accessing structure plus

[ic2]

I been trying for days now on how to access structure members with POASM.  Assume did not work at all...

I replaced

ASSUME EDX : PTR IMAGE_EXPORT_DIRECTORY

with

MOV  EBX, [EDX.IMAGE_EXPORT_DIRECTORY].AddressOfNames

It took hours of searching to find this much and now i get a brand new set of errors when complying with POASM and POLINK ...

Kernel.asm (292): error: Symbol 'EDX' is undefined.

MASM works fine, so i know i re-code it right.  POASM got problem with that too it seems.

Do anyone have the time to show me how to do this correctly.  Also is there a list of what type of masm code that POASM has difficulties with some  solutions.

It seem that most examples is about API calling only.  I am trying to translate the kernel.zip to POASM ...

If i can see this done, to me, it would be a serious start to poasm low level coding to study from.  Right now it's like living in the dark, every thing i try don't work ... I can't even fix code like this without getting a new set of errors using POASM ...

lea ecx,[eax][ecx-1]  -------- Error: Invalid use of '['

[attachment deleted by admin]

[hutch--]

ic2,

Just write yourself a test piece and try out variations.

Code Select Expand


lea ecx,[eax][ecx-1]

try this.

lea ecx, [eax+ecx-1]


As far as I can tell POASM does not support the conjunctive use of square brackets as MASM does.

[hutch--]

This works for the structure. I had to read around the posted code as I forgot how it was done.

Code Select Expand


; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««

      .model flat, stdcall  ; 32 bit memory model
      option casemap :none  ; case sensitive
      option cstrings:on    ; enable C string escapes

    ; *************
    ; include files
    ; *************
      include \poasm\include\windows.inc
      include \poasm\include\plib.inc
      include \poasm\include\gdi32.inc
      include \poasm\include\user32.inc
      include \poasm\include\kernel32.inc
      include \poasm\include\Comctl32.inc
      include \poasm\include\comdlg32.inc
      include \poasm\include\shell32.inc
      include \poasm\include\msvcrt.inc
      include \poasm\macros\macros.asm

    ; *********
    ; libraries
    ; *********
      includelib \poasm\lib\plib.lib
      includelib \poasm\lib\gdi32.lib
      includelib \poasm\lib\user32.lib
      includelib \poasm\lib\kernel32.lib
      includelib \poasm\lib\Comctl32.lib
      includelib \poasm\lib\comdlg32.lib
      includelib \poasm\lib\shell32.lib
      includelib \poasm\lib\msvcrt.lib

    teststruct PROTO :DWORD


    .code

start:
   
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««

    call main
    inkey
    exit

; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««

main proc

    LOCAL rct:RECT

    cls

    mov rct.left,   100
    mov rct.top,    200
    mov rct.right,  300
    mov rct.bottom, 400

    invoke teststruct,ADDR rct

    ret

main endp

; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««

teststruct proc pstruct:DWORD

    LOCAL arg1    :DWORD
    LOCAL arg2    :DWORD
    LOCAL arg3    :DWORD
    LOCAL arg4    :DWORD

    push esi

    mov esi, pstruct

    mov eax, [RECT.left+esi]
    mov arg1, eax
    print str$(arg1),13,10

    mov eax, [RECT.top+esi]
    mov arg2, eax
    print str$(arg2),13,10

    mov eax, [RECT.right+esi]
    mov arg3, eax
    print str$(arg3),13,10

    mov eax, [RECT.bottom+esi]
    mov arg4, eax
    print str$(arg4),13,10

    pop esi

    ret

teststruct endp

; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««

end start


[Shantanu Gadgil]

First of all, I am confused as to why you are calling it "accessing structure plus"  :dazzled: :dazzled:

if you want to access a structure member like using a pointer in C, this is how:

Code Select Expand

mov ebx, addr m_abc ;type MYSTRUCT
mov MYSTRUCT.alpha[ebx], 100   ;alpha is a member of the structure

EDIT:
equivalent  C code

Code Select Expand

MYSTRUCT m_abc;
MYSTRUCT  *ptr;
ptr = &m_abc;
ptr->alpha = 100;

HTH,
Shantanu

[ic2]

shantanu_gadgil, im glad it some someone attention :)

I guest i wanted to say ... We need  structure and other low level coding examples in POASM.   And need a list of what masm code are not supported by poasm and those masm code translated to a poasm on a worksheet.  I wonder how many translation could it be.  Under 5 - 10 or would there be many of them.

