Hi,
I am working on a project to parse the Windows image file. To do that, I must understand the structure of some Windows components, like _EPROCESS. So I took some headers from ReactOS, and write *userland* code like below:
---- #include <pstypes.h> #include <stdio.h>
int main() { printf("size of EPROCESS: %d\n", sizeof(struct _EPROCESS)); return 0; } ----
The I got the problem: g++ reported that _EPROCESS is incomplete.
Clearly this means it doesnt see the structure _EPROCESS, so I took a closer look, and found that _EPROCESS is not defined in user-mode (NTOS_MODE_USER). I tried to fix it by putting
#undef NTOS_MODE_USER
in front of #include <pstypes>, but that doesnt help.
Anybody please tell me if there is any way to fix this?
I think I can fix that by modifying the original headers. but that is way too ugly.
Many thanks, Jun
On Tue, Jan 20, 2009 at 11:53 AM, Jun Koi junkoi2004@gmail.com wrote:
Hi,
I am working on a project to parse the Windows image file. To do that, I must understand the structure of some Windows components, like _EPROCESS. So I took some headers from ReactOS, and write *userland* code like below:
#include <pstypes.h> #include <stdio.h>
int main() { printf("size of EPROCESS: %d\n", sizeof(struct _EPROCESS)); return 0; }
The I got the problem: g++ reported that _EPROCESS is incomplete.
Clearly this means it doesnt see the structure _EPROCESS, so I took a closer look, and found that _EPROCESS is not defined in user-mode (NTOS_MODE_USER). I tried to fix it by putting
#undef NTOS_MODE_USER
in front of #include <pstypes>, but that doesnt help.
Anybody please tell me if there is any way to fix this?
I think I can fix that by modifying the original headers. but that is way too ugly.
I forgot to say that I compiled the above code with command like this:
g++ $(NDK_INCLUDE) test.c -o test
with NDK_INCLUDE is pointed to a set of header directories.
Thanks, J
Please somebody helps me?
I guess I can compile the code in userspace by set a particular macro (so to deactivate the NTOS_MODE_USER macro), because the kernel code of ReactOS can do that, too.
Unfortunately I still cannot find how to do that. The code is complicated compiled in the way I am not familar with, so I am really struggling here ;-(
Thanks a lot, Jun
On Tue, Jan 20, 2009 at 12:50 PM, Jun Koi junkoi2004@gmail.com wrote:
On Tue, Jan 20, 2009 at 11:53 AM, Jun Koi junkoi2004@gmail.com wrote:
Hi,
I am working on a project to parse the Windows image file. To do that, I must understand the structure of some Windows components, like _EPROCESS. So I took some headers from ReactOS, and write *userland* code like below:
#include <pstypes.h> #include <stdio.h>
int main() { printf("size of EPROCESS: %d\n", sizeof(struct _EPROCESS)); return 0; }
The I got the problem: g++ reported that _EPROCESS is incomplete.
Clearly this means it doesnt see the structure _EPROCESS, so I took a closer look, and found that _EPROCESS is not defined in user-mode (NTOS_MODE_USER). I tried to fix it by putting
#undef NTOS_MODE_USER
in front of #include <pstypes>, but that doesnt help.
Anybody please tell me if there is any way to fix this?
I think I can fix that by modifying the original headers. but that is way too ugly.
I forgot to say that I compiled the above code with command like this:
g++ $(NDK_INCLUDE) test.c -o testwith NDK_INCLUDE is pointed to a set of header directories.
Thanks, J
EPROCESS is a kmode struct, it has no place in usermode.
Maybe you should be looking to read the PEB
Ged.
-----Original Message----- From: ros-dev-bounces@reactos.org [mailto:ros-dev-bounces@reactos.org] On Behalf Of Jun Koi Sent: 22 January 2009 15:13 To: ros-dev@reactos.org Subject: Re: [ros-dev] Use kernel types in include files?
Please somebody helps me?
