I have a getSystemInfo function that is built into WinAPI (sysinfoapi.h), how can I call it?
and then place the answer answer the function in the memory cell.
C++:
void getsysysteminfo (
LPSYSTEM_INFO LPSYSTEMINFO.
);
Official documentation: https: // docs.microsoft.com/en-us/windows/win32/api/sysinfoapi/nf-sysinfoapi-getsysteminfo
That’s all I could find.
Answer 1, Authority 100%
Disclaimer:
There is no point in writing this code on the assembler, all the same
It would be much easier to write on C (at the end example).
As far as possible is the minimum example on FASM, the result is a 32-bit Console EXE file:
Format PE CONSOLE
Entry Start.
include 'win32a.inc'
Section '.text' Code Readable Executable
Start:
Invoke GetSystemInfo, System_info
; DWORD Before [System_info.WProcessoRarchitecture], it is necessary due to the fact that it is a 2-byte field (Word),
; It can not be possible to transfer it to Push.
; DWORD here leads to the fact that 4 bytes are read at the field instead of 2.
; But it works correctly only because after this field there is a reserved empty 2-byte field.
; (If it were not empty, the wrong value would be removed)
Cinvoke Printf, Format_String, DWORD [System_info.wprocessoRarchitecture], [System_info.DWPageSize]
INVOKE GETCH; Waiting for keystrokes before completion, it is possible without it if you run from the command line
INVOKE EXITPROCESS, 0
Section '.data' Data Readable Writeable
System_info System_info.
format_string:
db 'wprocessoRarchitecture:% d', 0x0d, 0x0a
DB 'DWPAGESIZE:% d', 0x0d, 0x0a, 0
Section '.idata' Import Data Readable Writeable
Library kernel32, 'kernel32.dll', \
MSVCRT, 'MSVCRT.DLL'
Include 'API / Kernel32.inc'
Import MSVCRT, \
Printf, 'Printf', \
Getch, '_ GETCH'
Section '. Reeloc' Fixups Data Readable Discardable
Here for example, the output of values of the first two fields – WPROCESSRARCHITECTURE and Dwpagesize .
In the 32-bit version displays:
wprocessoRarchitecture: 0
DWPAGESIZE: 4096.
0 corresponds to processor_architecture_intel , see the description of the structure System_info
If you change in PE code on PE64 and include 'win32a.inc' on include 'win64a.inc' , you will get a 64-bit extest, the conclusion will be like this:
WPRECESSORCHITECTURE: 9
DWPAGESIZE: 4096.
9 Configured Processor_architecture_amd64 .
“Magic” string System_info System_info is a macro that when compiling unfolds in the set of fields of the appropriate structure, for example, for a 32-bit Exnector (taken from the FASM / INCLUDE / EQUATES / KERNEL32 file .inc ):
struct system_info
WPROCESSORCHITECTURE DW?
Wreserved DW?
DWPAGESIZE DD?
LpminimumApplicationAddress DD?
LPMaximumApplicationAddress DD?
DWACTIVEPROCESSORMASK DD?
DWNumberOfProcessors DD?
DWPROCESSTYPE DD?
DWALLOCATIONGRANARITY DD?
WPROCESSORLELVEL DW?
WPROCESSorRevision DW?
ENDS.
For the 64-bit version, all the same, only the size of field fields (those that start on LP ) Others – 64-bit (DQ ) instead 32 -bit (DD ).
It also needs to be said that invoke , Cinvoke are macros that are converted to different code, depending on the file connected at the beginning of the program – Win32a. INC or WIN64A.INC .
for the 32-bit version invoke turns into 0 or more push and call at the end – Agreement STDCALL . For CINVOKE PUSH OPPOUSE, and after Call still aligns the size of the parameters transmitted via Push Cdecl (used for variable parameter functions, like the same printf ). See Agreement About the challenges used on x86 at 32-bit addressing .
For the 64-bit version, everything is somewhat more complicated, you can see here: Challenges Agreement for 64-bit systems
p.s. More or less equivalent code on C:
include & lt; windows.h & gt;
Include & lt; stdio.h & gt;
System_info System_info;
INT MAIN () {
GetSystemInfo (& amp; System_info);
PrintF ("WPRECESSRARCHITECTURE:% D \ N"
"DWPagesIze:% d \ n",
System_info.WProcessoRarchitecture,
System_info.dwpagesize);
// there could be a getch () call;, but this feature is not included in the standard, so I do not add
Return 0;
}