PoLink - bug ?

[ouadji]

unavailability of the IAT Table inside a driver (outside the fonction "DriverEntry")
The IAT is built "pageable" (!) and is not accessible outside DriverEntry. (reproducible problem)

For more, please read the Topic on the forum of "Fasm"
=> Forum Fasm / Windows / Topic "MS COFF - Driver".  >>> CLIC HERE


A) MS Linker - it works fine, no problem with IAT.

Code: [Select]


c:\WinDDK\6001.18002\bin\x86\x86\link
/DRIVER /SUBSYSTEM:NATIVE /ENTRY:DriverEntry
toto.obj BeaEngine.lib ntoskrnl.lib hal.lib /OUT:toto.sys


B) PoLink - it doesn't work, IAT is unavailable outside "DriverEntry" !

Code: [Select]


C:\PellesC\bin\PoLink
/DRIVER /SUBSYSTEM:NATIVE /ENTRY:_DriverEntry@8
toto.obj BeaEngine.lib ntoskrnl.lib hal.lib /OUT:toto.sys



Code: [Select]

format MS COFF

;NTOSKRNL.EXE
;============

extrn '_Disasm@4' as Disasm:dword
extrn '_DbgPrint' as DbgPrint:dword
extrn '_IoCreateDevice@28' as IoCreateDevice:dword
extrn '_IoCreateSymbolicLink@8' as IoCreateSymbolicLink:dword
extrn '_MmLockPagableDataSection@4' as MmLockPagableDataSection:dword
extrn '_IoDeleteDevice@4' as IoDeleteDevice:dword
extrn '_IoCompleteRequest@8' as IoCompleteRequest:dword
extrn '_MmMapIoSpace@16' as MmMapIoSpace:dword
extrn '_MmUnmapIoSpace@8'as MmUnmapIoSpace:dword
extrn '_ExFreePoolWithTag@8' as ExFreePoolWithTag:dword
extrn '_KeSetSystemAffinityThread@4' as KeSetSystemAffinityThread:dword
extrn '_KeRevertToUserAffinityThread@0' as KeRevertToUserAffinityThread:dword
extrn '_IoDeleteSymbolicLink@4' as IoDeleteSymbolicLink:dword
extrn '_MmUnlockPagableImageSection@4' as MmUnlockPagableImageSection:dword
extrn '_MmMapLockedPagesSpecifyCache@24' as MmMapLockedPagesSpecifyCache:dword
extrn '_KeI386ReleaseGdtSelectors@8' as KeI386ReleaseGdtSelectors:dword
extrn '_KeI386AllocateGdtSelectors@8' as KeI386AllocateGdtSelectors:dword
extrn '_KeI386SetGdtSelector@8' as KeI386SetGdtSelector:dword
extrn '_ExAllocatePoolWithTag@12' as ExAllocatePoolWithTag:dword
extrn '_KeGetCurrentThread@0' as KeGetCurrentThread:dword
extrn '_KeQueryActiveProcessors@0' as KeQueryActiveProcessors:dword
extrn '_MmGetPhysicalAddress@4' as MmGetPhysicalAddress:dword

;HAL.DLL
;=======

extrn '_KeGetCurrentIrql@0' as KeGetCurrentIrql:dword
extrn '_HalGetInterruptVector@24' as HalGetInterruptVector:dword

include 'c:\TEST\perso_driver.inc'

public DriverEntry as '_DriverEntry@8'

;==============================================================================
section 'main' code readable writeable executable notpageable
;============ +++++ ===========================================================

proc DriverEntry pDriverObject, usRegistryPath
;==================
locals
    status          dd ?
    pDeviceObject   dd ?
endl


[ouadji]

Pelle ...
I can assure you that there is a problem.
what do you think about this ?
Thank you very much for your attention.

[AlexN]

Pelle ...

The last time that Pelle visited this forum was the 04. 08. 2009 (this is not so unusual for Pelle). So don't expect a fast reaction to your question.

[ouadji]

I sent him an e-mail also  
thank you Alex.

So don't expect a fast reaction to your question.

Having said that, it's absolutly not a problem if Pelle doesn't monitor his forum and doesn't answer.
The Microsoft linker works perfectly well, and unlike PoLink, reports no error here