Can somebody tell me whats wrong with this
macro any = "bpx getwindowtexta do \"d esp->8;p ret;\" "
i also tried
macro any = "bpx getwindowtexta do 'd esp->8;p ret;' "
neither worked
can anybody help me out with this

"BPX GetWindowTextA DO \"D d esp->8;pret \""

Just realised its the same, I pasted it from my winice.dat and it works fine for me.

thats odd for some reason its not working for me

I give up, seven times I logged in and still getting "you are not logged in"

Viper:

This is an extract from an article titled "Rhayader's Softice Tips.." which I attached to one of my previous posts. He said:
----------------------------
Let's take a look at GetWindowTexta first. It's declared as:

int GetWindowText( HWND hWnd, LPTSTR lpString, int nMaxCount );

GetWindowText use stdcall calling convention. That means that argument will be pushed right to left. Since SoftIce pop up before the prologue code is executed, the EBP stack frame isn't set up yet. So we had to use ESP to adressed the argument. Here's how the stack will look like when SoftIce pop up:
...
[ESP+0Ch] - nMaxCount
[ESP+08h] - lpString
[ESP+04h] - hwnd
[ESP+00h] - return EIP

When the function return, GetWindowTexta will put the text it retrieved to the location pointed to by lpString (LPTSTR is a long pointer to a null terminated string). Thus, we had to use SoftIce's indirection operator (it's the * character, same as C language, see Chapter 8. For example, the command:

D *(esp+8)

means, "show in data window, the location pointed to by the content of esp+8". Since, this is a very common operation, SoftIce had a shorthand for it: esp->8. Allright then, now we can set the breakpoint such as this:

BPX getwindowtexta DO "D esp->8;"

And when we hit F12, we return to the caller and the text we entered will sit nicely at the top of the data window, waiting for us to set up a BPR with it Why don't we do a return to the caller automatically? Well, in my case, the screen flashes, and I hate it. But, if you want to try, you can set the breakpoint as:

BPX getwindowtexta DO "D esp->8;P RET;"

Now, let's take a look at GetDlgItemTexta. It is declared as:

UINT GetDlgItemText( HWND hDlg, int nIDDlgItem, LPTSTR lpString, int nMaxCount );

The only difference is nIDDlgItem, which is the ID of the control to get the text from. The stack will look like this:
...
[ESP+10h] - nMaxCount
[ESP+0Ch] - lpString << here it is
[ESP+08h] - nIDDlgItem
[ESP+04h] - hwnd
[ESP+00h] - return EIP

And the breakpoint to set (I had a feeling that you already find out

BPX getdlgitemtexta DO "D esp->C;"
___________________

His breakpoints do not have the "\"s shown in your first example and maybe that is the problem. try

MARCO ANY = "BPX getwindowtexta DO "D esp->8;P RET;" "

Hope that works.

Js wrote, before he gave up, that your second example has single quotes instead of double quotes around "D esp->8;P RET;"

I've unchecked smilies, I don't know why they are showing up.

Regards.

i tried the way u put and it froze my comp had to log off thanks for replying thoughu too JMI thanks

well the above works if you just type it in SI and MARCO ANY = "BPX getwindowtexta DO "D esp->8;P RET;" " just dont work at all every time i try it and I restart it deletes the macro-body if i try to enter it in SI i get a unterminated macro body or something like that

BTW JMI i have seen that example u showded i took a look at it just b4 posting here i also looked at the SI manual it says to use those maby i'm to close to the problem to see the answer.
here is what the manual said
If you need to embed a literal quote character (" or a percent sign (%) within the macro body, precede the character with a backslash character (\). To specify a literal backslash character, use two consecutive backslashes (\\).

this is what my current macro settings look liike
MACRO dlg="bpx getdlgitemtexta do \"d esp->c;pret;\""
MACRO win="bpx getwindowtexta do \"d esp->8;pret;\""

previous
MACRO dlg="bpx getdlgitemtexta do "d esp->c;pret;""
MACRO win="bpx getwindowtexta do "d esp->8;pret;""

this is where it just erased the whole body

OH Yea thanks for the reply JMI

Viper:

I rechecked the Command Reference for Softice and found the following:

The macro-body parameter must be embedded between beginning and ending quotation marks (“). The macro-body is made up of a collection of existing SoftICE commands, or defined macros, separated by semi-colons. Each command may contain appropriate ‘literal’ parameters, or can use the form %<parameter#>, where parameter# must be between 1 and 8.
When the macro is executed from the command line, any parameter references will expand into the macro-body from the parameters specified when the command was executed. If you
need to embed a literal quote character (”) or a percent sign (%) within the macro body precede the character with a backslash character (\). Because the backslash character is used for
escape sequences, to specify a literal backslash character, use two consecutive backslashes (\\). The final command within the macro-body does not need to be terminated by a semi-colon.
____________
In both your original examples, the final "P RET" has a ";" after it So do your other MACRO examples. This may be the problem. Having re-read the Reference, I recall why "\"s are used.

Looks like

MARCO any = "BPX getwindowtexta DO \"D esp->8;P RET\" "

should work.


Good Luck.

well almost
the "BPX getwindowtexta DO \"D esp->8 part of MARCO any = "BPX getwindowtexta DO \"D esp->8;P RET\" " works fine now the only thing i cant get now is the pret
guess ill have to use the good ole f12 unless anybody has a better idea

Thanks for the help on this JMI