Author Topic: CreateThread  (Read 13984 times)

Offline RagingGrim

  • Jr. Member
  • *
  • Posts: 28
CreateThread
« on: January 17, 2015, 06:35:54 PM »
I was curious on how to access the lparam passed with CreateThread in windows, I call the function as such:
Code: [Select]
push 0
push 0
push Temp
push printOne_t
push 9
push 0
call _CreateThread



9 for the stack size because I was only going to call a printf function in printOne_t which uses 8 bytes; How do I get the value of Temp inside printOne_t? I thought i'd have something to do with ebp but I just don't know anymore.

I'm asking because I need to create a thread for every client that connects to my server and I'll need a different SocketHandle for every socket. When I create the thread I'll need that function to be able to work with the involved SocketHandle ( which would obviously be lparam)

HANDLE WINAPI CreateThread(
  _In_opt_   LPSECURITY_ATTRIBUTES lpThreadAttributes,
  _In_       SIZE_T dwStackSize,
  _In_       LPTHREAD_START_ROUTINE lpStartAddress,
  _In_opt_   LPVOID lpParameter,
  _In_       DWORD dwCreationFlags,
  _Out_opt_  LPDWORD lpThreadId
);
Link : http://msdn.microsoft.com/en-us/library/windows/desktop/ms682453%28v=vs.85%29.aspx

Just so you don't have to search it ^^

I thought of a temporary solution.
I'll just push the new socket handle before pushing the params to createthread and then in the function createthread points to simply pop them the appropriate position in my dynamic array :D I'll test it and post the results ^^

I just realised this wouldn't work because I'd need the value to remain constant :/
« Last Edit: January 17, 2015, 07:01:17 PM by RagingGrim »

Offline encryptor256

  • Full Member
  • **
  • Posts: 250
  • Country: lv
  • Win64 .
    • On Youtube: encryptor256
Re: CreateThread
« Reply #1 on: January 17, 2015, 07:31:02 PM »
Hi,

I was curious on how to access the lparam passed with CreateThread in windows...

Thread procedure proto is like:

Code: [Select]
DWORD WINAPI MyThreadFunction( LPVOID lpParam );

lpParam will be equals to lpParameter:

HANDLE WINAPI CreateThread(
  _In_opt_   LPSECURITY_ATTRIBUTES lpThreadAttributes,
  _In_       SIZE_T dwStackSize,
  _In_       LPTHREAD_START_ROUTINE lpStartAddress,
  _In_opt_   LPVOID lpParameter,
  _In_       DWORD dwCreationFlags,
  _Out_opt_  LPDWORD lpThreadId
);

B.
Encryptor256's Investigation \ Research Department.

Offline RagingGrim

  • Jr. Member
  • *
  • Posts: 28
Re: CreateThread
« Reply #2 on: January 17, 2015, 08:16:45 PM »
This is what I understood from your reply
Code: [Select]


push 0
push 0
push Counter
push printCounter
push 0
push 0
call _CreateThread
call __getch


printCounter:
pop eax
mov dword [Counter],eax
push dword [Counter]

push intFormat
call __cprintf
call __getch
I don't get this. Not at all. I'm feeling retarded because I used your example on using WSA in the examples section now you're helping me again XD

So the procedure createthread is expecting has a prototype of DWORD WINAPI MyThreadFunction( LPVOID lpParam );
So to call such a procedure i'd push the only param onto the stack. Inside of this procedure I could then pop the value into a register to use it.

I don't think my assumption is correct :/
« Last Edit: January 17, 2015, 08:21:11 PM by RagingGrim »

Offline encryptor256

  • Full Member
  • **
  • Posts: 250
  • Country: lv
  • Win64 .
    • On Youtube: encryptor256
Re: CreateThread
« Reply #3 on: January 18, 2015, 08:13:16 AM »
Well, It doesn't matter if you pushy or popy inside thread function "MyThreadFunction".

WinAPI function CreateThread will deliver that lpParameter to MyThreadFunction as a lpParam.

All you have to do is to handle that MyThreadFunction properly, in the right way according to STANDARTS - like calling convention, stack cleanups and so on.

Quote
So to call such a procedure i'd push the only param onto the stack. Inside of this procedure I could then pop the value into a register to use it.

No! To call such procedure you do all in the right way or it will NOT work,
you have to pay attention to x86 (STDCALL OR CDECL) calling standards, conventions and so on.


Encryptor256's Investigation \ Research Department.

Offline RagingGrim

  • Jr. Member
  • *
  • Posts: 28
Re: CreateThread
« Reply #4 on: January 18, 2015, 10:05:26 AM »
I'll go read up on those standards! Thanks ! :D

Offline RagingGrim

  • Jr. Member
  • *
  • Posts: 28
Re: CreateThread
« Reply #5 on: January 20, 2015, 04:51:30 AM »
I just wanted to answer my question. I believ :'(e the value passed to lparam can be found in [ebp + 8] of the newly spawned thread. I have yet to test this in a larger program but i'll do so tonight ! ^^ I also think that your previous posts are all starting to make sense :0

I will still read up on the conventions :0
« Last Edit: January 20, 2015, 04:58:03 AM by RagingGrim »