QT load .dll but not calling resolve returns false

Sunfluxgames · 20 Jul 2017, 16:02

Hello,

I'm trying to call a .dll and then reslove the functions so that i can use them in my application

I started by type def the function

typedef void (*SetKey_func)(const char *, const char *, const char *, const char *);

Then I used QT to load the .dll

Crypt::Crypt(QObject *parent) : QObject(parent)
{
}

Crypt::~Crypt()
{

}

void Crypt::LoadCrypt()
{

        QString file = QCoreApplication::applicationDirPath() + "/RockBase.dll";

        library.setFileName(file);
        library.load();

        if( !library.isLoaded() )
        {
            //file not loaded
            return;
        }
        else
        {
            // file loaded
         }
}

After I load the .dll i call the DecSetKey() function to create the key inside the .dll

void Crypt::DecSetKey()
{

    quint8 decKey1[] = { 0x7D, 0x44, 0x01, 0x00, 0x83, 0xEC, 0x24, 0x83, 0x25, 0xB8, 0x8C, 0x4A, 0x0D, 0x56, 0x8B, 0x75 };
    quint8 decKey2[] = { 0x1C, 0x8D, 0x1C, 0x57, 0x50, 0xCE, 0xE8, 0x6F, 0x85, 0xFE, 0xFF, 0x8B };
    quint8 decKey3[] = { 0x76, 0x0C, 0x50, 0x45, 0x14, 0x83, 0x65, 0xFC, 0x56, 0x50, 0x7D, 0xD1, 0x74, 0x03, 0xB8, 0x43 };
    quint8 decKey4[] = { 0x8B, 0x47, 0xDD, 0x6A, 0xE8, 0x14, 0x83, 0xC4, 0xBC, 0xF3, 0x7F, 0x75 };

    SetKey_func s_d_func = (SetKey_func)library.resolve( "?SetKey@CCrypto@RockBase@@QAEXPBD000@Z" );
    if( s_d_func )
    {
        //Successful loading of Decrypt CCrypto::SetKey function
        s_d_func( 0, (const char*)decKey1, 0, 0 );
        s_d_func((const char*)decKey2, 0, 0, 0);
        s_d_func(0, (const char*)decKey3, 0, 0);
        s_d_func((const char*)decKey4, 0, 0, 0);
    }
    else
    {
        //Unable to load Decrypt CCrypto::SetKey function.
    }
}

So inside my other class i call the function from crypt class...

void patch::decdata()
{
        Crypt *cryptinstance = new Crypt(this);
        cryptinstance->DecSetKey();
}

When I call DecSetKet it returns Unable to load Decrypt CCrypto::SetKey function

What am i doing wrong?

kshegunov · wrote on 20 Jul 2017, 16:02

Firstly, are you sure such symbol exists to begin with?

Secondly, this is what you're trying to resolve:

public: void __thiscall RockBase::CCrypto::SetKey(const char *,const char *,const char*, const char *)

How are you expecting to cast a __thiscall to __cdecl? It's a method, you need an object for it.

And lastly, why don't you just link your library as regular people do and leave the loader to worry about resolving?

Sunfluxgames · 20 Jul 2017, 17:43

There's no lib and no header. If i load it inside the loadcrypt it seems to work fine.

The function disembled looks like this..

public: void  thiscall RockBase::CCrypto::SetKey(RockBase this*, const char *,const char *,const char*, const char *);

Can i just do this?

//header
  extern "C"
  {
   __declspec(dllexport) void __stdcall RockBase::CCrypto::SetKey(const char *,const char *,const char*, const char *)
  }

  //cpp
  void __stdcall RockBase::CCrypto::SetKey(const char *,const char *,const char*, const char *)
  {
   // do my code here
  }

should it be

__declspec(dllexport) void __stdcall SetKey(const char *,const char *,const char*, const char *)

or

__declspec(dllexport) void __stdcall RockBase::CCrypto::SetKey(const char *,const char *,const char*, const char *)

kshegunov · wrote on 20 Jul 2017, 17:43

@Sunfluxgames said in QT load .dll but not calling resolve returns false:

There's no lib and no header.

You should obtain them from the vendor of that library.

Can i just do this?

Nope.

should it be.

