Author Topic: How to use ExpandEnvironmentStringsA in NASM ?  (Read 12764 times)

Offline hpuser

  • Jr. Member
  • *
  • Posts: 2
How to use ExpandEnvironmentStringsA in NASM ?
« on: December 25, 2012, 11:15:22 AM »
Hello all,

i need to use the function ExpandEnvironmentStringsA in nasm to use shourtcuts such as %appdata% and %tmp% .. etc.

i tried an example on the internet but it wont running and give errors, i think the problem with parameters.

can i find complete illustrated example about using this function...

thanks alot !


Offline Frank Kotler

  • NASM Developer
  • Hero Member
  • *****
  • Posts: 2667
  • Country: us
Re: How to use ExpandEnvironmentStringsA in NASM ?
« Reply #1 on: December 25, 2012, 04:47:23 PM »
http://msdn.microsoft.com/en-us/library/windows/desktop/ms724265(v=vs.85).aspx

What did you try? What error(s) did you get?

Best,
Frank


Offline hpuser

  • Jr. Member
  • *
  • Posts: 2
Re: How to use ExpandEnvironmentStringsA in NASM ?
« Reply #2 on: December 26, 2012, 06:32:27 AM »
Code: [Select]
   jmp GetFilePAth         
FilePAthReturn:           
    pop ecx
             
   xor Eax,Eax             
   Push Eax
   Push ebx
   Push ecx
   ;Call ExpandEnvironmentStringsA
   call [ebp+0x10]

GetFilePAth:
    call FilePAthReturn
    db "%appdata%\xxx.xx"     
    db 0x00   

this is code don't work correctly

thanks alot !
« Last Edit: December 26, 2012, 09:47:55 AM by Frank Kotler »

Offline Frank Kotler

  • NASM Developer
  • Hero Member
  • *****
  • Posts: 2667
  • Country: us
Re: How to use ExpandEnvironmentStringsA in NASM ?
« Reply #3 on: December 26, 2012, 12:10:01 PM »
Well no, that doesn't look quite right. I edited it to put "code tags" around your code. Just the word "code" in square brackets at the top of your code and "/code" in square brackets at the end. We like "code tags" here. :)

I'm a little confused by MS's description. Our source buffer is replaced by the value? What if that buffer isn't big enough? Seems like a problem! Pad it out to 32k, I suppose...? The destination buffer, they say, is optional. Push zero if we haven't got one, I guess? If we do have a destination buffer, does the source buffer still get replaced? They imply "yes". You may have to experiment to see what really happens. (I'm not running Windows and I'm not about to install it)

Here's my idea of how you might proceed...
Code: [Select]
; nasm -f win32 myfile.asm
; or
; nasm -f win64 myfile.asm
; and then?
; golink /entry start /console myfile.obj kernel32.dll
; or perhaps "kernel64.dll"?

; inform the linker about our entrypoint
global start

; inform the linker about APIs we'll use
extern ExitProcess ; always need this one!
extern ExpandEnvironmentStringsA
; we want to print results, I suppose...
extern GetStdHandle
extern WriteFile

BUFSIZ equ 8000h ; 32k - MS says this is the maximum

section .data
    envname db "%appdata%", 0
    padding times BUFSIZ db 0 ; may not need this?
; probably want some error messages, too...

section .bss
    envbuf resb BUFSIZ
    hstdout resd 1
    byteswritten resd 1 ; place for WriteFile to put its result

section .text
    start:
; get this out of the way first...
    push -11 ; STDOUTPUTHANDLE
    call GetStdHandle
    mov [hstdout], eax

; now... to business (we hope)
    push envname
    push envbuf
    push BUFSIZ
    call ExpandEnvironmentStringsA
; if eax = 0 - something went wrong!
    test eax, eax
    jz fail
; if eax > BUFSIZ - buffer too small
; shouldn't happen here!
    cmp eax, BUFSIZ
    ja buf2small
; okay, eax should be length of "value" - print it
    push 0
    push byteswritten
    push eax
    push envbuf
    push dword [hstdout]
    call WriteFile
    jmp exit

fail:
; print an error message
buf2small:
; print an error message
exit:
    push 0
    call ExitProcess

That's untested, and probably has multiple errors, but it may give you a better "framework" than    what you've got. I left out your "\xxx.xx" after %appdata% - I doubt if that's going to work (you can try it). Let us know if it works, if you would. Good luck!

Best,
Frank


Offline Mathi

  • Jr. Member
  • *
  • Posts: 82
  • Country: in
    • Win32NASM
Re: How to use ExpandEnvironmentStringsA in NASM ?
« Reply #4 on: December 29, 2012, 04:31:22 AM »
Refining frank's sample code....

Code: [Select]
; nasm -f win32 myfile.asm
; golink /entry start /console myfile.obj kernel32.dll

; inform the linker about our entrypoint
global start

; inform the linker about APIs we'll use
extern ExitProcess ; always need this one!
extern ExpandEnvironmentStringsA
; we want to print results, I suppose...
extern GetStdHandle
extern WriteFile

BUFSIZ equ 8000h ; 32k - MS says this is the maximum

section .data
    envname db "%ProgramFiles%\TestApp", 0
; probably want some error messages, too...

section .bss
    envbuf resb BUFSIZ
    hstdout resd 1
    byteswritten resd 1 ; place for WriteFile to put its result

section .text
    start:
; get this out of the way first...
    push -11 ; STDOUTPUTHANDLE
    call GetStdHandle
    mov [hstdout], eax

; now... to business (we hope)
    push BUFSIZ
    push envbuf
    push envname
    call ExpandEnvironmentStringsA
; if eax = 0 - something went wrong!
    test eax, eax
    jz fail
; if eax > BUFSIZ - buffer too small
; shouldn't happen here!
    cmp eax, BUFSIZ
    ja buf2small
; okay, eax should be length of "value" - print it
    push 0
    push byteswritten
    push eax
    push envbuf
    push dword [hstdout]
    call WriteFile
    jmp exit

fail:
; print an error message
buf2small:
; print an error message
exit:
    push 0
    call ExitProcess


As far as i understand from the documentation, the source buffer will be intact :)
Also the program crashes if we pass Zero for destination buffer. Not sure what MSDN means by 'optional' here.

As you can see from the sample the input can have strings like
"%ProgramFiles%\TestApp"
or even
 "%ProgramFiles%\TestApp\%USERNAME%"

If hpuser was trying for a 64 bit program , this example will not work.

Regards,
Mathi.

Offline Frank Kotler

  • NASM Developer
  • Hero Member
  • *****
  • Posts: 2667
  • Country: us
Re: How to use ExpandEnvironmentStringsA in NASM ?
« Reply #5 on: December 29, 2012, 07:33:02 AM »
Thanks Mathi!

I just wasn't thinking about the "win64" possibility - "push eax" would kill that dead! As to reversing the parameters, what can I say? Oops!

Any luck with it, hpuser?

Best,
Frank