I have not tried anything yet and is saying THANK YOU very late because all of a sudden we're back in our 'mandatory over-time' season at my job...

Btw: shantanu_gadgil or someone, will you re-write y0da KERNEL.ZIP  to poasm and post it when finish. With the information given to me here i will be trying to do it myself also, but i got a feeling i am going to get stuck again somewhere trying to switch to POASM coding and don't want ask the same questions over and over again.

Thanks Guys

[ic2]

How to replace ASSUME with working code for POASM.  I HAVE been searching and trying everything i see or can think of on my own and nothing is working.  I tried the info that was given to me here first, in all kinds of ways, but all i get is the same errors.

I don't want to be posting all over the place.  Since i am trying POASM it's only fair that i ask the question here and not under Main.

Is POASM still being supported, and if not, why?  I need to know because i don't want to waste time chasing something that was founded by experimenters not to be truly adaptable for serious ASM programming.

It feel lonely over here but i really want to study with it because i may have a chance of learning about what a assembler can do and finally know what i am doing with it.  That's why im tripping over it.

I found this statement elsewhere that seem to make the most serious point of it all:

you can just put the address into a variable if you like, the main reason for using the register is for addressing multiple members of the structure but it depends on how you want to address the structure member.

I take it like this... this code is addressing multiple members so it may have to use registers and Masm ASSUME seem to be the way to go but POASM don't support ASSUME.

Here is the part of the kernel code that i can't get working using POASM.  Can someone help PLEASE.  I been losing a lot of sleep for days, so I can't give up now without know why.

The full zip is under my first post above.

Code Select Expand

;................................................... This code comes in already using EDX
MOV  EDX, [ESI+078h]        ; trace the export table ; EDX -> Export table
ADD  EDX, dwDllBase


;;;;;  mov ebx, addr m_abc ;type MYSTRUCT
;;;;;  iEXPORT

;;;;;  [reg32].IMAGE_EXPORT_DIRECTORY.Field
;;;;;  mov [reg32], offset IMAGE_EXPORT_DIRECTORY ;type MYSTRUCT

;;;;;  mov ([iEXPORT] PTR [EDX]).AddressOfNames,   128

;;;;;
;;;;;
;;;;;  ASSUME EDX : PTR IMAGE_EXPORT_DIRECTORY  ; The original working line  of code

mov EDX, offset iEXPORT ;type MYSTRUCT ; my little change while trying

MOV  EBX, [EDX].AddressOfNames ;xxxxxxx   EBX -> AddressOfNames array pointer
ADD  EBX, dwDllBase
XOR  EAX, EAX ; EAX AddressOfNames Index
.REPEAT
MOV EDI, [EBX]
ADD EDI, dwDllBase
MOV ESI, szApi
PUSH ECX ; save the api string length
REPZ CMPSB
.IF ZERO?
.BREAK
.ENDIF
POP ECX
ADD EBX, 4
INC EAX
.UNTIL EAX == [EDX].NumberOfNames ;xxxxxxx   
;...............................................................
.IF EAX == [EDX].NumberOfNames ;xxxxxxx ; did we found sth ?
JMP @@BadExit
.ENDIF
;...............................................................
MOV  ESI, [EDX].AddressOfNameOrdinals ;xxxxxxx  find corresponding Ordinal
ADD  ESI, dwDllBase

PUSH EDX ; save the export table pointer
MOV  EBX, 2
XOR  EDX, EDX
MUL  EBX
POP  EDX
ADD  EAX, ESI
XOR  ECX, ECX
MOV  WORD PTR CX, [EAX] ; ECX -> Api Ordinal
;...............................................................
; get the address of the api
MOV  EDI, [EDX].AddressOfFunctions ;xxxxxxx   
XOR  EDX, EDX
MOV  EBX, 4
MOV  EAX, ECX
MUL  EBX
ADD  EAX, dwDllBase
ADD  EAX, EDI
MOV  EAX, [EAX]
ADD  EAX, dwDllBase
JMP  @@ExitProc

;;ASSUME EDX : NOTHING

[Vortex]

Hi ic2,

POASM doesn't support ASSUME but it has another option to replace that statement, here is an example :

Code Select Expand


assume edi:ptr IMAGE_DOS_HEADER
add edi,[edi].e_lfanew
assume edi:ptr IMAGE_NT_HEADERS
mov edi,[edi].OptionalHeader.DataDirectory.VirtualAddress
add edi,hLib
assume edi:ptr IMAGE_EXPORT_DIRECTORY
push [edi].NumberOfNames
pop NameNumb
mov esi,[edi].AddressOfNames

is translated to :