Nope. It should be:

class CCrypto
{
// more stuff
public:
    void SetKey(const char *,const char *,const char*, const char *);
// more stuff
};

And you'd cast it as:

void * resolvedAddress = library.resolve("?symbolNameGoesHere@@@");

void (CCrypto::*SetKey)(const char *,const char *,const char*, const char *);
SetKey = reinterpret_cast<void (CCrypto::*)(const char *,const char *,const char*, const char *)>(resolvedAddress);

And finally you'd use it (after having a CCrypto object) like this:

CCrypto * crypto; //< From wherever that object comes
(crypto->*SetKey)("argument", "argument", "argument", "argument");

My advice: Just obtain a header file and a lib file from the vendor of that library ...

Sunfluxgames · 21 Jul 2017, 04:50

The vender/company doesn't exist. (reverse engineering) So getting the lib or header for that is out of the question. I did hack a lib/header together with those functions and faked the .dll call and put the main .dll inside that folder and it seem to work but this was based off a C++ console project not a QT project.

Dont understand a few things?

why (crypto->*SetKey) around this? * is a call pointer to method?

CCrypto * crypto; //< From wherever that object comes // mine comes from Qobject wouldnt you need to create a new on heap

jsulm · wrote on 21 Jul 2017, 04:50

@Sunfluxgames said in QT load .dll but not calling resolve returns false:

it seem to work but this was based off a C++ console project not a QT project

Qt is a C++ framework, you can use your previous C++ solution if it works.

kshegunov · wrote on 24 Jul 2017, 11:15

@Sunfluxgames said in QT load .dll but not calling resolve returns false:

So getting the lib or header for that is out of the question. I did hack a lib/header together with those functions and faked the .dll call and put the main .dll inside that folder and it seem to work but this was based off a C++ console project not a QT project.

Qt is C++ library, as @jsulm said, so there's nothing different to do.

why (crypto->*SetKey) around this? * is a call pointer to method?

Yes, ->* is pointer-to-member call. Because the you get a method address (as it's a __thiscall) and you need to bind an object to actually call the function.

CCrypto * crypto; //< From wherever that object comes // mine comes from Qobject wouldnt you need to create a new on heap

Heap or stack doesn't matter here. The thing is you need to have an initialized object from the type Crypto, which from your description I don't see how you will obtain. The problem is you need to know how big the object is, so to allocate enough memory, then manually call the constructor (resolved as in the above example) and finally call the destructor (again manually) and free your memory whenever you've finished with the object. It's a tad more complicated than calling a simple C-style function and without a header you have to do a some digging through the library's assembly to determine how large is each class's instance so to know what to put in the fake-header.

Sunfluxgames · 25 Jul 2017, 04:28

so the function looks like this inside the .dll

/*
visual studio c++ 6.0 (.dll)
; Exported entry 119. ?SetKey@CRockCrypto@RockBase@@QAEXPBD000@Z
 
 
; Attributes: bp-based frame
 
; void __thiscall RockBase::CRockCrypto::SetKey(RockBase::CRockCrypto *this, const char *, const char *, const char *, const char *)
public ?SetKey@CRockCrypto@RockBase@@QAEXPBD000@Z
?SetKey@CRockCrypto@RockBase@@QAEXPBD000@Z proc near
 
 
*/

Since QT can only call C type dll export functions i used win api to do this..

void Crypt::LoadCrypt()
{
    QString file = QCoreApplication::applicationDirPath() + "/RockBase.dll";
    LPCWSTR current_locale_file = (const wchar_t*) file.utf16();
 
    hGetProcIDDLL = LoadLibrary(current_locale_file);
    if (!hGetProcIDDLL)
    {
        //Error loading  RockBase.dll
        return;
    }
    else
    {
        //Successful loading of RockBase.dll file.
    }
 
    DecSetKey();
}

    void Crypt::DecSetKey()
    {
        typedef void (__thiscall *SetKey_func)(void* thisPtr, const char *, const char *, const char *, const char *);
     
        quint8 decKey1[] = { 0x7D, 0x44, 0x01, 0x00, 0x83, 0xEC, 0x24, 0x83, 0x25, 0xB8, 0x8C, 0x4A, 0x0D, 0x56, 0x8B, 0x75 };
        quint8 decKey2[] = { 0x1C, 0x8D, 0x1C, 0x57, 0x50, 0xCE, 0xE8, 0x6F, 0x85, 0xFE, 0xFF, 0x8B };
        quint8 decKey3[] = { 0x76, 0x0C, 0x50, 0x45, 0x14, 0x83, 0x65, 0xFC, 0x56, 0x50, 0x7D, 0xD1, 0x74, 0x03, 0xB8, 0x43 };
        quint8 decKey4[] = { 0x8B, 0x47, 0xDD, 0x6A, 0xE8, 0x14, 0x83, 0xC4, 0xBC, 0xF3, 0x7F, 0x75 };
     
