, 0 };
    RockBase::CRockCrypto* m_pEnCrypt[2] = { 0, 0 };
    
    //Constructor
    Client::Client()
    {
    if (m_pDeCrypt[0] == 0){
    		m_pDeCrypt[0] = new RockBase::CRockCrypto();
    		m_pDeCrypt[1] = new RockBase::CRockCrypto();
    		m_pDeCrypt[2] = new RockBase::CRockCrypto();
    		m_pDeCrypt[3] = new RockBase::CRockCrypto();
    
    		unsigned char decKey1[] = { 0x7D, 0x44, 0x01, 0x00, 0x83, 0xEC, 0x24, 0x83, 0x25, 0xB8, 0x8C, 0x4A, 0x0D, 0x56, 0x8B, 0x75 };
    		unsigned char decKey2[] = { 0x1C, 0x8D, 0x1C, 0x57, 0x50, 0xCE, 0xE8, 0x6F, 0x85, 0xFE, 0xFF, 0x8B };
    		unsigned char decKey3[] = { 0x76, 0x0C, 0x50, 0x45, 0x14, 0x83, 0x65, 0xFC, 0x56, 0x50, 0x7D, 0xD1, 0x74, 0x03, 0xB8, 0x43 };
    		unsigned char decKey4[] = { 0x8B, 0x47, 0xDD, 0x6A, 0xE8, 0x14, 0x83, 0xC4, 0xBC, 0xF3, 0x7F, 0x75 };
    
    		m_pDeCrypt[0]->SetKey(0, (const char*)decKey1, 0, 0);
    		m_pDeCrypt[1]->SetKey((const char*)decKey2, 0, 0, 0);
    		m_pDeCrypt[2]->SetKey(0, (const char*)decKey3, 0, 0);
    		m_pDeCrypt[3]->SetKey((const char*)decKey4, 0, 0, 0);
    }
    

    Client.h

    ifdef NDEBUG
    #include "../RockBase/RockBase.h"
    #pragma comment(lib,"../RockBase/Release/RockBase.lib")
    
    class Client
    {
    public:
    	Client();
    	~Client();
    

    after its been complied just dont copy over the .dll use the main .dll vs the complie and it all works.

    Basiclly what i'm doing is faking a header lib and making the .dll do the rest of the work.

    In my QT project i wanted to do this via loading a .dll and calling a function.

    @kshegunov

    SetKey = reinterpret_cast<void (CCrypto::*)(const char *,const char ,const char, const char *)>(resolvedAddress);

    this is wrong you cant cast a void..

    error: C2440: 'reinterpret_cast': cannot convert from 'void *' to 'void


  • Qt Champions 2016

    @Sunfluxgames said in QT load .dll but not calling resolve returns false:

    this is wrong you cant cast a void..

    You're not casting a void, but a function pointer. I imagine your compiler's getting confused (which version of MSVC are you using btw?). You can typedef the method pointer and it should solve it:

    typedef void (CCrypto::*SetKeyType)(const char *,const char *,const char *, const char *);
    SetKeyType SetKey = reinterpret_cast<SetKeyType>(resolvedAddress);
    

    Basiclly what i'm doing is faking a header lib and making the .dll do the rest of the work.

    Right, I have a follow-up question. Where does this:

    DWORD dwReserved[10];
    

    come from? This is what I was referring to, when I was talking about having a properly sized object. So how did you determine that the object needs 10 dwords as data?

    As you have the original dll you can make a .lib file from it (search around it's not very involved). And along with this header of yours you can link your application to the obtained lib. Then you won't need to do all the runtime resolving and checking and such.



  • DWORD dwReserved[10];

    Just points to the BOOL WINAPI DllMain. Msvc 2015 (QT create). As for the lib and dll its already been done and was used in the other project.

    I was making a GUI/QT project out of this so i was converting a lot of c/C++ code to pure C++ QT. Ran into problems came here to ask.

    Sorry for my wording as explaining from my brain to paper i'm not very good at.


  • Qt Champions 2016

    @Sunfluxgames said in QT load .dll but not calling resolve returns false:

    Just points to the BOOL WINAPI DllMain.

    I don't follow how's the DllMain involved. This is a member of your class, meaning that it's a memory you've allocated for your object so it can be used by the class to place its data in.

    As for the lib and dll its already been done and was used in the other project.

    Excellent. You can use that lib the same way you have used it before - by linking, and everything should be working just normally, you don't actually need to resolve the methods at runtime. Is it that you're unsure how to link the library using QtCreator?

    Sorry for my wording as explaining from my brain to paper i'm not very good at.

    Not a big issue, I'm trying to understand what's been done and how, and how to assist you.



  • @kshegunov

    SetKeyType SetKey = reinterpret_cast<SetKeyType>(resolvedAddress);
    error: C2440: 'reinterpret_cast': cannot convert from SetKeyType *' to 'void

    so still something wrong with your code

    But there still should be no reason I can't load the dll get the proccess create a function that points to the address and use the function in my application. Why its not working I have no idea?