I guess I can compile the code in userspace by set a particular macro (so to deactivate the NTOS_MODE_USER macro), because the kernel code of ReactOS can do that, too.
Unfortunately I still cannot find how to do that. The code is complicated compiled in the way I am not familar with, so I am really struggling here ;-(
Thanks a lot, Jun
On Tue, Jan 20, 2009 at 12:50 PM, Jun Koi junkoi2004@gmail.com wrote:
On Tue, Jan 20, 2009 at 11:53 AM, Jun Koi junkoi2004@gmail.com wrote:
Hi,
I am working on a project to parse the Windows image file. To do that, I must understand the structure of some Windows components, like _EPROCESS. So I took some headers from ReactOS, and write *userland* code like below:
#include <pstypes.h> #include <stdio.h>
int main() { printf("size of EPROCESS: %d\n", sizeof(struct _EPROCESS)); return 0; }
The I got the problem: g++ reported that _EPROCESS is incomplete.
Clearly this means it doesnt see the structure _EPROCESS, so I took a closer look, and found that _EPROCESS is not defined in user-mode (NTOS_MODE_USER). I tried to fix it by putting
#undef NTOS_MODE_USER
in front of #include <pstypes>, but that doesnt help.
Anybody please tell me if there is any way to fix this?
I think I can fix that by modifying the original headers. but that is way too ugly.
I forgot to say that I compiled the above code with command like this:
g++ $(NDK_INCLUDE) test.c -o testwith NDK_INCLUDE is pointed to a set of header directories.
Thanks, J
_______________________________________________ Ros-dev mailing list Ros-dev@reactos.org http://www.reactos.org/mailman/listinfo/ros-dev
The 'problem' is that EPROCESS relies on kernel mode types defined in the DDK (it isn't exactly meant to be used in user mode). Try something like:
#include <ntddk.h> #include <pstypes.h>
If that doesn't work for you, then you probably have to fix every missing definition by hand.
Date: Fri, 23 Jan 2009 00:12:59 +0900 From: junkoi2004@gmail.com To: ros-dev@reactos.org Subject: Re: [ros-dev] Use kernel types in include files?
Please somebody helps me?
I guess I can compile the code in userspace by set a particular macro (so to deactivate the NTOS_MODE_USER macro), because the kernel code of ReactOS can do that, too.
Unfortunately I still cannot find how to do that. The code is complicated compiled in the way I am not familar with, so I am really struggling here ;-(
Thanks a lot, Jun
On Tue, Jan 20, 2009 at 12:50 PM, Jun Koi junkoi2004@gmail.com wrote:
On Tue, Jan 20, 2009 at 11:53 AM, Jun Koi junkoi2004@gmail.com wrote:
Hi,
I am working on a project to parse the Windows image file. To do that, I must understand the structure of some Windows components, like _EPROCESS. So I took some headers from ReactOS, and write *userland* code like below:
#include <pstypes.h> #include <stdio.h>
int main() { printf("size of EPROCESS: %d\n", sizeof(struct _EPROCESS)); return 0; }
The I got the problem: g++ reported that _EPROCESS is incomplete.
Clearly this means it doesnt see the structure _EPROCESS, so I took a closer look, and found that _EPROCESS is not defined in user-mode (NTOS_MODE_USER). I tried to fix it by putting
#undef NTOS_MODE_USER
in front of #include <pstypes>, but that doesnt help.
Anybody please tell me if there is any way to fix this?
I think I can fix that by modifying the original headers. but that is way too ugly.
I forgot to say that I compiled the above code with command like this:
g++ $(NDK_INCLUDE) test.c -o testwith NDK_INCLUDE is pointed to a set of header directories.
Thanks, J
Ros-dev mailing list Ros-dev@reactos.org http://www.reactos.org/mailman/listinfo/ros-dev
_________________________________________________________________ Drag n’ drop—Get easy photo sharing with Windows Live™ Photos.
-
Ged -
Jun Koi -
Stefan Ginsberg