        SetKey_func SetKey = (SetKey_func)GetProcAddress(hGetProcIDDLL, "?SetKey@CRockCrypto@RockBase@@QAEXPBD000@Z");
        if (!SetKey)
        {
            //Unable to load CRockCrypto::SetKey function.
            return;
        }
        else
        {
            SetKey( 0, (const char*)decKey1, 0, 0 );
            SetKey((const char*)decKey2, 0, 0, 0);
            SetKey(0, (const char*)decKey3, 0, 0);
            SetKey((const char*)decKey4, 0, 0, 0);;
            //Successful loading of CRockCrypto::SetKey function."));
        }

so my only issue would be getting the class instance ptr. Then allocating enough memory and free it?

How would i go about doing this..

A dummy .cpp .h file would look like this..

// HEADER
class CLASS_EXPORT RockBase
{
public:
	RockBase();
	~RockBase();

public:
	class CLASS_EXPORT CRockCrypto 
{
	public:
		CRockCrypto(void);
		virtual ~CRockCrypto(void);
	public:
		void SetKey(RockBase::CRockCrypto *this, const char *, const char *, const char *, const char *);
	};
};

///CPP
RockBase::RockBase()
{
}

RockBase::~RockBase()
{
}

RockBase::CRockCrypto::CRockCrypto(void)
{

}
RockBase::CRockCrypto::~CRockCrypto(void)
{

}

void RockBase::CRockCrypto::SetKey(const char *, const char *, const char *, const char *)
{
}

Would be my guess...

jsulm · wrote on 25 Jul 2017, 04:28

@Sunfluxgames said in QT load .dll but not calling resolve returns false:

Since QT can only call C type dll export functions

You should really use correct wording. The sentence above just doesn't make sense: Qt is not calling anything here. Qt is not a programming language and it is not a compiler. What you are using is C++. What you are doing can be done in a plain C++ program without Qt at all. It has nothing to do with Qt.

Sunfluxgames · 25 Jul 2017, 16:34

Yea i'm sorry about my wording. My wording isn't my strong suit.

QLibrary Class

The symbol must be exported as a C function from the library. This means that the function must be wrapped in an extern "C" if the library is compiled with a C++ compiler. On Windows you must also explicitly export the function from the DLL using the __declspec(dllexport) compiler directive.

Note: In Symbian resolving with symbol names works only if the loaded library was built as STDDLL. Otherwise, the ordinals must be used.

My library was complied in C++ so this means QLibrary is out of the question. I used win api LoadLibrary and GetProcAddress to grab the address and then create a function to be able to call the arguments of that class dll.

So as far as i can see I am missing the class instance pointer and creating enough memory to store and free it? This is my first time using a .dll so I am trying as many options as i can think of.

Normally I would just reverse the .dll and built my own class and functions do to the same as a .dll and not have to use it.

I have a C++ application (VS) not using QT that it works fine on. But porting it over to QT framework doesn't let it work the same way.

kshegunov · wrote on 25 Jul 2017, 16:34

@Sunfluxgames said in QT load .dll but not calling resolve returns false:

I have a C++ application (VS) not using QT that it works fine on. But porting it over to QT framework doesn't let it work the same way.

@jsulm's point is that if you have it working with a console application there's nothing special to do. Qt is a library as any other! I have this creeping suspicion, though, that you don't fully realize what is expected to do to make such a method call, so I'm not completely convinced if this console application is really working, no offence.

Let me ask you this, how do you get an object of type CRockCrypto in your console application if you don't have a proper header?

Sunfluxgames · 26 Jul 2017, 11:19

So I start by creating a DYNAMIC LINK LIBRARY.

rockbase.h

#pragma once

#ifdef ROCKBASE_EXPORTS
	#define CLASS_EXPORT __declspec(dllexport)
#else
	#define CLASS_EXPORT
#endif


class CLASS_EXPORT RockBase
{
public:
	RockBase();
	~RockBase();

public:
	class CLASS_EXPORT CRockCrypto
 {
	public:
		CRockCrypto(void);
		virtual ~CRockCrypto(void);
	public:
		void SetKey(const char *, const char *, const char *, const char *);
		DWORD dwReserved[10];
	};
};

rockbase.cpp

#include "RockBase.h"

