News:

Download Pelles C here: http://www.smorgasbordet.com/pellesc/

Main Menu

IStream_ReadStr()

Started by czerny, November 12, 2014, 07:10:09 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions

czerny

#15
November 17, 2014, 03:04:55 PM
Does anybody know an example where IStream_WriteStr or IStream_ReadStr is used by the OS?

jj2007

#16
November 17, 2014, 04:34:03 PM
You mean "an example where IStream_WriteStr or IStream_ReadStr is used by the OS?"

Google IStream_ReadStr include windows.h - the top hit tells you how popular this function is in the coding world ;D

czerny

#17
November 18, 2014, 01:31:45 PM
Quote from: jj2007 on November 17, 2014, 04:34:03 PM
You mean "an example where IStream_WriteStr or IStream_ReadStr is used by the OS?"
No, I mean by the OS. Most interfaces and apis are used by the OS himself in any way.

jj2007

#18
November 19, 2014, 03:10:39 AM
Quote from: czerny on November 18, 2014, 01:31:45 PM
Quote from: jj2007 on November 17, 2014, 04:34:03 PM
You mean "an example where IStream_WriteStr or IStream_ReadStr is used by the OS?"
No, I mean by the OS. Most interfaces and apis are used by the OS himself in any way.

Of course, but for CreateWindowEx etc you'll find a Million hits, while the top hit for IStream_ReadStr in connection with "windows.h" points straight to your post. Which implies that absolutely nobody uses it, unless of course Microsoft developers are secretly using it ;-)

aardvajk

#19
November 19, 2014, 04:13:48 AM Last Edit: November 19, 2014, 04:17:26 AM by aardvajk
Here's where you can look. This is all the places ReadStr has been used since being invented, the WriteStr list is pretty much the same.
Code Select

Module Os
ieframe.dll 8 SP0
ieframe.dll 8.1
mssrch.dll 8.1
searchfolder.dll 7 SP0
searchfolder.dll 7 SP1
searchfolder.dll 8 SP0
searchfolder.dll 8.1
searchprotocolhost.exe 8.1
shell32.dll 7 SP0
shell32.dll 7 SP1
shell32.dll 8 SP0
shell32.dll 8.1
shell32.dll Server2008 SP1
shell32.dll Server2008 SP2
shell32.dll Vista SP0
shell32.dll Vista SP1
shell32.dll Vista SP2
twinui.dll 8 SP0
twinui.dll 8.1
urlmon.dll 8 SP0
urlmon.dll 8.1
wsshared.dll 8 SP0
wsshared.dll 8.1

Quote from: frankie on November 16, 2014, 11:40:47 PM
Edit: Here I found this:
"On success, the returned string should be freed with CoTaskMemFree."
Mystery solved

jj2007

#20
November 20, 2014, 07:14:27 PM
Just for curiosity: How did you produce that list? I can't find IStream_ReadStr in my Win7-64 Shell32.dll, just ReadStrAlloc...

TimoVJL

#21
November 21, 2014, 12:05:49 PM
Quote from: jj2007 on November 20, 2014, 07:14:27 PM
I can't find IStream_ReadStr in my Win7-64 Shell32.dll, just ReadStrAlloc...
Check Shlwapi.dll
May the source be with you

jj2007

#22
November 21, 2014, 02:35:05 PM
Quote from: TimoVJL on November 21, 2014, 12:05:49 PM
Quote from: jj2007 on November 20, 2014, 07:14:27 PM
I can't find IStream_ReadStr in my Win7-64 Shell32.dll, just ReadStrAlloc...
Check Shlwapi.dll

Thanks. I got it in shlwapi and urlmon but not in the others listed above.

TimoVJL

#23
November 21, 2014, 04:01:38 PM
Shell32.dll imports IStream_ReadStr from Shlwapi.dll by ordinal 0254h ?
May the source be with you

aardvajk

#24
November 21, 2014, 09:18:39 PM
czerny asked for examples so I presume (s)he meant where it's used by the OS. All those modules listed import it in some fashion. Whereabouts in those modules I don't know, but with something like the free version of IDA it's shouldn't be hard to find.

As for how, it's not too hard to scan the imports and exports of an OS's dll's though you have to take time to install them all or at least expand them from the ISO/WIM. As I found out when I was halfway done, someone's already done it. I used the WhoImportsFunctionAllOS query within that.
Print
Go Up Pages 1 2
User actions