Skip to content

Normal stub

Yaroslav Kibysh edited this page Jul 6, 2019 · 4 revisions

Meaning

Normal stub is a full copy of Windows CE function in COREDLL code which is easy to debug and uses Win32 API analogue.

Example

For example, we need to create GetObjectW function.

  1. We need to see a definition in Windows CE. I will use Microsoft website for this.

  2. Create a copy in wcecl/coredll/coredll.cpp, add _WCECL to the name and save output from Win32 analogue.

int GetObjectW_WCECL(HGDIOBJ hgdiobj, int cbBuffer, LPVOID lpvObject)
{
    // source: https://docs.microsoft.com/en-us/previous-versions/windows/embedded/ee506071(v%3dwinembedded.60)
    auto result = ::GetObjectW(hgdiobj, cbBuffer, lpvObject);
    return result;
}

We need to add _WCECL in order to not confuse with already defined function and put output in auto result so we can debug it using Visual Studio tools.

  1. Define function in wcecl/coredll/exports.def with correct ordinal from the original Windows CE 6.0 coredll:
GetObjectW=GetObjectW_WCECL @918

Converting direct stub to normal

If a direct stub is already defined in exports and you need to convert it to normal, you need do the same steps as above, but don't forget to change definition in wcecl/coredll/exports.def:

GetObjectW @918 -> GetObjectW=GetObjectW_WCECL @918