RockBase::RockBase()
{
}


RockBase::~RockBase()
{
}

RockBase::CRockCrypto::CRockCrypto(void)
{

}
RockBase::CRockCrypto::~CRockCrypto(void)
{

}

void RockBase::CRockCrypto::SetKey(const char *, const char *, const char *, const char *)
{
}

In my main project...

client.cpp

#include "Client.h"

RockBase::CRockCrypto* m_pDeCrypt[4] = { 0, 0, 0, 0 };
RockBase::CRockCrypto* m_pEnCrypt[2] = { 0, 0 };

//Constructor
Client::Client()
{
if (m_pDeCrypt[0] == 0){
		m_pDeCrypt[0] = new RockBase::CRockCrypto();
		m_pDeCrypt[1] = new RockBase::CRockCrypto();
		m_pDeCrypt[2] = new RockBase::CRockCrypto();
		m_pDeCrypt[3] = new RockBase::CRockCrypto();

		unsigned char decKey1[] = { 0x7D, 0x44, 0x01, 0x00, 0x83, 0xEC, 0x24, 0x83, 0x25, 0xB8, 0x8C, 0x4A, 0x0D, 0x56, 0x8B, 0x75 };
		unsigned char decKey2[] = { 0x1C, 0x8D, 0x1C, 0x57, 0x50, 0xCE, 0xE8, 0x6F, 0x85, 0xFE, 0xFF, 0x8B };
		unsigned char decKey3[] = { 0x76, 0x0C, 0x50, 0x45, 0x14, 0x83, 0x65, 0xFC, 0x56, 0x50, 0x7D, 0xD1, 0x74, 0x03, 0xB8, 0x43 };
		unsigned char decKey4[] = { 0x8B, 0x47, 0xDD, 0x6A, 0xE8, 0x14, 0x83, 0xC4, 0xBC, 0xF3, 0x7F, 0x75 };

		m_pDeCrypt[0]->SetKey(0, (const char*)decKey1, 0, 0);
		m_pDeCrypt[1]->SetKey((const char*)decKey2, 0, 0, 0);
		m_pDeCrypt[2]->SetKey(0, (const char*)decKey3, 0, 0);
		m_pDeCrypt[3]->SetKey((const char*)decKey4, 0, 0, 0);
}

Client.h

ifdef NDEBUG
#include "../RockBase/RockBase.h"
#pragma comment(lib,"../RockBase/Release/RockBase.lib")

class Client
{
public:
	Client();
	~Client();

after its been complied just dont copy over the .dll use the main .dll vs the complie and it all works.

Basiclly what i'm doing is faking a header lib and making the .dll do the rest of the work.

In my QT project i wanted to do this via loading a .dll and calling a function.

@kshegunov

SetKey = reinterpret_cast<void (CCrypto::*)(const char *,const char ,const char, const char *)>(resolvedAddress);

this is wrong you cant cast a void..

error: C2440: 'reinterpret_cast': cannot convert from 'void *' to 'void

kshegunov · wrote on 26 Jul 2017, 11:19

@Sunfluxgames said in QT load .dll but not calling resolve returns false:

this is wrong you cant cast a void..

You're not casting a void, but a function pointer. I imagine your compiler's getting confused (which version of MSVC are you using btw?). You can typedef the method pointer and it should solve it:

typedef void (CCrypto::*SetKeyType)(const char *,const char *,const char *, const char *);
SetKeyType SetKey = reinterpret_cast<SetKeyType>(resolvedAddress);

Basiclly what i'm doing is faking a header lib and making the .dll do the rest of the work.

Right, I have a follow-up question. Where does this:

DWORD dwReserved[10];

come from? This is what I was referring to, when I was talking about having a properly sized object. So how did you determine that the object needs 10 dwords as data?

As you have the original dll you can make a .lib file from it (search around it's not very involved). And along with this header of yours you can link your application to the obtained lib. Then you won't need to do all the runtime resolving and checking and such.

Sunfluxgames · 27 Jul 2017, 04:33

DWORD dwReserved[10];

Just points to the BOOL WINAPI DllMain. Msvc 2015 (QT create). As for the lib and dll its already been done and was used in the other project.

I was making a GUI/QT project out of this so i was converting a lot of c/C++ code to pure C++ QT. Ran into problems came here to ask.