Code Select Expand

add edi,IMAGE_DOS_HEADER.e_lfanew[edi]
mov edi,IMAGE_NT_HEADERS.OptionalHeader.DataDirectory.VirtualAddress[edi]
add edi,hLib
push IMAGE_EXPORT_DIRECTORY.NumberOfNames[edi]
pop NameNumb
mov esi,IMAGE_EXPORT_DIRECTORY.AddressOfNames[edi]

http://www.masm32.com/board/index.php?topic=3773.msg28185#msg28185

Your code :

Code Select Expand

ASSUME EDX : PTR IMAGE_EXPORT_DIRECTORY
MOV  EBX, [EDX.IMAGE_EXPORT_DIRECTORY].AddressOfNames

should be translated to

Code Select Expand

mov ebx,IMAGE_EXPORT_DIRECTORY.AddressOfNames[edx]

Pelle is maintaing POASM, he released newly V1.00.30. Have a look at :

http://www.masm32.com/board/index.php?topic=4804.msg40446#msg40446

[hutch--]

I don't know what the problem is, i have posted a method that works from one of Pelle's own examples, Shantanu has posted a method that works and Vortex has said that ASSUME is not supported in POASM.

[ic2]

There is no way i would have thought to change a masm code like
MOV  EBX, [EDX.IMAGE_EXPORT_DIRECTORY].AddressOfNames
to
mov ebx, IMAGE_EXPORT_DIRECTORY.AddressOfNames[edx]

[edx] being at the end of line would have never came to me.  I tried the most part of it.

Anyway, MASM will still comply the code but POASM went back up above the problem and spitted out a whole new set of errors after everything at the bottom was fix.

I am willing to bet that if any one of you guys including Pelle himself try to fix yOda legit, perfect, and well running masm code to POASM you will figure out many ways to make POASM a better assembler with many more users and maybe find out things that could have been overlooked.

Try it and see for yourself, not for my sake but for all that's interested in POASM.  I'm sure it's not just my imagination or setup.  I could be wrong, im not sure.  I not asking no one to write code for me but there something about this that need to be explored by the authors.

I never had a problem playing with code for years with masm32.  I always came up with something with very little help and a good search.

I have not had any other problems with coding other stuff in POASM for testing so far since you Mr. hutch– got we correct with this sample code.

Code Select Expand

lea ecx,[eax][ecx-1]

try this.

lea ecx, [eax+ecx-1]

I may have to go back and do things the old fashion way without the Kernel code because i feel that you guys are tried of me bugging you about it and im  embarrass that i can't figure it out for myself in the first place.

Here is the last errors report that i got after fixing ASSUME with Vortex solution.

C:\poasm\examples\Kernel4\kernel.asm(way above the problem): error:
Invalid combination of opcode and operands (or wrong CPU setting).
C:\poasm\examples\Kernel4\kernel.asm(in beween the problem): error: Invalid combination of opcode and operands (or wrong CPU setting).

There has been an error while assembling this project.

Press any key to continue . . .

It all about these two lines... Look at where they are located in the zip.


PUSH [ESP]

MOV  WORD PTR CX, [EAX]


I never been a quitter but this is a bit too much...

Anyway, Thanks for all of your efforts.  I know you got many other things to do too.

[hutch--]

For POASM, completely remove the processor type setting and it will then build code without the restriction.

[ic2]

I don't see this reply as errors as just a old simple MASM solutions, so I take it that someone here actually tried it and got it running.   :clap:

Anyway it did not work for me.

I will review everything again, do more testing tonight and make sure i got everything properly installed but i got to get some sleep right now.  Im totally burn-out.

Thanks for everything and have a great day

[ramguru]

I need quick answer, if anyone knows for sure please answer... Is this syntax correct

Code Select Expand


mov    eax, OFFS_header0 ; offset to PE header
mov    ecx, SEC_num        ; number of sections-1: 1 OR 2 OR 3 OR 4 OR 5
mov    edx, IMAGE_NT_HEADERS.OptionalHeader.DataDirectory.isize[eax]+ecx*(SIZEOF IMAGE_DATA_DIRECTORY)

P.S. I have suspicion that this code is only correct with ecx=2 ecx=4...because return edx is 0 (when ecx=3) not what I expect, but returns correct edx value when ecx = 2

[ramguru]

Never mind me... That didn't work because, IMAGE_NT_HEADERS.OptionalHeader.DataDirectory.isize[eax] is at fixed position, so SEC_num is not necessary.