  • Qt Champions 2016

    @Sunfluxgames said in QT load .dll but not calling resolve returns false:

    so still something wrong with your code

    No idea, should be working. Can you post the whole snippet that generated this error?

    But there still should be no reason I can't load the dll get the proccess create a function that points to the address and use the function in my application.

    Yes, it should be possible.

    Why its not working I have no idea?

    I don't know either.



  • @kshegunov

    In my header i add the typedef

    // crypt.h
    typedef void (Crypt::*SetKeyType)(const char *, const char *, const char *, const char *);
    

    Now inside my .cpp file create the function and arguments like this.

    void Crypt::DecSetKey()
    {
    	void * resolvedAddress = library.resolve("?SetKey@CRockCrypto@RockBase@@QAEXPBD000@Z");
    	SetKeyType SetKey = reinterpret_cast<SetKeyType>(resolvedAddress);
    	if (!SetKey)
    	{
    		//Unable to load RockBase::CRockCrypto::SetKey Decrypt function
    		return;
    	}
    	else
    	{
    		//Successful loading of RockBase::CRockCrypto::SetKey Decrypt function
    	}
    
    	quint8 decKey1[] = { 0x7D, 0x44, 0x01, 0x00, 0x83, 0xEC, 0x24, 0x83, 0x25, 0xB8, 0x8C, 0x4A, 0x0D, 0x56, 0x8B, 0x75 };
    	quint8 decKey2[] = { 0x1C, 0x8D, 0x1C, 0x57, 0x50, 0xCE, 0xE8, 0x6F, 0x85, 0xFE, 0xFF, 0x8B };
    	quint8 decKey3[] = { 0x76, 0x0C, 0x50, 0x45, 0x14, 0x83, 0x65, 0xFC, 0x56, 0x50, 0x7D, 0xD1, 0x74, 0x03, 0xB8, 0x43 };
    	quint8 decKey4[] = { 0x8B, 0x47, 0xDD, 0x6A, 0xE8, 0x14, 0x83, 0xC4, 0xBC, 0xF3, 0x7F, 0x75 };
    
    	(crypto->*SetKey)(0, (const char*)decKey1, 0, 0);
    	(crypto->*SetKey)((const char*)decKey2, 0, 0, 0);
    	(crypto->*SetKey)(0, (const char*)decKey3, 0, 0);
    	(crypto->*SetKey)((const char*)decKey4, 0, 0, 0);
    
        //void __thiscall RockBase::CRockCrypto::SetKey(RockBase::CRockCrypto *this, const char *, const char *, const char *, const char *)
    }
    

    The error it gives is this.

    error C2440: 'reinterpret_cast': cannot convert from 'void *' to 'SetKeyType'
    

    So if i got this right sorry if i'm wrong. Your createing a void base class with a function called setkeytype with a pointer of setkey that your trying to reinterpret_cast the pointer to the fucntion with the resolved address?

    And the error is because you can't covert a void to function call.


  • Qt Champions 2016

    Nope, it looks correct. Very odd.

    Your createing a void base class with a function called setkeytype with a pointer of setkey that your trying to reinterpret_cast the pointer to the fucntion with the resolved address?

    Yes, approximately.



  • Here are the 2 dll's maybe you can get them to work for me? Thanks for your help.

    http://s000.tinyupload.com/?file_id=87880318125036589695



  • Hi, was curious and l looked at your .DLLs, 2 problems I saw:

    After doing a library.resolve("?SetKey@CRockCrypto@RockBase@@QAEXPBD000@Z") you end up with a function pointer that works fine for calling that function directly. However you want to cast it into non-static pointer-to-member function and a reinterpret_cast<> of it I think will not suffice, it's still only a GetProcAddress() type of function pointer :-( A pointer-to-member function pointer is usually just an offset into a vtable or something similar, also compiler dependent.

    Another problem: if you disassemble the loaded functions you'll see that the first thing that the "SetKey..." function does is trash its this pointer (move ecx,esi) and call another Crypto function. Not very C++ friendly, most likely this is some kind of assembly obfuscation going on. It's a game library after all...



  • I created a fake lib and header with my console app, and just called the functions normally and was able to get the application to do what i want.

    The Dll calls a function called Cleanup which trash the this pointer. To bypass this if you setkey to the decKey2 and it doesn't call this function keeping it in tacked. After you call SetKey you call the RockBase::CRockCrypto::Decrypt(void*, int) function that runs through aes cryto that decrypted a encrypted buffer base on size of buffer.

    This is just a old old game (2007) .dll that uses aes encryption decryption on packets.


  • Qt Champions 2016

    @Sunfluxgames said in QT load .dll but not calling resolve returns false:

    Here are the 2 dll's maybe you can get them to work for me?

    I can't, sorry. I don't have windows currently, nor do I use MSVC when building on windows, besides I have a lot of work of my own currently.


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.