Reputation: 9446
winddk: __iob_func redefinition
I am trying to link a user space library into a windows kernel driver. It has a reference to __iob_func which is part of "libcmt.lib" (user space library). I don't have access to this function in winddk. So, I am planning to define a stub for __iob_func which will try to emulate the same functionality as done in user space library.
Does anyone know what __iob_func do? I found the declaration of the function in the header files. But I am not sure what functionality it exactly does.
Upvotes: 5
Views: 5561
Answers (2)
Reputation: 31
Disassemble the following c code. cl /Fa mycode.c
fflush (stdin) ;
fflush (stdout) ;
fflush (stderr) ;
This is basically what the assembly file output with the /Fa switch on the c file will look like:
call ___iob_func ; invoke the c function __iob_func
push eax ; invoke fflush with 1 parameter
call _fflush
add esp, 04h ; realign the stack adding 4 bytes to
; the stack pointer (esp).
So, apparently the __iob_func returns a pointer to array or structure of input output buffer information; hence the iob acronym followed by func (__iob_func). i stands for input, o for output, b for buffer, etc......
That's just the fflush(stdin) function. fflush(stdout) repeats the same 4 lines with the only difference for stdout in the second line: push eax + 020h So, apparently each array member is composed of 32 bytes or 8 double words.
For stderr the assembler posted push eax + 040h or eax + 64 bytes
Microsoft Developer Network (MSDN) doesn't document the __iob_func function. But it's declaration probably would be something like the following: lpReturn __iob_func ( void )
32 bit assembly usually returns the value of a function in the eax register. And when the input parameter value of a function is described as an addition to a register (e.g. eax + 020h), it usually means that its referring to a structure or array of some type. So eax would be the starting address of the structure or array. And eax + 020h would be a location in that structure where information for stdout begins. eax + 040h would be the location where stderr begins.
So basically, if you want to use the __iob_func in your c program, you would have to prototype the function, and then perhaps create your own personal lib
mylib.def
LIBRARY msvcrt.dll
EXPORTS __iob_func
And then run lib on that file. LIB /def:mylib.def /machine:x86
That should create a 32 bit library called mylib.lib which you can use to link into your program.
Upvotes: 0
Reputation: 340406
__iob_func() returns a pointer to the array of FILE descriptors that holds stdin, stdout, stderr and any FILE objects opened through the C runtime library. See the MSVC runtime library source _file.c.
If your user-space library code actually tries to do much with the C runtime, you'll probably run into a lot of headaches linking it into your kernel driver. Good luck.
Upvotes: 10
Related Questions
- Windows Kernel-Level global Critical Section
- Error Starting Windows Driver: The handle is invalid
- Modifying Windows disk driver to use updated control codes like IOCTL_DISK_GET_DRIVE_GEOMETRY_EX
- error LNK2001: unresolved external symbol __iob_func
- No symbol found in windbg
- libUSB / WinUSB to WinDDK Driver Port
- running custom WIN kernel driver
- Windows (64) Kernel Driver and pagable Functions
- windows 7 driver ioctl call
- What replaced usbioctl.h?