using/ripping the Visual c++ 6.0 CRT asm source code

[marco1974]

Hello everybody!

I am expirimenting with my visual studio 6.0 asm source code.

the file strcpy.asm contains 2 usefull asm functions :
- strcpy
- strcat

; code 2 make it work (changing the file strcpy.asm so it works for external linkage! )
; optimized for pushed parameters NOT for INVOKE!

.486
    .model flat, stdcall
   option casemap :none   ; case sensitive


;Exit:
;       The address of "dst" in EAX
;
;Uses:
;       EAX, ECX

strcpy1 proto ; man this is really important!
strcat  proto  ; this too!

.code

; the code

end

if u use your code in lets say MAIN.ASM,
always do this or use a include : myCRT.inc that contains:
strcpy proto
strcat proto
strlen proto

mostly of the time the PROTO is the key to use the CRT functions.
I wonder if there are more people out there using (tested) code.

I always use the Sourcer to check what the assembler makes of it, altrough the code view
option of hiew does show it too.

hint: sourcer can produce code in masm32 format + that u can use .def files to seperate the function
u want to dissasemble. That way u see mov,offset [mydata] instead of mov,offset [_dw0002].
makes sence!


DOES ANYBODY KNOWS WHAT .FPO (4.X.,X,X) in the strcpy.asm from Visual c++ means?
I think its for the FPU.

[hutch--]

marco1974,

You can get the assembler content of a library file using DUMPBIN and it is probably more usable than the methods you are suggestion. Take care about suggestions that involve direct cracking any commercial code as the forum does not allow it at all.

[donkey]

.FPO (4.X.,X,X) is probably a macro or directive that tests to make sure you are running 32 bit Windows,after all Win32 starts at 4.0.0.0 so anything above that is definitely a 32 bit version.

Again, as Hutch said RE is against the rules but in your case you have the source that is provided with your VS package so it's OK. This does not include disassembling the DLL's provided by Microsoft as part of their OS which are their intellectual property and any publishing of the disassembled code here is not allowed.

[Jibz]

A quick google for FPO gave this, which indicates that the .FPO directive emits special debug info to help debug functions without standard stack frames.

[PellesC]

FPO usually stands for Frame-Pointer-Omission, and is a help to tools like debuggers, when the function doesn't use a "standard" EBP stack frame. You can do stack walking using the EBP chain, but functions without a regular stack frame needs special care...

Pelle

[Vortex]

Hi Marco,

Hutch's masm32.lib provides oıptimized functions to copy and concatenate strings.

[TheoMcC]

There is a discussion of the .FPO directive in the ML 6.14 text file. See http://www.masmforum.com/simple/index.php?topic=859.0

[marco1974]

Thanx,


Now i know what .fpo means. (debugging related stuff)

By porting the library of vc i can make a small lib special for my own use.
The string.asm was just a example, i like to code asm.

Its the macro debugging i hate so much as they hide the details!!!!
Debugging becouse u need to find the implantation of macro x in file xxxx.inc
Aka couse a error ;-)

Its fun to step trough the asm files of vc. They are optimized to work on amd too i believe.
FACT is that the crt lib is 100% stable and runs on AMD too.

Altrough the source of POWERBUILDER is much much better and better optimized too.
(again CRT related)
Its fun to see what the experts use : MS crt VERSUS borland CRT ;-)


Reverse engineering and cracking is NOT something i do in illegal context.!
I use sourcer to get some commented code i can`t get in another way.

Its one of the tools i use to check what the compiler produces.
and if i change a mov to a lea i want to know what ML does with it.

Btw u can close the thread. The FPO question is answered.

[donkey]

Btw u can close the thread. The FPO question is answered.

As I said...

Again, as Hutch said RE is against the rules but in your case you have the source that is provided with your VS package so it's OK