theo@idca.tds.PHILIPS.nl (T. van Hunnik) (04/16/91)
Hello netters,
We have made an iconic shell on top of windows 3.0, which is able to
activate windows and non-windows (dos) programs. To enable customization
of application activation we have made keyboard input redirections.
This kaeboard input redirection is implemented differently for windows
applications as for ms-dos applications. This is the reason we like to detect
the difference between ms-dos and windows executables.
In the MS-DOS Encyclopedia in appendix K we found a detection method
for new executable files ("MZ" on the first two bytes; on offset 3CH the
offset to the new executable header, which starts with "NE").
However a few days ago we found out that MS-Word for DOS has this same
strings and is a new executable file, but no windows applications!
Does anyone out there know whether a better mechanism exist to detect
the difference between a windows application and a ms-dos applications??
Thanks Theo
Theo van Hunnik Tel : (+31-55-43)3306
PLG Added Value FAX : (+31-55-43)2041
Room V3/A20 Internet : theo@idca.tds.philips.nl
Philips Information Systems uucp : ...!mcsun!philapd!theo
Postbus 245
7300 AE Apeldoorn
Nederlandepperson@adobe.COM (Mark Epperson) (04/18/91)
In article <1275@idcapd.idca.tds.philips.nl> theo@idca.tds.PHILIPS.nl (T. van Hunnik) writes: > >Hello netters, > >We have made an iconic shell on top of windows 3.0, which is able to >activate windows and non-windows (dos) programs. To enable customization >of application activation we have made keyboard input redirections. >This kaeboard input redirection is implemented differently for windows >applications as for ms-dos applications. This is the reason we like to detect >the difference between ms-dos and windows executables. > >In the MS-DOS Encyclopedia in appendix K we found a detection method >for new executable files ("MZ" on the first two bytes; on offset 3CH the >offset to the new executable header, which starts with "NE"). > >However a few days ago we found out that MS-Word for DOS has this same >strings and is a new executable file, but no windows applications! > >Does anyone out there know whether a better mechanism exist to detect >the difference between a windows application and a ms-dos applications?? > Try this...I wrote this to do something similar main(argc, argv) int argc; char **argv; { struct { int junk[30], offset; } exe_data; struct { int junk[19], name_offset, junk[2], description; } def_data; struct { unsigned char len; char string[256]; } pas_string; int fd = open(argv[1], O_RDONLY|O_BINARY|S_IREAD); read(fd, (char *)&exe_data, sizeof(exe_data)); if (exe_data.offset) { lseek(fd, exe_data.offset, SEEK_SET); read(fd, (char *)&def_data, sizeof(def_data)); lseek(fd, exe_data.offset + def_data.name_offset, SEEK_SET); read(fd, (char *)&pas_string, sizeof(pas_string)); printf("name: %s\n", pas_string.string); lseek(fd, exe_data.offset + def_data.description, SEEK_SET); read(fd, (char *)&pas_string, sizeof(pas_string)); printf("description: %s\n", pas_string.string); } }
richgi@microsoft.UUCP (Richard GILLMANN) (04/23/91)
In article <1275@idcapd.idca.tds.philips.nl> theo@idca.tds.PHILIPS.nl (T. van Hunnik) writes: > In the MS-DOS Encyclopedia in appendix K we found a detection method > for new executable files ("MZ" on the first two bytes; on offset 3CH the > offset to the new executable header, which starts with "NE"). > > However a few days ago we found out that MS-Word for DOS has this same > strings and is a new executable file, but no windows applications! Segmented-executables are used for many things: Windows Apps, OS/2 apps (both PM and character mode), ILINK'ed apps and bound apps come to mind. You could improve your test by checking that bits 8&9 in the module flag word are on -- this would mean either a Windows or a PM app. If they're not on, it's a character mode (or vio graphics) app. The Windows SDK has more details on this stuff. Richard Gillmann Microsoft System Languages