20 Jan
2009
20 Jan
'09
2:53 a.m.
Hi,
I am working on a project to parse the Windows image file. To do that,
I must understand the structure of some Windows components, like
_EPROCESS. So I took some headers from ReactOS, and write *userland*
code like below:
----
#include <pstypes.h>
#include <stdio.h>
int main()
{
printf("size of EPROCESS: %d\n", sizeof(struct _EPROCESS));
return 0;
}
----
The I got the problem: g++ reported that _EPROCESS is incomplete.
Clearly this means it doesnt see the structure _EPROCESS, so I took a
closer look, and found that _EPROCESS is not defined in user-mode
(NTOS_MODE_USER). I tried to fix it by putting
#undef NTOS_MODE_USER
in front of #include <pstypes>, but that doesnt help.
Anybody please tell me if there is any way to fix this?
I think I can fix that by modifying the original headers. but that is
way too ugly.
Many thanks,
Jun
20 Jan
20 Jan
3:50 a.m.
On Tue, Jan 20, 2009 at 11:53 AM, Jun Koi <junkoi2004(a)gmail.com> wrote:
Hi,
I am working on a project to parse the Windows image file. To do that,
I must understand the structure of some Windows components, like
_EPROCESS. So I took some headers from ReactOS, and write *userland*
code like below:
----
#include <pstypes.h>
#include <stdio.h>
int main()
{
printf("size of EPROCESS: %d\n", sizeof(struct _EPROCESS));
return 0;
}
----
The I got the problem: g++ reported that _EPROCESS is incomplete.
Clearly this means it doesnt see the structure _EPROCESS, so I took a
closer look, and found that _EPROCESS is not defined in user-mode
(NTOS_MODE_USER). I tried to fix it by putting
#undef NTOS_MODE_USER
in front of #include <pstypes>, but that doesnt help.
Anybody please tell me if there is any way to fix this?
I think I can fix that by modifying the original headers. but that is
way too ugly.
I forgot to say that I compiled the above code with command like this:
g++ $(NDK_INCLUDE) test.c -o test
with NDK_INCLUDE is pointed to a set of header directories.
Thanks,
J
22 Jan
22 Jan
3:12 p.m.
Please somebody helps me?
I guess I can compile the code in userspace by set a particular macro
(so to deactivate the NTOS_MODE_USER macro), because the kernel code
of ReactOS can do that, too.
Unfortunately I still cannot find how to do that. The code is
complicated compiled in the way I am not familar with, so I am really
struggling here ;-(
Thanks a lot,
Jun
On Tue, Jan 20, 2009 at 12:50 PM, Jun Koi <junkoi2004(a)gmail.com> wrote:
On Tue, Jan 20, 2009 at 11:53 AM, Jun Koi
<junkoi2004(a)gmail.com> wrote:
Hi,
I am working on a project to parse the Windows image file. To do that,
I must understand the structure of some Windows components, like
_EPROCESS. So I took some headers from ReactOS, and write *userland*
code like below:
----
#include <pstypes.h>
#include <stdio.h>
int main()
{
printf("size of EPROCESS: %d\n", sizeof(struct _EPROCESS));
return 0;
}
----
The I got the problem: g++ reported that _EPROCESS is incomplete.
Clearly this means it doesnt see the structure _EPROCESS, so I took a
closer look, and found that _EPROCESS is not defined in user-mode
(NTOS_MODE_USER). I tried to fix it by putting
#undef NTOS_MODE_USER
in front of #include <pstypes>, but that doesnt help.
Anybody please tell me if there is any way to fix this?
I think I can fix that by modifying the original headers. but that is
way too ugly.
I forgot to say that I compiled the above code with command like this:
g++ $(NDK_INCLUDE) test.c -o test
with NDK_INCLUDE is pointed to a set of header directories.
Thanks,
J
4:23 p.m.
EPROCESS is a kmode struct, it has no place in usermode.
Maybe you should be looking to read the PEB
Ged.
-----Original Message-----
From: ros-dev-bounces(a)reactos.org [mailto:ros-dev-bounces@reactos.org] On
Behalf Of Jun Koi
Sent: 22 January 2009 15:13
To: ros-dev(a)reactos.org
Subject: Re: [ros-dev] Use kernel types in include files?
Please somebody helps me?
