News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

Windows Weirdness

Started by Astro, August 19, 2009, 09:01:16 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions

dedndave

#15
August 20, 2009, 02:13:44 AM
8 hrs diff - you must be in England   :U
wifee is a Brit

Astro

#16
August 20, 2009, 10:03:54 AM
Code Select
push offset ptr_DEVICE_LIST_INFO+96 ; handle

and

Code Select
push offset [ptr_DEVICE_LIST_INFO+96] ; handle

work.

Are the [] required at all (except as noted for registers)?

I'm trying to figure out just what goes where in memory.

I see the following happening:

SomeString (the variable itself) exists:

Address: Contents

0x00001234/5/6/7: 0x00452634 ; SomeString is at 0x1234 and points to the actual string at 0x00452634
0x00452634: 0x41 ; Capital letter 'A'

so:

push SomeString will push 0x00452634

push byte ptr SomeString will push 0x41

?

Quote8 hrs diff - you must be in England
I am indeed!  :U  That puts you somewhere along a very long West Coast!  :lol

Best regards,
Astro.

dedndave

#17
August 20, 2009, 01:36:20 PM
no - the brackets are only needed if a regster holds the address

one thing that may help you a lot is to look at code that others have written and figure out what it does
that way, you will only see constructs that are valid
you are letting yourself be confused by storing a pointer in memory and attempting to use it to address data
it is best to just learn to address data, first - the fact that it is a pointer is just one type of meaning for that data
the \masm32\examples folder has many working programs
also, there are many working programs posted here in the forum

Quotepush SomeString will push 0x00452634

when you "push SomeString", the assembler generates "push dword ptr [00001234]"
the dword value at address 00001234 goes on the stack (00452634h)
i have to use brackets there because "push 00001234" will place the value 00001234 on the stack
the assembler does not allow you to write instructions using brackets and numbers
but, that is what a debugger or disassembler will see

Quotepush byte ptr SomeString will push 0x41

i have never tried to push a byte - lol - i don't think it will let you
(i could force it to happen, but it is best to always keep esp aligned by 4 in 32-bit programs)
i think you can only push words and dwords (unless it is a 64-bit operating system)
notice that "byte ptr" or "word ptr" only tells the assembler what bit-width to use
"ptr" does not otherwise change the behaviour of the instruction
again, you are trying to use a pointer, stored in memory, to address another memory location
this simply isn't allowed
"push word ptr SomeString" will push 2634h - the low order portion of the dword
if you want to get the 41 onto the stack...

        mov     ebx,SomeString
        push word ptr [ebx]

or

        mov     ebx,SomeString
        push dword ptr [ebx]

QuoteThat puts you somewhere along a very long West Coast!
i am near Phoenix Arizona, where the damn sun won't stop shining
at least it has dropped back below 110F (43.3C)

Astro

#18
August 20, 2009, 03:58:12 PM
Quotei am near Phoenix Arizona, where the damn sun won't stop shining
at least it has dropped back below 110F (43.3C)
43.3°? How do you live out there??? I'm finding 26° (72F) and 60% rel. too much (but then no aircon so...).

Thanks for the avatar by the way!  :bg

OK! I'm not sure where I picked up the brackets thing.

What is the deal with offset then? is that dword ptr in disguise? It makes sense.

Best regards,
Astro.

dedndave

#19
August 20, 2009, 05:26:13 PM
"offset" is used to get the address of a variable, as opposed to getting the variable, itself
you may also see "addr" - i think that's the same as "offset"
"ptr" is a size override, as explained earlier
you never see the 2 used together, because when you want the address, you don't care about it's width

yes - most everyone here has air conditioning
i survive by being outside as little as possible from about 10:00 AM to about 6:00 PM
that makes a lot of us here "night owls" in the summer
the middle of the night is a nice time to go for a dip in the pool or something
if you have to go outside in the daytime - sunglasses - hat - keep the skin covered
also, try to stay in the shade whenever possible and drink lots of water
soon, we will get our monsoon rains then a bit of humiduty
after that passes, it will be nice out - temp in the 80's and 10% humidity

MichaelW

#20
August 20, 2009, 06:10:23 PM
The ADDR operator is intended for use with INVOKE. Because the OFFSET operator specifies an address constant that is resolved at assembly time, it will not work for a local variable that is allocated from the stack at run time. The ADDR operator duplicates the action of the OFFSET operator, or generates code to pass the address of a local variable, as necessary.
Code Select

; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
    include \masm32\include\masm32rt.inc
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
    .data
      globaldd dd 1234h
      buffer   db 20 dup(0)
    .code
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
myproc proc
    LOCAL localdd:DWORD
    mov localdd, 5678h
    nop
    invoke dw2hex, ADDR globaldd, ADDR buffer
    nop
    invoke dw2hex, OFFSET globaldd, ADDR buffer
    nop
    invoke dw2hex, ADDR localdd, ADDR buffer
    nop
    ;error A2098: invalid operand for OFFSET
    ;invoke dw2hex, OFFSET localdd, ADDR buffer
    ret
myproc endp
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
start:
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
    inkey "Press any key to exit..."
    exit
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
end start

Code Select

00401000 55                     push    ebp
00401001 8BEC                   mov     ebp,esp
00401003 83C4FC                 add     esp,0FFFFFFFCh
00401006 C745FC78560000         mov     dword ptr [ebp-4],5678h
0040100D 90                     nop
0040100E 6804304000             push    403004h
00401013 6800304000             push    403000h
00401018 E877000000             call    fn_00401094
0040101D 90                     nop
0040101E 6804304000             push    403004h
00401023 6800304000             push    403000h
00401028 E867000000             call    fn_00401094
0040102D 90                     nop
0040102E 6804304000             push    403004h
00401033 8D45FC                 lea     eax,[ebp-4]
00401036 50                     push    eax
00401037 E858000000             call    fn_00401094
0040103C 90                     nop
0040103D C9                     leave
0040103E C3                     ret

eschew obfuscation

dedndave

#21
August 20, 2009, 07:27:07 PM Last Edit: December 18, 2009, 09:11:36 AM by dedndave
thanks for straightening me out Michael
i had seen them used in what appeared to be interchangable fashion

so, ADDR will generate lea instructions ?
i see in the last example that it loads the lea into eax
Quoteinvoke dw2hex, ADDR localdd, ADDR buffer
Quote0040102E 6804304000             push    403004h
00401033 8D45FC                 lea     eax,[ebp-4]
00401036 50                     push    eax
00401037 E858000000             call    fn_00401094

what if i had another parm in eax ?
how does the assembler know which register to use ? - lol
as an example, what if i had parms in eax, ecx, and edx ?
what if...

        INVOKE  WriteFile,
                eax,
                edx,
                ecx,
                ADDR localWriteCount,
                NULL

jj2007

#22
August 20, 2009, 07:49:11 PM
Quote from: dedndave on August 20, 2009, 07:27:07 PM
what if i had another parm in eax ?

You'll get an error message- register overwrite...
Print
Go Up Pages 1 2
User actions