I've been trying to debug this code. My Process32First function just keep returning an invalid value. I don't know what's wrong with it. Can someone help me in this problem?
include \masm32\include\masm32rt.inc
.data
err db "Error!",0
.data?
procData PROCESSENTRY32 <>
procH HANDLE ?
.code
start:
lea esi, procData
push 0
push TH32CS_SNAPPROCESS
call CreateToolhelp32Snapshot
mov procH, eax
mov procData.dwSize, sizeof PROCESSENTRY32
push offset procData
push procH
call Process32First
.if eax == 0
jmp _err
.endif
jmp _end
_err:
push offset err
call StdOut
_end:
push 0
call ExitProcess
end start
This is my latest code.
You're calling Process32FirstW, the Unicode (wide character) version of Process32First. So you need a wide character version of PROCESSENTRY32, where TCHAR is defined as WORD. The windows.inc of the MASM32 SDK doesn't have such a version, but the ANSI version (TCHAR => BYTE). As far as I can see you don't need the Unicode version. Remove the uppercase "W" from Process32FirstW.
If you absolutely want to use the Unicode version, you have to declare a special "PROCESSENTRY32W" structure:
include \masm32\include\masm32rt.inc
PROCESSENTRY32W STRUCT
dwSize DWORD ?
cntUsage DWORD ?
th32ProcessID DWORD ?
th32DefaultHeapID DWORD ?
th32ModuleID DWORD ?
cntThreads DWORD ?
th32ParentProcessID DWORD ?
pcPriClassBase DWORD ?
dwFlags DWORD ?
szExeFile dw MAX_PATH dup(?)
PROCESSENTRY32W ENDS
.data
err db "Error!",0
.data?
procData PROCESSENTRY32W <>
procH HANDLE ?
.code
start:
lea esi, procData
push 0
push TH32CS_SNAPPROCESS
call CreateToolhelp32Snapshot
mov procH, eax
;https://msdn.microsoft.com/de-de/library/windows/desktop/ms684834(v=vs.85).aspx
mov procData.dwSize, sizeof PROCESSENTRY32W
push offset procData
push procH
call Process32FirstW
.if eax == 0
jmp _err
.endif
printf ("%S\n", OFFSET procData.szExeFile)
jmp _end
_err:
push offset err
call StdOut
_end:
push 0
call ExitProcess
end start