GenPatch Readme

GenPatch v1.01
Copyright (C) 2006/2007, Xeno86


Table of contents

Introduction
GenPatch usage
C Source limitations
Assembler Source limitations
MAKE_* tags
Known bugs
TODOs


Introduction

GenPatch is a part of KernelEx.
It's purpose is to aid creating API patches for use with KernelEx.
GenPatch reads a source file (C or Assembler) and generates a corresponding binary with calculated offset addresses which can be used directly in KernelEx.

GetPatch relies on NASM version 0.98.39 compiled on Jan 16 2005 and Att2intl version 0.2.1a. Other versions of mentioned programs haven't been tested and are not supported. So if you want to use other versions do it AT YOUR OWN RISK!


GenPatch usage

GenPatch.exe [-dbg] sourcefile.c
or
GenPatch.exe [-dbg] sourcefile.asm

The optional parameter -dbg tells GenPatch to keep temporary files and display some debug information.

Also the following restrictions apply for source files:


C Source limitations

  1. You cannot use multiple sources for a single patch. The code must be located in a single *.C file (plus optional headers).
  2. You can only use functions which are imported/exported by the given library.
  3. You cannot use global and/or static variables! But you CAN use global constants (incl. constant arrays)
  4. Instead of malloc, free use GetProcessHeap, HeapAlloc, HeapFree
  5. The exported functions must be written in STDCALL calling convention!
  6. Use MAKE_EXPORT tag for exported functions

Assembler Source limitations

same as C Source limitations plus:
  1. Assembler files have to be compatible with NASM
  2. You can't provide empty addresses (expressions "call $" and "jmp near $" are NOT allowed). As a workaround use label "DUMMY" this will be skipped by GenPatch and not included in api list.

MAKE_* tags

GenPatch supports 3 special tags:

MAKE_EXPORT
MAKE_IMPORT
MAKE_CALL

MAKE_EXPORT

The MAKE_EXPORT tag instructs GenPatch to include selected function in exported functions table.

Syntax in C files:
/* MAKE_EXPORT function_name=export_name */
// MAKE_EXPORT function_name=export_name

Syntax in Assembler files:
; MAKE_EXPORT function_name=export_name

MAKE_IMPORT

The MAKE_IMPORT tag is used to distinguish between local (internal) and imported functions.
It is needed because the compiler assumes that all calls and jumps are internal (relative).
This instructs GenPatch to threat selected functions as imported from external modules (absolute indirect calls/jumps).
In assembler source it is used to rename imported functions (same as MAKE_CALL but for imported not local).

Syntax in C files:
/* MAKE_IMPORT function_name=module_name.import_name */
// MAKE_IMPORT function_name=module_name.import_name

/* MAKE_IMPORT function_name=module_name.Ordinalxxx */
// MAKE_IMPORT function_name=module_name.Ordinalxxx

/* MAKE_IMPORT function_name=import_name */
// MAKE_IMPORT function_name=import_name

/* MAKE_IMPORT function_name=Ordinalxxx */
// MAKE_IMPORT function_name=Ordinalxxx

Syntax in Assembler files:
; MAKE_IMPORT function_name=module_name.import_name
; MAKE_IMPORT function_name=module_name.Ordinalxxx
; MAKE_IMPORT function_name=import_name
; MAKE_IMPORT function_name=Ordinalxxx

if module_name is not specified it will be matched to first function with this name/ordinal. Note: This may not always be optimal.

MAKE_CALL

The MAKE_CALL tag is used in order access a local function with another name than specified. It's main purpose is to access functions exported only by ordinal (unnamed functions).

Syntax in C files:
/* MAKE_CALL function_name=other_name */
// MAKE_CALL function_name=other_name

/* MAKE_CALL function_name=Ordinalxxx */
// MAKE_CALL function_name=Ordinalxxx

Syntax in Assembler files:
; MAKE_CALL function_name=other_name
; MAKE_CALL function_name=Ordinalxxx


Known bugs

For some reason drag&drop doesn't work correctly.


TODOs

- Automatic detection and decision: exported or imported symbol (C input) [scan target dll?]
- Maybe some tags for displaying source author?


-Xeno86