:wink 'ning all..
i try to put somes ddata in an array but i can't obtain at screen the value of the address an the data value :(
i beguin with M32 and i think i've got many thing to do to be right !!! :boohoo:
here my quote :
««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««« *
.486 ; create 32 bit code
.model flat, stdcall ; 32 bit memory model
option casemap :none ; case sensitive
include \masm32\include\windows.inc ; always first
include \masm32\macros\macros.asm ; MASM support macros
; -----------------------------------------------------------------
; include files that have MASM format prototypes for function calls
; -----------------------------------------------------------------
include \masm32\include\masm32.inc
include \masm32\include\gdi32.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
; ------------------------------------------------
; Library files that have definitions for function
; exports and tested reliable prebuilt code.
; ------------------------------------------------
includelib \masm32\lib\masm32.lib
includelib \masm32\lib\gdi32.lib
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
.data
array DD ?
.code ; Tell MASM where the code starts
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
start: ; The CODE entry point to the program
call main ; branch to the "main" procedure
exit
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
main proc
push esi
push edi
mov edi,array ; put array address into EDI
mov esi,25h
mov [edi],esi ; dereference it into EDI
print str$(edi) ; display the address of the value
print chr$(" = address memory",13,10)
print str$(esi) ; display data
print chr$(" = content ",13,10,13,10)
pop edi
pop esi
ret
main endp
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
end start ; Tell MASM where the program ends
5u for help...
you can get rid of a lot of typing by starting with...
INCLUDE \masm32\include\masm32rt.inc
you should take a look inside that file and see what it replaces
this code loads the dword array into EDI - not the address of it
mov edi,array
to get the address of array into EDI...
mov edi,offset array
for viewing addresses, it is handy to see them in hex form
print uhex$(edi),13,10
include \masm32\include\masm32rt.inc
.data?
array DD ?
.code
start:
mov edi, offset array
mov esi, 25h
mov [edi], esi
print str$(edi) ; display the address of the value
print chr$(" = address memory",13,10)
print str$(esi) ; display data
print chr$(" = content ",13,10,13,10)
invoke ExitProcess, 0
end start
looks fine to me
http://img11.imageshack.us/img11/700/47129019.png
if you are just wanting to fill a single dword then you could just do :
mov array, 25h
And BTW... your "array" has space for only one single item ...
Hence as it is now it is not really an "array"... it is more like a single dword variable.
You can reserve more space for items at compile time (statically) ... for example with:
.data?
my_array dd 1024 dup (?)
Or you could allocate memory for your array at run time by using the API (VirtualAlloc or GlobalAlloc or HeapAlloc) and store the start of your array pointer in a variable (dynamically) with something like this:
.data
my_array_size dd 1024*32
my_array_ptr dd ?
.code
...
; init my_array memory buffer
invoke GlobalAlloc,[my_array_size], GPTR
mov [my_array_ptr],eax
...
; obtain a pointer to start of my_array
mov edi,[my_array_ptr]
;write first item
mov DWORD PTR [edi],25h
; next item, size of item is assumed to be 4 ... ie a DWORD ...
; but you can use STUCTURES and SIZE operator
add edi, 4
; write 2nd item
mov DWORD PTR [edi],33h
...
Do not forget to check for API failure/error in your code and use loops if you want to access a lot of array items...
:dazzled: outch !!! so many good answers ! so quickly !!
and picture of dedndave ...so nice ...! :8)
so many great things yo give me all ! very thank u to all of you... :clap:
i gona work good whit that topics...
thanks from paris my friends...4°c 9.56 pm
bye :U
Quote from: albedo on January 15, 2010, 08:57:04 PM
:dazzled: outch !!! so many good answers ! so quickly !!
and picture of dedndave ...so nice ...! :8)
so many great things yo give me all ! very thank u to all of you... :clap:
i gona work good whit that topics...
