Programmatically determining arguments to a WinAPI function
juan.lang at gmail.com
Mon Apr 2 14:45:18 CDT 2012
On Mon, Apr 2, 2012 at 10:41 AM, Roger Cruz <roger_r_cruz at yahoo.com> wrote:
> I'm looking for a way to determine programmatically what the arguments to a
> Win32 API implemented in Wine are. I'm trying to implement an API
> redirection stub that I can use to trace calls into all of the
> Wine-implemented DLLs. My stub needs to know what each argument passed into
> the Win32 API, their types and sizes, and whether they reside on the stack
> or register when calling the routine and finally their return value.
I think you want to look at winapi
> In researching Wine, I have come to find out two tools, winedump and
> winebuild that may be helpful in doing this but I have yet to find out how
> to use them correctly to get the information I seek. Maybe they just don't
> have that capability or maybe I just haven't played with them enough to find
> all of its uses.
> For example, I found that each DLL has a *.spec file which looks to have
> some of the info I need:
> @ stdcall GetSystemTimeAsFileTime(ptr)
> Looking at the man pages, this tells me that GetSystemTimeAsFileTime takes
> in an argument as a pointer but I don't see any return value information
> here. Also, does this file ever represent arguments passed by value on the
> stack, like a structure? If so, does it capture how big the structure is?
> What about function prototypes with variable arguments (similar to
> printf(...)).. are those capture in the file? Can I also assume (based on
> the calling convention listed as stdcall) which arguments will be on
> registers and which will be on the stack?
Yes. stdcall, cdecl, and fastcall are all documented as to their
calling convention. In particular, stdcall and cdecl both accept all
arguments on the stack and return through EAX. (They differ in who
pops arguments from the stack.) This is basic Win32 stuff, any
Windows reference in the last 25+ years ought to tell you it.
fastcall is more recent, but they're all up on Wikipedia:
More information about the wine-devel