I guess I can compile the code in userspace by set a particular macro
(so to deactivate the NTOS_MODE_USER macro), because the kernel code
of ReactOS can do that, too.
Unfortunately I still cannot find how to do that. The code is
complicated compiled in the way I am not familar with, so I am really
struggling here ;-(
Thanks a lot,
Jun
On Tue, Jan 20, 2009 at 12:50 PM, Jun Koi <junkoi2004(a)gmail.com> wrote:
On Tue, Jan 20, 2009 at 11:53 AM, Jun Koi
<junkoi2004(a)gmail.com> wrote:
_______________________________________________
Ros-dev mailing list
Ros-dev(a)reactos.org
http://www.reactos.org/mailman/listinfo/ros-dev
Hi,
I am working on a project to parse the Windows image file. To do that,
I must understand the structure of some Windows components, like
_EPROCESS. So I took some headers from ReactOS, and write *userland*
code like below:
----
#include <pstypes.h>
#include <stdio.h>
int main()
{
printf("size of EPROCESS: %d\n", sizeof(struct _EPROCESS));
return 0;
}
----
The I got the problem: g++ reported that _EPROCESS is incomplete.
Clearly this means it doesnt see the structure _EPROCESS, so I took a
closer look, and found that _EPROCESS is not defined in user-mode
(NTOS_MODE_USER). I tried to fix it by putting
#undef NTOS_MODE_USER
in front of #include <pstypes>, but that doesnt help.
Anybody please tell me if there is any way to fix this?
I think I can fix that by modifying the original headers. but that is
way too ugly.
I forgot to say that I compiled the above code with command like this:
g++ $(NDK_INCLUDE) test.c -o test
with NDK_INCLUDE is pointed to a set of header directories.
Thanks,
J
4:24 p.m.
The 'problem' is that EPROCESS relies on kernel mode types defined in the DDK (it
isn't exactly meant to be used in user mode).
Try something like:
#include <ntddk.h>
#include <pstypes.h>
If that doesn't work for you, then you probably have to fix every missing definition
by hand.
Date: Fri, 23 Jan 2009 00:12:59 +0900
From: junkoi2004(a)gmail.com
To: ros-dev(a)reactos.org
Subject: Re: [ros-dev] Use kernel types in include files?
Please somebody helps me?
I guess I can compile the code in userspace by set a particular macro
(so to deactivate the NTOS_MODE_USER macro), because the kernel code
of ReactOS can do that, too.
Unfortunately I still cannot find how to do that. The code is
complicated compiled in the way I am not familar with, so I am really
struggling here ;-(
Thanks a lot,
Jun
On Tue, Jan 20, 2009 at 12:50 PM, Jun Koi <junkoi2004(a)gmail.com> wrote:
_________________________________________________________________
Drag n’ drop—Get easy photo sharing with Windows Live™ Photos.
http://www.microsoft.com/windows/windowslive/photos.aspx
On Tue, Jan 20, 2009 at 11:53 AM, Jun Koi
<junkoi2004(a)gmail.com> wrote:
_______________________________________________
Ros-dev mailing list
Ros-dev(a)reactos.org
http://www.reactos.org/mailman/listinfo/ros-dev Hi,
I am working on a project to parse the Windows image file. To do that,
I must understand the structure of some Windows components, like
_EPROCESS. So I took some headers from ReactOS, and write *userland*
code like below:
----
#include <pstypes.h>
#include <stdio.h>
int main()
{
printf("size of EPROCESS: %d\n", sizeof(struct _EPROCESS));
return 0;
}
----
The I got the problem: g++ reported that _EPROCESS is incomplete.
Clearly this means it doesnt see the structure _EPROCESS, so I took a
closer look, and found that _EPROCESS is not defined in user-mode
(NTOS_MODE_USER). I tried to fix it by putting
#undef NTOS_MODE_USER
in front of #include <pstypes>, but that doesnt help.
Anybody please tell me if there is any way to fix this?
I think I can fix that by modifying the original headers. but that is
way too ugly.
I forgot to say that I compiled the above code with command like this:
g++ $(NDK_INCLUDE) test.c -o test
with NDK_INCLUDE is pointed to a set of header directories.
Thanks,
J
6074
days inactive
6076
days old
4 comments
3 participants
participants (3)
-
Ged -
Jun Koi -
Stefan Ginsberg