Re: [Mingw-w64-public] Compiling a dll for JNI and java 64 bits

[RAPPAZ F. <fra...@un...>]

Just in case, here is first lines of the dump of the 32 bits dll that works with java 32 bits.

kbhook32.dll:     file format pei-i386
kbhook32.dll
architecture: i386, flags 0x00000133:
HAS_RELOC, EXEC_P, HAS_SYMS, HAS_LOCALS, D_PAGED
start address 0x10001060

Characteristics 0x2306
	executable
	line numbers stripped
	32 bit words
	debugging information removed
	DLL

Time/Date		Wed Mar 30 15:55:14 2011
Magic			010b	(PE32)
MajorLinkerVersion	2
MinorLinkerVersion	20
SizeOfCode		00001600
SizeOfInitializedData	00001400
SizeOfUninitializedData	00000200
AddressOfEntryPoint	00001060
BaseOfCode		00001000
BaseOfData		00003000
ImageBase		10000000
SectionAlignment	00001000
FileAlignment		00000200
MajorOSystemVersion	4
MinorOSystemVersion	0
MajorImageVersion	1
MinorImageVersion	0
MajorSubsystemVersion	4
MinorSubsystemVersion	0
Win32Version		00000000
SizeOfImage		0000a000
SizeOfHeaders		00000400
CheckSum		000083a2
Subsystem		00000003	(Windows CUI)
DllCharacteristics	00000000
SizeOfStackReserve	00200000
SizeOfStackCommit	00001000
SizeOfHeapReserve	00100000
SizeOfHeapCommit	00001000
LoaderFlags		00000000
NumberOfRvaAndSizes	00000010

The Data Directory
Entry 0 00005000 000002ad Export Directory [.edata (or where ever we found it)]
Entry 1 00006000 00000450 Import Directory [parts of .idata]
Entry 2 00000000 00000000 Resource Directory [.rsrc]
Entry 3 00000000 00000000 Exception Directory [.pdata]
Entry 4 00000000 00000000 Security Directory
Entry 5 00009000 00000178 Base Relocation Directory [.reloc]
Entry 6 00000000 00000000 Debug Directory
Entry 7 00000000 00000000 Description Directory
Entry 8 00000000 00000000 Special Directory
Entry 9 00008000 00000018 Thread Storage Directory [.tls]
Entry a 00000000 00000000 Load Configuration Directory
Entry b 00000000 00000000 Bound Import Directory
Entry c 00000000 00000000 Import Address Table Directory
Entry d 00000000 00000000 Delay Import Directory
Entry e 00000000 00000000 CLR Runtime Header
Entry f 00000000 00000000 Reserved

There is an import table in .idata at 0x10006000

The Import Tables (interpreted .idata section contents)
 vma:            Hint    Time      Forward  DLL       First
                 Table   Stamp     Chain    Name      Thunk
 00006000	00006050 00000000 00000000 000063d4 000060e8

	DLL Name: msvcrt.dll
	vma:  Hint/Ord Member-Name Bound-To
	6180	   52  __dllonexit
	618e	  182  _errno
	6198	  266  _iob
	61a0	  538  _winmajor
	61ac	  583  abort
	61b4	  595  calloc
	61be	  610  fflush
	61c8	  625  free
	61d0	  633  fwrite
	61da	  676  malloc
	61e4	  682  memcpy
	61ee	  684  memset
	61f8	  689  printf
	6202	  748  vfprintf

 00006014	0000608c 00000000 00000000 00006410 00006124

	DLL Name: KERNEL32.dll
	vma:  Hint/Ord Member-Name Bound-To
	620e	  207  DeleteCriticalSection
	6226	  236  EnterCriticalSection
	623e	  352  FreeLibrary
	624c	  451  GetCurrentThreadId
	6262	  510  GetLastError
	6272	  577  GetProcAddress
	6284	  734  InitializeCriticalSection
	62a0	  814  LeaveCriticalSection
	62b8	  817  LoadLibraryA
	62c8	 1173  TlsGetValue
	62d6	 1213  VirtualProtect
	62e8	 1215  VirtualQuery

 00006028	000060c0 00000000 00000000 00006444 00006158

	DLL Name: USER32.dll
	vma:  Hint/Ord Member-Name Bound-To
	62f8	   23  CallNextHookEx
	630a	  149  DispatchMessageA
	631e	  293  GetMessageA
	632c	  469  PostThreadMessageA
	6342	  507  SendInput
	634e	  578  SetWindowsHookExA
	6362	  608  TranslateMessage
	6376	  611  UnhookWindowsHookEx
	638c	  626  VkKeyScanA

 0000603c	00000000 00000000 00000000 00000000 00000000

There is an export table in .edata at 0x10005000

The Export Tables (interpreted .edata section contents)

Export Flags 			0
Time/Date stamp 		4d933642
Major/Minor 			0/0
Name 				0000508c kbhook.dll
Ordinal Base 			1
Number in:
	Export Address Table 		0000000a
	[Name Pointer/Ordinal] Table	0000000a
Table Addresses
	Export Address Table 		00005028
	Name Pointer Table 		00005050
	Ordinal Table 			0000507

....

Francois

-----Original Message-----
From: Kai Tietz [mailto:kti...@go...] 
Sent: mardi, 20. septembre 2011 09:59
To: min...@li...
Subject: Re: [Mingw-w64-public] Compiling a dll for JNI and java 64 bits

So,

Hmm, could you show me the dump of this DLL with objdump?

Call for this 'x86_64-w64-mingw32-objdump -x <dll-name> >dump.txt', and attach me this file to mail. I am mainly interested in the export-section of this DLL.

Thanks,
Kai

------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2dcopy1
_______________________________________________
Mingw-w64-public mailing list
Min...@li...
https://lists.sourceforge.net/lists/listinfo/mingw-w64-public