Hi,

I build a dll to load from my CeRapiInvoke, I get error messgae of 0x80004005. Cegetlasterror was 0.

To confirm my dll is fine, I build and run my app in my device of Loadlibray and getprocaddress with my dll and got success.

Then I CeRapiInvoke a cellcore.dll with Siminitlize, and also fine. So there is no security issue.

My dll is extern "C" and I check with Dependency walk. There is no previliged function inside.

I can not put my dll in \windows, so I put it in my storage card. The CeRapiInvoke is using the full path as argument.

Thanks,

Eric

Hi, I show my code below, my device is SP2003SE, I have previliged. I was unable to put any dll in \windows because it is rom. I know any dll rely on coredll.dll, so I put coredll.dll with my dll, but things no changes.

DLL:

//Head file, dll1.h

#ifdef DLL1_EXPORTS
#define DLL1_API __declspec(dllexport)
#else
#define DLL1_API __declspec(dllimport)
#endif

// This class is exported from the dll1.dll
//class DLL1_API CDll1 {
//public:
// CDll1(void);
// TODO: add your methods here.
//};

//extern STDAPI nDll1;

extern "C"
{
DLL1_API int fnDll1(void);
}

end of head file, then body file

// dll1.cpp : Defines the entry point for the DLL application.
//

#include "stdafx.h"
#include "dll1.h"

BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}

// This is an example of an exported variable
//DLL1_API int nDll1=0;

// This is an example of an exported function.
int fnDll1(void)
{

return 1 ;
}

Here is the client code running on PC:

// dllclient.cpp : Defines the entry point for the console application.
//

#include "stdafx.h"
#include <rapi.h>

int main(int argc, char* argv[])
{
printf("Hello World!\n");

HRESULT hr= 0;

DWORD cbOut=0;;
BYTE* pOut=NULL;

DWORD cbIn=1;
char *pIn="\0";

hr = CeRapiInit();

if(hr!=S_OK)
{
printf("rapi init failed, please check cable\r\n");
return 0;
}

//hr = CeRapiInvoke(L"\\Storage Card\\My Documents\\APP\\dll\\dll1.dll", L"fnDll1", cbIn,(BYTE*)pIn, &cbOut, &pOut, NULL, 0);//test with sime input, but nothing change
//hr = CeRapiInvoke(L"\\Storage Card\\My Documents\\APP\\dll\\cellcore.dll", L"SimInitialize", 0, NULL, &cbOut, &pOut, NULL, 0); //this was success.

hr = CeRapiInvoke(L"\\Storage Card\\Application Data\\Volatile\\dll1.dll", L"fnDll1", 0,NULL, &cbOut, &pOut, NULL, 0);//error 0x80004005

if(hr!=S_OK)
{
printf("Failed to r-invoke, err=%08x\r\n",hr);
}

DWORD dwerr= CeGetLastError();

printf("Ce get last err=%08x\r\n",dwerr);//err is 0

hr = CeRapiUninit();

return 0;
}

Hi, I worked out something, the dll need to be signed with privilige signature even it  have not any privilige function calling. Just share with you.

But I don't understand, cecore.dll did not have any signature signing and could be run just because it is released by MS.