Sorry for my wording as explaining from my brain to paper i'm not very good at.

kshegunov · wrote on 27 Jul 2017, 04:33

@Sunfluxgames said in QT load .dll but not calling resolve returns false:

Just points to the BOOL WINAPI DllMain.

I don't follow how's the DllMain involved. This is a member of your class, meaning that it's a memory you've allocated for your object so it can be used by the class to place its data in.

As for the lib and dll its already been done and was used in the other project.

Excellent. You can use that lib the same way you have used it before - by linking, and everything should be working just normally, you don't actually need to resolve the methods at runtime. Is it that you're unsure how to link the library using QtCreator?

Sorry for my wording as explaining from my brain to paper i'm not very good at.

Not a big issue, I'm trying to understand what's been done and how, and how to assist you.

Sunfluxgames · 27 Jul 2017, 20:47

@kshegunov

SetKeyType SetKey = reinterpret_cast<SetKeyType>(resolvedAddress);
error: C2440: 'reinterpret_cast': cannot convert from SetKeyType *' to 'void

so still something wrong with your code

But there still should be no reason I can't load the dll get the proccess create a function that points to the address and use the function in my application. Why its not working I have no idea?

kshegunov · wrote on 27 Jul 2017, 20:47

@Sunfluxgames said in QT load .dll but not calling resolve returns false:

so still something wrong with your code

No idea, should be working. Can you post the whole snippet that generated this error?

But there still should be no reason I can't load the dll get the proccess create a function that points to the address and use the function in my application.

Yes, it should be possible.

Why its not working I have no idea?

I don't know either.

Sunfluxgames · 31 Jul 2017, 20:30

@kshegunov

In my header i add the typedef

// crypt.h
typedef void (Crypt::*SetKeyType)(const char *, const char *, const char *, const char *);

Now inside my .cpp file create the function and arguments like this.

void Crypt::DecSetKey()
{
	void * resolvedAddress = library.resolve("?SetKey@CRockCrypto@RockBase@@QAEXPBD000@Z");
	SetKeyType SetKey = reinterpret_cast<SetKeyType>(resolvedAddress);
	if (!SetKey)
	{
		//Unable to load RockBase::CRockCrypto::SetKey Decrypt function
		return;
	}
	else
	{
		//Successful loading of RockBase::CRockCrypto::SetKey Decrypt function
	}

	quint8 decKey1[] = { 0x7D, 0x44, 0x01, 0x00, 0x83, 0xEC, 0x24, 0x83, 0x25, 0xB8, 0x8C, 0x4A, 0x0D, 0x56, 0x8B, 0x75 };
	quint8 decKey2[] = { 0x1C, 0x8D, 0x1C, 0x57, 0x50, 0xCE, 0xE8, 0x6F, 0x85, 0xFE, 0xFF, 0x8B };
	quint8 decKey3[] = { 0x76, 0x0C, 0x50, 0x45, 0x14, 0x83, 0x65, 0xFC, 0x56, 0x50, 0x7D, 0xD1, 0x74, 0x03, 0xB8, 0x43 };
	quint8 decKey4[] = { 0x8B, 0x47, 0xDD, 0x6A, 0xE8, 0x14, 0x83, 0xC4, 0xBC, 0xF3, 0x7F, 0x75 };

	(crypto->*SetKey)(0, (const char*)decKey1, 0, 0);
	(crypto->*SetKey)((const char*)decKey2, 0, 0, 0);
	(crypto->*SetKey)(0, (const char*)decKey3, 0, 0);
	(crypto->*SetKey)((const char*)decKey4, 0, 0, 0);

    //void __thiscall RockBase::CRockCrypto::SetKey(RockBase::CRockCrypto *this, const char *, const char *, const char *, const char *)
}

The error it gives is this.

error C2440: 'reinterpret_cast': cannot convert from 'void *' to 'SetKeyType'

So if i got this right sorry if i'm wrong. Your createing a void base class with a function called setkeytype with a pointer of setkey that your trying to reinterpret_cast the pointer to the fucntion with the resolved address?

And the error is because you can't covert a void to function call.

kshegunov · wrote on 31 Jul 2017, 20:30

Nope, it looks correct. Very odd.

Your createing a void base class with a function called setkeytype with a pointer of setkey that your trying to reinterpret_cast the pointer to the fucntion with the resolved address?

Yes, approximately.

Sunfluxgames · 2 Aug 2017, 21:53

Here are the 2 dll's maybe you can get them to work for me? Thanks for your help.

http://s000.tinyupload.com/?file_id=87880318125036589695