thanks from paris my friends...4°c 9.56 pm
bye :U
lmao you wish that is dedndave
lol - no he doesn't :bdg
just one thing i try to do next,
i try to read memory by a dump
i use for it "debugx"by japheth's site , my adress to dump is at 0040300c , how can i read my contents ? d0040:300c ? d40:300c ? :red
in 32-bit programs, you can directly address it
mov edi,40300Ch
mov eax,[edi]
;eax holds the dword value at address 0040300C
that may be in the code segment of the program
which, should be write-protected (as well as the const data segment)
you can read the value, but you cannot write to that address without changing permissions
if you do, it will cause the program to crash with a c0000005 access violation exception
you can change permission with the VirtualProtect API function, if you need to
if it is in the initialized or uninitialized data segment, you already have permission to write
Quote from: dedndave on January 20, 2010, 03:18:42 PM
in 32-bit programs, you can directly address it
mov edi,40300Ch
mov eax,[edi]
;eax holds the dword value at address 0040300C
that may be in the code segment of the program
which, should be write-protected (as well as the const data segment)
you can read the value, but you cannot write to that address without changing permissions
if you do, it will cause the program to crash with a c0000005 access violation exception
you can change permission with the VirtualProtect API function, if you need to
if it is in the initialized or uninitialized data segment, you already have permission to write
or even:
mov eax, [40300Ch]
Quote from: Slugsnack on January 20, 2010, 04:42:22 PM
Quote from: dedndave on January 20, 2010, 03:18:42 PM
in 32-bit programs, you can directly address it
mov edi,40300Ch
mov eax,[edi]
;eax holds the dword value at address 0040300C
that may be in the code segment of the program
which, should be write-protected (as well as the const data segment)
you can read the value, but you cannot write to that address without changing permissions
if you do, it will cause the program to crash with a c0000005 access violation exception
you can change permission with the VirtualProtect API function, if you need to
if it is in the initialized or uninitialized data segment, you already have permission to write
or even:
mov eax, [40300Ch]
in Masm-syntax, this just moves 40300C into EAX ... as you should know by now ... with a post count of 321. However, you can code:
mov eax,ds:[40300Ch]
Quote from: japheth on January 20, 2010, 06:11:38 PM
Quote from: Slugsnack on January 20, 2010, 04:42:22 PM
Quote from: dedndave on January 20, 2010, 03:18:42 PM
in 32-bit programs, you can directly address it
mov edi,40300Ch
mov eax,[edi]
;eax holds the dword value at address 0040300C
that may be in the code segment of the program
which, should be write-protected (as well as the const data segment)
you can read the value, but you cannot write to that address without changing permissions
if you do, it will cause the program to crash with a c0000005 access violation exception
you can change permission with the VirtualProtect API function, if you need to
if it is in the initialized or uninitialized data segment, you already have permission to write
or even:
mov eax, [40300Ch]
in Masm-syntax, this just moves 40300C into EAX ... as you should know by now ... with a post count of 321. However, you can code:
mov eax,ds:[40300Ch]
there was no need for that condescending attitude for what was a simple mistake
:U right.. it's ok , i understood...things i was looking for was a line commande under debugx like :
-debug
-_
-
-dc800:0
C800:0000 32 E4 33 D2 B0 0A CD 17-5A C3 06 1E 60 E8 2E 01 2.3.....Z...`...
C800:0010 2E 83 0E F0 5A 00 75 6E-80 3E 00 05 01 74 67 C6 ....Z.un.>...tg.
C800:0020 06 00 05 01 8A 1E 62 04-32 FF D1 E3 8B FB 8B 85 ......b.2.......
C800:0030 50 04 8A 3E 62 04 50 32-F6 8A 0E 84 04 32 ED 41 P..>b.P2.....2.A
C800:0040 51 8B 0E 4A 04 32 D2 E8-A8 FF F6 C4 29 75 3D 51 Q..J.2......)u=Q
C800:0050 52 89 95 50 04 B4 08 E8-28 9F 0A C0 75 02 B0 20 R..P....(...u..
C800:0060 33 D2 32 E4 CD 17 F6 C4-29 75 1F 5A FE C2 59 E2 3.2.....)u.Z..Y.
C800:0070 DE FE C6 59 E2 CA E8 79-FF 32 C0 A2 00 05 58 89 ...Y...y.2....X.
-d
C800:0080 85 50 04 E8 E4 03 61 1F-07 CF 5A 59 59 B0 FF EB .P....a...ZYY...
C800:0090 EA 52 2A F5 38 C6 7D 02-32 C0 2E 8E 06 E8 5A 5A .R*.8.}.2.....ZZ
C800:00A0 C3 A0 85 04 F6 E3 8A F7-8B D8 8B CA BA C4 03 B8 ................
C800:00B0 02 0F EF B4 02 E8 6D 00-8B D1 32 ED 8A E6 8A C6 ......m...2.....
C800:00C0 F3 AA 03 FD 8A CA 4B 75-F7 32 E4 E8 57 00 C3 53 ......Ku.2..W..S
C800:00D0 8A 1E 62 04 0B C0 75 04-0A DB 74 03 E8 6A 03 5B ..b...u...t..j.[
C800:00E0 8B F8 2B D1 81 C2 01 01-8A C3 32 E4 C3 8A C6 32 ..+.......2....2
C800:00F0 F6 2B EA 0A DB 74 2A 2A-C3 F6 26 85 04 8B C8 52 .+...t**..&....R
-you see ? in order to watch the adresses and find the contents...
any way i gona pass by your solutions, i think it's the best for shure... :U
welllllll - debugx isn't a full-blown 32-bit debugger
if you look at it with OllyDebug, you can see 32-bit registers and addresses :U
:8) niiiiiice ! i gona watch it tonight
it seems to be ok.... :clap:
thanks for all !!